doorkeeper-couchbase 1.0.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: 26e72753a5fd06befb160626efc21a2ac90ca8ea
+  data.tar.gz: 904262def4b85471c00852ae725dfd849b3b0a13
+SHA512:
+  metadata.gz: ee53b67b92991dbfe8f543826a4edb0a3022d07c182cfebade2e45109fa4f33051645d50170cc397fb3b5fea186da997774307a94c0fbd20e1033606592bd55c
+  data.tar.gz: c5e78c9475694985d89ac5c64d87e1d14d7f03387743d990173cfdda9f82b2fc00394c0b70d49d5fe0f93e674b80a886e74d9782f760942dd9f0debdc5214064

data/MIT-LICENSE

@@ -0,0 +1,20 @@
+Copyright 2016 ACAProjects
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.md

@@ -0,0 +1,39 @@
+# doorkeeper-couchbase extension
+
+## Installation
+
+doorkeeper-couchbase provides doorkeeper support to couchbase
+To start using it, add to your Gemfile:
+
+``` ruby
+gem "doorkeeper-couchbase"
+```
+
+Run [doorkeeper’s installation generator]:
+
+    rails generate doorkeeper:install
+
+[doorkeeper’s installation generator]: https://github.com/doorkeeper-gem/doorkeeper#installation
+
+This will install the doorkeeper initializer into
+`config/initializers/doorkeeper.rb`.
+
+Set the ORM configuration:
+
+``` ruby
+Doorkeeper.configure do
+  orm :couchbase
+end
+```
+
+## Tests
+
+To run tests, clone this repository and run `rake`. It will copy and run
+doorkeeper’s original test suite, after configuring the ORM according to the
+variables defined in `.travis.yml` file.
+
+
+---
+
+Please refer to https://github.com/doorkeeper-gem/doorkeeper for instructions on
+doorkeeper’s project.

data/Rakefile

@@ -0,0 +1,23 @@
+require 'bundler/setup'
+require 'rspec/core/rake_task'
+
+task :load_doorkeeper do
+  `rm -rf spec/`
+  `git checkout -- spec`
+  `git submodule init`
+  `git submodule update`
+  `cp -r -n doorkeeper/spec .`
+  `bundle exec rspec`
+end
+
+desc 'Default: run specs.'
+task default: :spec
+
+desc 'Clone down doorkeeper specs'
+task spec: :load_doorkeeper
+
+RSpec::Core::RakeTask.new(:spec) do |config|
+  config.verbose = false
+end
+
+Bundler::GemHelper.install_tasks

data/lib/couchbase/railtie.rb

@@ -0,0 +1,3 @@
+
+require 'couchbase-orm'
+require 'couchbase-orm/railtie'

data/lib/doorkeeper-couchbase/version.rb

@@ -0,0 +1,3 @@
+module DoorkeeperCouchbase
+    VERSION = "1.0.0"
+end

data/lib/doorkeeper-couchbase.rb

@@ -0,0 +1,7 @@
+require 'doorkeeper-couchbase/version'
+
+require 'doorkeeper'
+require 'support/orm/couchbase'
+
+module DoorkeeperCouchbase
+end

data/lib/support/orm/couchbase/access_grant.rb

@@ -0,0 +1,57 @@
+
+module Doorkeeper
+    class AccessGrant < CouchbaseOrm::Base
+        design_document :dk_ag
+
+
+        include OAuth::Helpers
+        include Models::Expirable
+        include Models::Revocable
+        include Models::Accessible
+        include Models::Scopes
+
+        include ::Doorkeeper::Couchbase::Timestamps
+
+
+        belongs_to  :application, class_name: 'Doorkeeper::Application', inverse_of: :access_grants
+
+        attribute   :resource_owner_id,
+                    :token,
+                    :scopes,
+                    :redirect_uri, type: String
+
+        attribute   :expires_in,   type: Integer
+        
+
+        class << self
+            alias_method :by_token, :find_by_id
+        end
+
+
+        validates :resource_owner_id, :application, :token, :expires_in, :redirect_uri, presence: true
+
+
+        before_validation :generate_token, on: :create
+
+        
+        # Lets make sure these keys are not clogging up the database forever
+        def save(**options)
+            options[:ttl] = self.created_at + self.expires_in + 30
+            super(**options)
+        end
+
+
+        private
+
+
+        # Generates token value with UniqueToken class.
+        #
+        # @return [String] token value
+        #
+        def generate_token
+            if self.token.blank?
+                self.id = self.token = UniqueToken.generate
+            end
+        end
+    end
+end

