doorkeeper 1.4.1 → 2.0.0

data/lib/doorkeeper/doorkeeper_for.rb

@@ -1,69 +0,0 @@
-module Doorkeeper
-  class InvalidSyntax < StandardError; end
-  class DoorkeeperFor
-    attr_reader :scopes
-
-    def initialize(options)
-      options ||= {}
-      fail InvalidSyntax unless options.is_a? Hash
-      @filter_options = {}
-
-      options.each do |k, v|
-        send("#{k}=", v)
-      end
-    end
-
-    def filter_options
-      @filter_options
-    end
-
-    private
-
-    def scopes=(scopes)
-      @scopes = scopes.map(&:to_s)
-    end
-
-    def if=(if_block)
-      @filter_options[:if] = if_block
-    end
-
-    def unless=(unless_block)
-      @filter_options[:unless] = unless_block
-    end
-  end
-
-  class AllDoorkeeperFor < DoorkeeperFor
-    private
-
-    def except=(actions)
-      @filter_options[:except] = actions
-    end
-  end
-
-  class SelectedDoorkeeperFor < DoorkeeperFor
-    def initialize(*args)
-      options = args.pop if args.last.is_a? Hash
-      super(options)
-      only(args)
-    end
-
-    private
-
-    def only(actions)
-      @filter_options[:only] = actions
-    end
-  end
-
-  class DoorkeeperForBuilder
-    def self.create_doorkeeper_for(*args)
-      case args.first
-      when :all
-        AllDoorkeeperFor.new(args[1] || {})
-      when Hash, nil
-        fail InvalidSyntax
-      else
-        SelectedDoorkeeperFor.new(*args)
-      end
-    end
-  end
-end

data/lib/doorkeeper/helpers/filter.rb

@@ -1,64 +0,0 @@
-module Doorkeeper
-  module Helpers
-    module Filter
-      module ClassMethods
-        def doorkeeper_for(*args)
-          doorkeeper_for = DoorkeeperForBuilder.create_doorkeeper_for(*args)
-
-          before_filter doorkeeper_for.filter_options do
-            unless valid_token?(doorkeeper_for.scopes)
-              if !doorkeeper_token || !doorkeeper_token.accessible?
-                @error = OAuth::InvalidTokenResponse.from_access_token(doorkeeper_token)
-                error_status = :unauthorized
-                options = doorkeeper_unauthorized_render_options
-              else
-                @error = OAuth::ForbiddenTokenResponse.from_scopes(doorkeeper_for.scopes)
-                error_status = :forbidden
-                options = doorkeeper_forbidden_render_options
-              end
-              headers.merge!(@error.headers.reject { |k, v| ['Content-Type'].include? k })
-              render_error(error_status, options)
-            end
-          end
-        end
-      end
-
-      def self.included(base)
-        base.extend ClassMethods
-        base.send :private, :doorkeeper_token, :doorkeeper_unauthorized_render_options
-      end
-
-      def doorkeeper_token
-        @token ||= OAuth::Token.authenticate request, *config_methods
-      end
-
-      def config_methods
-        @methods ||= Doorkeeper.configuration.access_token_methods
-      end
-
-      def doorkeeper_unauthorized_render_options
-        nil
-      end
-
-      def doorkeeper_forbidden_render_options
-        nil
-      end
-
-      private
-
-      def valid_token?(scopes)
-        doorkeeper_token && doorkeeper_token.acceptable?(scopes)
-      end
-
-      def render_error(error, options)
-        if options.blank?
-          head error
-        else
-          options[:status] = error
-          options[:layout] = false if options[:layout].nil?
-          render options
-        end
-      end
-    end
-  end
-end

data/lib/doorkeeper/models/access_grant.rb

@@ -1,30 +0,0 @@
-module Doorkeeper
-  class AccessGrant
-    include OAuth::Helpers
-    include Models::Expirable
-    include Models::Revocable
-    include Models::Accessible
-    include Models::Scopes
-
-    belongs_to :application, class_name: 'Doorkeeper::Application', inverse_of: :access_grants
-
-    if ::Rails.version.to_i < 4 || defined?(ProtectedAttributes)
-      attr_accessible :resource_owner_id, :application_id, :expires_in, :redirect_uri, :scopes
-    end
-
-    validates :resource_owner_id, :application_id, :token, :expires_in, :redirect_uri, presence: true
-    validates :token, uniqueness: true
-
-    before_validation :generate_token, on: :create
-
-    def self.authenticate(token)
-      where(token: token).first
-    end
-
-    private
-
-    def generate_token
-      self.token = UniqueToken.generate
-    end
-  end
-end

