devise_oauth2_rails4 1.1.2 → 1.1.3
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.gitignore +6 -0
- data/.ruby-gemset +1 -1
- data/CONTRIBUTORS.txt +1 -0
- data/README.md +2 -2
- data/Rakefile +3 -3
- data/app/controllers/devise/{oauth2_providable → oauth2}/authorizations_controller.rb +8 -2
- data/app/controllers/devise/oauth2/tokens_controller.rb +23 -0
- data/app/models/devise/oauth2/access_token.rb +39 -0
- data/app/models/devise/oauth2/authorization_code.rb +3 -0
- data/app/models/devise/oauth2/client.rb +29 -0
- data/app/models/devise/{oauth2_providable → oauth2}/refresh_token.rb +1 -1
- data/app/views/devise/{oauth2_providable → oauth2}/authorizations/_form.html.erb +1 -0
- data/app/views/devise/{oauth2_providable → oauth2}/authorizations/error.html.erb +0 -0
- data/app/views/devise/oauth2/authorizations/new.html.erb +8 -0
- data/config/routes.rb +2 -1
- data/db/migrate/20111014160714_create_devise_oauth2_providable_schema.rb +13 -8
- data/devise_oauth2_rails4.gemspec +32 -0
- data/lib/devise/oauth2/engine.rb +16 -0
- data/lib/devise/{oauth2_providable → oauth2}/expirable_token.rb +4 -4
- data/lib/devise/{oauth2_providable → oauth2}/models/oauth2_authorization_code_grantable.rb +0 -0
- data/lib/devise/{oauth2_providable → oauth2}/models/oauth2_password_grantable.rb +0 -0
- data/lib/devise/{oauth2_providable → oauth2}/models/oauth2_providable.rb +3 -3
- data/lib/devise/{oauth2_providable → oauth2}/models/oauth2_refresh_token_grantable.rb +0 -0
- data/lib/devise/{oauth2_providable → oauth2}/strategies/oauth2_authorization_code_grant_type_strategy.rb +1 -1
- data/lib/devise/{oauth2_providable → oauth2}/strategies/oauth2_grant_type_strategy.rb +1 -1
- data/lib/devise/{oauth2_providable → oauth2}/strategies/oauth2_password_grant_type_strategy.rb +1 -1
- data/lib/devise/{oauth2_providable → oauth2}/strategies/oauth2_providable_strategy.rb +3 -3
- data/lib/devise/{oauth2_providable → oauth2}/strategies/oauth2_refresh_token_grant_type_strategy.rb +2 -2
- data/lib/devise/oauth2/version.rb +5 -0
- data/lib/devise_oauth2_rails4.rb +41 -0
- data/lib/generators/devise/oauth2/migrations_generator.rb +16 -0
- data/lib/generators/devise/oauth2/views_generator.rb +11 -0
- data/rails/tasks/engine.rake +17 -0
- data/spec/controllers/authorizations_controller_spec.rb +1 -1
- data/spec/controllers/protected_controller_spec.rb +1 -1
- data/spec/dummy/app/models/user.rb +1 -1
- data/spec/dummy/app/views/devise/confirmations/new.html.erb +12 -0
- data/spec/dummy/app/views/devise/mailer/confirmation_instructions.html.erb +5 -0
- data/spec/dummy/app/views/devise/mailer/reset_password_instructions.html.erb +8 -0
- data/spec/dummy/app/views/devise/mailer/unlock_instructions.html.erb +7 -0
- data/spec/dummy/app/views/devise/passwords/edit.html.erb +16 -0
- data/spec/dummy/app/views/devise/passwords/new.html.erb +12 -0
- data/spec/dummy/app/views/devise/registrations/edit.html.erb +29 -0
- data/spec/dummy/app/views/devise/registrations/new.html.erb +18 -0
- data/spec/dummy/app/views/devise/sessions/new.html.erb +17 -0
- data/spec/dummy/app/views/devise/shared/_links.erb +25 -0
- data/spec/dummy/app/views/devise/unlocks/new.html.erb +12 -0
- data/spec/dummy/config/application.rb +1 -1
- data/spec/dummy/config/initializers/devise.rb +86 -42
- data/spec/dummy/config/locales/devise.en.yml +49 -48
- data/spec/dummy/config/routes.rb +1 -1
