doorkeeper 0.7.1 → 0.7.2

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.


This version of doorkeeper might be problematic. Click here for more details.

checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 4ea51224993fe17eb8bce055c441a2b583a6d9b7
4
- data.tar.gz: 366ca2f1d49a33433714f470c5c66dd5b0c84c9d
3
+ metadata.gz: 8f77e11de4933a587d6936a1185a31d722fd21a7
4
+ data.tar.gz: d7aa73af1c190fab721a82e364d3c02035ed1974
5
5
  SHA512:
6
- metadata.gz: 76fdba565bfa0a6b3382fb98a4cf5402794ab8b474ffe3324159b8ae7c1feee0f97e330d22e698fadeb7dc9551b6e56d5520cbc3949fa6ffd47b72fd1aaefd7e
7
- data.tar.gz: 22f95b1680a08285831218530b4d8789c64c2e3170d6963d5f1c15f4118a05724ca9e8c4a7c50acce0c918f022f57b2e5bd77c101c6b3f97da818e668579766a
6
+ metadata.gz: 1e21a060785183070bc2fc685b18cadedd220a069aeab87028caaf0d584f894fb47d69dc554e4169205d869de80c4e385a861bf5755565f45986ec4cf6124720
7
+ data.tar.gz: 0374fabbd9af363de49f374bc1aecb51579d4e13ddc74fc538c5856ee16dc7b9378bd9cf4c99b8cbbefab49086920382d87cba21f9232691ee2bb79a27028891
data/CHANGELOG.md CHANGED
@@ -1,5 +1,13 @@
1
1
  # Changelog
2
2
 
3
+ ## 0.7.2
4
+
5
+ - enhancements
6
+ - [#272] Allow issuing multiple access_tokens for one user/application for multiple devices
7
+ - [#170] Increase length of allowed redirect URIs
8
+ - [#239] Do not try to load unavailable Request class for the current phase.
9
+ - [#273] Relax jquery-rails gem dependency
10
+
3
11
  ## 0.7.1
4
12
 
5
13
  - bug
data/README.md CHANGED
@@ -25,7 +25,7 @@ The gem is under constant development. It is based in the [version 22 of the OAu
25
25
  Put this in your Gemfile:
26
26
 
27
27
  ``` ruby
28
- gem 'doorkeeper', '~> 0.7.1'
28
+ gem 'doorkeeper', '~> 0.7.2'
29
29
  ```
30
30
 
31
31
  Run the installation generator with:
@@ -85,6 +85,9 @@ This will mount following routes:
85
85
  DELETE /oauth/authorize
86
86
  POST /oauth/token
87
87
  resources /oauth/applications
88
+ GET /oauth/authorized_applications
89
+ DELETE /oauth/authorized_applications/:id
90
+ GET /oauth/token/info
88
91
 
89
92
  For more information on how to customize routes, check out [this page on the wiki](https://github.com/applicake/doorkeeper/wiki/Customizing-routes).
90
93
 
data/doorkeeper.gemspec CHANGED
@@ -17,7 +17,7 @@ Gem::Specification.new do |s|
17
17
  s.require_paths = ["lib"]
18
18
 
19
19
  s.add_dependency "railties", ">= 3.1"
20
- s.add_dependency "jquery-rails", "~> 3.0.4"
20
+ s.add_dependency "jquery-rails", ">= 2.0.2"
21
21
 
22
22
  s.add_development_dependency "sqlite3", "~> 1.3.5"
23
23
  s.add_development_dependency "rspec-rails", ">= 2.11.4"
@@ -8,7 +8,7 @@ module Doorkeeper
8
8
  validate :grant, :error => :invalid_grant
9
9
  validate :redirect_uri, :error => :invalid_grant
10
10
 
11
- attr_accessor :server, :grant, :client, :redirect_uri
11
+ attr_accessor :server, :grant, :client, :redirect_uri, :access_token
12
12
 
