doorkeeper 4.4.3 → 5.0.0.rc1
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of doorkeeper might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/.gitignore +1 -0
- data/.travis.yml +2 -0
- data/Appraisals +2 -2
- data/Gemfile +1 -1
- data/NEWS.md +36 -17
- data/README.md +85 -3
- data/Rakefile +6 -0
- data/app/assets/stylesheets/doorkeeper/admin/application.css +2 -2
- data/app/controllers/doorkeeper/application_controller.rb +4 -3
- data/app/controllers/doorkeeper/application_metal_controller.rb +4 -0
- data/app/controllers/doorkeeper/applications_controller.rb +42 -22
- data/app/controllers/doorkeeper/authorizations_controller.rb +55 -12
- data/app/controllers/doorkeeper/authorized_applications_controller.rb +15 -1
- data/app/controllers/doorkeeper/tokens_controller.rb +12 -15
- data/app/helpers/doorkeeper/dashboard_helper.rb +7 -7
- data/app/validators/redirect_uri_validator.rb +3 -2
- data/app/views/doorkeeper/applications/_delete_form.html.erb +3 -1
- data/app/views/doorkeeper/applications/_form.html.erb +25 -24
- data/app/views/doorkeeper/applications/edit.html.erb +1 -1
- data/app/views/doorkeeper/applications/index.html.erb +17 -7
- data/app/views/doorkeeper/applications/new.html.erb +1 -1
- data/app/views/doorkeeper/applications/show.html.erb +6 -6
- data/app/views/doorkeeper/authorizations/error.html.erb +1 -1
- data/app/views/doorkeeper/authorizations/new.html.erb +4 -0
- data/app/views/layouts/doorkeeper/admin.html.erb +15 -15
- data/config/locales/en.yml +9 -1
- data/doorkeeper.gemspec +0 -2
- data/gemfiles/rails_5_2.gemfile +1 -1
- data/lib/doorkeeper/config.rb +58 -35
- data/lib/doorkeeper/engine.rb +4 -0
- data/lib/doorkeeper/errors.rb +2 -5
- data/lib/doorkeeper/grape/helpers.rb +1 -1
- data/lib/doorkeeper/helpers/controller.rb +7 -2
- data/lib/doorkeeper/models/access_grant_mixin.rb +56 -0
- data/lib/doorkeeper/models/access_token_mixin.rb +38 -21
- data/lib/doorkeeper/models/concerns/scopes.rb +1 -1
- data/lib/doorkeeper/oauth/authorization/code.rb +31 -8
- data/lib/doorkeeper/oauth/authorization/context.rb +15 -0
- data/lib/doorkeeper/oauth/authorization/token.rb +23 -6
- data/lib/doorkeeper/oauth/authorization_code_request.rb +27 -2
- data/lib/doorkeeper/oauth/base_request.rb +18 -8
- data/lib/doorkeeper/oauth/client/credentials.rb +1 -1
- data/lib/doorkeeper/oauth/client_credentials/issuer.rb +6 -1
- data/lib/doorkeeper/oauth/client_credentials/validation.rb +4 -2
- data/lib/doorkeeper/oauth/error_response.rb +11 -3
- data/lib/doorkeeper/oauth/helpers/scope_checker.rb +0 -8
- data/lib/doorkeeper/oauth/password_access_token_request.rb +7 -4
- data/lib/doorkeeper/oauth/pre_authorization.rb +41 -11
- data/lib/doorkeeper/oauth/refresh_token_request.rb +6 -1
- data/lib/doorkeeper/oauth/scopes.rb +1 -1
- data/lib/doorkeeper/oauth/token.rb +5 -2
- data/lib/doorkeeper/oauth/token_introspection.rb +2 -2
- data/lib/doorkeeper/oauth/token_response.rb +4 -2
- data/lib/doorkeeper/oauth.rb +13 -0
- data/lib/doorkeeper/orm/active_record/application.rb +13 -16
- data/lib/doorkeeper/orm/active_record/stale_records_cleaner.rb +26 -0
- data/lib/doorkeeper/orm/active_record.rb +2 -0
- data/lib/doorkeeper/rails/helpers.rb +2 -4
- data/lib/doorkeeper/rails/routes.rb +14 -6
- data/lib/doorkeeper/rake/db.rake +40 -0
- data/lib/doorkeeper/rake/setup.rake +6 -0
- data/lib/doorkeeper/rake.rb +14 -0
- data/lib/doorkeeper/request.rb +28 -28
- data/lib/doorkeeper/version.rb +5 -25
- data/lib/doorkeeper.rb +4 -17
- data/lib/generators/doorkeeper/application_owner_generator.rb +23 -18
- data/lib/generators/doorkeeper/confidential_applications_generator.rb +32 -0
- data/lib/generators/doorkeeper/install_generator.rb +17 -9
- data/lib/generators/doorkeeper/migration_generator.rb +23 -18
- data/lib/generators/doorkeeper/pkce_generator.rb +32 -0
- data/lib/generators/doorkeeper/previous_refresh_token_generator.rb +29 -24
- data/lib/generators/doorkeeper/templates/add_confidential_to_applications.rb.erb +13 -0
- data/lib/generators/doorkeeper/templates/enable_pkce_migration.rb.erb +6 -0
- data/lib/generators/doorkeeper/templates/initializer.rb +60 -9
- data/lib/generators/doorkeeper/views_generator.rb +3 -1
- data/spec/controllers/application_metal_controller_spec.rb +50 -0
- data/spec/controllers/applications_controller_spec.rb +126 -13
- data/spec/controllers/authorizations_controller_spec.rb +252 -49
