devise-doorkeeper 1.0.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +7 -0
- data/.gitignore +17 -0
- data/.travis.yml +1 -0
- data/Gemfile +4 -0
- data/LICENSE.txt +22 -0
- data/README.md +69 -0
- data/Rakefile +18 -0
- data/devise-doorkeeper.gemspec +35 -0
- data/lib/devise/doorkeeper.rb +24 -0
- data/lib/devise/doorkeeper/version.rb +5 -0
- data/lib/devise/strategies/doorkeeper.rb +53 -0
- data/spec/dummy/.rspec +2 -0
- data/spec/dummy/README.rdoc +28 -0
- data/spec/dummy/Rakefile +6 -0
- data/spec/dummy/app/assets/images/.keep +0 -0
- data/spec/dummy/app/assets/javascripts/application.js +13 -0
- data/spec/dummy/app/assets/stylesheets/application.css +15 -0
- data/spec/dummy/app/controllers/application_controller.rb +5 -0
- data/spec/dummy/app/controllers/concerns/.keep +0 -0
- data/spec/dummy/app/controllers/example_controller.rb +7 -0
- data/spec/dummy/app/controllers/welcome_controller.rb +2 -0
- data/spec/dummy/app/helpers/application_helper.rb +2 -0
- data/spec/dummy/app/mailers/.keep +0 -0
- data/spec/dummy/app/models/.keep +0 -0
- data/spec/dummy/app/models/concerns/.keep +0 -0
- data/spec/dummy/app/models/user.rb +7 -0
- data/spec/dummy/app/views/layouts/application.html.erb +14 -0
- data/spec/dummy/app/views/welcome/index.html.erb +0 -0
- data/spec/dummy/bin/bundle +3 -0
- data/spec/dummy/bin/rails +4 -0
- data/spec/dummy/bin/rake +4 -0
- data/spec/dummy/config.ru +4 -0
- data/spec/dummy/config/application.rb +28 -0
- data/spec/dummy/config/boot.rb +5 -0
- data/spec/dummy/config/database.yml +25 -0
- data/spec/dummy/config/environment.rb +5 -0
- data/spec/dummy/config/environments/development.rb +37 -0
- data/spec/dummy/config/environments/production.rb +78 -0
- data/spec/dummy/config/environments/test.rb +39 -0
- data/spec/dummy/config/initializers/assets.rb +8 -0
- data/spec/dummy/config/initializers/backtrace_silencers.rb +7 -0
- data/spec/dummy/config/initializers/cookies_serializer.rb +3 -0
- data/spec/dummy/config/initializers/devise.rb +259 -0
- data/spec/dummy/config/initializers/doorkeeper.rb +108 -0
- data/spec/dummy/config/initializers/filter_parameter_logging.rb +4 -0
- data/spec/dummy/config/initializers/inflections.rb +16 -0
- data/spec/dummy/config/initializers/mime_types.rb +4 -0
- data/spec/dummy/config/initializers/session_store.rb +3 -0
- data/spec/dummy/config/initializers/wrap_parameters.rb +14 -0
- data/spec/dummy/config/locales/devise.en.yml +60 -0
- data/spec/dummy/config/locales/doorkeeper.en.yml +151 -0
- data/spec/dummy/config/locales/en.yml +23 -0
- data/spec/dummy/config/routes.rb +5 -0
- data/spec/dummy/config/secrets.yml +22 -0
- data/spec/dummy/db/migrate/20150120154622_create_users.rb +8 -0
- data/spec/dummy/db/migrate/20150120154657_create_doorkeeper_tables.rb +42 -0
- data/spec/dummy/db/migrate/20150120162830_add_devise_to_users.rb +49 -0
- data/spec/dummy/db/schema.rb +80 -0
- data/spec/dummy/lib/assets/.keep +0 -0
- data/spec/dummy/log/.keep +0 -0
- data/spec/dummy/public/404.html +67 -0
- data/spec/dummy/public/422.html +67 -0
- data/spec/dummy/public/500.html +66 -0
- data/spec/dummy/public/favicon.ico +0 -0
- data/spec/factories/access_tokens.rb +6 -0
- data/spec/factories/applications.rb +8 -0
- data/spec/factories/users.rb +8 -0
- data/spec/rails_helper.rb +50 -0
- data/spec/requests/oauth/bearer_tokens_spec.rb +57 -0
- data/spec/requests/oauth/password_grant_spec.rb +68 -0
- data/spec/spec_helper.rb +81 -0
- data/spec/support/factory_girl.rb +6 -0
- data/spec/support/json_spec.rb +4 -0
- data/spec/support/pry.rb +1 -0
- metadata +365 -0
checksums.yaml
ADDED
@@ -0,0 +1,7 @@
|
|
1
|
+
---
|
2
|
+
SHA1:
|
3
|
+
metadata.gz: b32e3b86de27da2f97a03d959bd4bdafc5821b08
|
4
|
+
data.tar.gz: a5b8239896405c7888b4213d0f7903f4fa10d263
|
5
|
+
SHA512:
|
6
|
+
metadata.gz: a0adc93f22dc8297d771c089f50832be2c14efb98a326b38ddc5fc3c1304d671b99ef41f911f356a89f87183fd256ad1c54afc73e3fd8dbaf9c990782b42e681
|
7
|
+
data.tar.gz: 9b4475443e7152d35fe81fa6f89108ac2395c898cdba0fce01e42f62f60ab981d79af1a2e92d01221d4749487a73f0e03214087595a1d0a399dffa50f5240e1d
|
data/.gitignore
ADDED
data/.travis.yml
ADDED
@@ -0,0 +1 @@
|
|
1
|
+
language: ruby
|
data/Gemfile
ADDED
data/LICENSE.txt
ADDED
@@ -0,0 +1,22 @@
|
|
1
|
+
Copyright (c) 2015 BetterUP, Inc.
