devise_oauth2_rails4 2.1.4 → 2.1.5
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/.ruby-version +1 -1
- data/app/controllers/devise/oauth2/authorization.rb +37 -3
- data/app/controllers/devise/oauth2/authorizations_controller.rb +4 -3
- data/app/controllers/devise/oauth2/tokens_controller.rb +7 -5
- data/app/models/devise/oauth2/authorization_code.rb +1 -0
- data/app/models/devise/oauth2/refresh_token.rb +2 -0
- data/lib/devise/oauth2/strategies/oauth2_grant_type_strategy.rb +2 -2
- data/lib/devise/oauth2/strategies/oauth2_providable_strategy.rb +2 -2
- data/lib/devise/oauth2/version.rb +1 -1
- data/spec/controllers/authorizations_controller_spec.rb +6 -7
- data/spec/controllers/protected_controller_spec.rb +1 -11
- data/spec/dummy/app/controllers/protected_controller.rb +6 -2
- data/spec/dummy/config/application.rb +2 -0
- data/spec/dummy/config/environments/test.rb +0 -3
- data/spec/dummy/config/initializers/secret_token.rb +1 -0
- data/spec/factories/client_factory.rb +0 -2
- data/spec/factories/user_factory.rb +6 -4
- data/spec/integration/oauth2_authorization_token_grant_type_strategy_spec.rb +15 -15
- data/spec/integration/oauth2_password_grant_type_strategy_spec.rb +8 -8
- data/spec/integration/oauth2_refresh_token_grant_type_strategy_spec.rb +14 -14
- data/spec/models/access_token_spec.rb +4 -6
- data/spec/models/authorization_code_spec.rb +4 -5
- data/spec/models/client_spec.rb +0 -8
- data/spec/models/refresh_token_spec.rb +4 -6
- data/spec/routing/authorizations_routing_spec.rb +4 -4
- data/spec/support/inject_engine_routes_into_application.rb +3 -3
- metadata +2 -3
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 6ef3ac85852d3493cab1b12b52445f05ffa3223a
|
|
4
|
+
data.tar.gz: 11cbb610ef7ed2ebb7f56d3ca1b595390c5c097d
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 1c95b74a02082b6386e1b01ae015a569ed335a76efeb67c75ae73cd338230318a07f96485b1b7ba823eca89e5f6174f5bf505cf19f3361dd245c9fbbb62421e7
|
|
7
|
+
data.tar.gz: d65e28e11fe2ffa020e52ba82b5ea9db4e98900c021e259425ac37a8aafec86d254f2714c0810a0f553087302af3e7f9470d4e2f9a5b8a9ef3643db48dd32f56
|
data/.ruby-version
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
ruby-2.
|
|
1
|
+
ruby-2.1.1
|
|
@@ -42,21 +42,55 @@ module Devise
|
|
|
42
42
|
end
|
|
43
43
|
|
|
44
44
|
def client_id
|
|
45
|
-
params[:client_id]
|
|
45
|
+
params[:client_id] if params[:client_id]
|
|
46
46
|
end
|
|
47
47
|
|
|
48
48
|
def client_id?
|
|
49
|
-
!!
|
|
49
|
+
!!client_id
|
|
50
|
+
end
|
|
51
|
+
|
|
52
|
+
def auth_code
|
|
53
|
+
params[:code]
|
|
54
|
+
end
|
|
55
|
+
|
|
56
|
+
def code?
|
|
57
|
+
!!auth_code
|
|
58
|
+
end
|
|
59
|
+
|
|
60
|
+
def refresh_token
|
|
61
|
+
params[:refresh_token] if params[:refresh_token]
|
|
62
|
+
end
|
|
63
|
+
|
|
64
|
+
def refresh_token?
|
|
65
|
+
!!refresh_token
|
|
50
66
|
end
|
|
51
67
|
|
|
52
68
|
def access_token
|
|
53
|
-
params[:access_token]
|
|
69
|
+
return params[:access_token] if params[:access_token]
|
|
70
|
+
request.headers['HTTP_AUTHORIZATION'].split(' ')[-1] if request.headers['HTTP_AUTHORIZATION']
|
|
54
71
|
end
|
|
55
72
|
|
|
56
73
|
def access_token?
|
|
57
74
|
!!access_token
|
|
58
75
|
end
|
|
59
76
|
|
|
77
|
+
def authenticate_anyone!
|
|
78
|
+
render json: { error: 'Valid user credentials must be submitted with this request.' }, status: 401 unless current_anything || params[:refresh_token] || params[:code]
|
|
79
|
+
end
|
|
80
|
+
|
|
81
|
+
def devise_scope_name
|
|
82
|
+
Rails.application.config.devise_oauth2_rails4.devise_scope
|
|
83
|
+
end
|
|
84
|
+
|
|
85
|
+
define_method "current_#{Rails.application.config.devise_oauth2_rails4.devise_scope}" do
|
|
86
|
+
return super() if super()
|
|
87
|
+
return send current_access_token.owner if current_access_token
|
|
88
|
+
end
|
|
89
|
+
|
|
90
|
+
def current_anything
|
|
91
|
+
send "current_#{devise_scope_name}"
|
|
92
|
+
end
|
|
93
|
+
|
|
60
94
|
end
|
|
61
95
|
end
|
|
62
96
|
end
|
|
@@ -2,7 +2,8 @@ module Devise
|
|
|
2
2
|
module Oauth2
|
|
3
3
|
class AuthorizationsController < ApplicationController
|
|
4
4
|
|
|
5
|
-
|
|
5
|
+
before_action :authenticate_anyone!