13
13
  def initialize(server, grant, client, parameters = {})
14
14
  @server = server
@@ -21,7 +21,7 @@ module Doorkeeper
21
21
  validate
22
22
  @response = if valid?
23
23
  grant.revoke
24
- find_or_create_access_token
24
+ issue_token
25
25
  TokenResponse.new access_token
26
26
  else
27
27
  ErrorResponse.from_request self
@@ -32,26 +32,9 @@ module Doorkeeper
32
32
  self.error.nil?
33
33
  end
34
34
 
35
- def access_token
36
- @access_token ||= Doorkeeper::AccessToken.matching_token_for client, grant.resource_owner_id, grant.scopes
37
- end
38
-
39
- private
40
-
41
- def find_or_create_access_token
42
- if access_token
43
- access_token.expired? ? revoke_and_create_access_token : access_token
44
- else
45
- create_access_token
46
- end
47
- end
48
-
49
- def revoke_and_create_access_token
50
- access_token.revoke
51
- create_access_token
52
- end
35
+ private
53
36
 
54
- def create_access_token
37
+ def issue_token
55
38
  @access_token = Doorkeeper::AccessToken.create!({
56
39
  :application_id => grant.application_id,
57
40
  :resource_owner_id => grant.resource_owner_id,
@@ -3,21 +3,6 @@ module Doorkeeper
3
3
  class ClientCredentialsRequest
4
4
  class Creator
5
5
  def call(client, scopes, attributes = {})
6
- existing_token = existing_token_for(client, scopes)
7
- if existing_token
8
- return existing_token if existing_token.accessible?
9
- existing_token.revoke
10
- end
11
- create(client, scopes, attributes)
12
- end
13
-
14
- private
15
-
16
- def existing_token_for(client, scopes)
17
- Doorkeeper::AccessToken.matching_token_for client, nil, scopes
18
- end
19
-
20
- def create(client, scopes, attributes = {})
21
6
  Doorkeeper::AccessToken.create(attributes.merge({
22
7
  :application_id => client.id,
23
8
  :scopes => scopes.to_s
@@ -7,7 +7,7 @@ module Doorkeeper::OAuth
7
7
  validate :resource_owner, :error => :invalid_resource_owner
8
8
  validate :scopes, :error => :invalid_scope
9
9
 
10
- attr_accessor :server, :resource_owner, :client
10
+ attr_accessor :server, :resource_owner, :client, :access_token
11
11
 
12
12
  def initialize(server, client, resource_owner, parameters = {})
13
13
  @server = server
@@ -19,7 +19,7 @@ module Doorkeeper::OAuth
19
19
  def authorize
20
20
  validate
21
21
  @response = if valid?
22
- find_or_create_access_token
22
+ issue_token
23
23
  TokenResponse.new access_token
24
24
  else
25
25
  ErrorResponse.from_request self
@@ -30,11 +30,6 @@ module Doorkeeper::OAuth
30
30
  self.error.nil?
31
31
  end
32
32
 
33
- def access_token
34
- return unless client.present? && resource_owner.present?
35
- @access_token ||= Doorkeeper::AccessToken.matching_token_for client, resource_owner.id, scopes
36
- end
37
-
38
33
  def scopes
39
34
  @scopes ||= if @original_scopes.present?
40
35
  Doorkeeper::OAuth::Scopes.from_string(@original_scopes)
@@ -45,20 +40,7 @@ module Doorkeeper::OAuth
45
40
 
46
41
  private
47
42
 
48
- def find_or_create_access_token
49
- if access_token
50
- access_token.expired? ? revoke_and_create_access_token : access_token
51
- else
52
- create_access_token
53
- end
54
- end
55
-
56
- def revoke_and_create_access_token
57
- access_token.revoke
58
- create_access_token
59
- end
60
-
61
- def create_access_token
43
+ def issue_token
62
44
  @access_token = Doorkeeper::AccessToken.create!({
63
45
  :application_id => client.id,
64
46
  :resource_owner_id => resource_owner.id,
@@ -9,24 +9,21 @@ module Doorkeeper
9
9
  module Request
10
10
  extend self
11
11
 
