devise_oauth2_providable 0.3.8 → 1.0.0.beta1

data/spec/{rails_app → dummy}/config/environments/development.rb

@@ -1,9 +1,9 @@
-RailsApp::Application.configure do
+Dummy::Application.configure do
   # Settings specified here will take precedence over those in config/application.rb
 
   # In the development environment your application's code is reloaded on
   # every request.  This slows down response time but is perfect for development
-  # since you don't have to restart the webserver when you make code changes.
+  # since you don't have to restart the web server when you make code changes.
   config.cache_classes = false
 
   # Log error messages when you accidentally call methods on nil.
@@ -11,7 +11,6 @@ RailsApp::Application.configure do
 
   # Show full error reports and disable caching
   config.consider_all_requests_local       = true
-  config.action_view.debug_rjs             = true
   config.action_controller.perform_caching = false
 
   # Don't care if the mailer can't send
@@ -22,5 +21,10 @@ RailsApp::Application.configure do
 
   # Only use best-standards-support built into browsers
   config.action_dispatch.best_standards_support = :builtin
-end
 
+  # Do not compress assets
+  config.assets.compress = false
+
+  # Expands the lines which load the assets
+  config.assets.debug = true
+end

data/spec/{rails_app → dummy}/config/environments/production.rb

@@ -1,7 +1,6 @@
-RailsApp::Application.configure do
+Dummy::Application.configure do
   # Settings specified here will take precedence over those in config/application.rb
 
-  # The production environment is meant for finished, "live" apps.
   # Code is not reloaded between requests
   config.cache_classes = true
 
@@ -9,14 +8,27 @@ RailsApp::Application.configure do
   config.consider_all_requests_local       = false
   config.action_controller.perform_caching = true
 
-  # Specifies the header that your server uses for sending files
-  config.action_dispatch.x_sendfile_header = "X-Sendfile"
+  # Disable Rails's static asset server (Apache or nginx will already do this)
+  config.serve_static_assets = false
+
+  # Compress JavaScripts and CSS
+  config.assets.compress = true
+
+  # Don't fallback to assets pipeline if a precompiled asset is missed
+  config.assets.compile = false
+
+  # Generate digests for assets URLs
+  config.assets.digest = true
 
-  # For nginx:
-  # config.action_dispatch.x_sendfile_header = 'X-Accel-Redirect'
+  # Defaults to Rails.root.join("public/assets")
+  # config.assets.manifest = YOUR_PATH
 
-  # If you have no front-end server that supports something like X-Sendfile,
-  # just comment this out and Rails will serve the files
+  # Specifies the header that your server uses for sending files
+  # config.action_dispatch.x_sendfile_header = "X-Sendfile" # for apache
+  # config.action_dispatch.x_sendfile_header = 'X-Accel-Redirect' # for nginx
+
+  # Force all access to the app over SSL, use Strict-Transport-Security, and use secure cookies.
+  # config.force_ssl = true
 
   # See everything in the log (default is :info)
   # config.log_level = :debug
@@ -27,13 +39,12 @@ RailsApp::Application.configure do
   # Use a different cache store in production
   # config.cache_store = :mem_cache_store
 
-  # Disable Rails's static asset server
-  # In production, Apache or nginx will already do this
-  config.serve_static_assets = false
-
-  # Enable serving of images, stylesheets, and javascripts from an asset server
+  # Enable serving of images, stylesheets, and JavaScripts from an asset server
   # config.action_controller.asset_host = "http://assets.example.com"
 
+  # Precompile additional assets (application.js, application.css, and all non-JS/CSS are already added)
+  # config.assets.precompile += %w( search.js )
+
   # Disable delivery errors, bad email addresses will be ignored
   # config.action_mailer.raise_delivery_errors = false
 

data/spec/{rails_app → dummy}/config/environments/test.rb

@@ -1,4 +1,4 @@
-RailsApp::Application.configure do
+Dummy::Application.configure do
   # Settings specified here will take precedence over those in config/application.rb
 
   # The test environment is used exclusively to run your application's
@@ -7,7 +7,11 @@ RailsApp::Application.configure do
   # and recreated between test runs.  Don't rely on the data there!
   config.cache_classes = true
 
