doorkeeper 4.4.3 → 5.5.2
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of doorkeeper might be problematic. Click here for more details.
- checksums.yaml +5 -5
- data/{NEWS.md → CHANGELOG.md} +393 -19
- data/README.md +97 -393
- data/app/assets/stylesheets/doorkeeper/admin/application.css +2 -2
- data/app/controllers/doorkeeper/application_controller.rb +8 -5
- data/app/controllers/doorkeeper/application_metal_controller.rb +7 -11
- data/app/controllers/doorkeeper/applications_controller.rb +62 -27
- data/app/controllers/doorkeeper/authorizations_controller.rb +97 -17
- data/app/controllers/doorkeeper/authorized_applications_controller.rb +22 -3
- data/app/controllers/doorkeeper/token_info_controller.rb +16 -4
- data/app/controllers/doorkeeper/tokens_controller.rb +98 -32
- data/app/helpers/doorkeeper/dashboard_helper.rb +9 -7
- data/app/views/doorkeeper/applications/_delete_form.html.erb +3 -1
- data/app/views/doorkeeper/applications/_form.html.erb +27 -26
- data/app/views/doorkeeper/applications/edit.html.erb +1 -1
- data/app/views/doorkeeper/applications/index.html.erb +17 -7
- data/app/views/doorkeeper/applications/new.html.erb +1 -1
- data/app/views/doorkeeper/applications/show.html.erb +38 -17
- data/app/views/doorkeeper/authorizations/error.html.erb +1 -1
- data/app/views/doorkeeper/authorizations/form_post.html.erb +15 -0
- data/app/views/doorkeeper/authorizations/new.html.erb +6 -0
- data/app/views/layouts/doorkeeper/admin.html.erb +16 -14
- data/config/locales/en.yml +23 -3
- data/lib/doorkeeper/config/abstract_builder.rb +28 -0
- data/lib/doorkeeper/config/option.rb +82 -0
- data/lib/doorkeeper/config/validations.rb +53 -0
- data/lib/doorkeeper/config.rb +471 -140
- data/lib/doorkeeper/engine.rb +8 -2
- data/lib/doorkeeper/errors.rb +25 -16
- data/lib/doorkeeper/grant_flow/fallback_flow.rb +15 -0
- data/lib/doorkeeper/grant_flow/flow.rb +44 -0
- data/lib/doorkeeper/grant_flow/registry.rb +50 -0
- data/lib/doorkeeper/grant_flow.rb +45 -0
- data/lib/doorkeeper/grape/authorization_decorator.rb +6 -4
- data/lib/doorkeeper/grape/helpers.rb +13 -7
- data/lib/doorkeeper/helpers/controller.rb +43 -10
- data/lib/doorkeeper/models/access_grant_mixin.rb +97 -3
- data/lib/doorkeeper/models/access_token_mixin.rb +272 -66
- data/lib/doorkeeper/models/application_mixin.rb +50 -5
- data/lib/doorkeeper/models/concerns/accessible.rb +2 -0
- data/lib/doorkeeper/models/concerns/expirable.rb +7 -3
- data/lib/doorkeeper/models/concerns/orderable.rb +2 -0
- data/lib/doorkeeper/models/concerns/ownership.rb +4 -7
- data/lib/doorkeeper/models/concerns/resource_ownerable.rb +47 -0
- data/lib/doorkeeper/models/concerns/reusable.rb +19 -0
- data/lib/doorkeeper/models/concerns/revocable.rb +3 -27
- data/lib/doorkeeper/models/concerns/scopes.rb +12 -2
- data/lib/doorkeeper/models/concerns/secret_storable.rb +106 -0
- data/lib/doorkeeper/oauth/authorization/code.rb +48 -12
- data/lib/doorkeeper/oauth/authorization/context.rb +17 -0
- data/lib/doorkeeper/oauth/authorization/token.rb +58 -24
- data/lib/doorkeeper/oauth/authorization/uri_builder.rb +7 -5
- data/lib/doorkeeper/oauth/authorization_code_request.rb +58 -10
- data/lib/doorkeeper/oauth/base_request.rb +35 -24
- data/lib/doorkeeper/oauth/base_response.rb +2 -0
- data/lib/doorkeeper/oauth/client/credentials.rb +5 -5
- data/lib/doorkeeper/oauth/client.rb +10 -11
- data/lib/doorkeeper/oauth/client_credentials/creator.rb +47 -4
- data/lib/doorkeeper/oauth/client_credentials/issuer.rb +16 -9
- data/lib/doorkeeper/oauth/client_credentials/validator.rb +56 -0
- data/lib/doorkeeper/oauth/client_credentials_request.rb +10 -11
- data/lib/doorkeeper/oauth/code_request.rb +8 -12
- data/lib/doorkeeper/oauth/code_response.rb +27 -15
- data/lib/doorkeeper/oauth/error.rb +3 -1
- data/lib/doorkeeper/oauth/error_response.rb +35 -14
- data/lib/doorkeeper/oauth/forbidden_token_response.rb +10 -3
- data/lib/doorkeeper/oauth/helpers/scope_checker.rb +23 -18
- data/lib/doorkeeper/oauth/helpers/unique_token.rb +20 -3
- data/lib/doorkeeper/oauth/helpers/uri_checker.rb +42 -7
- data/lib/doorkeeper/oauth/hooks/context.rb +21 -0
- data/lib/doorkeeper/oauth/invalid_request_response.rb +43 -0
- data/lib/doorkeeper/oauth/invalid_token_response.rb +29 -4
- data/lib/doorkeeper/oauth/nonstandard.rb +39 -0
- data/lib/doorkeeper/oauth/password_access_token_request.rb +43 -10
- data/lib/doorkeeper/oauth/pre_authorization.rb +133 -26
- data/lib/doorkeeper/oauth/refresh_token_request.rb +59 -31
- data/lib/doorkeeper/oauth/scopes.rb +8 -4
- data/lib/doorkeeper/oauth/token.rb +12 -8
