RubyGems - doorkeeper - Versions diffs - 4.4.3 → 5.0.0.rc1 - Mend

doorkeeper 4.4.3 → 5.0.0.rc1

Potentially problematic release.

This version of doorkeeper might be problematic. Click here for more details.

Files changed (169) hide show

checksums.yaml +4 -4
data/.gitignore +1 -0
data/.travis.yml +2 -0
data/Appraisals +2 -2
data/Gemfile +1 -1
data/NEWS.md +36 -17
data/README.md +85 -3
data/Rakefile +6 -0
data/app/assets/stylesheets/doorkeeper/admin/application.css +2 -2
data/app/controllers/doorkeeper/application_controller.rb +4 -3
data/app/controllers/doorkeeper/application_metal_controller.rb +4 -0
data/app/controllers/doorkeeper/applications_controller.rb +42 -22
data/app/controllers/doorkeeper/authorizations_controller.rb +55 -12
data/app/controllers/doorkeeper/authorized_applications_controller.rb +15 -1
data/app/controllers/doorkeeper/tokens_controller.rb +12 -15
data/app/helpers/doorkeeper/dashboard_helper.rb +7 -7
data/app/validators/redirect_uri_validator.rb +3 -2
data/app/views/doorkeeper/applications/_delete_form.html.erb +3 -1
data/app/views/doorkeeper/applications/_form.html.erb +25 -24
data/app/views/doorkeeper/applications/edit.html.erb +1 -1
data/app/views/doorkeeper/applications/index.html.erb +17 -7
data/app/views/doorkeeper/applications/new.html.erb +1 -1
data/app/views/doorkeeper/applications/show.html.erb +6 -6
data/app/views/doorkeeper/authorizations/error.html.erb +1 -1
data/app/views/doorkeeper/authorizations/new.html.erb +4 -0
data/app/views/layouts/doorkeeper/admin.html.erb +15 -15
data/config/locales/en.yml +9 -1
data/doorkeeper.gemspec +0 -2
data/gemfiles/rails_5_2.gemfile +1 -1
data/lib/doorkeeper/config.rb +58 -35
data/lib/doorkeeper/engine.rb +4 -0
data/lib/doorkeeper/errors.rb +2 -5
data/lib/doorkeeper/grape/helpers.rb +1 -1
data/lib/doorkeeper/helpers/controller.rb +7 -2
data/lib/doorkeeper/models/access_grant_mixin.rb +56 -0
data/lib/doorkeeper/models/access_token_mixin.rb +38 -21
data/lib/doorkeeper/models/concerns/scopes.rb +1 -1
data/lib/doorkeeper/oauth/authorization/code.rb +31 -8
data/lib/doorkeeper/oauth/authorization/context.rb +15 -0
data/lib/doorkeeper/oauth/authorization/token.rb +23 -6
data/lib/doorkeeper/oauth/authorization_code_request.rb +27 -2
data/lib/doorkeeper/oauth/base_request.rb +18 -8
data/lib/doorkeeper/oauth/client/credentials.rb +1 -1
data/lib/doorkeeper/oauth/client_credentials/issuer.rb +6 -1
data/lib/doorkeeper/oauth/client_credentials/validation.rb +4 -2
data/lib/doorkeeper/oauth/error_response.rb +11 -3
data/lib/doorkeeper/oauth/helpers/scope_checker.rb +0 -8
data/lib/doorkeeper/oauth/password_access_token_request.rb +7 -4
data/lib/doorkeeper/oauth/pre_authorization.rb +41 -11
data/lib/doorkeeper/oauth/refresh_token_request.rb +6 -1
data/lib/doorkeeper/oauth/scopes.rb +1 -1
data/lib/doorkeeper/oauth/token.rb +5 -2
data/lib/doorkeeper/oauth/token_introspection.rb +2 -2
data/lib/doorkeeper/oauth/token_response.rb +4 -2
data/lib/doorkeeper/oauth.rb +13 -0
data/lib/doorkeeper/orm/active_record/application.rb +13 -16
data/lib/doorkeeper/orm/active_record/stale_records_cleaner.rb +26 -0
