devise-doorkeeper 1.1.2.ci.112.1 → 1.2.0.ci.133.1

Sign up to get free protection for your applications and to get access to all the features.
Files changed (17) hide show
  1. checksums.yaml +4 -4
  2. data/.gitignore +3 -0
  3. data/.ruby-version +1 -1
  4. data/.travis.yml +3 -0
  5. data/devise-doorkeeper.gemspec +5 -5
  6. data/lib/devise/doorkeeper/doorkeeper_failure_app.rb +14 -0
  7. data/lib/devise/doorkeeper/unconfirmed_resource_response.rb +23 -0
  8. data/lib/devise/doorkeeper/version.rb +1 -1
  9. data/lib/devise/strategies/doorkeeper.rb +11 -1
  10. data/spec/dummy/app/models/user.rb +5 -1
  11. data/spec/dummy/config/locales/doorkeeper.en.yml +2 -0
  12. data/spec/dummy/db/migrate/20210301204550_add_confirmable_field_to_users.rb +11 -0
  13. data/spec/dummy/db/schema.rb +5 -1
  14. data/spec/factories/users.rb +5 -0
  15. data/spec/requests/oauth/bearer_tokens_spec.rb +44 -22
  16. data/spec/requests/oauth/password_grant_spec.rb +3 -3
  17. metadata +21 -18
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 80b7b6fc0e7b377d423b1b344ac3263b654220298cd1c06545dcad4d30817e3a
4
- data.tar.gz: 814d64cd4b186d43b0f489db54ab5f8bc1f159675c38a229fb80b9c27babb05b
3
+ metadata.gz: b0b329edf4d98ff84bdcd1d2a481e36c331bfc307f718d81f503ca69dad46174
4
+ data.tar.gz: 9f4e39359852ca3956447d654d64f5de7a42fa8d0ac96b6f5ea86627c0a97b39
5
5
  SHA512:
6
- metadata.gz: 822ab43df2475b83bb63b5643bff9d81f299d25fdca943bd6b7febcca4dca94c5ab8fa59f087e07292a5b46162a8fcff0f62898da0d18e7cd632fb000e4aa75c
7
- data.tar.gz: ee03ba970878ba8b4c25c315fb8dc4dca34240c1b8cdaac9382fa76ee4ba0df46e45046f3e4f726a63f8f98a27f7787f9b89f6ea6a8d54a125261836cb254779
6
+ metadata.gz: a3fe30fadabedfc3d51a28cb38aac43b626ee49f63ecf61ba9634e4cc8a6dd94d69374cb963e7d4c5e7f614a7e8f8b1216b582293a2c6cd936981f5f2eb87d78
7
+ data.tar.gz: 3bb0b4751de1c1f9bd8ed5188bbcf3badd6d14044e8c7b20df2ddf091adbe1bdf17f117e3edc9b27fd89286a0b875052373f2a941852e3243b268b63bfaa19aa
data/.gitignore CHANGED
@@ -15,3 +15,6 @@ mkmf.log
15
15
  *.sqlite3
16
16
  *.log
17
17
  spec/dummy/tmp
18
+
19
+ # Mac finder artifacts
20
+ .DS_Store
data/.ruby-version CHANGED
@@ -1 +1 @@
1
- 2.5.8
1
+ 2.6.6
data/.travis.yml CHANGED
@@ -1,4 +1,7 @@
1
1
  language: ruby
2
+ cache: bundler
3
+ before_install:
4
+ - gem install bundler --version '~> 2.2'
2
5
  deploy:
3
6
  provider: rubygems
4
7
  api_key:
data/devise-doorkeeper.gemspec CHANGED
@@ -18,13 +18,13 @@ Gem::Specification.new do |spec|
18
18
  spec.test_files = spec.files.grep(%r{^(test|spec|features)/})
19
19
  spec.require_paths = ['lib']
20
20
 
21
- spec.add_dependency 'rails', '~> 5.0.0'
22
- spec.add_dependency 'devise', '~> 4.7'
23
- spec.add_dependency 'doorkeeper', '~> 5.5'
21
+ spec.add_dependency 'rails'
22
+ spec.add_dependency 'devise'
23
+ spec.add_dependency 'doorkeeper'
