RubyGems - doorkeeper - Versions diffs - 3.1.0 → 4.2.6 - Mend

doorkeeper 3.1.0 → 4.2.6

Potentially problematic release.

This version of doorkeeper might be problematic. Click here for more details.

Files changed (137) hide show

checksums.yaml +4 -4
data/.coveralls.yml +1 -0
data/.gitignore +5 -0
data/.travis.yml +16 -12
data/Appraisals +14 -0
data/CONTRIBUTING.md +2 -0
data/Gemfile +5 -5
data/NEWS.md +83 -2
data/README.md +73 -43
data/RELEASING.md +5 -12
data/Rakefile +1 -1
data/app/controllers/doorkeeper/application_controller.rb +3 -1
data/app/controllers/doorkeeper/application_metal_controller.rb +3 -2
data/app/controllers/doorkeeper/applications_controller.rb +3 -7
data/app/controllers/doorkeeper/authorizations_controller.rb +1 -1
data/app/controllers/doorkeeper/authorized_applications_controller.rb +1 -1
data/app/controllers/doorkeeper/tokens_controller.rb +50 -14
data/app/helpers/doorkeeper/dashboard_helper.rb +13 -11
data/app/views/doorkeeper/applications/_delete_form.html.erb +1 -2
data/app/views/doorkeeper/applications/_form.html.erb +1 -1
data/app/views/doorkeeper/applications/show.html.erb +1 -1
data/app/views/doorkeeper/authorizations/new.html.erb +1 -1
data/app/views/doorkeeper/authorized_applications/_delete_form.html.erb +1 -2
data/app/views/layouts/doorkeeper/admin.html.erb +1 -1
data/config/locales/en.yml +3 -2
data/doorkeeper.gemspec +12 -10
data/gemfiles/rails_4_2.gemfile +11 -0
data/gemfiles/rails_5_0.gemfile +12 -0
data/gemfiles/rails_5_1.gemfile +13 -0
data/lib/doorkeeper/config.rb +73 -16
data/lib/doorkeeper/engine.rb +11 -7
data/lib/doorkeeper/errors.rb +18 -0
data/lib/doorkeeper/grape/helpers.rb +2 -1
data/lib/doorkeeper/helpers/controller.rb +8 -23
data/lib/doorkeeper/models/access_grant_mixin.rb +21 -5
data/lib/doorkeeper/models/access_token_mixin.rb +145 -23
data/lib/doorkeeper/models/application_mixin.rb +21 -9
data/lib/doorkeeper/models/concerns/accessible.rb +4 -0
data/lib/doorkeeper/models/concerns/expirable.rb +10 -2
data/lib/doorkeeper/models/concerns/ownership.rb +6 -1
data/lib/doorkeeper/models/concerns/revocable.rb +37 -2
data/lib/doorkeeper/oauth/authorization/uri_builder.rb +20 -18
data/lib/doorkeeper/oauth/authorization_code_request.rb +1 -4
data/lib/doorkeeper/oauth/{request_concern.rb → base_request.rb} +3 -1
data/lib/doorkeeper/oauth/base_response.rb +29 -0
data/lib/doorkeeper/oauth/client/credentials.rb +17 -6
data/lib/doorkeeper/oauth/client.rb +0 -1
data/lib/doorkeeper/oauth/client_credentials/creator.rb +1 -1
data/lib/doorkeeper/oauth/client_credentials/issuer.rb +3 -2
data/lib/doorkeeper/oauth/client_credentials/validation.rb +1 -1
data/lib/doorkeeper/oauth/client_credentials_request.rb +8 -8
data/lib/doorkeeper/oauth/code_response.rb +16 -16
data/lib/doorkeeper/oauth/error_response.rb +9 -8
data/lib/doorkeeper/oauth/helpers/scope_checker.rb +1 -1
data/lib/doorkeeper/oauth/helpers/uri_checker.rb +2 -1
data/lib/doorkeeper/oauth/invalid_token_response.rb +2 -0
data/lib/doorkeeper/oauth/password_access_token_request.rb +7 -13
data/lib/doorkeeper/oauth/refresh_token_request.rb +22 -14
data/lib/doorkeeper/oauth/scopes.rb +2 -2
data/lib/doorkeeper/oauth/token.rb +20 -21
data/lib/doorkeeper/oauth/token_request.rb +1 -2
data/lib/doorkeeper/oauth/token_response.rb +1 -1
data/lib/doorkeeper/orm/active_record/access_token.rb +25 -0
data/lib/doorkeeper/orm/active_record/application.rb +12 -12
data/lib/doorkeeper/orm/active_record.rb +0 -16
data/lib/doorkeeper/rails/helpers.rb +1 -3
data/lib/doorkeeper/rails/routes/mapper.rb +4 -4
data/lib/doorkeeper/rails/routes/mapping.rb +1 -1
data/lib/doorkeeper/rails/routes.rb +4 -4
data/lib/doorkeeper/request/authorization_code.rb +7 -1
data/lib/doorkeeper/request/password.rb +11 -1