|
2
|
+
|
3
|
+
MIT License
|
4
|
+
|
5
|
+
Permission is hereby granted, free of charge, to any person obtaining
|
6
|
+
a copy of this software and associated documentation files (the
|
7
|
+
"Software"), to deal in the Software without restriction, including
|
8
|
+
without limitation the rights to use, copy, modify, merge, publish,
|
9
|
+
distribute, sublicense, and/or sell copies of the Software, and to
|
10
|
+
permit persons to whom the Software is furnished to do so, subject to
|
11
|
+
the following conditions:
|
12
|
+
|
13
|
+
The above copyright notice and this permission notice shall be
|
14
|
+
included in all copies or substantial portions of the Software.
|
15
|
+
|
16
|
+
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
|
17
|
+
EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
|
18
|
+
MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
|
19
|
+
NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
|
20
|
+
LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
|
21
|
+
OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
|
22
|
+
WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
|
data/README.md
ADDED
@@ -0,0 +1,69 @@
|
|
1
|
+
[![Build Status](https://travis-ci.org/betterup/devise-doorkeeper.svg)](https://travis-ci.org/betterup/devise-doorkeeper)
|
2
|
+
# Devise::Doorkeeper
|
3
|
+
> Integrates OAuth2 tokens from the Doorkeeper gem into Devise authentication strategies
|
4
|
+
|
5
|
+
## Devise/Doorkeeper Integration
|
6
|
+
[Devise](https://github.com/plataformatec/devise) and [Doorkeeper](https://github.com/doorkeeper-gem/doorkeeper)
|
7
|
+
are complimentary gems. Doorkeeper's job is to
|
8
|
+
dispense OAuth2 tokens and Devise's job is to ensure your resources are protected from
|
9
|
+
unauthenticated requests.
|
10
|
+
|
11
|
+
The devise-doorkeeper gem allows your existing Devise application to accept OAuth2 tokens
|
12
|
+
created by the Doorkeeper authorization flow.
|
13
|
+
|
14
|
+
This means you do *not* need to update your controllers to use the `doorkeeper_authorize!`
|
15
|
+
filter and can use the standard Devise `authenticate_user!` methods instead.
|
16
|
+
|
17
|
+
## Installation
|
18
|
+
|
19
|
+
Add this line to your application's Gemfile:
|
20
|
+
|
21
|
+
```ruby
|
22
|
+
gem 'devise-doorkeeper'
|
23
|
+
```
|
24
|
+
|
25
|
+
## Configuration
|
26
|
+
|
27
|
+
#### Update doorkeeper config
|
28
|
+
Update your `config/initializers/doorkeeper.rb` to call
|
29
|
+
`Devise::Doorkeeper.configure(self)`.
|
30
|
+
|
31
|
+
```ruby
|
32
|
+
# config/initializers/doorkeeper.rb
|
33
|
+
Doorkeeper.configure do
|
34
|
+
Devise::Doorkeeper.configure(self)
|
35
|
+
|
36
|
+
# extra configuration goes below
|
37
|
+
end
|
38
|
+
```
|
39
|
+
|
40
|
+
#### Add `:doorkeeper` to your list of devise modules
|
41
|
+
|
42
|
+
```ruby
|
43
|
+
# example app/models/user.rb
|
44
|
+
class User
|
45
|
+
devise :doorkeeper
|
46
|
+
end
|
47
|
+
```
|
48
|
+
|
49
|
+
#### Ensure controllers have authentication enabled
|
50
|
+
|
51
|
+
```ruby
|
52
|
+
# example app/controllers/comments_controller.rb
|
53
|
+
class CommentsController < ApplicationController
|
54
|
+
before_action :authenticate_user!
