RubyGems - doorkeeper - Versions diffs - 1.1.0 → 1.2.0 - Mend

doorkeeper 1.1.0 → 1.2.0

Potentially problematic release.

This version of doorkeeper might be problematic. Click here for more details.

Files changed (161) hide show

checksums.yaml +4 -4
data/.travis.yml +2 -2
data/CHANGELOG.md +14 -2
data/README.md +93 -42
data/app/controllers/doorkeeper/application_controller.rb +1 -1
data/app/controllers/doorkeeper/applications_controller.rb +4 -4
data/app/controllers/doorkeeper/authorizations_controller.rb +3 -3
data/app/controllers/doorkeeper/authorized_applications_controller.rb +1 -1
data/app/controllers/doorkeeper/token_info_controller.rb +3 -3
data/app/controllers/doorkeeper/tokens_controller.rb +29 -2
data/app/helpers/doorkeeper/form_errors_helper.rb +2 -2
data/app/validators/redirect_uri_validator.rb +1 -1
data/app/views/doorkeeper/applications/_form.html.erb +3 -3
data/app/views/doorkeeper/applications/edit.html.erb +1 -1
data/app/views/doorkeeper/applications/new.html.erb +1 -1
data/app/views/doorkeeper/applications/show.html.erb +1 -1
data/app/views/doorkeeper/authorizations/new.html.erb +5 -5
data/doorkeeper.gemspec +1 -1
data/lib/doorkeeper.rb +31 -31
data/lib/doorkeeper/config.rb +66 -37
data/lib/doorkeeper/doorkeeper_for.rb +6 -3
data/lib/doorkeeper/engine.rb +2 -2
data/lib/doorkeeper/helpers/controller.rb +9 -9
data/lib/doorkeeper/helpers/filter.rb +1 -1
data/lib/doorkeeper/models/access_grant.rb +5 -5
data/lib/doorkeeper/models/access_token.rb +22 -18
data/lib/doorkeeper/models/active_record/access_token.rb +8 -8
data/lib/doorkeeper/models/active_record/application.rb +5 -5
data/lib/doorkeeper/models/application.rb +8 -9
data/lib/doorkeeper/models/expirable.rb +1 -1
data/lib/doorkeeper/models/mongo_mapper/access_grant.rb +2 -2
data/lib/doorkeeper/models/mongo_mapper/access_token.rb +11 -11
data/lib/doorkeeper/models/mongo_mapper/application.rb +4 -4
data/lib/doorkeeper/models/mongoid/version.rb +2 -2
data/lib/doorkeeper/models/mongoid2/access_grant.rb +7 -7
data/lib/doorkeeper/models/mongoid2/access_token.rb +14 -14
data/lib/doorkeeper/models/mongoid2/application.rb +7 -7
data/lib/doorkeeper/models/mongoid3_4/access_grant.rb +7 -7
data/lib/doorkeeper/models/mongoid3_4/access_token.rb +13 -13
data/lib/doorkeeper/models/mongoid3_4/application.rb +6 -6
data/lib/doorkeeper/models/ownership.rb +5 -5
data/lib/doorkeeper/oauth/authorization/code.rb +5 -5
data/lib/doorkeeper/oauth/authorization/token.rb +7 -7
data/lib/doorkeeper/oauth/authorization_code_request.rb +18 -19
data/lib/doorkeeper/oauth/client.rb +1 -1
data/lib/doorkeeper/oauth/client_credentials/creator.rb +4 -4
data/lib/doorkeeper/oauth/client_credentials/issuer.rb +6 -4
data/lib/doorkeeper/oauth/client_credentials/validation.rb +2 -2
data/lib/doorkeeper/oauth/client_credentials_request.rb +11 -15
data/lib/doorkeeper/oauth/code_request.rb +5 -4
data/lib/doorkeeper/oauth/code_response.rb +8 -7
data/lib/doorkeeper/oauth/error.rb +1 -1