-  # Log error messages when you accidentally call methods on nil.
+  # Configure static asset server for tests with Cache-Control for performance
+  config.serve_static_assets = true
+  config.static_cache_control = "public, max-age=3600"
+
+  # Log error messages when you accidentally call methods on nil
   config.whiny_nils = true
 
   # Show full error reports and disable caching

data/spec/{rails_app → dummy}/config/initializers/devise.rb

@@ -2,7 +2,8 @@
 # four configuration values can also be set straight in your models.
 Devise.setup do |config|
   # ==> Mailer Configuration
-  # Configure the e-mail address which will be shown in DeviseMailer.
+  # Configure the e-mail address which will be shown in Devise::Mailer,
+  # note that it will be overwritten if you use your own mailer class with default "from" parameter.
   config.mailer_sender = "please-change-me-at-config-initializers-devise@example.com"
 
   # Configure the class responsible to send e-mails.
@@ -36,6 +37,11 @@ Devise.setup do |config|
   # to authenticate or find a user. Default is :email.
   config.case_insensitive_keys = [ :email ]
 
+  # Configure which authentication keys should have whitespace stripped.
+  # These keys will have whitespace before and after removed upon creating or
+  # modifying a user and when used to authenticate or find a user. Default is :email.
+  config.strip_whitespace_keys = [ :email ]
+
   # Tell if authentication through request.params is enabled. True by default.
   # config.params_authenticatable = true
 
@@ -48,21 +54,29 @@ Devise.setup do |config|
   # The realm used in Http Basic Authentication. "Application" by default.
   # config.http_authentication_realm = "Application"
 
+  # It will change confirmation, password recovery and other workflows
+  # to behave the same regardless if the e-mail provided was right or wrong.
+  # Does not affect registerable.
+  # config.paranoid = true
+
   # ==> Configuration for :database_authenticatable
   # For bcrypt, this is the cost for hashing the password and defaults to 10. If
   # using other encryptors, it sets how many times you want the password re-encrypted.
-  config.stretches = 10
+  #
+  # Limiting the stretches to just one in testing will increase the performance of
+  # your test suite dramatically. However, it is STRONGLY RECOMMENDED to not use
+  # a value less than 10 in other environments.
+  config.stretches = Rails.env.test? ? 1 : 10
 
   # Setup a pepper to generate the encrypted password.
-  # config.pepper = "9526b3e659bb77f8ec563abeaf4dc464bf426b7c8d3915f3e3f11b868b3dc86220821179bf72acb1fd323f360ae7bd7f14beb0cf3f21a7ca00aa403342c79ed4"
+  # config.pepper = "93ff79506ade6b0ede7721989b9a4fe887fdde24c6713d8db3d18f40ca5f93f74663c7fed845665a296ecfc3aec66e6fbc7419df702d49de3af2ae05bf7231c0"
 
   # ==> Configuration for :confirmable
-  # The time you want to give your user to confirm his account. During this time
-  # he will be able to access your application without confirming. Default is 0.days
-  # When confirm_within is zero, the user won't be able to sign in without confirming.
-  # You can use this to let your user access some features of your application
-  # without confirming the account, but blocking it after a certain period
-  # (ie 2 days).
+  # A period that the user is allowed to access the website even without
+  # confirming his account. For instance, if set to 2.days, the user will be
+  # able to access the website for two days without confirming his account,
+  # access will be blocked just in the third day. Default is 0.days, meaning
+  # the user cannot access the website without confirming his account.
   # config.confirm_within = 2.days
 
   # Defines which key will be used when confirming an account
@@ -90,8 +104,10 @@ Devise.setup do |config|
   # Range for password length. Default is 6..128.
   # config.password_length = 6..128
 
-  # Regex to use to validate the email address
-  # config.email_regexp = /\A([\w\.%\+\-]+)@([\w\-]+\.)+([\w]{2,})\z/i
+  # Email regex used to validate email formats. It simply asserts that
+  # an one (and only one) @ exists in the given string. This is mainly
+  # to give user feedback and not to assert the e-mail validity.
+  # config.email_regexp = /\A[^@]+@[^@]+\z/
 
   # ==> Configuration for :timeoutable
   # The time you want to timeout the user session without activity. After this
@@ -174,8 +190,8 @@ Devise.setup do |config|
   # Explorer requests.
   # config.navigational_formats = [:"*/*", "*/*", :html]
 
