doorkeeper 4.2.6 → 5.5.4

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.


This version of doorkeeper might be problematic. Click here for more details.

Files changed (274) hide show
  1. checksums.yaml +5 -5
  2. data/CHANGELOG.md +1049 -0
  3. data/README.md +110 -353
  4. data/app/assets/stylesheets/doorkeeper/admin/application.css +2 -2
  5. data/app/controllers/doorkeeper/application_controller.rb +6 -7
  6. data/app/controllers/doorkeeper/application_metal_controller.rb +7 -11
  7. data/app/controllers/doorkeeper/applications_controller.rb +65 -16
  8. data/app/controllers/doorkeeper/authorizations_controller.rb +97 -17
  9. data/app/controllers/doorkeeper/authorized_applications_controller.rb +22 -3
  10. data/app/controllers/doorkeeper/token_info_controller.rb +16 -4
  11. data/app/controllers/doorkeeper/tokens_controller.rb +115 -38
  12. data/app/helpers/doorkeeper/dashboard_helper.rb +10 -6
  13. data/app/views/doorkeeper/applications/_delete_form.html.erb +3 -1
  14. data/app/views/doorkeeper/applications/_form.html.erb +33 -21
  15. data/app/views/doorkeeper/applications/edit.html.erb +1 -1
  16. data/app/views/doorkeeper/applications/index.html.erb +18 -6
  17. data/app/views/doorkeeper/applications/new.html.erb +1 -1
  18. data/app/views/doorkeeper/applications/show.html.erb +40 -16
  19. data/app/views/doorkeeper/authorizations/error.html.erb +1 -1
  20. data/app/views/doorkeeper/authorizations/form_post.html.erb +15 -0
  21. data/app/views/doorkeeper/authorizations/new.html.erb +6 -0
  22. data/app/views/doorkeeper/authorized_applications/index.html.erb +0 -1
  23. data/app/views/layouts/doorkeeper/admin.html.erb +16 -14
  24. data/config/locales/en.yml +34 -7
  25. data/lib/doorkeeper/config/abstract_builder.rb +28 -0
  26. data/lib/doorkeeper/config/option.rb +82 -0
  27. data/lib/doorkeeper/config/validations.rb +53 -0
  28. data/lib/doorkeeper/config.rb +514 -167
  29. data/lib/doorkeeper/engine.rb +11 -5
  30. data/lib/doorkeeper/errors.rb +25 -16
  31. data/lib/doorkeeper/grant_flow/fallback_flow.rb +15 -0
  32. data/lib/doorkeeper/grant_flow/flow.rb +44 -0
  33. data/lib/doorkeeper/grant_flow/registry.rb +50 -0
  34. data/lib/doorkeeper/grant_flow.rb +45 -0
  35. data/lib/doorkeeper/grape/authorization_decorator.rb +6 -4
  36. data/lib/doorkeeper/grape/helpers.rb +23 -12
  37. data/lib/doorkeeper/helpers/controller.rb +51 -14
  38. data/lib/doorkeeper/models/access_grant_mixin.rb +94 -27
  39. data/lib/doorkeeper/models/access_token_mixin.rb +284 -96
  40. data/lib/doorkeeper/models/application_mixin.rb +58 -27
  41. data/lib/doorkeeper/models/concerns/accessible.rb +2 -0
  42. data/lib/doorkeeper/models/concerns/expirable.rb +12 -6
  43. data/lib/doorkeeper/models/concerns/orderable.rb +15 -0
  44. data/lib/doorkeeper/models/concerns/ownership.rb +4 -7
  45. data/lib/doorkeeper/models/concerns/resource_ownerable.rb +47 -0
  46. data/lib/doorkeeper/models/concerns/reusable.rb +19 -0
  47. data/lib/doorkeeper/models/concerns/revocable.rb +3 -27
  48. data/lib/doorkeeper/models/concerns/scopes.rb +12 -2
  49. data/lib/doorkeeper/models/concerns/secret_storable.rb +106 -0
  50. data/lib/doorkeeper/oauth/authorization/code.rb +48 -12
  51. data/lib/doorkeeper/oauth/authorization/context.rb +17 -0
  52. data/lib/doorkeeper/oauth/authorization/token.rb +66 -28
  53. data/lib/doorkeeper/oauth/authorization/uri_builder.rb +7 -5
  54. data/lib/doorkeeper/oauth/authorization_code_request.rb +63 -10
  55. data/lib/doorkeeper/oauth/base_request.rb +35 -19
  56. data/lib/doorkeeper/oauth/base_response.rb +2 -0
  57. data/lib/doorkeeper/oauth/client/credentials.rb +9 -7
  58. data/lib/doorkeeper/oauth/client.rb +10 -11
  59. data/lib/doorkeeper/oauth/client_credentials/creator.rb +47 -4
  60. data/lib/doorkeeper/oauth/client_credentials/issuer.rb +16 -9
  61. data/lib/doorkeeper/oauth/client_credentials/validator.rb +56 -0
  62. data/lib/doorkeeper/oauth/client_credentials_request.rb +10 -11
  63. data/lib/doorkeeper/oauth/code_request.rb +8 -12
  64. data/lib/doorkeeper/oauth/code_response.rb +27 -15
  65. data/lib/doorkeeper/oauth/error.rb +5 -3
  66. data/lib/doorkeeper/oauth/error_response.rb +35 -15
  67. data/lib/doorkeeper/oauth/forbidden_token_response.rb +11 -3
  68. data/lib/doorkeeper/oauth/helpers/scope_checker.rb +23 -18