24
24
 
25
- spec.add_development_dependency 'bundler', '~> 1.17.3'
25
+ spec.add_development_dependency 'bundler', '~> 2.2'
26
26
  spec.add_development_dependency 'rspec-rails', '~> 4.0'
27
- spec.add_development_dependency 'factory_bot_rails', '~> 4.9'
27
+ spec.add_development_dependency 'factory_bot_rails', '~> 6.1'
28
28
  spec.add_development_dependency 'factory_girl_rspec', '~> 3.0'
29
29
  spec.add_development_dependency 'faker', '~> 2.16'
30
30
  spec.add_development_dependency 'json_spec', '~> 1.1'
data/lib/devise/doorkeeper/doorkeeper_failure_app.rb CHANGED
@@ -1,4 +1,5 @@
1
1
  require 'devise/strategies/doorkeeper'
2
+ require 'devise/doorkeeper/unconfirmed_resource_response'
2
3
 
3
4
  module Devise
4
5
  module Doorkeeper
@@ -6,6 +7,8 @@ module Devise
6
7
  def respond
7
8
  if oauth_error?
8
9
  invalid_oauth_token
10
+ elsif unconfirmed_resource?
11
+ unconfirmed_resource
9
12
  else
10
13
  super
11
14
  end
@@ -17,12 +20,23 @@ module Devise
17
20
  warden_message == Devise::Strategies::Doorkeeper::WARDEN_INVALID_TOKEN_MESSAGE
18
21
  end
19
22
 
23
+ def unconfirmed_resource?
24
+ warden_message == Devise::Strategies::Doorkeeper::WARDEN_UNCONFIRMED_RESOURCE_MESSAGE
25
+ end
26
+
20
27
  def invalid_oauth_token
21
28
  error = ::Doorkeeper::OAuth::InvalidTokenResponse.new
22
29
  headers.merge! error.headers
23
30
  self.response_body = error.body.to_json
24
31
  self.status = error.status
25
32
  end
33
+
34
+ def unconfirmed_resource
35
+ error = UnconfirmedResourceResponse.new
36
+ headers.merge! error.headers
37
+ self.response_body = error.body.to_json
38
+ self.status = error.status
39
+ end
26
40
  end
27
41
  end
28
42
  end
data/lib/devise/doorkeeper/unconfirmed_resource_response.rb ADDED
@@ -0,0 +1,23 @@
1
+ require 'devise/strategies/doorkeeper'
2
+
3
+ module Devise
4
+ module Doorkeeper
5
+ class UnconfirmedResourceResponse < ::Doorkeeper::OAuth::ErrorResponse
6
+ def initialize(attributes = {})
7
+ super(attributes.merge(name: :unconfirmed_resource, state: :locked))
8
+ end
9
+
10
+ def status
11
+ :locked
12
+ end
13
+
14
+ def description
15
+ @description ||= I18n.translate('doorkeeper.errors.messages.unconfirmed_resource')
16
+ end
17
+
18
+ def exception_class
19
+ ::Doorkeeper::Errors::DoorkeeperError
20
+ end
21
+ end
22
+ end
23
+ end
data/lib/devise/doorkeeper/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  module Devise
2
2
  module Doorkeeper
3
- VERSION = '1.1.2'
3
+ VERSION = '1.2.0'
4
4
  end
5
5
  end
data/lib/devise/strategies/doorkeeper.rb CHANGED
@@ -7,6 +7,7 @@ module Devise
7
7
  module Strategies
8
8
  class Doorkeeper < ::Devise::Strategies::Authenticatable
9
9
  WARDEN_INVALID_TOKEN_MESSAGE = :invalid_token
10
+ WARDEN_UNCONFIRMED_RESOURCE_MESSAGE = :unconfirmed_resource
10
11
 
11
12
  def valid?