data/lib/doorkeeper/oauth/error_response.rb +5 -5
data/lib/doorkeeper/oauth/helpers/uri_checker.rb +1 -1
data/lib/doorkeeper/oauth/invalid_token_response.rb +10 -10
data/lib/doorkeeper/oauth/password_access_token_request.rb +57 -54
data/lib/doorkeeper/oauth/pre_authorization.rb +7 -7
data/lib/doorkeeper/oauth/refresh_token_request.rb +27 -24
data/lib/doorkeeper/oauth/scopes.rb +3 -3
data/lib/doorkeeper/oauth/token.rb +27 -1
data/lib/doorkeeper/oauth/token_request.rb +14 -4
data/lib/doorkeeper/rails/routes.rb +31 -22
data/lib/doorkeeper/rails/routes/mapping.rb +11 -12
data/lib/doorkeeper/request.rb +5 -5
data/lib/doorkeeper/version.rb +1 -1
data/lib/generators/doorkeeper/application_owner_generator.rb +1 -1
data/lib/generators/doorkeeper/install_generator.rb +5 -5
data/lib/generators/doorkeeper/migration_generator.rb +1 -1
data/lib/generators/doorkeeper/mongo_mapper/indexes_generator.rb +2 -2
data/lib/generators/doorkeeper/templates/add_owner_to_application_migration.rb +2 -2
data/lib/generators/doorkeeper/templates/initializer.rb +16 -3
data/lib/generators/doorkeeper/templates/migration.rb +16 -17
data/lib/generators/doorkeeper/views_generator.rb +1 -1
data/spec/controllers/applications_controller_spec.rb +7 -7
data/spec/controllers/authorizations_controller_spec.rb +48 -48
data/spec/controllers/protected_resources_controller_spec.rb +108 -107
data/spec/controllers/token_info_controller_spec.rb +11 -11
data/spec/controllers/tokens_controller_spec.rb +8 -8
data/spec/dummy/app/controllers/custom_authorizations_controller.rb +2 -2
data/spec/dummy/app/controllers/full_protected_resources_controller.rb +3 -3
data/spec/dummy/app/controllers/home_controller.rb +5 -5
data/spec/dummy/app/controllers/metal_controller.rb +1 -1
data/spec/dummy/app/controllers/semi_protected_resources_controller.rb +2 -2
data/spec/dummy/app/models/user.rb +3 -3
data/spec/dummy/config/application.rb +8 -9
data/spec/dummy/config/boot.rb +1 -1
data/spec/dummy/config/environments/test.rb +1 -1
data/spec/dummy/config/initializers/doorkeeper.rb +5 -5
data/spec/dummy/config/initializers/session_store.rb +1 -1
data/spec/dummy/config/initializers/wrap_parameters.rb +1 -1
data/spec/dummy/config/routes.rb +27 -27
data/spec/dummy/db/migrate/20130902165751_create_doorkeeper_tables.rb +16 -17
data/spec/dummy/db/migrate/20130902175349_add_owner_to_application.rb +3 -3
data/spec/dummy/db/schema.rb +39 -39
data/spec/factories/access_grant.rb +3 -3
data/spec/factories/access_token.rb +1 -1
data/spec/factories/application.rb +3 -3
data/spec/generators/application_owner_generator_spec.rb +6 -7
data/spec/generators/install_generator_spec.rb +9 -9
data/spec/generators/migration_generator_spec.rb +4 -4
data/spec/lib/config_spec.rb +136 -44
data/spec/lib/models/expirable_spec.rb +9 -9
data/spec/lib/models/revocable_spec.rb +4 -4
data/spec/lib/oauth/authorization/uri_builder_spec.rb +4 -4
data/spec/lib/oauth/authorization_code_request_spec.rb +2 -2
