RubyGems - doorkeeper - Versions diffs - 0.7.4 → 1.0.0.rc1 - Mend

doorkeeper 0.7.4 → 1.0.0.rc1

Potentially problematic release.

This version of doorkeeper might be problematic. Click here for more details.

Files changed (56) hide show

checksums.yaml +4 -4
data/CHANGELOG.md +24 -0
data/Gemfile +0 -2
data/README.md +1 -1
data/app/controllers/doorkeeper/tokens_controller.rb +2 -0
data/app/views/doorkeeper/applications/_delete_form.html.erb +16 -0
data/app/views/doorkeeper/applications/index.html.erb +6 -2
data/app/views/doorkeeper/applications/show.html.erb +1 -1
data/app/views/doorkeeper/authorized_applications/index.html.erb +1 -1
data/app/views/layouts/doorkeeper/application.html.erb +0 -1
data/doorkeeper.gemspec +0 -1
data/lib/doorkeeper/doorkeeper_for.rb +2 -2
data/lib/doorkeeper/models/access_token.rb +5 -2
data/lib/doorkeeper/models/application.rb +2 -2
data/lib/doorkeeper/oauth/password_access_token_request.rb +13 -8
data/lib/doorkeeper/oauth/refresh_token_request.rb +38 -12
data/lib/doorkeeper/oauth/token_response.rb +1 -1
data/lib/doorkeeper/request/password.rb +5 -5
data/lib/doorkeeper/request/refresh_token.rb +5 -5
data/lib/doorkeeper/version.rb +1 -1
data/lib/generators/doorkeeper/templates/migration.rb +1 -1
data/spec/controllers/applications_controller_spec.rb +9 -0
data/spec/controllers/protected_resources_controller_spec.rb +2 -2
data/spec/controllers/tokens_controller_spec.rb +1 -1
data/spec/dummy/app/views/layouts/application.html.erb +0 -2
data/spec/dummy/config/environments/test.rb +11 -2
data/spec/dummy/db/migrate/20130902165751_create_doorkeeper_tables.rb +1 -1
data/spec/dummy/db/schema.rb +1 -1
data/spec/factories/access_token.rb +4 -0
data/spec/lib/models/revocable_spec.rb +2 -2
data/spec/lib/oauth/authorization_code_request_spec.rb +1 -1
data/spec/lib/oauth/client/credentials_spec.rb +2 -2
data/spec/lib/oauth/client/methods_spec.rb +4 -4
data/spec/lib/oauth/client_credentials/issuer_spec.rb +4 -4
data/spec/lib/oauth/client_credentials/validation_spec.rb +2 -2
data/spec/lib/oauth/client_credentials_request_spec.rb +4 -4
data/spec/lib/oauth/client_spec.rb +5 -5
data/spec/lib/oauth/code_request_spec.rb +3 -3
data/spec/lib/oauth/error_response_spec.rb +3 -3
data/spec/lib/oauth/helpers/scope_checker_spec.rb +2 -2
data/spec/lib/oauth/password_access_token_request_spec.rb +26 -10
data/spec/lib/oauth/pre_authorization_spec.rb +2 -2
data/spec/lib/oauth/refresh_token_request_spec.rb +52 -10
data/spec/lib/oauth/token_request_spec.rb +3 -3
data/spec/lib/oauth/token_response_spec.rb +8 -5
data/spec/lib/oauth/token_spec.rb +8 -8
data/spec/lib/server_spec.rb +1 -1
data/spec/models/doorkeeper/access_token_spec.rb +6 -9
data/spec/models/doorkeeper/application_spec.rb +16 -1
data/spec/requests/applications/applications_request_spec.rb +3 -3
data/spec/requests/flows/password_spec.rb +20 -0
data/spec/requests/protected_resources/private_api_spec.rb +8 -0
metadata +5 -21
data/app/assets/javascripts/doorkeeper/application.js +0 -2
data/spec/dummy/app/assets/javascripts/application.js +0 -9
data/spec/dummy/app/assets/stylesheets/application.css +0 -7

data/spec/controllers/tokens_controller_spec.rb CHANGED

@@ -28,7 +28,7 @@ describe Doorkeeper::TokensController do
     it "returns the error response" do
       pending 'verify need of these specs'
-      token.stub(:error_response => stub(:to_json => [], :status => :unauthorized))
+      token.stub(:error_response => double(:to_json => [], :status => :unauthorized))
       post :create
       expect(response.status).to eq 401
     end