data/lib/support/orm/couchbase/access_token.rb

@@ -0,0 +1,283 @@
+
+module Doorkeeper
+    class AccessToken < CouchbaseOrm::Base
+        design_document :dk_at
+
+
+        include OAuth::Helpers
+        include Models::Expirable
+        include Models::Revocable
+        include Models::Accessible
+        include Models::Scopes
+
+        include ::Doorkeeper::Couchbase::Timestamps
+
+        attr_writer :use_refresh_token
+
+        belongs_to  :application, class_name: 'Doorkeeper::Application', inverse_of: :access_grants
+
+        attribute   :resource_owner_id,
+                    :token,
+                    :refresh_token,
+                    :scopes,                 type: String
+        attribute   :previous_refresh_token, type: String, default: proc { '' }
+
+        attribute   :expires_in,   type: Integer
+
+
+        validates :resource_owner_id, :application, :expires_in, :token, presence: true
+        ensure_unique :refresh_token, presence: false
+
+
+        index_view :resource_owner_id
+        view :by_application_id_and_resource_owner_id, map: <<-EMAP
+            function(doc) {
+                if(doc.type === 'dk_at' && doc.application_id && doc.resource_owner_id && !doc.revoked_at) {
+                    emit([doc.application_id, doc.resource_owner_id], null);
+                }
+            }
+        EMAP
+
+
+        class << self
+            def refresh_token_revoked_on_use?
+                true
+            end
+
+            # Returns an instance of the Doorkeeper::AccessToken with
+            # specific token value.
+            #
+            # @param token [#to_s]
+            #   token value (any object that responds to `#to_s`)
+            #
+            # @return [Doorkeeper::AccessToken, nil] AccessToken object or nil
+            #   if there is no record with such token
+            #
+            alias_method :by_token, :find_by_id
+
+            # Returns an instance of the Doorkeeper::AccessToken
+            # with specific token value.
+            #
+            # @param refresh_token [#to_s]
+            #   refresh token value (any object that responds to `#to_s`)
+            #
+            # @return [Doorkeeper::AccessToken, nil] AccessToken object or nil
+            #   if there is no record with such refresh token
+            #
+            def by_refresh_token(refresh_token)
+                tok = self.find_by_refresh_token(refresh_token)
+                return tok if tok
+
+                # legacy - required for existing systems
+                id = AccessToken.bucket.get("refresh-#{refresh_token}", quiet: true)
+                find_by_id(id) if id
+            end
+
+            # Revokes AccessToken records that have not been revoked and associated
+            # with the specific Application and Resource Owner.
+            #
+            # @param application_id [Integer]
+            #   ID of the Application
+            # @param resource_owner [ActiveRecord::Base]
+            #   instance of the Resource Owner model
+            #
+            def revoke_all_for(application_id, resource_owner)
+                by_application_id_and_resource_owner_id(key: [application_id, resource_owner.id]).stream do |at|
+                    at.revoke
+                end
+            end
+
+            # Looking for not revoked Access Token record that belongs to specific
+            # Application and Resource Owner.
+            #
+            # @param application_id [Integer]
+            #   ID of the Application model instance
+            # @param resource_owner_id [Integer]
+            #   ID of the Resource Owner model instance
+            #
+            # @return [Doorkeeper::AccessToken, nil] matching AccessToken object or
+            #   nil if nothing was found
+            #
+            def last_authorized_token_for(application_id, resource_owner_id)
+                result = by_application_id_and_resource_owner_id(key: [application_id, resource_owner_id]).first
+                result[:revoked_at] ? result : nil
+            end
+
+            # Looking for not expired Access Token with a matching set of scopes
+            # that belongs to specific Application and Resource Owner.
+            #
+            # @param application [Doorkeeper::Application]
+            #   Application instance
+            # @param resource_owner_or_id [ActiveRecord::Base, Integer]
+            #   Resource Owner model instance or it's ID
+            # @param scopes [String, Doorkeeper::OAuth::Scopes]
+            #   set of scopes
+            #
+            # @return [Doorkeeper::AccessToken, nil] Access Token instance or
+            #   nil if matching record was not found
+            #
+            def matching_token_for(application, resource_owner_or_id, scopes)
+                resource_owner_id = resource_owner_or_id.try(:id) || resource_owner_or_id
+                token = last_authorized_token_for(application.try(:id), resource_owner_id)
+                if token && scopes_match?(token.scopes, scopes, application.try(:scopes))
+                    token
+                end
+            end
+
+            # Checks whether the token scopes match the scopes from the parameters or
+            # Application scopes (if present).
+            #
+            # @param token_scopes [#to_s]
+            #   set of scopes (any object that responds to `#to_s`)
+            # @param param_scopes [String]
+            #   scopes from params