data/lib/doorkeeper/request/refresh_token.rb +1 -1
data/lib/doorkeeper/server.rb +0 -8
data/lib/doorkeeper/version.rb +1 -1
data/lib/doorkeeper.rb +8 -2
data/lib/generators/doorkeeper/previous_refresh_token_generator.rb +29 -0
data/lib/generators/doorkeeper/templates/add_owner_to_application_migration.rb +1 -1
data/lib/generators/doorkeeper/templates/add_previous_refresh_token_to_access_tokens.rb +11 -0
data/lib/generators/doorkeeper/templates/initializer.rb +8 -3
data/lib/generators/doorkeeper/templates/migration.rb +23 -5
data/spec/controllers/application_metal_controller.rb +10 -0
data/spec/controllers/authorizations_controller_spec.rb +39 -24
data/spec/controllers/protected_resources_controller_spec.rb +47 -18
data/spec/controllers/tokens_controller_spec.rb +1 -1
data/spec/dummy/app/controllers/full_protected_resources_controller.rb +4 -4
data/spec/dummy/app/controllers/home_controller.rb +1 -1
data/spec/dummy/app/controllers/metal_controller.rb +1 -1
data/spec/dummy/app/controllers/semi_protected_resources_controller.rb +3 -3
data/spec/dummy/app/models/user.rb +0 -4
data/spec/dummy/config/application.rb +2 -36
data/spec/dummy/config/environment.rb +1 -1
data/spec/dummy/config/environments/test.rb +4 -15
data/spec/dummy/config/initializers/active_record_belongs_to_required_by_default.rb +6 -0
data/spec/dummy/config/initializers/doorkeeper.rb +2 -2
data/spec/dummy/db/migrate/{20130902165751_create_doorkeeper_tables.rb → 20151223192035_create_doorkeeper_tables.rb} +24 -5
data/spec/dummy/db/migrate/{20130902175349_add_owner_to_application.rb → 20151223200000_add_owner_to_application.rb} +0 -0
data/spec/dummy/db/migrate/20160320211015_add_previous_refresh_token_to_access_tokens.rb +11 -0
data/spec/dummy/db/schema.rb +23 -22
data/spec/factories.rb +3 -1
data/spec/lib/config_spec.rb +19 -2
data/spec/lib/doorkeeper_spec.rb +135 -13
data/spec/lib/models/expirable_spec.rb +0 -1
data/spec/lib/models/revocable_spec.rb +27 -4
data/spec/lib/oauth/authorization/uri_builder_spec.rb +1 -2
data/spec/lib/oauth/authorization_code_request_spec.rb +1 -1
data/spec/lib/oauth/base_request_spec.rb +160 -0
data/spec/lib/oauth/base_response_spec.rb +45 -0
data/spec/lib/oauth/client/credentials_spec.rb +41 -0
data/spec/lib/oauth/code_response_spec.rb +34 -0
data/spec/lib/oauth/error_response_spec.rb +9 -9
data/spec/lib/oauth/invalid_token_response_spec.rb +36 -8
data/spec/lib/oauth/password_access_token_request_spec.rb +5 -5
data/spec/lib/oauth/refresh_token_request_spec.rb +34 -3
data/spec/lib/oauth/scopes_spec.rb +0 -1
data/spec/lib/oauth/token_spec.rb +12 -5
data/spec/lib/server_spec.rb +0 -3
data/spec/models/doorkeeper/access_token_spec.rb +45 -1
data/spec/models/doorkeeper/application_spec.rb +3 -11
data/spec/requests/endpoints/authorization_spec.rb +5 -6
data/spec/requests/flows/authorization_code_errors_spec.rb +11 -1
data/spec/requests/flows/authorization_code_spec.rb +4 -12
data/spec/requests/flows/password_spec.rb +26 -5
data/spec/requests/flows/refresh_token_spec.rb +87 -17
data/spec/requests/flows/revoke_token_spec.rb +100 -86
data/spec/spec_helper.rb +2 -0
data/spec/spec_helper_integration.rb +8 -1
data/spec/support/helpers/model_helper.rb +27 -5
data/spec/support/helpers/request_spec_helper.rb +12 -4
data/spec/support/http_method_shim.rb +38 -0
data/spec/support/shared/controllers_shared_context.rb +13 -4
data/spec/support/shared/models_shared_examples.rb +1 -1
metadata +72 -42
data/lib/doorkeeper/oauth/client/methods.rb +0 -18
data/lib/generators/doorkeeper/application_scopes_generator.rb +0 -34
data/lib/generators/doorkeeper/templates/add_scopes_to_oauth_applications.rb +0 -5
data/spec/dummy/db/migrate/20141209001746_add_scopes_to_oauth_applications.rb +0 -5
data/spec/lib/oauth/client/methods_spec.rb +0 -54

