devise_oauth2_providable 0.3.8 → 1.0.0.beta1

Sign up to get free protection for your applications and to get access to all the features.
Files changed (102) hide show
  1. data/.gitignore +33 -2
  2. data/README.md +23 -11
  3. data/Rakefile +8 -1
  4. data/app/controllers/devise/oauth2_providable/authorizations_controller.rb +59 -0
  5. data/app/controllers/{oauth2 → devise/oauth2_providable}/tokens_controller.rb +1 -1
  6. data/app/models/{access_token.rb → devise/oauth2_providable/access_token.rb} +1 -1
  7. data/app/models/{authorization_code.rb → devise/oauth2_providable/authorization_code.rb} +1 -1
  8. data/app/models/{client.rb → devise/oauth2_providable/client.rb} +2 -1
  9. data/app/models/{refresh_token.rb → devise/oauth2_providable/refresh_token.rb} +1 -1
  10. data/app/views/{oauth2 → devise/oauth2_providable}/authorizations/_form.html.erb +1 -1
  11. data/app/views/{oauth2 → devise/oauth2_providable}/authorizations/error.html.erb +0 -0
  12. data/app/views/devise/oauth2_providable/authorizations/new.html.erb +4 -0
  13. data/config/routes.rb +6 -6
  14. data/db/migrate/20111014160714_create_devise_oauth2_providable_schema.rb +55 -0
  15. data/devise_oauth2_providable.gemspec +7 -4
  16. data/lib/{devise_oauth2_providable → devise/oauth2_providable}/engine.rb +2 -1
  17. data/lib/{devise_oauth2_providable → devise/oauth2_providable}/models/oauth2_authorization_code_grantable.rb +0 -0
  18. data/lib/{devise_oauth2_providable → devise/oauth2_providable}/models/oauth2_password_grantable.rb +0 -0
  19. data/lib/devise/oauth2_providable/models/oauth2_providable.rb +13 -0
  20. data/lib/{devise_oauth2_providable → devise/oauth2_providable}/models/oauth2_refresh_token_grantable.rb +0 -0
  21. data/lib/{devise_oauth2_providable → devise/oauth2_providable}/strategies/oauth2_authorization_code_grant_type_strategy.rb +2 -2
  22. data/lib/{devise_oauth2_providable → devise/oauth2_providable}/strategies/oauth2_grant_type_strategy.rb +2 -2
  23. data/lib/{devise_oauth2_providable → devise/oauth2_providable}/strategies/oauth2_password_grant_type_strategy.rb +1 -1
  24. data/lib/{devise_oauth2_providable/strategy.rb → devise/oauth2_providable/strategies/oauth2_providable_strategy.rb} +1 -1
  25. data/lib/{devise_oauth2_providable → devise/oauth2_providable}/strategies/oauth2_refresh_token_grant_type_strategy.rb +1 -1
  26. data/lib/{devise_oauth2_providable → devise/oauth2_providable}/version.rb +1 -1
  27. data/lib/devise_oauth2_providable.rb +16 -14
  28. data/script/rails +6 -0
  29. data/spec/{rails_app/spec/controllers → controllers}/protected_controller_spec.rb +3 -3
  30. data/spec/{rails_app → dummy}/Rakefile +2 -2
  31. data/spec/dummy/app/assets/javascripts/application.js +7 -0
  32. data/spec/dummy/app/assets/stylesheets/application.css +7 -0
  33. data/spec/{rails_app → dummy}/app/controllers/application_controller.rb +0 -0
  34. data/spec/{rails_app → dummy}/app/controllers/protected_controller.rb +0 -0
  35. data/spec/{rails_app → dummy}/app/helpers/application_helper.rb +0 -0
  36. data/spec/{rails_app/lib/tasks → dummy/app/mailers}/.gitkeep +0 -0
  37. data/spec/{rails_app/public/javascripts → dummy/app/models}/.gitkeep +0 -0
  38. data/spec/{rails_app → dummy}/app/models/user.rb +0 -0
  39. data/spec/dummy/app/views/layouts/application.html.erb +14 -0
  40. data/spec/{rails_app → dummy}/config/application.rb +10 -7
  41. data/spec/dummy/config/boot.rb +10 -0
  42. data/spec/{rails_app → dummy}/config/database.yml +3 -0
  43. data/spec/{rails_app → dummy}/config/environment.rb +1 -1
  44. data/spec/{rails_app → dummy}/config/environments/development.rb +8 -4
  45. data/spec/{rails_app → dummy}/config/environments/production.rb +24 -13
  46. data/spec/{rails_app → dummy}/config/environments/test.rb +6 -2
  47. data/spec/{rails_app → dummy}/config/initializers/backtrace_silencers.rb +0 -0
  48. data/spec/{rails_app → dummy}/config/initializers/devise.rb +29 -17
  49. data/spec/{rails_app → dummy}/config/initializers/inflections.rb +0 -0
  50. data/spec/{rails_app → dummy}/config/initializers/mime_types.rb +0 -0
  51. data/spec/{rails_app → dummy}/config/initializers/secret_token.rb +1 -1
  52. data/spec/{rails_app → dummy}/config/initializers/session_store.rb +2 -2
  53. data/spec/dummy/config/initializers/wrap_parameters.rb +14 -0
  54. data/spec/{rails_app → dummy}/config/locales/devise.en.yml +8 -0
  55. data/spec/{rails_app → dummy}/config/locales/en.yml +1 -1
  56. data/spec/dummy/config/routes.rb +7 -0
  57. data/spec/{rails_app → dummy}/config.ru +1 -1
  58. data/spec/{rails_app/db/migrate/20110511210926_create_users.rb → dummy/db/migrate/20111014142838_create_users.rb} +1 -7
  59. data/spec/dummy/db/migrate/20111014161437_create_devise_oauth2_providable_schema.rb +55 -0
  60. data/spec/dummy/db/schema.rb +78 -0
  61. data/spec/{rails_app/public/stylesheets → dummy/lib/assets}/.gitkeep +0 -0
  62. data/spec/{rails_app/vendor/plugins → dummy/log}/.gitkeep +0 -0
  63. data/spec/{rails_app → dummy}/public/404.html +0 -0
  64. data/spec/{rails_app → dummy}/public/422.html +0 -0
  65. data/spec/{rails_app → dummy}/public/500.html +0 -0
  66. data/spec/{rails_app → dummy}/public/favicon.ico +0 -0
  67. data/spec/{rails_app → dummy}/script/rails +0 -0
  68. data/spec/{rails_app/spec/integration → integration}/oauth2_authorization_token_grant_type_strategy_spec.rb +7 -7
  69. data/spec/{rails_app/spec/integration → integration}/oauth2_password_grant_type_strategy_spec.rb +6 -6
  70. data/spec/{rails_app/spec/integration → integration}/oauth2_refresh_token_grant_type_strategy_spec.rb +6 -6
  71. data/spec/{devise_oauth2_providable_spec.rb → lib/devise_oauth2_providable_spec.rb} +0 -0
  72. data/spec/{rails_app/spec/models → models}/access_token_spec.rb +7 -5
  73. data/spec/{rails_app/spec/models → models}/authorization_code_spec.rb +3 -3
  74. data/spec/{rails_app/spec/models → models}/client_spec.rb +5 -2
  75. data/spec/{rails_app/spec/models → models}/refresh_token_spec.rb +5 -3
  76. data/spec/models/user_spec.rb +6 -0
  77. data/spec/{rails_app/spec/routing → routing}/authorizations_routing_spec.rb +1 -1
  78. data/spec/{rails_app/spec/routing → routing}/tokens_routing_spec.rb +1 -1
  79. data/spec/spec_helper.rb +14 -20
  80. data/spec/support/match_json.rb +6 -0
  81. metadata +204 -162
  82. data/app/controllers/oauth2/authorizations_controller.rb +0 -55
  83. data/app/views/oauth2/authorizations/new.html.erb +0 -5
  84. data/lib/devise_oauth2_providable/model.rb +0 -13
  85. data/lib/devise_oauth2_providable/schema.rb +0 -61
  86. data/spec/rails_app/.gitignore +0 -4
  87. data/spec/rails_app/.rspec +0 -2
  88. data/spec/rails_app/Gemfile +0 -36
  89. data/spec/rails_app/README +0 -256
  90. data/spec/rails_app/app/views/layouts/application.html.erb +0 -14
  91. data/spec/rails_app/config/boot.rb +0 -6
  92. data/spec/rails_app/config/routes.rb +0 -61
  93. data/spec/rails_app/db/migrate/20110511210818_create_oauth2_schema.rb +0 -8
  94. data/spec/rails_app/db/schema.rb +0 -79
  95. data/spec/rails_app/db/seeds.rb +0 -7
  96. data/spec/rails_app/doc/README_FOR_APP +0 -2
  97. data/spec/rails_app/public/images/rails.png +0 -0
  98. data/spec/rails_app/public/index.html +0 -239
  99. data/spec/rails_app/public/javascripts/application.js +0 -0
  100. data/spec/rails_app/public/robots.txt +0 -5
  101. data/spec/rails_app/spec/models/user_spec.rb +0 -8
  102. data/spec/rails_app/spec/spec_helper.rb +0 -36
@@ -1,9 +1,9 @@
1
- RailsApp::Application.configure do
1
+ Dummy::Application.configure do
2
2
  # Settings specified here will take precedence over those in config/application.rb
3
3
 
