doorkeeper-grants_assertion 0.0.1 → 0.1.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 87bb84b4d2dda652ff143b5c6e8f532c7dcb875c
-  data.tar.gz: 82792c4551fb2938c4492b995e4a0e1c76a41728
+  metadata.gz: fe45810cef0bca0a2243cd9c09d2767a1fee6289
+  data.tar.gz: a5e2f927e70a85096f7526ac8b5dbf8fbbd66109
 SHA512:
-  metadata.gz: 1f7410f081c0b09f24102ff531acc1b37eb7e753515657caa6e74c9c83ba4e4916b4e3d61ec9883275065eaef4b4f421d54294341d09c7653aca0b8336f0aca8
-  data.tar.gz: 91eaaeaa2c25ec48dde6b9ed544b079950dbb2de07cc0482d35c3b688ed4e05fdfc6dc841a51b17381b1e48f325ee020562d028620ce5588ef8ac893f35c8c80
+  metadata.gz: 8be250865b02e5588f501d71a4853f51aec57c3d8428d815dc9ffe108c96aa08c5f44bb69bff01e1bedae847e2427f0bc9acc6b6380a91bf0efbc14f322eb32e
+  data.tar.gz: 78d12750415187a141713d19556801330f42a928777c6f0af8731782a75c3d35b9b19e25fd0da67f0fc501418d51190311e9ee1858682f50dd55e1607379cdda

data/.travis.yml

@@ -0,0 +1,21 @@
+language: ruby
+
+rvm:
+ - 2.1
+ - 2.2.6
+ - 2.3.3
+ - 2.4
+
+gemfile:
+  - gemfiles/rails_4_2.gemfile
+  - gemfiles/rails_5_0.gemfile
+  - gemfiles/rails_latest_and_doorkeeper_latest.gemfile
+
+matrix:
+  exclude:
+    - gemfile: gemfiles/rails_5_0.gemfile
+      rvm: 2.1
+    - gemfile: gemfiles/rails_latest_and_doorkeeper_latest.gemfile
+      rvm: 2.1
+  allowed_failures:
+    - gemfile: gemfiles/rails_latest_and_doorkeeper_latest.gemfile

data/Appraisals

@@ -0,0 +1,15 @@
+appraise 'rails-4-2' do
+  gem 'rails', '~> 4.2.0'
+  gem 'doorkeeper', '~> 4.2.0'
+end
+
+appraise 'rails-5-0' do
+  gem 'rails', '~> 5.0.0'
+  gem 'doorkeeper', '~> 4.2.0'
+end
+
+appraise 'rails-latest-and-doorkeeper-latest' do
+  gem 'rails', github: 'rails/rails'
+  gem 'arel', github: 'rails/arel'
+  gem 'doorkeeper', github: 'doorkeeper-gem/doorkeeper'
+end

data/Gemfile

@@ -1,12 +1,13 @@
 source 'https://rubygems.org'
 
 # Define Rails version
-gem 'rails', ENV['rails']
+gem 'rails', '~> 4.2.0'
 
-gem 'doorkeeper'
+gem 'doorkeeper', '~> 4.2.0'
 
 gem 'pry'
 gem 'sqlite3'
 gem 'factory_girl'
+gem 'appraisal'
 
 gemspec

data/README.md

@@ -1,9 +1,11 @@
 # Doorkeeper - Assertion Grant Extension
 
+[![Travis CI](https://img.shields.io/travis/doorkeeper-gem/doorkeeper-grants_assertion/master.svg)](https://travis-ci.org/doorkeeper-gem/doorkeeper-grants_assertion)
+
 Assertion grant extension for Doorkeeper. Born from:
 https://github.com/doorkeeper-gem/doorkeeper/pull/249
 