data/lib/doorkeeper/models/access_token_mixin.rb CHANGED Viewed

@@ -10,20 +10,23 @@ module Doorkeeper
     include ActiveModel::MassAssignmentSecurity if defined?(::ProtectedAttributes)
     included do
-      belongs_to :application,
-                 class_name: 'Doorkeeper::Application',
-                 inverse_of: :access_tokens
+      belongs_to_options = {
+        class_name: 'Doorkeeper::Application',
+        inverse_of: :access_tokens
+      }
+      if defined?(ActiveRecord::Base) && ActiveRecord::VERSION::MAJOR >= 5
+        belongs_to_options[:optional] = true
+      end
+      belongs_to :application, belongs_to_options
       validates :token, presence: true, uniqueness: true
       validates :refresh_token, uniqueness: true, if: :use_refresh_token?
+      # @attr_writer [Boolean, nil] use_refresh_token
+      #   indicates the possibility of using refresh token
       attr_writer :use_refresh_token
-      if respond_to?(:attr_accessible)
-        attr_accessible :application_id, :resource_owner_id, :expires_in,
-                        :scopes, :use_refresh_token
-      end
       before_validation :generate_token, on: :create
       before_validation :generate_refresh_token,
                         on: :create,
@@ -31,21 +34,60 @@ module Doorkeeper
     end
     module ClassMethods
+      # Returns an instance of the Doorkeeper::AccessToken with
+      # specific token value.
+      #
+      # @param token [#to_s]
+      #   token value (any object that responds to `#to_s`)
+      #
+      # @return [Doorkeeper::AccessToken, nil] AccessToken object or nil
+      #   if there is no record with such token
+      #
       def by_token(token)
-        where(token: token.to_s).limit(1).to_a.first
+        find_by(token: token.to_s)
       end
+      # Returns an instance of the Doorkeeper::AccessToken
+      # with specific token value.
+      #
+      # @param refresh_token [#to_s]
+      #   refresh token value (any object that responds to `#to_s`)
+      #
+      # @return [Doorkeeper::AccessToken, nil] AccessToken object or nil
+      #   if there is no record with such refresh token
+      #
       def by_refresh_token(refresh_token)
-        where(refresh_token: refresh_token.to_s).first
+        find_by(refresh_token: refresh_token.to_s)
       end
+      # Revokes AccessToken records that have not been revoked and associated
+      # with the specific Application and Resource Owner.
+      #
+      # @param application_id [Integer]
+      #   ID of the Application
+      # @param resource_owner [ActiveRecord::Base]
+      #   instance of the Resource Owner model
+      #
       def revoke_all_for(application_id, resource_owner)
         where(application_id: application_id,
               resource_owner_id: resource_owner.id,
               revoked_at: nil).
-          map(&:revoke)
+          each(&:revoke)
       end
+      # Looking for not expired Access Token with a matching set of scopes
+      # that belongs to specific Application and Resource Owner.
+      #
+      # @param application [Doorkeeper::Application]
+      #   Application instance
+      # @param resource_owner_or_id [ActiveRecord::Base, Integer]
+      #   Resource Owner model instance or it's ID
+      # @param scopes [String, Doorkeeper::OAuth::Scopes]
+      #   set of scopes
+      #
+      # @return [Doorkeeper::AccessToken, nil] Access Token instance or
+      #   nil if matching record was not found
+      #
       def matching_token_for(application, resource_owner_or_id, scopes)
         resource_owner_id = if resource_owner_or_id.respond_to?(:to_key)
                               resource_owner_or_id.id
@@ -58,6 +100,19 @@ module Doorkeeper
         end
       end
+      # Checks whether the token scopes match the scopes from the parameters or
+      # Application scopes (if present).
+      #
+      # @param token_scopes [#to_s]
+      #   set of scopes (any object that responds to `#to_s`)
+      # @param param_scopes [String]
+      #   scopes from params
+      # @param app_scopes [String]
+      #   Application scopes
+      #
+      # @return [Boolean] true if all scopes and blank or matches
+      #   and false in other cases
+      #
       def scopes_match?(token_scopes, param_scopes, app_scopes)
         (!token_scopes.present? && !param_scopes.present?) ||
           Doorkeeper::OAuth::Helpers::ScopeChecker.match?(
@@ -67,6 +122,23 @@ module Doorkeeper
           )
       end
+      # Looking for not expired AccessToken record with a matching set of
+      # scopes that belongs to specific Application and Resource Owner.
+      # If it doesn't exists - then creates it.
+      #
+      # @param application [Doorkeeper::Application]
+      #   Application instance
+      # @param resource_owner_id [ActiveRecord::Base, Integer]
