doorkeeper 1.1.0 → 1.2.0

data/lib/doorkeeper/rails/routes/mapping.rb

@@ -6,32 +6,31 @@ module Doorkeeper
 
         def initialize
           @controllers = {
-            :authorizations => 'doorkeeper/authorizations',
-            :applications => 'doorkeeper/applications',
-            :authorized_applications => 'doorkeeper/authorized_applications',
-            :tokens => 'doorkeeper/tokens',
-            :token_info => 'doorkeeper/token_info'
+            authorizations: 'doorkeeper/authorizations',
+            applications: 'doorkeeper/applications',
+            authorized_applications: 'doorkeeper/authorized_applications',
+            tokens: 'doorkeeper/tokens',
+            token_info: 'doorkeeper/token_info'
           }
 
           @as = {
-            :authorizations => :authorization,
-            :tokens => :token,
-            :token_info => :token_info
+            authorizations: :authorization,
+            tokens: :token,
+            token_info: :token_info
           }
 
           @skips = []
-
         end
 
         def [](routes)
           {
-            :controllers => @controllers[routes],
-            :as => @as[routes]
+            controllers: @controllers[routes],
+            as: @as[routes]
           }
         end
 
         def skipped?(controller)
-          return @skips.include?(controller)
+          @skips.include?(controller)
         end
       end
     end

data/lib/doorkeeper/request.rb

@@ -7,23 +7,23 @@ require 'doorkeeper/request/token'
 
 module Doorkeeper
   module Request
-    extend self
+    module_function
 
     def authorization_strategy(strategy)
-      get_strategy strategy, %w[code token]
+      get_strategy strategy, Doorkeeper.configuration.authorization_response_types
     rescue NameError
       raise Errors::InvalidAuthorizationStrategy
     end
 
     def token_strategy(strategy)
-      get_strategy strategy, %w[password client_credentials authorization_code refresh_token]
+      get_strategy strategy, Doorkeeper.configuration.token_grant_types
     rescue NameError
       raise Errors::InvalidTokenStrategy
     end
 
     def get_strategy(strategy, available)
-      raise Errors::MissingRequestStrategy unless strategy.present?
-      raise NameError unless available.include?(strategy.to_s)
+      fail Errors::MissingRequestStrategy unless strategy.present?
+      fail NameError unless available.include?(strategy.to_s)
       "Doorkeeper::Request::#{strategy.to_s.camelize}".constantize
     end
   end

data/lib/doorkeeper/version.rb

@@ -1,3 +1,3 @@
 module Doorkeeper
-  VERSION = '1.1.0'
+  VERSION = '1.2.0'
 end

data/lib/generators/doorkeeper/application_owner_generator.rb

@@ -3,7 +3,7 @@ require 'rails/generators/active_record'
 class Doorkeeper::ApplicationOwnerGenerator < Rails::Generators::Base
   include Rails::Generators::Migration
   source_root File.expand_path('../templates', __FILE__)
-  desc "Provide support for client application ownership."
+  desc 'Provide support for client application ownership.'
 
   def application_owner
     migration_template 'add_owner_to_application_migration.rb', 'db/migrate/add_owner_to_application.rb'

data/lib/generators/doorkeeper/install_generator.rb

@@ -1,12 +1,12 @@
 class Doorkeeper::InstallGenerator < ::Rails::Generators::Base
   include Rails::Generators::Migration
   source_root File.expand_path('../templates', __FILE__)
-  desc "Installs Doorkeeper."
+  desc 'Installs Doorkeeper.'
 
