doorkeeper 0.3.4 → 0.4.0

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.


This version of doorkeeper might be problematic. Click here for more details.

Files changed (92) hide show
  1. data/CHANGELOG.md +13 -0
  2. data/README.md +32 -5
  3. data/app/controllers/doorkeeper/application_controller.rb +4 -11
  4. data/app/controllers/doorkeeper/authorizations_controller.rb +11 -2
  5. data/app/controllers/doorkeeper/tokens_controller.rb +19 -5
  6. data/app/models/doorkeeper/access_grant.rb +1 -8
  7. data/app/models/doorkeeper/access_token.rb +2 -10
  8. data/app/models/doorkeeper/application.rb +4 -0
  9. data/app/views/doorkeeper/authorizations/error.html.erb +1 -1
  10. data/app/views/doorkeeper/authorizations/new.html.erb +1 -1
  11. data/config/locales/en.yml +3 -0
  12. data/doorkeeper.gemspec +2 -1
  13. data/lib/doorkeeper.rb +23 -3
  14. data/lib/doorkeeper/config.rb +73 -12
  15. data/lib/doorkeeper/doorkeeper_for.rb +1 -1
  16. data/lib/doorkeeper/engine.rb +28 -0
  17. data/lib/doorkeeper/models/scopes.rb +13 -0
  18. data/lib/doorkeeper/oauth/access_token_request.rb +5 -16
  19. data/lib/doorkeeper/oauth/authorization/code.rb +1 -1
  20. data/lib/doorkeeper/oauth/authorization/token.rb +1 -1
  21. data/lib/doorkeeper/oauth/authorization_request.rb +18 -23
  22. data/lib/doorkeeper/oauth/client.rb +27 -0
  23. data/lib/doorkeeper/oauth/client/credentials.rb +21 -0
  24. data/lib/doorkeeper/oauth/client/methods.rb +18 -0
  25. data/lib/doorkeeper/oauth/client_credentials/creator.rb +29 -0
  26. data/lib/doorkeeper/oauth/client_credentials/issuer.rb +35 -0
  27. data/lib/doorkeeper/oauth/client_credentials/response.rb +42 -0
  28. data/lib/doorkeeper/oauth/client_credentials/validation.rb +33 -0
  29. data/lib/doorkeeper/oauth/client_credentials_request.rb +46 -0
  30. data/lib/doorkeeper/oauth/error.rb +9 -0
  31. data/lib/doorkeeper/oauth/error_response.rb +30 -0
  32. data/lib/doorkeeper/oauth/helpers/scope_checker.rb +2 -2
  33. data/lib/doorkeeper/oauth/password_access_token_request.rb +130 -0
  34. data/lib/doorkeeper/oauth/scopes.rb +60 -0
  35. data/lib/doorkeeper/version.rb +1 -1
  36. data/lib/generators/doorkeeper/templates/initializer.rb +10 -5
  37. data/lib/generators/doorkeeper/templates/migration.rb +1 -1
  38. data/script/run_all +11 -0
  39. data/spec/controllers/authorizations_controller_spec.rb +3 -3
  40. data/spec/controllers/protected_resources_controller_spec.rb +7 -0
  41. data/spec/controllers/tokens_controller_spec.rb +1 -1
  42. data/spec/dummy/app/controllers/home_controller.rb +1 -1
  43. data/spec/dummy/app/models/user.rb +9 -0
  44. data/spec/dummy/config/application.rb +2 -0
  45. data/spec/dummy/config/initializers/doorkeeper.rb +12 -5
  46. data/spec/dummy/config/locales/doorkeeper.en.yml +5 -0