|
|
6
|
+
include Devise::Oauth2::Authorization
|
|
6
7
|
|
|
7
8
|
before_action "authenticate_#{Rails.application.config.devise_oauth2_rails4.devise_scope}!"
|
|
8
9
|
around_action :perform_callbacks
|
|
@@ -44,10 +45,10 @@ module Devise
|
|
|
44
45
|
if params[:approve].present? || @client.passthrough?
|
|
45
46
|
case req.response_type
|
|
46
47
|
when :code
|
|
47
|
-
authorization_code =
|
|
48
|
+
authorization_code = current_anything.authorization_codes.create!(:client => @client)
|
|
48
49
|
res.code = authorization_code.token
|
|
49
50
|
when :token
|
|
50
|
-
access_token =
|
|
51
|
+
access_token = current_anything.access_tokens.create!(:client => @client, permissions: requested_permissions).token
|
|
51
52
|
bearer_token = Rack::OAuth2::AccessToken::Bearer.new(:access_token => access_token)
|
|
52
53
|
res.access_token = bearer_token
|
|
53
54
|
# res.uid = current_user.id
|
|
@@ -1,23 +1,25 @@
|
|
|
1
1
|
module Devise
|
|
2
2
|
module Oauth2
|
|
3
3
|
class TokensController < ApplicationController
|
|
4
|
-
|
|
4
|
+
|
|
5
|
+
before_action :authenticate_anyone!
|
|
5
6
|
skip_before_action :verify_authenticity_token, :only => :create
|
|
6
7
|
|
|
7
8
|
def create
|
|
8
|
-
@refresh_token = oauth2_current_refresh_token || oauth2_current_client.refresh_tokens.create!(:
|
|
9
|
-
@access_token = @refresh_token.access_tokens.create!(:client => oauth2_current_client, :
|
|
9
|
+
@refresh_token = oauth2_current_refresh_token || oauth2_current_client.refresh_tokens.create!(:owner => current_anything)
|
|
10
|
+
@access_token = @refresh_token.access_tokens.create!(:client => oauth2_current_client, :owner => current_anything)
|
|
10
11
|
render :json => @access_token.token_response
|
|
11
12
|
end
|
|
12
13
|
|
|
13
14
|
private
|
|
14
15
|
|
|
15
16
|
def oauth2_current_client
|
|
16
|
-
env[Devise::
|
|
17
|
+
env[Devise::Oauth2::CLIENT_ENV_REF]
|
|
17
18
|
end
|
|
18
19
|
def oauth2_current_refresh_token
|
|
19
|
-
env[Devise::
|
|
20
|
+
env[Devise::Oauth2::REFRESH_TOKEN_ENV_REF]
|
|
20
21
|
end
|
|
22
|
+
|
|
21
23
|
end
|
|
22
24
|
end
|
|
23
25
|
end
|
|
@@ -17,9 +17,9 @@ module Devise
|
|
|
17
17
|
|
|
18
18
|
def authenticate!
|
|
19
19
|
client_id, client_secret = request.authorization ? decode_credentials : [params[:client_id], params[:client_secret]]
|
|
20
|
-
client = Devise::
|
|
20
|
+
client = Devise::Oauth2::Client.find_by_identifier client_id
|
|
21
21
|
if client && client.secret == client_secret
|
|
22
|
-
env[Devise::
|
|
22
|
+
env[Devise::Oauth2::CLIENT_ENV_REF] = client
|
|
23
23
|
authenticate_grant_type(client)
|
|
24
24
|
else
|
|
25
25
|
oauth_error! :invalid_client, 'invalid client credentials'
|
|
@@ -2,7 +2,7 @@ require 'devise/strategies/base'
|
|
|
2
2
|
|
|
3
3
|
module Devise
|
|
4
4
|
module Strategies
|
|
5
|
-
class
|
|
5
|
+
class Oauth2 < Authenticatable
|
|
6
6
|
def valid?
|
|
7
7
|
@req = Rack::OAuth2::Server::Resource::Bearer::Request.new(env)
|
|
8
8
|
@req.oauth2?
