doorkeeper 4.2.6 → 5.5.4

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.


This version of doorkeeper might be problematic. Click here for more details.

Files changed (274) hide show
  1. checksums.yaml +5 -5
  2. data/CHANGELOG.md +1049 -0
  3. data/README.md +110 -353
  4. data/app/assets/stylesheets/doorkeeper/admin/application.css +2 -2
  5. data/app/controllers/doorkeeper/application_controller.rb +6 -7
  6. data/app/controllers/doorkeeper/application_metal_controller.rb +7 -11
  7. data/app/controllers/doorkeeper/applications_controller.rb +65 -16
  8. data/app/controllers/doorkeeper/authorizations_controller.rb +97 -17
  9. data/app/controllers/doorkeeper/authorized_applications_controller.rb +22 -3
  10. data/app/controllers/doorkeeper/token_info_controller.rb +16 -4
  11. data/app/controllers/doorkeeper/tokens_controller.rb +115 -38
  12. data/app/helpers/doorkeeper/dashboard_helper.rb +10 -6
  13. data/app/views/doorkeeper/applications/_delete_form.html.erb +3 -1
  14. data/app/views/doorkeeper/applications/_form.html.erb +33 -21
  15. data/app/views/doorkeeper/applications/edit.html.erb +1 -1
  16. data/app/views/doorkeeper/applications/index.html.erb +18 -6
  17. data/app/views/doorkeeper/applications/new.html.erb +1 -1
  18. data/app/views/doorkeeper/applications/show.html.erb +40 -16
  19. data/app/views/doorkeeper/authorizations/error.html.erb +1 -1
  20. data/app/views/doorkeeper/authorizations/form_post.html.erb +15 -0
  21. data/app/views/doorkeeper/authorizations/new.html.erb +6 -0
  22. data/app/views/doorkeeper/authorized_applications/index.html.erb +0 -1
  23. data/app/views/layouts/doorkeeper/admin.html.erb +16 -14
  24. data/config/locales/en.yml +34 -7
  25. data/lib/doorkeeper/config/abstract_builder.rb +28 -0
  26. data/lib/doorkeeper/config/option.rb +82 -0
  27. data/lib/doorkeeper/config/validations.rb +53 -0
  28. data/lib/doorkeeper/config.rb +514 -167
  29. data/lib/doorkeeper/engine.rb +11 -5
  30. data/lib/doorkeeper/errors.rb +25 -16
  31. data/lib/doorkeeper/grant_flow/fallback_flow.rb +15 -0
  32. data/lib/doorkeeper/grant_flow/flow.rb +44 -0
  33. data/lib/doorkeeper/grant_flow/registry.rb +50 -0
  34. data/lib/doorkeeper/grant_flow.rb +45 -0
  35. data/lib/doorkeeper/grape/authorization_decorator.rb +6 -4
  36. data/lib/doorkeeper/grape/helpers.rb +23 -12
  37. data/lib/doorkeeper/helpers/controller.rb +51 -14
  38. data/lib/doorkeeper/models/access_grant_mixin.rb +94 -27
  39. data/lib/doorkeeper/models/access_token_mixin.rb +284 -96
  40. data/lib/doorkeeper/models/application_mixin.rb +58 -27
  41. data/lib/doorkeeper/models/concerns/accessible.rb +2 -0
  42. data/lib/doorkeeper/models/concerns/expirable.rb +12 -6
  43. data/lib/doorkeeper/models/concerns/orderable.rb +15 -0
  44. data/lib/doorkeeper/models/concerns/ownership.rb +4 -7
  45. data/lib/doorkeeper/models/concerns/resource_ownerable.rb +47 -0
  46. data/lib/doorkeeper/models/concerns/reusable.rb +19 -0
  47. data/lib/doorkeeper/models/concerns/revocable.rb +3 -27
  48. data/lib/doorkeeper/models/concerns/scopes.rb +12 -2
  49. data/lib/doorkeeper/models/concerns/secret_storable.rb +106 -0
  50. data/lib/doorkeeper/oauth/authorization/code.rb +48 -12
  51. data/lib/doorkeeper/oauth/authorization/context.rb +17 -0
  52. data/lib/doorkeeper/oauth/authorization/token.rb +66 -28
  53. data/lib/doorkeeper/oauth/authorization/uri_builder.rb +7 -5
  54. data/lib/doorkeeper/oauth/authorization_code_request.rb +63 -10
  55. data/lib/doorkeeper/oauth/base_request.rb +35 -19
  56. data/lib/doorkeeper/oauth/base_response.rb +2 -0
  57. data/lib/doorkeeper/oauth/client/credentials.rb +9 -7
  58. data/lib/doorkeeper/oauth/client.rb +10 -11
  59. data/lib/doorkeeper/oauth/client_credentials/creator.rb +47 -4
  60. data/lib/doorkeeper/oauth/client_credentials/issuer.rb +16 -9
  61. data/lib/doorkeeper/oauth/client_credentials/validator.rb +56 -0
  62. data/lib/doorkeeper/oauth/client_credentials_request.rb +10 -11
  63. data/lib/doorkeeper/oauth/code_request.rb +8 -12
  64. data/lib/doorkeeper/oauth/code_response.rb +27 -15
  65. data/lib/doorkeeper/oauth/error.rb +5 -3
  66. data/lib/doorkeeper/oauth/error_response.rb +35 -15
  67. data/lib/doorkeeper/oauth/forbidden_token_response.rb +11 -3
  68. data/lib/doorkeeper/oauth/helpers/scope_checker.rb +23 -18
  69. data/lib/doorkeeper/oauth/helpers/unique_token.rb +20 -3
  70. data/lib/doorkeeper/oauth/helpers/uri_checker.rb +53 -3
  71. data/lib/doorkeeper/oauth/hooks/context.rb +21 -0
  72. data/lib/doorkeeper/oauth/invalid_request_response.rb +43 -0
  73. data/lib/doorkeeper/oauth/invalid_token_response.rb +29 -5
  74. data/lib/doorkeeper/oauth/nonstandard.rb +39 -0