data/spec/dummy/app/views/layouts/application.html.erb CHANGED

@@ -2,8 +2,6 @@
 <html>
 <head>
   <title>Dummy</title>
-  <%= stylesheet_link_tag    "application" %>
-  <%= javascript_include_tag "application" %>
   <%= csrf_meta_tags %>
 </head>
 <body>

data/spec/dummy/config/environments/test.rb CHANGED

@@ -11,8 +11,17 @@ Dummy::Application.configure do
   config.serve_static_assets = true
   config.static_cache_control = "public, max-age=3600"
-  # Log error messages when you accidentally call methods on nil
-  config.whiny_nils = true
+  if Rails.version.to_i < 4
+    # Log error messages when you accidentally call methods on nil
+    config.whiny_nils = true
+  end
+  if Rails.version.to_i >= 4
+    # Do not eager load code on boot. This avoids loading your whole application
+    # just for the purpose of running a single test. If you are using a tool that
+    # preloads Rails for running tests, you may have to set it to true.
+    config.eager_load = false
+  end
   # Show full error reports and disable caching
   config.consider_all_requests_local       = true

data/spec/dummy/db/migrate/20130902165751_create_doorkeeper_tables.rb CHANGED

@@ -25,7 +25,7 @@ class CreateDoorkeeperTables < ActiveRecord::Migration
     create_table :oauth_access_tokens do |t|
       t.integer  :resource_owner_id
-      t.integer  :application_id,    :null => false
+      t.integer  :application_id
       t.string   :token,             :null => false
       t.string   :refresh_token
       t.integer  :expires_in

data/spec/dummy/db/schema.rb CHANGED

@@ -28,7 +28,7 @@ ActiveRecord::Schema.define(:version => 20130902175349) do
   create_table "oauth_access_tokens", :force => true do |t|
     t.integer  "resource_owner_id"
-    t.integer  "application_id",    :null => false
+    t.integer  "application_id"
     t.string   "token",             :null => false
     t.string   "refresh_token"
     t.integer  "expires_in"

data/spec/factories/access_token.rb CHANGED

@@ -3,5 +3,9 @@ FactoryGirl.define do
     sequence(:resource_owner_id) { |n| n }
     application
     expires_in 2.hours
+    factory :clientless_access_token do
+      application nil
+    end
   end
 end

data/spec/lib/models/revocable_spec.rb CHANGED

@@ -11,7 +11,7 @@ describe 'Revocable' do
   describe :revoke do
     it "updates :revoked_at attribute with current time" do
-      clock = double :now => stub
+      clock = double :now => double
       subject.should_receive(:update_column).with(:revoked_at, clock.now)
       subject.revoke(clock)
     end
@@ -19,7 +19,7 @@ describe 'Revocable' do
   describe :revoked? do
     it "is revoked if :revoked_at is set" do
-      subject.stub :revoked_at => stub
+      subject.stub :revoked_at => double
       subject.should be_revoked
     end

data/spec/lib/oauth/authorization_code_request_spec.rb CHANGED

@@ -2,7 +2,7 @@ require 'spec_helper_integration'
 module Doorkeeper::OAuth
   describe AuthorizationCodeRequest do
-    let(:server) { mock :server, :access_token_expires_in => 2.days, :refresh_token_enabled? => false }
+    let(:server) { double :server, :access_token_expires_in => 2.days, :refresh_token_enabled? => false }
     let(:grant)  { FactoryGirl.create :access_grant }
     let(:client) { grant.application }

data/spec/lib/oauth/client/credentials_spec.rb CHANGED

@@ -10,7 +10,7 @@ class Doorkeeper::OAuth::Client
     end
     describe :from_request do
-      let(:request) { stub.as_null_object }
+      let(:request) { double.as_null_object }
       let(:method) do
         lambda { |request| return 'uid', 'secret' }
@@ -27,7 +27,7 @@ class Doorkeeper::OAuth::Client
       end
       it 'stops at the first credentials found' do
-        not_called_method = mock
+        not_called_method = double
         not_called_method.should_not_receive(:call)
         credentials = Credentials.from_request request, lambda { |r| }, method, not_called_method
       end