12
13
  credentials = ::Doorkeeper::OAuth::Token.from_request(request, *access_token_methods)
@@ -17,7 +18,11 @@ module Devise
17
18
  resource = resource_from_token
18
19
  if validate(resource)
19
20
  request.env['devise.skip_trackable'] = true
20
- success!(resource)
21
+ if resource.active_for_authentication?
22
+ success!(resource)
23
+ else
24
+ unconfirmed_resource
25
+ end
21
26
  else
22
27
  invalid_token
23
28
  end
@@ -48,6 +53,11 @@ module Devise
48
53
  mapping.to.find(token.resource_owner_id)
49
54
  end
50
55
 
56
+ def unconfirmed_resource
57
+ fail!(WARDEN_UNCONFIRMED_RESOURCE_MESSAGE)
58
+ throw :warden
59
+ end
60
+
51
61
  def invalid_token
52
62
  fail!(WARDEN_INVALID_TOKEN_MESSAGE)
53
63
  throw :warden
data/spec/dummy/app/models/user.rb CHANGED
@@ -2,6 +2,10 @@ class User < ActiveRecord::Base
2
2
  # Include default devise modules. Others available are:
3
3
  # :confirmable, :lockable, :timeoutable and :omniauthable
4
4
  devise :database_authenticatable, :registerable,
5
- :recoverable, :rememberable, :trackable, :validatable
5
+ :recoverable, :rememberable, :trackable, :validatable, :confirmable
6
6
  devise :database_authenticatable, :doorkeeper
7
+
8
+ def send_confirmation_notification?
9
+ false
10
+ end
7
11
  end
data/spec/dummy/config/locales/doorkeeper.en.yml CHANGED
@@ -130,6 +130,8 @@ en:
130
130
  expired: "The access token expired"
131
131
  unknown: "The access token is invalid"
132
132
 
133
+ unconfirmed_resource: 'The resource owner account is unconfirmed.'
134
+
133
135
  flash:
134
136
  applications:
135
137
  create:
data/spec/dummy/db/migrate/20210301204550_add_confirmable_field_to_users.rb ADDED
@@ -0,0 +1,11 @@
1
+ class AddConfirmableFieldToUsers < ActiveRecord::Migration[5.0]
