doorkeeper 1.4.1 → 2.0.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Potentially problematic release.
This version of doorkeeper might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/.hound.yml +3 -0
- data/.travis.yml +38 -10
- data/CHANGELOG.md +43 -1
- data/CONTRIBUTING.md +35 -0
- data/Gemfile +4 -26
- data/README.md +21 -55
- data/Rakefile +3 -1
- data/app/controllers/doorkeeper/application_controller.rb +2 -2
- data/app/controllers/doorkeeper/applications_controller.rb +4 -5
- data/app/controllers/doorkeeper/authorizations_controller.rb +4 -2
- data/app/controllers/doorkeeper/tokens_controller.rb +2 -2
- data/app/helpers/doorkeeper/{form_errors_helper.rb → dashboard_helper.rb} +5 -1
- data/app/validators/redirect_uri_validator.rb +6 -0
- data/app/views/doorkeeper/applications/_delete_form.html.erb +1 -1
- data/app/views/doorkeeper/applications/_form.html.erb +3 -3
- data/app/views/doorkeeper/applications/index.html.erb +1 -1
- data/config/locales/en.yml +6 -3
- data/doorkeeper.gemspec +3 -3
- data/gemfiles/Gemfile.common.rb +11 -0
- data/gemfiles/Gemfile.mongo_mapper.rb +5 -0
- data/gemfiles/Gemfile.mongoid2.rb +5 -0
- data/gemfiles/Gemfile.mongoid3.rb +4 -0
- data/gemfiles/Gemfile.mongoid4.rb +5 -0
- data/lib/doorkeeper/config.rb +34 -24
- data/lib/doorkeeper/engine.rb +1 -2
- data/lib/doorkeeper/generators/doorkeeper/mongo_mapper/indexes_generator.rb +12 -0
- data/lib/doorkeeper/models/access_grant_mixin.rb +36 -0
- data/lib/doorkeeper/models/access_token_mixin.rb +122 -0
- data/lib/doorkeeper/models/application_mixin.rb +60 -0
- data/lib/doorkeeper/models/{expirable.rb → concerns/expirable.rb} +6 -5
- data/lib/doorkeeper/models/{ownership.rb → concerns/ownership.rb} +7 -7
- data/lib/doorkeeper/models/{revocable.rb → concerns/revocable.rb} +1 -1
- data/lib/doorkeeper/models/concerns/scopes.rb +17 -0
- data/lib/doorkeeper/oauth/authorization/token.rb +6 -6
- data/lib/doorkeeper/oauth/client.rb +1 -1
- data/lib/doorkeeper/oauth/password_access_token_request.rb +3 -3
- data/lib/doorkeeper/oauth/pre_authorization.rb +5 -1
- data/lib/doorkeeper/oauth/refresh_token_request.rb +6 -6
- data/lib/doorkeeper/oauth/scopes.rb +6 -1
- data/lib/doorkeeper/oauth/token.rb +3 -2
- data/lib/doorkeeper/orm/active_record/access_grant.rb +7 -0
- data/lib/doorkeeper/orm/active_record/access_token.rb +21 -0
- data/lib/doorkeeper/{models → orm}/active_record/application.rb +1 -3
- data/lib/doorkeeper/orm/active_record.rb +17 -0
- data/lib/doorkeeper/{models → orm}/mongo_mapper/access_grant.rb +4 -5
- data/lib/doorkeeper/{models → orm}/mongo_mapper/access_token.rb +12 -17
- data/lib/doorkeeper/{models → orm}/mongo_mapper/application.rb +3 -4
- data/lib/doorkeeper/orm/mongo_mapper.rb +11 -0
- data/lib/doorkeeper/{models → orm}/mongoid2/access_grant.rb +5 -3
- data/lib/doorkeeper/{models → orm}/mongoid2/access_token.rb +10 -12
- data/lib/doorkeeper/{models → orm}/mongoid2/application.rb +3 -0
- data/lib/doorkeeper/orm/mongoid2/concerns/scopes.rb +30 -0
- data/lib/doorkeeper/orm/mongoid2.rb +11 -0
- data/lib/doorkeeper/orm/mongoid3/access_grant.rb +22 -0
- data/lib/doorkeeper/orm/mongoid3/access_token.rb +37 -0
- data/lib/doorkeeper/{models/mongoid3_4 → orm/mongoid3}/application.rb +3 -0
- data/lib/doorkeeper/orm/mongoid3/concerns/scopes.rb +30 -0
- data/lib/doorkeeper/orm/mongoid3.rb +11 -0
- data/lib/doorkeeper/orm/mongoid4/access_grant.rb +22 -0
- data/lib/doorkeeper/orm/mongoid4/access_token.rb +37 -0
- data/lib/doorkeeper/orm/mongoid4/application.rb +25 -0
- data/lib/doorkeeper/orm/mongoid4/concerns/scopes.rb +17 -0
- data/lib/doorkeeper/orm/mongoid4.rb +11 -0
