couchkeeper 0.6.7
Sign up to get free protection for your applications and to get access to all the features.
- data/.gitignore +14 -0
- data/.rspec +1 -0
- data/.travis.yml +28 -0
- data/CHANGELOG.md +198 -0
- data/Gemfile +32 -0
- data/MIT-LICENSE +20 -0
- data/README.md +290 -0
- data/Rakefile +18 -0
- data/app/assets/javascripts/doorkeeper/application.js +2 -0
- data/app/assets/stylesheets/doorkeeper/application.css +18 -0
- data/app/assets/stylesheets/doorkeeper/form.css +13 -0
- data/app/controllers/doorkeeper/application_controller.rb +7 -0
- data/app/controllers/doorkeeper/applications_controller.rb +60 -0
- data/app/controllers/doorkeeper/authorizations_controller.rb +57 -0
- data/app/controllers/doorkeeper/authorized_applications_controller.rb +12 -0
- data/app/controllers/doorkeeper/token_info_controller.rb +12 -0
- data/app/controllers/doorkeeper/tokens_controller.rb +20 -0
- data/app/helpers/doorkeeper/form_errors_helper.rb +9 -0
- data/app/validators/redirect_uri_validator.rb +23 -0
- data/app/views/doorkeeper/applications/_form.html.erb +34 -0
- data/app/views/doorkeeper/applications/edit.html.erb +13 -0
- data/app/views/doorkeeper/applications/index.html.erb +29 -0
- data/app/views/doorkeeper/applications/new.html.erb +13 -0
- data/app/views/doorkeeper/applications/show.html.erb +26 -0
- data/app/views/doorkeeper/authorizations/error.html.erb +6 -0
- data/app/views/doorkeeper/authorizations/new.html.erb +37 -0
- data/app/views/doorkeeper/authorizations/show.html.erb +4 -0
- data/app/views/doorkeeper/authorized_applications/index.html.erb +25 -0
- data/app/views/layouts/doorkeeper/application.html.erb +33 -0
- data/config/locales/en.yml +68 -0
- data/doorkeeper.gemspec +28 -0
- data/lib/doorkeeper.rb +64 -0
- data/lib/doorkeeper/config.rb +194 -0
- data/lib/doorkeeper/doorkeeper_for.rb +76 -0
- data/lib/doorkeeper/engine.rb +19 -0
- data/lib/doorkeeper/errors.rb +15 -0
- data/lib/doorkeeper/helpers/controller.rb +58 -0
- data/lib/doorkeeper/helpers/filter.rb +38 -0
- data/lib/doorkeeper/models/access_grant.rb +24 -0
- data/lib/doorkeeper/models/access_token.rb +95 -0
- data/lib/doorkeeper/models/accessible.rb +9 -0
- data/lib/doorkeeper/models/active_record/access_grant.rb +5 -0
- data/lib/doorkeeper/models/active_record/access_token.rb +21 -0
- data/lib/doorkeeper/models/active_record/application.rb +20 -0
- data/lib/doorkeeper/models/application.rb +33 -0
- data/lib/doorkeeper/models/couchbase/access_grant.rb +10 -0
- data/lib/doorkeeper/models/couchbase/access_token.rb +7 -0
- data/lib/doorkeeper/models/couchbase/application.rb +35 -0
- data/lib/doorkeeper/models/doorkeeper_access_grant/by_token/map.js +5 -0
- data/lib/doorkeeper/models/doorkeeper_access_token/by_application_id/map.js +5 -0
- data/lib/doorkeeper/models/doorkeeper_access_token/by_application_id_and_resource_owner_id/map.js +5 -0
- data/lib/doorkeeper/models/doorkeeper_access_token/by_refresh_token/map.js +5 -0
- data/lib/doorkeeper/models/doorkeeper_access_token/by_resource_owner_id/map.js +5 -0
- data/lib/doorkeeper/models/doorkeeper_access_token/by_token/map.js +5 -0
- data/lib/doorkeeper/models/doorkeeper_application/by_uid/map.js +5 -0
- data/lib/doorkeeper/models/doorkeeper_application/by_uid_and_secret/map.js +5 -0
- data/lib/doorkeeper/models/doorkeeper_application/show_all/map.js +6 -0
- data/lib/doorkeeper/models/expirable.rb +21 -0
- data/lib/doorkeeper/models/mongo_mapper/access_grant.rb +28 -0
- data/lib/doorkeeper/models/mongo_mapper/access_token.rb +51 -0
- data/lib/doorkeeper/models/mongo_mapper/application.rb +30 -0
- data/lib/doorkeeper/models/mongo_mapper/revocable.rb +15 -0
- data/lib/doorkeeper/models/mongoid/revocable.rb +15 -0
- data/lib/doorkeeper/models/mongoid/scopes.rb +15 -0
- data/lib/doorkeeper/models/mongoid2/access_grant.rb +22 -0
- data/lib/doorkeeper/models/mongoid2/access_token.rb +41 -0
- data/lib/doorkeeper/models/mongoid2/application.rb +22 -0
- data/lib/doorkeeper/models/mongoid3/access_grant.rb +22 -0
- data/lib/doorkeeper/models/mongoid3/access_token.rb +41 -0
- data/lib/doorkeeper/models/mongoid3/application.rb +22 -0
- data/lib/doorkeeper/models/ownership.rb +16 -0
- data/lib/doorkeeper/models/scopes.rb +17 -0
- data/lib/doorkeeper/oauth/authorization.rb +10 -0
- data/lib/doorkeeper/oauth/authorization/code.rb +32 -0
- data/lib/doorkeeper/oauth/authorization/token.rb +28 -0
- data/lib/doorkeeper/oauth/authorization/uri_builder.rb +29 -0
- data/lib/doorkeeper/oauth/authorization_code_request.rb +82 -0
- data/lib/doorkeeper/oauth/client.rb +29 -0
- data/lib/doorkeeper/oauth/client/credentials.rb +21 -0
- data/lib/doorkeeper/oauth/client/methods.rb +18 -0
- data/lib/doorkeeper/oauth/client_credentials/creator.rb +29 -0
