doorkeeper 4.4.3 → 5.0.3

data/spec/generators/pkce_generator_spec.rb

@@ -0,0 +1,43 @@
+# frozen_string_literal: true
+
+require 'spec_helper'
+require 'generators/doorkeeper/pkce_generator'
+
+describe 'Doorkeeper::PkceGenerator' do
+  include GeneratorSpec::TestCase
+
+  tests Doorkeeper::PkceGenerator
+  destination ::File.expand_path('../tmp/dummy', __FILE__)
+
+  describe 'after running the generator' do
+    before :each do
+      prepare_destination
+    end
+
+    context 'pre Rails 5.0.0' do
+      it 'creates a migration with no version specifier' do
+        stub_const("ActiveRecord::VERSION::MAJOR", 4)
+        stub_const("ActiveRecord::VERSION::MINOR", 2)
+
+        run_generator
+
+        assert_migration 'db/migrate/enable_pkce.rb' do |migration|
+          assert migration.include?("ActiveRecord::Migration\n")
+        end
+      end
+    end
+
+    context 'post Rails 5.0.0' do
+      it 'creates a migration with a version specifier' do
+        stub_const("ActiveRecord::VERSION::MAJOR", 5)
+        stub_const("ActiveRecord::VERSION::MINOR", 0)
+
+        run_generator
+
+        assert_migration 'db/migrate/enable_pkce.rb' do |migration|
+          assert migration.include?("ActiveRecord::Migration[5.0]\n")
+        end
+      end
+    end
+  end
+end

data/spec/generators/previous_refresh_token_generator_spec.rb

@@ -1,4 +1,4 @@
-require 'spec_helper_integration'
+require 'spec_helper'
 require 'generators/doorkeeper/previous_refresh_token_generator'
 
 describe 'Doorkeeper::PreviousRefreshTokenGenerator' do

data/spec/generators/templates/routes.rb

@@ -1,3 +1,2 @@
 Rails.application.routes.draw do
-
 end

data/spec/generators/views_generator_spec.rb

@@ -1,11 +1,11 @@
-require 'spec_helper_integration'
+require 'spec_helper'
 require 'generators/doorkeeper/views_generator'
 
 describe Doorkeeper::Generators::ViewsGenerator do
   include GeneratorSpec::TestCase
 
   tests Doorkeeper::Generators::ViewsGenerator
-  destination File.expand_path('../tmp/dummy', __FILE__)
+  destination File.expand_path('tmp/dummy', __dir__)
 
   before :each do
     prepare_destination

data/spec/grape/grape_integration_spec.rb

@@ -1,4 +1,4 @@
-require 'spec_helper_integration'
+require 'spec_helper'
 require 'grape'
 require 'rack/test'
 require 'doorkeeper/grape/helpers'
@@ -68,7 +68,7 @@ describe 'Grape integration' do
   def json_body
     JSON.parse(last_response.body)
   end
-  
+
   let(:client) { FactoryBot.create(:application) }
   let(:resource) { FactoryBot.create(:doorkeeper_testing_user, name: 'Joe', password: 'sekret') }
   let(:access_token) { client_is_authorized(client, resource) }

data/spec/helpers/doorkeeper/dashboard_helper_spec.rb

@@ -1,4 +1,4 @@
-require 'spec_helper_integration'
+require 'spec_helper'
 
 describe Doorkeeper::DashboardHelper do
   describe '#doorkeeper_errors_for' do

data/spec/lib/config_spec.rb

@@ -1,4 +1,4 @@
-require 'spec_helper_integration'
+require 'spec_helper'
 
 describe Doorkeeper, 'configuration' do
   subject { Doorkeeper.configuration }
@@ -66,6 +66,17 @@ describe Doorkeeper, 'configuration' do
   end
 
   describe 'admin_authenticator' do
+    it 'sets the block that is accessible via authenticate_admin' do
+      default_behaviour = 'default behaviour'
+      allow(Doorkeeper::Config).to receive(:head).and_return(default_behaviour)
+
+      Doorkeeper.configure do
+        orm DOORKEEPER_ORM
+      end
+
+      expect(subject.authenticate_admin.call({})).to eq(default_behaviour)
+    end
+
     it 'sets the block that is accessible via authenticate_admin' do
       block = proc {}
       Doorkeeper.configure do
@@ -122,7 +133,7 @@ describe Doorkeeper, 'configuration' do
     it 'has all scopes' do
       Doorkeeper.configure do
         orm DOORKEEPER_ORM
-        default_scopes  :normal
+        default_scopes :normal
         optional_scopes :admin
       end
 