- data/lib/doorkeeper/rails/helpers.rb +63 -0
- data/lib/doorkeeper/rails/routes.rb +1 -12
- data/lib/doorkeeper/request/code.rb +0 -1
- data/lib/doorkeeper/request/token.rb +0 -1
- data/lib/doorkeeper/server.rb +1 -1
- data/lib/doorkeeper/version.rb +1 -1
- data/lib/doorkeeper.rb +15 -6
- data/lib/generators/doorkeeper/application_owner_generator.rb +4 -1
- data/lib/generators/doorkeeper/application_scopes_generator.rb +34 -0
- data/lib/generators/doorkeeper/templates/add_scopes_to_oauth_applications.rb +5 -0
- data/lib/generators/doorkeeper/templates/initializer.rb +8 -1
- data/lib/generators/doorkeeper/templates/migration.rb +1 -0
- data/lib/generators/doorkeeper/views_generator.rb +4 -5
- data/spec/controllers/applications_controller_spec.rb +7 -7
- data/spec/controllers/protected_resources_controller_spec.rb +25 -175
- data/spec/controllers/tokens_controller_spec.rb +15 -9
- data/spec/dummy/app/controllers/full_protected_resources_controller.rb +2 -2
- data/spec/dummy/app/controllers/metal_controller.rb +2 -2
- data/spec/dummy/app/controllers/semi_protected_resources_controller.rb +2 -2
- data/spec/dummy/app/models/user.rb +5 -5
- data/spec/dummy/config/application.rb +3 -1
- data/spec/dummy/config/boot.rb +4 -1
- data/spec/dummy/db/development.sqlite3 +0 -0
- data/spec/dummy/db/migrate/20141209001746_add_scopes_to_oauth_applications.rb +5 -0
- data/spec/dummy/db/schema.rb +41 -40
- data/spec/factories.rb +24 -0
- data/spec/lib/config_spec.rb +30 -10
- data/spec/lib/models/expirable_spec.rb +1 -1
- data/spec/lib/models/revocable_spec.rb +8 -3
- data/spec/lib/models/scopes_spec.rb +3 -3
- data/spec/lib/oauth/client_spec.rb +1 -1
- data/spec/lib/oauth/password_access_token_request_spec.rb +1 -1
- data/spec/lib/oauth/pre_authorization_spec.rb +43 -9
- data/spec/lib/oauth/token_request_spec.rb +28 -1
- data/spec/lib/oauth/token_spec.rb +1 -1
- data/spec/models/doorkeeper/application_spec.rb +16 -1
- data/spec/requests/applications/applications_request_spec.rb +6 -4
- data/spec/requests/flows/implicit_grant_spec.rb +32 -0
- data/spec/requests/flows/refresh_token_spec.rb +12 -3
- data/spec/spec_helper_integration.rb +8 -2
- data/spec/support/shared/controllers_shared_context.rb +2 -2
- data/spec/validators/redirect_uri_validator_spec.rb +30 -3
- metadata +52 -39
- data/lib/doorkeeper/doorkeeper_for.rb +0 -69
- data/lib/doorkeeper/helpers/filter.rb +0 -64
- data/lib/doorkeeper/models/access_grant.rb +0 -30
- data/lib/doorkeeper/models/access_token.rb +0 -106
- data/lib/doorkeeper/models/active_record/access_grant.rb +0 -9
- data/lib/doorkeeper/models/active_record/access_token.rb +0 -25
- data/lib/doorkeeper/models/application.rb +0 -40
- data/lib/doorkeeper/models/mongoid/scopes.rb +0 -15
- data/lib/doorkeeper/models/mongoid/version.rb +0 -15
- data/lib/doorkeeper/models/mongoid3_4/access_grant.rb +0 -27
- data/lib/doorkeeper/models/mongoid3_4/access_token.rb +0 -46
- data/lib/doorkeeper/models/scopes.rb +0 -21
- data/lib/generators/doorkeeper/mongo_mapper/indexes_generator.rb +0 -12
- data/script/rails +0 -5
- data/script/run_all +0 -14
- data/spec/factories/access_grant.rb +0 -9
- data/spec/factories/access_token.rb +0 -11
- data/spec/factories/application.rb +0 -6
- /data/lib/{generators/doorkeeper → doorkeeper/generators/doorkeeper/mongo_mapper}/templates/indexes.rb +0 -0
- /data/lib/doorkeeper/models/{accessible.rb → concerns/accessible.rb} +0 -0
|
@@ -1,21 +1,22 @@
|
|
|
1
1
|
module Doorkeeper
|
|
2
2
|
class AccessToken
|
|
3
3
|
include MongoMapper::Document
|
|
4
|
+
|
|
5
|
+
include AccessTokenMixin
|
|
6
|
+
|
|
4
7
|
safe
|
|
5
8
|
timestamps!