+            # @param app_scopes [String]
+            #   Application scopes
+            #
+            # @return [Boolean] true if all scopes and blank or matches
+            #   and false in other cases
+            #
+            def scopes_match?(token_scopes, param_scopes, app_scopes)
+                (!token_scopes.present? && !param_scopes.present?) ||
+                    Doorkeeper::OAuth::Helpers::ScopeChecker.match?(
+                        token_scopes.to_s,
+                        param_scopes,
+                        app_scopes
+                    )
+            end
+
+            # Looking for not expired AccessToken record with a matching set of
+            # scopes that belongs to specific Application and Resource Owner.
+            # If it doesn't exists - then creates it.
+            #
+            # @param application [Doorkeeper::Application]
+            #   Application instance
+            # @param resource_owner_id [ActiveRecord::Base, Integer]
+            #   Resource Owner model instance or it's ID
+            # @param scopes [#to_s]
+            #   set of scopes (any object that responds to `#to_s`)
+            # @param expires_in [Integer]
+            #   token lifetime in seconds
+            # @param use_refresh_token [Boolean]
+            #   whether to use the refresh token
+            #
+            # @return [Doorkeeper::AccessToken] existing record or a new one
+            #
+            def find_or_create_for(application, resource_owner_id, scopes, expires_in, use_refresh_token)
+                if Doorkeeper.configuration.reuse_access_token
+                    access_token = matching_token_for(application, resource_owner_id, scopes)
+                    if access_token && !access_token.expired?
+                        return access_token
+                    end
+                end
+
+                create!(
+                    application_id:    application.try(:id),
+                    resource_owner_id: resource_owner_id,
+                    scopes:            scopes.to_s,
+                    expires_in:        expires_in,
+                    use_refresh_token: use_refresh_token
+                )
+            end
+        end
+
+        # Access Token type: Bearer.
+        # @see https://tools.ietf.org/html/rfc6750
+        #   The OAuth 2.0 Authorization Framework: Bearer Token Usage
+        #
+        def token_type
+            'bearer'
+        end
+
+        def use_refresh_token?
+            @use_refresh_token ||= false
+            !!@use_refresh_token
+        end
+
+        # JSON representation of the Access Token instance.
+        #
+        # @return [Hash] hash with token data
+        def as_json(_options = {})
+            {
+                resource_owner_id:  resource_owner_id,
+                scopes:             scopes,
+                expires_in_seconds: expires_in_seconds,
+                application:        { uid: application.try(:uid) },
+                created_at:         created_at.to_i
+            }
+        end
+
+
+        # Lets make sure these keys are not clogging up the database forever
+        def save(**options)
+            if use_refresh_token?
+                options[:ttl] = self.created_at + 6.months
+            else
+                options[:ttl] = self.created_at + self.expires_in + 30
+            end
+            super(**options)
+        end
+
+
+
+        # Indicates whether the token instance have the same credential
+        # as the other Access Token.
+        #
+        # @param access_token [Doorkeeper::AccessToken] other token
+        #
+        # @return [Boolean] true if credentials are same of false in other cases
+        #
+        def same_credential?(access_token)
+            application_id == access_token.application_id &&
+            resource_owner_id == access_token.resource_owner_id
+        end
+
+
+        # Indicates if token is acceptable for specific scopes.
+        #
+        # @param scopes [Array<String>] scopes
+        #
+        # @return [Boolean] true if record is accessible and includes scopes or
+        #   false in other cases
+        #
+        def acceptable?(scopes)
+            accessible? && includes_scope?(*scopes)
+        end
+
+        private
+
+
+        before_validation :generate_token, on: :create
+        before_validation :generate_refresh_token, on: :create, if: :use_refresh_token?
+
+
+        # Generates refresh token with UniqueToken generator.
+        #
+        # @return [String] refresh token value
+        #
+        def generate_refresh_token
+            if self.refresh_token.blank?
+                write_attribute :refresh_token, UniqueToken.generate
+            end
+        end
+
+        def generate_token
+            return if self.token.present?
+
+            self.created_at ||= Time.now.utc
+
+            generator = Doorkeeper.configuration.access_token_generator.constantize
+            self.id = self.token = generator.generate(
+                resource_owner_id: resource_owner_id,
+                scopes: scopes,
+                application: application,
+                expires_in: expires_in,
+                created_at: created_at
+            )
+        rescue NoMethodError
+            raise Errors::UnableToGenerateToken, "#{generator} does not respond to `.generate`."
+        rescue NameError
+            raise Errors::TokenGeneratorNotFound, "#{generator} not found"
+        end
+    end
+end

