couchkeeper 0.6.7
Sign up to get free protection for your applications and to get access to all the features.
- data/.gitignore +14 -0
- data/.rspec +1 -0
- data/.travis.yml +28 -0
- data/CHANGELOG.md +198 -0
- data/Gemfile +32 -0
- data/MIT-LICENSE +20 -0
- data/README.md +290 -0
- data/Rakefile +18 -0
- data/app/assets/javascripts/doorkeeper/application.js +2 -0
- data/app/assets/stylesheets/doorkeeper/application.css +18 -0
- data/app/assets/stylesheets/doorkeeper/form.css +13 -0
- data/app/controllers/doorkeeper/application_controller.rb +7 -0
- data/app/controllers/doorkeeper/applications_controller.rb +60 -0
- data/app/controllers/doorkeeper/authorizations_controller.rb +57 -0
- data/app/controllers/doorkeeper/authorized_applications_controller.rb +12 -0
- data/app/controllers/doorkeeper/token_info_controller.rb +12 -0
- data/app/controllers/doorkeeper/tokens_controller.rb +20 -0
- data/app/helpers/doorkeeper/form_errors_helper.rb +9 -0
- data/app/validators/redirect_uri_validator.rb +23 -0
- data/app/views/doorkeeper/applications/_form.html.erb +34 -0
- data/app/views/doorkeeper/applications/edit.html.erb +13 -0
- data/app/views/doorkeeper/applications/index.html.erb +29 -0
- data/app/views/doorkeeper/applications/new.html.erb +13 -0
- data/app/views/doorkeeper/applications/show.html.erb +26 -0
- data/app/views/doorkeeper/authorizations/error.html.erb +6 -0
- data/app/views/doorkeeper/authorizations/new.html.erb +37 -0
- data/app/views/doorkeeper/authorizations/show.html.erb +4 -0
- data/app/views/doorkeeper/authorized_applications/index.html.erb +25 -0
- data/app/views/layouts/doorkeeper/application.html.erb +33 -0
- data/config/locales/en.yml +68 -0
- data/doorkeeper.gemspec +28 -0
- data/lib/doorkeeper.rb +64 -0
- data/lib/doorkeeper/config.rb +194 -0
- data/lib/doorkeeper/doorkeeper_for.rb +76 -0
- data/lib/doorkeeper/engine.rb +19 -0
- data/lib/doorkeeper/errors.rb +15 -0
- data/lib/doorkeeper/helpers/controller.rb +58 -0
- data/lib/doorkeeper/helpers/filter.rb +38 -0
- data/lib/doorkeeper/models/access_grant.rb +24 -0
- data/lib/doorkeeper/models/access_token.rb +95 -0
- data/lib/doorkeeper/models/accessible.rb +9 -0
- data/lib/doorkeeper/models/active_record/access_grant.rb +5 -0
- data/lib/doorkeeper/models/active_record/access_token.rb +21 -0
- data/lib/doorkeeper/models/active_record/application.rb +20 -0
- data/lib/doorkeeper/models/application.rb +33 -0
- data/lib/doorkeeper/models/couchbase/access_grant.rb +10 -0
- data/lib/doorkeeper/models/couchbase/access_token.rb +7 -0
- data/lib/doorkeeper/models/couchbase/application.rb +35 -0
- data/lib/doorkeeper/models/doorkeeper_access_grant/by_token/map.js +5 -0
- data/lib/doorkeeper/models/doorkeeper_access_token/by_application_id/map.js +5 -0
- data/lib/doorkeeper/models/doorkeeper_access_token/by_application_id_and_resource_owner_id/map.js +5 -0
- data/lib/doorkeeper/models/doorkeeper_access_token/by_refresh_token/map.js +5 -0
- data/lib/doorkeeper/models/doorkeeper_access_token/by_resource_owner_id/map.js +5 -0
- data/lib/doorkeeper/models/doorkeeper_access_token/by_token/map.js +5 -0
- data/lib/doorkeeper/models/doorkeeper_application/by_uid/map.js +5 -0
- data/lib/doorkeeper/models/doorkeeper_application/by_uid_and_secret/map.js +5 -0
- data/lib/doorkeeper/models/doorkeeper_application/show_all/map.js +6 -0
- data/lib/doorkeeper/models/expirable.rb +21 -0
- data/lib/doorkeeper/models/mongo_mapper/access_grant.rb +28 -0
- data/lib/doorkeeper/models/mongo_mapper/access_token.rb +51 -0
- data/lib/doorkeeper/models/mongo_mapper/application.rb +30 -0
- data/lib/doorkeeper/models/mongo_mapper/revocable.rb +15 -0
- data/lib/doorkeeper/models/mongoid/revocable.rb +15 -0
- data/lib/doorkeeper/models/mongoid/scopes.rb +15 -0
- data/lib/doorkeeper/models/mongoid2/access_grant.rb +22 -0
- data/lib/doorkeeper/models/mongoid2/access_token.rb +41 -0
- data/lib/doorkeeper/models/mongoid2/application.rb +22 -0
- data/lib/doorkeeper/models/mongoid3/access_grant.rb +22 -0
- data/lib/doorkeeper/models/mongoid3/access_token.rb +41 -0
- data/lib/doorkeeper/models/mongoid3/application.rb +22 -0