-  # The default HTTP method used to sign out a resource. Default is :get.
-  # config.sign_out_via = :get
+  # The default HTTP method used to sign out a resource. Default is :delete.
+  config.sign_out_via = :delete
 
   # ==> OmniAuth
   # Add a new OmniAuth provider. Check the wiki for more information on setting
@@ -191,8 +207,4 @@ Devise.setup do |config|
   #   manager.intercept_401 = false
   #   manager.default_strategies(:scope => :user).unshift :some_external_strategy
   # end
-  # config.warden do |manager|
-  #   manager.default_strategies(:scope => :user).unshift :oauth2_password_grant_type
-  #   manager.default_strategies(:scope => :user).unshift :oauth2_refresh_token_grant_type
-  # end
 end

data/spec/{rails_app → dummy}/config/initializers/secret_token.rb

@@ -4,4 +4,4 @@
 # If you change this key, all old signed cookies will become invalid!
 # Make sure the secret is at least 30 characters and all random,
 # no regular words or you'll be exposed to dictionary attacks.
-RailsApp::Application.config.secret_token = 'c3ec0929771364d556822a05a1dafcb98cc15d8efe9ca1060114a0a4857812f1a245c804126d7e53d5b89092abef63de863d2a5ae3adb452a19b721d30eb8225'
+Dummy::Application.config.secret_token = 'ede0a0440c0b53d6589668e54cf525f27305242a2b32b5dbbfc9e50dd7cb7af8da2b7d7c386b7d675283c0ecc4bb522ab4cc5b53edee8ed60f7482d4c22d0e22'

data/spec/{rails_app → dummy}/config/initializers/session_store.rb

@@ -1,8 +1,8 @@
 # Be sure to restart your server when you modify this file.
 
-RailsApp::Application.config.session_store :cookie_store, :key => '_rails_app_session'
+Dummy::Application.config.session_store :cookie_store, :key => '_dummy_session'
 
 # Use the database for sessions instead of the cookie-based default,
 # which shouldn't be used to store highly confidential information
 # (create the session table with "rails generate session_migration")
-# RailsApp::Application.config.session_store :active_record_store
+# Dummy::Application.config.session_store :active_record_store

data/spec/dummy/config/initializers/wrap_parameters.rb

@@ -0,0 +1,14 @@
+# Be sure to restart your server when you modify this file.
+#
+# This file contains settings for ActionController::ParamsWrapper which
+# is enabled by default.
+
+# Enable parameter wrapping for JSON. You can disable this by setting :format to an empty array.
+ActiveSupport.on_load(:action_controller) do
+  wrap_parameters :format => [:json]
+end
+
+# Disable root element in JSON by default.
+ActiveSupport.on_load(:active_record) do
+  self.include_root_in_json = false
+end

data/spec/{rails_app → dummy}/config/locales/devise.en.yml

@@ -27,17 +27,25 @@ en:
     passwords:
       send_instructions: 'You will receive an email with instructions about how to reset your password in a few minutes.'
       updated: 'Your password was changed successfully. You are now signed in.'
+      updated_not_active: 'Your password was changed successfully.'
+      send_paranoid_instructions: "If your e-mail exists on our database, you will receive a password recovery link on your e-mail"
     confirmations:
       send_instructions: 'You will receive an email with instructions about how to confirm your account in a few minutes.'
+      send_paranoid_instructions: 'If your e-mail exists on our database, you will receive an email with instructions about how to confirm your account in a few minutes.'
       confirmed: 'Your account was successfully confirmed. You are now signed in.'
     registrations:
       signed_up: 'Welcome! You have signed up successfully.'
       inactive_signed_up: 'You have signed up successfully. However, we could not sign you in because your account is %{reason}.'
       updated: 'You updated your account successfully.'
       destroyed: 'Bye! Your account was successfully cancelled. We hope to see you again soon.'
+      reasons:
+        inactive: 'inactive'
+        unconfirmed: 'unconfirmed'
+        locked: 'locked'
     unlocks:
       send_instructions: 'You will receive an email with instructions about how to unlock your account in a few minutes.'
       unlocked: 'Your account was successfully unlocked. You are now signed in.'
+      send_paranoid_instructions: 'If your account exists, you will receive an email with instructions about how to unlock it in a few minutes.'
     omniauth_callbacks:
       success: 'Successfully authorized from %{kind} account.'
       failure: 'Could not authorize you from %{kind} because "%{reason}".'

