doorkeeper 2.1.4 → 3.1.0

data/README.md

@@ -14,24 +14,25 @@ functionality to your Rails or Grape application.
 ## Documentation valid for `master` branch
 
 Please check the documentation for the version of doorkeeper you are using in:
-https://github.com/doorkeeper-gem/doorkeeper/releases.
+https://github.com/doorkeeper-gem/doorkeeper/releases
 
 ## Table of Contents
 
+<!-- START doctoc generated TOC please keep comment here to allow auto update -->
+<!-- DON'T EDIT THIS SECTION, INSTEAD RE-RUN doctoc TO UPDATE -->
 - [Useful links](#useful-links)
-- [Requirements](#requirements)
 - [Installation](#installation)
 - [Configuration](#configuration)
     - [Active Record](#active-record)
-    - [Mongoid / MongoMapper](#mongoid--mongomapper)
-        - [Mongoid indexes](#mongoid-indexes)
-        - [MongoMapper indexes](#mongomapper-indexes)
+    - [Other ORMs](#other-orms)
     - [Routes](#routes)
     - [Authenticating](#authenticating)
+    - [Internationalization (I18n)](#internationalization-i18n)
 - [Protecting resources with OAuth (a.k.a your API endpoint)](#protecting-resources-with-oauth-aka-your-api-endpoint)
     - [Protect your API with OAuth when using Grape](#protect-your-api-with-oauth-when-using-grape)
     - [Route Constraints and other integrations](#route-constraints-and-other-integrations)
     - [Access Token Scopes](#access-token-scopes)
+    - [Custom Access Token Generator](#custom-access-token-generator)
     - [Authenticated resource owner](#authenticated-resource-owner)
     - [Applications list](#applications-list)
 - [Other customizations](#other-customizations)
@@ -40,23 +41,19 @@ https://github.com/doorkeeper-gem/doorkeeper/releases.
 - [Contributing](#contributing)
 - [Other resources](#other-resources)
     - [Wiki](#wiki)
-    - [Live demo](#live-demo)
     - [Screencast](#screencast)
     - [Client applications](#client-applications)
     - [Contributors](#contributors)
+    - [IETF Standards](#ietf-standards)
     - [License](#license)
+<!-- END doctoc generated TOC please keep comment here to allow auto update -->
+
 
 ## Useful links
 
 - For documentation, please check out our [wiki](https://github.com/doorkeeper-gem/doorkeeper/wiki)
 - For general questions, please post it in [stack overflow](http://stackoverflow.com/questions/tagged/doorkeeper)
 
-## Requirements
-
-- Ruby >= 2.0.0
-- Rails >= 3.2
-- ORM ActiveRecord, Mongoid, MongoMapper
-
 ## Installation
 
 Put this in your Gemfile:
@@ -84,29 +81,12 @@ Don't forget to run the migration with:
 
     rake db:migrate
 
-### Mongoid / MongoMapper
-
-Doorkeeper currently supports MongoMapper, Mongoid 2 and 3. To start using it,
-you have to set the `orm` configuration:
-
-``` ruby
-Doorkeeper.configure do
-  orm :mongoid2 # or :mongoid3, :mongoid4, :mongo_mapper
-end
-```
-
-#### Mongoid indexes
+### Other ORMs
 
-Make sure you create indexes for doorkeeper models. You can do this either by
-running `rake db:mongoid:create_indexes` or (if you're using Mongoid 2) by
-adding `autocreate_indexes: true` to your `config/mongoid.yml`
+See [doorkeeper-mongodb project] for mongoid and mongomapper support. Follow along
+the implementation in that repository to extend doorkeeper with other ORMs.
 
-#### MongoMapper indexes
-
-Generate the `db/indexes.rb` file and create indexes for the doorkeeper models:
-
-    rails generate doorkeeper:mongo_mapper:indexes
-    rake db:index
+[doorkeeper-mongodb project]: https://github.com/doorkeeper-gem/doorkeeper-mongodb
 
 ### Routes
 
@@ -125,7 +105,6 @@ This will mount following routes:
     GET       /oauth/authorize/:code
     GET       /oauth/authorize
     POST      /oauth/authorize
-    PUT       /oauth/authorize
     DELETE    /oauth/authorize
     POST      /oauth/token
     POST      /oauth/revoke
@@ -158,6 +137,12 @@ the methods defined over there.
 You may want to check other ways of authentication
 [here](https://github.com/doorkeeper-gem/doorkeeper/wiki/Authenticating-using-Clearance-or-DIY).
 
