doorkeeper-device_authorization_grant 0.1.1 → 1.0.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 5231c51f4fc5f93284e30b08cc6188e4ac43cfecfd1908110597350ddd0c2cf7
-  data.tar.gz: 8cc73d6fe81263c383290e7c2b68a477b6cd0f4b6c9873d9efcdd4493fc1242b
+  metadata.gz: a95bd7a093b27e1735e590152c1eb72b0d24ddfe24769ef096bdfed7e5085fe7
+  data.tar.gz: 787d3736c5b2689191d505d67bd997c6ead61a6ca6f5c41233fde9c25d9cbc3e
 SHA512:
-  metadata.gz: 8f67e3f89aad7ce4cfc2ac7d7c70d1dcb63b6129bb877592fe14e917c10cea626c5cabd3724fe427415215da4a965d81c042de7f615f861c76a32cb5a95272f1
-  data.tar.gz: e4fefdce2c1662f05f48871c47927ddd46607de767652273e73c98120d4734cd2e1cb79c2ec045cd1536948d4584b475f57060124711ec0cffbb82bd81b69864
+  metadata.gz: aa55bc03f056f52064fd0defd3f8562508e62af6006cf28ba60cb1371a6f89ca1d5109f33a1d36639fdc8fdafecda7c6cf934a04c99ac169d158fc41318f7775
+  data.tar.gz: 335a27953d47a3ee17e6052510f9cfdd75cc55eaaacac1cd0e8b76b1eea8c09a4dbd573ba41ab4d68f0bda34da36a115a0dd2c7601e4640c1171b87e06ce8dc0

data/MIT-LICENSE

@@ -1,4 +1,4 @@
-Copyright 2020 EXOP Group
+Copyright 2020-2021 EXOP Group
 
 Permission is hereby granted, free of charge, to any person obtaining
 a copy of this software and associated documentation files (the

data/README.md

@@ -7,17 +7,6 @@ This library implements the OAuth 2.0 device authorization grant
 [Ruby on Rails](https://rubyonrails.org/) applications on top of the
 [Doorkeeper](https://github.com/doorkeeper-gem/doorkeeper) OAuth 2.0 framework.
 
-## Status
-
-This extension currently works with Doorkeeper version `>= 5.4.0`.
-
-As of June 25 2020, due to some limitations of Doorkeeper, it is currently
-inconvenient for this Gem to use the official OAuth grant type
-`urn:ietf:params:oauth:grant-type:device_code`. Instead, it has been renamed
-to simply `device_code`, which is non-standard. This is going to be corrected
-soon: the next Doorkeeper release will include the ability to cleanly
-register custom Grant Flows - see [Doorkeeper Pull Request #1418](https://github.com/doorkeeper-gem/doorkeeper/pull/1418).
-
 ## Installation
 
 Add this line to your application's Gemfile:
@@ -55,7 +44,7 @@ $ rails doorkeeper_device_authorization_grant_engine:install:migrations
 ### Doorkeeper configuration
 
 In your Doorkeeper initializer (usually `config/initializers/doorkeeper.rb`), enable
-the device flow extension grant type, adding to the `grant_flows` option the `device_code`
+the new grant flow extension, adding to the `grant_flows` option the `device_code`
 string. For example:
 
 ```ruby
@@ -65,9 +54,6 @@ string. For example:
     # ... 
   
     grant_flows [
-      # Note: this is a non-standard grant flow, used instead of the
-      # official `urn:ietf:params:oauth:grant-type:device_code` due to
-      # current Doorkeeper limitations.
       'device_code',
  
       # together with all the other grant flows you already enabled, for example:
@@ -80,11 +66,6 @@ string. For example:
   end
 ```
 
-Please note that **this is not the official grant flow**. The real one should be
-the IANA URN `urn:ietf:params:oauth:grant-type:device_code`, however this is hard
-to support with the current version of Doorkeeper, due to how strategy classes are
-looked up by grant type value.