- data/spec/controllers/protected_resources_controller_spec.rb +16 -16
- data/spec/controllers/token_info_controller_spec.rb +4 -12
- data/spec/controllers/tokens_controller_spec.rb +19 -73
- data/spec/dummy/app/assets/config/manifest.js +2 -0
- data/spec/dummy/config/environments/test.rb +4 -5
- data/spec/dummy/config/initializers/doorkeeper.rb +5 -4
- data/spec/dummy/config/initializers/new_framework_defaults.rb +4 -0
- data/spec/dummy/config/routes.rb +3 -42
- data/spec/dummy/db/migrate/20170822064514_enable_pkce.rb +6 -0
- data/spec/dummy/db/migrate/{20180210183654_add_confidential_to_application.rb → 20180210183654_add_confidential_to_applications.rb} +1 -1
- data/spec/dummy/db/schema.rb +36 -36
- data/spec/generators/application_owner_generator_spec.rb +1 -1
- data/spec/generators/confidential_applications_generator_spec.rb +45 -0
- data/spec/generators/install_generator_spec.rb +1 -1
- data/spec/generators/migration_generator_spec.rb +1 -1
- data/spec/generators/pkce_generator_spec.rb +43 -0
- data/spec/generators/previous_refresh_token_generator_spec.rb +1 -1
- data/spec/generators/views_generator_spec.rb +1 -1
- data/spec/grape/grape_integration_spec.rb +1 -1
- data/spec/helpers/doorkeeper/dashboard_helper_spec.rb +1 -1
- data/spec/lib/config_spec.rb +51 -31
- data/spec/lib/doorkeeper_spec.rb +1 -126
- data/spec/lib/models/expirable_spec.rb +0 -3
- data/spec/lib/models/revocable_spec.rb +0 -2
- data/spec/lib/models/scopes_spec.rb +0 -4
- data/spec/lib/oauth/authorization/uri_builder_spec.rb +0 -4
- data/spec/lib/oauth/authorization_code_request_spec.rb +9 -2
- data/spec/lib/oauth/base_request_spec.rb +16 -2
- data/spec/lib/oauth/base_response_spec.rb +1 -1
- data/spec/lib/oauth/client/credentials_spec.rb +1 -3
- data/spec/lib/oauth/client_credentials/creator_spec.rb +5 -1
- data/spec/lib/oauth/client_credentials/issuer_spec.rb +26 -7
- data/spec/lib/oauth/client_credentials/validation_spec.rb +2 -3
- data/spec/lib/oauth/client_credentials_integration_spec.rb +1 -1
- data/spec/lib/oauth/client_credentials_request_spec.rb +3 -5
- data/spec/lib/oauth/client_spec.rb +0 -3
- data/spec/lib/oauth/code_request_spec.rb +4 -2
- data/spec/lib/oauth/error_response_spec.rb +0 -3
- data/spec/lib/oauth/error_spec.rb +0 -2
- data/spec/lib/oauth/forbidden_token_response_spec.rb +1 -4
- data/spec/lib/oauth/helpers/scope_checker_spec.rb +0 -3
- data/spec/lib/oauth/helpers/unique_token_spec.rb +0 -1
- data/spec/lib/oauth/helpers/uri_checker_spec.rb +5 -7
- data/spec/lib/oauth/invalid_token_response_spec.rb +1 -4
- data/spec/lib/oauth/password_access_token_request_spec.rb +37 -2
- data/spec/lib/oauth/pre_authorization_spec.rb +33 -4
- data/spec/lib/oauth/refresh_token_request_spec.rb +11 -7
- data/spec/lib/oauth/scopes_spec.rb +0 -3
- data/spec/lib/oauth/token_request_spec.rb +4 -5
- data/spec/lib/oauth/token_response_spec.rb +0 -1
- data/spec/lib/oauth/token_spec.rb +37 -14
- data/spec/lib/orm/active_record/stale_records_cleaner_spec.rb +79 -0
- data/spec/lib/request/strategy_spec.rb +0 -1
- data/spec/lib/server_spec.rb +1 -1
- data/spec/models/doorkeeper/access_grant_spec.rb +1 -1
- data/spec/models/doorkeeper/access_token_spec.rb +50 -16
- data/spec/models/doorkeeper/application_spec.rb +1 -47
- data/spec/requests/applications/applications_request_spec.rb +89 -1
- data/spec/requests/applications/authorized_applications_spec.rb +1 -1
- data/spec/requests/endpoints/authorization_spec.rb +1 -1
- data/spec/requests/endpoints/token_spec.rb +7 -5
- data/spec/requests/flows/authorization_code_errors_spec.rb +1 -1
- data/spec/requests/flows/authorization_code_spec.rb +198 -2
- data/spec/requests/flows/client_credentials_spec.rb +46 -6
- data/spec/requests/flows/implicit_grant_errors_spec.rb +1 -1
- data/spec/requests/flows/implicit_grant_spec.rb +38 -11
- data/spec/requests/flows/password_spec.rb +56 -2
- data/spec/requests/flows/refresh_token_spec.rb +2 -2
- data/spec/requests/flows/revoke_token_spec.rb +11 -11
- data/spec/requests/flows/skip_authorization_spec.rb +16 -11
- data/spec/requests/protected_resources/metal_spec.rb +1 -1
- data/spec/requests/protected_resources/private_api_spec.rb +1 -1
- data/spec/routing/custom_controller_routes_spec.rb +59 -7
- data/spec/routing/default_routes_spec.rb +2 -2
- data/spec/routing/scoped_routes_spec.rb +16 -2
- data/spec/spec_helper.rb +54 -3