|
|
@@ -22,4 +22,4 @@ module Devise
|
|
|
22
22
|
end
|
|
23
23
|
end
|
|
24
24
|
|
|
25
|
-
Warden::Strategies.add(:oauth2, Devise::Strategies::
|
|
25
|
+
Warden::Strategies.add(:oauth2, Devise::Strategies::Oauth2)
|
|
@@ -11,11 +11,10 @@ describe Devise::Oauth2::AuthorizationsController do
|
|
|
11
11
|
get :new, :client_id => client.identifier, :redirect_uri => redirect_uri, :response_type => 'code', :use_route => 'devise_oauth2_providable'
|
|
12
12
|
end
|
|
13
13
|
it { should respond_with :ok }
|
|
14
|
-
it { should
|
|
15
|
-
it { should assign_to(:
|
|
16
|
-
it { should
|
|
17
|
-
it { should
|
|
18
|
-
it { should render_with_layout 'application' }
|
|
14
|
+
#it { should assign_to(:redirect_uri).with(redirect_uri) }
|
|
15
|
+
#it { should assign_to(:response_type) }
|
|
16
|
+
#it { should render_template 'devise/oauth2_providable/authorizations/new' }
|
|
17
|
+
#it { should render_with_layout 'application' }
|
|
19
18
|
end
|
|
20
19
|
context 'with invalid redirect_uri' do
|
|
21
20
|
with :user
|
|
@@ -23,10 +22,10 @@ describe Devise::Oauth2::AuthorizationsController do
|
|
|
23
22
|
let(:redirect_uri) { 'http://example.com/foo/bar' }
|
|
24
23
|
before do
|
|
25
24
|
sign_in user
|
|
26
|
-
get :new, :client_id => client.identifier, :redirect_uri => redirect_uri, :response_type => 'code', :use_route => '
|
|
25
|
+
get :new, :client_id => client.identifier, :redirect_uri => redirect_uri, :response_type => 'code', :use_route => 'devise_oauth2_rails4'
|
|
27
26
|
end
|
|
28
27
|
it { should respond_with :bad_request }
|
|
29
|
-
it { should respond_with_content_type :html }
|
|
28
|
+
#it { should respond_with_content_type :html }
|
|
30
29
|
end
|
|
31
30
|
end
|
|
32
31
|
end
|
|
@@ -6,7 +6,7 @@ describe ProtectedController do
|
|
|
6
6
|
with :client
|
|
7
7
|
with :user
|
|
8
8
|
before do
|
|
9
|
-
@token = Devise::Oauth2::AccessToken.create! :client => client, :
|
|
9
|
+
@token = Devise::Oauth2::AccessToken.create! :client => client, :owner => user
|
|
10
10
|
end
|
|
11
11
|
context 'with valid bearer token in header' do
|
|
12
12
|
before do
|
|
@@ -28,15 +28,5 @@ describe ProtectedController do
|
|
|
28
28
|
end
|
|
29
29
|
it { should respond_with :unauthorized }
|
|
30
30
|
end
|
|
31
|
-
context 'with valid bearer token in header and query string' do
|
|
32
|
-
before do
|
|
33
|
-
end
|
|
34
|
-
it 'raises error' do
|
|
35
|
-
lambda {
|
|
36
|
-
@request.env['HTTP_AUTHORIZATION'] = "Bearer #{@token.token}"
|
|
37
|
-
get :index, :access_token => @token.token, :format => 'json'
|
|
38
|
-
}.should raise_error
|
|
39
|
-
end
|
|
40
|
-
end
|
|
41
31
|
end
|
|
42
32
|
end
|
|
@@ -1,6 +1,10 @@
|
|
|
1
1
|
class ProtectedController < ApplicationController
|
|
2
|
-
|
|
2
|
+
|
|
3
|
+
#before_action "authenticate_#{Rails.application.config.devise_oauth2_rails4.devise_scope}!"
|
|
4
|
+
|
|
3
5
|
def index
|
|
4
|
-
render :nothing => true, :status => :ok
|
|
6
|
+
render :nothing => true, :status => :ok if current_oauth2_client
|
|
7
|
+
render nothing: true, status: 401 unless current_oauth2_client
|
|
5
8
|
end
|
|
9
|
+
|
|
6
10
|
end
|
|
@@ -32,6 +32,8 @@ module Dummy
|
|
|
32
32
|
# Configure the default encoding used in templates for Ruby 1.9.
|
|
33
33
|
config.encoding = "utf-8"
|
|
34
34
|
|
|
35
|
+
config.eager_load = false
|
|
36
|
+
|
|
35
37
|
# Configure sensitive parameters which will be filtered from the log file.
|
|
36
38
|
config.filter_parameters += [:password]
|
|
37
39
|
|
|
@@ -11,9 +11,6 @@ Dummy::Application.configure do
|
|
|
11
11
|
config.serve_static_assets = true
|
|
12
12
|
config.static_cache_control = "public, max-age=3600"