4
4
  # In the development environment your application's code is reloaded on
5
5
  # every request. This slows down response time but is perfect for development
6
- # since you don't have to restart the webserver when you make code changes.
6
+ # since you don't have to restart the web server when you make code changes.
7
7
  config.cache_classes = false
8
8
 
9
9
  # Log error messages when you accidentally call methods on nil.
@@ -11,7 +11,6 @@ RailsApp::Application.configure do
11
11
 
12
12
  # Show full error reports and disable caching
13
13
  config.consider_all_requests_local = true
14
- config.action_view.debug_rjs = true
15
14
  config.action_controller.perform_caching = false
16
15
 
17
16
  # Don't care if the mailer can't send
@@ -22,5 +21,10 @@ RailsApp::Application.configure do
22
21
 
23
22
  # Only use best-standards-support built into browsers
24
23
  config.action_dispatch.best_standards_support = :builtin
25
- end
26
24
 
25
+ # Do not compress assets
26
+ config.assets.compress = false
27
+
28
+ # Expands the lines which load the assets
29
+ config.assets.debug = true
30
+ end
@@ -1,7 +1,6 @@
1
- RailsApp::Application.configure do
1
+ Dummy::Application.configure do
2
2
  # Settings specified here will take precedence over those in config/application.rb
3
3
 
4
- # The production environment is meant for finished, "live" apps.
5
4
  # Code is not reloaded between requests
6
5
  config.cache_classes = true
7
6
 
@@ -9,14 +8,27 @@ RailsApp::Application.configure do
9
8
  config.consider_all_requests_local = false
10
9
  config.action_controller.perform_caching = true
11
10
 
12
- # Specifies the header that your server uses for sending files
13
- config.action_dispatch.x_sendfile_header = "X-Sendfile"
11
+ # Disable Rails's static asset server (Apache or nginx will already do this)
12
+ config.serve_static_assets = false
13
+
14
+ # Compress JavaScripts and CSS
15
+ config.assets.compress = true
16
+
17
+ # Don't fallback to assets pipeline if a precompiled asset is missed
18
+ config.assets.compile = false
19
+
20
+ # Generate digests for assets URLs
21
+ config.assets.digest = true
14
22
 
15
- # For nginx:
16
- # config.action_dispatch.x_sendfile_header = 'X-Accel-Redirect'
23
+ # Defaults to Rails.root.join("public/assets")
24
+ # config.assets.manifest = YOUR_PATH
17
25
 
18
- # If you have no front-end server that supports something like X-Sendfile,
19
- # just comment this out and Rails will serve the files
26
+ # Specifies the header that your server uses for sending files
27
+ # config.action_dispatch.x_sendfile_header = "X-Sendfile" # for apache
28
+ # config.action_dispatch.x_sendfile_header = 'X-Accel-Redirect' # for nginx
29
+
30
+ # Force all access to the app over SSL, use Strict-Transport-Security, and use secure cookies.
31
+ # config.force_ssl = true
20
32
 
21
33
  # See everything in the log (default is :info)
22
34
  # config.log_level = :debug
@@ -27,13 +39,12 @@ RailsApp::Application.configure do
27
39
  # Use a different cache store in production
28
40
  # config.cache_store = :mem_cache_store
29
41
 
30
- # Disable Rails's static asset server
31
- # In production, Apache or nginx will already do this
32
- config.serve_static_assets = false
33
-
34
- # Enable serving of images, stylesheets, and javascripts from an asset server
42
+ # Enable serving of images, stylesheets, and JavaScripts from an asset server
35
43
  # config.action_controller.asset_host = "http://assets.example.com"
36
44
 
45
+ # Precompile additional assets (application.js, application.css, and all non-JS/CSS are already added)
46
+ # config.assets.precompile += %w( search.js )
47
+
37
48
  # Disable delivery errors, bad email addresses will be ignored
38
49
  # config.action_mailer.raise_delivery_errors = false
39
50
 
@@ -1,4 +1,4 @@
1
- RailsApp::Application.configure do
1
+ Dummy::Application.configure do
2
2
  # Settings specified here will take precedence over those in config/application.rb
3
3
 
4
4
  # The test environment is used exclusively to run your application's
@@ -7,7 +7,11 @@ RailsApp::Application.configure do
7
7
  # and recreated between test runs. Don't rely on the data there!
8
8
  config.cache_classes = true
9
9
 
10
- # Log error messages when you accidentally call methods on nil.
10
+ # Configure static asset server for tests with Cache-Control for performance
11
+ config.serve_static_assets = true
12
+ config.static_cache_control = "public, max-age=3600"
13
+
14
+ # Log error messages when you accidentally call methods on nil
11
15
  config.whiny_nils = true
12
16
 
13
17
  # Show full error reports and disable caching
@@ -2,7 +2,8 @@
2
2
  # four configuration values can also be set straight in your models.
3
3
  Devise.setup do |config|
4
4
  # ==> Mailer Configuration
5
- # Configure the e-mail address which will be shown in DeviseMailer.
5
+ # Configure the e-mail address which will be shown in Devise::Mailer,
6
+ # note that it will be overwritten if you use your own mailer class with default "from" parameter.
6
7
  config.mailer_sender = "please-change-me-at-config-initializers-devise@example.com"
7
8
 
8
9
  # Configure the class responsible to send e-mails.
@@ -36,6 +37,11 @@ Devise.setup do |config|
36
37
  # to authenticate or find a user. Default is :email.
37
38
  config.case_insensitive_keys = [ :email ]
38
39
 
40
+ # Configure which authentication keys should have whitespace stripped.
41
+ # These keys will have whitespace before and after removed upon creating or
42
+ # modifying a user and when used to authenticate or find a user. Default is :email.
43
+ config.strip_whitespace_keys = [ :email ]
44
+
39
45
  # Tell if authentication through request.params is enabled. True by default.
40
46
  # config.params_authenticatable = true
41
47
 
