RubyGems - doorkeeper - Versions diffs - 3.1.0 → 4.2.6 - Mend

doorkeeper 3.1.0 → 4.2.6

Potentially problematic release.

This version of doorkeeper might be problematic. Click here for more details.

Files changed (137) hide show

checksums.yaml +4 -4
data/.coveralls.yml +1 -0
data/.gitignore +5 -0
data/.travis.yml +16 -12
data/Appraisals +14 -0
data/CONTRIBUTING.md +2 -0
data/Gemfile +5 -5
data/NEWS.md +83 -2
data/README.md +73 -43
data/RELEASING.md +5 -12
data/Rakefile +1 -1
data/app/controllers/doorkeeper/application_controller.rb +3 -1
data/app/controllers/doorkeeper/application_metal_controller.rb +3 -2
data/app/controllers/doorkeeper/applications_controller.rb +3 -7
data/app/controllers/doorkeeper/authorizations_controller.rb +1 -1
data/app/controllers/doorkeeper/authorized_applications_controller.rb +1 -1
data/app/controllers/doorkeeper/tokens_controller.rb +50 -14
data/app/helpers/doorkeeper/dashboard_helper.rb +13 -11
data/app/views/doorkeeper/applications/_delete_form.html.erb +1 -2
data/app/views/doorkeeper/applications/_form.html.erb +1 -1
data/app/views/doorkeeper/applications/show.html.erb +1 -1
data/app/views/doorkeeper/authorizations/new.html.erb +1 -1
data/app/views/doorkeeper/authorized_applications/_delete_form.html.erb +1 -2
data/app/views/layouts/doorkeeper/admin.html.erb +1 -1
data/config/locales/en.yml +3 -2
data/doorkeeper.gemspec +12 -10
data/gemfiles/rails_4_2.gemfile +11 -0
data/gemfiles/rails_5_0.gemfile +12 -0
data/gemfiles/rails_5_1.gemfile +13 -0
data/lib/doorkeeper/config.rb +73 -16
data/lib/doorkeeper/engine.rb +11 -7
data/lib/doorkeeper/errors.rb +18 -0
data/lib/doorkeeper/grape/helpers.rb +2 -1
data/lib/doorkeeper/helpers/controller.rb +8 -23
data/lib/doorkeeper/models/access_grant_mixin.rb +21 -5
data/lib/doorkeeper/models/access_token_mixin.rb +145 -23
data/lib/doorkeeper/models/application_mixin.rb +21 -9
data/lib/doorkeeper/models/concerns/accessible.rb +4 -0
data/lib/doorkeeper/models/concerns/expirable.rb +10 -2
data/lib/doorkeeper/models/concerns/ownership.rb +6 -1
data/lib/doorkeeper/models/concerns/revocable.rb +37 -2
data/lib/doorkeeper/oauth/authorization/uri_builder.rb +20 -18
data/lib/doorkeeper/oauth/authorization_code_request.rb +1 -4
data/lib/doorkeeper/oauth/{request_concern.rb → base_request.rb} +3 -1
data/lib/doorkeeper/oauth/base_response.rb +29 -0
data/lib/doorkeeper/oauth/client/credentials.rb +17 -6
data/lib/doorkeeper/oauth/client.rb +0 -1
data/lib/doorkeeper/oauth/client_credentials/creator.rb +1 -1
data/lib/doorkeeper/oauth/client_credentials/issuer.rb +3 -2
data/lib/doorkeeper/oauth/client_credentials/validation.rb +1 -1
data/lib/doorkeeper/oauth/client_credentials_request.rb +8 -8
data/lib/doorkeeper/oauth/code_response.rb +16 -16
data/lib/doorkeeper/oauth/error_response.rb +9 -8
data/lib/doorkeeper/oauth/helpers/scope_checker.rb +1 -1
data/lib/doorkeeper/oauth/helpers/uri_checker.rb +2 -1
data/lib/doorkeeper/oauth/invalid_token_response.rb +2 -0
data/lib/doorkeeper/oauth/password_access_token_request.rb +7 -13
data/lib/doorkeeper/oauth/refresh_token_request.rb +22 -14
data/lib/doorkeeper/oauth/scopes.rb +2 -2
data/lib/doorkeeper/oauth/token.rb +20 -21
data/lib/doorkeeper/oauth/token_request.rb +1 -2
data/lib/doorkeeper/oauth/token_response.rb +1 -1
data/lib/doorkeeper/orm/active_record/access_token.rb +25 -0
data/lib/doorkeeper/orm/active_record/application.rb +12 -12
data/lib/doorkeeper/orm/active_record.rb +0 -16
data/lib/doorkeeper/rails/helpers.rb +1 -3
data/lib/doorkeeper/rails/routes/mapper.rb +4 -4
data/lib/doorkeeper/rails/routes/mapping.rb +1 -1
data/lib/doorkeeper/rails/routes.rb +4 -4
data/lib/doorkeeper/request/authorization_code.rb +7 -1
data/lib/doorkeeper/request/password.rb +11 -1
