devise-doorkeeper 1.1.2 → 1.2.0.ci.133.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +5 -5
- data/.gitignore +3 -0
- data/.ruby-version +1 -1
- data/.travis.yml +3 -0
- data/LICENSE.txt +1 -1
- data/devise-doorkeeper.gemspec +13 -13
- data/lib/devise/doorkeeper/doorkeeper_failure_app.rb +14 -0
- data/lib/devise/doorkeeper/unconfirmed_resource_response.rb +23 -0
- data/lib/devise/doorkeeper/version.rb +1 -1
- data/lib/devise/strategies/doorkeeper.rb +11 -1
- data/spec/dummy/app/assets/config/manifest.js +3 -0
- data/spec/dummy/app/models/user.rb +5 -1
- data/spec/dummy/config/locales/doorkeeper.en.yml +2 -0
- data/spec/dummy/db/migrate/20150120154622_create_users.rb +1 -1
- data/spec/dummy/db/migrate/20150120154657_create_doorkeeper_tables.rb +1 -1
- data/spec/dummy/db/migrate/20150120162830_add_devise_to_users.rb +1 -1
- data/spec/dummy/db/migrate/20210301163315_add_confidential_to_doorkeeper_application.rb +11 -0
- data/spec/dummy/db/migrate/20210301204550_add_confirmable_field_to_users.rb +11 -0
- data/spec/dummy/db/schema.rb +18 -24
- data/spec/factories/access_tokens.rb +1 -1
- data/spec/factories/applications.rb +3 -5
- data/spec/factories/users.rb +6 -1
- data/spec/requests/oauth/bearer_tokens_spec.rb +44 -22
- data/spec/requests/oauth/password_grant_spec.rb +6 -6
- data/spec/support/{factory_girl.rb → factory_bot.rb} +2 -2
- metadata +57 -51
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
|
-
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
2
|
+
SHA256:
|
|
3
|
+
metadata.gz: b0b329edf4d98ff84bdcd1d2a481e36c331bfc307f718d81f503ca69dad46174
|
|
4
|
+
data.tar.gz: 9f4e39359852ca3956447d654d64f5de7a42fa8d0ac96b6f5ea86627c0a97b39
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: a3fe30fadabedfc3d51a28cb38aac43b626ee49f63ecf61ba9634e4cc8a6dd94d69374cb963e7d4c5e7f614a7e8f8b1216b582293a2c6cd936981f5f2eb87d78
|
|
7
|
+
data.tar.gz: 3bb0b4751de1c1f9bd8ed5188bbcf3badd6d14044e8c7b20df2ddf091adbe1bdf17f117e3edc9b27fd89286a0b875052373f2a941852e3243b268b63bfaa19aa
|
data/.gitignore
CHANGED
data/.ruby-version
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
2.
|
|
1
|
+
2.6.6
|
data/.travis.yml
CHANGED
data/LICENSE.txt
CHANGED
data/devise-doorkeeper.gemspec
CHANGED
|
@@ -6,8 +6,8 @@ require 'devise/doorkeeper/version'
|
|
|
6
6
|
Gem::Specification.new do |spec|
|
|
7
7
|
spec.name = 'devise-doorkeeper'
|
|
8
8
|
spec.version = Devise::Doorkeeper::VERSION
|
|
9
|
-
spec.authors = ['
|
|
10
|
-
spec.email = ['
|
|
9
|
+
spec.authors = ['BetterUp']
|
|
10
|
+
spec.email = ['developers@betterup.co']
|
|
11
11
|
spec.summary = %q{ Integrate Doorkeeper OAuth2 tokens into Devise applications }
|
|
12
12
|
spec.description = %q{ Support authentication via OAuth2 tokens dispensed from the Doorkeeper authorization flow }
|
|
13
13
|
spec.homepage = ''
|
|
@@ -22,17 +22,17 @@ Gem::Specification.new do |spec|
|
|
|
22
22
|
spec.add_dependency 'devise'
|
|
23
23
|
spec.add_dependency 'doorkeeper'
|
|
24
24
|
|
|
25
|
-
spec.add_development_dependency 'bundler', '~>
|
|
26
|
-
spec.add_development_dependency 'rspec-rails'
|
|
27
|
-
spec.add_development_dependency '
|
|
28
|
-
spec.add_development_dependency 'factory_girl_rspec'
|
|
29
|
-
spec.add_development_dependency 'faker'
|
|
30
|
-
spec.add_development_dependency 'json_spec'
|
|
31
|
-
spec.add_development_dependency 'sqlite3'
|
|
32
|
-
spec.add_development_dependency 'coveralls'
|
|
33
|
-
spec.add_development_dependency 'pry'
|
|
34
|
-
spec.add_development_dependency 'rake', '~>
|
|
35
|
-
spec.add_development_dependency 'travis'
|
|
25
|
+
spec.add_development_dependency 'bundler', '~> 2.2'
|
|
26
|
+
spec.add_development_dependency 'rspec-rails', '~> 4.0'
|
|
27
|
+
spec.add_development_dependency 'factory_bot_rails', '~> 6.1'
|
|
28
|
+
spec.add_development_dependency 'factory_girl_rspec', '~> 3.0'
|
|
29
|
+
spec.add_development_dependency 'faker', '~> 2.16'
|
|
30
|
+
spec.add_development_dependency 'json_spec', '~> 1.1'
|
|
31
|
+
spec.add_development_dependency 'sqlite3', '~> 1.3.11'
|
|
32
|
+
spec.add_development_dependency 'coveralls', '~> 0.8'
|
|
33
|
+
spec.add_development_dependency 'pry', '~> 0.14'
|
|
34
|
+
spec.add_development_dependency 'rake', '~> 13.0'
|
|
35
|
+
spec.add_development_dependency 'travis', '~> 1.10'
|
|
36
36
|
|
|
37
37
|
# configure gem version for continuous integration builds
|
|
38
38
|
if ENV['TRAVIS_JOB_NUMBER']
|
|
@@ -1,4 +1,5 @@
|
|
|
1
1
|
require 'devise/strategies/doorkeeper'
|
|
2
|
+
require 'devise/doorkeeper/unconfirmed_resource_response'
|
|
2
3
|
|
|
3
4
|
module Devise
|
|
4
5
|
module Doorkeeper
|
|
@@ -6,6 +7,8 @@ module Devise
|
|
|
6
7
|
def respond
|
|
7
8
|
if oauth_error?