- data/lib/doorkeeper/models/ownership.rb +16 -0
- data/lib/doorkeeper/models/scopes.rb +17 -0
- data/lib/doorkeeper/oauth/authorization.rb +10 -0
- data/lib/doorkeeper/oauth/authorization/code.rb +32 -0
- data/lib/doorkeeper/oauth/authorization/token.rb +28 -0
- data/lib/doorkeeper/oauth/authorization/uri_builder.rb +29 -0
- data/lib/doorkeeper/oauth/authorization_code_request.rb +82 -0
- data/lib/doorkeeper/oauth/client.rb +29 -0
- data/lib/doorkeeper/oauth/client/credentials.rb +21 -0
- data/lib/doorkeeper/oauth/client/methods.rb +18 -0
- data/lib/doorkeeper/oauth/client_credentials/creator.rb +29 -0
- data/lib/doorkeeper/oauth/client_credentials/issuer.rb +35 -0
- data/lib/doorkeeper/oauth/client_credentials/validation.rb +33 -0
- data/lib/doorkeeper/oauth/client_credentials_request.rb +47 -0
- data/lib/doorkeeper/oauth/code_request.rb +28 -0
- data/lib/doorkeeper/oauth/code_response.rb +37 -0
- data/lib/doorkeeper/oauth/error.rb +9 -0
- data/lib/doorkeeper/oauth/error_response.rb +44 -0
- data/lib/doorkeeper/oauth/helpers/scope_checker.rb +18 -0
- data/lib/doorkeeper/oauth/helpers/unique_token.rb +13 -0
- data/lib/doorkeeper/oauth/helpers/uri_checker.rb +32 -0
- data/lib/doorkeeper/oauth/password_access_token_request.rb +84 -0
- data/lib/doorkeeper/oauth/pre_authorization.rb +62 -0
- data/lib/doorkeeper/oauth/refresh_token_request.rb +58 -0
- data/lib/doorkeeper/oauth/scopes.rb +60 -0
- data/lib/doorkeeper/oauth/token.rb +36 -0
- data/lib/doorkeeper/oauth/token_request.rb +28 -0
- data/lib/doorkeeper/oauth/token_response.rb +29 -0
- data/lib/doorkeeper/rails/routes.rb +90 -0
- data/lib/doorkeeper/rails/routes/mapper.rb +28 -0
- data/lib/doorkeeper/rails/routes/mapping.rb +39 -0
- data/lib/doorkeeper/request.rb +33 -0
- data/lib/doorkeeper/request/authorization_code.rb +23 -0
- data/lib/doorkeeper/request/client_credentials.rb +23 -0
- data/lib/doorkeeper/request/code.rb +24 -0
- data/lib/doorkeeper/request/password.rb +23 -0
- data/lib/doorkeeper/request/refresh_token.rb +23 -0
- data/lib/doorkeeper/request/token.rb +24 -0
- data/lib/doorkeeper/server.rb +54 -0
- data/lib/doorkeeper/validations.rb +30 -0
- data/lib/doorkeeper/version.rb +3 -0
- data/lib/generators/doorkeeper/application_owner_generator.rb +15 -0
- data/lib/generators/doorkeeper/install_generator.rb +12 -0
- data/lib/generators/doorkeeper/migration_generator.rb +15 -0
- data/lib/generators/doorkeeper/mongo_mapper/indexes_generator.rb +12 -0
- data/lib/generators/doorkeeper/templates/README +44 -0
- data/lib/generators/doorkeeper/templates/add_owner_to_application_migration.rb +7 -0
- data/lib/generators/doorkeeper/templates/indexes.rb +3 -0
- data/lib/generators/doorkeeper/templates/initializer.rb +67 -0
- data/lib/generators/doorkeeper/templates/migration.rb +42 -0
- data/lib/generators/doorkeeper/views_generator.rb +15 -0
- data/script/rails +6 -0
- data/script/run_all +14 -0
- data/spec/controllers/applications_controller_spec.rb +18 -0
- data/spec/controllers/authorizations_controller_spec.rb +154 -0
- data/spec/controllers/protected_resources_controller_spec.rb +304 -0
- data/spec/controllers/token_info_controller_spec.rb +54 -0
- data/spec/controllers/tokens_controller_spec.rb +36 -0
- data/spec/dummy/Rakefile +7 -0
- data/spec/dummy/app/assets/javascripts/application.js +9 -0
- data/spec/dummy/app/assets/stylesheets/application.css +7 -0
- data/spec/dummy/app/controllers/application_controller.rb +3 -0
- data/spec/dummy/app/controllers/custom_authorizations_controller.rb +7 -0
- data/spec/dummy/app/controllers/full_protected_resources_controller.rb +12 -0
- data/spec/dummy/app/controllers/home_controller.rb +17 -0
- data/spec/dummy/app/controllers/metal_controller.rb +11 -0
- data/spec/dummy/app/controllers/semi_protected_resources_controller.rb +11 -0
- data/spec/dummy/app/helpers/application_helper.rb +5 -0
- data/spec/dummy/app/models/user.rb +27 -0
- data/spec/dummy/app/views/home/index.html.erb +0 -0
- data/spec/dummy/app/views/layouts/application.html.erb +16 -0
- data/spec/dummy/config.ru +4 -0
- data/spec/dummy/config/application.rb +54 -0