@@ -48,21 +54,29 @@ Devise.setup do |config|
48
54
  # The realm used in Http Basic Authentication. "Application" by default.
49
55
  # config.http_authentication_realm = "Application"
50
56
 
57
+ # It will change confirmation, password recovery and other workflows
58
+ # to behave the same regardless if the e-mail provided was right or wrong.
59
+ # Does not affect registerable.
60
+ # config.paranoid = true
61
+
51
62
  # ==> Configuration for :database_authenticatable
52
63
  # For bcrypt, this is the cost for hashing the password and defaults to 10. If
53
64
  # using other encryptors, it sets how many times you want the password re-encrypted.
54
- config.stretches = 10
65
+ #
66
+ # Limiting the stretches to just one in testing will increase the performance of
67
+ # your test suite dramatically. However, it is STRONGLY RECOMMENDED to not use
68
+ # a value less than 10 in other environments.
69
+ config.stretches = Rails.env.test? ? 1 : 10
55
70
 
56
71
  # Setup a pepper to generate the encrypted password.
57
- # config.pepper = "9526b3e659bb77f8ec563abeaf4dc464bf426b7c8d3915f3e3f11b868b3dc86220821179bf72acb1fd323f360ae7bd7f14beb0cf3f21a7ca00aa403342c79ed4"
72
+ # config.pepper = "93ff79506ade6b0ede7721989b9a4fe887fdde24c6713d8db3d18f40ca5f93f74663c7fed845665a296ecfc3aec66e6fbc7419df702d49de3af2ae05bf7231c0"
58
73
 
59
74
  # ==> Configuration for :confirmable
60
- # The time you want to give your user to confirm his account. During this time
61
- # he will be able to access your application without confirming. Default is 0.days
62
- # When confirm_within is zero, the user won't be able to sign in without confirming.
63
- # You can use this to let your user access some features of your application
64
- # without confirming the account, but blocking it after a certain period
65
- # (ie 2 days).
75
+ # A period that the user is allowed to access the website even without
76
+ # confirming his account. For instance, if set to 2.days, the user will be
77
+ # able to access the website for two days without confirming his account,
78
+ # access will be blocked just in the third day. Default is 0.days, meaning
79
+ # the user cannot access the website without confirming his account.
66
80
  # config.confirm_within = 2.days
67
81
 
68
82
  # Defines which key will be used when confirming an account
@@ -90,8 +104,10 @@ Devise.setup do |config|
90
104
  # Range for password length. Default is 6..128.
91
105
  # config.password_length = 6..128
92
106
 
93
- # Regex to use to validate the email address
94
- # config.email_regexp = /\A([\w\.%\+\-]+)@([\w\-]+\.)+([\w]{2,})\z/i
107
+ # Email regex used to validate email formats. It simply asserts that
108
+ # an one (and only one) @ exists in the given string. This is mainly
109
+ # to give user feedback and not to assert the e-mail validity.
110
+ # config.email_regexp = /\A[^@]+@[^@]+\z/
95
111
 
96
112
  # ==> Configuration for :timeoutable
97
113
  # The time you want to timeout the user session without activity. After this
@@ -174,8 +190,8 @@ Devise.setup do |config|
174
190
  # Explorer requests.
175
191
  # config.navigational_formats = [:"*/*", "*/*", :html]
176
192
 
177
- # The default HTTP method used to sign out a resource. Default is :get.
178
- # config.sign_out_via = :get
193
+ # The default HTTP method used to sign out a resource. Default is :delete.
194
+ config.sign_out_via = :delete
179
195
 
180
196
  # ==> OmniAuth
181
197
  # Add a new OmniAuth provider. Check the wiki for more information on setting
@@ -191,8 +207,4 @@ Devise.setup do |config|
191
207
  # manager.intercept_401 = false
192
208
  # manager.default_strategies(:scope => :user).unshift :some_external_strategy
193
209
  # end
194
- # config.warden do |manager|
195
- # manager.default_strategies(:scope => :user).unshift :oauth2_password_grant_type
196
- # manager.default_strategies(:scope => :user).unshift :oauth2_refresh_token_grant_type
197
- # end
198
210
  end
@@ -4,4 +4,4 @@
4
4
  # If you change this key, all old signed cookies will become invalid!
5
5
  # Make sure the secret is at least 30 characters and all random,
6
6
  # no regular words or you'll be exposed to dictionary attacks.
7
- RailsApp::Application.config.secret_token = 'c3ec0929771364d556822a05a1dafcb98cc15d8efe9ca1060114a0a4857812f1a245c804126d7e53d5b89092abef63de863d2a5ae3adb452a19b721d30eb8225'
7
+ Dummy::Application.config.secret_token = 'ede0a0440c0b53d6589668e54cf525f27305242a2b32b5dbbfc9e50dd7cb7af8da2b7d7c386b7d675283c0ecc4bb522ab4cc5b53edee8ed60f7482d4c22d0e22'
@@ -1,8 +1,8 @@
1
1
  # Be sure to restart your server when you modify this file.
2
2
 
3
- RailsApp::Application.config.session_store :cookie_store, :key => '_rails_app_session'
3
+ Dummy::Application.config.session_store :cookie_store, :key => '_dummy_session'
4
4
 