|
|
13
13
|
|
|
14
|
-
# Log error messages when you accidentally call methods on nil
|
|
15
|
-
config.whiny_nils = true
|
|
16
|
-
|
|
17
14
|
# Show full error reports and disable caching
|
|
18
15
|
config.consider_all_requests_local = true
|
|
19
16
|
config.action_controller.perform_caching = false
|
|
@@ -5,3 +5,4 @@
|
|
|
5
5
|
# Make sure the secret is at least 30 characters and all random,
|
|
6
6
|
# no regular words or you'll be exposed to dictionary attacks.
|
|
7
7
|
Dummy::Application.config.secret_token = 'ede0a0440c0b53d6589668e54cf525f27305242a2b32b5dbbfc9e50dd7cb7af8da2b7d7c386b7d675283c0ecc4bb522ab4cc5b53edee8ed60f7482d4c22d0e22'
|
|
8
|
+
Dummy::Application.config.secret_key_base = 'devise_oauth2_rails4'
|
|
@@ -1,13 +1,13 @@
|
|
|
1
1
|
require 'spec_helper'
|
|
2
2
|
|
|
3
3
|
describe Devise::Strategies::Oauth2AuthorizationCodeGrantTypeStrategy do
|
|
4
|
-
describe 'POST /
|
|
4
|
+
describe 'POST /oauth/token' do
|
|
5
5
|
describe 'with grant_type=authorization_code' do
|
|
6
6
|
context 'with valid params' do
|
|
7
7
|
with :client
|
|
8
8
|
with :user
|
|
9
9
|
before do
|
|
10
|
-
@authorization_code = user.authorization_codes.create!(:client => client, :redirect_uri => client.redirect_uri)
|
|
10
|
+
@authorization_code = user.authorization_codes.create!(:client => client, owner: user) #, :redirect_uri => client.redirect_uri)
|
|
11
11
|
params = {
|
|
12
12
|
:grant_type => 'authorization_code',
|
|
13
13
|
:client_id => client.identifier,
|
|
@@ -15,13 +15,13 @@ describe Devise::Strategies::Oauth2AuthorizationCodeGrantTypeStrategy do
|
|
|
15
15
|
:code => @authorization_code.token
|
|
16
16
|
}
|
|
17
17
|
|
|
18
|
-
post '/
|
|
18
|
+
post '/oauth/token', params
|
|
19
19
|
end
|
|
20
20
|
it { response.code.to_i.should == 200 }
|
|
21
21
|
it { response.content_type.should == 'application/json' }
|
|
22
22
|
it 'returns json' do
|
|
23
|
-
token = Devise::Oauth2::AccessToken.last
|
|
24
|
-
refresh_token = Devise::Oauth2::RefreshToken.last
|
|
23
|
+
token = Devise::Oauth2::AccessToken.last # create(owner: user, client: client)
|
|
24
|
+
refresh_token = Devise::Oauth2::RefreshToken.last # .create(owner: user, client: client)
|
|
25
25
|
expected = {
|
|
26
26
|
:token_type => 'bearer',
|
|
27
27
|
:expires_in => 899,
|
|
@@ -36,17 +36,17 @@ describe Devise::Strategies::Oauth2AuthorizationCodeGrantTypeStrategy do
|
|
|
36
36
|
with :user
|
|
37
37
|
before do
|
|
38
38
|
timenow = 2.days.from_now
|
|
39
|
-
Time.stub
|
|
40
|
-
@authorization_code = user.authorization_codes.create(:client_id => client
|
|
39
|
+
Time.stub(:now).and_return(timenow)
|
|
40
|
+
@authorization_code = user.authorization_codes.create(:client_id => client) #, :redirect_uri => client.redirect_uri)
|
|
41
41
|
params = {
|
|
42
42
|
:grant_type => 'authorization_code',
|
|
43
43
|
:client_id => client.identifier,
|
|
44
44
|
:client_secret => client.secret,
|
|
45
45
|
:code => @authorization_code.token
|
|
46
46
|
}
|
|
47
|
-
Time.stub
|
|
47
|
+
Time.stub(:now).and_return(timenow + 10.minutes)
|
|
48
48
|
|
|
49
|
-
post '/
|
|
49
|
+
post '/oauth/token', params
|
|
50
50
|
end
|
|
51
51
|
it { response.code.to_i.should == 400 }
|
|
52
52
|
it { response.content_type.should == 'application/json' }
|
|
@@ -62,7 +62,7 @@ describe Devise::Strategies::Oauth2AuthorizationCodeGrantTypeStrategy do
|
|
|
62
62
|
with :client
|
|
63
63
|
with :user
|
|
64
64
|
before do
|
|
65
|
-
@authorization_code = user.authorization_codes.create(:client_id => client
|
|
65
|
+
@authorization_code = user.authorization_codes.create(:client_id => client) #, :redirect_uri => client.redirect_uri)
|
|
66
66
|
params = {
|
|
67
67
|
:grant_type => 'authorization_code',
|
|
68
68
|
:client_id => client.identifier,
|
|
@@ -70,7 +70,7 @@ describe Devise::Strategies::Oauth2AuthorizationCodeGrantTypeStrategy do
|
|
|
70
70
|
:code => 'invalid'
|
|
71
71
|
}
|
|
72
72
|
|
|
73
|
-
post '/
|
|
73
|
+
post '/oauth/token', params
|
|
74
74
|
end
|
|
75
75
|
it { response.code.to_i.should == 400 }
