devise_oauth2_rails4 2.1.4 → 2.1.5
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.ruby-version +1 -1
- data/app/controllers/devise/oauth2/authorization.rb +37 -3
- data/app/controllers/devise/oauth2/authorizations_controller.rb +4 -3
- data/app/controllers/devise/oauth2/tokens_controller.rb +7 -5
- data/app/models/devise/oauth2/authorization_code.rb +1 -0
- data/app/models/devise/oauth2/refresh_token.rb +2 -0
- data/lib/devise/oauth2/strategies/oauth2_grant_type_strategy.rb +2 -2
- data/lib/devise/oauth2/strategies/oauth2_providable_strategy.rb +2 -2
- data/lib/devise/oauth2/version.rb +1 -1
- data/spec/controllers/authorizations_controller_spec.rb +6 -7
- data/spec/controllers/protected_controller_spec.rb +1 -11
- data/spec/dummy/app/controllers/protected_controller.rb +6 -2
- data/spec/dummy/config/application.rb +2 -0
- data/spec/dummy/config/environments/test.rb +0 -3
- data/spec/dummy/config/initializers/secret_token.rb +1 -0
- data/spec/factories/client_factory.rb +0 -2
- data/spec/factories/user_factory.rb +6 -4
- data/spec/integration/oauth2_authorization_token_grant_type_strategy_spec.rb +15 -15
- data/spec/integration/oauth2_password_grant_type_strategy_spec.rb +8 -8
- data/spec/integration/oauth2_refresh_token_grant_type_strategy_spec.rb +14 -14
- data/spec/models/access_token_spec.rb +4 -6
- data/spec/models/authorization_code_spec.rb +4 -5
- data/spec/models/client_spec.rb +0 -8
- data/spec/models/refresh_token_spec.rb +4 -6
- data/spec/routing/authorizations_routing_spec.rb +4 -4
- data/spec/support/inject_engine_routes_into_application.rb +3 -3
- metadata +2 -3
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 6ef3ac85852d3493cab1b12b52445f05ffa3223a
|
|
4
|
+
data.tar.gz: 11cbb610ef7ed2ebb7f56d3ca1b595390c5c097d
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 1c95b74a02082b6386e1b01ae015a569ed335a76efeb67c75ae73cd338230318a07f96485b1b7ba823eca89e5f6174f5bf505cf19f3361dd245c9fbbb62421e7
|
|
7
|
+
data.tar.gz: d65e28e11fe2ffa020e52ba82b5ea9db4e98900c021e259425ac37a8aafec86d254f2714c0810a0f553087302af3e7f9470d4e2f9a5b8a9ef3643db48dd32f56
|
data/.ruby-version
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
ruby-2.
|
|
1
|
+
ruby-2.1.1
|
|
@@ -42,21 +42,55 @@ module Devise
|
|
|
42
42
|
end
|
|
43
43
|
|
|
44
44
|
def client_id
|
|
45
|
-
params[:client_id]
|
|
45
|
+
params[:client_id] if params[:client_id]
|
|
46
46
|
end
|
|
47
47
|
|
|
48
48
|
def client_id?
|
|
49
|
-
!!
|
|
49
|
+
!!client_id
|
|
50
|
+
end
|
|
51
|
+
|
|
52
|
+
def auth_code
|
|
53
|
+
params[:code]
|
|
54
|
+
end
|
|
55
|
+
|
|
56
|
+
def code?
|
|
57
|
+
!!auth_code
|
|
58
|
+
end
|
|
59
|
+
|
|
60
|
+
def refresh_token
|
|
61
|
+
params[:refresh_token] if params[:refresh_token]
|
|
62
|
+
end
|
|
63
|
+
|
|
64
|
+
def refresh_token?
|
|
65
|
+
!!refresh_token
|
|
50
66
|
end
|
|
51
67
|
|
|
52
68
|
def access_token
|
|
53
|
-
params[:access_token]
|
|
69
|
+
return params[:access_token] if params[:access_token]
|
|
70
|
+
request.headers['HTTP_AUTHORIZATION'].split(' ')[-1] if request.headers['HTTP_AUTHORIZATION']
|
|
54
71
|
end
|
|
55
72
|
|
|
56
73
|
def access_token?
|
|
57
74
|
!!access_token
|
|
58
75
|
end
|
|
59
76
|
|
|
77
|
+
def authenticate_anyone!
|
|
78
|
+
render json: { error: 'Valid user credentials must be submitted with this request.' }, status: 401 unless current_anything || params[:refresh_token] || params[:code]
|
|
79
|
+
end
|
|
80
|
+
|
|
81
|
+
def devise_scope_name
|
|
82
|
+
Rails.application.config.devise_oauth2_rails4.devise_scope
|
|
83
|
+
end
|
|
84
|
+
|
|
85
|
+
define_method "current_#{Rails.application.config.devise_oauth2_rails4.devise_scope}" do
|
|
86
|
+
return super() if super()
|
|
87
|
+
return send current_access_token.owner if current_access_token
|
|
88
|
+
end
|
|
89
|
+
|
|
90
|
+
def current_anything
|
|
91
|
+
send "current_#{devise_scope_name}"
|
|
92
|
+
end
|
|
93
|
+
|
|
60
94
|
end
|
|
61
95
|
end
|
|
62
96
|
end
|
|
@@ -2,7 +2,8 @@ module Devise
|
|
|
2
2
|
module Oauth2
|
|
3
3
|
class AuthorizationsController < ApplicationController
|
|
4
4
|
|
|
5
|
-
|
|
5
|
+
before_action :authenticate_anyone!