- data/spec/dummy/config/boot.rb +6 -0
- data/spec/dummy/config/database.yml +15 -0
- data/spec/dummy/config/environment.rb +5 -0
- data/spec/dummy/config/environments/development.rb +30 -0
- data/spec/dummy/config/environments/production.rb +60 -0
- data/spec/dummy/config/environments/test.rb +39 -0
- data/spec/dummy/config/initializers/backtrace_silencers.rb +7 -0
- data/spec/dummy/config/initializers/doorkeeper.rb +56 -0
- data/spec/dummy/config/initializers/secret_token.rb +9 -0
- data/spec/dummy/config/initializers/session_store.rb +8 -0
- data/spec/dummy/config/initializers/wrap_parameters.rb +14 -0
- data/spec/dummy/config/locales/doorkeeper.en.yml +5 -0
- data/spec/dummy/config/mongo.yml +11 -0
- data/spec/dummy/config/mongoid2.yml +9 -0
- data/spec/dummy/config/mongoid3.yml +18 -0
- data/spec/dummy/config/routes.rb +38 -0
- data/spec/dummy/db/migrate/20111122132257_create_users.rb +9 -0
- data/spec/dummy/db/migrate/20120312140401_add_password_to_users.rb +5 -0
- data/spec/dummy/db/migrate/20120524202412_create_doorkeeper_tables.rb +44 -0
- data/spec/dummy/db/schema.rb +64 -0
- data/spec/dummy/public/404.html +26 -0
- data/spec/dummy/public/422.html +26 -0
- data/spec/dummy/public/500.html +26 -0
- data/spec/dummy/public/favicon.ico +0 -0
- data/spec/dummy/script/rails +6 -0
- data/spec/factories/access_grant.rb +9 -0
- data/spec/factories/access_token.rb +7 -0
- data/spec/factories/application.rb +6 -0
- data/spec/generators/application_owner_generator_spec.rb +23 -0
- data/spec/generators/install_generator_spec.rb +31 -0
- data/spec/generators/migration_generator_spec.rb +20 -0
- data/spec/generators/templates/routes.rb +3 -0
- data/spec/generators/views_generator_spec.rb +27 -0
- data/spec/lib/config_spec.rb +170 -0
- data/spec/lib/models/expirable_spec.rb +51 -0
- data/spec/lib/models/revocable_spec.rb +31 -0
- data/spec/lib/models/scopes_spec.rb +32 -0
- data/spec/lib/oauth/authorization/uri_builder_spec.rb +37 -0
- data/spec/lib/oauth/authorization_code_request_spec.rb +80 -0
- data/spec/lib/oauth/client/credentials_spec.rb +47 -0
- data/spec/lib/oauth/client/methods_spec.rb +54 -0
- data/spec/lib/oauth/client_credentials/creator_spec.rb +47 -0
- data/spec/lib/oauth/client_credentials/issuer_spec.rb +57 -0
- data/spec/lib/oauth/client_credentials/validation_spec.rb +29 -0
- data/spec/lib/oauth/client_credentials_integration_spec.rb +27 -0
- data/spec/lib/oauth/client_credentials_request_spec.rb +64 -0
- data/spec/lib/oauth/client_spec.rb +39 -0
- data/spec/lib/oauth/code_request_spec.rb +44 -0
- data/spec/lib/oauth/error_response_spec.rb +40 -0
- data/spec/lib/oauth/error_spec.rb +19 -0
- data/spec/lib/oauth/helpers/scope_checker_spec.rb +74 -0
- data/spec/lib/oauth/helpers/unique_token_spec.rb +20 -0
- data/spec/lib/oauth/helpers/uri_checker_spec.rb +64 -0
- data/spec/lib/oauth/password_access_token_request_spec.rb +65 -0
- data/spec/lib/oauth/pre_authorization_spec.rb +80 -0
- data/spec/lib/oauth/refresh_token_request_spec.rb +56 -0
- data/spec/lib/oauth/scopes_spec.rb +115 -0
- data/spec/lib/oauth/token_request_spec.rb +46 -0
- data/spec/lib/oauth/token_response_spec.rb +52 -0
- data/spec/lib/oauth/token_spec.rb +83 -0
- data/spec/lib/server_spec.rb +24 -0
- data/spec/models/doorkeeper/access_grant_spec.rb +36 -0
- data/spec/models/doorkeeper/access_token_spec.rb +153 -0
- data/spec/models/doorkeeper/application_spec.rb +162 -0
- data/spec/requests/applications/applications_request_spec.rb +92 -0
- data/spec/requests/applications/authorized_applications_spec.rb +30 -0
- data/spec/requests/endpoints/authorization_spec.rb +47 -0
- data/spec/requests/endpoints/token_spec.rb +46 -0
- data/spec/requests/flows/authorization_code_errors_spec.rb +66 -0
- data/spec/requests/flows/authorization_code_spec.rb +135 -0
- data/spec/requests/flows/client_credentials_spec.rb +58 -0
- data/spec/requests/flows/implicit_grant_errors_spec.rb +31 -0
- data/spec/requests/flows/implicit_grant_spec.rb +19 -0
- data/spec/requests/flows/password_spec.rb +78 -0
- data/spec/requests/flows/refresh_token_spec.rb +71 -0
- data/spec/requests/flows/skip_authorization_spec.rb +40 -0
