doorkeeper 2.1.4 → 2.2.0

data/doorkeeper.gemspec

@@ -19,7 +19,7 @@ Gem::Specification.new do |s|
   s.add_dependency "railties", ">= 3.2"
 
   s.add_development_dependency "sqlite3", "~> 1.3.5"
-  s.add_development_dependency "rspec-rails", "~> 2.99.0"
+  s.add_development_dependency "rspec-rails", "~> 3.1.0"
   s.add_development_dependency "capybara", "~> 2.3.0"
   s.add_development_dependency "generator_spec", "~> 0.9.0"
   s.add_development_dependency "factory_girl", "~> 4.5.0"

data/gemfiles/Gemfile.common.rb

@@ -4,11 +4,4 @@ source 'https://rubygems.org'
 
 gem 'rails', "~> #{ENV['rails']}"
 
-if ENV['rails'][0] == '4'
-  gem 'database_cleaner', '~> 1.3.0'
-end
-if ENV['rails'] =~ /4.0|3.2/
-  gem 'rubysl-test-unit'
-end
-
 gemspec path: '../'

data/gemfiles/Gemfile.mongo_mapper.rb

@@ -1,5 +1,5 @@
 gemfile = 'gemfiles/Gemfile.common.rb'
 instance_eval IO.read(gemfile), gemfile
 
-gem 'mongo_mapper', '~> 0.12'
-gem 'bson_ext', '~> 1.7'
+gem 'mongo_mapper'
+gem 'bson_ext'

data/gemfiles/Gemfile.mongoid2.rb

@@ -2,4 +2,4 @@ gemfile = 'gemfiles/Gemfile.common.rb'
 instance_eval IO.read(gemfile), gemfile
 
 gem 'mongoid', '~> 2'
-gem 'bson_ext', '~> 1.7'
+gem 'bson_ext'

data/gemfiles/Gemfile.mongoid4.rb

@@ -2,4 +2,3 @@ gemfile = 'gemfiles/Gemfile.common.rb'
 instance_eval IO.read(gemfile), gemfile
 
 gem 'mongoid', '~> 4'
-gem 'moped'

data/lib/doorkeeper/config.rb

@@ -108,6 +108,12 @@ and that your `initialize_models!` method doesn't raise any errors.\n
       def force_ssl_in_redirect_uri(boolean)
         @config.instance_variable_set("@force_ssl_in_redirect_uri", boolean)
       end
+
+      def access_token_generator(access_token_generator)
+        @config.instance_variable_set(
+          '@access_token_generator', access_token_generator
+        )
+      end
     end
 
     module Option
@@ -198,6 +204,7 @@ and that your `initialize_models!` method doesn't raise any errors.\n
     option :realm,                          default: 'Doorkeeper'
     option :force_ssl_in_redirect_uri,      default: !Rails.env.development?
     option :grant_flows,                    default: %w(authorization_code client_credentials)
+    option :access_token_generator,         default: "Doorkeeper::OAuth::Helpers::UniqueToken"
 
     attr_reader :reuse_access_token
 

data/lib/doorkeeper/engine.rb

@@ -4,6 +4,10 @@ module Doorkeeper
       app.config.filter_parameters += %i(client_secret code token)
     end
 
+    initializer "doorkeeper.locales" do |app|
+      app.config.i18n.fallbacks = [:en]
+    end
+
     initializer "doorkeeper.routes" do
       Doorkeeper::Rails::Routes.install!
     end

data/lib/doorkeeper/errors.rb

@@ -11,5 +11,11 @@ module Doorkeeper
 
     class MissingRequestStrategy < DoorkeeperError
     end
+
+    class UnableToGenerateToken < DoorkeeperError
+    end
+
+    class TokenGeneratorNotFound < DoorkeeperError
+    end
   end
 end

data/lib/doorkeeper/models/access_token_mixin.rb

@@ -128,7 +128,12 @@ module Doorkeeper
     end
 
     def generate_token
-      self.token = UniqueToken.generate
+      generator = Doorkeeper.configuration.access_token_generator.constantize
+      self.token = generator.generate(resource_owner_id: resource_owner_id)
+    rescue NoMethodError
+      raise Errors::UnableToGenerateToken, "#{generator} does not respond to `.generate`."
+    rescue NameError
+      raise Errors::TokenGeneratorNotFound, "#{generator} not found"
     end
   end
 end