  75. data/lib/doorkeeper/oauth/password_access_token_request.rb +44 -10
  76. data/lib/doorkeeper/oauth/pre_authorization.rb +135 -26
  77. data/lib/doorkeeper/oauth/refresh_token_request.rb +60 -31
  78. data/lib/doorkeeper/oauth/scopes.rb +26 -12
  79. data/lib/doorkeeper/oauth/token.rb +13 -9
  80. data/lib/doorkeeper/oauth/token_introspection.rb +202 -0
  81. data/lib/doorkeeper/oauth/token_request.rb +8 -20
  82. data/lib/doorkeeper/oauth/token_response.rb +14 -10
  83. data/lib/doorkeeper/oauth.rb +13 -0
  84. data/lib/doorkeeper/orm/active_record/access_grant.rb +6 -4
  85. data/lib/doorkeeper/orm/active_record/access_token.rb +5 -42
  86. data/lib/doorkeeper/orm/active_record/application.rb +6 -20
  87. data/lib/doorkeeper/orm/active_record/mixins/access_grant.rb +69 -0
  88. data/lib/doorkeeper/orm/active_record/mixins/access_token.rb +60 -0
  89. data/lib/doorkeeper/orm/active_record/mixins/application.rb +199 -0
  90. data/lib/doorkeeper/orm/active_record/redirect_uri_validator.rb +66 -0
  91. data/lib/doorkeeper/orm/active_record/stale_records_cleaner.rb +33 -0
  92. data/lib/doorkeeper/orm/active_record.rb +37 -8
  93. data/lib/doorkeeper/rails/helpers.rb +14 -13
  94. data/lib/doorkeeper/rails/routes/abstract_router.rb +35 -0
  95. data/lib/doorkeeper/rails/routes/mapper.rb +4 -2
  96. data/lib/doorkeeper/rails/routes/mapping.rb +9 -7
  97. data/lib/doorkeeper/rails/routes/registry.rb +45 -0
  98. data/lib/doorkeeper/rails/routes.rb +41 -28
  99. data/lib/doorkeeper/rake/db.rake +40 -0
  100. data/lib/doorkeeper/rake/setup.rake +11 -0
  101. data/lib/doorkeeper/rake.rb +14 -0
  102. data/lib/doorkeeper/request/authorization_code.rb +6 -4
  103. data/lib/doorkeeper/request/client_credentials.rb +3 -3
  104. data/lib/doorkeeper/request/code.rb +1 -1
  105. data/lib/doorkeeper/request/password.rb +5 -14
  106. data/lib/doorkeeper/request/refresh_token.rb +6 -5
  107. data/lib/doorkeeper/request/strategy.rb +4 -2
  108. data/lib/doorkeeper/request/token.rb +1 -1
  109. data/lib/doorkeeper/request.rb +62 -29
  110. data/lib/doorkeeper/secret_storing/base.rb +64 -0
  111. data/lib/doorkeeper/secret_storing/bcrypt.rb +60 -0
  112. data/lib/doorkeeper/secret_storing/plain.rb +33 -0
  113. data/lib/doorkeeper/secret_storing/sha256_hash.rb +26 -0
  114. data/lib/doorkeeper/server.rb +9 -11
  115. data/lib/doorkeeper/stale_records_cleaner.rb +24 -0
  116. data/lib/doorkeeper/validations.rb +5 -2
  117. data/lib/doorkeeper/version.rb +12 -1
  118. data/lib/doorkeeper.rb +111 -62
  119. data/lib/generators/doorkeeper/application_owner_generator.rb +28 -13
  120. data/lib/generators/doorkeeper/confidential_applications_generator.rb +33 -0
  121. data/lib/generators/doorkeeper/enable_polymorphic_resource_owner_generator.rb +39 -0
  122. data/lib/generators/doorkeeper/install_generator.rb +19 -9
  123. data/lib/generators/doorkeeper/migration_generator.rb +27 -10
  124. data/lib/generators/doorkeeper/pkce_generator.rb +33 -0
  125. data/lib/generators/doorkeeper/previous_refresh_token_generator.rb +31 -19
  126. data/lib/generators/doorkeeper/templates/add_confidential_to_applications.rb.erb +13 -0
  127. data/lib/generators/doorkeeper/templates/add_owner_to_application_migration.rb.erb +9 -0
  128. data/{spec/dummy/db/migrate/20160320211015_add_previous_refresh_token_to_access_tokens.rb → lib/generators/doorkeeper/templates/add_previous_refresh_token_to_access_tokens.rb.erb} +3 -1
  129. data/lib/generators/doorkeeper/templates/enable_pkce_migration.rb.erb +8 -0
  130. data/lib/generators/doorkeeper/templates/enable_polymorphic_resource_owner_migration.rb.erb +17 -0
  131. data/lib/generators/doorkeeper/templates/initializer.rb +412 -33
  132. data/lib/generators/doorkeeper/templates/migration.rb.erb +88 -0
  133. data/lib/generators/doorkeeper/views_generator.rb +8 -4
  134. data/vendor/assets/stylesheets/doorkeeper/bootstrap.min.css +4 -5
  135. metadata +114 -276
  136. data/.coveralls.yml +0 -1
  137. data/.gitignore +0 -19
  138. data/.hound.yml +0 -13
  139. data/.rspec +0 -1
  140. data/.travis.yml +0 -26
  141. data/Appraisals +0 -14
  142. data/CONTRIBUTING.md +0 -47
  143. data/Gemfile +0 -10
  144. data/NEWS.md +0 -606
  145. data/RELEASING.md +0 -10
  146. data/Rakefile +0 -20
  147. data/app/validators/redirect_uri_validator.rb +0 -34
  148. data/doorkeeper.gemspec +0 -29
  149. data/gemfiles/rails_4_2.gemfile +0 -11
  150. data/gemfiles/rails_5_0.gemfile +0 -12
  151. data/gemfiles/rails_5_1.gemfile +0 -13
  152. data/lib/doorkeeper/oauth/client_credentials/validation.rb +0 -45
  153. data/lib/generators/doorkeeper/templates/add_owner_to_application_migration.rb +0 -7
  154. data/lib/generators/doorkeeper/templates/add_previous_refresh_token_to_access_tokens.rb +0 -11
