devise-doorkeeper 1.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (75) hide show
  1. checksums.yaml +7 -0
  2. data/.gitignore +17 -0
  3. data/.travis.yml +1 -0
  4. data/Gemfile +4 -0
  5. data/LICENSE.txt +22 -0
  6. data/README.md +69 -0
  7. data/Rakefile +18 -0
  8. data/devise-doorkeeper.gemspec +35 -0
  9. data/lib/devise/doorkeeper.rb +24 -0
  10. data/lib/devise/doorkeeper/version.rb +5 -0
  11. data/lib/devise/strategies/doorkeeper.rb +53 -0
  12. data/spec/dummy/.rspec +2 -0
  13. data/spec/dummy/README.rdoc +28 -0
  14. data/spec/dummy/Rakefile +6 -0
  15. data/spec/dummy/app/assets/images/.keep +0 -0
  16. data/spec/dummy/app/assets/javascripts/application.js +13 -0
  17. data/spec/dummy/app/assets/stylesheets/application.css +15 -0
  18. data/spec/dummy/app/controllers/application_controller.rb +5 -0
  19. data/spec/dummy/app/controllers/concerns/.keep +0 -0
  20. data/spec/dummy/app/controllers/example_controller.rb +7 -0
  21. data/spec/dummy/app/controllers/welcome_controller.rb +2 -0
  22. data/spec/dummy/app/helpers/application_helper.rb +2 -0
  23. data/spec/dummy/app/mailers/.keep +0 -0
  24. data/spec/dummy/app/models/.keep +0 -0
  25. data/spec/dummy/app/models/concerns/.keep +0 -0
  26. data/spec/dummy/app/models/user.rb +7 -0
  27. data/spec/dummy/app/views/layouts/application.html.erb +14 -0
  28. data/spec/dummy/app/views/welcome/index.html.erb +0 -0
  29. data/spec/dummy/bin/bundle +3 -0
  30. data/spec/dummy/bin/rails +4 -0
  31. data/spec/dummy/bin/rake +4 -0
  32. data/spec/dummy/config.ru +4 -0
  33. data/spec/dummy/config/application.rb +28 -0
  34. data/spec/dummy/config/boot.rb +5 -0
  35. data/spec/dummy/config/database.yml +25 -0
  36. data/spec/dummy/config/environment.rb +5 -0
  37. data/spec/dummy/config/environments/development.rb +37 -0
  38. data/spec/dummy/config/environments/production.rb +78 -0
  39. data/spec/dummy/config/environments/test.rb +39 -0
  40. data/spec/dummy/config/initializers/assets.rb +8 -0
  41. data/spec/dummy/config/initializers/backtrace_silencers.rb +7 -0
  42. data/spec/dummy/config/initializers/cookies_serializer.rb +3 -0
  43. data/spec/dummy/config/initializers/devise.rb +259 -0
  44. data/spec/dummy/config/initializers/doorkeeper.rb +108 -0
  45. data/spec/dummy/config/initializers/filter_parameter_logging.rb +4 -0
  46. data/spec/dummy/config/initializers/inflections.rb +16 -0
  47. data/spec/dummy/config/initializers/mime_types.rb +4 -0
  48. data/spec/dummy/config/initializers/session_store.rb +3 -0
  49. data/spec/dummy/config/initializers/wrap_parameters.rb +14 -0
  50. data/spec/dummy/config/locales/devise.en.yml +60 -0
  51. data/spec/dummy/config/locales/doorkeeper.en.yml +151 -0
  52. data/spec/dummy/config/locales/en.yml +23 -0
  53. data/spec/dummy/config/routes.rb +5 -0
  54. data/spec/dummy/config/secrets.yml +22 -0
  55. data/spec/dummy/db/migrate/20150120154622_create_users.rb +8 -0
  56. data/spec/dummy/db/migrate/20150120154657_create_doorkeeper_tables.rb +42 -0
  57. data/spec/dummy/db/migrate/20150120162830_add_devise_to_users.rb +49 -0
  58. data/spec/dummy/db/schema.rb +80 -0
  59. data/spec/dummy/lib/assets/.keep +0 -0
