RubyGems - couchkeeper - Versions diffs - 0.6.7 - Mend

couchkeeper 0.6.7

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (240) hide show

data/.gitignore +14 -0
data/.rspec +1 -0
data/.travis.yml +28 -0
data/CHANGELOG.md +198 -0
data/Gemfile +32 -0
data/MIT-LICENSE +20 -0
data/README.md +290 -0
data/Rakefile +18 -0
data/app/assets/javascripts/doorkeeper/application.js +2 -0
data/app/assets/stylesheets/doorkeeper/application.css +18 -0
data/app/assets/stylesheets/doorkeeper/form.css +13 -0
data/app/controllers/doorkeeper/application_controller.rb +7 -0
data/app/controllers/doorkeeper/applications_controller.rb +60 -0
data/app/controllers/doorkeeper/authorizations_controller.rb +57 -0
data/app/controllers/doorkeeper/authorized_applications_controller.rb +12 -0
data/app/controllers/doorkeeper/token_info_controller.rb +12 -0
data/app/controllers/doorkeeper/tokens_controller.rb +20 -0
data/app/helpers/doorkeeper/form_errors_helper.rb +9 -0
data/app/validators/redirect_uri_validator.rb +23 -0
data/app/views/doorkeeper/applications/_form.html.erb +34 -0
data/app/views/doorkeeper/applications/edit.html.erb +13 -0
data/app/views/doorkeeper/applications/index.html.erb +29 -0
data/app/views/doorkeeper/applications/new.html.erb +13 -0
data/app/views/doorkeeper/applications/show.html.erb +26 -0
data/app/views/doorkeeper/authorizations/error.html.erb +6 -0
data/app/views/doorkeeper/authorizations/new.html.erb +37 -0
data/app/views/doorkeeper/authorizations/show.html.erb +4 -0
data/app/views/doorkeeper/authorized_applications/index.html.erb +25 -0
data/app/views/layouts/doorkeeper/application.html.erb +33 -0
data/config/locales/en.yml +68 -0
data/doorkeeper.gemspec +28 -0
data/lib/doorkeeper.rb +64 -0
data/lib/doorkeeper/config.rb +194 -0
data/lib/doorkeeper/doorkeeper_for.rb +76 -0
data/lib/doorkeeper/engine.rb +19 -0
data/lib/doorkeeper/errors.rb +15 -0
data/lib/doorkeeper/helpers/controller.rb +58 -0
data/lib/doorkeeper/helpers/filter.rb +38 -0
data/lib/doorkeeper/models/access_grant.rb +24 -0
data/lib/doorkeeper/models/access_token.rb +95 -0
data/lib/doorkeeper/models/accessible.rb +9 -0
data/lib/doorkeeper/models/active_record/access_grant.rb +5 -0
data/lib/doorkeeper/models/active_record/access_token.rb +21 -0
data/lib/doorkeeper/models/active_record/application.rb +20 -0
data/lib/doorkeeper/models/application.rb +33 -0
data/lib/doorkeeper/models/couchbase/access_grant.rb +10 -0
data/lib/doorkeeper/models/couchbase/access_token.rb +7 -0
data/lib/doorkeeper/models/couchbase/application.rb +35 -0
data/lib/doorkeeper/models/doorkeeper_access_grant/by_token/map.js +5 -0
data/lib/doorkeeper/models/doorkeeper_access_token/by_application_id/map.js +5 -0
data/lib/doorkeeper/models/doorkeeper_access_token/by_application_id_and_resource_owner_id/map.js +5 -0
data/lib/doorkeeper/models/doorkeeper_access_token/by_refresh_token/map.js +5 -0
data/lib/doorkeeper/models/doorkeeper_access_token/by_resource_owner_id/map.js +5 -0
data/lib/doorkeeper/models/doorkeeper_access_token/by_token/map.js +5 -0
data/lib/doorkeeper/models/doorkeeper_application/by_uid/map.js +5 -0
data/lib/doorkeeper/models/doorkeeper_application/by_uid_and_secret/map.js +5 -0
data/lib/doorkeeper/models/doorkeeper_application/show_all/map.js +6 -0
