doorkeeper-device_authorization_grant 0.1.1 → 0.2.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 5231c51f4fc5f93284e30b08cc6188e4ac43cfecfd1908110597350ddd0c2cf7
-  data.tar.gz: 8cc73d6fe81263c383290e7c2b68a477b6cd0f4b6c9873d9efcdd4493fc1242b
+  metadata.gz: '08caf432de1258cd6b0dab0346a332f0a49698e35838194e1e6e9f999d1a2ccc'
+  data.tar.gz: 98c6b042087cb1a1df1f84d4e9aca7327f2cb637eaee58729de53a0d76fd9900
 SHA512:
-  metadata.gz: 8f67e3f89aad7ce4cfc2ac7d7c70d1dcb63b6129bb877592fe14e917c10cea626c5cabd3724fe427415215da4a965d81c042de7f615f861c76a32cb5a95272f1
-  data.tar.gz: e4fefdce2c1662f05f48871c47927ddd46607de767652273e73c98120d4734cd2e1cb79c2ec045cd1536948d4584b475f57060124711ec0cffbb82bd81b69864
+  metadata.gz: 05dca92fad2e8ef88aae7d9739aa08c990dd5643c1ef4aab563b761d3afb1f08727efd2f508d45155e524943f9082203fa8e7019bd0829867a0c218266aa9fb8
+  data.tar.gz: c603c13d33a65616bd370dac83625396318ee7e47e0dc16f99cd620c23ebd5e1df0f9a30a6b7915eb33f85dd9ba7e2d2284793c0156808c86350591e97ae9085

data/README.md

@@ -316,5 +316,12 @@ Content-Type: application/json
 The device authentication flow is now complete, and the token data can be used to
 authenticate requests against the authorization and/or resource server.
 
+## Example Application
+
+Here you can find an example Rails application which uses this gem,
+together with a little HTML/JS client to try out the device flow:
+
+[https://github.com/exop-group/doorkeeper-device-flow-example](https://github.com/exop-group/doorkeeper-device-flow-example)
+
 ## License
 The gem is available as open source under the terms of the [MIT License](https://opensource.org/licenses/MIT).

data/lib/doorkeeper/device_authorization_grant.rb

@@ -9,6 +9,7 @@ module Doorkeeper
   # OAuth 2.0 Device Authorization Grant extension for Doorkeeper.
   module DeviceAuthorizationGrant
     autoload :DeviceGrant, 'doorkeeper/device_authorization_grant/orm/active_record/device_grant'
+    autoload :DeviceGrantMixin, 'doorkeeper/device_authorization_grant/orm/active_record/device_grant_mixin'
     autoload :Errors, 'doorkeeper/device_authorization_grant/errors'
     autoload :VERSION, 'doorkeeper/device_authorization_grant/version'
 

data/lib/doorkeeper/device_authorization_grant/config.rb

@@ -18,8 +18,10 @@ module Doorkeeper
     # Error raised in case of missing configuration
     class MissingConfiguration < StandardError
       def initialize
-        super('Configuration for Doorkeeper::DeviceAuthorizationGrant missing. ' \
-              'Do you have Doorkeeper::DeviceAuthorizationGrant initializer?')
+        super(
+          'Configuration for Doorkeeper::DeviceAuthorizationGrant missing. ' \
+          'Do you have Doorkeeper::DeviceAuthorizationGrant initializer?'
+        )
       end
     end
 

data/lib/doorkeeper/device_authorization_grant/oauth/device_authorization_request.rb

@@ -7,8 +7,8 @@ module Doorkeeper
       #
       # @see https://tools.ietf.org/html/rfc8628#section-3.1 RFC 8628, sect. 3.1
       class DeviceAuthorizationRequest < Doorkeeper::OAuth::BaseRequest
-        attr_accessor :server
-        attr_accessor :client
+        attr_accessor :server,
+                      :client
 
         # @return [String]
         attr_accessor :host_name
@@ -19,6 +19,7 @@ module Doorkeeper
         # @param client
         # @param host_name [String]
         def initialize(server, client, host_name)
+          super()
           @server = server
           @client = client
           @host_name = host_name

data/lib/doorkeeper/device_authorization_grant/oauth/device_authorization_response.rb