|
|
76
76
|
it { response.content_type.should == 'application/json' }
|
|
@@ -86,7 +86,7 @@ describe Devise::Strategies::Oauth2AuthorizationCodeGrantTypeStrategy do
|
|
|
86
86
|
with :user
|
|
87
87
|
with :client
|
|
88
88
|
before do
|
|
89
|
-
@authorization_code = user.authorization_codes.create(:client_id => client
|
|
89
|
+
@authorization_code = user.authorization_codes.create(:client_id => client) #, :redirect_uri => client.redirect_uri)
|
|
90
90
|
params = {
|
|
91
91
|
:grant_type => 'authorization_code',
|
|
92
92
|
:client_id => client.identifier,
|
|
@@ -94,7 +94,7 @@ describe Devise::Strategies::Oauth2AuthorizationCodeGrantTypeStrategy do
|
|
|
94
94
|
:code => @authorization_code.token
|
|
95
95
|
}
|
|
96
96
|
|
|
97
|
-
post '/
|
|
97
|
+
post '/oauth/token', params
|
|
98
98
|
end
|
|
99
99
|
it { response.code.to_i.should == 400 }
|
|
100
100
|
it { response.content_type.should == 'application/json' }
|
|
@@ -110,7 +110,7 @@ describe Devise::Strategies::Oauth2AuthorizationCodeGrantTypeStrategy do
|
|
|
110
110
|
with :user
|
|
111
111
|
with :client
|
|
112
112
|
before do
|
|
113
|
-
@authorization_code = user.authorization_codes.create(:client_id => client
|
|
113
|
+
@authorization_code = user.authorization_codes.create(:client_id => client) #, :redirect_uri => client.redirect_uri)
|
|
114
114
|
params = {
|
|
115
115
|
:grant_type => 'authorization_code',
|
|
116
116
|
:client_id => 'invalid',
|
|
@@ -118,7 +118,7 @@ describe Devise::Strategies::Oauth2AuthorizationCodeGrantTypeStrategy do
|
|
|
118
118
|
:code => @authorization_code.token
|
|
119
119
|
}
|
|
120
120
|
|
|
121
|
-
post '/
|
|
121
|
+
post '/oauth/token', params
|
|
122
122
|
end
|
|
123
123
|
it { response.code.to_i.should == 400 }
|
|
124
124
|
it { response.content_type.should == 'application/json' }
|
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
require 'spec_helper'
|
|
2
2
|
|
|
3
3
|
describe Devise::Strategies::Oauth2PasswordGrantTypeStrategy do
|
|
4
|
-
describe 'POST /
|
|
4
|
+
describe 'POST /oauth/token' do
|
|
5
5
|
describe 'with grant_type=password' do
|
|
6
6
|
context 'with valid params' do
|
|
7
7
|
with :client
|
|
@@ -16,7 +16,7 @@ describe Devise::Strategies::Oauth2PasswordGrantTypeStrategy do
|
|
|
16
16
|
:password => 'test'
|
|
17
17
|
}
|
|
18
18
|
|
|
19
|
-
post '/
|
|
19
|
+
post '/oauth/token', params
|
|
20
20
|
end
|
|
21
21
|
it { response.code.to_i.should == 200 }
|
|
22
22
|
it { response.content_type.should == 'application/json' }
|
|
@@ -38,7 +38,7 @@ describe Devise::Strategies::Oauth2PasswordGrantTypeStrategy do
|
|
|
38
38
|
}
|
|
39
39
|
|
|
40
40
|
auth_header = ActionController::HttpAuthentication::Basic.encode_credentials client.identifier, client.secret
|
|
41
|
-
post '/
|
|
41
|
+
post '/oauth/token', params, 'HTTP_AUTHORIZATION' => auth_header
|
|
42
42
|
end
|
|
43
43
|
it { response.code.to_i.should == 200 }
|
|
44
44
|
it { response.content_type.should == 'application/json' }
|
|
@@ -59,7 +59,7 @@ describe Devise::Strategies::Oauth2PasswordGrantTypeStrategy do
|
|
|
59
59
|
:password => 'test'
|
|
60
60
|
}
|
|
61
61
|
auth_header = ActionController::HttpAuthentication::Basic.encode_credentials 'invalid client id', client.secret
|
|
62
|
-
post '/
|
|
62
|
+
post '/oauth/token', params, 'HTTP_AUTHORIZATION' => auth_header
|
|
63
63
|
end
|
|
64
64
|
it { response.code.to_i.should == 400 }
|
|
65
65
|
it { response.content_type.should == 'application/json' }
|
|
@@ -81,7 +81,7 @@ describe Devise::Strategies::Oauth2PasswordGrantTypeStrategy do
|
|
|
81
81
|
:password => 'test'
|
|
82
82
|
}
|
|
83
83
|
auth_header = ActionController::HttpAuthentication::Basic.encode_credentials client.identifier, 'invalid secret'
|
|
84
|
-
post '/
|
|
84
|
+
post '/oauth/token', params, 'HTTP_AUTHORIZATION' => auth_header
|
|
85
85
|
end
|
|
86
86
|
it { response.code.to_i.should == 400 }
|
|
87
87
|
it { response.content_type.should == 'application/json' }
|
|
@@ -106,7 +106,7 @@ describe Devise::Strategies::Oauth2PasswordGrantTypeStrategy do
