doorkeeper-mongodb 5.2.1 → 5.2.2

Sign up to get free protection for your applications and to get access to all the features.
Files changed (87) hide show
  1. checksums.yaml +4 -4
  2. data/lib/doorkeeper-mongodb.rb +1 -0
  3. data/lib/doorkeeper-mongodb/mixins/mongoid/access_grant_mixin.rb +1 -0
  4. data/lib/doorkeeper-mongodb/mixins/mongoid/access_token_mixin.rb +1 -0
  5. data/lib/doorkeeper-mongodb/mixins/mongoid/application_mixin.rb +76 -0
  6. data/lib/doorkeeper-mongodb/mixins/mongoid/base_mixin.rb +0 -8
  7. data/lib/doorkeeper-mongodb/mixins/mongoid/json_serializable.rb +17 -0
  8. data/lib/doorkeeper-mongodb/version.rb +1 -1
  9. data/spec/controllers/application_metal_controller_spec.rb +4 -4
  10. data/spec/controllers/applications_controller_spec.rb +198 -202
  11. data/spec/controllers/authorizations_controller_spec.rb +32 -31
  12. data/spec/controllers/protected_resources_controller_spec.rb +10 -10
  13. data/spec/controllers/token_info_controller_spec.rb +1 -1
  14. data/spec/controllers/tokens_controller_spec.rb +105 -62
  15. data/spec/doorkeeper/redirect_uri_validator_spec.rb +183 -0
  16. data/spec/{lib → doorkeeper}/server_spec.rb +5 -4
  17. data/spec/{lib → doorkeeper}/stale_records_cleaner_spec.rb +8 -7
  18. data/spec/{version → doorkeeper}/version_spec.rb +3 -3
  19. data/spec/dummy/log/test.log +4220 -4184
  20. data/spec/dummy/tmp/cache/assets/sprockets/v4.0.0/{eS/eSL1QMz46gKLM0GR6S9fL6uyARPxOImcappZ9_ZtSyg.cache → Pm/PmheG0PGFqDws1qgFOxOyIL-gpMof3Ar9eSRKVLYuik.cache} +0 -0
  21. data/spec/grape/grape_integration_spec.rb +1 -1
  22. data/spec/helpers/doorkeeper/dashboard_helper_spec.rb +1 -1
  23. data/spec/lib/config_spec.rb +23 -12
  24. data/spec/lib/doorkeeper_spec.rb +4 -4
  25. data/spec/lib/models/expirable_spec.rb +9 -9
  26. data/spec/lib/models/reusable_spec.rb +2 -2
  27. data/spec/lib/models/revocable_spec.rb +4 -7
  28. data/spec/lib/models/scopes_spec.rb +7 -7
  29. data/spec/lib/models/secret_storable_spec.rb +9 -8
  30. data/spec/lib/oauth/authorization/uri_builder_spec.rb +23 -27
  31. data/spec/lib/oauth/authorization_code_request_spec.rb +6 -6
  32. data/spec/lib/oauth/base_request_spec.rb +11 -27
  33. data/spec/lib/oauth/base_response_spec.rb +2 -2
  34. data/spec/lib/oauth/client/credentials_spec.rb +25 -25
  35. data/spec/lib/oauth/client_credentials/creator_spec.rb +89 -91
  36. data/spec/lib/oauth/client_credentials/issuer_spec.rb +84 -86
  37. data/spec/lib/oauth/client_credentials/validation_spec.rb +72 -39
  38. data/spec/lib/oauth/client_credentials_integration_spec.rb +5 -5
  39. data/spec/lib/oauth/client_credentials_request_spec.rb +7 -10
  40. data/spec/lib/oauth/client_spec.rb +8 -8
  41. data/spec/lib/oauth/code_request_spec.rb +5 -5
