doorkeeper 4.2.6 → 4.3.0

data/spec/support/dependencies/factory_girl.rb

@@ -1,2 +1,2 @@
-require 'factory_girl'
-FactoryGirl.find_definitions
+require 'factory_bot'
+FactoryBot.find_definitions

data/spec/support/helpers/access_token_request_helper.rb

@@ -4,7 +4,7 @@ module AccessTokenRequestHelper
       application: client,
       resource_owner_id: resource_owner.id
     }.merge(access_token_attributes)
-    FactoryGirl.create(:access_token, attributes)
+    FactoryBot.create(:access_token, attributes)
   end
 end
 

data/spec/support/helpers/model_helper.rb

@@ -1,6 +1,6 @@
 module ModelHelper
   def client_exists(client_attributes = {})
-    @client = FactoryGirl.create(:application, client_attributes)
+    @client = FactoryBot.create(:application, client_attributes)
   end
 
   def create_resource_owner
@@ -8,7 +8,7 @@ module ModelHelper
   end
 
   def authorization_code_exists(options = {})
-    @authorization = FactoryGirl.create(:access_grant, options)
+    @authorization = FactoryBot.create(:access_grant, options)
   end
 
   def access_grant_should_exist_for(client, resource_owner)
@@ -55,9 +55,14 @@ module ModelHelper
       error_classes = [Sequel::UniqueConstraintViolation, Sequel::ValidationFailed]
       proc { |error| expect(error.class).to be_in(error_classes) }
     when :mongo_mapper
-      MongoMapper::DocumentNotValid
+      error_classes = [MongoMapper::DocumentNotValid, Mongo::OperationFailure]
+      proc { |error| expect(error.class).to be_in(error_classes) }
     when /mongoid/
-      Mongoid::Errors::Validations
+      error_classes = [Mongoid::Errors::Validations]
+      error_classes << Moped::Errors::OperationFailure if defined?(::Moped) # Mongoid 4
+      error_classes << Mongo::Error::OperationFailure if defined?(::Mongo) # Mongoid 5
+
+      proc { |error| expect(error.class).to be_in(error_classes) }
     else
       raise "'#{DOORKEEPER_ORM}' ORM is not supported!"
     end

data/spec/support/helpers/request_spec_helper.rb

@@ -31,6 +31,10 @@ module RequestSpecHelper
     respond_to?(:response) ? response : page.driver.response
   end
 
+  def json_response
+    JSON.parse(request_response.body)
+  end
+
   def should_have_header(header, value)
     expect(headers[header]).to eq(value)
   end
@@ -48,15 +52,15 @@ module RequestSpecHelper
   end
 
   def should_have_json(key, value)
-    expect(JSON.parse(request_response.body).fetch(key)).to eq(value)
+    expect(json_response.fetch(key)).to eq(value)
   end
 
   def should_have_json_within(key, value, range)
-    expect(JSON.parse(request_response.body).fetch(key)).to be_within(range).of(value)
+    expect(json_response.fetch(key)).to be_within(range).of(value)
   end
 
   def should_not_have_json(key)
-    expect(JSON.parse(request_response.body)).not_to have_key(key)
+    expect(json_response).not_to have_key(key)
   end
 
   def sign_in

data/spec/support/helpers/url_helper.rb

@@ -2,10 +2,10 @@ module UrlHelper
   def token_endpoint_url(options = {})
     parameters = {
       code: options[:code],
-      client_id: options[:client_id]     || (options[:client] ? options[:client].uid : nil),
+      client_id: options[:client_id] || (options[:client] ? options[:client].uid : nil),
       client_secret: options[:client_secret] || (options[:client] ? options[:client].secret : nil),
       redirect_uri: options[:redirect_uri]  || (options[:client] ? options[:client].redirect_uri : nil),
-      grant_type: options[:grant_type]    || 'authorization_code'
+      grant_type: options[:grant_type] || 'authorization_code'
     }
     "/oauth/token?#{build_query(parameters)}"
   end
@@ -13,7 +13,7 @@ module UrlHelper
   def password_token_endpoint_url(options = {})
     parameters = {
       code: options[:code],
-      client_id: options[:client_id]     || (options[:client] ? options[:client].uid : nil),
+      client_id: options[:client_id] || (options[:client] ? options[:client].uid : nil),
       client_secret: options[:client_secret] || (options[:client] ? options[:client].secret : nil),
       username: options[:resource_owner_username] || (options[:resource_owner] ? options[:resource_owner].name : nil),
       password: options[:resource_owner_password] || (options[:resource_owner] ? options[:resource_owner].password : nil),
@@ -24,21 +24,21 @@ module UrlHelper
 