+      #   Resource Owner model instance or it's ID
+      # @param scopes [#to_s]
+      #   set of scopes (any object that responds to `#to_s`)
+      # @param expires_in [Integer]
+      #   token lifetime in seconds
+      # @param use_refresh_token [Boolean]
+      #   whether to use the refresh token
+      #
+      # @return [Doorkeeper::AccessToken] existing record or a new one
+      #
       def find_or_create_for(application, resource_owner_id, scopes, expires_in, use_refresh_token)
         if Doorkeeper.configuration.reuse_access_token
           access_token = matching_token_for(application, resource_owner_id, scopes)
@@ -74,6 +146,7 @@ module Doorkeeper
             return access_token
           end
         end
         create!(
           application_id:    application.try(:id),
           resource_owner_id: resource_owner_id,
@@ -83,56 +156,105 @@ module Doorkeeper
         )
       end
+      # Looking for not revoked Access Token record that belongs to specific
+      # Application and Resource Owner.
+      #
+      # @param application_id [Integer]
+      #   ID of the Application model instance
+      # @param resource_owner_id [Integer]
+      #   ID of the Resource Owner model instance
+      #
+      # @return [Doorkeeper::AccessToken, nil] matching AccessToken object or
+      #   nil if nothing was found
+      #
       def last_authorized_token_for(application_id, resource_owner_id)
-        where(application_id: application_id,
-              resource_owner_id: resource_owner_id,
-              revoked_at: nil).
-          send(order_method, created_at_desc).
-          limit(1).
-          to_a.
-          first
+        send(order_method, created_at_desc).
+          find_by(application_id: application_id,
+                  resource_owner_id: resource_owner_id,
+                  revoked_at: nil)
       end
     end
+    # Access Token type: Bearer.
+    # @see https://tools.ietf.org/html/rfc6750
+    #   The OAuth 2.0 Authorization Framework: Bearer Token Usage
+    #
     def token_type
       'bearer'
     end
     def use_refresh_token?
+      @use_refresh_token ||= false
       !!@use_refresh_token
     end
+    # JSON representation of the Access Token instance.
+    #
+    # @return [Hash] hash with token data
     def as_json(_options = {})
       {
         resource_owner_id:  resource_owner_id,
         scopes:             scopes,
         expires_in_seconds: expires_in_seconds,
         application:        { uid: application.try(:uid) },
-        created_at:         created_at.to_i,
+        created_at:         created_at.to_i
       }
     end
-    # It indicates whether the tokens have the same credential
+    # Indicates whether the token instance have the same credential
+    # as the other Access Token.
+    #
+    # @param access_token [Doorkeeper::AccessToken] other token
+    #
+    # @return [Boolean] true if credentials are same of false in other cases
+    #
     def same_credential?(access_token)
       application_id == access_token.application_id &&
         resource_owner_id == access_token.resource_owner_id
     end
+    # Indicates if token is acceptable for specific scopes.
+    #
+    # @param scopes [Array<String>] scopes
+    #
+    # @return [Boolean] true if record is accessible and includes scopes or
+    #   false in other cases
+    #
     def acceptable?(scopes)
       accessible? && includes_scope?(*scopes)
     end
     private
+    # Generates refresh token with UniqueToken generator.
+    #
+    # @return [String] refresh token value
+    #
     def generate_refresh_token
       write_attribute :refresh_token, UniqueToken.generate
     end
+    # Generates and sets the token value with the
+    # configured Generator class (see Doorkeeper.configuration).
+    #
+    # @return [String] generated token value
+    #
+    # @raise [Doorkeeper::Errors::UnableToGenerateToken]
+    #   custom class doesn't implement .generate method
+    # @raise [Doorkeeper::Errors::TokenGeneratorNotFound]
+    #   custom class doesn't exist
+    #
     def generate_token
+      self.created_at ||= Time.now.utc
       generator = Doorkeeper.configuration.access_token_generator.constantize
-      self.token = generator.generate(resource_owner_id: resource_owner_id,
-                                      scopes: scopes, application: application,
-                                      expires_in: expires_in)
+      self.token = generator.generate(
+        resource_owner_id: resource_owner_id,
+        scopes: scopes,
+        application: application,
+        expires_in: expires_in,
+        created_at: created_at
+      )
     rescue NoMethodError
       raise Errors::UnableToGenerateToken, "#{generator} does not respond to `.generate`."
     rescue NameError

