doorkeeper 3.0.1 → 3.1.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 6a81fba54edf374cfc12827a6de4b83736c0ad02
-  data.tar.gz: 90ac8eaf779f57d66a1957bbb245d29fec53ecfa
+  metadata.gz: 03417189314de7b84fcfa05699c35a0346a55035
+  data.tar.gz: e4026de8e9ed39d2bb270abc9efc4e1ccca20775
 SHA512:
-  metadata.gz: b5fe713de5da62552891c73ad8ccd85f07f3e71ec03418c5d9ae363ea762cae8cdb73d1ab976a602af172cca120e4db3845f27ea9307b980ce5ff34ef2fa5c2a
-  data.tar.gz: 861e8d86128858ca338912e096737267c0254092ae4c5054c97b2193be467c42d7487fd7e464646bca648a8ccc2be631936f65d93a77697d67f1ef4e14864820
+  metadata.gz: bbe0a1693809bfc8802a66c50df30a128a527a3f239114ffdc69d46e948ac0516594fe3872f3624157632e91078a0ad64aa1f98932b26bdf389228b22bed246b
+  data.tar.gz: 6d434e7dc34b65d1022914f8fd348c9d1c8e6ef41bb30761411eb0c693531ccb12c87c237c1e54fbcbee11a8dd0bf68c82768a6801f273dab2bcaf1fe96afea6

data/.hound.yml

@@ -1,3 +1,7 @@
+AllCops:
+  Exclude:
+    - "spec/dummy/db/*"
+
 LineLength:
   Exclude:
     - spec/**/*

data/.travis.yml

@@ -1,5 +1,6 @@
-language: ruby
 cache: bundler
+language: ruby
+sudo: false
 
 rvm:
   - 2.0
@@ -13,6 +14,9 @@ env:
   - rails=4.2.0
 
 matrix:
+  exclude:
+    - env: rails=3.2.0
+      rvm: jruby-head
   exclude:
     - env: rails=3.2.0
       rvm: 2.2

data/NEWS.md

@@ -4,6 +4,18 @@ User-visible changes worth mentioning.
 
 ---
 
+## 3.1.0
+
+- [#736] Existing valid tokens are now reused in client_credentials flow
+- [#749] Allow user to raise authorization error with custom messages.
+  Under `resource_owner_authenticator` block a user can
+  `raise Doorkeeper::Errors::DoorkeeperError.new('custom_message')`
+- [#762] Check doesn’t abort the actual migration, so it runs
+- [#722] `doorkeeper_forbidden_render_options` now supports returning a 404 by
+  specifying `respond_not_found_when_forbidden: true` in the
+  `doorkeeper_forbidden_render_options` method.
+- [#734] Simplify and remove duplication in request strategy classes
+
 ## 3.0.1
 
 - [#712] Wrap exchange of grant token for access token and access token refresh

data/README.md

@@ -14,10 +14,12 @@ functionality to your Rails or Grape application.
 ## Documentation valid for `master` branch
 
 Please check the documentation for the version of doorkeeper you are using in:
-https://github.com/doorkeeper-gem/doorkeeper/releases.
+https://github.com/doorkeeper-gem/doorkeeper/releases
 
 ## Table of Contents
 
+<!-- START doctoc generated TOC please keep comment here to allow auto update -->
+<!-- DON'T EDIT THIS SECTION, INSTEAD RE-RUN doctoc TO UPDATE -->
 - [Useful links](#useful-links)
 - [Installation](#installation)
 - [Configuration](#configuration)
@@ -39,12 +41,12 @@ https://github.com/doorkeeper-gem/doorkeeper/releases.
 - [Contributing](#contributing)
 - [Other resources](#other-resources)
     - [Wiki](#wiki)
-    - [Live demo](#live-demo)
     - [Screencast](#screencast)
     - [Client applications](#client-applications)
     - [Contributors](#contributors)
     - [IETF Standards](#ietf-standards)
     - [License](#license)
+<!-- END doctoc generated TOC please keep comment here to allow auto update -->
 
 
 ## Useful links
@@ -259,7 +261,7 @@ have both `:admin` and `:write` scopes.
 
 ### Custom Access Token Generator
 
-By default a 32 bit access token will be generated. If you require a custom
+By default a 128 bit access token will be generated. If you require a custom
 token, such as [JWT](http://jwt.io), specify an object that responds to
 `.generate(options = {})` and returns a string to be used as the token.
 