data/lib/doorkeeper/orm/active_record.rb +2 -0
data/lib/doorkeeper/rails/helpers.rb +2 -4
data/lib/doorkeeper/rails/routes.rb +14 -6
data/lib/doorkeeper/rake/db.rake +40 -0
data/lib/doorkeeper/rake/setup.rake +6 -0
data/lib/doorkeeper/rake.rb +14 -0
data/lib/doorkeeper/request.rb +28 -28
data/lib/doorkeeper/version.rb +5 -25
data/lib/doorkeeper.rb +4 -17
data/lib/generators/doorkeeper/application_owner_generator.rb +23 -18
data/lib/generators/doorkeeper/confidential_applications_generator.rb +32 -0
data/lib/generators/doorkeeper/install_generator.rb +17 -9
data/lib/generators/doorkeeper/migration_generator.rb +23 -18
data/lib/generators/doorkeeper/pkce_generator.rb +32 -0
data/lib/generators/doorkeeper/previous_refresh_token_generator.rb +29 -24
data/lib/generators/doorkeeper/templates/add_confidential_to_applications.rb.erb +13 -0
data/lib/generators/doorkeeper/templates/enable_pkce_migration.rb.erb +6 -0
data/lib/generators/doorkeeper/templates/initializer.rb +60 -9
data/lib/generators/doorkeeper/views_generator.rb +3 -1
data/spec/controllers/application_metal_controller_spec.rb +50 -0
data/spec/controllers/applications_controller_spec.rb +126 -13
data/spec/controllers/authorizations_controller_spec.rb +252 -49
data/spec/controllers/protected_resources_controller_spec.rb +16 -16
data/spec/controllers/token_info_controller_spec.rb +4 -12
data/spec/controllers/tokens_controller_spec.rb +19 -73
data/spec/dummy/app/assets/config/manifest.js +2 -0
data/spec/dummy/config/environments/test.rb +4 -5
data/spec/dummy/config/initializers/doorkeeper.rb +5 -4
data/spec/dummy/config/initializers/new_framework_defaults.rb +4 -0
data/spec/dummy/config/routes.rb +3 -42
data/spec/dummy/db/migrate/20170822064514_enable_pkce.rb +6 -0
data/spec/dummy/db/migrate/{20180210183654_add_confidential_to_application.rb → 20180210183654_add_confidential_to_applications.rb} +1 -1
data/spec/dummy/db/schema.rb +36 -36
data/spec/generators/application_owner_generator_spec.rb +1 -1
data/spec/generators/confidential_applications_generator_spec.rb +45 -0
data/spec/generators/install_generator_spec.rb +1 -1
data/spec/generators/migration_generator_spec.rb +1 -1
data/spec/generators/pkce_generator_spec.rb +43 -0
data/spec/generators/previous_refresh_token_generator_spec.rb +1 -1
data/spec/generators/views_generator_spec.rb +1 -1
data/spec/grape/grape_integration_spec.rb +1 -1
data/spec/helpers/doorkeeper/dashboard_helper_spec.rb +1 -1
data/spec/lib/config_spec.rb +51 -31
data/spec/lib/doorkeeper_spec.rb +1 -126
data/spec/lib/models/expirable_spec.rb +0 -3
data/spec/lib/models/revocable_spec.rb +0 -2
data/spec/lib/models/scopes_spec.rb +0 -4
data/spec/lib/oauth/authorization/uri_builder_spec.rb +0 -4
data/spec/lib/oauth/authorization_code_request_spec.rb +9 -2
data/spec/lib/oauth/base_request_spec.rb +16 -2
data/spec/lib/oauth/base_response_spec.rb +1 -1
data/spec/lib/oauth/client/credentials_spec.rb +1 -3
data/spec/lib/oauth/client_credentials/creator_spec.rb +5 -1
data/spec/lib/oauth/client_credentials/issuer_spec.rb +26 -7
data/spec/lib/oauth/client_credentials/validation_spec.rb +2 -3