   def authorization_endpoint_url(options = {})
     parameters = {
-      client_id: options[:client_id]     || options[:client].uid,
-      redirect_uri: options[:redirect_uri]  || options[:client].redirect_uri,
+      client_id: options[:client_id] || options[:client].uid,
+      redirect_uri: options[:redirect_uri] || options[:client].redirect_uri,
       response_type: options[:response_type] || 'code',
       scope: options[:scope],
       state: options[:state]
-    }.reject { |k, v| v.blank? }
+    }.reject { |_, v| v.blank? }
     "/oauth/authorize?#{build_query(parameters)}"
   end
 
   def refresh_token_endpoint_url(options = {})
     parameters = {
       refresh_token: options[:refresh_token],
-      client_id: options[:client_id]     || options[:client].uid,
+      client_id: options[:client_id] || options[:client].uid,
       client_secret: options[:client_secret] || options[:client].secret,
-      grant_type: options[:grant_type]    || 'refresh_token'
+      grant_type: options[:grant_type] || 'refresh_token'
     }
     "/oauth/token?#{build_query(parameters)}"
   end

data/spec/support/shared/controllers_shared_context.rb

@@ -1,7 +1,5 @@
 shared_context 'valid token', token: :valid do
-  let :token_string do
-    '1A2B3C4D'
-  end
+  let(:token_string) { '1A2B3C4D' }
 
   let :token do
     double(Doorkeeper::AccessToken,
@@ -17,9 +15,7 @@ shared_context 'valid token', token: :valid do
 end
 
 shared_context 'invalid token', token: :invalid do
-  let :token_string do
-    '1A2B3C4D'
-  end
+  let(:token_string) { '1A2B3C4D' }
 
   let :token do
     double(Doorkeeper::AccessToken,

data/spec/support/shared/models_shared_examples.rb

@@ -34,15 +34,15 @@ shared_examples 'a unique token' do
     end
 
     it 'is not valid if token exists' do
-      token1 = FactoryGirl.create factory_name
-      token2 = FactoryGirl.create factory_name
+      token1 = FactoryBot.create factory_name
+      token2 = FactoryBot.create factory_name
       token2.token = token1.token
       expect(token2).not_to be_valid
     end
 
     it 'expects database to throw an error when tokens are the same' do
-      token1 = FactoryGirl.create factory_name
-      token2 = FactoryGirl.create factory_name
+      token1 = FactoryBot.create factory_name
+      token2 = FactoryBot.create factory_name
       token2.token = token1.token
       expect do
         token2.save!(validate: false)

data/spec/validators/redirect_uri_validator_spec.rb

@@ -2,7 +2,7 @@ require 'spec_helper_integration'
 
 describe RedirectUriValidator do
   subject do
-    FactoryGirl.create(:application)
+    FactoryBot.create(:application)
   end
 
   it 'is valid when the uri is a uri' do
@@ -10,6 +10,21 @@ describe RedirectUriValidator do
     expect(subject).to be_valid
   end
 
+  # Most mobile and desktop operating systems allow apps to register a custom URL
+  # scheme that will launch the app when a URL with that scheme is visited from
+  # the system browser.
+  #
+  # @see https://www.oauth.com/oauth2-servers/redirect-uris/redirect-uris-native-apps/
+  it 'is valid when the uri is custom native URI' do
+    subject.redirect_uri = 'myapp://callback'
+    expect(subject).to be_valid
+  end
+
+  it 'is valid when the uri has a query parameter' do
+    subject.redirect_uri = 'https://example.com/abcd?xyz=123'
+    expect(subject).to be_valid
+  end
+
   it 'accepts native redirect uri' do
     subject.redirect_uri = 'urn:ietf:wg:oauth:2.0:oob'
     expect(subject).to be_valid
@@ -39,11 +54,6 @@ describe RedirectUriValidator do
     expect(subject.errors[:redirect_uri].first).to eq('cannot contain a fragment.')
   end
 
-  it 'is invalid when the uri has a query parameter' do
-    subject.redirect_uri = 'https://example.com/abcd?xyz=123'
-    expect(subject).to be_valid
-  end
-
   context 'force secured uri' do
     it 'accepts an valid uri' do
       subject.redirect_uri = 'https://example.com/callback'
@@ -68,6 +78,34 @@ describe RedirectUriValidator do
       expect(subject).to be_valid
     end
 