data/spec/lib/oauth/client/credentials_spec.rb +4 -4
data/spec/lib/oauth/client/methods_spec.rb +10 -10
data/spec/lib/oauth/client_credentials/issuer_spec.rb +9 -7
data/spec/lib/oauth/client_credentials/validation_spec.rb +2 -2
data/spec/lib/oauth/client_credentials_request_spec.rb +6 -6
data/spec/lib/oauth/client_spec.rb +4 -4
data/spec/lib/oauth/code_request_spec.rb +10 -9
data/spec/lib/oauth/error_response_spec.rb +8 -8
data/spec/lib/oauth/error_spec.rb +1 -1
data/spec/lib/oauth/helpers/scope_checker_spec.rb +17 -17
data/spec/lib/oauth/helpers/unique_token_spec.rb +7 -7
data/spec/lib/oauth/helpers/uri_checker_spec.rb +33 -33
data/spec/lib/oauth/invalid_token_response_spec.rb +4 -4
data/spec/lib/oauth/password_access_token_request_spec.rb +13 -13
data/spec/lib/oauth/pre_authorization_spec.rb +47 -7
data/spec/lib/oauth/refresh_token_request_spec.rb +11 -21
data/spec/lib/oauth/scopes_spec.rb +32 -32
data/spec/lib/oauth/token_request_spec.rb +10 -9
data/spec/lib/oauth/token_response_spec.rb +13 -15
data/spec/lib/oauth/token_spec.rb +24 -10
data/spec/lib/server_spec.rb +24 -2
data/spec/models/doorkeeper/access_grant_spec.rb +8 -8
data/spec/models/doorkeeper/access_token_spec.rb +79 -33
data/spec/models/doorkeeper/application_spec.rb +29 -29
data/spec/requests/applications/applications_request_spec.rb +15 -15
data/spec/requests/applications/authorized_applications_spec.rb +7 -7
data/spec/requests/endpoints/authorization_spec.rb +19 -12
data/spec/requests/endpoints/token_spec.rb +26 -8
data/spec/requests/flows/authorization_code_errors_spec.rb +17 -17
data/spec/requests/flows/authorization_code_spec.rb +28 -28
data/spec/requests/flows/client_credentials_spec.rb +3 -3
data/spec/requests/flows/implicit_grant_errors_spec.rb +5 -5
data/spec/requests/flows/implicit_grant_spec.rb +2 -2
data/spec/requests/flows/password_spec.rb +32 -32
data/spec/requests/flows/refresh_token_spec.rb +23 -23
data/spec/requests/flows/revoke_token_spec.rb +165 -0
data/spec/requests/flows/skip_authorization_spec.rb +10 -10
data/spec/requests/protected_resources/metal_spec.rb +1 -1
data/spec/requests/protected_resources/private_api_spec.rb +5 -5
data/spec/routing/custom_controller_routes_spec.rb +4 -0
data/spec/routing/default_routes_spec.rb +5 -1
data/spec/spec_helper.rb +2 -2
data/spec/spec_helper_integration.rb +8 -10
data/spec/support/helpers/access_token_request_helper.rb +3 -3
data/spec/support/helpers/authorization_request_helper.rb +3 -3
data/spec/support/helpers/config_helper.rb +1 -1
data/spec/support/helpers/model_helper.rb +2 -2
data/spec/support/helpers/request_spec_helper.rb +3 -3
data/spec/support/helpers/url_helper.rb +25 -21
data/spec/support/orm/active_record.rb +4 -4
data/spec/support/orm/mongo_mapper.rb +2 -3
data/spec/support/orm/mongoid.rb +5 -6
data/spec/support/shared/controllers_shared_context.rb +15 -15
data/spec/support/shared/models_shared_examples.rb +13 -13
data/spec/validators/redirect_uri_validator_spec.rb +9 -9
metadata +5 -4

