RubyGems - doorkeeper - Versions diffs - 3.0.0 → 4.0.0 - Mend

doorkeeper 3.0.0 → 4.0.0

Potentially problematic release.

This version of doorkeeper might be problematic. Click here for more details.

Files changed (114) hide show

checksums.yaml +4 -4
data/.hound.yml +4 -0
data/.travis.yml +9 -7
data/CONTRIBUTING.md +2 -0
data/Gemfile +10 -3
data/NEWS.md +79 -2
data/README.md +56 -51
data/RELEASING.md +2 -2
data/Rakefile +1 -1
data/app/assets/stylesheets/doorkeeper/admin/application.css +1 -5
data/app/controllers/doorkeeper/application_metal_controller.rb +1 -2
data/app/controllers/doorkeeper/applications_controller.rb +2 -2
data/app/controllers/doorkeeper/authorizations_controller.rb +1 -1
data/app/controllers/doorkeeper/authorized_applications_controller.rb +1 -1
data/app/controllers/doorkeeper/tokens_controller.rb +1 -1
data/app/helpers/doorkeeper/dashboard_helper.rb +13 -11
data/app/views/doorkeeper/applications/show.html.erb +1 -1
data/app/views/doorkeeper/authorizations/new.html.erb +1 -1
data/app/views/layouts/doorkeeper/admin.html.erb +5 -2
data/config/locales/en.yml +1 -0
data/doorkeeper.gemspec +7 -7
data/lib/doorkeeper/config.rb +10 -15
data/lib/doorkeeper/engine.rb +11 -7
data/lib/doorkeeper/errors.rb +6 -0
data/lib/doorkeeper/helpers/controller.rb +7 -1
data/lib/doorkeeper/models/access_grant_mixin.rb +9 -5
data/lib/doorkeeper/models/access_token_mixin.rb +28 -22
data/lib/doorkeeper/models/application_mixin.rb +3 -7
data/lib/doorkeeper/models/concerns/expirable.rb +2 -2
data/lib/doorkeeper/models/concerns/ownership.rb +6 -1
data/lib/doorkeeper/models/concerns/revocable.rb +19 -2
data/lib/doorkeeper/oauth/authorization/uri_builder.rb +1 -1
data/lib/doorkeeper/oauth/authorization_code_request.rb +10 -5
data/lib/doorkeeper/oauth/client/credentials.rb +1 -1
data/lib/doorkeeper/oauth/client_credentials/creator.rb +3 -4
data/lib/doorkeeper/oauth/client_credentials/issuer.rb +2 -1
data/lib/doorkeeper/oauth/client_credentials_request.rb +7 -4
data/lib/doorkeeper/oauth/code_response.rb +13 -14
data/lib/doorkeeper/oauth/error.rb +5 -1
data/lib/doorkeeper/oauth/helpers/scope_checker.rb +1 -1
data/lib/doorkeeper/oauth/helpers/uri_checker.rb +2 -1
data/lib/doorkeeper/oauth/password_access_token_request.rb +6 -10
data/lib/doorkeeper/oauth/refresh_token_request.rb +29 -12
data/lib/doorkeeper/oauth/scopes.rb +2 -2
data/lib/doorkeeper/oauth/token.rb +6 -5
data/lib/doorkeeper/oauth/token_response.rb +1 -1
data/lib/doorkeeper/orm/active_record/access_grant.rb +2 -2
data/lib/doorkeeper/orm/active_record/access_token.rb +10 -2
data/lib/doorkeeper/orm/active_record/application.rb +4 -9
data/lib/doorkeeper/orm/active_record.rb +0 -15
data/lib/doorkeeper/rails/helpers.rb +13 -3
data/lib/doorkeeper/rails/routes/mapper.rb +1 -1
data/lib/doorkeeper/rails/routes.rb +2 -1
data/lib/doorkeeper/request/authorization_code.rb +10 -15
data/lib/doorkeeper/request/client_credentials.rb +9 -15
data/lib/doorkeeper/request/code.rb +7 -13
data/lib/doorkeeper/request/password.rb +18 -13
data/lib/doorkeeper/request/refresh_token.rb +11 -13
data/lib/doorkeeper/request/strategy.rb +17 -0
data/lib/doorkeeper/request/token.rb +7 -13
data/lib/doorkeeper/request.rb +18 -8
data/lib/doorkeeper/server.rb +2 -2
data/lib/doorkeeper/version.rb +1 -1
data/lib/doorkeeper.rb +1 -1
data/lib/generators/doorkeeper/previous_refresh_token_generator.rb +29 -0
data/lib/generators/doorkeeper/templates/add_owner_to_application_migration.rb +1 -1
data/lib/generators/doorkeeper/templates/add_previous_refresh_token_to_access_tokens.rb +11 -0
data/lib/generators/doorkeeper/templates/initializer.rb +2 -2
data/lib/generators/doorkeeper/templates/migration.rb +23 -5
data/spec/controllers/authorizations_controller_spec.rb +0 -14
data/spec/controllers/protected_resources_controller_spec.rb +138 -15
data/spec/controllers/tokens_controller_spec.rb +30 -0
data/spec/dummy/app/controllers/full_protected_resources_controller.rb +4 -4
data/spec/dummy/app/controllers/home_controller.rb +1 -1
data/spec/dummy/app/controllers/metal_controller.rb +1 -1
data/spec/dummy/app/controllers/semi_protected_resources_controller.rb +3 -3
data/spec/dummy/app/models/user.rb +0 -4
data/spec/dummy/config/application.rb +2 -36
data/spec/dummy/config/environment.rb +1 -1
data/spec/dummy/config/environments/test.rb +4 -15
data/spec/dummy/config/initializers/active_record_belongs_to_required_by_default.rb +6 -0
data/spec/dummy/config/initializers/doorkeeper.rb +2 -2
data/spec/dummy/db/migrate/{20130902165751_create_doorkeeper_tables.rb → 20151223192035_create_doorkeeper_tables.rb} +24 -5
data/spec/dummy/db/migrate/20160320211015_add_previous_refresh_token_to_access_tokens.rb +11 -0
data/spec/dummy/db/schema.rb +23 -22
data/spec/lib/config_spec.rb +2 -2
data/spec/lib/models/revocable_spec.rb +27 -4
data/spec/lib/oauth/authorization_code_request_spec.rb +1 -1
data/spec/lib/oauth/client_credentials/creator_spec.rb +25 -1
data/spec/lib/oauth/code_response_spec.rb +34 -0
data/spec/lib/oauth/error_response_spec.rb +7 -7
data/spec/lib/oauth/error_spec.rb +9 -5
data/spec/lib/oauth/password_access_token_request_spec.rb +5 -5
data/spec/lib/oauth/refresh_token_request_spec.rb +34 -3
data/spec/lib/oauth/scopes_spec.rb +1 -2
data/spec/lib/oauth/token_spec.rb +12 -5
data/spec/lib/request/strategy_spec.rb +53 -0
data/spec/lib/server_spec.rb +1 -1
data/spec/models/doorkeeper/access_grant_spec.rb +5 -5
data/spec/models/doorkeeper/access_token_spec.rb +49 -5
data/spec/models/doorkeeper/application_spec.rb +2 -10
data/spec/requests/flows/authorization_code_spec.rb +26 -0
data/spec/requests/flows/password_spec.rb +26 -5
data/spec/requests/flows/refresh_token_spec.rb +95 -17
data/spec/spec_helper_integration.rb +10 -0
data/spec/support/helpers/model_helper.rb +27 -5
data/spec/support/http_method_shim.rb +24 -0
data/spec/support/shared/controllers_shared_context.rb +13 -4
data/spec/support/shared/models_shared_examples.rb +1 -1
metadata +46 -38
data/lib/generators/doorkeeper/application_scopes_generator.rb +0 -34
data/lib/generators/doorkeeper/templates/add_scopes_to_oauth_applications.rb +0 -5
data/spec/dummy/db/migrate/20141209001746_add_scopes_to_oauth_applications.rb +0 -5
/data/spec/dummy/db/migrate/{20130902175349_add_owner_to_application.rb → 20151223200000_add_owner_to_application.rb} +0 -0