- data/spec/spec_helper_integration.rb +2 -74
- data/spec/support/dependencies/{factory_girl.rb → factory_bot.rb} +0 -0
- data/spec/support/doorkeeper_rspec.rb +19 -0
- data/spec/support/helpers/authorization_request_helper.rb +4 -4
- data/spec/support/helpers/request_spec_helper.rb +2 -2
- data/spec/support/helpers/url_helper.rb +7 -3
- data/spec/support/http_method_shim.rb +12 -16
- data/spec/validators/redirect_uri_validator_spec.rb +7 -1
- data/spec/version/version_spec.rb +3 -3
- data/vendor/assets/stylesheets/doorkeeper/bootstrap.min.css +4 -5
- metadata +33 -31
- data/lib/generators/doorkeeper/add_client_confidentiality_generator.rb +0 -31
- data/lib/generators/doorkeeper/templates/add_confidential_to_application_migration.rb.erb +0 -11
- data/spec/controllers/application_metal_controller.rb +0 -10
@@ -1,4 +1,4 @@
|
|
1
|
-
require '
|
1
|
+
require 'spec_helper'
|
2
2
|
|
3
3
|
describe 'Revoke Token Flow' do
|
4
4
|
before do
|
@@ -24,7 +24,7 @@ describe 'Revoke Token Flow' do
|
|
24
24
|
end
|
25
25
|
|
26
26
|
it 'should revoke the access token provided' do
|
27
|
-
post revocation_token_endpoint_url, { token: access_token.token }, headers
|
27
|
+
post revocation_token_endpoint_url, params: { token: access_token.token }, headers: headers
|
28
28
|
|
29
29
|
access_token.reload
|
30
30
|
|
@@ -33,7 +33,7 @@ describe 'Revoke Token Flow' do
|
|
33
33
|
end
|
34
34
|
|
35
35
|
it 'should revoke the refresh token provided' do
|
36
|
-
post revocation_token_endpoint_url, { token: access_token.refresh_token }, headers
|
36
|
+
post revocation_token_endpoint_url, params: { token: access_token.refresh_token }, headers: headers
|
37
37
|
|
38
38
|
access_token.reload
|
39
39
|
|
@@ -44,7 +44,7 @@ describe 'Revoke Token Flow' do
|
|
44
44
|
context 'with invalid token to revoke' do
|
45
45
|
it 'should not revoke any tokens and respond successfully' do
|
46
46
|
num_prev_revoked_tokens = Doorkeeper::AccessToken.where(revoked_at: nil).count
|
47
|
-
post revocation_token_endpoint_url, { token: 'I_AM_AN_INVALID_TOKEN' }, headers
|
47
|
+
post revocation_token_endpoint_url, params: { token: 'I_AM_AN_INVALID_TOKEN' }, headers: headers
|
48
48
|
|
49
49
|
# The authorization server responds with HTTP status code 200 even if
|
50
50
|
# token is invalid
|
@@ -60,7 +60,7 @@ describe 'Revoke Token Flow' do
|
|
60
60
|
{ 'HTTP_AUTHORIZATION' => "Basic #{credentials}" }
|
61
61
|
end
|
62
62
|
it 'should not revoke any tokens and respond successfully' do
|
63
|
-
post revocation_token_endpoint_url, { token: access_token.token }, headers
|
63
|
+
post revocation_token_endpoint_url, params: { token: access_token.token }, headers: headers
|
64
64
|
|
65
65
|
access_token.reload
|
66
66
|
|
@@ -71,7 +71,7 @@ describe 'Revoke Token Flow' do
|
|
71
71
|
|
72
72
|
context 'with no credentials and a valid token' do
|
73
73
|
it 'should not revoke any tokens and respond successfully' do
|
74
|
-
post revocation_token_endpoint_url, { token: access_token.token }
|
74
|
+
post revocation_token_endpoint_url, params: { token: access_token.token }
|
75
75
|
|
76
76
|
access_token.reload
|
77
77
|
|
@@ -90,7 +90,7 @@ describe 'Revoke Token Flow' do
|
|
90
90
|
end
|
91
91
|
|
92
92
|
it 'should not revoke the token as its unauthorized' do
|
93
|
-
post revocation_token_endpoint_url, { token: access_token.token }, headers
|
93
|
+
post revocation_token_endpoint_url, params: { token: access_token.token }, headers: headers
|
94
94
|
|
95
95
|
access_token.reload
|
96
96
|
|
@@ -109,7 +109,7 @@ describe 'Revoke Token Flow' do
|
|
109
109
|
end
|
110
110
|
|
111
111
|
it 'should revoke the access token provided' do
|
112
|
-
post revocation_token_endpoint_url, { token: access_token.token }
|
112
|
+
post revocation_token_endpoint_url, params: { token: access_token.token }
|
113
113
|
|
114
114
|
access_token.reload
|
115
115
|
|
@@ -118,7 +118,7 @@ describe 'Revoke Token Flow' do
|
|
118
118
|
end
|
119
119
|
|
120
120
|
it 'should revoke the refresh token provided' do
|
121
|
-
post revocation_token_endpoint_url, { token: access_token.refresh_token }
|
121
|
+
post revocation_token_endpoint_url, params: { token: access_token.refresh_token }
|
122
122
|
|
123
123
|
access_token.reload
|
124
124
|
|
@@ -135,7 +135,7 @@ describe 'Revoke Token Flow' do
|
|
135
135
|
end
|
136
136
|
|
137
137
|
it 'should not revoke the access token provided' do
|
138