  69. data/lib/doorkeeper/oauth/helpers/unique_token.rb +20 -3
  70. data/lib/doorkeeper/oauth/helpers/uri_checker.rb +53 -3
  71. data/lib/doorkeeper/oauth/hooks/context.rb +21 -0
  72. data/lib/doorkeeper/oauth/invalid_request_response.rb +43 -0
  73. data/lib/doorkeeper/oauth/invalid_token_response.rb +29 -5
  74. data/lib/doorkeeper/oauth/nonstandard.rb +39 -0
  75. data/lib/doorkeeper/oauth/password_access_token_request.rb +44 -10
  76. data/lib/doorkeeper/oauth/pre_authorization.rb +135 -26
  77. data/lib/doorkeeper/oauth/refresh_token_request.rb +60 -31
  78. data/lib/doorkeeper/oauth/scopes.rb +26 -12
  79. data/lib/doorkeeper/oauth/token.rb +13 -9
  80. data/lib/doorkeeper/oauth/token_introspection.rb +202 -0
  81. data/lib/doorkeeper/oauth/token_request.rb +8 -20
  82. data/lib/doorkeeper/oauth/token_response.rb +14 -10
  83. data/lib/doorkeeper/oauth.rb +13 -0
  84. data/lib/doorkeeper/orm/active_record/access_grant.rb +6 -4
  85. data/lib/doorkeeper/orm/active_record/access_token.rb +5 -42
  86. data/lib/doorkeeper/orm/active_record/application.rb +6 -20
  87. data/lib/doorkeeper/orm/active_record/mixins/access_grant.rb +69 -0
  88. data/lib/doorkeeper/orm/active_record/mixins/access_token.rb +60 -0
  89. data/lib/doorkeeper/orm/active_record/mixins/application.rb +199 -0
  90. data/lib/doorkeeper/orm/active_record/redirect_uri_validator.rb +66 -0
  91. data/lib/doorkeeper/orm/active_record/stale_records_cleaner.rb +33 -0
  92. data/lib/doorkeeper/orm/active_record.rb +37 -8
  93. data/lib/doorkeeper/rails/helpers.rb +14 -13
  94. data/lib/doorkeeper/rails/routes/abstract_router.rb +35 -0
  95. data/lib/doorkeeper/rails/routes/mapper.rb +4 -2
  96. data/lib/doorkeeper/rails/routes/mapping.rb +9 -7
  97. data/lib/doorkeeper/rails/routes/registry.rb +45 -0
  98. data/lib/doorkeeper/rails/routes.rb +41 -28
  99. data/lib/doorkeeper/rake/db.rake +40 -0
  100. data/lib/doorkeeper/rake/setup.rake +11 -0
  101. data/lib/doorkeeper/rake.rb +14 -0
  102. data/lib/doorkeeper/request/authorization_code.rb +6 -4
  103. data/lib/doorkeeper/request/client_credentials.rb +3 -3
  104. data/lib/doorkeeper/request/code.rb +1 -1
  105. data/lib/doorkeeper/request/password.rb +5 -14
  106. data/lib/doorkeeper/request/refresh_token.rb +6 -5
  107. data/lib/doorkeeper/request/strategy.rb +4 -2
  108. data/lib/doorkeeper/request/token.rb +1 -1
  109. data/lib/doorkeeper/request.rb +62 -29
  110. data/lib/doorkeeper/secret_storing/base.rb +64 -0
  111. data/lib/doorkeeper/secret_storing/bcrypt.rb +60 -0
  112. data/lib/doorkeeper/secret_storing/plain.rb +33 -0
  113. data/lib/doorkeeper/secret_storing/sha256_hash.rb +26 -0
  114. data/lib/doorkeeper/server.rb +9 -11
  115. data/lib/doorkeeper/stale_records_cleaner.rb +24 -0
  116. data/lib/doorkeeper/validations.rb +5 -2
  117. data/lib/doorkeeper/version.rb +12 -1
  118. data/lib/doorkeeper.rb +111 -62
  119. data/lib/generators/doorkeeper/application_owner_generator.rb +28 -13
  120. data/lib/generators/doorkeeper/confidential_applications_generator.rb +33 -0
  121. data/lib/generators/doorkeeper/enable_polymorphic_resource_owner_generator.rb +39 -0
  122. data/lib/generators/doorkeeper/install_generator.rb +19 -9
  123. data/lib/generators/doorkeeper/migration_generator.rb +27 -10
  124. data/lib/generators/doorkeeper/pkce_generator.rb +33 -0
  125. data/lib/generators/doorkeeper/previous_refresh_token_generator.rb +31 -19
  126. data/lib/generators/doorkeeper/templates/add_confidential_to_applications.rb.erb +13 -0
  127. data/lib/generators/doorkeeper/templates/add_owner_to_application_migration.rb.erb +9 -0
  128. data/{spec/dummy/db/migrate/20160320211015_add_previous_refresh_token_to_access_tokens.rb → lib/generators/doorkeeper/templates/add_previous_refresh_token_to_access_tokens.rb.erb} +3 -1
  129. data/lib/generators/doorkeeper/templates/enable_pkce_migration.rb.erb +8 -0
  130. data/lib/generators/doorkeeper/templates/enable_polymorphic_resource_owner_migration.rb.erb +17 -0
  131. data/lib/generators/doorkeeper/templates/initializer.rb +412 -33
  132. data/lib/generators/doorkeeper/templates/migration.rb.erb +88 -0
  133. data/lib/generators/doorkeeper/views_generator.rb +8 -4
  134. data/vendor/assets/stylesheets/doorkeeper/bootstrap.min.css +4 -5
  135. metadata +114 -276
  136. data/.coveralls.yml +0 -1
