doorkeeper 3.1.0 → 5.6.2

data/spec/generators/views_generator_spec.rb

@@ -1,27 +0,0 @@
-require 'spec_helper_integration'
-require 'generators/doorkeeper/views_generator'
-
-describe Doorkeeper::Generators::ViewsGenerator do
-  include GeneratorSpec::TestCase
-
-  tests Doorkeeper::Generators::ViewsGenerator
-  destination File.expand_path('../tmp/dummy', __FILE__)
-
-  before :each do
-    prepare_destination
-  end
-
-  it 'create all views' do
-    run_generator
-    assert_file 'app/views/doorkeeper/applications/_form.html.erb'
-    assert_file 'app/views/doorkeeper/applications/edit.html.erb'
-    assert_file 'app/views/doorkeeper/applications/index.html.erb'
-    assert_file 'app/views/doorkeeper/applications/new.html.erb'
-    assert_file 'app/views/doorkeeper/applications/show.html.erb'
-
-    assert_file 'app/views/doorkeeper/authorizations/error.html.erb'
-    assert_file 'app/views/doorkeeper/authorizations/new.html.erb'
-
-    assert_file 'app/views/doorkeeper/authorized_applications/index.html.erb'
-  end
-end

data/spec/helpers/doorkeeper/dashboard_helper_spec.rb

@@ -1,24 +0,0 @@
-require 'spec_helper_integration'
-
-describe Doorkeeper::DashboardHelper do
-  describe '.doorkeeper_errors_for' do
-    let(:object) { double errors: { method: messages } }
-    let(:messages) { ['first message', 'second message'] }
-
-    context 'when object has errors' do
-      it 'returns error messages' do
-        messages.each do |message|
-          expect(helper.doorkeeper_errors_for(object, :method)).to include(
-            message.capitalize
-          )
-        end
-      end
-    end
-
-    context 'when object has no errors' do
-      it 'returns nil' do
-        expect(helper.doorkeeper_errors_for(object, :amonter_method)).to be_nil
-      end
-    end
-  end
-end