  47. data/spec/dummy/db/migrate/20120312140401_add_password_to_users.rb +5 -0
  48. data/spec/dummy/db/migrate/{20111206151426_create_doorkeeper_tables.rb → 20120524202412_create_doorkeeper_tables.rb} +10 -1
  49. data/spec/dummy/db/schema.rb +15 -6
  50. data/spec/lib/config_spec.rb +29 -13
  51. data/spec/lib/models/scopes_spec.rb +32 -0
  52. data/spec/lib/oauth/access_token_request_spec.rb +15 -29
  53. data/spec/lib/oauth/authorization_request_spec.rb +22 -72
  54. data/spec/lib/oauth/client/credentials_spec.rb +47 -0
  55. data/spec/lib/oauth/client/methods_spec.rb +54 -0
  56. data/spec/lib/oauth/client_credentials/creator_spec.rb +47 -0
  57. data/spec/lib/oauth/client_credentials/issuer_spec.rb +57 -0
  58. data/spec/lib/oauth/client_credentials/response_spec.rb +58 -0
  59. data/spec/lib/oauth/client_credentials/validation_spec.rb +29 -0
  60. data/spec/lib/oauth/client_credentials_integration_spec.rb +27 -0
  61. data/spec/lib/oauth/client_credentials_request_spec.rb +60 -0
  62. data/spec/lib/oauth/client_spec.rb +42 -0
  63. data/spec/lib/oauth/error_response_spec.rb +40 -0
  64. data/spec/lib/oauth/error_spec.rb +19 -0
  65. data/spec/lib/oauth/helpers/scope_checker_spec.rb +15 -10
  66. data/spec/lib/oauth/password_access_token_request_spec.rb +152 -0
  67. data/spec/lib/oauth/scopes_spec.rb +115 -0
  68. data/spec/models/doorkeeper/access_grant_spec.rb +0 -15
  69. data/spec/models/doorkeeper/access_token_spec.rb +11 -4
  70. data/spec/requests/applications/authorized_applications_spec.rb +2 -2
  71. data/spec/requests/endpoints/authorization_spec.rb +2 -2
  72. data/spec/requests/endpoints/token_spec.rb +7 -0
  73. data/spec/requests/flows/authorization_code_errors_spec.rb +1 -1
  74. data/spec/requests/flows/authorization_code_spec.rb +8 -2
  75. data/spec/requests/flows/client_credentials_spec.rb +56 -0
  76. data/spec/requests/flows/password_spec.rb +52 -0
  77. data/spec/requests/flows/skip_authorization_spec.rb +2 -2
  78. data/spec/requests/protected_resources/private_api_spec.rb +9 -2
  79. data/spec/spec_helper_integration.rb +3 -0
  80. data/spec/support/helpers/authorization_request_helper.rb +7 -5
  81. data/spec/support/helpers/model_helper.rb +3 -3
  82. data/spec/support/helpers/request_spec_helper.rb +1 -1
  83. data/spec/support/helpers/url_helper.rb +12 -0
  84. metadata +65 -30
  85. data/lib/doorkeeper/config/scope.rb +0 -11
  86. data/lib/doorkeeper/config/scopes.rb +0 -61
  87. data/lib/doorkeeper/config/scopes_builder.rb +0 -18
  88. data/spec/dummy/config/initializers/inflections.rb +0 -10
  89. data/spec/dummy/config/initializers/mime_types.rb +0 -5
  90. data/spec/lib/config/scope_spec.rb +0 -45
  91. data/spec/lib/config/scopes_builder_spec.rb +0 -27
  92. data/spec/lib/config/scopes_spec.rb +0 -180
@@ -1,5 +1,18 @@
1
1
  # Changelog
2
2
 