data/lib/doorkeeper/models/expirable.rb +21 -0
data/lib/doorkeeper/models/mongo_mapper/access_grant.rb +28 -0
data/lib/doorkeeper/models/mongo_mapper/access_token.rb +51 -0
data/lib/doorkeeper/models/mongo_mapper/application.rb +30 -0
data/lib/doorkeeper/models/mongo_mapper/revocable.rb +15 -0
data/lib/doorkeeper/models/mongoid/revocable.rb +15 -0
data/lib/doorkeeper/models/mongoid/scopes.rb +15 -0
data/lib/doorkeeper/models/mongoid2/access_grant.rb +22 -0
data/lib/doorkeeper/models/mongoid2/access_token.rb +41 -0
data/lib/doorkeeper/models/mongoid2/application.rb +22 -0
data/lib/doorkeeper/models/mongoid3/access_grant.rb +22 -0
data/lib/doorkeeper/models/mongoid3/access_token.rb +41 -0
data/lib/doorkeeper/models/mongoid3/application.rb +22 -0
data/lib/doorkeeper/models/ownership.rb +16 -0
data/lib/doorkeeper/models/scopes.rb +17 -0
data/lib/doorkeeper/oauth/authorization.rb +10 -0
data/lib/doorkeeper/oauth/authorization/code.rb +32 -0
data/lib/doorkeeper/oauth/authorization/token.rb +28 -0
data/lib/doorkeeper/oauth/authorization/uri_builder.rb +29 -0
data/lib/doorkeeper/oauth/authorization_code_request.rb +82 -0
data/lib/doorkeeper/oauth/client.rb +29 -0
data/lib/doorkeeper/oauth/client/credentials.rb +21 -0
data/lib/doorkeeper/oauth/client/methods.rb +18 -0
data/lib/doorkeeper/oauth/client_credentials/creator.rb +29 -0
data/lib/doorkeeper/oauth/client_credentials/issuer.rb +35 -0
data/lib/doorkeeper/oauth/client_credentials/validation.rb +33 -0
data/lib/doorkeeper/oauth/client_credentials_request.rb +47 -0
data/lib/doorkeeper/oauth/code_request.rb +28 -0
data/lib/doorkeeper/oauth/code_response.rb +37 -0
data/lib/doorkeeper/oauth/error.rb +9 -0
data/lib/doorkeeper/oauth/error_response.rb +44 -0
data/lib/doorkeeper/oauth/helpers/scope_checker.rb +18 -0
data/lib/doorkeeper/oauth/helpers/unique_token.rb +13 -0
data/lib/doorkeeper/oauth/helpers/uri_checker.rb +32 -0
data/lib/doorkeeper/oauth/password_access_token_request.rb +84 -0
data/lib/doorkeeper/oauth/pre_authorization.rb +62 -0
data/lib/doorkeeper/oauth/refresh_token_request.rb +58 -0
data/lib/doorkeeper/oauth/scopes.rb +60 -0
data/lib/doorkeeper/oauth/token.rb +36 -0
data/lib/doorkeeper/oauth/token_request.rb +28 -0
data/lib/doorkeeper/oauth/token_response.rb +29 -0
data/lib/doorkeeper/rails/routes.rb +90 -0
data/lib/doorkeeper/rails/routes/mapper.rb +28 -0
data/lib/doorkeeper/rails/routes/mapping.rb +39 -0
data/lib/doorkeeper/request.rb +33 -0
data/lib/doorkeeper/request/authorization_code.rb +23 -0
data/lib/doorkeeper/request/client_credentials.rb +23 -0
data/lib/doorkeeper/request/code.rb +24 -0
data/lib/doorkeeper/request/password.rb +23 -0
data/lib/doorkeeper/request/refresh_token.rb +23 -0
data/lib/doorkeeper/request/token.rb +24 -0
data/lib/doorkeeper/server.rb +54 -0
data/lib/doorkeeper/validations.rb +30 -0
data/lib/doorkeeper/version.rb +3 -0
data/lib/generators/doorkeeper/application_owner_generator.rb +15 -0
data/lib/generators/doorkeeper/install_generator.rb +12 -0
data/lib/generators/doorkeeper/migration_generator.rb +15 -0
data/lib/generators/doorkeeper/mongo_mapper/indexes_generator.rb +12 -0
data/lib/generators/doorkeeper/templates/README +44 -0
data/lib/generators/doorkeeper/templates/add_owner_to_application_migration.rb +7 -0