|
55
|
+
|
56
|
+
def index
|
57
|
+
# this action is protected
|
58
|
+
# the devise-doorkeeper gem will permit access via valid OAuth2 tokens
|
59
|
+
end
|
60
|
+
end
|
61
|
+
```
|
62
|
+
|
63
|
+
## [ Contributing ](CONTRIBUTING.md)
|
64
|
+
|
65
|
+
1. Fork it ( https://github.com/betterup/devise-doorkeeper/fork )
|
66
|
+
2. Create your feature branch (`git checkout -b my-new-feature`)
|
67
|
+
3. Commit your changes (`git commit -am 'Add some feature'`)
|
68
|
+
4. Push to the branch (`git push origin my-new-feature`)
|
69
|
+
5. Create a new Pull Request
|
data/Rakefile
ADDED
@@ -0,0 +1,18 @@
|
|
1
|
+
begin
|
2
|
+
require 'bundler/setup'
|
3
|
+
rescue LoadError
|
4
|
+
puts 'You must `gem install bundler` and `bundle install` to run rake tasks'
|
5
|
+
end
|
6
|
+
|
7
|
+
APP_RAKEFILE = File.expand_path("../spec/dummy/Rakefile", __FILE__)
|
8
|
+
load 'rails/tasks/engine.rake'
|
9
|
+
|
10
|
+
Bundler::GemHelper.install_tasks
|
11
|
+
|
12
|
+
require 'rspec/core'
|
13
|
+
require 'rspec/core/rake_task'
|
14
|
+
|
15
|
+
desc "Run rspec tests."
|
16
|
+
RSpec::Core::RakeTask.new(spec: 'app:db:test:prepare')
|
17
|
+
task default: :spec
|
18
|
+
|
@@ -0,0 +1,35 @@
|
|
1
|
+
# coding: utf-8
|
2
|
+
lib = File.expand_path('../lib', __FILE__)
|
3
|
+
$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
|
4
|
+
require 'devise/doorkeeper/version'
|
5
|
+
|
6
|
+
Gem::Specification.new do |spec|
|
7
|
+
spec.name = 'devise-doorkeeper'
|
8
|
+
spec.version = Devise::Doorkeeper::VERSION
|
9
|
+
spec.authors = ['Ryan Sonnek']
|
10
|
+
spec.email = ['ryan@codecrate.com']
|
11
|
+
spec.summary = %q{ Integrate Doorkeeper OAuth2 tokens into Devise applications }
|
12
|
+
spec.description = %q{ Support authentication via OAuth2 tokens dispensed from the Doorkeeper authorization flow }
|
13
|
+
spec.homepage = ''
|
14
|
+
spec.license = 'MIT'
|
15
|
+
|
16
|
+
spec.files = `git ls-files -z`.split("\x0")
|
17
|
+
spec.executables = spec.files.grep(%r{^bin/}) { |f| File.basename(f) }
|
18
|
+
spec.test_files = spec.files.grep(%r{^(test|spec|features)/})
|
19
|
+
spec.require_paths = ['lib']
|
20
|
+
|
21
|
+
spec.add_dependency 'rails'
|
22
|
+
spec.add_dependency 'devise'
|
23
|
+
spec.add_dependency 'doorkeeper'
|
24
|
+
|
25
|
+
spec.add_development_dependency 'bundler', '~> 1.7'
|
26
|
+
spec.add_development_dependency 'rspec-rails'
|
27
|
+
spec.add_development_dependency 'factory_girl_rails'
|
28
|
+
spec.add_development_dependency 'factory_girl_rspec'
|
29
|
+
spec.add_development_dependency 'faker'
|
30
|
+
spec.add_development_dependency 'json_spec'
|
31
|
+
spec.add_development_dependency 'sqlite3'
|
32
|
+
spec.add_development_dependency 'coveralls'
|
33
|
+
spec.add_development_dependency 'pry'
|
34
|
+
spec.add_development_dependency 'rake', '~> 10.0'
|
35
|
+
end
|
@@ -0,0 +1,24 @@
|
|
1
|
+
require 'devise/doorkeeper/version'
|
2
|
+
require 'devise/strategies/doorkeeper'
|
3
|
+
|
4
|
+
module Devise
|
5
|
+
module Doorkeeper
|
6
|
+
def self.configure(base)
|
7
|
+
base.instance_eval do
|
8
|
+
resource_owner_authenticator do
|
9
|
+
