devise_oauth2_rails4 2.1.4 → 2.1.5

Sign up to get free protection for your applications and to get access to all the features.
Files changed (28) hide show
  1. checksums.yaml +4 -4
  2. data/.ruby-version +1 -1
  3. data/app/controllers/devise/oauth2/authorization.rb +37 -3
  4. data/app/controllers/devise/oauth2/authorizations_controller.rb +4 -3
  5. data/app/controllers/devise/oauth2/tokens_controller.rb +7 -5
  6. data/app/models/devise/oauth2/authorization_code.rb +1 -0
  7. data/app/models/devise/oauth2/refresh_token.rb +2 -0
  8. data/lib/devise/oauth2/strategies/oauth2_grant_type_strategy.rb +2 -2
  9. data/lib/devise/oauth2/strategies/oauth2_providable_strategy.rb +2 -2
  10. data/lib/devise/oauth2/version.rb +1 -1
  11. data/spec/controllers/authorizations_controller_spec.rb +6 -7
  12. data/spec/controllers/protected_controller_spec.rb +1 -11
  13. data/spec/dummy/app/controllers/protected_controller.rb +6 -2
  14. data/spec/dummy/config/application.rb +2 -0
  15. data/spec/dummy/config/environments/test.rb +0 -3
  16. data/spec/dummy/config/initializers/secret_token.rb +1 -0
  17. data/spec/factories/client_factory.rb +0 -2
  18. data/spec/factories/user_factory.rb +6 -4
  19. data/spec/integration/oauth2_authorization_token_grant_type_strategy_spec.rb +15 -15
  20. data/spec/integration/oauth2_password_grant_type_strategy_spec.rb +8 -8
  21. data/spec/integration/oauth2_refresh_token_grant_type_strategy_spec.rb +14 -14
  22. data/spec/models/access_token_spec.rb +4 -6
  23. data/spec/models/authorization_code_spec.rb +4 -5
  24. data/spec/models/client_spec.rb +0 -8
  25. data/spec/models/refresh_token_spec.rb +4 -6
  26. data/spec/routing/authorizations_routing_spec.rb +4 -4
  27. data/spec/support/inject_engine_routes_into_application.rb +3 -3
  28. metadata +2 -3
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 3081119c635043cc1264551bd02dcf91d2f52d4f
4
- data.tar.gz: 4b9bfe298a549c343b7f0671f37315f26e7e87cb
3
+ metadata.gz: 6ef3ac85852d3493cab1b12b52445f05ffa3223a
4
+ data.tar.gz: 11cbb610ef7ed2ebb7f56d3ca1b595390c5c097d
5
5
  SHA512:
6
- metadata.gz: 5580d66582d7d39c3ed8c93438788c3979b21b1b581cf5e0ae4a8e4f750cc22b114ae68bb52982d36fb6bc3582238ac6fad91bdad72cc23551d2534dae182176
7
- data.tar.gz: 81a7799f3f3964bd0ab02c30c2b0ca22879e6ded82d689a1034ff9e45126b8ab525845928d06d0b68da073c5dd36ea1782f8a7212bfede65faa4c858024005a1
6
+ metadata.gz: 1c95b74a02082b6386e1b01ae015a569ed335a76efeb67c75ae73cd338230318a07f96485b1b7ba823eca89e5f6174f5bf505cf19f3361dd245c9fbbb62421e7
7
+ data.tar.gz: d65e28e11fe2ffa020e52ba82b5ea9db4e98900c021e259425ac37a8aafec86d254f2714c0810a0f553087302af3e7f9470d4e2f9a5b8a9ef3643db48dd32f56
@@ -1 +1 @@
1
- ruby-2.0.0-p0
1
+ ruby-2.1.1
@@ -42,21 +42,55 @@ module Devise
42
42
  end
43
43
 
44
44
  def client_id
45
- params[:client_id]
45
+ params[:client_id] if params[:client_id]
46
46
  end
47
47
 
48
48
  def client_id?
49
- !!params[:client_id]
49
+ !!client_id
50
+ end
51
+
52
+ def auth_code
53
+ params[:code]
54
+ end
55
+
56
+ def code?
57
+ !!auth_code
58
+ end
59
+
60
+ def refresh_token
61
+ params[:refresh_token] if params[:refresh_token]
62
+ end
63
+
64
+ def refresh_token?
65
+ !!refresh_token
50
66
  end
51
67
 
52
68
  def access_token
53
- params[:access_token]
69
+ return params[:access_token] if params[:access_token]
70
+ request.headers['HTTP_AUTHORIZATION'].split(' ')[-1] if request.headers['HTTP_AUTHORIZATION']
54
71
  end
55
72
 