data/lib/generators/doorkeeper/templates/indexes.rb +3 -0
data/lib/generators/doorkeeper/templates/initializer.rb +67 -0
data/lib/generators/doorkeeper/templates/migration.rb +42 -0
data/lib/generators/doorkeeper/views_generator.rb +15 -0
data/script/rails +6 -0
data/script/run_all +14 -0
data/spec/controllers/applications_controller_spec.rb +18 -0
data/spec/controllers/authorizations_controller_spec.rb +154 -0
data/spec/controllers/protected_resources_controller_spec.rb +304 -0
data/spec/controllers/token_info_controller_spec.rb +54 -0
data/spec/controllers/tokens_controller_spec.rb +36 -0
data/spec/dummy/Rakefile +7 -0
data/spec/dummy/app/assets/javascripts/application.js +9 -0
data/spec/dummy/app/assets/stylesheets/application.css +7 -0
data/spec/dummy/app/controllers/application_controller.rb +3 -0
data/spec/dummy/app/controllers/custom_authorizations_controller.rb +7 -0
data/spec/dummy/app/controllers/full_protected_resources_controller.rb +12 -0
data/spec/dummy/app/controllers/home_controller.rb +17 -0
data/spec/dummy/app/controllers/metal_controller.rb +11 -0
data/spec/dummy/app/controllers/semi_protected_resources_controller.rb +11 -0
data/spec/dummy/app/helpers/application_helper.rb +5 -0
data/spec/dummy/app/models/user.rb +27 -0
data/spec/dummy/app/views/home/index.html.erb +0 -0
data/spec/dummy/app/views/layouts/application.html.erb +16 -0
data/spec/dummy/config.ru +4 -0
data/spec/dummy/config/application.rb +54 -0
data/spec/dummy/config/boot.rb +6 -0
data/spec/dummy/config/database.yml +15 -0
data/spec/dummy/config/environment.rb +5 -0
data/spec/dummy/config/environments/development.rb +30 -0
data/spec/dummy/config/environments/production.rb +60 -0
data/spec/dummy/config/environments/test.rb +39 -0
data/spec/dummy/config/initializers/backtrace_silencers.rb +7 -0
data/spec/dummy/config/initializers/doorkeeper.rb +56 -0
data/spec/dummy/config/initializers/secret_token.rb +9 -0
data/spec/dummy/config/initializers/session_store.rb +8 -0
data/spec/dummy/config/initializers/wrap_parameters.rb +14 -0
data/spec/dummy/config/locales/doorkeeper.en.yml +5 -0
data/spec/dummy/config/mongo.yml +11 -0
data/spec/dummy/config/mongoid2.yml +9 -0
data/spec/dummy/config/mongoid3.yml +18 -0
data/spec/dummy/config/routes.rb +38 -0
data/spec/dummy/db/migrate/20111122132257_create_users.rb +9 -0
data/spec/dummy/db/migrate/20120312140401_add_password_to_users.rb +5 -0
data/spec/dummy/db/migrate/20120524202412_create_doorkeeper_tables.rb +44 -0
data/spec/dummy/db/schema.rb +64 -0
data/spec/dummy/public/404.html +26 -0
data/spec/dummy/public/422.html +26 -0
data/spec/dummy/public/500.html +26 -0
data/spec/dummy/public/favicon.ico +0 -0
data/spec/dummy/script/rails +6 -0
data/spec/factories/access_grant.rb +9 -0
data/spec/factories/access_token.rb +7 -0
data/spec/factories/application.rb +6 -0
data/spec/generators/application_owner_generator_spec.rb +23 -0
data/spec/generators/install_generator_spec.rb +31 -0
data/spec/generators/migration_generator_spec.rb +20 -0
data/spec/generators/templates/routes.rb +3 -0
data/spec/generators/views_generator_spec.rb +27 -0
data/spec/lib/config_spec.rb +170 -0
data/spec/lib/models/expirable_spec.rb +51 -0
data/spec/lib/models/revocable_spec.rb +31 -0
data/spec/lib/models/scopes_spec.rb +32 -0