data/spec/lib/oauth/client/methods_spec.rb CHANGED

@@ -15,7 +15,7 @@ class Doorkeeper::OAuth::Client
     describe :from_params do
       it 'returns credentials from parameters when Authorization header is not available' do
-        request     = stub :parameters => { :client_id => client_id, :client_secret => client_secret }
+        request     = double :parameters => { :client_id => client_id, :client_secret => client_secret }
         uid, secret = subject.from_params(request)
         uid.should    == "some-uid"
@@ -23,7 +23,7 @@ class Doorkeeper::OAuth::Client
       end
       it 'is blank when there are no credentials' do
-        request     = stub :parameters => {}
+        request     = double :parameters => {}
         uid, secret = subject.from_params(request)
         uid.should    be_blank
@@ -35,7 +35,7 @@ class Doorkeeper::OAuth::Client
       let(:credentials) { Base64.encode64("#{client_id}:#{client_secret}") }
       it 'decodes the credentials' do
-        request     = stub :authorization => "Basic #{credentials}"
+        request     = double :authorization => "Basic #{credentials}"
         uid, secret = subject.from_basic(request)
         uid.should    == "some-uid"
@@ -43,7 +43,7 @@ class Doorkeeper::OAuth::Client
       end
       it 'is blank if Authorization is not Basic' do
-        request     = stub :authorization => "#{credentials}"
+        request     = double :authorization => "#{credentials}"
         uid, secret = subject.from_basic(request)
         uid.should    be_blank

data/spec/lib/oauth/client_credentials/issuer_spec.rb CHANGED

@@ -4,14 +4,14 @@ require 'doorkeeper/oauth/client_credentials/issuer'
 class Doorkeeper::OAuth::ClientCredentialsRequest
   describe Issuer do
-    let(:creator) { mock :acces_token_creator }
-    let(:server)  { mock :server, :access_token_expires_in => 100 }
-    let(:validation) { mock :validation, :valid? => true }
+    let(:creator) { double :acces_token_creator }
+    let(:server)  { double :server, :access_token_expires_in => 100 }
+    let(:validation) { double :validation, :valid? => true }
     subject { Issuer.new(server, validation) }
     describe :create do
-      let(:client) { mock :client, :id => 'some-id' }
+      let(:client) { double :client, :id => 'some-id' }
       let(:scopes) { 'some scope' }
       it 'creates and sets the token' do

data/spec/lib/oauth/client_credentials/validation_spec.rb CHANGED

@@ -4,8 +4,8 @@ require 'doorkeeper/oauth/client_credentials/validation'
 class Doorkeeper::OAuth::ClientCredentialsRequest
   describe Validation do
-    let(:server)  { mock :server, :scopes => nil }
-    let(:request) { mock :request, :client => stub, :original_scopes => nil }
+    let(:server)  { double :server, :scopes => nil }
+    let(:request) { double :request, :client => double, :original_scopes => nil }
     subject { Validation.new(server, request) }

data/spec/lib/oauth/client_credentials_request_spec.rb CHANGED

@@ -5,9 +5,9 @@ require 'doorkeeper/oauth/client_credentials_request'
 module Doorkeeper::OAuth
   describe ClientCredentialsRequest do
-    let(:server) { stub :default_scopes => nil }
-    let(:client) { stub }
-    let(:token_creator) { mock :issuer, :create => true, :token => stub }
+    let(:server) { double :default_scopes => nil }
+    let(:client) { double }
+    let(:token_creator) { double :issuer, :create => true, :token => double }
     subject { ClientCredentialsRequest.new(server, client) }
@@ -27,7 +27,7 @@ module Doorkeeper::OAuth
     context 'if issue was not created' do
       before do
-        subject.issuer = stub :create => false, :error => :invalid
+        subject.issuer = double :create => false, :error => :invalid
       end
       it 'has an error response' do