  137. data/.gitignore +0 -19
  138. data/.hound.yml +0 -13
  139. data/.rspec +0 -1
  140. data/.travis.yml +0 -26
  141. data/Appraisals +0 -14
  142. data/CONTRIBUTING.md +0 -47
  143. data/Gemfile +0 -10
  144. data/NEWS.md +0 -606
  145. data/RELEASING.md +0 -10
  146. data/Rakefile +0 -20
  147. data/app/validators/redirect_uri_validator.rb +0 -34
  148. data/doorkeeper.gemspec +0 -29
  149. data/gemfiles/rails_4_2.gemfile +0 -11
  150. data/gemfiles/rails_5_0.gemfile +0 -12
  151. data/gemfiles/rails_5_1.gemfile +0 -13
  152. data/lib/doorkeeper/oauth/client_credentials/validation.rb +0 -45
  153. data/lib/generators/doorkeeper/templates/add_owner_to_application_migration.rb +0 -7
  154. data/lib/generators/doorkeeper/templates/add_previous_refresh_token_to_access_tokens.rb +0 -11
  155. data/lib/generators/doorkeeper/templates/migration.rb +0 -68
  156. data/spec/controllers/application_metal_controller.rb +0 -10
  157. data/spec/controllers/applications_controller_spec.rb +0 -58
  158. data/spec/controllers/authorizations_controller_spec.rb +0 -218
  159. data/spec/controllers/protected_resources_controller_spec.rb +0 -300
  160. data/spec/controllers/token_info_controller_spec.rb +0 -52
  161. data/spec/controllers/tokens_controller_spec.rb +0 -88
  162. data/spec/dummy/Rakefile +0 -7
  163. data/spec/dummy/app/controllers/application_controller.rb +0 -3
  164. data/spec/dummy/app/controllers/custom_authorizations_controller.rb +0 -7
  165. data/spec/dummy/app/controllers/full_protected_resources_controller.rb +0 -12
  166. data/spec/dummy/app/controllers/home_controller.rb +0 -17
  167. data/spec/dummy/app/controllers/metal_controller.rb +0 -11
  168. data/spec/dummy/app/controllers/semi_protected_resources_controller.rb +0 -11
  169. data/spec/dummy/app/helpers/application_helper.rb +0 -5
  170. data/spec/dummy/app/models/user.rb +0 -5
  171. data/spec/dummy/app/views/home/index.html.erb +0 -0
  172. data/spec/dummy/app/views/layouts/application.html.erb +0 -14
  173. data/spec/dummy/config/application.rb +0 -23
  174. data/spec/dummy/config/boot.rb +0 -9
  175. data/spec/dummy/config/database.yml +0 -15
  176. data/spec/dummy/config/environment.rb +0 -5
  177. data/spec/dummy/config/environments/development.rb +0 -29
  178. data/spec/dummy/config/environments/production.rb +0 -62
  179. data/spec/dummy/config/environments/test.rb +0 -44
  180. data/spec/dummy/config/initializers/active_record_belongs_to_required_by_default.rb +0 -6
  181. data/spec/dummy/config/initializers/backtrace_silencers.rb +0 -7
  182. data/spec/dummy/config/initializers/doorkeeper.rb +0 -96
  183. data/spec/dummy/config/initializers/secret_token.rb +0 -9
  184. data/spec/dummy/config/initializers/session_store.rb +0 -8
  185. data/spec/dummy/config/initializers/wrap_parameters.rb +0 -14
  186. data/spec/dummy/config/locales/doorkeeper.en.yml +0 -5
  187. data/spec/dummy/config/routes.rb +0 -52
  188. data/spec/dummy/config.ru +0 -4
  189. data/spec/dummy/db/migrate/20111122132257_create_users.rb +0 -9
  190. data/spec/dummy/db/migrate/20120312140401_add_password_to_users.rb +0 -5
  191. data/spec/dummy/db/migrate/20151223192035_create_doorkeeper_tables.rb +0 -60
  192. data/spec/dummy/db/migrate/20151223200000_add_owner_to_application.rb +0 -7
  193. data/spec/dummy/db/schema.rb +0 -67
  194. data/spec/dummy/public/404.html +0 -26
  195. data/spec/dummy/public/422.html +0 -26
  196. data/spec/dummy/public/500.html +0 -26
  197. data/spec/dummy/public/favicon.ico +0 -0
  198. data/spec/dummy/script/rails +0 -6
  199. data/spec/factories.rb +0 -28
  200. data/spec/generators/application_owner_generator_spec.rb +0 -22
  201. data/spec/generators/install_generator_spec.rb +0 -31
  202. data/spec/generators/migration_generator_spec.rb +0 -20
  203. data/spec/generators/templates/routes.rb +0 -3
  204. data/spec/generators/views_generator_spec.rb +0 -27
  205. data/spec/helpers/doorkeeper/dashboard_helper_spec.rb +0 -24
  206. data/spec/lib/config_spec.rb +0 -334
  207. data/spec/lib/doorkeeper_spec.rb +0 -150
  208. data/spec/lib/models/expirable_spec.rb +0 -50
  209. data/spec/lib/models/revocable_spec.rb +0 -59
  210. data/spec/lib/models/scopes_spec.rb +0 -43
  211. data/spec/lib/oauth/authorization/uri_builder_spec.rb +0 -41
