doorkeeper 1.0.0.rc1 → 1.0.0.rc2

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 9c87a791f0146a97560be08975e4e0fd05b72e2d
-  data.tar.gz: 19030e24765e04a10ef4338dee46b6d9faf13620
+  metadata.gz: ae8cc51afce1ad54ec55111bb85b4600ca71cb56
+  data.tar.gz: b7428fa37924af29c5966314c80bcc128da798f4
 SHA512:
-  metadata.gz: 1a12c6bec0463233f4b7dd69dfc33f88b2a3b42e94fe9fb9bc542c94aadd51f2c39c29f73921616424493d68bc3100f6f937c032119438e72d9a083a4607c13b
-  data.tar.gz: 1b7ce3260177a092ed16e511750f751ec3f8f172cd372c0b31de46d65eaab2c04a5f7d9524c6344dd5ee73938275651d78181f8a0618fee5fb83cfbd99c9b90b
+  metadata.gz: 1134ce61d519eb471479aa670f14ff152628a899a645d4538aea709a23d9a0214558539ff10b66648a206ffc180d745c822a8603800389b3a1b62b8c1719721a
+  data.tar.gz: 3224e98b3c233acd314699d83aa722f4cf27540e53fdbed9f64e98fff041d55da3f0678496c3bc921a12621e0c709d63cce6e38308dbb008ba9cae0615e70c67

data/.travis.yml

@@ -1,12 +1,16 @@
 language: ruby
+before_install:
+  - gem install bundler -v '= 1.5.1'
 rvm:
   - 1.9.3
   - 2.0.0
+  - 2.1.0
 env:
   - rails=3.1.8
   - rails=3.2.8
-  - rails=3.2.13
-  - rails=4.0.0
+  - rails=3.2.16
+  - rails=4.0.2
+  - rails=4.1.0.beta1
   - orm=mongoid2
   - orm=mongoid3
   - orm=mongo_mapper

data/CHANGELOG.md

@@ -1,6 +1,6 @@
 # Changelog
 
-## 1.0.0.rc1
+## 1.0.0.rc2
 
 - bug (spec)
   - [#228] token response `expires_in` value is now in seconds, relative to
@@ -14,11 +14,13 @@
     the spec.
   - [#329] access tokens' `scopes` string wa being compared against
     `default_scopes` symbols, always unauthorizing.
+  - [#318] Include "WWW-Authenticate" header with Unauthorized responses
 - enhancements
   - [#293] Adds ActionController::Instrumentation in TokensController
+  - [#298] Support for multiple redirect_uris added.
   - [#313] `AccessToken.revoke_all_for` actually revokes all non-revoked
     tokens for an application/owner instead of deleting them.
-    [@bryanrite](https://github.com/bryanrite)
+  - [#333] Rails 4.1 support
 - internals
   - Removes jQuery dependency [fixes #300] [PR #312 is related]
   - [#294] Client uid and secret will be generated only if not present.

data/README.md

@@ -16,8 +16,8 @@ The gem is under constant development. It is based in the [version 22 of the OAu
 
 ## Requirements
 
-- Ruby 1.9.3 or 2.0.0
-- Rails 3.1, 3.2, 4.0
+- Ruby >1.9.3
+- Rails >3.1
 - ORM ActiveRecord, Mongoid 2, Mongoid 3, MongoMapper
 
 ## Installation

data/app/controllers/doorkeeper/token_info_controller.rb

@@ -5,6 +5,7 @@ module Doorkeeper
         render :json => doorkeeper_token, :status => :ok
       else
         error = OAuth::ErrorResponse.new(:name => :invalid_request)
+        response.headers.merge!(error.headers)
         render :json => error.body, :status => error.status
       end
     end