@@ -132,7 +143,7 @@ describe Doorkeeper, 'configuration' do
 
   describe 'use_refresh_token' do
     it 'is false by default' do
-      expect(subject.refresh_token_enabled?).to be_falsey
+      expect(subject.refresh_token_enabled?).to eq(false)
     end
 
     it 'can change the value' do
@@ -141,7 +152,25 @@ describe Doorkeeper, 'configuration' do
         use_refresh_token
       end
 
-      expect(subject.refresh_token_enabled?).to be_truthy
+      expect(subject.refresh_token_enabled?).to eq(true)
+    end
+
+    it 'can accept a boolean parameter' do
+      Doorkeeper.configure do
+        orm DOORKEEPER_ORM
+        use_refresh_token false
+      end
+
+      expect(subject.refresh_token_enabled?).to eq(false)
+    end
+
+    it 'can accept a block parameter' do
+      Doorkeeper.configure do
+        orm DOORKEEPER_ORM
+        use_refresh_token { |_context| nil }
+      end
+
+      expect(subject.refresh_token_enabled?).to be_a(Proc)
     end
 
     it "does not includes 'refresh_token' in authorization_response_types" do
@@ -150,10 +179,10 @@ describe Doorkeeper, 'configuration' do
 
     context "is enabled" do
       before do
-        Doorkeeper.configure {
+        Doorkeeper.configure do
           orm DOORKEEPER_ORM
           use_refresh_token
-        }
+        end
       end
 
       it "includes 'refresh_token' in authorization_response_types" do
@@ -162,34 +191,25 @@ describe Doorkeeper, 'configuration' do
     end
   end
 
-  describe 'opt_out_native_route_change' do
-    around(:each) do |example|
-      Doorkeeper.configure do
-        orm DOORKEEPER_ORM
-        opt_out_native_route_change
-      end
-
-      Rails.application.reload_routes!
-
-      subject { Doorkeeper.configuration }
-
-      example.run
+  describe 'enforce_configured_scopes' do
+    it 'is false by default' do
+      expect(subject.enforce_configured_scopes?).to eq(false)
+    end
 
+    it 'can change the value' do
       Doorkeeper.configure do
         orm DOORKEEPER_ORM
+        enforce_configured_scopes
       end
 
-      Rails.application.reload_routes!
-    end
-
-    it 'sets the native authorization code route /:code' do
-      expect(subject.native_authorization_code_route).to eq('/:code')
+      expect(subject.enforce_configured_scopes?).to eq(true)
     end
   end
 
   describe 'client_credentials' do
     it 'has defaults order' do
-      expect(subject.client_credentials_methods).to eq([:from_basic, :from_params])
+      expect(subject.client_credentials_methods)
+        .to eq(%i[from_basic from_params])
     end
 
     it 'can change the value' do
@@ -198,13 +218,14 @@ describe Doorkeeper, 'configuration' do
         client_credentials :from_digest, :from_params
       end
 
-      expect(subject.client_credentials_methods).to eq([:from_digest, :from_params])
+      expect(subject.client_credentials_methods)
+        .to eq(%i[from_digest from_params])
     end
   end
 
   describe 'force_ssl_in_redirect_uri' do
     it 'is true by default in non-development environments' do
-      expect(subject.force_ssl_in_redirect_uri).to be_truthy
+      expect(subject.force_ssl_in_redirect_uri).to eq(true)
     end
 
     it 'can change the value' do
@@ -213,7 +234,7 @@ describe Doorkeeper, 'configuration' do
         force_ssl_in_redirect_uri(false)
       end
 
-      expect(subject.force_ssl_in_redirect_uri).to be_falsey
+      expect(subject.force_ssl_in_redirect_uri).to eq(false)
     end
 
     it 'can be a callable object' do
@@ -224,13 +245,14 @@ describe Doorkeeper, 'configuration' do
       end
 
       expect(subject.force_ssl_in_redirect_uri).to eq(block)
-      expect(subject.force_ssl_in_redirect_uri.call).to be_falsey
+      expect(subject.force_ssl_in_redirect_uri.call).to eq(false)
     end
   end
 
   describe 'access_token_methods' do
     it 'has defaults order' do
-      expect(subject.access_token_methods).to eq([:from_bearer_authorization, :from_access_token_param, :from_bearer_param])
+      expect(subject.access_token_methods)
+        .to eq(%i[from_bearer_authorization from_access_token_param from_bearer_param])
     end
 
     it 'can change the value' do
@@ -239,13 +261,14 @@ describe Doorkeeper, 'configuration' do
         access_token_methods :from_access_token_param, :from_bearer_param
       end
 