3
+ ## 0.4.0
4
+
5
+ - deprecation
6
+ - Deprecate authorization_scopes
7
+ - database changes
8
+ - AccessToken#resource_owner_id is not nullable
9
+ - enhancements
10
+ - [#83] Add Resource Owner Password Credentials flow [@jaimeiniesta](https://github.com/jaimeiniesta)
11
+ - [#76] Allow token expiration to be disabled [@mattgreen](https://github.com/mattgreen)
12
+ - [#b6470a] Add Client Credentials flow
13
+ - internals
14
+ - [#2ece8d, #f93778] Introduce Client and ErrorResponse classes
15
+
3
16
  ## 0.3.4
4
17
 
5
18
  - Fix attr_accessible for rails 3.2.x
data/README.md CHANGED
@@ -14,7 +14,7 @@ For more information about the supported features, check out the related [page i
14
14
  Put this in your Gemfile:
15
15
 
16
16
  ``` ruby
17
- gem 'doorkeeper', '~> 0.3.0'
17
+ gem 'doorkeeper', '~> 0.4.0'
18
18
  ```
19
19
 
20
20
  Run the installation generator with:
@@ -49,11 +49,13 @@ You need to configure Doorkeeper in order to provide resource_owner model and au
49
49
  ``` ruby
50
50
  Doorkeeper.configure do
51
51
  resource_owner_authenticator do |routes|
52
- current_user || redirect_to('/sign_in', :alert => "Needs sign in.") # returns nil if current_user is not logged in
52
+ current_user || redirect_to(routes.login_url) # returns nil if current_user is not logged in
53
53
  end
54
54
  end
55
55
  ```
56
56
 
57
+ This block runs into the context of your Rails application, and it has access to `current_user` method, for example.
58
+
57
59
  If you use [devise](https://github.com/plataformatec/devise), you may want to use warden to authenticate the block:
58
60
 
59
61
  ``` ruby
@@ -62,6 +64,8 @@ resource_owner_authenticator do |routes|
62
64
  end
63
65
  ```
64
66
 
67
+ If you are not using devise, you may want to check other ways of authentication [here](https://github.com/applicake/doorkeeper/wiki/Authenticating-using-Clearance-DIY).
68
+
65
69
  ## Protecting resources with OAuth (a.k.a your API endpoint)
66
70
 
67
71
  To protect your API with OAuth, doorkeeper only requires you to call `doorkeeper_for` helper, specifying the actions you want to protect.
@@ -92,6 +96,17 @@ end
92
96
 
93
97
  You can also require the access token to have specific scopes in certain actions:
94
98
 