  155. data/lib/generators/doorkeeper/templates/migration.rb +0 -68
  156. data/spec/controllers/application_metal_controller.rb +0 -10
  157. data/spec/controllers/applications_controller_spec.rb +0 -58
  158. data/spec/controllers/authorizations_controller_spec.rb +0 -218
  159. data/spec/controllers/protected_resources_controller_spec.rb +0 -300
  160. data/spec/controllers/token_info_controller_spec.rb +0 -52
  161. data/spec/controllers/tokens_controller_spec.rb +0 -88
  162. data/spec/dummy/Rakefile +0 -7
  163. data/spec/dummy/app/controllers/application_controller.rb +0 -3
  164. data/spec/dummy/app/controllers/custom_authorizations_controller.rb +0 -7
  165. data/spec/dummy/app/controllers/full_protected_resources_controller.rb +0 -12
  166. data/spec/dummy/app/controllers/home_controller.rb +0 -17
  167. data/spec/dummy/app/controllers/metal_controller.rb +0 -11
  168. data/spec/dummy/app/controllers/semi_protected_resources_controller.rb +0 -11
  169. data/spec/dummy/app/helpers/application_helper.rb +0 -5
  170. data/spec/dummy/app/models/user.rb +0 -5
  171. data/spec/dummy/app/views/home/index.html.erb +0 -0
  172. data/spec/dummy/app/views/layouts/application.html.erb +0 -14
  173. data/spec/dummy/config/application.rb +0 -23
  174. data/spec/dummy/config/boot.rb +0 -9
  175. data/spec/dummy/config/database.yml +0 -15
  176. data/spec/dummy/config/environment.rb +0 -5
  177. data/spec/dummy/config/environments/development.rb +0 -29
  178. data/spec/dummy/config/environments/production.rb +0 -62
  179. data/spec/dummy/config/environments/test.rb +0 -44
  180. data/spec/dummy/config/initializers/active_record_belongs_to_required_by_default.rb +0 -6
  181. data/spec/dummy/config/initializers/backtrace_silencers.rb +0 -7
  182. data/spec/dummy/config/initializers/doorkeeper.rb +0 -96
  183. data/spec/dummy/config/initializers/secret_token.rb +0 -9
  184. data/spec/dummy/config/initializers/session_store.rb +0 -8
  185. data/spec/dummy/config/initializers/wrap_parameters.rb +0 -14
  186. data/spec/dummy/config/locales/doorkeeper.en.yml +0 -5
  187. data/spec/dummy/config/routes.rb +0 -52
  188. data/spec/dummy/config.ru +0 -4
  189. data/spec/dummy/db/migrate/20111122132257_create_users.rb +0 -9
  190. data/spec/dummy/db/migrate/20120312140401_add_password_to_users.rb +0 -5
  191. data/spec/dummy/db/migrate/20151223192035_create_doorkeeper_tables.rb +0 -60
  192. data/spec/dummy/db/migrate/20151223200000_add_owner_to_application.rb +0 -7
  193. data/spec/dummy/db/schema.rb +0 -67
  194. data/spec/dummy/public/404.html +0 -26
  195. data/spec/dummy/public/422.html +0 -26
  196. data/spec/dummy/public/500.html +0 -26
  197. data/spec/dummy/public/favicon.ico +0 -0
  198. data/spec/dummy/script/rails +0 -6
  199. data/spec/factories.rb +0 -28
  200. data/spec/generators/application_owner_generator_spec.rb +0 -22
  201. data/spec/generators/install_generator_spec.rb +0 -31
  202. data/spec/generators/migration_generator_spec.rb +0 -20
  203. data/spec/generators/templates/routes.rb +0 -3
  204. data/spec/generators/views_generator_spec.rb +0 -27
  205. data/spec/helpers/doorkeeper/dashboard_helper_spec.rb +0 -24
  206. data/spec/lib/config_spec.rb +0 -334
  207. data/spec/lib/doorkeeper_spec.rb +0 -150
  208. data/spec/lib/models/expirable_spec.rb +0 -50
  209. data/spec/lib/models/revocable_spec.rb +0 -59
  210. data/spec/lib/models/scopes_spec.rb +0 -43
  211. data/spec/lib/oauth/authorization/uri_builder_spec.rb +0 -41
  212. data/spec/lib/oauth/authorization_code_request_spec.rb +0 -80
  213. data/spec/lib/oauth/base_request_spec.rb +0 -160
  214. data/spec/lib/oauth/base_response_spec.rb +0 -45
  215. data/spec/lib/oauth/client/credentials_spec.rb +0 -88
  216. data/spec/lib/oauth/client_credentials/creator_spec.rb +0 -44
  217. data/spec/lib/oauth/client_credentials/issuer_spec.rb +0 -86
  218. data/spec/lib/oauth/client_credentials/validation_spec.rb +0 -54
  219. data/spec/lib/oauth/client_credentials_integration_spec.rb +0 -27
  220. data/spec/lib/oauth/client_credentials_request_spec.rb +0 -104
  221. data/spec/lib/oauth/client_spec.rb +0 -39
  222. data/spec/lib/oauth/code_request_spec.rb +0 -45
  223. data/spec/lib/oauth/code_response_spec.rb +0 -34
  224. data/spec/lib/oauth/error_response_spec.rb +0 -61
  225. data/spec/lib/oauth/error_spec.rb +0 -23
  226. data/spec/lib/oauth/forbidden_token_response_spec.rb +0 -23
  227. data/spec/lib/oauth/helpers/scope_checker_spec.rb +0 -64
  228. data/spec/lib/oauth/helpers/unique_token_spec.rb +0 -20
  229. data/spec/lib/oauth/helpers/uri_checker_spec.rb +0 -104
  230. data/spec/lib/oauth/invalid_token_response_spec.rb +0 -56
