doorkeeper 0.5.0 → 0.6.0.rc1

data/.travis.yml

@@ -1,12 +1,21 @@
+language: ruby
 rvm:
-  - 1.9.3
   - 1.8.7
   - 1.9.2
+  - 1.9.3
 env:
-  - DOORKEEPER_ORM=active_record
-  - DOORKEEPER_ORM=mongoid
-gemfile:
-  - gemfiles/gemfile.rails-3.1.x
-  - gemfiles/gemfile.rails-3.2.x
+  - rails=3.2.8
+  - rails=3.1.8
+  - orm=mongoid2
+  - orm=mongoid3
+  - orm=mongo_mapper
 services:
   - mongodb
+matrix:
+  allow_failures:
+    - env: orm=mongoid2
+  exclude:
+    - rvm: 1.8.7
+      env: orm=mongoid3
+    - rvm: 1.9.2
+      env: orm=mongoid3

data/CHANGELOG.md

@@ -1,6 +1,24 @@
 # Changelog
 
-## 0.5.0
+## 0.6.0
+
+- enhancements
+  - Mongoid `orm` configuration accepts only :mongoid2 or :mongoid3
+  - Authorization endpoint does not redirect in #new action anymore. It wasn't specified by OAuth spec
+  - TokensController now inherits from ActionController::Metal. There might be performance upgrades
+  - Add link to authorization in Applications scaffold
+  - [#116] MongoMapper support [@carols10cents](https://github.com/carols10cents)
+  - [#122] Mongoid3 support [@petergoldstein](https://github.com/petergoldstein)
+  - [#150] Introduce test redirect uri for applications
+- bugfixes
+  - [#157] Response token status should be `:ok`, not `:success` [@theycallmeswift](https://github.com/theycallmeswift)
+- internals
+  - Update development dependencies
+  - Several refactorings
+  - Rails/ORM are easily swichable with env vars (rails and orm)
+  - Travis now tests against Mongoid v2
+
+## 0.5.0.rc1
 
 Official support for rubinius was removed.
 

data/Gemfile

@@ -1,14 +1,30 @@
-source 'http://rubygems.org'
+# Defaults. For supported versions check .travis.yml
+ENV['rails'] ||= '3.2.8'
+ENV['orm']   ||= 'active_record'
+
+source :rubygems
 
 gem 'jquery-rails'
 
-group :mongoid do
-  gem 'mongoid', '~> 2.4'
-  gem 'bson_ext', '~> 1.6.0'
-end
+# Define Rails version
+rails_version = ENV['rails']
+gem 'rails', rails_version
+
+case ENV['orm']
+when 'active_record'
+  gem 'activerecord', rails_version
+
+when 'mongoid2'
+  gem 'mongoid', '2.5.1'
+  gem 'bson_ext', '~> 1.7'
+
+when 'mongoid3'
+  gem 'mongoid', '3.0.10'
+
+when 'mongo_mapper'
+  gem 'mongo_mapper', '0.12.0'
+  gem 'bson_ext', '~> 1.7'
 
-group :active_record do
-  gem 'activerecord', '~> 3.1'
 end
 
 gemspec

data/README.md

@@ -23,14 +23,16 @@ For more information about the supported features, check out the related [page i
 ### ORM
 
 - ActiveRecord
-- Mongoid 2 (only for doorkeeper v0.5+)
+- Mongoid 2
+- Mongoid 3
+- MongoMapper
 
 ## Installation
 
 Put this in your Gemfile:
 
 ``` ruby
-gem 'doorkeeper', '~> 0.5.0'
+gem 'doorkeeper', '~> 0.6.0.rc1'
 ```
 
 Run the installation generator with:
@@ -51,18 +53,26 @@ Don't forget to run the migration with:
 
     rake db:migrate
 
-### Mongoid (only doorkeeper v0.5+)
+### Mongoid / MongoMapper
 
-Doorkeeper currently supports Mongoid 2. To start using it, you have to set the `orm` configuration:
+Doorkeeper currently supports MongoMapper, Mongoid 2 and 3. To start using it, you have to set the `orm` configuration:
 
 ``` ruby
 Doorkeeper.configure do
-  orm :mongoid
+  orm :mongoid2 # or :mongoid3, :mongo_mapper
 end
 ```
 