data/spec/lib/oauth/authorization/uri_builder_spec.rb +37 -0
data/spec/lib/oauth/authorization_code_request_spec.rb +80 -0
data/spec/lib/oauth/client/credentials_spec.rb +47 -0
data/spec/lib/oauth/client/methods_spec.rb +54 -0
data/spec/lib/oauth/client_credentials/creator_spec.rb +47 -0
data/spec/lib/oauth/client_credentials/issuer_spec.rb +57 -0
data/spec/lib/oauth/client_credentials/validation_spec.rb +29 -0
data/spec/lib/oauth/client_credentials_integration_spec.rb +27 -0
data/spec/lib/oauth/client_credentials_request_spec.rb +64 -0
data/spec/lib/oauth/client_spec.rb +39 -0
data/spec/lib/oauth/code_request_spec.rb +44 -0
data/spec/lib/oauth/error_response_spec.rb +40 -0
data/spec/lib/oauth/error_spec.rb +19 -0
data/spec/lib/oauth/helpers/scope_checker_spec.rb +74 -0
data/spec/lib/oauth/helpers/unique_token_spec.rb +20 -0
data/spec/lib/oauth/helpers/uri_checker_spec.rb +64 -0
data/spec/lib/oauth/password_access_token_request_spec.rb +65 -0
data/spec/lib/oauth/pre_authorization_spec.rb +80 -0
data/spec/lib/oauth/refresh_token_request_spec.rb +56 -0
data/spec/lib/oauth/scopes_spec.rb +115 -0
data/spec/lib/oauth/token_request_spec.rb +46 -0
data/spec/lib/oauth/token_response_spec.rb +52 -0
data/spec/lib/oauth/token_spec.rb +83 -0
data/spec/lib/server_spec.rb +24 -0
data/spec/models/doorkeeper/access_grant_spec.rb +36 -0
data/spec/models/doorkeeper/access_token_spec.rb +153 -0
data/spec/models/doorkeeper/application_spec.rb +162 -0
data/spec/requests/applications/applications_request_spec.rb +92 -0
data/spec/requests/applications/authorized_applications_spec.rb +30 -0
data/spec/requests/endpoints/authorization_spec.rb +47 -0
data/spec/requests/endpoints/token_spec.rb +46 -0
data/spec/requests/flows/authorization_code_errors_spec.rb +66 -0
data/spec/requests/flows/authorization_code_spec.rb +135 -0
data/spec/requests/flows/client_credentials_spec.rb +58 -0
data/spec/requests/flows/implicit_grant_errors_spec.rb +31 -0
data/spec/requests/flows/implicit_grant_spec.rb +19 -0
data/spec/requests/flows/password_spec.rb +78 -0
data/spec/requests/flows/refresh_token_spec.rb +71 -0
data/spec/requests/flows/skip_authorization_spec.rb +40 -0
data/spec/requests/protected_resources/metal_spec.rb +14 -0
data/spec/requests/protected_resources/private_api_spec.rb +50 -0
data/spec/routing/custom_controller_routes_spec.rb +44 -0
data/spec/routing/default_routes_spec.rb +32 -0
data/spec/spec_helper.rb +2 -0
data/spec/spec_helper_integration.rb +40 -0
data/spec/support/dependencies/factory_girl.rb +2 -0
data/spec/support/helpers/access_token_request_helper.rb +11 -0
data/spec/support/helpers/authorization_request_helper.rb +32 -0
data/spec/support/helpers/config_helper.rb +9 -0
data/spec/support/helpers/model_helper.rb +45 -0
data/spec/support/helpers/request_spec_helper.rb +72 -0
data/spec/support/helpers/url_helper.rb +51 -0
data/spec/support/orm/active_record.rb +11 -0
data/spec/support/orm/mongo_mapper.rb +26 -0
data/spec/support/orm/mongoid.rb +31 -0
data/spec/support/shared/controllers_shared_context.rb +60 -0
data/spec/support/shared/models_shared_examples.rb +60 -0
data/spec/validators/redirect_uri_validator_spec.rb +47 -0
data/vendor/assets/stylesheets/doorkeeper/bootstrap.min.css +356 -0
metadata +430 -0