99
+ First configure the scopes in `initializers/doorkeeper.rb`
100
+
101
+ ```ruby
102
+ Doorkeeper.configure do
103
+ default_scope :public # if no scope was requested, this will be the default
104
+ optional_scope :admin, :write
105
+ end
106
+ ```
107
+
108
+ The in your controllers:
109
+
95
110
  ```ruby
96
111
  class Api::V1::ProductsController < Api::V1::ApiController
97
112
  doorkeeper_for :index, :show, :scopes => [:public]
@@ -126,12 +141,24 @@ end
126
141
 
127
142
  In this example, we're returning the credentials (`me.json`) of the access token owner.
128
143
 
144
+ ## Upgrading
145
+
146
+ If you want to upgrade doorkeeper to a new version, check out the [upgrading notes](https://github.com/applicake/doorkeeper/wiki/Migration-from-old-versions) and take a look at the [changelog](https://github.com/applicake/doorkeeper/blob/master/CHANGELOG.md).
147
+
129
148
  ## Other resources
130
149
 
150
+ ### Wiki
151
+
152
+ You can find everything about doorkeeper in our [wiki here](https://github.com/applicake/doorkeeper/wiki).
153
+
131
154
  ### Live demo
132
155
 
133
156
  Check out this [live demo](http://doorkeeper-provider.herokuapp.com) hosted on heroku. For more demos check out [the wiki](https://github.com/applicake/doorkeeper/wiki/Example-Applications).
134
157
 
158
+ ### Screencast
159
+
160
+ Check out this screencast from [railscasts.com](http://railscasts.com/): [#353 OAuth with Doorkeeper](http://railscasts.com/episodes/353-oauth-with-doorkeeper)
161
+
135
162
  ### Client applications
136
163
 
137
164
  After you set up the provider, you may want to create a client application to test the integration. Check out these [client examples](https://github.com/applicake/doorkeeper/wiki/Example-Applications) in our wiki or follow this [tutorial here](https://github.com/applicake/doorkeeper/wiki/Testing-your-provider-with-OAuth2-gem).
@@ -144,14 +171,14 @@ Also, check out our [contributing guidelines page](https://github.com/applicake/
144
171
 
145
172
  ### Supported ruby versions
146
173
 
147
- All supported ruby versions are [listed here](https://github.com/applicake/doorkeeper/wiki/Supported-Ruby-&-Rails-versions)
174
+ All supported ruby versions are [listed here](https://github.com/applicake/doorkeeper/wiki/Supported-Ruby-&-Rails-versions).
148
175
 
149
176
  ## Additional information
150
177
 
151
178
  ### Maintainers
152
179
 
153
- - Felipe Elias Philipp ([github.com/felipeelias](https://github.com/felipeelias))
154
- - Piotr Jakubowski ([github.com/piotrj](https://github.com/piotrj))
180
+ - Felipe Elias Philipp ([github.com/felipeelias](https://github.com/felipeelias), [twitter.com/felipeelias](https://twitter.com/felipeelias))
181
+ - Piotr Jakubowski ([github.com/piotrj](https://github.com/piotrj), [twitter.com/piotrjakubowski](https://twitter.com/piotrjakubowski))
155
182
 
156
183
  ### Contributors
157
184
 
@@ -2,17 +2,6 @@ module Doorkeeper
2
2
  class ApplicationController < ActionController::Base
3
3
  private
4
4
 
5
- def parse_client_info_from_basic_auth
6
- auth_header = request.env['HTTP_AUTHORIZATION']
7
- return unless auth_header && auth_header =~ /^Basic (.*)/m
8
- client_info = Base64.decode64($1).split(/:/, 2)
9
- client_id = client_info[0]
10
- client_secret = client_info[1]
11
- return if client_id.nil? || client_secret.nil?
12
- params[:client_id] = client_id
13
- params[:client_secret] = client_secret
14
- end
15
-
16
5
  def authenticate_resource_owner!
17
6
  current_resource_owner
18
7
  end
@@ -21,6 +10,10 @@ module Doorkeeper
21
10
  instance_exec(main_app, &Doorkeeper.configuration.authenticate_resource_owner)
22
11
  end
23
12
 
13
+ def resource_owner_from_credentials
14
+ instance_exec(main_app, &Doorkeeper.configuration.resource_owner_from_credentials)
15
+ end
16
+
24
17
  def authenticate_admin!
25
18
  if block = Doorkeeper.configuration.authenticate_admin
26
19
  instance_exec(main_app, &block)