data/spec/{rails_app → dummy}/config/locales/en.yml

@@ -1,5 +1,5 @@
 # Sample localization file for English. Add more files in this directory for other locales.
-# See http://github.com/svenfuchs/rails-i18n/tree/master/rails%2Flocale for starting points.
+# See https://github.com/svenfuchs/rails-i18n/tree/master/rails%2Flocale for starting points.
 
 en:
   hello: "Hello world"

data/spec/dummy/config/routes.rb

@@ -0,0 +1,7 @@
+Rails.application.routes.draw do
+  devise_for :users
+
+  resources :protected
+
+  mount Devise::Oauth2Providable::Engine => '/oauth2'
+end

data/spec/{rails_app → dummy}/config.ru

@@ -1,4 +1,4 @@
 # This file is used by Rack-based servers to start the application.
 
 require ::File.expand_path('../config/environment',  __FILE__)
-run RailsApp::Application
+run Dummy::Application

data/spec/{rails_app/db/migrate/20110511210926_create_users.rb → dummy/db/migrate/20111014142838_create_users.rb}

@@ -1,14 +1,8 @@
 class CreateUsers < ActiveRecord::Migration
-  def self.up
+  def change
     create_table :users do |t|
       t.database_authenticatable
-      t.string :email
-      t.string :name
       t.timestamps
     end
   end
-
-  def self.down
-    drop_table :users
-  end
 end

data/spec/dummy/db/migrate/20111014161437_create_devise_oauth2_providable_schema.rb

@@ -0,0 +1,55 @@
+class CreateDeviseOauth2ProvidableSchema < ActiveRecord::Migration
+  def change
+    create_table :oauth2_clients do |t|
+      t.string :name
+      t.string :redirect_uri
+      t.string :website
+      t.string :identifier
+      t.string :secret
+      t.timestamps
+    end
+    change_table :oauth2_clients do |t|
+      t.index :identifier, :unique => true
+    end
+
+    create_table :oauth2_access_tokens do |t|
+      t.belongs_to :user, :client, :refresh_token
+      t.string :token
+      t.datetime :expires_at
+      t.timestamps
+    end
+    change_table :oauth2_access_tokens do |t|
+      t.index :token, :unique => true
+      t.index :expires_at
+      t.index :user_id
+      t.index :client_id
+    end
+
+    create_table :oauth2_refresh_tokens do |t|
+      t.belongs_to :user, :client
+      t.string :token
+      t.datetime :expires_at
+      t.timestamps
+    end
+    change_table :oauth2_refresh_tokens do |t|
+      t.index :token, :unique => true
+      t.index :expires_at
+      t.index :user_id
+      t.index :client_id
+    end
+
+    create_table :oauth2_authorization_codes do |t|
+      t.belongs_to :user, :client
+      t.string :token
+      t.datetime :expires_at
+      t.string :redirect_uri
+      t.timestamps
+    end
+    change_table :oauth2_authorization_codes do |t|
+      t.index :token, :unique => true
+      t.index :expires_at
+      t.index :user_id
+      t.index :client_id
+    end
+  end
+end