data/spec/requests/flows/implicit_grant_errors_spec.rb ADDED

@@ -0,0 +1,31 @@
+require 'spec_helper_integration'
+feature 'Implicit Grant Flow Errors' do
+  background do
+    config_is_set(:authenticate_resource_owner) { User.first || redirect_to('/sign_in') }
+    client_exists
+    create_resource_owner
+    sign_in
+  end
+  after do
+    access_token_should_not_exist
+  end
+  [
+    [:client_id,     :invalid_client],
+    [:redirect_uri,  :invalid_redirect_uri],
+  ].each do |error|
+    scenario "displays #{error.last.inspect} error for invalid #{error.first.inspect}" do
+      visit authorization_endpoint_url(:client => @client, error.first => "invalid", :response_type => "token")
+      i_should_not_see "Authorize"
+      i_should_see_translated_error_message error.last
+    end
+    scenario "displays #{error.last.inspect} error when #{error.first.inspect} is missing" do
+      visit authorization_endpoint_url(:client => @client, error.first => "", :response_type => "token")
+      i_should_not_see "Authorize"
+      i_should_see_translated_error_message error.last
+    end
+  end
+end

data/spec/requests/flows/implicit_grant_spec.rb ADDED

@@ -0,0 +1,19 @@
+require 'spec_helper_integration'
+feature 'Implicit Grant Flow' do
+  background do
+    config_is_set(:authenticate_resource_owner) { User.first || redirect_to('/sign_in') }
+    client_exists
+    create_resource_owner
+    sign_in
+  end
+  scenario 'resource owner authorizes the client' do
+    visit authorization_endpoint_url(:client => @client, :response_type => 'token')
+    click_on "Authorize"
+    access_token_should_exist_for @client, @resource_owner
+    i_should_be_on_client_callback @client
+  end
+end

data/spec/requests/flows/password_spec.rb ADDED

@@ -0,0 +1,78 @@
+# coding: utf-8
+# TODO: this flow should be configurable (letting Doorkeeper users decide if
+# they want to make it available)
+require 'spec_helper_integration'
+feature 'Resource Owner Password Credentials Flow inproperly set up' do
+  background do
+    client_exists
+    create_resource_owner
+  end
+  context 'with valid user credentials' do
+    scenario "should issue new token" do
+      pending 'Check a way to supress warnings here (or handle config better)'
+      expect {
+        post password_token_endpoint_url(:client => @client, :resource_owner => @resource_owner)
+      }.to_not change { Doorkeeper::AccessToken.count }
+    end
+  end
+end
+feature 'Resource Owner Password Credentials Flow' do
+  background do
+    config_is_set(:resource_owner_from_credentials) { User.authenticate! params[:username], params[:password] }
+    client_exists
+    create_resource_owner
+  end
+  context 'with valid user credentials' do
+    scenario "should issue new token" do
+      expect {
+        post password_token_endpoint_url(:client => @client, :resource_owner => @resource_owner)
+      }.to change { Doorkeeper::AccessToken.count }.by(1)
+      token = Doorkeeper::AccessToken.first
+      should_have_json 'access_token',  token.token
+    end
+    scenario "should issue a refresh token if enabled" do
+      config_is_set(:refresh_token_enabled, true)
+      post password_token_endpoint_url(:client => @client, :resource_owner => @resource_owner)
+      token = Doorkeeper::AccessToken.first
+      should_have_json 'refresh_token',  token.refresh_token
+    end
+    scenario 'should return the same token if it is still accessible' do
+      client_is_authorized(@client, @resource_owner)
+      post password_token_endpoint_url(:client => @client, :resource_owner => @resource_owner)
+      Doorkeeper::AccessToken.count.should be(1)
+      should_have_json 'access_token', Doorkeeper::AccessToken.first.token
+    end
+  end
+  context "with invalid user credentials" do
+    scenario "should not issue new token with bad password" do
+      expect {
+        post password_token_endpoint_url( :client => @client,
+                                          :resource_owner_username => @resource_owner.name,
+                                          :resource_owner_password => 'wrongpassword')
+      }.to_not change { Doorkeeper::AccessToken.count }
+    end
+    scenario "should not issue new token without credentials" do
+      expect {
+        post password_token_endpoint_url( :client => @client)
+      }.to_not change { Doorkeeper::AccessToken.count }
+    end
+  end
+end