data/lib/support/orm/couchbase/application.rb

@@ -0,0 +1,76 @@
+
+# Load these before the has_many
+require File.expand_path("../access_grant", __FILE__)
+require File.expand_path("../access_token", __FILE__)
+
+
+module Doorkeeper
+    class Application < CouchbaseOrm::Base
+        design_document :dk_app
+
+
+        include OAuth::Helpers
+        include Models::Scopes
+
+
+        attribute :name,
+                  :uid,
+                  :secret,
+                  :scopes,
+                  :redirect_uri, type: String
+
+
+        belongs_to :owner, polymorphic: true
+        
+        validates :owner, presence: true, if: :validate_owner?
+        def validate_owner?
+            Doorkeeper.configuration.confirm_application_owner?
+        end
+
+
+        has_many :access_grants, dependent: :destroy, class_name: 'Doorkeeper::AccessGrant'
+        has_many :access_tokens, dependent: :destroy, class_name: 'Doorkeeper::AccessToken'
+
+
+        class << self
+            alias_method :by_uid, :find_by_id
+
+            def by_uid_and_secret(uid, secret)
+                app = find_by_id(uid)
+                if app
+                    return app.secret == secret ? app : nil
+                end
+                nil
+            end
+
+            def authorized_for(resource_owner)
+                AccessToken.find_by_resource_owner_id(resource_owner.id).collect(&:application)
+            end
+        end
+
+
+        private
+
+
+        validates :name, :secret, :uid, presence: true
+        validates :redirect_uri, redirect_uri: true
+
+        before_validation :generate_uid, :generate_secret, on: :create
+
+        def has_scopes?
+            true
+        end
+
+        def generate_uid
+            if uid.blank?
+                self.id = self.uid = UniqueToken.generate
+            end
+        end
+
+        def generate_secret
+            if secret.blank?
+                self.secret = UniqueToken.generate
+            end
+        end
+    end
+end