- data/spec/dummy/db/migrate/{20111014161437_create_devise_oauth2_providable_schema.rb → 20140306063000_create_devise_oauth2_providable_schema.rb} +14 -9
- data/spec/dummy/db/schema.rb +34 -28
- data/spec/factories/client_factory.rb +6 -4
- data/spec/factories/user_factory.rb +4 -4
- data/spec/integration/oauth2_authorization_token_grant_type_strategy_spec.rb +2 -2
- data/spec/integration/oauth2_password_grant_type_strategy_spec.rb +2 -2
- data/spec/integration/oauth2_refresh_token_grant_type_strategy_spec.rb +2 -2
- data/spec/lib/devise_oauth2_providable_spec.rb +1 -1
- data/spec/models/access_token_spec.rb +5 -5
- data/spec/models/authorization_code_spec.rb +2 -2
- data/spec/models/client_spec.rb +2 -2
- data/spec/models/refresh_token_spec.rb +3 -3
- data/spec/routing/authorizations_routing_spec.rb +1 -1
- data/spec/routing/tokens_routing_spec.rb +1 -1
- metadata +70 -45
- data/app/controllers/devise/oauth2_providable/tokens_controller.rb +0 -19
- data/app/models/devise/oauth2_providable/access_token.rb +0 -25
- data/app/models/devise/oauth2_providable/authorization_code.rb +0 -3
- data/app/models/devise/oauth2_providable/client.rb +0 -25
- data/app/views/devise/oauth2_providable/authorizations/new.html.erb +0 -4
- data/lib/devise/oauth2_providable/engine.rb +0 -16
- data/lib/devise/oauth2_providable/version.rb +0 -5
- data/lib/devise_oauth2_providable.rb +0 -41
- data/lib/generators/devise_oauth2/views_generator.rb +0 -7
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 9a866772361adcb28e37292907bf7ac3f57ecbbf
|
|
4
|
+
data.tar.gz: c1eeb351c84781d24bc1cb402887675aca6a389e
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 95a2a339b362eb07677327308faacbd50dfb08837b3db30b8935bb06bc2a9bba9d022d875f6ad0ac6697fadd109e1a8b376b039b303ffcd53f1325743628a1c0
|
|
7
|
+
data.tar.gz: 038e545d7b5d5215d79ee5fbdc7e6fdddaf5e56420ad54b792dbd9ee38a1338b62488c5d87991ff66a2852180e84622fcf003521c8fbda8771b5939e3de10802
|
data/.gitignore
CHANGED
data/.ruby-gemset
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
|
|
1
|
+
devise_oauth2_rails4
|
data/CONTRIBUTORS.txt
CHANGED
data/README.md
CHANGED
|
@@ -25,7 +25,7 @@ the request. http://tools.ietf.org/html/draft-ietf-oauth-v2-bearer-04
|
|
|
25
25
|
#### Install gem
|
|
26
26
|
```ruby
|
|
27
27
|
# Gemfile
|
|
28
|
-
gem '
|
|
28
|
+
gem 'devise_oauth2_rails4'
|
|
29
29
|
```
|
|
30
30
|
|
|
31
31
|
#### Migrate database for Oauth2 models
|
|
@@ -39,7 +39,7 @@ $ rake db:migrate
|
|
|
39
39
|
# config/routes.rb
|
|
40
40
|
Rails.application.routes.draw do
|
|
41
41
|
# oauth routes can be mounted to any path (ex: /oauth2 or /oauth)
|
|
42
|
-
mount Devise::
|
|
42
|
+
mount Devise::Oauth2::Engine => '/oauth2'
|
|
43
43
|
end
|
|
44
44
|
```
|
|
45
45
|
|
data/Rakefile
CHANGED
|
@@ -3,6 +3,6 @@ require "bundler/gem_tasks"
|
|
|
3
3
|
APP_RAKEFILE = File.expand_path("../spec/dummy/Rakefile", __FILE__)
|
|
4
4
|
load 'rails/tasks/engine.rake'
|
|
5
5
|
|
|
6
|
-
require 'rspec/core/rake_task'
|
|
7
|
-
RSpec::Core::RakeTask.new('spec')
|
|
8
|
-
task :default => :spec
|
|
6
|
+
#require 'rspec/core/rake_task'
|
|
7
|
+
#RSpec::Core::RakeTask.new('spec')
|
|
8
|
+
#task :default => :spec
|
|
@@ -1,7 +1,9 @@
|
|
|
1
1
|
module Devise
|
|
2
|
-
module
|
|
2
|
+
module Oauth2
|
|
3
3
|
class AuthorizationsController < ApplicationController
|
|
4
4
|
|
|
5
|
+
#include ::PermissionsHelper
|
|
6
|
+
|
|
5
7
|
before_action :authenticate_user!