data/app/validators/redirect_uri_validator.rb

@@ -6,11 +6,17 @@ class RedirectUriValidator < ActiveModel::EachValidator
   end
 
   def validate_each(record, attribute, value)
-    uri = ::URI.parse(value)
-    return if test_redirect_uri?(uri)
-    record.errors.add(attribute, :fragment_present) unless uri.fragment.nil?
-    record.errors.add(attribute, :relative_uri) if uri.scheme.nil? || uri.host.nil?
-    record.errors.add(attribute, :has_query_parameter) unless uri.query.nil?
+    if value.blank?
+      record.errors.add(attribute, :blank)
+    else
+      value.split.each do |val|
+        uri = ::URI.parse(val)
+        return if test_redirect_uri?(uri)
+        record.errors.add(attribute, :fragment_present) unless uri.fragment.nil?
+        record.errors.add(attribute, :relative_uri) if uri.scheme.nil? || uri.host.nil?
+        record.errors.add(attribute, :has_query_parameter) unless uri.query.nil?
+      end
+    end
   rescue URI::InvalidURIError
     record.errors.add(attribute, :invalid_uri)
   end

data/app/views/doorkeeper/applications/_form.html.erb

@@ -15,8 +15,9 @@
     <div class="clearfix">
       <%= f.label :redirect_uri %>
       <div class="input">
-        <%= f.text_field :redirect_uri %>
+        <%= f.text_area :redirect_uri %>
         <%= errors_for application, :redirect_uri %>
+        <span class="help-inline">Please use one line per URI.</span>
         <% if Doorkeeper.configuration.test_redirect_uri %>
           <span class="help-inline">Use <%= Doorkeeper.configuration.test_redirect_uri %> for local tests</span>
         <% end %>

data/app/views/doorkeeper/applications/show.html.erb

@@ -5,8 +5,10 @@
 </div>
 
 <div class="span10">
-  <h4>Callback url:</h4>
-  <p><code id="callback_url"><%= @application.redirect_uri %></code></p>
+  <h4>Callback urls:</h4>
+  <p id="callback_url">
+    <% @application.redirect_uri.split.each do |uri| %><code><%= uri %></code> <% end %>
+  </p>
 
   <h4>Application Id:</h4>
   <p><code id="application_id"><%= @application.uid %></code></p>

data/config/locales/en.yml

@@ -55,6 +55,12 @@ en:
 
         # Password Access token errors
         invalid_resource_owner: 'The provided resource owner credentials are not valid, or resource owner cannot be found'
+
+        invalid_token:
+          revoked: "The access token was revoked"
+          expired: "The access token expired"
+          unknown: "The access token is invalid"
+
     flash:
       applications:
         create:

data/lib/doorkeeper.rb

@@ -6,50 +6,42 @@ require "doorkeeper/doorkeeper_for"
 require 'doorkeeper/errors'
 require 'doorkeeper/server'
 require 'doorkeeper/request'
+require "doorkeeper/validations"
+
+require "doorkeeper/oauth/authorization/code"
+require "doorkeeper/oauth/authorization/token"
+require "doorkeeper/oauth/authorization/uri_builder"
+require "doorkeeper/oauth/helpers/scope_checker"
+require "doorkeeper/oauth/helpers/uri_checker"
+require "doorkeeper/oauth/helpers/unique_token"
+
+require "doorkeeper/oauth/scopes"
+require "doorkeeper/oauth/error"
+require "doorkeeper/oauth/code_response"
+require "doorkeeper/oauth/token_response"
+require "doorkeeper/oauth/error_response"
+require "doorkeeper/oauth/pre_authorization"
+require "doorkeeper/oauth/authorization_code_request"
+require "doorkeeper/oauth/refresh_token_request"
+require "doorkeeper/oauth/password_access_token_request"
+require "doorkeeper/oauth/client_credentials_request"
+require "doorkeeper/oauth/code_request"
+require "doorkeeper/oauth/token_request"
+require "doorkeeper/oauth/client"
+require "doorkeeper/oauth/token"
+require "doorkeeper/oauth/invalid_token_response"
+
+require 'doorkeeper/models/scopes'
+require 'doorkeeper/models/expirable'
+require 'doorkeeper/models/revocable'
+require 'doorkeeper/models/accessible'
+
+require "doorkeeper/helpers/filter"
+require "doorkeeper/helpers/controller"
+
+require "doorkeeper/rails/routes"
 