@@ -333,6 +335,8 @@ notes](https://github.com/doorkeeper-gem/doorkeeper/wiki/Migration-from-old-vers
 and take a look at the
 [changelog](https://github.com/doorkeeper-gem/doorkeeper/blob/master/NEWS.md).
 
+Doorkeeper follows [semantic versioning](http://semver.org/).
+
 ## Development
 
 To run the local engine server:
@@ -369,12 +373,6 @@ page](https://github.com/doorkeeper-gem/doorkeeper/wiki/Contributing).
 You can find everything about doorkeeper in our [wiki
 here](https://github.com/doorkeeper-gem/doorkeeper/wiki).
 
-### Live demo
-
-Check out this [live demo](http://doorkeeper-provider.herokuapp.com) hosted on
-heroku. For more demos check out [the
-wiki](https://github.com/doorkeeper-gem/doorkeeper/wiki/Example-Applications).
-
 ### Screencast
 
 Check out this screencast from [railscasts.com](http://railscasts.com/): [#353
@@ -392,7 +390,7 @@ here](https://github.com/doorkeeper-gem/doorkeeper/wiki/Testing-your-provider-wi
 ### Contributors
 
 Thanks to all our [awesome
-contributors](https://github.com/doorkeeper-gem/doorkeeper/contributors)!
+contributors](https://github.com/doorkeeper-gem/doorkeeper/graphs/contributors)!
 
 
 ### IETF Standards
@@ -404,4 +402,3 @@ contributors](https://github.com/doorkeeper-gem/doorkeeper/contributors)!
 ### License
 
 MIT License. Copyright 2011 Applicake.
-[http://applicake.com](http://applicake.com)

data/app/assets/stylesheets/doorkeeper/admin/application.css

@@ -5,10 +5,6 @@
  *= require_tree .
 */
 
-body {
-  padding-top: 60px;
-}
-
 td {
-    vertical-align: middle !important;
+  vertical-align: middle !important;
 }

data/app/views/layouts/doorkeeper/admin.html.erb

@@ -9,8 +9,8 @@
   <%= csrf_meta_tags %>
 </head>
 <body>
-<div class="navbar navbar-inverse navbar-fixed-top" role="navigation">
-  <div class="container">
+<div class="navbar navbar-inverse navbar-static-top" role="navigation">
+  <div class="container-fluid">
     <div class="navbar-header">
       <%= link_to t('doorkeeper.layouts.admin.nav.oauth2_provider'), oauth_applications_path, class: 'navbar-brand' %>
     </div>
@@ -18,6 +18,9 @@
       <%= content_tag :li, class: "#{'active' if request.path == oauth_applications_path}" do %>
         <%= link_to t('doorkeeper.layouts.admin.nav.applications'), oauth_applications_path %>
       <% end %>
+      <%= content_tag :li do %>
+        <%= link_to 'Home', root_path %>
+      <% end %>
     </ul>
   </div>
 </div>

data/doorkeeper.gemspec

@@ -18,7 +18,7 @@ Gem::Specification.new do |s|
 
   s.add_dependency "railties", ">= 3.2"
 
-  s.add_development_dependency "rspec-rails", "~> 3.2.0"
+  s.add_development_dependency "rspec-rails", "~> 3.4.0"
   s.add_development_dependency "capybara", "~> 2.3.0"
   s.add_development_dependency "generator_spec", "~> 0.9.0"
   s.add_development_dependency "factory_girl", "~> 4.5.0"

data/lib/doorkeeper/helpers/controller.rb

@@ -45,6 +45,8 @@ module Doorkeeper
                        :invalid_request
                      when Errors::InvalidGrantReuse
                        :invalid_grant
+                     when Errors::DoorkeeperError
+                       exception.message
                      end
 