56
73
  def access_token?
57
74
  !!access_token
58
75
  end
59
76
 
77
+ def authenticate_anyone!
78
+ render json: { error: 'Valid user credentials must be submitted with this request.' }, status: 401 unless current_anything || params[:refresh_token] || params[:code]
79
+ end
80
+
81
+ def devise_scope_name
82
+ Rails.application.config.devise_oauth2_rails4.devise_scope
83
+ end
84
+
85
+ define_method "current_#{Rails.application.config.devise_oauth2_rails4.devise_scope}" do
86
+ return super() if super()
87
+ return send current_access_token.owner if current_access_token
88
+ end
89
+
90
+ def current_anything
91
+ send "current_#{devise_scope_name}"
92
+ end
93
+
60
94
  end
61
95
  end
62
96
  end
@@ -2,7 +2,8 @@ module Devise
2
2
  module Oauth2
3
3
  class AuthorizationsController < ApplicationController
4
4
 
5
- #include ::PermissionsHelper
5
+ before_action :authenticate_anyone!
6
+ include Devise::Oauth2::Authorization
6
7
 
7
8
  before_action "authenticate_#{Rails.application.config.devise_oauth2_rails4.devise_scope}!"
8
9
  around_action :perform_callbacks
@@ -44,10 +45,10 @@ module Devise
44
45
  if params[:approve].present? || @client.passthrough?
45
46
  case req.response_type
46
47
  when :code
47
- authorization_code = current_user.authorization_codes.create!(:client => @client)
48
+ authorization_code = current_anything.authorization_codes.create!(:client => @client)
48
49
  res.code = authorization_code.token
49
50
  when :token
50
- access_token = current_user.access_tokens.create!(:client => @client, permissions: requested_permissions).token
51
+ access_token = current_anything.access_tokens.create!(:client => @client, permissions: requested_permissions).token
51
52
  bearer_token = Rack::OAuth2::AccessToken::Bearer.new(:access_token => access_token)
52
53
  res.access_token = bearer_token
53
54
  # res.uid = current_user.id
@@ -1,23 +1,25 @@
1
1
  module Devise
2
2
  module Oauth2
3
3
  class TokensController < ApplicationController
4
- before_action :authenticate_user!
4
+
5
+ before_action :authenticate_anyone!
5
6
  skip_before_action :verify_authenticity_token, :only => :create
6
7
 
7
8
  def create
8
- @refresh_token = oauth2_current_refresh_token || oauth2_current_client.refresh_tokens.create!(:user => current_user)
9
- @access_token = @refresh_token.access_tokens.create!(:client => oauth2_current_client, :user => current_user)
9
+ @refresh_token = oauth2_current_refresh_token || oauth2_current_client.refresh_tokens.create!(:owner => current_anything)
10
+ @access_token = @refresh_token.access_tokens.create!(:client => oauth2_current_client, :owner => current_anything)
10
11
  render :json => @access_token.token_response
11
12
  end
12
13
 
13
14
  private
14
15
 
15
16
  def oauth2_current_client
16
- env[Devise::Oauth2Providable::CLIENT_ENV_REF]
17
+ env[Devise::Oauth2::CLIENT_ENV_REF]
17
18
  end
18
19
  def oauth2_current_refresh_token
19
- env[Devise::Oauth2Providable::REFRESH_TOKEN_ENV_REF]
20
+ env[Devise::Oauth2::REFRESH_TOKEN_ENV_REF]
20
21
  end
22
+
21
23
  end
22
24
  end
23
25
  end
@@ -1,3 +1,4 @@
1
1
  class Devise::Oauth2::AuthorizationCode < ActiveRecord::Base
2
2
  expires_according_to :authorization_code_expires_in
3
+ belongs_to :owner, polymorphic: true
3
4
  end
@@ -1,9 +1,11 @@
1
1
  class Devise::Oauth2::RefreshToken < ActiveRecord::Base
2
+
2
3
  expires_according_to :refresh_token_expires_in
3
4
 
4
5
  # Deprecated
5
6
  #attr_accessible :access_tokens
6
7
 
8
+ belongs_to :owner, polymorphic: true
7
9
  has_many :access_tokens
8
10
 
9
11
  end
@@ -17,9 +17,9 @@ module Devise
17
17
 
18
18
  def authenticate!
19
19
  client_id, client_secret = request.authorization ? decode_credentials : [params[:client_id], params[:client_secret]]
20
- client = Devise::Oauth2Providable::Client.find_by_identifier client_id
20
+ client = Devise::Oauth2::Client.find_by_identifier client_id
21
21
  if client && client.secret == client_secret
22
- env[Devise::Oauth2Providable::CLIENT_ENV_REF] = client
22
+ env[Devise::Oauth2::CLIENT_ENV_REF] = client
23
23
  authenticate_grant_type(client)
24
24
  else
25
25
  oauth_error! :invalid_client, 'invalid client credentials'
@@ -2,7 +2,7 @@ require 'devise/strategies/base'
2
2
 