12
- # Available authorization strategies:
13
- # :code, :token
14
12
  def authorization_strategy(strategy)
15
- get_strategy strategy
13
+ get_strategy strategy, %w[code token]
16
14
  rescue NameError
17
15
  raise Errors::InvalidAuthorizationStrategy
18
16
  end
19
17
 
20
- # Available token strategies:
21
- # :password, :client_credentials, :authorization_code, :refresh_token
22
18
  def token_strategy(strategy)
23
- get_strategy strategy
19
+ get_strategy strategy, %w[password client_credentials authorization_code refresh_token]
24
20
  rescue NameError
25
21
  raise Errors::InvalidTokenStrategy
26
22
  end
27
23
 
28
- def get_strategy(strategy)
24
+ def get_strategy(strategy, available)
29
25
  raise Errors::MissingRequestStrategy unless strategy.present?
26
+ raise NameError unless available.include?(strategy.to_s)
30
27
  "Doorkeeper::Request::#{strategy.to_s.camelize}".constantize
31
28
  end
32
29
  end
@@ -1,3 +1,3 @@
1
1
  module Doorkeeper
2
- VERSION = "0.7.1"
2
+ VERSION = "0.7.2"
3
3
  end
@@ -48,7 +48,7 @@ Doorkeeper.configure do
48
48
  # Change the way access token is authenticated from the request object.
49
49
  # By default it retrieves first from the `HTTP_AUTHORIZATION` header, then
50
50
  # falls back to the `:access_token` or `:bearer_token` params from the `params` object.
51
- # Check out the wiki for mor information on customization
51
+ # Check out the wiki for more information on customization
52
52
  # access_token_methods :from_bearer_authorization, :from_access_token_param, :from_bearer_param
53
53
 
54
54
  # Change the test redirect uri for client apps
@@ -4,7 +4,7 @@ class CreateDoorkeeperTables < ActiveRecord::Migration
4
4
  t.string :name, :null => false
5
5
  t.string :uid, :null => false
6
6
  t.string :secret, :null => false
7
- t.string :redirect_uri, :null => false
7
+ t.string :redirect_uri, :null => false, :limit => 2048
8
8
  t.timestamps
9
9
  end
10
10
 
@@ -15,7 +15,7 @@ class CreateDoorkeeperTables < ActiveRecord::Migration
15
15
  t.integer :application_id, :null => false
16
16
  t.string :token, :null => false
17
17
  t.integer :expires_in, :null => false
18
- t.string :redirect_uri, :null => false
18
+ t.string :redirect_uri, :null => false, :limit => 2048
19
19
  t.datetime :created_at, :null => false
20
20
  t.datetime :revoked_at
21
21
  t.string :scopes
@@ -4,9 +4,7 @@ class CreateDoorkeeperTables < ActiveRecord::Migration
4
4
  t.string :name, :null => false
5
5
  t.string :uid, :null => false
6
6
  t.string :secret, :null => false
7
- t.string :redirect_uri, :null => false
8
- t.integer :owner_id, :null => true
9
- t.string :owner_type, :null => true
7
+ t.string :redirect_uri, :null => false, :limit => 2048
10
8
  t.timestamps
11
9
  end
12
10
 
@@ -17,7 +15,7 @@ class CreateDoorkeeperTables < ActiveRecord::Migration
17
15
  t.integer :application_id, :null => false
18
16
  t.string :token, :null => false
19
17
  t.integer :expires_in, :null => false
20
- t.string :redirect_uri, :null => false
18
+ t.string :redirect_uri, :null => false, :limit => 2048
21
19
  t.datetime :created_at, :null => false
22
20
  t.datetime :revoked_at
23
21
  t.string :scopes
@@ -0,0 +1,7 @@
1
+ class AddOwnerToApplication < ActiveRecord::Migration
2
+ def change
3
+ add_column :oauth_applications, :owner_id, :integer, :null => true
4
+ add_column :oauth_applications, :owner_type, :string, :null => true
5
+ add_index :oauth_applications, [:owner_id, :owner_type]
6
+ end
7
+ end
@@ -11,15 +11,15 @@
11
11
  #
12
12
  # It's strongly recommended to check this file into your version control system.
13
13
 