-**Note:** Make sure you create indexes for doorkeeper models. You can do this either by running `db:mongoid:create_indexes`
-or by adding `autocreate_indexes: true` to your `config/mongoid.yml`
+#### Mongoid indexes
+
+Make sure you create indexes for doorkeeper models. You can do this either by running `rake db:mongoid:create_indexes` or (if you're using Mongoid 2) by adding `autocreate_indexes: true` to your `config/mongoid.yml`
+
+#### MongoMapper indexes
+
+Generate the `db/indexes.rb` file and create indexes for the doorkeeper models:
+
+    rails generate doorkeeper:mongo_mapper:indexes
+    rake db:index
 
 ### Routes
 
@@ -200,10 +210,53 @@ end
 
 In this example, we're returning the credentials (`me.json`) of the access token owner.
 
+### Applications list
+
+By default, the applications list (`/oauth/applications`) is public available. To protect the endpoint you should uncomment these lines:
+
+```ruby
+# config/initializers/doorkeeper.rb
+Doorkeeper.configure do
+  admin_authenticator do |routes|
+    Admin.find_by_id(session[:admin_id]) || redirect_to(routes.new_admin_session_url)
+  end
+end
+```
+
+The logic is the same as the `resource_owner_authenticator` block. **Note:** since the application list is just a scaffold, it's recommended to either customize the controller used by the list or skip the controller at all. For more information see the page [in the wiki](https://github.com/applicake/doorkeeper/wiki/Customizing-routes).
+
+## Other customizations
+
+- [Associate users to OAuth applications (ownership)](https://github.com/applicake/doorkeeper/wiki/Associate-users-to-OAuth-applications-%28ownership%29)
+- [CORS - Cross Origin Resource Sharing](https://github.com/applicake/doorkeeper/wiki/%5BCORS%5D-Cross-Origin-Resource-Sharing)
+
 ## Upgrading
 
 If you want to upgrade doorkeeper to a new version, check out the [upgrading notes](https://github.com/applicake/doorkeeper/wiki/Migration-from-old-versions) and take a look at the [changelog](https://github.com/applicake/doorkeeper/blob/master/CHANGELOG.md).
 
+### Development
+
+To run the local engine server:
+
+```
+rails=3.2.8 orm=active_record bundle install
+rails=3.2.8 orm=active_record bundle exec rails server
+````
+
+By default, it uses the latest Rails version with ActiveRecord. To run the tests:
+
+```
+rails=3.2.8 orm=active_record bundle exec rake
+```
+
+Or you might prefer to run `script/run_all` to integrate against all ORMs.
+
+### Contributing
+
+Want to contribute and don't know where to start? Check out [features we're missing](https://github.com/applicake/doorkeeper/wiki/Supported-Features), create [example apps](https://github.com/applicake/doorkeeper/wiki/Example-Applications), integrate the gem with your app and let us know!
+
+Also, check out our [contributing guidelines page](https://github.com/applicake/doorkeeper/wiki/Contributing).
+
 ## Other resources
 
 ### Wiki
@@ -222,32 +275,14 @@ Check out this screencast from [railscasts.com](http://railscasts.com/): [#353 O
 
 After you set up the provider, you may want to create a client application to test the integration. Check out these [client examples](https://github.com/applicake/doorkeeper/wiki/Example-Applications) in our wiki or follow this [tutorial here](https://github.com/applicake/doorkeeper/wiki/Testing-your-provider-with-OAuth2-gem).
 
-### Contributing/Development
-
-Want to contribute and don't know where to start? Check out [features we're missing](https://github.com/applicake/doorkeeper/wiki/Supported-Features), create [example apps](https://github.com/applicake/doorkeeper/wiki/Example-Applications), integrate the gem with your app and let us know!
-
-Also, check out our [contributing guidelines page](https://github.com/applicake/doorkeeper/wiki/Contributing).
-
 ### Supported ruby versions
 
 All supported ruby versions are [listed here](https://github.com/applicake/doorkeeper/wiki/Supported-Ruby-&-Rails-versions).
 