data/spec/lib/oauth/client_spec.rb CHANGED

@@ -6,10 +6,10 @@ require 'doorkeeper/oauth/client'
 module Doorkeeper::OAuth
   describe Client do
     describe :find do
-      let(:method) { mock }
+      let(:method) { double }
       it 'finds the client via uid' do
-        client = stub
+        client = double
         method.should_receive(:call).with('uid').and_return(client)
         Client.find('uid', method).should be_a(Client)
       end
@@ -23,14 +23,14 @@ module Doorkeeper::OAuth
     describe :authenticate do
       it 'returns the authenticated client via credentials' do
         credentials = Client::Credentials.new("some-uid", "some-secret")
-        authenticator = mock
-        authenticator.should_receive(:call).with("some-uid", "some-secret").and_return(stub)
+        authenticator = double
+        authenticator.should_receive(:call).with("some-uid", "some-secret").and_return(double)
         Client.authenticate(credentials, authenticator).should be_a(Client)
       end
       it 'retunrs nil if client was not authenticated' do
         credentials = Client::Credentials.new("some-uid", "some-secret")
-        authenticator = mock
+        authenticator = double
         authenticator.should_receive(:call).with("some-uid", "some-secret").and_return(nil)
         Client.authenticate(credentials, authenticator).should be_nil
       end

data/spec/lib/oauth/code_request_spec.rb CHANGED

@@ -3,8 +3,8 @@ require 'spec_helper_integration'
 module Doorkeeper::OAuth
   describe CodeRequest do
     let(:pre_auth) do
-      mock(:pre_auth, {
-        :client => mock(:application, :id => 9990),
+      double(:pre_auth, {
+        :client => double(:application, :id => 9990),
         :redirect_uri => 'http://tst.com/cb',
         :scopes => nil,
         :state => nil,
@@ -13,7 +13,7 @@ module Doorkeeper::OAuth
       })
     end
-    let(:owner) { mock :owner, :id => 8900 }
+    let(:owner) { double :owner, :id => 8900 }
     subject do
       CodeRequest.new(pre_auth, owner)

data/spec/lib/oauth/error_response_spec.rb CHANGED

@@ -9,17 +9,17 @@ module Doorkeeper::OAuth
     describe :from_request do
       it 'has the error from request' do
-        error = ErrorResponse.from_request stub(:error => :some_error)
+        error = ErrorResponse.from_request double(:error => :some_error)
         error.name.should == :some_error
       end
       it 'ignores state if request does not respond to state' do
-        error = ErrorResponse.from_request stub(:error => :some_error)
+        error = ErrorResponse.from_request double(:error => :some_error)
         error.state.should be_nil
       end
       it 'has state if request responds to state' do
-        error = ErrorResponse.from_request stub(:error => :some_error, :state => :hello)
+        error = ErrorResponse.from_request double(:error => :some_error, :state => :hello)
         error.state.should == :hello
       end
     end

data/spec/lib/oauth/helpers/scope_checker_spec.rb CHANGED

@@ -34,8 +34,8 @@ module Doorkeeper::OAuth::Helpers
     end
     it "is false when any of attributes is nil" do
-      ScopeChecker.matches?(nil, stub).should be_false
-      ScopeChecker.matches?(stub, nil).should be_false
+      ScopeChecker.matches?(nil, double).should be_false
+      ScopeChecker.matches?(double, nil).should be_false
     end
   end

data/spec/lib/oauth/password_access_token_request_spec.rb CHANGED

@@ -2,30 +2,46 @@ require 'spec_helper_integration'
 module Doorkeeper::OAuth
   describe PasswordAccessTokenRequest do
-    let(:server) { mock :server, :default_scopes => Doorkeeper::OAuth::Scopes.new, :access_token_expires_in => 2.hours, :refresh_token_enabled? => false }
+    let(:server) { double :server, :default_scopes => Doorkeeper::OAuth::Scopes.new, :access_token_expires_in => 2.hours, :refresh_token_enabled? => false }
+    let(:credentials) { Client::Credentials.new(client.uid, client.secret) }
     let(:client) { FactoryGirl.create(:application) }
-    let(:owner)  { mock :owner, :id => 99 }
+    let(:owner)  { double :owner, :id => 99 }
     subject do
-      PasswordAccessTokenRequest.new(server, client, owner)
+      PasswordAccessTokenRequest.new(server, credentials, owner)
     end
     it 'issues a new token for the client' do
-      expect do
+      expect {
         subject.authorize
-      end.to change { client.access_tokens.count }.by(1)
+      }.to change { client.access_tokens.count }.by(1)
     end
-    it "requires the owner" do
+    it 'issues a new token without a client' do
+      expect {
+        subject.credentials = nil
+        subject.authorize
+      }.to change { Doorkeeper::AccessToken.count }.by(1)
+    end
+    it 'does not issue a new token with an invalid client' do
+      expect {
+        subject.client = nil
+        subject.authorize
+      }.to_not change { Doorkeeper::AccessToken.count }
+      subject.error.should == :invalid_client
+    end
+    it 'requires the owner' do
       subject.resource_owner = nil
       subject.validate
       subject.error.should == :invalid_resource_owner
     end
-    it 'requires the client' do
-      subject.client = nil
-      subject.validate
-      subject.error.should == :invalid_client
+    it 'optionally accepts the client' do
+      subject.credentials = nil
+      subject.should be_valid
     end
     describe "with scopes" do

