RubyGems - doorkeeper-mongodb - Versions diffs - 5.2.1 → 5.2.2 - Mend

doorkeeper-mongodb 5.2.1 → 5.2.2

Files changed (87) hide show

checksums.yaml +4 -4
data/lib/doorkeeper-mongodb.rb +1 -0
data/lib/doorkeeper-mongodb/mixins/mongoid/access_grant_mixin.rb +1 -0
data/lib/doorkeeper-mongodb/mixins/mongoid/access_token_mixin.rb +1 -0
data/lib/doorkeeper-mongodb/mixins/mongoid/application_mixin.rb +76 -0
data/lib/doorkeeper-mongodb/mixins/mongoid/base_mixin.rb +0 -8
data/lib/doorkeeper-mongodb/mixins/mongoid/json_serializable.rb +17 -0
data/lib/doorkeeper-mongodb/version.rb +1 -1
data/spec/controllers/application_metal_controller_spec.rb +4 -4
data/spec/controllers/applications_controller_spec.rb +198 -202
data/spec/controllers/authorizations_controller_spec.rb +32 -31
data/spec/controllers/protected_resources_controller_spec.rb +10 -10
data/spec/controllers/token_info_controller_spec.rb +1 -1
data/spec/controllers/tokens_controller_spec.rb +105 -62
data/spec/doorkeeper/redirect_uri_validator_spec.rb +183 -0
data/spec/{lib → doorkeeper}/server_spec.rb +5 -4
data/spec/{lib → doorkeeper}/stale_records_cleaner_spec.rb +8 -7
data/spec/{version → doorkeeper}/version_spec.rb +3 -3
data/spec/dummy/log/test.log +4220 -4184
data/spec/dummy/tmp/cache/assets/sprockets/v4.0.0/{eS/eSL1QMz46gKLM0GR6S9fL6uyARPxOImcappZ9_ZtSyg.cache → Pm/PmheG0PGFqDws1qgFOxOyIL-gpMof3Ar9eSRKVLYuik.cache} +0 -0
data/spec/grape/grape_integration_spec.rb +1 -1
data/spec/helpers/doorkeeper/dashboard_helper_spec.rb +1 -1
data/spec/lib/config_spec.rb +23 -12
data/spec/lib/doorkeeper_spec.rb +4 -4
data/spec/lib/models/expirable_spec.rb +9 -9
data/spec/lib/models/reusable_spec.rb +2 -2
data/spec/lib/models/revocable_spec.rb +4 -7
data/spec/lib/models/scopes_spec.rb +7 -7
data/spec/lib/models/secret_storable_spec.rb +9 -8
data/spec/lib/oauth/authorization/uri_builder_spec.rb +23 -27
data/spec/lib/oauth/authorization_code_request_spec.rb +6 -6
data/spec/lib/oauth/base_request_spec.rb +11 -27
data/spec/lib/oauth/base_response_spec.rb +2 -2
data/spec/lib/oauth/client/credentials_spec.rb +25 -25
data/spec/lib/oauth/client_credentials/creator_spec.rb +89 -91
data/spec/lib/oauth/client_credentials/issuer_spec.rb +84 -86
data/spec/lib/oauth/client_credentials/validation_spec.rb +72 -39
data/spec/lib/oauth/client_credentials_integration_spec.rb +5 -5
data/spec/lib/oauth/client_credentials_request_spec.rb +7 -10
data/spec/lib/oauth/client_spec.rb +8 -8
