doorkeeper 3.1.0 → 5.6.2

data/README.md

@@ -1,341 +1,155 @@
-# Doorkeeper - awesome oauth provider for your Rails app.
+# Doorkeeper — awesome OAuth 2 provider for your Rails / Grape app.
 
-[![Build Status](https://travis-ci.org/doorkeeper-gem/doorkeeper.svg?branch=master)](https://travis-ci.org/doorkeeper-gem/doorkeeper)
-[![Dependency Status](https://gemnasium.com/applicake/doorkeeper.svg?travis)](https://gemnasium.com/applicake/doorkeeper)
-[![Code Climate](https://codeclimate.com/github/applicake/doorkeeper.svg)](https://codeclimate.com/github/applicake/doorkeeper)
 [![Gem Version](https://badge.fury.io/rb/doorkeeper.svg)](https://rubygems.org/gems/doorkeeper)
-
-Doorkeeper is a gem that makes it easy to introduce OAuth 2 provider
-functionality to your Rails or Grape application.
-
-[PR 567]: https://github.com/doorkeeper-gem/doorkeeper/pull/567
-
-
-## Documentation valid for `master` branch
-
-Please check the documentation for the version of doorkeeper you are using in:
-https://github.com/doorkeeper-gem/doorkeeper/releases
+[![CI](https://github.com/doorkeeper-gem/doorkeeper/actions/workflows/ci.yml/badge.svg)](https://github.com/doorkeeper-gem/doorkeeper/actions/workflows/ci.yml)
+[![Code Climate](https://codeclimate.com/github/doorkeeper-gem/doorkeeper.svg)](https://codeclimate.com/github/doorkeeper-gem/doorkeeper)
+[![Coverage Status](https://coveralls.io/repos/github/doorkeeper-gem/doorkeeper/badge.svg?branch=main)](https://coveralls.io/github/doorkeeper-gem/doorkeeper?branch=main)
+[![Reviewed by Hound](https://img.shields.io/badge/Reviewed_by-Hound-8E64B0.svg)](https://houndci.com)
+[![GuardRails badge](https://badges.guardrails.io/doorkeeper-gem/doorkeeper.svg?token=66768ce8f6995814df81f65a2cff40f739f688492704f973e62809e15599bb62)](https://dashboard.guardrails.io/default/gh/doorkeeper-gem/doorkeeper)
+[![Dependabot](https://img.shields.io/badge/dependabot-enabled-success.svg)](https://dependabot.com)
+
+Doorkeeper is a gem (Rails engine) that makes it easy to introduce OAuth 2 provider
+functionality to your Ruby on Rails or Grape application.
+
+Supported features:
+
+- [The OAuth 2.0 Authorization Framework](https://datatracker.ietf.org/doc/html/rfc6749)
+  - [Authorization Code Flow](https://datatracker.ietf.org/doc/html/rfc6749#section-4.1)
+  - [Access Token Scopes](https://datatracker.ietf.org/doc/html/rfc6749#section-3.3)
+  - [Refresh token](https://datatracker.ietf.org/doc/html/rfc6749#section-1.5)
+  - [Implicit grant](https://datatracker.ietf.org/doc/html/rfc6749#section-4.2)
+  - [Resource Owner Password Credentials](https://datatracker.ietf.org/doc/html/rfc6749#section-4.3)
+  - [Client Credentials](https://datatracker.ietf.org/doc/html/rfc6749#section-4.4)
+- [OAuth 2.0 Token Revocation](https://datatracker.ietf.org/doc/html/rfc7009)
+- [OAuth 2.0 Token Introspection](https://datatracker.ietf.org/doc/html/rfc7662)
+- [OAuth 2.0 Threat Model and Security Considerations](https://datatracker.ietf.org/doc/html/rfc6819)
+- [OAuth 2.0 for Native Apps](https://datatracker.ietf.org/doc/html/rfc8252)
+- [Proof Key for Code Exchange by OAuth Public Clients](https://datatracker.ietf.org/doc/html/rfc7636)
 