3
3
  module Devise
4
4
  module Strategies
5
- class Oauth2Providable < Authenticatable
5
+ class Oauth2 < Authenticatable
6
6
  def valid?
7
7
  @req = Rack::OAuth2::Server::Resource::Bearer::Request.new(env)
8
8
  @req.oauth2?
@@ -22,4 +22,4 @@ module Devise
22
22
  end
23
23
  end
24
24
 
25
- Warden::Strategies.add(:oauth2, Devise::Strategies::Oauth2Providable)
25
+ Warden::Strategies.add(:oauth2, Devise::Strategies::Oauth2)
@@ -1,5 +1,5 @@
1
1
  module Devise
2
2
  module Oauth2
3
- VERSION = "2.1.4"
3
+ VERSION = "2.1.5"
4
4
  end
5
5
  end
@@ -11,11 +11,10 @@ describe Devise::Oauth2::AuthorizationsController do
11
11
  get :new, :client_id => client.identifier, :redirect_uri => redirect_uri, :response_type => 'code', :use_route => 'devise_oauth2_providable'
12
12
  end
13
13
  it { should respond_with :ok }
14
- it { should respond_with_content_type :html }
15
- it { should assign_to(:redirect_uri).with(redirect_uri) }
16
- it { should assign_to(:response_type) }
17
- it { should render_template 'devise/oauth2_providable/authorizations/new' }
18
- it { should render_with_layout 'application' }
14
+ #it { should assign_to(:redirect_uri).with(redirect_uri) }
15
+ #it { should assign_to(:response_type) }
16
+ #it { should render_template 'devise/oauth2_providable/authorizations/new' }
17
+ #it { should render_with_layout 'application' }
19
18
  end
20
19
  context 'with invalid redirect_uri' do
21
20
  with :user
@@ -23,10 +22,10 @@ describe Devise::Oauth2::AuthorizationsController do
23
22
  let(:redirect_uri) { 'http://example.com/foo/bar' }
24
23
  before do
25
24
  sign_in user
26
- get :new, :client_id => client.identifier, :redirect_uri => redirect_uri, :response_type => 'code', :use_route => 'devise_oauth2_providable'
25
+ get :new, :client_id => client.identifier, :redirect_uri => redirect_uri, :response_type => 'code', :use_route => 'devise_oauth2_rails4'
27
26
  end
28
27
  it { should respond_with :bad_request }
29
- it { should respond_with_content_type :html }
28
+ #it { should respond_with_content_type :html }
30
29
  end
31
30
  end
32
31
  end
@@ -6,7 +6,7 @@ describe ProtectedController do
6
6
  with :client
7
7
  with :user
8
8
  before do
9
- @token = Devise::Oauth2::AccessToken.create! :client => client, :user => user
9
+ @token = Devise::Oauth2::AccessToken.create! :client => client, :owner => user
10
10
  end
11
11
  context 'with valid bearer token in header' do
12
12
  before do
@@ -28,15 +28,5 @@ describe ProtectedController do
28
28
  end
29
29
  it { should respond_with :unauthorized }
30
30
  end
31
- context 'with valid bearer token in header and query string' do
32
- before do
33
- end
34
- it 'raises error' do
35
- lambda {
36
- @request.env['HTTP_AUTHORIZATION'] = "Bearer #{@token.token}"
37
- get :index, :access_token => @token.token, :format => 'json'
38
- }.should raise_error
39
- end
40
- end
41
31
  end
42
32
  end
@@ -1,6 +1,10 @@
1
1
  class ProtectedController < ApplicationController
2
- before_filter :authenticate_user!
2
+
3
+ #before_action "authenticate_#{Rails.application.config.devise_oauth2_rails4.devise_scope}!"
4
+
3
5
  def index
4
- render :nothing => true, :status => :ok
6
+ render :nothing => true, :status => :ok if current_oauth2_client
7
+ render nothing: true, status: 401 unless current_oauth2_client
5
8
  end
9
+
6
10
  end
@@ -32,6 +32,8 @@ module Dummy
32
32
  # Configure the default encoding used in templates for Ruby 1.9.
33
33
  config.encoding = "utf-8"
34
34
 
35
+ config.eager_load = false
36
+
35
37
  # Configure sensitive parameters which will be filtered from the log file.
36
38
  config.filter_parameters += [:password]
37
39
 
