doorkeeper 3.0.0 → 4.0.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: cf516340589e1681a0f18d5452292381e95588a8
-  data.tar.gz: b68ffee6988edc433345fabf79177b3415552a47
+  metadata.gz: 68df4a2a59a456f294e58416fb229932a8ea08c3
+  data.tar.gz: 30ff755d1ec25a53119b419ad1d0be3a69bedd7d
 SHA512:
-  metadata.gz: 5df594f849f22a2369d0de9b14c9d58e4870b1588a6b5a0d708229b44872393b8cddea1ddb0c499939ef522408cc7f78867ef6595d77eb641758ec0a2d0e15b8
-  data.tar.gz: cdcfd5e55d97f04636d7af18407194f89495d408c0fd353f53735f2e05e289837f5fa0c6f21a2cba485cbbd17e0e82cde44d0c4c2da70265e512f73769194f5d
+  metadata.gz: df0bc1f0075ede4a575d2c007806ae887ef11d746204df8bda6345b73abf504911fd8bde1c22e6cbf55066553a3c7f9f10653d127a79ead3c2b5fa204dc9b0d1
+  data.tar.gz: becadfd542de1ee8c6863f4dcb4a53db12ea737687942f0699519eb5299a7c22ecac9beb8026a9833dd3dd166810cf6bf0213602fa5696def66fefe6cc5dbb38

data/.hound.yml

@@ -1,3 +1,7 @@
+AllCops:
+  Exclude:
+    - "spec/dummy/db/*"
+
 LineLength:
   Exclude:
     - spec/**/*

data/.travis.yml

@@ -1,18 +1,20 @@
+cache: bundler
 language: ruby
 sudo: false
-cache: bundler
 
 rvm:
-  - 2.0
   - 2.1
-  - 2.2
+  - 2.2.4
+  - 2.3.0
+
+before_install:
+  - gem install bundler -v '~> 1.10'
 
 env:
-  - rails=3.2.0
-  - rails=4.1.0
   - rails=4.2.0
+  - rails=5.0.0
 
 matrix:
   exclude:
-    - env: rails=3.2.0
-      rvm: 2.2
+    - env: rails=5.0.0
+      rvm: 2.1

data/CONTRIBUTING.md

@@ -26,6 +26,8 @@ Make the tests pass:
 
     rake
 
+Add notes on your change to the `NEWS.md` file.
+
 Write a [good commit message][commit].
 Push to your fork.
 [Submit a pull request][pr].

data/Gemfile

@@ -1,7 +1,14 @@
-ENV['rails'] ||= '4.2.0'
+ENV["rails"] ||= "4.2.0"
 
-source 'https://rubygems.org'
+source "https://rubygems.org"
 
-gem 'rails', "~> #{ENV['rails']}"
+gem "rails", "~> #{ENV["rails"]}"
+
+if ENV['rails'].start_with?('5')
+  gem 'rspec-rails', '3.5.0.beta3'
+end
+
+gem "activerecord-jdbcsqlite3-adapter", platform: :jruby
+gem "sqlite3", platform: [:ruby, :mswin, :mingw]
 
 gemspec

data/NEWS.md

@@ -2,7 +2,84 @@
 
 User-visible changes worth mentioning.
 