-## Instalation
+## Installation
 
 1. Add both gems to your `Gemfile`.
 2. Add `assertion` as a `grant_flow` to your initializer.
@@ -22,9 +24,27 @@ Doorkeeper.configure do
     user_data = JSON.parse(response.body)
     User.find_by_facebook_id(user_data['id'])
   end
+
+  # add your supported grant types and other extensions
+  grant_flows %w(assertion authorization_code implicit password client_credentials)
 end
 ```
 
+If you want to ensure that resource owners can only receive access tokens scoped to a specific application, you'll need to add that logic in to the definition as well:
+
+```ruby
+Doorkeeper.configure do
+  resource_owner_from_assertion do
+    Doorkeeper::Application.find_by!(uid: params[:client_id]) #will raise an exception if not found
+    facebook = URI.parse('https://graph.facebook.com/me?access_token=' +
+    params[:assertion])
+    ....continue with authentication lookup....
+```
+More complete examples, also for other providers may be found in the [wiki](https://github.com/doorkeeper-gem/doorkeeper-grants_assertion/wiki).
 ___
 
-IETF standard: http://tools.ietf.org/html/draft-ietf-oauth-assertions-16
+IETF standard: http://tools.ietf.org/html/rfc7521
+
+## Supported versions
+
+Assertion grant extension for Doorkeeper is tested with Rails 4.2 and 5.0.

data/Rakefile

@@ -1,5 +1,6 @@
 require 'bundler/setup'
 require 'rspec/core/rake_task'
+require 'appraisal'
 
 desc 'Default: run specs.'
 task :default => :spec

data/doorkeeper-grants_assertion.gemspec

@@ -1,6 +1,6 @@
 Gem::Specification.new do |s|
   s.name        = 'doorkeeper-grants_assertion'
-  s.version     = '0.0.1'
+  s.version     = '0.1.0'
   s.authors     = ['Tute Costa']
   s.email       = ['tutecosta@gmail.com']
   s.homepage    = "https://github.com/doorkeeper-gem/doorkeeper/doorkeeper-grants-assertion"
@@ -13,9 +13,9 @@ Gem::Specification.new do |s|
   s.require_paths = ["lib"]
 
   s.add_dependency "railties", ">= 3.1"
-  s.add_dependency "doorkeeper", ">= 1.3"
+  s.add_dependency "doorkeeper", ">= 4.0"
   s.add_development_dependency "rspec-rails", ">= 2.11.4"
-  s.add_development_dependency "capybara", "~> 1.1.2"
+  s.add_development_dependency "capybara", ">= 2.2.0"
   s.add_development_dependency "factory_girl", "~> 2.6.4"
   s.add_development_dependency "generator_spec", "~> 0.9.0"
   s.add_development_dependency "database_cleaner", "~> 1.2.0"

data/gemfiles/rails_4_2.gemfile

@@ -0,0 +1,12 @@
+# This file was generated by Appraisal
+
+source "https://rubygems.org"
+
+gem "rails", "~> 4.2.0"
+gem "doorkeeper", "~> 4.2.0"
+gem "pry"
+gem "sqlite3"
+gem "factory_girl"
+gem "appraisal"
+
+gemspec path: "../"

data/gemfiles/rails_4_2.gemfile.lock

@@ -0,0 +1,171 @@
+PATH
+  remote: ..
+  specs:
+    doorkeeper-grants_assertion (0.1.0)
+      doorkeeper (>= 4.0)
+      railties (>= 3.1)
+
+GEM
+  remote: https://rubygems.org/
+  specs:
+    actionmailer (4.2.10)
+      actionpack (= 4.2.10)
+      actionview (= 4.2.10)
+      activejob (= 4.2.10)
+      mail (~> 2.5, >= 2.5.4)
+      rails-dom-testing (~> 1.0, >= 1.0.5)
+    actionpack (4.2.10)
+      actionview (= 4.2.10)
+      activesupport (= 4.2.10)
+      rack (~> 1.6)
+      rack-test (~> 0.6.2)
+      rails-dom-testing (~> 1.0, >= 1.0.5)
+      rails-html-sanitizer (~> 1.0, >= 1.0.2)
+    actionview (4.2.10)
+      activesupport (= 4.2.10)
+      builder (~> 3.1)
+      erubis (~> 2.7.0)
+      rails-dom-testing (~> 1.0, >= 1.0.5)
+      rails-html-sanitizer (~> 1.0, >= 1.0.3)
+    activejob (4.2.10)
+      activesupport (= 4.2.10)
+      globalid (>= 0.3.0)
+    activemodel (4.2.10)
+      activesupport (= 4.2.10)
+      builder (~> 3.1)
+    activerecord (4.2.10)
+      activemodel (= 4.2.10)
+      activesupport (= 4.2.10)
+      arel (~> 6.0)
+    activesupport (4.2.10)
+      i18n (~> 0.7)
+      minitest (~> 5.1)
+      thread_safe (~> 0.3, >= 0.3.4)
+      tzinfo (~> 1.1)
+    addressable (2.5.2)
+      public_suffix (>= 2.0.2, < 4.0)
+    appraisal (2.2.0)
+      bundler
+      rake
+      thor (>= 0.14.0)
+    arel (6.0.4)
+    builder (3.2.3)