- data/lib/doorkeeper/oauth/client_credentials/issuer.rb +35 -0
- data/lib/doorkeeper/oauth/client_credentials/validation.rb +33 -0
- data/lib/doorkeeper/oauth/client_credentials_request.rb +47 -0
- data/lib/doorkeeper/oauth/code_request.rb +28 -0
- data/lib/doorkeeper/oauth/code_response.rb +37 -0
- data/lib/doorkeeper/oauth/error.rb +9 -0
- data/lib/doorkeeper/oauth/error_response.rb +44 -0
- data/lib/doorkeeper/oauth/helpers/scope_checker.rb +18 -0
- data/lib/doorkeeper/oauth/helpers/unique_token.rb +13 -0
- data/lib/doorkeeper/oauth/helpers/uri_checker.rb +32 -0
- data/lib/doorkeeper/oauth/password_access_token_request.rb +84 -0
- data/lib/doorkeeper/oauth/pre_authorization.rb +62 -0
- data/lib/doorkeeper/oauth/refresh_token_request.rb +58 -0
- data/lib/doorkeeper/oauth/scopes.rb +60 -0
- data/lib/doorkeeper/oauth/token.rb +36 -0
- data/lib/doorkeeper/oauth/token_request.rb +28 -0
- data/lib/doorkeeper/oauth/token_response.rb +29 -0
- data/lib/doorkeeper/rails/routes.rb +90 -0
- data/lib/doorkeeper/rails/routes/mapper.rb +28 -0
- data/lib/doorkeeper/rails/routes/mapping.rb +39 -0
- data/lib/doorkeeper/request.rb +33 -0
- data/lib/doorkeeper/request/authorization_code.rb +23 -0
- data/lib/doorkeeper/request/client_credentials.rb +23 -0
- data/lib/doorkeeper/request/code.rb +24 -0
- data/lib/doorkeeper/request/password.rb +23 -0
- data/lib/doorkeeper/request/refresh_token.rb +23 -0
- data/lib/doorkeeper/request/token.rb +24 -0
- data/lib/doorkeeper/server.rb +54 -0
- data/lib/doorkeeper/validations.rb +30 -0
- data/lib/doorkeeper/version.rb +3 -0
- data/lib/generators/doorkeeper/application_owner_generator.rb +15 -0
- data/lib/generators/doorkeeper/install_generator.rb +12 -0
- data/lib/generators/doorkeeper/migration_generator.rb +15 -0
- data/lib/generators/doorkeeper/mongo_mapper/indexes_generator.rb +12 -0
- data/lib/generators/doorkeeper/templates/README +44 -0
- data/lib/generators/doorkeeper/templates/add_owner_to_application_migration.rb +7 -0
- data/lib/generators/doorkeeper/templates/indexes.rb +3 -0
- data/lib/generators/doorkeeper/templates/initializer.rb +67 -0
- data/lib/generators/doorkeeper/templates/migration.rb +42 -0
- data/lib/generators/doorkeeper/views_generator.rb +15 -0
- data/script/rails +6 -0
- data/script/run_all +14 -0
- data/spec/controllers/applications_controller_spec.rb +18 -0
- data/spec/controllers/authorizations_controller_spec.rb +154 -0
- data/spec/controllers/protected_resources_controller_spec.rb +304 -0
- data/spec/controllers/token_info_controller_spec.rb +54 -0
- data/spec/controllers/tokens_controller_spec.rb +36 -0
- data/spec/dummy/Rakefile +7 -0
- data/spec/dummy/app/assets/javascripts/application.js +9 -0
- data/spec/dummy/app/assets/stylesheets/application.css +7 -0
- data/spec/dummy/app/controllers/application_controller.rb +3 -0
- data/spec/dummy/app/controllers/custom_authorizations_controller.rb +7 -0
- data/spec/dummy/app/controllers/full_protected_resources_controller.rb +12 -0
- data/spec/dummy/app/controllers/home_controller.rb +17 -0
- data/spec/dummy/app/controllers/metal_controller.rb +11 -0
- data/spec/dummy/app/controllers/semi_protected_resources_controller.rb +11 -0
- data/spec/dummy/app/helpers/application_helper.rb +5 -0
- data/spec/dummy/app/models/user.rb +27 -0
- data/spec/dummy/app/views/home/index.html.erb +0 -0
- data/spec/dummy/app/views/layouts/application.html.erb +16 -0
- data/spec/dummy/config.ru +4 -0
- data/spec/dummy/config/application.rb +54 -0
- data/spec/dummy/config/boot.rb +6 -0
- data/spec/dummy/config/database.yml +15 -0
- data/spec/dummy/config/environment.rb +5 -0
- data/spec/dummy/config/environments/development.rb +30 -0
- data/spec/dummy/config/environments/production.rb +60 -0
- data/spec/dummy/config/environments/test.rb +39 -0
- data/spec/dummy/config/initializers/backtrace_silencers.rb +7 -0
- data/spec/dummy/config/initializers/doorkeeper.rb +56 -0
- data/spec/dummy/config/initializers/secret_token.rb +9 -0
- data/spec/dummy/config/initializers/session_store.rb +8 -0
- data/spec/dummy/config/initializers/wrap_parameters.rb +14 -0
- data/spec/dummy/config/locales/doorkeeper.en.yml +5 -0
- data/spec/dummy/config/mongo.yml +11 -0
- data/spec/dummy/config/mongoid2.yml +9 -0
- data/spec/dummy/config/mongoid3.yml +18 -0
- data/spec/dummy/config/routes.rb +38 -0
- data/spec/dummy/db/migrate/20111122132257_create_users.rb +9 -0
- data/spec/dummy/db/migrate/20120312140401_add_password_to_users.rb +5 -0
- data/spec/dummy/db/migrate/20120524202412_create_doorkeeper_tables.rb +44 -0
- data/spec/dummy/db/schema.rb +64 -0
- data/spec/dummy/public/404.html +26 -0
- data/spec/dummy/public/422.html +26 -0