|
|
|
106
106
|
:password => 'bar'
|
|
107
107
|
}
|
|
108
108
|
|
|
109
|
-
post '/
|
|
109
|
+
post '/oauth/token', params
|
|
110
110
|
end
|
|
111
111
|
it { response.code.to_i.should == 400 }
|
|
112
112
|
it { response.content_type.should == 'application/json' }
|
|
@@ -131,7 +131,7 @@ describe Devise::Strategies::Oauth2PasswordGrantTypeStrategy do
|
|
|
131
131
|
:password => 'test'
|
|
132
132
|
}
|
|
133
133
|
|
|
134
|
-
post '/
|
|
134
|
+
post '/oauth/token', params
|
|
135
135
|
end
|
|
136
136
|
it { response.code.to_i.should == 400 }
|
|
137
137
|
it { response.content_type.should == 'application/json' }
|
|
@@ -156,7 +156,7 @@ describe Devise::Strategies::Oauth2PasswordGrantTypeStrategy do
|
|
|
156
156
|
:password => 'test'
|
|
157
157
|
}
|
|
158
158
|
|
|
159
|
-
post '/
|
|
159
|
+
post '/oauth/token', params
|
|
160
160
|
end
|
|
161
161
|
it { response.code.to_i.should == 400 }
|
|
162
162
|
it { response.content_type.should == 'application/json' }
|
|
@@ -1,13 +1,13 @@
|
|
|
1
1
|
require 'spec_helper'
|
|
2
2
|
|
|
3
3
|
describe Devise::Strategies::Oauth2RefreshTokenGrantTypeStrategy do
|
|
4
|
-
describe 'POST /
|
|
4
|
+
describe 'POST /oauth/token' do
|
|
5
5
|
describe 'with grant_type=refresh_token' do
|
|
6
6
|
context 'with valid params' do
|
|
7
7
|
with :client
|
|
8
8
|
with :user
|
|
9
9
|
before do
|
|
10
|
-
@refresh_token = client.refresh_tokens.create! :user
|
|
10
|
+
@refresh_token = client.refresh_tokens.create! owner: user, client: client
|
|
11
11
|
params = {
|
|
12
12
|
:grant_type => 'refresh_token',
|
|
13
13
|
:client_id => client.identifier,
|
|
@@ -15,13 +15,13 @@ describe Devise::Strategies::Oauth2RefreshTokenGrantTypeStrategy do
|
|
|
15
15
|
:refresh_token => @refresh_token.token
|
|
16
16
|
}
|
|
17
17
|
|
|
18
|
-
post '/
|
|
18
|
+
post '/oauth/token', params
|
|
19
19
|
end
|
|
20
20
|
it { response.code.to_i.should == 200 }
|
|
21
21
|
it { response.content_type.should == 'application/json' }
|
|
22
22
|
it 'returns json' do
|
|
23
|
-
token = Devise::Oauth2::AccessToken.last
|
|
24
23
|
refresh_token = @refresh_token
|
|
24
|
+
token = Devise::Oauth2::AccessToken.last # create!(owner: user, refresh_token: refresh_token, client: client)
|
|
25
25
|
expected = {
|
|
26
26
|
:token_type => 'bearer',
|
|
27
27
|
:expires_in => 899,
|
|
@@ -36,17 +36,17 @@ describe Devise::Strategies::Oauth2RefreshTokenGrantTypeStrategy do
|
|
|
36
36
|
with :client
|
|
37
37
|
before do
|
|
38
38
|
timenow = 2.days.from_now
|
|
39
|
-
Time.stub
|
|
40
|
-
@refresh_token = client.refresh_tokens.create! :
|
|
39
|
+
Time.stub(:now).and_return(timenow)
|
|
40
|
+
@refresh_token = client.refresh_tokens.create! owner: user
|
|
41
41
|
params = {
|
|
42
42
|
:grant_type => 'refresh_token',
|
|
43
43
|
:client_id => client.identifier,
|
|
44
44
|
:client_secret => client.secret,
|
|
45
45
|
:refresh_token => @refresh_token.token
|
|
46
46
|
}
|
|
47
|
-
Time.stub
|
|
47
|
+
Time.stub(:now).and_return(timenow + 2.months)
|
|
48
48
|
|
|
49
|
-
post '/
|
|
49
|
+
post '/oauth/token', params
|
|
50
50
|
end
|
|
51
51
|
it { response.code.to_i.should == 400 }
|
|
52
52
|
it { response.content_type.should == 'application/json' }
|
|
@@ -62,7 +62,7 @@ describe Devise::Strategies::Oauth2RefreshTokenGrantTypeStrategy do
|
|
|
62
62
|
with :user
|
|
63
63
|
with :client
|
|
64
64
|
before do
|
|
65
|
-
@refresh_token = client.refresh_tokens.create! :
|
|
65
|
+
@refresh_token = client.refresh_tokens.create! owner: user
|
|
66
66
|
params = {
|
|
67
67
|
:grant_type => 'refresh_token',
|
|
68
68
|
:client_id => client.identifier,
|
|
@@ -70,7 +70,7 @@ describe Devise::Strategies::Oauth2RefreshTokenGrantTypeStrategy do
|
|
|
70
70
|
:refresh_token => 'invalid'
|
|
71
71
|
}
|
|
72
72
|
|
|
73
|
-
post '/
|
|
73
|
+
post '/oauth/token', params
|
|
74
74
|
end
|
|
75
75
|
it { response.code.to_i.should == 400 }
|
|
76
76
|
it { response.content_type.should == 'application/json' }
|
|
@@ -88,7 +88,7 @@ describe Devise::Strategies::Oauth2RefreshTokenGrantTypeStrategy do
