RubyGems - doorkeeper - Versions diffs - 3.1.0 → 4.2.6 - Mend

doorkeeper 3.1.0 → 4.2.6

Potentially problematic release.

This version of doorkeeper might be problematic. Click here for more details.

Files changed (137) hide show

checksums.yaml +4 -4
data/.coveralls.yml +1 -0
data/.gitignore +5 -0
data/.travis.yml +16 -12
data/Appraisals +14 -0
data/CONTRIBUTING.md +2 -0
data/Gemfile +5 -5
data/NEWS.md +83 -2
data/README.md +73 -43
data/RELEASING.md +5 -12
data/Rakefile +1 -1
data/app/controllers/doorkeeper/application_controller.rb +3 -1
data/app/controllers/doorkeeper/application_metal_controller.rb +3 -2
data/app/controllers/doorkeeper/applications_controller.rb +3 -7
data/app/controllers/doorkeeper/authorizations_controller.rb +1 -1
data/app/controllers/doorkeeper/authorized_applications_controller.rb +1 -1
data/app/controllers/doorkeeper/tokens_controller.rb +50 -14
data/app/helpers/doorkeeper/dashboard_helper.rb +13 -11
data/app/views/doorkeeper/applications/_delete_form.html.erb +1 -2
data/app/views/doorkeeper/applications/_form.html.erb +1 -1
data/app/views/doorkeeper/applications/show.html.erb +1 -1
data/app/views/doorkeeper/authorizations/new.html.erb +1 -1
data/app/views/doorkeeper/authorized_applications/_delete_form.html.erb +1 -2
data/app/views/layouts/doorkeeper/admin.html.erb +1 -1
data/config/locales/en.yml +3 -2
data/doorkeeper.gemspec +12 -10
data/gemfiles/rails_4_2.gemfile +11 -0
data/gemfiles/rails_5_0.gemfile +12 -0
data/gemfiles/rails_5_1.gemfile +13 -0
data/lib/doorkeeper/config.rb +73 -16
data/lib/doorkeeper/engine.rb +11 -7
data/lib/doorkeeper/errors.rb +18 -0
data/lib/doorkeeper/grape/helpers.rb +2 -1
data/lib/doorkeeper/helpers/controller.rb +8 -23
data/lib/doorkeeper/models/access_grant_mixin.rb +21 -5
data/lib/doorkeeper/models/access_token_mixin.rb +145 -23
data/lib/doorkeeper/models/application_mixin.rb +21 -9
data/lib/doorkeeper/models/concerns/accessible.rb +4 -0
data/lib/doorkeeper/models/concerns/expirable.rb +10 -2
data/lib/doorkeeper/models/concerns/ownership.rb +6 -1
data/lib/doorkeeper/models/concerns/revocable.rb +37 -2
data/lib/doorkeeper/oauth/authorization/uri_builder.rb +20 -18
data/lib/doorkeeper/oauth/authorization_code_request.rb +1 -4
data/lib/doorkeeper/oauth/{request_concern.rb → base_request.rb} +3 -1
data/lib/doorkeeper/oauth/base_response.rb +29 -0
data/lib/doorkeeper/oauth/client/credentials.rb +17 -6
data/lib/doorkeeper/oauth/client.rb +0 -1
data/lib/doorkeeper/oauth/client_credentials/creator.rb +1 -1
