doorkeeper 1.0.0 → 1.1.0

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.

This version of doorkeeper might be problematic. Click here for more details.

Files changed (53) hide show
  1. checksums.yaml +4 -4
  2. data/.gitignore +1 -1
  3. data/.travis.yml +3 -3
  4. data/CHANGELOG.md +9 -0
  5. data/Gemfile +5 -1
  6. data/README.md +33 -15
  7. data/app/assets/stylesheets/doorkeeper/admin/application.css +14 -0
  8. data/app/assets/stylesheets/doorkeeper/application.css +50 -4
  9. data/app/controllers/doorkeeper/applications_controller.rb +1 -0
  10. data/app/helpers/doorkeeper/form_errors_helper.rb +5 -3
  11. data/app/views/doorkeeper/applications/_delete_form.html.erb +3 -14
  12. data/app/views/doorkeeper/applications/_form.html.erb +29 -27
  13. data/app/views/doorkeeper/applications/edit.html.erb +3 -11
  14. data/app/views/doorkeeper/applications/index.html.erb +24 -31
  15. data/app/views/doorkeeper/applications/new.html.erb +3 -11
  16. data/app/views/doorkeeper/applications/show.html.erb +31 -21
  17. data/app/views/doorkeeper/authorizations/error.html.erb +6 -5
  18. data/app/views/doorkeeper/authorizations/new.html.erb +21 -18
  19. data/app/views/doorkeeper/authorizations/show.html.erb +6 -3
  20. data/app/views/doorkeeper/authorized_applications/_delete_form.html.erb +5 -0
  21. data/app/views/doorkeeper/authorized_applications/index.html.erb +19 -19
  22. data/app/views/layouts/doorkeeper/admin.html.erb +34 -0
  23. data/app/views/layouts/doorkeeper/application.html.erb +13 -22
  24. data/lib/doorkeeper/config.rb +15 -4
  25. data/lib/doorkeeper/helpers/filter.rb +1 -1
  26. data/lib/doorkeeper/models/active_record/access_grant.rb +1 -1
  27. data/lib/doorkeeper/models/active_record/access_token.rb +1 -1
  28. data/lib/doorkeeper/models/active_record/application.rb +2 -2
  29. data/lib/doorkeeper/models/application.rb +2 -1
  30. data/lib/doorkeeper/models/mongoid/version.rb +15 -0
  31. data/lib/doorkeeper/models/{mongoid3 → mongoid3_4}/access_grant.rb +8 -1
  32. data/lib/doorkeeper/models/{mongoid3 → mongoid3_4}/access_token.rb +8 -1
  33. data/lib/doorkeeper/models/{mongoid3 → mongoid3_4}/application.rb +0 -0
  34. data/lib/doorkeeper/oauth/error_response.rb +2 -1
  35. data/lib/doorkeeper/oauth/helpers/uri_checker.rb +7 -2
  36. data/lib/doorkeeper/version.rb +1 -1
  37. data/lib/generators/doorkeeper/templates/initializer.rb +5 -0
  38. data/spec/dummy/app/models/user.rb +1 -1
  39. data/spec/dummy/config/application.rb +1 -1
  40. data/spec/dummy/config/environments/development.rb +2 -3
  41. data/spec/dummy/config/environments/production.rb +2 -0
  42. data/spec/dummy/config/environments/test.rb +8 -0
  43. data/spec/dummy/config/mongoid4.yml +18 -0
  44. data/spec/lib/config_spec.rb +5 -0
  45. data/spec/lib/oauth/helpers/uri_checker_spec.rb +45 -0
  46. data/spec/requests/applications/applications_request_spec.rb +4 -4
  47. data/spec/requests/flows/authorization_code_spec.rb +1 -1
  48. data/spec/requests/flows/client_credentials_spec.rb +1 -1
  49. data/spec/spec_helper_integration.rb +6 -0
  50. data/spec/support/helpers/request_spec_helper.rb +4 -0
  51. data/vendor/assets/stylesheets/doorkeeper/bootstrap.min.css +7 -356
  52. metadata +10 -6
  53. data/app/assets/stylesheets/doorkeeper/form.css +0 -13
data/app/views/doorkeeper/applications/show.html.erb CHANGED
@@ -1,28 +1,38 @@
1
- <div class="span16">
2
- <header class="page-header">
3
- <h1>Application: <%= @application.name %></h1>
4
- </header>
1
+ <div class="page-header">
2
+ <h1>Application: <%= @application.name %></h1>
5
3
  </div>
6
4
 