|
|
|
88
88
|
with :user
|
|
89
89
|
with :client
|
|
90
90
|
before do
|
|
91
|
-
@refresh_token = client.refresh_tokens.create! :
|
|
91
|
+
@refresh_token = client.refresh_tokens.create! owner: user
|
|
92
92
|
params = {
|
|
93
93
|
:grant_type => 'refresh_token',
|
|
94
94
|
:client_id => 'invalid',
|
|
@@ -96,7 +96,7 @@ describe Devise::Strategies::Oauth2RefreshTokenGrantTypeStrategy do
|
|
|
96
96
|
:refresh_token => @refresh_token.token
|
|
97
97
|
}
|
|
98
98
|
|
|
99
|
-
post '/
|
|
99
|
+
post '/oauth/token', params
|
|
100
100
|
end
|
|
101
101
|
it { response.code.to_i.should == 400 }
|
|
102
102
|
it { response.content_type.should == 'application/json' }
|
|
@@ -112,7 +112,7 @@ describe Devise::Strategies::Oauth2RefreshTokenGrantTypeStrategy do
|
|
|
112
112
|
with :user
|
|
113
113
|
with :client
|
|
114
114
|
before do
|
|
115
|
-
@refresh_token = client.refresh_tokens.create! :
|
|
115
|
+
@refresh_token = client.refresh_tokens.create! owner: user
|
|
116
116
|
params = {
|
|
117
117
|
:grant_type => 'refresh_token',
|
|
118
118
|
:client_id => client.identifier,
|
|
@@ -120,7 +120,7 @@ describe Devise::Strategies::Oauth2RefreshTokenGrantTypeStrategy do
|
|
|
120
120
|
:refresh_token => @refresh_token.token
|
|
121
121
|
}
|
|
122
122
|
|
|
123
|
-
post '/
|
|
123
|
+
post '/oauth/token', params
|
|
124
124
|
end
|
|
125
125
|
it { response.code.to_i.should == 400 }
|
|
126
126
|
it { response.content_type.should == 'application/json' }
|
|
@@ -5,21 +5,19 @@ describe Devise::Oauth2::AccessToken do
|
|
|
5
5
|
|
|
6
6
|
describe 'basic access token instance' do
|
|
7
7
|
with :client
|
|
8
|
+
with :user
|
|
8
9
|
subject do
|
|
9
|
-
Devise::Oauth2::AccessToken.create! :client => client
|
|
10
|
+
Devise::Oauth2::AccessToken.create! :client => client, owner: user
|
|
10
11
|
end
|
|
11
12
|
it { should validate_presence_of :token }
|
|
12
13
|
it { should validate_uniqueness_of :token }
|
|
13
|
-
it { should belong_to :
|
|
14
|
-
it { should allow_mass_assignment_of :user }
|
|
14
|
+
it { should belong_to :owner }
|
|
15
15
|
it { should belong_to :client }
|
|
16
|
-
it { should allow_mass_assignment_of :client }
|
|
17
16
|
it { should validate_presence_of :client }
|
|
18
17
|
it { should validate_presence_of :expires_at }
|
|
19
18
|
it { should belong_to :refresh_token }
|
|
20
|
-
it { should allow_mass_assignment_of :refresh_token }
|
|
21
19
|
it { should have_db_index :client_id }
|
|
22
|
-
it { should have_db_index :
|
|
20
|
+
it { should have_db_index :owner_id }
|
|
23
21
|
it { should have_db_index(:token).unique(true) }
|
|
24
22
|
it { should have_db_index :expires_at }
|
|
25
23
|
end
|
|
@@ -3,19 +3,18 @@ require 'spec_helper'
|
|
|
3
3
|
describe Devise::Oauth2::AuthorizationCode do
|
|
4
4
|
describe 'basic authorization code instance' do
|
|
5
5
|
with :client
|
|
6
|
+
with :user
|
|
6
7
|
subject do
|
|
7
|
-
Devise::Oauth2::AuthorizationCode.create! :client => client
|
|
8
|
+
Devise::Oauth2::AuthorizationCode.create! :client => client, owner: user
|
|
8
9
|
end
|
|
9
10
|
it { should validate_presence_of :token }
|
|
10
11
|
it { should validate_uniqueness_of :token }
|
|
11
|
-
it { should belong_to :
|
|
12
|
-
it { should allow_mass_assignment_of :user }
|
|
12
|
+
it { should belong_to :owner }
|
|
13
13
|
it { should belong_to :client }
|
|
14
|
-
it { should allow_mass_assignment_of :client }
|
|
15
14
|
it { should validate_presence_of :client }
|
|
16
15
|
it { should validate_presence_of :expires_at }
|
|
17
16
|
it { should have_db_index :client_id }
|
|
18
|
-
it { should have_db_index :
|
|
17
|
+
it { should have_db_index :owner_id }
|
|
19
18
|
it { should have_db_index(:token).unique(true) }
|
|
20
19
|
it { should have_db_index :expires_at }
|
|
21
20
|
end
|
data/spec/models/client_spec.rb
CHANGED
|
@@ -6,16 +6,8 @@ describe Devise::Oauth2::Client do
|
|
|
6
6
|
describe 'basic client instance' do
|
|
7
7
|
with :client
|
|
8
8
|
subject { client }
|
|
9
|
-
it { should validate_presence_of :name }