data/spec/lib/oauth/client_credentials_integration_spec.rb +1 -1
data/spec/lib/oauth/client_credentials_request_spec.rb +3 -5
data/spec/lib/oauth/client_spec.rb +0 -3
data/spec/lib/oauth/code_request_spec.rb +4 -2
data/spec/lib/oauth/error_response_spec.rb +0 -3
data/spec/lib/oauth/error_spec.rb +0 -2
data/spec/lib/oauth/forbidden_token_response_spec.rb +1 -4
data/spec/lib/oauth/helpers/scope_checker_spec.rb +0 -3
data/spec/lib/oauth/helpers/unique_token_spec.rb +0 -1
data/spec/lib/oauth/helpers/uri_checker_spec.rb +5 -7
data/spec/lib/oauth/invalid_token_response_spec.rb +1 -4
data/spec/lib/oauth/password_access_token_request_spec.rb +37 -2
data/spec/lib/oauth/pre_authorization_spec.rb +33 -4
data/spec/lib/oauth/refresh_token_request_spec.rb +11 -7
data/spec/lib/oauth/scopes_spec.rb +0 -3
data/spec/lib/oauth/token_request_spec.rb +4 -5
data/spec/lib/oauth/token_response_spec.rb +0 -1
data/spec/lib/oauth/token_spec.rb +37 -14
data/spec/lib/orm/active_record/stale_records_cleaner_spec.rb +79 -0
data/spec/lib/request/strategy_spec.rb +0 -1
data/spec/lib/server_spec.rb +1 -1
data/spec/models/doorkeeper/access_grant_spec.rb +1 -1
data/spec/models/doorkeeper/access_token_spec.rb +50 -16
data/spec/models/doorkeeper/application_spec.rb +1 -47
data/spec/requests/applications/applications_request_spec.rb +89 -1
data/spec/requests/applications/authorized_applications_spec.rb +1 -1
data/spec/requests/endpoints/authorization_spec.rb +1 -1
data/spec/requests/endpoints/token_spec.rb +7 -5
data/spec/requests/flows/authorization_code_errors_spec.rb +1 -1
data/spec/requests/flows/authorization_code_spec.rb +198 -2
data/spec/requests/flows/client_credentials_spec.rb +46 -6
data/spec/requests/flows/implicit_grant_errors_spec.rb +1 -1
data/spec/requests/flows/implicit_grant_spec.rb +38 -11
data/spec/requests/flows/password_spec.rb +56 -2
data/spec/requests/flows/refresh_token_spec.rb +2 -2
data/spec/requests/flows/revoke_token_spec.rb +11 -11
data/spec/requests/flows/skip_authorization_spec.rb +16 -11
data/spec/requests/protected_resources/metal_spec.rb +1 -1
data/spec/requests/protected_resources/private_api_spec.rb +1 -1
data/spec/routing/custom_controller_routes_spec.rb +59 -7
data/spec/routing/default_routes_spec.rb +2 -2
data/spec/routing/scoped_routes_spec.rb +16 -2
data/spec/spec_helper.rb +54 -3
data/spec/spec_helper_integration.rb +2 -74
data/spec/support/dependencies/{factory_girl.rb → factory_bot.rb} +0 -0
data/spec/support/doorkeeper_rspec.rb +19 -0
data/spec/support/helpers/authorization_request_helper.rb +4 -4
data/spec/support/helpers/request_spec_helper.rb +2 -2
data/spec/support/helpers/url_helper.rb +7 -3
data/spec/support/http_method_shim.rb +12 -16
data/spec/validators/redirect_uri_validator_spec.rb +7 -1
data/spec/version/version_spec.rb +3 -3
data/vendor/assets/stylesheets/doorkeeper/bootstrap.min.css +4 -5
metadata +33 -31
data/lib/generators/doorkeeper/add_client_confidentiality_generator.rb +0 -31
data/lib/generators/doorkeeper/templates/add_confidential_to_application_migration.rb.erb +0 -11
data/spec/controllers/application_metal_controller.rb +0 -10