data/lib/doorkeeper/request/refresh_token.rb +1 -1
data/lib/doorkeeper/server.rb +0 -8
data/lib/doorkeeper/version.rb +1 -1
data/lib/doorkeeper.rb +8 -2
data/lib/generators/doorkeeper/previous_refresh_token_generator.rb +29 -0
data/lib/generators/doorkeeper/templates/add_owner_to_application_migration.rb +1 -1
data/lib/generators/doorkeeper/templates/add_previous_refresh_token_to_access_tokens.rb +11 -0
data/lib/generators/doorkeeper/templates/initializer.rb +8 -3
data/lib/generators/doorkeeper/templates/migration.rb +23 -5
data/spec/controllers/application_metal_controller.rb +10 -0
data/spec/controllers/authorizations_controller_spec.rb +39 -24
data/spec/controllers/protected_resources_controller_spec.rb +47 -18
data/spec/controllers/tokens_controller_spec.rb +1 -1
data/spec/dummy/app/controllers/full_protected_resources_controller.rb +4 -4
data/spec/dummy/app/controllers/home_controller.rb +1 -1
data/spec/dummy/app/controllers/metal_controller.rb +1 -1
data/spec/dummy/app/controllers/semi_protected_resources_controller.rb +3 -3
data/spec/dummy/app/models/user.rb +0 -4
data/spec/dummy/config/application.rb +2 -36
data/spec/dummy/config/environment.rb +1 -1
data/spec/dummy/config/environments/test.rb +4 -15
data/spec/dummy/config/initializers/active_record_belongs_to_required_by_default.rb +6 -0
data/spec/dummy/config/initializers/doorkeeper.rb +2 -2
data/spec/dummy/db/migrate/{20130902165751_create_doorkeeper_tables.rb → 20151223192035_create_doorkeeper_tables.rb} +24 -5
data/spec/dummy/db/migrate/{20130902175349_add_owner_to_application.rb → 20151223200000_add_owner_to_application.rb} +0 -0
data/spec/dummy/db/migrate/20160320211015_add_previous_refresh_token_to_access_tokens.rb +11 -0
data/spec/dummy/db/schema.rb +23 -22
data/spec/factories.rb +3 -1
data/spec/lib/config_spec.rb +19 -2
data/spec/lib/doorkeeper_spec.rb +135 -13
data/spec/lib/models/expirable_spec.rb +0 -1
data/spec/lib/models/revocable_spec.rb +27 -4
data/spec/lib/oauth/authorization/uri_builder_spec.rb +1 -2
data/spec/lib/oauth/authorization_code_request_spec.rb +1 -1
data/spec/lib/oauth/base_request_spec.rb +160 -0
data/spec/lib/oauth/base_response_spec.rb +45 -0
data/spec/lib/oauth/client/credentials_spec.rb +41 -0
data/spec/lib/oauth/code_response_spec.rb +34 -0
data/spec/lib/oauth/error_response_spec.rb +9 -9
data/spec/lib/oauth/invalid_token_response_spec.rb +36 -8
data/spec/lib/oauth/password_access_token_request_spec.rb +5 -5
data/spec/lib/oauth/refresh_token_request_spec.rb +34 -3
data/spec/lib/oauth/scopes_spec.rb +0 -1
data/spec/lib/oauth/token_spec.rb +12 -5
data/spec/lib/server_spec.rb +0 -3
data/spec/models/doorkeeper/access_token_spec.rb +45 -1
data/spec/models/doorkeeper/application_spec.rb +3 -11
data/spec/requests/endpoints/authorization_spec.rb +5 -6
data/spec/requests/flows/authorization_code_errors_spec.rb +11 -1
data/spec/requests/flows/authorization_code_spec.rb +4 -12
data/spec/requests/flows/password_spec.rb +26 -5
data/spec/requests/flows/refresh_token_spec.rb +87 -17
data/spec/requests/flows/revoke_token_spec.rb +100 -86
data/spec/spec_helper.rb +2 -0
data/spec/spec_helper_integration.rb +8 -1
data/spec/support/helpers/model_helper.rb +27 -5
data/spec/support/helpers/request_spec_helper.rb +12 -4
data/spec/support/http_method_shim.rb +38 -0
data/spec/support/shared/controllers_shared_context.rb +13 -4
data/spec/support/shared/models_shared_examples.rb +1 -1
metadata +72 -42
data/lib/doorkeeper/oauth/client/methods.rb +0 -18
data/lib/generators/doorkeeper/application_scopes_generator.rb +0 -34
data/lib/generators/doorkeeper/templates/add_scopes_to_oauth_applications.rb +0 -5
data/spec/dummy/db/migrate/20141209001746_add_scopes_to_oauth_applications.rb +0 -5
data/spec/lib/oauth/client/methods_spec.rb +0 -54