+
+### Internationalization (I18n)
+
+See language files in [the I18n repository](https://github.com/doorkeeper-gem/doorkeeper-i18n).
+
+
 ## Protecting resources with OAuth (a.k.a your API endpoint)
 
 To protect your API with OAuth, you just need to setup `before_action`s
@@ -253,9 +238,42 @@ class Api::V1::ProductsController < Api::V1::ApiController
 end
 ```
 
-For a more detailed explanation about scopes usage, check out the related
-[page in the
-wiki](https://github.com/doorkeeper-gem/doorkeeper/wiki/Using-Scopes).
+Please note that there is a logical OR between multiple required scopes. In
+above example, `doorkeeper_authorize! :admin, :write` means that the access
+token is required to have either `:admin` scope or `:write` scope, but not need
+have both of them.
+
+If want to require the access token to have multiple scopes at the same time,
+use multiple `doorkeeper_authorize!`, for example:
+
+```ruby
+class Api::V1::ProductsController < Api::V1::ApiController
+  before_action -> { doorkeeper_authorize! :public }, only: :index
+  before_action only: [:create, :update, :destroy] do
+    doorkeeper_authorize! :admin
+    doorkeeper_authorize! :write
+  end
+end
+```
+
+In above example, a client can call `:create` action only if its access token
+have both `:admin` and `:write` scopes.
+
+### Custom Access Token Generator
+
+By default a 128 bit access token will be generated. If you require a custom
+token, such as [JWT](http://jwt.io), specify an object that responds to
+`.generate(options = {})` and returns a string to be used as the token.
+
+```ruby
+Doorkeeper.configure do
+  access_token_generator "Doorkeeper::JWT"
+end
+```
+
+JWT token support is available with
+[Doorkeeper-JWT](https://github.com/chriswarren/doorkeeper-jwt).
+
 
 ### Authenticated resource owner
 
@@ -315,7 +333,9 @@ wiki](https://github.com/doorkeeper-gem/doorkeeper/wiki/Customizing-routes).
 If you want to upgrade doorkeeper to a new version, check out the [upgrading
 notes](https://github.com/doorkeeper-gem/doorkeeper/wiki/Migration-from-old-versions)
 and take a look at the
-[changelog](https://github.com/doorkeeper-gem/doorkeeper/blob/master/CHANGELOG.md).
+[changelog](https://github.com/doorkeeper-gem/doorkeeper/blob/master/NEWS.md).
+
+Doorkeeper follows [semantic versioning](http://semver.org/).
 
 ## Development
 
@@ -353,12 +373,6 @@ page](https://github.com/doorkeeper-gem/doorkeeper/wiki/Contributing).
 You can find everything about doorkeeper in our [wiki
 here](https://github.com/doorkeeper-gem/doorkeeper/wiki).
 
-### Live demo
-
-Check out this [live demo](http://doorkeeper-provider.herokuapp.com) hosted on
-heroku. For more demos check out [the
-wiki](https://github.com/doorkeeper-gem/doorkeeper/wiki/Example-Applications).
-
 ### Screencast
 
 Check out this screencast from [railscasts.com](http://railscasts.com/): [#353
@@ -376,15 +390,15 @@ here](https://github.com/doorkeeper-gem/doorkeeper/wiki/Testing-your-provider-wi
 ### Contributors
 
 Thanks to all our [awesome
-contributors](https://github.com/doorkeeper-gem/doorkeeper/contributors)!
+contributors](https://github.com/doorkeeper-gem/doorkeeper/graphs/contributors)!
 
 
 ### IETF Standards
 
 * [The OAuth 2.0 Authorization Framework](http://tools.ietf.org/html/rfc6749)
 * [OAuth 2.0 Threat Model and Security Considerations](http://tools.ietf.org/html/rfc6819)
+* [OAuth 2.0 Token Revocation](http://tools.ietf.org/html/rfc7009)
 
 ### License
 
 MIT License. Copyright 2011 Applicake.
-[http://applicake.com](http://applicake.com)

data/RELEASING.md

@@ -1,15 +1,17 @@
 # Releasing doorkeeper
 
 1. Update `lib/doorkeeper/version.rb` file accordingly.
-2. Update `CHANGELOG.md` to reflect the changes since last release.
+2. Update `NEWS.md` to reflect the changes since last release.
 3. Commit changes. There shouldn’t be code changes, and thus CI doesn’t need to
    run, you can then add “[ci skip]” to the commit message.
-4. Tag the release: `git tag vVERSION`
-5. Push changes: `git push --tags`
+4. Tag the release: `git tag vVERSION -m "Release vVERSION"`
+5. Push changes: `git push && git push --tags`
 6. Build and publish the gem:
+
    ```bash
    gem build doorkeeper.gemspec
    gem push doorkeeper-*.gem
    ```
+
 7. Announce the new release, making sure to say “thank you” to the contributors
    who helped shape this version!