- data/spec/dummy/public/500.html +26 -0
- data/spec/dummy/public/favicon.ico +0 -0
- data/spec/dummy/script/rails +6 -0
- data/spec/factories/access_grant.rb +9 -0
- data/spec/factories/access_token.rb +7 -0
- data/spec/factories/application.rb +6 -0
- data/spec/generators/application_owner_generator_spec.rb +23 -0
- data/spec/generators/install_generator_spec.rb +31 -0
- data/spec/generators/migration_generator_spec.rb +20 -0
- data/spec/generators/templates/routes.rb +3 -0
- data/spec/generators/views_generator_spec.rb +27 -0
- data/spec/lib/config_spec.rb +170 -0
- data/spec/lib/models/expirable_spec.rb +51 -0
- data/spec/lib/models/revocable_spec.rb +31 -0
- data/spec/lib/models/scopes_spec.rb +32 -0
- data/spec/lib/oauth/authorization/uri_builder_spec.rb +37 -0
- data/spec/lib/oauth/authorization_code_request_spec.rb +80 -0
- data/spec/lib/oauth/client/credentials_spec.rb +47 -0
- data/spec/lib/oauth/client/methods_spec.rb +54 -0
- data/spec/lib/oauth/client_credentials/creator_spec.rb +47 -0
- data/spec/lib/oauth/client_credentials/issuer_spec.rb +57 -0
- data/spec/lib/oauth/client_credentials/validation_spec.rb +29 -0
- data/spec/lib/oauth/client_credentials_integration_spec.rb +27 -0
- data/spec/lib/oauth/client_credentials_request_spec.rb +64 -0
- data/spec/lib/oauth/client_spec.rb +39 -0
- data/spec/lib/oauth/code_request_spec.rb +44 -0
- data/spec/lib/oauth/error_response_spec.rb +40 -0
- data/spec/lib/oauth/error_spec.rb +19 -0
- data/spec/lib/oauth/helpers/scope_checker_spec.rb +74 -0
- data/spec/lib/oauth/helpers/unique_token_spec.rb +20 -0
- data/spec/lib/oauth/helpers/uri_checker_spec.rb +64 -0
- data/spec/lib/oauth/password_access_token_request_spec.rb +65 -0
- data/spec/lib/oauth/pre_authorization_spec.rb +80 -0
- data/spec/lib/oauth/refresh_token_request_spec.rb +56 -0
- data/spec/lib/oauth/scopes_spec.rb +115 -0
- data/spec/lib/oauth/token_request_spec.rb +46 -0
- data/spec/lib/oauth/token_response_spec.rb +52 -0
- data/spec/lib/oauth/token_spec.rb +83 -0
- data/spec/lib/server_spec.rb +24 -0
- data/spec/models/doorkeeper/access_grant_spec.rb +36 -0
- data/spec/models/doorkeeper/access_token_spec.rb +153 -0
- data/spec/models/doorkeeper/application_spec.rb +162 -0
- data/spec/requests/applications/applications_request_spec.rb +92 -0
- data/spec/requests/applications/authorized_applications_spec.rb +30 -0
- data/spec/requests/endpoints/authorization_spec.rb +47 -0
- data/spec/requests/endpoints/token_spec.rb +46 -0
- data/spec/requests/flows/authorization_code_errors_spec.rb +66 -0
- data/spec/requests/flows/authorization_code_spec.rb +135 -0
- data/spec/requests/flows/client_credentials_spec.rb +58 -0
- data/spec/requests/flows/implicit_grant_errors_spec.rb +31 -0
- data/spec/requests/flows/implicit_grant_spec.rb +19 -0
- data/spec/requests/flows/password_spec.rb +78 -0
- data/spec/requests/flows/refresh_token_spec.rb +71 -0
- data/spec/requests/flows/skip_authorization_spec.rb +40 -0
- data/spec/requests/protected_resources/metal_spec.rb +14 -0
- data/spec/requests/protected_resources/private_api_spec.rb +50 -0
- data/spec/routing/custom_controller_routes_spec.rb +44 -0
- data/spec/routing/default_routes_spec.rb +32 -0
- data/spec/spec_helper.rb +2 -0
- data/spec/spec_helper_integration.rb +40 -0
- data/spec/support/dependencies/factory_girl.rb +2 -0
- data/spec/support/helpers/access_token_request_helper.rb +11 -0
- data/spec/support/helpers/authorization_request_helper.rb +32 -0
- data/spec/support/helpers/config_helper.rb +9 -0
- data/spec/support/helpers/model_helper.rb +45 -0
- data/spec/support/helpers/request_spec_helper.rb +72 -0
- data/spec/support/helpers/url_helper.rb +51 -0
- data/spec/support/orm/active_record.rb +11 -0
- data/spec/support/orm/mongo_mapper.rb +26 -0
- data/spec/support/orm/mongoid.rb +31 -0
- data/spec/support/shared/controllers_shared_context.rb +60 -0
- data/spec/support/shared/models_shared_examples.rb +60 -0
- data/spec/validators/redirect_uri_validator_spec.rb +47 -0
- data/vendor/assets/stylesheets/doorkeeper/bootstrap.min.css +356 -0
- metadata +430 -0
data/.gitignore
ADDED
data/.rspec
ADDED
@@ -0,0 +1 @@
|
|
1
|
+
--colour
|
data/.travis.yml
ADDED
@@ -0,0 +1,28 @@
|
|
1
|
+
language: ruby
|
2
|
+
rvm:
|
3
|
+
- 1.8.7
|
4
|
+
- 1.9.2
|
5
|
+
- 1.9.3
|
6
|
+
- 2.0.0
|
7
|
+
env:
|
8
|
+
- rails=3.2.8
|
9
|
+
- rails=3.2.13
|
10
|
+
- rails=3.1.8
|
11
|
+
- rails=edge
|
12
|
+
- orm=mongoid2
|
13
|
+
- orm=mongoid3
|
14
|
+
- orm=mongo_mapper
|
15
|
+
services:
|
16
|
+
- mongodb
|
17
|
+
matrix:
|
18
|
+
allow_failures:
|
19
|
+
- env: orm=mongoid2
|
20
|
+
exclude:
|
21
|
+
- rvm: 1.8.7
|
22
|
+
env: orm=mongoid3
|
23
|
+
- rvm: 1.9.2
|
24
|
+