 module Doorkeeper
-  autoload :Validations, "doorkeeper/validations"
-
-  module OAuth
-    autoload :Scopes,                     "doorkeeper/oauth/scopes"
-    autoload :Error,                      "doorkeeper/oauth/error"
-    autoload :CodeResponse,               "doorkeeper/oauth/code_response"
-    autoload :TokenResponse,              "doorkeeper/oauth/token_response"
-    autoload :ErrorResponse,              "doorkeeper/oauth/error_response"
-    autoload :PreAuthorization,           "doorkeeper/oauth/pre_authorization"
-    autoload :AuthorizationCodeRequest,   "doorkeeper/oauth/authorization_code_request"
-    autoload :RefreshTokenRequest,        "doorkeeper/oauth/refresh_token_request"
-    autoload :PasswordAccessTokenRequest, "doorkeeper/oauth/password_access_token_request"
-    autoload :ClientCredentialsRequest,   "doorkeeper/oauth/client_credentials_request"
-    autoload :Authorization,              "doorkeeper/oauth/authorization"
-    autoload :CodeRequest,                "doorkeeper/oauth/code_request"
-    autoload :TokenRequest,               "doorkeeper/oauth/token_request"
-    autoload :Client,                     "doorkeeper/oauth/client"
-    autoload :Token,                      "doorkeeper/oauth/token"
-
-    module Helpers
-      autoload :ScopeChecker, "doorkeeper/oauth/helpers/scope_checker"
-      autoload :URIChecker,   "doorkeeper/oauth/helpers/uri_checker"
-      autoload :UniqueToken,  "doorkeeper/oauth/helpers/unique_token"
-    end
-  end
-
-  module Models
-    autoload :Scopes,     'doorkeeper/models/scopes'
-    autoload :Expirable,  'doorkeeper/models/expirable'
-    autoload :Revocable,  'doorkeeper/models/revocable'
-    autoload :Accessible, 'doorkeeper/models/accessible'
-  end
-
-  module Helpers
-    autoload :Filter, "doorkeeper/helpers/filter"
-    autoload :Controller, "doorkeeper/helpers/controller"
-  end
-
-  module Rails
-    autoload :Routes, "doorkeeper/rails/routes"
-  end
-
   def self.configured?
     @config.present?
   end

data/lib/doorkeeper/config.rb

@@ -68,6 +68,10 @@ module Doorkeeper
       def use_refresh_token
         @config.instance_variable_set("@refresh_token_enabled", true)
       end
+
+      def realm(realm)
+        @config.instance_variable_set("@realm", realm)
+      end
     end
 
     module Option
@@ -154,6 +158,7 @@ module Doorkeeper
     option :orm, :default => :active_record
     option :test_redirect_uri, :default => 'urn:ietf:wg:oauth:2.0:oob'
     option :active_record_options, :default => {}
+    option :realm, :default => "Doorkeeper"
 
     def refresh_token_enabled?
       !!@refresh_token_enabled
@@ -190,5 +195,9 @@ module Doorkeeper
     def access_token_methods
       @access_token_methods ||= [:from_bearer_authorization, :from_access_token_param, :from_bearer_param]
     end
+
+    def realm
+      @realm ||= "Doorkeeper"
+    end
   end
 end

data/lib/doorkeeper/helpers/filter.rb

@@ -6,15 +6,18 @@ module Doorkeeper
           doorkeeper_for = DoorkeeperForBuilder.create_doorkeeper_for(*args)
 