data/spec/lib/oauth/code_request_spec.rb +5 -5
data/spec/lib/oauth/code_response_spec.rb +4 -4
data/spec/lib/oauth/error_response_spec.rb +6 -5
data/spec/lib/oauth/error_spec.rb +1 -1
data/spec/lib/oauth/forbidden_token_response_spec.rb +2 -2
data/spec/lib/oauth/helpers/scope_checker_spec.rb +37 -37
data/spec/lib/oauth/helpers/unique_token_spec.rb +2 -2
data/spec/lib/oauth/helpers/uri_checker_spec.rb +54 -54
data/spec/lib/oauth/invalid_request_response_spec.rb +6 -6
data/spec/lib/oauth/invalid_token_response_spec.rb +4 -4
data/spec/lib/oauth/password_access_token_request_spec.rb +10 -9
data/spec/lib/oauth/pre_authorization_spec.rb +20 -8
data/spec/lib/oauth/refresh_token_request_spec.rb +10 -10
data/spec/lib/oauth/scopes_spec.rb +14 -14
data/spec/lib/oauth/token_request_spec.rb +9 -9
data/spec/lib/oauth/token_response_spec.rb +5 -5
data/spec/lib/oauth/token_spec.rb +5 -5
data/spec/lib/option_spec.rb +1 -1
data/spec/lib/request/strategy_spec.rb +34 -37
data/spec/lib/secret_storing/base_spec.rb +3 -2
data/spec/lib/secret_storing/bcrypt_spec.rb +2 -1
data/spec/lib/secret_storing/plain_spec.rb +2 -1
data/spec/lib/secret_storing/sha256_hash_spec.rb +2 -1
data/spec/models/doorkeeper/access_grant_spec.rb +7 -9
data/spec/models/doorkeeper/access_token_spec.rb +20 -26
data/spec/models/doorkeeper/application_spec.rb +83 -26
data/spec/requests/applications/applications_request_spec.rb +91 -93
data/spec/requests/endpoints/authorization_spec.rb +1 -1
data/spec/requests/endpoints/token_spec.rb +22 -16
data/spec/requests/flows/authorization_code_errors_spec.rb +12 -8
data/spec/requests/flows/authorization_code_spec.rb +108 -79
data/spec/requests/flows/client_credentials_spec.rb +57 -45
data/spec/requests/flows/implicit_grant_spec.rb +4 -4
data/spec/requests/flows/password_spec.rb +253 -213
data/spec/requests/flows/refresh_token_spec.rb +53 -39
data/spec/requests/flows/revoke_token_spec.rb +24 -24
data/spec/requests/flows/skip_authorization_spec.rb +1 -1
data/spec/requests/protected_resources/metal_spec.rb +2 -2
data/spec/routing/custom_controller_routes_spec.rb +1 -1
data/spec/routing/default_routes_spec.rb +1 -1
data/spec/routing/scoped_routes_spec.rb +1 -1
data/spec/support/helpers/request_spec_helper.rb +1 -13
data/spec/support/helpers/url_helper.rb +2 -2
data/spec/support/shared/controllers_shared_context.rb +5 -38
data/spec/support/shared/hashing_shared_context.rb +4 -0
data/spec/support/shared/models_shared_examples.rb +6 -6
metadata +13 -10