env: orm=mongoid3
|
25
|
+
- rvm: 1.8.7
|
26
|
+
env: rails=edge
|
27
|
+
- rvm: 1.9.2
|
28
|
+
env: rails=edge
|
data/CHANGELOG.md
ADDED
@@ -0,0 +1,198 @@
|
|
1
|
+
# Changelog
|
2
|
+
|
3
|
+
## 0.6.7
|
4
|
+
|
5
|
+
- internals
|
6
|
+
- [#188] Add IDs to the show views for integration testing [@egtann](https://github.com/egtann)
|
7
|
+
|
8
|
+
## 0.6.6
|
9
|
+
|
10
|
+
- enhancements
|
11
|
+
- [#187] Raise error if configuration is not set
|
12
|
+
|
13
|
+
## 0.6.5
|
14
|
+
|
15
|
+
- enhancements
|
16
|
+
- [#184] Vendor the Bootstrap CSS [@tylerhunt](https://github.com/tylerhunt)
|
17
|
+
|
18
|
+
## 0.6.4
|
19
|
+
|
20
|
+
- bug
|
21
|
+
- [#180] Add localization to authorized_applications destroy notice [@aalvarado](https://github.com/aalvarado)
|
22
|
+
|
23
|
+
## 0.6.3
|
24
|
+
|
25
|
+
- bugfixes
|
26
|
+
- [#163] Error response content-type header should be application/json [@ggayan](https://github.com/ggayan)
|
27
|
+
- [#175] Make token.expires_in_seconds return nil when expires_in is nil [@miyagawa](https://github.com/miyagawa)
|
28
|
+
- enhancements
|
29
|
+
- [#166, #172, #174] Behavior to automatically authorize based on a configured proc
|
30
|
+
- internals
|
31
|
+
- [#168] Using expectation syntax for controller specs [@rdsoze](https://github.com/rdsoze)
|
32
|
+
|
33
|
+
## 0.6.2
|
34
|
+
|
35
|
+
- bugfixes
|
36
|
+
- [#162] Remove ownership columns from base migration template [@rdsoze](https://github.com/rdsoze)
|
37
|
+
|
38
|
+
## 0.6.1
|
39
|
+
|
40
|
+
- bugfixes
|
41
|
+
- [#160] Removed |routes| argument from initializer authenticator blocks
|
42
|
+
- documentation
|
43
|
+
- [#160] Fixed description of context of authenticator blocks
|
44
|
+
|
45
|
+
## 0.6.0
|
46
|
+
|
47
|
+
- enhancements
|
48
|
+
- Mongoid `orm` configuration accepts only :mongoid2 or :mongoid3
|
49
|
+
- Authorization endpoint does not redirect in #new action anymore. It wasn't specified by OAuth spec
|
50
|
+
- TokensController now inherits from ActionController::Metal. There might be performance upgrades
|
51
|
+
- Add link to authorization in Applications scaffold
|
52
|
+
- [#116] MongoMapper support [@carols10cents](https://github.com/carols10cents)
|
53
|
+
- [#122] Mongoid3 support [@petergoldstein](https://github.com/petergoldstein)
|
54
|
+
- [#150] Introduce test redirect uri for applications
|
55
|
+
- bugfixes
|
56
|
+
- [#157] Response token status should be `:ok`, not `:success` [@theycallmeswift](https://github.com/theycallmeswift)
|
57
|
+
- [#159] Remove ActionView::Base.field_error_proc override (fixes #145)
|
58
|
+
- internals
|
59
|
+
- Update development dependencies
|
60
|
+
- Several refactorings
|
61
|
+
- Rails/ORM are easily swichable with env vars (rails and orm)
|
62
|
+
- Travis now tests against Mongoid v2
|
63
|
+
|
64
|
+
## 0.5.0.rc1
|
65
|
+
|
66
|
+
Official support for rubinius was removed.
|
67
|
+
|
68
|
+
- enhancements
|
69
|
+
- Configure the way access token is retrieved from request (default to bearer header)
|
70
|
+
- Authorization Code expiration time is now configurable
|
71
|
+
- Add support for mongoid
|
72
|
+
- [#78, #128, #137, #138] Application Ownership
|
73
|
+
- [#92] Allow users to skip controllers
|
74
|
+
- [#99] Remove deprecated warnings for data-* attributes [@towerhe](https://github.com/towerhe)
|
75
|
+
- [#101] Return existing access_token for PasswordAccessTokenRequest [@benoist](https://github.com/benoist)
|
76
|
+
- [#104] Changed access token scopes example code to default_scopes and optional_scopes [@amkirwan](https://github.com/amkirwan)
|
77
|
+
- [#107] Fix typos in initializer
|
78
|
+
- [#123] i18n for validator, flash messages [@petergoldstein](https://github.com/petergoldstein)
|
79
|
+
- [#140] ActiveRecord is the default value for the ORM [@petergoldstein](https://github.com/petergoldstein)
|
80
|
+
- internals
|
81
|
+
- [#112, #120] Replacing update_attribute with update_column to eliminate deprecation warnings [@rmoriz](https://github.com/rmoriz), [@petergoldstein](https://github.com/petergoldstein)
|
82
|
+
- [#121] Updating all development dependencies to recent versions. [@petergoldstein](https://github.com/petergoldstein)
|
83
|
+
- [#144] Adding MongoDB dependency to .travis.yml [@petergoldstein](https://github.com/petergoldstein)
|
84
|
+
- [#143] Displays errors for unconfigured error messages [@timgaleckas](https://github.com/timgaleckas)
|
85
|
+
- bugfixes
|
86
|
+
- [#102] Not returning 401 when access token generation fails [@cslew](https://github.com/cslew)
|
87
|
+
- [#125] Doorkeeper is using ActiveRecord version of as_json in ORM agnostic code [@petergoldstein](https://github.com/petergoldstein)
|
88
|
+