data/spec/lib/config_spec.rb

@@ -1,317 +0,0 @@
-require 'spec_helper_integration'
-
-describe Doorkeeper, 'configuration' do
-  subject { Doorkeeper.configuration }
-
-  describe 'resource_owner_authenticator' do
-    it 'sets the block that is accessible via authenticate_resource_owner' do
-      block = proc {}
-      Doorkeeper.configure do
-        orm DOORKEEPER_ORM
-        resource_owner_authenticator &block
-      end
-      expect(subject.authenticate_resource_owner).to eq(block)
-    end
-  end
-
-  describe 'setup_orm_adapter' do
-    it 'adds specific error message to NameError exception' do
-      expect do
-        Doorkeeper.configure { orm 'hibernate' }
-      end.to raise_error(NameError, /ORM adapter not found \(hibernate\)/)
-    end
-
-    it 'does not change other exceptions' do
-      allow_any_instance_of(String).to receive(:classify) { raise NoMethodError }
-
-      expect do
-        Doorkeeper.configure { orm 'hibernate' }
-      end.to raise_error(NoMethodError, /ORM adapter not found \(hibernate\)/)
-    end
-  end
-
-  describe 'admin_authenticator' do
-    it 'sets the block that is accessible via authenticate_admin' do
-      block = proc {}
-      Doorkeeper.configure do
-        orm DOORKEEPER_ORM
-        admin_authenticator(&block)
-      end
-      expect(subject.authenticate_admin).to eq(block)
-    end
-  end
-
-  describe 'access_token_expires_in' do
-    it 'has 2 hours by default' do
-      expect(subject.access_token_expires_in).to eq(2.hours)
-    end
-
-    it 'can change the value' do
-      Doorkeeper.configure do
-        orm DOORKEEPER_ORM
-        access_token_expires_in 4.hours
-      end
-      expect(subject.access_token_expires_in).to eq(4.hours)
-    end
-
-    it 'can be set to nil' do
-      Doorkeeper.configure do
-        orm DOORKEEPER_ORM
-        access_token_expires_in nil
-      end
-      expect(subject.access_token_expires_in).to be_nil
-    end
-  end
-
-  describe 'scopes' do
-    it 'has default scopes' do
-      Doorkeeper.configure do
-        orm DOORKEEPER_ORM
-        default_scopes :public
-      end
-      expect(subject.default_scopes).to include('public')
-    end
-
-    it 'has optional scopes' do
-      Doorkeeper.configure do
-        orm DOORKEEPER_ORM
-        optional_scopes :write, :update
-      end
-      expect(subject.optional_scopes).to include('write', 'update')
-    end
-
-    it 'has all scopes' do
-      Doorkeeper.configure do
-        orm DOORKEEPER_ORM
-        default_scopes  :normal
-        optional_scopes :admin
-      end
-      expect(subject.scopes).to include('normal', 'admin')
-    end
-  end
-
-  describe 'use_refresh_token' do
-    it 'is false by default' do
-      expect(subject.refresh_token_enabled?).to be_falsey
-    end
-
-    it 'can change the value' do
-      Doorkeeper.configure do
-        orm DOORKEEPER_ORM
-        use_refresh_token
-      end
-      expect(subject.refresh_token_enabled?).to be_truthy
-    end
-
-    it "does not includes 'refresh_token' in authorization_response_types" do
-      expect(subject.token_grant_types).not_to include 'refresh_token'
-    end
-
-    context "is enabled" do
-      before do
-        Doorkeeper.configure {
-          orm DOORKEEPER_ORM
-          use_refresh_token
-        }
-      end
-
-      it "includes 'refresh_token' in authorization_response_types" do
-        expect(subject.token_grant_types).to include 'refresh_token'
-      end
-    end
-  end
-
-  describe 'client_credentials' do
-    it 'has defaults order' do
-      expect(subject.client_credentials_methods).to eq([:from_basic, :from_params])
-    end
-
-    it 'can change the value' do
-      Doorkeeper.configure do
-        orm DOORKEEPER_ORM
-        client_credentials :from_digest, :from_params
-      end
-      expect(subject.client_credentials_methods).to eq([:from_digest, :from_params])
-    end
-  end
-
-  describe 'force_ssl_in_redirect_uri' do
-    it 'is true by default in non-development environments' do
-      expect(subject.force_ssl_in_redirect_uri).to be_truthy
-    end
-
-    it 'can change the value' do
-      Doorkeeper.configure do
-        orm DOORKEEPER_ORM
-        force_ssl_in_redirect_uri(false)
-      end
-      expect(subject.force_ssl_in_redirect_uri).to be_falsey
-    end
-  end
-
-  describe 'access_token_credentials' do
-    it 'has defaults order' do
-      expect(subject.access_token_methods).to eq([:from_bearer_authorization, :from_access_token_param, :from_bearer_param])
-    end
-
-    it 'can change the value' do
-      Doorkeeper.configure do
-        orm DOORKEEPER_ORM
-        access_token_methods :from_access_token_param, :from_bearer_param
-      end
-      expect(subject.access_token_methods).to eq([:from_access_token_param, :from_bearer_param])
-    end
-  end
-
-  describe 'enable_application_owner' do
-    it 'is disabled by default' do
-      expect(Doorkeeper.configuration.enable_application_owner?).not_to be_truthy
-    end
-
-    context 'when enabled without confirmation' do
-      before do
-        Doorkeeper.configure do
-          orm DOORKEEPER_ORM
-          enable_application_owner
-        end
-      end
-      it 'adds support for application owner' do
-        expect(Doorkeeper::Application.new).to respond_to :owner
-      end
-      it 'Doorkeeper.configuration.confirm_application_owner? returns false' do
-        expect(Doorkeeper.configuration.confirm_application_owner?).not_to be_truthy
-      end
-    end
-
-    context 'when enabled with confirmation set to true' do
-      before do
-        Doorkeeper.configure do
-          orm DOORKEEPER_ORM
-          enable_application_owner confirmation: true
-        end
-      end
-      it 'adds support for application owner' do
-        expect(Doorkeeper::Application.new).to respond_to :owner
-      end
-      it 'Doorkeeper.configuration.confirm_application_owner? returns true' do
-        expect(Doorkeeper.configuration.confirm_application_owner?).to be_truthy
-      end
-    end
-  end
-
-  describe 'realm' do
-    it 'is \'Doorkeeper\' by default' do
-      expect(Doorkeeper.configuration.realm).to eq('Doorkeeper')
-    end
-
-    it 'can change the value' do
-      Doorkeeper.configure do
-        orm DOORKEEPER_ORM
-        realm 'Example'
-      end
-      expect(subject.realm).to eq('Example')
-    end
-  end
-
-  describe "grant_flows" do
-    it "is set to all grant flows by default" do
-      expect(Doorkeeper.configuration.grant_flows).
-        to eq(%w(authorization_code client_credentials))
-    end
-
-    it "can change the value" do
-      Doorkeeper.configure {
-        orm DOORKEEPER_ORM
-        grant_flows [ 'authorization_code', 'implicit' ]
-      }
-      expect(subject.grant_flows).to eq ['authorization_code', 'implicit']
-    end
-
-    context "when including 'authorization_code'" do
-      before do
-        Doorkeeper.configure {
-          orm DOORKEEPER_ORM
-          grant_flows ['authorization_code']
-        }
-      end
-
-      it "includes 'code' in authorization_response_types" do
-        expect(subject.authorization_response_types).to include 'code'
-      end
-
-      it "includes 'authorization_code' in token_grant_types" do
-        expect(subject.token_grant_types).to include 'authorization_code'
-      end
-    end
-
-    context "when including 'implicit'" do
-      before do
-        Doorkeeper.configure {
-          orm DOORKEEPER_ORM
-          grant_flows ['implicit']
-        }
-      end
-
-      it "includes 'token' in authorization_response_types" do
-        expect(subject.authorization_response_types).to include 'token'
-      end
-    end
-
-    context "when including 'password'" do
-      before do
-        Doorkeeper.configure {
-          orm DOORKEEPER_ORM
-          grant_flows ['password']
-        }
-      end
-
-      it "includes 'password' in token_grant_types" do
-        expect(subject.token_grant_types).to include 'password'
-      end
-    end
-
-    context "when including 'client_credentials'" do
-      before do
-        Doorkeeper.configure {
-          orm DOORKEEPER_ORM
-          grant_flows ['client_credentials']
-        }
-      end
-
-      it "includes 'client_credentials' in token_grant_types" do
-        expect(subject.token_grant_types).to include 'client_credentials'
-      end
-    end
-  end
-
-  it 'raises an exception when configuration is not set' do
-    old_config = Doorkeeper.configuration
-    Doorkeeper.module_eval do
-      @config = nil
-    end
-
-    expect do
-      Doorkeeper.configuration
-    end.to raise_error Doorkeeper::MissingConfiguration
-
-    Doorkeeper.module_eval do
-      @config = old_config
-    end
-  end
-
-  describe 'access_token_generator' do
-    it 'is \'Doorkeeper::OAuth::Helpers::UniqueToken\' by default' do
-      expect(Doorkeeper.configuration.access_token_generator).to(
-        eq('Doorkeeper::OAuth::Helpers::UniqueToken')
-      )
-    end
-
-    it 'can change the value' do
-      Doorkeeper.configure do
-        orm DOORKEEPER_ORM
-        access_token_generator 'Example'
-      end
-      expect(subject.access_token_generator).to eq('Example')
-    end
-  end
-end