-      expect(subject.access_token_methods).to eq([:from_access_token_param, :from_bearer_param])
+      expect(subject.access_token_methods)
+        .to eq(%i[from_access_token_param from_bearer_param])
     end
   end
 
   describe 'forbid_redirect_uri' do
     it 'is false by default' do
-      expect(subject.forbid_redirect_uri.call(URI.parse('https://localhost'))).to be_falsey
+      expect(subject.forbid_redirect_uri.call(URI.parse('https://localhost'))).to eq(false)
     end
 
     it 'can be a callable object' do
@@ -256,13 +279,13 @@ describe Doorkeeper, 'configuration' do
       end
 
       expect(subject.forbid_redirect_uri).to eq(block)
-      expect(subject.forbid_redirect_uri.call).to be_truthy
+      expect(subject.forbid_redirect_uri.call).to eq(true)
     end
   end
 
   describe 'enable_application_owner' do
     it 'is disabled by default' do
-      expect(Doorkeeper.configuration.enable_application_owner?).not_to be_truthy
+      expect(Doorkeeper.configuration.enable_application_owner?).not_to eq(true)
     end
 
     context 'when enabled without confirmation' do
@@ -278,7 +301,7 @@ describe Doorkeeper, 'configuration' do
       end
 
       it 'Doorkeeper.configuration.confirm_application_owner? returns false' do
-        expect(Doorkeeper.configuration.confirm_application_owner?).not_to be_truthy
+        expect(Doorkeeper.configuration.confirm_application_owner?).not_to eq(true)
       end
     end
 
@@ -295,7 +318,7 @@ describe Doorkeeper, 'configuration' do
       end
 
       it 'Doorkeeper.configuration.confirm_application_owner? returns true' do
-        expect(Doorkeeper.configuration.confirm_application_owner?).to be_truthy
+        expect(Doorkeeper.configuration.confirm_application_owner?).to eq(true)
       end
     end
   end
@@ -317,17 +340,17 @@ describe Doorkeeper, 'configuration' do
 
   describe "grant_flows" do
     it "is set to all grant flows by default" do
-      expect(Doorkeeper.configuration.grant_flows).
-        to eq(%w[authorization_code client_credentials])
+      expect(Doorkeeper.configuration.grant_flows)
+        .to eq(%w[authorization_code client_credentials])
     end
 
     it "can change the value" do
       Doorkeeper.configure do
         orm DOORKEEPER_ORM
-        grant_flows ['authorization_code', 'implicit']
+        grant_flows %w[authorization_code implicit]
       end
 
-      expect(subject.grant_flows).to eq ['authorization_code', 'implicit']
+      expect(subject.grant_flows).to eq %w[authorization_code implicit]
     end
 
     context "when including 'authorization_code'" do
@@ -459,4 +482,47 @@ describe Doorkeeper, 'configuration' do
       end
     end
   end
+
+  describe "api_only" do
+    it "is false by default" do
+      expect(subject.api_only).to eq(false)
+    end
+
+    it "can change the value" do
+      Doorkeeper.configure do
+        orm DOORKEEPER_ORM
+        api_only
+      end
+
+      expect(subject.api_only).to eq(true)
+    end
+  end
+
+  describe 'strict_content_type' do
+    it 'is false by default' do
+      expect(subject.enforce_content_type).to eq(false)
+    end
+
+    it "can change the value" do
+      Doorkeeper.configure do
+        orm DOORKEEPER_ORM
+        enforce_content_type
+      end
+
+      expect(subject.enforce_content_type).to eq(true)
+    end
+  end
+
+  describe 'handle_auth_errors' do
+    it 'is set to render by default' do
+      expect(Doorkeeper.configuration.handle_auth_errors).to eq(:render)
+    end
+    it 'can change the value' do
+      Doorkeeper.configure do
+        orm DOORKEEPER_ORM
+        handle_auth_errors :raise
+      end
+      expect(subject.handle_auth_errors).to eq(:raise)
+    end
+  end
 end

data/spec/lib/doorkeeper_spec.rb

@@ -1,4 +1,4 @@
-require 'spec_helper_integration'
+require 'spec_helper'
 
 describe Doorkeeper do
   describe "#authenticate" do
@@ -7,144 +7,19 @@ describe Doorkeeper do
     it "calls OAuth::Token#authenticate" do
       token_strategies = Doorkeeper.configuration.access_token_methods
 