|
|
6
8
|
|
|
7
9
|
rescue_from Rack::OAuth2::Server::Authorize::BadRequest do |e|
|
|
@@ -44,7 +46,7 @@ module Devise
|
|
|
44
46
|
authorization_code = current_user.authorization_codes.create!(:client => @client)
|
|
45
47
|
res.code = authorization_code.token
|
|
46
48
|
when :token
|
|
47
|
-
access_token = current_user.access_tokens.create!(:client => @client).token
|
|
49
|
+
access_token = current_user.access_tokens.create!(:client => @client, permissions: requested_permissions).token
|
|
48
50
|
bearer_token = Rack::OAuth2::AccessToken::Bearer.new(:access_token => access_token)
|
|
49
51
|
res.access_token = bearer_token
|
|
50
52
|
# res.uid = current_user.id
|
|
@@ -62,6 +64,10 @@ module Devise
|
|
|
62
64
|
respond *authorization.call(request.env)
|
|
63
65
|
end
|
|
64
66
|
|
|
67
|
+
def requested_permissions
|
|
68
|
+
params[:permissions] || @client.default_permissions
|
|
69
|
+
end
|
|
70
|
+
|
|
65
71
|
end
|
|
66
72
|
end
|
|
67
73
|
end
|
|
@@ -0,0 +1,23 @@
|
|
|
1
|
+
module Devise
|
|
2
|
+
module Oauth2
|
|
3
|
+
class TokensController < ApplicationController
|
|
4
|
+
before_action :authenticate_user!
|
|
5
|
+
skip_before_action :verify_authenticity_token, :only => :create
|
|
6
|
+
|
|
7
|
+
def create
|
|
8
|
+
@refresh_token = oauth2_current_refresh_token || oauth2_current_client.refresh_tokens.create!(:user => current_user)
|
|
9
|
+
@access_token = @refresh_token.access_tokens.create!(:client => oauth2_current_client, :user => current_user)
|
|
10
|
+
render :json => @access_token.token_response
|
|
11
|
+
end
|
|
12
|
+
|
|
13
|
+
private
|
|
14
|
+
|
|
15
|
+
def oauth2_current_client
|
|
16
|
+
env[Devise::Oauth2Providable::CLIENT_ENV_REF]
|
|
17
|
+
end
|
|
18
|
+
def oauth2_current_refresh_token
|
|
19
|
+
env[Devise::Oauth2Providable::REFRESH_TOKEN_ENV_REF]
|
|
20
|
+
end
|
|
21
|
+
end
|
|
22
|
+
end
|
|
23
|
+
end
|
|
@@ -0,0 +1,39 @@
|
|
|
1
|
+
class Devise::Oauth2::AccessToken < ActiveRecord::Base
|
|
2
|
+
|
|
3
|
+
expires_according_to :access_token_expires_in
|
|
4
|
+
before_validation :restrict_expires_at, :on => :create, :if => :refresh_token
|
|
5
|
+
belongs_to :refresh_token
|
|
6
|
+
|
|
7
|
+
serialize :permissions
|
|
8
|
+
|
|
9
|
+
def permissions=(permissions)
|
|
10
|
+
super(permissions) if permissions.is_a? Array
|
|
11
|
+
permissions = permissions.split(/[,\s\n\b\t]/).keep_if { |x| !x.empty? } if permissions.is_a? String
|
|
12
|
+
super(permissions)
|
|
13
|
+
end
|
|
14
|
+
|
|
15
|
+
def token_response
|
|
16
|
+
response = {
|
|
17
|
+
:access_token => token,
|
|
18
|
+
:token_type => 'bearer',
|
|
19
|
+
:expires_in => expires_in
|
|
20
|
+
}
|
|
21
|
+
response[:refresh_token] = refresh_token.token if refresh_token
|
|
22
|
+
response
|
|
23
|
+
end
|
|
24
|
+
|
|
25
|
+
def method_missing(method)
|
|
26
|
+
if method.to_s.match /^can_.*\?$/
|
|
27
|
+
permission = method.to_s.match(/^can_(.*)\?$/)[1]
|
|
28
|
+
return true if permission.in? self.permissions
|
|
29
|
+
return false
|
|
30
|
+
end
|
|
31
|
+
super(method)
|
|
32
|
+
end
|
|
33
|
+
|
|
34
|
+
private
|
|
35
|
+
|
|
36
|
+
def restrict_expires_at
|
|
37
|
+
self.expires_at = [self.expires_at, refresh_token.expires_at].compact.min
|
|
38
|
+
end
|
|
39
|
+
end
|
|
@@ -0,0 +1,29 @@
|
|
|
1
|
+
class Devise::Oauth2::Client < ActiveRecord::Base
|
|
2
|
+
|
|
3
|
+
has_many :access_tokens
|
|
4
|
+
has_many :refresh_tokens
|
|
5
|
+
has_many :authorization_codes
|
|
6
|
+
|
|
7
|
+
before_validation :init_identifier, :on => :create, :unless => :identifier?