- data/lib/doorkeeper/oauth/token_introspection.rb +97 -23
- data/lib/doorkeeper/oauth/token_request.rb +8 -20
- data/lib/doorkeeper/oauth/token_response.rb +14 -10
- data/lib/doorkeeper/oauth.rb +13 -0
- data/lib/doorkeeper/orm/active_record/access_grant.rb +5 -30
- data/lib/doorkeeper/orm/active_record/access_token.rb +5 -43
- data/lib/doorkeeper/orm/active_record/application.rb +6 -57
- data/lib/doorkeeper/orm/active_record/mixins/access_grant.rb +68 -0
- data/lib/doorkeeper/orm/active_record/mixins/access_token.rb +59 -0
- data/lib/doorkeeper/orm/active_record/mixins/application.rb +198 -0
- data/lib/doorkeeper/orm/active_record/redirect_uri_validator.rb +66 -0
- data/lib/doorkeeper/orm/active_record/stale_records_cleaner.rb +33 -0
- data/lib/doorkeeper/orm/active_record.rb +27 -9
- data/lib/doorkeeper/rails/helpers.rb +10 -8
- data/lib/doorkeeper/rails/routes/abstract_router.rb +35 -0
- data/lib/doorkeeper/rails/routes/mapper.rb +4 -2
- data/lib/doorkeeper/rails/routes/mapping.rb +9 -7
- data/lib/doorkeeper/rails/routes/registry.rb +45 -0
- data/lib/doorkeeper/rails/routes.rb +37 -30
- data/lib/doorkeeper/rake/db.rake +40 -0
- data/lib/doorkeeper/rake/setup.rake +11 -0
- data/lib/doorkeeper/rake.rb +14 -0
- data/lib/doorkeeper/request/authorization_code.rb +6 -4
- data/lib/doorkeeper/request/client_credentials.rb +3 -3
- data/lib/doorkeeper/request/code.rb +1 -1
- data/lib/doorkeeper/request/password.rb +4 -3
- data/lib/doorkeeper/request/refresh_token.rb +6 -5
- data/lib/doorkeeper/request/strategy.rb +4 -2
- data/lib/doorkeeper/request/token.rb +1 -1
- data/lib/doorkeeper/request.rb +61 -34
- data/lib/doorkeeper/secret_storing/base.rb +64 -0
- data/lib/doorkeeper/secret_storing/bcrypt.rb +60 -0
- data/lib/doorkeeper/secret_storing/plain.rb +33 -0
- data/lib/doorkeeper/secret_storing/sha256_hash.rb +26 -0
- data/lib/doorkeeper/server.rb +9 -11
- data/lib/doorkeeper/stale_records_cleaner.rb +24 -0
- data/lib/doorkeeper/validations.rb +2 -0
- data/lib/doorkeeper/version.rb +7 -29
- data/lib/doorkeeper.rb +111 -64
- data/lib/generators/doorkeeper/application_owner_generator.rb +24 -18
- data/lib/generators/doorkeeper/confidential_applications_generator.rb +33 -0
- data/lib/generators/doorkeeper/enable_polymorphic_resource_owner_generator.rb +39 -0
- data/lib/generators/doorkeeper/install_generator.rb +19 -9
- data/lib/generators/doorkeeper/migration_generator.rb +23 -18
- data/lib/generators/doorkeeper/pkce_generator.rb +33 -0
- data/lib/generators/doorkeeper/previous_refresh_token_generator.rb +28 -22
- data/{spec/dummy/db/migrate/20180210183654_add_confidential_to_application.rb → lib/generators/doorkeeper/templates/add_confidential_to_applications.rb.erb} +2 -2
- data/lib/generators/doorkeeper/templates/add_owner_to_application_migration.rb.erb +3 -1
- data/lib/generators/doorkeeper/templates/add_previous_refresh_token_to_access_tokens.rb.erb +2 -0
- data/lib/generators/doorkeeper/templates/enable_pkce_migration.rb.erb +8 -0
- data/lib/generators/doorkeeper/templates/enable_polymorphic_resource_owner_migration.rb.erb +17 -0
- data/lib/generators/doorkeeper/templates/initializer.rb +382 -30
- data/lib/generators/doorkeeper/templates/migration.rb.erb +35 -16
- data/lib/generators/doorkeeper/views_generator.rb +8 -4
- data/vendor/assets/stylesheets/doorkeeper/bootstrap.min.css +4 -5
- metadata +95 -309
- data/.coveralls.yml +0 -1
- data/.github/ISSUE_TEMPLATE.md +0 -25
- data/.github/PULL_REQUEST_TEMPLATE.md +0 -17
- data/.gitignore +0 -19
- data/.hound.yml +0 -2
- data/.rspec +0 -1
- data/.rubocop.yml +0 -17
- data/.travis.yml +0 -38
- data/Appraisals +0 -18
- data/CODE_OF_CONDUCT.md +0 -46
- data/CONTRIBUTING.md +0 -47
- data/Gemfile +0 -10
- data/RELEASING.md +0 -10
- data/Rakefile +0 -20
- data/SECURITY.md +0 -15
- data/app/validators/redirect_uri_validator.rb +0 -44
- data/doorkeeper.gemspec +0 -32
- data/gemfiles/rails_4_2.gemfile +0 -13
- data/gemfiles/rails_5_0.gemfile +0 -12
- data/gemfiles/rails_5_1.gemfile +0 -12
- data/gemfiles/rails_5_2.gemfile +0 -12
- data/gemfiles/rails_master.gemfile +0 -14
- data/lib/doorkeeper/oauth/client_credentials/validation.rb +0 -45
- data/lib/generators/doorkeeper/add_client_confidentiality_generator.rb +0 -31
- data/lib/generators/doorkeeper/templates/add_confidential_to_application_migration.rb.erb +0 -11
- data/spec/controllers/application_metal_controller.rb +0 -10
- data/spec/controllers/applications_controller_spec.rb +0 -69
- data/spec/controllers/authorizations_controller_spec.rb +0 -250
- data/spec/controllers/protected_resources_controller_spec.rb +0 -309