         OAuth::ErrorResponse.new name: error_name, state: params[:state]

data/lib/doorkeeper/oauth/client_credentials/creator.rb

@@ -3,10 +3,9 @@ module Doorkeeper
     class ClientCredentialsRequest
       class Creator
         def call(client, scopes, attributes = {})
-          AccessToken.create(attributes.merge(
-            application_id: client.id,
-            scopes: scopes.to_s
-          ))
+          AccessToken.find_or_create_for(
+            client, nil, scopes, attributes[:expires_in],
+            attributes[:use_refresh_token])
         end
       end
     end

data/lib/doorkeeper/oauth/error.rb

@@ -2,7 +2,11 @@ module Doorkeeper
   module OAuth
     class Error < Struct.new(:name, :state)
       def description
-        I18n.translate name, scope: [:doorkeeper, :errors, :messages]
+        I18n.translate(
+          name,
+          scope: [:doorkeeper, :errors, :messages],
+          default: :server_error
+        )
       end
     end
   end

data/lib/doorkeeper/orm/active_record.rb

@@ -25,11 +25,12 @@ module Doorkeeper
              Doorkeeper::Application.table_name
            )
           unless Doorkeeper::Application.new.attributes.include?("scopes")
-            fail <<-MSG.squish
+            migration_path = '../../../generators/doorkeeper/templates/add_scopes_to_oauth_applications.rb'
+            puts <<-MSG.squish
 [doorkeeper] Missing column: `oauth_applications.scopes`.
-Run `rails generate doorkeeper:application_scopes
-&& rake db:migrate` to add it.
+Create the following migration and run `rake db:migrate`.
             MSG
+            puts File.read(File.expand_path(migration_path, __FILE__))
           end
         end
       end

data/lib/doorkeeper/rails/helpers.rb

@@ -31,10 +31,12 @@ module Doorkeeper
 
       def doorkeeper_render_error_with(error)
         options = doorkeeper_render_options(error) || {}
+        status = doorkeeper_status_for_error(
+          error, options.delete(:respond_not_found_when_forbidden))
         if options.blank?
-          head error.status
+          head status
         else
-          options[:status] = error.status
+          options[:status] = status
           options[:layout] = false if options[:layout].nil?
           render options
         end
@@ -56,6 +58,14 @@ module Doorkeeper
         end
       end
 
+      def doorkeeper_status_for_error(error, respond_not_found_when_forbidden)
+        if respond_not_found_when_forbidden && error.status == :forbidden
+          :not_found
+        else
+          error.status
+        end
+      end
+
       def doorkeeper_invalid_token_response?
         !doorkeeper_token || !doorkeeper_token.accessible?
       end

data/lib/doorkeeper/request.rb

@@ -9,22 +9,32 @@ module Doorkeeper
   module Request
     module_function
 
-    def authorization_strategy(strategy)
-      get_strategy strategy, Doorkeeper.configuration.authorization_response_types
+    def authorization_strategy(response_type)
+      get_strategy response_type, authorization_response_types
     rescue NameError
       raise Errors::InvalidAuthorizationStrategy
     end
 
-    def token_strategy(strategy)
-      get_strategy strategy, Doorkeeper.configuration.token_grant_types
+    def token_strategy(grant_type)
+      get_strategy grant_type, token_grant_types
     rescue NameError
       raise Errors::InvalidTokenStrategy
     end
 
-    def get_strategy(strategy, available)
-      fail Errors::MissingRequestStrategy unless strategy.present?
-      fail NameError unless available.include?(strategy.to_s)
-      "Doorkeeper::Request::#{strategy.to_s.camelize}".constantize
+    def get_strategy(grant_or_request_type, available)
+      fail Errors::MissingRequestStrategy unless grant_or_request_type.present?
+      fail NameError unless available.include?(grant_or_request_type.to_s)
+      "Doorkeeper::Request::#{grant_or_request_type.to_s.camelize}".constantize
     end
+
+    def authorization_response_types
+      Doorkeeper.configuration.authorization_response_types
+    end
+    private_class_method :authorization_response_types
+
+    def token_grant_types
+      Doorkeeper.configuration.token_grant_types
+    end
+    private_class_method :token_grant_types
   end
 end