|
|
6
9
|
|
|
7
10
|
set_collection_name 'oauth_access_tokens'
|
|
8
11
|
|
|
9
12
|
key :resource_owner_id, ObjectId
|
|
13
|
+
key :application_id, ObjectId
|
|
10
14
|
key :token, String
|
|
15
|
+
key :refresh_token, String
|
|
11
16
|
key :expires_in, Integer
|
|
12
17
|
key :revoked_at, DateTime
|
|
13
18
|
key :scopes, String
|
|
14
19
|
|
|
15
|
-
def scopes=(value)
|
|
16
|
-
write_attribute :scopes, value if value.present?
|
|
17
|
-
end
|
|
18
|
-
|
|
19
20
|
def self.last
|
|
20
21
|
self.sort(:created_at).last
|
|
21
22
|
end
|
|
@@ -26,23 +27,17 @@ module Doorkeeper
|
|
|
26
27
|
end
|
|
27
28
|
private_class_method :delete_all_for
|
|
28
29
|
|
|
29
|
-
def self.
|
|
30
|
-
|
|
31
|
-
|
|
32
|
-
revoked_at: nil).
|
|
33
|
-
sort(:created_at.desc).
|
|
34
|
-
limit(1).
|
|
35
|
-
first
|
|
30
|
+
def self.create_indexes
|
|
31
|
+
ensure_index :token, unique: true
|
|
32
|
+
ensure_index [[:refresh_token, 1]], unique: true, sparse: true
|
|
36
33
|
end
|
|
37
|
-
private_class_method :last_authorized_token_for
|
|
38
34
|
|
|
39
|
-
def
|
|
40
|
-
|
|
35
|
+
def self.order_method
|
|
36
|
+
:sort
|
|
41
37
|
end
|
|
42
38
|
|
|
43
|
-
def self.
|
|
44
|
-
|
|
45
|
-
ensure_index [[:refresh_token, 1]], unique: true, sparse: true
|
|
39
|
+
def self.created_at_desc
|
|
40
|
+
:created_at.desc
|
|
46
41
|
end
|
|
47
42
|
end
|
|
48
43
|
end
|
|
@@ -1,6 +1,9 @@
|
|
|
1
1
|
module Doorkeeper
|
|
2
2
|
class Application
|
|
3
3
|
include MongoMapper::Document
|
|
4
|
+
|
|
5
|
+
include ApplicationMixin
|
|
6
|
+
|
|
4
7
|
safe
|
|
5
8
|
timestamps!
|
|
6
9
|
|
|
@@ -14,10 +17,6 @@ module Doorkeeper
|
|
|
14
17
|
key :redirect_uri, String
|
|
15
18
|
key :scopes, String
|
|
16
19
|
|
|
17
|
-
def scopes=(value)
|
|
18
|
-
write_attribute :scopes, value if value.present?
|
|
19
|
-
end
|
|
20
|
-
|
|
21
20
|
def self.authorized_for(resource_owner)
|
|
22
21
|
ids = AccessToken.where(resource_owner_id: resource_owner.id, revoked_at: nil).map(&:application_id)
|
|
23
22
|
find(ids)
|
|
@@ -0,0 +1,11 @@
|
|
|
1
|
+
module Doorkeeper
|
|
2
|
+
module Orm
|
|
3
|
+
module MongoMapper
|
|
4
|
+
def self.initialize_models!