- data/spec/controllers/token_info_controller_spec.rb +0 -56
- data/spec/controllers/tokens_controller_spec.rb +0 -274
- data/spec/dummy/Rakefile +0 -7
- data/spec/dummy/app/controllers/application_controller.rb +0 -3
- data/spec/dummy/app/controllers/custom_authorizations_controller.rb +0 -7
- data/spec/dummy/app/controllers/full_protected_resources_controller.rb +0 -12
- data/spec/dummy/app/controllers/home_controller.rb +0 -17
- data/spec/dummy/app/controllers/metal_controller.rb +0 -11
- data/spec/dummy/app/controllers/semi_protected_resources_controller.rb +0 -11
- data/spec/dummy/app/helpers/application_helper.rb +0 -5
- data/spec/dummy/app/models/user.rb +0 -5
- data/spec/dummy/app/views/home/index.html.erb +0 -0
- data/spec/dummy/app/views/layouts/application.html.erb +0 -14
- data/spec/dummy/config/application.rb +0 -23
- data/spec/dummy/config/boot.rb +0 -9
- data/spec/dummy/config/database.yml +0 -15
- data/spec/dummy/config/environment.rb +0 -5
- data/spec/dummy/config/environments/development.rb +0 -29
- data/spec/dummy/config/environments/production.rb +0 -62
- data/spec/dummy/config/environments/test.rb +0 -44
- data/spec/dummy/config/initializers/backtrace_silencers.rb +0 -7
- data/spec/dummy/config/initializers/doorkeeper.rb +0 -112
- data/spec/dummy/config/initializers/new_framework_defaults.rb +0 -6
- data/spec/dummy/config/initializers/secret_token.rb +0 -8
- data/spec/dummy/config/initializers/session_store.rb +0 -8
- data/spec/dummy/config/initializers/wrap_parameters.rb +0 -14
- data/spec/dummy/config/locales/doorkeeper.en.yml +0 -5
- data/spec/dummy/config/routes.rb +0 -52
- data/spec/dummy/config.ru +0 -4
- data/spec/dummy/db/migrate/20111122132257_create_users.rb +0 -11
- data/spec/dummy/db/migrate/20120312140401_add_password_to_users.rb +0 -7
- data/spec/dummy/db/migrate/20151223192035_create_doorkeeper_tables.rb +0 -62
- data/spec/dummy/db/migrate/20151223200000_add_owner_to_application.rb +0 -9
- data/spec/dummy/db/migrate/20160320211015_add_previous_refresh_token_to_access_tokens.rb +0 -13
- data/spec/dummy/db/schema.rb +0 -68
- data/spec/dummy/public/404.html +0 -26
- data/spec/dummy/public/422.html +0 -26
- data/spec/dummy/public/500.html +0 -26
- data/spec/dummy/public/favicon.ico +0 -0
- data/spec/dummy/script/rails +0 -6
- data/spec/factories.rb +0 -28
- data/spec/generators/application_owner_generator_spec.rb +0 -41
- data/spec/generators/install_generator_spec.rb +0 -31
- data/spec/generators/migration_generator_spec.rb +0 -41
- data/spec/generators/previous_refresh_token_generator_spec.rb +0 -57
- data/spec/generators/templates/routes.rb +0 -3
- data/spec/generators/views_generator_spec.rb +0 -27
- data/spec/grape/grape_integration_spec.rb +0 -135
- data/spec/helpers/doorkeeper/dashboard_helper_spec.rb +0 -24
- data/spec/lib/config_spec.rb +0 -462
- data/spec/lib/doorkeeper_spec.rb +0 -150
- data/spec/lib/models/expirable_spec.rb +0 -50
- data/spec/lib/models/revocable_spec.rb +0 -59
- data/spec/lib/models/scopes_spec.rb +0 -43
- data/spec/lib/oauth/authorization/uri_builder_spec.rb +0 -41
- data/spec/lib/oauth/authorization_code_request_spec.rb +0 -123
- data/spec/lib/oauth/base_request_spec.rb +0 -155
- data/spec/lib/oauth/base_response_spec.rb +0 -45
- data/spec/lib/oauth/client/credentials_spec.rb +0 -90
- data/spec/lib/oauth/client_credentials/creator_spec.rb +0 -44
- data/spec/lib/oauth/client_credentials/issuer_spec.rb +0 -86
- data/spec/lib/oauth/client_credentials/validation_spec.rb +0 -54
- data/spec/lib/oauth/client_credentials_integration_spec.rb +0 -27
- data/spec/lib/oauth/client_credentials_request_spec.rb +0 -105
- data/spec/lib/oauth/client_spec.rb +0 -39
- data/spec/lib/oauth/code_request_spec.rb +0 -43
- data/spec/lib/oauth/code_response_spec.rb +0 -34
- data/spec/lib/oauth/error_response_spec.rb +0 -61
- data/spec/lib/oauth/error_spec.rb +0 -23
- data/spec/lib/oauth/forbidden_token_response_spec.rb +0 -23
- data/spec/lib/oauth/helpers/scope_checker_spec.rb +0 -64
- data/spec/lib/oauth/helpers/unique_token_spec.rb +0 -20
- data/spec/lib/oauth/helpers/uri_checker_spec.rb +0 -218
- data/spec/lib/oauth/invalid_token_response_spec.rb +0 -56
- data/spec/lib/oauth/password_access_token_request_spec.rb +0 -96
- data/spec/lib/oauth/pre_authorization_spec.rb +0 -160
- data/spec/lib/oauth/refresh_token_request_spec.rb +0 -166
- data/spec/lib/oauth/scopes_spec.rb +0 -149
- data/spec/lib/oauth/token_request_spec.rb +0 -96
- data/spec/lib/oauth/token_response_spec.rb +0 -85
- data/spec/lib/oauth/token_spec.rb +0 -116