|
|
8
9
|
invalid_oauth_token
|
|
10
|
+
elsif unconfirmed_resource?
|
|
11
|
+
unconfirmed_resource
|
|
9
12
|
else
|
|
10
13
|
super
|
|
11
14
|
end
|
|
@@ -17,12 +20,23 @@ module Devise
|
|
|
17
20
|
warden_message == Devise::Strategies::Doorkeeper::WARDEN_INVALID_TOKEN_MESSAGE
|
|
18
21
|
end
|
|
19
22
|
|
|
23
|
+
def unconfirmed_resource?
|
|
24
|
+
warden_message == Devise::Strategies::Doorkeeper::WARDEN_UNCONFIRMED_RESOURCE_MESSAGE
|
|
25
|
+
end
|
|
26
|
+
|
|
20
27
|
def invalid_oauth_token
|
|
21
28
|
error = ::Doorkeeper::OAuth::InvalidTokenResponse.new
|
|
22
29
|
headers.merge! error.headers
|
|
23
30
|
self.response_body = error.body.to_json
|
|
24
31
|
self.status = error.status
|
|
25
32
|
end
|
|
33
|
+
|
|
34
|
+
def unconfirmed_resource
|
|
35
|
+
error = UnconfirmedResourceResponse.new
|
|
36
|
+
headers.merge! error.headers
|
|
37
|
+
self.response_body = error.body.to_json
|
|
38
|
+
self.status = error.status
|
|
39
|
+
end
|
|
26
40
|
end
|
|
27
41
|
end
|
|
28
42
|
end
|
|
@@ -0,0 +1,23 @@
|
|
|
1
|
+
require 'devise/strategies/doorkeeper'
|
|
2
|
+
|
|
3
|
+
module Devise
|
|
4
|
+
module Doorkeeper
|
|
5
|
+
class UnconfirmedResourceResponse < ::Doorkeeper::OAuth::ErrorResponse
|
|
6
|
+
def initialize(attributes = {})
|
|
7
|
+
super(attributes.merge(name: :unconfirmed_resource, state: :locked))
|
|
8
|
+
end
|
|
9
|
+
|
|
10
|
+
def status
|
|
11
|
+
:locked
|
|
12
|
+
end
|
|
13
|
+
|
|
14
|
+
def description
|
|
15
|
+
@description ||= I18n.translate('doorkeeper.errors.messages.unconfirmed_resource')
|
|
16
|
+
end
|
|
17
|
+
|
|
18
|
+
def exception_class
|
|
19
|
+
::Doorkeeper::Errors::DoorkeeperError
|
|
20
|
+
end
|
|
21
|
+
end
|
|
22
|
+
end
|
|
23
|
+
end
|
|
@@ -7,6 +7,7 @@ module Devise
|
|
|
7
7
|
module Strategies
|
|
8
8
|
class Doorkeeper < ::Devise::Strategies::Authenticatable
|
|
9
9
|
WARDEN_INVALID_TOKEN_MESSAGE = :invalid_token
|
|
10
|
+
WARDEN_UNCONFIRMED_RESOURCE_MESSAGE = :unconfirmed_resource
|
|
10
11
|
|
|
11
12
|
def valid?
|
|
12
13
|
credentials = ::Doorkeeper::OAuth::Token.from_request(request, *access_token_methods)
|
|
@@ -17,7 +18,11 @@ module Devise
|
|
|
17
18
|
resource = resource_from_token
|
|
18
19
|
if validate(resource)
|
|
19
20
|
request.env['devise.skip_trackable'] = true
|
|
20
|
-
|
|
21
|
+
if resource.active_for_authentication?
