devise_oauth2_providable 1.0.1 → 1.0.2

data/app/models/devise/oauth2_providable/access_token.rb

@@ -1,10 +1,7 @@
-require 'expirable_token'
-
 class Devise::Oauth2Providable::AccessToken < ActiveRecord::Base
-  include ExpirableToken
-  self.default_lifetime = 15.minutes
+  expires_according_to :access_token_expires_in
 
-  before_validation :restrict_expires_at, :if => :refresh_token
+  before_validation :restrict_expires_at, :on => :create, :if => :refresh_token
   belongs_to :refresh_token
 
   def token_response
@@ -20,6 +17,6 @@ class Devise::Oauth2Providable::AccessToken < ActiveRecord::Base
   private
 
   def restrict_expires_at
-    self.expires_at = [self.expires_at, refresh_token.expires_at].min
+    self.expires_at = [self.expires_at, refresh_token.expires_at].compact.min
   end
 end

data/app/models/devise/oauth2_providable/authorization_code.rb

@@ -1,7 +1,6 @@
-require 'expirable_token'
-
 class Devise::Oauth2Providable::AuthorizationCode < ActiveRecord::Base
-  include ExpirableToken
+  expires_according_to :authorization_code_expires_in
+
   def access_token
     @access_token ||= expired! && user.access_tokens.create(:client => client)
   end

data/app/models/devise/oauth2_providable/refresh_token.rb

@@ -1,7 +1,5 @@
-require 'expirable_token'
-
 class Devise::Oauth2Providable::RefreshToken < ActiveRecord::Base
-  include ExpirableToken
-  self.default_lifetime = 1.month
+  expires_according_to :refresh_token_expires_in
+
   has_many :access_tokens
 end

data/devise_oauth2_providable.gemspec

@@ -21,6 +21,8 @@ Gem::Specification.new do |s|
   s.add_development_dependency(%q<sqlite3>, ['1.3.4'])
   s.add_development_dependency(%q<shoulda-matchers>, ['1.0.0.beta3'])
   s.add_development_dependency(%q<pry>, ['0.9.6.2'])
+  s.add_development_dependency(%q<factory_girl>, ['2.2.0'])
+  s.add_development_dependency(%q<factory_girl_rspec>, ['0.0.1'])
 
   s.files         = `git ls-files`.split("\n")
   s.test_files    = `git ls-files -- {test,spec,features}/*`.split("\n")

data/lib/devise/oauth2_providable/engine.rb

@@ -1,9 +1,14 @@
 module Devise
   module Oauth2Providable
     class Engine < Rails::Engine
+      config.devise_oauth2_providable = ActiveSupport::OrderedOptions.new
+      config.devise_oauth2_providable.access_token_expires_in       = 15.minutes
+      config.devise_oauth2_providable.refresh_token_expires_in      = 1.month
+      config.devise_oauth2_providable.authorization_code_expires_in = 1.minute
+
       engine_name 'oauth2'
       isolate_namespace Devise::Oauth2Providable
-      initializer "devise_oauth2_providable.initialize_application" do |app|
+      initializer "devise_oauth2_providable.initialize_application", :before=> :load_config_initializers do |app|
         app.config.filter_parameters << :client_secret
       end
     end

data/lib/devise/oauth2_providable/expirable_token.rb

@@ -0,0 +1,57 @@
+require 'active_support/concern'
+require 'active_record'
+
+module Devise
+  module Oauth2Providable
+    module ExpirableToken
+      extend ActiveSupport::Concern
+
+      module ClassMethods
+        def expires_according_to(config_name)
+          cattr_accessor :default_lifetime
+          self.default_lifetime = Rails.application.config.devise_oauth2_providable[config_name]
+
+          belongs_to :user
+          belongs_to :client
+
+          after_initialize :init_token, :on => :create, :unless => :token?
+          after_initialize :init_expires_at, :on => :create, :unless => :expires_at?
+          validates :expires_at, :presence => true
+          validates :client, :presence => true
+          validates :token, :presence => true, :uniqueness => true
+
+          scope :not_expired, lambda {
+            where(self.arel_table[:expires_at].gteq(Time.now.utc))
+          }
+          default_scope not_expired
+
+          include LocalInstanceMethods
+        end
+      end
+
+      module LocalInstanceMethods
+        # number of seconds until the token expires
+        def expires_in
+          (expires_at - Time.now.utc).to_i
+        end
+
+        # forcefully expire the token
+        def expired!
+          self.expires_at = Time.now.utc
+          self.save!
+        end
+
+        private
+
+        def init_token
+          self.token = Devise::Oauth2Providable.random_id
+        end
+        def init_expires_at
+          self.expires_at = self.default_lifetime.from_now
+        end
+      end
+    end
+  end
+end
+
+ActiveRecord::Base.send :include, Devise::Oauth2Providable::ExpirableToken

data/lib/devise/oauth2_providable/strategies/oauth2_authorization_code_grant_type_strategy.rb

