doorkeeper 1.4.2 → 2.0.0.alpha1

data/lib/doorkeeper/doorkeeper_for.rb

@@ -1,69 +0,0 @@
-module Doorkeeper
-  class InvalidSyntax < StandardError; end
-  class DoorkeeperFor
-    attr_reader :scopes
-
-    def initialize(options)
-      options ||= {}
-      fail InvalidSyntax unless options.is_a? Hash
-      @filter_options = {}
-
-      options.each do |k, v|
-        send("#{k}=", v)
-      end
-    end
-
-    def filter_options
-      @filter_options
-    end
-
-    private
-
-    def scopes=(scopes)
-      @scopes = scopes.map(&:to_s)
-    end
-
-    def if=(if_block)
-      @filter_options[:if] = if_block
-    end
-
-    def unless=(unless_block)
-      @filter_options[:unless] = unless_block
-    end
-  end
-
-  class AllDoorkeeperFor < DoorkeeperFor
-    private
-
-    def except=(actions)
-      @filter_options[:except] = actions
-    end
-  end
-
-  class SelectedDoorkeeperFor < DoorkeeperFor
-    def initialize(*args)
-      options = args.pop if args.last.is_a? Hash
-      super(options)
-      only(args)
-    end
-
-    private
-
-    def only(actions)
-      @filter_options[:only] = actions
-    end
-  end
-
-  class DoorkeeperForBuilder
-    def self.create_doorkeeper_for(*args)
-      case args.first
-      when :all
-        AllDoorkeeperFor.new(args[1] || {})
-      when Hash, nil
-        fail InvalidSyntax
-      else
-        SelectedDoorkeeperFor.new(*args)
-      end
-    end
-  end
-end

data/lib/doorkeeper/helpers/filter.rb

@@ -1,64 +0,0 @@
-module Doorkeeper
-  module Helpers
-    module Filter
-      module ClassMethods
-        def doorkeeper_for(*args)
-          doorkeeper_for = DoorkeeperForBuilder.create_doorkeeper_for(*args)
-
-          before_filter doorkeeper_for.filter_options do
-            unless valid_token?(doorkeeper_for.scopes)
-              if !doorkeeper_token || !doorkeeper_token.accessible?
-                @error = OAuth::InvalidTokenResponse.from_access_token(doorkeeper_token)
-                error_status = :unauthorized
-                options = doorkeeper_unauthorized_render_options
-              else
-                @error = OAuth::ForbiddenTokenResponse.from_scopes(doorkeeper_for.scopes)
-                error_status = :forbidden
-                options = doorkeeper_forbidden_render_options
-              end
-              headers.merge!(@error.headers.reject { |k, v| ['Content-Type'].include? k })
-              render_error(error_status, options)
-            end
-          end
-        end
-      end
-
-      def self.included(base)
-        base.extend ClassMethods
-        base.send :private, :doorkeeper_token, :doorkeeper_unauthorized_render_options
-      end
-
-      def doorkeeper_token
-        @token ||= OAuth::Token.authenticate request, *config_methods
-      end
-
-      def config_methods
-        @methods ||= Doorkeeper.configuration.access_token_methods
-      end
-
-      def doorkeeper_unauthorized_render_options
-        nil
-      end
-
-      def doorkeeper_forbidden_render_options
-        nil
-      end
-
-      private
-
-      def valid_token?(scopes)
-        doorkeeper_token && doorkeeper_token.acceptable?(scopes)
-      end
-
-      def render_error(error, options)
-        if options.blank?
-          head error
-        else
-          options[:status] = error
-          options[:layout] = false if options[:layout].nil?
-          render options
-        end
-      end
-    end
-  end
-end

data/lib/doorkeeper/models/access_grant.rb

@@ -1,30 +0,0 @@
-module Doorkeeper
-  class AccessGrant
-    include OAuth::Helpers
-    include Models::Expirable
-    include Models::Revocable
-    include Models::Accessible
-    include Models::Scopes
-
-    belongs_to :application, class_name: 'Doorkeeper::Application', inverse_of: :access_grants
-
-    if ::Rails.version.to_i < 4 || defined?(ProtectedAttributes)
-      attr_accessible :resource_owner_id, :application_id, :expires_in, :redirect_uri, :scopes
-    end
-
-    validates :resource_owner_id, :application_id, :token, :expires_in, :redirect_uri, presence: true
-    validates :token, uniqueness: true
-
-    before_validation :generate_token, on: :create
-
-    def self.authenticate(token)
-      where(token: token).first
-    end
-
-    private
-
-    def generate_token
-      self.token = UniqueToken.generate
-    end
-  end
-end