  60. data/spec/dummy/log/.keep +0 -0
  61. data/spec/dummy/public/404.html +67 -0
  62. data/spec/dummy/public/422.html +67 -0
  63. data/spec/dummy/public/500.html +66 -0
  64. data/spec/dummy/public/favicon.ico +0 -0
  65. data/spec/factories/access_tokens.rb +6 -0
  66. data/spec/factories/applications.rb +8 -0
  67. data/spec/factories/users.rb +8 -0
  68. data/spec/rails_helper.rb +50 -0
  69. data/spec/requests/oauth/bearer_tokens_spec.rb +57 -0
  70. data/spec/requests/oauth/password_grant_spec.rb +68 -0
  71. data/spec/spec_helper.rb +81 -0
  72. data/spec/support/factory_girl.rb +6 -0
  73. data/spec/support/json_spec.rb +4 -0
  74. data/spec/support/pry.rb +1 -0
  75. metadata +365 -0
@@ -0,0 +1,49 @@
1
+ class AddDeviseToUsers < ActiveRecord::Migration
2
+ def self.up
3
+ change_table(:users) do |t|
4
+ ## Database authenticatable
5
+ t.string :email, null: false, default: ""
6
+ t.string :encrypted_password, null: false, default: ""
7
+
8
+ ## Recoverable
9
+ t.string :reset_password_token
10
+ t.datetime :reset_password_sent_at
11
+
12
+ ## Rememberable
13
+ t.datetime :remember_created_at
14
+
15
+ ## Trackable
16
+ t.integer :sign_in_count, default: 0, null: false
17
+ t.datetime :current_sign_in_at
18
+ t.datetime :last_sign_in_at
19
+ t.string :current_sign_in_ip
20
+ t.string :last_sign_in_ip
21
+
22
+ ## Confirmable
23
+ # t.string :confirmation_token
24
+ # t.datetime :confirmed_at
25
+ # t.datetime :confirmation_sent_at
26
+ # t.string :unconfirmed_email # Only if using reconfirmable
27
+
28
+ ## Lockable
29
+ # t.integer :failed_attempts, default: 0, null: false # Only if lock strategy is :failed_attempts
30
+ # t.string :unlock_token # Only if unlock strategy is :email or :both
31
+ # t.datetime :locked_at
32
+
33
+
34
+ # Uncomment below if timestamps were not included in your original model.
35
+ # t.timestamps
36
+ end
37
+
38
+ add_index :users, :email, unique: true
39
+ add_index :users, :reset_password_token, unique: true
40
+ # add_index :users, :confirmation_token, unique: true
41
+ # add_index :users, :unlock_token, unique: true
42
+ end
43
+
44
+ def self.down
45
+ # By default, we don't want to make any assumption about how to roll back a migration when your
46
+ # model already existed. Please edit below which fields you would like to remove in this migration.
47
+ raise ActiveRecord::IrreversibleMigration
48
+ end
49
+ end
@@ -0,0 +1,80 @@
1
+ # encoding: UTF-8
2
+ # This file is auto-generated from the current state of the database. Instead
3
+ # of editing this file, please use the migrations feature of Active Record to
4
+ # incrementally modify your database, and then regenerate this schema definition.
5
+ #
6
+ # Note that this schema.rb definition is the authoritative source for your
7
+ # database schema. If you need to create the application database on another
8
+ # system, you should be using db:schema:load, not running all the migrations
9
+ # from scratch. The latter is a flawed and unsustainable approach (the more migrations
10
+ # you'll amass, the slower it'll run and the greater likelihood for issues).
11
+ #
12
+ # It's strongly recommended that you check this file into your version control system.