|
|
22
|
+
success!(resource)
|
|
23
|
+
else
|
|
24
|
+
unconfirmed_resource
|
|
25
|
+
end
|
|
21
26
|
else
|
|
22
27
|
invalid_token
|
|
23
28
|
end
|
|
@@ -48,6 +53,11 @@ module Devise
|
|
|
48
53
|
mapping.to.find(token.resource_owner_id)
|
|
49
54
|
end
|
|
50
55
|
|
|
56
|
+
def unconfirmed_resource
|
|
57
|
+
fail!(WARDEN_UNCONFIRMED_RESOURCE_MESSAGE)
|
|
58
|
+
throw :warden
|
|
59
|
+
end
|
|
60
|
+
|
|
51
61
|
def invalid_token
|
|
52
62
|
fail!(WARDEN_INVALID_TOKEN_MESSAGE)
|
|
53
63
|
throw :warden
|
|
@@ -2,6 +2,10 @@ class User < ActiveRecord::Base
|
|
|
2
2
|
# Include default devise modules. Others available are:
|
|
3
3
|
# :confirmable, :lockable, :timeoutable and :omniauthable
|
|
4
4
|
devise :database_authenticatable, :registerable,
|
|
5
|
-
:recoverable, :rememberable, :trackable, :validatable
|
|
5
|
+
:recoverable, :rememberable, :trackable, :validatable, :confirmable
|
|
6
6
|
devise :database_authenticatable, :doorkeeper
|
|
7
|
+
|
|
8
|
+
def send_confirmation_notification?
|
|
9
|
+
false
|
|
10
|
+
end
|
|
7
11
|
end
|
|
@@ -0,0 +1,11 @@
|
|
|
1
|
+
class AddConfirmableFieldToUsers < ActiveRecord::Migration[5.0]
|
|
2
|
+
def change
|
|
3
|
+
change_table(:users) do |t|
|
|
4
|
+
## Confirmable
|
|
5
|
+
t.string :confirmation_token
|
|
6
|
+
t.datetime :confirmed_at
|
|
7
|
+
t.datetime :confirmation_sent_at
|
|
8
|
+
t.string :unconfirmed_email # Only if using reconfirmable
|
|
9
|
+
end
|
|
10
|
+
end
|
|
11
|
+
end
|
data/spec/dummy/db/schema.rb
CHANGED
|
@@ -1,4 +1,3 @@
|
|
|
1
|
-
# encoding: UTF-8
|
|
2
1
|
# This file is auto-generated from the current state of the database. Instead
|
|
3
2
|
# of editing this file, please use the migrations feature of Active Record to
|
|
4
3
|
# incrementally modify your database, and then regenerate this schema definition.
|
|
@@ -11,7 +10,7 @@
|
|
|
11
10
|
#
|
|
12
11
|
# It's strongly recommended that you check this file into your version control system.
|
|
13
12
|
|
|
14
|
-
ActiveRecord::Schema.define(version:
|
|
13
|
+
ActiveRecord::Schema.define(version: 20210301204550) do
|
|
15
14
|
|
|
16
15
|
create_table "oauth_access_grants", force: :cascade do |t|
|
|
17
16
|
t.integer "resource_owner_id", null: false
|
|
@@ -22,10 +21,9 @@ ActiveRecord::Schema.define(version: 20150120162830) do
|
|
|
22
21
|
t.datetime "created_at", null: false
|
|
23
22
|
t.datetime "revoked_at"
|
|
24
23
|
t.string "scopes"
|
|
24
|
+
t.index ["token"], name: "index_oauth_access_grants_on_token", unique: true
|
|
25
25
|
end
|
|
26
26
|
|
|
27
|
-
add_index "oauth_access_grants", ["token"], name: "index_oauth_access_grants_on_token", unique: true
|
|
28
|
-
|
|
29
27
|
create_table "oauth_access_tokens", force: :cascade do |t|
|
|
30
28
|
t.integer "resource_owner_id"
|
|
31
29
|
t.integer "application_id"
|
|
@@ -35,24 +33,23 @@ ActiveRecord::Schema.define(version: 20150120162830) do
|
|
|
35
33
|
t.datetime "revoked_at"
|
|
36
34
|
t.datetime "created_at", null: false
|
|
37
35
|
t.string "scopes"
|
|
36
|
+
t.index ["refresh_token"], name: "index_oauth_access_tokens_on_refresh_token", unique: true
|
|
37
|
+
t.index ["resource_owner_id"], name: "index_oauth_access_tokens_on_resource_owner_id"
|
|
38
|
+
t.index ["token"], name: "index_oauth_access_tokens_on_token", unique: true
|
|
38
39
|
end
|
|
39
40
|
|
|
40
|
-
add_index "oauth_access_tokens", ["refresh_token"], name: "index_oauth_access_tokens_on_refresh_token", unique: true
|
|
41
|
-
add_index "oauth_access_tokens", ["resource_owner_id"], name: "index_oauth_access_tokens_on_resource_owner_id"
|
|
42
|
-
add_index "oauth_access_tokens", ["token"], name: "index_oauth_access_tokens_on_token", unique: true