- data/spec/requests/protected_resources/metal_spec.rb +14 -0
- data/spec/requests/protected_resources/private_api_spec.rb +50 -0
- data/spec/routing/custom_controller_routes_spec.rb +44 -0
- data/spec/routing/default_routes_spec.rb +32 -0
- data/spec/spec_helper.rb +2 -0
- data/spec/spec_helper_integration.rb +40 -0
- data/spec/support/dependencies/factory_girl.rb +2 -0
- data/spec/support/helpers/access_token_request_helper.rb +11 -0
- data/spec/support/helpers/authorization_request_helper.rb +32 -0
- data/spec/support/helpers/config_helper.rb +9 -0
- data/spec/support/helpers/model_helper.rb +45 -0
- data/spec/support/helpers/request_spec_helper.rb +72 -0
- data/spec/support/helpers/url_helper.rb +51 -0
- data/spec/support/orm/active_record.rb +11 -0
- data/spec/support/orm/mongo_mapper.rb +26 -0
- data/spec/support/orm/mongoid.rb +31 -0
- data/spec/support/shared/controllers_shared_context.rb +60 -0
- data/spec/support/shared/models_shared_examples.rb +60 -0
- data/spec/validators/redirect_uri_validator_spec.rb +47 -0
- data/vendor/assets/stylesheets/doorkeeper/bootstrap.min.css +356 -0
- metadata +430 -0
|
@@ -0,0 +1,25 @@
|
|
|
1
|
+
<div class="span16">
|
|
2
|
+
<header class="page-header">
|
|
3
|
+
<h2>Your authorized applications</h2>
|
|
4
|
+
</header>
|
|
5
|
+
|
|
6
|
+
<table class="zebra-striped">
|
|
7
|
+
<thead>
|
|
8
|
+
<tr>
|
|
9
|
+
<th>Application</th>
|
|
10
|
+
<th>Authorized at</th>
|
|
11
|
+
<th></th>
|
|
12
|
+
<th></th>
|
|
13
|
+
</tr>
|
|
14
|
+
</thead>
|
|
15
|
+
<tbody>
|
|
16
|
+
<% @applications.each do |application| %>
|
|
17
|
+
<tr>
|
|
18
|
+
<td><%= application.name %></td>
|
|
19
|
+
<td><%= application.created_at %></td>
|
|
20
|
+
<td><%= link_to 'Revoke', oauth_authorized_application_path(application), :data => { :confirm => 'Are you sure?' }, :method => :delete, :class => 'btn danger' %></td>
|
|
21
|
+
</tr>
|
|
22
|
+
<% end %>
|
|
23
|
+
</tbody>
|
|
24
|
+
</table>
|
|
25
|
+
</div>
|
|
@@ -0,0 +1,33 @@
|
|
|
1
|
+
<!DOCTYPE html>
|
|
2
|
+
<html>
|
|
3
|
+
<head>
|
|
4
|
+
<title>Doorkeeper</title>
|
|
5
|
+
<%= stylesheet_link_tag "doorkeeper/application" %>
|
|
6
|
+
<%= javascript_include_tag "doorkeeper/application" %>
|
|
7
|
+
<%= csrf_meta_tags %>
|
|
8
|
+
</head>
|
|
9
|
+
<body>
|
|
10
|
+
<section id="main" class="container">
|
|
11
|
+
<div class="topbar">
|
|
12
|
+
<div class="fill">
|
|
13
|
+
<div class="container">
|
|
14
|
+
<span class="brand">
|
|
15
|
+
OAuth2 Provider
|
|
16
|
+
</span>
|
|
17
|
+
</div>
|
|
18
|
+
</div>
|
|
19
|
+
</div>
|
|
20
|
+
<div class="content">
|
|
21
|
+
<div class="row">
|
|
22
|
+
<% flash.each do |key, message| %>
|
|
23
|
+
<div class="span16">
|
|
24
|
+
<div class="alert-message <%= key %>" data-alert><a class="close" href="#">×</a><p><%= message %></p></div>
|
|
25
|
+
</div>
|
|
26
|
+
<% end %>
|
|
27
|
+
|
|
28
|
+
<%= yield %>
|
|
29
|
+
</div>
|
|
30
|
+
</div>
|
|
31
|
+
</section>
|
|
32
|
+
</body>
|
|
33
|
+
</html>
|
|
@@ -0,0 +1,68 @@
|
|
|
1
|
+
en:
|
|
2
|
+
activerecord:
|
|
3
|
+
errors:
|
|
4
|
+
models:
|
|
5
|
+
application:
|
|
6
|
+
attributes:
|
|
7
|
+
redirect_uri:
|
|
8
|
+
fragment_present: 'cannot contain a fragment.'
|
|
9
|
+
has_query_parameter: 'cannot contain a query parameter.'
|
|
10
|
+
invalid_uri: 'must be a valid URI.'
|
|
11
|
+
relative_uri: 'must be an absolute URI.'
|
|
12
|
+
mongoid:
|
|
13
|
+
errors:
|
|
14
|
+
models:
|
|
15
|
+
application:
|
|
16
|
+
attributes:
|
|
17
|
+
redirect_uri:
|
|
18
|
+
fragment_present: 'cannot contain a fragment.'
|
|
19
|
+
has_query_parameter: 'cannot contain a query parameter.'
|
|
20
|
+
invalid_uri: 'must be a valid URI.'
|
|
21
|
+
relative_uri: 'must be an absolute URI.'
|
|
22
|
+
mongo_mapper:
|
|
23
|
+
errors:
|
|
24
|
+
models:
|
|
25
|
+
application:
|
|
26
|
+
attributes:
|
|
27
|
+
redirect_uri:
|
|
28
|
+
fragment_present: 'cannot contain a fragment.'
|
|
29
|
+
has_query_parameter: 'cannot contain a query parameter.'
|
|
30
|
+
invalid_uri: 'must be a valid URI.'
|
|
31
|
+
relative_uri: 'must be an absolute URI.'