data/spec/requests/flows/refresh_token_spec.rb ADDED

@@ -0,0 +1,71 @@
+require 'spec_helper_integration'
+feature "Refresh Token Flow" do
+  before do
+    Doorkeeper.configure {
+      orm DOORKEEPER_ORM
+      use_refresh_token
+    }
+    client_exists
+  end
+  context "issuing a refresh token" do
+    before do
+      authorization_code_exists :application => @client
+    end
+    scenario "client gets the refresh token and refreshses it" do
+      post token_endpoint_url(:code => @authorization.token, :client => @client)
+      token = Doorkeeper::AccessToken.first
+      should_have_json 'access_token',  token.token
+      should_have_json 'refresh_token', token.refresh_token
+      @authorization.reload.should be_revoked
+      post refresh_token_endpoint_url(:client => @client, :refresh_token => token.refresh_token)
+      new_token = Doorkeeper::AccessToken.last
+      should_have_json 'access_token',  new_token.token
+      should_have_json 'refresh_token', new_token.refresh_token
+      token.token.should_not         == new_token.token
+      token.refresh_token.should_not == new_token.refresh_token
+    end
+  end
+  context "refreshing the token" do
+    before do
+      @token = FactoryGirl.create(:access_token, :application => @client, :resource_owner_id => 1, :use_refresh_token => true)
+    end
+    scenario "client request a token with refresh token" do
+      post refresh_token_endpoint_url(:client => @client, :refresh_token => @token.refresh_token)
+      should_have_json 'refresh_token', Doorkeeper::AccessToken.last.refresh_token
+      @token.reload.should be_revoked
+    end
+    scenario "client request a token with expired access token" do
+      @token.update_column :expires_in, -100
+      post refresh_token_endpoint_url(:client => @client, :refresh_token => @token.refresh_token)
+      should_have_json 'refresh_token', Doorkeeper::AccessToken.last.refresh_token
+      @token.reload.should be_revoked
+    end
+    # TODO: verify proper error code for this (previously was invalid_grant)
+    scenario "client gets an error for invalid refresh token" do
+      post refresh_token_endpoint_url(:client => @client, :refresh_token => "invalid")
+      should_not_have_json 'refresh_token'
+      should_have_json 'error', 'invalid_request'
+    end
+    # TODO: verify proper error code for this (previously was invalid_grant)
+    scenario "client gets an error for revoked acccess token" do
+      @token.revoke
+      post refresh_token_endpoint_url(:client => @client, :refresh_token => @token.refresh_token)
+      should_not_have_json 'refresh_token'
+      should_have_json 'error', 'invalid_request'
+    end
+  end
+end

data/spec/requests/flows/skip_authorization_spec.rb ADDED

@@ -0,0 +1,40 @@
+require 'spec_helper_integration'
+feature 'Skip authorization form' do
+  background do
+    config_is_set(:authenticate_resource_owner) { User.first || redirect_to('/sign_in') }
+    client_exists
+    default_scopes_exist  :public
+    optional_scopes_exist :write
+  end
+  context 'for previously authorized clients' do
+    background do
+      create_resource_owner
+      sign_in
+    end
+    scenario 'skips the authorization and return a new grant code' do
+      client_is_authorized(@client, @resource_owner, :scopes => "public")
+      visit authorization_endpoint_url(:client => @client)
+      i_should_not_see "Authorize"
+      client_should_be_authorized @client
+      i_should_be_on_client_callback @client
+      url_should_have_param "code", Doorkeeper::AccessGrant.first.token
+    end
+    scenario 'does not skip authorization when scopes differ' do
+      client_is_authorized(@client, @resource_owner, :scopes => "public write")
+      visit authorization_endpoint_url(:client => @client, :scope => "public")
+      i_should_see "Authorize"
+    end
+    scenario 'creates grant with new scope when scopes differ' do
+      client_is_authorized(@client, @resource_owner, :scopes => "public write")
+      visit authorization_endpoint_url(:client => @client, :scope => "public")
+      click_on "Authorize"
+      access_grant_should_have_scopes :public
+    end
+  end
+end