-## Additional information
-
-### Cross Origin Resource Sharing
-
-You might want to use Doorkeeper to protect an API and want an other application running in a different context (like a mobile application) to request on your API.
-
-For mobile application, you might have to setup Cross Origin Resource Sharing. More info [here](http://www.nczonline.net/blog/2010/05/25/cross-domain-ajax-with-cross-origin-resource-sharing/)
-
-In order to setup the bahavior, you can take a look at [rack-cors](https://github.com/cyu/rack-cors). It's a rack middleware that will set http headers for you in order to be able to make cross domain requests to your doorkeeper protected application (usualy your API).
-
-[Here](https://github.com/gottfrois/doorkeeper-provider-app) is a demo application where rack-cors has been setup.
-
 ### Maintainers
 
-- Felipe Elias Philipp ([github.com/felipeelias](https://github.com/felipeelias), [twitter.com/felipeelias](https://twitter.com/felipeelias))
-- Piotr Jakubowski ([github.com/piotrj](https://github.com/piotrj), [twitter.com/piotrjakubowski](https://twitter.com/piotrjakubowski))
+- Felipe Elias Philipp - [coderwall.com/felipeelias](http://coderwall.com/felipeelias)
+- Piotr Jakubowski - [coderwall.com/piotrj](http://coderwall.com/piotrj)
 
 ### Contributors
 

data/app/controllers/doorkeeper/application_controller.rb

@@ -1,5 +1,5 @@
 module Doorkeeper
   class ApplicationController < ActionController::Base
-    include Doorkeeper::Helpers::Controller
+    include Helpers::Controller
   end
 end

data/app/controllers/doorkeeper/authorizations_controller.rb

@@ -1,47 +1,57 @@
-class Doorkeeper::AuthorizationsController < Doorkeeper::ApplicationController
-  before_filter :authenticate_resource_owner!
-
-  def new
-    if authorization.valid?
-      if authorization.access_token_exists?
-        authorization.authorize
-        redirect_to authorization.success_redirect_uri
+module Doorkeeper
+  class AuthorizationsController < ::Doorkeeper::ApplicationController
+    before_filter :authenticate_resource_owner!
+
+    def new
+      if pre_auth.authorizable?
+        # TODO: use configuration (like config.skip_authorization?)
+        if Doorkeeper::AccessToken.matching_token_for pre_auth.client, current_resource_owner.id, pre_auth.scopes
+          auth = authorization.authorize
+          redirect_to auth.redirect_uri
+        else
+          render :new
+        end
+      else
+        render :error
       end
-    elsif authorization.redirect_on_error?
-      redirect_to authorization.invalid_redirect_uri
-    else
-      @error = authorization.error_response
-      render :error
     end
-  end
 
-  def create
-    if authorization.authorize
-      redirect_to authorization.success_redirect_uri
-    elsif authorization.redirect_on_error?
-      redirect_to authorization.invalid_redirect_uri
-    else
-      @error = authorization.error_response
-      render :error
+    def show
     end
-  end
 
-  def destroy
-    authorization.deny
-    redirect_to authorization.invalid_redirect_uri
-  end
+    # TODO: Handle raise invalid authorization
+    def create
+      auth = authorization.authorize
+
+      if auth.redirectable?
+        redirect_to auth.redirect_uri
+      else
+        render :json => auth.body, :status => auth.status
+      end
+    end
+
+    def destroy
+      auth = authorization.deny
+
+      if auth.redirectable?
+        redirect_to auth.redirect_uri
+      else
+        render :json => auth.body, :status => auth.status
+      end
+    end
 
   private
 
-  def authorization_params
-    params.has_key?(:authorization) ? params[:authorization] : params
-  end
+    def pre_auth
+      @pre_auth ||= OAuth::PreAuthorization.new(Doorkeeper.configuration, server.client_via_uid, params)
+    end
 
-  def client
-    @client ||= Doorkeeper::OAuth::Client.find(authorization_params[:client_id])
-  end
+    def authorization
+      @authorization ||= strategy.request
+    end
 