           before_filter doorkeeper_for.filter_options do
-            return if doorkeeper_for.validate_token(doorkeeper_token)
-            # TODO: use ErrorRespose class for this
-            render_options = doorkeeper_unauthorized_render_options
-            if render_options.nil? || render_options.empty?
-              head :unauthorized
-            else
-              render_options[:status] = :unauthorized
-              render_options[:layout] = false if render_options[:layout].nil?
-              render render_options
+            unless doorkeeper_for.validate_token(doorkeeper_token)
+              render_options = doorkeeper_unauthorized_render_options
+              @error = OAuth::InvalidTokenResponse.from_access_token(doorkeeper_token)
+              headers.merge!(@error.headers.reject {|k, v| ['Content-Type'].include? k })
+
+              if render_options.nil? || render_options.empty?
+                head :unauthorized
+              else
+                render_options[:status] = :unauthorized
+                render_options[:layout] = false if render_options[:layout].nil?
+                render render_options
+              end
             end
           end
         end
@@ -26,8 +29,9 @@ module Doorkeeper
       end
 
       def doorkeeper_token
+        return @token if instance_variable_defined?(:@token)
         methods = Doorkeeper.configuration.access_token_methods
-        @token ||= OAuth::Token.authenticate request, *methods
+        @token = OAuth::Token.authenticate request, *methods
       end
 
       def doorkeeper_unauthorized_render_options

data/lib/doorkeeper/oauth/error_response.rb

@@ -36,8 +36,23 @@ module Doorkeeper
         end
       end
 
+      def authenticate_info
+        %{Bearer realm="#{realm}", error="#{name}", error_description="#{description}"}
+      end
+
       def headers
-        { 'Cache-Control' => 'no-store', 'Pragma' => 'no-cache', 'Content-Type' => 'application/json; charset=utf-8' }
+        { 'Cache-Control' => 'no-store',
+          'Pragma' => 'no-cache',
+          'Content-Type' => 'application/json; charset=utf-8',
+          'WWW-Authenticate' => authenticate_info }
+      end
+
+      protected
+
+      delegate :realm, :to => :configuration
+
+      def configuration
+        Doorkeeper.configuration
       end
     end
   end

data/lib/doorkeeper/oauth/helpers/uri_checker.rb

@@ -16,7 +16,7 @@ module Doorkeeper
         end
 
         def self.valid_for_authorization?(url, client_url)
-          valid?(url) && matches?(url, client_url)
+          valid?(url) && client_url.split.any?{|other_url| matches?(url, other_url) }
         end
 
         def self.as_uri(url)

data/lib/doorkeeper/oauth/invalid_token_response.rb

@@ -0,0 +1,27 @@
+module Doorkeeper
+  module OAuth
+    class InvalidTokenResponse < ErrorResponse
+      def self.from_access_token(access_token, attributes = {})
+        reason = case
+          when access_token.try(:revoked?)
+            :revoked
+          when access_token.try(:expired?)
+            :expired
+          else
+            :unknown
+          end
+
+        new(attributes.merge(:reason => reason))
+      end
+
+      def initialize(attributes = {})
+        super(attributes.merge(:name => :invalid_token, :state => :unauthorized))
+        @reason = attributes[:reason] || :unknown
+      end
+
+      def description
+        @description ||= I18n.translate @reason, :scope => [:doorkeeper, :errors, :messages, :invalid_token]
+      end
+    end
+  end
+end

data/lib/doorkeeper/version.rb

@@ -1,3 +1,3 @@
 module Doorkeeper
-  VERSION = '1.0.0.rc1'
+  VERSION = '1.0.0.rc2'
 end

data/lib/generators/doorkeeper/templates/initializer.rb

@@ -64,4 +64,7 @@ Doorkeeper.configure do
   # skip_authorization do |resource_owner, client|
   #   client.superapp? or resource_owner.admin?
   # end
+
+  # WWW-Authenticate Realm (default "Doorkeeper").
+  # realm "Doorkeeper"
 end

data/lib/generators/doorkeeper/templates/migration.rb

@@ -4,7 +4,7 @@ class CreateDoorkeeperTables < ActiveRecord::Migration
       t.string  :name,         :null => false
       t.string  :uid,          :null => false
       t.string  :secret,       :null => false
-      t.string  :redirect_uri, :null => false, :limit => 2048
+      t.text    :redirect_uri, :null => false
       t.timestamps
     end
 