@@ -10,6 +10,7 @@ class Doorkeeper::AuthorizationsController < Doorkeeper::ApplicationController
10
10
  elsif authorization.redirect_on_error?
11
11
  redirect_to authorization.invalid_redirect_uri
12
12
  else
13
+ @error = authorization.error_response
13
14
  render :error
14
15
  end
15
16
  end
@@ -20,6 +21,7 @@ class Doorkeeper::AuthorizationsController < Doorkeeper::ApplicationController
20
21
  elsif authorization.redirect_on_error?
21
22
  redirect_to authorization.invalid_redirect_uri
22
23
  else
24
+ @error = authorization.error_response
23
25
  render :error
24
26
  end
25
27
  end
@@ -31,8 +33,15 @@ class Doorkeeper::AuthorizationsController < Doorkeeper::ApplicationController
31
33
 
32
34
  private
33
35
 
36
+ def authorization_params
37
+ params.has_key?(:authorization) ? params[:authorization] : params
38
+ end
39
+
40
+ def client
41
+ @client ||= Doorkeeper::OAuth::Client.find(authorization_params[:client_id])
42
+ end
43
+
34
44
  def authorization
35
- authorization_params = params.has_key?(:authorization) ? params[:authorization] : params
36
- @authorization ||= Doorkeeper::OAuth::AuthorizationRequest.new(current_resource_owner, authorization_params)
45
+ @authorization ||= Doorkeeper::OAuth::AuthorizationRequest.new(client, current_resource_owner, authorization_params)
37
46
  end
38
47
  end
@@ -1,7 +1,4 @@
1
1
  class Doorkeeper::TokensController < Doorkeeper::ApplicationController
2
-
3
- before_filter :parse_client_info_from_basic_auth, :only => :create
4
-
5
2
  def create
6
3
  response.headers.merge!({
7
4
  'Pragma' => 'no-cache',
@@ -10,13 +7,30 @@ class Doorkeeper::TokensController < Doorkeeper::ApplicationController
10
7
  if token.authorize
11
8
  render :json => token.authorization
12
9
  else
13
- render :json => token.error_response, :status => :unauthorized
10
+ render :json => token.error_response, :status => token.error_response.status
14
11
  end
15
12
  end
16
13
 
17
14
  private
18
15
 
16
+ def client
17
+ @client ||= Doorkeeper::OAuth::Client.authenticate(credentials)
18
+ end
19
+
20
+ def credentials
21
+ methods = Doorkeeper.configuration.client_credentials_methods
22
+ @credentials ||= Doorkeeper::OAuth::Client::Credentials.from_request(request, *methods)
23
+ end
24
+
19
25
  def token
20
- @token ||= Doorkeeper::OAuth::AccessTokenRequest.new(params)
26
+ case params[:grant_type]
27
+ when 'password'
28
+ owner = resource_owner_from_credentials
29
+ @token ||= Doorkeeper::OAuth::PasswordAccessTokenRequest.new(client, owner, params)
30
+ when 'client_credentials'
31
+ @token ||= Doorkeeper::OAuth::ClientCredentialsRequest.new(Doorkeeper.configuration, client, params)
32
+ else
33
+ @token ||= Doorkeeper::OAuth::AccessTokenRequest.new(client, params)
34
+ end
21
35
  end
22
36
  end
@@ -3,6 +3,7 @@ module Doorkeeper
3
3
  include Doorkeeper::OAuth::Helpers
4
4
  include Doorkeeper::Models::Expirable
5
5
  include Doorkeeper::Models::Revocable
6
+ include Doorkeeper::Models::Scopes
6
7
 
7
8
  self.table_name = :oauth_access_grants
8
9
 
@@ -18,14 +19,6 @@ module Doorkeeper
18
19
  !expired? && !revoked?
19
20
  end
20
21
 
21
- def scopes
22
- self[:scopes].split(" ").map(&:to_sym) if self[:scopes]
23
- end
24
-
25
- def scopes_string
26
- self[:scopes]
27
- end
28
-
29
22
  private
30
23
 
31
24
  def generate_token
@@ -3,6 +3,7 @@ module Doorkeeper
3
3
  include Doorkeeper::OAuth::Helpers
4
4
  include Doorkeeper::Models::Expirable
5
5
  include Doorkeeper::Models::Revocable
6
+ include Doorkeeper::Models::Scopes
6
7
 
7
8
  self.table_name = :oauth_access_tokens
8
9
 
@@ -10,7 +11,7 @@ module Doorkeeper
10
11
 
11
12
  scope :accessible, where(:revoked_at => nil)
12
13
 
13
- validates :application_id, :resource_owner_id, :token, :presence => true
14
+ validates :application_id, :token, :presence => true
14
15
 
15
16
  attr_accessor :use_refresh_token
16
17
  attr_accessible :application_id, :resource_owner_id, :expires_in, :scopes, :use_refresh_token