-      expect(Doorkeeper::OAuth::Token).to receive(:authenticate).
-        with(request, *token_strategies)
+      expect(Doorkeeper::OAuth::Token).to receive(:authenticate)
+        .with(request, *token_strategies)
 
       Doorkeeper.authenticate(request)
     end
 
     it "accepts custom token strategies" do
-      token_strategies = [:first_way, :second_way]
+      token_strategies = %i[first_way second_way]
 
-      expect(Doorkeeper::OAuth::Token).to receive(:authenticate).
-        with(request, *token_strategies)
+      expect(Doorkeeper::OAuth::Token).to receive(:authenticate)
+        .with(request, *token_strategies)
 
       Doorkeeper.authenticate(request, token_strategies)
     end
   end
-
-  describe "#configured?" do
-    after do
-      Doorkeeper.remove_instance_variable(:@config)
-    end
-
-    context "@config is set" do
-      it "returns true" do
-        Doorkeeper.instance_variable_set(:@config, "hi")
-
-        expect(Doorkeeper.configured?).to eq(true)
-      end
-    end
-
-    context "@config is not set" do
-      it "returns false" do
-        Doorkeeper.instance_variable_set(:@config, nil)
-
-        expect(Doorkeeper.configured?).to eq(false)
-      end
-    end
-
-    it "is deprecated" do
-      expect(ActiveSupport::Deprecation).to receive(:warn).
-        with("Method `Doorkeeper#configured?` has been deprecated without replacement.")
-
-      Doorkeeper.configured?
-    end
-  end
-
-  describe "#database_installed?" do
-    before do
-      ["AccessToken", "AccessGrant", "Application"].each do |klass|
-        @original_classes ||= {}
-        @original_classes[klass] = Doorkeeper.const_get(klass)
-        Doorkeeper.send(:remove_const, klass)
-      end
-    end
-
-    after do
-      ["AccessToken", "AccessGrant", "Application"].each do |klass|
-        Doorkeeper.send(:remove_const, klass)
-        Doorkeeper.const_set(klass, @original_classes[klass])
-      end
-    end
-
-    context "all tables exist" do
-      before do
-        klass = double table_exists?: true
-
-        Doorkeeper.const_set(:AccessToken, klass)
-        Doorkeeper.const_set(:AccessGrant, klass)
-        Doorkeeper.const_set(:Application, klass)
-      end
-
-      it "returns true" do
-        expect(Doorkeeper.database_installed?).to eq(true)
-      end
-
-      it "is deprecated" do
-        expect(ActiveSupport::Deprecation).to receive(:warn).
-          with("Method `Doorkeeper#database_installed?` has been deprecated without replacement.")
-
-        Doorkeeper.database_installed?
-      end
-    end
-
-    context "all tables do not exist" do
-      before do
-        klass = double table_exists?: false
-
-        Doorkeeper.const_set(:AccessToken, klass)
-        Doorkeeper.const_set(:AccessGrant, klass)
-        Doorkeeper.const_set(:Application, klass)
-      end
-
-      it "returns false" do
-        expect(Doorkeeper.database_installed?).to eq(false)
-      end
-
-      it "is deprecated" do
-        expect(ActiveSupport::Deprecation).to receive(:warn).
-          with("Method `Doorkeeper#database_installed?` has been deprecated without replacement.")
-
-        Doorkeeper.database_installed?
-      end
-    end
-  end
-
-  describe "#installed?" do
-    context "methods return true" do
-      before do
-        allow(Doorkeeper).to receive(:configured?).and_return(true).once
-        allow(Doorkeeper).to receive(:database_installed?).and_return(true).once
-      end
-
-      it "returns true" do
-        expect(Doorkeeper.installed?).to eq(true)
-      end
-    end
-
-    context "methods return false" do
-      before do
-        allow(Doorkeeper).to receive(:configured?).and_return(false).once
-        allow(Doorkeeper).to receive(:database_installed?).and_return(false).once
-      end
-
-      it "returns false" do
-        expect(Doorkeeper.installed?).to eq(false)
-      end
-    end
-
-    it "is deprecated" do
-      expect(ActiveSupport::Deprecation).to receive(:warn).
-        with("Method `Doorkeeper#configured?` has been deprecated without replacement.")
-
-      expect(ActiveSupport::Deprecation).to receive(:warn).
-        with("Method `Doorkeeper#database_installed?` has been deprecated without replacement.")
-
-      expect(ActiveSupport::Deprecation).to receive(:warn).
-        with("Method `Doorkeeper#installed?` has been deprecated without replacement.")
-
-      Doorkeeper.installed?
-    end
-  end
 end