|
|
5
|
+
require 'doorkeeper/orm/mongo_mapper/access_grant'
|
|
6
|
+
require 'doorkeeper/orm/mongo_mapper/access_token'
|
|
7
|
+
require 'doorkeeper/orm/mongo_mapper/application'
|
|
8
|
+
end
|
|
9
|
+
end
|
|
10
|
+
end
|
|
11
|
+
end
|
|
@@ -1,15 +1,17 @@
|
|
|
1
|
-
require 'doorkeeper/
|
|
1
|
+
require 'doorkeeper/orm/mongoid2/concerns/scopes'
|
|
2
2
|
|
|
3
3
|
module Doorkeeper
|
|
4
4
|
class AccessGrant
|
|
5
5
|
include Mongoid::Document
|
|
6
6
|
include Mongoid::Timestamps
|
|
7
|
-
|
|
7
|
+
|
|
8
|
+
include AccessGrantMixin
|
|
9
|
+
include Models::Mongoid2::Scopes
|
|
8
10
|
|
|
9
11
|
self.store_in :oauth_access_grants
|
|
10
12
|
|
|
11
13
|
field :resource_owner_id, type: Integer
|
|
12
|
-
field :application_id, type:
|
|
14
|
+
field :application_id, type: BSON::ObjectId
|
|
13
15
|
field :token, type: String
|
|
14
16
|
field :expires_in, type: Integer
|
|
15
17
|
field :redirect_uri, type: String
|
|
@@ -1,15 +1,19 @@
|
|
|
1
|
-
require 'doorkeeper/
|
|
1
|
+
require 'doorkeeper/orm/mongoid2/concerns/scopes'
|
|
2
2
|
|
|
3
3
|
module Doorkeeper
|
|
4
4
|
class AccessToken
|
|
5
5
|
include Mongoid::Document
|
|
6
6
|
include Mongoid::Timestamps
|
|
7
|
-
|
|
7
|
+
|
|
8
|
+
include AccessTokenMixin
|
|
9
|
+
include Models::Mongoid2::Scopes
|
|
8
10
|
|
|
9
11
|
self.store_in :oauth_access_tokens
|
|
10
12
|
|
|
11
13
|
field :resource_owner_id, type: Integer
|
|
14
|
+
field :application_id, type: BSON::ObjectId
|
|
12
15
|
field :token, type: String
|
|
16
|
+
field :refresh_token, type: String
|
|
13
17
|
field :expires_in, type: Integer
|
|
14
18
|
field :revoked_at, type: DateTime
|
|
15
19
|
|
|
@@ -22,18 +26,12 @@ module Doorkeeper
|
|
|
22
26
|
end
|
|
23
27
|
private_class_method :delete_all_for
|
|
24
28
|
|
|
25
|
-
def self.
|
|
26
|
-
|
|
27
|
-
resource_owner_id: resource_owner_id,
|
|
28
|
-
revoked_at: nil).
|
|
29
|
-
order_by([:created_at, :desc]).
|
|
30
|
-
limit(1).
|
|
31
|
-
first
|
|
29
|
+
def self.order_method
|
|
30
|
+
:order_by
|
|
32
31
|
end
|
|
33
|
-
private_class_method :last_authorized_token_for
|
|
34
32
|
|
|
35
|
-
def
|
|
36
|
-
|
|
33
|
+
def self.created_at_desc
|
|
34
|
+
[:created_at, :desc]
|
|
37
35
|
end
|
|
38
36
|
end
|
|
39
37
|
end
|
|
@@ -0,0 +1,30 @@
|
|
|
1
|
+
module Doorkeeper
|
|
2
|
+
module Models
|
|
3
|
+
module Mongoid2
|
|
4
|
+
module Scopes
|
|
5
|
+
extend ActiveSupport::Concern
|
|
6
|
+
|
|
7
|
+
# It's strange that if not define these after included will raise error
|
|
8
|
+
# in Mongoid 2 and 3, but 4 works well see:
|
|
9
|
+
# https://travis-ci.org/jasl/doorkeeper/builds/31586902
|
|
10
|
+
included do
|
|
11
|
+
def scopes
|
|
12
|
+
OAuth::Scopes.from_string(self[:scopes])
|
|
13
|
+
end
|
|
14
|
+
|
|
15
|
+
def scopes_string
|
|
16
|
+
self[:scopes]
|
|
17
|
+
end
|
|
18
|
+
|
|
19
|
+
def includes_scope?(*required_scopes)
|
|
20
|
+
required_scopes.blank? || required_scopes.any? { |s| scopes.exists?(s.to_s) }
|
|
21
|
+
end
|
|
22
|
+
|
|
23
|
+
def scopes=(value)
|
|
24
|
+
write_attribute :scopes, value if value.present?