   def install
-    template "initializer.rb", "config/initializers/doorkeeper.rb"
-    copy_file "../../../../config/locales/en.yml", "config/locales/doorkeeper.en.yml"
-    route "use_doorkeeper"
-    readme "README"
+    template 'initializer.rb', 'config/initializers/doorkeeper.rb'
+    copy_file File.expand_path('../../../../config/locales/en.yml', __FILE__), 'config/locales/doorkeeper.en.yml'
+    route 'use_doorkeeper'
+    readme 'README'
   end
 end

data/lib/generators/doorkeeper/migration_generator.rb

@@ -3,7 +3,7 @@ require 'rails/generators/active_record'
 class Doorkeeper::MigrationGenerator < ::Rails::Generators::Base
   include Rails::Generators::Migration
   source_root File.expand_path('../templates', __FILE__)
-  desc "Installs Doorkeeper migration file."
+  desc 'Installs Doorkeeper migration file.'
 
   def install
     migration_template 'migration.rb', 'db/migrate/create_doorkeeper_tables.rb'

data/lib/generators/doorkeeper/mongo_mapper/indexes_generator.rb

@@ -2,10 +2,10 @@ module Doorkeeper
   module MongoMapper
     class IndexesGenerator < ::Rails::Generators::Base
       source_root File.expand_path('../../templates', __FILE__)
-      desc "Creates an indexes file for use with MongoMapper's rake db:index"
+      desc 'Creates an indexes file for use with MongoMapper\'s rake db:index'
 
       def install
-        template "indexes.rb", "db/indexes.rb"
+        template 'indexes.rb' 'db/indexes.rb'
       end
     end
   end

data/lib/generators/doorkeeper/templates/add_owner_to_application_migration.rb

@@ -1,7 +1,7 @@
 class AddOwnerToApplication < ActiveRecord::Migration
   def change
-    add_column :oauth_applications, :owner_id, :integer, :null => true
-    add_column :oauth_applications, :owner_type, :string, :null => true
+    add_column :oauth_applications, :owner_id, :integer, null: true
+    add_column :oauth_applications, :owner_type, :string, null: true
     add_index :oauth_applications, [:owner_id, :owner_type]
   end
 end

data/lib/generators/doorkeeper/templates/initializer.rb

@@ -5,7 +5,7 @@ Doorkeeper.configure do
 
   # This block will be called to check whether the resource owner is authenticated or not.
   resource_owner_authenticator do
-    raise "Please configure doorkeeper resource_owner_authenticator block located in #{__FILE__}"
+    fail "Please configure doorkeeper resource_owner_authenticator block located in #{__FILE__}"
     # Put your resource owner authentication logic here.
     # Example implementation:
     #   User.find_by_id(session[:user_id]) || redirect_to(new_user_session_url)
@@ -35,7 +35,8 @@ Doorkeeper.configure do
   # enable_application_owner :confirmation => false
 
   # Define access token scopes for your provider
-  # For more information go to https://github.com/applicake/doorkeeper/wiki/Using-Scopes
+  # For more information go to
+  # https://github.com/doorkeeper-gem/doorkeeper/wiki/Using-Scopes
   # default_scopes  :public
   # optional_scopes :write, :update
 
@@ -58,6 +59,18 @@ Doorkeeper.configure do
   #
   # test_redirect_uri 'urn:ietf:wg:oauth:2.0:oob'
 
+  # Specify what grant flows are enabled in array of Strings. The valid
+  # strings and the flows they enable are:
+  #
+  # "authorization_code" => Authorization Code Grant Flow
+  # "implicit"           => Implicit Grant Flow
+  # "password"           => Resource Owner Password Credentials Grant Flow
+  # "client_credentials" => Client Credentials Grant Flow
+  #
+  # If not specified, Doorkeeper enables all the four grant flows.
+  #
+  # grant_flows %w(authorization_code implicit password client_credentials)
+
   # Under some circumstances you might want to have applications auto-approved,
   # so that the user skips the authorization step.
   # For example if dealing with trusted a application.
@@ -65,7 +78,7 @@ Doorkeeper.configure do
   #   client.superapp? or resource_owner.admin?
   # end
 
-  # WWW-Authenticate Realm (default "Doorkeeper").
+  # WWW-Authenticate Realm (default "Doorkeeper").
   # realm "Doorkeeper"
 