  212. data/spec/lib/oauth/authorization_code_request_spec.rb +0 -80
  213. data/spec/lib/oauth/base_request_spec.rb +0 -160
  214. data/spec/lib/oauth/base_response_spec.rb +0 -45
  215. data/spec/lib/oauth/client/credentials_spec.rb +0 -88
  216. data/spec/lib/oauth/client_credentials/creator_spec.rb +0 -44
  217. data/spec/lib/oauth/client_credentials/issuer_spec.rb +0 -86
  218. data/spec/lib/oauth/client_credentials/validation_spec.rb +0 -54
  219. data/spec/lib/oauth/client_credentials_integration_spec.rb +0 -27
  220. data/spec/lib/oauth/client_credentials_request_spec.rb +0 -104
  221. data/spec/lib/oauth/client_spec.rb +0 -39
  222. data/spec/lib/oauth/code_request_spec.rb +0 -45
  223. data/spec/lib/oauth/code_response_spec.rb +0 -34
  224. data/spec/lib/oauth/error_response_spec.rb +0 -61
  225. data/spec/lib/oauth/error_spec.rb +0 -23
  226. data/spec/lib/oauth/forbidden_token_response_spec.rb +0 -23
  227. data/spec/lib/oauth/helpers/scope_checker_spec.rb +0 -64
  228. data/spec/lib/oauth/helpers/unique_token_spec.rb +0 -20
  229. data/spec/lib/oauth/helpers/uri_checker_spec.rb +0 -104
  230. data/spec/lib/oauth/invalid_token_response_spec.rb +0 -56
  231. data/spec/lib/oauth/password_access_token_request_spec.rb +0 -90
  232. data/spec/lib/oauth/pre_authorization_spec.rb +0 -155
  233. data/spec/lib/oauth/refresh_token_request_spec.rb +0 -154
  234. data/spec/lib/oauth/scopes_spec.rb +0 -122
  235. data/spec/lib/oauth/token_request_spec.rb +0 -98
  236. data/spec/lib/oauth/token_response_spec.rb +0 -85
  237. data/spec/lib/oauth/token_spec.rb +0 -116
  238. data/spec/lib/request/strategy_spec.rb +0 -53
  239. data/spec/lib/server_spec.rb +0 -49
  240. data/spec/models/doorkeeper/access_grant_spec.rb +0 -36
  241. data/spec/models/doorkeeper/access_token_spec.rb +0 -394
  242. data/spec/models/doorkeeper/application_spec.rb +0 -179
  243. data/spec/requests/applications/applications_request_spec.rb +0 -94
  244. data/spec/requests/applications/authorized_applications_spec.rb +0 -30
  245. data/spec/requests/endpoints/authorization_spec.rb +0 -71
  246. data/spec/requests/endpoints/token_spec.rb +0 -64
  247. data/spec/requests/flows/authorization_code_errors_spec.rb +0 -76
  248. data/spec/requests/flows/authorization_code_spec.rb +0 -148
  249. data/spec/requests/flows/client_credentials_spec.rb +0 -58
  250. data/spec/requests/flows/implicit_grant_errors_spec.rb +0 -32
  251. data/spec/requests/flows/implicit_grant_spec.rb +0 -61
  252. data/spec/requests/flows/password_spec.rb +0 -115
  253. data/spec/requests/flows/refresh_token_spec.rb +0 -174
  254. data/spec/requests/flows/revoke_token_spec.rb +0 -157
  255. data/spec/requests/flows/skip_authorization_spec.rb +0 -59
  256. data/spec/requests/protected_resources/metal_spec.rb +0 -14
  257. data/spec/requests/protected_resources/private_api_spec.rb +0 -81
  258. data/spec/routing/custom_controller_routes_spec.rb +0 -71
  259. data/spec/routing/default_routes_spec.rb +0 -35
  260. data/spec/routing/scoped_routes_spec.rb +0 -31
  261. data/spec/spec_helper.rb +0 -4
  262. data/spec/spec_helper_integration.rb +0 -63
  263. data/spec/support/dependencies/factory_girl.rb +0 -2
  264. data/spec/support/helpers/access_token_request_helper.rb +0 -11
  265. data/spec/support/helpers/authorization_request_helper.rb +0 -41
  266. data/spec/support/helpers/config_helper.rb +0 -9
  267. data/spec/support/helpers/model_helper.rb +0 -67
  268. data/spec/support/helpers/request_spec_helper.rb +0 -84
  269. data/spec/support/helpers/url_helper.rb +0 -55
  270. data/spec/support/http_method_shim.rb +0 -38
  271. data/spec/support/orm/active_record.rb +0 -3
  272. data/spec/support/shared/controllers_shared_context.rb +0 -69
  273. data/spec/support/shared/models_shared_examples.rb +0 -52
  274. data/spec/validators/redirect_uri_validator_spec.rb +0 -78
@@ -1,300 +0,0 @@
1
- require 'spec_helper_integration'
2
-
3
- module ControllerActions
4
- def index
5
- render plain: 'index'
6
- end
7
-
8
- def show
9
- render plain: 'show'
10
- end
11
-
12
- def doorkeeper_unauthorized_render_options(*)
13
- end
14
-
15
- def doorkeeper_forbidden_render_options(*)
16
- end
17
- end
18
-
19
- describe 'doorkeeper authorize filter' do
20
- context 'accepts token code specified as' do
21
- controller do
22
- before_action :doorkeeper_authorize!