  42. data/spec/lib/oauth/code_response_spec.rb +4 -4
  43. data/spec/lib/oauth/error_response_spec.rb +6 -5
  44. data/spec/lib/oauth/error_spec.rb +1 -1
  45. data/spec/lib/oauth/forbidden_token_response_spec.rb +2 -2
  46. data/spec/lib/oauth/helpers/scope_checker_spec.rb +37 -37
  47. data/spec/lib/oauth/helpers/unique_token_spec.rb +2 -2
  48. data/spec/lib/oauth/helpers/uri_checker_spec.rb +54 -54
  49. data/spec/lib/oauth/invalid_request_response_spec.rb +6 -6
  50. data/spec/lib/oauth/invalid_token_response_spec.rb +4 -4
  51. data/spec/lib/oauth/password_access_token_request_spec.rb +10 -9
  52. data/spec/lib/oauth/pre_authorization_spec.rb +20 -8
  53. data/spec/lib/oauth/refresh_token_request_spec.rb +10 -10
  54. data/spec/lib/oauth/scopes_spec.rb +14 -14
  55. data/spec/lib/oauth/token_request_spec.rb +9 -9
  56. data/spec/lib/oauth/token_response_spec.rb +5 -5
  57. data/spec/lib/oauth/token_spec.rb +5 -5
  58. data/spec/lib/option_spec.rb +1 -1
  59. data/spec/lib/request/strategy_spec.rb +34 -37
  60. data/spec/lib/secret_storing/base_spec.rb +3 -2
  61. data/spec/lib/secret_storing/bcrypt_spec.rb +2 -1
  62. data/spec/lib/secret_storing/plain_spec.rb +2 -1
  63. data/spec/lib/secret_storing/sha256_hash_spec.rb +2 -1
  64. data/spec/models/doorkeeper/access_grant_spec.rb +7 -9
  65. data/spec/models/doorkeeper/access_token_spec.rb +20 -26
  66. data/spec/models/doorkeeper/application_spec.rb +83 -26
  67. data/spec/requests/applications/applications_request_spec.rb +91 -93
  68. data/spec/requests/endpoints/authorization_spec.rb +1 -1
  69. data/spec/requests/endpoints/token_spec.rb +22 -16
  70. data/spec/requests/flows/authorization_code_errors_spec.rb +12 -8
  71. data/spec/requests/flows/authorization_code_spec.rb +108 -79
  72. data/spec/requests/flows/client_credentials_spec.rb +57 -45
  73. data/spec/requests/flows/implicit_grant_spec.rb +4 -4
  74. data/spec/requests/flows/password_spec.rb +253 -213
  75. data/spec/requests/flows/refresh_token_spec.rb +53 -39
  76. data/spec/requests/flows/revoke_token_spec.rb +24 -24
  77. data/spec/requests/flows/skip_authorization_spec.rb +1 -1
  78. data/spec/requests/protected_resources/metal_spec.rb +2 -2
  79. data/spec/routing/custom_controller_routes_spec.rb +1 -1
  80. data/spec/routing/default_routes_spec.rb +1 -1
  81. data/spec/routing/scoped_routes_spec.rb +1 -1
  82. data/spec/support/helpers/request_spec_helper.rb +1 -13
  83. data/spec/support/helpers/url_helper.rb +2 -2
  84. data/spec/support/shared/controllers_shared_context.rb +5 -38
  85. data/spec/support/shared/hashing_shared_context.rb +4 -0
  86. data/spec/support/shared/models_shared_examples.rb +6 -6
  87. metadata +13 -10
@@ -2,38 +2,34 @@
2
2
 