data/app/views/doorkeeper/applications/show.html.erb CHANGED Viewed

@@ -22,7 +22,7 @@
             <code><%= uri %></code>
           </td>
           <td>
-            <%= link_to t('doorkeeper.applications.buttons.authorize'), oauth_authorization_path(client_id: @application.uid, redirect_uri: uri, response_type: 'code'), class: 'btn btn-success', target: '_blank' %>
+            <%= link_to t('doorkeeper.applications.buttons.authorize'), oauth_authorization_path(client_id: @application.uid, redirect_uri: uri, response_type: 'code', scope: @application.scopes), class: 'btn btn-success', target: '_blank' %>
           </td>
         </tr>
       <% end %>

data/app/views/doorkeeper/authorizations/new.html.erb CHANGED Viewed

@@ -4,7 +4,7 @@
 <main role="main">
   <p class="h4">
-    <%= raw t('.prompt', client_name: "<strong class=\"text-info\">#{ @pre_auth.client.name }</strong>") %>
+    <%= raw t('.prompt', client_name: content_tag(:strong, class: 'text-info') { @pre_auth.client.name }) %>
   </p>
   <% if @pre_auth.scopes.count > 0 %>

data/app/views/doorkeeper/authorized_applications/_delete_form.html.erb CHANGED Viewed