23
-
24
- def index
25
- render plain: 'index'
26
- end
27
- end
28
-
29
- let(:token_string) { '1A2BC3' }
30
- let(:token) do
31
- double(Doorkeeper::AccessToken,
32
- acceptable?: true, previous_refresh_token: "",
33
- revoke_previous_refresh_token!: true)
34
- end
35
-
36
- it 'access_token param' do
37
- expect(Doorkeeper::AccessToken).to receive(:by_token).with(token_string).and_return(token)
38
- get :index, access_token: token_string
39
- end
40
-
41
- it 'bearer_token param' do
42
- expect(Doorkeeper::AccessToken).to receive(:by_token).with(token_string).and_return(token)
43
- get :index, bearer_token: token_string
44
- end
45
-
46
- it 'Authorization header' do
47
- expect(Doorkeeper::AccessToken).to receive(:by_token).with(token_string).and_return(token)
48
- request.env['HTTP_AUTHORIZATION'] = "Bearer #{token_string}"
49
- get :index
50
- end
51
-
52
- it 'different kind of Authorization header' do
53
- expect(Doorkeeper::AccessToken).not_to receive(:by_token)
54
- request.env['HTTP_AUTHORIZATION'] = "MAC #{token_string}"
55
- get :index
56
- end
57
-
58
- it 'does not change Authorization header value' do
59
- expect(Doorkeeper::AccessToken).to receive(:by_token).exactly(2).times.and_return(token)
60
- request.env['HTTP_AUTHORIZATION'] = "Bearer #{token_string}"
61
- get :index
62
- controller.send(:remove_instance_variable, :@_doorkeeper_token)
63
- get :index
64
- end
65
- end
66
-
67
- context 'defined for all actions' do
68
- controller do
69
- before_action :doorkeeper_authorize!
70
-
71
- include ControllerActions
72
- end
73
-
74
- context 'with valid token', token: :valid do
75
- it 'allows into index action' do
76
- get :index, access_token: token_string
77
- expect(response).to be_success
78
- end
79
-
80
- it 'allows into show action' do
81
- get :show, id: '4', access_token: token_string
82
- expect(response).to be_success
83
- end
84
- end
85
-
86
- context 'with invalid token', token: :invalid do
87
- it 'does not allow into index action' do
88
- get :index, access_token: token_string
89
- expect(response.status).to eq 401
90
- expect(response.header['WWW-Authenticate']).to match(/^Bearer/)
91
- end
92
-
93
- it 'does not allow into show action' do
94
- get :show, id: '4', access_token: token_string
95
- expect(response.status).to eq 401
96
- expect(response.header['WWW-Authenticate']).to match(/^Bearer/)
97
- end
98
- end
99
- end
100
-
101
- context 'defined with scopes' do
102
- controller do
103
- before_action -> { doorkeeper_authorize! :write }
104
-
105
- include ControllerActions
106
- end
107
-
108
- let(:token_string) { '1A2DUWE' }
109
-
110
- it 'allows if the token has particular scopes' do
111
- token = double(Doorkeeper::AccessToken,
112
- accessible?: true, scopes: %w(write public),
113
- previous_refresh_token: "",
114
- revoke_previous_refresh_token!: true)
115
- expect(token).to receive(:acceptable?).with([:write]).and_return(true)
116
- expect(
117
- Doorkeeper::AccessToken
118
- ).to receive(:by_token).with(token_string).and_return(token)
119
- get :index, access_token: token_string
120
- expect(response).to be_success
121
- end
122
-
123
- it 'does not allow if the token does not include given scope' do
124
- token = double(Doorkeeper::AccessToken,
125
- accessible?: true, scopes: ['public'], revoked?: false,
126
- expired?: false, previous_refresh_token: "",
127
- revoke_previous_refresh_token!: true)
128
- expect(
129
- Doorkeeper::AccessToken
130
- ).to receive(:by_token).with(token_string).and_return(token)
131
- expect(token).to receive(:acceptable?).with([:write]).and_return(false)
132
- get :index, access_token: token_string
133
- expect(response.status).to eq 403
134
- expect(response.header).to_not include('WWW-Authenticate')
135
- end
136
- end
137
-
138
- context 'when custom unauthorized render options are configured' do
139
- controller do
140
- before_action :doorkeeper_authorize!