3
3
  require "spec_helper"
4
4
 
5
- module Doorkeeper::OAuth::Authorization
6
- describe URIBuilder do
7
- subject { URIBuilder }
8
-
9
- describe :uri_with_query do
10
- it "returns the uri with query" do
11
- uri = subject.uri_with_query "http://example.com/", parameter: "value"
12
- expect(uri).to eq("http://example.com/?parameter=value")
13
- end
5
+ RSpec.describe Doorkeeper::OAuth::Authorization::URIBuilder do
6
+ describe ".uri_with_query" do
7
+ it "returns the uri with query" do
8
+ uri = described_class.uri_with_query "http://example.com/", parameter: "value"
9
+ expect(uri).to eq("http://example.com/?parameter=value")
10
+ end
14
11
 
15
- it "rejects nil values" do
16
- uri = subject.uri_with_query "http://example.com/", parameter: ""
17
- expect(uri).to eq("http://example.com/?")
18
- end
12
+ it "rejects nil values" do
13
+ uri = described_class.uri_with_query "http://example.com/", parameter: ""
14
+ expect(uri).to eq("http://example.com/?")
15
+ end
19
16
 
20
- it "preserves original query parameters" do
21
- uri = subject.uri_with_query "http://example.com/?query1=value", parameter: "value"
22
- expect(uri).to match(/query1=value/)
23
- expect(uri).to match(/parameter=value/)
24
- end
17
+ it "preserves original query parameters" do
18
+ uri = described_class.uri_with_query "http://example.com/?query1=value", parameter: "value"
19
+ expect(uri).to match(/query1=value/)
20
+ expect(uri).to match(/parameter=value/)
25
21
  end
22
+ end
26
23
 
27
- describe :uri_with_fragment do
28
- it "returns uri with parameters as fragments" do
29
- uri = subject.uri_with_fragment "http://example.com/", parameter: "value"
30
- expect(uri).to eq("http://example.com/#parameter=value")
31
- end
24
+ describe ".uri_with_fragment" do
25
+ it "returns uri with parameters as fragments" do
26
+ uri = described_class.uri_with_fragment "http://example.com/", parameter: "value"
27
+ expect(uri).to eq("http://example.com/#parameter=value")
28
+ end
32
29
 
33
- it "preserves original query parameters" do
34
- uri = subject.uri_with_fragment "http://example.com/?query1=value1", parameter: "value"
35
- expect(uri).to eq("http://example.com/?query1=value1#parameter=value")
36
- end
30
+ it "preserves original query parameters" do
31
+ uri = described_class.uri_with_fragment "http://example.com/?query1=value1", parameter: "value"
32
+ expect(uri).to eq("http://example.com/?query1=value1#parameter=value")
37
33
  end
38
34
  end
39
35
  end
@@ -2,7 +2,11 @@
2
2
 
3
3
  require "spec_helper"
4
4
 
5
- describe Doorkeeper::OAuth::AuthorizationCodeRequest do
5
+ RSpec.describe Doorkeeper::OAuth::AuthorizationCodeRequest do
6
+ subject do
7
+ described_class.new(server, grant, client, params)
8
+ end
9
+
6
10
  let(:server) do
7
11
  double :server,
8
12
  access_token_expires_in: 2.days,
@@ -26,10 +30,6 @@ describe Doorkeeper::OAuth::AuthorizationCodeRequest do
26
30
  allow(server).to receive(:option_defined?).with(:custom_access_token_expires_in).and_return(true)
27
31
  end
28
32
 
29
- subject do
30
- described_class.new(server, grant, client, params)
31
- end
32
-
33
33
  it "issues a new token for the client" do
34
34
  expect do
35
35
  subject.authorize
@@ -111,7 +111,7 @@ describe Doorkeeper::OAuth::AuthorizationCodeRequest do
111
111
  scopes: grant.scopes.to_s,
112
112
  )
113
113
 
114
- expect { subject.authorize }.to_not(change { Doorkeeper::AccessToken.count })
114
+ expect { subject.authorize }.not_to(change { Doorkeeper::AccessToken.count })
115
115
  end
116
116
 
117
117
  it "creates token if there is a matching one but non reusable" do
@@ -2,7 +2,11 @@
2
2
 
3
3
  require "spec_helper"
4
4
 
5
- describe Doorkeeper::OAuth::BaseRequest do
5
+ RSpec.describe Doorkeeper::OAuth::BaseRequest do
6
+ subject do
7
+ described_class.new
8
+ end
9
+
6
10
  let(:access_token) do
7
11
  double :access_token,
8
12
  plaintext_token: "some-token",
@@ -29,10 +33,6 @@ describe Doorkeeper::OAuth::BaseRequest do
29
33
  allow(server).to receive(:option_defined?).with(:custom_access_token_expires_in).and_return(true)
30
34
  end
31
35
 
32
- subject do
33
- described_class.new
34
- end
35
-
36
36
  describe "#authorize" do
37
37
  before do
38
38
  allow(subject).to receive(:access_token).and_return(access_token)
@@ -43,7 +43,7 @@ describe Doorkeeper::OAuth::BaseRequest do
43
43
  subject.authorize
44
44
  end
45
45
 
46
- context "valid" do
46
+ context "when valid" do
47
47
  before do
48
48
  allow(subject).to receive(:valid?).and_return(true)
49
49
  end
@@ -64,7 +64,7 @@ describe Doorkeeper::OAuth::BaseRequest do
64
64
  end
65
65
  end
66
66
 
