doorkeeper-grants_assertion 0.0.1

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: 87bb84b4d2dda652ff143b5c6e8f532c7dcb875c
+  data.tar.gz: 82792c4551fb2938c4492b995e4a0e1c76a41728
+SHA512:
+  metadata.gz: 1f7410f081c0b09f24102ff531acc1b37eb7e753515657caa6e74c9c83ba4e4916b4e3d61ec9883275065eaef4b4f421d54294341d09c7653aca0b8336f0aca8
+  data.tar.gz: 91eaaeaa2c25ec48dde6b9ed544b079950dbb2de07cc0482d35c3b688ed4e05fdfc6dc841a51b17381b1e48f325ee020562d028620ce5588ef8ac893f35c8c80

data/.gitignore

@@ -0,0 +1,10 @@
+.bundle/
+log/*.log
+pkg/
+spec/dummy/db/*.sqlite3
+spec/dummy/log/*.log
+spec/dummy/tmp/
+Gemfile.lock
+.rvmrc
+*.swp
+.idea

data/Gemfile

@@ -0,0 +1,12 @@
+source 'https://rubygems.org'
+
+# Define Rails version
+gem 'rails', ENV['rails']
+
+gem 'doorkeeper'
+
+gem 'pry'
+gem 'sqlite3'
+gem 'factory_girl'
+
+gemspec

data/MIT-LICENSE

@@ -0,0 +1,21 @@
+The MIT License (MIT)
+
+Copyright (c) 2014 Doorkeeper Rubygem
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

data/README.md

@@ -0,0 +1,30 @@
+# Doorkeeper - Assertion Grant Extension
+
+Assertion grant extension for Doorkeeper. Born from:
+https://github.com/doorkeeper-gem/doorkeeper/pull/249
+
+## Instalation
+
+1. Add both gems to your `Gemfile`.
+2. Add `assertion` as a `grant_flow` to your initializer.
+
+___
+
+Lets you define your own way of authenticating resource owners via 3rd Party
+applications. For example, via Facebook:
+
+```ruby
+Doorkeeper.configure do
+  resource_owner_from_assertion do
+    facebook = URI.parse('https://graph.facebook.com/me?access_token=' +
+    params[:assertion])
+    response = Net::HTTP.get_response(facebook)
+    user_data = JSON.parse(response.body)
+    User.find_by_facebook_id(user_data['id'])
+  end
+end
+```
+
+___
+
+IETF standard: http://tools.ietf.org/html/draft-ietf-oauth-assertions-16

data/Rakefile

@@ -0,0 +1,18 @@
+require 'bundler/setup'
+require 'rspec/core/rake_task'
+
+desc 'Default: run specs.'
+task :default => :spec
+
+desc "Run all specs"
+RSpec::Core::RakeTask.new(:spec)
+
+namespace :doorkeeper do
+  desc "Install doorkeeper in dummy app"
+  task :install do
+    cd 'spec/dummy'
+    system 'bundle exec rails g doorkeeper:install --force'
+  end
+end
+
+Bundler::GemHelper.install_tasks

data/config/locales/en.yml

@@ -0,0 +1,5 @@
+en:
+  doorkeeper:
+    errors:
+      messages:
+        assertion_flow_not_configured: 'Resource Owner Assertion flow failed due to Doorkeeper.configure.resource_owner_from_assertion being unconfigured.'