data/spec/lib/doorkeeper_spec.rb

@@ -1,28 +0,0 @@
-require 'spec_helper_integration'
-
-describe Doorkeeper do
-  describe 'authenticate' do
-    let(:token) { double('Token') }
-    let(:request) { double('ActionDispatch::Request') }
-    before do
-      allow(Doorkeeper::OAuth::Token).to receive(:authenticate).
-        with(request, *token_strategies) { token }
-    end
-
-    context 'with specific access token strategies' do
-      let(:token_strategies) { [:first_way, :second_way] }
-
-      it 'authenticates the token from the request' do
-        expect(Doorkeeper.authenticate(request, token_strategies)).to eq(token)
-      end
-    end
-
-    context 'with default access token strategies' do
-      let(:token_strategies) { Doorkeeper.configuration.access_token_methods }
-
-      it 'authenticates the token from the request' do
-        expect(Doorkeeper.authenticate(request)).to eq(token)
-      end
-    end
-  end
-end

data/spec/lib/models/expirable_spec.rb

@@ -1,51 +0,0 @@
-require 'spec_helper'
-require 'timecop'
-require 'active_support/time'
-require 'doorkeeper/models/concerns/expirable'
-
-describe 'Expirable' do
-  subject do
-    Class.new do
-      include Doorkeeper::Models::Expirable
-    end.new
-  end
-
-  before do
-    allow(subject).to receive(:created_at).and_return(1.minute.ago)
-  end
-
-  describe :expired? do
-    it 'is not expired if time has not passed' do
-      allow(subject).to receive(:expires_in).and_return(2.minutes)
-      expect(subject).not_to be_expired
-    end
-
-    it 'is expired if time has passed' do
-      allow(subject).to receive(:expires_in).and_return(10.seconds)
-      expect(subject).to be_expired
-    end
-
-    it 'is not expired if expires_in is not set' do
-      allow(subject).to receive(:expires_in).and_return(nil)
-      expect(subject).not_to be_expired
-    end
-  end
-
-  describe :expires_in_seconds do
-    it 'should return the amount of time remaining until the token is expired' do
-      allow(subject).to receive(:expires_in).and_return(2.minutes)
-      expect(subject.expires_in_seconds).to eq(60)
-    end
-
-    it 'should return 0 when expired' do
-      allow(subject).to receive(:expires_in).and_return(30.seconds)
-      expect(subject.expires_in_seconds).to eq(0)
-    end
-
-    it 'should return nil when expires_in is nil' do
-      allow(subject).to receive(:expires_in).and_return(nil)
-      expect(subject.expires_in_seconds).to be_nil
-    end
-
-  end
-end