 ## Table of Contents
 
 <!-- START doctoc generated TOC please keep comment here to allow auto update -->
 <!-- DON'T EDIT THIS SECTION, INSTEAD RE-RUN doctoc TO UPDATE -->
-- [Useful links](#useful-links)
+
+
+- [Documentation](#documentation)
 - [Installation](#installation)
-- [Configuration](#configuration)
-    - [Active Record](#active-record)
-    - [Other ORMs](#other-orms)
-    - [Routes](#routes)
-    - [Authenticating](#authenticating)
-    - [Internationalization (I18n)](#internationalization-i18n)
-- [Protecting resources with OAuth (a.k.a your API endpoint)](#protecting-resources-with-oauth-aka-your-api-endpoint)
-    - [Protect your API with OAuth when using Grape](#protect-your-api-with-oauth-when-using-grape)
-    - [Route Constraints and other integrations](#route-constraints-and-other-integrations)
-    - [Access Token Scopes](#access-token-scopes)
-    - [Custom Access Token Generator](#custom-access-token-generator)
-    - [Authenticated resource owner](#authenticated-resource-owner)
-    - [Applications list](#applications-list)
-- [Other customizations](#other-customizations)
-- [Upgrading](#upgrading)
+  - [Ruby on Rails](#ruby-on-rails)
+  - [Grape](#grape)
+- [ORMs](#orms)
+- [Extensions](#extensions)
+- [Example Applications](#example-applications)
+- [Tutorials](#tutorials)
+- [Sponsors](#sponsors)
 - [Development](#development)
 - [Contributing](#contributing)
-- [Other resources](#other-resources)
-    - [Wiki](#wiki)
-    - [Screencast](#screencast)
-    - [Client applications](#client-applications)
-    - [Contributors](#contributors)
-    - [IETF Standards](#ietf-standards)
-    - [License](#license)
-<!-- END doctoc generated TOC please keep comment here to allow auto update -->
-
-
-## Useful links
-
-- For documentation, please check out our [wiki](https://github.com/doorkeeper-gem/doorkeeper/wiki)
-- For general questions, please post it in [stack overflow](http://stackoverflow.com/questions/tagged/doorkeeper)
-
-## Installation
-
-Put this in your Gemfile:
-
-``` ruby
-gem 'doorkeeper'
-```
-
-Run the installation generator with:
-
-    rails generate doorkeeper:install
-
-This will install the doorkeeper initializer into `config/initializers/doorkeeper.rb`.
-
-## Configuration
-
-### Active Record
-
-By default doorkeeper is configured to use active record, so to start you have
-to generate the migration tables:
-
-    rails generate doorkeeper:migration
-
-Don't forget to run the migration with:
-
-    rake db:migrate
-
-### Other ORMs
-
-See [doorkeeper-mongodb project] for mongoid and mongomapper support. Follow along
-the implementation in that repository to extend doorkeeper with other ORMs.
-
-[doorkeeper-mongodb project]: https://github.com/doorkeeper-gem/doorkeeper-mongodb
-
-### Routes
-
-The installation script will also automatically add the Doorkeeper routes into
-your app, like this:
-
-``` ruby
-Rails.application.routes.draw do
-  use_doorkeeper
-  # your routes
-end
-```
-
-This will mount following routes:
-
-    GET       /oauth/authorize/:code
-    GET       /oauth/authorize
-    POST      /oauth/authorize
-    DELETE    /oauth/authorize
-    POST      /oauth/token
-    POST      /oauth/revoke
-    resources /oauth/applications
-    GET       /oauth/authorized_applications
-    DELETE    /oauth/authorized_applications/:id
-    GET       /oauth/token/info
-
-For more information on how to customize routes, check out [this page on the
-wiki](https://github.com/doorkeeper-gem/doorkeeper/wiki/Customizing-routes).
-
-### Authenticating
-
-You need to configure Doorkeeper in order to provide `resource_owner` model
-and authentication block `initializers/doorkeeper.rb`
-
-``` ruby
-Doorkeeper.configure do
-  resource_owner_authenticator do
-    User.find_by_id(session[:current_user_id]) || redirect_to(login_url)
-  end
-end
-```
-
-This code is run in the context of your application so you have access to your
-models, session or routes helpers. However, since this code is not run in the
-context of your application's `ApplicationController` it doesn't have access to
-the methods defined over there.
-
-You may want to check other ways of authentication
-[here](https://github.com/doorkeeper-gem/doorkeeper/wiki/Authenticating-using-Clearance-or-DIY).
-
-
-### Internationalization (I18n)
-
-See language files in [the I18n repository](https://github.com/doorkeeper-gem/doorkeeper-i18n).
-
-
-## Protecting resources with OAuth (a.k.a your API endpoint)
-
-To protect your API with OAuth, you just need to setup `before_action`s
-specifying the actions you want to protect. For example:
-
-``` ruby
-class Api::V1::ProductsController < Api::V1::ApiController
-  before_action :doorkeeper_authorize! # Require access token for all actions
-
-  # your actions
-end
-```
-
-You can pass any option `before_action` accepts, such as `if`, `only`,
-`except`, and others.
+- [Contributors](#contributors)
+- [License](#license)
 