- [#142] Prevent double submission of password based authentication [@bdurand](https://github.com/bdurand)
|
89
|
+
- documentation
|
90
|
+
- [#141] Add rack-cors middleware to readme [@gottfrois](https://github.com/gottfrois)
|
91
|
+
|
92
|
+
## 0.4.2
|
93
|
+
|
94
|
+
- bugfixes:
|
95
|
+
- [#94] Uninitialized Constant in Password Flow
|
96
|
+
|
97
|
+
## 0.4.1
|
98
|
+
|
99
|
+
- enhancements:
|
100
|
+
- Backport: Move doorkeeper_for extension to Filter helper
|
101
|
+
|
102
|
+
## 0.4.0
|
103
|
+
|
104
|
+
- deprecation
|
105
|
+
- Deprecate authorization_scopes
|
106
|
+
- database changes
|
107
|
+
- AccessToken#resource_owner_id is not nullable
|
108
|
+
- enhancements
|
109
|
+
- [#83] Add Resource Owner Password Credentials flow [@jaimeiniesta](https://github.com/jaimeiniesta)
|
110
|
+
- [#76] Allow token expiration to be disabled [@mattgreen](https://github.com/mattgreen)
|
111
|
+
- [#89] Configure the way client credentials are retrieved from request
|
112
|
+
- [#b6470a] Add Client Credentials flow
|
113
|
+
- internals
|
114
|
+
- [#2ece8d, #f93778] Introduce Client and ErrorResponse classes
|
115
|
+
|
116
|
+
## 0.3.4
|
117
|
+
|
118
|
+
- Fix attr_accessible for rails 3.2.x
|
119
|
+
|
120
|
+
## 0.3.3
|
121
|
+
|
122
|
+
- [#86] shrink gem package size
|
123
|
+
|
124
|
+
## 0.3.2
|
125
|
+
|
126
|
+
- enhancements
|
127
|
+
- [#54] Ignore Authorization: headers that are not Bearer [@miyagawa](https://github.com/miyagawa)
|
128
|
+
- [#58, #64] Add destroy action to applications endpoint [@jaimeiniesta](https://github.com/jaimeiniesta), [@davidfrey](https://github.com/davidfrey)
|
129
|
+
- [#63] TokensController responds with `401 unauthorized` [@jaimeiniesta](https://github.com/jaimeiniesta)
|
130
|
+
- [#67, #72] Fix for mass-assignment [@cicloid](https://github.com/cicloid)
|
131
|
+
- internals
|
132
|
+
- [#49] Add Gemnasium status image to README [@laserlemon](https://github.com/laserlemon)
|
133
|
+
- [#50] Fix typos [@tomekw](https://github.com/tomekw)
|
134
|
+
- [#51] Updated the factory_girl_rails dependency, fix expires_in response which returned a float number instead of integer [@antekpiechnik](https://github.com/antekpiechnik)
|
135
|
+
- [#62] Typos, .gitignore [@jaimeiniesta](https://github.com/jaimeiniesta)
|
136
|
+
- [#65] Change _path redirections to _url redirections [@jaimeiniesta](https://github.com/jaimeiniesta)
|
137
|
+
- [#75] Fix unknown method #authenticate_admin! [@mattgreen](https://github.com/mattgreen)
|
138
|
+
- Remove application link in authorized app view
|
139
|
+
|
140
|
+
## 0.3.1
|
141
|
+
|
142
|
+
- enhancements
|
143
|
+
- [#48] Add if, else options to doorkeeper_for
|
144
|
+
- Add views generator
|
145
|
+
- internals
|
146
|
+
- Namespace models
|
147
|
+
|
148
|
+
## 0.3.0
|
149
|
+
|
150
|
+
- enhancements
|
151
|
+
- [#17, #31] Add support for client credentials in basic auth header [@GoldsteinTechPartners](https://github.com/GoldsteinTechPartners)
|
152
|
+
- [#28] Add indices to migration [@GoldsteinTechPartners](https://github.com/GoldsteinTechPartners)
|
153
|
+
- [#29] Allow doorkeeper to run with rails 3.2 [@john-griffin](https://github.com/john-griffin)
|
154
|
+
- [#30] Improve client's redirect uri validation [@GoldsteinTechPartners](https://github.com/GoldsteinTechPartners)
|
155
|
+
- [#32] Add token (implicit grant) flow [@GoldsteinTechPartners](https://github.com/GoldsteinTechPartners)
|
156
|
+
- [#34] Add support for custom unathorized responses [@GoldsteinTechPartners](https://github.com/GoldsteinTechPartners)
|
157
|
+
- [#36] Remove repetitions from the Authorised Applications view [@carvil](https://github.com/carvil)
|
158
|
+
- When user revoke an application, all tokens for that application are revoked
|
159
|
+
- Error messages now can be translated
|
160
|
+
- Install generator copies the error messages localization file
|
161
|
+
- internals
|
162
|
+
- Fix deprecation warnings in ActiveSupport::Base64
|
163
|
+
- Remove deprecation in doorkeeper_for that handles hash arguments
|
164
|
+
- Depends on railties instead of whole rails framework
|
165
|
+
- CI now integrates with rails 3.1 and 3.2
|
166
|
+
|
167
|
+
## 0.2.0
|
168
|
+
|
169
|
+
- enhancements
|
170
|
+
- [#4] Add authorized applications endpoint
|
171
|
+
- [#5, #11] Add access token scopes
|
172
|
+
- [#10] Add access token expiration by default
|
173
|
+
- [#9, #12] Add refresh token flow
|
174
|
+
- internals
|
175
|
+
- [#7] Improve configuration options with :default
|
176
|
+
- Improve configuration options with :builder
|
177
|
+
- Refactor config class
|
178
|
+
- Improve coverage of authorization request integration
|
179
|
+
- bug fixes
|
180