data/spec/controllers/tokens_controller_spec.rb CHANGED Viewed

@@ -1,12 +1,9 @@
-require 'spec_helper_integration'
+require 'spec_helper'
 describe Doorkeeper::TokensController do
   describe 'when authorization has succeeded' do
     let(:token) { double(:token, authorize: true) }
-    before do
-      allow(controller).to receive(:token) { token }
-    end
     it 'returns the authorization' do
       skip 'verify need of these specs'
@@ -59,67 +56,15 @@ describe Doorkeeper::TokensController do
     end
   end
-  # http://tools.ietf.org/html/rfc7009#section-2.2
-  describe 'revoking tokens' do
-    let(:client) { FactoryBot.create(:application) }
-    let(:access_token) { FactoryBot.create(:access_token, application: client) }
-    before(:each) do
-      allow(controller).to receive(:token) { access_token }
-    end
-    context 'when associated app is public' do
-      let(:client) { FactoryBot.create(:application, confidential: false) }
-      it 'returns 200' do
-        post :revoke
-        expect(response.status).to eq 200
-      end
-      it 'revokes the access token' do
-        post :revoke
-        expect(access_token.reload).to have_attributes(revoked?: true)
-      end
-    end
-    context 'when associated app is confidential' do
-      let(:client) { FactoryBot.create(:application, confidential: true) }
-      let(:oauth_client) { Doorkeeper::OAuth::Client.new(client) }
-      before(:each) do
-        allow_any_instance_of(Doorkeeper::Server).to receive(:client) { oauth_client }
-      end
-      it 'returns 200' do
-        post :revoke
-        expect(response.status).to eq 200
-      end
-      it 'revokes the access token' do
-        post :revoke
-        expect(access_token.reload).to have_attributes(revoked?: true)
-      end
-      context 'when authorization fails' do
-        let(:some_other_client) { FactoryBot.create(:application, confidential: true) }
-        let(:oauth_client) { Doorkeeper::OAuth::Client.new(some_other_client) }
-        it 'returns 200' do
-          post :revoke
-          expect(response.status).to eq 200
-        end
+  describe 'when revoke authorization has failed' do
+    # http://tools.ietf.org/html/rfc7009#section-2.2
+    it 'returns no error response' do
+      token = double(:token, authorize: false, application_id?: true)
+      allow(controller).to receive(:token) { token }
-        it 'does not revoke the access token' do
-          post :revoke
+      post :revoke
-          expect(access_token.reload).to have_attributes(revoked?: false)
-        end
-      end
+      expect(response.status).to eq 200
     end
   end
@@ -129,7 +74,8 @@ describe Doorkeeper::TokensController do
       expect(strategy).to receive(:authorize).once
       allow(controller).to receive(:strategy) { strategy }
       allow(controller).to receive(:create) do
-        controller.send :authorize_response
+        2.times { controller.send :authorize_response }
+        controller.render json: {}, status: :ok
       end
       post :create
@@ -144,7 +90,7 @@ describe Doorkeeper::TokensController do
       it 'responds with full token introspection' do
         request.headers['Authorization'] = "Bearer #{access_token.token}"
-        post :introspect, token: access_token.token
+        post :introspect, params: { token: access_token.token }
         should_have_json 'active', true
         expect(json_response).to include('client_id', 'token_type', 'exp', 'iat')
@@ -158,7 +104,7 @@ describe Doorkeeper::TokensController do
       it 'responds with full token introspection' do
         request.headers['Authorization'] = basic_auth_header_for_client(client)
-        post :introspect, token: access_token.token
+        post :introspect, params: { token: access_token.token }
         should_have_json 'active', true
         expect(json_response).to include('client_id', 'token_type', 'exp', 'iat')
@@ -173,7 +119,7 @@ describe Doorkeeper::TokensController do
       it 'responds with full token introspection' do
         request.headers['Authorization'] = basic_auth_header_for_client(client)
-        post :introspect, token: access_token.token
+        post :introspect, params: { token: access_token.token }
         should_have_json 'active', true
         expect(json_response).to include('client_id', 'token_type', 'exp', 'iat')
@@ -189,7 +135,7 @@ describe Doorkeeper::TokensController do
       it 'responds with only active state' do
         request.headers['Authorization'] = basic_auth_header_for_client(different_client)
-        post :introspect, token: access_token.token
+        post :introspect, params: { token: access_token.token }
         expect(response).to be_successful
@@ -205,7 +151,7 @@ describe Doorkeeper::TokensController do
       it 'responds with invalid_client error' do
         request.headers['Authorization'] = basic_auth_header_for_client(client)
-        post :introspect, token: access_token.token
+        post :introspect, params: { token: access_token.token }
         expect(response).not_to be_successful
         response_status_should_be 401
@@ -222,7 +168,7 @@ describe Doorkeeper::TokensController do
       it 'responds with only active state' do
         request.headers['Authorization'] = basic_auth_header_for_client(client)
-        post :introspect, token: SecureRandom.hex(16)
+        post :introspect, params: { token: SecureRandom.hex(16) }
         should_have_json 'active', false
         expect(json_response).not_to include('client_id', 'token_type', 'exp', 'iat')
@@ -236,7 +182,7 @@ describe Doorkeeper::TokensController do
       it 'responds with only active state' do
         request.headers['Authorization'] = basic_auth_header_for_client(client)
-        post :introspect, token: access_token.token
+        post :introspect, params: { token: access_token.token }
         should_have_json 'active', false
         expect(json_response).not_to include('client_id', 'token_type', 'exp', 'iat')
@@ -250,7 +196,7 @@ describe Doorkeeper::TokensController do
       it 'responds with only active state' do
         request.headers['Authorization'] = basic_auth_header_for_client(client)
-        post :introspect, token: access_token.token
+        post :introspect, params: { token: access_token.token }
         should_have_json 'active', false
         expect(json_response).not_to include('client_id', 'token_type', 'exp', 'iat')
@@ -261,7 +207,7 @@ describe Doorkeeper::TokensController do
       let(:access_token) { FactoryBot.create(:access_token) }
       it 'responds with invalid_request error' do
-        post :introspect, token: access_token.token
+        post :introspect, params: { token: access_token.token }
         expect(response).not_to be_successful
         response_status_should_be 401