141
-
142
- include ControllerActions
143
- end
144
-
145
- context 'with a JSON custom render', token: :invalid do
146
- before do
147
- module ControllerActions
148
- remove_method :doorkeeper_unauthorized_render_options
149
- def doorkeeper_unauthorized_render_options(error: nil)
150
- { json: ActiveSupport::JSON.encode(error_message: error.description) }
151
- end
152
- end
153
- end
154
- after do
155
- module ControllerActions
156
- remove_method :doorkeeper_unauthorized_render_options
157
- def doorkeeper_unauthorized_render_options(error: nil)
158
- end
159
- end
160
- end
161
-
162
- it 'it renders a custom JSON response', token: :invalid do
163
- get :index, access_token: token_string
164
- expect(response.status).to eq 401
165
- expect(response.content_type).to eq('application/json')
166
- expect(response.header['WWW-Authenticate']).to match(/^Bearer/)
167
- parsed_body = JSON.parse(response.body)
168
- expect(parsed_body).not_to be_nil
169
- expect(parsed_body['error_message']).to match('token is invalid')
170
- end
171
- end
172
-
173
- context 'with a text custom render', token: :invalid do
174
- before do
175
- module ControllerActions
176
- remove_method :doorkeeper_unauthorized_render_options
177
- def doorkeeper_unauthorized_render_options(error: nil)
178
- { plain: 'Unauthorized' }
179
- end
180
- end
181
- end
182
- after do
183
- module ControllerActions
184
- remove_method :doorkeeper_unauthorized_render_options
185
- def doorkeeper_unauthorized_render_options(error: nil)
186
- end
187
- end
188
- end
189
-
190
- it 'it renders a custom text response', token: :invalid do
191
- get :index, access_token: token_string
192
- expect(response.status).to eq 401
193
- expect(response.content_type).to eq('text/plain')
194
- expect(response.header['WWW-Authenticate']).to match(/^Bearer/)
195
- expect(response.body).to eq('Unauthorized')
196
- end
197
- end
198
- end
199
-
200
- context 'when custom forbidden render options are configured' do
201
- before do
202
- expect(Doorkeeper::AccessToken).to receive(:by_token).with(token_string).and_return(token)
203
- expect(token).to receive(:acceptable?).with([:write]).and_return(false)
204
- end
205
-
206
- after do
207
- module ControllerActions
208
- remove_method :doorkeeper_forbidden_render_options
209
- def doorkeeper_forbidden_render_options(*)
210
- end
211
- end
212
- end
213
-
214
- controller do
215
- before_action -> { doorkeeper_authorize! :write }
216
-
217
- include ControllerActions
218
- end
219
-
220
- let(:token) do
221
- double(Doorkeeper::AccessToken,
222
- accessible?: true, scopes: ['public'], revoked?: false,
223
- expired?: false, previous_refresh_token: "",
224
- revoke_previous_refresh_token!: true)
225
- end
226
- let(:token_string) { '1A2DUWE' }
227
-
228
- context 'with a JSON custom render' do
229
- before do
230
- module ControllerActions
231
- remove_method :doorkeeper_forbidden_render_options
232
- def doorkeeper_forbidden_render_options(*)
233
- { json: { error_message: 'Forbidden' } }
234
- end
235
- end
236
- end
237
-
238
- it 'renders a custom JSON response' do
239
- get :index, access_token: token_string
240
- expect(response.header).to_not include('WWW-Authenticate')
241
- expect(response.content_type).to eq('application/json')
242
- expect(response.status).to eq 403
243
- parsed_body = JSON.parse(response.body)
244
- expect(parsed_body).not_to be_nil
245
- expect(parsed_body['error_message']).to match('Forbidden')
246
- end
247
- end
248
-
249
- context 'with a status and JSON custom render' do
250
- before do
251
- module ControllerActions
252
- remove_method :doorkeeper_forbidden_render_options
253
- def doorkeeper_forbidden_render_options(*)
254
- { json: { error_message: 'Not Found' },
255
- respond_not_found_when_forbidden: true }
256
- end
257
- end
258
- end
259
-
260
- it 'overrides the default status code' do
261
- get :index, access_token: token_string
262
- expect(response.status).to eq 404
263
- end
264
- end
265
-
266
- context 'with a text custom render' do
267
- before do
268
- module ControllerActions
269
- remove_method :doorkeeper_forbidden_render_options
270
- def doorkeeper_forbidden_render_options(*)
271
- { plain: 'Forbidden' }
272
- end
273
- end
274
- end
275
-
276
- it 'renders a custom status code and text response' do
277
- get :index, access_token: token_string
278
- expect(response.header).to_not include('WWW-Authenticate')
279
- expect(response.status).to eq 403
280
- expect(response.body).to eq('Forbidden')
281
- end
282
- end
283
-
284
- context 'with a status and text custom render' do
285
- before do
286
- module ControllerActions
287
- remove_method :doorkeeper_forbidden_render_options
288
- def doorkeeper_forbidden_render_options(*)
289