data/doorkeeper-grants_assertion.gemspec

@@ -0,0 +1,22 @@
+Gem::Specification.new do |s|
+  s.name        = 'doorkeeper-grants_assertion'
+  s.version     = '0.0.1'
+  s.authors     = ['Tute Costa']
+  s.email       = ['tutecosta@gmail.com']
+  s.homepage    = "https://github.com/doorkeeper-gem/doorkeeper/doorkeeper-grants-assertion"
+  s.summary     = "Assertion grant extension for Doorkeeper."
+  s.description = "Assertion grant extension for Doorkeeper."
+  s.license     = 'MIT'
+
+  s.files         = `git ls-files`.split("\n")
+  s.test_files    = `git ls-files -- test/*`.split("\n")
+  s.require_paths = ["lib"]
+
+  s.add_dependency "railties", ">= 3.1"
+  s.add_dependency "doorkeeper", ">= 1.3"
+  s.add_development_dependency "rspec-rails", ">= 2.11.4"
+  s.add_development_dependency "capybara", "~> 1.1.2"
+  s.add_development_dependency "factory_girl", "~> 2.6.4"
+  s.add_development_dependency "generator_spec", "~> 0.9.0"
+  s.add_development_dependency "database_cleaner", "~> 1.2.0"
+end

data/lib/doorkeeper/grants_assertion.rb

@@ -0,0 +1,27 @@
+require 'doorkeeper/request/assertion'
+
+# Should belong to Helpers::Controller?
+module Doorkeeper
+  class ApplicationController < ActionController::Base
+    def resource_owner_from_assertion
+      instance_eval(&Doorkeeper.configuration.resource_owner_from_assertion)
+    end
+  end
+end
+
+module Doorkeeper
+  class Server
+    def resource_owner_from_assertion
+      context.send :resource_owner_from_assertion
+    end
+  end
+end
+
+module Doorkeeper
+  class Config
+    option :resource_owner_from_assertion, default: (lambda do |routes|
+        warn(I18n.translate('doorkeeper.errors.messages.assertion_flow_not_configured'))
+        nil
+      end)
+  end
+end

data/lib/doorkeeper/request/assertion.rb

@@ -0,0 +1,29 @@
+module Doorkeeper
+  module Request
+    class Assertion
+      def self.build(server)
+        new(server.credentials, server.resource_owner_from_assertion, server)
+      end
+
+      attr_accessor :credentials, :resource_owner, :server
+
+      def initialize(credentials, resource_owner, server)
+        @credentials = credentials
+        @resource_owner = resource_owner
+        @server = server
+      end
+
+      def request
+        @request ||= OAuth::PasswordAccessTokenRequest.new(
+          Doorkeeper.configuration,
+          credentials,
+          resource_owner,
+          server.parameters)
+      end
+
+      def authorize
+        request.authorize
+      end
+    end
+  end
+end

data/spec/dummy/Rakefile

@@ -0,0 +1,7 @@
+#!/usr/bin/env rake
+# Add your own tasks in files placed in lib/tasks ending in .rake,
+# for example lib/tasks/capistrano.rake, and they will automatically be available to Rake.
+
+require File.expand_path('../config/application', __FILE__)
+
+Dummy::Application.load_tasks

data/spec/dummy/app/controllers/application_controller.rb

@@ -0,0 +1,3 @@
+class ApplicationController < ActionController::Base
+  protect_from_forgery
+end

data/spec/dummy/app/controllers/custom_authorizations_controller.rb

@@ -0,0 +1,7 @@
+class CustomAuthorizationsController < ::ApplicationController
+  %w(index show new create edit update destroy).each do |action|
+    define_method action do
+      render nothing: true
+    end
+  end
+end

data/spec/dummy/app/controllers/full_protected_resources_controller.rb

@@ -0,0 +1,12 @@
+class FullProtectedResourcesController < ApplicationController
+  doorkeeper_for :index
+  doorkeeper_for :show, scopes: [:admin]
+
+  def index
+    render text: 'index'
+  end
+
+  def show
+    render text: 'show'
+  end
+end

data/spec/dummy/app/controllers/home_controller.rb

@@ -0,0 +1,17 @@
+class HomeController < ApplicationController
+  def index
+  end
+
+  def sign_in
+    session[:user_id] = if Rails.env.development?
+                          User.first || User.create!(name: 'Joe', password: 'sekret')
+                        else
+                          User.first
+                        end
+    redirect_to '/'
+  end
+
+  def callback
+    render text: 'ok'
+  end
+end