@@ -15,7 +15,7 @@ class CreateDoorkeeperTables < ActiveRecord::Migration
       t.integer  :application_id,    :null => false
       t.string   :token,             :null => false
       t.integer  :expires_in,        :null => false
-      t.string   :redirect_uri,      :null => false, :limit => 2048
+      t.text     :redirect_uri,      :null => false
       t.datetime :created_at,        :null => false
       t.datetime :revoked_at
       t.string   :scopes

data/spec/controllers/protected_resources_controller_spec.rb

@@ -29,6 +29,7 @@ shared_examples "specified for particular actions" do
     it "does not allow into index action" do
       get :index, :access_token => token_string
       expect(response.status).to eq 401
+      expect(response.headers["WWW-Authenticate"]).to match(/^Bearer/)
     end
 
     it "allows into show action" do
@@ -60,6 +61,7 @@ shared_examples "specified with except" do
     it "does not allow into show action" do
       get :show, :id => "14", :access_token => token_string
       expect(response.status).to eq 401
+      expect(response.headers["WWW-Authenticate"]).to match(/^Bearer/)
     end
   end
 end
@@ -102,6 +104,7 @@ describe "Doorkeeper_for helper" do
       Doorkeeper::AccessToken.should_receive(:authenticate).exactly(2).times
       request.env["HTTP_AUTHORIZATION"] = "Bearer #{token_string}"
       get :index
+      controller.send(:remove_instance_variable, :@token)
       get :index
     end
   end
@@ -129,11 +132,13 @@ describe "Doorkeeper_for helper" do
       it "does not allow into index action" do
         get :index, :access_token => token_string
         expect(response.status).to eq 401
+        expect(response.header["WWW-Authenticate"]).to match(/^Bearer/)
       end
 
       it "does not allow into show action" do
         get :show, :id => "4", :access_token => token_string
         expect(response.status).to eq 401
+        expect(response.header["WWW-Authenticate"]).to match(/^Bearer/)
       end
     end
   end
@@ -153,7 +158,6 @@ describe "Doorkeeper_for helper" do
 
       include ControllerActions
     end
-
     include_examples "specified with except"
   end
 
@@ -174,10 +178,11 @@ describe "Doorkeeper_for helper" do
     end
 
     it "does not allow if the token does not include given scope" do
-      token = double(Doorkeeper::AccessToken, :accessible? => true, :scopes => ['public'])
+      token = double(Doorkeeper::AccessToken, :accessible? => true, :scopes => ['public'], :revoked? => false, :expired? => false)
       Doorkeeper::AccessToken.should_receive(:authenticate).with(token_string).and_return(token)
       get :index, :access_token => token_string
       expect(response.status).to eq 401
+      expect(response.header["WWW-Authenticate"]).to match(/^Bearer/)
     end
   end
 
@@ -197,6 +202,7 @@ describe "Doorkeeper_for helper" do
         get :index, :access_token => token_string
         expect(response.status).to eq 401
         expect(response.content_type).to eq('application/json')
+        expect(response.header["WWW-Authenticate"]).to match(/^Bearer/)
         parsed_body = JSON.parse(response.body)
         expect(parsed_body).not_to be_nil
         expect(parsed_body['error']).to eq('Unauthorized')
@@ -213,6 +219,7 @@ describe "Doorkeeper_for helper" do
         get :index, :access_token => token_string
         expect(response.status).to eq 401
         expect(response.content_type).to eq('text/html')
+        expect(response.header["WWW-Authenticate"]).to match(/^Bearer/)
         expect(response.body.should).to eq('Unauthorized')
       end
     end
@@ -256,6 +263,7 @@ describe "Doorkeeper_for helper" do
       it "does not enable access if passed block evaluates to true" do
         get :show, :id => 3, :access_token => token_string
         expect(response.status).to eq 401
+        expect(response.header["WWW-Authenticate"]).to match(/^Bearer/)
       end
     end
   end

