doorkeeper 0.4.2 → 0.5.0.rc1

data/lib/generators/doorkeeper/views_generator.rb

@@ -1,6 +1,6 @@
 module Doorkeeper
   module Generators
-    class ViewsGenerator < Rails::Generators::Base
+    class ViewsGenerator < ::Rails::Generators::Base
       source_root File.expand_path('../../../../app/views/doorkeeper', __FILE__)
 
       desc "Copies default Doorkeeper views to your application."

data/script/run_all

@@ -3,9 +3,12 @@ set -e
 
 RBENV_VERSION=1.8.7-p352 bundle install --quiet
 RBENV_VERSION=1.8.7-p352 bundle exec rake
+RBENV_VERSION=1.8.7-p352 DOORKEEPER_ORM=mongoid bundle exec rake
 
 RBENV_VERSION=1.9.2-p290 bundle install --quiet
 RBENV_VERSION=1.9.2-p290 bundle exec rake
+RBENV_VERSION=1.9.2-p290 DOORKEEPER_ORM=mongoid bundle exec rake
 
 RBENV_VERSION=1.9.3-p0 bundle install --quiet
 RBENV_VERSION=1.9.3-p0 bundle exec rake
+RBENV_VERSION=1.9.3-p0 DOORKEEPER_ORM=mongoid bundle exec rake

data/spec/controllers/applications_controller_spec.rb

@@ -10,7 +10,7 @@ module Doorkeeper
       end
 
       it "redirects as set in Doorkeeper.authenticate_admin" do
-        get :index, :use_route => :doorkeeper
+        get :index
         response.should redirect_to(controller.main_app.root_url)
       end
     end

data/spec/controllers/authorizations_controller_spec.rb

@@ -21,7 +21,7 @@ describe Doorkeeper::AuthorizationsController, "implicit grant flow" do
 
   describe "POST #create" do
     before do
-      post :create, :client_id => client.uid, :response_type => "token", :redirect_uri => client.redirect_uri, :use_route => :doorkeeper
+      post :create, :client_id => client.uid, :response_type => "token", :redirect_uri => client.redirect_uri
     end
 
     it "redirects after authorization" do
@@ -56,7 +56,7 @@ describe Doorkeeper::AuthorizationsController, "implicit grant flow" do
   describe "POST #create with errors" do
     before do
       default_scopes_exist :public
-      post :create, :client_id => client.uid, :response_type => "token", :scope => "invalid", :redirect_uri => client.redirect_uri, :use_route => :doorkeeper
+      post :create, :client_id => client.uid, :response_type => "token", :scope => "invalid", :redirect_uri => client.redirect_uri
     end
 
     it "redirects after authorization" do
@@ -90,7 +90,7 @@ describe Doorkeeper::AuthorizationsController, "implicit grant flow" do
 
   describe "GET #new" do
     before do
-      get :new, :client_id => client.uid, :response_type => "token", :redirect_uri => client.redirect_uri, :use_route => :doorkeeper
+      get :new, :client_id => client.uid, :response_type => "token", :redirect_uri => client.redirect_uri
     end
 
     it 'renders new template' do
@@ -101,7 +101,7 @@ describe Doorkeeper::AuthorizationsController, "implicit grant flow" do
   describe "GET #new with errors" do
     before do
       default_scopes_exist :public
-      get :new, :client_id => client.uid, :response_type => "token", :scope => "invalid", :redirect_uri => client.redirect_uri, :use_route => :doorkeeper
+      get :new, :client_id => client.uid, :response_type => "token", :scope => "invalid", :redirect_uri => client.redirect_uri
     end
 
     it "redirects after authorization" do

data/spec/controllers/protected_resources_controller_spec.rb

@@ -79,29 +79,29 @@ describe "Doorkeeper_for helper" do
     end
 
     it "access_token param" do
-      Doorkeeper::AccessToken.should_receive(:find_by_token).with(token_string)
+      Doorkeeper::AccessToken.should_receive(:authenticate).with(token_string)
       get :index, :access_token => token_string
     end
 
     it "bearer_token param" do
-      Doorkeeper::AccessToken.should_receive(:find_by_token).with(token_string)
+      Doorkeeper::AccessToken.should_receive(:authenticate).with(token_string)
       get :index, :bearer_token => token_string
     end
 