|
|
25
|
+
end
|
|
26
|
+
end
|
|
27
|
+
end
|
|
28
|
+
end
|
|
29
|
+
end
|
|
30
|
+
end
|
|
@@ -0,0 +1,22 @@
|
|
|
1
|
+
require 'doorkeeper/orm/mongoid3/concerns/scopes'
|
|
2
|
+
|
|
3
|
+
module Doorkeeper
|
|
4
|
+
class AccessGrant
|
|
5
|
+
include Mongoid::Document
|
|
6
|
+
include Mongoid::Timestamps
|
|
7
|
+
|
|
8
|
+
include AccessGrantMixin
|
|
9
|
+
include Models::Mongoid3::Scopes
|
|
10
|
+
|
|
11
|
+
self.store_in collection: :oauth_access_grants
|
|
12
|
+
|
|
13
|
+
field :resource_owner_id, type: Moped::BSON::ObjectId
|
|
14
|
+
field :application_id, type: Moped::BSON::ObjectId
|
|
15
|
+
field :token, type: String
|
|
16
|
+
field :expires_in, type: Integer
|
|
17
|
+
field :redirect_uri, type: String
|
|
18
|
+
field :revoked_at, type: DateTime
|
|
19
|
+
|
|
20
|
+
index({ token: 1 }, { unique: true })
|
|
21
|
+
end
|
|
22
|
+
end
|
|
@@ -0,0 +1,37 @@
|
|
|
1
|
+
require 'doorkeeper/orm/mongoid3/concerns/scopes'
|
|
2
|
+
|
|
3
|
+
module Doorkeeper
|
|
4
|
+
class AccessToken
|
|
5
|
+
include Mongoid::Document
|
|
6
|
+
include Mongoid::Timestamps
|
|
7
|
+
|
|
8
|
+
include AccessTokenMixin
|
|
9
|
+
include Models::Mongoid3::Scopes
|
|
10
|
+
|
|
11
|
+
self.store_in collection: :oauth_access_tokens
|
|
12
|
+
|
|
13
|
+
field :resource_owner_id, type: Moped::BSON::ObjectId
|
|
14
|
+
field :application_id, type: Moped::BSON::ObjectId
|
|
15
|
+
field :token, type: String
|
|
16
|
+
field :refresh_token, type: String
|
|
17
|
+
field :expires_in, type: Integer
|
|
18
|
+
field :revoked_at, type: DateTime
|
|
19
|
+
|
|
20
|
+
index({ token: 1 }, { unique: true })
|
|
21
|
+
index({ refresh_token: 1 }, { unique: true, sparse: true })
|
|
22
|
+
|
|
23
|
+
def self.delete_all_for(application_id, resource_owner)
|
|
24
|
+
where(application_id: application_id,
|
|
25
|
+
resource_owner_id: resource_owner.id).delete_all
|
|
26
|
+
end
|
|
27
|
+
private_class_method :delete_all_for
|
|
28
|
+
|
|
29
|
+
def self.order_method
|
|
30
|
+
:order_by
|
|
31
|
+
end
|
|
32
|
+
|
|
33
|
+
def self.created_at_desc
|
|
34
|
+
[:created_at, :desc]
|
|
35
|
+
end
|
|
36
|
+
end
|
|
37
|
+
end
|
|
@@ -0,0 +1,30 @@
|
|
|
1
|
+
module Doorkeeper
|
|
2
|
+
module Models
|
|
3
|
+
module Mongoid3
|
|
4
|
+
module Scopes
|
|
5
|
+
extend ActiveSupport::Concern
|
|
6
|
+
|
|
7
|
+
# It's strange that if not define these after included will raise error
|
|
8
|
+
# in Mongoid 2 and 3, but 4 works well see:
|
|
9
|
+
# https://travis-ci.org/jasl/doorkeeper/builds/31586902
|
|
10
|
+
included do
|
|
11
|
+
def scopes
|
|
12
|
+
OAuth::Scopes.from_string(self[:scopes])
|
|
13
|
+
end
|
|
14
|
+
|
|
15
|
+
def scopes_string
|
|
16
|
+
self[:scopes]
|
|
17
|
+
end
|
|
18
|
+
|
|
19
|
+
def includes_scope?(*required_scopes)
|
|
20
|
+
required_scopes.blank? || required_scopes.any? { |s| scopes.exists?(s.to_s) }
|
|
21
|
+
end
|
|
22
|
+
|
|
23
|
+
def scopes=(value)
|
|
24
|
+
write_attribute :scopes, value if value.present?