|
|
43
|
-
|
|
44
41
|
create_table "oauth_applications", force: :cascade do |t|
|
|
45
|
-
t.string "name",
|
|
46
|
-
t.string "uid",
|
|
47
|
-
t.string "secret",
|
|
48
|
-
t.text "redirect_uri",
|
|
49
|
-
t.string "scopes", default: "",
|
|
42
|
+
t.string "name", null: false
|
|
43
|
+
t.string "uid", null: false
|
|
44
|
+
t.string "secret", null: false
|
|
45
|
+
t.text "redirect_uri", null: false
|
|
46
|
+
t.string "scopes", default: "", null: false
|
|
50
47
|
t.datetime "created_at"
|
|
51
48
|
t.datetime "updated_at"
|
|
49
|
+
t.boolean "confidential", default: true, null: false
|
|
50
|
+
t.index ["uid"], name: "index_oauth_applications_on_uid", unique: true
|
|
52
51
|
end
|
|
53
52
|
|
|
54
|
-
add_index "oauth_applications", ["uid"], name: "index_oauth_applications_on_uid", unique: true
|
|
55
|
-
|
|
56
53
|
create_table "users", force: :cascade do |t|
|
|
57
54
|
t.datetime "created_at", null: false
|
|
58
55
|
t.datetime "updated_at", null: false
|
|
@@ -66,15 +63,12 @@ ActiveRecord::Schema.define(version: 20150120162830) do
|
|
|
66
63
|
t.datetime "last_sign_in_at"
|
|
67
64
|
t.string "current_sign_in_ip"
|
|
68
65
|
t.string "last_sign_in_ip"
|
|
69
|
-
|
|
70
|
-
|
|
71
|
-
|
|
72
|
-
|
|
73
|
-
|
|
74
|
-
|
|
75
|
-
t.string "email"
|
|
76
|
-
t.datetime "created_at"
|
|
77
|
-
t.datetime "updated_at"
|
|
66
|
+
t.string "confirmation_token"
|
|
67
|
+
t.datetime "confirmed_at"
|
|
68
|
+
t.datetime "confirmation_sent_at"
|
|
69
|
+
t.string "unconfirmed_email"
|
|
70
|
+
t.index ["email"], name: "index_users_on_email", unique: true
|
|
71
|
+
t.index ["reset_password_token"], name: "index_users_on_reset_password_token", unique: true
|
|
78
72
|
end
|
|
79
73
|
|
|
80
74
|
end
|
|
@@ -1,8 +1,6 @@
|
|
|
1
|
-
|
|
1
|
+
FactoryBot.define do
|
|
2
2
|
factory :application, class: Doorkeeper::Application do
|
|
3
|
-
name 'sample app'
|
|
4
|
-
|
|
5
|
-
# secret { SecureRandom.hex(20) }
|
|
6
|
-
redirect_uri 'urn:ietf:wg:oauth:2.0:oob'
|
|
3
|
+
name { 'sample app' }
|
|
4
|
+
redirect_uri { 'urn:ietf:wg:oauth:2.0:oob' }
|
|
7
5
|
end
|
|
8
6
|
end
|
data/spec/factories/users.rb
CHANGED
|
@@ -1,8 +1,13 @@
|
|
|
1
|
-
|
|
1
|
+
FactoryBot.define do
|
|
2
2
|
sequence(:email) { "jon.doe+#{SecureRandom.hex(10)}@acme.com" }
|
|
3
3
|
|
|
4
4
|
factory :user do
|
|
5
5
|
email { Faker::Internet.email }
|
|
6
6
|
password { Faker::Internet.password }
|
|
7
|
+
confirmed_at { Time.current }
|
|
8
|
+
|
|
9
|
+
trait :when_unconfirmed do
|
|
10
|
+
confirmed_at { nil }
|
|
11
|
+
end
|
|
7
12
|
end
|
|
8
13
|
end
|
|
@@ -3,28 +3,50 @@ require 'rails_helper'
|
|
|
3
3
|
RSpec.describe 'OAuth bearer token requests', type: :request do
|
|
4
4
|
let(:request_path) { '/example.json' }
|
|
5
5
|
context 'with valid access token' do
|
|
6
|
-
|
|
7
|
-
|
|
8
|
-
|
|
9
|
-
|
|
10
|
-
|
|
11
|
-
|
|
12
|
-
|
|
13
|
-
|
|
14
|
-
|
|
15
|
-
|
|
16
|
-
|
|
17
|
-
|
|
18
|
-
|
|
19
|
-
|
|
6
|
+
context 'when user confirmed' do
|
|
7
|
+
let(:access_token) { create(:access_token) }
|
|
8
|
+
let(:headers) do
|
|
9
|
+
{
|
|
10
|
+
'Authorization' => "Bearer #{access_token.token}"
|
|
11
|
+
}
|
|
12
|
+
end
|
|
13
|
+
let(:params) { {} }
|
|
14
|
+
before do
|
|
15
|
+
@original_timestamp = User.find(access_token.resource_owner_id).last_sign_in_at
|
|
16
|
+
get request_path, params: params, headers: headers
|
|
17
|
+
end
|
|
18
|
+
it { expect(response.status).to eq 200 }
|
|
19
|
+
it 'does not send Set-Cookie headers' do
|
|
20
|
+
expect(response.headers).to_not include 'Set-Cookie'
|
|
21
|
+
end
|
|
22
|
+
it 'does not update the user last_signin_at timestamp' do
|
|
23
|
+