data/spec/requests/flows/refresh_token_spec.rb CHANGED

@@ -2,7 +2,7 @@
 require "spec_helper"
-describe "Refresh Token Flow" do
+RSpec.describe "Refresh Token Flow" do
   before do
     Doorkeeper.configure do
       orm DOORKEEPER_ORM
@@ -14,7 +14,7 @@ describe "Refresh Token Flow" do
   let(:resource_owner) { FactoryBot.create(:resource_owner) }
-  context "issuing a refresh token" do
+  describe "issuing a refresh token" do
     before do
       authorization_code_exists application: @client,
                                 resource_owner_id: resource_owner.id,
@@ -26,23 +26,27 @@ describe "Refresh Token Flow" do
       token = Doorkeeper::AccessToken.first
-      should_have_json "access_token",  token.token
-      should_have_json "refresh_token", token.refresh_token
+      expect(json_response).to include(
+        "access_token" => token.token,
+        "refresh_token" => token.refresh_token,
+      )
       expect(@authorization.reload).to be_revoked
       post refresh_token_endpoint_url(client: @client, refresh_token: token.refresh_token)
       new_token = Doorkeeper::AccessToken.last
-      should_have_json "access_token",  new_token.token
-      should_have_json "refresh_token", new_token.refresh_token
+      expect(json_response).to include(
+        "access_token" => new_token.token,
+        "refresh_token" => new_token.refresh_token,
+      )
-      expect(token.token).not_to         eq(new_token.token)
+      expect(token.token).not_to eq(new_token.token)
       expect(token.refresh_token).not_to eq(new_token.refresh_token)
     end
   end
-  context "refreshing the token" do
+  describe "refreshing the token" do
     before do
       @token = FactoryBot.create(
         :access_token,
@@ -53,30 +57,30 @@ describe "Refresh Token Flow" do
       )
     end
-    context "refresh_token revoked on use" do
-      it "client request a token with refresh token" do
+    context "when refresh_token revoked on use" do
+      it "client requests a token with refresh token" do
         post refresh_token_endpoint_url(
           client: @client, refresh_token: @token.refresh_token,
         )
-        should_have_json(
-          "refresh_token", Doorkeeper::AccessToken.last.refresh_token,
+        expect(json_response).to include(
+          "refresh_token" => Doorkeeper::AccessToken.last.refresh_token,
         )
         expect(@token.reload).not_to be_revoked
       end
-      it "client request a token with expired access token" do
+      it "client requests a token with expired access token" do
         @token.update_attribute :expires_in, -100
         post refresh_token_endpoint_url(
           client: @client, refresh_token: @token.refresh_token,
         )
-        should_have_json(
-          "refresh_token", Doorkeeper::AccessToken.last.refresh_token,
+        expect(json_response).to include(
+          "refresh_token" => Doorkeeper::AccessToken.last.refresh_token,
         )
         expect(@token.reload).not_to be_revoked
       end
     end
-    context "refresh_token revoked on refresh_token request" do
+    context "when refresh_token revoked on refresh_token request" do
       before do
         allow(Doorkeeper::AccessToken).to receive(:refresh_token_revoked_on_use?).and_return(false)
       end
@@ -85,8 +89,8 @@ describe "Refresh Token Flow" do
         post refresh_token_endpoint_url(
           client: @client, refresh_token: @token.refresh_token,
         )
-        should_have_json(
-          "refresh_token", Doorkeeper::AccessToken.last.refresh_token,
+        expect(json_response).to include(
+          "refresh_token" => Doorkeeper::AccessToken.last.refresh_token,
         )
         expect(@token.reload).to be_revoked
       end
@@ -96,14 +100,14 @@ describe "Refresh Token Flow" do
         post refresh_token_endpoint_url(
           client: @client, refresh_token: @token.refresh_token,
         )
-        should_have_json(
-          "refresh_token", Doorkeeper::AccessToken.last.refresh_token,
+        expect(json_response).to include(
+          "refresh_token" => Doorkeeper::AccessToken.last.refresh_token,
         )
         expect(@token.reload).to be_revoked
       end
     end
-    context "public & private clients" do
