Change test domains to use "example.com" wherever possible

Previously used domains like "blabla.com", "bla.com", and "bar.com" could exist in reality. Since IANA reserves example.com for documentation and examples, I replaced them with example.com whenever possible.

The exception is test.host, which Rails uses as the default domain in tests (see: https://github.com/rails/rails/blob/d09c4bbfcadcd6b3af847a11608a63c0718158ed/actionpack/lib/action_dispatch/testing/test_request.rb#L11). Simply changing it to example.com causes tests to fail. While adding the following snippet to `spec_helper.rb` would make the tests pass, I decided to leave it as is since the motivation isn’t strong enough:

```ruby
config.before(:each, type: :controller) do
  request.host = 'example.com'
end
```

related url: Sorcery#387 (comment)

Author: willnet

lib/sorcery/test_helpers/internal.rb

@@ -24,7 +24,7 @@ def destroy
       end
 
       def build_new_user(attributes_hash = nil)
-        user_attributes_hash = attributes_hash || { username: 'gizmo', email: 'bla@bla.com', password: 'secret' }
+        user_attributes_hash = attributes_hash || { username: 'gizmo', email: 'bla@example.com', password: 'secret' }
         @user = User.new(user_attributes_hash)
       end
 

spec/controllers/controller_brute_force_protection_spec.rb

@@ -1,10 +1,10 @@
 require 'spec_helper'
 
 describe SorceryController, type: :controller do
-  let!(:user) { User.create!(username: 'test_user', email: 'bla@bla.com', password: 'password') }
+  let!(:user) { User.create!(username: 'test_user', email: 'bla@example.com', password: 'password') }
 
   def request_test_login
-    get :test_login, params: { email: 'bla@bla.com', password: 'blabla' }
+    get :test_login, params: { email: 'bla@example.com', password: 'blabla' }
   end
 
   # ----------------- BRUTE FORCE PROTECTION -----------------------
@@ -20,7 +20,7 @@ def request_test_login
 
     it 'counts login retries' do
       allow(User).to receive(:authenticate) { |&block| block.call(nil, :other) }
-      allow(User.sorcery_adapter).to receive(:find_by_credentials).with(['bla@bla.com', 'blabla']).and_return(user)
+      allow(User.sorcery_adapter).to receive(:find_by_credentials).with(['bla@example.com', 'blabla']).and_return(user)
 
       expect(user).to receive(:register_failed_login!).exactly(3).times
 
@@ -33,7 +33,7 @@ def request_test_login
 
       allow(User).to receive(:authenticate) { |&block| block.call(user, nil) }
 
-      get :test_login, params: { email: 'bla@bla.com', password: 'secret' }
+      get :test_login, params: { email: 'bla@example.com', password: 'secret' }
 
       user.reload
       expect(user.failed_logins_count).to eq(0)

spec/controllers/controller_http_basic_auth_spec.rb

@@ -1,7 +1,7 @@
 require 'spec_helper'
 
 describe SorceryController, type: :controller do
-  let!(:user) { User.create!(username: 'test_user', email: 'bla@bla.com', password: 'password') }
+  let!(:user) { User.create!(username: 'test_user', email: 'bla@example.com', password: 'password') }
 
   describe 'with http basic auth features' do
     before(:all) do
@@ -22,15 +22,15 @@
 
     it 'authenticates from http basic if credentials are sent' do
       @request.env['HTTP_AUTHORIZATION'] = "Basic #{Base64.encode64("#{user.email}:secret")}"
-      expect(User).to receive('authenticate').with('bla@bla.com', 'secret').and_return(user)
+      expect(User).to receive('authenticate').with('bla@example.com', 'secret').and_return(user)
       get :test_http_basic_auth, params: {}, session: { http_authentication_used: true }
 
       expect(response).to be_successful
     end
 
     it 'fails authentication if credentials are wrong' do
       @request.env['HTTP_AUTHORIZATION'] = "Basic #{Base64.encode64("#{user.email}:wrong!")}"
-      expect(User).to receive('authenticate').with('bla@bla.com', 'wrong!').and_return(nil)
+      expect(User).to receive('authenticate').with('bla@example.com', 'wrong!').and_return(nil)
       get :test_http_basic_auth, params: {}, session: { http_authentication_used: true }
 