-### Protect your API with OAuth when using Grape
-
-As of [PR 567] doorkeeper has helpers for Grape. One of them is
-`doorkeeper_authorize!` and can be used in a similar way as an example above.
-Note that you have to use `require 'doorkeeper/grape/helpers'` and
-`helpers Doorkeeper::Grape::Helpers`.
-
-For more information about integration with Grape see the [Wiki].
-
-[PR 567]: https://github.com/doorkeeper-gem/doorkeeper/pull/567
-[Wiki]: https://github.com/doorkeeper-gem/doorkeeper/wiki/Grape-Integration
-
-``` ruby
-require 'doorkeeper/grape/helpers'
+<!-- END doctoc generated TOC please keep comment here to allow auto update -->
 
-module API
-  module V1
-    class Users < Grape::API
-      helpers Doorkeeper::Grape::Helpers
+## Documentation
 
-      before do
-        doorkeeper_authorize!
-      end
+This documentation is valid for `main` branch. Please check the documentation for the version of doorkeeper you are using in:
+https://github.com/doorkeeper-gem/doorkeeper/releases.
 
-      # ...
-    end
-  end
-end
-```
+Additionally, other resources can be found on:
 
+- [Guides](https://doorkeeper.gitbook.io/guides/) with how-to get started and configuration documentation
+- See the [Wiki](https://github.com/doorkeeper-gem/doorkeeper/wiki) with articles and other documentation
+- Screencast from [railscasts.com](http://railscasts.com/): [#353
+OAuth with
+Doorkeeper](http://railscasts.com/episodes/353-oauth-with-doorkeeper)
+- See [upgrade guides](https://github.com/doorkeeper-gem/doorkeeper/wiki/Migration-from-old-versions)
+- For general questions, please post on [Stack Overflow](http://stackoverflow.com/questions/tagged/doorkeeper)
+- See [SECURITY.md](SECURITY.md) for this project's security disclose
+  policy
 
-### Route Constraints and other integrations
+## Installation
 
-You can leverage the `Doorkeeper.authenticate` facade to easily extract a
-`Doorkeeper::OAuth::Token` based on the current request. You can then ensure
-that token is still good, find its associated `#resource_owner_id`, etc.
+Installation depends on the framework you're using. The first step is to add the following to your Gemfile:
 
 ```ruby
-module Constraint
-  class Authenticated
-
-    def matches?(request)
-      token = Doorkeeper.authenticate(request)
-      token && token.accessible?
-    end
-
-  end
-end
+gem 'doorkeeper'
 ```
 
-For more information about integration and other integrations, check out [the
-related wiki
-page](https://github.com/doorkeeper-gem/doorkeeper/wiki/ActionController::Metal-with-doorkeeper).
+And run `bundle install`. After this, check out the guide related to the framework you're using.
 
-### Access Token Scopes
+### Ruby on Rails
 
-You can also require the access token to have specific scopes in certain
-actions:
+Doorkeeper currently supports Ruby on Rails >= 5.0. See the guide [here](https://doorkeeper.gitbook.io/guides/ruby-on-rails/getting-started).
 
-First configure the scopes in `initializers/doorkeeper.rb`
+### Grape
 
-```ruby
-Doorkeeper.configure do
-  default_scopes :public # if no scope was requested, this will be the default
-  optional_scopes :admin, :write
-end
-```
+Guide for integration with Grape framework can be found [here](https://doorkeeper.gitbook.io/guides/grape/grape).
 