|
-
post revocation_token_endpoint_url, { token: access_token.token }
|
138
|
+
post revocation_token_endpoint_url, params: { token: access_token.token }
|
139
139
|
|
140
140
|
access_token.reload
|
141
141
|
|
@@ -144,7 +144,7 @@ describe 'Revoke Token Flow' do
|
|
144
144
|
end
|
145
145
|
|
146
146
|
it 'should not revoke the refresh token provided' do
|
147
|
-
post revocation_token_endpoint_url, { token: access_token.token }
|
147
|
+
post revocation_token_endpoint_url, params: { token: access_token.token }
|
148
148
|
|
149
149
|
access_token.reload
|
150
150
|
|
@@ -1,4 +1,4 @@
|
|
1
|
-
require '
|
1
|
+
require 'spec_helper'
|
2
2
|
|
3
3
|
feature 'Skip authorization form' do
|
4
4
|
background do
|
@@ -15,13 +15,24 @@ feature 'Skip authorization form' do
|
|
15
15
|
end
|
16
16
|
|
17
17
|
scenario 'skips the authorization and return a new grant code' do
|
18
|
-
client_is_authorized(@client, @resource_owner, scopes:
|
19
|
-
visit authorization_endpoint_url(client: @client)
|
18
|
+
client_is_authorized(@client, @resource_owner, scopes: "public")
|
19
|
+
visit authorization_endpoint_url(client: @client, scope: "public")
|
20
|
+
|
21
|
+
i_should_not_see "Authorize"
|
22
|
+
client_should_be_authorized @client
|
23
|
+
i_should_be_on_client_callback @client
|
24
|
+
url_should_have_param "code", Doorkeeper::AccessGrant.first.token
|
25
|
+
end
|
26
|
+
|
27
|
+
scenario "skips the authorization if other scopes are not requested" do
|
28
|
+
client_exists scopes: "public read write"
|
29
|
+
client_is_authorized(@client, @resource_owner, scopes: "public")
|
30
|
+
visit authorization_endpoint_url(client: @client, scope: "public")
|
20
31
|
|
21
|
-
i_should_not_see
|
32
|
+
i_should_not_see "Authorize"
|
22
33
|
client_should_be_authorized @client
|
23
34
|
i_should_be_on_client_callback @client
|
24
|
-
url_should_have_param
|
35
|
+
url_should_have_param "code", Doorkeeper::AccessGrant.first.token
|
25
36
|
end
|
26
37
|
|
27
38
|
scenario 'does not skip authorization when scopes differ (new request has fewer scopes)' do
|
@@ -43,12 +54,6 @@ feature 'Skip authorization form' do
|
|
43
54
|
access_grant_should_have_scopes :public
|
44
55
|
end
|
45
56
|
|
46
|
-
scenario 'doesn not skip authorization when scopes are greater' do
|
47
|
-
client_is_authorized(@client, @resource_owner, scopes: 'public')
|
48
|
-
visit authorization_endpoint_url(client: @client, scope: 'public write')
|
49
|
-
i_should_see 'Authorize'
|
50
|
-
end
|
51
|
-
|
52
57
|
scenario 'creates grant with new scope when scopes are greater' do
|
53
58
|
client_is_authorized(@client, @resource_owner, scopes: 'public')
|
54
59
|
visit authorization_endpoint_url(client: @client, scope: 'public write')
|
@@ -1,27 +1,79 @@
|
|
1
|
-
require '
|
1
|
+
require 'spec_helper'
|
2
2
|
|
3
3
|
describe 'Custom controller for routes' do
|
4
|
-
|
4
|
+
before :all do
|
5
|
+
Rails.application.routes.disable_clear_and_finalize = true
|
6
|
+
|
7
|
+
Rails.application.routes.draw do
|
8
|
+
scope 'inner_space' do
|
9
|
+
use_doorkeeper scope: 'scope' do
|
10
|
+
controllers authorizations: 'custom_authorizations',
|
11
|
+
tokens: 'custom_authorizations',
|
12
|
+
applications: 'custom_authorizations',
|
13
|
+
token_info: 'custom_authorizations'
|
14
|
+
|
15
|
+
as authorizations: 'custom_auth',
|
16
|
+
tokens: 'custom_token',
|
17
|
+
token_info: 'custom_token_info'
|
18
|
+
end
|
19
|
+
end
|
20
|
+
|
21
|
+
scope 'space' do
|
22
|
+
use_doorkeeper do
|
23
|
+
controllers authorizations: 'custom_authorizations',
|
24
|
+
tokens: 'custom_authorizations',
|
25
|
+
applications: 'custom_authorizations',
|
26
|
+
token_info: 'custom_authorizations'
|
27
|
+
|
28
|
+
as authorizations: 'custom_auth',
|
29
|
+
tokens: 'custom_token',
|
30
|
+
token_info: 'custom_token_info'
|
31
|
+
end
|
32
|
+
end
|
33
|
+
|
34
|
+
scope 'outer_space' do
|
35
|
+
use_doorkeeper do
|
36
|
+
controllers authorizations: 'custom_authorizations',
|
37
|
+
tokens: 'custom_authorizations',
|
38
|
+
token_info: 'custom_authorizations'
|
39
|
+
|
40
|
+
as authorizations: 'custom_auth',
|
41
|
+
tokens: 'custom_token',
|
42
|
+
token_info: 'custom_token_info'
|
43
|
+
|
44
|
+
skip_controllers :tokens, :applications, :token_info
|
45
|
+
end
|
46
|
+
end
|
47
|
+
end
|
48
|
+
end
|
49
|
+
|
50
|
+
after :all do
|
51
|
+
Rails.application.routes.clear!