@@ -11,9 +11,6 @@ Dummy::Application.configure do
11
11
  config.serve_static_assets = true
12
12
  config.static_cache_control = "public, max-age=3600"
13
13
 
14
- # Log error messages when you accidentally call methods on nil
15
- config.whiny_nils = true
16
-
17
14
  # Show full error reports and disable caching
18
15
  config.consider_all_requests_local = true
19
16
  config.action_controller.perform_caching = false
@@ -5,3 +5,4 @@
5
5
  # Make sure the secret is at least 30 characters and all random,
6
6
  # no regular words or you'll be exposed to dictionary attacks.
7
7
  Dummy::Application.config.secret_token = 'ede0a0440c0b53d6589668e54cf525f27305242a2b32b5dbbfc9e50dd7cb7af8da2b7d7c386b7d675283c0ecc4bb522ab4cc5b53edee8ed60f7482d4c22d0e22'
8
+ Dummy::Application.config.secret_key_base = 'devise_oauth2_rails4'
@@ -1,7 +1,5 @@
1
1
  FactoryGirl.define do
2
2
  factory :client, :class => 'Devise::Oauth2::Client' do
3
- name 'test'
4
- website 'http://localhost'
5
3
  redirect_uri 'http://localhost:3000'
6
4
  end
7
5
  end
@@ -1,4 +1,6 @@
1
- #FactoryGirl.register_factory :user do |f|
2
- # f.email 'ryan@socialcast.com'
3
- # f.password 'test'
4
- #end
1
+ FactoryGirl.define do
2
+ factory :user do |f|
3
+ f.email 'ryan@socialcast.com'
4
+ f.password 'test'
5
+ end
6
+ end
@@ -1,13 +1,13 @@
1
1
  require 'spec_helper'
2
2
 
3
3
  describe Devise::Strategies::Oauth2AuthorizationCodeGrantTypeStrategy do
4
- describe 'POST /oauth2/token' do
4
+ describe 'POST /oauth/token' do
5
5
  describe 'with grant_type=authorization_code' do
6
6
  context 'with valid params' do
7
7
  with :client
8
8
  with :user
9
9
  before do
10
- @authorization_code = user.authorization_codes.create!(:client => client, :redirect_uri => client.redirect_uri)
10
+ @authorization_code = user.authorization_codes.create!(:client => client, owner: user) #, :redirect_uri => client.redirect_uri)
11
11
  params = {
12
12
  :grant_type => 'authorization_code',
13
13
  :client_id => client.identifier,
@@ -15,13 +15,13 @@ describe Devise::Strategies::Oauth2AuthorizationCodeGrantTypeStrategy do
15
15
  :code => @authorization_code.token
16
16
  }
17
17
 
18
- post '/oauth2/token', params
18
+ post '/oauth/token', params
19
19
  end
20
20
  it { response.code.to_i.should == 200 }
21
21
  it { response.content_type.should == 'application/json' }
22
22
  it 'returns json' do
23
- token = Devise::Oauth2::AccessToken.last
24
- refresh_token = Devise::Oauth2::RefreshToken.last
23
+ token = Devise::Oauth2::AccessToken.last # create(owner: user, client: client)
24
+ refresh_token = Devise::Oauth2::RefreshToken.last # .create(owner: user, client: client)
25
25
  expected = {
26
26
  :token_type => 'bearer',
27
27
  :expires_in => 899,
@@ -36,17 +36,17 @@ describe Devise::Strategies::Oauth2AuthorizationCodeGrantTypeStrategy do
36
36
  with :user
37
37
  before do
38
38
  timenow = 2.days.from_now
39
- Time.stub!(:now).and_return(timenow)
40
- @authorization_code = user.authorization_codes.create(:client_id => client, :redirect_uri => client.redirect_uri)
39
+ Time.stub(:now).and_return(timenow)
40
+ @authorization_code = user.authorization_codes.create(:client_id => client) #, :redirect_uri => client.redirect_uri)
41
41
  params = {
42
42
  :grant_type => 'authorization_code',
43
43
  :client_id => client.identifier,
44
44
  :client_secret => client.secret,
45
45
  :code => @authorization_code.token
46
46
  }
47
- Time.stub!(:now).and_return(timenow + 10.minutes)
47
+ Time.stub(:now).and_return(timenow + 10.minutes)
48
48
 