data/lib/doorkeeper/request/authorization_code.rb

@@ -1,22 +1,17 @@
+require 'doorkeeper/request/strategy'
+
 module Doorkeeper
   module Request
-    class AuthorizationCode
-      def self.build(server)
-        new(server.grant, server.client, server)
-      end
-
-      attr_accessor :grant, :client, :server
-
-      def initialize(grant, client, server)
-        @grant, @client, @server = grant, client, server
-      end
+    class AuthorizationCode < Strategy
+      delegate :grant, :client, :parameters, to: :server
 
       def request
-        @request ||= OAuth::AuthorizationCodeRequest.new(Doorkeeper.configuration, grant, client, server.parameters)
-      end
-
-      def authorize
-        request.authorize
+        @request ||= OAuth::AuthorizationCodeRequest.new(
+          Doorkeeper.configuration,
+          grant,
+          client,
+          parameters
+        )
       end
     end
   end

data/lib/doorkeeper/request/client_credentials.rb

@@ -1,22 +1,16 @@
+require 'doorkeeper/request/strategy'
+
 module Doorkeeper
   module Request
-    class ClientCredentials
-      def self.build(server)
-        new(server.client, server)
-      end
-
-      attr_accessor :client, :server
-
-      def initialize(client, server)
-        @client, @server = client, server
-      end
+    class ClientCredentials < Strategy
+      delegate :client, :parameters, to: :server
 
       def request
-        @request ||= OAuth::ClientCredentialsRequest.new(Doorkeeper.configuration, client, server.parameters)
-      end
-
-      def authorize
-        request.authorize
+        @request ||= OAuth::ClientCredentialsRequest.new(
+          Doorkeeper.configuration,
+          client,
+          parameters
+        )
       end
     end
   end

data/lib/doorkeeper/request/code.rb

@@ -1,22 +1,16 @@
+require 'doorkeeper/request/strategy'
+
 module Doorkeeper
   module Request
-    class Code
-      def self.build(server)
-        new(server.context.send(:pre_auth), server)
-      end
-
-      attr_accessor :pre_auth, :server
+    class Code < Strategy
+      delegate :current_resource_owner, to: :server
 
-      def initialize(pre_auth, server)
-        @pre_auth, @server = pre_auth, server
+      def pre_auth
+        server.context.send(:pre_auth)
       end
 
       def request
-        @request ||= OAuth::CodeRequest.new(pre_auth, server.current_resource_owner)
-      end
-
-      def authorize
-        request.authorize
+        @request ||= OAuth::CodeRequest.new(pre_auth, current_resource_owner)
       end
     end
   end

data/lib/doorkeeper/request/password.rb

@@ -1,22 +1,17 @@
+require 'doorkeeper/request/strategy'
+
 module Doorkeeper
   module Request
-    class Password
-      def self.build(server)
-        new(server.credentials, server.resource_owner, server)
-      end
-
-      attr_accessor :credentials, :resource_owner, :server
-
-      def initialize(credentials, resource_owner, server)
-        @credentials, @resource_owner, @server = credentials, resource_owner, server
-      end
+    class Password < Strategy
+      delegate :credentials, :resource_owner, :parameters, to: :server
 
       def request
-        @request ||= OAuth::PasswordAccessTokenRequest.new(Doorkeeper.configuration, credentials, resource_owner, server.parameters)
-      end
-
-      def authorize
-        request.authorize
+        @request ||= OAuth::PasswordAccessTokenRequest.new(
+          Doorkeeper.configuration,
+          credentials,
+          resource_owner,
+          parameters
+        )
       end
     end
   end

data/lib/doorkeeper/request/refresh_token.rb

@@ -1,22 +1,20 @@
+require 'doorkeeper/request/strategy'
+
 module Doorkeeper
   module Request
-    class RefreshToken
-      def self.build(server)
-        new(server.current_refresh_token, server.credentials, server)
-      end
-
-      attr_accessor :refresh_token, :credentials, :server
+    class RefreshToken < Strategy
+      delegate :credentials, :parameters, to: :server
 