data/app/assets/stylesheets/doorkeeper/admin/application.css

@@ -5,10 +5,6 @@
  *= require_tree .
 */
 
-body {
-  padding-top: 60px;
-}
-
 td {
-    vertical-align: middle !important;
+  vertical-align: middle !important;
 }

data/app/controllers/doorkeeper/applications_controller.rb

@@ -45,9 +45,9 @@ module Doorkeeper
 
     def application_params
       if params.respond_to?(:permit)
-        params.require(:doorkeeper_application).permit(:name, :redirect_uri)
+        params.require(:doorkeeper_application).permit(:name, :redirect_uri, :scopes)
       else
-        params[:doorkeeper_application].slice(:name, :redirect_uri) rescue nil
+        params[:doorkeeper_application].slice(:name, :redirect_uri, :scopes) rescue nil
       end
     end
   end

data/app/helpers/doorkeeper/dashboard_helper.rb

@@ -5,7 +5,7 @@ module Doorkeeper::DashboardHelper
         content_tag(:span, class: 'help-block') do
           msg.capitalize
         end
-      end.reduce(&:join).html_safe
+      end.join.html_safe
     end
   end
 

data/app/validators/redirect_uri_validator.rb

@@ -29,6 +29,6 @@ class RedirectUriValidator < ActiveModel::EachValidator
 
   def invalid_ssl_uri?(uri)
     forces_ssl = Doorkeeper.configuration.force_ssl_in_redirect_uri
-    forces_ssl && uri.try(:scheme) != 'https'
+    forces_ssl && uri.try(:scheme) == 'http'
   end
 end

data/app/views/doorkeeper/applications/_form.html.erb

@@ -17,8 +17,8 @@
       <%= f.text_area :redirect_uri, class: 'form-control' %>
       <%= doorkeeper_errors_for application, :redirect_uri %>
       <span class="help-block">
-         <%= t('doorkeeper.applications.help.redirect_uri') %>
-        </span>
+        <%= t('doorkeeper.applications.help.redirect_uri') %>
+      </span>
       <% if Doorkeeper.configuration.native_redirect_uri %>
           <span class="help-block">
             <%= raw t('doorkeeper.applications.help.native_redirect_uri', native_redirect_uri: "<code>#{ Doorkeeper.configuration.native_redirect_uri }</code>") %>
@@ -27,6 +27,17 @@
     </div>
   <% end %>
 
+  <%= content_tag :div, class: "form-group#{' has-error' if application.errors[:scopes].present?}" do %>
+    <%= f.label :scopes, class: 'col-sm-2 control-label' %>
+    <div class="col-sm-10">
+      <%= f.text_field :scopes, class: 'form-control' %>
+      <%= doorkeeper_errors_for application, :scopes %>
+      <span class="help-block">
+        <%= t('doorkeeper.applications.help.scopes') %>
+      </span>
+    </div>
+  <% end %>
+
   <div class="form-group">
     <div class="col-sm-offset-2 col-sm-10">
       <%= f.submit t('doorkeeper.applications.buttons.submit'), class: "btn btn-primary" %>

data/app/views/doorkeeper/applications/show.html.erb

@@ -5,13 +5,14 @@
 <div class="row">
   <div class="col-md-8">
     <h4><%= t('.application_id') %>:</h4>
-
     <p><code id="application_id"><%= @application.uid %></code></p>
 
     <h4><%= t('.secret') %>:</h4>
-
     <p><code id="secret"><%= @application.secret %></code></p>
 
+    <h4><%= t('.scopes') %>:</h4>
+    <p><code id="scopes"><%= @application.scopes %></code></p>
+
     <h4><%= t('.callback_urls') %>:</h4>
 
     <table>

data/app/views/doorkeeper/authorizations/new.html.erb

@@ -7,7 +7,7 @@
     <%= raw t('.prompt', client_name: "<strong class=\"text-info\">#{ @pre_auth.client.name }</strong>") %>
   </p>
 