|
|
8
|
+
before_validation :init_secret, :on => :create, :unless => :secret?
|
|
9
|
+
validates :identifier, :presence => true, :uniqueness => true
|
|
10
|
+
|
|
11
|
+
serialize :default_permissions
|
|
12
|
+
|
|
13
|
+
def default_permissions=(permissions)
|
|
14
|
+
super(permissions) if permissions.is_a? Array
|
|
15
|
+
permissions = permissions.split(/[,\s\n\b\t]/).keep_if { |x| !x.blank? } if permissions.is_a? String
|
|
16
|
+
super(permissions)
|
|
17
|
+
end
|
|
18
|
+
|
|
19
|
+
private
|
|
20
|
+
|
|
21
|
+
def init_identifier
|
|
22
|
+
self.identifier = Devise::Oauth2.random_id
|
|
23
|
+
end
|
|
24
|
+
|
|
25
|
+
def init_secret
|
|
26
|
+
self.secret = Devise::Oauth2.random_id
|
|
27
|
+
end
|
|
28
|
+
|
|
29
|
+
end
|
|
@@ -1,4 +1,5 @@
|
|
|
1
1
|
<%= form_tag authorizations_path, :class => action do %>
|
|
2
|
+
<%= hidden_field_tag :permissions, params[:permissions] %>
|
|
2
3
|
<%= hidden_field_tag :client_id, client.identifier %>
|
|
3
4
|
<%= hidden_field_tag :response_type, response_type %>
|
|
4
5
|
<%= hidden_field_tag :redirect_uri, redirect_uri %>
|
|
File without changes
|
|
@@ -0,0 +1,8 @@
|
|
|
1
|
+
<h2>Authorize app to to access your resources?</h2>
|
|
2
|
+
|
|
3
|
+
<% if params[:permissions] || @client.default_permissions %>
|
|
4
|
+
<h4>Test</h4>
|
|
5
|
+
<% end %>
|
|
6
|
+
|
|
7
|
+
<%= render 'devise/oauth2/authorizations/form', :client => @client, :response_type => @response_type, :redirect_uri => @redirect_uri, :action => :approve %>
|
|
8
|
+
<%= render 'devise/oauth2/authorizations/form', :client => @client, :response_type => @response_type, :redirect_uri => @redirect_uri, :action => :deny %>
|
data/config/routes.rb
CHANGED
|
@@ -1,9 +1,9 @@
|
|
|
1
1
|
class CreateDeviseOauth2ProvidableSchema < ActiveRecord::Migration
|
|
2
2
|
def change
|
|
3
3
|
create_table :oauth2_clients do |t|
|
|
4
|
-
t.
|
|
4
|
+
t.belongs_to :owner, polymorphic: true
|
|
5
|
+
t.text :default_permissions
|
|
5
6
|
t.string :redirect_uri
|
|
6
|
-
t.string :website
|
|
7
7
|
t.string :identifier
|
|
8
8
|
t.string :secret
|
|
9
9
|
t.boolean :passthrough, default: false, null: false
|
|
@@ -14,7 +14,10 @@ class CreateDeviseOauth2ProvidableSchema < ActiveRecord::Migration
|
|
|
14
14
|
end
|
|
15
15
|
|
|
16
16
|
create_table :oauth2_access_tokens do |t|
|
|
17
|
-
t.belongs_to :
|
|
17
|
+
t.belongs_to :owner, polymorphic: true
|
|
18
|
+
t.text :permissions
|
|
19
|
+
t.integer :client_id
|
|
20
|
+
t.integer :refresh_token_id
|
|
18
21
|
t.string :token
|
|
19
22
|
t.datetime :expires_at
|
|
20
23
|
t.timestamps
|
|
@@ -22,12 +25,13 @@ class CreateDeviseOauth2ProvidableSchema < ActiveRecord::Migration
|
|
|
22
25
|
change_table :oauth2_access_tokens do |t|
|
|
23
26
|
t.index :token, :unique => true
|
|
24
27
|
t.index :expires_at
|
|
25
|
-
t.index :
|
|
28
|
+
t.index :owner_id
|
|
26
29
|
t.index :client_id
|
|
27
30
|
end
|
|