       expect(response).to redirect_to root_url
@@ -51,7 +51,7 @@
 
     it "signs in the user's session on successful login" do
       @request.env['HTTP_AUTHORIZATION'] = "Basic #{Base64.encode64("#{user.email}:secret")}"
-      expect(User).to receive('authenticate').with('bla@bla.com', 'secret').and_return(user)
+      expect(User).to receive('authenticate').with('bla@example.com', 'secret').and_return(user)
 
       get :test_http_basic_auth, params: {}, session: { http_authentication_used: true }
 

spec/controllers/controller_oauth2_spec.rb

@@ -3,15 +3,15 @@
 # require 'shared_examples/controller_oauth_shared_examples'
 
 def stub_all_oauth_requests!
-  consumer = OAuth::Consumer.new('key', 'secret', site: 'http://myapi.com')
+  consumer = OAuth::Consumer.new('key', 'secret', site: 'http://api.example.com')
   req_token = OAuth::RequestToken.new(consumer)
   acc_token = OAuth::AccessToken.new(consumer)
 
   response = Object.new
   def response.body
     {
       'following' => false, 'listed_count' => 0, 'profile_link_color' => '0084B4',
-      'profile_image_url' => 'http://a1.twimg.com/profile_images/536178575/noamb_normal.jpg',
+      'profile_image_url' => 'http://media.example.com/profile_images/536178575/noamb_normal.jpg',
       'description' => 'Programmer/Heavy Metal Fan/New Father',
       'status' => {
         'text' => 'coming soon to sorcery gem: twitter and facebook authentication support.',
@@ -27,7 +27,7 @@ def response.body
       'screen_name' => 'nbenari', 'profile_use_background_image' => true, 'location' => 'Israel',
       'statuses_count' => 25, 'profile_background_color' => '022330', 'lang' => 'en',
       'verified' => false, 'notifications' => false,
-      'profile_background_image_url' => 'http://a3.twimg.com/profile_background_images/104087198/04042010339.jpg',
+      'profile_background_image_url' => 'http://media.example.com/profile_background_images/104087198/04042010339.jpg',
       'favourites_count' => 5, 'created_at' => 'Fri Nov 20 21:58:19 +0000 2009',
       'is_translator' => false, 'contributors_enabled' => false, 'protected' => false,
       'follow_request_sent' => false, 'time_zone' => 'Greenland', 'profile_text_color' => '333333',
@@ -54,14 +54,14 @@ def response.body
     sorcery_controller_property_set(:external_providers, %i[twitter jira])
     sorcery_controller_external_property_set(:twitter, :key, 'eYVNBjBDi33aa9GkA3w')
     sorcery_controller_external_property_set(:twitter, :secret, 'XpbeSdCoaKSmQGSeokz5qcUATClRW5u08QWNfv71N8')
-    sorcery_controller_external_property_set(:twitter, :callback_url, 'http://blabla.com')
+    sorcery_controller_external_property_set(:twitter, :callback_url, 'http://example.com')
 
     sorcery_controller_external_property_set(:jira, :key, '7810b8e317ebdc81601c72f8daecc0f1')
     sorcery_controller_external_property_set(:jira, :secret, 'MyAppUsingJira')
-    sorcery_controller_external_property_set(:jira, :site, 'http://jira.mycompany.com/plugins/servlet/oauth')
+    sorcery_controller_external_property_set(:jira, :site, 'http://jira.example.com/plugins/servlet/oauth')
     sorcery_controller_external_property_set(:jira, :signature_method, 'RSA-SHA1')
     sorcery_controller_external_property_set(:jira, :private_key_file, 'myrsakey.pem')
-    sorcery_controller_external_property_set(:jira, :callback_url, 'http://myappusingjira.com/home')
+    sorcery_controller_external_property_set(:jira, :callback_url, 'http://app.example.com/home')
   end
 
   # ----------------- OAuth -----------------------
@@ -71,7 +71,7 @@ def response.body
     end
 
     after do
-      sorcery_controller_external_property_set(:twitter, :callback_url, 'http://blabla.com')
+      sorcery_controller_external_property_set(:twitter, :callback_url, 'http://example.com')
       sorcery_controller_external_property_set(:twitter, :original_callback_url, nil)
     end
 