data/spec/dummy/app/assets/config/manifest.js ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ // JS and CSS bundles
2	+ //

data/spec/dummy/config/environments/test.rb CHANGED Viewed

@@ -7,6 +7,10 @@ Dummy::Application.configure do
   # and recreated between test runs.  Don't rely on the data there!
   config.cache_classes = true
+  config.assets.enabled = true
+  config.assets.version = '1.0'
+  config.assets.digest = false
   # Do not eager load code on boot. This avoids loading your whole application
   # just for the purpose of running a single test. If you are using a tool that
   # preloads Rails for running tests, you may have to set it to true.
@@ -36,9 +40,4 @@ Dummy::Application.configure do
   config.active_support.deprecation = :stderr
   config.eager_load = true
-  if DOORKEEPER_ORM == :active_record
-    config.active_record.table_name_prefix = TABLE_NAME_PREFIX.to_s
-    config.active_record.table_name_suffix = TABLE_NAME_SUFFIX.to_s
-  end
 end

data/spec/dummy/config/initializers/doorkeeper.rb CHANGED Viewed

@@ -29,10 +29,11 @@ Doorkeeper.configure do
   # Issue access tokens with refresh token (disabled by default)
   use_refresh_token
-  # Opt out of breaking api change to the native authorization code flow. Opting out sets the authorization
-  # code response route for native redirect uris to oauth/authorize/<code>. The default is oauth/authorize/native?code=<code>.
-  # Rationale: https://github.com/doorkeeper-gem/doorkeeper/issues/1143
-  # opt_out_native_route_change
+  # Forbids creating/updating applications with arbitrary scopes that are
+  # not in configuration, i.e. `default_scopes` or `optional_scopes`.
+  # (disabled by default)
+  #
+  # enforce_configured_scopes
   # Provide support for an owner to be assigned to each registered application (disabled by default)
   # Optional parameter confirmation: true (default false) if you want to enforce ownership of