@@ -1,5 +1,4 @@
 <%- submit_btn_css ||= 'btn btn-link' %>
-<%= form_tag oauth_authorized_application_path(application) do %>
-  <input type="hidden" name="_method" value="delete">
+<%= form_tag oauth_authorized_application_path(application), method: :delete do %>
   <%= submit_tag t('doorkeeper.authorized_applications.buttons.revoke'), onclick: "return confirm('#{ t('doorkeeper.authorized_applications.confirmations.revoke') }')", class: submit_btn_css %>
 <% end %>

data/app/views/layouts/doorkeeper/admin.html.erb CHANGED Viewed

@@ -19,7 +19,7 @@
         <%= link_to t('doorkeeper.layouts.admin.nav.applications'), oauth_applications_path %>
       <% end %>
       <%= content_tag :li do %>
-        <%= link_to 'Home', root_path %>
+        <%= link_to t('doorkeeper.layouts.admin.nav.home'), root_path %>
       <% end %>
     </ul>
   </div>

data/config/locales/en.yml CHANGED Viewed

@@ -82,9 +82,9 @@ en:
         server_error: 'The authorization server encountered an unexpected condition which prevented it from fulfilling the request.'
         temporarily_unavailable: 'The authorization server is currently unable to handle the request due to a temporary overloading or maintenance of the server.'
-        #configuration error messages
+        # Configuration error messages
         credential_flow_not_configured: 'Resource Owner Password Credentials flow failed due to Doorkeeper.configure.resource_owner_from_credentials being unconfigured.'
-        resource_owner_authenticator_not_configured: 'Resource Owner find failed due to Doorkeeper.configure.resource_owner_authenticator being unconfiged.'
+        resource_owner_authenticator_not_configured: 'Resource Owner find failed due to Doorkeeper.configure.resource_owner_authenticator being unconfigured.'
         # Access grant errors
         unsupported_response_type: 'The authorization server does not support this response type.'
@@ -119,5 +119,6 @@ en:
         nav:
           oauth2_provider: 'OAuth2 Provider'
           applications: 'Applications'
+          home: 'Home'
       application:
         title: 'OAuth authorization required'

data/doorkeeper.gemspec CHANGED Viewed

@@ -1,12 +1,12 @@
-$:.push File.expand_path("../lib", __FILE__)
+$LOAD_PATH.push File.expand_path("../lib", __FILE__)
 require "doorkeeper/version"
 Gem::Specification.new do |s|
   s.name        = "doorkeeper"
   s.version     = Doorkeeper::VERSION
-  s.authors     = ["Felipe Elias Philipp", "Tute Costa"]
-  s.email       = %w(tutecosta@gmail.com)
+  s.authors     = ["Felipe Elias Philipp", "Tute Costa", "Jon Moss"]
+  s.email       = %w(me@jonathanmoss.me)
   s.homepage    = "https://github.com/doorkeeper-gem/doorkeeper"
   s.summary     = "OAuth 2 provider for Rails and Grape"
   s.description = "Doorkeeper is an OAuth 2 provider for Rails and Grape."
@@ -16,12 +16,14 @@ Gem::Specification.new do |s|
   s.test_files    = `git ls-files -- spec/*`.split("\n")
   s.require_paths = ["lib"]
-  s.add_dependency "railties", ">= 3.2"
+  s.add_dependency "railties", ">= 4.2"
+  s.required_ruby_version = ">= 2.1"
-  s.add_development_dependency "rspec-rails", "~> 3.4.0"
-  s.add_development_dependency "capybara", "~> 2.3.0"
-  s.add_development_dependency "generator_spec", "~> 0.9.0"
-  s.add_development_dependency "factory_girl", "~> 4.5.0"
-  s.add_development_dependency "timecop", "~> 0.7.0"
-  s.add_development_dependency "database_cleaner", "~> 1.3.0"
+  s.add_development_dependency "capybara"
+  s.add_development_dependency "coveralls"
+  s.add_development_dependency "database_cleaner", "~> 1.5.3"
+  s.add_development_dependency "factory_girl", "~> 4.7.0"
+  s.add_development_dependency "generator_spec", "~> 0.9.3"
+  s.add_development_dependency "rake", ">= 11.3.0"
+  s.add_development_dependency "rspec-rails"
 end