@@ -83,19 +83,19 @@ def response.body
       it 'login_at redirects correctly' do
         get :login_at_test
         expect(response).to be_a_redirect
-        expect(response).to redirect_to('http://myapi.com/oauth/authorize?oauth_callback=http%3A%2F%2Ftest.host%2Foauth%2Ftwitter%2Fcallback&oauth_token=')
+        expect(response).to redirect_to('http://api.example.com/oauth/authorize?oauth_callback=http%3A%2F%2Ftest.host%2Foauth%2Ftwitter%2Fcallback&oauth_token=')
       end
     end
 
     context 'when callback_url begins with http://' do
       before do
-        sorcery_controller_external_property_set(:twitter, :callback_url, 'http://blabla.com/oauth/twitter/callback')
+        sorcery_controller_external_property_set(:twitter, :callback_url, 'http://example.com/oauth/twitter/callback')
       end
 
       it 'login_at redirects correctly' do
         get :login_at_test
         expect(response).to be_a_redirect
-        expect(response).to redirect_to('http://myapi.com/oauth/authorize?oauth_callback=http%3A%2F%2Fblabla.com%2Foauth%2Ftwitter%2Fcallback&oauth_token=')
+        expect(response).to redirect_to('http://api.example.com/oauth/authorize?oauth_callback=http%3A%2F%2Fexample.com%2Foauth%2Ftwitter%2Fcallback&oauth_token=')
       end
     end
 
@@ -163,7 +163,7 @@ def response.body
         sorcery_model_property_set(:authentications_class, UserProvider)
 
         allow(user).to receive_message_chain(:sorcery_config, :username_attribute_names, :first) { :username }
-        allow(user).to receive(:username).and_return('bla@bla.com')
+        allow(user).to receive(:username).and_return('bla@example.com')
         login_user(user)
 
         expect(user).to receive(:add_provider_to_user).with('twitter', '123')

spec/controllers/controller_oauth_spec.rb

@@ -16,10 +16,10 @@
     end
 
     it 'sets cookie on remember_me!' do
-      expect(User).to receive(:authenticate).with('bla@bla.com', 'secret') { |&block| block.call(user, nil) }
+      expect(User).to receive(:authenticate).with('bla@example.com', 'secret') { |&block| block.call(user, nil) }
       expect(user).to receive(:remember_me!)
 
-      post :test_login_with_remember, params: { email: 'bla@bla.com', password: 'secret' }
+      post :test_login_with_remember, params: { email: 'bla@example.com', password: 'secret' }
 
       expect(cookies.signed['remember_me_token']).to eq assigns[:current_user].remember_me_token
     end
@@ -39,11 +39,11 @@
     end
 
     it 'login(email,password,remember_me) logs user in and remembers' do
-      expect(User).to receive(:authenticate).with('bla@bla.com', 'secret', '1') { |&block| block.call(user, nil) }
+      expect(User).to receive(:authenticate).with('bla@example.com', 'secret', '1') { |&block| block.call(user, nil) }
       expect(user).to receive(:remember_me!)
       expect(user).to receive(:remember_me_token).and_return('abracadabra').twice
 
-      post :test_login_with_remember_in_login, params: { email: 'bla@bla.com', password: 'secret', remember: '1' }
+      post :test_login_with_remember_in_login, params: { email: 'bla@example.com', password: 'secret', remember: '1' }
 
       expect(cookies.signed['remember_me_token']).not_to be_nil
       expect(cookies.signed['remember_me_token']).to eq assigns[:user].remember_me_token
@@ -76,13 +76,13 @@
     end
 
     it 'doest not remember_me! when not asked to, even if third parameter is used' do
-      post :test_login_with_remember_in_login, params: { email: 'bla@bla.com', password: 'secret', remember: '0' }
+      post :test_login_with_remember_in_login, params: { email: 'bla@example.com', password: 'secret', remember: '0' }
 
       expect(cookies['remember_me_token']).to be_nil
     end
 
     it 'doest not remember_me! when not asked to' do
-      post :test_login, params: { email: 'bla@bla.com', password: 'secret' }
+      post :test_login, params: { email: 'bla@example.com', password: 'secret' }
       expect(cookies['remember_me_token']).to be_nil
     end
 

spec/controllers/controller_remember_me_spec.rb

@@ -115,9 +115,9 @@
     it 'works if the session is stored as a string or a Time' do
       session[:login_time] = Time.now.to_s
       # TODO: ???
-      expect(User).to receive(:authenticate).with('bla@bla.com', 'secret') { |&block| block.call(user, nil) }
+      expect(User).to receive(:authenticate).with('bla@example.com', 'secret') { |&block| block.call(user, nil) }
 