  231. data/spec/lib/oauth/password_access_token_request_spec.rb +0 -90
  232. data/spec/lib/oauth/pre_authorization_spec.rb +0 -155
  233. data/spec/lib/oauth/refresh_token_request_spec.rb +0 -154
  234. data/spec/lib/oauth/scopes_spec.rb +0 -122
  235. data/spec/lib/oauth/token_request_spec.rb +0 -98
  236. data/spec/lib/oauth/token_response_spec.rb +0 -85
  237. data/spec/lib/oauth/token_spec.rb +0 -116
  238. data/spec/lib/request/strategy_spec.rb +0 -53
  239. data/spec/lib/server_spec.rb +0 -49
  240. data/spec/models/doorkeeper/access_grant_spec.rb +0 -36
  241. data/spec/models/doorkeeper/access_token_spec.rb +0 -394
  242. data/spec/models/doorkeeper/application_spec.rb +0 -179
  243. data/spec/requests/applications/applications_request_spec.rb +0 -94
  244. data/spec/requests/applications/authorized_applications_spec.rb +0 -30
  245. data/spec/requests/endpoints/authorization_spec.rb +0 -71
  246. data/spec/requests/endpoints/token_spec.rb +0 -64
  247. data/spec/requests/flows/authorization_code_errors_spec.rb +0 -76
  248. data/spec/requests/flows/authorization_code_spec.rb +0 -148
  249. data/spec/requests/flows/client_credentials_spec.rb +0 -58
  250. data/spec/requests/flows/implicit_grant_errors_spec.rb +0 -32
  251. data/spec/requests/flows/implicit_grant_spec.rb +0 -61
  252. data/spec/requests/flows/password_spec.rb +0 -115
  253. data/spec/requests/flows/refresh_token_spec.rb +0 -174
  254. data/spec/requests/flows/revoke_token_spec.rb +0 -157
  255. data/spec/requests/flows/skip_authorization_spec.rb +0 -59
  256. data/spec/requests/protected_resources/metal_spec.rb +0 -14
  257. data/spec/requests/protected_resources/private_api_spec.rb +0 -81
  258. data/spec/routing/custom_controller_routes_spec.rb +0 -71
  259. data/spec/routing/default_routes_spec.rb +0 -35
  260. data/spec/routing/scoped_routes_spec.rb +0 -31
  261. data/spec/spec_helper.rb +0 -4
  262. data/spec/spec_helper_integration.rb +0 -63
  263. data/spec/support/dependencies/factory_girl.rb +0 -2
  264. data/spec/support/helpers/access_token_request_helper.rb +0 -11
  265. data/spec/support/helpers/authorization_request_helper.rb +0 -41
  266. data/spec/support/helpers/config_helper.rb +0 -9
  267. data/spec/support/helpers/model_helper.rb +0 -67
  268. data/spec/support/helpers/request_spec_helper.rb +0 -84
  269. data/spec/support/helpers/url_helper.rb +0 -55
  270. data/spec/support/http_method_shim.rb +0 -38
  271. data/spec/support/orm/active_record.rb +0 -3
  272. data/spec/support/shared/controllers_shared_context.rb +0 -69
  273. data/spec/support/shared/models_shared_examples.rb +0 -52
  274. data/spec/validators/redirect_uri_validator_spec.rb +0 -78
@@ -1,62 +0,0 @@
1
- Dummy::Application.configure do
2
- # Settings specified here will take precedence over those in config/application.rb
3
-
4
- # Code is not reloaded between requests
5
- config.cache_classes = true
6
-
7
- # Full error reports are disabled and caching is turned on
8
- config.consider_all_requests_local = false
9
- config.action_controller.perform_caching = true
10
-
11
- # Disable Rails's static asset server (Apache or nginx will already do this)
12
- config.serve_static_assets = false
13
-
14
- # Compress JavaScripts and CSS
15
- config.assets.compress = true
16
-
17
- # Don't fallback to assets pipeline if a precompiled asset is missed
18
- config.assets.compile = false
19
-
20
- # Generate digests for assets URLs
21
- config.assets.digest = true
22
-
23
- # Defaults to Rails.root.join("public/assets")
24
- # config.assets.manifest = YOUR_PATH
25
-
26
- # Specifies the header that your server uses for sending files
27
- # config.action_dispatch.x_sendfile_header = "X-Sendfile" # for apache
28
- # config.action_dispatch.x_sendfile_header = 'X-Accel-Redirect' # for nginx
29
-
30
- # Force all access to the app over SSL, use Strict-Transport-Security, and use secure cookies.
31
- # config.force_ssl = true
32
-
33
- # See everything in the log (default is :info)
34
- # config.log_level = :debug
35
-
36
- # Use a different logger for distributed setups
37
- # config.logger = SyslogLogger.new
38
-
39
- # Use a different cache store in production
40
- # config.cache_store = :mem_cache_store
41
-
42
- # Enable serving of images, stylesheets, and JavaScripts from an asset server
43
- # config.action_controller.asset_host = "http://assets.example.com"
44
-
45
- # Precompile additional assets (application.js, application.css, and all non-JS/CSS are already added)
46
- # config.assets.precompile += %w( search.js )
47
-
48
- # Disable delivery errors, bad email addresses will be ignored
49
- # config.action_mailer.raise_delivery_errors = false
50
-
51
- # Enable threaded mode
52
- # config.threadsafe!