+    capybara (2.15.4)
+      addressable
+      mini_mime (>= 0.1.3)
+      nokogiri (>= 1.3.3)
+      rack (>= 1.0.0)
+      rack-test (>= 0.5.4)
+      xpath (~> 2.0)
+    coderay (1.1.2)
+    concurrent-ruby (1.0.5)
+    crass (1.0.2)
+    database_cleaner (1.2.0)
+    diff-lcs (1.3)
+    doorkeeper (4.2.6)
+      railties (>= 4.2)
+    erubis (2.7.0)
+    factory_girl (4.8.1)
+      activesupport (>= 3.0.0)
+    generator_spec (0.9.4)
+      activesupport (>= 3.0.0)
+      railties (>= 3.0.0)
+    globalid (0.4.0)
+      activesupport (>= 4.2.0)
+    i18n (0.8.6)
+    loofah (2.1.1)
+      crass (~> 1.0.2)
+      nokogiri (>= 1.5.9)
+    mail (2.6.6)
+      mime-types (>= 1.16, < 4)
+    method_source (0.9.0)
+    mime-types (3.1)
+      mime-types-data (~> 3.2015)
+    mime-types-data (3.2016.0521)
+    mini_mime (0.1.4)
+    mini_portile2 (2.3.0)
+    minitest (5.10.3)
+    nokogiri (1.8.1)
+      mini_portile2 (~> 2.3.0)
+    pry (0.11.1)
+      coderay (~> 1.1.0)
+      method_source (~> 0.9.0)
+    public_suffix (3.0.0)
+    rack (1.6.8)
+    rack-test (0.6.3)
+      rack (>= 1.0)
+    rails (4.2.10)
+      actionmailer (= 4.2.10)
+      actionpack (= 4.2.10)
+      actionview (= 4.2.10)
+      activejob (= 4.2.10)
+      activemodel (= 4.2.10)
+      activerecord (= 4.2.10)
+      activesupport (= 4.2.10)
+      bundler (>= 1.3.0, < 2.0)
+      railties (= 4.2.10)
+      sprockets-rails
+    rails-deprecated_sanitizer (1.0.3)
+      activesupport (>= 4.2.0.alpha)
+    rails-dom-testing (1.0.8)
+      activesupport (>= 4.2.0.beta, < 5.0)
+      nokogiri (~> 1.6)
+      rails-deprecated_sanitizer (>= 1.0.1)
+    rails-html-sanitizer (1.0.3)
+      loofah (~> 2.0)
+    railties (4.2.10)
+      actionpack (= 4.2.10)
+      activesupport (= 4.2.10)
+      rake (>= 0.8.7)
+      thor (>= 0.18.1, < 2.0)
+    rake (12.1.0)
+    rspec-core (3.6.0)
+      rspec-support (~> 3.6.0)
+    rspec-expectations (3.6.0)
+      diff-lcs (>= 1.2.0, < 2.0)
+      rspec-support (~> 3.6.0)
+    rspec-mocks (3.6.0)
+      diff-lcs (>= 1.2.0, < 2.0)
+      rspec-support (~> 3.6.0)
+    rspec-rails (3.6.1)
+      actionpack (>= 3.0)
+      activesupport (>= 3.0)
+      railties (>= 3.0)
+      rspec-core (~> 3.6.0)
+      rspec-expectations (~> 3.6.0)
+      rspec-mocks (~> 3.6.0)
+      rspec-support (~> 3.6.0)
+    rspec-support (3.6.0)
+    sprockets (3.7.1)
+      concurrent-ruby (~> 1.0)
+      rack (> 1, < 3)
+    sprockets-rails (3.2.1)
+      actionpack (>= 4.0)
+      activesupport (>= 4.0)
+      sprockets (>= 3.0.0)
+    sqlite3 (1.3.13)
+    thor (0.20.0)
+    thread_safe (0.3.6)
+    tzinfo (1.2.3)
+      thread_safe (~> 0.1)
+    xpath (2.1.0)
+      nokogiri (~> 1.3)
+
+PLATFORMS
+  ruby
+
+DEPENDENCIES
+  appraisal
+  capybara (>= 2.2.0)
+  database_cleaner (~> 1.2.0)
+  doorkeeper (~> 4.2.0)
+  doorkeeper-grants_assertion!
+  factory_girl
+  generator_spec (~> 0.9.0)
+  pry
+  rails (~> 4.2.0)
+  rspec-rails (>= 2.11.4)
+  sqlite3
+
+BUNDLED WITH
+   1.16.0

data/gemfiles/rails_5_0.gemfile

@@ -0,0 +1,12 @@
+# This file was generated by Appraisal
+
+source "https://rubygems.org"
+
+gem "rails", "~> 5.0.0"
+gem "doorkeeper", "~> 4.2.0"
+gem "pry"
+gem "sqlite3"
+gem "factory_girl"
+gem "appraisal"
+
+gemspec path: "../"

data/gemfiles/rails_5_0.gemfile.lock

@@ -0,0 +1,177 @@
+PATH
+  remote: ..
+  specs:
+    doorkeeper-grants_assertion (0.1.0)
+      doorkeeper (>= 4.0)
+      railties (>= 3.1)
+
+GEM
+  remote: https://rubygems.org/
+  specs:
+    actioncable (5.0.0.1)
+      actionpack (= 5.0.0.1)
+      nio4r (~> 1.2)
+      websocket-driver (~> 0.6.1)
+    actionmailer (5.0.0.1)
+      actionpack (= 5.0.0.1)
+      actionview (= 5.0.0.1)
+      activejob (= 5.0.0.1)
+      mail (~> 2.5, >= 2.5.4)
+      rails-dom-testing (~> 2.0)
+    actionpack (5.0.0.1)
+      actionview (= 5.0.0.1)
+      activesupport (= 5.0.0.1)
+      rack (~> 2.0)
+      rack-test (~> 0.6.3)
+      rails-dom-testing (~> 2.0)
+      rails-html-sanitizer (~> 1.0, >= 1.0.2)
+    actionview (5.0.0.1)