data/lib/doorkeeper/models/access_token.rb

@@ -1,106 +0,0 @@
-module Doorkeeper
-  class AccessToken
-    include OAuth::Helpers
-    include Models::Expirable
-    include Models::Revocable
-    include Models::Accessible
-    include Models::Scopes
-
-    belongs_to :application,
-               class_name: 'Doorkeeper::Application',
-               inverse_of: :access_tokens
-
-    validates :token, presence: true
-    validates :token, uniqueness: true
-    validates :refresh_token, uniqueness: true, if: :use_refresh_token?
-
-    attr_accessor :use_refresh_token
-    if ::Rails.version.to_i < 4 || defined?(ProtectedAttributes)
-      attr_accessible :application_id, :resource_owner_id, :expires_in,
-                      :scopes, :use_refresh_token
-    end
-
-    before_validation :generate_token, on: :create
-    before_validation :generate_refresh_token,
-                      on: :create,
-                      if: :use_refresh_token?
-
-    def self.authenticate(token)
-      where(token: token).first
-    end
-
-    def self.by_refresh_token(refresh_token)
-      where(refresh_token: refresh_token).first
-    end
-
-    def self.revoke_all_for(application_id, resource_owner)
-      where(application_id: application_id,
-            resource_owner_id: resource_owner.id,
-            revoked_at: nil)
-      .map(&:revoke)
-    end
-
-    def self.matching_token_for(application, resource_owner_or_id, scopes)
-      resource_owner_id = if resource_owner_or_id.respond_to?(:to_key)
-                            resource_owner_or_id.id
-                          else
-                            resource_owner_or_id
-                          end
-      token = last_authorized_token_for(application.try(:id), resource_owner_id)
-      token if token && ScopeChecker.matches?(token.scopes, scopes)
-    end
-
-    def self.find_or_create_for(application, resource_owner_id, scopes, expires_in, use_refresh_token)
-      if Doorkeeper.configuration.reuse_access_token
-        access_token = matching_token_for(application, resource_owner_id, scopes)
-        if access_token && !access_token.expired?
-          return access_token
-        end
-      end
-      create!(
-        application_id:    application.try(:id),
-        resource_owner_id: resource_owner_id,
-        scopes:            scopes.to_s,
-        expires_in:        expires_in,
-        use_refresh_token: use_refresh_token
-      )
-    end
-
-    def token_type
-      'bearer'
-    end
-
-    def use_refresh_token?
-      use_refresh_token
-    end
-
-    def as_json(options = {})
-      {
-        resource_owner_id: resource_owner_id,
-        scopes: scopes,
-        expires_in_seconds: expires_in_seconds,
-        application: { uid: application.try(:uid) }
-      }
-    end
-
-    # It indicates whether the tokens have the same credential
-    def same_credential?(access_token)
-      application_id == access_token.application_id &&
-        resource_owner_id == access_token.resource_owner_id
-    end
-
-    def acceptable?(scopes)
-      accessible? && includes_scope?(scopes)
-    end
-
-    private
-
-    def generate_refresh_token
-      write_attribute :refresh_token, UniqueToken.generate
-    end
-
-    def generate_token
-      self.token = UniqueToken.generate
-    end
-  end
-end

data/lib/doorkeeper/models/active_record/access_grant.rb

@@ -1,9 +0,0 @@
-module Doorkeeper
-  class AccessGrant < ActiveRecord::Base
-    if Doorkeeper.configuration.active_record_options[:establish_connection]
-      establish_connection Doorkeeper.configuration.active_record_options[:establish_connection]
-    end
-
-    self.table_name = "#{table_name_prefix}oauth_access_grants#{table_name_suffix}".to_sym
-  end
-end