----
+## master
+
+## 4.0.0
+
+- [#834] Fix AssetNotPrecompiled error with Sprockets 4
+- [#843] Revert "Fix validation error messages"
+- [#847] Specify Null option to timestamps
+
+## 4.0.0.rc4
+
+- [#777] Add support for public client in password grant flow
+- [#823] Make configuration and specs ORM independent
+- [#745] Add created_at timestamp to token generation options
+- [#838] Drop `Application#scopes` generator and warning, introduced for
+  upgrading doorkeeper from v2 to v3.
+- [#801] Fix Rails 5 warning messages
+- Test against Rails 5 RC1
+
+## 4.0.0.rc3
+
+- [#769] Revoke refresh token on access token use. To make use of the new config
+  add `previous_refresh_token` column to `oauth_access_tokens`:
+
+  ```
+  rails generate doorkeeper:previous_refresh_token
+  ```
+- [#811] Toughen parameters filter with exact match
+- [#813] Applications admin bugfix
+- [#799] Fix Ruby Warnings
+- Drop `attr_accessible` from models
+
+### Backward incompatible changes
+
+- [#730] Force all timezones to use UTC to prevent comparison issues.
+- [#802] Remove `config.i18n.fallbacks` from engine
+
+## 4.0.0.rc2
+
+- Fix optional belongs_to for Rails 5
+- Fix Ruby warnings
+
+## 4.0.0.rc1
+
+### Backward incompatible changes
+
+- Drops support for Rails 4.1 and earlier
+- Drops support for Ruby 2.0
+- [#778] Bug fix: use the remaining time that a token is still valid when
+  building the redirect URI for the implicit grant flow
+
+### Other changes
+
+- [#771] Validation error messages fixes
+- Adds foreign key constraints in generated migrations between tokens and
+  grants, and applications
+- Support Rails 5
+
+## 3.1.0
+
+- [#736] Existing valid tokens are now reused in client_credentials flow
+- [#749] Allow user to raise authorization error with custom messages.
+  Under `resource_owner_authenticator` block a user can
+  `raise Doorkeeper::Errors::DoorkeeperError.new('custom_message')`
+- [#762] Check doesn’t abort the actual migration, so it runs
+- [#722] `doorkeeper_forbidden_render_options` now supports returning a 404 by
+  specifying `respond_not_found_when_forbidden: true` in the
+  `doorkeeper_forbidden_render_options` method.
+- [#734] Simplify and remove duplication in request strategy classes
+
+## 3.0.1
+
+- [#712] Wrap exchange of grant token for access token and access token refresh
+  in transactions
+- [#704] Allow applications scopes to be mass assigned
+- [#707] Fixed order of Mixin inclusion and table_name configuration in models
+- [#712] Wrap access token and refresh grants in transactions
+- Adds JRuby support
+- Specs, views and documentation adjustments
 
 ## 3.0.0
 
@@ -45,7 +122,7 @@ User-visible changes worth mentioning.
 - Remove `applications.scopes` upgrade notice.
 
 
-## 2.2.2 (unreleased)
+## 2.2.2
 
 - [#541] Fixed `undefined method attr_accessible` problem on Rails 4
     (happens only when ProtectedAttributes gem is used) in #599

data/README.md

@@ -1,8 +1,8 @@
 # Doorkeeper - awesome oauth provider for your Rails app.
 
 [![Build Status](https://travis-ci.org/doorkeeper-gem/doorkeeper.svg?branch=master)](https://travis-ci.org/doorkeeper-gem/doorkeeper)
-[![Dependency Status](https://gemnasium.com/applicake/doorkeeper.svg?travis)](https://gemnasium.com/applicake/doorkeeper)
-[![Code Climate](https://codeclimate.com/github/applicake/doorkeeper.svg)](https://codeclimate.com/github/applicake/doorkeeper)
+[![Dependency Status](https://gemnasium.com/doorkeeper-gem/doorkeeper.svg?travis)](https://gemnasium.com/doorkeeper-gem/doorkeeper)
+[![Code Climate](https://codeclimate.com/github/doorkeeper-gem/doorkeeper.svg)](https://codeclimate.com/github/doorkeeper-gem/doorkeeper)
 [![Gem Version](https://badge.fury.io/rb/doorkeeper.svg)](https://rubygems.org/gems/doorkeeper)
 
 Doorkeeper is a gem that makes it easy to introduce OAuth 2 provider
@@ -14,43 +14,43 @@ functionality to your Rails or Grape application.
 ## Documentation valid for `master` branch
 
 Please check the documentation for the version of doorkeeper you are using in:
-https://github.com/doorkeeper-gem/doorkeeper/releases.
+https://github.com/doorkeeper-gem/doorkeeper/releases
+
+- See the [wiki](https://github.com/doorkeeper-gem/doorkeeper/wiki)
+- For general questions, please post in [Stack Overflow](http://stackoverflow.com/questions/tagged/doorkeeper)
 
