devise-doorkeeper 1.0.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: b32e3b86de27da2f97a03d959bd4bdafc5821b08
+  data.tar.gz: a5b8239896405c7888b4213d0f7903f4fa10d263
+SHA512:
+  metadata.gz: a0adc93f22dc8297d771c089f50832be2c14efb98a326b38ddc5fc3c1304d671b99ef41f911f356a89f87183fd256ad1c54afc73e3fd8dbaf9c990782b42e681
+  data.tar.gz: 9b4475443e7152d35fe81fa6f89108ac2395c898cdba0fce01e42f62f60ab981d79af1a2e92d01221d4749487a73f0e03214087595a1d0a399dffa50f5240e1d

data/.gitignore

@@ -0,0 +1,17 @@
+/.bundle/
+/.yardoc
+/Gemfile.lock
+/_yardoc/
+/coverage/
+/doc/
+/pkg/
+/spec/reports/
+/tmp/
+*.bundle
+*.so
+*.o
+*.a
+mkmf.log
+*.sqlite3
+*.log
+spec/dummy/tmp

data/.travis.yml

@@ -0,0 +1 @@
+language: ruby

data/Gemfile

@@ -0,0 +1,4 @@
+source 'https://rubygems.org'
+
+# Specify your gem's dependencies in devise-doorkeeper.gemspec
+gemspec

data/LICENSE.txt

@@ -0,0 +1,22 @@
+Copyright (c) 2015 BetterUP, Inc.
+
+MIT License
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.md

@@ -0,0 +1,69 @@
+[![Build Status](https://travis-ci.org/betterup/devise-doorkeeper.svg)](https://travis-ci.org/betterup/devise-doorkeeper)
+# Devise::Doorkeeper
+> Integrates OAuth2 tokens from the Doorkeeper gem into Devise authentication strategies
+
+## Devise/Doorkeeper Integration
+[Devise](https://github.com/plataformatec/devise) and [Doorkeeper](https://github.com/doorkeeper-gem/doorkeeper)
+are complimentary gems.  Doorkeeper's job is to
+dispense OAuth2 tokens and Devise's job is to ensure your resources are protected from
+unauthenticated requests.
+
+The devise-doorkeeper gem allows your existing Devise application to accept OAuth2 tokens
+created by the Doorkeeper authorization flow.
+
+This means you do *not* need to update your controllers to use the `doorkeeper_authorize!`
+filter and can use the standard Devise `authenticate_user!` methods instead.
+
+## Installation
+
+Add this line to your application's Gemfile:
+
+```ruby
+gem 'devise-doorkeeper'
+```
+
+## Configuration
+
+#### Update doorkeeper config
+Update your `config/initializers/doorkeeper.rb` to call
+`Devise::Doorkeeper.configure(self)`.
+
+```ruby
+# config/initializers/doorkeeper.rb
+Doorkeeper.configure do
+  Devise::Doorkeeper.configure(self)
+
+  # extra configuration goes below
+end
+```
+
+#### Add `:doorkeeper` to your list of devise modules
+
+```ruby
+# example app/models/user.rb
+class User
+  devise :doorkeeper
+end
+```
+
+#### Ensure controllers have authentication enabled
+
+```ruby
+# example app/controllers/comments_controller.rb
+class CommentsController < ApplicationController
+  before_action :authenticate_user!
+
+  def index
+    # this action is protected
+    # the devise-doorkeeper gem will permit access via valid OAuth2 tokens
+  end
+end
+```
+
+## [ Contributing ](CONTRIBUTING.md)
+
+1. Fork it ( https://github.com/betterup/devise-doorkeeper/fork )
+2. Create your feature branch (`git checkout -b my-new-feature`)
+3. Commit your changes (`git commit -am 'Add some feature'`)
+4. Push to the branch (`git push origin my-new-feature`)
+5. Create a new Pull Request

data/Rakefile

@@ -0,0 +1,18 @@
+begin
+  require 'bundler/setup'
+rescue LoadError
+  puts 'You must `gem install bundler` and `bundle install` to run rake tasks'
+end
+
+APP_RAKEFILE = File.expand_path("../spec/dummy/Rakefile", __FILE__)
+load 'rails/tasks/engine.rake'
+
+Bundler::GemHelper.install_tasks
+
+require 'rspec/core'
+require 'rspec/core/rake_task'
+
+desc "Run rspec tests."
+RSpec::Core::RakeTask.new(spec: 'app:db:test:prepare')
+task default: :spec
+