data/spec/requests/flows/password_spec.rb CHANGED Viewed

@@ -24,14 +24,26 @@ describe 'Resource Owner Password Credentials Flow' do
   end
   context 'with valid user credentials' do
-    it 'should issue new token' do
+    it 'should issue new token with confidential client' do
       expect do
         post password_token_endpoint_url(client: @client, resource_owner: @resource_owner)
       end.to change { Doorkeeper::AccessToken.count }.by(1)
       token = Doorkeeper::AccessToken.first
-      should_have_json 'access_token',  token.token
+      expect(token.application_id).to eq @client.id
+      should_have_json 'access_token', token.token
+    end
+    it 'should issue new token with public client (only client_id present)' do
+      expect do
+        post password_token_endpoint_url(client_id: @client.uid, resource_owner: @resource_owner)
+      end.to change { Doorkeeper::AccessToken.count }.by(1)
+      token = Doorkeeper::AccessToken.first
+      expect(token.application_id).to eq @client.id
+      should_have_json 'access_token', token.token
     end
     it 'should issue new token without client credentials' do
@@ -41,7 +53,8 @@ describe 'Resource Owner Password Credentials Flow' do
       token = Doorkeeper::AccessToken.first
-      should_have_json 'access_token',  token.token
+      expect(token.application_id).to be_nil
+      should_have_json 'access_token', token.token
     end
     it 'should issue a refresh token if enabled' do
@@ -51,7 +64,7 @@ describe 'Resource Owner Password Credentials Flow' do
       token = Doorkeeper::AccessToken.first
-      should_have_json 'refresh_token',  token.refresh_token
+      should_have_json 'refresh_token', token.refresh_token
     end
     it 'should return the same token if it is still accessible' do
@@ -82,7 +95,7 @@ describe 'Resource Owner Password Credentials Flow' do
     end
   end
-  context 'with invalid client credentials' do
+  context 'with invalid confidential client credentials' do
     it 'should not issue new token with bad client credentials' do
       expect do
         post password_token_endpoint_url(client_id: @client.uid,
@@ -91,4 +104,12 @@ describe 'Resource Owner Password Credentials Flow' do
       end.to_not change { Doorkeeper::AccessToken.count }
     end
   end
+  context 'with invalid public client id' do
+    it 'should not issue new token with bad client id' do
+      expect do
+        post password_token_endpoint_url(client_id: 'bad_id', resource_owner: @resource_owner)
+      end.to_not change { Doorkeeper::AccessToken.count }
+    end
+  end
 end