28
31
|
|
|
29
32
|
create_table :oauth2_refresh_tokens do |t|
|
|
30
|
-
t.belongs_to :
|
|
33
|
+
t.belongs_to :owner, polymorphic: true
|
|
34
|
+
t.belongs_to :client
|
|
31
35
|
t.string :token
|
|
32
36
|
t.datetime :expires_at
|
|
33
37
|
t.timestamps
|
|
@@ -35,12 +39,13 @@ class CreateDeviseOauth2ProvidableSchema < ActiveRecord::Migration
|
|
|
35
39
|
change_table :oauth2_refresh_tokens do |t|
|
|
36
40
|
t.index :token, :unique => true
|
|
37
41
|
t.index :expires_at
|
|
38
|
-
t.index :
|
|
42
|
+
t.index :owner_id
|
|
39
43
|
t.index :client_id
|
|
40
44
|
end
|
|
41
45
|
|
|
42
46
|
create_table :oauth2_authorization_codes do |t|
|
|
43
|
-
t.belongs_to :
|
|
47
|
+
t.belongs_to :owner, polymorphic: true
|
|
48
|
+
t.belongs_to :client
|
|
44
49
|
t.string :token
|
|
45
50
|
t.datetime :expires_at
|
|
46
51
|
t.timestamps
|
|
@@ -48,7 +53,7 @@ class CreateDeviseOauth2ProvidableSchema < ActiveRecord::Migration
|
|
|
48
53
|
change_table :oauth2_authorization_codes do |t|
|
|
49
54
|
t.index :token, :unique => true
|
|
50
55
|
t.index :expires_at
|
|
51
|
-
t.index :
|
|
56
|
+
t.index :owner_id
|
|
52
57
|
t.index :client_id
|
|
53
58
|
end
|
|
54
59
|
end
|
|
@@ -0,0 +1,32 @@
|
|
|
1
|
+
# -*- encoding: utf-8 -*-
|
|
2
|
+
$:.push File.expand_path("../lib", __FILE__)
|
|
3
|
+
require "devise/oauth2/version"
|
|
4
|
+
|
|
5
|
+
Gem::Specification.new do |s|
|
|
6
|
+
s.name = "devise_oauth2_rails4"
|
|
7
|
+
s.version = Devise::Oauth2::VERSION
|
|
8
|
+
s.platform = Gem::Platform::RUBY
|
|
9
|
+
s.authors = ["Brian Wheeler"]
|
|
10
|
+
s.email = ["bwheeler96@gmail.com"]
|
|
11
|
+
s.homepage = ""
|
|
12
|
+
s.summary = %q{OAuth2 Provider for Rails 4 applications}
|
|
13
|
+
s.description = %q{Rails 4 engine that adds OAuth2 Provider support to any application built with Devise authentication}
|
|
14
|
+
|
|
15
|
+
s.rubyforge_project = "devise_oauth2_rails4"
|
|
16
|
+
|
|
17
|
+
s.add_runtime_dependency(%q<rails>, [">= 4.0.0"])
|
|
18
|
+
s.add_runtime_dependency(%q<devise>, [">= 1.4.3"])
|
|
19
|
+
s.add_runtime_dependency(%q<rack-oauth2>, [">= 0.11.0"])
|
|
20
|
+
s.add_development_dependency(%q<rspec-rails>, ['>= 2.6.1'])
|
|
21
|
+
s.add_development_dependency(%q<sqlite3>, ['>= 1.3.5'])
|
|
22
|
+
s.add_development_dependency(%q<shoulda-matchers>, ['>= 1.0.0'])
|
|
23
|
+
s.add_development_dependency(%q<pry>, ['>= 0.9.6.2'])
|
|
24
|
+
s.add_development_dependency(%q<factory_girl>, ['>= 2.2.0'])
|
|
25
|
+
s.add_development_dependency(%q<factory_girl_rspec>, ['>= 0.0.1'])
|
|
26
|
+
s.add_development_dependency(%q<rake>, ['>= 0.9.2.2'])
|
|
27
|
+
|
|
28
|
+
s.files = `git ls-files`.split("\n")
|
|
29
|
+
s.test_files = `git ls-files -- {test,spec,features}/*`.split("\n")
|
|
30
|
+
s.executables = `git ls-files -- bin/*`.split("\n").map{ |f| File.basename(f) }
|
|
31
|
+
s.require_paths = ["lib"]
|
|
32
|
+
end
|
|
@@ -0,0 +1,16 @@
|
|
|
1