data/spec/requests/protected_resources/metal_spec.rb ADDED

@@ -0,0 +1,14 @@
+require 'spec_helper_integration'
+feature 'ActionController::Metal API' do
+  background do
+    @client   = FactoryGirl.create(:application)
+    @resource = User.create!(:name => "Joe", :password => "sekret")
+    @token    = client_is_authorized(@client, @resource)
+  end
+  scenario 'client requests protected resource with valid token' do
+    get "/metal.json?access_token=#{@token.token}"
+    should_have_json 'ok', true
+  end
+end

data/spec/requests/protected_resources/private_api_spec.rb ADDED

@@ -0,0 +1,50 @@
+require 'spec_helper_integration'
+feature 'Private API' do
+  background do
+    @client   = FactoryGirl.create(:application)
+    @resource = User.create!(:name => "Joe", :password => "sekret")
+    @token    = client_is_authorized(@client, @resource)
+  end
+  scenario 'client requests protected resource with valid token' do
+    with_access_token_header @token.token
+    visit '/full_protected_resources'
+    page.body.should have_content("index")
+  end
+  scenario 'client requests protected resource with disabled header authentication' do
+    config_is_set :access_token_methods, [:from_access_token_param]
+    with_access_token_header @token.token
+    visit '/full_protected_resources'
+    response_status_should_be 401
+  end
+  scenario 'client attempts to request protected resource with invalid token' do
+    with_access_token_header "invalid"
+    visit '/full_protected_resources'
+    response_status_should_be 401
+  end
+  scenario 'client attempts to request protected resource with expired token' do
+    @token.update_column :expires_in, -100 # expires token
+    with_access_token_header @token.token
+    visit '/full_protected_resources'
+    response_status_should_be 401
+  end
+  scenario 'client requests protected resource with permanent token' do
+    @token.update_column :expires_in, nil # never expires
+    with_access_token_header @token.token
+    visit '/full_protected_resources'
+    page.body.should have_content("index")
+  end
+  scenario 'access token with no scopes' do
+    optional_scopes_exist :admin
+    @token.update_column :scopes, nil
+    with_access_token_header @token.token
+    visit '/full_protected_resources/1.json'
+    response_status_should_be 401
+  end
+end

data/spec/routing/custom_controller_routes_spec.rb ADDED

@@ -0,0 +1,44 @@
+require 'spec_helper_integration'
+describe 'Custom controller for routes' do
+  it 'GET /space/oauth/authorize routes to custom authorizations controller' do
+    get('/space/oauth/authorize').should route_to('custom_authorizations#new')
+  end
+  it 'POST /space/oauth/authorize routes to custom authorizations controller' do
+    post('/space/oauth/authorize').should route_to('custom_authorizations#create')
+  end
+  it 'DELETE /space/oauth/authorize routes to custom authorizations controller' do
+    delete('/space/oauth/authorize').should route_to('custom_authorizations#destroy')
+  end
+  it 'POST /space/oauth/token routes to tokens controller' do
+    post('/space/oauth/token').should route_to('custom_authorizations#create')
+  end
+  it 'GET /space/oauth/applications routes to applications controller' do
+    get('/space/oauth/applications').should route_to('custom_authorizations#index')
+  end
+  it 'GET /space/oauth/token/info routes to the token_info controller' do
+    get('/space/oauth/token/info').should route_to('custom_authorizations#show')
+  end
+  it 'POST /outer_space/oauth/token is not be routable' do
+    post('/outer_space/oauth/token').should_not be_routable
+  end
+  it 'GET /outer_space/oauth/authorize routes to custom authorizations controller' do
+    get('/outer_space/oauth/authorize').should be_routable
+  end
+  it 'GET /outer_space/oauth/applications is not routable' do
+    get('/outer_space/oauth/applications').should_not be_routable
+  end
+  it 'GET /outer_space/oauth/token_info is not routable' do
+    get('/outer_space/oauth/token/info').should_not be_routable
+  end
+end