data/lib/doorkeeper/models/access_token.rb

@@ -1,106 +0,0 @@
-module Doorkeeper
-  class AccessToken
-    include OAuth::Helpers
-    include Models::Expirable
-    include Models::Revocable
-    include Models::Accessible
-    include Models::Scopes
-
-    belongs_to :application,
-               class_name: 'Doorkeeper::Application',
-               inverse_of: :access_tokens
-
-    validates :token, presence: true
-    validates :token, uniqueness: true
-    validates :refresh_token, uniqueness: true, if: :use_refresh_token?
-
-    attr_accessor :use_refresh_token
-    if ::Rails.version.to_i < 4 || defined?(ProtectedAttributes)
-      attr_accessible :application_id, :resource_owner_id, :expires_in,
-                      :scopes, :use_refresh_token
-    end
-
-    before_validation :generate_token, on: :create
-    before_validation :generate_refresh_token,
-                      on: :create,
-                      if: :use_refresh_token?
-
-    def self.authenticate(token)
-      where(token: token).first
-    end
-
-    def self.by_refresh_token(refresh_token)
-      where(refresh_token: refresh_token).first
-    end
-
-    def self.revoke_all_for(application_id, resource_owner)
-      where(application_id: application_id,
-            resource_owner_id: resource_owner.id,
-            revoked_at: nil)
-      .map(&:revoke)
-    end
-
-    def self.matching_token_for(application, resource_owner_or_id, scopes)
-      resource_owner_id = if resource_owner_or_id.respond_to?(:to_key)
-                            resource_owner_or_id.id
-                          else
-                            resource_owner_or_id
-                          end
-      token = last_authorized_token_for(application.try(:id), resource_owner_id)
-      token if token && ScopeChecker.matches?(token.scopes, scopes)
-    end
-
-    def self.find_or_create_for(application, resource_owner_id, scopes, expires_in, use_refresh_token)
-      if Doorkeeper.configuration.reuse_access_token
-        access_token = matching_token_for(application, resource_owner_id, scopes)
-        if access_token && !access_token.expired?
-          return access_token
-        end
-      end
-      create!(
-        application_id:    application.try(:id),
-        resource_owner_id: resource_owner_id,
-        scopes:            scopes.to_s,
-        expires_in:        expires_in,
-        use_refresh_token: use_refresh_token
-      )
-    end
-
-    def token_type
-      'bearer'
-    end
-
-    def use_refresh_token?
-      use_refresh_token
-    end
-
-    def as_json(options = {})
-      {
-        resource_owner_id: resource_owner_id,
-        scopes: scopes,
-        expires_in_seconds: expires_in_seconds,
-        application: { uid: application.try(:uid) }
-      }
-    end
-
-    # It indicates whether the tokens have the same credential
-    def same_credential?(access_token)
-      application_id == access_token.application_id &&
-        resource_owner_id == access_token.resource_owner_id
-    end
-
-    def acceptable?(scopes)
-      accessible? && includes_scope?(scopes)
-    end
-
-    private
-
-    def generate_refresh_token
-      write_attribute :refresh_token, UniqueToken.generate
-    end
-
-    def generate_token
-      self.token = UniqueToken.generate
-    end
-  end
-end

data/lib/doorkeeper/models/active_record/access_grant.rb

@@ -1,9 +0,0 @@
-module Doorkeeper
-  class AccessGrant < ActiveRecord::Base
-    if Doorkeeper.configuration.active_record_options[:establish_connection]
-      establish_connection Doorkeeper.configuration.active_record_options[:establish_connection]
-    end
-
-    self.table_name = "#{table_name_prefix}oauth_access_grants#{table_name_suffix}".to_sym
-  end
-end

data/lib/doorkeeper/models/active_record/access_token.rb

@@ -1,25 +0,0 @@
-module Doorkeeper
-  class AccessToken < ActiveRecord::Base
-    if Doorkeeper.configuration.active_record_options[:establish_connection]
-      establish_connection Doorkeeper.configuration.active_record_options[:establish_connection]
-    end
-
-    self.table_name = "#{table_name_prefix}oauth_access_tokens#{table_name_suffix}".to_sym
-
-    def self.delete_all_for(application_id, resource_owner)
-      where(application_id: application_id,
-            resource_owner_id: resource_owner.id).delete_all
-    end
-    private_class_method :delete_all_for
-
-    def self.last_authorized_token_for(application_id, resource_owner_id)
-      where(application_id: application_id,
-            resource_owner_id: resource_owner_id,
-            revoked_at: nil).
-        order('created_at desc').
-        limit(1).
-        first
-    end
-    private_class_method :last_authorized_token_for
-  end
-end