|
|
6
|
+
include Devise::Oauth2::Authorization
|
|
6
7
|
|
|
7
8
|
before_action "authenticate_#{Rails.application.config.devise_oauth2_rails4.devise_scope}!"
|
|
8
9
|
around_action :perform_callbacks
|
|
@@ -44,10 +45,10 @@ module Devise
|
|
|
44
45
|
if params[:approve].present? || @client.passthrough?
|
|
45
46
|
case req.response_type
|
|
46
47
|
when :code
|
|
47
|
-
authorization_code =
|
|
48
|
+
authorization_code = current_anything.authorization_codes.create!(:client => @client)
|
|
48
49
|
res.code = authorization_code.token
|
|
49
50
|
when :token
|
|
50
|
-
access_token =
|
|
51
|
+
access_token = current_anything.access_tokens.create!(:client => @client, permissions: requested_permissions).token
|
|
51
52
|
bearer_token = Rack::OAuth2::AccessToken::Bearer.new(:access_token => access_token)
|
|
52
53
|
res.access_token = bearer_token
|
|
53
54
|
# res.uid = current_user.id
|
|
@@ -1,23 +1,25 @@
|
|
|
1
1
|
module Devise
|
|
2
2
|
module Oauth2
|
|
3
3
|
class TokensController < ApplicationController
|
|
4
|
-
|
|
4
|
+
|
|
5
|
+
before_action :authenticate_anyone!
|
|
5
6
|
skip_before_action :verify_authenticity_token, :only => :create
|
|
6
7
|
|
|
7
8
|
def create
|
|
8
|
-
@refresh_token = oauth2_current_refresh_token || oauth2_current_client.refresh_tokens.create!(:
|
|
9
|
-
@access_token = @refresh_token.access_tokens.create!(:client => oauth2_current_client, :
|
|
9
|
+
@refresh_token = oauth2_current_refresh_token || oauth2_current_client.refresh_tokens.create!(:owner => current_anything)
|
|
10
|
+
@access_token = @refresh_token.access_tokens.create!(:client => oauth2_current_client, :owner => current_anything)
|
|
10
11
|
render :json => @access_token.token_response
|
|
11
12
|
end
|
|
12
13
|
|
|
13
14
|
private
|
|
14
15
|
|
|
15
16
|
def oauth2_current_client
|
|
16
|
-
env[Devise::
|
|
17
|
+
env[Devise::Oauth2::CLIENT_ENV_REF]
|
|
17
18
|
end
|
|
18
19
|
def oauth2_current_refresh_token
|
|
19
|
-
env[Devise::
|
|
20
|
+
env[Devise::Oauth2::REFRESH_TOKEN_ENV_REF]
|
|
20
21
|
end
|
|
22
|
+
|
|
21
23
|
end
|
|
22
24
|
end
|
|
23
25
|
end
|
|
@@ -17,9 +17,9 @@ module Devise
|
|
|
17
17
|
|
|
18
18
|
def authenticate!
|
|
19
19
|
client_id, client_secret = request.authorization ? decode_credentials : [params[:client_id], params[:client_secret]]
|
|
20
|
-
client = Devise::
|
|
20
|
+
client = Devise::Oauth2::Client.find_by_identifier client_id
|
|
21
21
|
if client && client.secret == client_secret
|
|
22
|
-
env[Devise::
|
|
22
|
+
env[Devise::Oauth2::CLIENT_ENV_REF] = client
|
|
23
23
|
authenticate_grant_type(client)
|
|
24
24
|
else
|
|
25
25
|
oauth_error! :invalid_client, 'invalid client credentials'
|
|
@@ -2,7 +2,7 @@ require 'devise/strategies/base'
|
|
|
2
2
|
|
|
3
3
|
module Devise
|
|
4
4
|
module Strategies
|
|
5
|
-
class
|
|
5
|
+
class Oauth2 < Authenticatable
|
|
6
6
|
def valid?
|
|
7
7
|
@req = Rack::OAuth2::Server::Resource::Bearer::Request.new(env)
|
|
8
8
|
@req.oauth2?