new_timestamp = User.find(access_token.resource_owner_id).last_sign_in_at
|
|
24
|
+
expect(new_timestamp).to eq @original_timestamp
|
|
25
|
+
end
|
|
20
26
|
end
|
|
21
|
-
|
|
22
|
-
|
|
23
|
-
|
|
27
|
+
context 'when user unconfirmed' do
|
|
28
|
+
let(:user) { create(:user, :when_unconfirmed) }
|
|
29
|
+
let(:access_token) { create(:access_token, resource_owner_id: user.id) }
|
|
30
|
+
let(:headers) do
|
|
31
|
+
{
|
|
32
|
+
'Authorization' => "Bearer #{access_token.token}"
|
|
33
|
+
}
|
|
34
|
+
end
|
|
35
|
+
before do
|
|
36
|
+
get request_path, headers: headers
|
|
37
|
+
end
|
|
38
|
+
it { expect(response.status).to eq 423 }
|
|
39
|
+
it do
|
|
40
|
+
expect(JSON.parse(response.body)).to include(
|
|
41
|
+
'error' => 'unconfirmed_resource',
|
|
42
|
+
'error_description' => 'The resource owner account is unconfirmed.',
|
|
43
|
+
'state' => 'locked'
|
|
44
|
+
)
|
|
45
|
+
end
|
|
24
46
|
end
|
|
25
47
|
end
|
|
26
48
|
context 'with expired access token' do
|
|
27
|
-
|
|
49
|
+
let(:access_token) { create(:access_token, expires_in: 0) }
|
|
28
50
|
let(:headers) do
|
|
29
51
|
{
|
|
30
52
|
'Authorization' => "Bearer #{access_token.token}"
|
|
@@ -32,14 +54,14 @@ RSpec.describe 'OAuth bearer token requests', type: :request do
|
|
|
32
54
|
end
|
|
33
55
|
let(:params) { {} }
|
|
34
56
|
before do
|
|
35
|
-
get request_path, params, headers
|
|
57
|
+
get request_path, params: params, headers: headers
|
|
36
58
|
end
|
|
37
59
|
it { expect(response.status).to eq 401 }
|
|
38
60
|
it { expect(response.headers['WWW-Authenticate']).to eq 'Bearer realm="DeviseDoorkeeperApp", error="invalid_token", error_description="The access token is invalid"' }
|
|
39
61
|
it { expect(response.body).to eq '{"error":"invalid_token","error_description":"The access token is invalid","state":"unauthorized"}' }
|
|
40
62
|
end
|
|
41
63
|
context 'with revoked access token' do
|
|
42
|
-
|
|
64
|
+
let(:access_token) { create(:access_token, revoked_at: 1.year.ago) }
|
|
43
65
|
let(:headers) do
|
|
44
66
|
{
|
|
45
67
|
'Authorization' => "Bearer #{access_token.token}"
|
|
@@ -47,7 +69,7 @@ RSpec.describe 'OAuth bearer token requests', type: :request do
|
|
|
47
69
|
end
|
|
48
70
|
let(:params) { {} }
|
|
49
71
|
before do
|
|
50
|
-
get request_path, params, headers
|
|
72
|
+
get request_path, params: params, headers: headers
|
|
51
73
|
end
|
|
52
74
|
it { expect(response.status).to eq 401 }
|
|
53
75
|
end
|
|
@@ -60,7 +82,7 @@ RSpec.describe 'OAuth bearer token requests', type: :request do
|
|
|
60
82
|
end
|
|
61
83
|
let(:params) { {} }
|
|
62
84
|
before do
|
|
63
|
-
get request_path, params, headers
|
|
85
|
+
get request_path, params: params, headers: headers
|
|
64
86
|
end
|
|
65
87
|
it { expect(response.status).to eq 401 }
|
|
66
88
|
end
|
|
@@ -17,13 +17,13 @@ RSpec.describe 'oauth/tokens password grant flow', type: :request do
|
|
|
17
17
|
let(:expected_response) do
|
|
18
18
|
{
|
|
19
19
|
access_token: @new_token.token,
|
|
20
|
-
token_type: '
|
|
20
|
+
token_type: 'Bearer',
|
|
21
21
|
expires_in: 'ignored',
|
|
22
22
|
created_at: 'ignored'
|
|
23
23
|
}.to_json
|
|
24
24
|
end
|
|
25
25
|
before do
|
|
26
|
-
post '/oauth/token', params, headers
|
|
26
|
+
post '/oauth/token', params: params, headers: headers
|
|
27
27
|
@new_token = Doorkeeper::AccessToken.last
|
|
28
28
|
end
|
|
29
29
|
it { expect(response.status).to eq 200 }
|
|
@@ -43,9 +43,9 @@ RSpec.describe 'oauth/tokens password grant flow', type: :request do
|
|
|
43
43
|
end
|
|
44
44
|
let(:headers) { {} }
|
|
45
45
|
before do
|
|
46
|
-
post '/oauth/token', params, headers
|
|
46
|
+
post '/oauth/token', params: params, headers: headers