data/lib/doorkeeper/rails/helpers.rb

@@ -4,7 +4,7 @@ module Doorkeeper
       extend ActiveSupport::Concern
 
       def doorkeeper_authorize!(*scopes)
-        @_doorkeeper_scopes = scopes || Doorkeeper.configuration.default_scopes
+        @_doorkeeper_scopes = scopes.presence || Doorkeeper.configuration.default_scopes
 
         if !valid_doorkeeper_token?
           doorkeeper_render_error

data/lib/doorkeeper/version.rb

@@ -1,3 +1,3 @@
 module Doorkeeper
-  VERSION = '2.1.4'
+  VERSION = '2.2.0'
 end

data/lib/generators/doorkeeper/templates/initializer.rb

@@ -31,6 +31,10 @@ Doorkeeper.configure do
   #   oauth_client.application.additional_settings.implicit_oauth_expiration
   # end
 
+  # Use a custom class for generating the access token.
+  # https://github.com/doorkeeper-gem/doorkeeper#custom-access-token-generator
+  # access_token_generator "::Doorkeeper::JWT"
+
   # Reuse access token for the same resource owner within an application (disabled by default)
   # Rationale: https://github.com/doorkeeper-gem/doorkeeper/issues/383
   # reuse_access_token

data/spec/controllers/applications_controller_spec.rb

@@ -54,6 +54,5 @@ module Doorkeeper
         expect(application.reload.name).to eq 'Example'
       end
     end
-
   end
 end

data/spec/controllers/token_info_controller_spec.rb

@@ -1,9 +1,7 @@
 require 'spec_helper_integration'
 
 describe Doorkeeper::TokenInfoController do
-
   describe 'when requesting tokeninfo with valid token' do
-
     let(:doorkeeper_token) { FactoryGirl.create(:access_token) }
 
     before(:each) do
@@ -50,7 +48,5 @@ describe Doorkeeper::TokenInfoController do
         expect(response.body).to eq(Doorkeeper::OAuth::ErrorResponse.new(name: :invalid_request, status: :unauthorized).body.to_json)
       end
     end
-
   end
-
 end

data/spec/controllers/tokens_controller_spec.rb

@@ -12,7 +12,9 @@ describe Doorkeeper::TokensController do
 
     it 'returns the authorization' do
       skip 'verify need of these specs'
+
       expect(token).to receive(:authorization)
+
       post :create
     end
   end
@@ -46,11 +48,10 @@ describe Doorkeeper::TokensController do
       strategy = double(:strategy, authorize: true)
       expect(strategy).to receive(:authorize).once
       allow(controller).to receive(:strategy) { strategy }
-
-      controller.stub(:create) do
-        controller.send :authorize_response
+      allow(controller).to receive(:create) do
         controller.send :authorize_response
       end
+
       post :create
     end
   end

data/spec/dummy/config/application.rb

@@ -5,6 +5,8 @@ require 'sprockets/railtie'
 
 Bundler.require :default
 
+require 'yaml'
+
 orm = if DOORKEEPER_ORM =~ /mongoid/
         Mongoid.load!(File.join(File.dirname(File.expand_path(__FILE__)), "#{DOORKEEPER_ORM}.yml"))
         :mongoid

data/spec/lib/config_spec.rb

@@ -22,7 +22,7 @@ describe Doorkeeper, 'configuration' do
     end
 
     it 'does not change other exceptions' do
-      String.any_instance.stub(:classify) { raise NoMethodError }
+      allow_any_instance_of(String).to receive(:classify) { raise NoMethodError }
 
       expect do
         Doorkeeper.configure { orm 'hibernate' }
@@ -35,7 +35,7 @@ describe Doorkeeper, 'configuration' do
       block = proc {}
       Doorkeeper.configure do
         orm DOORKEEPER_ORM
-        admin_authenticator &block
+        admin_authenticator(&block)
       end
       expect(subject.authenticate_admin).to eq(block)
     end
@@ -298,4 +298,20 @@ describe Doorkeeper, 'configuration' do
       @config = old_config
     end
   end
+
+  describe 'access_token_generator' do
+    it 'is \'Doorkeeper::OAuth::Helpers::UniqueToken\' by default' do
+      expect(Doorkeeper.configuration.access_token_generator).to(
+        eq('Doorkeeper::OAuth::Helpers::UniqueToken')
+      )
+    end
+
+    it 'can change the value' do
+      Doorkeeper.configure do
+        orm DOORKEEPER_ORM
+        access_token_generator 'Example'
+      end
+      expect(subject.access_token_generator).to eq('Example')
+    end
+  end
 end