13
+
14
+ ActiveRecord::Schema.define(version: 20150120162830) do
15
+
16
+ create_table "oauth_access_grants", force: :cascade do |t|
17
+ t.integer "resource_owner_id", null: false
18
+ t.integer "application_id", null: false
19
+ t.string "token", null: false
20
+ t.integer "expires_in", null: false
21
+ t.text "redirect_uri", null: false
22
+ t.datetime "created_at", null: false
23
+ t.datetime "revoked_at"
24
+ t.string "scopes"
25
+ end
26
+
27
+ add_index "oauth_access_grants", ["token"], name: "index_oauth_access_grants_on_token", unique: true
28
+
29
+ create_table "oauth_access_tokens", force: :cascade do |t|
30
+ t.integer "resource_owner_id"
31
+ t.integer "application_id"
32
+ t.string "token", null: false
33
+ t.string "refresh_token"
34
+ t.integer "expires_in"
35
+ t.datetime "revoked_at"
36
+ t.datetime "created_at", null: false
37
+ t.string "scopes"
38
+ end
39
+
40
+ add_index "oauth_access_tokens", ["refresh_token"], name: "index_oauth_access_tokens_on_refresh_token", unique: true
41
+ add_index "oauth_access_tokens", ["resource_owner_id"], name: "index_oauth_access_tokens_on_resource_owner_id"
42
+ add_index "oauth_access_tokens", ["token"], name: "index_oauth_access_tokens_on_token", unique: true
43
+
44
+ create_table "oauth_applications", force: :cascade do |t|
45
+ t.string "name", null: false
46
+ t.string "uid", null: false
47
+ t.string "secret", null: false
48
+ t.text "redirect_uri", null: false
49
+ t.string "scopes", default: "", null: false
50
+ t.datetime "created_at"
51
+ t.datetime "updated_at"
52
+ end
53
+
54
+ add_index "oauth_applications", ["uid"], name: "index_oauth_applications_on_uid", unique: true
55
+
56
+ create_table "users", force: :cascade do |t|
57
+ t.datetime "created_at", null: false
58
+ t.datetime "updated_at", null: false
59
+ t.string "email", default: "", null: false
60
+ t.string "encrypted_password", default: "", null: false
61
+ t.string "reset_password_token"
62
+ t.datetime "reset_password_sent_at"
63
+ t.datetime "remember_created_at"
64
+ t.integer "sign_in_count", default: 0, null: false
65
+ t.datetime "current_sign_in_at"
66
+ t.datetime "last_sign_in_at"
67
+ t.string "current_sign_in_ip"
68
+ t.string "last_sign_in_ip"
69
+ end
70
+
71
+ add_index "users", ["email"], name: "index_users_on_email", unique: true
72
+ add_index "users", ["reset_password_token"], name: "index_users_on_reset_password_token", unique: true
73
+
74
+ create_table "waitlist_subscribers", force: :cascade do |t|
75
+ t.string "email"
76
+ t.datetime "created_at"
77
+ t.datetime "updated_at"
78
+ end
79
+
80
+ end
File without changes
File without changes
@@ -0,0 +1,67 @@
1
+ <!DOCTYPE html>
2
+ <html>
3
+ <head>
4
+ <title>The page you were looking for doesn't exist (404)</title>
5
+ <meta name="viewport" content="width=device-width,initial-scale=1">
6
+ <style>
7
+ body {
8
+ background-color: #EFEFEF;
9
+ color: #2E2F30;