5
5
  # Use the database for sessions instead of the cookie-based default,
6
6
  # which shouldn't be used to store highly confidential information
7
7
  # (create the session table with "rails generate session_migration")
8
- # RailsApp::Application.config.session_store :active_record_store
8
+ # Dummy::Application.config.session_store :active_record_store
@@ -0,0 +1,14 @@
1
+ # Be sure to restart your server when you modify this file.
2
+ #
3
+ # This file contains settings for ActionController::ParamsWrapper which
4
+ # is enabled by default.
5
+
6
+ # Enable parameter wrapping for JSON. You can disable this by setting :format to an empty array.
7
+ ActiveSupport.on_load(:action_controller) do
8
+ wrap_parameters :format => [:json]
9
+ end
10
+
11
+ # Disable root element in JSON by default.
12
+ ActiveSupport.on_load(:active_record) do
13
+ self.include_root_in_json = false
14
+ end
@@ -27,17 +27,25 @@ en:
27
27
  passwords:
28
28
  send_instructions: 'You will receive an email with instructions about how to reset your password in a few minutes.'
29
29
  updated: 'Your password was changed successfully. You are now signed in.'
30
+ updated_not_active: 'Your password was changed successfully.'
31
+ send_paranoid_instructions: "If your e-mail exists on our database, you will receive a password recovery link on your e-mail"
30
32
  confirmations:
31
33
  send_instructions: 'You will receive an email with instructions about how to confirm your account in a few minutes.'
34
+ send_paranoid_instructions: 'If your e-mail exists on our database, you will receive an email with instructions about how to confirm your account in a few minutes.'
32
35
  confirmed: 'Your account was successfully confirmed. You are now signed in.'
33
36
  registrations:
34
37
  signed_up: 'Welcome! You have signed up successfully.'
35
38
  inactive_signed_up: 'You have signed up successfully. However, we could not sign you in because your account is %{reason}.'
36
39
  updated: 'You updated your account successfully.'
37
40
  destroyed: 'Bye! Your account was successfully cancelled. We hope to see you again soon.'
41
+ reasons:
42
+ inactive: 'inactive'
43
+ unconfirmed: 'unconfirmed'
44
+ locked: 'locked'
38
45
  unlocks:
39
46
  send_instructions: 'You will receive an email with instructions about how to unlock your account in a few minutes.'
40
47
  unlocked: 'Your account was successfully unlocked. You are now signed in.'
48
+ send_paranoid_instructions: 'If your account exists, you will receive an email with instructions about how to unlock it in a few minutes.'
41
49
  omniauth_callbacks:
42
50
  success: 'Successfully authorized from %{kind} account.'
43
51
  failure: 'Could not authorize you from %{kind} because "%{reason}".'
@@ -1,5 +1,5 @@
1
1
  # Sample localization file for English. Add more files in this directory for other locales.
2
- # See http://github.com/svenfuchs/rails-i18n/tree/master/rails%2Flocale for starting points.
2
+ # See https://github.com/svenfuchs/rails-i18n/tree/master/rails%2Flocale for starting points.
3
3
 
4
4
  en:
5
5
  hello: "Hello world"
@@ -0,0 +1,7 @@
1
+ Rails.application.routes.draw do
2
+ devise_for :users
3
+
4
+ resources :protected
5
+
6
+ mount Devise::Oauth2Providable::Engine => '/oauth2'
7
+ end
@@ -1,4 +1,4 @@
1
1
  # This file is used by Rack-based servers to start the application.
2
2
 