@@ -16,6 +16,7 @@ module Doorkeeper
         # @param device_grant [DeviceGrant]
         # @param host_name [String]
         def initialize(device_grant, host_name)
+          super()
           @device_grant = device_grant
           @host_name = host_name
         end

data/lib/doorkeeper/device_authorization_grant/oauth/device_code_request.rb

@@ -7,14 +7,13 @@ module Doorkeeper
       #
       # @see https://tools.ietf.org/html/rfc8628#section-3.4 RFC 8628, sect. 3.4
       class DeviceCodeRequest < ::Doorkeeper::OAuth::BaseRequest
-        attr_accessor :server
-        attr_accessor :client
+        attr_accessor :server,
+                      :client,
+                      :access_token
 
         # @return [DeviceGrant]
         attr_accessor :device_grant
 
-        attr_accessor :access_token
-
         validate :client, error: :invalid_client
         validate :device_grant, error: :invalid_grant
 
@@ -22,6 +21,8 @@ module Doorkeeper
         # @param client
         # @param device_grant [DeviceGrant]
         def initialize(server, client, device_grant)
+          super()
+
           @server = server
           @client = client
           @device_grant = device_grant

data/lib/doorkeeper/device_authorization_grant/orm/active_record/device_grant.rb

@@ -5,41 +5,7 @@ module Doorkeeper
     # Model class, similar to Doorkeeper `AccessGrant`, but specific for
     # handling OAuth 2.0 Device Authorization Grant.
     class DeviceGrant < ActiveRecord::Base
-      self.table_name = "#{table_name_prefix}oauth_device_grants#{table_name_suffix}"
-
-      include ::Doorkeeper::Models::Expirable
-
-      delegate :secret_strategy, :fallback_secret_strategy, to: :class
-
-      belongs_to :application, class_name: Doorkeeper.configuration.application_class, optional: true
-
-      before_validation :generate_device_code, on: :create
-
-      validates :application_id, presence: true
-      validates :expires_in, presence: true
-      validates :device_code, presence: true, uniqueness: true
-
-      validates :user_code, presence: true, uniqueness: true, if: -> { resource_owner_id.blank? }
-      validates :user_code, absence: true, if: -> { resource_owner_id.present? }
-
-      validates :resource_owner_id, presence: true, if: -> { user_code.blank? }
-      validates :resource_owner_id, absence: true, if: -> { user_code.present? }
-
-      scope(
-        :expired,
-        lambda do
-          exp_in = DeviceAuthorizationGrant.configuration.device_code_expires_in
-          where('created_at <= :expiration_date', expiration_date: exp_in.seconds.ago)
-        end
-      )
-
-      scope(
-        :unexpired,
-        lambda do
-          exp_in = DeviceAuthorizationGrant.configuration.device_code_expires_in
-          where('created_at > :expiration_date', expiration_date: exp_in.seconds.ago)
-        end
-      )
+      include DeviceGrantMixin
 
