RubyGems - doorkeeper - Versions diffs - 0.1.1 → 0.2.0 - Mend

doorkeeper 0.1.1 → 0.2.0

Potentially problematic release.

This version of doorkeeper might be problematic. Click here for more details.

Files changed (35) hide show

data/README.md +42 -14
data/Rakefile +1 -1
data/app/assets/stylesheets/doorkeeper/application.css +4 -0
data/app/controllers/doorkeeper/application_controller.rb +2 -2
data/app/controllers/doorkeeper/application_controller.rbc +32 -20
data/app/controllers/doorkeeper/authorizations_controller.rbc +86 -22
data/app/controllers/doorkeeper/authorized_applications_controller.rb +13 -0
data/app/controllers/doorkeeper/authorized_applications_controller.rbc +393 -0
data/app/controllers/doorkeeper/tokens_controller.rb +4 -0
data/app/models/access_grant.rb +8 -0
data/app/models/access_grant.rbc +204 -39
data/app/models/access_token.rb +31 -3
data/app/models/access_token.rbc +270 -72
data/app/models/application.rb +8 -1
data/app/models/application.rbc +307 -61
data/app/views/doorkeeper/authorizations/new.html.erb +17 -0
data/app/views/doorkeeper/authorized_applications/index.html.erb +26 -0
data/config/routes.rb +1 -0
data/config/routes.rbc +48 -4
data/lib/doorkeeper/config.rb +82 -22
data/lib/doorkeeper/config.rbc +739 -295
data/lib/doorkeeper/config/scope.rb +11 -0
data/lib/doorkeeper/config/scopes.rb +57 -0
data/lib/doorkeeper/config/scopes_builder.rb +18 -0
data/lib/doorkeeper/doorkeeper_for.rb +96 -16
data/lib/doorkeeper/oauth/access_token_request.rb +57 -18
data/lib/doorkeeper/oauth/access_token_request.rbc +256 -67
data/lib/doorkeeper/oauth/authorization_request.rb +31 -4
data/lib/doorkeeper/oauth/authorization_request.rbc +230 -65
data/lib/doorkeeper/version.rb +1 -1
data/lib/doorkeeper/version.rbc +1 -1
data/lib/generators/doorkeeper/templates/README +3 -0
data/lib/generators/doorkeeper/templates/initializer.rb +13 -0
data/lib/generators/doorkeeper/templates/migration.rb +4 -1
metadata +35 -18

data/lib/doorkeeper/oauth/authorization_request.rb CHANGED Viewed

@@ -16,6 +16,7 @@ module Doorkeeper::OAuth
     validate :client,        :error => :invalid_client
     validate :redirect_uri,  :error => :invalid_redirect_uri
     validate :response_type, :error => :unsupported_response_type
+    validate :scope,         :error => :invalid_scope
     attr_accessor *ATTRIBUTES
     attr_accessor :resource_owner, :error
@@ -24,6 +25,7 @@ module Doorkeeper::OAuth
       ATTRIBUTES.each { |attr| instance_variable_set("@#{attr}", attributes[attr]) }
       @resource_owner = resource_owner
       @grant          = nil
+      @scope          ||= Doorkeeper.configuration.default_scope_string
       validate
     end
@@ -32,8 +34,7 @@ module Doorkeeper::OAuth
     end
     def access_token_exists?
-      token = AccessToken.accessible.where(:application_id => client.id, :resource_owner_id => resource_owner.id)
-      !token.first.nil?
+      access_token.present? && access_token_scope_matches?
     end
     def deny
@@ -49,13 +50,21 @@ module Doorkeeper::OAuth
     end
     def invalid_redirect_uri
-      build_uri { |uri| uri.query = "error=#{error}" }
+      build_uri do |uri|
+        query = "error=#{error}"
+        query << "&state=#{state}" if has_state?
+        uri.query = query
+      end
     end
     def client
       @client ||= Application.find_by_uid(client_id)
     end
+    def scopes
+      Doorkeeper.configuration.scopes.with_names(*scope.split(" ")) if has_scope?
+    end
     private
     def create_authorization
@@ -63,7 +72,8 @@ module Doorkeeper::OAuth
         :application_id    => client.id,
         :resource_owner_id => resource_owner.id,
         :expires_in        => DEFAULT_EXPIRATION_TIME,
-        :redirect_uri      => redirect_uri
+        :redirect_uri      => redirect_uri,
+        :scopes            => scope
       )
     end
@@ -71,6 +81,10 @@ module Doorkeeper::OAuth
       state.present?
     end
+    def has_scope?
+      Doorkeeper.configuration.scopes.all.present?
+    end
     def token
       @grant.token
     end
@@ -96,5 +110,18 @@ module Doorkeeper::OAuth
     def validate_response_type
       response_type == "code"
     end
+    def validate_scope
+      return true unless has_scope?
+      scope.present? && scope !~ /[\n|\r|\t]/ && scope.split(" ").all? { |s| Doorkeeper.configuration.scopes.exists?(s) }
+    end
+    def access_token
+      AccessToken.accessible.where(:application_id => client.id, :resource_owner_id => resource_owner.id).first
+    end
+    def access_token_scope_matches?
+      (access_token.scopes - scope.split(" ").map(&:to_sym)).empty?
+    end
   end
 end