current_user || warden.authenticate!(scope: :user)
|
10
|
+
end
|
11
|
+
|
12
|
+
# configure doorkeeper to use devise database authenticatable plugin
|
13
|
+
resource_owner_from_credentials do
|
14
|
+
user = User.find_for_database_authentication(email: params[:username])
|
15
|
+
if user && user.valid_for_authentication? { user.valid_password?(params[:password]) }
|
16
|
+
user
|
17
|
+
else
|
18
|
+
nil
|
19
|
+
end
|
20
|
+
end
|
21
|
+
end
|
22
|
+
end
|
23
|
+
end
|
24
|
+
end
|
@@ -0,0 +1,53 @@
|
|
1
|
+
require 'warden'
|
2
|
+
require 'doorkeeper'
|
3
|
+
require 'devise'
|
4
|
+
require 'devise/strategies/authenticatable'
|
5
|
+
|
6
|
+
module Devise
|
7
|
+
module Strategies
|
8
|
+
class Doorkeeper < ::Devise::Strategies::Authenticatable
|
9
|
+
def valid?
|
10
|
+
credentials = ::Doorkeeper::OAuth::Token.from_request(request, *access_token_methods)
|
11
|
+
credentials.present?
|
12
|
+
end
|
13
|
+
|
14
|
+
def authenticate!
|
15
|
+
resource = resource_from_token
|
16
|
+
if validate(resource)
|
17
|
+
success!(resource)
|
18
|
+
else
|
19
|
+
invalid_token
|
20
|
+
end
|
21
|
+
end
|
22
|
+
|
23
|
+
private
|
24
|
+
|
25
|
+
def resource_from_token
|
26
|
+
token = ::Doorkeeper.authenticate(request)
|
27
|
+
scopes = ::Doorkeeper.configuration.default_scopes
|
28
|
+
invalid_token unless token && token.acceptable?(scopes)
|
29
|
+
mapping.to.find(token.resource_owner_id)
|
30
|
+
end
|
31
|
+
|
32
|
+
def invalid_token
|
33
|
+
fail!(:invalid_token)
|
34
|
+
throw :warden
|
35
|
+
end
|
36
|
+
|
37
|
+
def access_token_methods
|
38
|
+
::Doorkeeper.configuration.access_token_methods
|
39
|
+
end
|
40
|
+
end
|
41
|
+
end
|
42
|
+
end
|
43
|
+
Warden::Strategies.add(:doorkeeper, Devise::Strategies::Doorkeeper)
|
44
|
+
Devise.add_module(:doorkeeper, strategy: true)
|
45
|
+
|
46
|
+
|
47
|
+
# if ///
|
48
|
+
# error = OAuth::InvalidTokenResponse.from_access_token(doorkeeper_token)
|
49
|
+
# options = doorkeeper_unauthorized_render_options
|
50
|
+
# else
|
51
|
+
# error = OAuth::ForbiddenTokenResponse.from_scopes(scopes)
|
52
|
+
# options = doorkeeper_forbidden_render_options
|
53
|
+
# end
|
data/spec/dummy/.rspec
ADDED
@@ -0,0 +1,28 @@
|
|
1
|
+
== README
|
2
|
+
|
3
|
+
This README would normally document whatever steps are necessary to get the
|
4
|
+
application up and running.
|
5
|
+
|
6
|
+
Things you may want to cover:
|
7
|
+
|
8
|
+
* Ruby version
|
9
|
+
|
10
|
+
* System dependencies
|
11
|
+
|
12
|
+
* Configuration
|
13
|
+
|
14
|
+
* Database creation
|
15
|
+
|
16
|
+
* Database initialization
|
17
|
+
|
18
|
+
* How to run the test suite
|
19
|
+
|
20
|
+
* Services (job queues, cache servers, search engines, etc.)
|
21
|
+
|
22
|
+
* Deployment instructions
|
23
|
+
|
24
|
+
* ...
|
25
|
+
|
26
|
+
|
27
|
+
Please feel free to use a different markup language if you do not plan to run
|
28
|
+
<tt>rake doc:app</tt>.
|
data/spec/dummy/Rakefile
ADDED
File without changes
|
@@ -0,0 +1,13 @@
|
|
1
|
+
// This is a manifest file that'll be compiled into application.js, which will include all the files
|
2
|
+
// listed below.