data/spec/dummy/app/controllers/metal_controller.rb

@@ -0,0 +1,11 @@
+class MetalController < ActionController::Metal
+  include AbstractController::Callbacks
+  include ActionController::Head
+  include Doorkeeper::Helpers::Filter
+
+  doorkeeper_for :all
+
+  def index
+    self.response_body = { ok: true }.to_json
+  end
+end

data/spec/dummy/app/controllers/semi_protected_resources_controller.rb

@@ -0,0 +1,11 @@
+class SemiProtectedResourcesController < ApplicationController
+  doorkeeper_for :index
+
+  def index
+    render text: 'protected index'
+  end
+
+  def show
+    render text: 'protected show'
+  end
+end

data/spec/dummy/app/helpers/application_helper.rb

@@ -0,0 +1,5 @@
+module ApplicationHelper
+  def current_user
+    @current_user ||= User.find_by_id(session[:user_id])
+  end
+end

data/spec/dummy/app/models/user.rb

@@ -0,0 +1,9 @@
+class User < ActiveRecord::Base
+  if ::Rails.version.to_i < 4
+    attr_accessible :name, :password, :assertion
+  end
+
+  def self.authenticate!(name, password)
+    User.where(name: name, password: password).first
+  end
+end

data/spec/dummy/app/views/layouts/application.html.erb

@@ -0,0 +1,14 @@
+<!DOCTYPE html>
+<html>
+<head>
+  <title>Dummy</title>
+  <%= csrf_meta_tags %>
+</head>
+<body>
+
+<%= link_to "Sign in", '/sign_in' %>
+
+<%= yield %>
+
+</body>
+</html>

data/spec/dummy/config.ru

@@ -0,0 +1,4 @@
+# This file is used by Rack-based servers to start the application.
+
+require ::File.expand_path('../config/environment',  __FILE__)
+run Dummy::Application

data/spec/dummy/config/application.rb

@@ -0,0 +1,47 @@
+require File.expand_path('../boot', __FILE__)
+
+require 'action_controller/railtie'
+require 'sprockets/railtie'
+
+Bundler.require :default
+
+require "active_record/railtie"
+
+module Dummy
+  class Application < Rails::Application
+    # Settings in config/environments/* take precedence over those specified here.
+    # Application configuration should go into files in config/initializers
+    # -- all .rb files in that directory are automatically loaded.
+
+    # Only load the plugins named here, in the order given (default is alphabetical).
+    # :all can be used as a placeholder for all plugins not explicitly named.
+    # config.plugins = [ :exception_notification, :ssl_requirement, :all ]
+
+    # Activate observers that should always be running.
+    # config.active_record.observers = :cacher, :garbage_collector, :forum_observer
+
+    if defined?(ActiveRecord) && Rails.version.to_i < 4
+      config.active_record.whitelist_attributes = true
+    end
+
+    # Set Time.zone default to the specified zone and make Active Record auto-convert to this zone.
+    # Run "rake -D time" for a list of tasks for finding time zone names. Default is UTC.
+    # config.time_zone = 'Central Time (US & Canada)'
+
+    # The default locale is :en and all translations from config/locales/*.rb,yml are auto loaded.
+    config.i18n.load_path += Dir[Rails.root.join('../../', 'config/locales', '*.{rb,yml}').to_s]
+    # config.i18n.default_locale = :en
+
+    # Configure the default encoding used in templates for Ruby 1.9.
+    config.encoding = 'utf-8'
+
+    # Configure sensitive parameters which will be filtered from the log file.
+    config.filter_parameters += [:password]
+
+    # Enable the asset pipeline
+    config.assets.enabled = true
+
+    # Version of your assets, change this if you want to expire all your assets
+    config.assets.version = '1.0'
+  end
+end

data/spec/dummy/config/boot.rb

@@ -0,0 +1,4 @@
+require 'rubygems'
+require 'bundler/setup'
+
+$LOAD_PATH.unshift File.expand_path('../../../../lib', __FILE__)