|
|
32
|
+
doorkeeper:
|
|
33
|
+
errors:
|
|
34
|
+
messages:
|
|
35
|
+
# Common error messages
|
|
36
|
+
invalid_request: 'The request is missing a required parameter, includes an unsupported parameter value, or is otherwise malformed.'
|
|
37
|
+
invalid_redirect_uri: 'The redirect uri included is not valid.'
|
|
38
|
+
unauthorized_client: 'The client is not authorized to perform this request using this method.'
|
|
39
|
+
access_denied: 'The resource owner or authorization server denied the request.'
|
|
40
|
+
invalid_scope: 'The requested scope is invalid, unknown, or malformed.'
|
|
41
|
+
server_error: 'The authorization server encountered an unexpected condition which prevented it from fulfilling the request.'
|
|
42
|
+
temporarily_unavailable: 'The authorization server is currently unable to handle the request due to a temporary overloading or maintenance of the server.'
|
|
43
|
+
|
|
44
|
+
#configuration error messages
|
|
45
|
+
credential_flow_not_configured: 'Resource Owner Password Credentials flow failed due to Doorkeeper.configure.resource_owner_from_credentials being unconfigured.'
|
|
46
|
+
resource_owner_authenticator_not_configured: 'Resource Owner find failed due to Doorkeeper.configure.resource_owner_authenticator being unconfiged.'
|
|
47
|
+
|
|
48
|
+
# Access grant errors
|
|
49
|
+
unsupported_response_type: 'The authorization server does not support this response type.'
|
|
50
|
+
|
|
51
|
+
# Access token errors
|
|
52
|
+
invalid_client: 'Client authentication failed due to unknown client, no client authentication included, or unsupported authentication method.'
|
|
53
|
+
invalid_grant: 'The provided authorization grant is invalid, expired, revoked, does not match the redirection URI used in the authorization request, or was issued to another client.'
|
|
54
|
+
unsupported_grant_type: 'The authorization grant type is not supported by the authorization server.'
|
|
55
|
+
|
|
56
|
+
# Password Access token errors
|
|
57
|
+
invalid_resource_owner: 'The provided resource owner credentials are not valid, or resource owner cannot be found'
|
|
58
|
+
flash:
|
|
59
|
+
applications:
|
|
60
|
+
create:
|
|
61
|
+
notice: 'Application created.'
|
|
62
|
+
destroy:
|
|
63
|
+
notice: 'Application deleted.'
|
|
64
|
+
update:
|
|
65
|
+
notice: 'Application updated.'
|
|
66
|
+
authorized_applications:
|
|
67
|
+
destroy:
|
|
68
|
+
notice: 'Application revoked.'
|
data/doorkeeper.gemspec
ADDED
|
@@ -0,0 +1,28 @@
|
|
|
1
|
+
$:.push File.expand_path("../lib", __FILE__)
|
|
2
|
+
|
|
3
|
+
require "doorkeeper/version"
|
|
4
|
+
|
|
5
|
+
Gem::Specification.new do |s|
|
|
6
|
+
s.name = "couchkeeper"
|
|
7
|
+
s.version = Doorkeeper::VERSION
|
|
8
|
+
s.authors = ["Felipe Elias Philipp", "Piotr Jakubowski"]
|
|
9
|
+
s.email = ["felipe@applicake.com", "piotr.jakubowski@applicake.com"]
|
|
10
|
+
s.homepage = "https://github.com/applicake/doorkeeper"
|
|
11
|
+
s.summary = "Doorkeeper is an OAuth 2 provider for Rails."
|
|
12
|
+
s.description = "Doorkeeper is an OAuth 2 provider for Rails."
|
|
13
|
+
|
|
14
|
+
s.files = `git ls-files`.split("\n")
|
|
15
|
+
s.test_files = `git ls-files -- test/*`.split("\n")
|
|
16
|
+
s.require_paths = ["lib"]
|
|
17
|
+
|
|
18
|
+
s.add_dependency "railties", ">= 3.1"
|
|
19
|
+
|
|
20
|
+
s.add_development_dependency "sqlite3", "~> 1.3.5"
|
|
21
|
+
s.add_development_dependency "rspec-rails", ">= 2.11.4"
|
|
22
|
+
s.add_development_dependency "capybara", "~> 1.1.2"
|
|
23
|
+