@@ -47,15 +48,6 @@ module Doorkeeper
47
48
  !expired? && !revoked?
48
49
  end
49
50
 
50
- def scopes
51
- scope_string = self[:scopes] || ""
52
- scope_string.split(" ").map(&:to_sym)
53
- end
54
-
55
- def scopes_string
56
- self[:scopes]
57
- end
58
-
59
51
  def use_refresh_token?
60
52
  self.use_refresh_token
61
53
  end
@@ -17,6 +17,10 @@ module Doorkeeper
17
17
 
18
18
  attr_accessible :name, :redirect_uri
19
19
 
20
+ def self.authenticate(uid, secret)
21
+ find_by_uid_and_secret(uid, secret)
22
+ end
23
+
20
24
  def self.column_names_with_table
21
25
  self.column_names.map { |c| "oauth_applications.#{c}" }
22
26
  end
@@ -1,6 +1,6 @@
1
1
  <div class="span16">
2
2
  <h2>An error has occurred</h2>
3
3
  <p>
4
- <pre><%= t @authorization.error, :scope => [:doorkeeper, :errors, :messages] %></pre>
4
+ <pre><%= @error.description %></pre>
5
5
  </p>
6
6
  </div>
@@ -9,7 +9,7 @@
9
9
  </p>
10
10
  <ul>
11
11
  <% @authorization.scopes.each do |scope| %>
12
- <li><%= scope.description %></li>
12
+ <li><%= t scope, :scope => [:doorkeeper, :scopes] %></li>
13
13
  <% end %>
14
14
  </ul>
15
15
  <% end %>
@@ -18,3 +18,6 @@ en:
18
18
  invalid_client: 'Client authentication failed due to unknown client, no client authentication included, or unsupported authentication method.'
19
19
  invalid_grant: 'The provided authorization grant is invalid, expired, revoked, does not match the redirection URI used in the authorization request, or was issued to another client.'
20
20
  unsupported_grant_type: 'The authorization grant type is not supported by the authorization server.'
21
+
22
+ # Password Access token errors
23
+ invalid_resource_owner: 'The provided resource owner credentials are not valid, or resource owner cannot be found'
@@ -18,10 +18,11 @@ Gem::Specification.new do |s|
18
18
  s.add_dependency "railties", "~> 3.1"
19
19
 
20
20
  s.add_development_dependency "sqlite3", "~> 1.3.5"
21
- s.add_development_dependency "rspec-rails", "~> 2.9.0"
21
+ s.add_development_dependency "rspec-rails", "~> 2.10.0"
22
22
  s.add_development_dependency "capybara", "~> 1.1.2"
23
23
  s.add_development_dependency "generator_spec", "~> 0.8.5"
24
24
  s.add_development_dependency "factory_girl", "~> 2.6.4"
25
25
  s.add_development_dependency "timecop", "~> 0.3.5"
26
26
  s.add_development_dependency "database_cleaner", "~> 0.7.1"
27
+ s.add_development_dependency "bcrypt-ruby", "~> 3.0.1"
27
28
  end
@@ -1,3 +1,4 @@
1
+ require "doorkeeper/version"
1
2
  require "doorkeeper/engine"
2
3
  require "doorkeeper/config"
3
4
  require "doorkeeper/doorkeeper_for"
@@ -6,9 +7,15 @@ module Doorkeeper
6
7
  autoload :Validations, "doorkeeper/validations"
7
8
 
8
9
  module OAuth
9
- autoload :AuthorizationRequest, "doorkeeper/oauth/authorization_request"
10
- autoload :AccessTokenRequest, "doorkeeper/oauth/access_token_request"
11
- autoload :Authorization, "doorkeeper/oauth/authorization"
10
+ autoload :Scopes, "doorkeeper/oauth/scopes"
11
+ autoload :Error, "doorkeeper/oauth/error"
12
+ autoload :ErrorResponse, "doorkeeper/oauth/error_response"
13
+ autoload :AuthorizationRequest, "doorkeeper/oauth/authorization_request"
14
+ autoload :AccessTokenRequest, "doorkeeper/oauth/access_token_request"
15
+ autoload :PasswordAccessTokenRequest, "doorkeeper/oauth/password_access_token_request"
16
+ autoload :ClientCredentialsRequest, "doorkeeper/oauth/client_credentials_request"
17
+ autoload :Authorization, "doorkeeper/oauth/authorization"
18
+ autoload :Client, "doorkeeper/oauth/client"
12
19
 
13
20
  module Helpers
14
21
  autoload :ScopeChecker, "doorkeeper/oauth/helpers/scope_checker"
@@ -20,5 +27,18 @@ module Doorkeeper
20
27
  module Models
21
28
  autoload :Expirable, "doorkeeper/models/expirable"
22
29
  autoload :Revocable, "doorkeeper/models/revocable"
30
+ autoload :Scopes, "doorkeeper/models/scopes"
31
+ end
32
+
33
+ def self.configured?