@@ -8,7 +8,7 @@ module Devise
       end
 
       def authenticate!
-        if client && code = client.authorization_codes.valid.find_by_token(params[:code])
+        if client && code = client.authorization_codes.find_by_token(params[:code])
           success! code.user
         elsif !halted?
           oauth_error! :invalid_grant, 'invalid authorization code request'

data/lib/devise/oauth2_providable/strategies/oauth2_providable_strategy.rb

@@ -9,7 +9,7 @@ module Devise
       end
       def authenticate!
         @req.setup!
-        token = Devise::Oauth2Providable::AccessToken.valid.find_by_token @req.access_token
+        token = Devise::Oauth2Providable::AccessToken.find_by_token @req.access_token
         env[Devise::Oauth2Providable::CLIENT_ENV_REF] = token.client if token
         resource = token ? token.user : nil
         if validate(resource)

data/lib/devise/oauth2_providable/strategies/oauth2_refresh_token_grant_type_strategy.rb

@@ -8,7 +8,7 @@ module Devise
       end
 
       def authenticate!
-        if client && refresh_token = client.refresh_tokens.valid.find_by_token(params[:refresh_token])
+        if client && refresh_token = client.refresh_tokens.find_by_token(params[:refresh_token])
           env[Devise::Oauth2Providable::REFRESH_TOKEN_ENV_REF] = refresh_token
           success! refresh_token.user
         elsif !halted?

data/lib/devise/oauth2_providable/version.rb

@@ -1,5 +1,5 @@
 module Devise
   module Oauth2Providable
-    VERSION = "1.0.1"
+    VERSION = "1.0.2"
   end
 end

data/lib/devise_oauth2_providable.rb

@@ -1,6 +1,7 @@
 require 'devise'
 require 'rack/oauth2'
 require 'devise/oauth2_providable/engine'
+require 'devise/oauth2_providable/expirable_token'
 require 'devise/oauth2_providable/strategies/oauth2_providable_strategy'
 require 'devise/oauth2_providable/strategies/oauth2_password_grant_type_strategy'
 require 'devise/oauth2_providable/strategies/oauth2_refresh_token_grant_type_strategy'

data/spec/controllers/protected_controller_spec.rb

@@ -3,8 +3,8 @@ require 'spec_helper'
 describe ProtectedController do
 
   describe 'get :index' do
+    with :client
     before do
-      client = Devise::Oauth2Providable::Client.create! :name => 'test', :redirect_uri => 'http://localhost:3000', :website => 'http://localhost'
       @user = User.create! :email => 'foo@example.com'
       @token = Devise::Oauth2Providable::AccessToken.create! :client => client, :user => @user
     end

data/spec/dummy/config/application.rb

@@ -40,6 +40,12 @@ module Dummy
 
     # Version of your assets, change this if you want to expire all your assets
     config.assets.version = '1.0'
+
+
+    # (optional) configure token expiration
+    # config.devise_oauth2_providable.access_token_expires_in         = 1.second # 15.minute default
+    # config.devise_oauth2_providable.refresh_token_expires_in        = 1.minute # 1.month default
+    # config.devise_oauth2_providable.authorization_token_expires_in  = 5.seconds # 1.minute default
   end
 end
 

data/spec/factories/client_factory.rb

@@ -0,0 +1,5 @@
+Factory.define :client, :class => 'Devise::Oauth2Providable::Client' do |f|
+  f.name 'test'
+  f.website 'http://localhost'
+  f.redirect_uri 'http://localhost:3000'
+end

data/spec/integration/oauth2_authorization_token_grant_type_strategy_spec.rb

@@ -3,15 +3,15 @@ require 'spec_helper'
 describe Devise::Strategies::Oauth2AuthorizationCodeGrantTypeStrategy do
   describe 'POST /oauth2/token' do
     describe 'with grant_type=authorization_code' do
+      with :client
       context 'with valid params' do
         before do
           @user = User.create! :email => 'ryan@socialcast.com', :password => 'test'
-          @client = Devise::Oauth2Providable::Client.create! :name => 'example', :redirect_uri => 'http://localhost', :website => 'http://localhost'
-          @authorization_code = @user.authorization_codes.create(:client_id => @client, :redirect_uri => @client.redirect_uri)
+          @authorization_code = @user.authorization_codes.create(:client_id => client, :redirect_uri => client.redirect_uri)
           params = {
             :grant_type => 'authorization_code',
-            :client_id => @client.identifier,
-            :client_secret => @client.secret,
+            :client_id => client.identifier,
+            :client_secret => client.secret,
             :code => @authorization_code.token
           }
 