data/spec/controllers/token_info_controller_spec.rb

@@ -34,6 +34,7 @@ describe Doorkeeper::TokenInfoController do
       it "responds with 401 when doorkeeper_token is not valid" do
         do_get
         expect(response.status).to eq 401
+        expect(response.headers["WWW-Authenticate"]).to match(/^Bearer/)
       end
 
       it "responds with 401 when doorkeeper_token is invalid, expired or revoked" do
@@ -41,6 +42,7 @@ describe Doorkeeper::TokenInfoController do
         doorkeeper_token.stub(:accessible? => false)
         do_get
         expect(response.status).to eq 401
+        expect(response.headers["WWW-Authenticate"]).to match(/^Bearer/)
       end
 
       it "responds body message for error" do

data/spec/controllers/tokens_controller_spec.rb

@@ -31,6 +31,7 @@ describe Doorkeeper::TokensController do
       token.stub(:error_response => double(:to_json => [], :status => :unauthorized))
       post :create
       expect(response.status).to eq 401
+      expect(response.headers["WWW-Authenticate"]).to match(/Bearer/)
     end
   end
 end

data/spec/dummy/config/application.rb

@@ -20,9 +20,6 @@ module Dummy
     # Application configuration should go into files in config/initializers
     # -- all .rb files in that directory are automatically loaded.
 
-    # Custom directories with classes and modules you want to be autoloadable.
-    # config.autoload_paths += %W(#{config.root}/extras)
-
     # Only load the plugins named here, in the order given (default is alphabetical).
     # :all can be used as a placeholder for all plugins not explicitly named.
     # config.plugins = [ :exception_notification, :ssl_requirement, :all ]

data/spec/dummy/config/initializers/doorkeeper.rb

@@ -53,4 +53,7 @@ Doorkeeper.configure do
   # (Similar behaviour: https://developers.google.com/accounts/docs/OAuth2InstalledApp#choosingredirecturi)
   #
   # test_redirect_uri 'urn:ietf:wg:oauth:2.0:oob'
+
+  # WWW-Authenticate Realm (default "Doorkeeper").
+  realm "Doorkeeper"
 end

data/spec/dummy/db/schema.rb

@@ -18,7 +18,7 @@ ActiveRecord::Schema.define(:version => 20130902175349) do
     t.integer  "application_id",                    :null => false
     t.string   "token",                             :null => false
     t.integer  "expires_in",                        :null => false
-    t.string   "redirect_uri",      :limit => 2048, :null => false
+    t.text     "redirect_uri",                      :null => false
     t.datetime "created_at",                        :null => false
     t.datetime "revoked_at"
     t.string   "scopes"
@@ -45,7 +45,7 @@ ActiveRecord::Schema.define(:version => 20130902175349) do
     t.string   "name",                         :null => false
     t.string   "uid",                          :null => false
     t.string   "secret",                       :null => false
-    t.string   "redirect_uri", :limit => 2048, :null => false
+    t.text     "redirect_uri",                 :null => false
     t.datetime "created_at",                   :null => false
     t.datetime "updated_at",                   :null => false
     t.integer  "owner_id"

data/spec/lib/config_spec.rb

@@ -153,6 +153,20 @@ describe Doorkeeper, "configuration" do
 
   end
 
+  describe "realm" do
+    it "is \"Doorkeeper\" by default" do
+      Doorkeeper.configuration.realm.should == "Doorkeeper"
+    end
+
+    it "can change the value" do
+      Doorkeeper.configure {
+        orm DOORKEEPER_ORM
+        realm "Example"
+      }
+      subject.realm.should == "Example"
+    end
+  end
+
   it 'raises an exception when configuration is not set' do
     old_config = Doorkeeper.configuration
     Doorkeeper.module_eval do