-
 ### Device Authorization Grant configuration
 
 The gem's installation scripts automatically creates a new initializer file:
@@ -237,15 +218,11 @@ by Dorkeeper), for example:
 POST /oauth/token HTTP/1.1
 Content-Type: application/x-www-form-urlencoded
 
-grant_type=device_code
+grant_type=urn:ietf:params:oauth:grant-type:device_code
 &device_code=GmRhmhcxhwAzkoEqiMEg_DnyEysNkuNhszIySk9eS
 &client_id=1406020730
 ```
 
-**Note:** this is a non-standard `grant_type`, used instead of the official 
-`urn:ietf:params:oauth:grant-type:device_code` due to current limitations of
-the Doorkeeper gem.
-
 The response to this request is defined in the next section. It is expected for
 the *Device Client* to try the access token request repeatedly in a polling
 fashion, based on the error code in the response. The polling time interval
@@ -316,5 +293,12 @@ Content-Type: application/json
 The device authentication flow is now complete, and the token data can be used to
 authenticate requests against the authorization and/or resource server.
 
+## Example Application
+
+Here you can find an example Rails application which uses this gem,
+together with a little HTML/JS client to try out the device flow:
+
+[https://github.com/exop-group/doorkeeper-device-flow-example](https://github.com/exop-group/doorkeeper-device-flow-example)
+
 ## License
 The gem is available as open source under the terms of the [MIT License](https://opensource.org/licenses/MIT).

data/Rakefile

@@ -1,20 +1,6 @@
 # frozen_string_literal: true
 
-begin
-  require 'bundler/setup'
-rescue LoadError
-  puts 'You must `gem install bundler` and `bundle install` to run rake tasks'
-end
-
-require 'rdoc/task'
-
-RDoc::Task.new(:rdoc) do |rdoc|
-  rdoc.rdoc_dir = 'rdoc'
-  rdoc.title    = 'Doorkeeper::DeviceAuthorizationGrant'
-  rdoc.options << '--line-numbers'
-  rdoc.rdoc_files.include('README.md')
-  rdoc.rdoc_files.include('lib/**/*.rb')
-end
+require 'bundler/setup'
 
 APP_RAKEFILE = File.expand_path('test/dummy/Rakefile', __dir__)
 load 'rails/tasks/engine.rake'

data/app/controllers/doorkeeper/device_authorization_grant/device_codes_controller.rb

@@ -9,7 +9,7 @@ module Doorkeeper
       def create
         headers.merge!(authorize_response.headers)
         render(json: authorize_response.body, status: authorize_response.status)
-      rescue Errors::DoorkeeperError => e
+      rescue Doorkeeper::Errors::DoorkeeperError => e
         handle_token_exception(e)
       end
 

data/config/locales/en.yml

@@ -1,4 +1,11 @@
 en:
+  activerecord:
+    errors:
+      models:
+        doorkeeper/device_authorization_grant/device_grant:
+          attributes:
+            scopes:
+              not_match_configured: "doesn't match configured on the server."
   doorkeeper:
     device_authorization_grant:
       device_authorizations:

data/lib/doorkeeper/device_authorization_grant.rb

@@ -5,11 +5,14 @@ require 'active_model'
 require 'doorkeeper/device_authorization_grant/config'
 require 'doorkeeper/device_authorization_grant/engine'
 