-      get :test_login, params: { email: 'bla@bla.com', password: 'secret' }
+      get :test_login, params: { email: 'bla@example.com', password: 'secret' }
 
       expect(session[:user_id]).not_to be_nil
       expect(response).to be_successful
@@ -129,7 +129,7 @@
       it 'does not logout if there was activity' do
         sorcery_controller_property_set(:session_timeout_from_last_action, true)
 
-        get :test_login, params: { email: 'bla@bla.com', password: 'secret' }
+        get :test_login, params: { email: 'bla@example.com', password: 'secret' }
         Timecop.travel(Time.now.in_time_zone + 0.3)
         get :test_should_be_logged_in
 
@@ -144,7 +144,7 @@
 
       it "with 'session_timeout_from_last_action' logs out if there was no activity" do
         sorcery_controller_property_set(:session_timeout_from_last_action, true)
-        get :test_login, params: { email: 'bla@bla.com', password: 'secret' }
+        get :test_login, params: { email: 'bla@example.com', password: 'secret' }
         Timecop.travel(Time.now.in_time_zone + 0.6)
         get :test_should_be_logged_in
 

spec/controllers/controller_session_timeout_spec.rb

@@ -52,8 +52,8 @@
     describe '#login' do
       context 'when succeeds' do
         before do
-          expect(User).to receive(:authenticate).with('bla@bla.com', 'secret') { |&block| block.call(user, nil) }
-          get :test_login, params: { email: 'bla@bla.com', password: 'secret' }
+          expect(User).to receive(:authenticate).with('bla@example.com', 'secret') { |&block| block.call(user, nil) }
+          get :test_login, params: { email: 'bla@example.com', password: 'secret' }
         end
 
         it 'assigns user to @user variable' do
@@ -67,8 +67,8 @@
 
       context 'when fails' do
         before do
-          expect(User).to receive(:authenticate).with('bla@bla.com', 'opensesame!').and_return(nil)
-          get :test_login, params: { email: 'bla@bla.com', password: 'opensesame!' }
+          expect(User).to receive(:authenticate).with('bla@example.com', 'opensesame!').and_return(nil)
+          get :test_login, params: { email: 'bla@example.com', password: 'opensesame!' }
         end
 
         it 'sets @user variable to nil' do
@@ -154,7 +154,7 @@
 
     it 'on successful login the user is redirected to the url he originally wanted' do
       session[:return_to_url] = 'http://test.host/some_action'
-      post :test_return_to, params: { email: 'bla@bla.com', password: 'secret' }
+      post :test_return_to, params: { email: 'bla@example.com', password: 'secret' }
 
       expect(response).to redirect_to('http://test.host/some_action')
       expect(flash[:notice]).to eq 'haha!'

spec/controllers/controller_spec.rb

@@ -107,7 +107,7 @@
       expect(lock_expires_at).not_to be_nil
 
       Timecop.travel(Time.now.in_time_zone + 0.3)
-      User.authenticate('bla@bla.com', 'secret')
+      User.authenticate('bla@example.com', 'secret')
 
       lock_expires_at = User.sorcery_adapter.find_by_id(user.id).lock_expires_at
       expect(lock_expires_at).to be_nil

spec/shared_examples/user_brute_force_protection_shared_examples.rb

@@ -13,7 +13,7 @@
       sorcery_model_property_set(:authentications_class, Authentication)
       sorcery_controller_external_property_set(:twitter, :key, 'eYVNBjBDi33aa9GkA3w')
       sorcery_controller_external_property_set(:twitter, :secret, 'XpbeSdCoaKSmQGSeokz5qcUATClRW5u08QWNfv71N8')
-      sorcery_controller_external_property_set(:twitter, :callback_url, 'http://blabla.com')
+      sorcery_controller_external_property_set(:twitter, :callback_url, 'http://example.com')
     end
 
     it "responds to 'load_from_provider'" do