|
|
25
|
+
end
|
|
26
|
+
end
|
|
27
|
+
end
|
|
28
|
+
end
|
|
29
|
+
end
|
|
30
|
+
end
|
|
@@ -0,0 +1,22 @@
|
|
|
1
|
+
require 'doorkeeper/orm/mongoid4/concerns/scopes'
|
|
2
|
+
|
|
3
|
+
module Doorkeeper
|
|
4
|
+
class AccessGrant
|
|
5
|
+
include Mongoid::Document
|
|
6
|
+
include Mongoid::Timestamps
|
|
7
|
+
|
|
8
|
+
include AccessGrantMixin
|
|
9
|
+
include Models::Mongoid4::Scopes
|
|
10
|
+
|
|
11
|
+
self.store_in collection: :oauth_access_grants
|
|
12
|
+
|
|
13
|
+
field :resource_owner_id, type: BSON::ObjectId
|
|
14
|
+
field :application_id, type: BSON::ObjectId
|
|
15
|
+
field :token, type: String
|
|
16
|
+
field :expires_in, type: Integer
|
|
17
|
+
field :redirect_uri, type: String
|
|
18
|
+
field :revoked_at, type: DateTime
|
|
19
|
+
|
|
20
|
+
index({ token: 1 }, { unique: true })
|
|
21
|
+
end
|
|
22
|
+
end
|
|
@@ -0,0 +1,37 @@
|
|
|
1
|
+
require 'doorkeeper/orm/mongoid4/concerns/scopes'
|
|
2
|
+
|
|
3
|
+
module Doorkeeper
|
|
4
|
+
class AccessToken
|
|
5
|
+
include Mongoid::Document
|
|
6
|
+
include Mongoid::Timestamps
|
|
7
|
+
|
|
8
|
+
include AccessTokenMixin
|
|
9
|
+
include Models::Mongoid4::Scopes
|
|
10
|
+
|
|
11
|
+
self.store_in collection: :oauth_access_tokens
|
|
12
|
+
|
|
13
|
+
field :resource_owner_id, type: BSON::ObjectId
|
|
14
|
+
field :application_id, type: BSON::ObjectId
|
|
15
|
+
field :token, type: String
|
|
16
|
+
field :refresh_token, type: String
|
|
17
|
+
field :expires_in, type: Integer
|
|
18
|
+
field :revoked_at, type: DateTime
|
|
19
|
+
|
|
20
|
+
index({ token: 1 }, { unique: true })
|
|
21
|
+
index({ refresh_token: 1 }, { unique: true, sparse: true })
|
|
22
|
+
|
|
23
|
+
def self.delete_all_for(application_id, resource_owner)
|
|
24
|
+
where(application_id: application_id,
|
|
25
|
+
resource_owner_id: resource_owner.id).delete_all
|
|
26
|
+
end
|
|
27
|
+
private_class_method :delete_all_for
|
|
28
|
+
|
|
29
|
+
def self.order_method
|
|
30
|
+
:order_by
|
|
31
|
+
end
|
|
32
|
+
|
|
33
|
+
def self.created_at_desc
|
|
34
|
+
[:created_at, :desc]
|
|
35
|
+
end
|
|
36
|
+
end
|
|
37
|
+
end
|
|
@@ -0,0 +1,25 @@
|
|
|
1
|
+
module Doorkeeper
|
|
2
|
+
class Application
|
|
3
|
+
include Mongoid::Document
|
|
4
|
+
include Mongoid::Timestamps
|
|
5
|
+
include Models::Mongoid4::Scopes
|
|
6
|
+
|
|
7
|
+
include ApplicationMixin
|
|
8
|
+
|
|
9
|
+
self.store_in collection: :oauth_applications
|
|
10
|
+
|
|
11
|
+
field :name, type: String
|
|
12
|
+
field :uid, type: String
|
|
13
|
+
field :secret, type: String
|
|
14
|
+
field :redirect_uri, type: String
|
|
15
|
+
|
|
16
|
+
index({ uid: 1 }, { unique: true })
|
|
17
|
+
|
|
18
|
+
has_many :authorized_tokens, class_name: 'Doorkeeper::AccessToken'
|
|
19
|
+
|
|
20
|
+
def self.authorized_for(resource_owner)
|
|
21
|
+
ids = AccessToken.where(resource_owner_id: resource_owner.id, revoked_at: nil).map(&:application_id)
|
|
22
|
+
find(ids)
|
|
23
|
+
end
|
|
24
|
+
end
|
|
25
|
+
end
|
|
@@ -0,0 +1,17 @@
|
|
|
1
|
+
module Doorkeeper
|
|
2
|
+
module Models
|
|
3
|
+
module Mongoid4
|
|
4
|
+
module Scopes
|
|
5
|
+
extend ActiveSupport::Concern
|
|
6
|
+
|
|
7
|
+
included do
|
|
8
|
+
field :scopes, type: String
|
|
9
|
+
end
|
|
10
|
+
|
|
11
|
+
def scopes=(value)
|
|
12
|
+
write_attribute :scopes, value if value.present?
|
|
13
|
+
end
|
|
14
|
+
end
|
|
15
|
+
end
|
|
16
|
+
end
|
|
17
|
+
end
|
|
@@ -0,0 +1,63 @@
|
|
|
1
|
+
module Doorkeeper
|
|
2
|
+
module Rails
|
|
3
|
+
module Helpers
|
|
4
|
+
extend ActiveSupport::Concern
|
|
5
|
+
|
|
6
|
+
module ClassMethods
|
|
7
|
+
def doorkeeper_for(*args, &block)
|
|
8
|
+
fail Errors::DoorkeeperError, "`doorkeeper_for` no longer available", <<-eos
|
|
9
|
+
\nStarting in version 2.0.0 of doorkeeper gem, `doorkeeper_for` is no longer
|
|
10
|
+
available. Please change `doorkeeper_for` calls in your application with:
|
|
11
|
+
|
|
12
|
+
before_action :doorkeeper_authorize!