data/lib/doorkeeper/oauth/client_credentials/issuer.rb +3 -2
data/lib/doorkeeper/oauth/client_credentials/validation.rb +1 -1
data/lib/doorkeeper/oauth/client_credentials_request.rb +8 -8
data/lib/doorkeeper/oauth/code_response.rb +16 -16
data/lib/doorkeeper/oauth/error_response.rb +9 -8
data/lib/doorkeeper/oauth/helpers/scope_checker.rb +1 -1
data/lib/doorkeeper/oauth/helpers/uri_checker.rb +2 -1
data/lib/doorkeeper/oauth/invalid_token_response.rb +2 -0
data/lib/doorkeeper/oauth/password_access_token_request.rb +7 -13
data/lib/doorkeeper/oauth/refresh_token_request.rb +22 -14
data/lib/doorkeeper/oauth/scopes.rb +2 -2
data/lib/doorkeeper/oauth/token.rb +20 -21
data/lib/doorkeeper/oauth/token_request.rb +1 -2
data/lib/doorkeeper/oauth/token_response.rb +1 -1
data/lib/doorkeeper/orm/active_record/access_token.rb +25 -0
data/lib/doorkeeper/orm/active_record/application.rb +12 -12
data/lib/doorkeeper/orm/active_record.rb +0 -16
data/lib/doorkeeper/rails/helpers.rb +1 -3
data/lib/doorkeeper/rails/routes/mapper.rb +4 -4
data/lib/doorkeeper/rails/routes/mapping.rb +1 -1
data/lib/doorkeeper/rails/routes.rb +4 -4
data/lib/doorkeeper/request/authorization_code.rb +7 -1
data/lib/doorkeeper/request/password.rb +11 -1
data/lib/doorkeeper/request/refresh_token.rb +1 -1
data/lib/doorkeeper/server.rb +0 -8
data/lib/doorkeeper/version.rb +1 -1
data/lib/doorkeeper.rb +8 -2
data/lib/generators/doorkeeper/previous_refresh_token_generator.rb +29 -0
data/lib/generators/doorkeeper/templates/add_owner_to_application_migration.rb +1 -1
data/lib/generators/doorkeeper/templates/add_previous_refresh_token_to_access_tokens.rb +11 -0
data/lib/generators/doorkeeper/templates/initializer.rb +8 -3
data/lib/generators/doorkeeper/templates/migration.rb +23 -5
data/spec/controllers/application_metal_controller.rb +10 -0
data/spec/controllers/authorizations_controller_spec.rb +39 -24
data/spec/controllers/protected_resources_controller_spec.rb +47 -18
data/spec/controllers/tokens_controller_spec.rb +1 -1
data/spec/dummy/app/controllers/full_protected_resources_controller.rb +4 -4
data/spec/dummy/app/controllers/home_controller.rb +1 -1
data/spec/dummy/app/controllers/metal_controller.rb +1 -1
data/spec/dummy/app/controllers/semi_protected_resources_controller.rb +3 -3
data/spec/dummy/app/models/user.rb +0 -4
data/spec/dummy/config/application.rb +2 -36
data/spec/dummy/config/environment.rb +1 -1
data/spec/dummy/config/environments/test.rb +4 -15