+# Doorkeeper namespace
 module Doorkeeper
   # OAuth 2.0 Device Authorization Grant extension for Doorkeeper.
   module DeviceAuthorizationGrant
     autoload :DeviceGrant, 'doorkeeper/device_authorization_grant/orm/active_record/device_grant'
+    autoload :DeviceGrantMixin, 'doorkeeper/device_authorization_grant/orm/active_record/device_grant_mixin'
     autoload :Errors, 'doorkeeper/device_authorization_grant/errors'
+    autoload :OAuth, 'doorkeeper/device_authorization_grant/oauth'
     autoload :VERSION, 'doorkeeper/device_authorization_grant/version'
 
     # Namespace for device authorization request strategies
@@ -44,4 +47,10 @@ module Doorkeeper
   module Request
     autoload :DeviceCode, 'doorkeeper/request/device_code'
   end
+
+  Doorkeeper::GrantFlow.register(
+    :device_code,
+    grant_type_matches: Doorkeeper::DeviceAuthorizationGrant::OAuth::DEVICE_CODE,
+    grant_type_strategy: Doorkeeper::Request::DeviceCode
+  )
 end

data/lib/doorkeeper/device_authorization_grant/config.rb

@@ -18,8 +18,10 @@ module Doorkeeper
     # Error raised in case of missing configuration
     class MissingConfiguration < StandardError
       def initialize
-        super('Configuration for Doorkeeper::DeviceAuthorizationGrant missing. ' \
-              'Do you have Doorkeeper::DeviceAuthorizationGrant initializer?')
+        super(
+          'Configuration for Doorkeeper::DeviceAuthorizationGrant missing. ' \
+          'Do you have Doorkeeper::DeviceAuthorizationGrant initializer?'
+        )
       end
     end
 

data/lib/doorkeeper/device_authorization_grant/oauth.rb

@@ -0,0 +1,12 @@
+# frozen_string_literal: true
+
+module Doorkeeper
+  module DeviceAuthorizationGrant
+    module OAuth
+      # IANA URN of the Device Authorization Grant Type.
+      # @see https://tools.ietf.org/html/rfc8628#section-7.2 RFC 8628 - 7.2. OAuth URI Registration
+      DEVICE_CODE = 'urn:ietf:params:oauth:grant-type:device_code'
+      public_constant :DEVICE_CODE
+    end
+  end
+end

data/lib/doorkeeper/device_authorization_grant/oauth/device_authorization_request.rb

@@ -7,8 +7,8 @@ module Doorkeeper
       #
       # @see https://tools.ietf.org/html/rfc8628#section-3.1 RFC 8628, sect. 3.1
       class DeviceAuthorizationRequest < Doorkeeper::OAuth::BaseRequest
-        attr_accessor :server
-        attr_accessor :client
+        attr_accessor :server,
+                      :client
 
         # @return [String]
         attr_accessor :host_name
@@ -18,10 +18,13 @@ module Doorkeeper
         # @param server
         # @param client
         # @param host_name [String]
-        def initialize(server, client, host_name)
+        # @param parameters [Hash]
+        def initialize(server, client, host_name, parameters = {}) # rubocop:disable Style/OptionHash
+          super()
           @server = server
           @client = client
           @host_name = host_name
+          @original_scopes = parameters[:scope]
         end
 
         # @return [DeviceAuthorizationResponse, Doorkeeper::OAuth::ErrorResponse]

data/lib/doorkeeper/device_authorization_grant/oauth/device_authorization_response.rb

@@ -16,6 +16,7 @@ module Doorkeeper
         # @param device_grant [DeviceGrant]
         # @param host_name [String]
         def initialize(device_grant, host_name)
+          super()
           @device_grant = device_grant
           @host_name = host_name
         end
@@ -28,7 +29,7 @@ module Doorkeeper
         # @return [Hash]
         def body
           {
-            'device_code' => device_grant.device_code,
+            'device_code' => device_grant.plaintext_device_code,
             'user_code' => device_grant.user_code,
             'verification_uri' => verification_uri,
             'verification_uri_complete' => verification_uri_complete,

data/lib/doorkeeper/device_authorization_grant/oauth/device_code_request.rb

@@ -7,14 +7,13 @@ module Doorkeeper
       #
       # @see https://tools.ietf.org/html/rfc8628#section-3.4 RFC 8628, sect. 3.4
       class DeviceCodeRequest < ::Doorkeeper::OAuth::BaseRequest
-        attr_accessor :server
-        attr_accessor :client
+        attr_accessor :server,
+                      :client,
+                      :access_token
 
         # @return [DeviceGrant]
         attr_accessor :device_grant
 
-        attr_accessor :access_token
-
         validate :client, error: :invalid_client
         validate :device_grant, error: :invalid_grant
 
@@ -22,12 +21,13 @@ module Doorkeeper
         # @param client
         # @param device_grant [DeviceGrant]
         def initialize(server, client, device_grant)
+          super()
+
           @server = server
           @client = client
           @device_grant = device_grant
 
-          # this should be `urn:ietf:params:oauth:grant-type:device_code`
-          @grant_type = 'device_code'
+          @grant_type = Doorkeeper::DeviceAuthorizationGrant::OAuth::DEVICE_CODE
         end
 
         def before_successful_response

data/lib/doorkeeper/device_authorization_grant/orm/active_record/device_grant.rb