7
- <div class="span10">
8
- <h4>Callback urls:</h4>
9
- <p id="callback_url">
10
- <% @application.redirect_uri.split.each do |uri| %><code><%= uri %></code> <% end %>
11
- </p>
5
+ <div class="row">
6
+ <div class="col-md-8">
7
+ <h4>Application Id:</h4>
12
8
 
13
- <h4>Application Id:</h4>
14
- <p><code id="application_id"><%= @application.uid %></code></p>
9
+ <p><code id="application_id"><%= @application.uid %></code></p>
15
10
 
16
- <h4>Secret:</h4>
17
- <p><code id="secret"><%= @application.secret %></code></p>
11
+ <h4>Secret:</h4>
18
12
 
19
- <h4>Link to authorization code:</h4>
20
- <p><%= link_to 'Authorize', oauth_authorization_path(:client_id => @application.uid, :redirect_uri => @application.redirect_uri, :response_type => 'code' ) %></p>
21
- </div>
13
+ <p><code id="secret"><%= @application.secret %></code></p>
14
+
15
+ <h4>Callback urls:</h4>
16
+
17
+ <table>
18
+ <% @application.redirect_uri.split.each do |uri| %>
19
+ <tr>
20
+ <td>
21
+ <code><%= uri %></code>
22
+ </td>
23
+ <td>
24
+ <%= link_to 'Authorize', oauth_authorization_path(:client_id => @application.uid, :redirect_uri => uri, :response_type => 'code'), class: 'btn btn-success', target: '_blank' %>
25
+ </td>
26
+ </tr>
27
+ <% end %>
28
+ </table>
29
+ </div>
30
+
31
+ <div class="col-md-4">
32
+ <h3>Actions</h3>
33
+
34
+ <p><%= link_to 'Edit', edit_oauth_application_path(@application), class: 'btn btn-primary' %></p>
22
35
 
23
- <div class="span6">
24
- <h3>Actions</h3>
25
- <p><%= link_to 'List all', oauth_applications_path %></p>
26
- <p><%= link_to 'Edit', edit_oauth_application_path(@application) %></p>
27
- <p><%= render 'delete_form', application: @application %></p>
36
+ <p><%= render 'delete_form', application: @application, submit_btn_css: 'btn btn-danger' %></p>
37
+ </div>
28
38
  </div>
data/app/views/doorkeeper/authorizations/error.html.erb CHANGED
@@ -1,6 +1,7 @@
1
- <div class="span16">
2
- <h2>An error has occurred</h2>
3
- <p>
4
- <pre><%= @pre_auth.error_response.body[:error_description] %></pre>
5
- </p>
1
+ <div class="page-header">
2
+ <h1>An error has occurred</h1>
6
3
  </div>
4
+
5
+ <main role="main">
6
+ <pre><%= @pre_auth.error_response.body[:error_description] %></pre>
7
+ </main>
data/app/views/doorkeeper/authorizations/new.html.erb CHANGED
@@ -1,37 +1,40 @@
1
- <div class="span16">
2
- <h2>Authorize <%= @pre_auth.client.name %> to use your account?</h2>
3
- </div>
1
+ <header class="page-header" role="banner">
2
+ <h1>Authorize required</h1>
3
+ </header>
4
4
 