data/spec/lib/models/revocable_spec.rb

@@ -1,36 +0,0 @@
-require 'spec_helper'
-require 'active_support/core_ext/object/blank'
-require 'doorkeeper/models/concerns/revocable'
-
-describe 'Revocable' do
-  subject do
-    Class.new do
-      include Doorkeeper::Models::Revocable
-    end.new
-  end
-
-  describe :revoke do
-    it 'updates :revoked_at attribute with current time' do
-      clock = double now: double
-      expect(subject).to receive(:update_attribute).with(:revoked_at, clock.now)
-      subject.revoke(clock)
-    end
-  end
-
-  describe :revoked? do
-    it 'is revoked if :revoked_at has passed' do
-      allow(subject).to receive(:revoked_at).and_return(Time.now - 1000)
-      expect(subject).to be_revoked
-    end
-
-    it 'is not revoked if :revoked_at has not passed' do
-      allow(subject).to receive(:revoked_at).and_return(Time.now + 1000)
-      expect(subject).not_to be_revoked
-    end
-
-    it 'is not revoked if :revoked_at is not set' do
-      allow(subject).to receive(:revoked_at).and_return(nil)
-      expect(subject).not_to be_revoked
-    end
-  end
-end

data/spec/lib/models/scopes_spec.rb

@@ -1,43 +0,0 @@
-require 'spec_helper'
-require 'active_support/core_ext/module/delegation'
-require 'active_support/core_ext/object/blank'
-require 'doorkeeper/oauth/scopes'
-require 'doorkeeper/models/concerns/scopes'
-
-describe 'Doorkeeper::Models::Scopes' do
-  subject do
-    Class.new(Hash) do
-      include Doorkeeper::Models::Scopes
-    end.new
-  end
-
-  before do
-    subject[:scopes] = 'public admin'
-  end
-
-  describe :scopes do
-    it 'is a `Scopes` class' do
-      expect(subject.scopes).to be_a(Doorkeeper::OAuth::Scopes)
-    end
-
-    it 'includes scopes' do
-      expect(subject.scopes).to include('public')
-    end
-  end
-
-  describe :scopes_string do
-    it 'is a `Scopes` class' do
-      expect(subject.scopes_string).to eq('public admin')
-    end
-  end
-
-  describe :includes_scope? do
-    it 'should return true if at least one scope is included' do
-      expect(subject.includes_scope?('public', 'private')).to be true
-    end
-
-    it 'should return false if no scopes are included' do
-      expect(subject.includes_scope?('teacher', 'student')).to be false
-    end
-  end
-end

data/spec/lib/oauth/authorization/uri_builder_spec.rb

@@ -1,42 +0,0 @@
-require 'spec_helper'
-require 'active_support/core_ext/string'
-require 'uri'
-require 'rack/utils'
-require 'doorkeeper/oauth/authorization/uri_builder'
-
-module Doorkeeper::OAuth::Authorization
-  describe URIBuilder do
-
-    subject { Object.new.class.send :include, URIBuilder }
-
-    describe :uri_with_query do
-      it 'returns the uri with query' do
-        uri = subject.uri_with_query 'http://example.com/', parameter: 'value'
-        expect(uri).to eq('http://example.com/?parameter=value')
-      end
-
-      it 'rejects nil values' do
-        uri = subject.uri_with_query 'http://example.com/', parameter: ''
-        expect(uri).to eq('http://example.com/?')
-      end
-
-      it 'preserves original query parameters' do
-        uri = subject.uri_with_query 'http://example.com/?query1=value', parameter: 'value'
-        expect(uri).to match(/query1=value/)
-        expect(uri).to match(/parameter=value/)
-      end
-    end
-
-    describe :uri_with_fragment do
-      it 'returns uri with parameters as fragments' do
-        uri = subject.uri_with_fragment 'http://example.com/', parameter: 'value'
-        expect(uri).to eq('http://example.com/#parameter=value')
-      end
-
-      it 'preserves original query parameters' do
-        uri = subject.uri_with_fragment 'http://example.com/?query1=value1', parameter: 'value'
-        expect(uri).to eq('http://example.com/?query1=value1#parameter=value')
-      end
-    end
-  end
-end