data/spec/dummy/config/initializers/active_record_belongs_to_required_by_default.rb +6 -0
data/spec/dummy/config/initializers/doorkeeper.rb +2 -2
data/spec/dummy/db/migrate/{20130902165751_create_doorkeeper_tables.rb → 20151223192035_create_doorkeeper_tables.rb} +24 -5
data/spec/dummy/db/migrate/{20130902175349_add_owner_to_application.rb → 20151223200000_add_owner_to_application.rb} +0 -0
data/spec/dummy/db/migrate/20160320211015_add_previous_refresh_token_to_access_tokens.rb +11 -0
data/spec/dummy/db/schema.rb +23 -22
data/spec/factories.rb +3 -1
data/spec/lib/config_spec.rb +19 -2
data/spec/lib/doorkeeper_spec.rb +135 -13
data/spec/lib/models/expirable_spec.rb +0 -1
data/spec/lib/models/revocable_spec.rb +27 -4
data/spec/lib/oauth/authorization/uri_builder_spec.rb +1 -2
data/spec/lib/oauth/authorization_code_request_spec.rb +1 -1
data/spec/lib/oauth/base_request_spec.rb +160 -0
data/spec/lib/oauth/base_response_spec.rb +45 -0
data/spec/lib/oauth/client/credentials_spec.rb +41 -0
data/spec/lib/oauth/code_response_spec.rb +34 -0
data/spec/lib/oauth/error_response_spec.rb +9 -9
data/spec/lib/oauth/invalid_token_response_spec.rb +36 -8
data/spec/lib/oauth/password_access_token_request_spec.rb +5 -5
data/spec/lib/oauth/refresh_token_request_spec.rb +34 -3
data/spec/lib/oauth/scopes_spec.rb +0 -1
data/spec/lib/oauth/token_spec.rb +12 -5
data/spec/lib/server_spec.rb +0 -3
data/spec/models/doorkeeper/access_token_spec.rb +45 -1
data/spec/models/doorkeeper/application_spec.rb +3 -11
data/spec/requests/endpoints/authorization_spec.rb +5 -6
data/spec/requests/flows/authorization_code_errors_spec.rb +11 -1
data/spec/requests/flows/authorization_code_spec.rb +4 -12
data/spec/requests/flows/password_spec.rb +26 -5
data/spec/requests/flows/refresh_token_spec.rb +87 -17
data/spec/requests/flows/revoke_token_spec.rb +100 -86
data/spec/spec_helper.rb +2 -0
data/spec/spec_helper_integration.rb +8 -1
data/spec/support/helpers/model_helper.rb +27 -5
data/spec/support/helpers/request_spec_helper.rb +12 -4
data/spec/support/http_method_shim.rb +38 -0
data/spec/support/shared/controllers_shared_context.rb +13 -4
data/spec/support/shared/models_shared_examples.rb +1 -1
metadata +72 -42
data/lib/doorkeeper/oauth/client/methods.rb +0 -18
data/lib/generators/doorkeeper/application_scopes_generator.rb +0 -34
data/lib/generators/doorkeeper/templates/add_scopes_to_oauth_applications.rb +0 -5
data/spec/dummy/db/migrate/20141209001746_add_scopes_to_oauth_applications.rb +0 -5
data/spec/lib/oauth/client/methods_spec.rb +0 -54