49
- post '/oauth2/token', params
49
+ post '/oauth/token', params
50
50
  end
51
51
  it { response.code.to_i.should == 400 }
52
52
  it { response.content_type.should == 'application/json' }
@@ -62,7 +62,7 @@ describe Devise::Strategies::Oauth2AuthorizationCodeGrantTypeStrategy do
62
62
  with :client
63
63
  with :user
64
64
  before do
65
- @authorization_code = user.authorization_codes.create(:client_id => client, :redirect_uri => client.redirect_uri)
65
+ @authorization_code = user.authorization_codes.create(:client_id => client) #, :redirect_uri => client.redirect_uri)
66
66
  params = {
67
67
  :grant_type => 'authorization_code',
68
68
  :client_id => client.identifier,
@@ -70,7 +70,7 @@ describe Devise::Strategies::Oauth2AuthorizationCodeGrantTypeStrategy do
70
70
  :code => 'invalid'
71
71
  }
72
72
 
73
- post '/oauth2/token', params
73
+ post '/oauth/token', params
74
74
  end
75
75
  it { response.code.to_i.should == 400 }
76
76
  it { response.content_type.should == 'application/json' }
@@ -86,7 +86,7 @@ describe Devise::Strategies::Oauth2AuthorizationCodeGrantTypeStrategy do
86
86
  with :user
87
87
  with :client
88
88
  before do
89
- @authorization_code = user.authorization_codes.create(:client_id => client, :redirect_uri => client.redirect_uri)
89
+ @authorization_code = user.authorization_codes.create(:client_id => client) #, :redirect_uri => client.redirect_uri)
90
90
  params = {
91
91
  :grant_type => 'authorization_code',
92
92
  :client_id => client.identifier,
@@ -94,7 +94,7 @@ describe Devise::Strategies::Oauth2AuthorizationCodeGrantTypeStrategy do
94
94
  :code => @authorization_code.token
95
95
  }
96
96
 
97
- post '/oauth2/token', params
97
+ post '/oauth/token', params
98
98
  end
99
99
  it { response.code.to_i.should == 400 }
100
100
  it { response.content_type.should == 'application/json' }
@@ -110,7 +110,7 @@ describe Devise::Strategies::Oauth2AuthorizationCodeGrantTypeStrategy do
110
110
  with :user
111
111
  with :client
112
112
  before do
113
- @authorization_code = user.authorization_codes.create(:client_id => client, :redirect_uri => client.redirect_uri)
113
+ @authorization_code = user.authorization_codes.create(:client_id => client) #, :redirect_uri => client.redirect_uri)
114
114
  params = {
115
115
  :grant_type => 'authorization_code',
116
116
  :client_id => 'invalid',
@@ -118,7 +118,7 @@ describe Devise::Strategies::Oauth2AuthorizationCodeGrantTypeStrategy do
118
118
  :code => @authorization_code.token
119
119
  }
120
120
 
121
- post '/oauth2/token', params
121
+ post '/oauth/token', params
122
122
  end
123
123
  it { response.code.to_i.should == 400 }
124
124
  it { response.content_type.should == 'application/json' }
@@ -1,7 +1,7 @@
1
1
  require 'spec_helper'
2
2
 
3
3
  describe Devise::Strategies::Oauth2PasswordGrantTypeStrategy do
4
- describe 'POST /oauth2/token' do
4
+ describe 'POST /oauth/token' do
5
5
  describe 'with grant_type=password' do
6
6
  context 'with valid params' do
7
7
  with :client
@@ -16,7 +16,7 @@ describe Devise::Strategies::Oauth2PasswordGrantTypeStrategy do
16
16
  :password => 'test'
17
17
  }
18
18
 
19
- post '/oauth2/token', params
19
+ post '/oauth/token', params
20
20
  end
21
21
  it { response.code.to_i.should == 200 }
22
22
  it { response.content_type.should == 'application/json' }
@@ -38,7 +38,7 @@ describe Devise::Strategies::Oauth2PasswordGrantTypeStrategy do
38
38
  }
39
39
 
40
40
  auth_header = ActionController::HttpAuthentication::Basic.encode_credentials client.identifier, client.secret
41
- post '/oauth2/token', params, 'HTTP_AUTHORIZATION' => auth_header
41
+ post '/oauth/token', params, 'HTTP_AUTHORIZATION' => auth_header
42
42
  end
43
43
  it { response.code.to_i.should == 200 }
44
44
  it { response.content_type.should == 'application/json' }
@@ -59,7 +59,7 @@ describe Devise::Strategies::Oauth2PasswordGrantTypeStrategy do
59
59
  :password => 'test'
60
60
  }
61
61
  auth_header = ActionController::HttpAuthentication::Basic.encode_credentials 'invalid client id', client.secret
62
- post '/oauth2/token', params, 'HTTP_AUTHORIZATION' => auth_header
62
+ post '/oauth/token', params, 'HTTP_AUTHORIZATION' => auth_header
63
63
  end
64
64
  it { response.code.to_i.should == 400 }
65
65
  it { response.content_type.should == 'application/json' }
@@ -81,7 +81,7 @@ describe Devise::Strategies::Oauth2PasswordGrantTypeStrategy do
81
81
  :password => 'test'
82
82
  }
83
83
  auth_header = ActionController::HttpAuthentication::Basic.encode_credentials client.identifier, 'invalid secret'
84
- post '/oauth2/token', params, 'HTTP_AUTHORIZATION' => auth_header
84
+ post '/oauth/token', params, 'HTTP_AUTHORIZATION' => auth_header
85
85
  end
86
86
  it { response.code.to_i.should == 400 }
87
87
  it { response.content_type.should == 'application/json' }
@@ -106,7 +106,7 @@ describe Devise::Strategies::Oauth2PasswordGrantTypeStrategy do
106
106
  :password => 'bar'
107
107
  }
108
108
 