14
- ActiveRecord::Schema.define(:version => 20120524202412) do
14
+ ActiveRecord::Schema.define(:version => 20130902175349) do
15
15
 
16
16
  create_table "oauth_access_grants", :force => true do |t|
17
- t.integer "resource_owner_id", :null => false
18
- t.integer "application_id", :null => false
19
- t.string "token", :null => false
20
- t.integer "expires_in", :null => false
21
- t.string "redirect_uri", :null => false
22
- t.datetime "created_at", :null => false
17
+ t.integer "resource_owner_id", :null => false
18
+ t.integer "application_id", :null => false
19
+ t.string "token", :null => false
20
+ t.integer "expires_in", :null => false
21
+ t.string "redirect_uri", :limit => 2048, :null => false
22
+ t.datetime "created_at", :null => false
23
23
  t.datetime "revoked_at"
24
24
  t.string "scopes"
25
25
  end
@@ -42,16 +42,17 @@ ActiveRecord::Schema.define(:version => 20120524202412) do
42
42
  add_index "oauth_access_tokens", ["token"], :name => "index_oauth_access_tokens_on_token", :unique => true
43
43
 
44
44
  create_table "oauth_applications", :force => true do |t|
45
- t.string "name", :null => false
46
- t.string "uid", :null => false
47
- t.string "secret", :null => false
48
- t.string "redirect_uri", :null => false
49
- t.string "owner_type", :null => true, :default => "User"
50
- t.integer "owner_id", :null => true
51
- t.datetime "created_at", :null => false
52
- t.datetime "updated_at", :null => false
45
+ t.string "name", :null => false
46
+ t.string "uid", :null => false
47
+ t.string "secret", :null => false
48
+ t.string "redirect_uri", :limit => 2048, :null => false
49
+ t.datetime "created_at", :null => false
50
+ t.datetime "updated_at", :null => false
51
+ t.integer "owner_id"
52
+ t.string "owner_type"
53
53
  end
54
54
 
55
+ add_index "oauth_applications", ["owner_id", "owner_type"], :name => "index_oauth_applications_on_owner_id_and_owner_type"
55
56
  add_index "oauth_applications", ["uid"], :name => "index_oauth_applications_on_uid", :unique => true
56
57
 
57
58
  create_table "users", :force => true do |t|
@@ -62,19 +62,5 @@ module Doorkeeper::OAuth
62
62
  subject.validate
63
63
  subject.error.should == :invalid_grant
64
64
  end
65
-
66
- it 'skips token creation if there is a matching one' do
67
- FactoryGirl.create(:access_token, :application_id => client.id, :resource_owner_id => grant.resource_owner_id, :scopes => "public write")
68
- expect do
69
- subject.authorize
70
- end.to_not change { Doorkeeper::AccessToken.count }
71
- end
72
-
73
- it 'revokes matching token if expired' do
74
- token = FactoryGirl.create(:access_token, :application_id => client.id, :resource_owner_id => grant.resource_owner_id, :scopes => "public write", :expires_in => -100)
75
- expect do
76
- subject.authorize
77
- end.to change { token.reload.revoked? }
78
- end
79
65
  end
80
66
  end
@@ -16,32 +16,5 @@ class Doorkeeper::OAuth::ClientCredentialsRequest
16
16
  created = subject.call(client, scopes)
17
17
  created.should be_false
18
18
  end
19
-
20
- it 'does not create a new token if there is an accessible one' do
21
- subject.call(client, scopes, :expires_in => 10.years)
22
- expect do
23
- subject.call(client, scopes)
24
- end.to_not change { Doorkeeper::AccessToken.count }
25
- end
26
-
27
- it 'returns the existing token if there is an accessible one' do
28
- existing = subject.call(client, scopes, :expires_in => 10.years)
29
- created = subject.call(client, scopes)
30
- created.should == existing
31
- end
32
-
33
- it 'revokes old token if is not accessible' do
34
- existing = subject.call(client, scopes, :expires_in => -1000)
35
- subject.call(client, scopes)
36
- existing.reload.should be_revoked
37
- end
38
-
39
- it 'returns a new token when the old one is not accessible' do
40
- existing = subject.call(client, scopes, :expires_in => -1000)
41
-
42
- expect do
43
- subject.call(client, scopes)
44
- end.to change { Doorkeeper::AccessToken.count }.by(1)
45
- end
46
19
  end
47
20
  end
@@ -28,20 +28,6 @@ module Doorkeeper::OAuth
28
28
  subject.error.should == :invalid_client
29
29
  end
30
30
 