data/spec/routing/default_routes_spec.rb ADDED

@@ -0,0 +1,32 @@
+require 'spec_helper_integration'
+describe 'Default routes' do
+  it 'GET /oauth/authorize routes to authorizations controller' do
+    get('/oauth/authorize').should route_to('doorkeeper/authorizations#new')
+  end
+  it 'POST /oauth/authorize routes to authorizations controller' do
+    post('/oauth/authorize').should route_to('doorkeeper/authorizations#create')
+  end
+  it 'DELETE /oauth/authorize routes to authorizations controller' do
+    delete('/oauth/authorize').should route_to('doorkeeper/authorizations#destroy')
+  end
+  it 'POST /oauth/token routes to tokens controller' do
+    post('/oauth/token').should route_to('doorkeeper/tokens#create')
+  end
+  it 'GET /oauth/applications routes to applications controller' do
+    get('/oauth/applications').should route_to('doorkeeper/applications#index')
+  end
+  it 'GET /oauth/authorized_applications routes to authorized applications controller' do
+    get('/oauth/authorized_applications').should route_to('doorkeeper/authorized_applications#index')
+  end
+  it 'GET /oauth/token/info route to authorzed tokeninfo controller' do
+    get('/oauth/token/info').should route_to('doorkeeper/token_info#show')
+  end
+end

data/spec/spec_helper.rb ADDED

	@@ -0,0 +1,2 @@
1	+ $LOAD_PATH.unshift File.expand_path(File.join(File.dirname(__FILE__), "../lib"))
2	+ $LOAD_PATH.unshift File.expand_path(File.join(File.dirname(__FILE__), "../app"))

data/spec/spec_helper_integration.rb ADDED

@@ -0,0 +1,40 @@
+ENV["RAILS_ENV"] ||= 'test'
+DOORKEEPER_ORM = (ENV['orm'] || :active_record).to_sym
+$:.unshift File.dirname(__FILE__)
+require 'dummy/config/environment'
+require 'rspec/rails'
+require 'rspec/autorun'
+require 'generator_spec/test_case'
+require 'timecop'
+require 'database_cleaner'
+puts "====> Doorkeeper.orm = #{Doorkeeper.configuration.orm.inspect}"
+puts "====> Rails version: #{Rails.version}"
+puts "====> Ruby version: #{RUBY_VERSION}"
+require "support/orm/#{Doorkeeper.configuration.orm_name}"
+ENGINE_RAILS_ROOT = File.join(File.dirname(__FILE__), '../')
+Dir["#{File.dirname(__FILE__)}/support/{dependencies,helpers,shared}/*.rb"].each { |f| require f }
+RSpec.configure do |config|
+  config.mock_with :rspec
+  config.infer_base_class_for_anonymous_controllers = false
+  config.before do
+    DatabaseCleaner.start
+    Doorkeeper.configure {
+      orm DOORKEEPER_ORM
+    }
+  end
+  config.after do
+    DatabaseCleaner.clean
+  end
+  config.order = 'random'
+end

data/spec/support/dependencies/factory_girl.rb ADDED

	@@ -0,0 +1,2 @@
1	+ require 'factory_girl'
2	+ FactoryGirl.find_definitions

data/spec/support/helpers/access_token_request_helper.rb ADDED

@@ -0,0 +1,11 @@
+module AccessTokenRequestHelper
+  def client_is_authorized(client, resource_owner, access_token_attributes = {})
+    attributes = {
+      :application => client,
+      :resource_owner_id => resource_owner.id
+    }.merge(access_token_attributes)
+    FactoryGirl.create(:access_token, attributes)
+  end
+end
+RSpec.configuration.send :include, AccessTokenRequestHelper, :type => :request