data/lib/doorkeeper/models/application_mixin.rb CHANGED Viewed

@@ -7,27 +7,39 @@ module Doorkeeper
     include ActiveModel::MassAssignmentSecurity if defined?(::ProtectedAttributes)
     included do
-      has_many :access_grants, dependent: :destroy, class_name: 'Doorkeeper::AccessGrant'
-      has_many :access_tokens, dependent: :destroy, class_name: 'Doorkeeper::AccessToken'
+      has_many :access_grants, dependent: :delete_all, class_name: 'Doorkeeper::AccessGrant'
+      has_many :access_tokens, dependent: :delete_all, class_name: 'Doorkeeper::AccessToken'
       validates :name, :secret, :uid, presence: true
       validates :uid, uniqueness: true
       validates :redirect_uri, redirect_uri: true
       before_validation :generate_uid, :generate_secret, on: :create
-      if respond_to?(:attr_accessible)
-        attr_accessible :name, :redirect_uri, :scopes
-      end
     end
     module ClassMethods
+      # Returns an instance of the Doorkeeper::Application with
+      # specific UID and secret.
+      #
+      # @param uid [#to_s] UID (any object that responds to `#to_s`)
+      # @param secret [#to_s] secret (any object that responds to `#to_s`)
+      #
+      # @return [Doorkeeper::Application, nil] Application instance or nil
+      #   if there is no record with such credentials
+      #
       def by_uid_and_secret(uid, secret)
-        where(uid: uid.to_s, secret: secret.to_s).limit(1).to_a.first
+        find_by(uid: uid.to_s, secret: secret.to_s)
       end
+      # Returns an instance of the Doorkeeper::Application with specific UID.
+      #
+      # @param uid [#to_s] UID (any object that responds to `#to_s`)
+      #
+      # @return [Doorkeeper::Application, nil] Application instance or nil
+      #   if there is no record with such UID
+      #
       def by_uid(uid)
-        where(uid: uid.to_s).limit(1).to_a.first
+        find_by(uid: uid.to_s)
       end
     end
@@ -35,7 +47,7 @@ module Doorkeeper
     def has_scopes?
       Doorkeeper.configuration.orm != :active_record ||
-        Application.new.attributes.include?("scopes")
+        Doorkeeper::Application.column_names.include?("scopes")
     end
     def generate_uid