data/spec/requests/flows/refresh_token_spec.rb CHANGED Viewed

@@ -37,20 +37,62 @@ describe 'Refresh Token Flow' do
   context 'refreshing the token' do
     before do
-      @token = FactoryGirl.create(:access_token, application: @client, resource_owner_id: 1, use_refresh_token: true)
+      @token = FactoryGirl.create(
+        :access_token,
+        application: @client,
+        resource_owner_id: 1,
+        use_refresh_token: true
+      )
     end
-    it 'client request a token with refresh token' do
-      post refresh_token_endpoint_url(client: @client, refresh_token: @token.refresh_token)
-      should_have_json 'refresh_token', Doorkeeper::AccessToken.last.refresh_token
-      expect(@token.reload).to be_revoked
+    context "refresh_token revoked on use" do
+      it 'client request a token with refresh token' do
+        post refresh_token_endpoint_url(
+          client: @client, refresh_token: @token.refresh_token
+        )
+        should_have_json(
+          'refresh_token', Doorkeeper::AccessToken.last.refresh_token
+        )
+        expect(@token.reload).not_to be_revoked
+      end
+      it 'client request a token with expired access token' do
+        @token.update_attribute :expires_in, -100
+        post refresh_token_endpoint_url(
+          client: @client, refresh_token: @token.refresh_token
+        )
+        should_have_json(
+          'refresh_token', Doorkeeper::AccessToken.last.refresh_token
+        )
+        expect(@token.reload).not_to be_revoked
+      end
     end
-    it 'client request a token with expired access token' do
-      @token.update_attribute :expires_in, -100
-      post refresh_token_endpoint_url(client: @client, refresh_token: @token.refresh_token)
-      should_have_json 'refresh_token', Doorkeeper::AccessToken.last.refresh_token
-      expect(@token.reload).to be_revoked
+    context "refresh_token revoked on refresh_token request" do
+      before do
+        allow(Doorkeeper::AccessToken).to receive(:refresh_token_revoked_on_use?).and_return(false)
+      end
+      it 'client request a token with refresh token' do
+        post refresh_token_endpoint_url(
+          client: @client, refresh_token: @token.refresh_token
+        )
+        should_have_json(
+          'refresh_token', Doorkeeper::AccessToken.last.refresh_token
+        )
+        expect(@token.reload).to be_revoked
+      end
+      it 'client request a token with expired access token' do
+        @token.update_attribute :expires_in, -100
+        post refresh_token_endpoint_url(
+          client: @client, refresh_token: @token.refresh_token
+        )
+        should_have_json(
+          'refresh_token', Doorkeeper::AccessToken.last.refresh_token
+        )
+        expect(@token.reload).to be_revoked
+      end
     end
     it 'client gets an error for invalid refresh token' do
@@ -65,26 +107,62 @@ describe 'Refresh Token Flow' do
       should_not_have_json 'refresh_token'
       should_have_json 'error', 'invalid_grant'
     end
+    it 'second of simultaneous client requests get an error for revoked acccess token' do
+      allow_any_instance_of(Doorkeeper::AccessToken).to receive(:revoked?).and_return(false, true)
+      post refresh_token_endpoint_url(client: @client, refresh_token: @token.refresh_token)
+      should_not_have_json 'refresh_token'
+      should_have_json 'error', 'invalid_request'
+    end
   end
   context 'refreshing the token with multiple sessions (devices)' do
     before do
       # enable password auth to simulate other devices
       config_is_set(:grant_flows, ["password"])
-      config_is_set(:resource_owner_from_credentials) { User.authenticate! params[:username], params[:password] }
+      config_is_set(:resource_owner_from_credentials) do
+        User.authenticate! params[:username], params[:password]
+      end
       create_resource_owner
-      _another_token = post password_token_endpoint_url(client: @client, resource_owner: @resource_owner)
+      _another_token = post password_token_endpoint_url(
+        client: @client, resource_owner: @resource_owner
+      )
       last_token.update_attribute :created_at, 5.seconds.ago
-      @token = FactoryGirl.create(:access_token, application: @client, resource_owner_id: @resource_owner.id, use_refresh_token: true)
+      @token = FactoryGirl.create(
+        :access_token,
+        application: @client,
+        resource_owner_id: @resource_owner.id,
+        use_refresh_token: true
+      )
       @token.update_attribute :expires_in, -100
     end
-    it 'client request a token after creating another token with the same user' do
-      post refresh_token_endpoint_url(client: @client, refresh_token: @token.refresh_token)
+    context "refresh_token revoked on use" do
+      it 'client request a token after creating another token with the same user' do
+        post refresh_token_endpoint_url(
+          client: @client, refresh_token: @token.refresh_token
+        )
+        should_have_json 'refresh_token', last_token.refresh_token
+        expect(@token.reload).not_to be_revoked
+      end
+    end
+    context "refresh_token revoked on refresh_token request" do
+      before do
+        allow(Doorkeeper::AccessToken).to receive(:refresh_token_revoked_on_use?).and_return(false)
+      end
+      it 'client request a token after creating another token with the same user' do
+        post refresh_token_endpoint_url(
+          client: @client, refresh_token: @token.refresh_token
+        )
-      should_have_json 'refresh_token', last_token.refresh_token
-      expect(@token.reload).to be_revoked
+        should_have_json 'refresh_token', last_token.refresh_token
+        expect(@token.reload).to be_revoked
+      end
     end
     def last_token