data/spec/lib/models/expirable_spec.rb

@@ -1,6 +1,4 @@
 require 'spec_helper'
-require 'active_support/time'
-require 'doorkeeper/models/concerns/expirable'
 
 describe 'Expirable' do
   subject do
@@ -45,6 +43,5 @@ describe 'Expirable' do
       allow(subject).to receive(:expires_in).and_return(nil)
       expect(subject.expires_in_seconds).to be_nil
     end
-
   end
 end

data/spec/lib/models/revocable_spec.rb

@@ -1,6 +1,4 @@
 require 'spec_helper'
-require 'active_support/core_ext/object/blank'
-require 'doorkeeper/models/concerns/revocable'
 
 describe 'Revocable' do
   subject do

data/spec/lib/models/scopes_spec.rb

@@ -1,8 +1,4 @@
 require 'spec_helper'
-require 'active_support/core_ext/module/delegation'
-require 'active_support/core_ext/object/blank'
-require 'doorkeeper/oauth/scopes'
-require 'doorkeeper/models/concerns/scopes'
 
 describe 'Doorkeeper::Models::Scopes' do
   subject do

data/spec/lib/oauth/authorization/uri_builder_spec.rb

@@ -1,8 +1,4 @@
 require 'spec_helper'
-require 'active_support/core_ext/string'
-require 'uri'
-require 'rack/utils'
-require 'doorkeeper/oauth/authorization/uri_builder'
 
 module Doorkeeper::OAuth::Authorization
   describe URIBuilder do

data/spec/lib/oauth/authorization_code_request_spec.rb

@@ -1,4 +1,4 @@
-require 'spec_helper_integration'
+require 'spec_helper'
 
 module Doorkeeper::OAuth
   describe AuthorizationCodeRequest do
@@ -6,7 +6,9 @@ module Doorkeeper::OAuth
       double :server,
              access_token_expires_in: 2.days,
              refresh_token_enabled?: false,
-             custom_access_token_expires_in: ->(_app) { nil }
+             custom_access_token_expires_in: lambda { |context|
+               context.grant_type == Doorkeeper::OAuth::AUTHORIZATION_CODE ? 1234 : nil
+             }
     end
 
     let(:grant)  { FactoryBot.create :access_grant }
@@ -22,6 +24,8 @@ module Doorkeeper::OAuth
       expect do
         subject.authorize
       end.to change { client.reload.access_tokens.count }.by(1)
+
+      expect(client.reload.access_tokens.max_by(&:created_at).expires_in).to eq(1234)
     end
 
     it "issues the token with same grant's scopes" do
@@ -30,7 +34,7 @@ module Doorkeeper::OAuth
     end
 
     it 'revokes the grant' do
-      expect { subject.authorize }.to change { grant.reload.accessible? }
+      expect { subject.authorize }.to(change { grant.reload.accessible? })
     end
 
     it 'requires the grant to be accessible' do
@@ -70,20 +74,26 @@ module Doorkeeper::OAuth
     end
 
     it 'skips token creation if there is a matching one' do
+      scopes = grant.scopes
+
       Doorkeeper.configure do
         orm DOORKEEPER_ORM
         reuse_access_token
+        default_scopes(*scopes)
       end
 
       FactoryBot.create(:access_token, application_id: client.id,
-        resource_owner_id: grant.resource_owner_id, scopes: grant.scopes.to_s)
+                                       resource_owner_id: grant.resource_owner_id, scopes: grant.scopes.to_s)
 
-      expect { subject.authorize }.to_not change { Doorkeeper::AccessToken.count }
+      expect { subject.authorize }.to_not(change { Doorkeeper::AccessToken.count })
     end
 
     it "calls configured request callback methods" do
-      expect(Doorkeeper.configuration.before_successful_strategy_response).to receive(:call).with(subject).once
-      expect(Doorkeeper.configuration.after_successful_strategy_response).to receive(:call).with(subject, instance_of(Doorkeeper::OAuth::TokenResponse)).once
+      expect(Doorkeeper.configuration.before_successful_strategy_response)
+        .to receive(:call).with(subject).once
+      expect(Doorkeeper.configuration.after_successful_strategy_response)
+        .to receive(:call).with(subject, instance_of(Doorkeeper::OAuth::TokenResponse)).once
+
       subject.authorize
     end