|
|
13
|
+
|
|
14
|
+
For more information check the README:
|
|
15
|
+
https://github.com/doorkeeper-gem/doorkeeper#protecting-resources-with-oauth-aka-your-api-endpoint\n
|
|
16
|
+
eos
|
|
17
|
+
end
|
|
18
|
+
end
|
|
19
|
+
|
|
20
|
+
def doorkeeper_token
|
|
21
|
+
@_doorkeeper_token ||= OAuth::Token.authenticate request, *Doorkeeper.configuration.access_token_methods
|
|
22
|
+
end
|
|
23
|
+
|
|
24
|
+
def valid_doorkeeper_token?(*scopes)
|
|
25
|
+
doorkeeper_token && doorkeeper_token.acceptable?(scopes)
|
|
26
|
+
end
|
|
27
|
+
|
|
28
|
+
def doorkeeper_authorize!(*scopes)
|
|
29
|
+
scopes ||= Doorkeeper.configuration.default_scopes
|
|
30
|
+
|
|
31
|
+
unless valid_doorkeeper_token?(*scopes)
|
|
32
|
+
if !doorkeeper_token || !doorkeeper_token.accessible?
|
|
33
|
+
error = OAuth::InvalidTokenResponse.from_access_token(doorkeeper_token)
|
|
34
|
+
options = doorkeeper_unauthorized_render_options
|
|
35
|
+
else
|
|
36
|
+
error = OAuth::ForbiddenTokenResponse.from_scopes(scopes)
|
|
37
|
+
options = doorkeeper_forbidden_render_options
|
|
38
|
+
end
|
|
39
|
+
headers.merge!(error.headers.reject { |k| ['Content-Type'].include? k })
|
|
40
|
+
doorkeeper_error_renderer(error, options)
|
|
41
|
+
end
|
|
42
|
+
end
|
|
43
|
+
|
|
44
|
+
def doorkeeper_unauthorized_render_options
|
|
45
|
+
nil
|
|
46
|
+
end
|
|
47
|
+
|
|
48
|
+
def doorkeeper_forbidden_render_options
|
|
49
|
+
nil
|
|
50
|
+
end
|
|
51
|
+
|
|
52
|
+
def doorkeeper_error_renderer(error, options = {})
|
|
53
|
+
if options.blank?
|
|
54
|
+
head error.status
|
|
55
|
+
else
|
|
56
|
+
options[:status] = error.status
|
|
57
|
+
options[:layout] = false if options[:layout].nil?
|
|
58
|
+
render options
|
|
59
|
+
end
|
|
60
|
+
end
|
|
61
|
+
end
|
|
62
|
+
end
|
|
63
|
+
end
|
|
@@ -15,17 +15,6 @@ module Doorkeeper
|
|
|
15
15
|
ActionDispatch::Routing::Mapper.send :include, Doorkeeper::Rails::Routes::Helper
|
|
16
16
|
end
|
|
17
17
|
|
|
18
|
-
def self.warn_if_using_mount_method!
|
|
19
|
-
paths = ::Rails.application.config.paths['config/routes'] ||
|
|
20
|
-
::Rails.application.config.paths['config/routes.rb']
|
|
21
|
-
|
|
22
|
-
paths.each do |path|
|
|
23
|
-
if File.read(::Rails.root.join(path)) =~ %r{mount Doorkeeper::Engine}
|
|
24
|
-
warn "\n[DOORKEEPER] `mount Doorkeeper::Engine` is not being used anymore. Please replace it with `use_doorkeeper` in your #{path} file\n"
|
|
25
|
-
end
|
|
26
|
-
end
|
|
27
|
-
end
|
|
28
|
-
|
|
29
18
|
attr_accessor :routes
|
|
30
19
|
|
|
31
20
|
def initialize(routes, &block)
|
|
@@ -88,7 +77,7 @@ module Doorkeeper
|
|
|
88
77
|
end
|
|
89
78
|
|
|
90
79
|
def application_routes(mapping)
|
|
91
|
-
routes.resources :
|
|
80
|
+
routes.resources :doorkeeper_applications, controller: mapping[:controllers], as: :applications, path: 'applications'
|
|
92
81
|
end
|
|
93
82
|
|
|
94
83
|
def authorized_applications_routes(mapping)
|
data/lib/doorkeeper/server.rb
CHANGED
data/lib/doorkeeper/version.rb
CHANGED
data/lib/doorkeeper.rb
CHANGED
|
@@ -1,7 +1,6 @@
|
|
|
1
1
|
require 'doorkeeper/version'
|
|
2
2
|
require 'doorkeeper/engine'
|
|
3
3
|
require 'doorkeeper/config'