data/gemfiles/rails_4_2.gemfile ADDED Viewed

@@ -0,0 +1,11 @@
+# This file was generated by Appraisal
+source "https://rubygems.org"
+gem "rails", "~> 4.2.0"
+gem "appraisal"
+gem "activerecord-jdbcsqlite3-adapter", :platform => :jruby
+gem "sqlite3", :platform => [:ruby, :mswin, :mingw, :x64_mingw]
+gem "tzinfo-data", :platforms => [:mingw, :mswin, :x64_mingw]
+gemspec :path => "../"

data/gemfiles/rails_5_0.gemfile ADDED Viewed

@@ -0,0 +1,12 @@
+# This file was generated by Appraisal
+source "https://rubygems.org"
+gem "rails", "~> 5.0.0"
+gem "appraisal"
+gem "activerecord-jdbcsqlite3-adapter", :platform => :jruby
+gem "sqlite3", :platform => [:ruby, :mswin, :mingw, :x64_mingw]
+gem "tzinfo-data", :platforms => [:mingw, :mswin, :x64_mingw]
+gem "rspec-rails", "~> 3.5"
+gemspec :path => "../"

data/gemfiles/rails_5_1.gemfile ADDED Viewed

@@ -0,0 +1,13 @@
+# This file was generated by Appraisal
+source "https://rubygems.org"
+gem "rails", :github => "rails/rails"
+gem "appraisal"
+gem "activerecord-jdbcsqlite3-adapter", :platform => :jruby
+gem "sqlite3", :platform => [:ruby, :mswin, :mingw, :x64_mingw]
+gem "tzinfo-data", :platforms => [:mingw, :mswin, :x64_mingw]
+gem "arel", :github => "rails/arel"
+gem "rspec-rails", "~> 3.5"
+gemspec :path => "../"