-  def authorization
-    @authorization ||= Doorkeeper::OAuth::AuthorizationRequest.new(client, current_resource_owner, authorization_params)
+    def strategy
+      @strategy ||= server.authorization_request pre_auth.response_type
+    end
   end
 end

data/app/controllers/doorkeeper/token_info_controller.rb

@@ -1,11 +1,12 @@
-class Doorkeeper::TokenInfoController < Doorkeeper::ApplicationController
-
-  def show
-    if doorkeeper_token && doorkeeper_token.accessible?
-      render :json => doorkeeper_token, :status => :ok
-    else
-      render :json => Doorkeeper::OAuth::ErrorResponse.new(:name => :invalid_request), :status => :unauthorized
-    end 
+module Doorkeeper
+  class TokenInfoController < ::Doorkeeper::ApplicationController
+    def show
+      if doorkeeper_token && doorkeeper_token.accessible?
+        render :json => doorkeeper_token, :status => :ok
+      else
+        error = OAuth::ErrorResponse.new(:name => :invalid_request)
+        render :json => error.body, :status => error.status
+      end
+    end
   end
-
 end

data/app/controllers/doorkeeper/tokens_controller.rb

@@ -1,39 +1,20 @@
-class Doorkeeper::TokensController < Doorkeeper::ApplicationController
-  def create
-    response.headers.merge!({
-      'Pragma'        => 'no-cache',
-      'Cache-Control' => 'no-store',
-    })
-    if token.authorize
-      render :json => token.authorization
-    else
-      render :json => token.error_response, :status => token.error_response.status
+module Doorkeeper
+  class TokensController < ActionController::Metal
+    include Helpers::Controller
+
+    def create
+      response = strategy.authorize
+      self.headers.merge! response.headers
+      self.response_body = response.body.to_json
+      self.status        = response.status
+    rescue Errors::DoorkeeperError => e
+      handle_token_exception e
     end
-  end
 
   private
 
-  def client
-    @client ||= Doorkeeper::OAuth::Client.authenticate(credentials)
-  end
-
-  def credentials
-    methods = Doorkeeper.configuration.client_credentials_methods
-    @credentials ||= Doorkeeper::OAuth::Client::Credentials.from_request(request, *methods)
-  end
-
-  def token
-    unless defined?(@token) && @token
-      case params[:grant_type]
-      when 'password'
-        owner = resource_owner_from_credentials
-        @token = Doorkeeper::OAuth::PasswordAccessTokenRequest.new(client, owner, params)
-      when 'client_credentials'
-        @token = Doorkeeper::OAuth::ClientCredentialsRequest.new(Doorkeeper.configuration, client, params)
-      else
-        @token = Doorkeeper::OAuth::AccessTokenRequest.new(client, params)
-      end
+    def strategy
+      @strategy ||= server.token_request params[:grant_type]
     end
-    @token
   end
 end

data/app/validators/redirect_uri_validator.rb

@@ -1,12 +1,23 @@
 require 'uri'
 
 class RedirectUriValidator < ActiveModel::EachValidator
+  def self.test_redirect_uri
+    Doorkeeper.configuration.test_redirect_uri
+  end
+
   def validate_each(record, attribute, value)
     uri = ::URI.parse(value)
+    return if test_redirect_uri?(uri)
     record.errors.add(attribute, :fragment_present) unless uri.fragment.nil?
     record.errors.add(attribute, :relative_uri) if uri.scheme.nil? || uri.host.nil?
     record.errors.add(attribute, :has_query_parameter) unless uri.query.nil?
   rescue URI::InvalidURIError => e
     record.errors.add(attribute, :invalid_uri)
   end
+
+private
+
+  def test_redirect_uri?(uri)
+    self.class.test_redirect_uri.present? && uri.to_s == self.class.test_redirect_uri.to_s
+  end
 end

data/app/views/doorkeeper/applications/_form.html.erb

@@ -15,8 +15,13 @@
       <%= f.label :redirect_uri %>
       <div class="input">
         <%= f.text_field :redirect_uri %>
+        <% if Doorkeeper.configuration.test_redirect_uri %>
+          <span class="help-inline">Use <%= Doorkeeper.configuration.test_redirect_uri %> for local tests</span>
+        <% end %>
       </div>
-    </div class="clearfix">
+    </div>
+
+    <div class="clearfix"></div>
 
     <div class="actions">
       <%= f.submit :Submit, :class => "btn primary" %>