     it "Authorization header" do
-      Doorkeeper::AccessToken.should_receive(:find_by_token).with(token_string)
+      Doorkeeper::AccessToken.should_receive(:authenticate).with(token_string)
       request.env["HTTP_AUTHORIZATION"] = "Bearer #{token_string}"
       get :index
     end
 
     it "different kind of Authorization header" do
-      Doorkeeper::AccessToken.should_not_receive(:find_by_token)
+      Doorkeeper::AccessToken.should_not_receive(:authenticate)
       request.env["HTTP_AUTHORIZATION"] = "Basic #{Base64.encode64("foo:bar")}"
       get :index
     end
 
     it "doesn't change Authorization header value" do
-      Doorkeeper::AccessToken.should_receive(:find_by_token).exactly(2).times
+      Doorkeeper::AccessToken.should_receive(:authenticate).exactly(2).times
       request.env["HTTP_AUTHORIZATION"] = "Bearer #{token_string}"
       get :index
       get :index
@@ -172,14 +172,14 @@ describe "Doorkeeper_for helper" do
 
     it "allows if the token has particular scopes" do
       token = double(Doorkeeper::AccessToken, :accessible? => true, :scopes => [:write, :public])
-      Doorkeeper::AccessToken.should_receive(:find_by_token).with(token_string).and_return(token)
+      Doorkeeper::AccessToken.should_receive(:authenticate).with(token_string).and_return(token)
       get :index, :access_token => token_string
       response.should be_success
     end
 
     it "does not allow if the token does not include given scope" do
       token = double(Doorkeeper::AccessToken, :accessible? => true, :scopes => [:public])
-      Doorkeeper::AccessToken.should_receive(:find_by_token).with(token_string).and_return(token)
+      Doorkeeper::AccessToken.should_receive(:authenticate).with(token_string).and_return(token)
       get :index, :access_token => token_string
       response.status.should == 401
     end

data/spec/controllers/token_info_controller_spec.rb

@@ -0,0 +1,54 @@
+require 'spec_helper_integration'
+
+describe Doorkeeper::TokenInfoController do
+  
+  describe "when requesting tokeninfo with valid token" do
+
+    let(:doorkeeper_token) { FactoryGirl.create(:access_token) }
+
+    before(:each) do
+      controller.stub(:doorkeeper_token) { doorkeeper_token }  
+    end
+
+    def do_get
+      get :show
+    end
+
+    describe "successful request" do
+
+      it "responds with tokeninfo" do
+        do_get  
+        response.body.should eq doorkeeper_token.to_json
+      end
+
+      it "responds with a 200 status" do
+        do_get  
+        response.status.should eq 200  
+      end
+    end
+
+    describe "invalid token response" do
+      before(:each) do
+        controller.stub(:doorkeeper_token => nil)
+      end
+      it "responds with 401 when doorkeeper_token is not valid" do
+        do_get
+        response.status.should eq 401  
+      end
+
+      it "responds with 401 when doorkeeper_token is invalid, expired or revoked" do
+        controller.stub(:doorkeeper_token => doorkeeper_token)
+        doorkeeper_token.stub(:accessible? => false) 
+        do_get
+        response.status.should eq 401  
+      end
+
+      it "responds body message for error" do
+        do_get
+        response.body.should eq Doorkeeper::OAuth::ErrorResponse.new(:name => :invalid_request, :status => :unauthorized).attributes.to_json
+      end
+    end
+
+  end
+
+end

data/spec/controllers/tokens_controller_spec.rb

@@ -12,7 +12,7 @@ describe Doorkeeper::TokensController do
 
     it "returns the authorization" do
       token.should_receive(:authorization)
-      post :create, :use_route => :doorkeeper
+      post :create
     end
   end
 
@@ -27,8 +27,9 @@ describe Doorkeeper::TokensController do
 
     it "returns the error response" do
       token.stub(:error_response => stub(:to_json => [], :status => :unauthorized))
-      post :create, :use_route => :doorkeeper
+      post :create
       response.status.should == 401
     end
   end
+
 end

data/spec/dummy/app/controllers/custom_authorizations_controller.rb

@@ -0,0 +1,7 @@
+class CustomAuthorizationsController < ::ApplicationController
+  %w[index show new create edit update destroy].each do |action|
+    define_method action do
+      render :nothing => true
+    end
+  end
+end

data/spec/dummy/app/models/user.rb

@@ -1,11 +1,22 @@
-class User < ActiveRecord::Base
-  has_secure_password
-  validates_presence_of :password, :on => :create
+if defined? ActiveRecord
+  class User < ActiveRecord::Base
+  end
+end
+
+if defined? Mongoid
+  class User
+    include Mongoid::Document
+    include Mongoid::Timestamps
+
+    field :name, :type => String
+    field :password, :type => String
+  end
+end
 