@@ -5,41 +5,7 @@ module Doorkeeper
     # Model class, similar to Doorkeeper `AccessGrant`, but specific for
     # handling OAuth 2.0 Device Authorization Grant.
     class DeviceGrant < ActiveRecord::Base
-      self.table_name = "#{table_name_prefix}oauth_device_grants#{table_name_suffix}"
-
-      include ::Doorkeeper::Models::Expirable
-
-      delegate :secret_strategy, :fallback_secret_strategy, to: :class
-
-      belongs_to :application, class_name: Doorkeeper.configuration.application_class, optional: true
-
-      before_validation :generate_device_code, on: :create
-
-      validates :application_id, presence: true
-      validates :expires_in, presence: true
-      validates :device_code, presence: true, uniqueness: true
-
-      validates :user_code, presence: true, uniqueness: true, if: -> { resource_owner_id.blank? }
-      validates :user_code, absence: true, if: -> { resource_owner_id.present? }
-
-      validates :resource_owner_id, presence: true, if: -> { user_code.blank? }
-      validates :resource_owner_id, absence: true, if: -> { user_code.present? }
-
-      scope(
-        :expired,
-        lambda do
-          exp_in = DeviceAuthorizationGrant.configuration.device_code_expires_in
-          where('created_at <= :expiration_date', expiration_date: exp_in.seconds.ago)
-        end
-      )
-
-      scope(
-        :unexpired,
-        lambda do
-          exp_in = DeviceAuthorizationGrant.configuration.device_code_expires_in
-          where('created_at > :expiration_date', expiration_date: exp_in.seconds.ago)
-        end
-      )
+      include DeviceGrantMixin
 
       # @!attribute application_id
       #   @return [Integer]
@@ -64,87 +30,6 @@ module Doorkeeper
 
       # @!attribute last_polling_at
       #   @return [Time, nil]
-
-      class << self
-        # Returns an instance of the DeviceGrant with specific device code
-        # value.
-        #
-        # @param device_code [#to_s] device code value
-        # @return [Doorkeeper::DeviceAuthorizationGrant::DeviceGrant, nil]
-        #   DeviceGrant object, or nil if there is no record with such code
-        def find_by_plaintext_device_code(device_code)
-          device_code = device_code.to_s
-
-          find_by(device_code: secret_strategy.transform_secret(device_code)) ||
-            find_by_fallback_device_code(device_code)
-        end
-
-        alias by_device_code find_by_plaintext_device_code
-
-        # Allow looking up previously plain device codes as a fallback IFF a
-        # fallback strategy has been defined
-        #
-        # @param plain_secret [#to_s] plain secret value
-        # @return [Doorkeeper::DeviceAuthorizationGrant::DeviceGrant, nil]
-        #   DeviceGrant object or nil if there is no record with such code
-        def find_by_fallback_device_code(plain_secret)
-          return nil unless fallback_secret_strategy
-
-          # Use the previous strategy to look up
-          stored_code = fallback_secret_strategy.transform_secret(plain_secret)
-          find_by(device_code: stored_code).tap do |resource|
-            upgrade_fallback_value(resource, plain_secret) if resource
-          end
-        end
-
-        # Allows to replace a plain value fallback, to avoid it remaining as
-        # plain text.