data/lib/support/orm/couchbase/timestamps.rb

@@ -0,0 +1,34 @@
+require 'date'
+
+module Doorkeeper
+    module Couchbase
+        module Timestamps
+            extend ActiveSupport::Concern
+
+
+            included do
+                attribute :revoked_at, type: Integer
+                attribute :created_at, type: Integer, :default => lambda { Time.now.to_i + 1 }
+            end
+
+
+            def revoked_at
+                revoked = self[:revoked_at]
+                Time.at(revoked) unless revoked.nil?
+            end
+
+            def revoked_at=(time)
+                if time
+                    number = time.is_a?(Numeric) ? time.to_i : time.to_time.to_i
+                    self[:revoked_at] = number
+                else
+                    self[:revoked_at] = nil
+                end
+            end
+
+            def created_at
+                Time.at(self[:created_at])
+            end
+        end
+    end
+end

data/lib/support/orm/couchbase.rb

@@ -0,0 +1,19 @@
+module Doorkeeper
+    module Orm
+        module Couchbase
+            def self.initialize_models!
+                require 'support/orm/couchbase/timestamps'
+                require 'support/orm/couchbase/access_grant'
+                require 'support/orm/couchbase/access_token'
+                require 'support/orm/couchbase/application'
+            end
+
+            def self.initialize_application_owner!
+                #require 'doorkeeper/models/concerns/ownership'
+                #Doorkeeper::Application.send :include, Doorkeeper::Models::Ownership
+            end
+
+            def self.check_requirements!(_config); end
+        end
+    end
+end

data/spec/dummy/config/couchbase.yml

@@ -0,0 +1,17 @@
+common: &common
+  hosts: localhost
+  password:
+
+development:
+  <<: *common
+  bucket: default
+
+test:
+  <<: *common
+  bucket: test
+  password: password123
+
+# set these environment variables on your production server
+production:
+  hosts: 127.0.0.1
+  bucket: default

metadata

@@ -0,0 +1,209 @@
+--- !ruby/object:Gem::Specification
+name: doorkeeper-couchbase
+version: !ruby/object:Gem::Version
+  version: 1.0.0
+platform: ruby
+authors:
+- Stephen von Takach
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2017-03-03 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: doorkeeper
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 4.0.0
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: '5'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 4.0.0
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: '5'
+- !ruby/object:Gem::Dependency
+  name: couchbase-orm
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 0.0.0
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: '2'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 0.0.0
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: '2'
+- !ruby/object:Gem::Dependency
+  name: sqlite3
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: capybara
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: database_cleaner
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.5'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.5'
+- !ruby/object:Gem::Dependency
+  name: factory_girl
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '4.7'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '4.7'
+- !ruby/object:Gem::Dependency
+  name: generator_spec
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.9'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.9'
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '11'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '11'
+- !ruby/object:Gem::Dependency
+  name: rspec-rails
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: timecop
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.8'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.8'
+description: Doorkeeper Couchbase ORMs
+email:
+- steve@aca.im
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- MIT-LICENSE
+- README.md
+- Rakefile
+- lib/couchbase/railtie.rb
+- lib/doorkeeper-couchbase.rb
+- lib/doorkeeper-couchbase/version.rb
+- lib/support/orm/couchbase.rb
+- lib/support/orm/couchbase/access_grant.rb
+- lib/support/orm/couchbase/access_token.rb
+- lib/support/orm/couchbase/application.rb
+- lib/support/orm/couchbase/timestamps.rb
+- spec/dummy/config/couchbase.yml
+homepage: http://github.com/acaprojects/doorkeeper-couchbase
+licenses:
+- MIT
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 2.6.10
+signing_key: 
+specification_version: 4
+summary: Doorkeeper Couchbase ORMs
+test_files:
+- spec/dummy/config/couchbase.yml