data/spec/lib/oauth/authorization_code_request_spec.rb

@@ -1,80 +0,0 @@
-require 'spec_helper_integration'
-
-module Doorkeeper::OAuth
-  describe AuthorizationCodeRequest do
-    let(:server) do
-      double :server,
-             access_token_expires_in: 2.days,
-             refresh_token_enabled?: false,
-             custom_access_token_expires_in: ->(_app) { nil }
-    end
-    let(:grant)  { FactoryGirl.create :access_grant }
-    let(:client) { grant.application }
-
-    subject do
-      AuthorizationCodeRequest.new server, grant, client, redirect_uri: client.redirect_uri
-    end
-
-    it 'issues a new token for the client' do
-      expect do
-        subject.authorize
-      end.to change { client.access_tokens.count }.by(1)
-    end
-
-    it "issues the token with same grant's scopes" do
-      subject.authorize
-      expect(Doorkeeper::AccessToken.last.scopes).to eq(grant.scopes)
-    end
-
-    it 'revokes the grant' do
-      expect do
-        subject.authorize
-      end.to change { grant.reload.accessible? }
-    end
-
-    it 'requires the grant to be accessible' do
-      grant.revoke
-      subject.validate
-      expect(subject.error).to eq(:invalid_grant)
-    end
-
-    it 'requires the grant' do
-      subject.grant = nil
-      subject.validate
-      expect(subject.error).to eq(:invalid_grant)
-    end
-
-    it 'requires the client' do
-      subject.client = nil
-      subject.validate
-      expect(subject.error).to eq(:invalid_client)
-    end
-
-    it 'requires the redirect_uri' do
-      subject.redirect_uri = nil
-      subject.validate
-      expect(subject.error).to eq(:invalid_request)
-    end
-
-    it "matches the redirect_uri with grant's one" do
-      subject.redirect_uri = 'http://other.com'
-      subject.validate
-      expect(subject.error).to eq(:invalid_grant)
-    end
-
-    it "matches the client with grant's one" do
-      subject.client = FactoryGirl.create :application
-      subject.validate
-      expect(subject.error).to eq(:invalid_grant)
-    end
-
-    it 'skips token creation if there is a matching one' do
-      allow(Doorkeeper.configuration).to receive(:reuse_access_token).and_return(true)
-      FactoryGirl.create(:access_token, application_id: client.id,
-        resource_owner_id: grant.resource_owner_id, scopes: grant.scopes.to_s)
-      expect do
-        subject.authorize
-      end.to_not change { Doorkeeper::AccessToken.count }
-    end
-  end
-end

data/spec/lib/oauth/client/credentials_spec.rb

@@ -1,47 +0,0 @@
-require 'spec_helper'
-require 'active_support/core_ext/string'
-require 'doorkeeper/oauth/client'
-
-class Doorkeeper::OAuth::Client
-  describe Credentials do
-    it 'is blank when any of the credentials is blank' do
-      expect(Credentials.new(nil, 'something')).to be_blank
-      expect(Credentials.new('something', nil)).to be_blank
-    end
-
-    describe :from_request do
-      let(:request) { double.as_null_object }
-
-      let(:method) do
-        ->(_request) { return 'uid', 'secret' }
-      end
-
-      it 'accepts anything that responds to #call' do
-        expect(method).to receive(:call).with(request)
-        Credentials.from_request request, method
-      end
-
-      it 'delegates methods received as symbols to Credentials class' do
-        expect(Credentials).to receive(:from_params).with(request)
-        Credentials.from_request request, :from_params
-      end
-
-      it 'stops at the first credentials found' do
-        not_called_method = double
-        expect(not_called_method).not_to receive(:call)
-        Credentials.from_request request, ->(_) {}, method, not_called_method
-      end
-
-      it 'returns new Credentials' do
-        credentials = Credentials.from_request request, method
-        expect(credentials).to be_a(Credentials)
-      end
-
-      it 'returns uid and secret from extractor method' do
-        credentials = Credentials.from_request request, method
-        expect(credentials.uid).to    eq('uid')
-        expect(credentials.secret).to eq('secret')
-      end
-    end
-  end
-end