|
52
|
+
|
53
|
+
load File.expand_path('../dummy/config/routes.rb', __dir__)
|
54
|
+
end
|
55
|
+
|
56
|
+
it 'GET /inner_space/scope/authorize routes to custom authorizations controller' do
|
5
57
|
expect(get('/inner_space/scope/authorize')).to route_to('custom_authorizations#new')
|
6
58
|
end
|
7
59
|
|
8
|
-
it 'POST /
|
60
|
+
it 'POST /inner_space/scope/authorize routes to custom authorizations controller' do
|
9
61
|
expect(post('/inner_space/scope/authorize')).to route_to('custom_authorizations#create')
|
10
62
|
end
|
11
63
|
|
12
|
-
it 'DELETE /
|
64
|
+
it 'DELETE /inner_space/scope/authorize routes to custom authorizations controller' do
|
13
65
|
expect(delete('/inner_space/scope/authorize')).to route_to('custom_authorizations#destroy')
|
14
66
|
end
|
15
67
|
|
16
|
-
it 'POST /
|
68
|
+
it 'POST /inner_space/scope/token routes to tokens controller' do
|
17
69
|
expect(post('/inner_space/scope/token')).to route_to('custom_authorizations#create')
|
18
70
|
end
|
19
71
|
|
20
|
-
it 'GET /
|
72
|
+
it 'GET /inner_space/scope/applications routes to applications controller' do
|
21
73
|
expect(get('/inner_space/scope/applications')).to route_to('custom_authorizations#index')
|
22
74
|
end
|
23
75
|
|
24
|
-
it 'GET /
|
76
|
+
it 'GET /inner_space/scope/token/info routes to the token_info controller' do
|
25
77
|
expect(get('/inner_space/scope/token/info')).to route_to('custom_authorizations#show')
|
26
78
|
end
|
27
79
|
|
@@ -1,4 +1,4 @@
|
|
1
|
-
require '
|
1
|
+
require 'spec_helper'
|
2
2
|
|
3
3
|
describe 'Default routes' do
|
4
4
|
it 'GET /oauth/authorize routes to authorizations controller' do
|
@@ -33,7 +33,7 @@ describe 'Default routes' do
|
|
33
33
|
expect(get('/oauth/authorized_applications')).to route_to('doorkeeper/authorized_applications#index')
|
34
34
|
end
|
35
35
|
|
36
|
-
it 'GET /oauth/token/info route to authorized
|
36
|
+
it 'GET /oauth/token/info route to authorized TokenInfo controller' do
|
37
37
|
expect(get('/oauth/token/info')).to route_to('doorkeeper/token_info#show')
|
38
38
|
end
|
39
39
|
end
|
@@ -1,6 +1,20 @@
|
|
1
|
-
require '
|
1
|
+
require 'spec_helper'
|
2
2
|
|
3
3
|
describe 'Scoped routes' do
|
4
|
+
before :all do
|
5
|
+
Rails.application.routes.disable_clear_and_finalize = true
|
6
|
+
|
7
|
+
Rails.application.routes.draw do
|
8
|
+
use_doorkeeper scope: 'scope'
|
9
|
+
end
|
10
|
+
end
|
11
|
+
|
12
|
+
after :all do
|
13
|
+
Rails.application.routes.clear!