data/spec/requests/flows/refresh_token_spec.rb CHANGED Viewed

@@ -37,20 +37,62 @@ describe 'Refresh Token Flow' do
   context 'refreshing the token' do
     before do
-      @token = FactoryGirl.create(:access_token, application: @client, resource_owner_id: 1, use_refresh_token: true)
+      @token = FactoryGirl.create(
+        :access_token,
+        application: @client,
+        resource_owner_id: 1,
+        use_refresh_token: true
+      )
     end
-    it 'client request a token with refresh token' do
-      post refresh_token_endpoint_url(client: @client, refresh_token: @token.refresh_token)
-      should_have_json 'refresh_token', Doorkeeper::AccessToken.last.refresh_token
-      expect(@token.reload).to be_revoked
+    context "refresh_token revoked on use" do
+      it 'client request a token with refresh token' do
+        post refresh_token_endpoint_url(
+          client: @client, refresh_token: @token.refresh_token
+        )
+        should_have_json(
+          'refresh_token', Doorkeeper::AccessToken.last.refresh_token
+        )
+        expect(@token.reload).not_to be_revoked
+      end
+      it 'client request a token with expired access token' do
+        @token.update_attribute :expires_in, -100
+        post refresh_token_endpoint_url(
+          client: @client, refresh_token: @token.refresh_token
+        )
+        should_have_json(
+          'refresh_token', Doorkeeper::AccessToken.last.refresh_token
+        )
+        expect(@token.reload).not_to be_revoked
+      end
     end
-    it 'client request a token with expired access token' do
-      @token.update_attribute :expires_in, -100
-      post refresh_token_endpoint_url(client: @client, refresh_token: @token.refresh_token)
-      should_have_json 'refresh_token', Doorkeeper::AccessToken.last.refresh_token
-      expect(@token.reload).to be_revoked
+    context "refresh_token revoked on refresh_token request" do
+      before do
+        allow(Doorkeeper::AccessToken).to receive(:refresh_token_revoked_on_use?).and_return(false)
+      end
+      it 'client request a token with refresh token' do
+        post refresh_token_endpoint_url(
+          client: @client, refresh_token: @token.refresh_token
+        )
+        should_have_json(
+          'refresh_token', Doorkeeper::AccessToken.last.refresh_token
+        )
+        expect(@token.reload).to be_revoked
+      end
+      it 'client request a token with expired access token' do
+        @token.update_attribute :expires_in, -100
+        post refresh_token_endpoint_url(
+          client: @client, refresh_token: @token.refresh_token
+        )
+        should_have_json(
+          'refresh_token', Doorkeeper::AccessToken.last.refresh_token
+        )
+        expect(@token.reload).to be_revoked
+      end
     end
     it 'client gets an error for invalid refresh token' do
@@ -79,20 +121,48 @@ describe 'Refresh Token Flow' do
     before do
       # enable password auth to simulate other devices
       config_is_set(:grant_flows, ["password"])
-      config_is_set(:resource_owner_from_credentials) { User.authenticate! params[:username], params[:password] }
+      config_is_set(:resource_owner_from_credentials) do
+        User.authenticate! params[:username], params[:password]
+      end
       create_resource_owner
-      _another_token = post password_token_endpoint_url(client: @client, resource_owner: @resource_owner)
+      _another_token = post password_token_endpoint_url(
+        client: @client, resource_owner: @resource_owner
+      )
       last_token.update_attribute :created_at, 5.seconds.ago
-      @token = FactoryGirl.create(:access_token, application: @client, resource_owner_id: @resource_owner.id, use_refresh_token: true)
+      @token = FactoryGirl.create(
+        :access_token,
+        application: @client,
+        resource_owner_id: @resource_owner.id,
+        use_refresh_token: true
+      )
       @token.update_attribute :expires_in, -100
     end
-    it 'client request a token after creating another token with the same user' do
-      post refresh_token_endpoint_url(client: @client, refresh_token: @token.refresh_token)
+    context "refresh_token revoked on use" do
+      it 'client request a token after creating another token with the same user' do
+        post refresh_token_endpoint_url(
+          client: @client, refresh_token: @token.refresh_token
+        )
+        should_have_json 'refresh_token', last_token.refresh_token
+        expect(@token.reload).not_to be_revoked
+      end
+    end
+    context "refresh_token revoked on refresh_token request" do
+      before do
+        allow(Doorkeeper::AccessToken).to receive(:refresh_token_revoked_on_use?).and_return(false)
+      end
+      it 'client request a token after creating another token with the same user' do
+        post refresh_token_endpoint_url(
+          client: @client, refresh_token: @token.refresh_token
+        )
-      should_have_json 'refresh_token', last_token.refresh_token
-      expect(@token.reload).to be_revoked
+        should_have_json 'refresh_token', last_token.refresh_token
+        expect(@token.reload).to be_revoked
+      end
     end
     def last_token