 ## Table of Contents
 
-- [Useful links](#useful-links)
+<!-- START doctoc generated TOC please keep comment here to allow auto update -->
+<!-- DON'T EDIT THIS SECTION, INSTEAD RE-RUN doctoc TO UPDATE -->
+
 - [Installation](#installation)
 - [Configuration](#configuration)
-    - [Active Record](#active-record)
-    - [Other ORMs](#other-orms)
-    - [Routes](#routes)
-    - [Authenticating](#authenticating)
-    - [Internationalization (I18n)](#internationalization-i18n)
+  - [Active Record](#active-record)
+  - [Other ORMs](#other-orms)
+  - [Routes](#routes)
+  - [Authenticating](#authenticating)
+  - [Internationalization (I18n)](#internationalization-i18n)
 - [Protecting resources with OAuth (a.k.a your API endpoint)](#protecting-resources-with-oauth-aka-your-api-endpoint)
-    - [Protect your API with OAuth when using Grape](#protect-your-api-with-oauth-when-using-grape)
-    - [Route Constraints and other integrations](#route-constraints-and-other-integrations)
-    - [Access Token Scopes](#access-token-scopes)
-    - [Custom Access Token Generator](#custom-access-token-generator)
-    - [Authenticated resource owner](#authenticated-resource-owner)
-    - [Applications list](#applications-list)
+  - [Protect your API with OAuth when using Grape](#protect-your-api-with-oauth-when-using-grape)
+  - [Route Constraints and other integrations](#route-constraints-and-other-integrations)
+  - [Access Token Scopes](#access-token-scopes)
+  - [Custom Access Token Generator](#custom-access-token-generator)
+  - [Authenticated resource owner](#authenticated-resource-owner)
+  - [Applications list](#applications-list)
 - [Other customizations](#other-customizations)
 - [Upgrading](#upgrading)
 - [Development](#development)
 - [Contributing](#contributing)
 - [Other resources](#other-resources)
-    - [Wiki](#wiki)
-    - [Live demo](#live-demo)
-    - [Screencast](#screencast)
-    - [Client applications](#client-applications)
-    - [Contributors](#contributors)
-    - [IETF Standards](#ietf-standards)
-    - [License](#license)
-
-
-## Useful links
+  - [Wiki](#wiki)
+  - [Screencast](#screencast)
+  - [Client applications](#client-applications)
+  - [Contributors](#contributors)
+  - [IETF Standards](#ietf-standards)
+  - [License](#license)
 
-- For documentation, please check out our [wiki](https://github.com/doorkeeper-gem/doorkeeper/wiki)
-- For general questions, please post it in [stack overflow](http://stackoverflow.com/questions/tagged/doorkeeper)
+<!-- END doctoc generated TOC please keep comment here to allow auto update -->
 
 ## Installation
 
@@ -75,9 +75,19 @@ to generate the migration tables:
 
     rails generate doorkeeper:migration
 
-Don't forget to run the migration with:
+You may want to add foreign keys to your migration. For example, if you plan on
+using `User` as the resource owner, add the following line to the migration file
+for each table that includes a `resource_owner_id` column:
+
+```ruby
+add_foreign_key :table_name, :users, column: :resource_owner_id
+```
 
-    rake db:migrate
+Then run migrations:
+
+```sh
+rake db:migrate
+```
 
 ### Other ORMs
 
@@ -117,7 +127,7 @@ wiki](https://github.com/doorkeeper-gem/doorkeeper/wiki/Customizing-routes).
 ### Authenticating
 
 You need to configure Doorkeeper in order to provide `resource_owner` model
-and authentication block `initializers/doorkeeper.rb`
+and authentication block in `config/initializers/doorkeeper.rb`:
 
 ``` ruby
 Doorkeeper.configure do
@@ -236,13 +246,13 @@ class Api::V1::ProductsController < Api::V1::ApiController
 end
 ```
 
-Please note that there is a logical OR between multiple required scopes. In
+Please note that there is a logical OR between multiple required scopes. In the
 above example, `doorkeeper_authorize! :admin, :write` means that the access
-token is required to have either `:admin` scope or `:write` scope, but not need
-have both of them.
+token is required to have either `:admin` scope or `:write` scope, but does not
+need have both of them.
 
-If want to require the access token to have multiple scopes at the same time,
-use multiple `doorkeeper_authorize!`, for example:
+If you want to require the access token to have multiple scopes at the same
+time, use multiple `doorkeeper_authorize!`, for example:
 
 ```ruby
 class Api::V1::ProductsController < Api::V1::ApiController
@@ -254,12 +264,12 @@ class Api::V1::ProductsController < Api::V1::ApiController
 end
 ```
 
-In above example, a client can call `:create` action only if its access token
-have both `:admin` and `:write` scopes.
+In the above example, a client can call `:create` action only if its access token
+has both `:admin` and `:write` scopes.
 
 ### Custom Access Token Generator
 
-By default a 32 bit access token will be generated. If you require a custom
+By default a 128 bit access token will be generated. If you require a custom
 token, such as [JWT](http://jwt.io), specify an object that responds to
 `.generate(options = {})` and returns a string to be used as the token.
 