|
+
- [#6, #20] Fix access token response headers
|
181
|
+
- Fix issue with state parameter
|
182
|
+
- deprecation
|
183
|
+
- deprecate :only and :except options in doorkeeper_for
|
184
|
+
|
185
|
+
## 0.1.1
|
186
|
+
|
187
|
+
- enhancements
|
188
|
+
- [#3] Authorization code must be short lived and single use
|
189
|
+
- [#2] Improve views provided by doorkeeper
|
190
|
+
- [#1] Skips authorization form if the client has been authorized by the resource owner
|
191
|
+
- Improve readme
|
192
|
+
- bugfixes
|
193
|
+
- Fix issue when creating the access token (wrong client id)
|
194
|
+
|
195
|
+
## 0.1.0
|
196
|
+
|
197
|
+
- Authorization Code flow
|
198
|
+
- OAuth applications endpoint
|
data/Gemfile
ADDED
@@ -0,0 +1,32 @@
|
|
1
|
+
# Defaults. For supported versions check .travis.yml
|
2
|
+
ENV['rails'] ||= '3.2.8'
|
3
|
+
ENV['orm'] ||= 'active_record'
|
4
|
+
|
5
|
+
source 'https://rubygems.org'
|
6
|
+
|
7
|
+
gem 'jquery-rails'
|
8
|
+
|
9
|
+
# Define Rails version
|
10
|
+
rails_version = ENV['rails'].match(/edge/) ? {:github => 'rails/rails'} : ENV['rails']
|
11
|
+
gem 'rails', rails_version
|
12
|
+
|
13
|
+
gem 'database_cleaner', '~> 1.0.0.RC1' if rails_version.is_a?(Hash)
|
14
|
+
|
15
|
+
case ENV['orm']
|
16
|
+
when 'active_record'
|
17
|
+
gem 'activerecord'
|
18
|
+
|
19
|
+
when 'mongoid2'
|
20
|
+
gem 'mongoid', '2.5.1'
|
21
|
+
gem 'bson_ext', '~> 1.7'
|
22
|
+
|
23
|
+
when 'mongoid3'
|
24
|
+
gem 'mongoid', '3.0.10'
|
25
|
+
|
26
|
+
when 'mongo_mapper'
|
27
|
+
gem 'mongo_mapper', '0.12.0'
|
28
|
+
gem 'bson_ext', '~> 1.7'
|
29
|
+
|
30
|
+
end
|
31
|
+
|
32
|
+
gemspec
|
data/MIT-LICENSE
ADDED
@@ -0,0 +1,20 @@
|
|
1
|
+
Copyright 2011 Applicake. http://applicake.com
|
2
|
+
|
3
|
+
Permission is hereby granted, free of charge, to any person obtaining
|
4
|
+
a copy of this software and associated documentation files (the
|
5
|
+
"Software"), to deal in the Software without restriction, including
|
6
|
+
without limitation the rights to use, copy, modify, merge, publish,
|
7
|
+
distribute, sublicense, and/or sell copies of the Software, and to
|
8
|
+
permit persons to whom the Software is furnished to do so, subject to
|
9
|
+
the following conditions:
|
10
|
+
|
11
|
+
The above copyright notice and this permission notice shall be
|
12
|
+
included in all copies or substantial portions of the Software.
|
13
|
+
|
14
|
+
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
|
15
|
+
EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
|
16
|
+
MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
|
17
|
+
NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
|
18
|
+
LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
|
19
|
+
OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
|
20
|
+
WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
|
data/README.md
ADDED
@@ -0,0 +1,290 @@
|
|
1
|
+
# Doorkeeper - awesome oauth provider for your Rails app.
|
2
|
+
|
3
|
+
[![Build Status](https://travis-ci.org/applicake/doorkeeper.png?branch=master)](https://travis-ci.org/applicake/doorkeeper)
|
4
|
+
[![Dependency Status](https://gemnasium.com/applicake/doorkeeper.png?travis)](https://gemnasium.com/applicake/doorkeeper)
|
5
|
+
[![Code Climate](https://codeclimate.com/github/applicake/doorkeeper.png)](https://codeclimate.com/github/applicake/doorkeeper)
|
6
|
+
[![Gem Version](https://badge.fury.io/rb/doorkeeper.png)](https://rubygems.org/gems/doorkeeper)
|
7
|
+
|
8
|
+
Doorkeeper is a gem that makes it easy to introduce OAuth 2 provider functionality to your application.
|
9
|
+
|
10
|
+
The gem is under constant development. It is based in the [version 22 of the OAuth specification](http://tools.ietf.org/html/draft-ietf-oauth-v2-22) and it still does not support all OAuth features.
|
11
|
+
|
12
|
+
## Useful links
|
13
|
+
|
14
|
+
- For documentation, please check out our [wiki](https://github.com/applicake/doorkeeper/wiki)
|
15
|
+
- For general questions, please post it in our [google groups](https://groups.google.com/forum/?fromgroups#!forum/doorkeeper-gem) or [stack overflow](http://stackoverflow.com/questions/tagged/doorkeeper)
|
16
|
+
|
17
|
+
## Requirements
|
18
|
+
|
19
|
+
- Ruby 1.8.7, 1.9.2 or 1.9.3
|
20
|
+
- Rails 3.1.x or 3.2.x
|
21
|
+
- ORM ActiveRecord, Mongoid 2, Mongoid 3 or MongoMapper
|
22
|
+
|
23
|
+
## Installation
|
24
|
+
|
25
|
+
Put this in your Gemfile:
|
26
|
+
|
27
|
+
``` ruby
|
28
|
+
gem 'doorkeeper', '~> 0.6.7'
|
29
|
+
```
|
30
|
+
|
31
|
+
Run the installation generator with:
|
32
|
+
|
33
|
+
rails generate doorkeeper:install
|
34
|
+
|
35
|
+
This will install the doorkeeper initializer into `config/initializers/doorkeeper.rb`.