       # @!attribute application_id
       #   @return [Integer]
@@ -64,87 +30,6 @@ module Doorkeeper
 
       # @!attribute last_polling_at
       #   @return [Time, nil]
-
-      class << self
-        # Returns an instance of the DeviceGrant with specific device code
-        # value.
-        #
-        # @param device_code [#to_s] device code value
-        # @return [Doorkeeper::DeviceAuthorizationGrant::DeviceGrant, nil]
-        #   DeviceGrant object, or nil if there is no record with such code
-        def find_by_plaintext_device_code(device_code)
-          device_code = device_code.to_s
-
-          find_by(device_code: secret_strategy.transform_secret(device_code)) ||
-            find_by_fallback_device_code(device_code)
-        end
-
-        alias by_device_code find_by_plaintext_device_code
-
-        # Allow looking up previously plain device codes as a fallback IFF a
-        # fallback strategy has been defined
-        #
-        # @param plain_secret [#to_s] plain secret value
-        # @return [Doorkeeper::DeviceAuthorizationGrant::DeviceGrant, nil]
-        #   DeviceGrant object or nil if there is no record with such code
-        def find_by_fallback_device_code(plain_secret)
-          return nil unless fallback_secret_strategy
-
-          # Use the previous strategy to look up
-          stored_code = fallback_secret_strategy.transform_secret(plain_secret)
-          find_by(device_code: stored_code).tap do |resource|
-            upgrade_fallback_value(resource, plain_secret) if resource
-          end
-        end
-
-        # Allows to replace a plain value fallback, to avoid it remaining as
-        # plain text.
-        #
-        # @param instance [Doorkeeper::DeviceAuthorizationGrant::DeviceGrant]
-        #   An instance of this model with a plain value device code.
-        # @param plain_secret [String] The plain secret to upgrade.
-        def upgrade_fallback_value(instance, plain_secret)
-          upgraded =
-            secret_strategy.store_secret(instance, :device_code, plain_secret)
-          instance.update(device_code: upgraded)
-        end
-
-        # Determines the secret storing transformer
-        # Unless configured otherwise, uses the plain secret strategy
-        def secret_strategy
-          ::Doorkeeper.configuration.token_secret_strategy
-        end
-
-        # Determine the fallback storing strategy
-        # Unless configured, there will be no fallback
-        def fallback_secret_strategy
-          ::Doorkeeper.configuration.token_secret_fallback_strategy
-        end
-      end
-
-      # We keep a volatile copy of the raw device code for initial
-      # communication.
-      #
-      # Some strategies allow restoring stored secrets (e.g. symmetric
-      # encryption) while hashing strategies do not, so you cannot rely on
-      # this value returning a present value for persisted device codes.
-      def plaintext_device_code
-        if secret_strategy.allows_restoring_secrets?
-          secret_strategy.restore_secret(self, :device_code)
-        else
-          @raw_device_code
-        end
-      end
-
-      private
-
-      # Generates a device code value with UniqueToken class.
-      #
-      # @return [String] device code value
-      def generate_device_code
-        @raw_device_code = Doorkeeper::OAuth::Helpers::UniqueToken.generate
-        secret_strategy.store_secret(self, :device_code, @raw_device_code)
-      end
     end
   end
 end

data/lib/doorkeeper/device_authorization_grant/orm/active_record/device_grant_mixin.rb

@@ -0,0 +1,132 @@
+# frozen_string_literal: true
+
+module Doorkeeper
+  module DeviceAuthorizationGrant
+    # Module mixin for Device Grant models.
+    #
+    # This is similar to Doorkeeper `AccessGrantMixin`, but specific for handling
+    # OAuth 2.0 Device Authorization Grant.
+    module DeviceGrantMixin
+      extend ActiveSupport::Concern
+      include ::Doorkeeper::Models::Expirable
+
+      included do
+        self.table_name = "#{table_name_prefix}oauth_device_grants#{table_name_suffix}"
+
+        delegate :secret_strategy, :fallback_secret_strategy, to: :class
+
+        belongs_to :application, class_name: Doorkeeper.configuration.application_class, optional: true
+
+        before_validation :generate_device_code, on: :create
+
+        validates :application_id, presence: true
+        validates :expires_in, presence: true
+        validates :device_code, presence: true, uniqueness: true
+
+        validates :user_code, presence: true, uniqueness: true, if: -> { resource_owner_id.blank? }
+        validates :user_code, absence: true, if: -> { resource_owner_id.present? }
+
+        validates :resource_owner_id, presence: true, if: -> { user_code.blank? }
+        validates :resource_owner_id, absence: true, if: -> { user_code.present? }
+
+        scope(
+          :expired,
+          lambda do
+            exp_in = DeviceAuthorizationGrant.configuration.device_code_expires_in
+            where('created_at <= :expiration_date', expiration_date: exp_in.seconds.ago)
+          end
+        )
+
+        scope(
+          :unexpired,
+          lambda do
+            exp_in = DeviceAuthorizationGrant.configuration.device_code_expires_in
+            where('created_at > :expiration_date', expiration_date: exp_in.seconds.ago)
+          end
+        )
+      end
+
+      # ClassMethods
+      module ClassMethods
+        # Returns an instance of the DeviceGrant with specific device code
+        # value.
+        #
+        # @param device_code [#to_s] device code value
+        # @return [Doorkeeper::DeviceAuthorizationGrant::DeviceGrant, nil]
+        #   DeviceGrant object, or nil if there is no record with such code
+        def find_by_plaintext_device_code(device_code)
+          device_code = device_code.to_s
+
+          find_by(device_code: secret_strategy.transform_secret(device_code)) ||
+            find_by_fallback_device_code(device_code)
+        end
+
+        alias by_device_code find_by_plaintext_device_code
+
+        # Allow looking up previously plain device codes as a fallback IFF a
+        # fallback strategy has been defined
+        #
+        # @param plain_secret [#to_s] plain secret value
+        # @return [Doorkeeper::DeviceAuthorizationGrant::DeviceGrant, nil]
+        #   DeviceGrant object or nil if there is no record with such code
+        def find_by_fallback_device_code(plain_secret)
+          return nil unless fallback_secret_strategy
+
+          # Use the previous strategy to look up
+          stored_code = fallback_secret_strategy.transform_secret(plain_secret)
+          find_by(device_code: stored_code).tap do |resource|
+            upgrade_fallback_value(resource, plain_secret) if resource
+          end
+        end
+
+        # Allows to replace a plain value fallback, to avoid it remaining as
+        # plain text.
+        #
+        # @param instance [Doorkeeper::DeviceAuthorizationGrant::DeviceGrant]
+        #   An instance of this model with a plain value device code.
+        # @param plain_secret [String] The plain secret to upgrade.
+        def upgrade_fallback_value(instance, plain_secret)
+          upgraded =
+            secret_strategy.store_secret(instance, :device_code, plain_secret)
+          instance.update(device_code: upgraded)
+        end
+
+        # Determines the secret storing transformer
+        # Unless configured otherwise, uses the plain secret strategy
+        def secret_strategy
+          ::Doorkeeper.configuration.token_secret_strategy
+        end
+
+        # Determine the fallback storing strategy
+        # Unless configured, there will be no fallback
+        def fallback_secret_strategy
+          ::Doorkeeper.configuration.token_secret_fallback_strategy
+        end
+      end
+
+      # We keep a volatile copy of the raw device code for initial
+      # communication.
+      #
+      # Some strategies allow restoring stored secrets (e.g. symmetric
+      # encryption) while hashing strategies do not, so you cannot rely on
+      # this value returning a present value for persisted device codes.
+      def plaintext_device_code
+        if secret_strategy.allows_restoring_secrets?
+          secret_strategy.restore_secret(self, :device_code)
+        else
+          @raw_device_code
+        end
+      end
+
+      private
+
+      # Generates a device code value with UniqueToken class.
+      #
+      # @return [String] device code value
+      def generate_device_code
+        @raw_device_code = Doorkeeper::OAuth::Helpers::UniqueToken.generate
+        secret_strategy.store_secret(self, :device_code, @raw_device_code)
+      end
+    end
+  end
+end