@@ -303,7 +313,7 @@ token owner.
 
 ### Applications list
 
-By default, the applications list (`/oauth/applications`) is public available.
+By default, the applications list (`/oauth/applications`) is publicly available.
 To protect the endpoint you should uncomment these lines:
 
 ```ruby
@@ -317,9 +327,9 @@ end
 
 The logic is the same as the `resource_owner_authenticator` block. **Note:**
 since the application list is just a scaffold, it's recommended to either
-customize the controller used by the list or skip the controller at all. For
-more information see the page [in the
-wiki](https://github.com/doorkeeper-gem/doorkeeper/wiki/Customizing-routes).
+customize the controller used by the list or skip the controller all together.
+For more information see the page
+[in the wiki](https://github.com/doorkeeper-gem/doorkeeper/wiki/Customizing-routes).
 
 ## Other customizations
 
@@ -331,7 +341,9 @@ wiki](https://github.com/doorkeeper-gem/doorkeeper/wiki/Customizing-routes).
 If you want to upgrade doorkeeper to a new version, check out the [upgrading
 notes](https://github.com/doorkeeper-gem/doorkeeper/wiki/Migration-from-old-versions)
 and take a look at the
-[changelog](https://github.com/doorkeeper-gem/doorkeeper/blob/master/CHANGELOG.md).
+[changelog](https://github.com/doorkeeper-gem/doorkeeper/blob/master/NEWS.md).
+
+Doorkeeper follows [semantic versioning](http://semver.org/).
 
 ## Development
 
@@ -369,12 +381,6 @@ page](https://github.com/doorkeeper-gem/doorkeeper/wiki/Contributing).
 You can find everything about doorkeeper in our [wiki
 here](https://github.com/doorkeeper-gem/doorkeeper/wiki).
 
-### Live demo
-
-Check out this [live demo](http://doorkeeper-provider.herokuapp.com) hosted on
-heroku. For more demos check out [the
-wiki](https://github.com/doorkeeper-gem/doorkeeper/wiki/Example-Applications).
-
 ### Screencast
 
 Check out this screencast from [railscasts.com](http://railscasts.com/): [#353
@@ -392,7 +398,7 @@ here](https://github.com/doorkeeper-gem/doorkeeper/wiki/Testing-your-provider-wi
 ### Contributors
 
 Thanks to all our [awesome
-contributors](https://github.com/doorkeeper-gem/doorkeeper/contributors)!
+contributors](https://github.com/doorkeeper-gem/doorkeeper/graphs/contributors)!
 
 
 ### IETF Standards
@@ -404,4 +410,3 @@ contributors](https://github.com/doorkeeper-gem/doorkeeper/contributors)!
 ### License
 
 MIT License. Copyright 2011 Applicake.
-[http://applicake.com](http://applicake.com)

data/RELEASING.md

@@ -4,8 +4,8 @@
 2. Update `NEWS.md` to reflect the changes since last release.
 3. Commit changes. There shouldn’t be code changes, and thus CI doesn’t need to
    run, you can then add “[ci skip]” to the commit message.
-4. Tag the release: `git tag vVERSION`
-5. Push changes: `git push --tags`
+4. Tag the release: `git tag vVERSION -m "Release vVERSION"`
+5. Push changes: `git push && git push --tags`
 6. Build and publish the gem:
 
    ```bash

data/Rakefile

@@ -2,7 +2,7 @@ require 'bundler/setup'
 require 'rspec/core/rake_task'
 
 desc 'Default: run specs.'
-task :default => :spec
+task default: :spec
 
 desc "Run all specs"
 RSpec::Core::RakeTask.new(:spec) do |config|

data/app/assets/stylesheets/doorkeeper/admin/application.css

@@ -5,10 +5,6 @@
  *= require_tree .
 */
 
-body {
-  padding-top: 60px;
-}
-
 td {
-    vertical-align: middle !important;
+  vertical-align: middle !important;
 }

data/app/controllers/doorkeeper/application_metal_controller.rb

@@ -1,13 +1,12 @@
 module Doorkeeper
   class ApplicationMetalController < ActionController::Metal
     MODULES = [
-      ActionController::RackDelegation,
       ActionController::Instrumentation,
       AbstractController::Rendering,
       ActionController::Rendering,
       ActionController::Renderers::All,
       Helpers::Controller
-    ]
+    ].freeze
 
     MODULES.each do |mod|
       include mod

data/app/controllers/doorkeeper/applications_controller.rb

@@ -2,8 +2,8 @@ module Doorkeeper
   class ApplicationsController < Doorkeeper::ApplicationController
     layout 'doorkeeper/admin'
 