- { respond_not_found_when_forbidden: true, plain: 'Not Found' }
290
- end
291
- end
292
- end
293
-
294
- it 'overrides the default status code' do
295
- get :index, access_token: token_string
296
- expect(response.status).to eq 404
297
- end
298
- end
299
- end
300
- end
@@ -1,52 +0,0 @@
1
- require 'spec_helper_integration'
2
-
3
- describe Doorkeeper::TokenInfoController do
4
- describe 'when requesting tokeninfo with valid token' do
5
- let(:doorkeeper_token) { FactoryGirl.create(:access_token) }
6
-
7
- before(:each) do
8
- allow(controller).to receive(:doorkeeper_token) { doorkeeper_token }
9
- end
10
-
11
- def do_get
12
- get :show
13
- end
14
-
15
- describe 'successful request' do
16
-
17
- it 'responds with tokeninfo' do
18
- do_get
19
- expect(response.body).to eq(doorkeeper_token.to_json)
20
- end
21
-
22
- it 'responds with a 200 status' do
23
- do_get
24
- expect(response.status).to eq 200
25
- end
26
- end
27
-
28
- describe 'invalid token response' do
29
- before(:each) do
30
- allow(controller).to receive(:doorkeeper_token).and_return(nil)
31
- end
32
- it 'responds with 401 when doorkeeper_token is not valid' do
33
- do_get
34
- expect(response.status).to eq 401
35
- expect(response.headers['WWW-Authenticate']).to match(/^Bearer/)
36
- end
37
-
38
- it 'responds with 401 when doorkeeper_token is invalid, expired or revoked' do
39
- allow(controller).to receive(:doorkeeper_token).and_return(doorkeeper_token)
40
- allow(doorkeeper_token).to receive(:accessible?).and_return(false)
41
- do_get
42
- expect(response.status).to eq 401
43
- expect(response.headers['WWW-Authenticate']).to match(/^Bearer/)
44
- end
45
-
46
- it 'responds body message for error' do
47
- do_get
48
- expect(response.body).to eq(Doorkeeper::OAuth::ErrorResponse.new(name: :invalid_request, status: :unauthorized).body.to_json)
49
- end
50
- end
51
- end
52
- end
@@ -1,88 +0,0 @@
1
- require 'spec_helper_integration'
2
-
3
- describe Doorkeeper::TokensController do
4
- describe 'when authorization has succeeded' do
5
- let :token do
6
- double(:token, authorize: true)
7
- end
8
-
9
- before do
10
- allow(controller).to receive(:token) { token }
11
- end
12
-
13
- it 'returns the authorization' do
14
- skip 'verify need of these specs'
15
-
16
- expect(token).to receive(:authorization)
17
-
18
- post :create
19
- end
20
- end
21
-
22
- describe 'when authorization has failed' do
23
- it 'returns the error response' do
24
- token = double(:token, authorize: false)
25
- allow(controller).to receive(:token) { token }
26
-
27
- post :create
28
-
29
- expect(response.status).to eq 401
30
- expect(response.headers['WWW-Authenticate']).to match(/Bearer/)
31
- end
32
- end
33
-
34
- describe 'when there is a failure due to a custom error' do
35
- it 'returns the error response with a custom message' do
36
- # I18n looks for `doorkeeper.errors.messages.custom_message` in locale files
37
- custom_message = "my_message"
38
- allow(I18n).to receive(:translate).
39
- with(
40
- custom_message,
41
- hash_including(scope: [:doorkeeper, :errors, :messages]),
42
- ).
43
- and_return('Authorization custom message')
44
-
45
- doorkeeper_error = Doorkeeper::Errors::DoorkeeperError.new(custom_message)
46
-
47
- strategy = double(:strategy)
48
- request = double(token_request: strategy)
49
- allow(strategy).to receive(:authorize).and_raise(doorkeeper_error)
50
- allow(controller).to receive(:server).and_return(request)
51
-
52
- post :create
53
-
54
- expected_response_body = {
55
- "error" => custom_message,
56
- "error_description" => "Authorization custom message"
57
- }
58
- expect(response.status).to eq 401
59
- expect(response.headers['WWW-Authenticate']).to match(/Bearer/)
60
- expect(JSON.load(response.body)).to eq expected_response_body
61
- end
62
- end
63
-
64
- describe 'when revoke authorization has failed' do
65
- # http://tools.ietf.org/html/rfc7009#section-2.2
66
- it 'returns no error response' do
67
- token = double(:token, authorize: false, application_id?: true)
68
- allow(controller).to receive(:token) { token }
69
-
70
- post :revoke
71
-
72
- expect(response.status).to eq 200
73
- end
74
- end
75
-
76
- describe 'authorize response memoization' do
77
- it "memoizes the result of the authorization" do
78
- strategy = double(:strategy, authorize: true)
79
- expect(strategy).to receive(:authorize).once
80
- allow(controller).to receive(:strategy) { strategy }
81
- allow(controller).to receive(:create) do
82
- controller.send :authorize_response
83
- end
84
-
85
- post :create
86
- end
87
- end
88
- end
data/spec/dummy/Rakefile DELETED
@@ -1,7 +0,0 @@
1
- #!/usr/bin/env rake
2
- # Add your own tasks in files placed in lib/tasks ending in .rake,
3
- # for example lib/tasks/capistrano.rake, and they will automatically be available to Rake.