-And in your controllers:
+## ORMs
 
-```ruby
-class Api::V1::ProductsController < Api::V1::ApiController
-  before_action -> { doorkeeper_authorize! :public }, only: :index
-  before_action only: [:create, :update, :destroy] do
-    doorkeeper_authorize! :admin, :write
-  end
-end
-```
+Doorkeeper supports Active Record by default, but can be configured to work with the following ORMs:
 
-Please note that there is a logical OR between multiple required scopes. In
-above example, `doorkeeper_authorize! :admin, :write` means that the access
-token is required to have either `:admin` scope or `:write` scope, but not need
-have both of them.
+| ORM | Support via |
+| :--- | :--- |
+| Active Record | by default |
+| MongoDB | [doorkeeper-gem/doorkeeper-mongodb](https://github.com/doorkeeper-gem/doorkeeper-mongodb) |
+| Sequel | [nbulaj/doorkeeper-sequel](https://github.com/nbulaj/doorkeeper-sequel) |
+| Couchbase | [acaprojects/doorkeeper-couchbase](https://github.com/acaprojects/doorkeeper-couchbase) |
+| RethinkDB | [aca-labs/doorkeeper-rethinkdb](https://github.com/aca-labs/doorkeeper-rethinkdb) |
 
-If want to require the access token to have multiple scopes at the same time,
-use multiple `doorkeeper_authorize!`, for example:
+## Extensions
 
-```ruby
-class Api::V1::ProductsController < Api::V1::ApiController
-  before_action -> { doorkeeper_authorize! :public }, only: :index
-  before_action only: [:create, :update, :destroy] do
-    doorkeeper_authorize! :admin
-    doorkeeper_authorize! :write
-  end
-end
-```
-
-In above example, a client can call `:create` action only if its access token
-have both `:admin` and `:write` scopes.
-
-### Custom Access Token Generator
-
-By default a 128 bit access token will be generated. If you require a custom
-token, such as [JWT](http://jwt.io), specify an object that responds to
-`.generate(options = {})` and returns a string to be used as the token.
-
-```ruby
-Doorkeeper.configure do
-  access_token_generator "Doorkeeper::JWT"
-end
-```
+Extensions that are not included by default and can be installed separately.
 
-JWT token support is available with
-[Doorkeeper-JWT](https://github.com/chriswarren/doorkeeper-jwt).
+|  | Link |
+| :--- | :--- |
+| OpenID Connect extension | [doorkeeper-gem/doorkeeper-openid\_connect](https://github.com/doorkeeper-gem/doorkeeper-openid_connect) |
+| JWT Token support | [doorkeeper-gem/doorkeeper-jwt](https://github.com/doorkeeper-gem/doorkeeper-jwt) |
+| Assertion grant extension | [doorkeeper-gem/doorkeeper-grants\_assertion](https://github.com/doorkeeper-gem/doorkeeper-grants_assertion) |
+| I18n translations | [doorkeeper-gem/doorkeeper-i18n](https://github.com/doorkeeper-gem/doorkeeper-i18n) |
+| CIBA - Client Initiated Backchannel Authentication Flow extention | [doorkeeper-ciba](https://github.com/autoseg/doorkeeper-ciba) |
+| Device Authorization Grant | [doorkeeper-device_authorization_grant](https://github.com/exop-group/doorkeeper-device_authorization_grant) |
 
+## Example Applications
 
-### Authenticated resource owner
+These applications show how Doorkeeper works and how to integrate with it. Start with the oAuth2 server and use the clients to connect with the server.
 
-If you want to return data based on the current resource owner, in other
-words, the access token owner, you may want to define a method in your
-controller that returns the resource owner instance:
+| Application | Link |
+| :--- | :--- |
+| OAuth2 Server with Doorkeeper | [doorkeeper-gem/doorkeeper-provider-app](https://github.com/doorkeeper-gem/doorkeeper-provider-app) |
+| Sinatra Client connected to Provider App | [doorkeeper-gem/doorkeeper-sinatra-client](https://github.com/doorkeeper-gem/doorkeeper-sinatra-client) |
+| Devise + Omniauth Client | [doorkeeper-gem/doorkeeper-devise-client](https://github.com/doorkeeper-gem/doorkeeper-devise-client) |
 
-``` ruby
-class Api::V1::CredentialsController < Api::V1::ApiController
-  before_action :doorkeeper_authorize!
-  respond_to    :json
+You may want to create a client application to
+test the integration. Check out these [client
+examples](https://github.com/doorkeeper-gem/doorkeeper/wiki/Example-Applications)
+in our wiki or follow this [tutorial
+here](https://github.com/doorkeeper-gem/doorkeeper/wiki/Testing-your-provider-with-OAuth2-gem).
 