-    before_filter :authenticate_admin!
-    before_filter :set_application, only: [:show, :edit, :update, :destroy]
+    before_action :authenticate_admin!
+    before_action :set_application, only: [:show, :edit, :update, :destroy]
 
     def index
       @applications = Application.all

data/app/controllers/doorkeeper/authorizations_controller.rb

@@ -1,6 +1,6 @@
 module Doorkeeper
   class AuthorizationsController < Doorkeeper::ApplicationController
-    before_filter :authenticate_resource_owner!
+    before_action :authenticate_resource_owner!
 
     def new
       if pre_auth.authorizable?

data/app/controllers/doorkeeper/authorized_applications_controller.rb

@@ -1,6 +1,6 @@
 module Doorkeeper
   class AuthorizedApplicationsController < Doorkeeper::ApplicationController
-    before_filter :authenticate_resource_owner!
+    before_action :authenticate_resource_owner!
 
     def index
       @applications = Application.authorized_for(current_resource_owner)

data/app/controllers/doorkeeper/tokens_controller.rb

@@ -2,7 +2,7 @@ module Doorkeeper
   class TokensController < Doorkeeper::ApplicationMetalController
     def create
       response = authorize_response
-      self.headers.merge! response.headers
+      headers.merge! response.headers
       self.response_body = response.body.to_json
       self.status        = response.status
     rescue Errors::DoorkeeperError => e

data/app/helpers/doorkeeper/dashboard_helper.rb

@@ -1,15 +1,17 @@
-module Doorkeeper::DashboardHelper
-  def doorkeeper_errors_for(object, method)
-    if object.errors[method].present?
-      object.errors[method].map do |msg|
-        content_tag(:span, class: 'help-block') do
-          msg.capitalize
-        end
-      end.join.html_safe
+module Doorkeeper
+  module DashboardHelper
+    def doorkeeper_errors_for(object, method)
+      if object.errors[method].present?
+        object.errors[method].map do |msg|
+          content_tag(:span, class: 'help-block') do
+            msg.capitalize
+          end
+        end.join.html_safe
+      end
     end
-  end
 
-  def doorkeeper_submit_path(application)
-    application.persisted? ? oauth_application_path(application) : oauth_applications_path
+    def doorkeeper_submit_path(application)
+      application.persisted? ? oauth_application_path(application) : oauth_applications_path
+    end
   end
 end

data/app/views/doorkeeper/applications/show.html.erb

@@ -22,7 +22,7 @@
             <code><%= uri %></code>
           </td>
           <td>
-            <%= link_to t('doorkeeper.applications.buttons.authorize'), oauth_authorization_path(client_id: @application.uid, redirect_uri: uri, response_type: 'code'), class: 'btn btn-success', target: '_blank' %>
+            <%= link_to t('doorkeeper.applications.buttons.authorize'), oauth_authorization_path(client_id: @application.uid, redirect_uri: uri, response_type: 'code', scope: @application.scopes), class: 'btn btn-success', target: '_blank' %>
           </td>
         </tr>
       <% end %>

data/app/views/doorkeeper/authorizations/new.html.erb

@@ -7,7 +7,7 @@
     <%= raw t('.prompt', client_name: "<strong class=\"text-info\">#{ @pre_auth.client.name }</strong>") %>
   </p>
 
-  <% if @pre_auth.scopes %>
+  <% if @pre_auth.scopes.count > 0 %>
     <div id="oauth-permissions">
       <p><%= t('.able_to') %>:</p>
 

data/app/views/layouts/doorkeeper/admin.html.erb

@@ -9,8 +9,8 @@
   <%= csrf_meta_tags %>
 </head>
 <body>
-<div class="navbar navbar-inverse navbar-fixed-top" role="navigation">
-  <div class="container">
+<div class="navbar navbar-inverse navbar-static-top" role="navigation">
+  <div class="container-fluid">
     <div class="navbar-header">
       <%= link_to t('doorkeeper.layouts.admin.nav.oauth2_provider'), oauth_applications_path, class: 'navbar-brand' %>
     </div>
@@ -18,6 +18,9 @@
       <%= content_tag :li, class: "#{'active' if request.path == oauth_applications_path}" do %>
         <%= link_to t('doorkeeper.layouts.admin.nav.applications'), oauth_applications_path %>
       <% end %>
+      <%= content_tag :li do %>