data/spec/requests/flows/revoke_token_spec.rb CHANGED Viewed

@@ -8,135 +8,149 @@ describe 'Revoke Token Flow' do
   context 'with default parameters' do
     let(:client_application) { FactoryGirl.create :application }
     let(:resource_owner) { User.create!(name: 'John', password: 'sekret') }
-    let(:authorization_access_token) do
+    let(:access_token) do
       FactoryGirl.create(:access_token,
                          application: client_application,
                          resource_owner_id: resource_owner.id,
                          use_refresh_token: true)
     end
-    let(:headers) { { 'HTTP_AUTHORIZATION' => "Bearer #{authorization_access_token.token}" } }
-    context 'With invalid token to revoke' do
-      it 'client wants to revoke the given access token' do
-        post revocation_token_endpoint_url, { token: 'I_AM_AN_INVALIDE_TOKEN' }, headers
-        authorization_access_token.reload
-        # The authorization server responds with HTTP status code 200 if the token
-        # has been revoked successfully or if the client submitted an invalid token.
-        expect(response).to be_success
-        expect(authorization_access_token).to_not be_revoked
+    context 'with authenticated, confidential OAuth 2.0 client/application' do
+      let(:headers) do
+        client_id = client_application.uid
+        client_secret = client_application.secret
+        credentials = Base64.encode64("#{client_id}:#{client_secret}")
+        { 'HTTP_AUTHORIZATION' => "Basic #{credentials}" }
       end
-    end
-    context 'The access token to revoke is the same than the authorization access token' do
-      let(:token_to_revoke) { authorization_access_token }
-      it 'client wants to revoke the given access token' do
-        post revocation_token_endpoint_url, { token: token_to_revoke.token }, headers
+      it 'should revoke the access token provided' do
+        post revocation_token_endpoint_url, { token: access_token.token }, headers
-        token_to_revoke.reload
-        authorization_access_token.reload
+        access_token.reload
         expect(response).to be_success
-        expect(token_to_revoke.revoked?).to be_truthy
-        expect(Doorkeeper::AccessToken.by_refresh_token(token_to_revoke.refresh_token).revoked?).to be_truthy
+        expect(access_token.revoked?).to be_truthy
       end
-      it 'client wants to revoke the given access token using the POST query string' do
-        url_with_query_string = revocation_token_endpoint_url + '?' + Rack::Utils.build_query(token: token_to_revoke.token)
-        post url_with_query_string, {}, headers
+      it 'should revoke the refresh token provided' do
+        post revocation_token_endpoint_url, { token: access_token.refresh_token }, headers
-        token_to_revoke.reload
-        authorization_access_token.reload
+        access_token.reload
         expect(response).to be_success
-        expect(token_to_revoke.revoked?).to be_falsey
-        expect(Doorkeeper::AccessToken.by_refresh_token(token_to_revoke.refresh_token).revoked?).to be_falsey
-        expect(authorization_access_token.revoked?).to be_falsey
+        expect(access_token.revoked?).to be_truthy
       end
-    end
-    context 'The access token to revoke app and owners are the same than the authorization access token' do
-      let(:token_to_revoke) do
-        FactoryGirl.create(:access_token,
-                           application: client_application,
-                           resource_owner_id: resource_owner.id,
-                           use_refresh_token: true)
+      context 'with invalid token to revoke' do
+        it 'should not revoke any tokens and respond successfully' do
+          num_prev_revoked_tokens = Doorkeeper::AccessToken.where(revoked_at: nil).count
+          post revocation_token_endpoint_url, { token: 'I_AM_AN_INVALID_TOKEN' }, headers
+          # The authorization server responds with HTTP status code 200 even if
+          # token is invalid
+          expect(response).to be_success
+          expect(Doorkeeper::AccessToken.where(revoked_at: nil).count).to eq(num_prev_revoked_tokens)
+        end
       end
-      it 'client wants to revoke the given access token' do
-        post revocation_token_endpoint_url, { token: token_to_revoke.token }, headers
+      context 'with bad credentials and a valid token' do
+        let(:headers) do
+          client_id = client_application.uid
+          credentials = Base64.encode64("#{client_id}:poop")
+          { 'HTTP_AUTHORIZATION' => "Basic #{credentials}" }
+        end
+        it 'should not revoke any tokens and respond successfully' do
+          post revocation_token_endpoint_url, { token: access_token.token }, headers
-        token_to_revoke.reload
-        authorization_access_token.reload
+          access_token.reload
-        expect(response).to be_success
-        expect(token_to_revoke.revoked?).to be_truthy
-        expect(Doorkeeper::AccessToken.by_refresh_token(token_to_revoke.refresh_token).revoked?).to be_truthy
-        expect(authorization_access_token.revoked?).to be_falsey
+          expect(response).to be_success
+          expect(access_token.revoked?).to be_falsey
+        end
       end
-    end
-    context 'The access token to revoke authorization owner is the same than the authorization access token' do