+    context "with public & private clients" do
       let(:public_client) do
         FactoryBot.create(
           :application,
@@ -138,15 +142,16 @@ describe "Refresh Token Flow" do
         )
         new_token = Doorkeeper::AccessToken.last
-        should_have_json "access_token",  new_token.token
-        should_have_json "refresh_token", new_token.refresh_token
+        expect(json_response).to include(
+          "access_token" => new_token.token,
+          "refresh_token" => new_token.refresh_token,
+        )
       end
       it "returns an error without credentials" do
         post refresh_token_endpoint_url(refresh_token: token_for_private_client.refresh_token)
-        should_not_have_json "refresh_token"
-        should_have_json "error", "invalid_grant"
+        expect(json_response).to include("error" => "invalid_grant")
       end
       it "returns an error with wrong credentials" do
@@ -155,35 +160,44 @@ describe "Refresh Token Flow" do
           client_secret: "1",
           refresh_token: token_for_private_client.refresh_token,
         )
-        should_not_have_json "refresh_token"
-        should_have_json "error", "invalid_client"
+        expect(json_response).to match(
+          "error" => "invalid_client",
+          "error_description" => an_instance_of(String),
+        )
       end
     end
     it "client gets an error for invalid refresh token" do
       post refresh_token_endpoint_url(client: @client, refresh_token: "invalid")
-      should_not_have_json "refresh_token"
-      should_have_json "error", "invalid_grant"
+      expect(json_response).to match(
+        "error" => "invalid_grant",
+        "error_description" => an_instance_of(String),
+      )
     end
     it "client gets an error for revoked access token" do
       @token.revoke
       post refresh_token_endpoint_url(client: @client, refresh_token: @token.refresh_token)
-      should_not_have_json "refresh_token"
-      should_have_json "error", "invalid_grant"
+      expect(json_response).to match(
+        "error" => "invalid_grant",
+        "error_description" => an_instance_of(String),
+      )
     end
     it "second of simultaneous client requests get an error for revoked access token" do
       allow_any_instance_of(Doorkeeper::AccessToken).to receive(:revoked?).and_return(false, true)
       post refresh_token_endpoint_url(client: @client, refresh_token: @token.refresh_token)
-      should_not_have_json "refresh_token"
-      should_have_json "error", "invalid_grant"
+      expect(json_response).to match(
+        "error" => "invalid_grant",
+        "error_description" => an_instance_of(String),
+      )
     end
   end
-  context "refreshing the token with multiple sessions (devices)" do
+  context "when refreshing the token with multiple sessions (devices)" do
     before do
       # enable password auth to simulate other devices
       config_is_set(:grant_flows, ["password"])
@@ -206,18 +220,18 @@ describe "Refresh Token Flow" do
       @token.update_attribute :expires_in, -100
     end
-    context "refresh_token revoked on use" do
+    context "when refresh_token revoked on use" do
       it "client request a token after creating another token with the same user" do
         post refresh_token_endpoint_url(
           client: @client, refresh_token: @token.refresh_token,
         )
-        should_have_json "refresh_token", last_token.refresh_token
+        expect(json_response).to include("refresh_token" => last_token.refresh_token)
         expect(@token.reload).not_to be_revoked
       end
     end
-    context "refresh_token revoked on refresh_token request" do
+    context "when refresh_token revoked on refresh_token request" do
       before do
         allow(Doorkeeper::AccessToken).to receive(:refresh_token_revoked_on_use?).and_return(false)
       end
@@ -227,7 +241,7 @@ describe "Refresh Token Flow" do
           client: @client, refresh_token: @token.refresh_token,
         )
-        should_have_json "refresh_token", last_token.refresh_token
+        expect(json_response).to include("refresh_token" => last_token.refresh_token)
         expect(@token.reload).to be_revoked
       end
     end