|
36
|
+
|
37
|
+
## Configuration
|
38
|
+
|
39
|
+
### Active Record
|
40
|
+
|
41
|
+
By default doorkeeper is configured to use active record, so to start you have to generate the migration tables:
|
42
|
+
|
43
|
+
rails generate doorkeeper:migration
|
44
|
+
|
45
|
+
Don't forget to run the migration with:
|
46
|
+
|
47
|
+
rake db:migrate
|
48
|
+
|
49
|
+
### Mongoid / MongoMapper
|
50
|
+
|
51
|
+
Doorkeeper currently supports MongoMapper, Mongoid 2 and 3. To start using it, you have to set the `orm` configuration:
|
52
|
+
|
53
|
+
``` ruby
|
54
|
+
Doorkeeper.configure do
|
55
|
+
orm :mongoid2 # or :mongoid3, :mongo_mapper
|
56
|
+
end
|
57
|
+
```
|
58
|
+
|
59
|
+
#### Mongoid indexes
|
60
|
+
|
61
|
+
Make sure you create indexes for doorkeeper models. You can do this either by running `rake db:mongoid:create_indexes` or (if you're using Mongoid 2) by adding `autocreate_indexes: true` to your `config/mongoid.yml`
|
62
|
+
|
63
|
+
#### MongoMapper indexes
|
64
|
+
|
65
|
+
Generate the `db/indexes.rb` file and create indexes for the doorkeeper models:
|
66
|
+
|
67
|
+
rails generate doorkeeper:mongo_mapper:indexes
|
68
|
+
rake db:index
|
69
|
+
|
70
|
+
### Routes
|
71
|
+
|
72
|
+
The installation script will also automatically add the Doorkeeper routes into your app, like this:
|
73
|
+
|
74
|
+
``` ruby
|
75
|
+
Rails.application.routes.draw do
|
76
|
+
use_doorkeeper
|
77
|
+
# your routes
|
78
|
+
end
|
79
|
+
```
|
80
|
+
|
81
|
+
This will mount following routes:
|
82
|
+
|
83
|
+
GET /oauth/authorize
|
84
|
+
POST /oauth/authorize
|
85
|
+
DELETE /oauth/authorize
|
86
|
+
POST /oauth/token
|
87
|
+
resources /oauth/applications
|
88
|
+
|
89
|
+
For more information on how to customize routes, check out [this page on the wiki](https://github.com/applicake/doorkeeper/wiki/Customizing-routes).
|
90
|
+
|
91
|
+
### Authenticating
|
92
|
+
|
93
|
+
You need to configure Doorkeeper in order to provide resource_owner model and authentication block `initializers/doorkeeper.rb`
|
94
|
+
|
95
|
+
``` ruby
|
96
|
+
Doorkeeper.configure do
|
97
|
+
resource_owner_authenticator do
|
98
|
+
User.find(session[:current_user_id]) || redirect_to(login_url)
|
99
|
+
end
|
100
|
+
end
|
101
|
+
```
|
102
|
+
|
103
|
+
This code is run in the context of your application so you have access to your models, session or routes helpers. However,
|
104
|
+
since this code is not run in the context of your application's ApplicationController it doesn't have access
|
105
|
+
to the methods defined over there.
|
106
|
+
|
107
|
+
If you use [devise](https://github.com/plataformatec/devise), you may want to use warden to authenticate the block:
|
108
|
+
|
109
|
+
``` ruby
|
110
|
+
resource_owner_authenticator do
|
111
|
+
current_user || warden.authenticate!(:scope => :user)
|
112
|
+
end
|
113
|
+
```
|
114
|
+
|
115
|
+
Side note: when using devise you have access to current_user as devise extends entire ActionController::Base with the current_#{mapping}.
|
116
|
+
|
117
|
+
If you are not using devise, you may want to check other ways of authentication [here](https://github.com/applicake/doorkeeper/wiki/Authenticating-using-Clearance-DIY).
|
118
|
+
|
119
|
+
## Protecting resources with OAuth (a.k.a your API endpoint)
|
120
|
+
|
121
|
+
To protect your API with OAuth, doorkeeper only requires you to call `doorkeeper_for` helper, specifying the actions you want to protect.
|
122
|
+
|
123
|
+
For example, if you have a products controller under api/v1, you can require the OAuth authentication with:
|
124
|
+
|
125
|
+
``` ruby
|
126
|
+
class Api::V1::ProductsController < Api::V1::ApiController
|
127
|
+
doorkeeper_for :all # Require access token for all actions
|
128
|
+
doorkeeper_for :all, :except => :index # All actions except index
|
129
|
+
doorkeeper_for :index, :show # Only for index and show action
|
130
|
+
|
131
|
+
# your actions
|
132
|
+
end
|
133
|
+
```
|
134
|
+
|
135
|
+
You don't need to setup any before filter, `doorkeeper_for` will handle that for you.
|
136
|
+
|
137
|
+
You can pass `if` or `unless` blocks that would specify when doorkeeper has to guard the access.
|
138
|
+
|
139
|
+
``` ruby
|
140
|
+
class Api::V1::ProductsController < Api::V1::ApiController
|
141
|
+
doorkeeper_for :all, :if => lambda { request.xhr? }
|
142
|
+
end
|
143
|
+
```
|
144
|
+
|
145
|
+
### ActionController::Metal integration and other integrations
|
146
|
+
|
147
|
+
The `doorkeeper_for` filter is intended to work with ActionController::Metal too. You only need to include the required `ActionController` modules:
|
148
|
+
|
149
|
+
```ruby
|
150
|
+
class MetalController < ActionController::Metal
|
151
|
+
include AbstractController::Callbacks
|
152
|
+
include ActionController::Head
|
153
|
+
include Doorkeeper::Helpers::Filter
|
154
|
+
|
155
|
+
doorkeeper_for :all
|
156
|
+
end
|
157
|
+
```
|
158
|
+
|
159
|
+
For more information about integration and other integrations, check out [the related wiki page](https://github.com/applicake/doorkeeper/wiki/ActionController::Metal-with-doorkeeper).
|
160
|
+
|
161
|
+
### Access Token Scopes
|
162
|
+
|
163
|
+
You can also require the access token to have specific scopes in certain actions:
|
164
|
+
|
165
|
+
First configure the scopes in `initializers/doorkeeper.rb`
|
166
|
+
|
167
|
+
```ruby
|
168
|
+
Doorkeeper.configure do
|
169
|
+
default_scopes :public # if no scope was requested, this will be the default
|
170
|
+
optional_scopes :admin, :write
|
171
|
+
end
|
172
|
+
```
|
173
|
+
|
174
|
+
The in your controllers:
|
175
|
+
|
176
|
+
```ruby
|
177
|
+
class Api::V1::ProductsController < Api::V1::ApiController
|
178
|
+
doorkeeper_for :index, :show, :scopes => [:public]
|
179
|
+
doorkeeper_for :update, :create, :scopes => [:admin, :write]
|
180
|
+
end
|
181
|
+
```
|
182
|
+
|
183
|
+
For a more detailed explanation about scopes usage, check out the related [page in the wiki](https://github.com/applicake/doorkeeper/wiki/Using-Scopes).