+class User
   attr_accessible :name, :password
 
   def self.authenticate!(name, password)
-    owner = User.find_by_name(name)
-    owner.authenticate(password) if owner
+    User.where(:name => name, :password => password).first
   end
 end

data/spec/dummy/config/application.rb

@@ -1,15 +1,12 @@
 require File.expand_path('../boot', __FILE__)
 
-# Pick the frameworks you want:
-require "active_record/railtie"
 require "action_controller/railtie"
-# require "action_mailer/railtie"
 require "active_resource/railtie"
 require "sprockets/railtie"
-# require "rails/test_unit/railtie"
 
-Bundler.require
-require "doorkeeper"
+Bundler.require :default
+
+require "#{DOORKEEPER_ORM}/railtie"
 
 module Dummy
   class Application < Rails::Application
@@ -27,7 +24,7 @@ module Dummy
     # Activate observers that should always be running.
     # config.active_record.observers = :cacher, :garbage_collector, :forum_observer
 
-    config.active_record.whitelist_attributes = true
+    config.active_record.whitelist_attributes = true if defined?(ActiveRecord)
 
     # Set Time.zone default to the specified zone and make Active Record auto-convert to this zone.
     # Run "rake -D time" for a list of tasks for finding time zone names. Default is UTC.

data/spec/dummy/config/boot.rb

@@ -1,10 +1,6 @@
 require 'rubygems'
-gemfile = File.expand_path('../../../../Gemfile', __FILE__)
+require 'bundler/setup'
 
-if File.exist?(gemfile)
-  ENV['BUNDLE_GEMFILE'] = gemfile
-  require 'bundler'
-  Bundler.setup
-end
+DOORKEEPER_ORM = (ENV['DOORKEEPER_ORM'] || :active_record).to_sym unless defined?(DOORKEEPER_ORM)
 
-$:.unshift File.expand_path('../../../../lib', __FILE__)
+$:.unshift File.expand_path('../../../../lib', __FILE__)

data/spec/dummy/config/initializers/doorkeeper.rb

@@ -1,4 +1,8 @@
 Doorkeeper.configure do
+  # Change the ORM that doorkeeper will use
+  # Currently supported => :active_record, :mongoid
+  orm DOORKEEPER_ORM
+
   # This block will be called to check whether the
   # resource owner is authenticated or not
   resource_owner_authenticator do |routes|
@@ -21,6 +25,9 @@ Doorkeeper.configure do
   #   Admin.find_by_id(session[:admin_id]) || redirect_to(routes.new_admin_session_url)
   # end
 
+  # Authorization Code expiration time (default 10 minutes).
+  # access_token_expires_in 10.minutes
+
   # Access token expiration time (default 2 hours)
   # If you want to disable expiration, set this to nil.
   # access_token_expires_in 2.hours
@@ -38,4 +45,10 @@ Doorkeeper.configure do
   # fallsback to `:client_id` and `:client_secret` from `params` object
   # Check out the wiki for mor information on customization
   # client_credentials :from_basic, :from_params
+
+  # Change the way access token is authenticated from the request object.
+  # By default it retrieves first from `HTTP_AUTHORIZATION` header and
+  # fallsback to `:access_token` or `:bearer_token` from `params` object
+  # Check out the wiki for mor information on customization
+  # access_token_methods :from_bearer_authorization, :from_access_token_param, :from_bearer_param
 end

data/spec/dummy/config/mongoid.yml

@@ -0,0 +1,7 @@
+development:
+  database: doorkeeper-development
+  persist_in_safe_mode: true
+
+test:
+  database: doorkeeper-test-suite
+  persist_in_safe_mode: true

data/spec/dummy/config/routes.rb

@@ -1,7 +1,35 @@
 Rails.application.routes.draw do
-  mount Doorkeeper::Engine => "/oauth"
+  use_doorkeeper
+
+  scope 'space' do
+    use_doorkeeper do
+      controllers :authorizations => 'custom_authorizations',
+                  :tokens => 'custom_authorizations',
+                  :applications => 'custom_authorizations',
+                  :token_info => 'custom_authorizations'
+
+      as :authorizations => 'custom_auth',
+         :tokens => 'custom_token',
+         :token_info => 'custom_token_info'
+    end
+  end
+
+  scope 'outer_space' do
+    use_doorkeeper do
+      controllers :authorizations => 'custom_authorizations',
+                  :tokens => 'custom_authorizations',
+                  :token_info => 'custom_authorizations'
+
+      as :authorizations => 'custom_auth',
+         :tokens => 'custom_token',
+         :token_info => 'custom_token_info'
+
+      skip_controllers :tokens, :applications, :token_info
+    end
+  end
 