   # Allow dynamic query parameters (disabled by default)

data/lib/generators/doorkeeper/templates/migration.rb

@@ -1,42 +1,41 @@
 class CreateDoorkeeperTables < ActiveRecord::Migration
   def change
     create_table :oauth_applications do |t|
-      t.string  :name,         :null => false
-      t.string  :uid,          :null => false
-      t.string  :secret,       :null => false
-      t.text    :redirect_uri, :null => false
+      t.string  :name,         null: false
+      t.string  :uid,          null: false
+      t.string  :secret,       null: false
+      t.text    :redirect_uri, null: false
       t.timestamps
     end
 
-    add_index :oauth_applications, :uid, :unique => true
+    add_index :oauth_applications, :uid, unique: true
 
     create_table :oauth_access_grants do |t|
-      t.integer  :resource_owner_id, :null => false
-      t.integer  :application_id,    :null => false
-      t.string   :token,             :null => false
-      t.integer  :expires_in,        :null => false
-      t.text     :redirect_uri,      :null => false
-      t.datetime :created_at,        :null => false
+      t.integer  :resource_owner_id, null: false
+      t.integer  :application_id,    null: false
+      t.string   :token,             null: false
+      t.integer  :expires_in,        null: false
+      t.text     :redirect_uri,      null: false
+      t.datetime :created_at,        null: false
       t.datetime :revoked_at
       t.string   :scopes
     end
 
-    add_index :oauth_access_grants, :token, :unique => true
+    add_index :oauth_access_grants, :token, unique: true
 
     create_table :oauth_access_tokens do |t|
       t.integer  :resource_owner_id
       t.integer  :application_id
-      t.string   :token,             :null => false
+      t.string   :token,             null: false
       t.string   :refresh_token
       t.integer  :expires_in
       t.datetime :revoked_at
-      t.datetime :created_at,        :null => false
+      t.datetime :created_at,        null: false
       t.string   :scopes
     end
 
-    add_index :oauth_access_tokens, :token, :unique => true
+    add_index :oauth_access_tokens, :token, unique: true
     add_index :oauth_access_tokens, :resource_owner_id
-    add_index :oauth_access_tokens, :refresh_token, :unique => true
-
+    add_index :oauth_access_tokens, :refresh_token, unique: true
   end
 end

data/lib/generators/doorkeeper/views_generator.rb

@@ -3,7 +3,7 @@ module Doorkeeper
     class ViewsGenerator < ::Rails::Generators::Base
       source_root File.expand_path('../../../../app/views/doorkeeper', __FILE__)
 
-      desc "Copies default Doorkeeper views to your application."
+      desc 'Copies default Doorkeeper views to your application.'
 
       def manifest
         directory 'applications', 'app/views/doorkeeper/applications'

data/spec/controllers/applications_controller_spec.rb

@@ -2,19 +2,19 @@ require 'spec_helper_integration'
 
 module Doorkeeper
   describe ApplicationsController do
-    context "when admin is not authenticated" do
+    context 'when admin is not authenticated' do
       before do
         allow(Doorkeeper.configuration).to receive(:authenticate_admin).and_return(proc do
           redirect_to main_app.root_url
         end)
       end
 
-      it "redirects as set in Doorkeeper.authenticate_admin" do
+      it 'redirects as set in Doorkeeper.authenticate_admin' do
         get :index
         expect(response).to redirect_to(controller.main_app.root_url)
       end
 
-      it "doesn't create application" do
+      it 'does not create application' do
         expect do
           post :create, application: {
             name: 'Example',
@@ -23,12 +23,12 @@ module Doorkeeper
       end
     end
 
-    context "when admin is authenticated" do
+    context 'when admin is authenticated' do
       before do
         allow(Doorkeeper.configuration).to receive(:authenticate_admin).and_return(->(arg) { true })
       end
 