2
+ def change
3
+ change_table(:users) do |t|
4
+ ## Confirmable
5
+ t.string :confirmation_token
6
+ t.datetime :confirmed_at
7
+ t.datetime :confirmation_sent_at
8
+ t.string :unconfirmed_email # Only if using reconfirmable
9
+ end
10
+ end
11
+ end
data/spec/dummy/db/schema.rb CHANGED
@@ -10,7 +10,7 @@
10
10
  #
11
11
  # It's strongly recommended that you check this file into your version control system.
12
12
 
13
- ActiveRecord::Schema.define(version: 20210301163315) do
13
+ ActiveRecord::Schema.define(version: 20210301204550) do
14
14
 
15
15
  create_table "oauth_access_grants", force: :cascade do |t|
16
16
  t.integer "resource_owner_id", null: false
@@ -63,6 +63,10 @@ ActiveRecord::Schema.define(version: 20210301163315) do
63
63
  t.datetime "last_sign_in_at"
64
64
  t.string "current_sign_in_ip"
65
65
  t.string "last_sign_in_ip"
66
+ t.string "confirmation_token"
67
+ t.datetime "confirmed_at"
68
+ t.datetime "confirmation_sent_at"
69
+ t.string "unconfirmed_email"
66
70
  t.index ["email"], name: "index_users_on_email", unique: true
67
71
  t.index ["reset_password_token"], name: "index_users_on_reset_password_token", unique: true
68
72
  end
data/spec/factories/users.rb CHANGED
@@ -4,5 +4,10 @@ FactoryBot.define do
4
4
  factory :user do
5
5
  email { Faker::Internet.email }
6
6
  password { Faker::Internet.password }
7
+ confirmed_at { Time.current }
8
+
9
+ trait :when_unconfirmed do
10
+ confirmed_at { nil }
11
+ end
7
12
  end
8
13
  end
data/spec/requests/oauth/bearer_tokens_spec.rb CHANGED
@@ -3,28 +3,50 @@ require 'rails_helper'
3
3
  RSpec.describe 'OAuth bearer token requests', type: :request do
4
4
  let(:request_path) { '/example.json' }
5
5
  context 'with valid access token' do
6
- with :access_token
7
- let(:headers) do
8
- {
9
- 'Authorization' => "Bearer #{access_token.token}"
10
- }
11
- end
12
- let(:params) { {} }
13
- before do
14
- @original_timestamp = User.find(access_token.resource_owner_id).last_sign_in_at
15
- get request_path, params, headers
16
- end
17
- it { expect(response.status).to eq 200 }
18
- it 'does not send Set-Cookie headers' do
19
- expect(response.headers).to_not include 'Set-Cookie'
6
+ context 'when user confirmed' do
7
+ let(:access_token) { create(:access_token) }
8
+ let(:headers) do
9
+ {
10
+ 'Authorization' => "Bearer #{access_token.token}"
11
+ }
12
+ end
13
+ let(:params) { {} }
14
+ before do
15
+ @original_timestamp = User.find(access_token.resource_owner_id).last_sign_in_at
16
+ get request_path, params: params, headers: headers
17
+ end
18
+ it { expect(response.status).to eq 200 }
19
+ it 'does not send Set-Cookie headers' do
20
+ expect(response.headers).to_not include 'Set-Cookie'
21
+ end
22
+ it 'does not update the user last_signin_at timestamp' do
23
+ new_timestamp = User.find(access_token.resource_owner_id).last_sign_in_at
24
+ expect(new_timestamp).to eq @original_timestamp
25
+ end
20
26
  end
21
- it 'does not update the user last_signin_at timestamp' do
22
- new_timestamp = User.find(access_token.resource_owner_id).last_sign_in_at
23
- expect(new_timestamp).to eq @original_timestamp
27
+ context 'when user unconfirmed' do
28
+ let(:user) { create(:user, :when_unconfirmed) }
29
+ let(:access_token) { create(:access_token, resource_owner_id: user.id) }
30
+ let(:headers) do
31
+ {
32
+ 'Authorization' => "Bearer #{access_token.token}"
33
+ }
34
+ end
35
+ before do
36
+ get request_path, headers: headers
37
+ end
38
+ it { expect(response.status).to eq 423 }
39
+ it do
40
+ expect(JSON.parse(response.body)).to include(