- data/spec/lib/request/strategy_spec.rb +0 -53
- data/spec/lib/server_spec.rb +0 -59
- data/spec/models/doorkeeper/access_grant_spec.rb +0 -36
- data/spec/models/doorkeeper/access_token_spec.rb +0 -418
- data/spec/models/doorkeeper/application_spec.rb +0 -303
- data/spec/requests/applications/applications_request_spec.rb +0 -94
- data/spec/requests/applications/authorized_applications_spec.rb +0 -30
- data/spec/requests/endpoints/authorization_spec.rb +0 -71
- data/spec/requests/endpoints/token_spec.rb +0 -71
- data/spec/requests/flows/authorization_code_errors_spec.rb +0 -76
- data/spec/requests/flows/authorization_code_spec.rb +0 -149
- data/spec/requests/flows/client_credentials_spec.rb +0 -86
- data/spec/requests/flows/implicit_grant_errors_spec.rb +0 -32
- data/spec/requests/flows/implicit_grant_spec.rb +0 -61
- data/spec/requests/flows/password_spec.rb +0 -197
- data/spec/requests/flows/refresh_token_spec.rb +0 -174
- data/spec/requests/flows/revoke_token_spec.rb +0 -157
- data/spec/requests/flows/skip_authorization_spec.rb +0 -59
- data/spec/requests/protected_resources/metal_spec.rb +0 -14
- data/spec/requests/protected_resources/private_api_spec.rb +0 -81
- data/spec/routing/custom_controller_routes_spec.rb +0 -75
- data/spec/routing/default_routes_spec.rb +0 -39
- data/spec/routing/scoped_routes_spec.rb +0 -31
- data/spec/spec_helper.rb +0 -4
- data/spec/spec_helper_integration.rb +0 -74
- data/spec/support/dependencies/factory_girl.rb +0 -2
- data/spec/support/helpers/access_token_request_helper.rb +0 -11
- data/spec/support/helpers/authorization_request_helper.rb +0 -41
- data/spec/support/helpers/config_helper.rb +0 -9
- data/spec/support/helpers/model_helper.rb +0 -72
- data/spec/support/helpers/request_spec_helper.rb +0 -88
- data/spec/support/helpers/url_helper.rb +0 -56
- data/spec/support/http_method_shim.rb +0 -38
- data/spec/support/orm/active_record.rb +0 -3
- data/spec/support/shared/controllers_shared_context.rb +0 -65
- data/spec/support/shared/models_shared_examples.rb +0 -52
- data/spec/validators/redirect_uri_validator_spec.rb +0 -123
- data/spec/version/version_spec.rb +0 -15
|
@@ -1,9 +0,0 @@
|
|
|
1
|
-
# frozen_string_literal: true
|
|
2
|
-
|
|
3
|
-
class AddOwnerToApplication < ActiveRecord::Migration[4.2]
|
|
4
|
-
def change
|
|
5
|
-
add_column :oauth_applications, :owner_id, :integer, null: true
|
|
6
|
-
add_column :oauth_applications, :owner_type, :string, null: true
|
|
7
|
-
add_index :oauth_applications, [:owner_id, :owner_type]
|
|
8
|
-
end
|
|
9
|
-
end
|
data/spec/dummy/db/schema.rb
DELETED
|
@@ -1,68 +0,0 @@
|
|
|
1
|
-
# encoding: UTF-8
|
|
2
|
-
# This file is auto-generated from the current state of the database. Instead
|
|
3
|
-
# of editing this file, please use the migrations feature of Active Record to
|
|
4
|
-
# incrementally modify your database, and then regenerate this schema definition.
|
|
5
|
-
#
|
|
6
|
-
# Note that this schema.rb definition is the authoritative source for your
|
|
7
|
-
# database schema. If you need to create the application database on another
|
|
8
|
-
# system, you should be using db:schema:load, not running all the migrations
|
|
9
|
-
# from scratch. The latter is a flawed and unsustainable approach (the more migrations
|
|
10
|
-
# you'll amass, the slower it'll run and the greater likelihood for issues).
|
|
11
|
-
#
|
|
12
|
-
# It's strongly recommended that you check this file into your version control system.
|
|
13
|
-
|
|
14
|
-
ActiveRecord::Schema.define(version: 20180210183654) do
|
|
15
|
-
|
|
16
|
-
create_table "oauth_access_grants", force: :cascade do |t|
|
|
17
|
-
t.integer "resource_owner_id", null: false
|
|
18
|
-
t.integer "application_id", null: false
|
|
19
|
-
t.string "token", null: false
|
|
20
|
-
t.integer "expires_in", null: false
|
|
21
|
-
t.text "redirect_uri", null: false
|
|
22
|
-
t.datetime "created_at", null: false
|
|
23
|
-
t.datetime "revoked_at"
|
|
24
|
-
t.string "scopes"
|
|
25
|
-
end
|
|
26
|
-
|
|
27
|
-
add_index "oauth_access_grants", ["token"], name: "index_oauth_access_grants_on_token", unique: true
|
|
28
|
-
|
|
29
|
-
create_table "oauth_access_tokens", force: :cascade do |t|
|
|
30
|
-
t.integer "resource_owner_id"
|
|
31
|
-
t.integer "application_id"
|
|
32
|
-
t.string "token", null: false
|
|
33
|
-
t.string "refresh_token"
|
|
34
|
-
t.integer "expires_in"
|
|
35
|
-
t.datetime "revoked_at"
|
|
36
|
-
t.datetime "created_at", null: false
|
|
37
|
-
t.string "scopes"
|
|
38
|
-
t.string "previous_refresh_token", default: "", null: false
|
|
39
|
-
end
|
|
40
|
-
|