-        #
-        # @param instance [Doorkeeper::DeviceAuthorizationGrant::DeviceGrant]
-        #   An instance of this model with a plain value device code.
-        # @param plain_secret [String] The plain secret to upgrade.
-        def upgrade_fallback_value(instance, plain_secret)
-          upgraded =
-            secret_strategy.store_secret(instance, :device_code, plain_secret)
-          instance.update(device_code: upgraded)
-        end
-
-        # Determines the secret storing transformer
-        # Unless configured otherwise, uses the plain secret strategy
-        def secret_strategy
-          ::Doorkeeper.configuration.token_secret_strategy
-        end
-
-        # Determine the fallback storing strategy
-        # Unless configured, there will be no fallback
-        def fallback_secret_strategy
-          ::Doorkeeper.configuration.token_secret_fallback_strategy
-        end
-      end
-
-      # We keep a volatile copy of the raw device code for initial
-      # communication.
-      #
-      # Some strategies allow restoring stored secrets (e.g. symmetric
-      # encryption) while hashing strategies do not, so you cannot rely on
-      # this value returning a present value for persisted device codes.
-      def plaintext_device_code
-        if secret_strategy.allows_restoring_secrets?
-          secret_strategy.restore_secret(self, :device_code)
-        else
-          @raw_device_code
-        end
-      end
-
-      private
-
-      # Generates a device code value with UniqueToken class.
-      #
-      # @return [String] device code value
-      def generate_device_code
-        @raw_device_code = Doorkeeper::OAuth::Helpers::UniqueToken.generate
-        secret_strategy.store_secret(self, :device_code, @raw_device_code)
-      end
     end
   end
 end

data/lib/doorkeeper/device_authorization_grant/orm/active_record/device_grant_mixin.rb

@@ -0,0 +1,146 @@
+# frozen_string_literal: true
+
+module Doorkeeper
+  module DeviceAuthorizationGrant
+    # Module mixin for Device Grant models.
+    #
+    # This is similar to Doorkeeper `AccessGrantMixin`, but specific for handling
+    # OAuth 2.0 Device Authorization Grant.
+    module DeviceGrantMixin
+      extend ActiveSupport::Concern
+      include ::Doorkeeper::Models::Expirable
+
+      included do # rubocop:disable Metrics/BlockLength
+        self.table_name = "#{table_name_prefix}oauth_device_grants#{table_name_suffix}"
+
+        delegate :secret_strategy, :fallback_secret_strategy, to: :class
+
+        belongs_to :application, class_name: Doorkeeper.configuration.application_class, optional: true
+
+        before_validation :generate_device_code, on: :create
+
+        validates :application_id, presence: true
+        validates :expires_in, presence: true
+        validates :device_code, presence: true, uniqueness: true
+
+        validates :user_code, presence: true, uniqueness: true, if: -> { resource_owner_id.blank? }
+        validates :user_code, absence: true, if: -> { resource_owner_id.present? }
+
+        validates :resource_owner_id, presence: true, if: -> { user_code.blank? }
+        validates :resource_owner_id, absence: true, if: -> { user_code.present? }
+        validate :scopes_match_configured, if: :enforce_scopes?
+
+        scope(
+          :expired,
+          lambda do
+            exp_in = DeviceAuthorizationGrant.configuration.device_code_expires_in
+            where('created_at <= :expiration_date', expiration_date: exp_in.seconds.ago)
+          end
+        )
+
+        scope(
+          :unexpired,
+          lambda do
+            exp_in = DeviceAuthorizationGrant.configuration.device_code_expires_in
+            where('created_at > :expiration_date', expiration_date: exp_in.seconds.ago)
+          end
+        )
+      end
+
+      # ClassMethods
+      module ClassMethods
+        # Returns an instance of the DeviceGrant with specific device code
+        # value.