|
+
module Devise
|
|
2
|
+
module Oauth2
|
|
3
|
+
class Engine < Rails::Engine
|
|
4
|
+
config.devise_oauth2_rails4 = ActiveSupport::OrderedOptions.new
|
|
5
|
+
config.devise_oauth2_rails4.access_token_expires_in = 15.minutes
|
|
6
|
+
config.devise_oauth2_rails4.refresh_token_expires_in = 1.month
|
|
7
|
+
config.devise_oauth2_rails4.authorization_code_expires_in = 1.minute
|
|
8
|
+
|
|
9
|
+
engine_name 'oauth2'
|
|
10
|
+
isolate_namespace Devise::Oauth2
|
|
11
|
+
initializer "devise_oauth2_rails4.initialize_application", :before=> :load_config_initializers do |app|
|
|
12
|
+
app.config.filter_parameters << :client_secret
|
|
13
|
+
end
|
|
14
|
+
end
|
|
15
|
+
end
|
|
16
|
+
end
|
|
@@ -2,14 +2,14 @@ require 'active_support/concern'
|
|
|
2
2
|
require 'active_record'
|
|
3
3
|
|
|
4
4
|
module Devise
|
|
5
|
-
module
|
|
5
|
+
module Oauth2
|
|
6
6
|
module ExpirableToken
|
|
7
7
|
extend ActiveSupport::Concern
|
|
8
8
|
|
|
9
9
|
module ClassMethods
|
|
10
10
|
def expires_according_to(config_name)
|
|
11
11
|
cattr_accessor :default_lifetime
|
|
12
|
-
self.default_lifetime = Rails.application.config.
|
|
12
|
+
self.default_lifetime = Rails.application.config.devise_oauth2_rails4[config_name]
|
|
13
13
|
|
|
14
14
|
belongs_to :user
|
|
15
15
|
belongs_to :client
|
|
@@ -45,7 +45,7 @@ module Devise
|
|
|
45
45
|
private
|
|
46
46
|
|
|
47
47
|
def init_token
|
|
48
|
-
self.token = Devise::
|
|
48
|
+
self.token = Devise::Oauth2.random_id
|
|
49
49
|
end
|
|
50
50
|
def init_expires_at
|
|
51
51
|
self.expires_at = self.default_lifetime.from_now
|
|
@@ -55,4 +55,4 @@ module Devise
|
|
|
55
55
|
end
|
|
56
56
|
end
|
|
57
57
|
|
|
58
|
-
ActiveRecord::Base.send :include, Devise::
|
|
58
|
+
ActiveRecord::Base.send :include, Devise::Oauth2::ExpirableToken
|
|
File without changes
|
|
File without changes
|
|
@@ -2,11 +2,11 @@ require 'devise/models'
|
|
|
2
2
|
|
|
3
3
|
module Devise
|
|
4
4
|
module Models
|
|
5
|
-
module
|
|
5
|
+
module Oauth2
|
|
6
6
|
extend ActiveSupport::Concern
|
|
7
7
|
included do
|
|
8
|
-
has_many :access_tokens, :class_name => 'Devise::
|
|
9
|
-
has_many :authorization_codes, :class_name => 'Devise::
|
|
8
|
+
has_many :access_tokens, :class_name => 'Devise::Oauth2::AccessToken', as: :owner
|
|
9
|
+
has_many :authorization_codes, :class_name => 'Devise::Oauth2::AuthorizationCode', as: :owner
|
|
10
10
|
end
|
|
11
11
|
end
|
|
12
12
|
end
|
|
File without changes
|
|
@@ -4,7 +4,7 @@ module Devise
|
|
|
4
4
|
module Strategies
|
|
5
5
|
class Oauth2GrantTypeStrategy < Authenticatable
|
|
6
6
|
def valid?
|
|
7
|
-
params[:controller] == 'devise/
|
|
7
|
+
params[:controller] == 'devise/oauth2/tokens' && request.post? && params[:grant_type] == grant_type
|
|
8
8
|
end
|
|
9
9
|
|
|
10
10
|
# defined by subclass
|
|
@@ -9,8 +9,8 @@ module Devise
|
|
|
9
9
|
end
|
|
10
10
|
def authenticate!
|
|
11
11
|
@req.setup!
