RubyGems - doorkeeper - Versions diffs - 4.4.3 → 5.0.0.rc1 - Mend

doorkeeper 4.4.3 → 5.0.0.rc1

Potentially problematic release.

This version of doorkeeper might be problematic. Click here for more details.

Files changed (169) hide show

checksums.yaml +4 -4
data/.gitignore +1 -0
data/.travis.yml +2 -0
data/Appraisals +2 -2
data/Gemfile +1 -1
data/NEWS.md +36 -17
data/README.md +85 -3
data/Rakefile +6 -0
data/app/assets/stylesheets/doorkeeper/admin/application.css +2 -2
data/app/controllers/doorkeeper/application_controller.rb +4 -3
data/app/controllers/doorkeeper/application_metal_controller.rb +4 -0
data/app/controllers/doorkeeper/applications_controller.rb +42 -22
data/app/controllers/doorkeeper/authorizations_controller.rb +55 -12
data/app/controllers/doorkeeper/authorized_applications_controller.rb +15 -1
data/app/controllers/doorkeeper/tokens_controller.rb +12 -15
data/app/helpers/doorkeeper/dashboard_helper.rb +7 -7
data/app/validators/redirect_uri_validator.rb +3 -2
data/app/views/doorkeeper/applications/_delete_form.html.erb +3 -1
data/app/views/doorkeeper/applications/_form.html.erb +25 -24
data/app/views/doorkeeper/applications/edit.html.erb +1 -1
data/app/views/doorkeeper/applications/index.html.erb +17 -7
data/app/views/doorkeeper/applications/new.html.erb +1 -1
data/app/views/doorkeeper/applications/show.html.erb +6 -6
data/app/views/doorkeeper/authorizations/error.html.erb +1 -1
data/app/views/doorkeeper/authorizations/new.html.erb +4 -0
data/app/views/layouts/doorkeeper/admin.html.erb +15 -15
data/config/locales/en.yml +9 -1
data/doorkeeper.gemspec +0 -2
data/gemfiles/rails_5_2.gemfile +1 -1
data/lib/doorkeeper/config.rb +58 -35
data/lib/doorkeeper/engine.rb +4 -0
data/lib/doorkeeper/errors.rb +2 -5
data/lib/doorkeeper/grape/helpers.rb +1 -1
data/lib/doorkeeper/helpers/controller.rb +7 -2
data/lib/doorkeeper/models/access_grant_mixin.rb +56 -0
data/lib/doorkeeper/models/access_token_mixin.rb +38 -21
data/lib/doorkeeper/models/concerns/scopes.rb +1 -1
data/lib/doorkeeper/oauth/authorization/code.rb +31 -8
data/lib/doorkeeper/oauth/authorization/context.rb +15 -0
data/lib/doorkeeper/oauth/authorization/token.rb +23 -6
data/lib/doorkeeper/oauth/authorization_code_request.rb +27 -2
data/lib/doorkeeper/oauth/base_request.rb +18 -8
data/lib/doorkeeper/oauth/client/credentials.rb +1 -1
data/lib/doorkeeper/oauth/client_credentials/issuer.rb +6 -1
data/lib/doorkeeper/oauth/client_credentials/validation.rb +4 -2
data/lib/doorkeeper/oauth/error_response.rb +11 -3
data/lib/doorkeeper/oauth/helpers/scope_checker.rb +0 -8
data/lib/doorkeeper/oauth/password_access_token_request.rb +7 -4
data/lib/doorkeeper/oauth/pre_authorization.rb +41 -11
data/lib/doorkeeper/oauth/refresh_token_request.rb +6 -1
data/lib/doorkeeper/oauth/scopes.rb +1 -1
data/lib/doorkeeper/oauth/token.rb +5 -2
data/lib/doorkeeper/oauth/token_introspection.rb +2 -2
data/lib/doorkeeper/oauth/token_response.rb +4 -2
data/lib/doorkeeper/oauth.rb +13 -0
data/lib/doorkeeper/orm/active_record/application.rb +13 -16
data/lib/doorkeeper/orm/active_record/stale_records_cleaner.rb +26 -0