5
- <div class="span16">
6
- <% if @pre_auth.scopes %>
7
- <p>
8
- This application will be able to:
5
+ <main role="main">
6
+ <p class="h4">
7
+ Authorize <strong class="text-info"><%= @pre_auth.client.name %></strong> to use your account?
9
8
  </p>
10
- <ul>
11
- <% @pre_auth.scopes.each do |scope| %>
12
- <li><%= t scope, :scope => [:doorkeeper, :scopes] %></li>
13
- <% end %>
14
- </ul>
9
+
10
+ <% if @pre_auth.scopes %>
11
+ <div id="oauth-permissions">
12
+ <p>This application will be able to:</p>
13
+
14
+ <ul class="text-info">
15
+ <% @pre_auth.scopes.each do |scope| %>
16
+ <li><%= t scope, :scope => [:doorkeeper, :scopes] %></li>
17
+ <% end %>
18
+ </ul>
19
+ </div>
15
20
  <% end %>
16
21
 
17
- <div class="inline_block">
22
+ <div class="actions">
18
23
  <%= form_tag oauth_authorization_path, :method => :post do %>
19
24
  <%= hidden_field_tag :client_id, @pre_auth.client.uid %>
20
25
  <%= hidden_field_tag :redirect_uri, @pre_auth.redirect_uri %>
21
26
  <%= hidden_field_tag :state, @pre_auth.state %>
22
27
  <%= hidden_field_tag :response_type, @pre_auth.response_type %>
23
28
  <%= hidden_field_tag :scope, @pre_auth.scope %>
24
- <%= submit_tag "Authorize", :class => "btn success" %> or
29
+ <%= submit_tag "Authorize", :class => "btn btn-success btn-lg btn-block" %>
25
30
  <% end %>
26
- </div>
27
- <div class="inline_block">
28
31
  <%= form_tag oauth_authorization_path, :method => :delete do %>
29
32
  <%= hidden_field_tag :client_id, @pre_auth.client.uid %>
30
33
  <%= hidden_field_tag :redirect_uri, @pre_auth.redirect_uri %>
31
34
  <%= hidden_field_tag :state, @pre_auth.state %>
32
35
  <%= hidden_field_tag :response_type, @pre_auth.response_type %>
33
36
  <%= hidden_field_tag :scope, @pre_auth.scope %>
34
- <%= submit_tag "Deny", :class => "btn" %>
37
+ <%= submit_tag "Deny", :class => "btn btn-danger btn-lg btn-block" %>
35
38
  <% end %>
36
39
  </div>
37
- </div>
40
+ </main>
data/app/views/doorkeeper/authorizations/show.html.erb CHANGED
@@ -1,4 +1,7 @@
1
- <div class="span16">
2
- <h3>Authorization code:</h3>
1
+ <header class="page-header">
2
+ <h1>Authorization code:</h1>
3
+ </header>
4
+
5
+ <main role="main">
3
6
  <code id="authorization_code"><%= params[:code] %></code>
4
- </div>
7
+ </main>
data/app/views/doorkeeper/authorized_applications/_delete_form.html.erb ADDED
@@ -0,0 +1,5 @@
1
+ <%- submit_btn_css ||= 'btn btn-link' %>
2
+ <%= form_tag oauth_authorized_application_path(application) do %>
3
+ <input type="hidden" name="_method" value="delete">
4
+ <%= submit_tag 'Revoke', onclick: "return confirm('Are you sure?')", class: submit_btn_css %>
5
+ <% end %>
data/app/views/doorkeeper/authorized_applications/index.html.erb CHANGED
@@ -1,25 +1,25 @@
1
- <div class="span16">
2
- <header class="page-header">
3
- <h2>Your authorized applications</h2>
4
- </header>
1
+ <header class="page-header">
2
+ <h1>Your authorized applications</h1>
3
+ </header>
5
4
 