data/spec/lib/oauth/token_request_spec.rb CHANGED Viewed

@@ -3,18 +3,19 @@ require 'spec_helper_integration'
 module Doorkeeper::OAuth
   describe TokenRequest do
     let :pre_auth do
-      double(:pre_auth, {
-        :client => double(:application, :id => 9990),
-        :redirect_uri => 'http://tst.com/cb',
-        :state => nil,
-        :scopes => nil,
-        :error => nil,
-        :authorizable? => true
-      })
+      double(
+        :pre_auth,
+        client: double(:application, id: 9990),
+        redirect_uri: 'http://tst.com/cb',
+        state: nil,
+        scopes: nil,
+        error: nil,
+        authorizable?: true
+      )
     end
     let :owner do
-      double :owner, :id => 7866
+      double :owner, id: 7866
     end
     subject do

data/spec/lib/oauth/token_response_spec.rb CHANGED Viewed

@@ -17,14 +17,13 @@ module Doorkeeper::OAuth
     describe '.body' do
       let(:access_token) do
-        double :access_token, {
-          :token => 'some-token',
-          :expires_in => '3600',
-          :expires_in_seconds => '300',
-          :scopes_string => 'two scopes',
-          :refresh_token => 'some-refresh-token',
-          :token_type => 'bearer'
-        }
+        double :access_token,
+               token: 'some-token',
+               expires_in: '3600',
+               expires_in_seconds: '300',
+               scopes_string: 'two scopes',
+               refresh_token: 'some-refresh-token',
+               token_type: 'bearer'
       end
       subject { TokenResponse.new(access_token).body }
@@ -54,13 +53,12 @@ module Doorkeeper::OAuth
     describe '.body filters out empty values' do
       let(:access_token) do
-        double :access_token, {
-          :token => 'some-token',
-          :expires_in_seconds => '',
-          :scopes_string => '',
-          :refresh_token => '',
-          :token_type => 'bearer'
-        }
+        double :access_token,
+               token: 'some-token',
+               expires_in_seconds: '',
+               scopes_string: '',
+               refresh_token: '',
+               token_type: 'bearer'
       end
       subject { TokenResponse.new(access_token).body }

data/spec/lib/oauth/token_spec.rb CHANGED Viewed

@@ -14,7 +14,7 @@ module Doorkeeper
         let(:request) { double.as_null_object }
         let(:method) do
-          lambda { |request| return 'token-value' }
+          ->(request) { return 'token-value' }
         end
         it 'accepts anything that responds to #call' do
@@ -30,7 +30,7 @@ module Doorkeeper
         it 'stops at the first credentials found' do
           not_called_method = double
           expect(not_called_method).not_to receive(:call)
-          credentials = Token.from_request request, lambda { |r| }, method, not_called_method
+          Token.from_request request, ->(r) {}, method, not_called_method
         end
         it 'returns the credential from extractor method' do
@@ -41,39 +41,53 @@ module Doorkeeper
       describe :from_access_token_param do
         it 'returns token from access_token parameter' do
-          request = double :parameters => { :access_token => 'some-token' }
+          request = double parameters: { access_token: 'some-token' }
           token   = Token.from_access_token_param(request)
-          expect(token).to eq("some-token")
+          expect(token).to eq('some-token')
         end
       end
       describe :from_bearer_param do
         it 'returns token from bearer_token parameter' do
-          request = double :parameters => { :bearer_token => 'some-token' }
+          request = double parameters: { bearer_token: 'some-token' }
           token   = Token.from_bearer_param(request)
-          expect(token).to eq("some-token")
+          expect(token).to eq('some-token')
         end
       end
       describe :from_bearer_authorization do
         it 'returns token from authorization bearer' do
-          request = double :authorization => "Bearer SomeToken"
+          request = double authorization: 'Bearer SomeToken'
           token   = Token.from_bearer_authorization(request)
-          expect(token).to eq("SomeToken")
+          expect(token).to eq('SomeToken')
         end
         it 'does not return token if authorization is not bearer' do
-          request = double :authorization => "MAC SomeToken"
+          request = double authorization: 'MAC SomeToken'
           token   = Token.from_bearer_authorization(request)
           expect(token).to be_blank
         end
       end
+      describe :from_basic_authorization do
+        it 'returns token from authorization basic' do
+          request = double authorization: "Basic #{Base64.encode64 'SomeToken:'}"
+          token   = Token.from_basic_authorization(request)
+          expect(token).to eq('SomeToken')
+        end
+        it 'does not return token if authorization is not basic' do
+          request = double authorization: "MAC #{Base64.encode64 'SomeToken:'}"
+          token   = Token.from_basic_authorization(request)
+          expect(token).to be_blank
+        end
+      end
       describe :authenticate do
         let(:finder) { double :finder }
         it 'calls the finder if token was found' do
-          token = lambda { |r| 'token' }
+          token = ->(r) { 'token' }
           expect(AccessToken).to receive(:authenticate).with('token')
           Token.authenticate double, token
         end