4
-
5
- require File.expand_path('../config/application', __FILE__)
6
-
7
- Dummy::Application.load_tasks
@@ -1,3 +0,0 @@
1
- class ApplicationController < ActionController::Base
2
- protect_from_forgery
3
- end
@@ -1,7 +0,0 @@
1
- class CustomAuthorizationsController < ::ApplicationController
2
- %w(index show new create edit update destroy).each do |action|
3
- define_method action do
4
- render nothing: true
5
- end
6
- end
7
- end
@@ -1,12 +0,0 @@
1
- class FullProtectedResourcesController < ApplicationController
2
- before_action -> { doorkeeper_authorize! :write, :admin }, only: :show
3
- before_action :doorkeeper_authorize!, only: :index
4
-
5
- def index
6
- render plain: 'index'
7
- end
8
-
9
- def show
10
- render plain: 'show'
11
- end
12
- end
@@ -1,17 +0,0 @@
1
- class HomeController < ApplicationController
2
- def index
3
- end
4
-
5
- def sign_in
6
- session[:user_id] = if Rails.env.development?
7
- User.first || User.create!(name: 'Joe', password: 'sekret')
8
- else
9
- User.first
10
- end
11
- redirect_to '/'
12
- end
13
-
14
- def callback
15
- render plain: 'ok'
16
- end
17
- end
@@ -1,11 +0,0 @@
1
- class MetalController < ActionController::Metal
2
- include AbstractController::Callbacks
3
- include ActionController::Head
4
- include Doorkeeper::Rails::Helpers
5
-
6
- before_action :doorkeeper_authorize!
7
-
8
- def index
9
- self.response_body = { ok: true }.to_json
10
- end
11
- end
@@ -1,11 +0,0 @@
1
- class SemiProtectedResourcesController < ApplicationController
2
- before_action :doorkeeper_authorize!, only: :index
3
-
4
- def index
5
- render plain: 'protected index'
6
- end
7
-
8
- def show
9
- render plain: 'non protected show'
10
- end
11
- end
@@ -1,5 +0,0 @@
1
- module ApplicationHelper
2
- def current_user
3
- @current_user ||= User.find_by_id(session[:user_id])
4
- end
5
- end
@@ -1,5 +0,0 @@
1
- class User < ActiveRecord::Base
2
- def self.authenticate!(name, password)
3
- User.where(name: name, password: password).first
4
- end
5
- end
File without changes
@@ -1,14 +0,0 @@
1
- <!DOCTYPE html>
2
- <html>
3
- <head>
4
- <title>Dummy</title>
5
- <%= csrf_meta_tags %>
6
- </head>
7
- <body>
8
-
9
- <%= link_to "Sign in", '/sign_in' %>
10
-
11
- <%= yield %>
12
-
13
- </body>
14
- </html>
@@ -1,23 +0,0 @@
1
- require File.expand_path('../boot', __FILE__)
2
-
3
- require 'rails/all'
4
-
5
- Bundler.require(*Rails.groups)
6
-
7
- require 'yaml'
8
-
9
- orm = if DOORKEEPER_ORM =~ /mongoid/
10
- Mongoid.load!(File.join(File.dirname(File.expand_path(__FILE__)), "#{DOORKEEPER_ORM}.yml"))
11
- :mongoid
12
- else
13
- DOORKEEPER_ORM
14
- end
15
- require "#{orm}/railtie"
16
-
17
- module Dummy
18
- class Application < Rails::Application
19
- # Settings in config/environments/* take precedence over those specified here.
20
- # Application configuration should go into files in config/initializers
21
- # -- all .rb files in that directory are automatically loaded.
22
- end
23
- end
@@ -1,9 +0,0 @@
1
- require 'rubygems'
2
- require 'bundler/setup'
3
-
4
- orm = ENV['BUNDLE_GEMFILE'].match(/Gemfile\.(.+)\.rb/)
5
- unless defined?(DOORKEEPER_ORM)
6
- DOORKEEPER_ORM = (orm && orm[1]) || :active_record
7
- end
8
-
9
- $LOAD_PATH.unshift File.expand_path('../../../../lib', __FILE__)
@@ -1,15 +0,0 @@
1
- development:
2
- adapter: sqlite3
3
- database: db/development.sqlite3
4
- pool: 5
5
- timeout: 5000
6
-
7
- test:
8
- adapter: sqlite3
9
- database: ":memory:"
10
- timeout: 500
11
-
12
- production:
13
- adapter: sqlite3
14
- database: ":memory:"
15
- timeout: 500
@@ -1,5 +0,0 @@
1
- # Load the rails application
2
- require File.expand_path('../application', __FILE__)
3
-
4
- # Initialize the rails application
5
- Rails.application.initialize!
@@ -1,29 +0,0 @@
1
- Dummy::Application.configure do
2
- # Settings specified here will take precedence over those in config/application.rb
3
-
4
- # In the development environment your application's code is reloaded on
5
- # every request. This slows down response time but is perfect for development
6
- # since you don't have to restart the web server when you make code changes.
7
- config.cache_classes = false
8
-
9
- # Show full error reports and disable caching
10
- config.consider_all_requests_local = true
11
- config.action_controller.perform_caching = false
12
-
13
- # Don't care if the mailer can't send
14
- # config.action_mailer.raise_delivery_errors = false
15
-
16
- # Print deprecation notices to the Rails logger
17
- config.active_support.deprecation = :log
18
-
19
- # Only use best-standards-support built into browsers
20
- config.action_dispatch.best_standards_support = :builtin
21
-
22
- # Do not compress assets
23
- config.assets.compress = false
24
-
25
- # Expands the lines which load the assets
26
- config.assets.debug = true
27
-
28
- config.eager_load = false
29
- end