|
|
47
47
|
end
|
|
48
|
-
it { expect(response.status).to eq
|
|
48
|
+
it { expect(response.status).to eq 400 }
|
|
49
49
|
end
|
|
50
50
|
context 'with invalid username' do
|
|
51
51
|
with :user
|
|
@@ -61,8 +61,8 @@ RSpec.describe 'oauth/tokens password grant flow', type: :request do
|
|
|
61
61
|
end
|
|
62
62
|
let(:headers) { {} }
|
|
63
63
|
before do
|
|
64
|
-
post '/oauth/token', params, headers
|
|
64
|
+
post '/oauth/token', params: params, headers: headers
|
|
65
65
|
end
|
|
66
|
-
it { expect(response.status).to eq
|
|
66
|
+
it { expect(response.status).to eq 400 }
|
|
67
67
|
end
|
|
68
68
|
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: devise-doorkeeper
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.1
|
|
4
|
+
version: 1.2.0.ci.133.1
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
|
-
-
|
|
7
|
+
- BetterUp
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date:
|
|
11
|
+
date: 2021-03-03 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: rails
|
|
@@ -58,158 +58,158 @@ dependencies:
|
|
|
58
58
|
requirements:
|
|
59
59
|
- - "~>"
|
|
60
60
|
- !ruby/object:Gem::Version
|
|
61
|
-
version: '
|
|
61
|
+
version: '2.2'
|
|
62
62
|
type: :development
|
|
63
63
|
prerelease: false
|
|
64
64
|
version_requirements: !ruby/object:Gem::Requirement
|
|
65
65
|
requirements:
|
|
66
66
|
- - "~>"
|
|
67
67
|
- !ruby/object:Gem::Version
|
|
68
|
-
version: '
|
|
68
|
+
version: '2.2'
|
|
69
69
|
- !ruby/object:Gem::Dependency
|
|
70
70
|
name: rspec-rails
|
|
71
71
|
requirement: !ruby/object:Gem::Requirement
|
|
72
72
|
requirements:
|
|
73
|
-
- - "
|
|
73
|
+
- - "~>"
|
|
74
74
|
- !ruby/object:Gem::Version
|
|
75
|
-
version: '0'
|
|
75
|
+
version: '4.0'
|
|
76
76
|
type: :development
|
|
77
77
|
prerelease: false
|
|
78
78
|
version_requirements: !ruby/object:Gem::Requirement
|
|
79
79
|
requirements:
|
|
80
|
-
- - "
|
|
80
|
+
- - "~>"
|
|
81
81
|
- !ruby/object:Gem::Version
|
|
82
|
-
version: '0'
|
|
82
|
+
version: '4.0'
|
|
83
83
|
- !ruby/object:Gem::Dependency
|
|
84
|
-
name:
|
|
84
|
+
name: factory_bot_rails
|
|
85
85
|
requirement: !ruby/object:Gem::Requirement
|
|
86
86
|
requirements:
|
|
87
|
-
- - "
|
|
87
|
+
- - "~>"
|
|
88
88
|
- !ruby/object:Gem::Version
|
|
89
|
-
version: '
|
|
89
|
+
version: '6.1'
|
|
90
90
|
type: :development
|
|
91
91
|
prerelease: false
|
|
92
92
|
version_requirements: !ruby/object:Gem::Requirement
|
|
93
93
|
requirements:
|
|
94
|
-
- - "
|
|
94
|
+
- - "~>"
|
|
95
95
|
- !ruby/object:Gem::Version
|
|
96
|
-
version: '
|
|
96
|
+
version: '6.1'
|
|
97
97
|
- !ruby/object:Gem::Dependency
|
|
98
98
|
name: factory_girl_rspec
|
|
99
99
|
requirement: !ruby/object:Gem::Requirement
|
|
100
100
|
requirements:
|
|
101
|
-
- - "
|
|
101
|
+
- - "~>"
|
|
102
102
|
- !ruby/object:Gem::Version
|
|
103
|
-
version: '0'
|
|
103
|
+
version: '3.0'
|
|
104
104
|
type: :development
|
|
105
105
|
prerelease: false
|
|
106
106
|
version_requirements: !ruby/object:Gem::Requirement
|
|
107
107
|
requirements:
|
|
108
|
-
- - "
|
|
108
|
+
- - "~>"
|
|
109
109
|
- !ruby/object:Gem::Version
|
|
110
|
-
version: '0'
|
|
110
|
+
version: '3.0'
|
|
111
111
|
- !ruby/object:Gem::Dependency
|
|
112
112
|
name: faker
|
|
113
113
|
requirement: !ruby/object:Gem::Requirement
|
|
114
114
|
requirements:
|
|
115
|
-
- - "
|
|
115
|
+
- - "~>"
|
|
116
116
|
- !ruby/object:Gem::Version
|
|
117
|
-
version: '
|
|
117
|
+
version: '2.16'
|
|
118
118
|
type: :development
|
|
119
119
|
prerelease: false
|
|
120
120
|
version_requirements: !ruby/object:Gem::Requirement
|
|
121
121
|
requirements:
|
|
122
|
-
- - "
|
|
122
|
+