67
- context "invalid" do
67
+ context "when invalid" do
68
68
  context "with error other than invalid_request" do
69
69
  before do
70
70
  allow(subject).to receive(:valid?).and_return(false)
@@ -146,7 +146,7 @@ describe Doorkeeper::OAuth::BaseRequest do
146
146
  "public",
147
147
  server,
148
148
  )
149
- expect(result.expires_in).to eql(500)
149
+ expect(result.expires_in).to be(500)
150
150
  end
151
151
 
152
152
  it "respects use_refresh_token with a block" do
@@ -167,7 +167,7 @@ describe Doorkeeper::OAuth::BaseRequest do
167
167
  "public",
168
168
  server,
169
169
  )
170
- expect(result.refresh_token).to_not be_nil
170
+ expect(result.refresh_token).not_to be_nil
171
171
 
172
172
  result = subject.find_or_create_access_token(
173
173
  client,
@@ -180,7 +180,7 @@ describe Doorkeeper::OAuth::BaseRequest do
180
180
  end
181
181
 
182
182
  describe "#scopes" do
183
- context "@original_scopes is present" do
183
+ context "when @original_scopes is present" do
184
184
  before do
185
185
  subject.instance_variable_set(:@original_scopes, "public write")
186
186
  end
@@ -192,7 +192,7 @@ describe Doorkeeper::OAuth::BaseRequest do
192
192
  end
193
193
  end
194
194
 
195
- context "@original_scopes is not present" do
195
+ context "when @original_scopes is blank" do
196
196
  before do
197
197
  subject.instance_variable_set(:@original_scopes, "")
198
198
  end
@@ -207,20 +207,4 @@ describe Doorkeeper::OAuth::BaseRequest do
207
207
  end
208
208
  end
209
209
  end
210
-
211
- describe "#valid?" do
212
- context "error is nil" do
213
- it "returns true" do
214
- allow(subject).to receive(:error).and_return(nil).once
215
- expect(subject.valid?).to eq(true)
216
- end
217
- end
218
-
219
- context "error is not nil" do
220
- it "returns false" do
221
- allow(subject).to receive(:error).and_return(Object.new).once
222
- expect(subject.valid?).to eq(false)
223
- end
224
- end
225
- end
226
210
  end
@@ -2,9 +2,9 @@
2
2
 
3
3
  require "spec_helper"
4
4
 
5
- describe Doorkeeper::OAuth::BaseResponse do
5
+ RSpec.describe Doorkeeper::OAuth::BaseResponse do
6
6
  subject do
7
- Doorkeeper::OAuth::BaseResponse.new
7
+ described_class.new
8
8
  end
9
9
 
10
10
  describe "#body" do
@@ -8,10 +8,10 @@ class Doorkeeper::OAuth::Client
8
8
  let(:client_secret) { "some-secret" }
9
9
 
10
10
  it "is blank when the uid in credentials is blank" do
11
- expect(Credentials.new(nil, nil)).to be_blank
12
- expect(Credentials.new(nil, "something")).to be_blank
13
- expect(Credentials.new("something", nil)).to be_present
14
- expect(Credentials.new("something", "something")).to be_present
11
+ expect(described_class.new(nil, nil)).to be_blank
12
+ expect(described_class.new(nil, "something")).to be_blank
13
+ expect(described_class.new("something", nil)).to be_present
14
+ expect(described_class.new("something", "something")).to be_present
15
15
  end
16
16
 
17
17
  describe ".from_request" do
@@ -23,66 +23,66 @@ class Doorkeeper::OAuth::Client
23
23
 
24
24
  it "accepts anything that responds to #call" do
25
25
  expect(method).to receive(:call).with(request)
26
- Credentials.from_request request, method
26
+ described_class.from_request request, method
27
27
  end
28
28
 
29
29
  it "delegates methods received as symbols to Credentials class" do
30
- expect(Credentials).to receive(:from_params).with(request)
31
- Credentials.from_request request, :from_params
30
+ expect(described_class).to receive(:from_params).with(request)
31
+ described_class.from_request request, :from_params
32
32
  end
33
33
 
34
34
  it "stops at the first credentials found" do
35
35
  not_called_method = double
36
36
  expect(not_called_method).not_to receive(:call)
37
- Credentials.from_request request, ->(_) {}, method, not_called_method
37
+ described_class.from_request request, ->(_) {}, method, not_called_method
38
38
  end
39
39
 