s.add_development_dependency "generator_spec", "~> 0.8.5"
|
|
24
|
+
s.add_development_dependency "factory_girl", "~> 2.6.4"
|
|
25
|
+
s.add_development_dependency "timecop", "~> 0.5.2"
|
|
26
|
+
s.add_development_dependency "database_cleaner", "~> 0.9.1"
|
|
27
|
+
s.add_development_dependency "bcrypt-ruby", "~> 3.0.1"
|
|
28
|
+
end
|
data/lib/doorkeeper.rb
ADDED
|
@@ -0,0 +1,64 @@
|
|
|
1
|
+
require "doorkeeper/version"
|
|
2
|
+
require "doorkeeper/engine"
|
|
3
|
+
require "doorkeeper/config"
|
|
4
|
+
require "doorkeeper/doorkeeper_for"
|
|
5
|
+
|
|
6
|
+
require 'doorkeeper/errors'
|
|
7
|
+
require 'doorkeeper/server'
|
|
8
|
+
require 'doorkeeper/request'
|
|
9
|
+
|
|
10
|
+
module Doorkeeper
|
|
11
|
+
autoload :Validations, "doorkeeper/validations"
|
|
12
|
+
|
|
13
|
+
module OAuth
|
|
14
|
+
autoload :Scopes, "doorkeeper/oauth/scopes"
|
|
15
|
+
autoload :Error, "doorkeeper/oauth/error"
|
|
16
|
+
autoload :CodeResponse, "doorkeeper/oauth/code_response"
|
|
17
|
+
autoload :TokenResponse, "doorkeeper/oauth/token_response"
|
|
18
|
+
autoload :ErrorResponse, "doorkeeper/oauth/error_response"
|
|
19
|
+
autoload :PreAuthorization, "doorkeeper/oauth/pre_authorization"
|
|
20
|
+
autoload :AuthorizationCodeRequest, "doorkeeper/oauth/authorization_code_request"
|
|
21
|
+
autoload :RefreshTokenRequest, "doorkeeper/oauth/refresh_token_request"
|
|
22
|
+
autoload :PasswordAccessTokenRequest, "doorkeeper/oauth/password_access_token_request"
|
|
23
|
+
autoload :ClientCredentialsRequest, "doorkeeper/oauth/client_credentials_request"
|
|
24
|
+
autoload :Authorization, "doorkeeper/oauth/authorization"
|
|
25
|
+
autoload :CodeRequest, "doorkeeper/oauth/code_request"
|
|
26
|
+
autoload :TokenRequest, "doorkeeper/oauth/token_request"
|
|
27
|
+
autoload :Client, "doorkeeper/oauth/client"
|
|
28
|
+
autoload :Token, "doorkeeper/oauth/token"
|
|
29
|
+
|
|
30
|
+
module Helpers
|
|
31
|
+
autoload :ScopeChecker, "doorkeeper/oauth/helpers/scope_checker"
|
|
32
|
+
autoload :URIChecker, "doorkeeper/oauth/helpers/uri_checker"
|
|
33
|
+
autoload :UniqueToken, "doorkeeper/oauth/helpers/unique_token"
|
|
34
|
+
end
|
|
35
|
+
end
|
|
36
|
+
|
|
37
|
+
module Models
|
|
38
|
+
autoload :Scopes, 'doorkeeper/models/scopes'
|
|
39
|
+
autoload :Expirable, 'doorkeeper/models/expirable'
|
|
40
|
+
autoload :Revocable, 'doorkeeper/models/revocable'
|
|
41
|
+
autoload :Accessible, 'doorkeeper/models/accessible'
|
|
42
|
+
end
|
|
43
|
+
|
|
44
|
+
module Helpers
|
|
45
|
+
autoload :Filter, "doorkeeper/helpers/filter"
|
|
46
|
+
autoload :Controller, "doorkeeper/helpers/controller"
|
|
47
|
+
end
|
|
48
|
+
|
|
49
|
+
module Rails
|
|
50
|
+
autoload :Routes, "doorkeeper/rails/routes"
|
|
51
|
+
end
|
|
52
|
+
|
|
53
|
+
def self.configured?
|
|
54
|
+
@config.present?
|
|
55
|
+
end
|
|
56
|
+
|
|
57
|
+
def self.database_installed?
|
|
58
|
+
[AccessToken, AccessGrant, Application].all? { |model| model.table_exists? }
|
|
59
|
+
end
|
|
60
|
+
|
|
61
|
+
def self.installed?
|
|
62
|
+
configured? && database_installed?
|
|
63
|
+
end
|
|
64
|
+
end
|
|
@@ -0,0 +1,194 @@
|
|
|
1
|
+
module Doorkeeper
|
|
2
|
+
class MissingConfiguration < StandardError
|
|
3
|
+
def initialize
|
|
4
|
+
super("Configuration for doorkeeper missing. Do you have doorkeeper initializer?")
|
|
5
|
+
end
|
|
6
|
+
end
|
|
7
|
+
|
|
8
|
+
def self.configure(&block)
|
|
9
|
+
@config = Config::Builder.new(&block).build
|
|
10
|
+
enable_orm
|
|
11
|
+
setup_application_owner if @config.enable_application_owner?