53
-
54
- # Enable locale fallbacks for I18n (makes lookups for any locale fall back to
55
- # the I18n.default_locale when a translation can not be found)
56
- config.i18n.fallbacks = true
57
-
58
- # Send deprecation notices to registered listeners
59
- config.active_support.deprecation = :notify
60
-
61
- config.eager_load = true
62
- end
@@ -1,44 +0,0 @@
1
- Dummy::Application.configure do
2
- # Settings specified here will take precedence over those in config/application.rb
3
-
4
- # The test environment is used exclusively to run your application's
5
- # test suite. You never need to work with it otherwise. Remember that
6
- # your test database is "scratch space" for the test suite and is wiped
7
- # and recreated between test runs. Don't rely on the data there!
8
- config.cache_classes = true
9
-
10
- # Do not eager load code on boot. This avoids loading your whole application
11
- # just for the purpose of running a single test. If you are using a tool that
12
- # preloads Rails for running tests, you may have to set it to true.
13
- config.eager_load = false
14
-
15
- # Show full error reports and disable caching
16
- config.consider_all_requests_local = true
17
- config.action_controller.perform_caching = false
18
-
19
- # Raise exceptions instead of rendering exception templates
20
- config.action_dispatch.show_exceptions = false
21
-
22
- # Disable request forgery protection in test environment
23
- config.action_controller.allow_forgery_protection = false
24
-
25
- # Tell Action Mailer not to deliver emails to the real world.
26
- # The :test delivery method accumulates sent emails in the
27
- # ActionMailer::Base.deliveries array.
28
- # config.action_mailer.delivery_method = :test
29
-
30
- # Use SQL instead of Active Record's schema dumper when creating the test database.
31
- # This is necessary if your schema can't be completely dumped by the schema dumper,
32
- # like if you have constraints or database-specific column types
33
- # config.active_record.schema_format = :sql
34
-
35
- # Print deprecation notices to the stderr
36
- config.active_support.deprecation = :stderr
37
-
38
- config.eager_load = true
39
-
40
- if DOORKEEPER_ORM == :active_record
41
- config.active_record.table_name_prefix = TABLE_NAME_PREFIX.to_s
42
- config.active_record.table_name_suffix = TABLE_NAME_SUFFIX.to_s
43
- end
44
- end
@@ -1,6 +0,0 @@
1
- # Require `belongs_to` associations by default. This is a new Rails 5.0
2
- # default, so it is introduced as a configuration option to ensure that apps
3
- # made on earlier versions of Rails are not affected when upgrading.
4
- if Rails.version.to_i >= 5
5
- Rails.application.config.active_record.belongs_to_required_by_default = true
6
- end
@@ -1,7 +0,0 @@
1
- # Be sure to restart your server when you modify this file.
2
-
3
- # You can add backtrace silencers for libraries that you're using but don't wish to see in your backtraces.
4
- # Rails.backtrace_cleaner.add_silencer { |line| line =~ /my_noisy_library/ }
5
-
6
- # You can also remove all the silencers if you're trying to debug a problem that might stem from framework code.
7
- # Rails.backtrace_cleaner.remove_silencers!
@@ -1,96 +0,0 @@
1
- Doorkeeper.configure do
2
- # Change the ORM that doorkeeper will use.
3
- orm DOORKEEPER_ORM
4
-
5
- # This block will be called to check whether the resource owner is authenticated or not.
6
- resource_owner_authenticator do
7
- # Put your resource owner authentication logic here.
8
- User.where(id: session[:user_id]).first || redirect_to(root_url, alert: 'Needs sign in.')
9
- end
10
-
11
- # If you want to restrict access to the web interface for adding oauth authorized applications, you need to declare the block below.
12
- # admin_authenticator do
13
- # # Put your admin authentication logic here.
14
- # # Example implementation:
15
- # Admin.find_by_id(session[:admin_id]) || redirect_to(new_admin_session_url)
16
- # end
17
-
18
- # Authorization Code expiration time (default 10 minutes).
19
- # authorization_code_expires_in 10.minutes
20
-
21
- # Access token expiration time (default 2 hours).
22
- # If you want to disable expiration, set this to nil.
23
- # access_token_expires_in 2.hours
24
-
25
- # Reuse access token for the same resource owner within an application (disabled by default)
26
- # Rationale: https://github.com/doorkeeper-gem/doorkeeper/issues/383
27
- # reuse_access_token
28
-
29
- # Issue access tokens with refresh token (disabled by default)
30
- use_refresh_token
31
-
32
- # Provide support for an owner to be assigned to each registered application (disabled by default)
33
- # Optional parameter confirmation: true (default false) if you want to enforce ownership of
34
- # a registered application
35
- # Note: you must also run the rails g doorkeeper:application_owner generator to provide the necessary support
36
- # enable_application_owner confirmation: false
37
-
38
- # Define access token scopes for your provider
39
- # For more information go to
40
- # https://github.com/doorkeeper-gem/doorkeeper/wiki/Using-Scopes
41
- default_scopes :public
42
- optional_scopes :write, :update
43
-
44
- # Change the way client credentials are retrieved from the request object.
45
- # By default it retrieves first from the `HTTP_AUTHORIZATION` header, then
46
- # falls back to the `:client_id` and `:client_secret` params from the `params` object.
47
- # Check out the wiki for more information on customization
48
- # client_credentials :from_basic, :from_params
49
-
50
- # Change the way access token is authenticated from the request object.
51
- # By default it retrieves first from the `HTTP_AUTHORIZATION` header, then
52
- # falls back to the `:access_token` or `:bearer_token` params from the `params` object.
53
- # Check out the wiki for more information on customization
54
- # access_token_methods :from_bearer_authorization, :from_access_token_param, :from_bearer_param
55
-
56
- # Change the native redirect uri for client apps
57
- # When clients register with the following redirect uri, they won't be redirected to any server and the authorization code will be displayed within the provider
58
- # The value can be any string. Use nil to disable this feature. When disabled, clients must provide a valid URL
59
- # (Similar behaviour: https://developers.google.com/accounts/docs/OAuth2InstalledApp#choosingredirecturi)
60
- #
61
- # native_redirect_uri 'urn:ietf:wg:oauth:2.0:oob'
62
-
63
- # Forces the usage of the HTTPS protocol in non-native redirect uris (enabled
64
- # by default in non-development environments). OAuth2 delegates security in
65
- # communication to the HTTPS protocol so it is wise to keep this enabled.