-  # GET /me.json
-  def me
-    respond_with current_resource_owner
-  end
+## Tutorials
 
-  private
+See [list of tutorials](https://github.com/doorkeeper-gem/doorkeeper/wiki#how-tos--tutorials) in order to learn how to use the gem or integrate it with other solutions / gems.
 
-  # Find the user that owns the access token
-  def current_resource_owner
-    User.find(doorkeeper_token.resource_owner_id) if doorkeeper_token
-  end
-end
-```
+## Sponsors
 
-In this example, we're returning the credentials (`me.json`) of the access
-token owner.
+[![OpenCollective](https://opencollective.com/doorkeeper-gem/backers/badge.svg)](#backers) 
+[![OpenCollective](https://opencollective.com/doorkeeper-gem/sponsors/badge.svg)](#sponsors)
 
-### Applications list
+Support this project by becoming a sponsor. Your logo will show up here with a link to your website. [[Become a sponsor](https://opencollective.com/doorkeeper-gem#sponsor)]
 
-By default, the applications list (`/oauth/applications`) is public available.
-To protect the endpoint you should uncomment these lines:
+<a href="https://codecademy.com/about/careers?utm_source=doorkeeper-gem" target="_blank"><img src="https://static-assets.codecademy.com/marketing/codecademy_logo_padded.png"/></a>
 
-```ruby
-# config/initializers/doorkeeper.rb
-Doorkeeper.configure do
-  admin_authenticator do |routes|
-    Admin.find_by_id(session[:admin_id]) || redirect_to(routes.new_admin_session_url)
-  end
-end
-```
+> Codecademy supports open source as part of its mission to democratize tech. Come help us build the education the world deserves: [https://codecademy.com/about/careers](https://codecademy.com/about/careers?utm_source=doorkeeper-gem)
 
-The logic is the same as the `resource_owner_authenticator` block. **Note:**
-since the application list is just a scaffold, it's recommended to either
-customize the controller used by the list or skip the controller at all. For
-more information see the page [in the
-wiki](https://github.com/doorkeeper-gem/doorkeeper/wiki/Customizing-routes).
+<br>
 
-## Other customizations
+<a href="https://oauth.io/?utm_source=doorkeeper-gem" target="_blank"><img src="https://oauth.io/img/logo_text.png"/></a>
 
-- [Associate users to OAuth applications (ownership)](https://github.com/doorkeeper-gem/doorkeeper/wiki/Associate-users-to-OAuth-applications-%28ownership%29)
-- [CORS - Cross Origin Resource Sharing](https://github.com/doorkeeper-gem/doorkeeper/wiki/%5BCORS%5D-Cross-Origin-Resource-Sharing)
+> If you prefer not to deal with the gory details of OAuth 2, need dedicated customer support & consulting, try the cloud-based SaaS version: [https://oauth.io](https://oauth.io/?utm_source=doorkeeper-gem)
 
-## Upgrading
+<br>
 
-If you want to upgrade doorkeeper to a new version, check out the [upgrading
-notes](https://github.com/doorkeeper-gem/doorkeeper/wiki/Migration-from-old-versions)
-and take a look at the
-[changelog](https://github.com/doorkeeper-gem/doorkeeper/blob/master/NEWS.md).
+<a href="https://www.wealthsimple.com/?utm_source=doorkeeper-gem" target="_blank"><img src="https://wealthsimple.s3.amazonaws.com/branding/medium-black.svg"/></a>
 
-Doorkeeper follows [semantic versioning](http://semver.org/).
+> Wealthsimple is a financial company on a mission to help everyone achieve financial freedom by providing products and advice that are accessible and affordable. Using smart technology, Wealthsimple takes financial services that are often confusing, opaque and expensive and makes them simple, transparent, and low-cost. See what Investing on Autopilot is all about: [https://www.wealthsimple.com](https://www.wealthsimple.com/?utm_source=doorkeeper-gem)
 
 ## Development
 
@@ -343,17 +157,18 @@ To run the local engine server:
 
 ```
 bundle install
-bundle exec rails server
+bundle exec rake doorkeeper:server
 ````
 
 By default, it uses the latest Rails version with ActiveRecord. To run the
-tests with a specific ORM and Rails version:
+tests with a specific Rails version:
 
 ```
-rails=4.2.0 orm=active_record bundle exec rake
+BUNDLE_GEMFILE=gemfiles/rails_6_0.gemfile bundle exec rake
 ```
 
-Or you might prefer to run `script/run_all` to integrate against all ORMs.
+You can also experiment with the changes using `bin/console`. It uses in-memory SQLite database and default
+Doorkeeper config, but you can reestablish connection or reconfigure the gem if you need.
 