- - "~>"
|
|
123
123
|
- !ruby/object:Gem::Version
|
|
124
|
-
version: '
|
|
124
|
+
version: '2.16'
|
|
125
125
|
- !ruby/object:Gem::Dependency
|
|
126
126
|
name: json_spec
|
|
127
127
|
requirement: !ruby/object:Gem::Requirement
|
|
128
128
|
requirements:
|
|
129
|
-
- - "
|
|
129
|
+
- - "~>"
|
|
130
130
|
- !ruby/object:Gem::Version
|
|
131
|
-
version: '
|
|
131
|
+
version: '1.1'
|
|
132
132
|
type: :development
|
|
133
133
|
prerelease: false
|
|
134
134
|
version_requirements: !ruby/object:Gem::Requirement
|
|
135
135
|
requirements:
|
|
136
|
-
- - "
|
|
136
|
+
- - "~>"
|
|
137
137
|
- !ruby/object:Gem::Version
|
|
138
|
-
version: '
|
|
138
|
+
version: '1.1'
|
|
139
139
|
- !ruby/object:Gem::Dependency
|
|
140
140
|
name: sqlite3
|
|
141
141
|
requirement: !ruby/object:Gem::Requirement
|
|
142
142
|
requirements:
|
|
143
|
-
- - "
|
|
143
|
+
- - "~>"
|
|
144
144
|
- !ruby/object:Gem::Version
|
|
145
|
-
version:
|
|
145
|
+
version: 1.3.11
|
|
146
146
|
type: :development
|
|
147
147
|
prerelease: false
|
|
148
148
|
version_requirements: !ruby/object:Gem::Requirement
|
|
149
149
|
requirements:
|
|
150
|
-
- - "
|
|
150
|
+
- - "~>"
|
|
151
151
|
- !ruby/object:Gem::Version
|
|
152
|
-
version:
|
|
152
|
+
version: 1.3.11
|
|
153
153
|
- !ruby/object:Gem::Dependency
|
|
154
154
|
name: coveralls
|
|
155
155
|
requirement: !ruby/object:Gem::Requirement
|
|
156
156
|
requirements:
|
|
157
|
-
- - "
|
|
157
|
+
- - "~>"
|
|
158
158
|
- !ruby/object:Gem::Version
|
|
159
|
-
version: '0'
|
|
159
|
+
version: '0.8'
|
|
160
160
|
type: :development
|
|
161
161
|
prerelease: false
|
|
162
162
|
version_requirements: !ruby/object:Gem::Requirement
|
|
163
163
|
requirements:
|
|
164
|
-
- - "
|
|
164
|
+
- - "~>"
|
|
165
165
|
- !ruby/object:Gem::Version
|
|
166
|
-
version: '0'
|
|
166
|
+
version: '0.8'
|
|
167
167
|
- !ruby/object:Gem::Dependency
|
|
168
168
|
name: pry
|
|
169
169
|
requirement: !ruby/object:Gem::Requirement
|
|
170
170
|
requirements:
|
|
171
|
-
- - "
|
|
171
|
+
- - "~>"
|
|
172
172
|
- !ruby/object:Gem::Version
|
|
173
|
-
version: '0'
|
|
173
|
+
version: '0.14'
|
|
174
174
|
type: :development
|
|
175
175
|
prerelease: false
|
|
176
176
|
version_requirements: !ruby/object:Gem::Requirement
|
|
177
177
|
requirements:
|
|
178
|
-
- - "
|
|
178
|
+
- - "~>"
|
|
179
179
|
- !ruby/object:Gem::Version
|
|
180
|
-
version: '0'
|
|
180
|
+
version: '0.14'
|
|
181
181
|
- !ruby/object:Gem::Dependency
|
|
182
182
|
name: rake
|
|
183
183
|
requirement: !ruby/object:Gem::Requirement
|
|
184
184
|
requirements:
|
|
185
185
|
- - "~>"
|
|
186
186
|
- !ruby/object:Gem::Version
|
|
187
|
-
version: '
|
|
187
|
+
version: '13.0'
|
|
188
188
|
type: :development
|
|
189
189
|
prerelease: false
|
|
190
190
|
version_requirements: !ruby/object:Gem::Requirement
|
|
191
191
|
requirements:
|
|
192
192
|
- - "~>"
|
|
193
193
|
- !ruby/object:Gem::Version
|
|
194
|
-
version: '
|
|
194
|
+
version: '13.0'
|
|
195
195
|
- !ruby/object:Gem::Dependency
|
|
196
196
|
name: travis
|
|
197
197
|
requirement: !ruby/object:Gem::Requirement
|
|
198
198
|
requirements:
|
|
199
|
-
- - "
|
|
199
|
+
- - "~>"
|
|
200
200
|
- !ruby/object:Gem::Version
|
|
201
|
-
version: '
|
|
201
|
+
version: '1.10'
|
|
202
202
|
type: :development
|
|
203
203
|
prerelease: false
|
|
204
204
|
version_requirements: !ruby/object:Gem::Requirement
|
|
205
205
|
requirements:
|
|
206
|
-
- - "
|
|
206
|
+
- - "~>"
|
|
207
207
|
- !ruby/object:Gem::Version
|
|
208
|
-
version: '
|
|
208
|
+
version: '1.10'
|
|
209
209
|
description: " Support authentication via OAuth2 tokens dispensed from the Doorkeeper
|
|
210
210
|
authorization flow "