|
|
12
|
+
end
|
|
13
|
+
|
|
14
|
+
def self.configuration
|
|
15
|
+
@config || (raise MissingConfiguration.new)
|
|
16
|
+
end
|
|
17
|
+
|
|
18
|
+
def self.enable_orm
|
|
19
|
+
require "doorkeeper/models/#{@config.orm}/access_grant"
|
|
20
|
+
require "doorkeeper/models/#{@config.orm}/access_token"
|
|
21
|
+
require "doorkeeper/models/#{@config.orm}/application"
|
|
22
|
+
require 'doorkeeper/models/access_grant'
|
|
23
|
+
require 'doorkeeper/models/access_token'
|
|
24
|
+
require 'doorkeeper/models/application'
|
|
25
|
+
end
|
|
26
|
+
|
|
27
|
+
def self.setup_application_owner
|
|
28
|
+
require File.join(File.dirname(__FILE__), 'models', 'ownership')
|
|
29
|
+
Doorkeeper::Application.send :include, Doorkeeper::Models::Ownership
|
|
30
|
+
end
|
|
31
|
+
|
|
32
|
+
class Config
|
|
33
|
+
class Builder
|
|
34
|
+
def initialize(&block)
|
|
35
|
+
@config = Config.new
|
|
36
|
+
instance_eval(&block)
|
|
37
|
+
end
|
|
38
|
+
|
|
39
|
+
def build
|
|
40
|
+
@config
|
|
41
|
+
end
|
|
42
|
+
|
|
43
|
+
def enable_application_owner(opts={})
|
|
44
|
+
@config.instance_variable_set("@enable_application_owner", true)
|
|
45
|
+
confirm_application_owner if opts[:confirmation].present? && opts[:confirmation]
|
|
46
|
+
end
|
|
47
|
+
|
|
48
|
+
def confirm_application_owner
|
|
49
|
+
@config.instance_variable_set("@confirm_application_owner", true)
|
|
50
|
+
end
|
|
51
|
+
|
|
52
|
+
def default_scopes(*scopes)
|
|
53
|
+
@config.instance_variable_set("@default_scopes", Doorkeeper::OAuth::Scopes.from_array(scopes))
|
|
54
|
+
end
|
|
55
|
+
|
|
56
|
+
def optional_scopes(*scopes)
|
|
57
|
+
@config.instance_variable_set("@optional_scopes", Doorkeeper::OAuth::Scopes.from_array(scopes))
|
|
58
|
+
end
|
|
59
|
+
|
|
60
|
+
def client_credentials(*methods)
|
|
61
|
+
@config.instance_variable_set("@client_credentials", methods)
|
|
62
|
+
end
|
|
63
|
+
|
|
64
|
+
def access_token_methods(*methods)
|
|
65
|
+
@config.instance_variable_set("@access_token_methods", methods)
|
|
66
|
+
end
|
|
67
|
+
|
|
68
|
+
def use_refresh_token
|
|
69
|
+
@config.instance_variable_set("@refresh_token_enabled", true)
|
|
70
|
+
end
|
|
71
|
+
end
|
|
72
|
+
|
|
73
|
+
module Option
|
|
74
|
+
|
|
75
|
+
# Defines configuration option
|
|
76
|
+
#
|
|
77
|
+
# When you call option, it defines two methods. One method will take place
|
|
78
|
+
# in the +Config+ class and the other method will take place in the
|
|
79
|
+
# +Builder+ class.
|
|
80
|
+
#
|
|
81
|
+
# The +name+ parameter will set both builder method and config attribute.
|
|
82
|
+
# If the +:as+ option is defined, the builder method will be the specified
|
|
83
|
+
# option while the config attribute will be the +name+ parameter.
|
|
84
|
+
#
|
|
85
|
+
# If you want to introduce another level of config DSL you can
|
|
86
|
+
# define +builder_class+ parameter.
|
|
87
|
+
# Builder should take a block as the initializer parameter and respond to function +build+
|
|
88
|
+
# that returns the value of the config attribute.
|
|
89
|
+
#
|
|
90
|
+
# ==== Options
|
|
91
|
+
#
|
|
92
|
+
# * [:+as+] Set the builder method that goes inside +configure+ block
|
|
93
|
+
# * [+:default+] The default value in case no option was set
|
|
94
|
+
#
|
|
95
|
+
# ==== Examples
|
|
96
|
+
#
|
|
97
|
+
# option :name
|
|
98
|
+
# option :name, :as => :set_name
|
|
99
|
+
# option :name, :default => "My Name"
|
|
100
|
+
# option :scopes :builder_class => ScopesBuilder
|
|
101
|
+
#
|
|
102
|
+
def option(name, options = {})
|
|
103
|
+
attribute = options[:as] || name
|
|
104
|
+
attribute_builder = options[:builder_class]
|
|
105
|
+
|
|
106
|
+
Builder.instance_eval do
|
|
107
|
+
define_method name do |*args, &block|
|
|
108
|
+
# TODO: is builder_class option being used?
|
|
109
|
+
value = unless attribute_builder
|
|
110
|
+
block ? block : args.first
|
|
111
|
+
else
|
|
112
|
+
attribute_builder.new(&block).build
|
|
113
|
+
end
|
|
114
|
+
|
|
115
|
+
@config.instance_variable_set(:"@#{attribute}", value)
|
|
116
|
+
end
|
|
117
|
+
end
|
|
118
|
+
|
|
119
|
+
define_method attribute do |*args|
|
|
120
|
+
if instance_variable_defined?(:"@#{attribute}")
|
|
121
|
+
instance_variable_get(:"@#{attribute}")
|
|
122
|
+
else
|
|
123
|
+
options[:default]
|
|
124
|
+
end
|
|
125
|
+
end
|
|
126
|
+
|
|
127
|
+
public attribute
|
|
128
|
+
end
|
|
129
|
+
|
|
130
|
+
def extended(base)
|
|
131
|
+
base.send(:private, :option)
|
|
132
|
+
end
|
|
133
|
+
end
|
|
134
|
+
|
|
135
|
+
extend Option
|
|
136
|
+
|
|
137
|
+
option :resource_owner_authenticator,
|
|
138
|
+
:as => :authenticate_resource_owner,
|
|
139
|
+
:default => lambda{|routes|
|
|
140
|
+
logger.warn(I18n.translate('doorkeeper.errors.messages.resource_owner_authenticator_not_configured'))
|
|
141
|
+
nil
|
|
142
|
+
}
|
|
143
|
+
option :admin_authenticator,
|
|
144
|
+
:as => :authenticate_admin,
|
|
145
|
+
:default => lambda{|routes| }
|
|
146
|
+
option :resource_owner_from_credentials,
|
|
147
|
+
:default => lambda{|routes|
|
|
148
|
+
warn(I18n.translate('doorkeeper.errors.messages.credential_flow_not_configured'))
|
|
149
|
+
nil
|
|
150
|
+
}
|
|
151
|
+
option :skip_authorization, :default => lambda{|routes|}
|
|
152
|
+
option :access_token_expires_in, :default => 7200
|
|
153
|
+
option :authorization_code_expires_in,:default => 600
|
|
154
|
+
option :orm, :default => :active_record
|
|
155
|
+
option :test_redirect_uri, :default => 'urn:ietf:wg:oauth:2.0:oob'
|
|
156
|
+
|
|
157
|
+
|
|
158
|
+
def refresh_token_enabled?