data/spec/lib/oauth/pre_authorization_spec.rb CHANGED

@@ -2,8 +2,8 @@ require "spec_helper_integration"
 module Doorkeeper::OAuth
   describe PreAuthorization do
-    let(:server) { mock :server, :default_scopes => Scopes.new, :scopes => Scopes.from_string('public') }
-    let(:client) { mock :client, :redirect_uri => 'http://tst.com/auth' }
+    let(:server) { double :server, :default_scopes => Scopes.new, :scopes => Scopes.from_string('public') }
+    let(:client) { double :client, :redirect_uri => 'http://tst.com/auth' }
     let :attributes do
       {

data/spec/lib/oauth/refresh_token_request_spec.rb CHANGED

@@ -2,24 +2,25 @@ require 'spec_helper_integration'
 module Doorkeeper::OAuth
   describe RefreshTokenRequest do
-    let(:server)         { mock :server, :access_token_expires_in => 2.minutes }
+    let(:server)         { double :server, :access_token_expires_in => 2.minutes }
     let!(:refresh_token) { FactoryGirl.create(:access_token, :use_refresh_token => true) }
     let(:client)         { refresh_token.application }
+    let(:credentials)    { Client::Credentials.new(client.uid, client.secret) }
-    subject do
-      RefreshTokenRequest.new server, refresh_token, client
-    end
+    subject {
+      RefreshTokenRequest.new server, refresh_token, credentials
+    }
     it 'issues a new token for the client' do
-      expect do
+      expect {
         subject.authorize
-      end.to change { client.access_tokens.count }.by(1)
+      }.to change { client.access_tokens.count }.by(1)
     end
     it 'revokes the previous token' do
-      expect do
+      expect {
         subject.authorize
-      end.to change { refresh_token.revoked? }.from(false).to(true)
+      }.to change { refresh_token.revoked? }.from(false).to(true)
     end
     it 'requires the refresh token' do
@@ -28,7 +29,7 @@ module Doorkeeper::OAuth
       subject.error.should == :invalid_request
     end
-    it 'requires client' do
+    it 'requires credentials to be valid if provided' do
       subject.client = nil
       subject.validate
       subject.error.should == :invalid_client
@@ -37,7 +38,7 @@ module Doorkeeper::OAuth
     it "requires the token's client and current client to match" do
       subject.client = FactoryGirl.create(:application)
       subject.validate
-      subject.error.should == :invalid_client
+      subject.error.should == :invalid_grant
     end
     it 'rejects revoked tokens' do
@@ -52,5 +53,46 @@ module Doorkeeper::OAuth
       subject.validate
       subject.should be_valid
     end
+    context 'clientless access tokens' do
+      let!(:refresh_token) { FactoryGirl.create(:clientless_access_token, :use_refresh_token => true) }
+      subject {
+        RefreshTokenRequest.new server, refresh_token, nil
+      }
+      it 'issues a new token without a client' do
+        expect {
+          subject.authorize
+        }.to change { Doorkeeper::AccessToken.count }.by(1)
+      end
+    end
+    context 'with scopes' do
+      let!(:refresh_token) { FactoryGirl.create(:access_token, :use_refresh_token => true, :scopes => 'public write') }
+      let(:parameters) { {} }
+      subject {
+        RefreshTokenRequest.new server, refresh_token, credentials, parameters
+      }
+      it 'transfers scopes from the old token to the new token' do
+        subject.authorize
+        Doorkeeper::AccessToken.last.scopes.should == [:public, :write]
+      end
+      it 'reduces scopes to the provided scopes' do
+        parameters[:scopes] = 'public'
+        subject.authorize
+        Doorkeeper::AccessToken.last.scopes.should == [:public]
+      end
+      it 'validates that scopes are included in the original access token' do
+        parameters[:scopes] = 'public update'
+        subject.validate
+        subject.error.should == :invalid_scope
+      end
+    end
   end
 end