data/spec/dummy/config/initializers/new_framework_defaults.rb CHANGED Viewed

@@ -3,4 +3,8 @@
 # made on earlier versions of Rails are not affected when upgrading.
 if Rails::VERSION::MAJOR >= 5
   Rails.application.config.active_record.belongs_to_required_by_default = true
+  if Rails::VERSION::MINOR >= 2
+    Rails.application.config.active_record.sqlite3.represent_boolean_as_integer = true
+  end
 end

data/spec/dummy/config/routes.rb CHANGED Viewed

@@ -1,52 +1,13 @@
 Rails.application.routes.draw do
   use_doorkeeper
-  use_doorkeeper scope: 'scope'
-  scope 'inner_space' do
-    use_doorkeeper scope: 'scope' do
-      controllers authorizations: 'custom_authorizations',
-                  tokens: 'custom_authorizations',
-                  applications: 'custom_authorizations',
-                  token_info: 'custom_authorizations'
-      as authorizations: 'custom_auth',
-         tokens: 'custom_token',
-         token_info: 'custom_token_info'
-    end
-  end
-  scope 'space' do
-    use_doorkeeper do
-      controllers authorizations: 'custom_authorizations',
-                  tokens: 'custom_authorizations',
-                  applications: 'custom_authorizations',
-                  token_info: 'custom_authorizations'
-      as authorizations: 'custom_auth',
-         tokens: 'custom_token',
-         token_info: 'custom_token_info'
-    end
-  end
-  scope 'outer_space' do
-    use_doorkeeper do
-      controllers authorizations: 'custom_authorizations',
-                  tokens: 'custom_authorizations',
-                  token_info: 'custom_authorizations'
-      as authorizations: 'custom_auth',
-         tokens: 'custom_token',
-         token_info: 'custom_token_info'
-      skip_controllers :tokens, :applications, :token_info
-    end
-  end
+  resources :semi_protected_resources
+  resources :full_protected_resources
   get 'metal.json' => 'metal#index'
   get '/callback', to: 'home#callback'
   get '/sign_in',  to: 'home#sign_in'
-  resources :semi_protected_resources
-  resources :full_protected_resources
   root to: 'home#index'
 end

data/spec/dummy/db/migrate/20170822064514_enable_pkce.rb ADDED Viewed

@@ -0,0 +1,6 @@
+class EnablePkce < ActiveRecord::Migration[4.2]
+  def change
+    add_column :oauth_access_grants, :code_challenge, :string, null: true
+    add_column :oauth_access_grants, :code_challenge_method, :string, null: true
+  end
+end

data/spec/dummy/db/migrate/{20180210183654_add_confidential_to_application.rb → 20180210183654_add_confidential_to_applications.rb} RENAMED Viewed

@@ -1,6 +1,6 @@
 # frozen_string_literal: true
-class AddConfidentialToApplication < ActiveRecord::Migration[5.1]
+class AddConfidentialToApplications < ActiveRecord::Migration[5.1]
   def change
     add_column(
       :oauth_applications,

