devise_oauth2_providable 0.3.1 → 0.3.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- data/lib/devise_oauth2_providable.rb +5 -0
- data/lib/devise_oauth2_providable/models/oauth2_authorization_code_grantable.rb +6 -0
- data/lib/devise_oauth2_providable/strategies/oauth2_authorization_code_grant_type_strategy.rb +21 -0
- data/lib/devise_oauth2_providable/version.rb +1 -1
- data/spec/rails_app/app/models/user.rb +1 -1
- data/spec/rails_app/spec/integration/oauth2_authorization_token_grant_type_strategy_spec.rb +62 -0
- metadata +7 -3
|
@@ -6,8 +6,10 @@ require 'devise_oauth2_providable/schema'
|
|
|
6
6
|
require 'devise_oauth2_providable/engine'
|
|
7
7
|
require 'devise_oauth2_providable/strategies/oauth2_password_grant_type_strategy'
|
|
8
8
|
require 'devise_oauth2_providable/strategies/oauth2_refresh_token_grant_type_strategy'
|
|
9
|
+
require 'devise_oauth2_providable/strategies/oauth2_authorization_code_grant_type_strategy'
|
|
9
10
|
require 'devise_oauth2_providable/models/oauth2_password_grantable'
|
|
10
11
|
require 'devise_oauth2_providable/models/oauth2_refresh_token_grantable'
|
|
12
|
+
require 'devise_oauth2_providable/models/oauth2_authorization_code_grantable'
|
|
11
13
|
|
|
12
14
|
module Devise
|
|
13
15
|
module Oauth2Providable
|
|
@@ -28,3 +30,6 @@ Devise.add_module(:oauth2_password_grantable,
|
|
|
28
30
|
Devise.add_module(:oauth2_refresh_token_grantable,
|
|
29
31
|
:strategy => true,
|
|
30
32
|
:model => 'devise_oauth2_providable/models/oauth2_refresh_token_grantable')
|
|
33
|
+
Devise.add_module(:oauth2_authorization_code_grantable,
|
|
34
|
+
:strategy => true,
|
|
35
|
+
:model => 'devise_oauth2_providable/models/oauth2_authorization_code_grantable')
|
|
@@ -0,0 +1,21 @@
|
|
|
1
|
+
require 'devise_oauth2_providable/strategies/oauth2_grant_type_strategy'
|
|
2
|
+
|
|
3
|
+
module Devise
|
|
4
|
+
module Strategies
|
|
5
|
+
class Oauth2AuthorizationCodeGrantTypeStrategy < Oauth2GrantTypeStrategy
|
|
6
|
+
def grant_type
|
|
7
|
+
'authorization_code'
|
|
8
|
+
end
|
|
9
|
+
|
|
10
|
+
def authenticate!
|
|
11
|
+
if client && code = AuthorizationCode.valid.find_by_token(params[:code])
|
|
12
|
+
success! code.user
|
|
13
|
+
elsif !halted?
|
|
14
|
+
oauth_error! :invalid_grant, 'invalid authorization code request'
|
|
15
|
+
end
|
|
16
|
+
end
|
|
17
|
+
end
|
|
18
|
+
end
|
|
19
|
+
end
|
|
20
|
+
|
|
21
|
+
Warden::Strategies.add(:oauth2_authorization_code_grantable, Devise::Strategies::Oauth2AuthorizationCodeGrantTypeStrategy)
|
|
@@ -1,3 +1,3 @@
|
|
|
1
1
|
class User < ActiveRecord::Base
|
|
2
|
-
devise :database_authenticatable, :oauth2_providable, :oauth2_password_grantable, :oauth2_refresh_token_grantable
|
|
2
|
+
devise :database_authenticatable, :oauth2_providable, :oauth2_password_grantable, :oauth2_refresh_token_grantable, :oauth2_authorization_code_grantable
|
|
3
3
|
end
|
|
@@ -0,0 +1,62 @@
|
|
|
1
|
+
require 'spec_helper'
|
|
2
|
+
|
|
3
|
+
describe Devise::Strategies::Oauth2AuthorizationCodeGrantTypeStrategy do
|
|
4
|
+
describe 'POST /oauth2/token' do
|
|
5
|
+
describe 'with grant_type=authorization_code' do
|
|
6
|
+
context 'with valid params' do
|
|
7
|
+
before do
|
|
8
|
+
@user = User.create! :email => 'ryan@socialcast.com', :name => 'ryan sonnek', :password => 'test'
|
|
9
|
+
@client = Client.create! :name => 'example', :redirect_uri => 'http://localhost', :website => 'http://localhost'
|
|
10
|
+
@authorization_code = @user.authorization_codes.create(:client_id => @client, :redirect_uri => @client.redirect_uri)
|
|
11
|
+
params = {
|
|
12
|
+
:grant_type => 'authorization_code',
|
|
13
|
+
:client_id => @client.identifier,
|
|
14
|
+
:client_secret => @client.secret,
|
|
15
|
+
:code => @authorization_code.token
|
|
16
|
+
}
|
|
17
|
+
|
|
18
|
+
post '/oauth2/token', params
|
|
19
|
+
end
|
|
20
|
+
it { response.code.to_i.should == 200 }
|
|
21
|
+
it { response.content_type.should == 'application/json' }
|
|
22
|
+
it 'returns json' do
|
|
23
|
+
token = AccessToken.last