-      def initialize(refresh_token, credentials, server)
-        @refresh_token, @credentials, @server = refresh_token, credentials, server
+      def refresh_token
+        server.current_refresh_token
       end
 
       def request
-        @request ||= OAuth::RefreshTokenRequest.new(Doorkeeper.configuration, refresh_token, credentials, server.parameters)
-      end
-
-      def authorize
-        request.authorize
+        @request ||= OAuth::RefreshTokenRequest.new(
+          Doorkeeper.configuration,
+          refresh_token, credentials,
+          parameters
+        )
       end
     end
   end

data/lib/doorkeeper/request/strategy.rb

@@ -0,0 +1,17 @@
+module Doorkeeper
+  module Request
+    class Strategy
+      attr_accessor :server
+
+      delegate :authorize, to: :request
+
+      def initialize(server)
+        self.server = server
+      end
+
+      def request
+        raise NotImplementedError, "request strategies must define #request"
+      end
+    end
+  end
+end

data/lib/doorkeeper/request/token.rb

@@ -1,22 +1,16 @@
+require 'doorkeeper/request/strategy'
+
 module Doorkeeper
   module Request
-    class Token
-      def self.build(server)
-        new(server.context.send(:pre_auth), server)
-      end
-
-      attr_accessor :pre_auth, :server
+    class Token < Strategy
+      delegate :current_resource_owner, to: :server
 
-      def initialize(pre_auth, server)
-        @pre_auth, @server = pre_auth, server
+      def pre_auth
+        server.context.send(:pre_auth)
       end
 
       def request
-        @request ||= OAuth::TokenRequest.new(pre_auth, server.current_resource_owner)
-      end
-
-      def authorize
-        request.authorize
+        @request ||= OAuth::TokenRequest.new(pre_auth, current_resource_owner)
       end
     end
   end

data/lib/doorkeeper/server.rb

@@ -8,12 +8,12 @@ module Doorkeeper
 
     def authorization_request(strategy)
       klass = Request.authorization_strategy strategy
-      klass.build self
+      klass.new self
     end
 
     def token_request(strategy)
       klass = Request.token_strategy strategy
-      klass.build self
+      klass.new self
     end
 
     # TODO: context should be the request

data/lib/doorkeeper/version.rb

@@ -1,3 +1,3 @@
 module Doorkeeper
-  VERSION = '3.0.1'
+  VERSION = "3.1.0"
 end

data/spec/controllers/protected_resources_controller_spec.rb

@@ -165,7 +165,7 @@ describe 'doorkeeper authorize filter' do
         end
       end
 
-      it 'it renders a custom JSON response', token: :invalid do
+      it 'it renders a custom text response', token: :invalid do
         get :index, access_token: token_string
         expect(response.status).to eq 401
         expect(response.content_type).to eq('text/html')
@@ -174,4 +174,98 @@ describe 'doorkeeper authorize filter' do
       end
     end
   end
+
+  context 'when custom forbidden render options are configured' do
+    before do
+      expect(Doorkeeper::AccessToken).to receive(:by_token).with(token_string).and_return(token)
+      expect(token).to receive(:acceptable?).with([:write]).and_return(false)
+    end
+
+    after do
+      module ControllerActions
+        def doorkeeper_forbidden_render_options(*)
+        end
+      end
+    end
+
+    controller do
+      before_filter -> { doorkeeper_authorize! :write }
+
+      include ControllerActions
+    end
+
+    let(:token) do
+      double(Doorkeeper::AccessToken,
+             accessible?: true, scopes: ['public'], revoked?: false, expired?: false)
+    end
+    let(:token_string) { '1A2DUWE' }
+
+    context 'with a JSON custom render' do
+      before do
+        module ControllerActions
+          def doorkeeper_forbidden_render_options(*)
+            { json: { error_message: 'Forbidden' } }
+          end
+        end
+      end
+
+      it 'renders a custom JSON response' do
+        get :index, access_token: token_string
+        expect(response.header).to_not include('WWW-Authenticate')
+        expect(response.content_type).to eq('application/json')
+        expect(response.status).to eq 403
+        parsed_body = JSON.parse(response.body)
+        expect(parsed_body).not_to be_nil
+        expect(parsed_body['error_message']).to match('Forbidden')
+      end
+    end
+
+    context 'with a status and JSON custom render' do
+      before do
+        module ControllerActions
+          def doorkeeper_forbidden_render_options(*)
+            { json: { error_message: 'Not Found' },
+              respond_not_found_when_forbidden: true }
+          end
+        end
+      end
+
+      it 'overrides the default status code' do
+        get :index, access_token: token_string
+        expect(response.status).to eq 404
+      end
+    end
+
+    context 'with a text custom render' do
+      before do
+        module ControllerActions
+          def doorkeeper_forbidden_render_options(*)
+            { text: 'Forbidden' }
+          end
+        end
+      end
+
+      it 'renders a custom status code and text response' do
+        get :index, access_token: token_string
+        expect(response.header).to_not include('WWW-Authenticate')
+        expect(response.status).to eq 403
+        expect(response.body).to eq('Forbidden')
+      end
+    end
+
+    context 'with a status and text custom render' do
+      before do
+        module ControllerActions
+          def doorkeeper_forbidden_render_options(*)
+            { respond_not_found_when_forbidden: true, text: 'Not Found' }
+          end
+        end
+      end
+
+      it 'overrides the default status code' do
+        get :index, access_token: token_string
+        expect(response.status).to eq 404
+      end
+    end
+  end
 end