@@ -32,14 +32,14 @@ describe Devise::Strategies::Oauth2AuthorizationCodeGrantTypeStrategy do
         end
       end
       context 'with invalid authorization_code' do
+        with :client
         before do
           @user = User.create! :email => 'ryan@socialcast.com', :password => 'test'
-          @client = Devise::Oauth2Providable::Client.create! :name => 'example', :redirect_uri => 'http://localhost', :website => 'http://localhost'
-          @authorization_code = @user.authorization_codes.create(:client_id => @client, :redirect_uri => @client.redirect_uri)
+          @authorization_code = @user.authorization_codes.create(:client_id => client, :redirect_uri => client.redirect_uri)
           params = {
             :grant_type => 'authorization_code',
-            :client_id => @client.identifier,
-            :client_secret => @client.secret,
+            :client_id => client.identifier,
+            :client_secret => client.secret,
             :refresh_token => 'invalid'
           }
 

data/spec/integration/oauth2_password_grant_type_strategy_spec.rb

@@ -4,14 +4,14 @@ describe Devise::Strategies::Oauth2PasswordGrantTypeStrategy do
   describe 'POST /oauth2/token' do
     describe 'with grant_type=password' do
       context 'with valid params' do
+        with :client
         before do
           @user = User.create! :email => 'ryan@socialcast.com', :password => 'test'
-          @client = Devise::Oauth2Providable::Client.create! :name => 'example', :redirect_uri => 'http://localhost', :website => 'http://localhost'
 
           params = {
             :grant_type => 'password',
-            :client_id => @client.identifier,
-            :client_secret => @client.secret,
+            :client_id => client.identifier,
+            :client_secret => client.secret,
             :username => @user.email,
             :password => 'test'
           }
@@ -27,14 +27,14 @@ describe Devise::Strategies::Oauth2PasswordGrantTypeStrategy do
         end
       end
       context 'with invalid params' do
+        with :client
         before do
           @user = User.create! :email => 'ryan@socialcast.com', :password => 'test'
-          @client = Devise::Oauth2Providable::Client.create! :name => 'example', :redirect_uri => 'http://localhost', :website => 'http://localhost'
 
           params = {
             :grant_type => 'password',
-            :client_id => @client.identifier,
-            :client_secret => @client.secret,
+            :client_id => client.identifier,
+            :client_secret => client.secret,
             :username => @user.email,
             :password => 'bar'
           }

data/spec/integration/oauth2_refresh_token_grant_type_strategy_spec.rb

@@ -4,14 +4,14 @@ describe Devise::Strategies::Oauth2RefreshTokenGrantTypeStrategy do
   describe 'POST /oauth2/token' do
     describe 'with grant_type=refresh_token' do
       context 'with valid params' do
+        with :client
         before do
           @user = User.create! :email => 'ryan@socialcast.com', :password => 'test'
-          @client = Devise::Oauth2Providable::Client.create! :name => 'example', :redirect_uri => 'http://localhost', :website => 'http://localhost'
-          @refresh_token = @client.refresh_tokens.create! :user => @user
+          @refresh_token = client.refresh_tokens.create! :user => @user
           params = {
             :grant_type => 'refresh_token',
-            :client_id => @client.identifier,
-            :client_secret => @client.secret,
+            :client_id => client.identifier,
+            :client_secret => client.secret,
             :refresh_token => @refresh_token.token
           }
 