+    it 'accepts a non secured protocol when conditional option defined' do
+      Doorkeeper.configure do
+        orm DOORKEEPER_ORM
+        force_ssl_in_redirect_uri { |uri| uri.host != 'localhost' }
+      end
+
+      application = FactoryBot.build(:application, redirect_uri: 'http://localhost/callback')
+      expect(application).to be_valid
+
+      application = FactoryBot.build(:application, redirect_uri: 'http://localhost2/callback')
+      expect(application).not_to be_valid
+    end
+
+    it 'forbids redirect uri if required' do
+      subject.redirect_uri = 'javascript://document.cookie'
+
+      Doorkeeper.configure do
+        orm DOORKEEPER_ORM
+        forbid_redirect_uri { |uri| uri.scheme == 'javascript' }
+      end
+
+      expect(subject).to be_invalid
+      expect(subject.errors[:redirect_uri].first).to eq('is forbidden by the server.')
+
+      subject.redirect_uri = 'https://localhost/callback'
+      expect(subject).to be_valid
+    end
+
     it 'invalidates the uri when the uri does not use a secure protocol' do
       subject.redirect_uri = 'http://example.com/callback'
       expect(subject).not_to be_valid
@@ -75,4 +113,11 @@ describe RedirectUriValidator do
       expect(error).to eq('must be an HTTPS/SSL URI.')
     end
   end
+
+  context 'multiple redirect uri' do
+    it 'invalidates the second uri when the first uri is native uri' do
+      subject.redirect_uri = "urn:ietf:wg:oauth:2.0:oob\nexample.com/callback"
+      expect(subject).to be_invalid
+    end
+  end
 end