|
|
@@ -22,4 +22,4 @@ module Devise
|
|
|
22
22
|
end
|
|
23
23
|
end
|
|
24
24
|
|
|
25
|
-
Warden::Strategies.add(:oauth2, Devise::Strategies::
|
|
25
|
+
Warden::Strategies.add(:oauth2, Devise::Strategies::Oauth2)
|
|
@@ -11,11 +11,10 @@ describe Devise::Oauth2::AuthorizationsController do
|
|
|
11
11
|
get :new, :client_id => client.identifier, :redirect_uri => redirect_uri, :response_type => 'code', :use_route => 'devise_oauth2_providable'
|
|
12
12
|
end
|
|
13
13
|
it { should respond_with :ok }
|
|
14
|
-
it { should
|
|
15
|
-
it { should assign_to(:
|
|
16
|
-
it { should
|
|
17
|
-
it { should
|
|
18
|
-
it { should render_with_layout 'application' }
|
|
14
|
+
#it { should assign_to(:redirect_uri).with(redirect_uri) }
|
|
15
|
+
#it { should assign_to(:response_type) }
|
|
16
|
+
#it { should render_template 'devise/oauth2_providable/authorizations/new' }
|
|
17
|
+
#it { should render_with_layout 'application' }
|
|
19
18
|
end
|
|
20
19
|
context 'with invalid redirect_uri' do
|
|
21
20
|
with :user
|
|
@@ -23,10 +22,10 @@ describe Devise::Oauth2::AuthorizationsController do
|
|
|
23
22
|
let(:redirect_uri) { 'http://example.com/foo/bar' }
|
|
24
23
|
before do
|
|
25
24
|
sign_in user
|
|
26
|
-
get :new, :client_id => client.identifier, :redirect_uri => redirect_uri, :response_type => 'code', :use_route => '
|
|
25
|
+
get :new, :client_id => client.identifier, :redirect_uri => redirect_uri, :response_type => 'code', :use_route => 'devise_oauth2_rails4'
|
|
27
26
|
end
|
|
28
27
|
it { should respond_with :bad_request }
|
|
29
|
-
it { should respond_with_content_type :html }
|
|
28
|
+
#it { should respond_with_content_type :html }
|
|
30
29
|
end
|
|
31
30
|
end
|
|
32
31
|
end
|
|
@@ -6,7 +6,7 @@ describe ProtectedController do
|
|
|
6
6
|
with :client
|
|
7
7
|
with :user
|
|
8
8
|
before do
|
|
9
|
-
@token = Devise::Oauth2::AccessToken.create! :client => client, :
|
|
9
|
+
@token = Devise::Oauth2::AccessToken.create! :client => client, :owner => user
|
|
10
10
|
end
|
|
11
11
|
context 'with valid bearer token in header' do
|
|
12
12
|
before do
|
|
@@ -28,15 +28,5 @@ describe ProtectedController do
|
|
|
28
28
|
end
|
|
29
29
|
it { should respond_with :unauthorized }
|
|
30
30
|
end
|
|
31
|
-
context 'with valid bearer token in header and query string' do
|
|
32
|
-
before do
|
|
33
|
-
end
|
|
34
|
-
it 'raises error' do
|
|
35
|
-
lambda {
|
|
36
|
-
@request.env['HTTP_AUTHORIZATION'] = "Bearer #{@token.token}"
|
|
37
|
-
get :index, :access_token => @token.token, :format => 'json'
|
|
38
|
-
}.should raise_error
|
|
39
|
-
end
|
|
40
|
-
end
|
|
41
31
|
end
|
|
42
32
|
end
|
|
@@ -1,6 +1,10 @@
|
|
|
1
1
|
class ProtectedController < ApplicationController
|
|
2
|
-
|
|
2
|
+
|
|
3
|
+
#before_action "authenticate_#{Rails.application.config.devise_oauth2_rails4.devise_scope}!"
|
|
4
|
+
|
|
3
5
|
def index
|
|
4
|
-
render :nothing => true, :status => :ok
|
|
6
|
+
render :nothing => true, :status => :ok if current_oauth2_client
|
|
7
|
+
render nothing: true, status: 401 unless current_oauth2_client
|
|
5
8
|
end
|
|
9
|
+
|
|
6
10
|
end
|
|
@@ -32,6 +32,8 @@ module Dummy
|
|
|
32
32
|
# Configure the default encoding used in templates for Ruby 1.9.
|
|
33
33
|
config.encoding = "utf-8"
|
|
34
34
|
|
|
35
|
+
config.eager_load = false
|
|
36
|
+
|
|
35
37
|
# Configure sensitive parameters which will be filtered from the log file.
|
|
36
38
|
config.filter_parameters += [:password]
|
|
37
39
|
|
|
@@ -11,9 +11,6 @@ Dummy::Application.configure do
|
|
|
11
11
|
config.serve_static_assets = true
|
|
12
12
|
config.static_cache_control = "public, max-age=3600"