3
3
  require ::File.expand_path('../config/environment', __FILE__)
4
- run RailsApp::Application
4
+ run Dummy::Application
@@ -1,14 +1,8 @@
1
1
  class CreateUsers < ActiveRecord::Migration
2
- def self.up
2
+ def change
3
3
  create_table :users do |t|
4
4
  t.database_authenticatable
5
- t.string :email
6
- t.string :name
7
5
  t.timestamps
8
6
  end
9
7
  end
10
-
11
- def self.down
12
- drop_table :users
13
- end
14
8
  end
@@ -0,0 +1,55 @@
1
+ class CreateDeviseOauth2ProvidableSchema < ActiveRecord::Migration
2
+ def change
3
+ create_table :oauth2_clients do |t|
4
+ t.string :name
5
+ t.string :redirect_uri
6
+ t.string :website
7
+ t.string :identifier
8
+ t.string :secret
9
+ t.timestamps
10
+ end
11
+ change_table :oauth2_clients do |t|
12
+ t.index :identifier, :unique => true
13
+ end
14
+
15
+ create_table :oauth2_access_tokens do |t|
16
+ t.belongs_to :user, :client, :refresh_token
17
+ t.string :token
18
+ t.datetime :expires_at
19
+ t.timestamps
20
+ end
21
+ change_table :oauth2_access_tokens do |t|
22
+ t.index :token, :unique => true
23
+ t.index :expires_at
24
+ t.index :user_id
25
+ t.index :client_id
26
+ end
27
+
28
+ create_table :oauth2_refresh_tokens do |t|
29
+ t.belongs_to :user, :client
30
+ t.string :token
31
+ t.datetime :expires_at
32
+ t.timestamps
33
+ end
34
+ change_table :oauth2_refresh_tokens do |t|
35
+ t.index :token, :unique => true
36
+ t.index :expires_at
37
+ t.index :user_id
38
+ t.index :client_id
39
+ end
40
+
41
+ create_table :oauth2_authorization_codes do |t|
42
+ t.belongs_to :user, :client
43
+ t.string :token
44
+ t.datetime :expires_at
45
+ t.string :redirect_uri
46
+ t.timestamps
47
+ end
48
+ change_table :oauth2_authorization_codes do |t|
49
+ t.index :token, :unique => true
50
+ t.index :expires_at
51
+ t.index :user_id
52
+ t.index :client_id
53
+ end
54
+ end
55
+ end
@@ -0,0 +1,78 @@
1
+ # This file is auto-generated from the current state of the database. Instead
2
+ # of editing this file, please use the migrations feature of Active Record to
3
+ # incrementally modify your database, and then regenerate this schema definition.
4
+ #
5
+ # Note that this schema.rb definition is the authoritative source for your
6
+ # database schema. If you need to create the application database on another
7
+ # system, you should be using db:schema:load, not running all the migrations
8
+ # from scratch. The latter is a flawed and unsustainable approach (the more migrations
9
+ # you'll amass, the slower it'll run and the greater likelihood for issues).
10
+ #
11
+ # It's strongly recommended to check this file into your version control system.
12
+
13
+ ActiveRecord::Schema.define(:version => 20111014161437) do
14
+
15
+ create_table "oauth2_access_tokens", :force => true do |t|
16
+ t.integer "user_id"
17
+ t.integer "client_id"
18
+ t.integer "refresh_token_id"
19
+ t.string "token"
20
+ t.datetime "expires_at"
21
+ t.datetime "created_at"
22
+ t.datetime "updated_at"
23
+ end
24
+
25
+ add_index "oauth2_access_tokens", ["client_id"], :name => "index_oauth2_access_tokens_on_client_id"
26
+ add_index "oauth2_access_tokens", ["expires_at"], :name => "index_oauth2_access_tokens_on_expires_at"
27
+ add_index "oauth2_access_tokens", ["token"], :name => "index_oauth2_access_tokens_on_token", :unique => true
28
+ add_index "oauth2_access_tokens", ["user_id"], :name => "index_oauth2_access_tokens_on_user_id"
29
+
30
+ create_table "oauth2_authorization_codes", :force => true do |t|
31
+ t.integer "user_id"
32
+ t.integer "client_id"
33
+ t.string "token"
34
+ t.datetime "expires_at"
35
+ t.string "redirect_uri"
36
+ t.datetime "created_at"
37
+ t.datetime "updated_at"
38
+ end
39
+
40
+ add_index "oauth2_authorization_codes", ["client_id"], :name => "index_oauth2_authorization_codes_on_client_id"
41
+ add_index "oauth2_authorization_codes", ["expires_at"], :name => "index_oauth2_authorization_codes_on_expires_at"
42
+ add_index "oauth2_authorization_codes", ["token"], :name => "index_oauth2_authorization_codes_on_token", :unique => true
43
+ add_index "oauth2_authorization_codes", ["user_id"], :name => "index_oauth2_authorization_codes_on_user_id"
44
+
45
+ create_table "oauth2_clients", :force => true do |t|
46
+ t.string "name"
47
+ t.string "redirect_uri"
48
+ t.string "website"
49
+ t.string "identifier"
50
+ t.string "secret"
51
+ t.datetime "created_at"
52