data/spec/dummy/db/schema.rb

@@ -0,0 +1,78 @@
+# This file is auto-generated from the current state of the database. Instead
+# of editing this file, please use the migrations feature of Active Record to
+# incrementally modify your database, and then regenerate this schema definition.
+#
+# Note that this schema.rb definition is the authoritative source for your
+# database schema. If you need to create the application database on another
+# system, you should be using db:schema:load, not running all the migrations
+# from scratch. The latter is a flawed and unsustainable approach (the more migrations
+# you'll amass, the slower it'll run and the greater likelihood for issues).
+#
+# It's strongly recommended to check this file into your version control system.
+
+ActiveRecord::Schema.define(:version => 20111014161437) do
+
+  create_table "oauth2_access_tokens", :force => true do |t|
+    t.integer  "user_id"
+    t.integer  "client_id"
+    t.integer  "refresh_token_id"
+    t.string   "token"
+    t.datetime "expires_at"
+    t.datetime "created_at"
+    t.datetime "updated_at"
+  end
+
+  add_index "oauth2_access_tokens", ["client_id"], :name => "index_oauth2_access_tokens_on_client_id"
+  add_index "oauth2_access_tokens", ["expires_at"], :name => "index_oauth2_access_tokens_on_expires_at"
+  add_index "oauth2_access_tokens", ["token"], :name => "index_oauth2_access_tokens_on_token", :unique => true
+  add_index "oauth2_access_tokens", ["user_id"], :name => "index_oauth2_access_tokens_on_user_id"
+
+  create_table "oauth2_authorization_codes", :force => true do |t|
+    t.integer  "user_id"
+    t.integer  "client_id"
+    t.string   "token"
+    t.datetime "expires_at"
+    t.string   "redirect_uri"
+    t.datetime "created_at"
+    t.datetime "updated_at"
+  end
+
+  add_index "oauth2_authorization_codes", ["client_id"], :name => "index_oauth2_authorization_codes_on_client_id"
+  add_index "oauth2_authorization_codes", ["expires_at"], :name => "index_oauth2_authorization_codes_on_expires_at"
+  add_index "oauth2_authorization_codes", ["token"], :name => "index_oauth2_authorization_codes_on_token", :unique => true
+  add_index "oauth2_authorization_codes", ["user_id"], :name => "index_oauth2_authorization_codes_on_user_id"
+
+  create_table "oauth2_clients", :force => true do |t|
+    t.string   "name"
+    t.string   "redirect_uri"
+    t.string   "website"
+    t.string   "identifier"
+    t.string   "secret"
+    t.datetime "created_at"
+    t.datetime "updated_at"
+  end
+
+  add_index "oauth2_clients", ["identifier"], :name => "index_oauth2_clients_on_identifier", :unique => true
+
+  create_table "oauth2_refresh_tokens", :force => true do |t|
+    t.integer  "user_id"
+    t.integer  "client_id"
+    t.string   "token"
+    t.datetime "expires_at"
+    t.datetime "created_at"
+    t.datetime "updated_at"
+  end
+
+  add_index "oauth2_refresh_tokens", ["client_id"], :name => "index_oauth2_refresh_tokens_on_client_id"
+  add_index "oauth2_refresh_tokens", ["expires_at"], :name => "index_oauth2_refresh_tokens_on_expires_at"
+  add_index "oauth2_refresh_tokens", ["token"], :name => "index_oauth2_refresh_tokens_on_token", :unique => true
+  add_index "oauth2_refresh_tokens", ["user_id"], :name => "index_oauth2_refresh_tokens_on_user_id"
+
+  create_table "users", :force => true do |t|
+    t.string   "email",                             :default => "", :null => false
+    t.string   "encrypted_password", :limit => 128, :default => "", :null => false
+    t.datetime "created_at"
+    t.datetime "updated_at"
+  end
+
+end

data/spec/{rails_app/spec/integration → integration}/oauth2_authorization_token_grant_type_strategy_spec.rb