data/spec/spec_helper_integration.rb CHANGED Viewed

@@ -14,6 +14,13 @@ require 'generator_spec/test_case'
 require 'timecop'
 require 'database_cleaner'
+# Load JRuby SQLite3 if in that platform
+begin
+  require 'jdbc/sqlite3'
+  Jdbc::SQLite3.load_driver
+rescue LoadError
+end
 Rails.logger.info "====> Doorkeeper.orm = #{Doorkeeper.configuration.orm.inspect}"
 if Doorkeeper.configuration.orm == :active_record
   Rails.logger.info "======> active_record.table_name_prefix = #{Rails.configuration.active_record.table_name_prefix.inspect}"
@@ -28,6 +35,9 @@ ENGINE_RAILS_ROOT = File.join(File.dirname(__FILE__), '../')
 Dir["#{File.dirname(__FILE__)}/support/{dependencies,helpers,shared}/*.rb"].each { |f| require f }
+# Remove after dropping support of Rails 4.2
+require "#{File.dirname(__FILE__)}/support/http_method_shim.rb"
 RSpec.configure do |config|
   config.infer_spec_type_from_file_location!
   config.mock_with :rspec

data/spec/support/helpers/model_helper.rb CHANGED Viewed

@@ -13,14 +13,20 @@ module ModelHelper
   def access_grant_should_exist_for(client, resource_owner)
     grant = Doorkeeper::AccessGrant.first
-    expect(grant.application).to eq(client)
-    grant.resource_owner_id  == resource_owner.id
+    expect(grant.application).to have_attributes(id: client.id).
+      and(be_instance_of(Doorkeeper::Application))
+    expect(grant.resource_owner_id).to eq(resource_owner.id)
   end
   def access_token_should_exist_for(client, resource_owner)
-    grant = Doorkeeper::AccessToken.first
-    expect(grant.application).to eq(client)
-    grant.resource_owner_id  == resource_owner.id
+    token = Doorkeeper::AccessToken.first
+    expect(token.application).to have_attributes(id: client.id).
+      and(be_instance_of(Doorkeeper::Application))
+    expect(token.resource_owner_id).to eq(resource_owner.id)
   end
   def access_grant_should_not_exist
@@ -40,6 +46,22 @@ module ModelHelper
     grant = Doorkeeper::AccessToken.last
     expect(grant.scopes).to eq(Doorkeeper::OAuth::Scopes.from_array(args))
   end
+  def uniqueness_error
+    case DOORKEEPER_ORM
+    when :active_record
+      ActiveRecord::RecordNotUnique
+    when :sequel
+      error_classes = [Sequel::UniqueConstraintViolation, Sequel::ValidationFailed]
+      proc { |error| expect(error.class).to be_in(error_classes) }
+    when :mongo_mapper
+      MongoMapper::DocumentNotValid
+    when /mongoid/
+      Mongoid::Errors::Validations
+    else
+      raise "'#{DOORKEEPER_ORM}' ORM is not supported!"
+    end
+  end
 end
 RSpec.configuration.send :include, ModelHelper

data/spec/support/http_method_shim.rb ADDED Viewed

@@ -0,0 +1,24 @@
+# Rails 5 deprecates calling HTTP action methods with positional arguments
+# in favor of keyword arguments. However, the keyword argument form is only
+# supported in Rails 5+. Since we support back to 4, we need some sort of shim
+# to avoid super noisy deprecations when running tests.
+module HTTPMethodShim
+  def get(path, params = nil, headers = nil)
+    super(path, params: params, headers: headers)
+  end
+  def post(path, params = nil, headers = nil)
+    super(path, params: params, headers: headers)
+  end
+  def put(path, params = nil, headers = nil)
+    super(path, params: params, headers: headers)
+  end
+end
+if ::Rails::VERSION::MAJOR >= 5
+  RSpec.configure do |config|
+    config.include HTTPMethodShim, type: :controller
+    config.include HTTPMethodShim, type: :request
+  end
+end