|
14
|
+
|
15
|
+
load File.expand_path('../dummy/config/routes.rb', __dir__)
|
16
|
+
end
|
17
|
+
|
4
18
|
it 'GET /scope/authorize routes to authorizations controller' do
|
5
19
|
expect(get('/scope/authorize')).to route_to('doorkeeper/authorizations#new')
|
6
20
|
end
|
@@ -25,7 +39,7 @@ describe 'Scoped routes' do
|
|
25
39
|
expect(get('/scope/authorized_applications')).to route_to('doorkeeper/authorized_applications#index')
|
26
40
|
end
|
27
41
|
|
28
|
-
it 'GET /scope/token/info route to
|
42
|
+
it 'GET /scope/token/info route to authorized TokenInfo controller' do
|
29
43
|
expect(get('/scope/token/info')).to route_to('doorkeeper/token_info#show')
|
30
44
|
end
|
31
45
|
end
|
data/spec/spec_helper.rb
CHANGED
@@ -1,4 +1,55 @@
|
|
1
|
-
|
2
|
-
$LOAD_PATH.unshift File.expand_path(File.join(File.dirname(__FILE__), '../app'))
|
1
|
+
require 'coveralls'
|
3
2
|
|
4
|
-
|
3
|
+
Coveralls.wear!('rails') do
|
4
|
+
add_filter('/spec/')
|
5
|
+
add_filter('/lib/generators/doorkeeper/templates/')
|
6
|
+
end
|
7
|
+
|
8
|
+
ENV['RAILS_ENV'] ||= 'test'
|
9
|
+
|
10
|
+
$LOAD_PATH.unshift File.dirname(__FILE__)
|
11
|
+
|
12
|
+
require "#{File.dirname(__FILE__)}/support/doorkeeper_rspec.rb"
|
13
|
+
|
14
|
+
DOORKEEPER_ORM = Doorkeeper::RSpec.detect_orm
|
15
|
+
|
16
|
+
require 'dummy/config/environment'
|
17
|
+
require 'rspec/rails'
|
18
|
+
require 'capybara/rspec'
|
19
|
+
require 'database_cleaner'
|
20
|
+
require 'generator_spec/test_case'
|
21
|
+
|
22
|
+
# Load JRuby SQLite3 if in that platform
|
23
|
+
if defined? JRUBY_VERSION
|
24
|
+
require 'jdbc/sqlite3'
|
25
|
+
Jdbc::SQLite3.load_driver
|
26
|
+
end
|
27
|
+
|
28
|
+
Doorkeeper::RSpec.print_configuration_info
|
29
|
+
|
30
|
+
# Remove after dropping support of Rails 4.2
|
31
|
+
require "#{File.dirname(__FILE__)}/support/http_method_shim.rb"
|
32
|
+
|
33
|
+
require "support/orm/#{DOORKEEPER_ORM}"
|
34
|
+
|
35
|
+
Dir["#{File.dirname(__FILE__)}/support/{dependencies,helpers,shared}/*.rb"].each { |file| require file }
|
36
|
+
|
37
|
+
RSpec.configure do |config|
|
38
|
+
config.infer_spec_type_from_file_location!
|
39
|
+
config.mock_with :rspec
|
40
|
+
|
41
|
+
config.infer_base_class_for_anonymous_controllers = false
|
42
|
+
|
43
|
+
config.include RSpec::Rails::RequestExampleGroup, type: :request
|
44
|
+
|
45
|
+
config.before do
|
46
|
+
DatabaseCleaner.start
|
47
|
+
Doorkeeper.configure { orm DOORKEEPER_ORM }
|
48
|
+
end
|
49
|
+
|
50
|
+
config.after do
|
51
|
+
DatabaseCleaner.clean
|
52
|
+
end
|
53
|
+
|
54
|
+
config.order = 'random'
|
55
|
+
end
|
@@ -1,74 +1,2 @@
|
|
1
|
-
|
2
|
-
|
3
|
-
|
4
|
-
Coveralls.wear!('rails') do
|
5
|
-
add_filter('/spec/')
|
6
|
-
add_filter('/lib/generators/doorkeeper/templates/')
|
7
|
-
end
|
8
|
-
else
|
9
|
-
require 'simplecov'
|
10
|
-
|
11
|
-
SimpleCov.start do
|
12
|
-
add_filter('/spec/')
|
13
|
-
add_filter('/lib/generators/doorkeeper/templates/')
|
14
|
-
end
|
15
|
-
end
|
16
|
-
|
17
|
-
ENV['RAILS_ENV'] ||= 'test'
|
18
|
-
TABLE_NAME_PREFIX = ENV['table_name_prefix'] || nil
|
19
|
-
TABLE_NAME_SUFFIX = ENV['table_name_suffix'] || nil
|
20
|
-
|
21
|
-
orm = (ENV['BUNDLE_GEMFILE'] || '').match(/Gemfile\.(.+)\.rb/)
|
22
|
-
DOORKEEPER_ORM = (orm && orm[1] || :active_record).to_sym
|
23
|
-
|
24
|
-
$LOAD_PATH.unshift File.dirname(__FILE__)
|
25
|
-
|
26
|
-
require 'capybara/rspec'
|
27
|
-
require 'dummy/config/environment'
|
28
|
-
require 'rspec/rails'
|
29
|
-
require 'generator_spec/test_case'
|
30
|
-
require 'database_cleaner'
|
31
|
-
|
32
|
-
# Load JRuby SQLite3 if in that platform
|
33
|
-
begin
|
34
|
-
require 'jdbc/sqlite3'
|
35
|
-
Jdbc::SQLite3.load_driver
|
36
|
-
rescue LoadError
|
37
|
-
end
|
38
|
-
|
39
|
-
Rails.logger.info "====> Doorkeeper.orm = #{Doorkeeper.configuration.orm}"
|
40
|
-
if Doorkeeper.configuration.orm == :active_record
|
41
|
-
Rails.logger.info "======> active_record.table_name_prefix = #{Rails.configuration.active_record.table_name_prefix}"
|
42
|
-
Rails.logger.info "======> active_record.table_name_suffix = #{Rails.configuration.active_record.table_name_suffix}"
|
43
|
-
end
|
44
|
-
Rails.logger.info "====> Rails version: #{Rails.version}"
|
45
|
-
Rails.logger.info "====> Ruby version: #{RUBY_VERSION}"
|
46
|
-
|
47
|
-
require "support/orm/#{DOORKEEPER_ORM}"
|
48
|
-
|
49
|
-
ENGINE_RAILS_ROOT = File.join(File.dirname(__FILE__), '../')
|
50
|
-
|
51
|
-
Dir["#{File.dirname(__FILE__)}/support/{dependencies,helpers,shared}/*.rb"].each { |f| require f }
|
52
|
-
|
53
|
-
# Remove after dropping support of Rails 4.2
|
54
|
-
require "#{File.dirname(__FILE__)}/support/http_method_shim.rb"
|
55
|
-
|
56
|
-
RSpec.configure do |config|
|
57
|
-
config.infer_spec_type_from_file_location!