@@ -5,8 +5,8 @@ describe Devise::Strategies::Oauth2AuthorizationCodeGrantTypeStrategy do
     describe 'with grant_type=authorization_code' do
       context 'with valid params' do
         before do
-          @user = User.create! :email => 'ryan@socialcast.com', :name => 'ryan sonnek', :password => 'test'
-          @client = Client.create! :name => 'example', :redirect_uri => 'http://localhost', :website => 'http://localhost'
+          @user = User.create! :email => 'ryan@socialcast.com', :password => 'test'
+          @client = Devise::Oauth2Providable::Client.create! :name => 'example', :redirect_uri => 'http://localhost', :website => 'http://localhost'
           @authorization_code = @user.authorization_codes.create(:client_id => @client, :redirect_uri => @client.redirect_uri)
           params = {
             :grant_type => 'authorization_code',
@@ -20,8 +20,8 @@ describe Devise::Strategies::Oauth2AuthorizationCodeGrantTypeStrategy do
         it { response.code.to_i.should == 200 }
         it { response.content_type.should == 'application/json' }
         it 'returns json' do
-          token = AccessToken.last
-          refresh_token = RefreshToken.last
+          token = Devise::Oauth2Providable::AccessToken.last
+          refresh_token = Devise::Oauth2Providable::RefreshToken.last
           expected = {
             :token_type => 'bearer',
             :expires_in => 899,
@@ -33,8 +33,8 @@ describe Devise::Strategies::Oauth2AuthorizationCodeGrantTypeStrategy do
       end
       context 'with invalid authorization_code' do
         before do
-          @user = User.create! :email => 'ryan@socialcast.com', :name => 'ryan sonnek', :password => 'test'
-          @client = Client.create! :name => 'example', :redirect_uri => 'http://localhost', :website => 'http://localhost'
+          @user = User.create! :email => 'ryan@socialcast.com', :password => 'test'
+          @client = Devise::Oauth2Providable::Client.create! :name => 'example', :redirect_uri => 'http://localhost', :website => 'http://localhost'
           @authorization_code = @user.authorization_codes.create(:client_id => @client, :redirect_uri => @client.redirect_uri)
           params = {
             :grant_type => 'authorization_code',
@@ -48,7 +48,7 @@ describe Devise::Strategies::Oauth2AuthorizationCodeGrantTypeStrategy do
         it { response.code.to_i.should == 400 }
         it { response.content_type.should == 'application/json' }
         it 'returns json' do
-          token = AccessToken.last
+          token = Devise::Oauth2Providable::AccessToken.last
           refresh_token = @refresh_token
           expected = {
             :error => 'invalid_grant',

data/spec/{rails_app/spec/integration → integration}/oauth2_password_grant_type_strategy_spec.rb

@@ -5,8 +5,8 @@ describe Devise::Strategies::Oauth2PasswordGrantTypeStrategy do
     describe 'with grant_type=password' do
       context 'with valid params' do
         before do
-          @user = User.create! :email => 'ryan@socialcast.com', :name => 'ryan sonnek', :password => 'test'
-          @client = Client.create! :name => 'example', :redirect_uri => 'http://localhost', :website => 'http://localhost'
+          @user = User.create! :email => 'ryan@socialcast.com', :password => 'test'
+          @client = Devise::Oauth2Providable::Client.create! :name => 'example', :redirect_uri => 'http://localhost', :website => 'http://localhost'
 
           params = {
             :grant_type => 'password',
@@ -21,15 +21,15 @@ describe Devise::Strategies::Oauth2PasswordGrantTypeStrategy do
         it { response.code.to_i.should == 200 }
         it { response.content_type.should == 'application/json' }
         it 'returns json' do
-          token = AccessToken.last
+          token = Devise::Oauth2Providable::AccessToken.last
           expected = token.token_response
           response.body.should match_json(expected)
         end
       end
       context 'with invalid params' do
         before do
-          @user = User.create! :email => 'ryan@socialcast.com', :name => 'ryan sonnek', :password => 'test'
-          @client = Client.create! :name => 'example', :redirect_uri => 'http://localhost', :website => 'http://localhost'
+          @user = User.create! :email => 'ryan@socialcast.com', :password => 'test'
+          @client = Devise::Oauth2Providable::Client.create! :name => 'example', :redirect_uri => 'http://localhost', :website => 'http://localhost'
 
           params = {
             :grant_type => 'password',
@@ -53,7 +53,7 @@ describe Devise::Strategies::Oauth2PasswordGrantTypeStrategy do
       end
       context 'with invalid client' do
         before do
-          @user = User.create! :email => 'ryan@socialcast.com', :name => 'ryan sonnek', :password => 'test'
+          @user = User.create! :email => 'ryan@socialcast.com', :password => 'test'
 
           params = {
             :grant_type => 'password',

data/spec/{rails_app/spec/integration → integration}/oauth2_refresh_token_grant_type_strategy_spec.rb