+        #
+        # @param device_code [#to_s] device code value
+        # @return [Doorkeeper::DeviceAuthorizationGrant::DeviceGrant, nil]
+        #   DeviceGrant object, or nil if there is no record with such code
+        def find_by_plaintext_device_code(device_code)
+          device_code = device_code.to_s
+
+          find_by(device_code: secret_strategy.transform_secret(device_code)) ||
+            find_by_fallback_device_code(device_code)
+        end
+
+        alias by_device_code find_by_plaintext_device_code
+
+        # Allow looking up previously plain device codes as a fallback IFF a
+        # fallback strategy has been defined
+        #
+        # @param plain_secret [#to_s] plain secret value
+        # @return [Doorkeeper::DeviceAuthorizationGrant::DeviceGrant, nil]
+        #   DeviceGrant object or nil if there is no record with such code
+        def find_by_fallback_device_code(plain_secret)
+          return nil unless fallback_secret_strategy
+
+          # Use the previous strategy to look up
+          stored_code = fallback_secret_strategy.transform_secret(plain_secret)
+          find_by(device_code: stored_code).tap do |resource|
+            upgrade_fallback_value(resource, plain_secret) if resource
+          end
+        end
+
+        # Allows to replace a plain value fallback, to avoid it remaining as
+        # plain text.
+        #
+        # @param instance [Doorkeeper::DeviceAuthorizationGrant::DeviceGrant]
+        #   An instance of this model with a plain value device code.
+        # @param plain_secret [String] The plain secret to upgrade.
+        def upgrade_fallback_value(instance, plain_secret)
+          upgraded =
+            secret_strategy.store_secret(instance, :device_code, plain_secret)
+          instance.update(device_code: upgraded)
+        end
+
+        # Determines the secret storing transformer
+        # Unless configured otherwise, uses the plain secret strategy
+        def secret_strategy
+          ::Doorkeeper.configuration.token_secret_strategy
+        end
+
+        # Determine the fallback storing strategy
+        # Unless configured, there will be no fallback
+        def fallback_secret_strategy
+          ::Doorkeeper.configuration.token_secret_fallback_strategy
+        end
+      end
+
+      # We keep a volatile copy of the raw device code for initial
+      # communication.
+      #
+      # Some strategies allow restoring stored secrets (e.g. symmetric
+      # encryption) while hashing strategies do not, so you cannot rely on
+      # this value returning a present value for persisted device codes.
+      def plaintext_device_code
+        if secret_strategy.allows_restoring_secrets?
+          secret_strategy.restore_secret(self, :device_code)
+        else
+          @raw_device_code
+        end
+      end
+
+      private
+
+      # Generates a device code value with UniqueToken class.
+      #
+      # @return [String] device code value
+      def generate_device_code
+        @raw_device_code = Doorkeeper::OAuth::Helpers::UniqueToken.generate
+        secret_strategy.store_secret(self, :device_code, @raw_device_code)
+      end
+
+      def scopes_match_configured
+        if scopes.present? && !Doorkeeper::OAuth::Helpers::ScopeChecker.valid?(
+          scope_str: scopes.to_s,
+          server_scopes: Doorkeeper.config.scopes
+        )
+          errors.add(:scopes, :not_match_configured)
+        end
+      end
+
+      def enforce_scopes?
+        Doorkeeper.config.enforce_configured_scopes?