34
+ @config.present?
35
+ end
36
+
37
+ def self.database_installed?
38
+ [AccessToken, AccessGrant, Application].all? { |model| model.table_exists? }
39
+ end
40
+
41
+ def self.installed?
42
+ configured? && database_installed?
23
43
  end
24
44
  end
@@ -1,7 +1,3 @@
1
- require 'doorkeeper/config/scopes'
2
- require 'doorkeeper/config/scope'
3
- require 'doorkeeper/config/scopes_builder'
4
-
5
1
  module Doorkeeper
6
2
  def self.configure(&block)
7
3
  @config = Config::Builder.new(&block).build
@@ -12,11 +8,30 @@ module Doorkeeper
12
8
  end
13
9
 
14
10
  class Config
15
- def default_scope_string
16
- @scopes.try(:default_scope_string) || ""
17
- end
18
-
19
11
  class Builder
12
+ # Helper class to migrate scopes using authorization_scopes block
13
+ # It will be removed in v0.5.x
14
+ class ScopesMigrator
15
+ attr_accessor :default_scopes, :optional_scopes, :translations
16
+
17
+ def initialize
18
+ @default_scopes, @optional_scopes, @translations = [], [], {}
19
+ end
20
+
21
+ def scope(scope, options = {})
22
+ if options[:default]
23
+ @optional_scopes << scope
24
+ else
25
+ @default_scopes << scope
26
+ end
27
+ @translations[scope] = options[:description]
28
+ end
29
+
30
+ def migrate(&block)
31
+ self.instance_eval(&block)
32
+ end
33
+ end
34
+
20
35
  def initialize(&block)
21
36
  @config = Config.new
22
37
  instance_eval(&block)
@@ -26,9 +41,30 @@ module Doorkeeper
26
41
  @config
27
42
  end
28
43
 
44
+ def default_scopes(*scopes)
45
+ @config.instance_variable_set("@default_scopes", Doorkeeper::OAuth::Scopes.from_array(scopes))
46
+ end
47
+
48
+ def optional_scopes(*scopes)
49
+ @config.instance_variable_set("@optional_scopes", Doorkeeper::OAuth::Scopes.from_array(scopes))
50
+ end
51
+
52
+ def client_credentials(*methods)
53
+ @config.instance_variable_set("@client_credentials", methods)
54
+ end
55
+
29
56
  def use_refresh_token
30
57
  @config.instance_variable_set("@refresh_token_enabled", true)
31
58
  end
59
+
60
+ # DEPRECATED: use default/optional scopes
61
+ def authorization_scopes(&block)
62
+ migrator = ScopesMigrator.new
63
+ migrator.migrate(&block)
64
+ self.default_scopes *migrator.default_scopes
65
+ self.optional_scopes *migrator.optional_scopes
66
+ @config.instance_variable_set("@authorization_scopes", migrator)
67
+ end
32
68
  end
33
69
 
34
70
  module Option
@@ -77,7 +113,11 @@ module Doorkeeper
77
113
  end
78
114
 
79
115
  define_method attribute do |*args|
80
- instance_variable_get(:"@#{attribute}") || options[:default]
116
+ if instance_variable_defined?(:"@#{attribute}")
117
+ instance_variable_get(:"@#{attribute}")
118
+ else
119
+ options[:default]
120
+ end
81
121
  end
82
122
 
83
123
  public attribute
@@ -90,13 +130,34 @@ module Doorkeeper
90
130
 
91
131
  extend Option
92
132
 
93
- option :resource_owner_authenticator, :as => :authenticate_resource_owner
94
- option :admin_authenticator, :as => :authenticate_admin
133
+ option :resource_owner_authenticator, :as => :authenticate_resource_owner
134
+ option :admin_authenticator, :as => :authenticate_admin
135
+ option :resource_owner_from_credentials
95
136
  option :access_token_expires_in, :default => 7200
96
- option :authorization_scopes, :as => :scopes, :builder_class => ScopesBuilder, :default => Scopes.new
97
137
 
98
138
  def refresh_token_enabled?
99
139
  !!@refresh_token_enabled
100
140
  end
141
+
142
+ def default_scopes
143
+ @default_scopes ||= Doorkeeper::OAuth::Scopes.new
144
+ end
145
+
146
+ def optional_scopes
147
+ @optional_scopes ||= Doorkeeper::OAuth::Scopes.new
148
+ end
149
+
150
+ def scopes
151
+ @scopes ||= default_scopes + optional_scopes
152
+ end
153
+
154
+ def client_credentials_methods
155
+ @client_credentials ||= [:from_basic, :from_params]
156
+ end
157
+
158
+ # DEPRECATED: use default/optional scopes
159
+ def authorization_scopes
160
+ @authorization_scopes
161
+ end
101
162
  end
102
163
  end