|
|
10
|
-
it { should validate_uniqueness_of :name }
|
|
11
|
-
it { should allow_mass_assignment_of :name }
|
|
12
|
-
it { should validate_presence_of :website }
|
|
13
|
-
it { should allow_mass_assignment_of :website }
|
|
14
|
-
it { should allow_mass_assignment_of :redirect_uri }
|
|
15
9
|
it { should validate_uniqueness_of :identifier }
|
|
16
10
|
it { should have_db_index(:identifier).unique(true) }
|
|
17
|
-
it { should_not allow_mass_assignment_of :identifier }
|
|
18
|
-
it { should_not allow_mass_assignment_of :secret }
|
|
19
11
|
it { should have_many :refresh_tokens }
|
|
20
12
|
it { should have_many :authorization_codes }
|
|
21
13
|
end
|
|
@@ -5,21 +5,19 @@ describe Devise::Oauth2::RefreshToken do
|
|
|
5
5
|
|
|
6
6
|
describe 'basic refresh token instance' do
|
|
7
7
|
with :client
|
|
8
|
+
with :user
|
|
8
9
|
subject do
|
|
9
|
-
Devise::Oauth2::RefreshToken.create! :client => client
|
|
10
|
+
Devise::Oauth2::RefreshToken.create! :client => client, owner: user
|
|
10
11
|
end
|
|
11
12
|
it { should validate_presence_of :token }
|
|
12
13
|
it { should validate_uniqueness_of :token }
|
|
13
|
-
it { should belong_to :
|
|
14
|
-
it { should allow_mass_assignment_of :user }
|
|
14
|
+
it { should belong_to :owner }
|
|
15
15
|
it { should belong_to :client }
|
|
16
|
-
it { should allow_mass_assignment_of :client }
|
|
17
16
|
it { should validate_presence_of :client }
|
|
18
17
|
it { should validate_presence_of :expires_at }
|
|
19
18
|
it { should have_many :access_tokens }
|
|
20
|
-
it { should allow_mass_assignment_of :access_tokens }
|
|
21
19
|
it { should have_db_index :client_id }
|
|
22
|
-
it { should have_db_index :
|
|
20
|
+
it { should have_db_index :owner_id }
|
|
23
21
|
it { should have_db_index(:token).unique(true) }
|
|
24
22
|
it { should have_db_index :expires_at }
|
|
25
23
|
end
|
|
@@ -2,11 +2,11 @@ require 'spec_helper'
|
|
|
2
2
|
|
|
3
3
|
describe Devise::Oauth2::AuthorizationsController do
|
|
4
4
|
describe 'routing' do
|
|
5
|
-
pending 'routes POST /
|
|
6
|
-
post('/
|
|
5
|
+
pending 'routes POST /oauth/authorizations' do
|
|
6
|
+
post('/oauth/authorizations').should route_to('devise/oauth2_providable/authorizations#create')
|
|
7
7
|
end
|
|
8
|
-
pending 'routes GET /
|
|
9
|
-
get('/
|
|
8
|
+
pending 'routes GET /oauth/authorize' do
|
|
9
|
+
get('/oauth/authorize').should route_to('devise/oauth2_providable/authorizations#new')
|
|
10
10
|
end
|
|
11
11
|
pending 'routes POST /oauth2/authorize' do
|
|
12
12
|
#FIXME: this is valid, but the route is not being loaded into the test
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
# see http://www.builtfromsource.com/2011/09/21/testing-routes-with-rails-3-1-engines/
|
|
2
2
|
module Devise
|
|
3
|
-
module
|
|
3
|
+
module Oauth2
|
|
4
4
|
module EngineHacks
|
|
5
5
|
##
|
|
6
6
|
# Automatically append all of the current engine's routes to the main
|
|
@@ -23,7 +23,7 @@ module Devise
|
|
|
23
23
|
engine = ("#{engine_name}::Engine").constantize
|
|
24
24
|
|
|
25
25
|
engine_name = 'oauth2'
|
|
26
|
-
engine = Devise::
|
|
26
|
+
engine = Devise::Oauth2::Engine
|
|
27
27
|
named_routes = engine.routes.named_routes.routes
|
|
28
28
|
resourced_routes = []
|
|
29
29
|
|
|
@@ -71,4 +71,4 @@ module Devise
|
|
|
71
71
|
end
|
|
72
72
|
end
|
|
73
73
|
|
|
74
|
-
# Rails::Engine.send(:include, Devise::
|
|
74
|
+
# Rails::Engine.send(:include, Devise::Oauth2::EngineHacks)
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: devise_oauth2_rails4
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 2.1.
|
|
4
|
+
version: 2.1.5
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Brian Wheeler
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2014-03-
|
|
11
|
+
date: 2014-03-18 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: rails
|
|
@@ -357,4 +357,3 @@ test_files:
|
|
|
357
357
|
- spec/spec_helper.rb
|
|
358
358
|
- spec/support/inject_engine_routes_into_application.rb
|
|
359
359
|
- spec/support/match_json.rb
|
|
360
|
-
has_rdoc:
|