data/spec/controllers/tokens_controller_spec.rb

@@ -31,6 +31,36 @@ describe Doorkeeper::TokensController do
     end
   end
 
+  describe 'when there is a failure due to a custom error' do
+    it 'returns the error response with a custom message' do
+      # I18n looks for `doorkeeper.errors.messages.custom_message` in locale files
+      custom_message = "my_message"
+      allow(I18n).to receive(:translate).
+        with(
+          custom_message,
+          hash_including(scope: [:doorkeeper, :errors, :messages]),
+        ).
+        and_return('Authorization custom message')
+
+      doorkeeper_error = Doorkeeper::Errors::DoorkeeperError.new(custom_message)
+
+      strategy = double(:strategy)
+      request = double(token_request: strategy)
+      allow(strategy).to receive(:authorize).and_raise(doorkeeper_error)
+      allow(controller).to receive(:server).and_return(request)
+
+      post :create
+
+      expected_response_body = {
+        "error"             => custom_message,
+        "error_description" => "Authorization custom message"
+      }
+      expect(response.status).to eq 401
+      expect(response.headers['WWW-Authenticate']).to match(/Bearer/)
+      expect(JSON.load(response.body)).to eq expected_response_body
+    end
+  end
+
   describe 'when revoke authorization has failed' do
     # http://tools.ietf.org/html/rfc7009#section-2.2
     it 'returns no error response' do

data/spec/lib/oauth/client_credentials/creator_spec.rb

@@ -11,8 +11,32 @@ class Doorkeeper::OAuth::ClientCredentialsRequest
       end.to change { Doorkeeper::AccessToken.count }.by(1)
     end
 
+    context "when reuse_access_token is true" do
+      it "returns the existing valid token" do
+        allow(Doorkeeper.configuration).to receive(:reuse_access_token).and_return(true)
+        existing_token = subject.call(client, scopes)
+
+        result = subject.call(client, scopes)
+
+        expect(Doorkeeper::AccessToken.count).to eq(1)
+        expect(result).to eq(existing_token)
+      end
+    end
+
+    context "when reuse_access_token is false" do
+      it "returns a new token" do
+        allow(Doorkeeper.configuration).to receive(:reuse_access_token).and_return(false)
+        existing_token = subject.call(client, scopes)
+
+        result = subject.call(client, scopes)
+
+        expect(Doorkeeper::AccessToken.count).to eq(2)
+        expect(result).not_to eq(existing_token)
+      end
+    end
+
     it 'returns false if creation fails' do
-      expect(Doorkeeper::AccessToken).to receive(:create).and_return(false)
+      expect(Doorkeeper::AccessToken).to receive(:find_or_create_for).and_return(false)
       created = subject.call(client, scopes)
       expect(created).to be_falsey
     end