|
|
12
|
-
token = Devise::
|
|
13
|
-
env[Devise::
|
|
12
|
+
token = Devise::Oauth2::AccessToken.find_by_token @req.access_token
|
|
13
|
+
env[Devise::Oauth2::CLIENT_ENV_REF] = token.client if token
|
|
14
14
|
resource = token ? token.user : nil
|
|
15
15
|
if validate(resource)
|
|
16
16
|
success! resource
|
|
@@ -22,4 +22,4 @@ module Devise
|
|
|
22
22
|
end
|
|
23
23
|
end
|
|
24
24
|
|
|
25
|
-
Warden::Strategies.add(:
|
|
25
|
+
Warden::Strategies.add(:oauth2, Devise::Strategies::Oauth2Providable)
|
data/lib/devise/{oauth2_providable → oauth2}/strategies/oauth2_refresh_token_grant_type_strategy.rb
RENAMED
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
require 'devise/
|
|
1
|
+
require 'devise/oauth2/strategies/oauth2_grant_type_strategy'
|
|
2
2
|
|
|
3
3
|
module Devise
|
|
4
4
|
module Strategies
|
|
@@ -9,7 +9,7 @@ module Devise
|
|
|
9
9
|
|
|
10
10
|
def authenticate_grant_type(client)
|
|
11
11
|
if refresh_token = client.refresh_tokens.find_by_token(params[:refresh_token])
|
|
12
|
-
env[Devise::
|
|
12
|
+
env[Devise::Oauth2::REFRESH_TOKEN_ENV_REF] = refresh_token
|
|
13
13
|
success! refresh_token.user
|
|
14
14
|
else
|
|
15
15
|
oauth_error! :invalid_grant, 'invalid refresh token'
|
|
@@ -0,0 +1,41 @@
|
|
|
1
|
+
require 'devise'
|
|
2
|
+
require 'rack/oauth2'
|
|
3
|
+
require 'devise/oauth2/engine'
|
|
4
|
+
require 'devise/oauth2/expirable_token'
|
|
5
|
+
require 'devise/oauth2/strategies/oauth2_providable_strategy'
|
|
6
|
+
require 'devise/oauth2/strategies/oauth2_password_grant_type_strategy'
|
|
7
|
+
require 'devise/oauth2/strategies/oauth2_refresh_token_grant_type_strategy'
|
|
8
|
+
require 'devise/oauth2/strategies/oauth2_authorization_code_grant_type_strategy'
|
|
9
|
+
require 'devise/oauth2/models/oauth2_providable'
|
|
10
|
+
require 'devise/oauth2/models/oauth2_password_grantable'
|
|
11
|
+
require 'devise/oauth2/models/oauth2_refresh_token_grantable'
|
|
12
|
+
require 'devise/oauth2/models/oauth2_authorization_code_grantable'
|
|
13
|
+
|
|
14
|
+
module Devise
|
|
15
|
+
module Oauth2
|
|
16
|
+
CLIENT_ENV_REF = 'oauth2.client'
|
|
17
|
+
REFRESH_TOKEN_ENV_REF = "oauth2.refresh_token"
|
|
18
|
+
|
|
19
|
+
class << self
|
|
20
|
+
def random_id
|
|
21
|
+
SecureRandom.hex
|
|
22
|
+
end
|
|
23
|
+
def table_name_prefix
|
|
24
|
+
'oauth2_'
|
|
25
|
+
end
|
|
26
|
+
end
|
|
27
|
+
end
|
|
28
|
+
end
|
|
29
|
+
|
|
30
|
+
Devise.add_module(:oauth2,
|
|
31
|
+
:strategy => true,
|
|
32
|
+
:model => 'devise/oauth2/models/oauth2_providable')
|
|
33
|
+
Devise.add_module(:oauth2_password_grantable,
|
|
34
|
+
:strategy => true,
|
|
35
|
+
:model => 'devise/oauth2/models/oauth2_password_grantable')
|
|
36
|
+
Devise.add_module(:oauth2_refresh_token_grantable,
|
|
37
|
+
:strategy => true,
|
|
38
|
+
:model => 'devise/oauth2/models/oauth2_refresh_token_grantable')
|
|
39
|
+
Devise.add_module(:oauth2_authorization_code_grantable,
|
|
40
|
+
:strategy => true,
|
|
41
|
+
:model => 'devise/oauth2/models/oauth2_authorization_code_grantable')
|
|
@@ -0,0 +1,16 @@
|
|
|
1
|
+
module Devise
|
|
2
|
+
module Oauth2
|
|
3
|
+
|
|
4
|
+
class MigrationsGenerator < Rails::Generators::Base
|
|
5
|
+
|
|
6
|
+
Devise::Oauth2::MigrationsGenerator.source_root(File.expand_path './')
|
|
7
|
+
|
|
8
|
+
def create_migrations
|
|
9
|
+
|
|
10
|
+