66
- #
67
- # force_ssl_in_redirect_uri !Rails.env.development?
68
-
69
- # Specify what grant flows are enabled in array of Strings. The valid
70
- # strings and the flows they enable are:
71
- #
72
- # "authorization_code" => Authorization Code Grant Flow
73
- # "implicit" => Implicit Grant Flow
74
- # "password" => Resource Owner Password Credentials Grant Flow
75
- # "client_credentials" => Client Credentials Grant Flow
76
- #
77
- # If not specified, Doorkeeper enables authorization_code and
78
- # client_credentials.
79
- #
80
- # implicit and password grant flows have risks that you should understand
81
- # before enabling:
82
- # http://tools.ietf.org/html/rfc6819#section-4.4.2
83
- # http://tools.ietf.org/html/rfc6819#section-4.4.3
84
- #
85
- # grant_flows %w(authorization_code client_credentials)
86
-
87
- # Under some circumstances you might want to have applications auto-approved,
88
- # so that the user skips the authorization step.
89
- # For example if dealing with a trusted application.
90
- # skip_authorization do |resource_owner, client|
91
- # client.superapp? or resource_owner.admin?
92
- # end
93
-
94
- # WWW-Authenticate Realm (default "Doorkeeper").
95
- realm "Doorkeeper"
96
- end
@@ -1,9 +0,0 @@
1
- # Be sure to restart your server when you modify this file.
2
-
3
- # Your secret key for verifying the integrity of signed cookies.
4
- # If you change this key, all old signed cookies will become invalid!
5
- # Make sure the secret is at least 30 characters and all random,
6
- # no regular words or you'll be exposed to dictionary attacks.
7
- Dummy::Application.config.secret_key_base =
8
- Dummy::Application.config.secret_token =
9
- 'c00157b5a1bb6181792f0f4a8a080485de7bab9987e6cf159dc74c4f0573345c1bfa713b5d756e1491fc0b098567e8a619e2f8d268eda86a20a720d05d633780'
@@ -1,8 +0,0 @@
1
- # Be sure to restart your server when you modify this file.
2
-
3
- Dummy::Application.config.session_store :cookie_store, key: '_dummy_session'
4
-
5
- # Use the database for sessions instead of the cookie-based default,
6
- # which shouldn't be used to store highly confidential information
7
- # (create the session table with "rails generate session_migration")
8
- # Dummy::Application.config.session_store :active_record_store
@@ -1,14 +0,0 @@
1
- # Be sure to restart your server when you modify this file.
2
- #
3
- # This file contains settings for ActionController::ParamsWrapper which
4
- # is enabled by default.
5
-
6
- # Enable parameter wrapping for JSON. You can disable this by setting :format to an empty array.
7
- ActiveSupport.on_load(:action_controller) do
8
- wrap_parameters format: [:json]
9
- end
10
-
11
- # Disable root element in JSON by default.
12
- ActiveSupport.on_load(:active_record) do
13
- self.include_root_in_json = false
14
- end
@@ -1,5 +0,0 @@
1
- en:
2
- doorkeeper:
3
- scopes:
4
- public: "Access your public data"
5
- write: "Update your data"
@@ -1,52 +0,0 @@
1
- Rails.application.routes.draw do
2
- use_doorkeeper
3
- use_doorkeeper scope: 'scope'
4
-
5
- scope 'inner_space' do
6
- use_doorkeeper scope: 'scope' do
7
- controllers authorizations: 'custom_authorizations',
8
- tokens: 'custom_authorizations',
9
- applications: 'custom_authorizations',
10
- token_info: 'custom_authorizations'
11
-
12
- as authorizations: 'custom_auth',
13
- tokens: 'custom_token',
14
- token_info: 'custom_token_info'
15
- end
16
- end
17
-
18
- scope 'space' do
19
- use_doorkeeper do
20
- controllers authorizations: 'custom_authorizations',
21
- tokens: 'custom_authorizations',
22
- applications: 'custom_authorizations',
23
- token_info: 'custom_authorizations'
24
-
25
- as authorizations: 'custom_auth',
26
- tokens: 'custom_token',
27
- token_info: 'custom_token_info'
28
- end
29
- end
30
-
31
- scope 'outer_space' do
32
- use_doorkeeper do
33
- controllers authorizations: 'custom_authorizations',
34
- tokens: 'custom_authorizations',
35
- token_info: 'custom_authorizations'
36
-
37
- as authorizations: 'custom_auth',
38
- tokens: 'custom_token',
39
- token_info: 'custom_token_info'
40
-
41
- skip_controllers :tokens, :applications, :token_info
42
- end
43
- end
44
-
45
- get 'metal.json' => 'metal#index'
46
-
47
- get '/callback', to: 'home#callback'
48
- get '/sign_in', to: 'home#sign_in'
49
- resources :semi_protected_resources
50
- resources :full_protected_resources
51
- root to: 'home#index'
52
- end
data/spec/dummy/config.ru DELETED
@@ -1,4 +0,0 @@
1
- # This file is used by Rack-based servers to start the application.