data/lib/doorkeeper/oauth/authorization_request.rbc CHANGED Viewed

@@ -130,7 +130,7 @@ x
 20
 AuthorizationRequest
 i
-358
+372
 5
 66
 5
@@ -347,9 +347,9 @@ i
 15
 99
 7
-22
-7
 37
+7
+38
 65
 67
 49
@@ -361,9 +361,9 @@ i
 15
 99
 7
-20
+22
 7
-38
+39
 65
 67
 49
@@ -373,15 +373,11 @@ i
 30
 4
 15
-5
-48
-39
-15
 99
 7
-40
+20
 7
-41
+40
 65
 67
 49
@@ -391,6 +387,10 @@ i
 30
 4
 15
+5
+48
+41
+15
 99
 7
 42
@@ -488,6 +488,20 @@ i
 49
 30
 4
+15
+99
+7
+56
+7
+57
+65
+67
+49
+29
+0
+49
+30
+4
 11
 I
 7
@@ -499,7 +513,7 @@ I
 0
 n
 p
-56
+58
 x
 10
 Doorkeeper
@@ -823,6 +837,153 @@ x
 p
 0
 x
+20
+access_token_exists?
+M
+1
+n
+n
+x
+20
+access_token_exists?
+i
+60
+45
+0
+1
+49
+2
+0
+44
+43
+3
+80
+49
+4
+1
+13
+7
+5
+5
+48
+6
+49
+7
+0
+49
+8
+2
+15
+13
+7
+9
+5
+48
+10
+49
+7
+0
+49
+8
+2
+15
+49
+11
+1
+19
+0
+15
+20
+0
+49
+12
+0
+49
+13
+0
+10
+58
+2
+8
+59
+3
+11
+I
+6
+I
+1
+I
+0
+I
+0
+n
+p
+14
+x
+11
+AccessToken
+n
+x
+10
+accessible
+x
+4
+Hash
+x
+16
+new_from_literal
+x
+14
+application_id
+x
+6
+client
+x
+2
+id
+x
+3
+[]=
+x
+17
+resource_owner_id
+x
+14
+resource_owner
+x
+5
+where
+x
+5
+first
+x
+4
+nil?
+p
+7
+I
+-1
+I
+22
+I
+0
+I
+23
+I
+2d
+I
+24
+I
+3c
+x
+85
+/Users/felipeelias/Applicake/doorkeeper/lib/doorkeeper/oauth/authorization_request.rb
+p
+1
+x
+5
+token
+x
 4
 deny
 M
@@ -868,15 +1029,15 @@ p
 I
 -1
 I
-22
+27
 I
 0
 I
-5f
+64
 I
 1
 I
-23
+28
 I
 c
 x
@@ -1024,15 +1185,15 @@ p
 I
 0
 I
-27
+2c
 I
 4
 I
-28
+2d
 I
 11
 I
-29
+2e
 I
 2a
 I
@@ -1040,7 +1201,7 @@ I
 I
 2b
 I
-2a
+2f
 I
 37
 x
@@ -1062,11 +1223,11 @@ p
 I
 -1
 I
-26
+2b
 I
 0
 I
-27
+2c
 I
 8
 x
@@ -1168,7 +1329,7 @@ p
 I
 0
 I
-2f
+34
 I
 18
 x
@@ -1187,11 +1348,11 @@ p
 I
 -1
 I
-2e
+33
 I
 0
 I
-2f
+34
 I
 8
 x
@@ -1255,11 +1416,11 @@ p
 I
 -1
 I
-32
+37
 I
 0
 I
-33
+38
 I
 12
 x
@@ -1405,35 +1566,35 @@ p
 I
 -1
 I
-38
+3d
 I
 0
 I
-39
+3e
 I
 3
 I
-3d
+42
 I
 c
 I
-3a
+3f
 I
 19
 I
-3b
+40
 I
 26
 I
-3c
+41
 I
 30
 I
-3d
+42
 I
 39
 I
-39
+3e
 I
 3f
 x
@@ -1482,11 +1643,11 @@ p
 I
 -1
 I
-41
+46
 I
 0
 I
-42
+47
 I
 7
 x
@@ -1534,11 +1695,11 @@ p
 I
 -1
 I
-45
+4a
 I
 0
 I
-46
+4b
 I
 6
 x
@@ -1616,19 +1777,19 @@ p
 I
 -1
 I
-49
+4e
 I
 0
 I
-4a
+4f
 I
 f
 I
-4b
+50
 I
 14
 I
-4c
+51
 I
 1a
 x
@@ -1739,7 +1900,7 @@ p
 I
 0
 I
-50
+55
 I
 f
 x
@@ -1758,11 +1919,11 @@ p
 I
 -1
 I
-4f
+54
 I
 0
 I
-50
+55
 I
 11
 x
@@ -1817,11 +1978,11 @@ p
 I
 -1
 I
-53
+58
 I
 0
 I
-54
+59
 I
 10
 x
@@ -1878,11 +2039,11 @@ p
 I
 -1
 I
-57
+5c
 I
 0
 I
-58
+5d
 I
 c
 x
@@ -1936,11 +2097,11 @@ p
 I
 -1
 I
-5b
+60
 I
 0
 I
-5c
+61
 I
 9
 x
@@ -1949,7 +2110,7 @@ x
 p
 0
 p
-59
+61
 I
 2
 I
@@ -2021,53 +2182,57 @@ I
 I
 c8
 I
-26
+27
 I
 d6
 I
-2e
+2b
 I
 e4
 I
-32
+33
 I
 f2
 I
-36
+37
 I
-f6
+100
 I
-38
+3b
 I
 104
 I
-41
+3d
 I
 112
 I
-45
+46
 I
 120
 I
-49
+4a
 I
 12e
 I
-4f
+4e
 I
 13c
 I
-53
+54
 I
 14a
 I
-57
+58
 I
 158
 I
-5b
+5c
 I
 166
+I
+60
+I
+174
 x
 85
 /Users/felipeelias/Applicake/doorkeeper/lib/doorkeeper/oauth/authorization_request.rb