|
58
|
-
config.mock_with :rspec
|
59
|
-
|
60
|
-
config.infer_base_class_for_anonymous_controllers = false
|
61
|
-
|
62
|
-
config.include RSpec::Rails::RequestExampleGroup, type: :request
|
63
|
-
|
64
|
-
config.before do
|
65
|
-
DatabaseCleaner.start
|
66
|
-
Doorkeeper.configure { orm DOORKEEPER_ORM }
|
67
|
-
end
|
68
|
-
|
69
|
-
config.after do
|
70
|
-
DatabaseCleaner.clean
|
71
|
-
end
|
72
|
-
|
73
|
-
config.order = 'random'
|
74
|
-
end
|
1
|
+
# For compatibility only
|
2
|
+
require 'spec_helper'
|
File without changes
|
@@ -0,0 +1,19 @@
|
|
1
|
+
module Doorkeeper
|
2
|
+
class RSpec
|
3
|
+
# Print's useful information about env: Ruby / Rails versions,
|
4
|
+
# Doorkeeper configuration, etc.
|
5
|
+
def self.print_configuration_info
|
6
|
+
puts <<-INFO.strip_heredoc
|
7
|
+
====> Doorkeeper ORM = #{Doorkeeper.configuration.orm}
|
8
|
+
====> Rails version: #{::Rails.version}
|
9
|
+
====> Ruby version: #{RUBY_VERSION} on #{RUBY_PLATFORM}
|
10
|
+
INFO
|
11
|
+
end
|
12
|
+
|
13
|
+
# Tries to find ORM from the Gemfile used to run test suite
|
14
|
+
def self.detect_orm
|
15
|
+
orm = (ENV['BUNDLE_GEMFILE'] || '').match(/Gemfile\.(.+)\.rb/)
|
16
|
+
(orm && orm[1] || :active_record).to_sym
|
17
|
+
end
|
18
|
+
end
|
19
|
+
end
|
@@ -28,13 +28,13 @@ module AuthorizationRequestHelper
|
|
28
28
|
expect(client.redirect_uri).to eq("#{current_uri.scheme}://#{current_uri.host}#{current_uri.path}")
|
29
29
|
end
|
30
30
|
|
31
|
-
def allowing_forgery_protection(&
|
32
|
-
|
31
|
+
def allowing_forgery_protection(&_block)
|
32
|
+
original_value = ActionController::Base.allow_forgery_protection
|
33
33
|
ActionController::Base.allow_forgery_protection = true
|
34
34
|
|
35
|
-
|
35
|
+
yield
|
36
36
|
ensure
|
37
|
-
ActionController::Base.allow_forgery_protection =
|
37
|
+
ActionController::Base.allow_forgery_protection = original_value
|
38
38
|
end
|
39
39
|
end
|
40
40
|
|
@@ -68,8 +68,8 @@ module RequestSpecHelper
|
|
68
68
|
click_on 'Sign in'
|
69
69
|
end
|
70
70
|
|
71
|
-
def create_access_token(authorization_code, client)
|
72
|
-
page.driver.post token_endpoint_url(code: authorization_code, client: client)
|
71
|
+
def create_access_token(authorization_code, client, code_verifier = nil)
|
72
|
+
page.driver.post token_endpoint_url(code: authorization_code, client: client, code_verifier: code_verifier)
|
73
73
|
end
|
74
74
|
|
75
75
|
def i_should_see_translated_error_message(key)
|
@@ -5,8 +5,10 @@ module UrlHelper
|
|
5
5
|
client_id: options[:client_id] || (options[:client] ? options[:client].uid : nil),
|
6
6
|
client_secret: options[:client_secret] || (options[:client] ? options[:client].secret : nil),
|
7
7
|
redirect_uri: options[:redirect_uri] || (options[:client] ? options[:client].redirect_uri : nil),
|
8
|
-
grant_type: options[:grant_type] || 'authorization_code'
|
9
|
-
|
8
|
+
grant_type: options[:grant_type] || 'authorization_code',
|
9
|
+
code_verifier: options[:code_verifier],
|
10
|
+
code_challenge_method: options[:code_challenge_method]
|
11
|
+
}.reject { |_, v| v.blank? }
|
10
12
|
"/oauth/token?#{build_query(parameters)}"
|
11
13
|
end
|
12
14
|
|
@@ -29,7 +31,9 @@ module UrlHelper
|
|
29
31
|
redirect_uri: options[:redirect_uri] || options[:client].redirect_uri,
|
30
32
|
response_type: options[:response_type] || 'code',
|
31
33
|
scope: options[:scope],
|
32
|
-
state: options[:state]
|
34
|
+
state: options[:state],
|
35
|
+
code_challenge: options[:code_challenge],
|
36
|
+
code_challenge_method: options[:code_challenge_method]
|
33
37
|
}.reject { |_, v| v.blank? }
|
34
38
|
"/oauth/authorize?#{build_query(parameters)}"