data/lib/doorkeeper/config.rb CHANGED Viewed

@@ -1,5 +1,7 @@
 module Doorkeeper
   class MissingConfiguration < StandardError
+    # Defines a MissingConfiguration error for a missing Doorkeeper
+    # configuration
     def initialize
       super('Configuration for doorkeeper missing. Do you have doorkeeper initializer?')
     end
@@ -10,15 +12,10 @@ module Doorkeeper
     setup_orm_adapter
     setup_orm_models
     setup_application_owner if @config.enable_application_owner?
-    check_requirements
   end
   def self.configuration
-    @config || (fail MissingConfiguration.new)
-  end
-  def self.check_requirements
-    @orm_adapter.check_requirements!(configuration)
+    @config || (fail MissingConfiguration)
   end
   def self.setup_orm_adapter
@@ -52,6 +49,15 @@ doorkeeper.
         @config
       end
+      # Provide support for an owner to be assigned to each registered
+      # application (disabled by default)
+      # Optional parameter confirmation: true (default false) if you want
+      # to enforce ownership of a registered application
+      #
+      # @param opts [Hash] the options to confirm if an application owner
+      #   is present
+      # @option opts[Boolean] :confirmation (false)
+      #   Set confirm_application_owner variable
       def enable_application_owner(opts = {})
         @config.instance_variable_set('@enable_application_owner', true)
         confirm_application_owner if opts[:confirmation].present? && opts[:confirmation]
@@ -61,43 +67,91 @@ doorkeeper.
         @config.instance_variable_set('@confirm_application_owner', true)
       end
+      # Define default access token scopes for your provider
+      #
+      # @param scopes [Array] Default set of access (OAuth::Scopes.new)
+      # token scopes
       def default_scopes(*scopes)
         @config.instance_variable_set('@default_scopes', OAuth::Scopes.from_array(scopes))
       end
+      # Define default access token scopes for your provider
+      #
+      # @param scopes [Array] Optional set of access (OAuth::Scopes.new)
+      # token scopes
       def optional_scopes(*scopes)
         @config.instance_variable_set('@optional_scopes', OAuth::Scopes.from_array(scopes))
       end
+      # Change the way client credentials are retrieved from the request object.
+      # By default it retrieves first from the `HTTP_AUTHORIZATION` header, then
+      # falls back to the `:client_id` and `:client_secret` params from the
+      # `params` object.
+      #
+      # @param methods [Array] Define client credentials
       def client_credentials(*methods)
         @config.instance_variable_set('@client_credentials', methods)
       end
+      # Change the way access token is authenticated from the request object.
+      # By default it retrieves first from the `HTTP_AUTHORIZATION` header, then
+      # falls back to the `:access_token` or `:bearer_token` params from the
+      # `params` object.
+      #
+      # @param methods [Array] Define access token methods
       def access_token_methods(*methods)
         @config.instance_variable_set('@access_token_methods', methods)
       end
+      # Issue access tokens with refresh token (disabled by default)
       def use_refresh_token
         @config.instance_variable_set('@refresh_token_enabled', true)
       end
+      # WWW-Authenticate Realm (default "Doorkeeper").
+      #
+      # @param realm [String] ("Doorkeeper") Authentication realm
       def realm(realm)
         @config.instance_variable_set('@realm', realm)
       end
+      # Reuse access token for the same resource owner within an application
+      # (disabled by default)
+      # Rationale: https://github.com/doorkeeper-gem/doorkeeper/issues/383
       def reuse_access_token
         @config.instance_variable_set("@reuse_access_token", true)
       end
+      # Forces the usage of the HTTPS protocol in non-native redirect uris
+      # (enabled by default in non-development environments). OAuth2
+      # delegates security in communication to the HTTPS protocol so it is
+      # wise to keep this enabled.
+      #
+      # @param [Boolean] boolean value for the parameter, true by default in
+      # non-development environment
       def force_ssl_in_redirect_uri(boolean)
         @config.instance_variable_set("@force_ssl_in_redirect_uri", boolean)
       end
+      # Use a custom class for generating the access token.
+      # https://github.com/doorkeeper-gem/doorkeeper#custom-access-token-generator
+      #
+      # @param access_token_generator [String]
+      #   the name of the access token generator class
       def access_token_generator(access_token_generator)
         @config.instance_variable_set(
           '@access_token_generator', access_token_generator
         )
       end
+      # The controller Doorkeeper::ApplicationController inherits from.
+      # Defaults to ActionController::Base.
+      # https://github.com/doorkeeper-gem/doorkeeper#custom-base-controller
+      #
+      # @param base_controller [String] the name of the base controller
+      def base_controller(base_controller)
+        @config.instance_variable_set('@base_controller', base_controller)
+      end
     end
     module Option
@@ -133,19 +187,20 @@ doorkeeper.
         attribute_builder = options[:builder_class]
         Builder.instance_eval do
+          remove_method name if method_defined?(name)
           define_method name do |*args, &block|
             # TODO: is builder_class option being used?
-            value = unless attribute_builder
-                      block ? block : args.first
-                    else
+            value = if attribute_builder
                       attribute_builder.new(&block).build
+                    else
+                      block ? block : args.first
                     end
             @config.instance_variable_set(:"@#{attribute}", value)
           end
         end
-        define_method attribute do |*args|
+        define_method attribute do |*_args|
           if instance_variable_defined?(:"@#{attribute}")
             instance_variable_get(:"@#{attribute}")
           else
@@ -180,7 +235,7 @@ doorkeeper.
     option :skip_authorization,             default: ->(_routes) {}
     option :access_token_expires_in,        default: 7200
-    option :custom_access_token_expires_in, default: lambda { |_app| nil }
+    option :custom_access_token_expires_in, default: ->(_app) { nil }
     option :authorization_code_expires_in,  default: 600
     option :orm,                            default: :active_record
     option :native_redirect_uri,            default: 'urn:ietf:wg:oauth:2.0:oob'
@@ -188,19 +243,25 @@ doorkeeper.
     option :realm,                          default: 'Doorkeeper'
     option :force_ssl_in_redirect_uri,      default: !Rails.env.development?
     option :grant_flows,                    default: %w(authorization_code client_credentials)
-    option :access_token_generator,         default: "Doorkeeper::OAuth::Helpers::UniqueToken"
+    option :access_token_generator,
+           default: 'Doorkeeper::OAuth::Helpers::UniqueToken'
+    option :base_controller,
+           default: 'ActionController::Base'
     attr_reader :reuse_access_token
     def refresh_token_enabled?
+      @refresh_token_enabled ||= false
       !!@refresh_token_enabled
     end
     def enable_application_owner?
+      @enable_application_owner ||= false
       !!@enable_application_owner
     end
     def confirm_application_owner?
+      @confirm_application_owner ||= false
       !!@confirm_application_owner
     end
@@ -224,10 +285,6 @@ doorkeeper.
       @access_token_methods ||= [:from_bearer_authorization, :from_access_token_param, :from_bearer_param]
     end
-    def realm
-      @realm ||= 'Doorkeeper'
-    end
     def authorization_response_types
       @authorization_response_types ||= calculate_authorization_response_types
     end