-      let(:other_client_application) { FactoryGirl.create :application }
-      let(:token_to_revoke) do
-        FactoryGirl.create(:access_token,
-                           application: other_client_application,
-                           resource_owner_id: resource_owner.id,
-                           use_refresh_token: true)
+      context 'with no credentials and a valid token' do
+        it 'should not revoke any tokens and respond successfully' do
+          post revocation_token_endpoint_url, { token: access_token.token }
+          access_token.reload
+          expect(response).to be_success
+          expect(access_token.revoked?).to be_falsey
+        end
       end
-      it 'client wants to revoke the given access token' do
-        post revocation_token_endpoint_url, { token: token_to_revoke.token }, headers
+      context 'with valid token for another client application' do
+        let(:other_client_application) { FactoryGirl.create :application }
+        let(:headers) do
+          client_id = other_client_application.uid
+          client_secret = other_client_application.secret
+          credentials = Base64.encode64("#{client_id}:#{client_secret}")
+          { 'HTTP_AUTHORIZATION' => "Basic #{credentials}" }
+        end
-        token_to_revoke.reload
-        authorization_access_token.reload
+        it 'should not revoke the token as its unauthorized' do
+          post revocation_token_endpoint_url, { token: access_token.token }, headers
-        expect(response).to be_success
-        expect(token_to_revoke.revoked?).to be_falsey
-        expect(Doorkeeper::AccessToken.by_refresh_token(token_to_revoke.refresh_token).revoked?).to be_falsey
-        expect(authorization_access_token.revoked?).to be_falsey
+          access_token.reload
+          expect(response).to be_success
+          expect(access_token.revoked?).to be_falsey
+        end
       end
     end
-    context 'The access token to revoke app is the same than the authorization access token' do
-      let(:other_resource_owner) { User.create!(name: 'Matheo', password: 'pareto') }
-      let(:token_to_revoke) do
+    context 'with public OAuth 2.0 client/application' do
+      let(:access_token) do
         FactoryGirl.create(:access_token,
-                           application: client_application,
-                           resource_owner_id: other_resource_owner.id,
+                           application: nil,
+                           resource_owner_id: resource_owner.id,
                            use_refresh_token: true)
       end
-      it 'client wants to revoke the given access token' do
-        post revocation_token_endpoint_url, { token: token_to_revoke.token }, headers
+      it 'should revoke the access token provided' do
+        post revocation_token_endpoint_url, { token: access_token.token }
-        token_to_revoke.reload
-        authorization_access_token.reload
+        access_token.reload
         expect(response).to be_success
-        expect(token_to_revoke.revoked?).to be_falsey
-        expect(Doorkeeper::AccessToken.by_refresh_token(token_to_revoke.refresh_token).revoked?).to be_falsey
-        expect(authorization_access_token.revoked?).to be_falsey
+        expect(access_token.revoked?).to be_truthy
       end
-    end
-    context 'With valid refresh token to revoke' do
-      let(:token_to_revoke) do
-        FactoryGirl.create(:access_token,
-                           application: client_application,
-                           resource_owner_id: resource_owner.id,
-                           use_refresh_token: true)
-      end
+      it 'should revoke the refresh token provided' do
+        post revocation_token_endpoint_url, { token: access_token.refresh_token }
-      it 'client wants to revoke the given refresh token' do
-        post revocation_token_endpoint_url, { token: token_to_revoke.refresh_token, token_type_hint: 'refresh_token' }, headers
-        authorization_access_token.reload
-        token_to_revoke.reload
+        access_token.reload
         expect(response).to be_success
-        expect(Doorkeeper::AccessToken.by_refresh_token(token_to_revoke.refresh_token).revoked?).to be_truthy
-        expect(authorization_access_token).to_not be_revoked
+        expect(access_token.revoked?).to be_truthy
+      end
+      context 'with a valid token issued for a confidential client' do
+        let(:access_token) do
+          FactoryGirl.create(:access_token,
+                             application: client_application,
+                             resource_owner_id: resource_owner.id,
+                             use_refresh_token: true)
+        end
+        it 'should not revoke the access token provided' do
+          post revocation_token_endpoint_url, { token: access_token.token }
+          access_token.reload
+          expect(response).to be_success
+          expect(access_token.revoked?).to be_falsey
+        end
+        it 'should not revoke the refresh token provided' do
+          post revocation_token_endpoint_url, { token: access_token.token }
+          access_token.reload
+          expect(response).to be_success
+          expect(access_token.revoked?).to be_falsey
+        end
       end
     end
   end