|
41
|
-
add_index "oauth_access_tokens", ["refresh_token"], name: "index_oauth_access_tokens_on_refresh_token", unique: true
|
|
42
|
-
add_index "oauth_access_tokens", ["resource_owner_id"], name: "index_oauth_access_tokens_on_resource_owner_id"
|
|
43
|
-
add_index "oauth_access_tokens", ["token"], name: "index_oauth_access_tokens_on_token", unique: true
|
|
44
|
-
|
|
45
|
-
create_table "oauth_applications", force: :cascade do |t|
|
|
46
|
-
t.string "name", null: false
|
|
47
|
-
t.string "uid", null: false
|
|
48
|
-
t.string "secret", null: false
|
|
49
|
-
t.text "redirect_uri", null: false
|
|
50
|
-
t.string "scopes", default: "", null: false
|
|
51
|
-
t.datetime "created_at"
|
|
52
|
-
t.datetime "updated_at"
|
|
53
|
-
t.integer "owner_id"
|
|
54
|
-
t.string "owner_type"
|
|
55
|
-
t.boolean "confidential", default: true, null: false
|
|
56
|
-
end
|
|
57
|
-
|
|
58
|
-
add_index "oauth_applications", ["owner_id", "owner_type"], name: "index_oauth_applications_on_owner_id_and_owner_type"
|
|
59
|
-
add_index "oauth_applications", ["uid"], name: "index_oauth_applications_on_uid", unique: true
|
|
60
|
-
|
|
61
|
-
create_table "users", force: :cascade do |t|
|
|
62
|
-
t.string "name"
|
|
63
|
-
t.datetime "created_at"
|
|
64
|
-
t.datetime "updated_at"
|
|
65
|
-
t.string "password"
|
|
66
|
-
end
|
|
67
|
-
|
|
68
|
-
end
|
data/spec/dummy/public/404.html
DELETED
|
@@ -1,26 +0,0 @@
|
|
|
1
|
-
<!DOCTYPE html>
|
|
2
|
-
<html>
|
|
3
|
-
<head>
|
|
4
|
-
<title>The page you were looking for doesn't exist (404)</title>
|
|
5
|
-
<style type="text/css">
|
|
6
|
-
body { background-color: #fff; color: #666; text-align: center; font-family: arial, sans-serif; }
|
|
7
|
-
div.dialog {
|
|
8
|
-
width: 25em;
|
|
9
|
-
padding: 0 4em;
|
|
10
|
-
margin: 4em auto 0 auto;
|
|
11
|
-
border: 1px solid #ccc;
|
|
12
|
-
border-right-color: #999;
|
|
13
|
-
border-bottom-color: #999;
|
|
14
|
-
}
|
|
15
|
-
h1 { font-size: 100%; color: #f00; line-height: 1.5em; }
|
|
16
|
-
</style>
|
|
17
|
-
</head>
|
|
18
|
-
|
|
19
|
-
<body>
|
|
20
|
-
<!-- This file lives in public/404.html -->
|
|
21
|
-
<div class="dialog">
|
|
22
|
-
<h1>The page you were looking for doesn't exist.</h1>
|
|
23
|
-
<p>You may have mistyped the address or the page may have moved.</p>
|
|
24
|
-
</div>
|
|
25
|
-
</body>
|
|
26
|
-
</html>
|
data/spec/dummy/public/422.html
DELETED
|
@@ -1,26 +0,0 @@
|
|
|
1
|
-
<!DOCTYPE html>
|
|
2
|
-
<html>
|
|
3
|
-
<head>
|
|
4
|
-
<title>The change you wanted was rejected (422)</title>
|
|
5
|
-
<style type="text/css">
|
|
6
|
-
body { background-color: #fff; color: #666; text-align: center; font-family: arial, sans-serif; }
|
|
7
|
-
div.dialog {
|
|
8
|
-
width: 25em;
|
|
9
|
-
padding: 0 4em;
|
|
10
|
-
margin: 4em auto 0 auto;
|
|
11
|
-
border: 1px solid #ccc;
|
|
12
|
-
border-right-color: #999;
|
|
13
|
-
border-bottom-color: #999;
|
|
14
|
-
}
|
|
15
|
-
h1 { font-size: 100%; color: #f00; line-height: 1.5em; }
|
|
16
|
-
</style>
|
|
17
|
-
</head>
|
|
18
|
-
|
|
19
|
-
<body>
|
|
20
|
-
<!-- This file lives in public/422.html -->
|
|
21
|
-
<div class="dialog">
|
|
22
|
-
<h1>The change you wanted was rejected.</h1>
|
|
23
|
-
<p>Maybe you tried to change something you didn't have access to.</p>
|
|
24
|
-
</div>
|
|
25
|
-
</body>
|
|
26
|
-
</html>
|
data/spec/dummy/public/500.html
DELETED
|
@@ -1,26 +0,0 @@
|
|
|
1
|
-
<!DOCTYPE html>
|
|
2
|
-
<html>
|
|
3
|
-
<head>
|
|
4
|
-
<title>We're sorry, but something went wrong (500)</title>
|
|
5
|
-
<style type="text/css">
|
|
6
|
-
body { background-color: #fff; color: #666; text-align: center; font-family: arial, sans-serif; }
|
|
7
|
-
div.dialog {
|
|
8
|
-
width: 25em;
|
|
9
|
-
padding: 0 4em;
|
|
10
|
-
margin: 4em auto 0 auto;
|
|
11
|
-
border: 1px solid #ccc;
|
|
12
|
-
border-right-color: #999;
|
|
13
|
-
border-bottom-color: #999;
|
|
14
|
-
}
|
|
15
|
-
h1 { font-size: 100%; color: #f00; line-height: 1.5em; }
|
|
16
|
-
</style>
|
|
17
|
-
</head>
|
|
18
|
-
|
|
19
|
-
<body>
|
|
20
|
-
<!-- This file lives in public/500.html -->
|
|
21
|
-
<div class="dialog">
|
|
22
|
-
<h1>We're sorry, but something went wrong.</h1>
|
|
23
|
-
<p>We've been notified about this issue and we'll take a look at it shortly.</p>
|
|
24
|
-
</div>
|
|
25
|
-
</body>
|
|
26
|
-
</html>
|
|
File without changes
|
data/spec/dummy/script/rails
DELETED
|
@@ -1,6 +0,0 @@
|
|
|
1
|
-
#!/usr/bin/env ruby
|
|
2
|
-
# This command will automatically be run when you run "rails" with Rails 3 gems installed from the root of your application.