data/spec/lib/server_spec.rb CHANGED Viewed

@@ -12,11 +12,33 @@ describe Doorkeeper::Server do
   describe '.authorization_request' do
     it 'raises error when strategy does not exist' do
-      expect { subject.authorization_request(:duh) }.to raise_error(Doorkeeper::Errors::InvalidAuthorizationStrategy)
+      expect do
+        subject.authorization_request(:duh)
+      end.to raise_error(Doorkeeper::Errors::InvalidAuthorizationStrategy)
     end
     it 'raises error when strategy does not match phase' do
-      expect { subject.token_request(:code) }.to raise_error(Doorkeeper::Errors::InvalidTokenStrategy)
+      expect do
+        subject.token_request(:code)
+      end.to raise_error(Doorkeeper::Errors::InvalidTokenStrategy)
+    end
+    context 'when only Authorization Code strategy is enabled' do
+      before do
+        Doorkeeper.configuration.stub(:grant_flows) { ['authorization_code'] }
+      end
+      it 'raises error when using the disabled Implicit strategy' do
+        expect do
+          subject.authorization_request(:token)
+        end.to raise_error(Doorkeeper::Errors::InvalidAuthorizationStrategy)
+      end
+      it 'raises error when using the disabled Client Credentials strategy' do
+        expect do
+          subject.token_request(:client_credentials)
+        end.to raise_error(Doorkeeper::Errors::InvalidTokenStrategy)
+      end
     end
     it 'builds the request with selected strategy' do

data/spec/models/doorkeeper/access_grant_spec.rb CHANGED Viewed

@@ -5,30 +5,30 @@ describe Doorkeeper::AccessGrant do
   it { should be_valid }
-  it_behaves_like "an accessible token"
-  it_behaves_like "a revocable token"
-  it_behaves_like "an unique token" do
+  it_behaves_like 'an accessible token'
+  it_behaves_like 'a revocable token'
+  it_behaves_like 'an unique token' do
     let(:factory_name) { :access_grant }
   end
-  describe "validations" do
-    it "is invalid without resource_owner_id" do
+  describe 'validations' do
+    it 'is invalid without resource_owner_id' do
       subject.resource_owner_id = nil
       should_not be_valid
     end
-    it "is invalid without application_id" do
+    it 'is invalid without application_id' do
       subject.application_id = nil
       should_not be_valid
     end
-    it "is invalid without token" do
+    it 'is invalid without token' do
       subject.save
       subject.token = nil
       should_not be_valid
     end
-    it "is invalid without expires_in" do
+    it 'is invalid without expires_in' do
       subject.expires_in = nil
       should_not be_valid
     end