   get 'metal.json' => 'metal#index'
+
   get '/callback', :to => "home#callback"
   get '/sign_in',  :to => "home#sign_in"
   resources :semi_protected_resources

data/spec/dummy/db/migrate/20120312140401_add_password_to_users.rb

@@ -1,5 +1,5 @@
 class AddPasswordToUsers < ActiveRecord::Migration
   def change
-    add_column :users, :password_digest, :string
+    add_column :users, :password, :string
   end
 end

data/spec/dummy/db/migrate/20120524202412_create_doorkeeper_tables.rb

@@ -1,10 +1,12 @@
 class CreateDoorkeeperTables < ActiveRecord::Migration
   def change
     create_table :oauth_applications do |t|
-      t.string :name,         :null => false
-      t.string :uid,          :null => false
-      t.string :secret,       :null => false
-      t.string :redirect_uri, :null => false
+      t.string  :name,         :null => false
+      t.string  :uid,          :null => false
+      t.string  :secret,       :null => false
+      t.string  :redirect_uri, :null => false
+      t.integer :owner_id,     :null => true
+      t.string  :owner_type,   :null => true
       t.timestamps
     end
 

data/spec/dummy/db/schema.rb

@@ -46,6 +46,8 @@ ActiveRecord::Schema.define(:version => 20120524202412) do
     t.string   "uid",          :null => false
     t.string   "secret",       :null => false
     t.string   "redirect_uri", :null => false
+    t.string   "owner_type",   :null => true, :default => "User"
+    t.integer  "owner_id",     :null => true
     t.datetime "created_at",   :null => false
     t.datetime "updated_at",   :null => false
   end
@@ -54,9 +56,9 @@ ActiveRecord::Schema.define(:version => 20120524202412) do
 
   create_table "users", :force => true do |t|
     t.string   "name"
-    t.datetime "created_at",      :null => false
-    t.datetime "updated_at",      :null => false
-    t.string   "password_digest"
+    t.datetime "created_at", :null => false
+    t.datetime "updated_at", :null => false
+    t.string   "password"
   end
 
 end

data/spec/generators/application_owner_generator_spec.rb

@@ -0,0 +1,23 @@
+require 'spec_helper_integration'
+require 'generators/doorkeeper/application_owner_generator'
+
+
+describe 'Doorkeeper::ApplicationOwnerGenerator' do
+  include GeneratorSpec::TestCase
+
+  tests Doorkeeper::ApplicationOwnerGenerator
+  destination ::File.expand_path("../tmp/dummy", __FILE__)
+
+  describe "after running the generator" do
+    before :each do
+      prepare_destination
+      FileUtils.mkdir(::File.expand_path("config", Pathname(destination_root)))
+      FileUtils.copy_file(::File.expand_path("../templates/routes.rb", __FILE__), ::File.expand_path("config/routes.rb", Pathname.new(destination_root)))
+      run_generator
+    end
+
+    it "creates a migration" do
+      assert_migration "db/migrate/add_owner_to_application.rb"
+    end
+  end
+end

data/spec/generators/install_generator_spec.rb

@@ -1,7 +1,6 @@
 require 'spec_helper_integration'
 require 'generators/doorkeeper/install_generator'
 
-
 describe 'Doorkeeper::InstallGenerator' do
   include GeneratorSpec::TestCase
 
@@ -16,10 +15,6 @@ describe 'Doorkeeper::InstallGenerator' do
       run_generator
     end
 
-    it "creates a migration" do
-      assert_migration "db/migrate/create_doorkeeper_tables.rb"
-    end
-
     it "creates an initializer file" do
       assert_file 'config/initializers/doorkeeper.rb'
     end
@@ -29,7 +24,7 @@ describe 'Doorkeeper::InstallGenerator' do
     end
 
     it "adds sample route" do
-      assert_file "config/routes.rb", /mount Doorkeeper::Engine/
+      assert_file "config/routes.rb", /use_doorkeeper/
     end
   end
 end