|
|
3
|
-
|
|
4
|
-
APP_PATH = File.expand_path('../../config/application', __FILE__)
|
|
5
|
-
require File.expand_path('../../config/boot', __FILE__)
|
|
6
|
-
require 'rails/commands'
|
data/spec/factories.rb
DELETED
|
@@ -1,28 +0,0 @@
|
|
|
1
|
-
FactoryBot.define do
|
|
2
|
-
factory :access_grant, class: Doorkeeper::AccessGrant do
|
|
3
|
-
sequence(:resource_owner_id) { |n| n }
|
|
4
|
-
application
|
|
5
|
-
redirect_uri 'https://app.com/callback'
|
|
6
|
-
expires_in 100
|
|
7
|
-
scopes 'public write'
|
|
8
|
-
end
|
|
9
|
-
|
|
10
|
-
factory :access_token, class: Doorkeeper::AccessToken do
|
|
11
|
-
sequence(:resource_owner_id) { |n| n }
|
|
12
|
-
application
|
|
13
|
-
expires_in 2.hours
|
|
14
|
-
|
|
15
|
-
factory :clientless_access_token do
|
|
16
|
-
application nil
|
|
17
|
-
end
|
|
18
|
-
end
|
|
19
|
-
|
|
20
|
-
factory :application, class: Doorkeeper::Application do
|
|
21
|
-
sequence(:name) { |n| "Application #{n}" }
|
|
22
|
-
redirect_uri 'https://app.com/callback'
|
|
23
|
-
end
|
|
24
|
-
|
|
25
|
-
# do not name this factory :user, otherwise it will conflict with factories
|
|
26
|
-
# from applications that use doorkeeper factories in their own tests
|
|
27
|
-
factory :doorkeeper_testing_user, class: :user
|
|
28
|
-
end
|
|
@@ -1,41 +0,0 @@
|
|
|
1
|
-
require 'spec_helper_integration'
|
|
2
|
-
require 'generators/doorkeeper/application_owner_generator'
|
|
3
|
-
|
|
4
|
-
describe 'Doorkeeper::ApplicationOwnerGenerator' do
|
|
5
|
-
include GeneratorSpec::TestCase
|
|
6
|
-
|
|
7
|
-
tests Doorkeeper::ApplicationOwnerGenerator
|
|
8
|
-
destination ::File.expand_path('../tmp/dummy', __FILE__)
|
|
9
|
-
|
|
10
|
-
describe 'after running the generator' do
|
|
11
|
-
before :each do
|
|
12
|
-
prepare_destination
|
|
13
|
-
end
|
|
14
|
-
|
|
15
|
-
context 'pre Rails 5.0.0' do
|
|
16
|
-
it 'creates a migration with no version specifier' do
|
|
17
|
-
stub_const("ActiveRecord::VERSION::MAJOR", 4)
|
|
18
|
-
stub_const("ActiveRecord::VERSION::MINOR", 2)
|
|
19
|
-
|
|
20
|
-
run_generator
|
|
21
|
-
|
|
22
|
-
assert_migration 'db/migrate/add_owner_to_application.rb' do |migration|
|
|
23
|
-
assert migration.include?("ActiveRecord::Migration\n")
|
|
24
|
-
end
|
|
25
|
-
end
|
|
26
|
-
end
|
|
27
|
-
|
|
28
|
-
context 'post Rails 5.0.0' do
|
|
29
|
-
it 'creates a migration with a version specifier' do
|
|
30
|
-
stub_const("ActiveRecord::VERSION::MAJOR", 5)
|
|
31
|
-
stub_const("ActiveRecord::VERSION::MINOR", 0)
|
|
32
|
-
|
|
33
|
-
run_generator
|
|
34
|
-
|
|
35
|
-
assert_migration 'db/migrate/add_owner_to_application.rb' do |migration|
|
|
36
|
-
assert migration.include?("ActiveRecord::Migration[5.0]\n")
|
|
37
|
-
end
|
|
38
|
-
end
|
|
39
|
-
end
|
|
40
|
-
end
|
|
41
|
-
end
|
|
@@ -1,31 +0,0 @@
|
|
|
1
|
-
require 'spec_helper_integration'
|
|
2
|
-
require 'generators/doorkeeper/install_generator'
|
|
3
|
-
|
|
4
|
-
describe 'Doorkeeper::InstallGenerator' do
|
|
5
|
-
include GeneratorSpec::TestCase
|
|
6
|
-
|
|
7
|
-
tests Doorkeeper::InstallGenerator
|
|
8
|
-
destination ::File.expand_path('../tmp/dummy', __FILE__)
|
|
9
|
-
|
|
10
|
-
describe 'after running the generator' do
|
|
11
|
-
before :each do
|
|
12
|
-
prepare_destination
|
|
13
|
-
FileUtils.mkdir(::File.expand_path('config', Pathname(destination_root)))
|
|
14
|
-
FileUtils.mkdir(::File.expand_path('db', Pathname(destination_root)))
|
|
15
|
-
FileUtils.copy_file(::File.expand_path('../templates/routes.rb', __FILE__), ::File.expand_path('config/routes.rb', Pathname.new(destination_root)))
|
|
16
|
-
run_generator
|
|
17
|
-
end
|
|
18
|
-
|
|
19
|
-
it 'creates an initializer file' do
|
|
20
|
-
assert_file 'config/initializers/doorkeeper.rb'
|
|
21
|
-
end
|
|
22
|
-
|
|
23
|
-
it 'copies the locale file' do
|
|
24
|
-
assert_file 'config/locales/doorkeeper.en.yml'
|
|
25
|
-
end
|
|
26
|
-
|
|
27
|
-
it 'adds sample route' do
|
|
28
|
-
assert_file 'config/routes.rb', /use_doorkeeper/
|
|
29
|
-
end
|
|
30
|
-
end
|
|
31
|
-
end
|
|
@@ -1,41 +0,0 @@
|
|
|
1
|
-
require 'spec_helper_integration'
|
|
2
|
-
require 'generators/doorkeeper/migration_generator'
|
|
3
|
-
|
|
4
|
-
describe 'Doorkeeper::MigrationGenerator' do
|
|
5
|
-
include GeneratorSpec::TestCase
|
|
6
|
-
|
|
7
|
-
tests Doorkeeper::MigrationGenerator
|
|
8
|
-
destination ::File.expand_path('../tmp/dummy', __FILE__)
|
|
9
|
-
|
|
10
|
-
describe 'after running the generator' do
|
|
11
|
-
before :each do
|
|
12
|
-
prepare_destination
|
|
13
|
-
end
|
|
14
|
-
|
|
15
|
-
context 'pre Rails 5.0.0' do
|
|
16
|
-
it 'creates a migration with no version specifier' do
|
|
17
|
-
stub_const('ActiveRecord::VERSION::MAJOR', 4)