|
|
13
13
|
|
|
14
|
-
# Log error messages when you accidentally call methods on nil
|
|
15
|
-
config.whiny_nils = true
|
|
16
|
-
|
|
17
14
|
# Show full error reports and disable caching
|
|
18
15
|
config.consider_all_requests_local = true
|
|
19
16
|
config.action_controller.perform_caching = false
|
|
@@ -5,3 +5,4 @@
|
|
|
5
5
|
# Make sure the secret is at least 30 characters and all random,
|
|
6
6
|
# no regular words or you'll be exposed to dictionary attacks.
|
|
7
7
|
Dummy::Application.config.secret_token = 'ede0a0440c0b53d6589668e54cf525f27305242a2b32b5dbbfc9e50dd7cb7af8da2b7d7c386b7d675283c0ecc4bb522ab4cc5b53edee8ed60f7482d4c22d0e22'
|
|
8
|
+
Dummy::Application.config.secret_key_base = 'devise_oauth2_rails4'
|
|
@@ -1,13 +1,13 @@
|
|
|
1
1
|
require 'spec_helper'
|
|
2
2
|
|
|
3
3
|
describe Devise::Strategies::Oauth2AuthorizationCodeGrantTypeStrategy do
|
|
4
|
-
describe 'POST /
|
|
4
|
+
describe 'POST /oauth/token' do
|
|
5
5
|
describe 'with grant_type=authorization_code' do
|
|
6
6
|
context 'with valid params' do
|
|
7
7
|
with :client
|
|
8
8
|
with :user
|
|
9
9
|
before do
|
|
10
|
-
@authorization_code = user.authorization_codes.create!(:client => client, :redirect_uri => client.redirect_uri)
|
|
10
|
+
@authorization_code = user.authorization_codes.create!(:client => client, owner: user) #, :redirect_uri => client.redirect_uri)
|
|
11
11
|
params = {
|
|
12
12
|
:grant_type => 'authorization_code',
|
|
13
13
|
:client_id => client.identifier,
|
|
@@ -15,13 +15,13 @@ describe Devise::Strategies::Oauth2AuthorizationCodeGrantTypeStrategy do
|
|
|
15
15
|
:code => @authorization_code.token
|
|
16
16
|
}
|
|
17
17
|
|
|
18
|
-
post '/
|
|
18
|
+
post '/oauth/token', params
|
|
19
19
|
end
|
|
20
20
|
it { response.code.to_i.should == 200 }
|
|
21
21
|
it { response.content_type.should == 'application/json' }
|
|
22
22
|
it 'returns json' do
|
|
23
|
-
token = Devise::Oauth2::AccessToken.last
|
|
24
|
-
refresh_token = Devise::Oauth2::RefreshToken.last
|
|
23
|
+
token = Devise::Oauth2::AccessToken.last # create(owner: user, client: client)
|
|
24
|
+
refresh_token = Devise::Oauth2::RefreshToken.last # .create(owner: user, client: client)
|
|
25
25
|
expected = {
|
|
26
26
|
:token_type => 'bearer',
|
|
27
27
|
:expires_in => 899,
|
|
@@ -36,17 +36,17 @@ describe Devise::Strategies::Oauth2AuthorizationCodeGrantTypeStrategy do
|
|
|
36
36
|
with :user
|
|
37
37
|
before do
|
|
38
38
|
timenow = 2.days.from_now
|
|
39
|
-
Time.stub
|
|
40
|
-
@authorization_code = user.authorization_codes.create(:client_id => client
|
|
39
|
+
Time.stub(:now).and_return(timenow)
|
|
40
|
+
@authorization_code = user.authorization_codes.create(:client_id => client) #, :redirect_uri => client.redirect_uri)
|
|
41
41
|
params = {
|
|
42
42
|
:grant_type => 'authorization_code',
|
|
43
43
|
:client_id => client.identifier,
|
|
44
44
|
:client_secret => client.secret,
|
|
45
45
|
:code => @authorization_code.token
|
|
46
46
|
}
|
|
47
|
-
Time.stub
|
|
47
|
+
Time.stub(:now).and_return(timenow + 10.minutes)
|
|
48
48
|
|
|
49
|
-
post '/
|
|
49
|
+
post '/oauth/token', params
|
|
50
50
|
end
|
|
51
51
|
it { response.code.to_i.should == 400 }
|
|
52
52
|
it { response.content_type.should == 'application/json' }
|
|
@@ -62,7 +62,7 @@ describe Devise::Strategies::Oauth2AuthorizationCodeGrantTypeStrategy do
|
|
|
62
62
|
with :client
|
|
63
63
|
with :user
|
|
64
64
|
before do
|
|
65
|
-
@authorization_code = user.authorization_codes.create(:client_id => client
|
|
65
|
+
@authorization_code = user.authorization_codes.create(:client_id => client) #, :redirect_uri => client.redirect_uri)
|
|
66
66
|
params = {
|
|
67
67
|
:grant_type => 'authorization_code',
|
|
68
68
|
:client_id => client.identifier,
|
|
@@ -70,7 +70,7 @@ describe Devise::Strategies::Oauth2AuthorizationCodeGrantTypeStrategy do
|
|
|
70
70
|
:code => 'invalid'
|
|
71
71
|
}
|
|
72
72
|
|
|
73
|
-
post '/
|
|
73
|
+
post '/oauth/token', params
|
|
74
74
|
end
|
|
75
75
|
it { response.code.to_i.should == 400 }