6
- <table class="zebra-striped">
5
+ <main role="main">
6
+ <table class="table table-striped">
7
7
  <thead>
8
- <tr>
9
- <th>Application</th>
10
- <th>Created At</th>
11
- <th></th>
12
- <th></th>
13
- </tr>
8
+ <tr>
9
+ <th>Application</th>
10
+ <th>Created At</th>
11
+ <th></th>
12
+ <th></th>
13
+ </tr>
14
14
  </thead>
15
15
  <tbody>
16
- <% @applications.each do |application| %>
17
- <tr>
18
- <td><%= application.name %></td>
19
- <td><%= application.created_at %></td>
20
- <td><%= link_to 'Revoke', oauth_authorized_application_path(application), :data => { :confirm => 'Are you sure?' }, :method => :delete, :class => 'btn danger' %></td>
21
- </tr>
22
- <% end %>
16
+ <% @applications.each do |application| %>
17
+ <tr>
18
+ <td><%= application.name %></td>
19
+ <td><%= application.created_at.strftime('%Y-%m-%d %H:%M:%S') %></td>
20
+ <td><%= render 'delete_form', application: application %></td>
21
+ </tr>
22
+ <% end %>
23
23
  </tbody>
24
24
  </table>
25
- </div>
25
+ </main>
data/app/views/layouts/doorkeeper/admin.html.erb ADDED
@@ -0,0 +1,34 @@
1
+ <!DOCTYPE html>
2
+ <html>
3
+ <head>
4
+ <meta charset="utf-8">
5
+ <meta http-equiv="X-UA-Compatible" content="IE=edge">
6
+ <meta name="viewport" content="width=device-width, initial-scale=1.0">
7
+ <title>Doorkeeper</title>
8
+ <%= stylesheet_link_tag "doorkeeper/admin/application" %>
9
+ <%= csrf_meta_tags %>
10
+ </head>
11
+ <body>
12
+ <div class="navbar navbar-inverse navbar-fixed-top" role="navigation">
13
+ <div class="container">
14
+ <div class="navbar-header">
15
+ <%= link_to 'OAuth2 Provider', oauth_applications_path, class: 'navbar-brand' %>
16
+ </div>
17
+ <ul class="nav navbar-nav">
18
+ <%= content_tag :li, class: "#{'active' if request.path == oauth_applications_path}" do %>
19
+ <%= link_to 'Applications', oauth_applications_path %>
20
+ <% end %>
21
+ </ul>
22
+ </div>
23
+ </div>
24
+ <div class="container">
25
+ <%- if flash[:notice].present? %>
26
+ <div class="alert alert-info">
27
+ <%= flash[:notice] %>
28
+ </div>
29
+ <% end -%>
30
+
31
+ <%= yield %>
32
+ </div>
33
+ </body>
34
+ </html>
data/app/views/layouts/doorkeeper/application.html.erb CHANGED
@@ -1,32 +1,23 @@
1
1
  <!DOCTYPE html>
2
2
  <html>
3
3
  <head>
4
- <title>Doorkeeper</title>
5
- <%= stylesheet_link_tag "doorkeeper/application" %>
4
+ <title>OAuth authorize required</title>
5
+ <meta charset="utf-8">
6
+ <meta http-equiv="X-UA-Compatible" content="IE=edge">
7
+ <meta name="viewport" content="width=device-width, initial-scale=1.0">
8
+
9
+ <%= stylesheet_link_tag "doorkeeper/application" %>
6
10
  <%= csrf_meta_tags %>
7
11
  </head>
8
12
  <body>
9
- <section id="main" class="container">
10
- <div class="topbar">
11
- <div class="fill">
12
- <div class="container">
13
- <span class="brand">
14
- OAuth2 Provider
15
- </span>
16
- </div>
17
- </div>
13
+ <div id="container">
14
+ <%- if flash[:notice].present? %>
15
+ <div class="alert alert-info">
16
+ <%= flash[:notice] %>
18
17
  </div>
19
- <div class="content">
20
- <div class="row">
21
- <% flash.each do |key, message| %>
22
- <div class="span16">
23
- <div class="alert-message <%= key %>" data-alert><a class="close" href="#">×</a><p><%= message %></p></div>
24
- </div>
25
- <% end %>
18
+ <% end -%>
26
19
 
27
- <%= yield %>
28
- </div>
29
- </div>
30
- </section>
20
+ <%= yield %>
21
+ </div>
31
22
  </body>
32
23
  </html>
data/lib/doorkeeper/config.rb CHANGED
@@ -15,10 +15,20 @@ module Doorkeeper
15
15
  @config || (raise MissingConfiguration.new)
16
16
  end
17
17
 