+      end
+    end
+  end
+end

data/lib/doorkeeper/device_authorization_grant/request/device_authorization.rb

@@ -7,14 +7,15 @@ module Doorkeeper
       #
       # @see https://tools.ietf.org/html/rfc8628#section-3.1 RFC 8628, sect. 3.1
       class DeviceAuthorization < ::Doorkeeper::Request::Strategy
-        delegate :client, to: :server
+        delegate :client, :parameters, to: :server
 
         # @return [OAuth::DeviceAuthorizationRequest]
         def request
           @request ||= OAuth::DeviceAuthorizationRequest.new(
             Doorkeeper.configuration,
             client,
-            host_name
+            host_name,
+            parameters
           )
         end
 

data/lib/doorkeeper/device_authorization_grant/version.rb

@@ -2,7 +2,7 @@
 
 module Doorkeeper
   module DeviceAuthorizationGrant
-    VERSION = '0.1.1'
+    VERSION = '1.0.1'
     public_constant :VERSION
   end
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: doorkeeper-device_authorization_grant
 version: !ruby/object:Gem::Version
-  version: 0.1.1
+  version: 1.0.1
 platform: ruby
 authors:
 - EXOP Group
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2020-06-30 00:00:00.000000000 Z
+date: 2021-08-03 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: doorkeeper
@@ -16,70 +16,90 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '5.4'
+        version: '5.5'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '5.4'
+        version: '5.5'
 - !ruby/object:Gem::Dependency
   name: rubocop
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.86.0
+        version: '1.14'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.86.0
+        version: '1.14'
+- !ruby/object:Gem::Dependency
+  name: rubocop-rails
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.10'
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 2.10.1
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.10'
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 2.10.1
 - !ruby/object:Gem::Dependency
   name: simplecov
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.18.5
+        version: 0.21.2
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.18.5
+        version: 0.21.2
 - !ruby/object:Gem::Dependency
   name: sqlite3
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.3'
+        version: 1.4.2
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.3'
+        version: 1.4.2
 - !ruby/object:Gem::Dependency
   name: yard
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.9.25
+        version: 0.9.26
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.9.25
+        version: 0.9.26
 description: OAuth 2.0 Device Authorization Grant extension for Doorkeeper.
 email:
 - opensource@exop-group.com
@@ -99,12 +119,14 @@ files:
 - lib/doorkeeper/device_authorization_grant/config.rb
 - lib/doorkeeper/device_authorization_grant/engine.rb
 - lib/doorkeeper/device_authorization_grant/errors.rb
+- lib/doorkeeper/device_authorization_grant/oauth.rb
 - lib/doorkeeper/device_authorization_grant/oauth/device_authorization_request.rb
 - lib/doorkeeper/device_authorization_grant/oauth/device_authorization_response.rb
 - lib/doorkeeper/device_authorization_grant/oauth/device_code_request.rb
 - lib/doorkeeper/device_authorization_grant/oauth/helpers/user_code.rb
 - lib/doorkeeper/device_authorization_grant/orm/active_record.rb
 - lib/doorkeeper/device_authorization_grant/orm/active_record/device_grant.rb
+- lib/doorkeeper/device_authorization_grant/orm/active_record/device_grant_mixin.rb
 - lib/doorkeeper/device_authorization_grant/rails/routes.rb
 - lib/doorkeeper/device_authorization_grant/rails/routes/mapper.rb
 - lib/doorkeeper/device_authorization_grant/rails/routes/mapping.rb
@@ -116,7 +138,10 @@ files:
 homepage: https://github.com/exop-group/doorkeeper-device_authorization_grant
 licenses:
 - MIT
-metadata: {}
+metadata:
+  homepage_uri: https://github.com/exop-group/doorkeeper-device_authorization_grant
+  source_code_uri: https://github.com/exop-group/doorkeeper-device_authorization_grant
+  changelog_uri: https://github.com/exop-group/doorkeeper-device_authorization_grant/blob/master/CHANGELOG.md
 post_install_message:
 rdoc_options: []
 require_paths:
@@ -132,7 +157,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.1.2
+rubygems_version: 3.0.8
 signing_key:
 specification_version: 4
 summary: OAuth 2.0 Device Authorization Grant extension for Doorkeeper.