data/spec/models/doorkeeper/access_token_spec.rb CHANGED Viewed

@@ -6,9 +6,9 @@ module Doorkeeper
     it { should be_valid }
-    it_behaves_like "an accessible token"
-    it_behaves_like "a revocable token"
-    it_behaves_like "an unique token" do
+    it_behaves_like 'an accessible token'
+    it_behaves_like 'a revocable token'
+    it_behaves_like 'an unique token' do
       let(:factory_name) { :access_token }
     end
@@ -19,40 +19,87 @@ module Doorkeeper
       end
       it 'generates a refresh token if it was requested' do
-        token = FactoryGirl.create :access_token, :use_refresh_token => true
+        token = FactoryGirl.create :access_token, use_refresh_token: true
         expect(token.refresh_token).not_to be_nil
       end
-      it "is not valid if token exists" do
-        token1 = FactoryGirl.create :access_token, :use_refresh_token => true
-        token2 = FactoryGirl.create :access_token, :use_refresh_token => true
+      it 'is not valid if token exists' do
+        token1 = FactoryGirl.create :access_token, use_refresh_token: true
+        token2 = FactoryGirl.create :access_token, use_refresh_token: true
         token2.send :write_attribute, :refresh_token, token1.refresh_token
         expect(token2).not_to be_valid
       end
       it 'expects database to raise an error if refresh tokens are the same' do
-        token1 = FactoryGirl.create :access_token, :use_refresh_token => true
-        token2 = FactoryGirl.create :access_token, :use_refresh_token => true
-        expect {
+        token1 = FactoryGirl.create :access_token, use_refresh_token: true
+        token2 = FactoryGirl.create :access_token, use_refresh_token: true
+        expect do
           token2.write_attribute :refresh_token, token1.refresh_token
-          token2.save(:validate => false)
-        }.to raise_error
+          token2.save(validate: false)
+        end.to raise_error
       end
     end
-    describe "validations" do
-      it "is valid without resource_owner_id" do
+    describe 'validations' do
+      it 'is valid without resource_owner_id' do
         # For client credentials flow
         subject.resource_owner_id = nil
         should be_valid
       end
     end
+    describe '#same_credential?' do
+      context 'with default parameters' do
+        let(:resource_owner_id) { 100 }
+        let(:application)    { FactoryGirl.create :application }
+        let(:default_attributes) do
+          { application: application, resource_owner_id: resource_owner_id }
+        end
+        let(:access_token1) { FactoryGirl.create :access_token, default_attributes }
+        context 'the second token has the same owner and same app' do
+          let(:access_token2) { FactoryGirl.create :access_token, default_attributes }
+          it 'success' do
+            expect(access_token1.same_credential?(access_token2)).to be_true
+          end
+        end
+        context 'the second token has same owner and different app' do
+          let(:other_application) { FactoryGirl.create :application }
+          let(:access_token2) { FactoryGirl.create :access_token, application: other_application, resource_owner_id: resource_owner_id }
+          it 'fail' do
+            expect(access_token1.same_credential?(access_token2)).to be_false
+          end
+        end
+        context 'the second token has different owner and different app' do
+          let(:other_application) { FactoryGirl.create :application }
+          let(:access_token2) { FactoryGirl.create :access_token, application: other_application, resource_owner_id: 42 }
+          it 'fail' do
+            expect(access_token1.same_credential?(access_token2)).to be_false
+          end
+        end
+        context 'the second token has different owner and same app' do
+          let(:access_token2) { FactoryGirl.create :access_token, application: application, resource_owner_id: 42 }
+          it 'fail' do
+            expect(access_token1.same_credential?(access_token2)).to be_false
+          end
+        end
+      end
+    end
     describe '.revoke_all_for' do
-      let(:resource_owner) { double(:id => 100) }
+      let(:resource_owner) { double(id: 100) }
       let(:application)    { FactoryGirl.create :application }
       let(:default_attributes) do
-        { :application => application, :resource_owner_id => resource_owner.id }
+        { application: application, resource_owner_id: resource_owner.id }
       end
       it 'revokes all tokens for given application and resource owner' do
@@ -64,13 +111,13 @@ module Doorkeeper
       end
       it 'matches application' do
-        FactoryGirl.create :access_token, default_attributes.merge(:application => FactoryGirl.create(:application))