18
+ def self.orm_model_dir
19
+ case configuration.orm
20
+ when :mongoid3, :mongoid4
21
+ "mongoid3_4"
22
+ else
23
+ configuration.orm
24
+ end
25
+
26
+ end
27
+
18
28
  def self.enable_orm
19
- require "doorkeeper/models/#{@config.orm}/access_grant"
20
- require "doorkeeper/models/#{@config.orm}/access_token"
21
- require "doorkeeper/models/#{@config.orm}/application"
29
+ require "doorkeeper/models/#{orm_model_dir}/access_grant"
30
+ require "doorkeeper/models/#{orm_model_dir}/access_token"
31
+ require "doorkeeper/models/#{orm_model_dir}/application"
22
32
  require 'doorkeeper/models/access_grant'
23
33
  require 'doorkeeper/models/access_token'
24
34
  require 'doorkeeper/models/application'
@@ -159,6 +169,7 @@ module Doorkeeper
159
169
  option :test_redirect_uri, :default => 'urn:ietf:wg:oauth:2.0:oob'
160
170
  option :active_record_options, :default => {}
161
171
  option :realm, :default => "Doorkeeper"
172
+ option :wildcard_redirect_uri, :default => false
162
173
 
163
174
  def refresh_token_enabled?
164
175
  !!@refresh_token_enabled
@@ -185,7 +196,7 @@ module Doorkeeper
185
196
  end
186
197
 
187
198
  def orm_name
188
- [:mongoid2, :mongoid3].include?(orm) ? :mongoid : orm
199
+ [:mongoid2, :mongoid3, :mongoid4].include?(orm) ? :mongoid : orm
189
200
  end
190
201
 
191
202
  def client_credentials_methods
data/lib/doorkeeper/helpers/filter.rb CHANGED
@@ -7,9 +7,9 @@ module Doorkeeper
7
7
 
8
8
  before_filter doorkeeper_for.filter_options do
9
9
  unless doorkeeper_for.validate_token(doorkeeper_token)
10
- render_options = doorkeeper_unauthorized_render_options
11
10
  @error = OAuth::InvalidTokenResponse.from_access_token(doorkeeper_token)
12
11
  headers.merge!(@error.headers.reject {|k, v| ['Content-Type'].include? k })
12
+ render_options = doorkeeper_unauthorized_render_options
13
13
 
14
14
  if render_options.nil? || render_options.empty?
15
15
  head :unauthorized
data/lib/doorkeeper/models/active_record/access_grant.rb CHANGED
@@ -4,6 +4,6 @@ module Doorkeeper
4
4
  establish_connection Doorkeeper.configuration.active_record_options[:establish_connection]
5
5
  end
6
6
 
7
- self.table_name = :oauth_access_grants
7
+ self.table_name = "#{self.table_name_prefix}oauth_access_grants#{self.table_name_suffix}".to_sym
8
8
  end
9
9
  end
data/lib/doorkeeper/models/active_record/access_token.rb CHANGED
@@ -4,7 +4,7 @@ module Doorkeeper
4
4
  establish_connection Doorkeeper.configuration.active_record_options[:establish_connection]
5
5
  end
6
6
 
7
- self.table_name = :oauth_access_tokens
7
+ self.table_name = "#{self.table_name_prefix}oauth_access_tokens#{self.table_name_suffix}".to_sym
8
8
 
9
9
  def self.delete_all_for(application_id, resource_owner)
10
10
  where(:application_id => application_id,
data/lib/doorkeeper/models/active_record/application.rb CHANGED
@@ -4,7 +4,7 @@ module Doorkeeper
4
4
  establish_connection Doorkeeper.configuration.active_record_options[:establish_connection]
5
5
  end
6
6
 
7
- self.table_name = :oauth_applications
7
+ self.table_name = "#{self.table_name_prefix}oauth_applications#{self.table_name_suffix}".to_sym
8
8
 
9
9
  if ActiveRecord::VERSION::MAJOR >= 4
10
10
  has_many :authorized_tokens, -> { where(revoked_at: nil) }, class_name: "AccessToken"
@@ -19,7 +19,7 @@ module Doorkeeper
19
19
 