data/spec/lib/oauth/authorization_code_request_spec.rb

@@ -69,7 +69,7 @@ module Doorkeeper::OAuth
     end
 
     it 'skips token creation if there is a matching one' do
-      Doorkeeper.configuration.stub(:reuse_access_token).and_return(true)
+      allow(Doorkeeper.configuration).to receive(:reuse_access_token).and_return(true)
       FactoryGirl.create(:access_token, application_id: client.id,
         resource_owner_id: grant.resource_owner_id, scopes: grant.scopes.to_s)
       expect do

data/spec/lib/oauth/client/credentials_spec.rb

@@ -13,7 +13,7 @@ class Doorkeeper::OAuth::Client
       let(:request) { double.as_null_object }
 
       let(:method) do
-        ->(request) { return 'uid', 'secret' }
+        ->(_request) { return 'uid', 'secret' }
       end
 
       it 'accepts anything that responds to #call' do
@@ -29,7 +29,7 @@ class Doorkeeper::OAuth::Client
       it 'stops at the first credentials found' do
         not_called_method = double
         expect(not_called_method).not_to receive(:call)
-        credentials = Credentials.from_request request, ->(r) {}, method, not_called_method
+        Credentials.from_request request, ->(_) {}, method, not_called_method
       end
 
       it 'returns new Credentials' do

data/spec/lib/oauth/password_access_token_request_spec.rb

@@ -60,7 +60,7 @@ module Doorkeeper::OAuth
     end
 
     it 'skips token creation if there is already one' do
-      Doorkeeper.configuration.stub(:reuse_access_token).and_return(true)
+      allow(Doorkeeper.configuration).to receive(:reuse_access_token).and_return(true)
       FactoryGirl.create(:access_token, application_id: client.id, resource_owner_id: owner.id)
       expect do
         subject.authorize

data/spec/lib/oauth/pre_authorization_spec.rb

@@ -4,14 +4,14 @@ module Doorkeeper::OAuth
   describe PreAuthorization do
     let(:server) {
       server = Doorkeeper.configuration
-      server.stub(:default_scopes) { Scopes.new }
-      server.stub(:scopes) { Scopes.from_string('public profile') }
+      allow(server).to receive(:default_scopes).and_return(Scopes.new)
+      allow(server).to receive(:scopes).and_return(Scopes.from_string('public profile'))
       server
     }
 
     let(:application) do
       application = double :application
-      application.stub(:scopes) { Scopes.from_string('') }
+      allow(application).to receive(:scopes).and_return(Scopes.from_string(''))
       application
     end
 
@@ -41,7 +41,7 @@ module Doorkeeper::OAuth
     end
 
     it 'accepts token as response type' do
-      server.stub(:grant_flows) { ['implicit'] }
+      allow(server).to receive(:grant_flows).and_return(['implicit'])
       subject.response_type = 'token'
       expect(subject).to be_authorizable
     end
@@ -53,7 +53,7 @@ module Doorkeeper::OAuth
       end
 
       it 'accepts "token" as response type' do
-        server.stub(:grant_flows) { ['implicit'] }
+        allow(server).to receive(:grant_flows).and_return(['implicit'])
         subject.response_type = 'token'
         expect(subject).to be_authorizable
       end
@@ -61,7 +61,7 @@ module Doorkeeper::OAuth
 
     context 'when authorization code grant flow is disabled' do
       before do
-        server.stub(:grant_flows) { ['implicit'] }
+        allow(server).to receive(:grant_flows).and_return(['implicit'])
       end
 
       it 'does not accept "code" as response type' do
@@ -72,7 +72,7 @@ module Doorkeeper::OAuth
 
     context 'when implicit grant flow is disabled' do
       before do
-        server.stub(:grant_flows) { ['authorization_code'] }
+        allow(server).to receive(:grant_flows).and_return(['authorization_code'])
       end
 
       it 'does not accept "token" as response type' do
@@ -96,7 +96,7 @@ module Doorkeeper::OAuth
     context 'client application restricts valid scopes' do
       let(:application) do
         application = double :application
-        application.stub(:scopes) { Scopes.from_string('public nonsense') }
+        allow(application).to receive(:scopes).and_return(Scopes.from_string('public nonsense'))
         application
       end
 