data/spec/dummy/db/schema.rb CHANGED Viewed

@@ -1,4 +1,3 @@
-# encoding: UTF-8
 # This file is auto-generated from the current state of the database. Instead
 # of editing this file, please use the migrations feature of Active Record to
 # incrementally modify your database, and then regenerate this schema definition.
@@ -14,55 +13,56 @@
 ActiveRecord::Schema.define(version: 20180210183654) do
   create_table "oauth_access_grants", force: :cascade do |t|
-    t.integer  "resource_owner_id", null: false
-    t.integer  "application_id",    null: false
-    t.string   "token",             null: false
-    t.integer  "expires_in",        null: false
-    t.text     "redirect_uri",      null: false
-    t.datetime "created_at",        null: false
+    t.integer "resource_owner_id", null: false
+    t.integer "application_id", null: false
+    t.string "token", null: false
+    t.integer "expires_in", null: false
+    t.text "redirect_uri", null: false
+    t.datetime "created_at", null: false
     t.datetime "revoked_at"
-    t.string   "scopes"
+    t.string "scopes"
+    unless ENV['WITHOUT_PKCE']
+      t.string   "code_challenge"
+      t.string   "code_challenge_method"
+    end
+    t.index ["token"], name: "index_oauth_access_grants_on_token", unique: true
   end
-  add_index "oauth_access_grants", ["token"], name: "index_oauth_access_grants_on_token", unique: true
   create_table "oauth_access_tokens", force: :cascade do |t|
-    t.integer  "resource_owner_id"
-    t.integer  "application_id"
-    t.string   "token",                               null: false
-    t.string   "refresh_token"
-    t.integer  "expires_in"
+    t.integer "resource_owner_id"
+    t.integer "application_id"
+    t.string "token", null: false
+    t.string "refresh_token"
+    t.integer "expires_in"
     t.datetime "revoked_at"
-    t.datetime "created_at",                          null: false
-    t.string   "scopes"
-    t.string   "previous_refresh_token", default: "", null: false
+    t.datetime "created_at", null: false
+    t.string "scopes"
+    t.string "previous_refresh_token", default: "", null: false
+    t.index ["refresh_token"], name: "index_oauth_access_tokens_on_refresh_token", unique: true
+    t.index ["resource_owner_id"], name: "index_oauth_access_tokens_on_resource_owner_id"
+    t.index ["token"], name: "index_oauth_access_tokens_on_token", unique: true
   end
-  add_index "oauth_access_tokens", ["refresh_token"], name: "index_oauth_access_tokens_on_refresh_token", unique: true
-  add_index "oauth_access_tokens", ["resource_owner_id"], name: "index_oauth_access_tokens_on_resource_owner_id"
-  add_index "oauth_access_tokens", ["token"], name: "index_oauth_access_tokens_on_token", unique: true
   create_table "oauth_applications", force: :cascade do |t|
-    t.string   "name",                      null: false
-    t.string   "uid",                       null: false
-    t.string   "secret",                    null: false
-    t.text     "redirect_uri",              null: false
-    t.string   "scopes",       default: "", null: false
-    t.datetime "created_at"
-    t.datetime "updated_at"
-    t.integer  "owner_id"
-    t.string   "owner_type"
+    t.string "name", null: false
+    t.string "uid", null: false
+    t.string "secret", null: false
+    t.text "redirect_uri", null: false
+    t.string "scopes", default: "", null: false
+    t.datetime "created_at", null: false
+    t.datetime "updated_at", null: false
+    t.integer "owner_id"
+    t.string "owner_type"
     t.boolean "confidential", default: true, null: false
+    t.index ["owner_id", "owner_type"], name: "index_oauth_applications_on_owner_id_and_owner_type"
+    t.index ["uid"], name: "index_oauth_applications_on_uid", unique: true
   end
-  add_index "oauth_applications", ["owner_id", "owner_type"], name: "index_oauth_applications_on_owner_id_and_owner_type"
-  add_index "oauth_applications", ["uid"], name: "index_oauth_applications_on_uid", unique: true
   create_table "users", force: :cascade do |t|
-    t.string   "name"
+    t.string "name"
     t.datetime "created_at"
     t.datetime "updated_at"
-    t.string   "password"
+    t.string "password"
   end
 end

data/spec/generators/application_owner_generator_spec.rb CHANGED Viewed

@@ -1,4 +1,4 @@
-require 'spec_helper_integration'
+require 'spec_helper'
 require 'generators/doorkeeper/application_owner_generator'
 describe 'Doorkeeper::ApplicationOwnerGenerator' do