10
+ text-align: center;
11
+ font-family: arial, sans-serif;
12
+ margin: 0;
13
+ }
14
+
15
+ div.dialog {
16
+ width: 95%;
17
+ max-width: 33em;
18
+ margin: 4em auto 0;
19
+ }
20
+
21
+ div.dialog > div {
22
+ border: 1px solid #CCC;
23
+ border-right-color: #999;
24
+ border-left-color: #999;
25
+ border-bottom-color: #BBB;
26
+ border-top: #B00100 solid 4px;
27
+ border-top-left-radius: 9px;
28
+ border-top-right-radius: 9px;
29
+ background-color: white;
30
+ padding: 7px 12% 0;
31
+ box-shadow: 0 3px 8px rgba(50, 50, 50, 0.17);
32
+ }
33
+
34
+ h1 {
35
+ font-size: 100%;
36
+ color: #730E15;
37
+ line-height: 1.5em;
38
+ }
39
+
40
+ div.dialog > p {
41
+ margin: 0 0 1em;
42
+ padding: 1em;
43
+ background-color: #F7F7F7;
44
+ border: 1px solid #CCC;
45
+ border-right-color: #999;
46
+ border-left-color: #999;
47
+ border-bottom-color: #999;
48
+ border-bottom-left-radius: 4px;
49
+ border-bottom-right-radius: 4px;
50
+ border-top-color: #DADADA;
51
+ color: #666;
52
+ box-shadow: 0 3px 8px rgba(50, 50, 50, 0.17);
53
+ }
54
+ </style>
55
+ </head>
56
+
57
+ <body>
58
+ <!-- This file lives in public/404.html -->
59
+ <div class="dialog">
60
+ <div>
61
+ <h1>The page you were looking for doesn't exist.</h1>
62
+ <p>You may have mistyped the address or the page may have moved.</p>
63
+ </div>
64
+ <p>If you are the application owner check the logs for more information.</p>
65
+ </div>
66
+ </body>
67
+ </html>
@@ -0,0 +1,67 @@
1
+ <!DOCTYPE html>
2
+ <html>
3
+ <head>
4
+ <title>The change you wanted was rejected (422)</title>
5
+ <meta name="viewport" content="width=device-width,initial-scale=1">
6
+ <style>
7
+ body {
8
+ background-color: #EFEFEF;
9
+ color: #2E2F30;
10
+ text-align: center;
11
+ font-family: arial, sans-serif;
12
+ margin: 0;
13
+ }
14
+
15
+ div.dialog {
16
+ width: 95%;
17
+ max-width: 33em;
18
+ margin: 4em auto 0;
19
+ }
20
+
21
+ div.dialog > div {
22
+ border: 1px solid #CCC;
23
+ border-right-color: #999;
24
+ border-left-color: #999;
25
+ border-bottom-color: #BBB;
26
+ border-top: #B00100 solid 4px;
27
+ border-top-left-radius: 9px;
28
+ border-top-right-radius: 9px;
29
+ background-color: white;
30
+ padding: 7px 12% 0;
31
+ box-shadow: 0 3px 8px rgba(50, 50, 50, 0.17);
32
+ }
33
+
34
+ h1 {
35
+ font-size: 100%;
36
+ color: #730E15;
37
+ line-height: 1.5em;
38
+ }
39
+
40
+ div.dialog > p {
41
+ margin: 0 0 1em;
42
+ padding: 1em;
43
+ background-color: #F7F7F7;
44
+ border: 1px solid #CCC;
45
+ border-right-color: #999;
46
+ border-left-color: #999;
47
+ border-bottom-color: #999;
48
+ border-bottom-left-radius: 4px;
49
+ border-bottom-right-radius: 4px;
50
+ border-top-color: #DADADA;
51
+ color: #666;
52
+ box-shadow: 0 3px 8px rgba(50, 50, 50, 0.17);
53
+ }
54
+ </style>
55
+ </head>
56
+
57
+ <body>
58
+ <!-- This file lives in public/422.html -->
59
+ <div class="dialog">
60
+ <div>
61
+ <h1>The change you wanted was rejected.</h1>