|
|
4
|
-
require 'doorkeeper/doorkeeper_for'
|
|
5
4
|
|
|
6
5
|
require 'doorkeeper/errors'
|
|
7
6
|
require 'doorkeeper/server'
|
|
@@ -33,15 +32,25 @@ require 'doorkeeper/oauth/token'
|
|
|
33
32
|
require 'doorkeeper/oauth/invalid_token_response'
|
|
34
33
|
require 'doorkeeper/oauth/forbidden_token_response'
|
|
35
34
|
|
|
36
|
-
require 'doorkeeper/models/scopes'
|
|
37
|
-
require 'doorkeeper/models/expirable'
|
|
38
|
-
require 'doorkeeper/models/revocable'
|
|
39
|
-
require 'doorkeeper/models/accessible'
|
|
35
|
+
require 'doorkeeper/models/concerns/scopes'
|
|
36
|
+
require 'doorkeeper/models/concerns/expirable'
|
|
37
|
+
require 'doorkeeper/models/concerns/revocable'
|
|
38
|
+
require 'doorkeeper/models/concerns/accessible'
|
|
39
|
+
|
|
40
|
+
require 'doorkeeper/models/access_grant_mixin'
|
|
41
|
+
require 'doorkeeper/models/access_token_mixin'
|
|
42
|
+
require 'doorkeeper/models/application_mixin'
|
|
40
43
|
|
|
41
|
-
require 'doorkeeper/helpers/filter'
|
|
42
44
|
require 'doorkeeper/helpers/controller'
|
|
43
45
|
|
|
44
46
|
require 'doorkeeper/rails/routes'
|
|
47
|
+
require 'doorkeeper/rails/helpers'
|
|
48
|
+
|
|
49
|
+
require 'doorkeeper/orm/active_record'
|
|
50
|
+
require 'doorkeeper/orm/mongo_mapper'
|
|
51
|
+
require 'doorkeeper/orm/mongoid2'
|
|
52
|
+
require 'doorkeeper/orm/mongoid3'
|
|
53
|
+
require 'doorkeeper/orm/mongoid4'
|
|
45
54
|
|
|
46
55
|
module Doorkeeper
|
|
47
56
|
def self.configured?
|
|
@@ -6,7 +6,10 @@ class Doorkeeper::ApplicationOwnerGenerator < Rails::Generators::Base
|
|
|
6
6
|
desc 'Provide support for client application ownership.'
|
|
7
7
|
|
|
8
8
|
def application_owner
|
|
9
|
-
migration_template
|
|
9
|
+
migration_template(
|
|
10
|
+
'add_owner_to_application_migration.rb',
|
|
11
|
+
'db/migrate/add_owner_to_application.rb'
|
|
12
|
+
)
|
|
10
13
|
end
|
|
11
14
|
|
|
12
15
|
def self.next_migration_number(dirname)
|
|
@@ -0,0 +1,34 @@
|
|
|
1
|
+
require 'rails/generators/active_record'
|
|
2
|
+
|
|
3
|
+
class Doorkeeper::ApplicationScopesGenerator < Rails::Generators::Base
|
|
4
|
+
include Rails::Generators::Migration
|
|
5
|
+
source_root File.expand_path('../templates', __FILE__)
|
|
6
|
+
desc 'Copies ActiveRecord migrations to handle upgrade to doorkeeper 2'
|
|
7
|
+
|
|
8
|
+
def self.next_migration_number(path)
|
|
9
|
+
ActiveRecord::Generators::Base.next_migration_number(path)
|
|
10
|
+
end
|
|
11
|
+
|
|
12
|
+
def application_scopes
|
|
13
|
+
if oauth_applications_exists? && !scopes_column_exists?
|
|
14
|
+
migration_template(
|
|
15
|
+
'add_scopes_to_oauth_applications.rb',
|
|
16
|
+
'db/migrate/add_scopes_to_oauth_applications.rb'
|
|
17
|
+
)
|
|
18
|
+
end
|
|
19
|
+
end
|
|
20
|
+
|
|
21
|
+
private
|
|
22
|
+
|
|
23
|
+
def scopes_column_exists?
|
|
24
|
+
ActiveRecord::Base.connection.column_exists?(
|
|
25
|
+
:oauth_applications,
|
|
26
|
+
:scopes
|
|
27
|
+
)
|
|
28
|
+
end
|
|
29
|
+
|
|
30
|
+
# Might be running this before install
|
|
31
|
+
def oauth_applications_exists?
|
|
32
|
+
ActiveRecord::Base.connection.table_exists? :oauth_applications
|
|
33
|
+
end
|
|
34
|
+
end
|