+      activesupport (= 5.0.0.1)
+      builder (~> 3.1)
+      erubis (~> 2.7.0)
+      rails-dom-testing (~> 2.0)
+      rails-html-sanitizer (~> 1.0, >= 1.0.2)
+    activejob (5.0.0.1)
+      activesupport (= 5.0.0.1)
+      globalid (>= 0.3.6)
+    activemodel (5.0.0.1)
+      activesupport (= 5.0.0.1)
+    activerecord (5.0.0.1)
+      activemodel (= 5.0.0.1)
+      activesupport (= 5.0.0.1)
+      arel (~> 7.0)
+    activesupport (5.0.0.1)
+      concurrent-ruby (~> 1.0, >= 1.0.2)
+      i18n (~> 0.7)
+      minitest (~> 5.1)
+      tzinfo (~> 1.1)
+    addressable (2.5.2)
+      public_suffix (>= 2.0.2, < 4.0)
+    appraisal (2.2.0)
+      bundler
+      rake
+      thor (>= 0.14.0)
+    arel (7.1.4)
+    builder (3.2.3)
+    capybara (2.15.4)
+      addressable
+      mini_mime (>= 0.1.3)
+      nokogiri (>= 1.3.3)
+      rack (>= 1.0.0)
+      rack-test (>= 0.5.4)
+      xpath (~> 2.0)
+    coderay (1.1.2)
+    concurrent-ruby (1.0.5)
+    crass (1.0.2)
+    database_cleaner (1.2.0)
+    diff-lcs (1.3)
+    doorkeeper (4.2.6)
+      railties (>= 4.2)
+    erubis (2.7.0)
+    factory_girl (4.8.1)
+      activesupport (>= 3.0.0)
+    generator_spec (0.9.4)
+      activesupport (>= 3.0.0)
+      railties (>= 3.0.0)
+    globalid (0.4.0)
+      activesupport (>= 4.2.0)
+    i18n (0.8.6)
+    loofah (2.1.1)
+      crass (~> 1.0.2)
+      nokogiri (>= 1.5.9)
+    mail (2.6.6)
+      mime-types (>= 1.16, < 4)
+    method_source (0.9.0)
+    mime-types (3.1)
+      mime-types-data (~> 3.2015)
+    mime-types-data (3.2016.0521)
+    mini_mime (0.1.4)
+    mini_portile2 (2.3.0)
+    minitest (5.10.3)
+    nio4r (1.2.1)
+    nokogiri (1.8.1)
+      mini_portile2 (~> 2.3.0)
+    pry (0.11.1)
+      coderay (~> 1.1.0)
+      method_source (~> 0.9.0)
+    public_suffix (3.0.0)
+    rack (2.0.3)
+    rack-test (0.6.3)
+      rack (>= 1.0)
+    rails (5.0.0.1)
+      actioncable (= 5.0.0.1)
+      actionmailer (= 5.0.0.1)
+      actionpack (= 5.0.0.1)
+      actionview (= 5.0.0.1)
+      activejob (= 5.0.0.1)
+      activemodel (= 5.0.0.1)
+      activerecord (= 5.0.0.1)
+      activesupport (= 5.0.0.1)
+      bundler (>= 1.3.0, < 2.0)
+      railties (= 5.0.0.1)
+      sprockets-rails (>= 2.0.0)
+    rails-dom-testing (2.0.3)
+      activesupport (>= 4.2.0)
+      nokogiri (>= 1.6)
+    rails-html-sanitizer (1.0.3)
+      loofah (~> 2.0)
+    railties (5.0.0.1)
+      actionpack (= 5.0.0.1)
+      activesupport (= 5.0.0.1)
+      method_source
+      rake (>= 0.8.7)
+      thor (>= 0.18.1, < 2.0)
+    rake (12.1.0)
+    rspec-core (3.6.0)
+      rspec-support (~> 3.6.0)
+    rspec-expectations (3.6.0)
+      diff-lcs (>= 1.2.0, < 2.0)
+      rspec-support (~> 3.6.0)
+    rspec-mocks (3.6.0)
+      diff-lcs (>= 1.2.0, < 2.0)
+      rspec-support (~> 3.6.0)
+    rspec-rails (3.6.1)
+      actionpack (>= 3.0)
+      activesupport (>= 3.0)
+      railties (>= 3.0)
+      rspec-core (~> 3.6.0)
+      rspec-expectations (~> 3.6.0)
+      rspec-mocks (~> 3.6.0)
+      rspec-support (~> 3.6.0)
+    rspec-support (3.6.0)
+    sprockets (3.7.1)
+      concurrent-ruby (~> 1.0)
+      rack (> 1, < 3)
+    sprockets-rails (3.2.1)
+      actionpack (>= 4.0)
+      activesupport (>= 4.0)
+      sprockets (>= 3.0.0)
+    sqlite3 (1.3.13)
+    thor (0.20.0)
+    thread_safe (0.3.6)
+    tzinfo (1.2.3)
+      thread_safe (~> 0.1)
+    websocket-driver (0.6.5)
+      websocket-extensions (>= 0.1.0)
+    websocket-extensions (0.1.2)
+    xpath (2.1.0)
+      nokogiri (~> 1.3)
+
+PLATFORMS
+  ruby
+
+DEPENDENCIES
+  appraisal
+  capybara (>= 2.2.0)
+  database_cleaner (~> 1.2.0)
+  doorkeeper (~> 4.2.0)
+  doorkeeper-grants_assertion!
+  factory_girl
+  generator_spec (~> 0.9.0)
+  pry
+  rails (~> 5.0.0)
+  rspec-rails (>= 2.11.4)
+  sqlite3
+
+BUNDLED WITH
+   1.16.0

data/gemfiles/rails_latest_and_doorkeeper_latest.gemfile

@@ -0,0 +1,13 @@
+# This file was generated by Appraisal
+
+source "https://rubygems.org"
+
+gem "rails", github: "rails/rails"
+gem "doorkeeper", github: "doorkeeper-gem/doorkeeper"
+gem "pry"
+gem "sqlite3"
+gem "factory_girl"