|
35
39
|
end
|
@@ -3,34 +3,30 @@
|
|
3
3
|
# supported in Rails 5+. Since we support back to 4, we need some sort of shim
|
4
4
|
# to avoid super noisy deprecations when running tests.
|
5
5
|
module RoutingHTTPMethodShim
|
6
|
-
def get(path,
|
7
|
-
super(path,
|
6
|
+
def get(path, **args)
|
7
|
+
super(path, args[:params], args[:headers])
|
8
8
|
end
|
9
9
|
|
10
|
-
def post(path,
|
11
|
-
super(path,
|
10
|
+
def post(path, **args)
|
11
|
+
super(path, args[:params], args[:headers])
|
12
12
|
end
|
13
13
|
|
14
|
-
def put(path,
|
15
|
-
super(path,
|
14
|
+
def put(path, **args)
|
15
|
+
super(path, args[:params], args[:headers])
|
16
16
|
end
|
17
17
|
end
|
18
18
|
|
19
19
|
module ControllerHTTPMethodShim
|
20
|
-
def
|
21
|
-
|
22
|
-
|
23
|
-
|
24
|
-
def post(path, params = {})
|
25
|
-
super(path, params: params)
|
26
|
-
end
|
20
|
+
def process(action, http_method = 'GET', **args)
|
21
|
+
if (as = args.delete(:as))
|
22
|
+
@request.headers['Content-Type'] = Mime[as].to_s
|
23
|
+
end
|
27
24
|
|
28
|
-
|
29
|
-
super(path, params: params)
|
25
|
+
super(action, http_method, args[:params], args[:session], args[:flash])
|
30
26
|
end
|
31
27
|
end
|
32
28
|
|
33
|
-
if ::Rails::VERSION::MAJOR
|
29
|
+
if ::Rails::VERSION::MAJOR < 5
|
34
30
|
RSpec.configure do |config|
|
35
31
|
config.include ControllerHTTPMethodShim, type: :controller
|
36
32
|
config.include RoutingHTTPMethodShim, type: :request
|
@@ -1,4 +1,4 @@
|
|
1
|
-
require '
|
1
|
+
require 'spec_helper'
|
2
2
|
|
3
3
|
describe RedirectUriValidator do
|
4
4
|
subject do
|
@@ -87,8 +87,14 @@ describe RedirectUriValidator do
|
|
87
87
|
application = FactoryBot.build(:application, redirect_uri: 'http://localhost/callback')
|
88
88
|
expect(application).to be_valid
|
89
89
|
|
90
|
+
application = FactoryBot.build(:application, redirect_uri: 'https://test.com/callback')
|
91
|
+
expect(application).to be_valid
|
92
|
+
|
90
93
|
application = FactoryBot.build(:application, redirect_uri: 'http://localhost2/callback')
|
91
94
|
expect(application).not_to be_valid
|
95
|
+
|
96
|
+
application = FactoryBot.build(:application, redirect_uri: 'https://test.com/callback')
|
97
|
+
expect(application).to be_valid
|
92
98
|
end
|
93
99
|
|
94
100
|
it 'forbids redirect uri if required' do
|
@@ -1,6 +1,6 @@
|
|
1
|
-
require '
|
1
|
+
require 'spec_helper'
|
2
2
|
|
3
|
-
describe
|
3
|
+
describe Doorkeeper::VERSION do
|
4
4
|
context '#gem_version' do
|
5
5
|
it 'returns Gem::Version instance' do
|
6
6
|
expect(Doorkeeper.gem_version).to be_an_instance_of(Gem::Version)
|
@@ -9,7 +9,7 @@ describe 'Doorkeeper version' do
|
|
9
9
|
|
10
10
|
context 'VERSION' do
|
11
11
|
it 'returns gem version string' do
|
12
|
-
expect(Doorkeeper::VERSION::STRING).to match(/^\d+\.\d+\.\d+
|
12
|
+
expect(Doorkeeper::VERSION::STRING).to match(/^\d+\.\d+\.\d+(\.\w+)?$/)
|
13
13
|
end
|
14
14
|
end
|
15
15
|
end
|