data/lib/doorkeeper/orm/active_record.rb +2 -0
data/lib/doorkeeper/rails/helpers.rb +2 -4
data/lib/doorkeeper/rails/routes.rb +14 -6
data/lib/doorkeeper/rake/db.rake +40 -0
data/lib/doorkeeper/rake/setup.rake +6 -0
data/lib/doorkeeper/rake.rb +14 -0
data/lib/doorkeeper/request.rb +28 -28
data/lib/doorkeeper/version.rb +5 -25
data/lib/doorkeeper.rb +4 -17
data/lib/generators/doorkeeper/application_owner_generator.rb +23 -18
data/lib/generators/doorkeeper/confidential_applications_generator.rb +32 -0
data/lib/generators/doorkeeper/install_generator.rb +17 -9
data/lib/generators/doorkeeper/migration_generator.rb +23 -18
data/lib/generators/doorkeeper/pkce_generator.rb +32 -0
data/lib/generators/doorkeeper/previous_refresh_token_generator.rb +29 -24
data/lib/generators/doorkeeper/templates/add_confidential_to_applications.rb.erb +13 -0
data/lib/generators/doorkeeper/templates/enable_pkce_migration.rb.erb +6 -0
data/lib/generators/doorkeeper/templates/initializer.rb +60 -9
data/lib/generators/doorkeeper/views_generator.rb +3 -1
data/spec/controllers/application_metal_controller_spec.rb +50 -0
data/spec/controllers/applications_controller_spec.rb +126 -13
data/spec/controllers/authorizations_controller_spec.rb +252 -49
data/spec/controllers/protected_resources_controller_spec.rb +16 -16
data/spec/controllers/token_info_controller_spec.rb +4 -12
data/spec/controllers/tokens_controller_spec.rb +19 -73
data/spec/dummy/app/assets/config/manifest.js +2 -0
data/spec/dummy/config/environments/test.rb +4 -5
data/spec/dummy/config/initializers/doorkeeper.rb +5 -4
data/spec/dummy/config/initializers/new_framework_defaults.rb +4 -0
data/spec/dummy/config/routes.rb +3 -42
data/spec/dummy/db/migrate/20170822064514_enable_pkce.rb +6 -0
data/spec/dummy/db/migrate/{20180210183654_add_confidential_to_application.rb → 20180210183654_add_confidential_to_applications.rb} +1 -1
data/spec/dummy/db/schema.rb +36 -36
data/spec/generators/application_owner_generator_spec.rb +1 -1
data/spec/generators/confidential_applications_generator_spec.rb +45 -0
data/spec/generators/install_generator_spec.rb +1 -1
data/spec/generators/migration_generator_spec.rb +1 -1
data/spec/generators/pkce_generator_spec.rb +43 -0
data/spec/generators/previous_refresh_token_generator_spec.rb +1 -1
data/spec/generators/views_generator_spec.rb +1 -1
data/spec/grape/grape_integration_spec.rb +1 -1
data/spec/helpers/doorkeeper/dashboard_helper_spec.rb +1 -1
data/spec/lib/config_spec.rb +51 -31
data/spec/lib/doorkeeper_spec.rb +1 -126
data/spec/lib/models/expirable_spec.rb +0 -3
data/spec/lib/models/revocable_spec.rb +0 -2
data/spec/lib/models/scopes_spec.rb +0 -4
data/spec/lib/oauth/authorization/uri_builder_spec.rb +0 -4
data/spec/lib/oauth/authorization_code_request_spec.rb +9 -2
data/spec/lib/oauth/base_request_spec.rb +16 -2
data/spec/lib/oauth/base_response_spec.rb +1 -1
data/spec/lib/oauth/client/credentials_spec.rb +1 -3
data/spec/lib/oauth/client_credentials/creator_spec.rb +5 -1
data/spec/lib/oauth/client_credentials/issuer_spec.rb +26 -7
data/spec/lib/oauth/client_credentials/validation_spec.rb +2 -3