+        FactoryGirl.create :access_token, default_attributes.merge(application: FactoryGirl.create(:application))
         AccessToken.revoke_all_for application.id, resource_owner
         expect(AccessToken.all).not_to be_empty
       end
       it 'matches resource owner' do
-        FactoryGirl.create :access_token, default_attributes.merge(:resource_owner_id => 90)
+        FactoryGirl.create :access_token, default_attributes.merge(resource_owner_id: 90)
         AccessToken.revoke_all_for application.id, resource_owner
         expect(AccessToken.all).not_to be_empty
       end
@@ -79,9 +126,9 @@ module Doorkeeper
     describe '.matching_token_for' do
       let(:resource_owner_id) { 100 }
       let(:application)       { FactoryGirl.create :application }
-      let(:scopes)            { Doorkeeper::OAuth::Scopes.from_string("public write") }
+      let(:scopes)            { Doorkeeper::OAuth::Scopes.from_string('public write') }
       let(:default_attributes) do
-        { :application => application, :resource_owner_id => resource_owner_id, :scopes => scopes.to_s }
+        { application: application, resource_owner_id: resource_owner_id, scopes: scopes.to_s }
       end
       it 'returns only one token' do
@@ -91,44 +138,44 @@ module Doorkeeper
       end
       it 'accepts resource owner as object' do
-        resource_owner = double(:to_key => true, :id => 100)
+        resource_owner = double(to_key: true, id: 100)
         token = FactoryGirl.create :access_token, default_attributes
         last_token = AccessToken.matching_token_for(application, resource_owner, scopes)
         expect(last_token).to eq(token)
       end
       it 'accepts nil as resource owner' do
-        token = FactoryGirl.create :access_token, default_attributes.merge(:resource_owner_id => nil)
+        token = FactoryGirl.create :access_token, default_attributes.merge(resource_owner_id: nil)
         last_token = AccessToken.matching_token_for(application, nil, scopes)
         expect(last_token).to eq(token)
       end
       it 'excludes revoked tokens' do
-        FactoryGirl.create :access_token, default_attributes.merge(:revoked_at => 1.day.ago)
+        FactoryGirl.create :access_token, default_attributes.merge(revoked_at: 1.day.ago)
         last_token = AccessToken.matching_token_for(application, resource_owner_id, scopes)
         expect(last_token).to be_nil
       end
       it 'matches the application' do
-        token = FactoryGirl.create :access_token, default_attributes.merge(:application => FactoryGirl.create(:application))
+        token = FactoryGirl.create :access_token, default_attributes.merge(application: FactoryGirl.create(:application))
         last_token = AccessToken.matching_token_for(application, resource_owner_id, scopes)
         expect(last_token).to be_nil
       end
       it 'matches the resource owner' do
-        FactoryGirl.create :access_token, default_attributes.merge(:resource_owner_id => 2)
+        FactoryGirl.create :access_token, default_attributes.merge(resource_owner_id: 2)
         last_token = AccessToken.matching_token_for(application, resource_owner_id, scopes)
         expect(last_token).to be_nil
       end
       it 'matches the scopes' do
-        FactoryGirl.create :access_token, default_attributes.merge(:scopes => 'public email')
+        FactoryGirl.create :access_token, default_attributes.merge(scopes: 'public email')
         last_token = AccessToken.matching_token_for(application, resource_owner_id, scopes)
         expect(last_token).to be_nil
       end
       it 'returns the last created token' do
-        FactoryGirl.create :access_token, default_attributes.merge(:created_at => 1.day.ago)
+        FactoryGirl.create :access_token, default_attributes.merge(created_at: 1.day.ago)
         token = FactoryGirl.create :access_token, default_attributes
         last_token = AccessToken.matching_token_for(application, resource_owner_id, scopes)
         expect(last_token).to eq(token)
@@ -136,12 +183,11 @@ module Doorkeeper
       it 'returns as_json hash'   do
         token = FactoryGirl.create :access_token, default_attributes
-        token_hash = {
-                      :resource_owner_id => token.resource_owner_id,
-                      :scopes => token.scopes,
-                      :expires_in_seconds => token.expires_in_seconds,
-                      :application => { :uid => token.application.uid }
-                     }
+        token_hash = { resource_owner_id: token.resource_owner_id,
+                       scopes: token.scopes,
+                       expires_in_seconds: token.expires_in_seconds,
+                       application: { uid: token.application.uid }
+        }
         expect(token.as_json).to eq token_hash
       end
     end