data/spec/requests/flows/revoke_token_spec.rb CHANGED

@@ -2,7 +2,7 @@
 require "spec_helper"
-describe "Revoke Token Flow" do
+RSpec.describe "Revoke Token Flow" do
   before do
     Doorkeeper.configure { orm DOORKEEPER_ORM }
   end
@@ -29,22 +29,22 @@ describe "Revoke Token Flow" do
       { "HTTP_AUTHORIZATION" => "Basic #{credentials}" }
     end
-    it "should revoke the access token provided" do
+    it "revokes the access token provided" do
       post revocation_token_endpoint_url, params: { token: access_token.token }, headers: headers
       expect(response).to be_successful
-      expect(access_token.reload.revoked?).to be_truthy
+      expect(access_token.reload).to be_revoked
     end
-    it "should revoke the refresh token provided" do
+    it "revokes the refresh token provided" do
       post revocation_token_endpoint_url, params: { token: access_token.refresh_token }, headers: headers
       expect(response).to be_successful
-      expect(access_token.reload.revoked?).to be_truthy
+      expect(access_token.reload).to be_revoked
     end
     context "with invalid token to revoke" do
-      it "should not revoke any tokens and must respond with success" do
+      it "does not revoke any tokens and must respond with success" do
         expect do
           post revocation_token_endpoint_url,
                params: { token: "I_AM_AN_INVALID_TOKEN" },
@@ -62,24 +62,24 @@ describe "Revoke Token Flow" do
         { "HTTP_AUTHORIZATION" => "Basic #{credentials}" }
       end
-      it "should not revoke any tokens and respond with forbidden" do
+      it "does not revoke any tokens and respond with forbidden" do
         post revocation_token_endpoint_url, params: { token: access_token.token }, headers: headers
         expect(response).to be_forbidden
         expect(response.body).to include("unauthorized_client")
         expect(response.body).to include(I18n.t("doorkeeper.errors.messages.revoke.unauthorized"))
-        expect(access_token.reload.revoked?).to be_falsey
+        expect(access_token.reload).not_to be_revoked
       end
     end
     context "with no credentials and a valid token" do
-      it "should not revoke any tokens and respond with forbidden" do
+      it "does not revoke any tokens and respond with forbidden" do
         post revocation_token_endpoint_url, params: { token: access_token.token }
         expect(response).to be_forbidden
         expect(response.body).to include("unauthorized_client")
         expect(response.body).to include(I18n.t("doorkeeper.errors.messages.revoke.unauthorized"))
-        expect(access_token.reload.revoked?).to be_falsey
+        expect(access_token.reload).not_to be_revoked
       end
     end
@@ -92,13 +92,13 @@ describe "Revoke Token Flow" do
         { "HTTP_AUTHORIZATION" => "Basic #{credentials}" }
       end
-      it "should not revoke the token as it's unauthorized" do
+      it "does not revoke the token as it's unauthorized" do
         post revocation_token_endpoint_url, params: { token: access_token.token }, headers: headers
         expect(response).to be_forbidden
         expect(response.body).to include("unauthorized_client")
         expect(response.body).to include(I18n.t("doorkeeper.errors.messages.revoke.unauthorized"))
-        expect(access_token.reload.revoked?).to be_falsey
+        expect(access_token.reload).not_to be_revoked
       end
     end
   end
@@ -114,25 +114,25 @@ describe "Revoke Token Flow" do
       )
     end
-    it "should revoke the access token provided" do
+    it "revokes the access token provided" do
       post revocation_token_endpoint_url,
            params: { client_id: public_client_application.uid, token: access_token.token },
            headers: headers
       expect(response).to be_successful
-      expect(access_token.reload.revoked?).to be_truthy
+      expect(access_token.reload).to be_revoked
     end
-    it "should revoke the refresh token provided" do
+    it "revokes the refresh token provided" do
       post revocation_token_endpoint_url,
            params: { client_id: public_client_application.uid, token: access_token.refresh_token },
            headers: headers
       expect(response).to be_successful
-      expect(access_token.reload.revoked?).to be_truthy
+      expect(access_token.reload).to be_revoked
     end
-    it "should response with success even for invalid token" do
+    it "responses with success even for invalid token" do
       post revocation_token_endpoint_url,
            params: { client_id: public_client_application.uid, token: "dont_exist" },
            headers: headers
@@ -151,24 +151,24 @@ describe "Revoke Token Flow" do
         )
       end
-      it "should not revoke the access token provided" do
+      it "does not revoke the access token provided" do
         post revocation_token_endpoint_url,
              params: { client_id: public_client_application.uid, token: access_token.token }
         expect(response).to be_forbidden
         expect(response.body).to include("unauthorized_client")
         expect(response.body).to include(I18n.t("doorkeeper.errors.messages.revoke.unauthorized"))
-        expect(access_token.reload.revoked?).to be_falsey
+        expect(access_token.reload).not_to be_revoked
       end
-      it "should not revoke the refresh token provided" do
+      it "does not revoke the refresh token provided" do
         post revocation_token_endpoint_url,
-             params: { client_id: public_client_application.uid, token: access_token.token }
+             params: { client_id: public_client_application.uid, token: access_token.refresh_token }
         expect(response).to be_forbidden
         expect(response.body).to include("unauthorized_client")
         expect(response.body).to include(I18n.t("doorkeeper.errors.messages.revoke.unauthorized"))
-        expect(access_token.reload.revoked?).to be_falsey
+        expect(access_token.reload).not_to be_revoked
       end
     end
   end
@@ -184,13 +184,13 @@ describe "Revoke Token Flow" do
       )
     end
-    it "shouldn't remove the token and must response with an error" do
+    it "does not remove the token and responses with an error" do
       post revocation_token_endpoint_url,
            params: { token: access_token.token },
            headers: headers
       expect(response).not_to be_successful
-      expect(access_token.reload.revoked?).to be_falsey
+      expect(access_token.reload).not_to be_revoked
     end
   end
 end