@@ -34,12 +34,12 @@ describe Devise::Strategies::Oauth2RefreshTokenGrantTypeStrategy do
       context 'with invalid refresh_token' do
         before do
           @user = User.create! :email => 'ryan@socialcast.com', :password => 'test'
-          @client = Devise::Oauth2Providable::Client.create! :name => 'example', :redirect_uri => 'http://localhost', :website => 'http://localhost'
-          @refresh_token = @client.refresh_tokens.create! :user => @user
+          client = Devise::Oauth2Providable::Client.create! :name => 'example', :redirect_uri => 'http://localhost', :website => 'http://localhost'
+          @refresh_token = client.refresh_tokens.create! :user => @user
           params = {
             :grant_type => 'refresh_token',
-            :client_id => @client.identifier,
-            :client_secret => @client.secret,
+            :client_id => client.identifier,
+            :client_secret => client.secret,
             :refresh_token => 'invalid'
           }
 

data/spec/models/access_token_spec.rb

@@ -4,8 +4,8 @@ describe Devise::Oauth2Providable::AccessToken do
   it { Devise::Oauth2Providable::AccessToken.table_name.should == 'oauth2_access_tokens' }
 
   describe 'basic access token instance' do
+    with :client
     subject do
-      client = Devise::Oauth2Providable::Client.create! :name => 'test', :redirect_uri => 'http://localhost:3000', :website => 'http://localhost'
       Devise::Oauth2Providable::AccessToken.create! :client => client
     end
     it { should validate_presence_of :token }
@@ -22,17 +22,30 @@ describe Devise::Oauth2Providable::AccessToken do
     it { should have_db_index :expires_at }
   end
 
-  describe 'refresh token expires before access token expires_at' do
-    before do
-      @soon = 1.minute.from_now
-      client = Devise::Oauth2Providable::Client.create! :name => 'test', :redirect_uri => 'http://localhost:3000', :website => 'http://localhost'
-      @refresh_token = client.refresh_tokens.create!
-      @refresh_token.expires_at = @soon
-      @access_token = Devise::Oauth2Providable::AccessToken.create! :client => client, :refresh_token => @refresh_token
+  describe '#expires_at' do
+    context 'when refresh token does not expire before access token' do
+      with :client
+      before do
+        @later = 1.year.from_now
+        @refresh_token = client.refresh_tokens.create!
+        @refresh_token.expires_at = @soon
+        @access_token = Devise::Oauth2Providable::AccessToken.create! :client => client, :refresh_token => @refresh_token
+      end
+      focus 'should not set the access token expires_at to equal refresh token' do
+        @access_token.expires_at.should_not == @later
+      end
     end
-    it 'should set the access token expires_at to equal refresh token' do
-      @access_token.expires_at.should eq @soon
+    context 'when refresh token expires before access token' do
+      with :client
+      before do
+        @soon = 1.minute.from_now
+        @refresh_token = client.refresh_tokens.create!
+        @refresh_token.expires_at = @soon
+        @access_token = Devise::Oauth2Providable::AccessToken.create! :client => client, :refresh_token => @refresh_token
+      end
+      it 'should set the access token expires_at to equal refresh token' do
+        @access_token.expires_at.should == @soon
+      end
     end
   end
 end
-

data/spec/models/authorization_code_spec.rb

@@ -2,8 +2,8 @@ require 'spec_helper'
 
 describe Devise::Oauth2Providable::AuthorizationCode do
   describe 'basic authorization code instance' do
+    with :client
     subject do
-      client = Devise::Oauth2Providable::Client.create! :name => 'test', :redirect_uri => 'http://localhost:3000', :website => 'http://localhost'
       Devise::Oauth2Providable::AuthorizationCode.create! :client => client
     end
     it { should validate_presence_of :token }

data/spec/models/refresh_token_spec.rb

@@ -4,8 +4,8 @@ describe Devise::Oauth2Providable::RefreshToken do
   it { Devise::Oauth2Providable::RefreshToken.table_name.should == 'oauth2_refresh_tokens' }
 
   describe 'basic refresh token instance' do
+    with :client
     subject do
-      client = Devise::Oauth2Providable::Client.create! :name => 'test', :redirect_uri => 'http://localhost:3000', :website => 'http://localhost'
       Devise::Oauth2Providable::RefreshToken.create! :client => client
     end
     it { should validate_presence_of :token }

data/spec/spec_helper.rb

@@ -2,9 +2,15 @@
 ENV["RAILS_ENV"] = "test"
 require File.expand_path("../dummy/config/environment.rb",  __FILE__)
 
+require 'pry'
 require 'rspec/rails'
 require 'shoulda-matchers'
-require 'pry'
+
+require 'factory_girl_rspec'
+FactoryGirl.definition_file_paths = [
+    File.join(File.dirname(__FILE__), 'factories')
+]
+FactoryGirl.find_definitions
 