40
40
  it "returns new Credentials" do
41
- credentials = Credentials.from_request request, method
42
- expect(credentials).to be_a(Credentials)
41
+ credentials = described_class.from_request request, method
42
+ expect(credentials).to be_a(described_class)
43
43
  end
44
44
 
45
45
  it "returns uid and secret from extractor method" do
46
- credentials = Credentials.from_request request, method
46
+ credentials = described_class.from_request request, method
47
47
  expect(credentials.uid).to eq("uid")
48
48
  expect(credentials.secret).to eq("secret")
49
49
  end
50
50
  end
51
51
 
52
- describe :from_params do
52
+ describe ".from_params" do
53
53
  it "returns credentials from parameters when Authorization header is not available" do
54
- request = double parameters: { client_id: client_id, client_secret: client_secret }
55
- uid, secret = Credentials.from_params(request)
54
+ request = double parameters: { client_id: client_id, client_secret: client_secret }
55
+ uid, secret = described_class.from_params(request)
56
56
 
57
- expect(uid).to eq("some-uid")
57
+ expect(uid).to eq("some-uid")
58
58
  expect(secret).to eq("some-secret")
59
59
  end
60
60
 
61
61
  it "is blank when there are no credentials" do
62
- request = double parameters: {}
63
- uid, secret = Credentials.from_params(request)
62
+ request = double parameters: {}
63
+ uid, secret = described_class.from_params(request)
64
64
 
65
- expect(uid).to be_blank
65
+ expect(uid).to be_blank
66
66
  expect(secret).to be_blank
67
67
  end
68
68
  end
69
69
 
70
- describe :from_basic do
70
+ describe ".from_basic" do
71
71
  let(:credentials) { Base64.encode64("#{client_id}:#{client_secret}") }
72
72
 
73
73
  it "decodes the credentials" do
74
- request = double authorization: "Basic #{credentials}"
75
- uid, secret = Credentials.from_basic(request)
74
+ request = double authorization: "Basic #{credentials}"
75
+ uid, secret = described_class.from_basic(request)
76
76
 
77
- expect(uid).to eq("some-uid")
77
+ expect(uid).to eq("some-uid")
78
78
  expect(secret).to eq("some-secret")
79
79
  end
80
80
 
81
81
  it "is blank if Authorization is not Basic" do
82
- request = double authorization: credentials.to_s
83
- uid, secret = Credentials.from_basic(request)
82
+ request = double authorization: credentials.to_s
83
+ uid, secret = described_class.from_basic(request)
84
84
 
85
- expect(uid).to be_blank
85
+ expect(uid).to be_blank
86
86
  expect(secret).to be_blank
87
87
  end
88
88
  end
@@ -2,136 +2,134 @@
2
2
 
3
3
  require "spec_helper"
4
4
 
5
- class Doorkeeper::OAuth::ClientCredentialsRequest
6
- describe Creator do
7
- let(:client) { FactoryBot.create :application }
8
- let(:scopes) { Doorkeeper::OAuth::Scopes.from_string("public") }
5
+ RSpec.describe Doorkeeper::OAuth::ClientCredentials::Creator do
6
+ let(:client) { FactoryBot.create :application }
7
+ let(:scopes) { Doorkeeper::OAuth::Scopes.from_string("public") }
9
8
 
9
+ before do
10
+ default_scopes_exist :public
11
+ end
12
+
13
+ it "creates a new token" do
14
+ expect do
15
+ subject.call(client, scopes)
16
+ end.to change { Doorkeeper::AccessToken.count }.by(1)
17
+ end
18
+
19
+ context "when reuse_access_token is true" do
10
20
  before do
11
- default_scopes_exist :public
21
+ allow(Doorkeeper.config).to receive(:reuse_access_token).and_return(true)
12
22
  end
13
23
 
14
- it "creates a new token" do
15
- expect do
16
- subject.call(client, scopes)
17
- end.to change { Doorkeeper::AccessToken.count }.by(1)
24
+ context "when expiration is disabled" do
25
+ it "returns the existing valid token" do
26
+ existing_token = subject.call(client, scopes)
27
+
28
+ result = subject.call(client, scopes)
29
+
30
+ expect(Doorkeeper::AccessToken.count).to eq(1)
31
+ expect(result).to eq(existing_token)
32
+ end
18
33
  end
19
34
 