data/spec/requests/flows/skip_authorization_spec.rb CHANGED

@@ -10,7 +10,7 @@ feature "Skip authorization form" do
     optional_scopes_exist :write
   end
-  context "for previously authorized clients" do
+  context "with previously authorized clients" do
     background do
       create_resource_owner
       sign_in

data/spec/requests/protected_resources/metal_spec.rb CHANGED

@@ -2,7 +2,7 @@
 require "spec_helper"
-describe "ActionController::Metal API" do
+RSpec.describe "ActionController::Metal API" do
   before do
     @client   = FactoryBot.create(:application)
     @resource = User.create!(name: "Joe", password: "sekret")
@@ -11,6 +11,6 @@ describe "ActionController::Metal API" do
   it "client requests protected resource with valid token" do
     get "/metal.json?access_token=#{@token.token}"
-    should_have_json "ok", true
+    expect(json_response).to include("ok" => true)
   end
 end

data/spec/routing/custom_controller_routes_spec.rb CHANGED

@@ -2,7 +2,7 @@
 require "spec_helper"
-describe "Custom controller for routes" do
+RSpec.describe "Custom controller for routes" do
   before :all do
     Doorkeeper.configure do
       orm DOORKEEPER_ORM

data/spec/routing/default_routes_spec.rb CHANGED

@@ -2,7 +2,7 @@
 require "spec_helper"
-describe "Default routes" do
+RSpec.describe "Default routes" do
   it "GET /oauth/authorize routes to authorizations controller" do
     expect(get("/oauth/authorize")).to route_to("doorkeeper/authorizations#new")
   end

data/spec/routing/scoped_routes_spec.rb CHANGED

@@ -2,7 +2,7 @@
 require "spec_helper"
-describe "Scoped routes" do
+RSpec.describe "Scoped routes" do
   before :all do
     Rails.application.routes.disable_clear_and_finalize = true

data/spec/support/helpers/request_spec_helper.rb CHANGED

@@ -14,7 +14,7 @@ module RequestSpecHelper
   end
   def i_should_be_on(path)
-    expect(current_path).to eq(path)
+    expect(page).to have_current_path(path, ignore_query: true)
   end
   def url_should_have_param(param, value)
@@ -61,18 +61,6 @@ module RequestSpecHelper
     ActionController::HttpAuthentication::Basic.encode_credentials client.uid, client.secret
   end
-  def should_have_json(key, value)
-    expect(json_response.fetch(key)).to eq(value)
-  end
-  def should_have_json_within(key, value, range)
-    expect(json_response.fetch(key)).to be_within(range).of(value)
-  end
-  def should_not_have_json(key)
-    expect(json_response).not_to have_key(key)
-  end
   def sign_in
     visit "/"
     click_on "Sign in"