2
-
3
- require ::File.expand_path('../config/environment', __FILE__)
4
- run Dummy::Application
@@ -1,9 +0,0 @@
1
- class CreateUsers < ActiveRecord::Migration
2
- def change
3
- create_table :users do |t|
4
- t.string :name
5
-
6
- t.timestamps
7
- end
8
- end
9
- end
@@ -1,5 +0,0 @@
1
- class AddPasswordToUsers < ActiveRecord::Migration
2
- def change
3
- add_column :users, :password, :string
4
- end
5
- end
@@ -1,60 +0,0 @@
1
- class CreateDoorkeeperTables < ActiveRecord::Migration
2
- def change
3
- create_table :oauth_applications do |t|
4
- t.string :name, null: false
5
- t.string :uid, null: false
6
- t.string :secret, null: false
7
- t.text :redirect_uri, null: false
8
- t.string :scopes, null: false, default: ''
9
- t.timestamps null: false
10
- end
11
-
12
- add_index :oauth_applications, :uid, unique: true
13
-
14
- create_table :oauth_access_grants do |t|
15
- t.integer :resource_owner_id, null: false
16
- t.references :application, null: false
17
- t.string :token, null: false
18
- t.integer :expires_in, null: false
19
- t.text :redirect_uri, null: false
20
- t.datetime :created_at, null: false
21
- t.datetime :revoked_at
22
- t.string :scopes
23
- end
24
-
25
- add_index :oauth_access_grants, :token, unique: true
26
- add_foreign_key(
27
- :oauth_access_grants,
28
- :oauth_applications,
29
- column: :application_id,
30
- )
31
-
32
- create_table :oauth_access_tokens do |t|
33
- t.integer :resource_owner_id
34
- t.references :application
35
-
36
- # If you use a custom token generator you may need to change this column
37
- # from string to text, so that it accepts tokens larger than 255
38
- # characters. More info on custom token generators in:
39
- # https://github.com/doorkeeper-gem/doorkeeper/tree/v3.0.0.rc1#custom-access-token-generator
40
- #
41
- # t.text :token, null: false
42
- t.string :token, null: false
43
-
44
- t.string :refresh_token
45
- t.integer :expires_in
46
- t.datetime :revoked_at
47
- t.datetime :created_at, null: false
48
- t.string :scopes
49
- end
50
-
51
- add_index :oauth_access_tokens, :token, unique: true
52
- add_index :oauth_access_tokens, :resource_owner_id
53
- add_index :oauth_access_tokens, :refresh_token, unique: true
54
- add_foreign_key(
55
- :oauth_access_tokens,
56
- :oauth_applications,
57
- column: :application_id,
58
- )
59
- end
60
- end
@@ -1,7 +0,0 @@
1
- class AddOwnerToApplication < ActiveRecord::Migration
2
- def change
3
- add_column :oauth_applications, :owner_id, :integer, null: true
4
- add_column :oauth_applications, :owner_type, :string, null: true
5
- add_index :oauth_applications, [:owner_id, :owner_type]
6
- end
7
- end
@@ -1,67 +0,0 @@
1
- # encoding: UTF-8
2
- # This file is auto-generated from the current state of the database. Instead
3
- # of editing this file, please use the migrations feature of Active Record to
4
- # incrementally modify your database, and then regenerate this schema definition.
5
- #
6
- # Note that this schema.rb definition is the authoritative source for your
7
- # database schema. If you need to create the application database on another
8
- # system, you should be using db:schema:load, not running all the migrations
9
- # from scratch. The latter is a flawed and unsustainable approach (the more migrations
10
- # you'll amass, the slower it'll run and the greater likelihood for issues).
11
- #
12
- # It's strongly recommended that you check this file into your version control system.
13
-
14
- ActiveRecord::Schema.define(version: 20160320211015) do
15
-
16
- create_table "oauth_access_grants", force: :cascade do |t|
17
- t.integer "resource_owner_id", null: false
18
- t.integer "application_id", null: false
19
- t.string "token", null: false
20
- t.integer "expires_in", null: false
21
- t.text "redirect_uri", null: false
22
- t.datetime "created_at", null: false
23
- t.datetime "revoked_at"
24
- t.string "scopes"
25
- end
26
-
27
- add_index "oauth_access_grants", ["token"], name: "index_oauth_access_grants_on_token", unique: true
28
-
29
- create_table "oauth_access_tokens", force: :cascade do |t|
30
- t.integer "resource_owner_id"
31
- t.integer "application_id"
32
- t.string "token", null: false
33
- t.string "refresh_token"
34
- t.integer "expires_in"
35
- t.datetime "revoked_at"
36
- t.datetime "created_at", null: false
37
- t.string "scopes"
38
- t.string "previous_refresh_token", default: "", null: false
39
- end
40
-
41
- add_index "oauth_access_tokens", ["refresh_token"], name: "index_oauth_access_tokens_on_refresh_token", unique: true
42
- add_index "oauth_access_tokens", ["resource_owner_id"], name: "index_oauth_access_tokens_on_resource_owner_id"
43
- add_index "oauth_access_tokens", ["token"], name: "index_oauth_access_tokens_on_token", unique: true
44
-
45
- create_table "oauth_applications", force: :cascade do |t|
46
- t.string "name", null: false
47
- t.string "uid", null: false
48
- t.string "secret", null: false
49
- t.text "redirect_uri", null: false
50
- t.string "scopes", default: "", null: false
51
- t.datetime "created_at"
52
- t.datetime "updated_at"
53
- t.integer "owner_id"
54
- t.string "owner_type"
55
- end
56
-
57
- add_index "oauth_applications", ["owner_id", "owner_type"], name: "index_oauth_applications_on_owner_id_and_owner_type"
58
- add_index "oauth_applications", ["uid"], name: "index_oauth_applications_on_uid", unique: true
59
-
60
- create_table "users", force: :cascade do |t|
61
- t.string "name"
62
- t.datetime "created_at"
63
- t.datetime "updated_at"
64
- t.string "password"
65