+gem "appraisal"
+gem "arel", github: "rails/arel"
+
+gemspec path: "../"

data/gemfiles/rails_latest_and_doorkeeper_latest.gemfile.lock

@@ -0,0 +1,197 @@
+GIT
+  remote: git://github.com/doorkeeper-gem/doorkeeper.git
+  revision: c586ab379ed8cbac7fa27fd89da9a42441d3d962
+  specs:
+    doorkeeper (4.2.6)
+      railties (>= 4.2)
+
+GIT
+  remote: git://github.com/rails/arel.git
+  revision: 5cc7e774bb4d2190236cdbf46d66c89507ac6933
+  specs:
+    arel (9.0.0.alpha)
+
+GIT
+  remote: git://github.com/rails/rails.git
+  revision: a92e4bfff31dd862e842bd68ddd78f3db720b3a4
+  specs:
+    actioncable (5.2.0.alpha)
+      actionpack (= 5.2.0.alpha)
+      nio4r (~> 2.0)
+      websocket-driver (~> 0.6.1)
+    actionmailer (5.2.0.alpha)
+      actionpack (= 5.2.0.alpha)
+      actionview (= 5.2.0.alpha)
+      activejob (= 5.2.0.alpha)
+      mail (~> 2.5, >= 2.5.4)
+      rails-dom-testing (~> 2.0)
+    actionpack (5.2.0.alpha)
+      actionview (= 5.2.0.alpha)
+      activesupport (= 5.2.0.alpha)
+      rack (~> 2.0)
+      rack-test (>= 0.6.3)
+      rails-dom-testing (~> 2.0)
+      rails-html-sanitizer (~> 1.0, >= 1.0.2)
+    actionview (5.2.0.alpha)
+      activesupport (= 5.2.0.alpha)
+      builder (~> 3.1)
+      erubi (~> 1.4)
+      rails-dom-testing (~> 2.0)
+      rails-html-sanitizer (~> 1.0, >= 1.0.3)
+    activejob (5.2.0.alpha)
+      activesupport (= 5.2.0.alpha)
+      globalid (>= 0.3.6)
+    activemodel (5.2.0.alpha)
+      activesupport (= 5.2.0.alpha)
+    activerecord (5.2.0.alpha)
+      activemodel (= 5.2.0.alpha)
+      activesupport (= 5.2.0.alpha)
+      arel (= 9.0.0.alpha)
+    activestorage (5.2.0.alpha)
+      actionpack (= 5.2.0.alpha)
+      activerecord (= 5.2.0.alpha)
+    activesupport (5.2.0.alpha)
+      concurrent-ruby (~> 1.0, >= 1.0.2)
+      i18n (~> 0.7)
+      minitest (~> 5.1)
+      tzinfo (~> 1.1)
+    rails (5.2.0.alpha)
+      actioncable (= 5.2.0.alpha)
+      actionmailer (= 5.2.0.alpha)
+      actionpack (= 5.2.0.alpha)
+      actionview (= 5.2.0.alpha)
+      activejob (= 5.2.0.alpha)
+      activemodel (= 5.2.0.alpha)
+      activerecord (= 5.2.0.alpha)
+      activestorage (= 5.2.0.alpha)
+      activesupport (= 5.2.0.alpha)
+      bundler (>= 1.3.0)
+      railties (= 5.2.0.alpha)
+      sprockets-rails (>= 2.0.0)
+    railties (5.2.0.alpha)
+      actionpack (= 5.2.0.alpha)
+      activesupport (= 5.2.0.alpha)
+      method_source
+      rake (>= 0.8.7)
+      thor (>= 0.18.1, < 2.0)
+
+PATH
+  remote: ..
+  specs:
+    doorkeeper-grants_assertion (0.1.0)
+      doorkeeper (>= 4.0)
+      railties (>= 3.1)
+
+GEM
+  remote: https://rubygems.org/
+  specs:
+    addressable (2.5.2)
+      public_suffix (>= 2.0.2, < 4.0)
+    appraisal (2.2.0)
+      bundler
+      rake
+      thor (>= 0.14.0)
+    builder (3.2.3)
+    capybara (2.15.4)
+      addressable
+      mini_mime (>= 0.1.3)
+      nokogiri (>= 1.3.3)
+      rack (>= 1.0.0)
+      rack-test (>= 0.5.4)
+      xpath (~> 2.0)
+    coderay (1.1.2)
+    concurrent-ruby (1.0.5)
+    crass (1.0.2)
+    database_cleaner (1.2.0)
+    diff-lcs (1.3)
+    erubi (1.7.0)
+    factory_girl (4.8.1)
+      activesupport (>= 3.0.0)
+    generator_spec (0.9.4)
+      activesupport (>= 3.0.0)
+      railties (>= 3.0.0)
+    globalid (0.4.0)
+      activesupport (>= 4.2.0)
+    i18n (0.8.6)
+    loofah (2.1.1)
+      crass (~> 1.0.2)
+      nokogiri (>= 1.5.9)
+    mail (2.6.6)
+      mime-types (>= 1.16, < 4)
+    method_source (0.9.0)
+    mime-types (3.1)
+      mime-types-data (~> 3.2015)
+    mime-types-data (3.2016.0521)
+    mini_mime (0.1.4)
+    mini_portile2 (2.3.0)
+    minitest (5.10.3)
+    nio4r (2.1.0)
+    nokogiri (1.8.1)
+      mini_portile2 (~> 2.3.0)
+    pry (0.11.1)
+      coderay (~> 1.1.0)
+      method_source (~> 0.9.0)
+    public_suffix (3.0.0)
+    rack (2.0.3)
+    rack-test (0.7.0)
+      rack (>= 1.0, < 3)
+    rails-dom-testing (2.0.3)
+      activesupport (>= 4.2.0)
+      nokogiri (>= 1.6)
+    rails-html-sanitizer (1.0.3)
+      loofah (~> 2.0)
+    rake (12.1.0)