data/spec/spec_helper.rb CHANGED Viewed

@@ -1,2 +1,4 @@
 $LOAD_PATH.unshift File.expand_path(File.join(File.dirname(__FILE__), '../lib'))
 $LOAD_PATH.unshift File.expand_path(File.join(File.dirname(__FILE__), '../app'))
+require 'doorkeeper'

data/spec/spec_helper_integration.rb CHANGED Viewed

@@ -1,3 +1,8 @@
+if ENV['TRAVIS']
+  require 'coveralls'
+  Coveralls.wear!('rails') { add_filter('/spec/') }
+end
 ENV['RAILS_ENV'] ||= 'test'
 TABLE_NAME_PREFIX = ENV['table_name_prefix'] || nil
 TABLE_NAME_SUFFIX = ENV['table_name_suffix'] || nil
@@ -11,7 +16,6 @@ require 'capybara/rspec'
 require 'dummy/config/environment'
 require 'rspec/rails'
 require 'generator_spec/test_case'
-require 'timecop'
 require 'database_cleaner'
 # Load JRuby SQLite3 if in that platform
@@ -35,6 +39,9 @@ ENGINE_RAILS_ROOT = File.join(File.dirname(__FILE__), '../')
 Dir["#{File.dirname(__FILE__)}/support/{dependencies,helpers,shared}/*.rb"].each { |f| require f }
+# Remove after dropping support of Rails 4.2
+require "#{File.dirname(__FILE__)}/support/http_method_shim.rb"
 RSpec.configure do |config|
   config.infer_spec_type_from_file_location!
   config.mock_with :rspec

data/spec/support/helpers/model_helper.rb CHANGED Viewed

@@ -13,14 +13,20 @@ module ModelHelper
   def access_grant_should_exist_for(client, resource_owner)
     grant = Doorkeeper::AccessGrant.first
-    expect(grant.application).to eq(client)
-    grant.resource_owner_id  == resource_owner.id
+    expect(grant.application).to have_attributes(id: client.id).
+      and(be_instance_of(Doorkeeper::Application))
+    expect(grant.resource_owner_id).to eq(resource_owner.id)
   end
   def access_token_should_exist_for(client, resource_owner)
-    grant = Doorkeeper::AccessToken.first
-    expect(grant.application).to eq(client)
-    grant.resource_owner_id  == resource_owner.id
+    token = Doorkeeper::AccessToken.first
+    expect(token.application).to have_attributes(id: client.id).
+      and(be_instance_of(Doorkeeper::Application))
+    expect(token.resource_owner_id).to eq(resource_owner.id)
   end
   def access_grant_should_not_exist
@@ -40,6 +46,22 @@ module ModelHelper
     grant = Doorkeeper::AccessToken.last
     expect(grant.scopes).to eq(Doorkeeper::OAuth::Scopes.from_array(args))
   end
+  def uniqueness_error
+    case DOORKEEPER_ORM
+    when :active_record
+      ActiveRecord::RecordNotUnique
+    when :sequel
+      error_classes = [Sequel::UniqueConstraintViolation, Sequel::ValidationFailed]
+      proc { |error| expect(error.class).to be_in(error_classes) }
+    when :mongo_mapper
+      MongoMapper::DocumentNotValid
+    when /mongoid/
+      Mongoid::Errors::Validations
+    else
+      raise "'#{DOORKEEPER_ORM}' ORM is not supported!"
+    end
+  end
 end
 RSpec.configuration.send :include, ModelHelper