data/spec/lib/oauth/client_credentials_integration_spec.rb +1 -1
data/spec/lib/oauth/client_credentials_request_spec.rb +3 -5
data/spec/lib/oauth/client_spec.rb +0 -3
data/spec/lib/oauth/code_request_spec.rb +4 -2
data/spec/lib/oauth/error_response_spec.rb +0 -3
data/spec/lib/oauth/error_spec.rb +0 -2
data/spec/lib/oauth/forbidden_token_response_spec.rb +1 -4
data/spec/lib/oauth/helpers/scope_checker_spec.rb +0 -3
data/spec/lib/oauth/helpers/unique_token_spec.rb +0 -1
data/spec/lib/oauth/helpers/uri_checker_spec.rb +5 -7
data/spec/lib/oauth/invalid_token_response_spec.rb +1 -4
data/spec/lib/oauth/password_access_token_request_spec.rb +37 -2
data/spec/lib/oauth/pre_authorization_spec.rb +33 -4
data/spec/lib/oauth/refresh_token_request_spec.rb +11 -7
data/spec/lib/oauth/scopes_spec.rb +0 -3
data/spec/lib/oauth/token_request_spec.rb +4 -5
data/spec/lib/oauth/token_response_spec.rb +0 -1
data/spec/lib/oauth/token_spec.rb +37 -14
data/spec/lib/orm/active_record/stale_records_cleaner_spec.rb +79 -0
data/spec/lib/request/strategy_spec.rb +0 -1
data/spec/lib/server_spec.rb +1 -1
data/spec/models/doorkeeper/access_grant_spec.rb +1 -1
data/spec/models/doorkeeper/access_token_spec.rb +50 -16
data/spec/models/doorkeeper/application_spec.rb +1 -47
data/spec/requests/applications/applications_request_spec.rb +89 -1
data/spec/requests/applications/authorized_applications_spec.rb +1 -1
data/spec/requests/endpoints/authorization_spec.rb +1 -1
data/spec/requests/endpoints/token_spec.rb +7 -5
data/spec/requests/flows/authorization_code_errors_spec.rb +1 -1
data/spec/requests/flows/authorization_code_spec.rb +198 -2
data/spec/requests/flows/client_credentials_spec.rb +46 -6
data/spec/requests/flows/implicit_grant_errors_spec.rb +1 -1
data/spec/requests/flows/implicit_grant_spec.rb +38 -11
data/spec/requests/flows/password_spec.rb +56 -2
data/spec/requests/flows/refresh_token_spec.rb +2 -2
data/spec/requests/flows/revoke_token_spec.rb +11 -11
data/spec/requests/flows/skip_authorization_spec.rb +16 -11
data/spec/requests/protected_resources/metal_spec.rb +1 -1
data/spec/requests/protected_resources/private_api_spec.rb +1 -1
data/spec/routing/custom_controller_routes_spec.rb +59 -7
data/spec/routing/default_routes_spec.rb +2 -2
data/spec/routing/scoped_routes_spec.rb +16 -2
data/spec/spec_helper.rb +54 -3
data/spec/spec_helper_integration.rb +2 -74
data/spec/support/dependencies/{factory_girl.rb → factory_bot.rb} +0 -0
data/spec/support/doorkeeper_rspec.rb +19 -0
data/spec/support/helpers/authorization_request_helper.rb +4 -4
data/spec/support/helpers/request_spec_helper.rb +2 -2
data/spec/support/helpers/url_helper.rb +7 -3
data/spec/support/http_method_shim.rb +12 -16
data/spec/validators/redirect_uri_validator_spec.rb +7 -1
data/spec/version/version_spec.rb +3 -3
data/vendor/assets/stylesheets/doorkeeper/bootstrap.min.css +4 -5
metadata +33 -31
data/lib/generators/doorkeeper/add_client_confidentiality_generator.rb +0 -31
data/lib/generators/doorkeeper/templates/add_confidential_to_application_migration.rb.erb +0 -11
data/spec/controllers/application_metal_controller.rb +0 -10