+    rspec-core (3.6.0)
+      rspec-support (~> 3.6.0)
+    rspec-expectations (3.6.0)
+      diff-lcs (>= 1.2.0, < 2.0)
+      rspec-support (~> 3.6.0)
+    rspec-mocks (3.6.0)
+      diff-lcs (>= 1.2.0, < 2.0)
+      rspec-support (~> 3.6.0)
+    rspec-rails (3.6.1)
+      actionpack (>= 3.0)
+      activesupport (>= 3.0)
+      railties (>= 3.0)
+      rspec-core (~> 3.6.0)
+      rspec-expectations (~> 3.6.0)
+      rspec-mocks (~> 3.6.0)
+      rspec-support (~> 3.6.0)
+    rspec-support (3.6.0)
+    sprockets (3.7.1)
+      concurrent-ruby (~> 1.0)
+      rack (> 1, < 3)
+    sprockets-rails (3.2.1)
+      actionpack (>= 4.0)
+      activesupport (>= 4.0)
+      sprockets (>= 3.0.0)
+    sqlite3 (1.3.13)
+    thor (0.20.0)
+    thread_safe (0.3.6)
+    tzinfo (1.2.3)
+      thread_safe (~> 0.1)
+    websocket-driver (0.6.5)
+      websocket-extensions (>= 0.1.0)
+    websocket-extensions (0.1.2)
+    xpath (2.1.0)
+      nokogiri (~> 1.3)
+
+PLATFORMS
+  ruby
+
+DEPENDENCIES
+  appraisal
+  arel!
+  capybara (>= 2.2.0)
+  database_cleaner (~> 1.2.0)
+  doorkeeper!
+  doorkeeper-grants_assertion!
+  factory_girl
+  generator_spec (~> 0.9.0)
+  pry
+  rails!
+  rspec-rails (>= 2.11.4)
+  sqlite3
+
+BUNDLED WITH
+   1.16.0

data/lib/doorkeeper/grants_assertion.rb

@@ -1,8 +1,8 @@
-require 'doorkeeper/request/assertion'
+require "doorkeeper/request/assertion"
+require "doorkeeper/grants_assertion/railtie"
 
-# Should belong to Helpers::Controller?
 module Doorkeeper
-  class ApplicationController < ActionController::Base
+  module GrantsAssertion
     def resource_owner_from_assertion
       instance_eval(&Doorkeeper.configuration.resource_owner_from_assertion)
     end
@@ -20,7 +20,7 @@ end
 module Doorkeeper
   class Config
     option :resource_owner_from_assertion, default: (lambda do |routes|
-        warn(I18n.translate('doorkeeper.errors.messages.assertion_flow_not_configured'))
+        warn(I18n.t("doorkeeper.errors.messages.assertion_flow_not_configured"))
         nil
       end)
   end

data/lib/doorkeeper/grants_assertion/railtie.rb

@@ -0,0 +1,9 @@
+module Doorkeeper
+  module GrantsAssertion
+    class Railtie < ::Rails::Railtie
+      initializer "doorkeeper.grants_assertion" do
+        Doorkeeper::Helpers::Controller.send :include, Doorkeeper::GrantsAssertion
+      end
+    end
+  end
+end

data/lib/doorkeeper/request/assertion.rb

@@ -1,29 +1,30 @@
 module Doorkeeper
   module Request
-    class Assertion
-      def self.build(server)
-        new(server.credentials, server.resource_owner_from_assertion, server)
-      end
-
-      attr_accessor :credentials, :resource_owner, :server
-
-      def initialize(credentials, resource_owner, server)
-        @credentials = credentials
-        @resource_owner = resource_owner
-        @server = server
-      end
+    class Assertion < Strategy
+      delegate :credentials, :resource_owner_from_assertion, :parameters, to: :server
 
       def request
         @request ||= OAuth::PasswordAccessTokenRequest.new(
           Doorkeeper.configuration,
-          credentials,
-          resource_owner,
-          server.parameters)
+          client,
+          resource_owner_from_assertion,
+          parameters
+        )
       end
 
       def authorize
         request.authorize
       end
+
+      private
+
+      def client
+        if credentials
+          server.client
+        elsif parameters[:client_id]
+          server.client_via_uid
+        end
+      end
     end
   end
 end

data/spec/dummy/app/controllers/full_protected_resources_controller.rb

@@ -1,6 +1,5 @@
 class FullProtectedResourcesController < ApplicationController
-  doorkeeper_for :index
-  doorkeeper_for :show, scopes: [:admin]
+  before_action :doorkeeper_authorize!
 
   def index
     render text: 'index'

data/spec/dummy/app/controllers/metal_controller.rb

@@ -1,9 +1,9 @@
 class MetalController < ActionController::Metal
   include AbstractController::Callbacks
   include ActionController::Head
-  include Doorkeeper::Helpers::Filter
+  include Doorkeeper::Helpers::Controller
 