data/spec/dummy/config/database.yml

@@ -0,0 +1,15 @@
+development:
+  adapter: sqlite3
+  database: db/development.sqlite3
+  pool: 5
+  timeout: 5000
+
+test:
+  adapter: sqlite3
+  database: ":memory:"
+  timeout: 500
+
+production:
+  adapter: sqlite3
+  database: ":memory:"
+  timeout: 500

data/spec/dummy/config/environment.rb

@@ -0,0 +1,5 @@
+# Load the rails application
+require File.expand_path('../application', __FILE__)
+
+# Initialize the rails application
+Dummy::Application.initialize!

data/spec/dummy/config/environments/development.rb

@@ -0,0 +1,29 @@
+Dummy::Application.configure do
+  # Settings specified here will take precedence over those in config/application.rb
+
+  # In the development environment your application's code is reloaded on
+  # every request.  This slows down response time but is perfect for development
+  # since you don't have to restart the web server when you make code changes.
+  config.cache_classes = false
+
+  # Show full error reports and disable caching
+  config.consider_all_requests_local       = true
+  config.action_controller.perform_caching = false
+
+  # Don't care if the mailer can't send
+  # config.action_mailer.raise_delivery_errors = false
+
+  # Print deprecation notices to the Rails logger
+  config.active_support.deprecation = :log
+
+  # Only use best-standards-support built into browsers
+  config.action_dispatch.best_standards_support = :builtin
+
+  # Do not compress assets
+  config.assets.compress = false
+
+  # Expands the lines which load the assets
+  config.assets.debug = true
+
+  config.eager_load = false
+end

data/spec/dummy/config/environments/production.rb

@@ -0,0 +1,62 @@
+Dummy::Application.configure do
+  # Settings specified here will take precedence over those in config/application.rb
+
+  # Code is not reloaded between requests
+  config.cache_classes = true
+
+  # Full error reports are disabled and caching is turned on
+  config.consider_all_requests_local       = false
+  config.action_controller.perform_caching = true
+
+  # Disable Rails's static asset server (Apache or nginx will already do this)
+  config.serve_static_assets = false
+
+  # Compress JavaScripts and CSS
+  config.assets.compress = true
+
+  # Don't fallback to assets pipeline if a precompiled asset is missed
+  config.assets.compile = false
+
+  # Generate digests for assets URLs
+  config.assets.digest = true
+
+  # Defaults to Rails.root.join("public/assets")
+  # config.assets.manifest = YOUR_PATH
+
+  # Specifies the header that your server uses for sending files
+  # config.action_dispatch.x_sendfile_header = "X-Sendfile" # for apache
+  # config.action_dispatch.x_sendfile_header = 'X-Accel-Redirect' # for nginx
+
+  # Force all access to the app over SSL, use Strict-Transport-Security, and use secure cookies.
+  # config.force_ssl = true
+
+  # See everything in the log (default is :info)
+  # config.log_level = :debug
+
+  # Use a different logger for distributed setups
+  # config.logger = SyslogLogger.new
+
+  # Use a different cache store in production
+  # config.cache_store = :mem_cache_store
+
+  # Enable serving of images, stylesheets, and JavaScripts from an asset server
+  # config.action_controller.asset_host = "http://assets.example.com"
+
+  # Precompile additional assets (application.js, application.css, and all non-JS/CSS are already added)
+  # config.assets.precompile += %w( search.js )
+
+  # Disable delivery errors, bad email addresses will be ignored
+  # config.action_mailer.raise_delivery_errors = false
+
+  # Enable threaded mode
+  # config.threadsafe!
+
+  # Enable locale fallbacks for I18n (makes lookups for any locale fall back to
+  # the I18n.default_locale when a translation can not be found)
+  config.i18n.fallbacks = true
+
+  # Send deprecation notices to registered listeners
+  config.active_support.deprecation = :notify
+
+  config.eager_load = true
+end