copy_file 'db/migrate/20111014160714_create_devise_oauth2_providable_schema.rb', 'db/migrate/20140306063000_create_devise_oauth2_providable_schema.rb'
|
|
11
|
+
|
|
12
|
+
end
|
|
13
|
+
|
|
14
|
+
end
|
|
15
|
+
end
|
|
16
|
+
end
|
|
@@ -0,0 +1,17 @@
|
|
|
1
|
+
|
|
2
|
+
namespace :devise do
|
|
3
|
+
namespace :oauth2 do
|
|
4
|
+
|
|
5
|
+
task :install_migrations do
|
|
6
|
+
|
|
7
|
+
Dir.mkdir("db") unless Dir.exists?("db")
|
|
8
|
+
unless File.exists?("db/my.db")
|
|
9
|
+
File.open("db/my.db", 'w') do |f|
|
|
10
|
+
f.write("Hello db")
|
|
11
|
+
end
|
|
12
|
+
end
|
|
13
|
+
|
|
14
|
+
end
|
|
15
|
+
|
|
16
|
+
end
|
|
17
|
+
end
|
|
@@ -6,7 +6,7 @@ describe ProtectedController do
|
|
|
6
6
|
with :client
|
|
7
7
|
with :user
|
|
8
8
|
before do
|
|
9
|
-
@token = Devise::
|
|
9
|
+
@token = Devise::Oauth2::AccessToken.create! :client => client, :user => user
|
|
10
10
|
end
|
|
11
11
|
context 'with valid bearer token in header' do
|
|
12
12
|
before do
|
|
@@ -1,3 +1,3 @@
|
|
|
1
1
|
class User < ActiveRecord::Base
|
|
2
|
-
devise :database_authenticatable, :
|
|
2
|
+
devise :database_authenticatable, :oauth2, :oauth2_password_grantable, :oauth2_refresh_token_grantable, :oauth2_authorization_code_grantable
|
|
3
3
|
end
|
|
@@ -0,0 +1,12 @@
|
|
|
1
|
+
<h2>Resend confirmation instructions</h2>
|
|
2
|
+
|
|
3
|
+
<%= form_for(resource, :as => resource_name, :url => confirmation_path(resource_name), :html => { :method => :post }) do |f| %>
|
|
4
|
+
<%= devise_error_messages! %>
|
|
5
|
+
|
|
6
|
+
<div><%= f.label :email %><br />
|
|
7
|
+
<%= f.email_field :email, :autofocus => true %></div>
|
|
8
|
+
|
|
9
|
+
<div><%= f.submit "Resend confirmation instructions" %></div>
|
|
10
|
+
<% end %>
|
|
11
|
+
|
|
12
|
+
<%= render "devise/shared/links" %>
|
|
@@ -0,0 +1,8 @@
|
|
|
1
|
+
<p>Hello <%= @resource.email %>!</p>
|
|
2
|
+
|
|
3
|
+
<p>Someone has requested a link to change your password. You can do this through the link below.</p>
|
|
4
|
+
|
|
5
|
+
<p><%= link_to 'Change my password', edit_password_url(@resource, :reset_password_token => @token) %></p>
|
|
6
|
+
|
|
7
|
+
<p>If you didn't request this, please ignore this email.</p>
|
|
8
|
+
<p>Your password won't change until you access the link above and create a new one.</p>
|
|
@@ -0,0 +1,7 @@
|
|
|
1
|
+
<p>Hello <%= @resource.email %>!</p>
|
|
2
|
+
|
|
3
|
+
<p>Your account has been locked due to an excessive number of unsuccessful sign in attempts.</p>
|
|
4
|
+
|
|
5
|
+
<p>Click the link below to unlock your account:</p>
|
|
6
|
+
|
|
7
|
+
<p><%= link_to 'Unlock my account', unlock_url(@resource, :unlock_token => @token) %></p>
|
|
@@ -0,0 +1,16 @@
|
|
|
1
|
+
<h2>Change your password</h2>
|
|
2
|
+
|
|
3
|
+
<%= form_for(resource, :as => resource_name, :url => password_path(resource_name), :html => { :method => :put }) do |f| %>
|
|
4
|
+
<%= devise_error_messages! %>
|
|
5
|
+
<%= f.hidden_field :reset_password_token %>
|
|
6
|
+
|
|
7
|
+
<div><%= f.label :password, "New password" %><br />
|
|
8
|
+
<%= f.password_field :password, :autofocus => true %></div>
|
|
9
|
+
|
|
10
|
+
<div><%= f.label :password_confirmation, "Confirm new password" %><br />
|
|
11
|
+
<%= f.password_field :password_confirmation %></div>
|
|
12
|
+
|
|
13
|
+
<div><%= f.submit "Change my password" %></div>
|
|
14
|
+
<% end %>
|
|
15
|
+
|
|
16
|
+
<%= render "devise/shared/links" %>
|