 ENGINE_RAILS_ROOT=File.join(File.dirname(__FILE__), '../')
 

metadata

@@ -1,13 +1,13 @@
 --- !ruby/object:Gem::Specification 
 name: devise_oauth2_providable
 version: !ruby/object:Gem::Version 
-  hash: 21
+  hash: 19
   prerelease: 
   segments: 
   - 1
   - 0
-  - 1
-  version: 1.0.1
+  - 2
+  version: 1.0.2
 platform: ruby
 authors: 
 - Ryan Sonnek
@@ -15,7 +15,7 @@ autorequire:
 bindir: bin
 cert_chain: []
 
-date: 2011-10-27 00:00:00 Z
+date: 2011-10-28 00:00:00 Z
 dependencies: 
 - !ruby/object:Gem::Dependency 
   name: rails
@@ -132,6 +132,38 @@ dependencies:
         version: 0.9.6.2
   version_requirements: *id007
   type: :development
+- !ruby/object:Gem::Dependency 
+  name: factory_girl
+  prerelease: false
+  requirement: &id008 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - "="
+      - !ruby/object:Gem::Version 
+        hash: 7
+        segments: 
+        - 2
+        - 2
+        - 0
+        version: 2.2.0
+  version_requirements: *id008
+  type: :development
+- !ruby/object:Gem::Dependency 
+  name: factory_girl_rspec
+  prerelease: false
+  requirement: &id009 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - "="
+      - !ruby/object:Gem::Version 
+        hash: 29
+        segments: 
+        - 0
+        - 0
+        - 1
+        version: 0.0.1
+  version_requirements: *id009
+  type: :development
 description: Rails3 engine that adds OAuth2 Provider support to any application built with Devise authentication
 email: 
 - ryan@socialcast.com
@@ -163,6 +195,7 @@ files:
 - db/migrate/20111014160714_create_devise_oauth2_providable_schema.rb
 - devise_oauth2_providable.gemspec
 - lib/devise/oauth2_providable/engine.rb
+- lib/devise/oauth2_providable/expirable_token.rb
 - lib/devise/oauth2_providable/models/oauth2_authorization_code_grantable.rb
 - lib/devise/oauth2_providable/models/oauth2_password_grantable.rb
 - lib/devise/oauth2_providable/models/oauth2_providable.rb
@@ -174,7 +207,6 @@ files:
 - lib/devise/oauth2_providable/strategies/oauth2_refresh_token_grant_type_strategy.rb
 - lib/devise/oauth2_providable/version.rb
 - lib/devise_oauth2_providable.rb
-- lib/expirable_token.rb
 - script/rails
 - spec/controllers/protected_controller_spec.rb
 - spec/dummy/Rakefile
@@ -215,6 +247,7 @@ files:
 - spec/dummy/public/500.html
 - spec/dummy/public/favicon.ico
 - spec/dummy/script/rails
+- spec/factories/client_factory.rb
 - spec/integration/oauth2_authorization_token_grant_type_strategy_spec.rb
 - spec/integration/oauth2_password_grant_type_strategy_spec.rb
 - spec/integration/oauth2_refresh_token_grant_type_strategy_spec.rb
@@ -302,6 +335,7 @@ test_files:
 - spec/dummy/public/500.html
 - spec/dummy/public/favicon.ico
 - spec/dummy/script/rails
+- spec/factories/client_factory.rb
 - spec/integration/oauth2_authorization_token_grant_type_strategy_spec.rb
 - spec/integration/oauth2_password_grant_type_strategy_spec.rb
 - spec/integration/oauth2_refresh_token_grant_type_strategy_spec.rb

data/lib/expirable_token.rb

@@ -1,41 +0,0 @@
-module ExpirableToken
-  def self.included(klass)
-    klass.class_eval do
-      cattr_accessor :default_lifetime
-      self.default_lifetime = 1.minute
-
-      belongs_to :user
-      belongs_to :client
-
-      before_validation :init_token, :on => :create, :unless => :token?
-      before_validation :init_expires_at, :on => :create, :unless => :expires_at?
-      validates :expires_at, :presence => true
-      validates :client, :presence => true
-      validates :token, :presence => true, :uniqueness => true
-
-      # TODO: this should be a default scope once rails default_scope supports lambda's
-      scope :valid, lambda {
-        where(self.arel_table[:expires_at].gteq(Time.now.utc))
-      }
-    end
-  end
-
-  def expires_in
-    (expires_at - Time.now.utc).to_i
-  end
-
-  def expired!
-    self.expires_at = Time.now.utc
-    self.save!
-  end
-
-  private
-
-  def init_token
-    self.token = Devise::Oauth2Providable.random_id
-  end
-  def init_expires_at
-    self.expires_at = self.default_lifetime.from_now
-  end
-end
-