data/spec/support/shared/controllers_shared_context.rb CHANGED Viewed

@@ -4,11 +4,15 @@ shared_context 'valid token', token: :valid do
   end
   let :token do
-    double(Doorkeeper::AccessToken, accessible?: true, includes_scope?: true, acceptable?: true)
+    double(Doorkeeper::AccessToken,
+           accessible?: true, includes_scope?: true, acceptable?: true,
+           previous_refresh_token: "", revoke_previous_refresh_token!: true)
   end
   before :each do
-    allow(Doorkeeper::AccessToken).to receive(:by_token).with(token_string).and_return(token)
+    allow(
+      Doorkeeper::AccessToken
+    ).to receive(:by_token).with(token_string).and_return(token)
   end
 end
@@ -18,11 +22,16 @@ shared_context 'invalid token', token: :invalid do
   end
   let :token do
-    double(Doorkeeper::AccessToken, accessible?: false, revoked?: false, expired?: false, includes_scope?: false, acceptable?: false)
+    double(Doorkeeper::AccessToken,
+           accessible?: false, revoked?: false, expired?: false,
+           includes_scope?: false, acceptable?: false,
+           previous_refresh_token: "", revoke_previous_refresh_token!: true)
   end
   before :each do
-    allow(Doorkeeper::AccessToken).to receive(:by_token).with(token_string).and_return(token)
+    allow(
+      Doorkeeper::AccessToken
+    ).to receive(:by_token).with(token_string).and_return(token)
   end
 end

data/spec/support/shared/models_shared_examples.rb CHANGED Viewed

@@ -46,7 +46,7 @@ shared_examples 'a unique token' do
       token2.token = token1.token
       expect do
         token2.save!(validate: false)
-      end.to raise_error
+      end.to raise_error(uniqueness_error)
     end
   end
 end