20
- context "when reuse_access_token is true" do
35
+ context "when existing token has not crossed token_reuse_limit" do
36
+ let!(:existing_token) { subject.call(client, scopes, expires_in: 1000) }
37
+
21
38
  before do
22
- allow(Doorkeeper.config).to receive(:reuse_access_token).and_return(true)
39
+ allow(Doorkeeper.config).to receive(:token_reuse_limit).and_return(50)
40
+ allow_any_instance_of(Doorkeeper::AccessToken).to receive(:expires_in_seconds).and_return(600)
23
41
  end
24
42
 
25
- context "when expiration is disabled" do
26
- it "returns the existing valid token" do
27
- existing_token = subject.call(client, scopes)
43
+ it "returns the existing valid token" do
44
+ result = subject.call(client, scopes, expires_in: 1000)
28
45
 
29
- result = subject.call(client, scopes)
30
-
31
- expect(Doorkeeper::AccessToken.count).to eq(1)
32
- expect(result).to eq(existing_token)
33
- end
46
+ expect(Doorkeeper::AccessToken.count).to eq(1)
47
+ expect(result).to eq(existing_token)
34
48
  end
35
49
 
36
- context "when existing token has not crossed token_reuse_limit" do
37
- let!(:existing_token) { subject.call(client, scopes, expires_in: 1000) }
38
-
50
+ context "when revoke_previous_client_credentials_token is false" do
39
51
  before do
40
- allow(Doorkeeper.config).to receive(:token_reuse_limit).and_return(50)
41
- allow_any_instance_of(Doorkeeper::AccessToken).to receive(:expires_in_seconds).and_return(600)
52
+ allow(Doorkeeper.config).to receive(:revoke_previous_client_credentials_token).and_return(false)
42
53
  end
43
54
 
44
- it "returns the existing valid token" do
45
- result = subject.call(client, scopes, expires_in: 1000)
46
-
47
- expect(Doorkeeper::AccessToken.count).to eq(1)
48
- expect(result).to eq(existing_token)
49
- end
50
-
51
- context "and when revoke_previous_client_credentials_token is false" do
52
- before do
53
- allow(Doorkeeper.config).to receive(:revoke_previous_client_credentials_token).and_return(false)
54
- end
55
-
56
- it "does not revoke the existing valid token" do
57
- subject.call(client, scopes, expires_in: 1000)
58
- expect(existing_token.reload).not_to be_revoked
59
- end
60
- end
61
- end
62
-
63
- context "when existing token has crossed token_reuse_limit" do
64
- it "returns a new token" do
65
- allow(Doorkeeper.config).to receive(:token_reuse_limit).and_return(50)
66
- existing_token = subject.call(client, scopes, expires_in: 1000)
67
-
68
- allow_any_instance_of(Doorkeeper::AccessToken).to receive(:expires_in_seconds).and_return(400)
69
- result = subject.call(client, scopes, expires_in: 1000)
70
-
71
- expect(Doorkeeper::AccessToken.count).to eq(2)
72
- expect(result).not_to eq(existing_token)
55
+ it "does not revoke the existing valid token" do
56
+ subject.call(client, scopes, expires_in: 1000)
57
+ expect(existing_token.reload).not_to be_revoked
73
58
  end
74
59
  end
60
+ end
75
61
 
76
- context "when existing token has been expired" do
77
- it "returns a new token" do
78
- allow(Doorkeeper.configuration).to receive(:token_reuse_limit).and_return(50)
79
- existing_token = subject.call(client, scopes, expires_in: 1000)
62
+ context "when existing token has crossed token_reuse_limit" do
63
+ it "returns a new token" do
64
+ allow(Doorkeeper.config).to receive(:token_reuse_limit).and_return(50)
65
+ existing_token = subject.call(client, scopes, expires_in: 1000)
80
66
 
81
- allow_any_instance_of(Doorkeeper::AccessToken).to receive(:expired?).and_return(true)
82
- result = subject.call(client, scopes, expires_in: 1000)
67
+ allow_any_instance_of(Doorkeeper::AccessToken).to receive(:expires_in_seconds).and_return(400)
68
+ result = subject.call(client, scopes, expires_in: 1000)
83
69
 