41
+ 'error' => 'unconfirmed_resource',
42
+ 'error_description' => 'The resource owner account is unconfirmed.',
43
+ 'state' => 'locked'
44
+ )
45
+ end
24
46
  end
25
47
  end
26
48
  context 'with expired access token' do
27
- with :access_token, expires_in: 0
49
+ let(:access_token) { create(:access_token, expires_in: 0) }
28
50
  let(:headers) do
29
51
  {
30
52
  'Authorization' => "Bearer #{access_token.token}"
@@ -32,14 +54,14 @@ RSpec.describe 'OAuth bearer token requests', type: :request do
32
54
  end
33
55
  let(:params) { {} }
34
56
  before do
35
- get request_path, params, headers
57
+ get request_path, params: params, headers: headers
36
58
  end
37
59
  it { expect(response.status).to eq 401 }
38
60
  it { expect(response.headers['WWW-Authenticate']).to eq 'Bearer realm="DeviseDoorkeeperApp", error="invalid_token", error_description="The access token is invalid"' }
39
61
  it { expect(response.body).to eq '{"error":"invalid_token","error_description":"The access token is invalid","state":"unauthorized"}' }
40
62
  end
41
63
  context 'with revoked access token' do
42
- with :access_token, revoked_at: 1.year.ago
64
+ let(:access_token) { create(:access_token, revoked_at: 1.year.ago) }
43
65
  let(:headers) do
44
66
  {
45
67
  'Authorization' => "Bearer #{access_token.token}"
@@ -47,7 +69,7 @@ RSpec.describe 'OAuth bearer token requests', type: :request do
47
69
  end
48
70
  let(:params) { {} }
49
71
  before do
50
- get request_path, params, headers
72
+ get request_path, params: params, headers: headers
51
73
  end
52
74
  it { expect(response.status).to eq 401 }
53
75
  end
@@ -60,7 +82,7 @@ RSpec.describe 'OAuth bearer token requests', type: :request do
60
82
  end
61
83
  let(:params) { {} }
62
84
  before do
63
- get request_path, params, headers
85
+ get request_path, params: params, headers: headers
64
86
  end
65
87
  it { expect(response.status).to eq 401 }
66
88
  end
data/spec/requests/oauth/password_grant_spec.rb CHANGED
@@ -23,7 +23,7 @@ RSpec.describe 'oauth/tokens password grant flow', type: :request do
23
23
  }.to_json
24
24
  end
25
25
  before do
26
- post '/oauth/token', params, headers
26
+ post '/oauth/token', params: params, headers: headers
27
27
  @new_token = Doorkeeper::AccessToken.last
28
28
  end
29
29
  it { expect(response.status).to eq 200 }
@@ -43,7 +43,7 @@ RSpec.describe 'oauth/tokens password grant flow', type: :request do
43
43
  end
44
44
  let(:headers) { {} }
45
45
  before do
46
- post '/oauth/token', params, headers
46
+ post '/oauth/token', params: params, headers: headers
47
47
  end
48
48
  it { expect(response.status).to eq 400 }
49
49
  end
@@ -61,7 +61,7 @@ RSpec.describe 'oauth/tokens password grant flow', type: :request do
61
61
  end
62
62
  let(:headers) { {} }
63
63
  before do
64
- post '/oauth/token', params, headers
64
+ post '/oauth/token', params: params, headers: headers
65
65
  end
66
66
  it { expect(response.status).to eq 400 }
67
67
  end
metadata CHANGED
@@ -1,71 +1,71 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: devise-doorkeeper
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.1.2.ci.112.1
4
+ version: 1.2.0.ci.133.1
5
5
  platform: ruby
6
6
  authors:
7
7
  - BetterUp
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2021-03-02 00:00:00.000000000 Z
11
+ date: 2021-03-03 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: rails
15
15
  requirement: !ruby/object:Gem::Requirement
16
16
  requirements:
17
- - - "~>"
17
+ - - ">="
18
18
  - !ruby/object:Gem::Version
19