-  doorkeeper_for :all
+  before_action :doorkeeper_authorize!
 
   def index
     self.response_body = { ok: true }.to_json

data/spec/dummy/app/controllers/semi_protected_resources_controller.rb

@@ -1,5 +1,5 @@
 class SemiProtectedResourcesController < ApplicationController
-  doorkeeper_for :index
+  before_action :doorkeeper_authorize!, only: [:index]
 
   def index
     render text: 'protected index'

data/spec/dummy/config/environments/test.rb

@@ -7,9 +7,11 @@ Dummy::Application.configure do
   # and recreated between test runs.  Don't rely on the data there!
   config.cache_classes = true
 
-  # Configure static asset server for tests with Cache-Control for performance
-  config.serve_static_assets = true
-  config.static_cache_control = 'public, max-age=3600'
+  if Rails.version.to_i < 5
+    # Configure static asset server for tests with Cache-Control for performance
+    config.serve_static_files = true
+    config.static_cache_control = 'public, max-age=3600'
+  end
 
   if Rails.version.to_i < 4
     # Log error messages when you accidentally call methods on nil

data/spec/requests/flows/assertion_spec.rb

@@ -1,33 +1,78 @@
 require 'spec_helper_integration'
 
-feature 'Resource Owner Assertion Flow inproperly set up' do
-  background do
+describe 'Resource Owner Assertion Flow inproperly set up', type: :request do
+  before do
+    config_is_set(:resource_owner_from_assertion) { nil }
     client_exists
     create_resource_owner
   end
 
   context 'with valid user assertion' do
-    scenario "should not issue new token" do
+    it "should not issue new token" do
       expect {
         post assertion_endpoint_url(client: @client, resource_owner: @resource_owner)
       }.to_not change { Doorkeeper::AccessToken.count }
 
-      should_have_json 'error', 'invalid_resource_owner'
-      should_have_json 'error_description', translated_error_message(:invalid_resource_owner)
+      should_have_json 'error', 'invalid_grant'
+      should_have_json 'error_description', translated_error_message(:invalid_grant)
       expect(response.status).to eq(401)
     end
   end
 end
 
-feature 'Resource Owner Assertion Flow' do
-  background do
+describe 'Resource Owner Assertion Flow', type: :request do
+  before do
     config_is_set(:resource_owner_from_assertion) { User.where(assertion: params[:assertion]).first }
     client_exists
     create_resource_owner
   end
 
+  context "with invalid client/application information" do
+
+    it "should not create an access token" do
+      expect {
+        post assertion_endpoint_url(
+          client_id: 'not-real',
+          client_secret: 'not-real',
+          redirect_uri: 'http://fake-redirect.com'
+        )
+      }.to_not change { Doorkeeper::AccessToken.count }
+    end
+  end
+
+  context "with missing client/application information" do
+    let(:no_client_params) {
+      {
+        grant_type: "assertion",
+        assertion: @resource_owner.assertion
+      }
+    }
+
+    it "should create an access token" do
+      expect {
+        post "/oauth/token?#{build_query(no_client_params)}"
+      }.to change { Doorkeeper::AccessToken.count }.by(1)
+    end
+
+    context "when client is required as part of assertion lookup" do
+
+      before do
+        config_is_set(:resource_owner_from_assertion) {
+          Doorkeeper::Application.find_by!(uid: params[:client_id])
+          User.where(assertion: params[:assertion]).first
+        }
+      end
+
+      it "should not create an access token" do
+        expect {
+          post "/oauth/token?#{build_query(no_client_params)}"
+        }.to raise_error(ActiveRecord::RecordNotFound)
+      end
+    end
+  end
+
   context 'with valid user assertion' do
-    scenario "should issue new token" do
+    it "should issue new token" do
       expect {
         post assertion_endpoint_url(client: @client, resource_owner: @resource_owner)
       }.to change { Doorkeeper::AccessToken.count }.by(1)
@@ -37,7 +82,15 @@ feature 'Resource Owner Assertion Flow' do
       should_have_json 'access_token',  token.token