data/lib/doorkeeper/models/concerns/accessible.rb CHANGED Viewed

@@ -1,6 +1,10 @@
 module Doorkeeper
   module Models
     module Accessible
+      # Indicates whether the object is accessible (not expired and not revoked).
+      #
+      # @return [Boolean] true if object accessible or false in other case
+      #
       def accessible?
         !expired? && !revoked?
       end

data/lib/doorkeeper/models/concerns/expirable.rb CHANGED Viewed

@@ -1,13 +1,21 @@
 module Doorkeeper
   module Models
     module Expirable
+      # Indicates whether the object is expired (`#expires_in` present and
+      # expiration time has come).
+      #
+      # @return [Boolean] true if object expired and false in other case
       def expired?
-        expires_in && Time.now > expired_time
+        expires_in && Time.now.utc > expired_time
       end
+      # Calculates expiration time in seconds.
+      #
+      # @return [Integer, nil] number of seconds if object has expiration time
+      #   or nil if object never expires.
       def expires_in_seconds
         return nil if expires_in.nil?
-        expires = (created_at + expires_in.seconds) - Time.now
+        expires = (created_at + expires_in.seconds) - Time.now.utc
         expires_sec = expires.seconds.round(0)
         expires_sec > 0 ? expires_sec : 0
       end

data/lib/doorkeeper/models/concerns/ownership.rb CHANGED Viewed

@@ -4,7 +4,12 @@ module Doorkeeper
       extend ActiveSupport::Concern
       included do
-        belongs_to :owner, polymorphic: true
+        belongs_to_options = { polymorphic: true }
+        if defined?(ActiveRecord::Base) && ActiveRecord::VERSION::MAJOR >= 5
+          belongs_to_options[:optional] = true
+        end
+        belongs_to :owner, belongs_to_options
         validates :owner, presence: true, if: :validate_owner?
       end

data/lib/doorkeeper/models/concerns/revocable.rb CHANGED Viewed

@@ -1,12 +1,47 @@
 module Doorkeeper
   module Models
     module Revocable
+      # Revokes the object (updates `:revoked_at` attribute setting its value
+      # to the specific time).
+      #
+      # @param clock [Time] time object
+      #
       def revoke(clock = Time)
-        update_attribute :revoked_at, clock.now
+        update_attribute :revoked_at, clock.now.utc
       end
+      # Indicates whether the object has been revoked.
+      #
+      # @return [Boolean] true if revoked, false in other case
+      #
       def revoked?
-        !!(revoked_at && revoked_at <= Time.now)
+        !!(revoked_at && revoked_at <= Time.now.utc)
+      end
+      # Revokes token with `:refresh_token` equal to `:previous_refresh_token`
+      # and clears `:previous_refresh_token` attribute.
+      #
+      def revoke_previous_refresh_token!
+        return unless refresh_token_revoked_on_use?
+        old_refresh_token.revoke if old_refresh_token
+        update_attribute :previous_refresh_token, ""
+      end
+      private
+      # Searches for Access Token record with `:refresh_token` equal to
+      # `:previous_refresh_token` value.
+      #
+      # @return [Doorkeeper::AccessToken, nil]
+      #   Access Token record or nil if nothing found
+      #
+      def old_refresh_token
+        @old_refresh_token ||=
+          AccessToken.by_refresh_token(previous_refresh_token)
+      end
+      def refresh_token_revoked_on_use?
+        AccessToken.refresh_token_revoked_on_use?
       end
     end
   end