data/lib/doorkeeper/oauth.rb ADDED Viewed

@@ -0,0 +1,13 @@
+# frozen_string_literal: true
+module Doorkeeper
+  module OAuth
+    GRANT_TYPES = [
+      AUTHORIZATION_CODE = 'authorization_code'.freeze,
+      IMPLICIT = 'implicit'.freeze,
+      PASSWORD = 'password'.freeze,
+      CLIENT_CREDENTIALS = 'client_credentials'.freeze,
+      REFRESH_TOKEN = 'refresh_token'.freeze
+    ].freeze
+  end
+end

data/lib/doorkeeper/orm/active_record/application.rb CHANGED Viewed

@@ -13,6 +13,8 @@ module Doorkeeper
     validates :redirect_uri, redirect_uri: true
     validates :confidential, inclusion: { in: [true, false] }
+    validate :scopes_match_configured, if: :enforce_scopes?
     before_validation :generate_uid, :generate_secret, on: :create
     has_many :authorized_tokens, -> { where(revoked_at: nil) }, class_name: 'AccessToken'
@@ -32,22 +34,6 @@ module Doorkeeper
       where(id: resource_access_tokens.select(:application_id).distinct)
     end
-    # Fallback to existing, default behaviour of assuming all apps to be
-    # confidential if the migration hasn't been run
-    def confidential
-      return super if self.class.supports_confidentiality?
-      ActiveSupport::Deprecation.warn 'You are susceptible to security bug ' \
-        'CVE-2018-1000211. Please follow instructions outlined in ' \
-        'Doorkeeper::CVE_2018_1000211_WARNING'
-      true
-    end
-    alias_method :confidential?, :confidential
-    def self.supports_confidentiality?
-      column_names.include?('confidential')
-    end
     private
     def generate_uid
@@ -57,5 +43,16 @@ module Doorkeeper
     def generate_secret
       self.secret = UniqueToken.generate if secret.blank?
     end
+    def scopes_match_configured
+      if scopes.present? &&
+         !ScopeChecker.valid?(scopes.to_s, Doorkeeper.configuration.scopes)
+        errors.add(:scopes, :not_match_configured)
+      end
+    end
+    def enforce_scopes?
+      Doorkeeper.configuration.enforce_configured_scopes?
+    end
   end
 end

data/lib/doorkeeper/orm/active_record/stale_records_cleaner.rb ADDED Viewed

@@ -0,0 +1,26 @@
+# frozen_string_literal: true
+module Doorkeeper
+  module Orm
+    module ActiveRecord
+      class StaleRecordsCleaner
+        def initialize(base_scope)
+          @base_scope = base_scope
+        end
+        def clean_revoked
+          table = @base_scope.arel_table
+          @base_scope.where.not(revoked_at: nil)
+                     .where(table[:revoked_at].lt(Time.current))
+                     .delete_all
+        end
+        def clean_expired(ttl)
+          table = @base_scope.arel_table
+          @base_scope.where(table[:created_at].lt(Time.current - ttl))
+                     .delete_all
+        end
+      end
+    end
+  end
+end

data/lib/doorkeeper/orm/active_record.rb CHANGED Viewed

@@ -1,5 +1,7 @@
 require 'active_support/lazy_load_hooks'
+require 'doorkeeper/orm/active_record/stale_records_cleaner'
 module Doorkeeper
   module Orm
     module ActiveRecord

data/lib/doorkeeper/rails/helpers.rb CHANGED Viewed

@@ -4,9 +4,7 @@ module Doorkeeper
       def doorkeeper_authorize!(*scopes)
         @_doorkeeper_scopes = scopes.presence || Doorkeeper.configuration.default_scopes
-        unless valid_doorkeeper_token?
-          doorkeeper_render_error
-        end
+        doorkeeper_render_error unless valid_doorkeeper_token?
       end
       def doorkeeper_unauthorized_render_options(**); end
@@ -68,7 +66,7 @@ module Doorkeeper
       end
       def doorkeeper_token
-        @_doorkeeper_token ||= OAuth::Token.authenticate(
+        @doorkeeper_token ||= OAuth::Token.authenticate(
           request,
           *Doorkeeper.configuration.access_token_methods
         )

data/lib/doorkeeper/rails/routes.rb CHANGED Viewed

@@ -4,6 +4,10 @@ require 'doorkeeper/rails/routes/mapper'
 module Doorkeeper
   module Rails
     class Routes # :nodoc:
+      mattr_reader :mapping do
+        {}
+      end
       module Helper
         def use_doorkeeper(options = {}, &block)
           Doorkeeper::Rails::Routes.new(self, &block).generate_routes!(options)
@@ -19,6 +23,10 @@ module Doorkeeper
       def initialize(routes, &block)
         @routes = routes
         @mapping = Mapper.new.map(&block)
+        if Doorkeeper.configuration.api_only
+          @mapping.skips.push(:applications, :authorized_applications)
+        end
       end
       def generate_routes!(options)
@@ -36,7 +44,11 @@ module Doorkeeper
       private
       def map_route(name, method)
-        send(method, @mapping[name]) unless @mapping.skipped?(name)
+       unless @mapping.skipped?(name)
+         send(method, @mapping[name])
+         mapping[name] = @mapping[name]
+       end
       end
       def authorization_routes(mapping)
@@ -47,7 +59,7 @@ module Doorkeeper
           as: mapping[:as],
           controller: mapping[:controllers]
         ) do
-          routes.get native_authorization_code_route, action: :show, on: :member
+          routes.get '/native', action: :show, on: :member
           routes.get '/', action: :new, on: :member
         end
       end
@@ -85,10 +97,6 @@ module Doorkeeper
       def authorized_applications_routes(mapping)
         routes.resources :authorized_applications, only: %i[index destroy], controller: mapping[:controllers]
       end
-      def native_authorization_code_route
-        Doorkeeper.configuration.native_authorization_code_route
-      end
     end
   end
 end