|
|
18
|
-
stub_const('ActiveRecord::VERSION::MINOR', 2)
|
|
19
|
-
|
|
20
|
-
run_generator
|
|
21
|
-
|
|
22
|
-
assert_migration 'db/migrate/create_doorkeeper_tables.rb' do |migration|
|
|
23
|
-
assert migration.include?("ActiveRecord::Migration\n")
|
|
24
|
-
end
|
|
25
|
-
end
|
|
26
|
-
end
|
|
27
|
-
|
|
28
|
-
context 'post Rails 5.0.0' do
|
|
29
|
-
it 'creates a migration with a version specifier' do
|
|
30
|
-
stub_const('ActiveRecord::VERSION::MAJOR', 5)
|
|
31
|
-
stub_const('ActiveRecord::VERSION::MINOR', 0)
|
|
32
|
-
|
|
33
|
-
run_generator
|
|
34
|
-
|
|
35
|
-
assert_migration 'db/migrate/create_doorkeeper_tables.rb' do |migration|
|
|
36
|
-
assert migration.include?("ActiveRecord::Migration[5.0]\n")
|
|
37
|
-
end
|
|
38
|
-
end
|
|
39
|
-
end
|
|
40
|
-
end
|
|
41
|
-
end
|
|
@@ -1,57 +0,0 @@
|
|
|
1
|
-
require 'spec_helper_integration'
|
|
2
|
-
require 'generators/doorkeeper/previous_refresh_token_generator'
|
|
3
|
-
|
|
4
|
-
describe 'Doorkeeper::PreviousRefreshTokenGenerator' do
|
|
5
|
-
include GeneratorSpec::TestCase
|
|
6
|
-
|
|
7
|
-
tests Doorkeeper::PreviousRefreshTokenGenerator
|
|
8
|
-
destination ::File.expand_path('../tmp/dummy', __FILE__)
|
|
9
|
-
|
|
10
|
-
describe 'after running the generator' do
|
|
11
|
-
before :each do
|
|
12
|
-
prepare_destination
|
|
13
|
-
|
|
14
|
-
allow_any_instance_of(Doorkeeper::PreviousRefreshTokenGenerator).to(
|
|
15
|
-
receive(:no_previous_refresh_token_column?).and_return(true)
|
|
16
|
-
)
|
|
17
|
-
end
|
|
18
|
-
|
|
19
|
-
context 'pre Rails 5.0.0' do
|
|
20
|
-
it 'creates a migration with no version specifier' do
|
|
21
|
-
stub_const('ActiveRecord::VERSION::MAJOR', 4)
|
|
22
|
-
stub_const('ActiveRecord::VERSION::MINOR', 2)
|
|
23
|
-
|
|
24
|
-
run_generator
|
|
25
|
-
|
|
26
|
-
assert_migration 'db/migrate/add_previous_refresh_token_to_access_tokens.rb' do |migration|
|
|
27
|
-
assert migration.include?("ActiveRecord::Migration\n")
|
|
28
|
-
end
|
|
29
|
-
end
|
|
30
|
-
end
|
|
31
|
-
|
|
32
|
-
context 'post Rails 5.0.0' do
|
|
33
|
-
it 'creates a migration with a version specifier' do
|
|
34
|
-
stub_const('ActiveRecord::VERSION::MAJOR', 5)
|
|
35
|
-
stub_const('ActiveRecord::VERSION::MINOR', 0)
|
|
36
|
-
|
|
37
|
-
run_generator
|
|
38
|
-
|
|
39
|
-
assert_migration 'db/migrate/add_previous_refresh_token_to_access_tokens.rb' do |migration|
|
|
40
|
-
assert migration.include?("ActiveRecord::Migration[5.0]\n")
|
|
41
|
-
end
|
|
42
|
-
end
|
|
43
|
-
end
|
|
44
|
-
|
|
45
|
-
context 'already exist' do
|
|
46
|
-
it 'does not create a migration' do
|
|
47
|
-
allow_any_instance_of(Doorkeeper::PreviousRefreshTokenGenerator).to(
|
|
48
|
-
receive(:no_previous_refresh_token_column?).and_call_original
|
|
49
|
-
)
|
|
50
|
-
|
|
51
|
-
run_generator
|
|
52
|
-
|
|
53
|
-
assert_no_migration 'db/migrate/add_previous_refresh_token_to_access_tokens.rb'
|
|
54
|
-
end
|
|
55
|
-
end
|
|
56
|
-
end
|
|
57
|
-
end
|
|
@@ -1,27 +0,0 @@
|
|
|
1
|
-
require 'spec_helper_integration'
|
|
2
|
-
require 'generators/doorkeeper/views_generator'
|
|
3
|
-
|
|
4
|
-
describe Doorkeeper::Generators::ViewsGenerator do
|
|
5
|
-
include GeneratorSpec::TestCase
|
|
6
|
-
|
|
7
|
-
tests Doorkeeper::Generators::ViewsGenerator
|
|
8
|
-
destination File.expand_path('../tmp/dummy', __FILE__)
|
|
9
|
-
|
|
10
|
-
before :each do
|
|
11
|
-
prepare_destination
|
|
12
|
-
end
|
|
13
|
-
|
|
14
|
-
it 'create all views' do
|
|
15
|
-
run_generator
|
|
16
|
-
assert_file 'app/views/doorkeeper/applications/_form.html.erb'
|
|
17
|
-
assert_file 'app/views/doorkeeper/applications/edit.html.erb'
|
|
18
|
-
assert_file 'app/views/doorkeeper/applications/index.html.erb'
|
|
19
|
-
assert_file 'app/views/doorkeeper/applications/new.html.erb'
|
|
20
|
-
assert_file 'app/views/doorkeeper/applications/show.html.erb'
|
|
21
|
-
|
|
22
|
-
assert_file 'app/views/doorkeeper/authorizations/error.html.erb'
|
|
23
|
-
assert_file 'app/views/doorkeeper/authorizations/new.html.erb'
|
|
24
|
-
|
|
25
|
-
assert_file 'app/views/doorkeeper/authorized_applications/index.html.erb'
|
|
26
|
-
end
|
|
27
|
-
end
|
|
@@ -1,135 +0,0 @@
|
|
|
1
|
-
require 'spec_helper_integration'
|
|
2
|
-
require 'grape'
|
|
3
|
-
require 'rack/test'
|
|
4
|
-
require 'doorkeeper/grape/helpers'
|
|
5
|
-
|
|
6
|
-
# Test Grape API application
|
|
7
|
-
module GrapeApp
|
|
8
|
-
class API < Grape::API
|
|
9
|
-
version 'v1', using: :path
|
|
10
|
-
format :json
|
|
11
|
-
prefix :api
|
|
12
|
-
|
|
13
|
-
helpers Doorkeeper::Grape::Helpers
|
|
14
|
-
|
|
15
|
-
resource :protected do
|
|
16
|
-
before do
|
|
17
|
-
doorkeeper_authorize!