data/lib/doorkeeper/engine.rb CHANGED Viewed

@@ -1,13 +1,8 @@
 module Doorkeeper
   class Engine < Rails::Engine
     initializer "doorkeeper.params.filter" do |app|
-      app.config.filter_parameters += [:client_secret, :code, :token]
-    end
-    initializer "doorkeeper.locales" do |app|
-      if app.config.i18n.fallbacks.blank?
-        app.config.i18n.fallbacks = [:en]
-      end
+      parameters = %w(client_secret code authentication_token access_token refresh_token)
+      app.config.filter_parameters << /^(#{Regexp.union parameters})$/
     end
     initializer "doorkeeper.routes" do
@@ -19,5 +14,14 @@ module Doorkeeper
         include Doorkeeper::Rails::Helpers
       end
     end
+    if defined?(Sprockets) && Sprockets::VERSION.chr.to_i >= 4
+      initializer 'doorkeeper.assets.precompile' do |app|
+        app.config.assets.precompile += %w(
+          doorkeeper/application.css
+          doorkeeper/admin/application.css
+        )
+      end
+    end
   end
 end

data/lib/doorkeeper/errors.rb CHANGED Viewed

@@ -1,21 +1,39 @@
 module Doorkeeper
   module Errors
     class DoorkeeperError < StandardError
+      def type
+        message
+      end
     end
     class InvalidAuthorizationStrategy < DoorkeeperError
+      def type
+        :unsupported_response_type
+      end
     end
     class InvalidTokenReuse < DoorkeeperError
+      def type
+        :invalid_request
+      end
     end
     class InvalidGrantReuse < DoorkeeperError
+      def type
+        :invalid_grant
+      end
     end
     class InvalidTokenStrategy < DoorkeeperError
+      def type
+        :unsupported_grant_type
+      end
     end
     class MissingRequestStrategy < DoorkeeperError
+      def type
+        :invalid_request
+      end
     end
     class UnableToGenerateToken < DoorkeeperError

data/lib/doorkeeper/grape/helpers.rb CHANGED Viewed

@@ -3,12 +3,13 @@ require 'doorkeeper/grape/authorization_decorator'
 module Doorkeeper
   module Grape
     module Helpers
+      # These helpers are for grape >= 0.10
       extend ::Grape::API::Helpers
       include Doorkeeper::Rails::Helpers
       # endpoint specific scopes > parameter scopes > default scopes
       def doorkeeper_authorize!(*scopes)
-        endpoint_scopes = env['api.endpoint'].options[:route_options][:scopes]
+        endpoint_scopes = env["api.endpoint"].route_setting(:scopes)
         scopes = if endpoint_scopes
                    Doorkeeper::OAuth::Scopes.from_array(endpoint_scopes)
                  elsif scopes && !scopes.empty?