-  <% if @pre_auth.scopes %>
+  <% if @pre_auth.scopes.count > 0 %>
     <div id="oauth-permissions">
       <p><%= t('.able_to') %>:</p>
 

data/app/views/layouts/doorkeeper/admin.html.erb

@@ -9,8 +9,8 @@
   <%= csrf_meta_tags %>
 </head>
 <body>
-<div class="navbar navbar-inverse navbar-fixed-top" role="navigation">
-  <div class="container">
+<div class="navbar navbar-inverse navbar-static-top" role="navigation">
+  <div class="container-fluid">
     <div class="navbar-header">
       <%= link_to t('doorkeeper.layouts.admin.nav.oauth2_provider'), oauth_applications_path, class: 'navbar-brand' %>
     </div>
@@ -18,6 +18,9 @@
       <%= content_tag :li, class: "#{'active' if request.path == oauth_applications_path}" do %>
         <%= link_to t('doorkeeper.layouts.admin.nav.applications'), oauth_applications_path %>
       <% end %>
+      <%= content_tag :li do %>
+        <%= link_to 'Home', root_path %>
+      <% end %>
     </ul>
   </div>
 </div>

data/config/locales/en.yml

@@ -14,36 +14,6 @@ en:
               relative_uri: 'must be an absolute URI.'
               secured_uri: 'must be an HTTPS/SSL URI.'
 
-  mongoid:
-    attributes:
-      doorkeeper/application:
-        name: 'Name'
-        redirect_uri: 'Redirect URI'
-    errors:
-      models:
-        doorkeeper/application:
-          attributes:
-            redirect_uri:
-              fragment_present: 'cannot contain a fragment.'
-              invalid_uri: 'must be a valid URI.'
-              relative_uri: 'must be an absolute URI.'
-              secured_uri: 'must be an HTTPS/SSL URI.'
-
-  mongo_mapper:
-    attributes:
-      doorkeeper/application:
-        name: 'Name'
-        redirect_uri: 'Redirect URI'
-    errors:
-      models:
-        doorkeeper/application:
-          attributes:
-            redirect_uri:
-              fragment_present: 'cannot contain a fragment.'
-              invalid_uri: 'must be a valid URI.'
-              relative_uri: 'must be an absolute URI.'
-              secured_uri: 'must be an HTTPS/SSL URI.'
-
   doorkeeper:
     applications:
       confirmations:
@@ -59,6 +29,7 @@ en:
       help:
         redirect_uri: 'Use one line per URI'
         native_redirect_uri: 'Use %{native_redirect_uri} for local tests'
+        scopes: 'Separate scopes with spaces. Leave blank to use the default scopes.'
       edit:
         title: 'Edit application'
       index:
@@ -72,6 +43,7 @@ en:
         title: 'Application: %{name}'
         application_id: 'Application Id'
         secret: 'Secret'
+        scopes: 'Scopes'
         callback_urls: 'Callback urls'
         actions: 'Actions'
 
@@ -82,7 +54,7 @@ en:
       error:
         title: 'An error has occurred'
       new:
-        title: 'Authorize required'
+        title: 'Authorization required'
         prompt: 'Authorize %{client_name} to use your account?'
         able_to: 'This application will be able to'
       show:
@@ -148,4 +120,4 @@ en:
           oauth2_provider: 'OAuth2 Provider'
           applications: 'Applications'
       application:
-        title: 'OAuth authorize required'
+        title: 'OAuth authorization required'

data/doorkeeper.gemspec

@@ -8,24 +8,20 @@ Gem::Specification.new do |s|
   s.authors     = ["Felipe Elias Philipp", "Tute Costa"]
   s.email       = %w(tutecosta@gmail.com)
   s.homepage    = "https://github.com/doorkeeper-gem/doorkeeper"
-  s.summary     = "Doorkeeper is an OAuth 2 provider for Rails."
-  s.description = "Doorkeeper is an OAuth 2 provider for Rails."
+  s.summary     = "OAuth 2 provider for Rails and Grape"
+  s.description = "Doorkeeper is an OAuth 2 provider for Rails and Grape."
   s.license     = 'MIT'
 
   s.files         = `git ls-files`.split("\n")
-  s.test_files    = `git ls-files -- test/*`.split("\n")
+  s.test_files    = `git ls-files -- spec/*`.split("\n")
   s.require_paths = ["lib"]
 
   s.add_dependency "railties", ">= 3.2"
 