+ t.datetime "updated_at"
53
+ end
54
+
55
+ add_index "oauth2_clients", ["identifier"], :name => "index_oauth2_clients_on_identifier", :unique => true
56
+
57
+ create_table "oauth2_refresh_tokens", :force => true do |t|
58
+ t.integer "user_id"
59
+ t.integer "client_id"
60
+ t.string "token"
61
+ t.datetime "expires_at"
62
+ t.datetime "created_at"
63
+ t.datetime "updated_at"
64
+ end
65
+
66
+ add_index "oauth2_refresh_tokens", ["client_id"], :name => "index_oauth2_refresh_tokens_on_client_id"
67
+ add_index "oauth2_refresh_tokens", ["expires_at"], :name => "index_oauth2_refresh_tokens_on_expires_at"
68
+ add_index "oauth2_refresh_tokens", ["token"], :name => "index_oauth2_refresh_tokens_on_token", :unique => true
69
+ add_index "oauth2_refresh_tokens", ["user_id"], :name => "index_oauth2_refresh_tokens_on_user_id"
70
+
71
+ create_table "users", :force => true do |t|
72
+ t.string "email", :default => "", :null => false
73
+ t.string "encrypted_password", :limit => 128, :default => "", :null => false
74
+ t.datetime "created_at"
75
+ t.datetime "updated_at"
76
+ end
77
+
78
+ end
File without changes
File without changes
File without changes
File without changes
File without changes
@@ -5,8 +5,8 @@ describe Devise::Strategies::Oauth2AuthorizationCodeGrantTypeStrategy do
5
5
  describe 'with grant_type=authorization_code' do
6
6
  context 'with valid params' do
7
7
  before do
8
- @user = User.create! :email => 'ryan@socialcast.com', :name => 'ryan sonnek', :password => 'test'
9
- @client = Client.create! :name => 'example', :redirect_uri => 'http://localhost', :website => 'http://localhost'
8
+ @user = User.create! :email => 'ryan@socialcast.com', :password => 'test'
9
+ @client = Devise::Oauth2Providable::Client.create! :name => 'example', :redirect_uri => 'http://localhost', :website => 'http://localhost'
10
10
  @authorization_code = @user.authorization_codes.create(:client_id => @client, :redirect_uri => @client.redirect_uri)
11
11
  params = {
12
12
  :grant_type => 'authorization_code',
@@ -20,8 +20,8 @@ describe Devise::Strategies::Oauth2AuthorizationCodeGrantTypeStrategy do
20
20
  it { response.code.to_i.should == 200 }
21
21
  it { response.content_type.should == 'application/json' }
22
22
  it 'returns json' do
23
- token = AccessToken.last
24
- refresh_token = RefreshToken.last
23
+ token = Devise::Oauth2Providable::AccessToken.last
24
+ refresh_token = Devise::Oauth2Providable::RefreshToken.last
25
25
  expected = {
26
26
  :token_type => 'bearer',
27
27
  :expires_in => 899,
@@ -33,8 +33,8 @@ describe Devise::Strategies::Oauth2AuthorizationCodeGrantTypeStrategy do
33
33
  end
34
34
  context 'with invalid authorization_code' do
35
35
  before do
36
- @user = User.create! :email => 'ryan@socialcast.com', :name => 'ryan sonnek', :password => 'test'
37
- @client = Client.create! :name => 'example', :redirect_uri => 'http://localhost', :website => 'http://localhost'
36
+ @user = User.create! :email => 'ryan@socialcast.com', :password => 'test'
37
+ @client = Devise::Oauth2Providable::Client.create! :name => 'example', :redirect_uri => 'http://localhost', :website => 'http://localhost'
38
38
  @authorization_code = @user.authorization_codes.create(:client_id => @client, :redirect_uri => @client.redirect_uri)
39
39
  params = {
40
40
  :grant_type => 'authorization_code',
@@ -48,7 +48,7 @@ describe Devise::Strategies::Oauth2AuthorizationCodeGrantTypeStrategy do
48
48
  it { response.code.to_i.should == 400 }
49
49
  it { response.content_type.should == 'application/json' }
50
50
  it 'returns json' do
51
- token = AccessToken.last
51
+ token = Devise::Oauth2Providable::AccessToken.last
52
52
  refresh_token = @refresh_token
53
53
  expected = {
54
54
  :error => 'invalid_grant',
@@ -5,8 +5,8 @@ describe Devise::Strategies::Oauth2PasswordGrantTypeStrategy do
5
5
  describe 'with grant_type=password' do
6
6
  context 'with valid params' do
7
7
  before do
8
- @user = User.create! :email => 'ryan@socialcast.com', :name => 'ryan sonnek', :password => 'test'
9
- @client = Client.create! :name => 'example', :redirect_uri => 'http://localhost', :website => 'http://localhost'
8
+ @user = User.create! :email => 'ryan@socialcast.com', :password => 'test'
9
+ @client = Devise::Oauth2Providable::Client.create! :name => 'example', :redirect_uri => 'http://localhost', :website => 'http://localhost'
10
10
 