data/lib/doorkeeper/rake/db.rake ADDED Viewed

@@ -0,0 +1,40 @@
+# frozen_string_literal: true
+namespace :doorkeeper do
+  namespace :db do
+    desc 'Removes stale data from doorkeeper related database tables'
+    task cleanup: [
+      'doorkeeper:db:cleanup:revoked_tokens',
+      'doorkeeper:db:cleanup:expired_tokens',
+      'doorkeeper:db:cleanup:revoked_grants',
+      'doorkeeper:db:cleanup:expired_grants'
+    ]
+    namespace :cleanup do
+      desc 'Removes stale access tokens'
+      task revoked_tokens: 'doorkeeper:setup' do
+        cleaner = Doorkeeper::Orm::ActiveRecord::StaleRecordsCleaner.new(Doorkeeper::AccessToken)
+        cleaner.clean_revoked
+      end
+      desc 'Removes expired (TTL passed) access tokens'
+      task expired_tokens: 'doorkeeper:setup' do
+        expirable_tokens = Doorkeeper::AccessToken.where(refresh_token: nil)
+        cleaner = Doorkeeper::Orm::ActiveRecord::StaleRecordsCleaner.new(expirable_tokens)
+        cleaner.clean_expired(Doorkeeper.configuration.access_token_expires_in)
+      end
+      desc 'Removes stale access grants'
+      task revoked_grants: 'doorkeeper:setup' do
+        cleaner = Doorkeeper::Orm::ActiveRecord::StaleRecordsCleaner.new(Doorkeeper::AccessGrant)
+        cleaner.clean_revoked
+      end
+      desc 'Removes expired (TTL passed) access grants'
+      task expired_grants: 'doorkeeper:setup' do
+        cleaner = Doorkeeper::Orm::ActiveRecord::StaleRecordsCleaner.new(Doorkeeper::AccessGrant)
+        cleaner.clean_expired(Doorkeeper.configuration.authorization_code_expires_in)
+      end
+    end
+  end
+end

data/lib/doorkeeper/rake/setup.rake ADDED Viewed

@@ -0,0 +1,6 @@
+# frozen_string_literal: true
+namespace :doorkeeper do
+  task setup: :environment do
+  end
+end

data/lib/doorkeeper/rake.rb ADDED Viewed

@@ -0,0 +1,14 @@
+# frozen_string_literal: true
+module Doorkeeper
+  module Rake
+    class << self
+      def load_tasks
+        glob = File.join(File.absolute_path(__dir__), 'rake', '*.rake')
+        Dir[glob].each do |rake_file|
+          load rake_file
+        end
+      end
+    end
+  end
+end

data/lib/doorkeeper/request.rb CHANGED Viewed

@@ -7,40 +7,40 @@ require 'doorkeeper/request/token'
 module Doorkeeper
   module Request
-    module_function
+    class << self
+      def authorization_strategy(response_type)
+        get_strategy(response_type, authorization_response_types)
+      rescue NameError
+        raise Errors::InvalidAuthorizationStrategy
+      end
-    def authorization_strategy(response_type)
-      get_strategy response_type, authorization_response_types
-    rescue NameError
-      raise Errors::InvalidAuthorizationStrategy
-    end
+      def token_strategy(grant_type)
+        get_strategy(grant_type, token_grant_types)
+      rescue NameError
+        raise Errors::InvalidTokenStrategy
+      end
-    def token_strategy(grant_type)
-      get_strategy grant_type, token_grant_types
-    rescue NameError
-      raise Errors::InvalidTokenStrategy
-    end
+      def get_strategy(grant_or_request_type, available)
+        raise Errors::MissingRequestStrategy if grant_or_request_type.blank?
+        raise NameError unless available.include?(grant_or_request_type.to_s)
-    def get_strategy(grant_or_request_type, available)
-      fail Errors::MissingRequestStrategy unless grant_or_request_type.present?
-      fail NameError unless available.include?(grant_or_request_type.to_s)
-      strategy_class(grant_or_request_type)
-    end
+        build_strategy_class(grant_or_request_type)
+      end
-    def authorization_response_types
-      Doorkeeper.configuration.authorization_response_types
-    end
-    private_class_method :authorization_response_types
+      private
-    def token_grant_types
-      Doorkeeper.configuration.token_grant_types
-    end
-    private_class_method :token_grant_types
+      def authorization_response_types
+        Doorkeeper.configuration.authorization_response_types
+      end
+      def token_grant_types
+        Doorkeeper.configuration.token_grant_types
+      end
-    def strategy_class(grant_or_request_type)
-      strategy_class_name = grant_or_request_type.to_s.tr(' ', '_').camelize
-      "Doorkeeper::Request::#{strategy_class_name}".constantize
+      def build_strategy_class(grant_or_request_type)
+        strategy_class_name = grant_or_request_type.to_s.tr(' ', '_').camelize
+        "Doorkeeper::Request::#{strategy_class_name}".constantize
+      end
     end
-    private_class_method :strategy_class
   end
 end