data/lib/doorkeeper/oauth/authorization/uri_builder.rb CHANGED Viewed

@@ -1,27 +1,29 @@
+require 'rack/utils'
 module Doorkeeper
   module OAuth
     module Authorization
-      module URIBuilder
-        include Rack::Utils
-        extend self
+      class URIBuilder
+        class << self
+          def uri_with_query(url, parameters = {})
+            uri            = URI.parse(url)
+            original_query = Rack::Utils.parse_query(uri.query)
+            uri.query      = build_query(original_query.merge(parameters))
+            uri.to_s
+          end
-        def uri_with_query(url, parameters = {})
-          uri            = URI.parse(url)
-          original_query = parse_query(uri.query)
-          uri.query      = build_query(original_query.merge(parameters))
-          uri.to_s
-        end
+          def uri_with_fragment(url, parameters = {})
+            uri = URI.parse(url)
+            uri.fragment = build_query(parameters)
+            uri.to_s
+          end
-        def uri_with_fragment(url, parameters = {})
-          uri = URI.parse(url)
-          uri.fragment = build_query(parameters)
-          uri.to_s
-        end
+          private
-        def build_query(parameters = {})
-          parameters = parameters.reject { |k, v| v.blank? }
-          super parameters
+          def build_query(parameters = {})
+            parameters = parameters.reject { |_, v| v.blank? }
+            Rack::Utils.build_query parameters
+          end
         end
       end
     end

data/lib/doorkeeper/oauth/authorization_code_request.rb CHANGED Viewed

@@ -1,9 +1,6 @@
 module Doorkeeper
   module OAuth
-    class AuthorizationCodeRequest
-      include Validations
-      include OAuth::RequestConcern
+    class AuthorizationCodeRequest < BaseRequest
       validate :attributes,   error: :invalid_request
       validate :client,       error: :invalid_client
       validate :grant,        error: :invalid_grant

data/lib/doorkeeper/oauth/{request_concern.rb → base_request.rb} RENAMED Viewed

@@ -1,6 +1,8 @@
 module Doorkeeper
   module OAuth
-    module RequestConcern
+    class BaseRequest
+      include Validations
       def authorize
         validate
         if valid?

data/lib/doorkeeper/oauth/base_response.rb ADDED Viewed

@@ -0,0 +1,29 @@
+module Doorkeeper
+  module OAuth
+    class BaseResponse
+      def body
+        {}
+      end
+      def description
+        ""
+      end
+      def headers
+        {}
+      end
+      def redirectable?
+        false
+      end
+      def redirect_uri
+        ""
+      end
+      def status
+        :ok
+      end
+    end
+  end
+end

data/lib/doorkeeper/oauth/client/credentials.rb CHANGED Viewed

@@ -2,13 +2,24 @@ module Doorkeeper
   module OAuth
     class Client
       class Credentials < Struct.new(:uid, :secret)
-        extend Methods
+        class << self
+          def from_request(request, *credentials_methods)
+            credentials_methods.inject(nil) do |credentials, method|
+              method = self.method(method) if method.is_a?(Symbol)
+              credentials = Credentials.new(*method.call(request))
+              break credentials unless credentials.blank?
+            end
+          end
+          def from_params(request)
+            request.parameters.values_at(:client_id, :client_secret)
+          end
-        def self.from_request(request, *credentials_methods)
-          credentials_methods.inject(nil) do |credentials, method|
-            method = self.method(method) if method.is_a?(Symbol)
-            credentials = Credentials.new *method.call(request)
-            break credentials unless credentials.blank?
+          def from_basic(request)
+            authorization = request.authorization
+            if authorization.present? && authorization =~ /^Basic (.*)/m
+              Base64.decode64($1).split(/:/, 2)
+            end
           end
         end

