devise-doorkeeper 1.0.0 → 1.0.1

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: b32e3b86de27da2f97a03d959bd4bdafc5821b08
4
- data.tar.gz: a5b8239896405c7888b4213d0f7903f4fa10d263
3
+ metadata.gz: 86671a2c38cb4de8ee35adcc31882b88fc3b4c24
4
+ data.tar.gz: d6e06702ab8a1b5c9cca0db54b163a05f39f1dad
5
5
  SHA512:
6
- metadata.gz: a0adc93f22dc8297d771c089f50832be2c14efb98a326b38ddc5fc3c1304d671b99ef41f911f356a89f87183fd256ad1c54afc73e3fd8dbaf9c990782b42e681
7
- data.tar.gz: 9b4475443e7152d35fe81fa6f89108ac2395c898cdba0fce01e42f62f60ab981d79af1a2e92d01221d4749487a73f0e03214087595a1d0a399dffa50f5240e1d
6
+ metadata.gz: a0532a3a220ce25b987e937a49198e1035448647b2a85f870a39a99555e8ef88c7f919a839501755c1f2fc7ef358cad018985f8925cce4cc44989cd6336ad074
7
+ data.tar.gz: ce9de5eb268a458ce419bae539c0d7a2640bdde424feccb0c7704e72aa35f2f4db78f3483349998a92072615c0ec9f2b91384aa17c8394d59ac886f371cae90f
@@ -0,0 +1 @@
1
+ 2.1.5
data/README.md CHANGED
@@ -60,6 +60,16 @@ class CommentsController < ApplicationController
60
60
  end
61
61
  ```
62
62
 
63
+ #### (optional) Disable session storage
64
+ Most API's should not create sessions for each API request.
65
+ This can be configured via the Devise `skip_session_storage` setting.
66
+
67
+ ```ruby
68
+ # config/initializers/devise.rb
69
+ config.skip_session_storage = [:http_auth] # this is the default devise config
70
+ config.skip_session_storage << :doorkeeper # disable session storage for oauth requests
71
+ ```
72
+
63
73
  ## [ Contributing ](CONTRIBUTING.md)
64
74
 
65
75
  1. Fork it ( https://github.com/betterup/devise-doorkeeper/fork )
@@ -1,5 +1,5 @@
1
1
  module Devise
2
2
  module Doorkeeper
3
- VERSION = "1.0.0"
3
+ VERSION = '1.0.1'
4
4
  end
5
5
  end
@@ -20,6 +20,22 @@ module Devise
20
20
  end
21
21
  end
22
22
 
23
+ # override base class implementation
24
+ # allow for Rails application to configure
25
+ # skipping session storage for doorkeeper requests
26
+ # see Devise skip_session_storage configuration
27
+ def authentication_type
28
+ :doorkeeper
29
+ end
30
+
31
+ # override base class implementation
32
+ # API requests should *not* reset the user's
33
+ # CSRF token which triggers rails to set the
34
+ # session_id key and send cookies to users
35
+ def clean_up_csrf?
36
+ false
37
+ end
38
+
23
39
  private
24
40
 
25
41
  def resource_from_token
@@ -78,6 +78,7 @@ Devise.setup do |config|
78
78
  # may want to disable generating routes to Devise's sessions controller by
79
79
  # passing skip: :sessions to `devise_for` in your config/routes.rb
80
80
  config.skip_session_storage = [:http_auth]
81
+ config.skip_session_storage << :doorkeeper
81
82
 
82
83
  # By default, Devise cleans up the CSRF token on authentication to
83
84
  # avoid CSRF token fixation attacks. This means that, when using AJAX
@@ -14,6 +14,9 @@ RSpec.describe 'OAuth bearer token requests', type: :request do
14
14
  get request_path, params, headers
15
15
  end
16
16
  it { expect(response.status).to eq 200 }
17
+ it 'does not send Set-Cookie headers' do
18
+ expect(response.headers).to_not include 'Set-Cookie'
19
+ end
17
20
  end
18
21
  context 'with expired access token' do
19
22
  with :access_token, expires_in: 0
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: devise-doorkeeper
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.0.0
4
+ version: 1.0.1
5
5
  platform: ruby
6
6
  authors:
7
7
  - Ryan Sonnek
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2015-01-20 00:00:00.000000000 Z
11
+ date: 2015-03-18 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: rails
@@ -201,6 +201,7 @@ extensions: []
201
201
  extra_rdoc_files: []
202
202
  files:
203
203
  - ".gitignore"
204
+ - ".ruby-version"
204
205
  - ".travis.yml"
205
206
  - Gemfile
206
207
  - LICENSE.txt
@@ -294,7 +295,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
294
295
  version: '0'
295
296
  requirements: []
296
297
  rubyforge_project:
297
- rubygems_version: 2.4.5
298
+ rubygems_version: 2.2.2
298
299
  signing_key:
299
300
  specification_version: 4
300
301
  summary: Integrate Doorkeeper OAuth2 tokens into Devise applications