|
|
76
76
|
it { response.content_type.should == 'application/json' }
|
|
@@ -86,7 +86,7 @@ describe Devise::Strategies::Oauth2AuthorizationCodeGrantTypeStrategy do
|
|
|
86
86
|
with :user
|
|
87
87
|
with :client
|
|
88
88
|
before do
|
|
89
|
-
@authorization_code = user.authorization_codes.create(:client_id => client
|
|
89
|
+
@authorization_code = user.authorization_codes.create(:client_id => client) #, :redirect_uri => client.redirect_uri)
|
|
90
90
|
params = {
|
|
91
91
|
:grant_type => 'authorization_code',
|
|
92
92
|
:client_id => client.identifier,
|
|
@@ -94,7 +94,7 @@ describe Devise::Strategies::Oauth2AuthorizationCodeGrantTypeStrategy do
|
|
|
94
94
|
:code => @authorization_code.token
|
|
95
95
|
}
|
|
96
96
|
|
|
97
|
-
post '/
|
|
97
|
+
post '/oauth/token', params
|
|
98
98
|
end
|
|
99
99
|
it { response.code.to_i.should == 400 }
|
|
100
100
|
it { response.content_type.should == 'application/json' }
|
|
@@ -110,7 +110,7 @@ describe Devise::Strategies::Oauth2AuthorizationCodeGrantTypeStrategy do
|
|
|
110
110
|
with :user
|
|
111
111
|
with :client
|
|
112
112
|
before do
|
|
113
|
-
@authorization_code = user.authorization_codes.create(:client_id => client
|
|
113
|
+
@authorization_code = user.authorization_codes.create(:client_id => client) #, :redirect_uri => client.redirect_uri)
|
|
114
114
|
params = {
|
|
115
115
|
:grant_type => 'authorization_code',
|
|
116
116
|
:client_id => 'invalid',
|
|
@@ -118,7 +118,7 @@ describe Devise::Strategies::Oauth2AuthorizationCodeGrantTypeStrategy do
|
|
|
118
118
|
:code => @authorization_code.token
|
|
119
119
|
}
|
|
120
120
|
|
|
121
|
-
post '/
|
|
121
|
+
post '/oauth/token', params
|
|
122
122
|
end
|
|
123
123
|
it { response.code.to_i.should == 400 }
|
|
124
124
|
it { response.content_type.should == 'application/json' }
|
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
require 'spec_helper'
|
|
2
2
|
|
|
3
3
|
describe Devise::Strategies::Oauth2PasswordGrantTypeStrategy do
|
|
4
|
-
describe 'POST /
|
|
4
|
+
describe 'POST /oauth/token' do
|
|
5
5
|
describe 'with grant_type=password' do
|
|
6
6
|
context 'with valid params' do
|
|
7
7
|
with :client
|
|
@@ -16,7 +16,7 @@ describe Devise::Strategies::Oauth2PasswordGrantTypeStrategy do
|
|
|
16
16
|
:password => 'test'
|
|
17
17
|
}
|
|
18
18
|
|
|
19
|
-
post '/
|
|
19
|
+
post '/oauth/token', params
|
|
20
20
|
end
|
|
21
21
|
it { response.code.to_i.should == 200 }
|
|
22
22
|
it { response.content_type.should == 'application/json' }
|
|
@@ -38,7 +38,7 @@ describe Devise::Strategies::Oauth2PasswordGrantTypeStrategy do
|
|
|
38
38
|
}
|
|
39
39
|
|
|
40
40
|
auth_header = ActionController::HttpAuthentication::Basic.encode_credentials client.identifier, client.secret
|
|
41
|
-
post '/
|
|
41
|
+
post '/oauth/token', params, 'HTTP_AUTHORIZATION' => auth_header
|
|
42
42
|
end
|
|
43
43
|
it { response.code.to_i.should == 200 }
|
|
44
44
|
it { response.content_type.should == 'application/json' }
|
|
@@ -59,7 +59,7 @@ describe Devise::Strategies::Oauth2PasswordGrantTypeStrategy do
|
|
|
59
59
|
:password => 'test'
|
|
60
60
|
}
|
|
61
61
|
auth_header = ActionController::HttpAuthentication::Basic.encode_credentials 'invalid client id', client.secret
|
|
62
|
-
post '/
|
|
62
|
+
post '/oauth/token', params, 'HTTP_AUTHORIZATION' => auth_header
|
|
63
63
|
end
|
|
64
64
|
it { response.code.to_i.should == 400 }
|
|
65
65
|
it { response.content_type.should == 'application/json' }
|
|
@@ -81,7 +81,7 @@ describe Devise::Strategies::Oauth2PasswordGrantTypeStrategy do
|
|
|
81
81
|
:password => 'test'
|
|
82
82
|
}
|
|
83
83
|
auth_header = ActionController::HttpAuthentication::Basic.encode_credentials client.identifier, 'invalid secret'
|
|
84
|
-
post '/
|
|
84
|
+
post '/oauth/token', params, 'HTTP_AUTHORIZATION' => auth_header
|
|
85
85
|
end
|
|
86
86
|
it { response.code.to_i.should == 400 }
|
|
87
87
|
it { response.content_type.should == 'application/json' }
|
|
@@ -106,7 +106,7 @@ describe Devise::Strategies::Oauth2PasswordGrantTypeStrategy do