|
|
24
|
+
refresh_token = RefreshToken.last
|
|
25
|
+
expected = {
|
|
26
|
+
:token_type => 'bearer',
|
|
27
|
+
:expires_in => 899,
|
|
28
|
+
:refresh_token => refresh_token.token,
|
|
29
|
+
:access_token => token.token
|
|
30
|
+
}
|
|
31
|
+
response.body.should match_json(expected)
|
|
32
|
+
end
|
|
33
|
+
end
|
|
34
|
+
context 'with invalid authorization_code' do
|
|
35
|
+
before do
|
|
36
|
+
@user = User.create! :email => 'ryan@socialcast.com', :name => 'ryan sonnek', :password => 'test'
|
|
37
|
+
@client = Client.create! :name => 'example', :redirect_uri => 'http://localhost', :website => 'http://localhost'
|
|
38
|
+
@authorization_code = @user.authorization_codes.create(:client_id => @client, :redirect_uri => @client.redirect_uri)
|
|
39
|
+
params = {
|
|
40
|
+
:grant_type => 'authorization_code',
|
|
41
|
+
:client_id => @client.identifier,
|
|
42
|
+
:client_secret => @client.secret,
|
|
43
|
+
:refresh_token => 'invalid'
|
|
44
|
+
}
|
|
45
|
+
|
|
46
|
+
post '/oauth2/token', params
|
|
47
|
+
end
|
|
48
|
+
it { response.code.to_i.should == 400 }
|
|
49
|
+
it { response.content_type.should == 'application/json' }
|
|
50
|
+
it 'returns json' do
|
|
51
|
+
token = AccessToken.last
|
|
52
|
+
refresh_token = @refresh_token
|
|
53
|
+
expected = {
|
|
54
|
+
:error => 'invalid_grant',
|
|
55
|
+
:error_description => 'invalid authorization code request'
|
|
56
|
+
}
|
|
57
|
+
response.body.should match_json(expected)
|
|
58
|
+
end
|
|
59
|
+
end
|
|
60
|
+
end
|
|
61
|
+
end
|
|
62
|
+
end
|
metadata
CHANGED
|
@@ -1,13 +1,13 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: devise_oauth2_providable
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
hash:
|
|
4
|
+
hash: 23
|
|
5
5
|
prerelease:
|
|
6
6
|
segments:
|
|
7
7
|
- 0
|
|
8
8
|
- 3
|
|
9
|
-
-
|
|
10
|
-
version: 0.3.
|
|
9
|
+
- 2
|
|
10
|
+
version: 0.3.2
|
|
11
11
|
platform: ruby
|
|
12
12
|
authors:
|
|
13
13
|
- Ryan Sonnek
|
|
@@ -112,9 +112,11 @@ files:
|
|
|
112
112
|
- lib/devise_oauth2_providable.rb
|
|
113
113
|
- lib/devise_oauth2_providable/engine.rb
|
|
114
114
|
- lib/devise_oauth2_providable/model.rb
|
|
115
|
+
- lib/devise_oauth2_providable/models/oauth2_authorization_code_grantable.rb
|
|
115
116
|
- lib/devise_oauth2_providable/models/oauth2_password_grantable.rb
|
|
116
117
|
- lib/devise_oauth2_providable/models/oauth2_refresh_token_grantable.rb
|
|
117
118
|
- lib/devise_oauth2_providable/schema.rb
|
|
119
|
+
- lib/devise_oauth2_providable/strategies/oauth2_authorization_code_grant_type_strategy.rb
|
|
118
120
|
- lib/devise_oauth2_providable/strategies/oauth2_grant_type_strategy.rb
|
|
119
121
|
- lib/devise_oauth2_providable/strategies/oauth2_password_grant_type_strategy.rb
|
|
120
122
|
- lib/devise_oauth2_providable/strategies/oauth2_refresh_token_grant_type_strategy.rb
|
|
@@ -169,6 +171,7 @@ files:
|
|
|
169
171
|
- spec/rails_app/script/rails
|
|
170
172
|
- spec/rails_app/spec/controllers/protected_controller_spec.rb
|
|
171
173
|
- spec/rails_app/spec/controllers/tokens_controller_spec.rb
|
|
174
|
+
- spec/rails_app/spec/integration/oauth2_authorization_token_grant_type_strategy_spec.rb
|
|
172
175
|
- spec/rails_app/spec/integration/oauth2_password_grant_type_strategy_spec.rb
|
|
173
176
|
- spec/rails_app/spec/integration/oauth2_refresh_token_grant_type_strategy_spec.rb
|
|
174
177
|
- spec/rails_app/spec/models/access_token_spec.rb
|
|
@@ -261,6 +264,7 @@ test_files:
|
|
|
261
264
|
- spec/rails_app/script/rails
|
|
262
265
|
- spec/rails_app/spec/controllers/protected_controller_spec.rb
|
|
263
266
|
- spec/rails_app/spec/controllers/tokens_controller_spec.rb
|
|
267
|
+
- spec/rails_app/spec/integration/oauth2_authorization_token_grant_type_strategy_spec.rb
|
|
264
268
|
- spec/rails_app/spec/integration/oauth2_password_grant_type_strategy_spec.rb
|
|
265
269
|
- spec/rails_app/spec/integration/oauth2_refresh_token_grant_type_strategy_spec.rb
|
|
266
270
|
- spec/rails_app/spec/models/access_token_spec.rb
|