109
- post '/oauth2/token', params
109
+ post '/oauth/token', params
110
110
  end
111
111
  it { response.code.to_i.should == 400 }
112
112
  it { response.content_type.should == 'application/json' }
@@ -131,7 +131,7 @@ describe Devise::Strategies::Oauth2PasswordGrantTypeStrategy do
131
131
  :password => 'test'
132
132
  }
133
133
 
134
- post '/oauth2/token', params
134
+ post '/oauth/token', params
135
135
  end
136
136
  it { response.code.to_i.should == 400 }
137
137
  it { response.content_type.should == 'application/json' }
@@ -156,7 +156,7 @@ describe Devise::Strategies::Oauth2PasswordGrantTypeStrategy do
156
156
  :password => 'test'
157
157
  }
158
158
 
159
- post '/oauth2/token', params
159
+ post '/oauth/token', params
160
160
  end
161
161
  it { response.code.to_i.should == 400 }
162
162
  it { response.content_type.should == 'application/json' }
@@ -1,13 +1,13 @@
1
1
  require 'spec_helper'
2
2
 
3
3
  describe Devise::Strategies::Oauth2RefreshTokenGrantTypeStrategy do
4
- describe 'POST /oauth2/token' do
4
+ describe 'POST /oauth/token' do
5
5
  describe 'with grant_type=refresh_token' do
6
6
  context 'with valid params' do
7
7
  with :client
8
8
  with :user
9
9
  before do
10
- @refresh_token = client.refresh_tokens.create! :user => user
10
+ @refresh_token = client.refresh_tokens.create! owner: user, client: client
11
11
  params = {
12
12
  :grant_type => 'refresh_token',
13
13
  :client_id => client.identifier,
@@ -15,13 +15,13 @@ describe Devise::Strategies::Oauth2RefreshTokenGrantTypeStrategy do
15
15
  :refresh_token => @refresh_token.token
16
16
  }
17
17
 
18
- post '/oauth2/token', params
18
+ post '/oauth/token', params
19
19
  end
20
20
  it { response.code.to_i.should == 200 }
21
21
  it { response.content_type.should == 'application/json' }
22
22
  it 'returns json' do
23
- token = Devise::Oauth2::AccessToken.last
24
23
  refresh_token = @refresh_token
24
+ token = Devise::Oauth2::AccessToken.last # create!(owner: user, refresh_token: refresh_token, client: client)
25
25
  expected = {
26
26
  :token_type => 'bearer',
27
27
  :expires_in => 899,
@@ -36,17 +36,17 @@ describe Devise::Strategies::Oauth2RefreshTokenGrantTypeStrategy do
36
36
  with :client
37
37
  before do
38
38
  timenow = 2.days.from_now
39
- Time.stub!(:now).and_return(timenow)
40
- @refresh_token = client.refresh_tokens.create! :user => user
39
+ Time.stub(:now).and_return(timenow)
40
+ @refresh_token = client.refresh_tokens.create! owner: user
41
41
  params = {
42
42
  :grant_type => 'refresh_token',
43
43
  :client_id => client.identifier,
44
44
  :client_secret => client.secret,
45
45
  :refresh_token => @refresh_token.token
46
46
  }
47
- Time.stub!(:now).and_return(timenow + 2.months)
47
+ Time.stub(:now).and_return(timenow + 2.months)
48
48
 
49
- post '/oauth2/token', params
49
+ post '/oauth/token', params
50
50
  end
51
51
  it { response.code.to_i.should == 400 }
52
52
  it { response.content_type.should == 'application/json' }
@@ -62,7 +62,7 @@ describe Devise::Strategies::Oauth2RefreshTokenGrantTypeStrategy do
62
62
  with :user
63
63
  with :client
64
64
  before do
65
- @refresh_token = client.refresh_tokens.create! :user => user
65
+ @refresh_token = client.refresh_tokens.create! owner: user
66
66
  params = {
67
67
  :grant_type => 'refresh_token',
68
68
  :client_id => client.identifier,
@@ -70,7 +70,7 @@ describe Devise::Strategies::Oauth2RefreshTokenGrantTypeStrategy do
70
70
  :refresh_token => 'invalid'
71
71
  }
72
72
 