- version: 5.0.0
19
+ version: '0'
20
20
  type: :runtime
21
21
  prerelease: false
22
22
  version_requirements: !ruby/object:Gem::Requirement
23
23
  requirements:
24
- - - "~>"
24
+ - - ">="
25
25
  - !ruby/object:Gem::Version
26
- version: 5.0.0
26
+ version: '0'
27
27
  - !ruby/object:Gem::Dependency
28
28
  name: devise
29
29
  requirement: !ruby/object:Gem::Requirement
30
30
  requirements:
31
- - - "~>"
31
+ - - ">="
32
32
  - !ruby/object:Gem::Version
33
- version: '4.7'
33
+ version: '0'
34
34
  type: :runtime
35
35
  prerelease: false
36
36
  version_requirements: !ruby/object:Gem::Requirement
37
37
  requirements:
38
- - - "~>"
38
+ - - ">="
39
39
  - !ruby/object:Gem::Version
40
- version: '4.7'
40
+ version: '0'
41
41
  - !ruby/object:Gem::Dependency
42
42
  name: doorkeeper
43
43
  requirement: !ruby/object:Gem::Requirement
44
44
  requirements:
45
- - - "~>"
45
+ - - ">="
46
46
  - !ruby/object:Gem::Version
47
- version: '5.5'
47
+ version: '0'
48
48
  type: :runtime
49
49
  prerelease: false
50
50
  version_requirements: !ruby/object:Gem::Requirement
51
51
  requirements:
52
- - - "~>"
52
+ - - ">="
53
53
  - !ruby/object:Gem::Version
54
- version: '5.5'
54
+ version: '0'
55
55
  - !ruby/object:Gem::Dependency
56
56
  name: bundler
57
57
  requirement: !ruby/object:Gem::Requirement
58
58
  requirements:
59
59
  - - "~>"
60
60
  - !ruby/object:Gem::Version
61
- version: 1.17.3
61
+ version: '2.2'
62
62
  type: :development
63
63
  prerelease: false
64
64
  version_requirements: !ruby/object:Gem::Requirement
65
65
  requirements:
66
66
  - - "~>"
67
67
  - !ruby/object:Gem::Version
68
- version: 1.17.3
68
+ version: '2.2'
69
69
  - !ruby/object:Gem::Dependency
70
70
  name: rspec-rails
71
71
  requirement: !ruby/object:Gem::Requirement
@@ -86,14 +86,14 @@ dependencies:
86
86
  requirements:
87
87
  - - "~>"
88
88
  - !ruby/object:Gem::Version
89
- version: '4.9'
89
+ version: '6.1'
90
90
  type: :development
91
91
  prerelease: false
92
92
  version_requirements: !ruby/object:Gem::Requirement
93
93
  requirements:
94
94
  - - "~>"
95
95
  - !ruby/object:Gem::Version
96
- version: '4.9'
96
+ version: '6.1'
97
97
  - !ruby/object:Gem::Dependency
98
98
  name: factory_girl_rspec
99
99
  requirement: !ruby/object:Gem::Requirement
@@ -224,6 +224,7 @@ files:
224
224
  - devise-doorkeeper.gemspec
225
225
  - lib/devise/doorkeeper.rb
226
226
  - lib/devise/doorkeeper/doorkeeper_failure_app.rb
227
+ - lib/devise/doorkeeper/unconfirmed_resource_response.rb
227
228
  - lib/devise/doorkeeper/version.rb
228
229
  - lib/devise/strategies/doorkeeper.rb
229
230
  - spec/dummy/.rspec
@@ -275,6 +276,7 @@ files:
275
276
  - spec/dummy/db/migrate/20150120154657_create_doorkeeper_tables.rb
276
277
  - spec/dummy/db/migrate/20150120162830_add_devise_to_users.rb
277
278
  - spec/dummy/db/migrate/20210301163315_add_confidential_to_doorkeeper_application.rb
279
+ - spec/dummy/db/migrate/20210301204550_add_confirmable_field_to_users.rb
278
280
  - spec/dummy/db/schema.rb
279
281
  - spec/dummy/lib/assets/.keep
280
282
  - spec/dummy/log/.keep
@@ -366,6 +368,7 @@ test_files:
366
368
  - spec/dummy/db/migrate/20150120154657_create_doorkeeper_tables.rb
367
369
  - spec/dummy/db/migrate/20150120162830_add_devise_to_users.rb
368
370
  - spec/dummy/db/migrate/20210301163315_add_confidential_to_doorkeeper_application.rb
371
+ - spec/dummy/db/migrate/20210301204550_add_confirmable_field_to_users.rb
369
372
  - spec/dummy/db/schema.rb
370
373
  - spec/dummy/lib/assets/.keep
371
374
  - spec/dummy/log/.keep