metadata CHANGED Viewed

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: doorkeeper
 version: !ruby/object:Gem::Version
-  version: 3.0.0
+  version: 4.0.0
 platform: ruby
 authors:
 - Felipe Elias Philipp
@@ -9,7 +9,7 @@ authors:
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2015-07-30 00:00:00.000000000 Z
+date: 2016-07-01 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: railties
@@ -17,56 +17,56 @@ dependencies:
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '3.2'
+        version: '4.2'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '3.2'
+        version: '4.2'
 - !ruby/object:Gem::Dependency
-  name: sqlite3
+  name: capybara
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: 1.3.5
+        version: '0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: 1.3.5
+        version: '0'
 - !ruby/object:Gem::Dependency
-  name: rspec-rails
+  name: database_cleaner
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 3.2.0
+        version: 1.3.0
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 3.2.0
+        version: 1.3.0
 - !ruby/object:Gem::Dependency
-  name: capybara
+  name: factory_girl
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 2.3.0
+        version: 4.5.0
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 2.3.0
+        version: 4.5.0
 - !ruby/object:Gem::Dependency
   name: generator_spec
   requirement: !ruby/object:Gem::Requirement
@@ -82,47 +82,47 @@ dependencies:
       - !ruby/object:Gem::Version
         version: 0.9.0
 - !ruby/object:Gem::Dependency
-  name: factory_girl
+  name: rake
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">"
       - !ruby/object:Gem::Version
-        version: 4.5.0
+        version: 10.5.0
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">"
       - !ruby/object:Gem::Version
-        version: 4.5.0
+        version: 10.5.0
 - !ruby/object:Gem::Dependency
-  name: timecop
+  name: rspec-rails
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: 0.7.0
+        version: '0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: 0.7.0
+        version: '0'
 - !ruby/object:Gem::Dependency
-  name: database_cleaner
+  name: timecop
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 1.3.0
+        version: 0.7.0
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 1.3.0
+        version: 0.7.0
 description: Doorkeeper is an OAuth 2 provider for Rails and Grape.
 email:
 - tutecosta@gmail.com
@@ -224,17 +224,18 @@ files:
 - lib/doorkeeper/request/code.rb
 - lib/doorkeeper/request/password.rb
 - lib/doorkeeper/request/refresh_token.rb
+- lib/doorkeeper/request/strategy.rb
 - lib/doorkeeper/request/token.rb
 - lib/doorkeeper/server.rb
 - lib/doorkeeper/validations.rb
 - lib/doorkeeper/version.rb
 - lib/generators/doorkeeper/application_owner_generator.rb
-- lib/generators/doorkeeper/application_scopes_generator.rb
 - lib/generators/doorkeeper/install_generator.rb
 - lib/generators/doorkeeper/migration_generator.rb
+- lib/generators/doorkeeper/previous_refresh_token_generator.rb
 - lib/generators/doorkeeper/templates/README
 - lib/generators/doorkeeper/templates/add_owner_to_application_migration.rb
-- lib/generators/doorkeeper/templates/add_scopes_to_oauth_applications.rb
+- lib/generators/doorkeeper/templates/add_previous_refresh_token_to_access_tokens.rb
 - lib/generators/doorkeeper/templates/initializer.rb
 - lib/generators/doorkeeper/templates/migration.rb
 - lib/generators/doorkeeper/views_generator.rb
@@ -262,6 +263,7 @@ files:
 - spec/dummy/config/environments/development.rb
 - spec/dummy/config/environments/production.rb
 - spec/dummy/config/environments/test.rb
+- spec/dummy/config/initializers/active_record_belongs_to_required_by_default.rb
 - spec/dummy/config/initializers/backtrace_silencers.rb
 - spec/dummy/config/initializers/doorkeeper.rb
 - spec/dummy/config/initializers/secret_token.rb
@@ -271,9 +273,9 @@ files:
 - spec/dummy/config/routes.rb