62
+ <p>Maybe you tried to change something you didn't have access to.</p>
63
+ </div>
64
+ <p>If you are the application owner check the logs for more information.</p>
65
+ </div>
66
+ </body>
67
+ </html>
@@ -0,0 +1,66 @@
1
+ <!DOCTYPE html>
2
+ <html>
3
+ <head>
4
+ <title>We're sorry, but something went wrong (500)</title>
5
+ <meta name="viewport" content="width=device-width,initial-scale=1">
6
+ <style>
7
+ body {
8
+ background-color: #EFEFEF;
9
+ color: #2E2F30;
10
+ text-align: center;
11
+ font-family: arial, sans-serif;
12
+ margin: 0;
13
+ }
14
+
15
+ div.dialog {
16
+ width: 95%;
17
+ max-width: 33em;
18
+ margin: 4em auto 0;
19
+ }
20
+
21
+ div.dialog > div {
22
+ border: 1px solid #CCC;
23
+ border-right-color: #999;
24
+ border-left-color: #999;
25
+ border-bottom-color: #BBB;
26
+ border-top: #B00100 solid 4px;
27
+ border-top-left-radius: 9px;
28
+ border-top-right-radius: 9px;
29
+ background-color: white;
30
+ padding: 7px 12% 0;
31
+ box-shadow: 0 3px 8px rgba(50, 50, 50, 0.17);
32
+ }
33
+
34
+ h1 {
35
+ font-size: 100%;
36
+ color: #730E15;
37
+ line-height: 1.5em;
38
+ }
39
+
40
+ div.dialog > p {
41
+ margin: 0 0 1em;
42
+ padding: 1em;
43
+ background-color: #F7F7F7;
44
+ border: 1px solid #CCC;
45
+ border-right-color: #999;
46
+ border-left-color: #999;
47
+ border-bottom-color: #999;
48
+ border-bottom-left-radius: 4px;
49
+ border-bottom-right-radius: 4px;
50
+ border-top-color: #DADADA;
51
+ color: #666;
52
+ box-shadow: 0 3px 8px rgba(50, 50, 50, 0.17);
53
+ }
54
+ </style>
55
+ </head>
56
+
57
+ <body>
58
+ <!-- This file lives in public/500.html -->
59
+ <div class="dialog">
60
+ <div>
61
+ <h1>We're sorry, but something went wrong.</h1>
62
+ </div>
63
+ <p>If you are the application owner check the logs for more information.</p>
64
+ </div>
65
+ </body>
66
+ </html>
File without changes
@@ -0,0 +1,6 @@
1
+ FactoryGirl.define do
2
+ factory :access_token, class: Doorkeeper::AccessToken do
3
+ resource_owner_id { association(:user).id }
4
+ application_id { association(:application).id }
5
+ end
6
+ end
@@ -0,0 +1,8 @@
1
+ FactoryGirl.define do
2
+ factory :application, class: Doorkeeper::Application do
3
+ name 'sample app'
4
+ # uid { SecureRandom.hex(20) }
5
+ # secret { SecureRandom.hex(20) }
6
+ redirect_uri 'urn:ietf:wg:oauth:2.0:oob'
7
+ end
8
+ end
@@ -0,0 +1,8 @@
1
+ FactoryGirl.define do
2
+ sequence(:email) { "jon.doe+#{SecureRandom.hex(10)}@acme.com" }
3
+
4
+ factory :user do
5
+ email { Faker::Internet.email }
6
+ password { Faker::Internet.password }
7
+ end
8
+ end
@@ -0,0 +1,50 @@
1
+ # This file is copied to spec/ when you run 'rails generate rspec:install'
2
+ ENV["RAILS_ENV"] ||= 'test'
3
+ require 'spec_helper'
4
+ require File.expand_path("../dummy/config/environment", __FILE__)
5
+ require 'rspec/rails'
6
+ # Add additional requires below this line. Rails is not loaded until this point!