data/spec/models/doorkeeper/application_spec.rb CHANGED Viewed

@@ -4,14 +4,14 @@ module Doorkeeper
   describe Application do
     include OrmHelper
-    let(:require_owner) { Doorkeeper.configuration.instance_variable_set("@confirm_application_owner", true) }
-    let(:unset_require_owner) { Doorkeeper.configuration.instance_variable_set("@confirm_application_owner", false) }
+    let(:require_owner) { Doorkeeper.configuration.instance_variable_set('@confirm_application_owner', true) }
+    let(:unset_require_owner) { Doorkeeper.configuration.instance_variable_set('@confirm_application_owner', false) }
     let(:new_application) { FactoryGirl.build(:application) }
     let(:uid) { SecureRandom.hex(8) }
     let(:secret) { SecureRandom.hex(8) }
-    context "application_owner is enabled" do
+    context 'application_owner is enabled' do
       before do
         Doorkeeper.configure do
           orm DOORKEEPER_ORM
@@ -29,7 +29,7 @@ module Doorkeeper
         end
       end
-      context "application owner is required" do
+      context 'application owner is required' do
         before(:each) do
           require_owner
           @owner = mock_application_owner
@@ -86,9 +86,7 @@ module Doorkeeper
       app1 = FactoryGirl.create(:application)
       app2 = FactoryGirl.create(:application)
       app2.uid = app1.uid
-      expect {
-        app2.save!(:validate => false)
-      }.to raise_error
+      expect { app2.save!(validate: false) }.to raise_error
     end
     it 'generate secret on create' do
@@ -115,53 +113,55 @@ module Doorkeeper
       end
       it 'should destroy its access grants' do
-        FactoryGirl.create(:access_grant, :application => new_application)
+        FactoryGirl.create(:access_grant, application: new_application)
         expect { new_application.destroy }.to change { Doorkeeper::AccessGrant.count }.by(-1)
       end
       it 'should destroy its access tokens' do
-        FactoryGirl.create(:access_token, :application => new_application)
-        FactoryGirl.create(:access_token, :application => new_application, :revoked_at => Time.now)
-        expect { new_application.destroy }.to change { Doorkeeper::AccessToken.count }.by(-2)
+        FactoryGirl.create(:access_token, application: new_application)
+        FactoryGirl.create(:access_token, application: new_application, revoked_at: Time.now)
+        expect do
+          new_application.destroy
+        end.to change { Doorkeeper::AccessToken.count }.by(-2)
       end
     end
     describe :authorized_for do
-      let(:resource_owner) { double(:resource_owner, :id => 10) }
+      let(:resource_owner) { double(:resource_owner, id: 10) }
-      it "is empty if the application is not authorized for anyone" do
+      it 'is empty if the application is not authorized for anyone' do
         expect(Application.authorized_for(resource_owner)).to be_empty
       end
-      it "returns only application for a specific resource owner" do
-        FactoryGirl.create(:access_token, :resource_owner_id => resource_owner.id + 1)
-        token = FactoryGirl.create(:access_token, :resource_owner_id => resource_owner.id)
+      it 'returns only application for a specific resource owner' do
+        FactoryGirl.create(:access_token, resource_owner_id: resource_owner.id + 1)
+        token = FactoryGirl.create(:access_token, resource_owner_id: resource_owner.id)
         expect(Application.authorized_for(resource_owner)).to eq([token.application])
       end
-      it "excludes revoked tokens" do
-        FactoryGirl.create(:access_token, :resource_owner_id => resource_owner.id, :revoked_at => 2.days.ago)
+      it 'excludes revoked tokens' do
+        FactoryGirl.create(:access_token, resource_owner_id: resource_owner.id, revoked_at: 2.days.ago)
         expect(Application.authorized_for(resource_owner)).to be_empty
       end
-      it "returns all applications that have been authorized" do
-        token1 = FactoryGirl.create(:access_token, :resource_owner_id => resource_owner.id)
-        token2 = FactoryGirl.create(:access_token, :resource_owner_id => resource_owner.id)
+      it 'returns all applications that have been authorized' do
+        token1 = FactoryGirl.create(:access_token, resource_owner_id: resource_owner.id)
+        token2 = FactoryGirl.create(:access_token, resource_owner_id: resource_owner.id)
         expect(Application.authorized_for(resource_owner)).to eq([token1.application, token2.application])
       end
-      it "returns only one application even if it has been authorized twice" do
+      it 'returns only one application even if it has been authorized twice' do
         application = FactoryGirl.create(:application)
-        FactoryGirl.create(:access_token, :resource_owner_id => resource_owner.id, :application => application)
-        FactoryGirl.create(:access_token, :resource_owner_id => resource_owner.id, :application => application)
+        FactoryGirl.create(:access_token, resource_owner_id: resource_owner.id, application: application)
+        FactoryGirl.create(:access_token, resource_owner_id: resource_owner.id, application: application)
         expect(Application.authorized_for(resource_owner)).to eq([application])
       end
-      it "should fail to mass assign a new application", if: ::Rails::VERSION::MAJOR < 4 do
-        mass_assign = { :name => 'Something',
-                        :redirect_uri => 'http://somewhere.com/something',
-                        :uid => 123,
-                        :secret => 'something' }
+      it 'should fail to mass assign a new application', if: ::Rails::VERSION::MAJOR < 4 do
+        mass_assign = { name: 'Something',
+                        redirect_uri: 'http://somewhere.com/something',
+                        uid: 123,
+                        secret: 'something' }
         expect(Application.create(mass_assign).uid).not_to eq(123)
       end
     end