data/spec/support/helpers/request_spec_helper.rb CHANGED Viewed

@@ -27,6 +27,10 @@ module RequestSpecHelper
     URI.parse(page.current_url)
   end
+  def request_response
+    respond_to?(:response) ? response : page.driver.response
+  end
   def should_have_header(header, value)
     expect(headers[header]).to eq(value)
   end
@@ -44,15 +48,15 @@ module RequestSpecHelper
   end
   def should_have_json(key, value)
-    expect(JSON.parse(response.body).fetch(key)).to eq(value)
+    expect(JSON.parse(request_response.body).fetch(key)).to eq(value)
   end
   def should_have_json_within(key, value, range)
-    expect(JSON.parse(response.body).fetch(key)).to be_within(range).of(value)
+    expect(JSON.parse(request_response.body).fetch(key)).to be_within(range).of(value)
   end
   def should_not_have_json(key)
-    expect(JSON.parse(response.body)).not_to have_key(key)
+    expect(JSON.parse(request_response.body)).not_to have_key(key)
   end
   def sign_in
@@ -60,6 +64,10 @@ module RequestSpecHelper
     click_on 'Sign in'
   end
+  def create_access_token(authorization_code, client)
+    page.driver.post token_endpoint_url(code: authorization_code, client: client)
+  end
   def i_should_see_translated_error_message(key)
     i_should_see translated_error_message(key)
   end
@@ -69,7 +77,7 @@ module RequestSpecHelper
   end
   def response_status_should_be(status)
-    expect(page.driver.response.status.to_i).to eq(status)
+    expect(request_response.status.to_i).to eq(status)
   end
 end

data/spec/support/http_method_shim.rb ADDED Viewed

@@ -0,0 +1,38 @@
+# Rails 5 deprecates calling HTTP action methods with positional arguments
+# in favor of keyword arguments. However, the keyword argument form is only
+# supported in Rails 5+. Since we support back to 4, we need some sort of shim
+# to avoid super noisy deprecations when running tests.
+module RoutingHTTPMethodShim
+  def get(path, params = {}, headers = nil)
+    super(path, params: params, headers: headers)
+  end
+  def post(path, params = {}, headers = nil)
+    super(path, params: params, headers: headers)
+  end
+  def put(path, params = {}, headers = nil)
+    super(path, params: params, headers: headers)
+  end
+end
+module ControllerHTTPMethodShim
+  def get(path, params = {})
+    super(path, params: params)
+  end
+  def post(path, params = {})
+    super(path, params: params)
+  end
+  def put(path, params = {})
+    super(path, params: params)
+  end
+end
+if ::Rails::VERSION::MAJOR >= 5
+  RSpec.configure do |config|
+    config.include ControllerHTTPMethodShim, type: :controller
+    config.include RoutingHTTPMethodShim, type: :request
+  end
+end

data/spec/support/shared/controllers_shared_context.rb CHANGED Viewed

@@ -4,11 +4,15 @@ shared_context 'valid token', token: :valid do
   end
   let :token do
-    double(Doorkeeper::AccessToken, accessible?: true, includes_scope?: true, acceptable?: true)
+    double(Doorkeeper::AccessToken,
+           accessible?: true, includes_scope?: true, acceptable?: true,
+           previous_refresh_token: "", revoke_previous_refresh_token!: true)
   end
   before :each do
-    allow(Doorkeeper::AccessToken).to receive(:by_token).with(token_string).and_return(token)
+    allow(
+      Doorkeeper::AccessToken
+    ).to receive(:by_token).with(token_string).and_return(token)
   end
 end
@@ -18,11 +22,16 @@ shared_context 'invalid token', token: :invalid do
   end
   let :token do
-    double(Doorkeeper::AccessToken, accessible?: false, revoked?: false, expired?: false, includes_scope?: false, acceptable?: false)
+    double(Doorkeeper::AccessToken,
+           accessible?: false, revoked?: false, expired?: false,
+           includes_scope?: false, acceptable?: false,
+           previous_refresh_token: "", revoke_previous_refresh_token!: true)
   end
   before :each do
-    allow(Doorkeeper::AccessToken).to receive(:by_token).with(token_string).and_return(token)
+    allow(
+      Doorkeeper::AccessToken
+    ).to receive(:by_token).with(token_string).and_return(token)
   end
 end

data/spec/support/shared/models_shared_examples.rb CHANGED Viewed

@@ -46,7 +46,7 @@ shared_examples 'a unique token' do
       token2.token = token1.token
       expect do
         token2.save!(validate: false)
-      end.to raise_error(ActiveRecord::RecordNotUnique)
+      end.to raise_error(uniqueness_error)
     end
   end
 end