+        <%= link_to t('doorkeeper.layouts.admin.nav.home'), root_path %>
+      <% end %>
     </ul>
   </div>
 </div>

data/config/locales/en.yml

@@ -119,5 +119,6 @@ en:
         nav:
           oauth2_provider: 'OAuth2 Provider'
           applications: 'Applications'
+          home: 'Home'
       application:
         title: 'OAuth authorization required'

data/doorkeeper.gemspec

@@ -1,4 +1,4 @@
-$:.push File.expand_path("../lib", __FILE__)
+$LOAD_PATH.push File.expand_path("../lib", __FILE__)
 
 require "doorkeeper/version"
 
@@ -16,13 +16,13 @@ Gem::Specification.new do |s|
   s.test_files    = `git ls-files -- spec/*`.split("\n")
   s.require_paths = ["lib"]
 
-  s.add_dependency "railties", ">= 3.2"
+  s.add_dependency "railties", ">= 4.2"
 
-  s.add_development_dependency "sqlite3", "~> 1.3.5"
-  s.add_development_dependency "rspec-rails", "~> 3.2.0"
-  s.add_development_dependency "capybara", "~> 2.3.0"
-  s.add_development_dependency "generator_spec", "~> 0.9.0"
+  s.add_development_dependency "capybara"
+  s.add_development_dependency "database_cleaner", "~> 1.3.0"
   s.add_development_dependency "factory_girl", "~> 4.5.0"
+  s.add_development_dependency "generator_spec", "~> 0.9.0"
+  s.add_development_dependency "rake", "> 10.5.0"
+  s.add_development_dependency "rspec-rails"
   s.add_development_dependency "timecop", "~> 0.7.0"
-  s.add_development_dependency "database_cleaner", "~> 1.3.0"
 end

data/lib/doorkeeper/config.rb

@@ -10,15 +10,10 @@ module Doorkeeper
     setup_orm_adapter
     setup_orm_models
     setup_application_owner if @config.enable_application_owner?
-    check_requirements
   end
 
   def self.configuration
-    @config || (fail MissingConfiguration.new)
-  end
-
-  def self.check_requirements
-    @orm_adapter.check_requirements!(configuration)
+    @config || (fail MissingConfiguration)
   end
 
   def self.setup_orm_adapter
@@ -133,19 +128,20 @@ doorkeeper.
         attribute_builder = options[:builder_class]
 
         Builder.instance_eval do
+          remove_method name if method_defined?(name)
           define_method name do |*args, &block|
             # TODO: is builder_class option being used?
-            value = unless attribute_builder
-                      block ? block : args.first
-                    else
+            value = if attribute_builder
                       attribute_builder.new(&block).build
+                    else
+                      block ? block : args.first
                     end
 
             @config.instance_variable_set(:"@#{attribute}", value)
           end
         end
 
-        define_method attribute do |*args|
+        define_method attribute do |*_args|
           if instance_variable_defined?(:"@#{attribute}")
             instance_variable_get(:"@#{attribute}")
           else
@@ -180,7 +176,7 @@ doorkeeper.
 
     option :skip_authorization,             default: ->(_routes) {}
     option :access_token_expires_in,        default: 7200
-    option :custom_access_token_expires_in, default: lambda { |_app| nil }
+    option :custom_access_token_expires_in, default: ->(_app) { nil }
     option :authorization_code_expires_in,  default: 600
     option :orm,                            default: :active_record
     option :native_redirect_uri,            default: 'urn:ietf:wg:oauth:2.0:oob'
@@ -193,14 +189,17 @@ doorkeeper.
     attr_reader :reuse_access_token
 
     def refresh_token_enabled?
+      @refresh_token_enabled ||= false
       !!@refresh_token_enabled
     end
 
     def enable_application_owner?
+      @enable_application_owner ||= false
       !!@enable_application_owner
     end
 
     def confirm_application_owner?
+      @confirm_application_owner ||= false
       !!@confirm_application_owner
     end
 
@@ -224,10 +223,6 @@ doorkeeper.
       @access_token_methods ||= [:from_bearer_authorization, :from_access_token_param, :from_bearer_param]
     end
 
-    def realm
-      @realm ||= 'Doorkeeper'
-    end
-
     def authorization_response_types
       @authorization_response_types ||= calculate_authorization_response_types
     end