data/lib/doorkeeper/models/application.rb

@@ -1,40 +0,0 @@
-module Doorkeeper
-  class Application
-    include OAuth::Helpers
-
-    has_many :access_grants, dependent: :destroy, class_name: 'Doorkeeper::AccessGrant'
-    has_many :access_tokens, dependent: :destroy, class_name: 'Doorkeeper::AccessToken'
-
-    validates :name, :secret, :uid, presence: true
-    validates :uid, uniqueness: true
-    validates :redirect_uri, redirect_uri: true
-
-    before_validation :generate_uid, :generate_secret, on: :create
-
-    if ::Rails.version.to_i < 4 || defined?(ProtectedAttributes)
-      attr_accessible :name, :redirect_uri
-    end
-
-    def self.model_name
-      ActiveModel::Name.new(self, Doorkeeper, 'Application')
-    end
-
-    def self.authenticate(uid, secret)
-      self.where(uid: uid, secret: secret).first
-    end
-
-    def self.by_uid(uid)
-      self.where(uid: uid).first
-    end
-
-    private
-
-    def generate_uid
-      self.uid ||= UniqueToken.generate
-    end
-
-    def generate_secret
-      self.secret ||= UniqueToken.generate
-    end
-  end
-end

data/lib/doorkeeper/models/mongoid/scopes.rb

@@ -1,15 +0,0 @@
-module Doorkeeper
-  module Models
-    module Mongoid
-      module Scopes
-        def self.included(base)
-          base.class_eval do
-            def scopes=(value)
-              write_attribute :scopes, value if value.present?
-            end
-          end
-        end
-      end
-    end
-  end
-end

data/lib/doorkeeper/models/mongoid/version.rb

@@ -1,15 +0,0 @@
-module Doorkeeper
-  module Models
-    module Mongoid
-      module Version
-        def mongoid3?
-          ::Mongoid::VERSION.starts_with?('3')
-        end
-
-        def mongoid4?
-          ::Mongoid::VERSION.starts_with?('4')
-        end
-      end
-    end
-  end
-end

data/lib/doorkeeper/models/mongoid3_4/access_grant.rb

@@ -1,27 +0,0 @@
-require 'doorkeeper/models/mongoid/scopes'
-require 'doorkeeper/models/mongoid/version'
-
-module Doorkeeper
-  class AccessGrant
-    include Mongoid::Document
-    include Mongoid::Timestamps
-    include Models::Mongoid::Scopes
-    extend Models::Mongoid::Version
-
-    self.store_in collection: :oauth_access_grants
-
-    if defined?(Moped::BSON)
-      field :resource_owner_id, type: Moped::BSON::ObjectId
-    else
-      field :resource_owner_id, type: BSON::ObjectId
-    end
-
-    field :application_id, type: Hash
-    field :token, type: String
-    field :expires_in, type: Integer
-    field :redirect_uri, type: String
-    field :revoked_at, type: DateTime
-
-    index({ token: 1 }, { unique: true })
-  end
-end

data/lib/doorkeeper/models/mongoid3_4/access_token.rb

@@ -1,46 +0,0 @@
-require 'doorkeeper/models/mongoid/scopes'
-require 'doorkeeper/models/mongoid/version'
-
-module Doorkeeper
-  class AccessToken
-    include Mongoid::Document
-    include Mongoid::Timestamps
-    include Models::Mongoid::Scopes
-    extend Models::Mongoid::Version
-
-    self.store_in collection: :oauth_access_tokens
-
-    if defined?(Moped::BSON)
-      field :resource_owner_id, type: Moped::BSON::ObjectId
-    else
-      field :resource_owner_id, type: BSON::ObjectId
-    end
-
-    field :token, type: String
-    field :expires_in, type: Integer
-    field :revoked_at, type: DateTime
-
-    index({ token: 1 }, { unique: true })
-    index({ refresh_token: 1 }, { unique: true, sparse: true })
-
-    def self.delete_all_for(application_id, resource_owner)
-      where(application_id: application_id,
-            resource_owner_id: resource_owner.id).delete_all
-    end
-    private_class_method :delete_all_for
-
-    def self.last_authorized_token_for(application_id, resource_owner_id)
-      where(application_id: application_id,
-            resource_owner_id: resource_owner_id,
-            revoked_at: nil).
-        order_by([:created_at, :desc]).
-        limit(1).
-        first
-    end
-    private_class_method :last_authorized_token_for
-
-    def refresh_token
-      self[:refresh_token]
-    end
-  end
-end