data/lib/doorkeeper/models/active_record/access_token.rb

@@ -1,25 +0,0 @@
-module Doorkeeper
-  class AccessToken < ActiveRecord::Base
-    if Doorkeeper.configuration.active_record_options[:establish_connection]
-      establish_connection Doorkeeper.configuration.active_record_options[:establish_connection]
-    end
-
-    self.table_name = "#{table_name_prefix}oauth_access_tokens#{table_name_suffix}".to_sym
-
-    def self.delete_all_for(application_id, resource_owner)
-      where(application_id: application_id,
-            resource_owner_id: resource_owner.id).delete_all
-    end
-    private_class_method :delete_all_for
-
-    def self.last_authorized_token_for(application_id, resource_owner_id)
-      where(application_id: application_id,
-            resource_owner_id: resource_owner_id,
-            revoked_at: nil).
-        order('created_at desc').
-        limit(1).
-        first
-    end
-    private_class_method :last_authorized_token_for
-  end
-end

data/lib/doorkeeper/models/application.rb

@@ -1,40 +0,0 @@
-module Doorkeeper
-  class Application
-    include OAuth::Helpers
-
-    has_many :access_grants, dependent: :destroy, class_name: 'Doorkeeper::AccessGrant'
-    has_many :access_tokens, dependent: :destroy, class_name: 'Doorkeeper::AccessToken'
-
-    validates :name, :secret, :uid, presence: true
-    validates :uid, uniqueness: true
-    validates :redirect_uri, redirect_uri: true
-
-    before_validation :generate_uid, :generate_secret, on: :create
-
-    if ::Rails.version.to_i < 4 || defined?(ProtectedAttributes)
-      attr_accessible :name, :redirect_uri
-    end
-
-    def self.model_name
-      ActiveModel::Name.new(self, Doorkeeper, 'Application')
-    end
-
-    def self.authenticate(uid, secret)
-      self.where(uid: uid, secret: secret).first
-    end
-
-    def self.by_uid(uid)
-      self.where(uid: uid).first
-    end
-
-    private
-
-    def generate_uid
-      self.uid ||= UniqueToken.generate
-    end
-
-    def generate_secret
-      self.secret ||= UniqueToken.generate
-    end
-  end
-end

data/lib/doorkeeper/models/mongoid/scopes.rb

@@ -1,15 +0,0 @@
-module Doorkeeper
-  module Models
-    module Mongoid
-      module Scopes
-        def self.included(base)
-          base.class_eval do
-            def scopes=(value)
-              write_attribute :scopes, value if value.present?
-            end
-          end
-        end
-      end
-    end
-  end
-end

data/lib/doorkeeper/models/mongoid/version.rb

@@ -1,15 +0,0 @@
-module Doorkeeper
-  module Models
-    module Mongoid
-      module Version
-        def mongoid3?
-          ::Mongoid::VERSION.starts_with?('3')
-        end
-
-        def mongoid4?
-          ::Mongoid::VERSION.starts_with?('4')
-        end
-      end
-    end
-  end
-end

data/lib/doorkeeper/models/mongoid3_4/access_grant.rb

@@ -1,27 +0,0 @@
-require 'doorkeeper/models/mongoid/scopes'
-require 'doorkeeper/models/mongoid/version'
-
-module Doorkeeper
-  class AccessGrant
-    include Mongoid::Document
-    include Mongoid::Timestamps
-    include Models::Mongoid::Scopes
-    extend Models::Mongoid::Version
-
-    self.store_in collection: :oauth_access_grants
-
-    if defined?(Moped::BSON)
-      field :resource_owner_id, type: Moped::BSON::ObjectId
-    else
-      field :resource_owner_id, type: BSON::ObjectId
-    end
-
-    field :application_id, type: Hash
-    field :token, type: String
-    field :expires_in, type: Integer
-    field :redirect_uri, type: String
-    field :revoked_at, type: DateTime
-
-    index({ token: 1 }, { unique: true })
-  end
-end