73
- post '/oauth2/token', params
73
+ post '/oauth/token', params
74
74
  end
75
75
  it { response.code.to_i.should == 400 }
76
76
  it { response.content_type.should == 'application/json' }
@@ -88,7 +88,7 @@ describe Devise::Strategies::Oauth2RefreshTokenGrantTypeStrategy do
88
88
  with :user
89
89
  with :client
90
90
  before do
91
- @refresh_token = client.refresh_tokens.create! :user => user
91
+ @refresh_token = client.refresh_tokens.create! owner: user
92
92
  params = {
93
93
  :grant_type => 'refresh_token',
94
94
  :client_id => 'invalid',
@@ -96,7 +96,7 @@ describe Devise::Strategies::Oauth2RefreshTokenGrantTypeStrategy do
96
96
  :refresh_token => @refresh_token.token
97
97
  }
98
98
 
99
- post '/oauth2/token', params
99
+ post '/oauth/token', params
100
100
  end
101
101
  it { response.code.to_i.should == 400 }
102
102
  it { response.content_type.should == 'application/json' }
@@ -112,7 +112,7 @@ describe Devise::Strategies::Oauth2RefreshTokenGrantTypeStrategy do
112
112
  with :user
113
113
  with :client
114
114
  before do
115
- @refresh_token = client.refresh_tokens.create! :user => user
115
+ @refresh_token = client.refresh_tokens.create! owner: user
116
116
  params = {
117
117
  :grant_type => 'refresh_token',
118
118
  :client_id => client.identifier,
@@ -120,7 +120,7 @@ describe Devise::Strategies::Oauth2RefreshTokenGrantTypeStrategy do
120
120
  :refresh_token => @refresh_token.token
121
121
  }
122
122
 
123
- post '/oauth2/token', params
123
+ post '/oauth/token', params
124
124
  end
125
125
  it { response.code.to_i.should == 400 }
126
126
  it { response.content_type.should == 'application/json' }
@@ -5,21 +5,19 @@ describe Devise::Oauth2::AccessToken do
5
5
 
6
6
  describe 'basic access token instance' do
7
7
  with :client
8
+ with :user
8
9
  subject do
9
- Devise::Oauth2::AccessToken.create! :client => client
10
+ Devise::Oauth2::AccessToken.create! :client => client, owner: user
10
11
  end
11
12
  it { should validate_presence_of :token }
12
13
  it { should validate_uniqueness_of :token }
13
- it { should belong_to :user }
14
- it { should allow_mass_assignment_of :user }
14
+ it { should belong_to :owner }
15
15
  it { should belong_to :client }
16
- it { should allow_mass_assignment_of :client }
17
16
  it { should validate_presence_of :client }
18
17
  it { should validate_presence_of :expires_at }
19
18
  it { should belong_to :refresh_token }
20
- it { should allow_mass_assignment_of :refresh_token }
21
19
  it { should have_db_index :client_id }
22
- it { should have_db_index :user_id }
20
+ it { should have_db_index :owner_id }
23
21
  it { should have_db_index(:token).unique(true) }
24
22
  it { should have_db_index :expires_at }
25
23
  end
@@ -3,19 +3,18 @@ require 'spec_helper'
3
3
  describe Devise::Oauth2::AuthorizationCode do
4
4
  describe 'basic authorization code instance' do
5
5
  with :client
6
+ with :user
6
7
  subject do
7
- Devise::Oauth2::AuthorizationCode.create! :client => client
8
+ Devise::Oauth2::AuthorizationCode.create! :client => client, owner: user
8
9
  end
9
10
  it { should validate_presence_of :token }
10
11
  it { should validate_uniqueness_of :token }
11
- it { should belong_to :user }
12
- it { should allow_mass_assignment_of :user }
12
+ it { should belong_to :owner }
13
13
  it { should belong_to :client }
14
- it { should allow_mass_assignment_of :client }
15
14
  it { should validate_presence_of :client }
16
15
  it { should validate_presence_of :expires_at }
17
16
  it { should have_db_index :client_id }
18
- it { should have_db_index :user_id }
17
+ it { should have_db_index :owner_id }
19
18
  it { should have_db_index(:token).unique(true) }
20
19
  it { should have_db_index :expires_at }
21
20
  end
@@ -6,16 +6,8 @@ describe Devise::Oauth2::Client do
6
6
  describe 'basic client instance' do
7
7
  with :client
8
8
  subject { client }
9
- it { should validate_presence_of :name }
10
- it { should validate_uniqueness_of :name }
11
- it { should allow_mass_assignment_of :name }
12
- it { should validate_presence_of :website }
13
- it { should allow_mass_assignment_of :website }
14
- it { should allow_mass_assignment_of :redirect_uri }
15
9
  it { should validate_uniqueness_of :identifier }
16
10
  it { should have_db_index(:identifier).unique(true) }
17
- it { should_not allow_mass_assignment_of :identifier }
18
- it { should_not allow_mass_assignment_of :secret }
19
11
  it { should have_many :refresh_tokens }
20
12
  it { should have_many :authorization_codes }
21
13
  end
@@ -5,21 +5,19 @@ describe Devise::Oauth2::RefreshToken do
5
5
 