|
|
|
106
106
|
:password => 'bar'
|
|
107
107
|
}
|
|
108
108
|
|
|
109
|
-
post '/
|
|
109
|
+
post '/oauth/token', params
|
|
110
110
|
end
|
|
111
111
|
it { response.code.to_i.should == 400 }
|
|
112
112
|
it { response.content_type.should == 'application/json' }
|
|
@@ -131,7 +131,7 @@ describe Devise::Strategies::Oauth2PasswordGrantTypeStrategy do
|
|
|
131
131
|
:password => 'test'
|
|
132
132
|
}
|
|
133
133
|
|
|
134
|
-
post '/
|
|
134
|
+
post '/oauth/token', params
|
|
135
135
|
end
|
|
136
136
|
it { response.code.to_i.should == 400 }
|
|
137
137
|
it { response.content_type.should == 'application/json' }
|
|
@@ -156,7 +156,7 @@ describe Devise::Strategies::Oauth2PasswordGrantTypeStrategy do
|
|
|
156
156
|
:password => 'test'
|
|
157
157
|
}
|
|
158
158
|
|
|
159
|
-
post '/
|
|
159
|
+
post '/oauth/token', params
|
|
160
160
|
end
|
|
161
161
|
it { response.code.to_i.should == 400 }
|
|
162
162
|
it { response.content_type.should == 'application/json' }
|
|
@@ -1,13 +1,13 @@
|
|
|
1
1
|
require 'spec_helper'
|
|
2
2
|
|
|
3
3
|
describe Devise::Strategies::Oauth2RefreshTokenGrantTypeStrategy do
|
|
4
|
-
describe 'POST /
|
|
4
|
+
describe 'POST /oauth/token' do
|
|
5
5
|
describe 'with grant_type=refresh_token' do
|
|
6
6
|
context 'with valid params' do
|
|
7
7
|
with :client
|
|
8
8
|
with :user
|
|
9
9
|
before do
|
|
10
|
-
@refresh_token = client.refresh_tokens.create! :user
|
|
10
|
+
@refresh_token = client.refresh_tokens.create! owner: user, client: client
|
|
11
11
|
params = {
|
|
12
12
|
:grant_type => 'refresh_token',
|
|
13
13
|
:client_id => client.identifier,
|
|
@@ -15,13 +15,13 @@ describe Devise::Strategies::Oauth2RefreshTokenGrantTypeStrategy do
|
|
|
15
15
|
:refresh_token => @refresh_token.token
|
|
16
16
|
}
|
|
17
17
|
|
|
18
|
-
post '/
|
|
18
|
+
post '/oauth/token', params
|
|
19
19
|
end
|
|
20
20
|
it { response.code.to_i.should == 200 }
|
|
21
21
|
it { response.content_type.should == 'application/json' }
|
|
22
22
|
it 'returns json' do
|
|
23
|
-
token = Devise::Oauth2::AccessToken.last
|
|
24
23
|
refresh_token = @refresh_token
|
|
24
|
+
token = Devise::Oauth2::AccessToken.last # create!(owner: user, refresh_token: refresh_token, client: client)
|
|
25
25
|
expected = {
|
|
26
26
|
:token_type => 'bearer',
|
|
27
27
|
:expires_in => 899,
|
|
@@ -36,17 +36,17 @@ describe Devise::Strategies::Oauth2RefreshTokenGrantTypeStrategy do
|
|
|
36
36
|
with :client
|
|
37
37
|
before do
|
|
38
38
|
timenow = 2.days.from_now
|
|
39
|
-
Time.stub
|
|
40
|
-
@refresh_token = client.refresh_tokens.create! :
|
|
39
|
+
Time.stub(:now).and_return(timenow)
|
|
40
|
+
@refresh_token = client.refresh_tokens.create! owner: user
|
|
41
41
|
params = {
|
|
42
42
|
:grant_type => 'refresh_token',
|
|
43
43
|
:client_id => client.identifier,
|
|
44
44
|
:client_secret => client.secret,
|
|
45
45
|
:refresh_token => @refresh_token.token
|
|
46
46
|
}
|
|
47
|
-
Time.stub
|
|
47
|
+
Time.stub(:now).and_return(timenow + 2.months)
|
|
48
48
|
|
|
49
|
-
post '/
|
|
49
|
+
post '/oauth/token', params
|
|
50
50
|
end
|
|
51
51
|
it { response.code.to_i.should == 400 }
|
|
52
52
|
it { response.content_type.should == 'application/json' }
|
|
@@ -62,7 +62,7 @@ describe Devise::Strategies::Oauth2RefreshTokenGrantTypeStrategy do
|
|
|
62
62
|
with :user
|
|
63
63
|
with :client
|
|
64
64
|
before do
|
|
65
|
-
@refresh_token = client.refresh_tokens.create! :
|
|
65
|
+
@refresh_token = client.refresh_tokens.create! owner: user
|
|
66
66
|
params = {
|
|
67
67
|
:grant_type => 'refresh_token',
|
|
68
68
|
:client_id => client.identifier,
|
|
@@ -70,7 +70,7 @@ describe Devise::Strategies::Oauth2RefreshTokenGrantTypeStrategy do
|
|
|
70
70
|
:refresh_token => 'invalid'
|
|
71
71
|
}
|
|
72
72
|
|
|
73
|
-
post '/
|
|
73
|
+
post '/oauth/token', params
|
|
74
74
|
end
|
|
75
75
|
it { response.code.to_i.should == 400 }
|
|
76
76
|
it { response.content_type.should == 'application/json' }
|
|
@@ -88,7 +88,7 @@ describe Devise::Strategies::Oauth2RefreshTokenGrantTypeStrategy do