7
+
8
+ # Requires supporting ruby files with custom matchers and macros, etc, in
9
+ # spec/support/ and its subdirectories. Files matching `spec/**/*_spec.rb` are
10
+ # run as spec files by default. This means that files in spec/support that end
11
+ # in _spec.rb will both be required and run as specs, causing the specs to be
12
+ # run twice. It is recommended that you do not name files matching this glob to
13
+ # end with _spec.rb. You can configure this pattern with the --pattern
14
+ # option on the command line or in ~/.rspec, .rspec or `.rspec-local`.
15
+ #
16
+ # The following line is provided for convenience purposes. It has the downside
17
+ # of increasing the boot-up time by auto-requiring all files in the support
18
+ # directory. Alternatively, in the individual `*_spec.rb` files, manually
19
+ # require only the support files necessary.
20
+ # fail Dir[File.join(__dir__, "spec/support/**/*.rb")].to_a.inspect
21
+ Dir[File.join(__dir__, "support/**/*.rb")].each { |f| require f }
22
+
23
+ # Checks for pending migrations before tests are run.
24
+ # If you are not using ActiveRecord, you can remove this line.
25
+ ActiveRecord::Migration.maintain_test_schema!
26
+
27
+ RSpec.configure do |config|
28
+ # Remove this line if you're not using ActiveRecord or ActiveRecord fixtures
29
+ config.fixture_path = "#{::Rails.root}/spec/fixtures"
30
+
31
+ # If you're not using ActiveRecord, or you'd prefer not to run each of your
32
+ # examples within a transaction, remove the following line or assign false
33
+ # instead of true.
34
+ config.use_transactional_fixtures = true
35
+
36
+ # RSpec Rails can automatically mix in different behaviours to your tests
37
+ # based on their file location, for example enabling you to call `get` and
38
+ # `post` in specs under `spec/controllers`.
39
+ #
40
+ # You can disable this behaviour by removing the line below, and instead
41
+ # explicitly tag your specs with their type, e.g.:
42
+ #
43
+ # RSpec.describe UsersController, :type => :controller do
44
+ # # ...
45
+ # end
46
+ #
47
+ # The different available types are documented in the features, such as in
48
+ # https://relishapp.com/rspec/rspec-rails/docs
49
+ config.infer_spec_type_from_file_location!
50
+ end
@@ -0,0 +1,57 @@
1
+ require 'rails_helper'
2
+
3
+ RSpec.describe 'OAuth bearer token requests', type: :request do
4
+ let(:request_path) { '/example.json' }
5
+ context 'with valid access token' do
6
+ with :access_token
7
+ let(:headers) do
8
+ {
9
+ 'Authorization' => "Bearer #{access_token.token}"
10
+ }
11
+ end
12
+ let(:params) { {} }
13
+ before do
14
+ get request_path, params, headers
15
+ end
16
+ it { expect(response.status).to eq 200 }
17
+ end
18
+ context 'with expired access token' do
19
+ with :access_token, expires_in: 0
20
+ let(:headers) do
21
+ {
22
+ 'Authorization' => "Bearer #{access_token.token}"
23
+ }
24
+ end
25
+ let(:params) { {} }
26
+ before do
27
+ get request_path, params, headers
28
+ end
29
+ it { expect(response.status).to eq 401 }
30
+ end
31
+ context 'with revoked access token' do
32
+ with :access_token, revoked_at: 1.year.ago
33
+ let(:headers) do
34
+ {
35
+ 'Authorization' => "Bearer #{access_token.token}"
36
+ }
37
+ end
38
+ let(:params) { {} }
39
+ before do
40
+ get request_path, params, headers
41
+ end
42
+ it { expect(response.status).to eq 401 }
43
+ end
44
+ context 'with invalid access token' do
45
+ let(:access_token) { double(:fake_token, token: 'invalid') }
46
+ let(:headers) do
47
+ {
48
+ 'Authorization' => "Bearer #{access_token.token}"
49
+ }
50
+ end
51
+ let(:params) { {} }
52
+ before do
53
+ get request_path, params, headers
54
+ end
55
+ it { expect(response.status).to eq 401 }
56
+ end
57
+ end