data/spec/lib/oauth/error_response_spec.rb

@@ -36,5 +36,19 @@ module Doorkeeper::OAuth
       its(:body) { should have_key(:error_description) }
       its(:body) { should have_key(:state) }
     end
+
+    describe '.authenticate_info' do
+      subject { ErrorResponse.new(:name => :some_error, :state => :some_state) }
+
+      its(:authenticate_info) { should include("realm=\"#{subject.realm}\"") }
+      its(:authenticate_info) { should include("error=\"#{subject.name}\"") }
+      its(:authenticate_info) { should include("error_description=\"#{subject.description}\"") }
+    end
+
+    describe '.headers' do
+      subject { ErrorResponse.new(:name => :some_error, :state => :some_state) }
+
+      its(:headers) { should include "WWW-Authenticate" }
+    end
   end
 end

data/spec/lib/oauth/helpers/uri_checker_spec.rb

@@ -59,6 +59,24 @@ module Doorkeeper::OAuth::Helpers
         uri = client_uri = 'http://app.co/aaa'
         URIChecker.valid_for_authorization?(uri, client_uri).should be_true
       end
+
+      it "is false if valid and mismatches" do
+        uri = 'http://app.co/aaa'
+        client_uri = 'http://app.co/bbb'
+        URIChecker.valid_for_authorization?(uri, client_uri).should be_false
+      end
+
+      it "is true if valid and included in array" do
+        uri = 'http://app.co/aaa'
+        client_uri = "http://example.com/bbb\nhttp://app.co/aaa"
+        URIChecker.valid_for_authorization?(uri, client_uri).should be_true
+      end
+
+      it "is false if valid and not included in array" do
+        uri = 'http://app.co/aaa'
+        client_uri = "http://example.com/bbb\nhttp://app.co/cc"
+        URIChecker.valid_for_authorization?(uri, client_uri).should be_false
+      end
     end
   end
 end

data/spec/lib/oauth/invalid_token_response_spec.rb

@@ -0,0 +1,23 @@
+require 'spec_helper'
+require 'active_model'
+require 'doorkeeper'
+require 'doorkeeper/oauth/invalid_token_response'
+
+module Doorkeeper::OAuth
+  describe InvalidTokenResponse do
+    its(:name)  { should == :invalid_token }
+    its(:status) { should == :unauthorized }
+
+    describe :from_access_token do
+      it 'revoked' do
+        response = InvalidTokenResponse.from_access_token double(:revoked? => true, :expired? => true)
+        response.description.should include("revoked")
+      end
+
+      it 'expired' do
+        response = InvalidTokenResponse.from_access_token double(:revoked? => false, :expired? => true)
+        response.description.should include("expired")
+      end
+    end
+  end
+end

data/spec/requests/protected_resources/private_api_spec.rb

@@ -50,7 +50,7 @@ feature 'Private API' do
 
   scenario 'access token with default scope' do
     default_scopes_exist :admin
-    @token.update_column :scopes, :admin
+    @token.update_column :scopes, 'admin'
     with_access_token_header @token.token
     visit '/full_protected_resources/1.json'
     page.body.should have_content("show")

data/spec/support/shared/controllers_shared_context.rb

@@ -18,7 +18,7 @@ shared_context "invalid token", :token => :invalid do
   end
 
   let :token do
-    double(Doorkeeper::AccessToken, :accessible? => false)
+    double(Doorkeeper::AccessToken, :accessible? => false, :revoked? => false, :expired? => false)
   end
 