 ## Contributing
 
@@ -363,42 +178,15 @@ create [example
 apps](https://github.com/doorkeeper-gem/doorkeeper/wiki/Example-Applications),
 integrate the gem with your app and let us know!
 
-Also, check out our [contributing guidelines
-page](https://github.com/doorkeeper-gem/doorkeeper/wiki/Contributing).
-
-## Other resources
+Also, check out our [contributing guidelines page](CONTRIBUTING.md).
 
-### Wiki
-
-You can find everything about doorkeeper in our [wiki
-here](https://github.com/doorkeeper-gem/doorkeeper/wiki).
-
-### Screencast
-
-Check out this screencast from [railscasts.com](http://railscasts.com/): [#353
-OAuth with
-Doorkeeper](http://railscasts.com/episodes/353-oauth-with-doorkeeper)
-
-### Client applications
-
-After you set up the provider, you may want to create a client application to
-test the integration. Check out these [client
-examples](https://github.com/doorkeeper-gem/doorkeeper/wiki/Example-Applications)
-in our wiki or follow this [tutorial
-here](https://github.com/doorkeeper-gem/doorkeeper/wiki/Testing-your-provider-with-OAuth2-gem).
-
-### Contributors
+## Contributors
 
 Thanks to all our [awesome
 contributors](https://github.com/doorkeeper-gem/doorkeeper/graphs/contributors)!
 
+<a href="https://github.com/doorkeeper-gem/doorkeeper/graphs/contributors"><img src="https://opencollective.com/doorkeeper-gem/contributors.svg?width=890&button=false" /></a>
 
-### IETF Standards
-
-* [The OAuth 2.0 Authorization Framework](http://tools.ietf.org/html/rfc6749)
-* [OAuth 2.0 Threat Model and Security Considerations](http://tools.ietf.org/html/rfc6819)
-* [OAuth 2.0 Token Revocation](http://tools.ietf.org/html/rfc7009)
-
-### License
+## License
 
-MIT License. Copyright 2011 Applicake.
+MIT License. Created in Applicake. Maintained by the community.

data/app/assets/stylesheets/doorkeeper/admin/application.css

@@ -5,6 +5,6 @@
  *= require_tree .
 */
 
-td {
-  vertical-align: middle !important;
+.doorkeeper-admin .form-group > .field_with_errors {
+  width: 16.66667%;
 }

data/app/controllers/doorkeeper/application_controller.rb

@@ -1,13 +1,14 @@
+# frozen_string_literal: true
+
 module Doorkeeper
-  class ApplicationController < ActionController::Base
+  class ApplicationController <
+    Doorkeeper.config.resolve_controller(:base)
     include Helpers::Controller
+    include ActionController::MimeResponds if Doorkeeper.config.api_only
 
-    if ::Rails.version.to_i < 4
-      protect_from_forgery
-    else
+    unless Doorkeeper.config.api_only
       protect_from_forgery with: :exception
+      helper "doorkeeper/dashboard"
     end
-
-    helper 'doorkeeper/dashboard'
   end
 end

data/app/controllers/doorkeeper/application_metal_controller.rb

@@ -1,16 +1,13 @@
+# frozen_string_literal: true
+
 module Doorkeeper
-  class ApplicationMetalController < ActionController::Metal
-    MODULES = [
-      ActionController::RackDelegation,
-      ActionController::Instrumentation,
-      AbstractController::Rendering,
-      ActionController::Rendering,
-      ActionController::Renderers::All,
-      Helpers::Controller
-    ]
+  class ApplicationMetalController <
+    Doorkeeper.config.resolve_controller(:base_metal)
+    include Helpers::Controller
+
+    before_action :enforce_content_type,
+                  if: -> { Doorkeeper.config.enforce_content_type }
 
-    MODULES.each do |mod|
-      include mod
-    end
+    ActiveSupport.run_load_hooks(:doorkeeper_metal_controller, self)
   end
 end