-      it "creates application" do
+      it 'creates application' do
         expect do
           post :create, application: {
             name: 'Example',
@@ -37,7 +37,7 @@ module Doorkeeper
         expect(response).to be_redirect
       end
 
-      it "does not allow mass assignment of uid or secret" do
+      it 'does not allow mass assignment of uid or secret' do
         application = FactoryGirl.create(:application)
         put :update, id: application.id, application: {
           uid: '1A2B3C4D',
@@ -46,7 +46,7 @@ module Doorkeeper
         expect(application.reload.uid).not_to eq '1A2B3C4D'
       end
 
-      it "updates application" do
+      it 'updates application' do
         application = FactoryGirl.create(:application)
         put :update, id: application.id, application: {
           name: 'Example',

data/spec/controllers/authorizations_controller_spec.rb

@@ -1,6 +1,6 @@
 require 'spec_helper_integration'
 
-describe Doorkeeper::AuthorizationsController, "implicit grant flow" do
+describe Doorkeeper::AuthorizationsController, 'implicit grant flow' do
   include AuthorizationRequestHelper
 
   def fragments(param)
@@ -9,88 +9,88 @@ describe Doorkeeper::AuthorizationsController, "implicit grant flow" do
   end
 
   def translated_error_message(key)
-    I18n.translate key, :scope => [:doorkeeper, :errors, :messages]
+    I18n.translate key, scope: [:doorkeeper, :errors, :messages]
   end
 
   let(:client) { FactoryGirl.create :application }
-  let(:user)   { User.create!(:name => "Joe", :password => "sekret") }
+  let(:user)   { User.create!(name: 'Joe', password: 'sekret') }
 
   before do
     allow(controller).to receive(:current_resource_owner).and_return(user)
   end
 
-  describe "POST #create" do
+  describe 'POST #create' do
     before do
-      post :create, :client_id => client.uid, :response_type => "token", :redirect_uri => client.redirect_uri
+      post :create, client_id: client.uid, response_type: 'token', redirect_uri: client.redirect_uri
     end
 
-    it "redirects after authorization" do
+    it 'redirects after authorization' do
       expect(response).to be_redirect
     end
 
-    it "redirects to client redirect uri" do
-      expect(response.location).to match(%r[^#{client.redirect_uri}])
+    it 'redirects to client redirect uri' do
+      expect(response.location).to match(%r{^#{client.redirect_uri}})
     end
 
-    it "includes access token in fragment" do
-      expect(fragments("access_token")).to eq(Doorkeeper::AccessToken.first.token)
+    it 'includes access token in fragment' do
+      expect(fragments('access_token')).to eq(Doorkeeper::AccessToken.first.token)
     end
 
-    it "includes token type in fragment" do
-      expect(fragments("token_type")).to eq('bearer')
+    it 'includes token type in fragment' do
+      expect(fragments('token_type')).to eq('bearer')
     end
 
-    it "includes token expiration in fragment" do
-      expect(fragments("expires_in").to_i).to eq(2.hours.to_i)
+    it 'includes token expiration in fragment' do
+      expect(fragments('expires_in').to_i).to eq(2.hours.to_i)
     end
 
-    it "issues the token for the current client" do
+    it 'issues the token for the current client' do
       expect(Doorkeeper::AccessToken.first.application_id).to eq(client.id)
     end
 
-    it "issues the token for the current resource owner" do
+    it 'issues the token for the current resource owner' do
       expect(Doorkeeper::AccessToken.first.resource_owner_id).to eq(user.id)
     end
   end
 
-  describe "POST #create with errors" do
+  describe 'POST #create with errors' do
     before do
       default_scopes_exist :public
-      post :create, :client_id => client.uid, :response_type => "token", :scope => "invalid", :redirect_uri => client.redirect_uri
+      post :create, client_id: client.uid, response_type: 'token', scope: 'invalid', redirect_uri: client.redirect_uri
     end
 