20
20
  def self.authorized_for(resource_owner)
21
21
  joins(:authorized_applications)
22
- .where(oauth_access_tokens: { resource_owner_id: resource_owner.id, revoked_at: nil })
22
+ .where(Doorkeeper::AccessToken.table_name => { resource_owner_id: resource_owner.id, revoked_at: nil })
23
23
  .group(column_names_with_table.join(','))
24
24
  end
25
25
  end
data/lib/doorkeeper/models/application.rb CHANGED
@@ -5,10 +5,11 @@ module Doorkeeper
5
5
  has_many :access_grants, :dependent => :destroy, :class_name => "Doorkeeper::AccessGrant"
6
6
  has_many :access_tokens, :dependent => :destroy, :class_name => "Doorkeeper::AccessToken"
7
7
 
8
- validates :name, :secret, :uid, :redirect_uri, :presence => true
8
+ validates :name, :secret, :uid, :presence => true
9
9
  validates :uid, :uniqueness => true
10
10
  validates :redirect_uri, :redirect_uri => true
11
11
 
12
+
12
13
  before_validation :generate_uid, :generate_secret, :on => :create
13
14
 
14
15
  if ::Rails.version.to_i < 4 || defined?(ProtectedAttributes)
data/lib/doorkeeper/models/mongoid/version.rb ADDED
@@ -0,0 +1,15 @@
1
+ module Doorkeeper
2
+ module Models
3
+ module Mongoid
4
+ module Version
5
+ def mongoid3?
6
+ ::Mongoid::VERSION.starts_with?("3")
7
+ end
8
+
9
+ def mongoid4?
10
+ ::Mongoid::VERSION.starts_with?("4")
11
+ end
12
+ end
13
+ end
14
+ end
15
+ end
data/lib/doorkeeper/models/{mongoid3 → mongoid3_4}/access_grant.rb RENAMED
@@ -1,5 +1,6 @@
1
1
  require 'doorkeeper/models/mongoid/revocable'
2
2
  require 'doorkeeper/models/mongoid/scopes'
3
+ require 'doorkeeper/models/mongoid/version'
3
4
 
4
5
  module Doorkeeper
5
6
  class AccessGrant
@@ -7,10 +8,16 @@ module Doorkeeper
7
8
  include Mongoid::Timestamps
8
9
  include Doorkeeper::Models::Mongoid::Revocable
9
10
  include Doorkeeper::Models::Mongoid::Scopes
11
+ extend Doorkeeper::Models::Mongoid::Version
10
12
 
11
13
  self.store_in collection: :oauth_access_grants
12
14
 
13
- field :resource_owner_id, :type => Moped::BSON::ObjectId
15
+ if defined?(Moped::BSON)
16
+ field :resource_owner_id, :type => Moped::BSON::ObjectId
17
+ else
18
+ field :resource_owner_id, :type => BSON::ObjectId
19
+ end
20
+
14
21
  field :application_id, :type => Hash
15
22
  field :token, :type => String
16
23
  field :expires_in, :type => Integer
data/lib/doorkeeper/models/{mongoid3 → mongoid3_4}/access_token.rb RENAMED
@@ -1,5 +1,6 @@
1
1
  require 'doorkeeper/models/mongoid/revocable'
2
2
  require 'doorkeeper/models/mongoid/scopes'
3
+ require 'doorkeeper/models/mongoid/version'
3
4
 
4
5
  module Doorkeeper
5
6
  class AccessToken
@@ -7,10 +8,16 @@ module Doorkeeper
7
8
  include Mongoid::Timestamps
8
9
  include Doorkeeper::Models::Mongoid::Revocable
9
10
  include Doorkeeper::Models::Mongoid::Scopes
11
+ extend Doorkeeper::Models::Mongoid::Version
10
12
 
11
13
  self.store_in collection: :oauth_access_tokens
12
14
 
13
- field :resource_owner_id, :type => Moped::BSON::ObjectId
15
+ if defined?(Moped::BSON)
16
+ field :resource_owner_id, :type => Moped::BSON::ObjectId
17
+ else
18
+ field :resource_owner_id, :type => BSON::ObjectId
19
+ end
20
+
14
21
  field :token, :type => String
15
22
  field :expires_in, :type => Integer
16
23
  field :revoked_at, :type => DateTime