|
3
|
+
//
|
4
|
+
// Any JavaScript/Coffee file within this directory, lib/assets/javascripts, vendor/assets/javascripts,
|
5
|
+
// or vendor/assets/javascripts of plugins, if any, can be referenced here using a relative path.
|
6
|
+
//
|
7
|
+
// It's not advisable to add code directly here, but if you do, it'll appear at the bottom of the
|
8
|
+
// compiled file.
|
9
|
+
//
|
10
|
+
// Read Sprockets README (https://github.com/sstephenson/sprockets#sprockets-directives) for details
|
11
|
+
// about supported directives.
|
12
|
+
//
|
13
|
+
//= require_tree .
|
@@ -0,0 +1,15 @@
|
|
1
|
+
/*
|
2
|
+
* This is a manifest file that'll be compiled into application.css, which will include all the files
|
3
|
+
* listed below.
|
4
|
+
*
|
5
|
+
* Any CSS and SCSS file within this directory, lib/assets/stylesheets, vendor/assets/stylesheets,
|
6
|
+
* or vendor/assets/stylesheets of plugins, if any, can be referenced here using a relative path.
|
7
|
+
*
|
8
|
+
* You're free to add application-wide styles to this file and they'll appear at the bottom of the
|
9
|
+
* compiled file so the styles you add here take precedence over styles defined in any styles
|
10
|
+
* defined in the other CSS/SCSS files in this directory. It is generally better to create a new
|
11
|
+
* file per style scope.
|
12
|
+
*
|
13
|
+
*= require_tree .
|
14
|
+
*= require_self
|
15
|
+
*/
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
@@ -0,0 +1,7 @@
|
|
1
|
+
class User < ActiveRecord::Base
|
2
|
+
# Include default devise modules. Others available are:
|
3
|
+
# :confirmable, :lockable, :timeoutable and :omniauthable
|
4
|
+
devise :database_authenticatable, :registerable,
|
5
|
+
:recoverable, :rememberable, :trackable, :validatable
|
6
|
+
devise :database_authenticatable, :doorkeeper
|
7
|
+
end
|
@@ -0,0 +1,14 @@
|
|
1
|
+
<!DOCTYPE html>
|
2
|
+
<html>
|
3
|
+
<head>
|
4
|
+
<title>Dummy</title>
|
5
|
+
<%= stylesheet_link_tag 'application', media: 'all', 'data-turbolinks-track' => true %>
|
6
|
+
<%= javascript_include_tag 'application', 'data-turbolinks-track' => true %>
|
7
|
+
<%= csrf_meta_tags %>
|
8
|
+
</head>
|
9
|
+
<body>
|
10
|
+
|
11
|
+
<%= yield %>
|
12
|
+
|
13
|
+
</body>
|
14
|
+
</html>
|
File without changes
|
data/spec/dummy/bin/rake
ADDED
@@ -0,0 +1,28 @@
|
|
1
|
+
require File.expand_path('../boot', __FILE__)
|
2
|
+
|
3
|
+
# Pick the frameworks you want:
|
4
|
+
require "active_record/railtie"
|
5
|
+
require "action_controller/railtie"
|
6
|
+
require "action_mailer/railtie"
|
7
|
+
require "action_view/railtie"
|
8
|
+
require "sprockets/railtie"
|
9
|
+
|
10
|
+
Bundler.require(*Rails.groups)
|
11
|
+
require 'devise/doorkeeper'
|
12
|
+
# require 'devise-doorkeeper'
|
13
|
+
|
14
|
+
module Dummy
|
15
|
+
class Application < Rails::Application
|
16
|
+
# Settings in config/environments/* take precedence over those specified here.
|
17
|
+
# Application configuration should go into files in config/initializers
|
18
|
+
# -- all .rb files in that directory are automatically loaded.
|
19
|
+
|
20
|
+
# Set Time.zone default to the specified zone and make Active Record auto-convert to this zone.
|
21
|
+
# Run "rake -D time" for a list of tasks for finding time zone names. Default is UTC.
|
22
|
+
# config.time_zone = 'Central Time (US & Canada)'
|
23
|
+
|
24
|
+
# The default locale is :en and all translations from config/locales/*.rb,yml are auto loaded.
|
25
|
+
# config.i18n.load_path += Dir[Rails.root.join('my', 'locales', '*.{rb,yml}').to_s]
|
26
|
+
# config.i18n.default_locale = :de
|
27
|
+
end
|
28
|
+
end
|