11
11
  params = {
12
12
  :grant_type => 'password',
@@ -21,15 +21,15 @@ describe Devise::Strategies::Oauth2PasswordGrantTypeStrategy do
21
21
  it { response.code.to_i.should == 200 }
22
22
  it { response.content_type.should == 'application/json' }
23
23
  it 'returns json' do
24
- token = AccessToken.last
24
+ token = Devise::Oauth2Providable::AccessToken.last
25
25
  expected = token.token_response
26
26
  response.body.should match_json(expected)
27
27
  end
28
28
  end
29
29
  context 'with invalid params' do
30
30
  before do
31
- @user = User.create! :email => 'ryan@socialcast.com', :name => 'ryan sonnek', :password => 'test'
32
- @client = Client.create! :name => 'example', :redirect_uri => 'http://localhost', :website => 'http://localhost'
31
+ @user = User.create! :email => 'ryan@socialcast.com', :password => 'test'
32
+ @client = Devise::Oauth2Providable::Client.create! :name => 'example', :redirect_uri => 'http://localhost', :website => 'http://localhost'
33
33
 
34
34
  params = {
35
35
  :grant_type => 'password',
@@ -53,7 +53,7 @@ describe Devise::Strategies::Oauth2PasswordGrantTypeStrategy do
53
53
  end
54
54
  context 'with invalid client' do
55
55
  before do
56
- @user = User.create! :email => 'ryan@socialcast.com', :name => 'ryan sonnek', :password => 'test'
56
+ @user = User.create! :email => 'ryan@socialcast.com', :password => 'test'
57
57
 