|
|
211
211
|
email:
|
|
212
|
-
-
|
|
212
|
+
- developers@betterup.co
|
|
213
213
|
executables: []
|
|
214
214
|
extensions: []
|
|
215
215
|
extra_rdoc_files: []
|
|
@@ -224,11 +224,13 @@ files:
|
|
|
224
224
|
- devise-doorkeeper.gemspec
|
|
225
225
|
- lib/devise/doorkeeper.rb
|
|
226
226
|
- lib/devise/doorkeeper/doorkeeper_failure_app.rb
|
|
227
|
+
- lib/devise/doorkeeper/unconfirmed_resource_response.rb
|
|
227
228
|
- lib/devise/doorkeeper/version.rb
|
|
228
229
|
- lib/devise/strategies/doorkeeper.rb
|
|
229
230
|
- spec/dummy/.rspec
|
|
230
231
|
- spec/dummy/README.rdoc
|
|
231
232
|
- spec/dummy/Rakefile
|
|
233
|
+
- spec/dummy/app/assets/config/manifest.js
|
|
232
234
|
- spec/dummy/app/assets/images/.keep
|
|
233
235
|
- spec/dummy/app/assets/javascripts/application.js
|
|
234
236
|
- spec/dummy/app/assets/stylesheets/application.css
|
|
@@ -273,6 +275,8 @@ files:
|
|
|
273
275
|
- spec/dummy/db/migrate/20150120154622_create_users.rb
|
|
274
276
|
- spec/dummy/db/migrate/20150120154657_create_doorkeeper_tables.rb
|
|
275
277
|
- spec/dummy/db/migrate/20150120162830_add_devise_to_users.rb
|
|
278
|
+
- spec/dummy/db/migrate/20210301163315_add_confidential_to_doorkeeper_application.rb
|
|
279
|
+
- spec/dummy/db/migrate/20210301204550_add_confirmable_field_to_users.rb
|
|
276
280
|
- spec/dummy/db/schema.rb
|
|
277
281
|
- spec/dummy/lib/assets/.keep
|
|
278
282
|
- spec/dummy/log/.keep
|
|
@@ -288,7 +292,7 @@ files:
|
|
|
288
292
|
- spec/requests/oauth/bearer_tokens_spec.rb
|
|
289
293
|
- spec/requests/oauth/password_grant_spec.rb
|
|
290
294
|
- spec/spec_helper.rb
|
|
291
|
-
- spec/support/
|
|
295
|
+
- spec/support/factory_bot.rb
|
|
292
296
|
- spec/support/json_spec.rb
|
|
293
297
|
- spec/support/pry.rb
|
|
294
298
|
homepage: ''
|
|
@@ -306,12 +310,11 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
|
306
310
|
version: '0'
|
|
307
311
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
|
308
312
|
requirements:
|
|
309
|
-
- - "
|
|
313
|
+
- - ">"
|
|
310
314
|
- !ruby/object:Gem::Version
|
|
311
|
-
version:
|
|
315
|
+
version: 1.3.1
|
|
312
316
|
requirements: []
|
|
313
|
-
|
|
314
|
-
rubygems_version: 2.4.5
|
|
317
|
+
rubygems_version: 3.0.8
|
|
315
318
|
signing_key:
|
|
316
319
|
specification_version: 4
|
|
317
320
|
summary: Integrate Doorkeeper OAuth2 tokens into Devise applications
|
|
@@ -319,6 +322,7 @@ test_files:
|
|
|
319
322
|
- spec/dummy/.rspec
|
|
320
323
|
- spec/dummy/README.rdoc
|
|
321
324
|
- spec/dummy/Rakefile
|
|
325
|
+
- spec/dummy/app/assets/config/manifest.js
|
|
322
326
|
- spec/dummy/app/assets/images/.keep
|
|
323
327
|
- spec/dummy/app/assets/javascripts/application.js
|
|
324
328
|
- spec/dummy/app/assets/stylesheets/application.css
|
|
@@ -363,6 +367,8 @@ test_files:
|
|
|
363
367
|
- spec/dummy/db/migrate/20150120154622_create_users.rb
|
|
364
368
|
- spec/dummy/db/migrate/20150120154657_create_doorkeeper_tables.rb
|
|
365
369
|
- spec/dummy/db/migrate/20150120162830_add_devise_to_users.rb
|
|
370
|
+
- spec/dummy/db/migrate/20210301163315_add_confidential_to_doorkeeper_application.rb
|
|
371
|
+
- spec/dummy/db/migrate/20210301204550_add_confirmable_field_to_users.rb
|
|
366
372
|
- spec/dummy/db/schema.rb
|
|
367
373
|
- spec/dummy/lib/assets/.keep
|
|
368
374
|
- spec/dummy/log/.keep
|
|
@@ -378,6 +384,6 @@ test_files:
|
|
|
378
384
|
- spec/requests/oauth/bearer_tokens_spec.rb
|
|
379
385
|
- spec/requests/oauth/password_grant_spec.rb
|
|
380
386
|
- spec/spec_helper.rb
|
|
381
|
-
- spec/support/
|
|
387
|
+
- spec/support/factory_bot.rb
|
|
382
388
|
- spec/support/json_spec.rb
|
|
383
389
|
- spec/support/pry.rb
|