data/lib/doorkeeper/device_authorization_grant/version.rb

@@ -2,7 +2,7 @@
 
 module Doorkeeper
   module DeviceAuthorizationGrant
-    VERSION = '0.1.1'
+    VERSION = '0.2.0'
     public_constant :VERSION
   end
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: doorkeeper-device_authorization_grant
 version: !ruby/object:Gem::Version
-  version: 0.1.1
+  version: 0.2.0
 platform: ruby
 authors:
 - EXOP Group
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2020-06-30 00:00:00.000000000 Z
+date: 2021-01-08 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: doorkeeper
@@ -30,56 +30,70 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.86.0
+        version: '1.8'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.86.0
+        version: '1.8'
+- !ruby/object:Gem::Dependency
+  name: rubocop-rails
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 2.9.1
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 2.9.1
 - !ruby/object:Gem::Dependency
   name: simplecov
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.18.5
+        version: 0.21.1
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.18.5
+        version: 0.21.1
 - !ruby/object:Gem::Dependency
   name: sqlite3
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.3'
+        version: 1.4.2
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.3'
+        version: 1.4.2
 - !ruby/object:Gem::Dependency
   name: yard
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.9.25
+        version: 0.9.26
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.9.25
+        version: 0.9.26
 description: OAuth 2.0 Device Authorization Grant extension for Doorkeeper.
 email:
 - opensource@exop-group.com
@@ -105,6 +119,7 @@ files:
 - lib/doorkeeper/device_authorization_grant/oauth/helpers/user_code.rb
 - lib/doorkeeper/device_authorization_grant/orm/active_record.rb
 - lib/doorkeeper/device_authorization_grant/orm/active_record/device_grant.rb
+- lib/doorkeeper/device_authorization_grant/orm/active_record/device_grant_mixin.rb
 - lib/doorkeeper/device_authorization_grant/rails/routes.rb
 - lib/doorkeeper/device_authorization_grant/rails/routes/mapper.rb
 - lib/doorkeeper/device_authorization_grant/rails/routes/mapping.rb