58
58
  params = {
59
59
  :grant_type => 'password',
@@ -5,8 +5,8 @@ describe Devise::Strategies::Oauth2RefreshTokenGrantTypeStrategy do
5
5
  describe 'with grant_type=refresh_token' do
6
6
  context 'with valid params' do
7
7
  before do
8
- @user = User.create! :email => 'ryan@socialcast.com', :name => 'ryan sonnek', :password => 'test'
9
- @client = Client.create! :name => 'example', :redirect_uri => 'http://localhost', :website => 'http://localhost'
8
+ @user = User.create! :email => 'ryan@socialcast.com', :password => 'test'
9
+ @client = Devise::Oauth2Providable::Client.create! :name => 'example', :redirect_uri => 'http://localhost', :website => 'http://localhost'
10
10
  @refresh_token = @client.refresh_tokens.create! :user => @user
11
11
  params = {
12
12
  :grant_type => 'refresh_token',
@@ -20,7 +20,7 @@ describe Devise::Strategies::Oauth2RefreshTokenGrantTypeStrategy do
20
20
  it { response.code.to_i.should == 200 }
21
21
  it { response.content_type.should == 'application/json' }
22
22
  it 'returns json' do
23
- token = AccessToken.last
23
+ token = Devise::Oauth2Providable::AccessToken.last
24
24
  refresh_token = @refresh_token
25
25
  expected = {
26
26
  :token_type => 'bearer',
@@ -33,8 +33,8 @@ describe Devise::Strategies::Oauth2RefreshTokenGrantTypeStrategy do
33
33
  end
34
34
  context 'with invalid refresh_token' do
35
35
  before do
36
- @user = User.create! :email => 'ryan@socialcast.com', :name => 'ryan sonnek', :password => 'test'
37
- @client = Client.create! :name => 'example', :redirect_uri => 'http://localhost', :website => 'http://localhost'
36
+ @user = User.create! :email => 'ryan@socialcast.com', :password => 'test'
37
+ @client = Devise::Oauth2Providable::Client.create! :name => 'example', :redirect_uri => 'http://localhost', :website => 'http://localhost'
38
38
  @refresh_token = @client.refresh_tokens.create! :user => @user
39
39
  params = {
40
40
  :grant_type => 'refresh_token',
@@ -48,7 +48,7 @@ describe Devise::Strategies::Oauth2RefreshTokenGrantTypeStrategy do
48
48
  it { response.code.to_i.should == 400 }
49
49
  it { response.content_type.should == 'application/json' }
50
50
  it 'returns json' do
51
- token = AccessToken.last
51
+ token = Devise::Oauth2Providable::AccessToken.last
52
52
  refresh_token = @refresh_token
53
53
  expected = {
54
54
  :error => 'invalid_grant',
@@ -1,10 +1,12 @@
1
1
  require 'spec_helper'
2
2
 
3
- describe AccessToken do
3
+ describe Devise::Oauth2Providable::AccessToken do
4
+ it { Devise::Oauth2Providable::AccessToken.table_name.should == 'oauth2_access_tokens' }
5
+
4
6
  describe 'basic access token instance' do
5
7
  subject do
6
- client = Client.create! :name => 'test', :redirect_uri => 'http://localhost:3000', :website => 'http://localhost'
7
- AccessToken.create! :client => client
8
+ client = Devise::Oauth2Providable::Client.create! :name => 'test', :redirect_uri => 'http://localhost:3000', :website => 'http://localhost'
9
+ Devise::Oauth2Providable::AccessToken.create! :client => client
8
10
  end
9
11
  it { should validate_presence_of :token }
10
12
  it { should validate_uniqueness_of :token }
@@ -23,10 +25,10 @@ describe AccessToken do
23
25
  describe 'refresh token expires before access token expires_at' do
24
26
  before do
25
27
  @soon = 1.minute.from_now
26
- client = Client.create! :name => 'test', :redirect_uri => 'http://localhost:3000', :website => 'http://localhost'
28
+ client = Devise::Oauth2Providable::Client.create! :name => 'test', :redirect_uri => 'http://localhost:3000', :website => 'http://localhost'
27
29
  @refresh_token = client.refresh_tokens.create!
28
30
  @refresh_token.expires_at = @soon
29
- @access_token = AccessToken.create! :client => client, :refresh_token => @refresh_token
31
+ @access_token = Devise::Oauth2Providable::AccessToken.create! :client => client, :refresh_token => @refresh_token
30
32
  end
31
33
  it 'should set the access token expires_at to equal refresh token' do
32
34
  @access_token.expires_at.should eq @soon
@@ -1,10 +1,10 @@
1
1
  require 'spec_helper'
2
2
 
3
- describe AuthorizationCode do
3
+ describe Devise::Oauth2Providable::AuthorizationCode do
4
4
  describe 'basic authorization code instance' do
5
5
  subject do
6
- client = Client.create! :name => 'test', :redirect_uri => 'http://localhost:3000', :website => 'http://localhost'
7
- AuthorizationCode.create! :client => client
6
+ client = Devise::Oauth2Providable::Client.create! :name => 'test', :redirect_uri => 'http://localhost:3000', :website => 'http://localhost'
7
+ Devise::Oauth2Providable::AuthorizationCode.create! :client => client
8
8
  end
9
9
  it { should validate_presence_of :token }
10
10
  it { should validate_uniqueness_of :token }