|
|
159
|
+
!!@refresh_token_enabled
|
|
160
|
+
end
|
|
161
|
+
|
|
162
|
+
def enable_application_owner?
|
|
163
|
+
!!@enable_application_owner
|
|
164
|
+
end
|
|
165
|
+
|
|
166
|
+
def confirm_application_owner?
|
|
167
|
+
!!@confirm_application_owner
|
|
168
|
+
end
|
|
169
|
+
|
|
170
|
+
def default_scopes
|
|
171
|
+
@default_scopes ||= Doorkeeper::OAuth::Scopes.new
|
|
172
|
+
end
|
|
173
|
+
|
|
174
|
+
def optional_scopes
|
|
175
|
+
@optional_scopes ||= Doorkeeper::OAuth::Scopes.new
|
|
176
|
+
end
|
|
177
|
+
|
|
178
|
+
def scopes
|
|
179
|
+
@scopes ||= default_scopes + optional_scopes
|
|
180
|
+
end
|
|
181
|
+
|
|
182
|
+
def orm_name
|
|
183
|
+
[:mongoid2, :mongoid3].include?(orm) ? :mongoid : orm
|
|
184
|
+
end
|
|
185
|
+
|
|
186
|
+
def client_credentials_methods
|
|
187
|
+
@client_credentials ||= [:from_basic, :from_params]
|
|
188
|
+
end
|
|
189
|
+
|
|
190
|
+
def access_token_methods
|
|
191
|
+
@access_token_methods ||= [:from_bearer_authorization, :from_access_token_param, :from_bearer_param]
|
|
192
|
+
end
|
|
193
|
+
end
|
|
194
|
+
end
|
|
@@ -0,0 +1,76 @@
|
|
|
1
|
+
module Doorkeeper
|
|
2
|
+
class InvalidSyntax < StandardError; end
|
|
3
|
+
class DoorkeeperFor
|
|
4
|
+
def initialize(options)
|
|
5
|
+
options ||= {}
|
|
6
|
+
raise InvalidSyntax unless options.is_a? Hash
|
|
7
|
+
@filter_options = {}
|
|
8
|
+
|
|
9
|
+
options.each do |k, v|
|
|
10
|
+
self.send(k, v)
|
|
11
|
+
end
|
|
12
|
+
end
|
|
13
|
+
|
|
14
|
+
# TODO: move this to Token class
|
|
15
|
+
def validate_token(token)
|
|
16
|
+
return false unless token
|
|
17
|
+
validate_token_scopes(token)
|
|
18
|
+
end
|
|
19
|
+
|
|
20
|
+
def filter_options
|
|
21
|
+
@filter_options
|
|
22
|
+
end
|
|
23
|
+
|
|
24
|
+
private
|
|
25
|
+
def scopes(scopes)
|
|
26
|
+
@scopes = scopes
|
|
27
|
+
end
|
|
28
|
+
|
|
29
|
+
def if(if_block)
|
|
30
|
+
@filter_options[:if] = if_block
|
|
31
|
+
end
|
|
32
|
+
|
|
33
|
+
def unless(unless_block)
|
|
34
|
+
@filter_options[:unless] = unless_block
|
|
35
|
+
end
|
|
36
|
+
|
|
37
|
+
# TODO: move this to Token class
|
|
38
|
+
def validate_token_scopes(token)
|
|
39
|
+
return true if @scopes.blank?
|
|
40
|
+
token.scopes.any? { |scope| @scopes.include? scope}
|
|
41
|
+
end
|
|
42
|
+
end
|
|
43
|
+
|
|
44
|
+
class AllDoorkeeperFor < DoorkeeperFor
|
|
45
|
+
private
|
|
46
|
+
def except(actions)
|
|
47
|
+
@filter_options[:except] = actions
|
|
48
|
+
end
|
|
49
|
+
end
|
|
50
|
+
|
|
51
|
+
class SelectedDoorkeeperFor < DoorkeeperFor
|
|
52
|
+
def initialize(*args)
|
|
53
|
+
options = args.pop if args.last.is_a? Hash
|
|
54
|
+
super(options)
|
|
55
|
+
only(args)
|
|
56
|
+
end
|
|
57
|
+
|
|
58
|
+
private
|
|
59
|
+
def only(actions)
|
|
60
|
+
@filter_options[:only] = actions
|
|
61
|
+
end
|
|
62
|
+
end
|
|
63
|
+
|
|
64
|
+
class DoorkeeperForBuilder
|
|
65
|
+
def self.create_doorkeeper_for(*args)
|
|
66
|
+
case args.first
|
|
67
|
+
when :all
|
|
68
|
+
AllDoorkeeperFor.new(args[1] || {})
|
|
69
|
+
when Hash, nil
|
|
70
|
+
raise InvalidSyntax
|
|
71
|
+
else
|
|
72
|
+
SelectedDoorkeeperFor.new(*args)
|
|
73
|
+
end
|
|
74
|
+
end
|
|
75
|
+
end
|
|
76
|
+
end
|