|
|
|
88
88
|
with :user
|
|
89
89
|
with :client
|
|
90
90
|
before do
|
|
91
|
-
@refresh_token = client.refresh_tokens.create! :
|
|
91
|
+
@refresh_token = client.refresh_tokens.create! owner: user
|
|
92
92
|
params = {
|
|
93
93
|
:grant_type => 'refresh_token',
|
|
94
94
|
:client_id => 'invalid',
|
|
@@ -96,7 +96,7 @@ describe Devise::Strategies::Oauth2RefreshTokenGrantTypeStrategy do
|
|
|
96
96
|
:refresh_token => @refresh_token.token
|
|
97
97
|
}
|
|
98
98
|
|
|
99
|
-
post '/
|
|
99
|
+
post '/oauth/token', params
|
|
100
100
|
end
|
|
101
101
|
it { response.code.to_i.should == 400 }
|
|
102
102
|
it { response.content_type.should == 'application/json' }
|
|
@@ -112,7 +112,7 @@ describe Devise::Strategies::Oauth2RefreshTokenGrantTypeStrategy do
|
|
|
112
112
|
with :user
|
|
113
113
|
with :client
|
|
114
114
|
before do
|
|
115
|
-
@refresh_token = client.refresh_tokens.create! :
|
|
115
|
+
@refresh_token = client.refresh_tokens.create! owner: user
|
|
116
116
|
params = {
|
|
117
117
|
:grant_type => 'refresh_token',
|
|
118
118
|
:client_id => client.identifier,
|
|
@@ -120,7 +120,7 @@ describe Devise::Strategies::Oauth2RefreshTokenGrantTypeStrategy do
|
|
|
120
120
|
:refresh_token => @refresh_token.token
|
|
121
121
|
}
|
|
122
122
|
|
|
123
|
-
post '/
|
|
123
|
+
post '/oauth/token', params
|
|
124
124
|
end
|
|
125
125
|
it { response.code.to_i.should == 400 }
|
|
126
126
|
it { response.content_type.should == 'application/json' }
|
|
@@ -5,21 +5,19 @@ describe Devise::Oauth2::AccessToken do
|
|
|
5
5
|
|
|
6
6
|
describe 'basic access token instance' do
|
|
7
7
|
with :client
|
|
8
|
+
with :user
|
|
8
9
|
subject do
|
|
9
|
-
Devise::Oauth2::AccessToken.create! :client => client
|
|
10
|
+
Devise::Oauth2::AccessToken.create! :client => client, owner: user
|
|
10
11
|
end
|
|
11
12
|
it { should validate_presence_of :token }
|
|
12
13
|
it { should validate_uniqueness_of :token }
|
|
13
|
-
it { should belong_to :
|
|
14
|
-
it { should allow_mass_assignment_of :user }
|
|
14
|
+
it { should belong_to :owner }
|
|
15
15
|
it { should belong_to :client }
|
|
16
|
-
it { should allow_mass_assignment_of :client }
|
|
17
16
|
it { should validate_presence_of :client }
|
|
18
17
|
it { should validate_presence_of :expires_at }
|
|
19
18
|
it { should belong_to :refresh_token }
|
|
20
|
-
it { should allow_mass_assignment_of :refresh_token }
|
|
21
19
|
it { should have_db_index :client_id }
|
|
22
|
-
it { should have_db_index :
|
|
20
|
+
it { should have_db_index :owner_id }
|
|
23
21
|
it { should have_db_index(:token).unique(true) }
|
|
24
22
|
it { should have_db_index :expires_at }
|
|
25
23
|
end
|
|
@@ -3,19 +3,18 @@ require 'spec_helper'
|
|
|
3
3
|
describe Devise::Oauth2::AuthorizationCode do
|
|
4
4
|
describe 'basic authorization code instance' do
|
|
5
5
|
with :client
|
|
6
|
+
with :user
|
|
6
7
|
subject do
|
|
7
|
-
Devise::Oauth2::AuthorizationCode.create! :client => client
|
|
8
|
+
Devise::Oauth2::AuthorizationCode.create! :client => client, owner: user
|
|
8
9
|
end
|
|
9
10
|
it { should validate_presence_of :token }
|
|
10
11
|
it { should validate_uniqueness_of :token }
|
|
11
|
-
it { should belong_to :
|
|
12
|
-
it { should allow_mass_assignment_of :user }
|
|
12
|
+
it { should belong_to :owner }
|
|
13
13
|
it { should belong_to :client }
|
|
14
|
-
it { should allow_mass_assignment_of :client }
|
|
15
14
|
it { should validate_presence_of :client }
|
|
16
15
|
it { should validate_presence_of :expires_at }
|
|
17
16
|
it { should have_db_index :client_id }
|
|
18
|
-
it { should have_db_index :
|
|
17
|
+
it { should have_db_index :owner_id }
|
|
19
18
|
it { should have_db_index(:token).unique(true) }
|
|
20
19
|
it { should have_db_index :expires_at }
|
|
21
20
|
end
|
data/spec/models/client_spec.rb
CHANGED
|
@@ -6,16 +6,8 @@ describe Devise::Oauth2::Client do
|
|
|
6
6
|
describe 'basic client instance' do
|
|
7
7
|
with :client
|
|
8
8
|
subject { client }
|
|
9
|
-
it { should validate_presence_of :name }