data/spec/lib/oauth/error_response_spec.rb

@@ -37,9 +37,9 @@ module Doorkeeper::OAuth
       subject { ErrorResponse.new(name: :some_error, state: :some_state).body }
 
       describe '#body' do
-        it { should have_key(:error) }
-        it { should have_key(:error_description) }
-        it { should have_key(:state) }
+        it { expect(subject).to have_key(:error) }
+        it { expect(subject).to have_key(:error_description) }
+        it { expect(subject).to have_key(:state) }
       end
     end
 
@@ -47,15 +47,15 @@ module Doorkeeper::OAuth
       let(:error_response) { ErrorResponse.new(name: :some_error, state: :some_state) }
       subject { error_response.authenticate_info }
 
-      it { should include("realm=\"#{error_response.realm}\"") }
-      it { should include("error=\"#{error_response.name}\"") }
-      it { should include("error_description=\"#{error_response.description}\"") }
+      it { expect(subject).to include("realm=\"#{error_response.realm}\"") }
+      it { expect(subject).to include("error=\"#{error_response.name}\"") }
+      it { expect(subject).to include("error_description=\"#{error_response.description}\"") }
     end
 
     describe '.headers' do
       subject { ErrorResponse.new(name: :some_error, state: :some_state).headers }
 
-      it { should include 'WWW-Authenticate' }
+      it { expect(subject).to include 'WWW-Authenticate' }
     end
   end
 end

data/spec/lib/oauth/error_spec.rb

@@ -4,15 +4,19 @@ require 'doorkeeper/oauth/error'
 
 module Doorkeeper::OAuth
   describe Error do
-    subject { Error.new(:some_error, :some_state) }
+    subject(:error) { Error.new(:some_error, :some_state) }
 
-    it { should respond_to(:name) }
-    it { should respond_to(:state) }
+    it { expect(subject).to respond_to(:name) }
+    it { expect(subject).to respond_to(:state) }
 
     describe :description do
       it 'is translated from translation messages' do
-        expect(I18n).to receive(:translate).with(:some_error, scope: [:doorkeeper, :errors, :messages])
-        subject.description
+        expect(I18n).to receive(:translate).with(
+          :some_error,
+          scope: [:doorkeeper, :errors, :messages],
+          default: :server_error
+        )
+        error.description
       end
     end
   end

data/spec/lib/oauth/scopes_spec.rb

@@ -47,7 +47,7 @@ module Doorkeeper::OAuth
 
       subject { Scopes.from_string(string) }
 
-      it { should be_a(Scopes) }
+      it { expect(subject).to be_a(Scopes) }
 
       describe '#all' do
         it 'should be an array of the expected scopes' do

data/spec/lib/request/strategy_spec.rb

@@ -0,0 +1,53 @@
+require 'spec_helper'
+require 'doorkeeper/request/strategy'
+
+module Doorkeeper
+  module Request
+    describe Strategy do
+      let(:server) { double }
+      subject(:strategy) { Strategy.new(server) }
+
+      describe :initialize do
+        it "sets the server attribute" do
+          expect(strategy.server).to eq server
+        end
+      end
+
+      describe :request do
+        it "requires an implementation" do
+          expect { strategy.request }.to raise_exception NotImplementedError
+        end
+      end
+
+      describe "a sample Strategy subclass" do
+        let(:fake_request) { double }
+
+        let(:strategy_class) do
+          subclass = Class.new(Strategy) do
+            class << self
+              attr_accessor :fake_request
+            end
+
+            def request
+              self.class.fake_request
+            end
+          end
+
+          subclass.fake_request = fake_request
+          subclass
+        end
+
+        subject(:strategy) { strategy_class.new(server) }
+
+        it "provides a request implementation" do
+          expect(strategy.request).to eq fake_request
+        end
+
+        it "authorizes the request" do
+          expect(fake_request).to receive :authorize
+          strategy.authorize
+        end
+      end
+    end
+  end
+end

data/spec/lib/server_spec.rb

@@ -45,7 +45,7 @@ describe Doorkeeper::Server do
 
     it 'builds the request with selected strategy' do
       stub_const 'Doorkeeper::Request::Code', fake_class
-      expect(fake_class).to receive(:build).with(subject)
+      expect(fake_class).to receive(:new).with(subject)
       subject.authorization_request :code
     end
   end

data/spec/models/doorkeeper/access_grant_spec.rb

@@ -3,7 +3,7 @@ require 'spec_helper_integration'
 describe Doorkeeper::AccessGrant do
   subject { FactoryGirl.build(:access_grant) }
 