data/lib/doorkeeper/version.rb CHANGED Viewed

@@ -1,36 +1,16 @@
 module Doorkeeper
-  CVE_2018_1000211_WARNING = <<-HEREDOC.freeze
-  WARNING: This is a security release that addresses token revocation not working for public apps (CVE-2018-1000211)
-  There is no breaking change in this release, however to take advantage of the security fix you must:
-    1. Run `rails generate doorkeeper:add_client_confidentiality` for the migration
-    2. Review your OAuth apps and determine which ones exclusively use public grant flows (eg implicit)
-    3. Update their `confidential` column to `false` for those public apps
-  This is a backported security release.
-  For more information:
-    * https://github.com/doorkeeper-gem/doorkeeper/pull/1119
-    * https://github.com/doorkeeper-gem/doorkeeper/issues/891
-HEREDOC
   def self.gem_version
     Gem::Version.new VERSION::STRING
   end
   module VERSION
     # Semantic versioning
-    MAJOR = 4
-    MINOR = 4
-    TINY = 3
+    MAJOR = 5
+    MINOR = 0
+    TINY = 0
+    PRE = 'rc1'
     # Full version number
-    STRING = [MAJOR, MINOR, TINY].compact.join('.')
+    STRING = [MAJOR, MINOR, TINY, PRE].compact.join('.')
   end
 end

data/lib/doorkeeper.rb CHANGED Viewed

@@ -8,12 +8,14 @@ require 'doorkeeper/request'
 require 'doorkeeper/validations'
 require 'doorkeeper/oauth/authorization/code'
+require 'doorkeeper/oauth/authorization/context'
 require 'doorkeeper/oauth/authorization/token'
 require 'doorkeeper/oauth/authorization/uri_builder'
 require 'doorkeeper/oauth/helpers/scope_checker'
 require 'doorkeeper/oauth/helpers/uri_checker'
 require 'doorkeeper/oauth/helpers/unique_token'
+require 'doorkeeper/oauth'
 require 'doorkeeper/oauth/scopes'
 require 'doorkeeper/oauth/error'
 require 'doorkeeper/oauth/base_response'
@@ -49,26 +51,11 @@ require 'doorkeeper/helpers/controller'
 require 'doorkeeper/rails/routes'
 require 'doorkeeper/rails/helpers'
-require 'doorkeeper/orm/active_record'
+require 'doorkeeper/rake'
-require 'active_support/deprecation'
+require 'doorkeeper/orm/active_record'
 module Doorkeeper
-  def self.configured?
-    ActiveSupport::Deprecation.warn "Method `Doorkeeper#configured?` has been deprecated without replacement."
-    @config.present?
-  end
-  def self.database_installed?
-    ActiveSupport::Deprecation.warn "Method `Doorkeeper#database_installed?` has been deprecated without replacement."
-    [AccessToken, AccessGrant, Application].all?(&:table_exists?)
-  end
-  def self.installed?
-    ActiveSupport::Deprecation.warn "Method `Doorkeeper#installed?` has been deprecated without replacement."
-    configured? && database_installed?
-  end
   def self.authenticate(request, methods = Doorkeeper.configuration.access_token_methods)
     OAuth::Token.authenticate(request, *methods)
   end