31
- it 'skips token creation if there is already one' do
32
- FactoryGirl.create(:access_token, :application_id => client.id, :resource_owner_id => owner.id)
33
- expect do
34
- subject.authorize
35
- end.to_not change { Doorkeeper::AccessToken.count }
36
- end
37
-
38
- it 'revokes old token if expired' do
39
- token = FactoryGirl.create(:access_token, :application_id => client.id, :resource_owner_id => owner.id, :expires_in => -100)
40
- expect do
41
- subject.authorize
42
- end.to change { token.reload.revoked? }
43
- end
44
-
45
31
  describe "with scopes" do
46
32
  subject do
47
33
  PasswordAccessTokenRequest.new(server, client, owner, :scope => 'public')
@@ -15,6 +15,10 @@ describe Doorkeeper::Server do
15
15
  expect { subject.authorization_request(:duh) }.to raise_error(Doorkeeper::Errors::InvalidAuthorizationStrategy)
16
16
  end
17
17
 
18
+ it 'raises error when strategy does not match phase' do
19
+ expect { subject.token_request(:code) }.to raise_error(Doorkeeper::Errors::InvalidTokenStrategy)
20
+ end
21
+
18
22
  it 'builds the request with selected strategy' do
19
23
  stub_const 'Doorkeeper::Request::Code', fake_class
20
24
  fake_class.should_receive(:build).with(subject)
@@ -40,33 +40,6 @@ feature 'Authorization Code Flow' do
40
40
  url_should_have_param("state", "return-me")
41
41
  end
42
42
 
43
- scenario 'returns the same token if it is still accessible' do
44
- client_is_authorized(@client, @resource_owner)
45
- visit authorization_endpoint_url(:client => @client)
46
-
47
- authorization_code = Doorkeeper::AccessGrant.first.token
48
- post token_endpoint_url(:code => authorization_code, :client => @client)
49
-
50
- Doorkeeper::AccessToken.count.should be(1)
51
-
52
- should_have_json 'access_token', Doorkeeper::AccessToken.first.token
53
- end
54
-
55
- scenario 'revokes and return new token if it is has expired' do
56
- client_is_authorized(@client, @resource_owner)
57
- token = Doorkeeper::AccessToken.first
58
- token.update_column :expires_in, -100
59
- visit authorization_endpoint_url(:client => @client)
60
-
61
- authorization_code = Doorkeeper::AccessGrant.first.token
62
- post token_endpoint_url(:code => authorization_code, :client => @client)
63
-
64
- token.reload.should be_revoked
65
- Doorkeeper::AccessToken.count.should be(2)
66
-
67
- should_have_json 'access_token', Doorkeeper::AccessToken.last.token
68
- end
69
-
70
43
  scenario 'resource owner requests an access token with authorization code' do
71
44
  visit authorization_endpoint_url(:client => @client)
72
45
  click_on "Authorize"
@@ -48,16 +48,6 @@ feature 'Resource Owner Password Credentials Flow' do
48
48
 