     end
 
-    scenario "should issue a refresh token if enabled" do
+    it "should associate the token with the appropriate application" do
+      post assertion_endpoint_url(client: @client, resource_owner: @resource_owner)
+
+      token = Doorkeeper::AccessToken.first
+
+      expect(token.application_id).to eq(@client.id)
+    end
+
+    it "should issue a refresh token if enabled" do
       config_is_set(:refresh_token_enabled, true)
 
       post assertion_endpoint_url(client: @client, resource_owner: @resource_owner)
@@ -50,23 +103,23 @@ feature 'Resource Owner Assertion Flow' do
   end
 
   context "with invalid user assertion" do
-    scenario "should not issue new token with bad assertion" do
+    it "should not issue new token with bad assertion" do
       expect {
         post assertion_endpoint_url( client: @client, assertion: 'i_dont_exist' )
       }.to_not change { Doorkeeper::AccessToken.count }
 
-      should_have_json 'error', 'invalid_resource_owner'
-      should_have_json 'error_description', translated_error_message(:invalid_resource_owner)
+      should_have_json 'error', 'invalid_grant'
+      should_have_json 'error_description', translated_error_message(:invalid_grant)
       expect(response.status).to eq(401)
     end
 
-    scenario "should not issue new token without assertion" do
+    it "should not issue new token without assertion" do
       expect {
         post assertion_endpoint_url( client: @client )
       }.to_not change { Doorkeeper::AccessToken.count }
 
-      should_have_json 'error', 'invalid_resource_owner'
-      should_have_json 'error_description', translated_error_message(:invalid_resource_owner)
+      should_have_json 'error', 'invalid_grant'
+      should_have_json 'error_description', translated_error_message(:invalid_grant)
       expect(response.status).to eq(401)
     end
 

data/spec/spec_helper_integration.rb

@@ -4,7 +4,6 @@ $LOAD_PATH.unshift File.dirname(__FILE__)
 
 require 'dummy/config/environment'
 require 'rspec/rails'
-require 'rspec/autorun'
 require 'database_cleaner'
 
 Rails.logger.info "====> Doorkeeper.orm = #{Doorkeeper.configuration.orm.inspect}"

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: doorkeeper-grants_assertion
 version: !ruby/object:Gem::Version
-  version: 0.0.1
+  version: 0.1.0
 platform: ruby
 authors:
 - Tute Costa
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2014-05-23 00:00:00.000000000 Z
+date: 2017-12-13 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: railties
@@ -30,14 +30,14 @@ dependencies:
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '1.3'
+        version: '4.0'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '1.3'
+        version: '4.0'
 - !ruby/object:Gem::Dependency
   name: rspec-rails
   requirement: !ruby/object:Gem::Requirement
@@ -56,16 +56,16 @@ dependencies:
   name: capybara
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: 1.1.2
+        version: 2.2.0
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: 1.1.2
+        version: 2.2.0
 - !ruby/object:Gem::Dependency
   name: factory_girl
   requirement: !ruby/object:Gem::Requirement
@@ -116,13 +116,22 @@ extensions: []
 extra_rdoc_files: []
 files:
 - ".gitignore"
+- ".travis.yml"
+- Appraisals
 - Gemfile
 - MIT-LICENSE
 - README.md
 - Rakefile
 - config/locales/en.yml
 - doorkeeper-grants_assertion.gemspec
+- gemfiles/rails_4_2.gemfile
+- gemfiles/rails_4_2.gemfile.lock
+- gemfiles/rails_5_0.gemfile
+- gemfiles/rails_5_0.gemfile.lock
+- gemfiles/rails_latest_and_doorkeeper_latest.gemfile
+- gemfiles/rails_latest_and_doorkeeper_latest.gemfile.lock
 - lib/doorkeeper/grants_assertion.rb
+- lib/doorkeeper/grants_assertion/railtie.rb
 - lib/doorkeeper/request/assertion.rb
 - spec/dummy/Rakefile
 - spec/dummy/app/controllers/application_controller.rb
@@ -188,7 +197,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubyforge_project: 
-rubygems_version: 2.2.2
+rubygems_version: 2.6.13
 signing_key: 
 specification_version: 4
 summary: Assertion grant extension for Doorkeeper.