data/lib/generators/doorkeeper/application_owner_generator.rb CHANGED Viewed

@@ -1,27 +1,32 @@
+# frozen_string_literal: true
+require 'rails/generators'
 require 'rails/generators/active_record'
-class Doorkeeper::ApplicationOwnerGenerator < Rails::Generators::Base
-  include Rails::Generators::Migration
-  source_root File.expand_path('../templates', __FILE__)
-  desc 'Provide support for client application ownership.'
+module Doorkeeper
+  class ApplicationOwnerGenerator < ::Rails::Generators::Base
+    include ::Rails::Generators::Migration
+    source_root File.expand_path('templates', __dir__)
+    desc 'Provide support for client application ownership.'
-  def application_owner
-    migration_template(
-      'add_owner_to_application_migration.rb.erb',
-      'db/migrate/add_owner_to_application.rb',
-      migration_version: migration_version
-    )
-  end
+    def application_owner
+      migration_template(
+        'add_owner_to_application_migration.rb.erb',
+        'db/migrate/add_owner_to_application.rb',
+        migration_version: migration_version
+      )
+    end
-  def self.next_migration_number(dirname)
-    ActiveRecord::Generators::Base.next_migration_number(dirname)
-  end
+    def self.next_migration_number(dirname)
+      ActiveRecord::Generators::Base.next_migration_number(dirname)
+    end
-  private
+    private
-  def migration_version
-    if ActiveRecord::VERSION::MAJOR >= 5
-      "[#{ActiveRecord::VERSION::MAJOR}.#{ActiveRecord::VERSION::MINOR}]"
+    def migration_version
+      if ActiveRecord::VERSION::MAJOR >= 5
+        "[#{ActiveRecord::VERSION::MAJOR}.#{ActiveRecord::VERSION::MINOR}]"
+      end
     end
   end
 end

data/lib/generators/doorkeeper/confidential_applications_generator.rb ADDED Viewed

@@ -0,0 +1,32 @@
+# frozen_string_literal: true
+require 'rails/generators'
+require 'rails/generators/active_record'
+module Doorkeeper
+  class ConfidentialApplicationsGenerator < ::Rails::Generators::Base
+    include ::Rails::Generators::Migration
+    source_root File.expand_path('templates', __dir__)
+    desc 'Add confidential column to Doorkeeper applications'
+    def pkce
+      migration_template(
+        'add_confidential_to_applications.rb.erb',
+        'db/migrate/add_confidential_to_applications.rb',
+        migration_version: migration_version
+      )
+    end
+    def self.next_migration_number(dirname)
+      ActiveRecord::Generators::Base.next_migration_number(dirname)
+    end
+    private
+    def migration_version
+      if ActiveRecord::VERSION::MAJOR >= 5
+        "[#{ActiveRecord::VERSION::MAJOR}.#{ActiveRecord::VERSION::MINOR}]"
+      end
+    end
+  end
+end

data/lib/generators/doorkeeper/install_generator.rb CHANGED Viewed

@@ -1,12 +1,20 @@
-class Doorkeeper::InstallGenerator < ::Rails::Generators::Base
-  include Rails::Generators::Migration
-  source_root File.expand_path('../templates', __FILE__)
-  desc 'Installs Doorkeeper.'
+# frozen_string_literal: true
-  def install
-    template 'initializer.rb', 'config/initializers/doorkeeper.rb'
-    copy_file File.expand_path('../../../../config/locales/en.yml', __FILE__), 'config/locales/doorkeeper.en.yml'
-    route 'use_doorkeeper'
-    readme 'README'
+require 'rails/generators'
+require 'rails/generators/active_record'
+module Doorkeeper
+  class InstallGenerator < ::Rails::Generators::Base
+    include ::Rails::Generators::Migration
+    source_root File.expand_path('templates', __dir__)
+    desc 'Installs Doorkeeper.'
+    def install
+      template 'initializer.rb', 'config/initializers/doorkeeper.rb'
+      copy_file File.expand_path('../../../config/locales/en.yml', __dir__),
+                'config/locales/doorkeeper.en.yml'
+      route 'use_doorkeeper'
+      readme 'README'
+    end
   end
 end