 - spec/dummy/db/migrate/20111122132257_create_users.rb
 - spec/dummy/db/migrate/20120312140401_add_password_to_users.rb
-- spec/dummy/db/migrate/20130902165751_create_doorkeeper_tables.rb
-- spec/dummy/db/migrate/20130902175349_add_owner_to_application.rb
-- spec/dummy/db/migrate/20141209001746_add_scopes_to_oauth_applications.rb
+- spec/dummy/db/migrate/20151223192035_create_doorkeeper_tables.rb
+- spec/dummy/db/migrate/20151223200000_add_owner_to_application.rb
+- spec/dummy/db/migrate/20160320211015_add_previous_refresh_token_to_access_tokens.rb
 - spec/dummy/db/schema.rb
 - spec/dummy/public/404.html
 - spec/dummy/public/422.html
@@ -303,6 +305,7 @@ files:
 - spec/lib/oauth/client_credentials_request_spec.rb
 - spec/lib/oauth/client_spec.rb
 - spec/lib/oauth/code_request_spec.rb
+- spec/lib/oauth/code_response_spec.rb
 - spec/lib/oauth/error_response_spec.rb
 - spec/lib/oauth/error_spec.rb
 - spec/lib/oauth/forbidden_token_response_spec.rb
@@ -317,6 +320,7 @@ files:
 - spec/lib/oauth/token_request_spec.rb
 - spec/lib/oauth/token_response_spec.rb
 - spec/lib/oauth/token_spec.rb
+- spec/lib/request/strategy_spec.rb
 - spec/lib/server_spec.rb
 - spec/models/doorkeeper/access_grant_spec.rb
 - spec/models/doorkeeper/access_token_spec.rb
@@ -348,6 +352,7 @@ files:
 - spec/support/helpers/model_helper.rb
 - spec/support/helpers/request_spec_helper.rb
 - spec/support/helpers/url_helper.rb
+- spec/support/http_method_shim.rb
 - spec/support/orm/active_record.rb
 - spec/support/shared/controllers_shared_context.rb
 - spec/support/shared/models_shared_examples.rb
@@ -373,7 +378,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubyforge_project:
-rubygems_version: 2.4.5
+rubygems_version: 2.6.2
 signing_key:
 specification_version: 4
 summary: OAuth 2 provider for Rails and Grape
@@ -402,6 +407,7 @@ test_files:
 - spec/dummy/config/environments/development.rb
 - spec/dummy/config/environments/production.rb
 - spec/dummy/config/environments/test.rb
+- spec/dummy/config/initializers/active_record_belongs_to_required_by_default.rb
 - spec/dummy/config/initializers/backtrace_silencers.rb
 - spec/dummy/config/initializers/doorkeeper.rb
 - spec/dummy/config/initializers/secret_token.rb
@@ -411,9 +417,9 @@ test_files:
 - spec/dummy/config/routes.rb
 - spec/dummy/db/migrate/20111122132257_create_users.rb
 - spec/dummy/db/migrate/20120312140401_add_password_to_users.rb
-- spec/dummy/db/migrate/20130902165751_create_doorkeeper_tables.rb
-- spec/dummy/db/migrate/20130902175349_add_owner_to_application.rb
-- spec/dummy/db/migrate/20141209001746_add_scopes_to_oauth_applications.rb
+- spec/dummy/db/migrate/20151223192035_create_doorkeeper_tables.rb
+- spec/dummy/db/migrate/20151223200000_add_owner_to_application.rb
+- spec/dummy/db/migrate/20160320211015_add_previous_refresh_token_to_access_tokens.rb
 - spec/dummy/db/schema.rb
 - spec/dummy/public/404.html
 - spec/dummy/public/422.html
@@ -443,6 +449,7 @@ test_files:
 - spec/lib/oauth/client_credentials_request_spec.rb
 - spec/lib/oauth/client_spec.rb
 - spec/lib/oauth/code_request_spec.rb
+- spec/lib/oauth/code_response_spec.rb
 - spec/lib/oauth/error_response_spec.rb
 - spec/lib/oauth/error_spec.rb
 - spec/lib/oauth/forbidden_token_response_spec.rb
@@ -457,6 +464,7 @@ test_files:
 - spec/lib/oauth/token_request_spec.rb
 - spec/lib/oauth/token_response_spec.rb
 - spec/lib/oauth/token_spec.rb
+- spec/lib/request/strategy_spec.rb
 - spec/lib/server_spec.rb
 - spec/models/doorkeeper/access_grant_spec.rb
 - spec/models/doorkeeper/access_token_spec.rb
@@ -488,8 +496,8 @@ test_files:
 - spec/support/helpers/model_helper.rb
 - spec/support/helpers/request_spec_helper.rb
 - spec/support/helpers/url_helper.rb
+- spec/support/http_method_shim.rb
 - spec/support/orm/active_record.rb
 - spec/support/shared/controllers_shared_context.rb
 - spec/support/shared/models_shared_examples.rb
 - spec/validators/redirect_uri_validator_spec.rb
-has_rdoc:

data/lib/generators/doorkeeper/application_scopes_generator.rb DELETED Viewed

@@ -1,34 +0,0 @@
-require 'rails/generators/active_record'
-class Doorkeeper::ApplicationScopesGenerator < Rails::Generators::Base
-  include Rails::Generators::Migration
-  source_root File.expand_path('../templates', __FILE__)
-  desc 'Copies ActiveRecord migrations to handle upgrade to doorkeeper 2'
-  def self.next_migration_number(path)
-    ActiveRecord::Generators::Base.next_migration_number(path)
-  end
-  def application_scopes
-    if oauth_applications_exists? && !scopes_column_exists?
-      migration_template(
-        'add_scopes_to_oauth_applications.rb',
-        'db/migrate/add_scopes_to_oauth_applications.rb'
-      )
-    end
-  end
-  private
-  def scopes_column_exists?
-    ActiveRecord::Base.connection.column_exists?(
-      :oauth_applications,
-      :scopes
-    )
-  end
-  # Might be running this before install
-  def oauth_applications_exists?
-    ActiveRecord::Base.connection.table_exists? :oauth_applications
-  end
-end

data/lib/generators/doorkeeper/templates/add_scopes_to_oauth_applications.rb DELETED Viewed

@@ -1,5 +0,0 @@
-class AddScopesToOauthApplications < ActiveRecord::Migration
-  def change
-    add_column :oauth_applications, :scopes, :string, null: false, default: ''
-  end
-end

data/spec/dummy/db/migrate/20141209001746_add_scopes_to_oauth_applications.rb DELETED Viewed

@@ -1,5 +0,0 @@
-class AddScopesToOauthApplications < ActiveRecord::Migration
-  def change
-    add_column :oauth_applications, :scopes, :string, null: false, default: ''
-  end
-end

/data/spec/dummy/db/migrate/{20130902175349_add_owner_to_application.rb → 20151223200000_add_owner_to_application.rb} RENAMED Viewed

File without changes