-    it "redirects after authorization" do
+    it 'redirects after authorization' do
       expect(response).to be_redirect
     end
 
-    it "redirects to client redirect uri" do
-      expect(response.location).to match(%r[^#{client.redirect_uri}])
+    it 'redirects to client redirect uri' do
+      expect(response.location).to match(%r{^#{client.redirect_uri}})
     end
 
-    it "does not include access token in fragment" do
-      expect(fragments("access_token")).to be_nil
+    it 'does not include access token in fragment' do
+      expect(fragments('access_token')).to be_nil
     end
 
-    it "includes error in fragment" do
-      expect(fragments("error")).to eq('invalid_scope')
+    it 'includes error in fragment' do
+      expect(fragments('error')).to eq('invalid_scope')
     end
 
-    it "includes error description in fragment" do
-      expect(fragments("error_description")).to eq(translated_error_message(:invalid_scope))
+    it 'includes error description in fragment' do
+      expect(fragments('error_description')).to eq(translated_error_message(:invalid_scope))
     end
 
-    it "does not issue any access token" do
+    it 'does not issue any access token' do
       expect(Doorkeeper::AccessToken.all).to be_empty
     end
   end
 
-  describe "POST #create with application already authorized" do
-    it "returns the existing access token in a fragment"
+  describe 'POST #create with application already authorized' do
+    it 'returns the existing access token in a fragment'
   end
 
-  describe "GET #new" do
+  describe 'GET #new' do
     before do
-      get :new, :client_id => client.uid, :response_type => "token", :redirect_uri => client.redirect_uri
+      get :new, client_id: client.uid, response_type: 'token', redirect_uri: client.redirect_uri
     end
 
     it 'renders new template' do
@@ -98,47 +98,47 @@ describe Doorkeeper::AuthorizationsController, "implicit grant flow" do
     end
   end
 
-  describe "GET #new with skip_authorization true" do
+  describe 'GET #new with skip_authorization true' do
     before do
       allow(Doorkeeper.configuration).to receive(:skip_authorization).and_return(proc do
-          true
-        end)
-      get :new, :client_id => client.uid, :response_type => "token", :redirect_uri => client.redirect_uri
+        true
+      end)
+      get :new, client_id: client.uid, response_type: 'token', redirect_uri: client.redirect_uri
     end
 
-    it "should redirect immediately" do
+    it 'should redirect immediately' do
       expect(response).to be_redirect
-      expect(response.location).to match(%r[^#{client.redirect_uri}])
+      expect(response.location).to match(%r{^#{client.redirect_uri}})
     end
 
-    it "should issue a token" do
+    it 'should issue a token' do
       expect(Doorkeeper::AccessToken.count).to be 1
     end
 
-    it "includes token type in fragment" do
-      expect(fragments("token_type")).to eq("bearer")
+    it 'includes token type in fragment' do
+      expect(fragments('token_type')).to eq('bearer')
     end
 
-    it "includes token expiration in fragment" do
-      expect(fragments("expires_in").to_i).to eq(2.hours.to_i)
+    it 'includes token expiration in fragment' do
+      expect(fragments('expires_in').to_i).to eq(2.hours.to_i)
     end
 
-    it "issues the token for the current client" do
+    it 'issues the token for the current client' do
       expect(Doorkeeper::AccessToken.first.application_id).to eq(client.id)
     end
 
-    it "issues the token for the current resource owner" do
+    it 'issues the token for the current resource owner' do
       expect(Doorkeeper::AccessToken.first.resource_owner_id).to eq(user.id)
     end
   end
 
-  describe "GET #new with errors" do
+  describe 'GET #new with errors' do
     before do
       default_scopes_exist :public
-      get :new, :an_invalid => 'request'
+      get :new, an_invalid: 'request'
     end
 
-    it "does not redirect" do
+    it 'does not redirect' do
       expect(response).to_not be_redirect
     end