84
- expect(Doorkeeper::AccessToken.count).to eq(2)
85
- expect(result).not_to eq(existing_token)
86
- end
70
+ expect(Doorkeeper::AccessToken.count).to eq(2)
71
+ expect(result).not_to eq(existing_token)
87
72
  end
88
73
  end
89
74
 
90
- context "when reuse_access_token is false" do
91
- before do
92
- allow(Doorkeeper.config).to receive(:reuse_access_token).and_return(false)
93
- end
94
-
75
+ context "when existing token has been expired" do
95
76
  it "returns a new token" do
96
- existing_token = subject.call(client, scopes)
77
+ allow(Doorkeeper.configuration).to receive(:token_reuse_limit).and_return(50)
78
+ existing_token = subject.call(client, scopes, expires_in: 1000)
97
79
 
98
- result = subject.call(client, scopes)
80
+ allow_any_instance_of(Doorkeeper::AccessToken).to receive(:expired?).and_return(true)
81
+ result = subject.call(client, scopes, expires_in: 1000)
99
82
 
100
83
  expect(Doorkeeper::AccessToken.count).to eq(2)
101
84
  expect(result).not_to eq(existing_token)
102
85
  end
103
86
  end
87
+ end
104
88
 
105
- context "when revoke_previous_client_credentials_token is true" do
106
- let!(:existing_token) { subject.call(client, scopes, expires_in: 1000) }
89
+ context "when reuse_access_token is false" do
90
+ before do
91
+ allow(Doorkeeper.config).to receive(:reuse_access_token).and_return(false)
92
+ end
107
93
 
108
- before do
109
- allow(Doorkeeper.configuration).to receive(:revoke_previous_client_credentials_token).and_return(true)
110
- end
94
+ it "returns a new token" do
95
+ existing_token = subject.call(client, scopes)
111
96
 
112
- it "revokes the existing token" do
113
- subject.call(client, scopes, expires_in: 1000)
114
- expect(existing_token.reload).to be_revoked
115
- end
97
+ result = subject.call(client, scopes)
98
+
99
+ expect(Doorkeeper::AccessToken.count).to eq(2)
100
+ expect(result).not_to eq(existing_token)
116
101
  end
102
+ end
117
103
 
118
- context "when revoke_previous_client_credentials_token is false" do
119
- let!(:existing_token) { subject.call(client, scopes, expires_in: 1000) }
104
+ context "when revoke_previous_client_credentials_token is true" do
105
+ let!(:existing_token) { subject.call(client, scopes, expires_in: 1000) }
120
106
 
121
- before do
122
- allow(Doorkeeper.configuration).to receive(:revoke_previous_client_credentials_token).and_return(false)
123
- end
107
+ before do
108
+ allow(Doorkeeper.configuration).to receive(:revoke_previous_client_credentials_token?).and_return(true)
109
+ end
124
110
 
125
- it "does not revoke the existing token" do
126
- subject.call(client, scopes, expires_in: 1000)
127
- expect(existing_token.reload).not_to be_revoked
128
- end
111
+ it "revokes the existing token" do
112
+ subject.call(client, scopes, expires_in: 1000)
113
+ expect(existing_token.reload).to be_revoked
129
114
  end
115
+ end
130
116
 
131
- it "returns false if creation fails" do
132
- expect(Doorkeeper::AccessToken).to receive(:find_or_create_for).and_return(false)
133
- created = subject.call(client, scopes)
134
- expect(created).to be_falsey
117
+ context "when revoke_previous_client_credentials_token is false" do
118
+ let!(:existing_token) { subject.call(client, scopes, expires_in: 1000) }
119
+
120
+ before do
121
+ allow(Doorkeeper.configuration).to receive(:revoke_previous_client_credentials_token?).and_return(false)
122
+ end
123
+
124
+ it "does not revoke the existing token" do
125
+ subject.call(client, scopes, expires_in: 1000)
126
+ expect(existing_token.reload).not_to be_revoked
135
127
  end
136
128
  end
129
+
130
+ it "returns false if creation fails" do
131
+ expect(Doorkeeper::AccessToken).to receive(:find_or_create_for).and_return(false)
132
+ created = subject.call(client, scopes)
133
+ expect(created).to be_falsey
134
+ end
137
135
  end