|
|
18
|
-
end
|
|
19
|
-
|
|
20
|
-
desc 'Protected resource, requires token.'
|
|
21
|
-
|
|
22
|
-
get :status do
|
|
23
|
-
{ token: doorkeeper_token.token }
|
|
24
|
-
end
|
|
25
|
-
end
|
|
26
|
-
|
|
27
|
-
resource :protected_with_endpoint_scopes do
|
|
28
|
-
before do
|
|
29
|
-
doorkeeper_authorize!
|
|
30
|
-
end
|
|
31
|
-
|
|
32
|
-
desc 'Protected resource, requires token with scopes (defined in endpoint).'
|
|
33
|
-
|
|
34
|
-
get :status, scopes: [:admin] do
|
|
35
|
-
{ response: 'OK' }
|
|
36
|
-
end
|
|
37
|
-
end
|
|
38
|
-
|
|
39
|
-
resource :protected_with_helper_scopes do
|
|
40
|
-
before do
|
|
41
|
-
doorkeeper_authorize! :admin
|
|
42
|
-
end
|
|
43
|
-
|
|
44
|
-
desc 'Protected resource, requires token with scopes (defined in helper).'
|
|
45
|
-
|
|
46
|
-
get :status do
|
|
47
|
-
{ response: 'OK' }
|
|
48
|
-
end
|
|
49
|
-
end
|
|
50
|
-
|
|
51
|
-
resource :public do
|
|
52
|
-
desc "Public resource, no token required."
|
|
53
|
-
|
|
54
|
-
get :status do
|
|
55
|
-
{ response: 'OK' }
|
|
56
|
-
end
|
|
57
|
-
end
|
|
58
|
-
end
|
|
59
|
-
end
|
|
60
|
-
|
|
61
|
-
describe 'Grape integration' do
|
|
62
|
-
include Rack::Test::Methods
|
|
63
|
-
|
|
64
|
-
def app
|
|
65
|
-
GrapeApp::API
|
|
66
|
-
end
|
|
67
|
-
|
|
68
|
-
def json_body
|
|
69
|
-
JSON.parse(last_response.body)
|
|
70
|
-
end
|
|
71
|
-
|
|
72
|
-
let(:client) { FactoryBot.create(:application) }
|
|
73
|
-
let(:resource) { FactoryBot.create(:doorkeeper_testing_user, name: 'Joe', password: 'sekret') }
|
|
74
|
-
let(:access_token) { client_is_authorized(client, resource) }
|
|
75
|
-
|
|
76
|
-
context 'with valid Access Token' do
|
|
77
|
-
it 'successfully requests protected resource' do
|
|
78
|
-
get "api/v1/protected/status.json?access_token=#{access_token.token}"
|
|
79
|
-
|
|
80
|
-
expect(last_response).to be_successful
|
|
81
|
-
|
|
82
|
-
expect(json_body['token']).to eq(access_token.token)
|
|
83
|
-
end
|
|
84
|
-
|
|
85
|
-
it 'successfully requests protected resource with token that has required scopes (Grape endpoint)' do
|
|
86
|
-
access_token = client_is_authorized(client, resource, scopes: 'admin')
|
|
87
|
-
|
|
88
|
-
get "api/v1/protected_with_endpoint_scopes/status.json?access_token=#{access_token.token}"
|
|
89
|
-
|
|
90
|
-
expect(last_response).to be_successful
|
|
91
|
-
expect(json_body).to have_key('response')
|
|
92
|
-
end
|
|
93
|
-
|
|
94
|
-
it 'successfully requests protected resource with token that has required scopes (Doorkeeper helper)' do
|
|
95
|
-
access_token = client_is_authorized(client, resource, scopes: 'admin')
|
|
96
|
-
|
|
97
|
-
get "api/v1/protected_with_helper_scopes/status.json?access_token=#{access_token.token}"
|
|
98
|
-
|
|
99
|
-
expect(last_response).to be_successful
|
|
100
|
-
expect(json_body).to have_key('response')
|
|
101
|
-
end
|
|
102
|
-
|
|
103
|
-
it 'successfully requests public resource' do
|
|
104
|
-
get "api/v1/public/status.json"
|
|
105
|
-
|
|
106
|
-
expect(last_response).to be_successful
|
|
107
|
-
expect(json_body).to have_key('response')
|
|
108
|
-
end
|
|
109
|
-
end
|
|
110
|
-
|
|
111
|
-
context 'with invalid Access Token' do
|
|
112
|
-
it 'fails without access token' do
|
|
113
|
-
get "api/v1/protected/status.json"
|
|
114
|
-
|
|
115
|
-
expect(last_response).not_to be_successful
|
|
116
|
-
expect(json_body).to have_key('error')
|
|
117
|
-
end
|
|
118
|
-
|
|
119
|
-
it 'fails for access token without scopes' do
|
|
120
|
-
get "api/v1/protected_with_endpoint_scopes/status.json?access_token=#{access_token.token}"
|
|
121
|
-
|
|
122
|
-
expect(last_response).not_to be_successful
|
|
123
|
-
expect(json_body).to have_key('error')
|
|
124
|
-
end
|
|
125
|
-
|
|
126
|
-
it 'fails for access token with invalid scopes' do
|
|
127
|
-
access_token = client_is_authorized(client, resource, scopes: 'read write')
|
|
128
|
-
|
|
129
|
-
get "api/v1/protected_with_endpoint_scopes/status.json?access_token=#{access_token.token}"
|
|
130
|
-
|
|
131
|
-
expect(last_response).not_to be_successful
|
|
132
|
-
expect(json_body).to have_key('error')
|
|
133
|
-
end
|
|
134
|
-
end
|
|
135
|
-
end
|