data/lib/doorkeeper/helpers/controller.rb CHANGED Viewed

@@ -1,15 +1,15 @@
+# Define methods that can be called in any controller that inherits from
+# Doorkeeper::ApplicationMetalController or Doorkeeper::ApplicationController
 module Doorkeeper
   module Helpers
     module Controller
-      extend ActiveSupport::Concern
       private
-      def authenticate_resource_owner!
+      def authenticate_resource_owner! # :doc:
         current_resource_owner
       end
-      def current_resource_owner
+      def current_resource_owner # :doc:
         instance_eval(&Doorkeeper.configuration.authenticate_resource_owner)
       end
@@ -17,7 +17,7 @@ module Doorkeeper
         instance_eval(&Doorkeeper.configuration.resource_owner_from_credentials)
       end
-      def authenticate_admin!
+      def authenticate_admin! # :doc:
         instance_eval(&Doorkeeper.configuration.authenticate_admin)
       end
@@ -25,7 +25,7 @@ module Doorkeeper
         @server ||= Server.new(self)
       end
-      def doorkeeper_token
+      def doorkeeper_token # :doc:
         @token ||= OAuth::Token.authenticate request, *config_methods
       end
@@ -34,27 +34,12 @@ module Doorkeeper
       end
       def get_error_response_from_exception(exception)
-        error_name = case exception
-                     when Errors::InvalidTokenStrategy
-                       :unsupported_grant_type
-                     when Errors::InvalidAuthorizationStrategy
-                       :unsupported_response_type
-                     when Errors::MissingRequestStrategy
-                       :invalid_request
-                     when Errors::InvalidTokenReuse
-                       :invalid_request
-                     when Errors::InvalidGrantReuse
-                       :invalid_grant
-                     when Errors::DoorkeeperError
-                       exception.message
-                     end
-        OAuth::ErrorResponse.new name: error_name, state: params[:state]
+        OAuth::ErrorResponse.new name: exception.type, state: params[:state]
       end
       def handle_token_exception(exception)
         error = get_error_response_from_exception exception
-        self.headers.merge! error.headers
+        headers.merge! error.headers
         self.response_body = error.body.to_json
         self.status        = error.status
       end

data/lib/doorkeeper/models/access_grant_mixin.rb CHANGED Viewed

@@ -10,12 +10,16 @@ module Doorkeeper
     include ActiveModel::MassAssignmentSecurity if defined?(::ProtectedAttributes)
     included do
-      belongs_to :application, class_name: 'Doorkeeper::Application', inverse_of: :access_grants
-      if respond_to?(:attr_accessible)
-        attr_accessible :resource_owner_id, :application_id, :expires_in, :redirect_uri, :scopes
+      belongs_to_options = {
+        class_name: 'Doorkeeper::Application',
+        inverse_of: :access_grants
+      }
+      if defined?(ActiveRecord::Base) && ActiveRecord::VERSION::MAJOR >= 5
+        belongs_to_options[:optional] = true
       end
+      belongs_to :application, belongs_to_options
       validates :resource_owner_id, :application_id, :token, :expires_in, :redirect_uri, presence: true
       validates :token, uniqueness: true
@@ -23,13 +27,25 @@ module Doorkeeper
     end
     module ClassMethods
+      # Searches for Doorkeeper::AccessGrant record with the
+      # specific token value.
+      #
+      # @param token [#to_s] token value (any object that responds to `#to_s`)
+      #
+      # @return [Doorkeeper::AccessGrant, nil] AccessGrant object or nil
+      #   if there is no record with such token
+      #
       def by_token(token)
-        where(token: token.to_s).limit(1).to_a.first
+        find_by(token: token.to_s)
       end
     end
     private
+    # Generates token value with UniqueToken class.
+    #
+    # @return [String] token value
+    #
     def generate_token
       self.token = UniqueToken.generate
     end