@@ -119,7 +119,7 @@ module Doorkeeper::OAuth
     it 'uses default scopes when none is required' do
       allow(server).to receive(:default_scopes).and_return(Scopes.from_string('default'))
       subject.scope = nil
-      expect(subject.scope).to  eq('default')
+      expect(subject.scope).to eq('default')
       expect(subject.scopes).to eq(Scopes.from_string('default'))
     end
 
@@ -151,6 +151,5 @@ module Doorkeeper::OAuth
       subject.redirect_uri = nil
       expect(subject).not_to be_authorizable
     end
-
   end
 end

data/spec/lib/oauth/refresh_token_request_spec.rb

@@ -98,6 +98,5 @@ module Doorkeeper::OAuth
         expect(subject.error).to eq(:invalid_scope)
       end
     end
-
   end
 end

data/spec/lib/oauth/token_request_spec.rb

@@ -67,14 +67,14 @@ module Doorkeeper::OAuth
 
     context 'token reuse' do
       it 'creates a new token if there are no matching tokens' do
-        Doorkeeper.configuration.stub(:reuse_access_token).and_return(true)
+        allow(Doorkeeper.configuration).to receive(:reuse_access_token).and_return(true)
         expect do
           subject.authorize
         end.to change { Doorkeeper::AccessToken.count }.by(1)
       end
 
       it 'creates a new token if scopes do not match' do
-        Doorkeeper.configuration.stub(:reuse_access_token).and_return(true)
+        allow(Doorkeeper.configuration).to receive(:reuse_access_token).and_return(true)
         FactoryGirl.create(:access_token, application_id: pre_auth.client.id,
                            resource_owner_id: owner.id, scopes: '')
         expect do
@@ -83,7 +83,7 @@ module Doorkeeper::OAuth
       end
 
       it 'skips token creation if there is a matching one' do
-        Doorkeeper.configuration.stub(:reuse_access_token).and_return(true)
+        allow(Doorkeeper.configuration).to receive(:reuse_access_token).and_return(true)
         FactoryGirl.create(:access_token, application_id: pre_auth.client.id,
                            resource_owner_id: owner.id, scopes: 'public')
         expect do

data/spec/lib/server_spec.rb

@@ -25,7 +25,9 @@ describe Doorkeeper::Server do
 
     context 'when only Authorization Code strategy is enabled' do
       before do
-        Doorkeeper.configuration.stub(:grant_flows) { ['authorization_code'] }
+        allow(Doorkeeper.configuration).
+          to receive(:grant_flows).
+          and_return(['authorization_code'])
       end
 
       it 'raises error when using the disabled Implicit strategy' do

data/spec/models/doorkeeper/access_token_spec.rb

@@ -12,6 +12,54 @@ module Doorkeeper
       let(:factory_name) { :access_token }
     end
 
+    describe :generate_token do
+      it 'generates a token using the default method' do
+        FactoryGirl.create :access_token
+
+        token = FactoryGirl.create :access_token
+        expect(token.token).to be_a(String)
+      end
+
+      it 'generates a token using a custom object' do
+        module CustomGeneratorArgs
+          def self.generate(opts = {})
+            "custom_generator_token_#{opts[:resource_owner_id]}"
+          end
+        end
+
+        Doorkeeper.configure do
+          orm DOORKEEPER_ORM
+          access_token_generator "Doorkeeper::CustomGeneratorArgs"
+        end
+
+        token = FactoryGirl.create :access_token
+        expect(token.token).to match(%r{custom_generator_token_\d})
+      end
+
+      it 'raises an error if the custom object does not support generate' do
+        module NoGenerate
+        end
+
+        Doorkeeper.configure do
+          orm DOORKEEPER_ORM
+          access_token_generator "Doorkeeper::NoGenerate"
+        end
+
+        expect { FactoryGirl.create :access_token }.to(
+          raise_error(Doorkeeper::Errors::UnableToGenerateToken))
+      end
+
+      it 'raises an error if the custom object does not exist' do
+        Doorkeeper.configure do
+          orm DOORKEEPER_ORM
+          access_token_generator "Doorkeeper::NotReal"
+        end
+
+        expect { FactoryGirl.create :access_token }.to(
+          raise_error(Doorkeeper::Errors::TokenGeneratorNotFound))
+      end
+    end
+
     describe :refresh_token do
       it 'has empty refresh token if it was not required' do
         token = FactoryGirl.create :access_token