data/spec/generators/confidential_applications_generator_spec.rb ADDED Viewed

@@ -0,0 +1,45 @@
+# frozen_string_literal: true
+require 'spec_helper'
+require 'generators/doorkeeper/confidential_applications_generator'
+describe 'Doorkeeper::ConfidentialApplicationsGenerator' do
+  include GeneratorSpec::TestCase
+  tests Doorkeeper::ConfidentialApplicationsGenerator
+  destination ::File.expand_path('../tmp/dummy', __FILE__)
+  describe 'after running the generator' do
+    before :each do
+      prepare_destination
+    end
+    context 'pre Rails 5.0.0' do
+      it 'creates a migration with no version specifier' do
+        stub_const("ActiveRecord::VERSION::MAJOR", 4)
+        stub_const("ActiveRecord::VERSION::MINOR", 2)
+        run_generator
+        assert_migration 'db/migrate/add_confidential_to_applications.rb' do |migration|
+          assert migration.include?("ActiveRecord::Migration\n")
+          assert migration.include?(':confidential')
+        end
+      end
+    end
+    context 'post Rails 5.0.0' do
+      it 'creates a migration with a version specifier' do
+        stub_const("ActiveRecord::VERSION::MAJOR", 5)
+        stub_const("ActiveRecord::VERSION::MINOR", 0)
+        run_generator
+        assert_migration 'db/migrate/add_confidential_to_applications.rb' do |migration|
+          assert migration.include?("ActiveRecord::Migration[5.0]\n")
+          assert migration.include?(':confidential')
+        end
+      end
+    end
+  end
+end

data/spec/generators/install_generator_spec.rb CHANGED Viewed

@@ -1,4 +1,4 @@
-require 'spec_helper_integration'
+require 'spec_helper'
 require 'generators/doorkeeper/install_generator'
 describe 'Doorkeeper::InstallGenerator' do

data/spec/generators/migration_generator_spec.rb CHANGED Viewed

@@ -1,4 +1,4 @@
-require 'spec_helper_integration'
+require 'spec_helper'
 require 'generators/doorkeeper/migration_generator'
 describe 'Doorkeeper::MigrationGenerator' do

data/spec/generators/pkce_generator_spec.rb ADDED Viewed

@@ -0,0 +1,43 @@
+# frozen_string_literal: true
+require 'spec_helper'
+require 'generators/doorkeeper/pkce_generator'
+describe 'Doorkeeper::PkceGenerator' do
+  include GeneratorSpec::TestCase
+  tests Doorkeeper::PkceGenerator
+  destination ::File.expand_path('../tmp/dummy', __FILE__)
+  describe 'after running the generator' do
+    before :each do
+      prepare_destination
+    end
+    context 'pre Rails 5.0.0' do
+      it 'creates a migration with no version specifier' do
+        stub_const("ActiveRecord::VERSION::MAJOR", 4)
+        stub_const("ActiveRecord::VERSION::MINOR", 2)
+        run_generator
+        assert_migration 'db/migrate/enable_pkce.rb' do |migration|
+          assert migration.include?("ActiveRecord::Migration\n")
+        end
+      end
+    end
+    context 'post Rails 5.0.0' do
+      it 'creates a migration with a version specifier' do
+        stub_const("ActiveRecord::VERSION::MAJOR", 5)
+        stub_const("ActiveRecord::VERSION::MINOR", 0)
+        run_generator
+        assert_migration 'db/migrate/enable_pkce.rb' do |migration|
+          assert migration.include?("ActiveRecord::Migration[5.0]\n")
+        end
+      end
+    end
+  end
+end

data/spec/generators/previous_refresh_token_generator_spec.rb CHANGED Viewed

@@ -1,4 +1,4 @@
-require 'spec_helper_integration'
+require 'spec_helper'
 require 'generators/doorkeeper/previous_refresh_token_generator'
 describe 'Doorkeeper::PreviousRefreshTokenGenerator' do

data/spec/generators/views_generator_spec.rb CHANGED Viewed

@@ -1,4 +1,4 @@
-require 'spec_helper_integration'
+require 'spec_helper'
 require 'generators/doorkeeper/views_generator'
 describe Doorkeeper::Generators::ViewsGenerator do

data/spec/grape/grape_integration_spec.rb CHANGED Viewed

@@ -1,4 +1,4 @@
-require 'spec_helper_integration'
+require 'spec_helper'
 require 'grape'
 require 'rack/test'
 require 'doorkeeper/grape/helpers'

data/spec/helpers/doorkeeper/dashboard_helper_spec.rb CHANGED Viewed

@@ -1,4 +1,4 @@
-require 'spec_helper_integration'
+require 'spec_helper'
 describe Doorkeeper::DashboardHelper do
   describe '#doorkeeper_errors_for' do