data/lib/doorkeeper/models/mongoid3_4/access_token.rb

@@ -1,46 +0,0 @@
-require 'doorkeeper/models/mongoid/scopes'
-require 'doorkeeper/models/mongoid/version'
-
-module Doorkeeper
-  class AccessToken
-    include Mongoid::Document
-    include Mongoid::Timestamps
-    include Models::Mongoid::Scopes
-    extend Models::Mongoid::Version
-
-    self.store_in collection: :oauth_access_tokens
-
-    if defined?(Moped::BSON)
-      field :resource_owner_id, type: Moped::BSON::ObjectId
-    else
-      field :resource_owner_id, type: BSON::ObjectId
-    end
-
-    field :token, type: String
-    field :expires_in, type: Integer
-    field :revoked_at, type: DateTime
-
-    index({ token: 1 }, { unique: true })
-    index({ refresh_token: 1 }, { unique: true, sparse: true })
-
-    def self.delete_all_for(application_id, resource_owner)
-      where(application_id: application_id,
-            resource_owner_id: resource_owner.id).delete_all
-    end
-    private_class_method :delete_all_for
-
-    def self.last_authorized_token_for(application_id, resource_owner_id)
-      where(application_id: application_id,
-            resource_owner_id: resource_owner_id,
-            revoked_at: nil).
-        order_by([:created_at, :desc]).
-        limit(1).
-        first
-    end
-    private_class_method :last_authorized_token_for
-
-    def refresh_token
-      self[:refresh_token]
-    end
-  end
-end

data/lib/doorkeeper/models/scopes.rb

@@ -1,21 +0,0 @@
-module Doorkeeper
-  module Models
-    module Scopes
-      def self.included(base)
-        base.class_eval do
-          define_method :scopes do
-            OAuth::Scopes.from_string(self[:scopes])
-          end
-
-          define_method :scopes_string do
-            OAuth::Scopes.from_string(self[:scopes]).to_s
-          end
-
-          define_method :includes_scope? do |required_scopes|
-            required_scopes.blank? || required_scopes.any? { |s| scopes.exists?(s) }
-          end
-        end
-      end
-    end
-  end
-end

data/lib/generators/doorkeeper/mongo_mapper/indexes_generator.rb

@@ -1,12 +0,0 @@
-module Doorkeeper
-  module MongoMapper
-    class IndexesGenerator < ::Rails::Generators::Base
-      source_root File.expand_path('../../templates', __FILE__)
-      desc 'Creates an indexes file for use with MongoMapper\'s rake db:index'
-
-      def install
-        template 'indexes.rb' 'db/indexes.rb'
-      end
-    end
-  end
-end

data/script/rails

@@ -1,5 +0,0 @@
-#!/usr/bin/env ruby
-# This command will automatically be run when you run "rails" with Rails 3 gems installed from the root of your application.
-
-ENGINE_PATH = File.expand_path('../..',  __FILE__)
-load File.expand_path('../../spec/dummy/script/rails',  __FILE__)

data/script/run_all

@@ -1,14 +0,0 @@
-#!/usr/bin/env bash
-set -e
-
-rails=3.2.8 orm=active_record bundle install --quiet
-rails=3.2.8 orm=active_record bundle exec rake
-
-rails=3.2.8 orm=mongoid2 bundle install --quiet
-rails=3.2.8 orm=mongoid2 bundle exec rake
-
-rails=3.2.8 orm=mongoid3 bundle install --quiet
-rails=3.2.8 orm=mongoid3 bundle exec rake
-
-rails=3.2.8 orm=mongo_mapper bundle install --quiet
-rails=3.2.8 orm=mongo_mapper bundle exec rake

data/spec/factories/access_grant.rb

@@ -1,9 +0,0 @@
-FactoryGirl.define do
-  factory :access_grant, class: Doorkeeper::AccessGrant do
-    sequence(:resource_owner_id) { |n| n }
-    application
-    redirect_uri 'https://app.com/callback'
-    expires_in 100
-    scopes 'public write'
-  end
-end

data/spec/factories/access_token.rb

@@ -1,11 +0,0 @@
-FactoryGirl.define do
-  factory :access_token, class: Doorkeeper::AccessToken do
-    sequence(:resource_owner_id) { |n| n }
-    application
-    expires_in 2.hours
-
-    factory :clientless_access_token do
-      application nil
-    end
-  end
-end

data/spec/factories/application.rb

@@ -1,6 +0,0 @@
-FactoryGirl.define do
-  factory :application, class: Doorkeeper::Application do
-    sequence(:name) { |n| "Application #{n}" }
-    redirect_uri 'https://app.com/callback'
-  end
-end