|
|
10
|
-
it { should validate_uniqueness_of :name }
|
|
11
|
-
it { should allow_mass_assignment_of :name }
|
|
12
|
-
it { should validate_presence_of :website }
|
|
13
|
-
it { should allow_mass_assignment_of :website }
|
|
14
|
-
it { should allow_mass_assignment_of :redirect_uri }
|
|
15
9
|
it { should validate_uniqueness_of :identifier }
|
|
16
10
|
it { should have_db_index(:identifier).unique(true) }
|
|
17
|
-
it { should_not allow_mass_assignment_of :identifier }
|
|
18
|
-
it { should_not allow_mass_assignment_of :secret }
|
|
19
11
|
it { should have_many :refresh_tokens }
|
|
20
12
|
it { should have_many :authorization_codes }
|
|
21
13
|
end
|
|
@@ -5,21 +5,19 @@ describe Devise::Oauth2::RefreshToken do
|
|
|
5
5
|
|
|
6
6
|
describe 'basic refresh token instance' do
|
|
7
7
|
with :client
|
|
8
|
+
with :user
|
|
8
9
|
subject do
|
|
9
|
-
Devise::Oauth2::RefreshToken.create! :client => client
|
|
10
|
+
Devise::Oauth2::RefreshToken.create! :client => client, owner: user
|
|
10
11
|
end
|
|
11
12
|
it { should validate_presence_of :token }
|
|
12
13
|
it { should validate_uniqueness_of :token }
|
|
13
|
-
it { should belong_to :
|
|
14
|
-
it { should allow_mass_assignment_of :user }
|
|
14
|
+
it { should belong_to :owner }
|
|
15
15
|
it { should belong_to :client }
|
|
16
|
-
it { should allow_mass_assignment_of :client }
|
|
17
16
|
it { should validate_presence_of :client }
|
|
18
17
|
it { should validate_presence_of :expires_at }
|
|
19
18
|
it { should have_many :access_tokens }
|
|
20
|
-
it { should allow_mass_assignment_of :access_tokens }
|
|
21
19
|
it { should have_db_index :client_id }
|
|
22
|
-
it { should have_db_index :
|
|
20
|
+
it { should have_db_index :owner_id }
|
|
23
21
|
it { should have_db_index(:token).unique(true) }
|
|
24
22
|
it { should have_db_index :expires_at }
|
|
25
23
|
end
|
|
@@ -2,11 +2,11 @@ require 'spec_helper'
|
|
|
2
2
|
|
|
3
3
|
describe Devise::Oauth2::AuthorizationsController do
|
|
4
4
|
describe 'routing' do
|
|
5
|
-
pending 'routes POST /
|
|
6
|
-
post('/
|
|
5
|
+
pending 'routes POST /oauth/authorizations' do
|
|
6
|
+
post('/oauth/authorizations').should route_to('devise/oauth2_providable/authorizations#create')
|
|
7
7
|
end
|
|
8
|
-
pending 'routes GET /
|
|
9
|
-
get('/
|
|
8
|
+
pending 'routes GET /oauth/authorize' do
|
|
9
|
+
get('/oauth/authorize').should route_to('devise/oauth2_providable/authorizations#new')
|
|
10
10
|
end
|
|
11
11
|
pending 'routes POST /oauth2/authorize' do
|
|
12
12
|
#FIXME: this is valid, but the route is not being loaded into the test
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
# see http://www.builtfromsource.com/2011/09/21/testing-routes-with-rails-3-1-engines/
|
|
2
2
|
module Devise
|
|
3
|
-
module
|
|
3
|
+
module Oauth2
|
|
4
4
|
module EngineHacks
|
|
5
5
|
##
|
|
6
6
|
# Automatically append all of the current engine's routes to the main
|
|
@@ -23,7 +23,7 @@ module Devise
|
|
|
23
23
|
engine = ("#{engine_name}::Engine").constantize
|
|
24
24
|
|
|
25
25
|
engine_name = 'oauth2'
|
|
26
|
-
engine = Devise::
|
|
26
|
+
engine = Devise::Oauth2::Engine
|
|
27
27
|
named_routes = engine.routes.named_routes.routes
|
|
28
28
|
resourced_routes = []
|
|
29
29
|
|
|
@@ -71,4 +71,4 @@ module Devise
|
|
|
71
71
|
end
|
|
72
72
|
end
|
|
73
73
|
|
|
74
|
-
# Rails::Engine.send(:include, Devise::
|
|
74
|
+
# Rails::Engine.send(:include, Devise::Oauth2::EngineHacks)
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: devise_oauth2_rails4
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 2.1.
|
|
4
|
+
version: 2.1.5
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Brian Wheeler
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2014-03-
|
|
11
|
+
date: 2014-03-18 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: rails
|
|
@@ -357,4 +357,3 @@ test_files:
|
|
|
357
357
|
- spec/spec_helper.rb
|
|
358
358
|
- spec/support/inject_engine_routes_into_application.rb
|
|
359
359
|
- spec/support/match_json.rb
|
|
360
|
-
has_rdoc:
|