- end
66
-
67
- end
@@ -1,26 +0,0 @@
1
- <!DOCTYPE html>
2
- <html>
3
- <head>
4
- <title>The page you were looking for doesn't exist (404)</title>
5
- <style type="text/css">
6
- body { background-color: #fff; color: #666; text-align: center; font-family: arial, sans-serif; }
7
- div.dialog {
8
- width: 25em;
9
- padding: 0 4em;
10
- margin: 4em auto 0 auto;
11
- border: 1px solid #ccc;
12
- border-right-color: #999;
13
- border-bottom-color: #999;
14
- }
15
- h1 { font-size: 100%; color: #f00; line-height: 1.5em; }
16
- </style>
17
- </head>
18
-
19
- <body>
20
- <!-- This file lives in public/404.html -->
21
- <div class="dialog">
22
- <h1>The page you were looking for doesn't exist.</h1>
23
- <p>You may have mistyped the address or the page may have moved.</p>
24
- </div>
25
- </body>
26
- </html>
@@ -1,26 +0,0 @@
1
- <!DOCTYPE html>
2
- <html>
3
- <head>
4
- <title>The change you wanted was rejected (422)</title>
5
- <style type="text/css">
6
- body { background-color: #fff; color: #666; text-align: center; font-family: arial, sans-serif; }
7
- div.dialog {
8
- width: 25em;
9
- padding: 0 4em;
10
- margin: 4em auto 0 auto;
11
- border: 1px solid #ccc;
12
- border-right-color: #999;
13
- border-bottom-color: #999;
14
- }
15
- h1 { font-size: 100%; color: #f00; line-height: 1.5em; }
16
- </style>
17
- </head>
18
-
19
- <body>
20
- <!-- This file lives in public/422.html -->
21
- <div class="dialog">
22
- <h1>The change you wanted was rejected.</h1>
23
- <p>Maybe you tried to change something you didn't have access to.</p>
24
- </div>
25
- </body>
26
- </html>
@@ -1,26 +0,0 @@
1
- <!DOCTYPE html>
2
- <html>
3
- <head>
4
- <title>We're sorry, but something went wrong (500)</title>
5
- <style type="text/css">
6
- body { background-color: #fff; color: #666; text-align: center; font-family: arial, sans-serif; }
7
- div.dialog {
8
- width: 25em;
9
- padding: 0 4em;
10
- margin: 4em auto 0 auto;
11
- border: 1px solid #ccc;
12
- border-right-color: #999;
13
- border-bottom-color: #999;
14
- }
15
- h1 { font-size: 100%; color: #f00; line-height: 1.5em; }
16
- </style>
17
- </head>
18
-
19
- <body>
20
- <!-- This file lives in public/500.html -->
21
- <div class="dialog">
22
- <h1>We're sorry, but something went wrong.</h1>
23
- <p>We've been notified about this issue and we'll take a look at it shortly.</p>
24
- </div>
25
- </body>
26
- </html>
File without changes
@@ -1,6 +0,0 @@
1
- #!/usr/bin/env ruby
2
- # This command will automatically be run when you run "rails" with Rails 3 gems installed from the root of your application.
3
-
4
- APP_PATH = File.expand_path('../../config/application', __FILE__)
5
- require File.expand_path('../../config/boot', __FILE__)
6
- require 'rails/commands'
data/spec/factories.rb DELETED
@@ -1,28 +0,0 @@
1
- FactoryGirl.define do
2
- factory :access_grant, class: Doorkeeper::AccessGrant do
3
- sequence(:resource_owner_id) { |n| n }
4
- application
5
- redirect_uri 'https://app.com/callback'
6
- expires_in 100
7
- scopes 'public write'
8
- end
9
-
10
- factory :access_token, class: Doorkeeper::AccessToken do
11
- sequence(:resource_owner_id) { |n| n }
12
- application
13
- expires_in 2.hours
14
-
15
- factory :clientless_access_token do
16
- application nil
17
- end
18
- end
19
-
20
- factory :application, class: Doorkeeper::Application do
21
- sequence(:name) { |n| "Application #{n}" }
22
- redirect_uri 'https://app.com/callback'
23
- end
24
-
25
- # do not name this factory :user, otherwise it will conflict with factories
26
- # from applications that use doorkeeper factories in their own tests
27
- factory :doorkeeper_testing_user, class: :user
28
- end
@@ -1,22 +0,0 @@
1
- require 'spec_helper_integration'
2
- require 'generators/doorkeeper/application_owner_generator'
3
-
4
- describe 'Doorkeeper::ApplicationOwnerGenerator' do
5
- include GeneratorSpec::TestCase
6
-
7
- tests Doorkeeper::ApplicationOwnerGenerator
8
- destination ::File.expand_path('../tmp/dummy', __FILE__)
9
-
10
- describe 'after running the generator' do
11
- before :each do
12
- prepare_destination
13
- FileUtils.mkdir(::File.expand_path('config', Pathname(destination_root)))
14
- FileUtils.copy_file(::File.expand_path('../templates/routes.rb', __FILE__), ::File.expand_path('config/routes.rb', Pathname.new(destination_root)))
15
- run_generator
16
- end
17
-
18
- it 'creates a migration' do
19
- assert_migration 'db/migrate/add_owner_to_application.rb'
20
- end
21
- end
22
- end
@@ -1,31 +0,0 @@
1
- require 'spec_helper_integration'
2
- require 'generators/doorkeeper/install_generator'
3
-
4
- describe 'Doorkeeper::InstallGenerator' do
5
- include GeneratorSpec::TestCase
6
-
7
- tests Doorkeeper::InstallGenerator
8
- destination ::File.expand_path('../tmp/dummy', __FILE__)
9
-
10
- describe 'after running the generator' do
11
- before :each do
12
- prepare_destination
13
- FileUtils.mkdir(::File.expand_path('config', Pathname(destination_root)))
14
- FileUtils.mkdir(::File.expand_path('db', Pathname(destination_root)))
15
- FileUtils.copy_file(::File.expand_path('../templates/routes.rb', __FILE__), ::File.expand_path('config/routes.rb', Pathname.new(destination_root)))
16
- run_generator
17
- end
18
-
19
- it 'creates an initializer file' do
20
- assert_file 'config/initializers/doorkeeper.rb'
21
- end
22
-
23
- it 'copies the locale file' do
24
- assert_file 'config/locales/doorkeeper.en.yml'
25
- end
26
-
27
- it 'adds sample route' do
28
- assert_file 'config/routes.rb', /use_doorkeeper/
29
- end
30
- end
31
- end