-  s.add_development_dependency "sqlite3", "~> 1.3.5"
-  s.add_development_dependency "rspec-rails", "~> 2.99.0"
+  s.add_development_dependency "rspec-rails", "~> 3.4.0"
   s.add_development_dependency "capybara", "~> 2.3.0"
   s.add_development_dependency "generator_spec", "~> 0.9.0"
   s.add_development_dependency "factory_girl", "~> 4.5.0"
   s.add_development_dependency "timecop", "~> 0.7.0"
   s.add_development_dependency "database_cleaner", "~> 1.3.0"
-  s.add_development_dependency "rspec-activemodel-mocks", "~> 1.0.0"
-  s.add_development_dependency "bcrypt-ruby", "~> 3.0.1"
-  s.add_development_dependency "pry", "~> 0.10.0"
 end

data/lib/doorkeeper/config.rb

@@ -7,54 +7,38 @@ module Doorkeeper
 
   def self.configure(&block)
     @config = Config::Builder.new(&block).build
-    enable_orm
-    check_for_missing_columns
+    setup_orm_adapter
+    setup_orm_models
     setup_application_owner if @config.enable_application_owner?
+    check_requirements
   end
 
   def self.configuration
     @config || (fail MissingConfiguration.new)
   end
 
-  def self.check_for_missing_columns
-    if Doorkeeper.configuration.orm == :active_record &&
-        ActiveRecord::Base.connected? &&
-        ActiveRecord::Base.connection.table_exists?(
-          Doorkeeper::Application.table_name
-        ) &&
-        !Doorkeeper::Application.new.attributes.include?("scopes")
-
-      puts <<-MSG.squish
-[doorkeeper] Missing column: `oauth_applications.scopes`.
-If you are using ActiveRecord run `rails generate doorkeeper:application_scopes
-&& rake db:migrate` to add it.
-      MSG
-    end
+  def self.check_requirements
+    @orm_adapter.check_requirements!(configuration)
   end
 
-  def self.enable_orm
-    class_name = "doorkeeper/orm/#{configuration.orm}".classify
-    class_name.constantize.initialize_models!
+  def self.setup_orm_adapter
+    @orm_adapter = "doorkeeper/orm/#{configuration.orm}".classify.constantize
   rescue NameError => e
-    if e.instance_of?(NameError)
-      fail e, "ORM adapter not found (#{configuration.orm})", <<-error_msg
+    fail e, "ORM adapter not found (#{configuration.orm})", <<-ERROR_MSG.squish
 [doorkeeper] ORM adapter not found (#{configuration.orm}), or there was an error
 trying to load it.
 
 You probably need to add the related gem for this adapter to work with
 doorkeeper.
+      ERROR_MSG
+  end
 
-If you are working on the adapter itself, double check that the constant exists,
-and that your `initialize_models!` method doesn't raise any errors.\n
-      error_msg
-    else
-      raise e
-    end
+  def self.setup_orm_models
+    @orm_adapter.initialize_models!
   end
 
   def self.setup_application_owner
-    require File.join(File.dirname(__FILE__), 'models', 'concerns', 'ownership')
-    Application.send :include, Models::Ownership
+    @orm_adapter.initialize_application_owner!
   end
 
   class Config
@@ -108,6 +92,12 @@ and that your `initialize_models!` method doesn't raise any errors.\n
       def force_ssl_in_redirect_uri(boolean)
         @config.instance_variable_set("@force_ssl_in_redirect_uri", boolean)
       end
+
+      def access_token_generator(access_token_generator)
+        @config.instance_variable_set(
+          '@access_token_generator', access_token_generator
+        )
+      end
     end
 
     module Option
@@ -198,6 +188,7 @@ and that your `initialize_models!` method doesn't raise any errors.\n
     option :realm,                          default: 'Doorkeeper'
     option :force_ssl_in_redirect_uri,      default: !Rails.env.development?
     option :grant_flows,                    default: %w(authorization_code client_credentials)
+    option :access_token_generator,         default: "Doorkeeper::OAuth::Helpers::UniqueToken"
 
     attr_reader :reuse_access_token
 

data/lib/doorkeeper/engine.rb

@@ -1,7 +1,13 @@
 module Doorkeeper
   class Engine < Rails::Engine
     initializer "doorkeeper.params.filter" do |app|
-      app.config.filter_parameters += %i(client_secret code token)
+      app.config.filter_parameters += [:client_secret, :code, :token]
+    end
+
+    initializer "doorkeeper.locales" do |app|
+      if app.config.i18n.fallbacks.blank?
+        app.config.i18n.fallbacks = [:en]
+      end
     end
 
     initializer "doorkeeper.routes" do

data/lib/doorkeeper/errors.rb

@@ -6,10 +6,22 @@ module Doorkeeper
     class InvalidAuthorizationStrategy < DoorkeeperError
     end
 