data/devise-doorkeeper.gemspec

@@ -0,0 +1,35 @@
+# coding: utf-8
+lib = File.expand_path('../lib', __FILE__)
+$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
+require 'devise/doorkeeper/version'
+
+Gem::Specification.new do |spec|
+  spec.name          = 'devise-doorkeeper'
+  spec.version       = Devise::Doorkeeper::VERSION
+  spec.authors       = ['Ryan Sonnek']
+  spec.email         = ['ryan@codecrate.com']
+  spec.summary       = %q{ Integrate Doorkeeper OAuth2 tokens into Devise applications }
+  spec.description   = %q{ Support authentication via OAuth2 tokens dispensed from the Doorkeeper authorization flow }
+  spec.homepage      = ''
+  spec.license       = 'MIT'
+
+  spec.files         = `git ls-files -z`.split("\x0")
+  spec.executables   = spec.files.grep(%r{^bin/}) { |f| File.basename(f) }
+  spec.test_files    = spec.files.grep(%r{^(test|spec|features)/})
+  spec.require_paths = ['lib']
+
+  spec.add_dependency 'rails'
+  spec.add_dependency 'devise'
+  spec.add_dependency 'doorkeeper'
+
+  spec.add_development_dependency 'bundler', '~> 1.7'
+  spec.add_development_dependency 'rspec-rails'
+  spec.add_development_dependency 'factory_girl_rails'
+  spec.add_development_dependency 'factory_girl_rspec'
+  spec.add_development_dependency 'faker'
+  spec.add_development_dependency 'json_spec'
+  spec.add_development_dependency 'sqlite3'
+  spec.add_development_dependency 'coveralls'
+  spec.add_development_dependency 'pry'
+  spec.add_development_dependency 'rake', '~> 10.0'
+end

data/lib/devise/doorkeeper.rb

@@ -0,0 +1,24 @@
+require 'devise/doorkeeper/version'
+require 'devise/strategies/doorkeeper'
+
+module Devise
+  module Doorkeeper
+    def self.configure(base)
+      base.instance_eval do
+        resource_owner_authenticator do
+          current_user || warden.authenticate!(scope: :user)
+        end
+
+        # configure doorkeeper to use devise database authenticatable plugin
+        resource_owner_from_credentials do
+          user = User.find_for_database_authentication(email: params[:username])
+          if user && user.valid_for_authentication? { user.valid_password?(params[:password]) }
+            user
+          else
+            nil
+          end
+        end
+      end
+    end
+  end
+end

data/lib/devise/doorkeeper/version.rb

@@ -0,0 +1,5 @@
+module Devise
+  module Doorkeeper
+    VERSION = "1.0.0"
+  end
+end

data/lib/devise/strategies/doorkeeper.rb

@@ -0,0 +1,53 @@
+require 'warden'
+require 'doorkeeper'
+require 'devise'
+require 'devise/strategies/authenticatable'
+
+module Devise
+  module Strategies
+    class Doorkeeper < ::Devise::Strategies::Authenticatable
+      def valid?
+        credentials = ::Doorkeeper::OAuth::Token.from_request(request, *access_token_methods)
+        credentials.present?
+      end
+
+      def authenticate!
+        resource = resource_from_token
+        if validate(resource)
+          success!(resource)
+        else
+          invalid_token
+        end
+      end
+
+      private
+
+      def resource_from_token
+        token = ::Doorkeeper.authenticate(request)
+        scopes = ::Doorkeeper.configuration.default_scopes
+        invalid_token unless token && token.acceptable?(scopes)
+        mapping.to.find(token.resource_owner_id)
+      end
+
+      def invalid_token
+        fail!(:invalid_token)
+        throw :warden
+      end
+
+      def access_token_methods
+        ::Doorkeeper.configuration.access_token_methods
+      end
+    end
+  end
+end
+Warden::Strategies.add(:doorkeeper, Devise::Strategies::Doorkeeper)
+Devise.add_module(:doorkeeper, strategy: true)
+
+
+# if ///
+#  error = OAuth::InvalidTokenResponse.from_access_token(doorkeeper_token)
+#   options = doorkeeper_unauthorized_render_options
+# else
+#   error = OAuth::ForbiddenTokenResponse.from_scopes(scopes)
+#   options = doorkeeper_forbidden_render_options
+# end

data/spec/dummy/.rspec

@@ -0,0 +1,2 @@
+--color
+--require spec_helper

data/spec/dummy/README.rdoc

@@ -0,0 +1,28 @@
+== README
+
+This README would normally document whatever steps are necessary to get the
+application up and running.
+
+Things you may want to cover:
+
+* Ruby version
+
+* System dependencies
+
+* Configuration
+
+* Database creation
+
+* Database initialization
+
+* How to run the test suite
+
+* Services (job queues, cache servers, search engines, etc.)
+
+* Deployment instructions
+
+* ...
+
+
+Please feel free to use a different markup language if you do not plan to run
+<tt>rake doc:app</tt>.

data/spec/dummy/Rakefile

@@ -0,0 +1,6 @@
+# Add your own tasks in files placed in lib/tasks ending in .rake,
+# for example lib/tasks/capistrano.rake, and they will automatically be available to Rake.
+
+require File.expand_path('../config/application', __FILE__)
+
+Rails.application.load_tasks

data/spec/dummy/app/assets/javascripts/application.js

@@ -0,0 +1,13 @@
+// This is a manifest file that'll be compiled into application.js, which will include all the files
+// listed below.
+//
+// Any JavaScript/Coffee file within this directory, lib/assets/javascripts, vendor/assets/javascripts,
+// or vendor/assets/javascripts of plugins, if any, can be referenced here using a relative path.
+//
+// It's not advisable to add code directly here, but if you do, it'll appear at the bottom of the
+// compiled file.
+//
+// Read Sprockets README (https://github.com/sstephenson/sprockets#sprockets-directives) for details
+// about supported directives.
+//
+//= require_tree .