   before :each do

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: doorkeeper
 version: !ruby/object:Gem::Version
-  version: 1.0.0.rc1
+  version: 1.0.0.rc2
 platform: ruby
 authors:
 - Felipe Elias Philipp
@@ -9,132 +9,132 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2013-12-11 00:00:00.000000000 Z
+date: 2014-01-09 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: railties
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - '>='
+    - - ">="
       - !ruby/object:Gem::Version
         version: '3.1'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - '>='
+    - - ">="
       - !ruby/object:Gem::Version
         version: '3.1'
 - !ruby/object:Gem::Dependency
   name: sqlite3
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
         version: 1.3.5
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
         version: 1.3.5
 - !ruby/object:Gem::Dependency
   name: rspec-rails
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - '>='
+    - - ">="
       - !ruby/object:Gem::Version
         version: 2.11.4
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - '>='
+    - - ">="
       - !ruby/object:Gem::Version
         version: 2.11.4
 - !ruby/object:Gem::Dependency
   name: capybara
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
         version: 1.1.2
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
         version: 1.1.2
 - !ruby/object:Gem::Dependency
   name: generator_spec
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
         version: 0.9.0
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
         version: 0.9.0
 - !ruby/object:Gem::Dependency
   name: factory_girl
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
         version: 2.6.4
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
         version: 2.6.4
 - !ruby/object:Gem::Dependency
   name: timecop
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
         version: 0.5.2
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
         version: 0.5.2
 - !ruby/object:Gem::Dependency
   name: database_cleaner
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
         version: 0.9.1
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
         version: 0.9.1
 - !ruby/object:Gem::Dependency
   name: bcrypt-ruby
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
         version: 3.0.1
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
         version: 3.0.1
 description: Doorkeeper is an OAuth 2 provider for Rails.
@@ -145,9 +145,9 @@ executables: []
 extensions: []
 extra_rdoc_files: []
 files:
-- .gitignore
-- .rspec
-- .travis.yml
+- ".gitignore"
+- ".rspec"
+- ".travis.yml"
 - CHANGELOG.md
 - Gemfile
 - MIT-LICENSE
@@ -206,7 +206,6 @@ files:
 - lib/doorkeeper/models/ownership.rb
 - lib/doorkeeper/models/revocable.rb
 - lib/doorkeeper/models/scopes.rb
-- lib/doorkeeper/oauth/authorization.rb
 - lib/doorkeeper/oauth/authorization/code.rb
 - lib/doorkeeper/oauth/authorization/token.rb
 - lib/doorkeeper/oauth/authorization/uri_builder.rb
@@ -225,6 +224,7 @@ files:
 - lib/doorkeeper/oauth/helpers/scope_checker.rb
 - lib/doorkeeper/oauth/helpers/unique_token.rb
 - lib/doorkeeper/oauth/helpers/uri_checker.rb
+- lib/doorkeeper/oauth/invalid_token_response.rb
 - lib/doorkeeper/oauth/password_access_token_request.rb
 - lib/doorkeeper/oauth/pre_authorization.rb
 - lib/doorkeeper/oauth/refresh_token_request.rb
@@ -329,6 +329,7 @@ files:
 - spec/lib/oauth/helpers/scope_checker_spec.rb
 - spec/lib/oauth/helpers/unique_token_spec.rb
 - spec/lib/oauth/helpers/uri_checker_spec.rb
+- spec/lib/oauth/invalid_token_response_spec.rb
 - spec/lib/oauth/password_access_token_request_spec.rb
 - spec/lib/oauth/pre_authorization_spec.rb
 - spec/lib/oauth/refresh_token_request_spec.rb
@@ -383,17 +384,17 @@ require_paths:
 - lib
 required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
-  - - '>='
+  - - ">="
     - !ruby/object:Gem::Version
       version: '0'
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
-  - - '>'
+  - - ">"
     - !ruby/object:Gem::Version
       version: 1.3.1
 requirements: []
 rubyforge_project: 
-rubygems_version: 2.0.14
+rubygems_version: 2.2.0
 signing_key: 
 specification_version: 4
 summary: Doorkeeper is an OAuth 2 provider for Rails.

data/lib/doorkeeper/oauth/authorization.rb

@@ -1,10 +0,0 @@
-module Doorkeeper
-  module OAuth
-    # TODO: move this to doorkeeper.rb
-    module Authorization
-      autoload :Code,       "doorkeeper/oauth/authorization/code"
-      autoload :Token,      "doorkeeper/oauth/authorization/token"
-      autoload :URIBuilder, "doorkeeper/oauth/authorization/uri_builder"
-    end
-  end
-end