+    class InvalidTokenReuse < DoorkeeperError
+    end
+
+    class InvalidGrantReuse < DoorkeeperError
+    end
+
     class InvalidTokenStrategy < DoorkeeperError
     end
 
     class MissingRequestStrategy < DoorkeeperError
     end
+
+    class UnableToGenerateToken < DoorkeeperError
+    end
+
+    class TokenGeneratorNotFound < DoorkeeperError
+    end
   end
 end

data/lib/doorkeeper/grape/helpers.rb

@@ -26,7 +26,7 @@ module Doorkeeper
                         403
                       end
 
-        error!({ error: error.description }, status_code)
+        error!({ error: error.description }, status_code, error.headers)
       end
 
       private

data/lib/doorkeeper/helpers/controller.rb

@@ -41,6 +41,12 @@ module Doorkeeper
                        :unsupported_response_type
                      when Errors::MissingRequestStrategy
                        :invalid_request
+                     when Errors::InvalidTokenReuse
+                       :invalid_request
+                     when Errors::InvalidGrantReuse
+                       :invalid_grant
+                     when Errors::DoorkeeperError
+                       exception.message
                      end
 
         OAuth::ErrorResponse.new name: error_name, state: params[:state]

data/lib/doorkeeper/models/access_grant_mixin.rb

@@ -7,11 +7,12 @@ module Doorkeeper
     include Models::Revocable
     include Models::Accessible
     include Models::Scopes
+    include ActiveModel::MassAssignmentSecurity if defined?(::ProtectedAttributes)
 
     included do
       belongs_to :application, class_name: 'Doorkeeper::Application', inverse_of: :access_grants
 
-      if ::Rails.version.to_i < 4 || defined?(::ProtectedAttributes)
+      if respond_to?(:attr_accessible)
         attr_accessible :resource_owner_id, :application_id, :expires_in, :redirect_uri, :scopes
       end
 
@@ -23,7 +24,7 @@ module Doorkeeper
 
     module ClassMethods
       def by_token(token)
-        where(token: token).limit(1).to_a.first
+        where(token: token.to_s).limit(1).to_a.first
       end
     end
 

data/lib/doorkeeper/models/access_token_mixin.rb

@@ -7,6 +7,7 @@ module Doorkeeper
     include Models::Revocable
     include Models::Accessible
     include Models::Scopes
+    include ActiveModel::MassAssignmentSecurity if defined?(::ProtectedAttributes)
 
     included do
       belongs_to :application,
@@ -18,7 +19,7 @@ module Doorkeeper
 
       attr_writer :use_refresh_token
 
-      if ::Rails.version.to_i < 4 || defined?(::ProtectedAttributes)
+      if respond_to?(:attr_accessible)
         attr_accessible :application_id, :resource_owner_id, :expires_in,
                         :scopes, :use_refresh_token
       end
@@ -31,11 +32,11 @@ module Doorkeeper
 
     module ClassMethods
       def by_token(token)
-        where(token: token).limit(1).to_a.first
+        where(token: token.to_s).limit(1).to_a.first
       end
 
       def by_refresh_token(refresh_token)
-        where(refresh_token: refresh_token).first
+        where(refresh_token: refresh_token.to_s).first
       end
 
       def revoke_all_for(application_id, resource_owner)
@@ -128,7 +129,14 @@ module Doorkeeper
     end
 
     def generate_token
-      self.token = UniqueToken.generate
+      generator = Doorkeeper.configuration.access_token_generator.constantize
+      self.token = generator.generate(resource_owner_id: resource_owner_id,
+                                      scopes: scopes, application: application,
+                                      expires_in: expires_in)
+    rescue NoMethodError
+      raise Errors::UnableToGenerateToken, "#{generator} does not respond to `.generate`."
+    rescue NameError
+      raise Errors::TokenGeneratorNotFound, "#{generator} not found"
     end
   end
 end