-  it { should be_valid }
+  it { expect(subject).to be_valid }
 
   it_behaves_like 'an accessible token'
   it_behaves_like 'a revocable token'
@@ -14,23 +14,23 @@ describe Doorkeeper::AccessGrant do
   describe 'validations' do
     it 'is invalid without resource_owner_id' do
       subject.resource_owner_id = nil
-      should_not be_valid
+      expect(subject).not_to be_valid
     end
 
     it 'is invalid without application_id' do
       subject.application_id = nil
-      should_not be_valid
+      expect(subject).not_to be_valid
     end
 
     it 'is invalid without token' do
       subject.save
       subject.token = nil
-      should_not be_valid
+      expect(subject).not_to be_valid
     end
 
     it 'is invalid without expires_in' do
       subject.expires_in = nil
-      should_not be_valid
+      expect(subject).not_to be_valid
     end
   end
 end

data/spec/models/doorkeeper/access_token_spec.rb

@@ -4,7 +4,7 @@ module Doorkeeper
   describe AccessToken do
     subject { FactoryGirl.build(:access_token) }
 
-    it { should be_valid }
+    it { expect(subject).to be_valid }
 
     it_behaves_like 'an accessible token'
     it_behaves_like 'a revocable token'
@@ -141,7 +141,7 @@ module Doorkeeper
       it 'is valid without resource_owner_id' do
         # For client credentials flow
         subject.resource_owner_id = nil
-        should be_valid
+        expect(subject).to be_valid
       end
     end
 

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: doorkeeper
 version: !ruby/object:Gem::Version
-  version: 3.0.1
+  version: 3.1.0
 platform: ruby
 authors:
 - Felipe Elias Philipp
@@ -9,7 +9,7 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2015-09-24 00:00:00.000000000 Z
+date: 2015-12-23 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: railties
@@ -31,14 +31,14 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 3.2.0
+        version: 3.4.0
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 3.2.0
+        version: 3.4.0
 - !ruby/object:Gem::Dependency
   name: capybara
   requirement: !ruby/object:Gem::Requirement
@@ -210,6 +210,7 @@ files:
 - lib/doorkeeper/request/code.rb
 - lib/doorkeeper/request/password.rb
 - lib/doorkeeper/request/refresh_token.rb
+- lib/doorkeeper/request/strategy.rb
 - lib/doorkeeper/request/token.rb
 - lib/doorkeeper/server.rb
 - lib/doorkeeper/validations.rb
@@ -303,6 +304,7 @@ files:
 - spec/lib/oauth/token_request_spec.rb
 - spec/lib/oauth/token_response_spec.rb
 - spec/lib/oauth/token_spec.rb
+- spec/lib/request/strategy_spec.rb
 - spec/lib/server_spec.rb
 - spec/models/doorkeeper/access_grant_spec.rb
 - spec/models/doorkeeper/access_token_spec.rb
@@ -359,7 +361,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubyforge_project: 
-rubygems_version: 2.4.5.1
+rubygems_version: 2.5.1
 signing_key: 
 specification_version: 4
 summary: OAuth 2 provider for Rails and Grape
@@ -443,6 +445,7 @@ test_files:
 - spec/lib/oauth/token_request_spec.rb
 - spec/lib/oauth/token_response_spec.rb
 - spec/lib/oauth/token_spec.rb
+- spec/lib/request/strategy_spec.rb
 - spec/lib/server_spec.rb
 - spec/models/doorkeeper/access_grant_spec.rb
 - spec/models/doorkeeper/access_token_spec.rb