data/spec/version/version_spec.rb

@@ -0,0 +1,15 @@
+require 'spec_helper_integration'
+
+describe 'Doorkeeper version' do
+  context '#gem_version' do
+    it 'returns Gem::Version instance' do
+      expect(Doorkeeper.gem_version).to be_an_instance_of(Gem::Version)
+    end
+  end
+
+  context 'VERSION' do
+    it 'returns gem version string' do
+      expect(Doorkeeper::VERSION::STRING).to match(/^\d+\.\d+\.\d+[.\w]?$/)
+    end
+  end
+end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: doorkeeper
 version: !ruby/object:Gem::Version
-  version: 4.2.6
+  version: 4.3.0
 platform: ruby
 authors:
 - Felipe Elias Philipp
@@ -10,7 +10,7 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2017-05-26 00:00:00.000000000 Z
+date: 2018-02-23 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: railties
@@ -54,34 +54,48 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: '0'
+- !ruby/object:Gem::Dependency
+  name: grape
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
 - !ruby/object:Gem::Dependency
   name: database_cleaner
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 1.5.3
+        version: '1.6'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 1.5.3
+        version: '1.6'
 - !ruby/object:Gem::Dependency
-  name: factory_girl
+  name: factory_bot
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 4.7.0
+        version: '4.8'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 4.7.0
+        version: '4.8'
 - !ruby/object:Gem::Dependency
   name: generator_spec
   requirement: !ruby/object:Gem::Requirement
@@ -132,11 +146,15 @@ extensions: []
 extra_rdoc_files: []
 files:
 - ".coveralls.yml"
+- ".github/ISSUE_TEMPLATE.md"
+- ".github/PULL_REQUEST_TEMPLATE.md"
 - ".gitignore"
 - ".hound.yml"
 - ".rspec"
+- ".rubocop.yml"
 - ".travis.yml"
 - Appraisals
+- CODE_OF_CONDUCT.md
 - CONTRIBUTING.md
 - Gemfile
 - MIT-LICENSE
@@ -144,6 +162,7 @@ files:
 - README.md
 - RELEASING.md
 - Rakefile
+- SECURITY.md
 - app/assets/stylesheets/doorkeeper/admin/application.css
 - app/assets/stylesheets/doorkeeper/application.css
 - app/controllers/doorkeeper/application_controller.rb
@@ -173,6 +192,8 @@ files:
 - gemfiles/rails_4_2.gemfile
 - gemfiles/rails_5_0.gemfile
 - gemfiles/rails_5_1.gemfile
+- gemfiles/rails_5_2.gemfile
+- gemfiles/rails_master.gemfile
 - lib/doorkeeper.rb
 - lib/doorkeeper/config.rb
 - lib/doorkeeper/engine.rb
@@ -214,12 +235,14 @@ files:
 - lib/doorkeeper/oauth/refresh_token_request.rb
 - lib/doorkeeper/oauth/scopes.rb
 - lib/doorkeeper/oauth/token.rb
+- lib/doorkeeper/oauth/token_introspection.rb
 - lib/doorkeeper/oauth/token_request.rb
 - lib/doorkeeper/oauth/token_response.rb
 - lib/doorkeeper/orm/active_record.rb
 - lib/doorkeeper/orm/active_record/access_grant.rb
 - lib/doorkeeper/orm/active_record/access_token.rb
 - lib/doorkeeper/orm/active_record/application.rb
+- lib/doorkeeper/orm/active_record/base_record.rb
 - lib/doorkeeper/rails/helpers.rb
 - lib/doorkeeper/rails/routes.rb
 - lib/doorkeeper/rails/routes/mapper.rb
@@ -240,10 +263,10 @@ files:
 - lib/generators/doorkeeper/migration_generator.rb
 - lib/generators/doorkeeper/previous_refresh_token_generator.rb
 - lib/generators/doorkeeper/templates/README
-- lib/generators/doorkeeper/templates/add_owner_to_application_migration.rb
-- lib/generators/doorkeeper/templates/add_previous_refresh_token_to_access_tokens.rb
+- lib/generators/doorkeeper/templates/add_owner_to_application_migration.rb.erb
+- lib/generators/doorkeeper/templates/add_previous_refresh_token_to_access_tokens.rb.erb
 - lib/generators/doorkeeper/templates/initializer.rb
-- lib/generators/doorkeeper/templates/migration.rb
+- lib/generators/doorkeeper/templates/migration.rb.erb
 - lib/generators/doorkeeper/views_generator.rb
 - spec/controllers/application_metal_controller.rb
 - spec/controllers/applications_controller_spec.rb
@@ -270,9 +293,9 @@ files:
 - spec/dummy/config/environments/development.rb
 - spec/dummy/config/environments/production.rb
 - spec/dummy/config/environments/test.rb
-- spec/dummy/config/initializers/active_record_belongs_to_required_by_default.rb
 - spec/dummy/config/initializers/backtrace_silencers.rb
 - spec/dummy/config/initializers/doorkeeper.rb
+- spec/dummy/config/initializers/new_framework_defaults.rb
 - spec/dummy/config/initializers/secret_token.rb
 - spec/dummy/config/initializers/session_store.rb
 - spec/dummy/config/initializers/wrap_parameters.rb
@@ -293,8 +316,10 @@ files:
 - spec/generators/application_owner_generator_spec.rb
 - spec/generators/install_generator_spec.rb
 - spec/generators/migration_generator_spec.rb
+- spec/generators/previous_refresh_token_generator_spec.rb
 - spec/generators/templates/routes.rb
 - spec/generators/views_generator_spec.rb
+- spec/grape/grape_integration_spec.rb
 - spec/helpers/doorkeeper/dashboard_helper_spec.rb
 - spec/lib/config_spec.rb
 - spec/lib/doorkeeper_spec.rb
@@ -365,6 +390,7 @@ files:
 - spec/support/shared/controllers_shared_context.rb
 - spec/support/shared/models_shared_examples.rb
 - spec/validators/redirect_uri_validator_spec.rb
+- spec/version/version_spec.rb
 - vendor/assets/stylesheets/doorkeeper/bootstrap.min.css
 homepage: https://github.com/doorkeeper-gem/doorkeeper
 licenses:
@@ -386,7 +412,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubyforge_project: 
-rubygems_version: 2.6.11
+rubygems_version: 2.5.2.2
 signing_key: 
 specification_version: 4
 summary: OAuth 2 provider for Rails and Grape
@@ -416,9 +442,9 @@ test_files:
 - spec/dummy/config/environments/development.rb
 - spec/dummy/config/environments/production.rb
 - spec/dummy/config/environments/test.rb
-- spec/dummy/config/initializers/active_record_belongs_to_required_by_default.rb
 - spec/dummy/config/initializers/backtrace_silencers.rb
 - spec/dummy/config/initializers/doorkeeper.rb
+- spec/dummy/config/initializers/new_framework_defaults.rb
 - spec/dummy/config/initializers/secret_token.rb
 - spec/dummy/config/initializers/session_store.rb
 - spec/dummy/config/initializers/wrap_parameters.rb
@@ -439,8 +465,10 @@ test_files:
 - spec/generators/application_owner_generator_spec.rb
 - spec/generators/install_generator_spec.rb
 - spec/generators/migration_generator_spec.rb
+- spec/generators/previous_refresh_token_generator_spec.rb
 - spec/generators/templates/routes.rb
 - spec/generators/views_generator_spec.rb
+- spec/grape/grape_integration_spec.rb
 - spec/helpers/doorkeeper/dashboard_helper_spec.rb
 - spec/lib/config_spec.rb
 - spec/lib/doorkeeper_spec.rb
@@ -511,3 +539,4 @@ test_files:
 - spec/support/shared/controllers_shared_context.rb
 - spec/support/shared/models_shared_examples.rb
 - spec/validators/redirect_uri_validator_spec.rb
+- spec/version/version_spec.rb