data/lib/doorkeeper/oauth/client.rb CHANGED Viewed

@@ -1,4 +1,3 @@
-require 'doorkeeper/oauth/client/methods'
 require 'doorkeeper/oauth/client/credentials'
 module Doorkeeper

data/lib/doorkeeper/oauth/client_credentials/creator.rb CHANGED Viewed

@@ -1,6 +1,6 @@
 module Doorkeeper
   module OAuth
-    class ClientCredentialsRequest
+    class ClientCredentialsRequest < BaseRequest
       class Creator
         def call(client, scopes, attributes = {})
           AccessToken.find_or_create_for(

data/lib/doorkeeper/oauth/client_credentials/issuer.rb CHANGED Viewed

@@ -2,12 +2,13 @@ require 'doorkeeper/oauth/client_credentials/validation'
 module Doorkeeper
   module OAuth
-    class ClientCredentialsRequest
+    class ClientCredentialsRequest < BaseRequest
       class Issuer
         attr_accessor :token, :validation, :error
         def initialize(server, validation)
-          @server, @validation = server, validation
+          @server = server
+          @validation = validation
         end
         def create(client, scopes, creator = Creator.new)

data/lib/doorkeeper/oauth/client_credentials/validation.rb CHANGED Viewed

@@ -4,7 +4,7 @@ require 'doorkeeper/oauth/helpers/scope_checker'
 module Doorkeeper
   module OAuth
-    class ClientCredentialsRequest
+    class ClientCredentialsRequest < BaseRequest
       class Validation
         include Validations
         include OAuth::Helpers

data/lib/doorkeeper/oauth/client_credentials_request.rb CHANGED Viewed

@@ -4,13 +4,12 @@ require 'doorkeeper/oauth/client_credentials/validation'
 module Doorkeeper
   module OAuth
-    class ClientCredentialsRequest
-      include Validations
-      include OAuth::RequestConcern
-      attr_accessor :issuer, :server, :client, :original_scopes
+    class ClientCredentialsRequest < BaseRequest
+      attr_accessor :server, :client, :original_scopes
       attr_reader :response
-      alias :error_response :response
+      attr_writer :issuer
+      alias_method :error_response, :response
       delegate :error, to: :issuer
@@ -19,8 +18,9 @@ module Doorkeeper
       end
       def initialize(server, client, parameters = {})
-        @client, @server = client, server
-        @response        = nil
+        @client = client
+        @server = server
+        @response = nil
         @original_scopes = parameters[:scope]
       end

data/lib/doorkeeper/oauth/code_response.rb CHANGED Viewed

@@ -1,13 +1,13 @@
 module Doorkeeper
   module OAuth
-    class CodeResponse
-      include OAuth::Authorization::URIBuilder
+    class CodeResponse < BaseResponse
       include OAuth::Helpers
       attr_accessor :pre_auth, :auth, :response_on_fragment
       def initialize(pre_auth, auth, options = {})
-        @pre_auth, @auth      = pre_auth, auth
+        @pre_auth = pre_auth
+        @auth = auth
         @response_on_fragment = options[:response_on_fragment]
       end
@@ -18,20 +18,20 @@ module Doorkeeper
       def redirect_uri
         if URIChecker.native_uri? pre_auth.redirect_uri
           auth.native_redirect
+        elsif response_on_fragment
+          Authorization::URIBuilder.uri_with_fragment(
+            pre_auth.redirect_uri,
+            access_token: auth.token.token,
+            token_type: auth.token.token_type,
+            expires_in: auth.token.expires_in_seconds,
+            state: pre_auth.state
+          )
         else
-          if response_on_fragment
-            uri_with_fragment(
-              pre_auth.redirect_uri,
-              access_token: auth.token.token,
-              token_type: auth.token.token_type,
-              expires_in: auth.token.expires_in,
-              state: pre_auth.state
-            )
-          else
-            uri_with_query pre_auth.redirect_uri,
-                           code: auth.token.token,
-                           state: pre_auth.state
-          end
+          Authorization::URIBuilder.uri_with_query(
+            pre_auth.redirect_uri,
+            code: auth.token.token,
+            state: pre_auth.state
+          )
         end
       end
     end