@@ -5,8 +5,8 @@ describe Devise::Strategies::Oauth2RefreshTokenGrantTypeStrategy do
     describe 'with grant_type=refresh_token' do
       context 'with valid params' do
         before do
-          @user = User.create! :email => 'ryan@socialcast.com', :name => 'ryan sonnek', :password => 'test'
-          @client = Client.create! :name => 'example', :redirect_uri => 'http://localhost', :website => 'http://localhost'
+          @user = User.create! :email => 'ryan@socialcast.com', :password => 'test'
+          @client = Devise::Oauth2Providable::Client.create! :name => 'example', :redirect_uri => 'http://localhost', :website => 'http://localhost'
           @refresh_token = @client.refresh_tokens.create! :user => @user
           params = {
             :grant_type => 'refresh_token',
@@ -20,7 +20,7 @@ describe Devise::Strategies::Oauth2RefreshTokenGrantTypeStrategy do
         it { response.code.to_i.should == 200 }
         it { response.content_type.should == 'application/json' }
         it 'returns json' do
-          token = AccessToken.last
+          token = Devise::Oauth2Providable::AccessToken.last
           refresh_token = @refresh_token
           expected = {
             :token_type => 'bearer',
@@ -33,8 +33,8 @@ describe Devise::Strategies::Oauth2RefreshTokenGrantTypeStrategy do
       end
       context 'with invalid refresh_token' do
         before do
-          @user = User.create! :email => 'ryan@socialcast.com', :name => 'ryan sonnek', :password => 'test'
-          @client = Client.create! :name => 'example', :redirect_uri => 'http://localhost', :website => 'http://localhost'
+          @user = User.create! :email => 'ryan@socialcast.com', :password => 'test'
+          @client = Devise::Oauth2Providable::Client.create! :name => 'example', :redirect_uri => 'http://localhost', :website => 'http://localhost'
           @refresh_token = @client.refresh_tokens.create! :user => @user
           params = {
             :grant_type => 'refresh_token',
@@ -48,7 +48,7 @@ describe Devise::Strategies::Oauth2RefreshTokenGrantTypeStrategy do
         it { response.code.to_i.should == 400 }
         it { response.content_type.should == 'application/json' }
         it 'returns json' do
-          token = AccessToken.last
+          token = Devise::Oauth2Providable::AccessToken.last
           refresh_token = @refresh_token
           expected = {
             :error => 'invalid_grant',

data/spec/{rails_app/spec/models → models}/access_token_spec.rb

@@ -1,10 +1,12 @@
 require 'spec_helper'
 
-describe AccessToken do
+describe Devise::Oauth2Providable::AccessToken do
+  it { Devise::Oauth2Providable::AccessToken.table_name.should == 'oauth2_access_tokens' }
+
   describe 'basic access token instance' do
     subject do
-      client = Client.create! :name => 'test', :redirect_uri => 'http://localhost:3000', :website => 'http://localhost'
-      AccessToken.create! :client => client
+      client = Devise::Oauth2Providable::Client.create! :name => 'test', :redirect_uri => 'http://localhost:3000', :website => 'http://localhost'
+      Devise::Oauth2Providable::AccessToken.create! :client => client
     end
     it { should validate_presence_of :token }
     it { should validate_uniqueness_of :token }
@@ -23,10 +25,10 @@ describe AccessToken do
   describe 'refresh token expires before access token expires_at' do
     before do
       @soon = 1.minute.from_now
-      client = Client.create! :name => 'test', :redirect_uri => 'http://localhost:3000', :website => 'http://localhost'
+      client = Devise::Oauth2Providable::Client.create! :name => 'test', :redirect_uri => 'http://localhost:3000', :website => 'http://localhost'
       @refresh_token = client.refresh_tokens.create!
       @refresh_token.expires_at = @soon
-      @access_token = AccessToken.create! :client => client, :refresh_token => @refresh_token
+      @access_token = Devise::Oauth2Providable::AccessToken.create! :client => client, :refresh_token => @refresh_token
     end
     it 'should set the access token expires_at to equal refresh token' do
       @access_token.expires_at.should eq @soon

data/spec/{rails_app/spec/models → models}/authorization_code_spec.rb

@@ -1,10 +1,10 @@
 require 'spec_helper'
 
-describe AuthorizationCode do
+describe Devise::Oauth2Providable::AuthorizationCode do
   describe 'basic authorization code instance' do
     subject do
-      client = Client.create! :name => 'test', :redirect_uri => 'http://localhost:3000', :website => 'http://localhost'
-      AuthorizationCode.create! :client => client
+      client = Devise::Oauth2Providable::Client.create! :name => 'test', :redirect_uri => 'http://localhost:3000', :website => 'http://localhost'
+      Devise::Oauth2Providable::AuthorizationCode.create! :client => client
     end
     it { should validate_presence_of :token }
     it { should validate_uniqueness_of :token }