|
184
|
+
|
185
|
+
### Authenticated resource owner
|
186
|
+
|
187
|
+
If you want to return data based on the current resource owner, in other words, the access token owner, you may want to define a method in your controller that returns the resource owner instance:
|
188
|
+
|
189
|
+
``` ruby
|
190
|
+
class Api::V1::CredentialsController < Api::V1::ApiController
|
191
|
+
doorkeeper_for :all
|
192
|
+
respond_to :json
|
193
|
+
|
194
|
+
# GET /me.json
|
195
|
+
def me
|
196
|
+
respond_with current_resource_owner
|
197
|
+
end
|
198
|
+
|
199
|
+
private
|
200
|
+
|
201
|
+
# Find the user that owns the access token
|
202
|
+
def current_resource_owner
|
203
|
+
User.find(doorkeeper_token.resource_owner_id) if doorkeeper_token
|
204
|
+
end
|
205
|
+
end
|
206
|
+
```
|
207
|
+
|
208
|
+
In this example, we're returning the credentials (`me.json`) of the access token owner.
|
209
|
+
|
210
|
+
### Applications list
|
211
|
+
|
212
|
+
By default, the applications list (`/oauth/applications`) is public available. To protect the endpoint you should uncomment these lines:
|
213
|
+
|
214
|
+
```ruby
|
215
|
+
# config/initializers/doorkeeper.rb
|
216
|
+
Doorkeeper.configure do
|
217
|
+
admin_authenticator do |routes|
|
218
|
+
Admin.find_by_id(session[:admin_id]) || redirect_to(routes.new_admin_session_url)
|
219
|
+
end
|
220
|
+
end
|
221
|
+
```
|
222
|
+
|
223
|
+
The logic is the same as the `resource_owner_authenticator` block. **Note:** since the application list is just a scaffold, it's recommended to either customize the controller used by the list or skip the controller at all. For more information see the page [in the wiki](https://github.com/applicake/doorkeeper/wiki/Customizing-routes).
|
224
|
+
|
225
|
+
## Other customizations
|
226
|
+
|
227
|
+
- [Associate users to OAuth applications (ownership)](https://github.com/applicake/doorkeeper/wiki/Associate-users-to-OAuth-applications-%28ownership%29)
|
228
|
+
- [CORS - Cross Origin Resource Sharing](https://github.com/applicake/doorkeeper/wiki/%5BCORS%5D-Cross-Origin-Resource-Sharing)
|
229
|
+
|
230
|
+
## Upgrading
|
231
|
+
|
232
|
+
If you want to upgrade doorkeeper to a new version, check out the [upgrading notes](https://github.com/applicake/doorkeeper/wiki/Migration-from-old-versions) and take a look at the [changelog](https://github.com/applicake/doorkeeper/blob/master/CHANGELOG.md).
|
233
|
+
|
234
|
+
### Development
|
235
|
+
|
236
|
+
To run the local engine server:
|
237
|
+
|
238
|
+
```
|
239
|
+
rails=3.2.8 orm=active_record bundle install
|
240
|
+
rails=3.2.8 orm=active_record bundle exec rails server
|
241
|
+
````
|
242
|
+
|
243
|
+
By default, it uses the latest Rails version with ActiveRecord. To run the tests:
|
244
|
+
|
245
|
+
```
|
246
|
+
rails=3.2.8 orm=active_record bundle exec rake
|
247
|
+
```
|
248
|
+
|
249
|
+
Or you might prefer to run `script/run_all` to integrate against all ORMs.
|
250
|
+
|
251
|
+
### Contributing
|
252
|
+
|
253
|
+
Want to contribute and don't know where to start? Check out [features we're missing](https://github.com/applicake/doorkeeper/wiki/Supported-Features), create [example apps](https://github.com/applicake/doorkeeper/wiki/Example-Applications), integrate the gem with your app and let us know!
|
254
|
+
|
255
|
+
Also, check out our [contributing guidelines page](https://github.com/applicake/doorkeeper/wiki/Contributing).
|
256
|
+
|
257
|
+
## Other resources
|
258
|
+
|
259
|
+
### Wiki
|
260
|
+
|
261
|
+
You can find everything about doorkeeper in our [wiki here](https://github.com/applicake/doorkeeper/wiki).
|
262
|
+
|
263
|
+
### Live demo
|
264
|
+
|
265
|
+
Check out this [live demo](http://doorkeeper-provider.herokuapp.com) hosted on heroku. For more demos check out [the wiki](https://github.com/applicake/doorkeeper/wiki/Example-Applications).
|
266
|
+
|
267
|
+
### Screencast
|
268
|
+
|
269
|
+
Check out this screencast from [railscasts.com](http://railscasts.com/): [#353 OAuth with Doorkeeper](http://railscasts.com/episodes/353-oauth-with-doorkeeper)
|
270
|
+
|
271
|
+
### Client applications
|
272
|
+
|
273
|
+
After you set up the provider, you may want to create a client application to test the integration. Check out these [client examples](https://github.com/applicake/doorkeeper/wiki/Example-Applications) in our wiki or follow this [tutorial here](https://github.com/applicake/doorkeeper/wiki/Testing-your-provider-with-OAuth2-gem).
|
274
|
+
|
275
|
+
### Supported ruby versions
|
276
|
+
|
277
|
+
All supported ruby versions are [listed here](https://github.com/applicake/doorkeeper/wiki/Supported-Ruby-&-Rails-versions).
|
278
|
+
|
279
|
+
### Maintainers
|
280
|
+
|
281
|
+
- Felipe Elias Philipp - [coderwall.com/felipeelias](http://coderwall.com/felipeelias)
|
282
|
+
- Piotr Jakubowski - [coderwall.com/piotrj](http://coderwall.com/piotrj)
|
283
|
+
|
284
|
+
### Contributors
|
285
|
+
|
286
|
+
Thanks to all our [awesome contributors](https://github.com/applicake/doorkeeper/contributors)!
|
287
|
+
|
288
|
+
### License
|
289
|
+
|
290
|
+
MIT License. Copyright 2011 Applicake. [http://applicake.com](http://applicake.com)
|