data/spec/dummy/app/assets/stylesheets/application.css

@@ -0,0 +1,15 @@
+/*
+ * This is a manifest file that'll be compiled into application.css, which will include all the files
+ * listed below.
+ *
+ * Any CSS and SCSS file within this directory, lib/assets/stylesheets, vendor/assets/stylesheets,
+ * or vendor/assets/stylesheets of plugins, if any, can be referenced here using a relative path.
+ *
+ * You're free to add application-wide styles to this file and they'll appear at the bottom of the
+ * compiled file so the styles you add here take precedence over styles defined in any styles
+ * defined in the other CSS/SCSS files in this directory. It is generally better to create a new
+ * file per style scope.
+ *
+ *= require_tree .
+ *= require_self
+ */

data/spec/dummy/app/controllers/application_controller.rb

@@ -0,0 +1,5 @@
+class ApplicationController < ActionController::Base
+  # Prevent CSRF attacks by raising an exception.
+  # For APIs, you may want to use :null_session instead.
+  protect_from_forgery with: :exception
+end

data/spec/dummy/app/controllers/example_controller.rb

@@ -0,0 +1,7 @@
+class ExampleController < ApplicationController
+  before_action :authenticate_user!
+
+  def index
+    render json: { success: true }
+  end
+end

data/spec/dummy/app/controllers/welcome_controller.rb

@@ -0,0 +1,2 @@
+class WelcomeController < ApplicationController
+end

data/spec/dummy/app/helpers/application_helper.rb

@@ -0,0 +1,2 @@
+module ApplicationHelper
+end

data/spec/dummy/app/models/user.rb

@@ -0,0 +1,7 @@
+class User < ActiveRecord::Base
+  # Include default devise modules. Others available are:
+  # :confirmable, :lockable, :timeoutable and :omniauthable
+  devise :database_authenticatable, :registerable,
+         :recoverable, :rememberable, :trackable, :validatable
+  devise :database_authenticatable, :doorkeeper
+end

data/spec/dummy/app/views/layouts/application.html.erb

@@ -0,0 +1,14 @@
+<!DOCTYPE html>
+<html>
+<head>
+  <title>Dummy</title>
+  <%= stylesheet_link_tag    'application', media: 'all', 'data-turbolinks-track' => true %>
+  <%= javascript_include_tag 'application', 'data-turbolinks-track' => true %>
+  <%= csrf_meta_tags %>
+</head>
+<body>
+
+<%= yield %>
+
+</body>
+</html>

data/spec/dummy/bin/bundle

@@ -0,0 +1,3 @@
+#!/usr/bin/env ruby
+ENV['BUNDLE_GEMFILE'] ||= File.expand_path('../../Gemfile', __FILE__)
+load Gem.bin_path('bundler', 'bundle')

data/spec/dummy/bin/rails

@@ -0,0 +1,4 @@
+#!/usr/bin/env ruby
+APP_PATH = File.expand_path('../../config/application',  __FILE__)
+require_relative '../config/boot'
+require 'rails/commands'

data/spec/dummy/bin/rake

@@ -0,0 +1,4 @@
+#!/usr/bin/env ruby
+require_relative '../config/boot'
+require 'rake'
+Rake.application.run

data/spec/dummy/config.ru

@@ -0,0 +1,4 @@
+# This file is used by Rack-based servers to start the application.
+
+require ::File.expand_path('../config/environment',  __FILE__)
+run Rails.application

data/spec/dummy/config/application.rb

@@ -0,0 +1,28 @@
+require File.expand_path('../boot', __FILE__)
+
+# Pick the frameworks you want:
+require "active_record/railtie"
+require "action_controller/railtie"
+require "action_mailer/railtie"
+require "action_view/railtie"
+require "sprockets/railtie"
+
+Bundler.require(*Rails.groups)
+require 'devise/doorkeeper'
+# require 'devise-doorkeeper'
+
+module Dummy
+  class Application < Rails::Application
+    # Settings in config/environments/* take precedence over those specified here.
+    # Application configuration should go into files in config/initializers
+    # -- all .rb files in that directory are automatically loaded.
+
+    # Set Time.zone default to the specified zone and make Active Record auto-convert to this zone.
+    # Run "rake -D time" for a list of tasks for finding time zone names. Default is UTC.
+    # config.time_zone = 'Central Time (US & Canada)'
+
+    # The default locale is :en and all translations from config/locales/*.rb,yml are auto loaded.
+    # config.i18n.load_path += Dir[Rails.root.join('my', 'locales', '*.{rb,yml}').to_s]
+    # config.i18n.default_locale = :de
+  end
+end