data/lib/generators/doorkeeper/migration_generator.rb CHANGED Viewed

@@ -1,27 +1,32 @@
+# frozen_string_literal: true
+require 'rails/generators'
 require 'rails/generators/active_record'
-class Doorkeeper::MigrationGenerator < ::Rails::Generators::Base
-  include Rails::Generators::Migration
-  source_root File.expand_path('../templates', __FILE__)
-  desc 'Installs Doorkeeper migration file.'
+module Doorkeeper
+  class MigrationGenerator < ::Rails::Generators::Base
+    include ::Rails::Generators::Migration
+    source_root File.expand_path('templates', __dir__)
+    desc 'Installs Doorkeeper migration file.'
-  def install
-    migration_template(
-      'migration.rb.erb',
-      'db/migrate/create_doorkeeper_tables.rb',
-      migration_version: migration_version
-    )
-  end
+    def install
+      migration_template(
+        'migration.rb.erb',
+        'db/migrate/create_doorkeeper_tables.rb',
+        migration_version: migration_version
+      )
+    end
-  def self.next_migration_number(dirname)
-    ActiveRecord::Generators::Base.next_migration_number(dirname)
-  end
+    def self.next_migration_number(dirname)
+      ActiveRecord::Generators::Base.next_migration_number(dirname)
+    end
-  private
+    private
-  def migration_version
-    if ActiveRecord::VERSION::MAJOR >= 5
-      "[#{ActiveRecord::VERSION::MAJOR}.#{ActiveRecord::VERSION::MINOR}]"
+    def migration_version
+      if ActiveRecord::VERSION::MAJOR >= 5
+        "[#{ActiveRecord::VERSION::MAJOR}.#{ActiveRecord::VERSION::MINOR}]"
+      end
     end
   end
 end

data/lib/generators/doorkeeper/pkce_generator.rb ADDED Viewed

@@ -0,0 +1,32 @@
+# frozen_string_literal: true
+require 'rails/generators'
+require 'rails/generators/active_record'
+module Doorkeeper
+  class PkceGenerator < ::Rails::Generators::Base
+    include ::Rails::Generators::Migration
+    source_root File.expand_path('templates', __dir__)
+    desc 'Provide support for PKCE.'
+    def pkce
+      migration_template(
+        'enable_pkce_migration.rb.erb',
+        'db/migrate/enable_pkce.rb',
+        migration_version: migration_version
+      )
+    end
+    def self.next_migration_number(dirname)
+      ActiveRecord::Generators::Base.next_migration_number(dirname)
+    end
+    private
+    def migration_version
+      if ActiveRecord::VERSION::MAJOR >= 5
+        "[#{ActiveRecord::VERSION::MAJOR}.#{ActiveRecord::VERSION::MINOR}]"
+      end
+    end
+  end
+end

data/lib/generators/doorkeeper/previous_refresh_token_generator.rb CHANGED Viewed

@@ -1,35 +1,40 @@
+# frozen_string_literal: true
+require 'rails/generators'
 require 'rails/generators/active_record'
-class Doorkeeper::PreviousRefreshTokenGenerator < Rails::Generators::Base
-  include Rails::Generators::Migration
-  source_root File.expand_path('../templates', __FILE__)
-  desc 'Support revoke refresh token on access token use'
+module Doorkeeper
+  class PreviousRefreshTokenGenerator < ::Rails::Generators::Base
+    include ::Rails::Generators::Migration
+    source_root File.expand_path('templates', __dir__)
+    desc 'Support revoke refresh token on access token use'
-  def self.next_migration_number(path)
-    ActiveRecord::Generators::Base.next_migration_number(path)
-  end
+    def self.next_migration_number(path)
+      ActiveRecord::Generators::Base.next_migration_number(path)
+    end
-  def previous_refresh_token
-    if no_previous_refresh_token_column?
-      migration_template(
-        'add_previous_refresh_token_to_access_tokens.rb.erb',
-        'db/migrate/add_previous_refresh_token_to_access_tokens.rb'
-      )
+    def previous_refresh_token
+      if no_previous_refresh_token_column?
+        migration_template(
+          'add_previous_refresh_token_to_access_tokens.rb.erb',
+          'db/migrate/add_previous_refresh_token_to_access_tokens.rb'
+        )
+      end
     end
-  end
-  private
+    private
-  def migration_version
-    if ActiveRecord::VERSION::MAJOR >= 5
-      "[#{ActiveRecord::VERSION::MAJOR}.#{ActiveRecord::VERSION::MINOR}]"
+    def migration_version
+      if ActiveRecord::VERSION::MAJOR >= 5
+        "[#{ActiveRecord::VERSION::MAJOR}.#{ActiveRecord::VERSION::MINOR}]"
+      end
     end
-  end
-  def no_previous_refresh_token_column?
-    !ActiveRecord::Base.connection.column_exists?(
-      :oauth_access_tokens,
-      :previous_refresh_token
-    )
+    def no_previous_refresh_token_column?
+      !ActiveRecord::Base.connection.column_exists?(
+        :oauth_access_tokens,
+        :previous_refresh_token
+      )
+    end
   end
 end