49
49
  should_have_json 'refresh_token', token.refresh_token
50
50
  end
51
-
52
- scenario 'should return the same token if it is still accessible' do
53
- client_is_authorized(@client, @resource_owner)
54
-
55
- post password_token_endpoint_url(:client => @client, :resource_owner => @resource_owner)
56
-
57
- Doorkeeper::AccessToken.count.should be(1)
58
-
59
- should_have_json 'access_token', Doorkeeper::AccessToken.first.token
60
- end
61
51
  end
62
52
 
63
53
  context "with invalid user credentials" do
@@ -68,4 +68,21 @@ feature "Refresh Token Flow" do
68
68
  should_have_json 'error', 'invalid_request'
69
69
  end
70
70
  end
71
+
72
+ context "refreshing the token with multiple sessions (devices)" do
73
+ before do
74
+ # enable password auth to simulate other devices
75
+ config_is_set(:resource_owner_from_credentials) { User.authenticate! params[:username], params[:password] }
76
+ create_resource_owner
77
+ @token = FactoryGirl.create(:access_token, :application => @client, :resource_owner_id => @resource_owner.id, :use_refresh_token => true)
78
+ end
79
+
80
+ scenario "client request a token after creating another token with the same user" do
81
+ @token.update_column :expires_in, -100
82
+ post password_token_endpoint_url(:client => @client, :resource_owner => @resource_owner)
83
+ post refresh_token_endpoint_url(:client => @client, :refresh_token => @token.refresh_token)
84
+ should_have_json 'refresh_token', Doorkeeper::AccessToken.last.refresh_token
85
+ @token.reload.should be_revoked
86
+ end
87
+ end
71
88
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: doorkeeper
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.7.1
4
+ version: 0.7.2
5
5
  platform: ruby
6
6
  authors:
7
7
  - Felipe Elias Philipp
@@ -9,7 +9,7 @@ authors:
9
9
  autorequire:
10
10
  bindir: bin
11
11
  cert_chain: []
12
- date: 2013-08-30 00:00:00.000000000 Z
12
+ date: 2013-09-11 00:00:00.000000000 Z
13
13
  dependencies:
14
14
  - !ruby/object:Gem::Dependency
15
15
  name: railties
@@ -29,16 +29,16 @@ dependencies:
29
29
  name: jquery-rails
30
30
  requirement: !ruby/object:Gem::Requirement
31
31
  requirements:
32
- - - ~>
32
+ - - '>='
33
33
  - !ruby/object:Gem::Version
34
- version: 3.0.4
34
+ version: 2.0.2
35
35
  type: :runtime
36
36
  prerelease: false
37
37
  version_requirements: !ruby/object:Gem::Requirement
38
38
  requirements:
39
- - - ~>
39
+ - - '>='
40
40
  - !ruby/object:Gem::Version
41
- version: 3.0.4
41
+ version: 2.0.2
42
42
  - !ruby/object:Gem::Dependency
43
43
  name: sqlite3
44
44
  requirement: !ruby/object:Gem::Requirement
@@ -309,7 +309,8 @@ files:
309
309
  - spec/dummy/config/routes.rb
310
310
  - spec/dummy/db/migrate/20111122132257_create_users.rb
311
311
  - spec/dummy/db/migrate/20120312140401_add_password_to_users.rb
312
- - spec/dummy/db/migrate/20120524202412_create_doorkeeper_tables.rb
312
+ - spec/dummy/db/migrate/20130902165751_create_doorkeeper_tables.rb
313
+ - spec/dummy/db/migrate/20130902175349_add_owner_to_application.rb
313
314
  - spec/dummy/db/schema.rb
314
315
  - spec/dummy/public/404.html
315
316
  - spec/dummy/public/422.html