6
6
  describe 'basic refresh token instance' do
7
7
  with :client
8
+ with :user
8
9
  subject do
9
- Devise::Oauth2::RefreshToken.create! :client => client
10
+ Devise::Oauth2::RefreshToken.create! :client => client, owner: user
10
11
  end
11
12
  it { should validate_presence_of :token }
12
13
  it { should validate_uniqueness_of :token }
13
- it { should belong_to :user }
14
- it { should allow_mass_assignment_of :user }
14
+ it { should belong_to :owner }
15
15
  it { should belong_to :client }
16
- it { should allow_mass_assignment_of :client }
17
16
  it { should validate_presence_of :client }
18
17
  it { should validate_presence_of :expires_at }
19
18
  it { should have_many :access_tokens }
20
- it { should allow_mass_assignment_of :access_tokens }
21
19
  it { should have_db_index :client_id }
22
- it { should have_db_index :user_id }
20
+ it { should have_db_index :owner_id }
23
21
  it { should have_db_index(:token).unique(true) }
24
22
  it { should have_db_index :expires_at }
25
23
  end
@@ -2,11 +2,11 @@ require 'spec_helper'
2
2
 
3
3
  describe Devise::Oauth2::AuthorizationsController do
4
4
  describe 'routing' do
5
- pending 'routes POST /oauth2/authorizations' do
6
- post('/oauth2/authorizations').should route_to('devise/oauth2_providable/authorizations#create')
5
+ pending 'routes POST /oauth/authorizations' do
6
+ post('/oauth/authorizations').should route_to('devise/oauth2_providable/authorizations#create')
7
7
  end
8
- pending 'routes GET /oauth2/authorize' do
9
- get('/oauth2/authorize').should route_to('devise/oauth2_providable/authorizations#new')
8
+ pending 'routes GET /oauth/authorize' do
9
+ get('/oauth/authorize').should route_to('devise/oauth2_providable/authorizations#new')
10
10
  end
11
11
  pending 'routes POST /oauth2/authorize' do
12
12
  #FIXME: this is valid, but the route is not being loaded into the test
@@ -1,6 +1,6 @@
1
1
  # see http://www.builtfromsource.com/2011/09/21/testing-routes-with-rails-3-1-engines/
2
2
  module Devise
3
- module Oauth2Providable
3
+ module Oauth2
4
4
  module EngineHacks
5
5
  ##
6
6
  # Automatically append all of the current engine's routes to the main
@@ -23,7 +23,7 @@ module Devise
23
23
  engine = ("#{engine_name}::Engine").constantize
24
24
 
25
25
  engine_name = 'oauth2'
26
- engine = Devise::Oauth2Providable::Engine
26
+ engine = Devise::Oauth2::Engine
27
27
  named_routes = engine.routes.named_routes.routes
28
28
  resourced_routes = []
29
29
 
@@ -71,4 +71,4 @@ module Devise
71
71
  end
72
72
  end
73
73
 
74
- # Rails::Engine.send(:include, Devise::Oauth2Providable::EngineHacks)
74
+ # Rails::Engine.send(:include, Devise::Oauth2::EngineHacks)
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: devise_oauth2_rails4
3
3
  version: !ruby/object:Gem::Version
4
- version: 2.1.4
4
+ version: 2.1.5
5
5
  platform: ruby
6
6
  authors:
7
7
  - Brian Wheeler
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2014-03-15 00:00:00.000000000 Z
11
+ date: 2014-03-18 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: rails
@@ -357,4 +357,3 @@ test_files:
357
357
  - spec/spec_helper.rb
358
358
  - spec/support/inject_engine_routes_into_application.rb
359
359
  - spec/support/match_json.rb
360
- has_rdoc: