doorkeeper 4.4.3 → 5.6.6
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +5 -5
- data/{NEWS.md → CHANGELOG.md} +461 -19
- data/README.md +108 -403
- data/app/assets/stylesheets/doorkeeper/admin/application.css +2 -2
- data/app/controllers/doorkeeper/application_controller.rb +8 -5
- data/app/controllers/doorkeeper/application_metal_controller.rb +7 -11
- data/app/controllers/doorkeeper/applications_controller.rb +62 -27
- data/app/controllers/doorkeeper/authorizations_controller.rb +112 -18
- data/app/controllers/doorkeeper/authorized_applications_controller.rb +22 -3
- data/app/controllers/doorkeeper/token_info_controller.rb +16 -4
- data/app/controllers/doorkeeper/tokens_controller.rb +104 -35
- data/app/helpers/doorkeeper/dashboard_helper.rb +9 -7
- data/app/views/doorkeeper/applications/_delete_form.html.erb +3 -1
- data/app/views/doorkeeper/applications/_form.html.erb +27 -26
- data/app/views/doorkeeper/applications/edit.html.erb +1 -1
- data/app/views/doorkeeper/applications/index.html.erb +17 -7
- data/app/views/doorkeeper/applications/new.html.erb +1 -1
- data/app/views/doorkeeper/applications/show.html.erb +38 -17
- data/app/views/doorkeeper/authorizations/error.html.erb +4 -2
- data/app/views/doorkeeper/authorizations/form_post.html.erb +15 -0
- data/app/views/doorkeeper/authorizations/new.html.erb +16 -10
- data/app/views/layouts/doorkeeper/admin.html.erb +16 -14
- data/config/locales/en.yml +26 -3
- data/lib/doorkeeper/config/abstract_builder.rb +28 -0
- data/lib/doorkeeper/config/option.rb +82 -0
- data/lib/doorkeeper/config/validations.rb +53 -0
- data/lib/doorkeeper/config.rb +470 -149
- data/lib/doorkeeper/engine.rb +17 -4
- data/lib/doorkeeper/errors.rb +25 -16
- data/lib/doorkeeper/grant_flow/fallback_flow.rb +15 -0
- data/lib/doorkeeper/grant_flow/flow.rb +44 -0
- data/lib/doorkeeper/grant_flow/registry.rb +50 -0
- data/lib/doorkeeper/grant_flow.rb +45 -0
- data/lib/doorkeeper/grape/authorization_decorator.rb +6 -4
- data/lib/doorkeeper/grape/helpers.rb +13 -7
- data/lib/doorkeeper/helpers/controller.rb +43 -10
- data/lib/doorkeeper/models/access_grant_mixin.rb +97 -3
- data/lib/doorkeeper/models/access_token_mixin.rb +273 -67
- data/lib/doorkeeper/models/application_mixin.rb +50 -5
- data/lib/doorkeeper/models/concerns/accessible.rb +2 -0
- data/lib/doorkeeper/models/concerns/expirable.rb +7 -3
- data/lib/doorkeeper/models/concerns/expiration_time_sql_math.rb +88 -0
- data/lib/doorkeeper/models/concerns/orderable.rb +2 -0
- data/lib/doorkeeper/models/concerns/ownership.rb +4 -7
- data/lib/doorkeeper/models/concerns/polymorphic_resource_owner.rb +30 -0
- data/lib/doorkeeper/models/concerns/resource_ownerable.rb +47 -0
- data/lib/doorkeeper/models/concerns/reusable.rb +19 -0
- data/lib/doorkeeper/models/concerns/revocable.rb +3 -27
- data/lib/doorkeeper/models/concerns/scopes.rb +12 -2
- data/lib/doorkeeper/models/concerns/secret_storable.rb +106 -0
- data/lib/doorkeeper/oauth/authorization/code.rb +54 -12
- data/lib/doorkeeper/oauth/authorization/context.rb +17 -0
- data/lib/doorkeeper/oauth/authorization/token.rb +64 -24
- data/lib/doorkeeper/oauth/authorization/uri_builder.rb +7 -5
- data/lib/doorkeeper/oauth/authorization_code_request.rb +69 -11
- data/lib/doorkeeper/oauth/base_request.rb +36 -24
- data/lib/doorkeeper/oauth/base_response.rb +2 -0
- data/lib/doorkeeper/oauth/client/credentials.rb +5 -5
- data/lib/doorkeeper/oauth/client.rb +10 -11
- data/lib/doorkeeper/oauth/client_credentials/creator.rb +44 -4
- data/lib/doorkeeper/oauth/client_credentials/issuer.rb +16 -9
- data/lib/doorkeeper/oauth/client_credentials/validator.rb +55 -0
- data/lib/doorkeeper/oauth/client_credentials_request.rb +10 -11
- data/lib/doorkeeper/oauth/code_request.rb +8 -12
- data/lib/doorkeeper/oauth/code_response.rb +27 -15
- data/lib/doorkeeper/oauth/error.rb +3 -1
- data/lib/doorkeeper/oauth/error_response.rb +34 -14
- data/lib/doorkeeper/oauth/forbidden_token_response.rb +11 -3
- data/lib/doorkeeper/oauth/helpers/scope_checker.rb +23 -18
- data/lib/doorkeeper/oauth/helpers/unique_token.rb +20 -3
- data/lib/doorkeeper/oauth/helpers/uri_checker.rb +42 -7
- data/lib/doorkeeper/oauth/hooks/context.rb +21 -0
- data/lib/doorkeeper/oauth/invalid_request_response.rb +43 -0
- data/lib/doorkeeper/oauth/invalid_token_response.rb +29 -4
- data/lib/doorkeeper/oauth/nonstandard.rb +39 -0
- data/lib/doorkeeper/oauth/password_access_token_request.rb +43 -10
- data/lib/doorkeeper/oauth/pre_authorization.rb +134 -26
- data/lib/doorkeeper/oauth/refresh_token_request.rb +67 -31
- data/lib/doorkeeper/oauth/scopes.rb +8 -4
- data/lib/doorkeeper/oauth/token.rb +12 -8
- data/lib/doorkeeper/oauth/token_introspection.rb +99 -25
- data/lib/doorkeeper/oauth/token_request.rb +8 -20
- data/lib/doorkeeper/oauth/token_response.rb +13 -10
- data/lib/doorkeeper/oauth.rb +13 -0
- data/lib/doorkeeper/orm/active_record/access_grant.rb +5 -30
- data/lib/doorkeeper/orm/active_record/access_token.rb +5 -43
- data/lib/doorkeeper/orm/active_record/application.rb +6 -57
- data/lib/doorkeeper/orm/active_record/mixins/access_grant.rb +63 -0
- data/lib/doorkeeper/orm/active_record/mixins/access_token.rb +77 -0
- data/lib/doorkeeper/orm/active_record/mixins/application.rb +210 -0
- data/lib/doorkeeper/orm/active_record/redirect_uri_validator.rb +66 -0
- data/lib/doorkeeper/orm/active_record/stale_records_cleaner.rb +36 -0
- data/lib/doorkeeper/orm/active_record.rb +31 -20
- data/lib/doorkeeper/rails/helpers.rb +10 -8
- data/lib/doorkeeper/rails/routes/abstract_router.rb +35 -0
- data/lib/doorkeeper/rails/routes/mapper.rb +4 -2
- data/lib/doorkeeper/rails/routes/mapping.rb +9 -7
- data/lib/doorkeeper/rails/routes/registry.rb +45 -0
- data/lib/doorkeeper/rails/routes.rb +40 -24
- data/lib/doorkeeper/rake/db.rake +40 -0
- data/lib/doorkeeper/rake/setup.rake +6 -0
- data/lib/doorkeeper/rake.rb +14 -0
- data/lib/doorkeeper/request/authorization_code.rb +6 -4
- data/lib/doorkeeper/request/client_credentials.rb +3 -3
- data/lib/doorkeeper/request/code.rb +1 -1
- data/lib/doorkeeper/request/password.rb +4 -3
- data/lib/doorkeeper/request/refresh_token.rb +6 -5
- data/lib/doorkeeper/request/strategy.rb +4 -2
- data/lib/doorkeeper/request/token.rb +1 -1
- data/lib/doorkeeper/request.rb +61 -34
- data/lib/doorkeeper/secret_storing/base.rb +64 -0
- data/lib/doorkeeper/secret_storing/bcrypt.rb +60 -0
- data/lib/doorkeeper/secret_storing/plain.rb +33 -0
- data/lib/doorkeeper/secret_storing/sha256_hash.rb +26 -0
- data/lib/doorkeeper/server.rb +9 -11
- data/lib/doorkeeper/stale_records_cleaner.rb +24 -0
- data/lib/doorkeeper/validations.rb +2 -0
- data/lib/doorkeeper/version.rb +7 -29
- data/lib/doorkeeper.rb +180 -65
- data/lib/generators/doorkeeper/application_owner_generator.rb +24 -18
- data/lib/generators/doorkeeper/confidential_applications_generator.rb +33 -0
- data/lib/generators/doorkeeper/enable_polymorphic_resource_owner_generator.rb +39 -0
- data/lib/generators/doorkeeper/install_generator.rb +19 -9
- data/lib/generators/doorkeeper/migration_generator.rb +23 -18
- data/lib/generators/doorkeeper/pkce_generator.rb +33 -0
- data/lib/generators/doorkeeper/previous_refresh_token_generator.rb +28 -22
- data/{spec/dummy/db/migrate/20180210183654_add_confidential_to_application.rb → lib/generators/doorkeeper/templates/add_confidential_to_applications.rb.erb} +2 -2
- data/lib/generators/doorkeeper/templates/add_owner_to_application_migration.rb.erb +3 -1
- data/lib/generators/doorkeeper/templates/add_previous_refresh_token_to_access_tokens.rb.erb +2 -0
- data/lib/generators/doorkeeper/templates/enable_pkce_migration.rb.erb +8 -0
- data/lib/generators/doorkeeper/templates/enable_polymorphic_resource_owner_migration.rb.erb +17 -0
- data/lib/generators/doorkeeper/templates/initializer.rb +402 -32
- data/lib/generators/doorkeeper/templates/migration.rb.erb +47 -18
- data/lib/generators/doorkeeper/views_generator.rb +8 -4
- data/vendor/assets/stylesheets/doorkeeper/bootstrap.min.css +4 -5
- metadata +97 -309
- data/.coveralls.yml +0 -1
- data/.github/ISSUE_TEMPLATE.md +0 -25
- data/.github/PULL_REQUEST_TEMPLATE.md +0 -17
- data/.gitignore +0 -19
- data/.hound.yml +0 -2
- data/.rspec +0 -1
- data/.rubocop.yml +0 -17
- data/.travis.yml +0 -38
- data/Appraisals +0 -18
- data/CODE_OF_CONDUCT.md +0 -46
- data/CONTRIBUTING.md +0 -47
- data/Gemfile +0 -10
- data/RELEASING.md +0 -10
- data/Rakefile +0 -20
- data/SECURITY.md +0 -15
- data/app/validators/redirect_uri_validator.rb +0 -44
- data/doorkeeper.gemspec +0 -32
- data/gemfiles/rails_4_2.gemfile +0 -13
- data/gemfiles/rails_5_0.gemfile +0 -12
- data/gemfiles/rails_5_1.gemfile +0 -12
- data/gemfiles/rails_5_2.gemfile +0 -12
- data/gemfiles/rails_master.gemfile +0 -14
- data/lib/doorkeeper/oauth/client_credentials/validation.rb +0 -45
- data/lib/generators/doorkeeper/add_client_confidentiality_generator.rb +0 -31
- data/lib/generators/doorkeeper/templates/add_confidential_to_application_migration.rb.erb +0 -11
- data/spec/controllers/application_metal_controller.rb +0 -10
- data/spec/controllers/applications_controller_spec.rb +0 -69
- data/spec/controllers/authorizations_controller_spec.rb +0 -250
- data/spec/controllers/protected_resources_controller_spec.rb +0 -309
- data/spec/controllers/token_info_controller_spec.rb +0 -56
- data/spec/controllers/tokens_controller_spec.rb +0 -274
- data/spec/dummy/Rakefile +0 -7
- data/spec/dummy/app/controllers/application_controller.rb +0 -3
- data/spec/dummy/app/controllers/custom_authorizations_controller.rb +0 -7
- data/spec/dummy/app/controllers/full_protected_resources_controller.rb +0 -12
- data/spec/dummy/app/controllers/home_controller.rb +0 -17
- data/spec/dummy/app/controllers/metal_controller.rb +0 -11
- data/spec/dummy/app/controllers/semi_protected_resources_controller.rb +0 -11
- data/spec/dummy/app/helpers/application_helper.rb +0 -5
- data/spec/dummy/app/models/user.rb +0 -5
- data/spec/dummy/app/views/home/index.html.erb +0 -0
- data/spec/dummy/app/views/layouts/application.html.erb +0 -14
- data/spec/dummy/config/application.rb +0 -23
- data/spec/dummy/config/boot.rb +0 -9
- data/spec/dummy/config/database.yml +0 -15
- data/spec/dummy/config/environment.rb +0 -5
- data/spec/dummy/config/environments/development.rb +0 -29
- data/spec/dummy/config/environments/production.rb +0 -62
- data/spec/dummy/config/environments/test.rb +0 -44
- data/spec/dummy/config/initializers/backtrace_silencers.rb +0 -7
- data/spec/dummy/config/initializers/doorkeeper.rb +0 -112
- data/spec/dummy/config/initializers/new_framework_defaults.rb +0 -6
- data/spec/dummy/config/initializers/secret_token.rb +0 -8
- data/spec/dummy/config/initializers/session_store.rb +0 -8
- data/spec/dummy/config/initializers/wrap_parameters.rb +0 -14
- data/spec/dummy/config/locales/doorkeeper.en.yml +0 -5
- data/spec/dummy/config/routes.rb +0 -52
- data/spec/dummy/config.ru +0 -4
- data/spec/dummy/db/migrate/20111122132257_create_users.rb +0 -11
- data/spec/dummy/db/migrate/20120312140401_add_password_to_users.rb +0 -7
- data/spec/dummy/db/migrate/20151223192035_create_doorkeeper_tables.rb +0 -62
- data/spec/dummy/db/migrate/20151223200000_add_owner_to_application.rb +0 -9
- data/spec/dummy/db/migrate/20160320211015_add_previous_refresh_token_to_access_tokens.rb +0 -13
- data/spec/dummy/db/schema.rb +0 -68
- data/spec/dummy/public/404.html +0 -26
- data/spec/dummy/public/422.html +0 -26
- data/spec/dummy/public/500.html +0 -26
- data/spec/dummy/public/favicon.ico +0 -0
- data/spec/dummy/script/rails +0 -6
- data/spec/factories.rb +0 -28
- data/spec/generators/application_owner_generator_spec.rb +0 -41
- data/spec/generators/install_generator_spec.rb +0 -31
- data/spec/generators/migration_generator_spec.rb +0 -41
- data/spec/generators/previous_refresh_token_generator_spec.rb +0 -57
- data/spec/generators/templates/routes.rb +0 -3
- data/spec/generators/views_generator_spec.rb +0 -27
- data/spec/grape/grape_integration_spec.rb +0 -135
- data/spec/helpers/doorkeeper/dashboard_helper_spec.rb +0 -24
- data/spec/lib/config_spec.rb +0 -462
- data/spec/lib/doorkeeper_spec.rb +0 -150
- data/spec/lib/models/expirable_spec.rb +0 -50
- data/spec/lib/models/revocable_spec.rb +0 -59
- data/spec/lib/models/scopes_spec.rb +0 -43
- data/spec/lib/oauth/authorization/uri_builder_spec.rb +0 -41
- data/spec/lib/oauth/authorization_code_request_spec.rb +0 -123
- data/spec/lib/oauth/base_request_spec.rb +0 -155
- data/spec/lib/oauth/base_response_spec.rb +0 -45
- data/spec/lib/oauth/client/credentials_spec.rb +0 -90
- data/spec/lib/oauth/client_credentials/creator_spec.rb +0 -44
- data/spec/lib/oauth/client_credentials/issuer_spec.rb +0 -86
- data/spec/lib/oauth/client_credentials/validation_spec.rb +0 -54
- data/spec/lib/oauth/client_credentials_integration_spec.rb +0 -27
- data/spec/lib/oauth/client_credentials_request_spec.rb +0 -105
- data/spec/lib/oauth/client_spec.rb +0 -39
- data/spec/lib/oauth/code_request_spec.rb +0 -43
- data/spec/lib/oauth/code_response_spec.rb +0 -34
- data/spec/lib/oauth/error_response_spec.rb +0 -61
- data/spec/lib/oauth/error_spec.rb +0 -23
- data/spec/lib/oauth/forbidden_token_response_spec.rb +0 -23
- data/spec/lib/oauth/helpers/scope_checker_spec.rb +0 -64
- data/spec/lib/oauth/helpers/unique_token_spec.rb +0 -20
- data/spec/lib/oauth/helpers/uri_checker_spec.rb +0 -218
- data/spec/lib/oauth/invalid_token_response_spec.rb +0 -56
- data/spec/lib/oauth/password_access_token_request_spec.rb +0 -96
- data/spec/lib/oauth/pre_authorization_spec.rb +0 -160
- data/spec/lib/oauth/refresh_token_request_spec.rb +0 -166
- data/spec/lib/oauth/scopes_spec.rb +0 -149
- data/spec/lib/oauth/token_request_spec.rb +0 -96
- data/spec/lib/oauth/token_response_spec.rb +0 -85
- data/spec/lib/oauth/token_spec.rb +0 -116
- data/spec/lib/request/strategy_spec.rb +0 -53
- data/spec/lib/server_spec.rb +0 -59
- data/spec/models/doorkeeper/access_grant_spec.rb +0 -36
- data/spec/models/doorkeeper/access_token_spec.rb +0 -418
- data/spec/models/doorkeeper/application_spec.rb +0 -303
- data/spec/requests/applications/applications_request_spec.rb +0 -94
- data/spec/requests/applications/authorized_applications_spec.rb +0 -30
- data/spec/requests/endpoints/authorization_spec.rb +0 -71
- data/spec/requests/endpoints/token_spec.rb +0 -71
- data/spec/requests/flows/authorization_code_errors_spec.rb +0 -76
- data/spec/requests/flows/authorization_code_spec.rb +0 -149
- data/spec/requests/flows/client_credentials_spec.rb +0 -86
- data/spec/requests/flows/implicit_grant_errors_spec.rb +0 -32
- data/spec/requests/flows/implicit_grant_spec.rb +0 -61
- data/spec/requests/flows/password_spec.rb +0 -197
- data/spec/requests/flows/refresh_token_spec.rb +0 -174
- data/spec/requests/flows/revoke_token_spec.rb +0 -157
- data/spec/requests/flows/skip_authorization_spec.rb +0 -59
- data/spec/requests/protected_resources/metal_spec.rb +0 -14
- data/spec/requests/protected_resources/private_api_spec.rb +0 -81
- data/spec/routing/custom_controller_routes_spec.rb +0 -75
- data/spec/routing/default_routes_spec.rb +0 -39
- data/spec/routing/scoped_routes_spec.rb +0 -31
- data/spec/spec_helper.rb +0 -4
- data/spec/spec_helper_integration.rb +0 -74
- data/spec/support/dependencies/factory_girl.rb +0 -2
- data/spec/support/helpers/access_token_request_helper.rb +0 -11
- data/spec/support/helpers/authorization_request_helper.rb +0 -41
- data/spec/support/helpers/config_helper.rb +0 -9
- data/spec/support/helpers/model_helper.rb +0 -72
- data/spec/support/helpers/request_spec_helper.rb +0 -88
- data/spec/support/helpers/url_helper.rb +0 -56
- data/spec/support/http_method_shim.rb +0 -38
- data/spec/support/orm/active_record.rb +0 -3
- data/spec/support/shared/controllers_shared_context.rb +0 -65
- data/spec/support/shared/models_shared_examples.rb +0 -52
- data/spec/validators/redirect_uri_validator_spec.rb +0 -123
- data/spec/version/version_spec.rb +0 -15
data/README.md
CHANGED
@@ -1,427 +1,155 @@
|
|
1
|
-
# Doorkeeper
|
1
|
+
# Doorkeeper — awesome OAuth 2 provider for your Rails / Grape app.
|
2
2
|
|
3
3
|
[![Gem Version](https://badge.fury.io/rb/doorkeeper.svg)](https://rubygems.org/gems/doorkeeper)
|
4
|
-
[![
|
5
|
-
[![Dependency Status](https://gemnasium.com/doorkeeper-gem/doorkeeper.svg?travis)](https://gemnasium.com/doorkeeper-gem/doorkeeper)
|
4
|
+
[![CI](https://github.com/doorkeeper-gem/doorkeeper/actions/workflows/ci.yml/badge.svg)](https://github.com/doorkeeper-gem/doorkeeper/actions/workflows/ci.yml)
|
6
5
|
[![Code Climate](https://codeclimate.com/github/doorkeeper-gem/doorkeeper.svg)](https://codeclimate.com/github/doorkeeper-gem/doorkeeper)
|
7
|
-
[![Coverage Status](https://coveralls.io/repos/github/doorkeeper-gem/doorkeeper/badge.svg?branch=
|
8
|
-
[![
|
6
|
+
[![Coverage Status](https://coveralls.io/repos/github/doorkeeper-gem/doorkeeper/badge.svg?branch=main)](https://coveralls.io/github/doorkeeper-gem/doorkeeper?branch=main)
|
7
|
+
[![Reviewed by Hound](https://img.shields.io/badge/Reviewed_by-Hound-8E64B0.svg)](https://houndci.com)
|
8
|
+
[![GuardRails badge](https://badges.guardrails.io/doorkeeper-gem/doorkeeper.svg?token=66768ce8f6995814df81f65a2cff40f739f688492704f973e62809e15599bb62)](https://dashboard.guardrails.io/default/gh/doorkeeper-gem/doorkeeper)
|
9
|
+
[![Dependabot](https://img.shields.io/badge/dependabot-enabled-success.svg)](https://dependabot.com)
|
9
10
|
|
10
|
-
Doorkeeper is a gem that makes it easy to introduce OAuth 2 provider
|
11
|
-
functionality to your Rails or Grape application.
|
11
|
+
Doorkeeper is a gem (Rails engine) that makes it easy to introduce OAuth 2 provider
|
12
|
+
functionality to your Ruby on Rails or Grape application.
|
12
13
|
|
13
14
|
Supported features:
|
14
15
|
|
15
|
-
- [The OAuth 2.0 Authorization Framework](https://
|
16
|
-
- [Authorization Code Flow](
|
17
|
-
- [Access Token Scopes](
|
18
|
-
- [Refresh token](
|
19
|
-
- [Implicit grant](
|
20
|
-
- [Resource Owner Password Credentials](
|
21
|
-
- [Client Credentials](
|
22
|
-
- [OAuth 2.0 Token Revocation](
|
23
|
-
- [OAuth 2.0 Token Introspection](https://
|
24
|
-
|
25
|
-
|
26
|
-
|
27
|
-
Please check the documentation for the version of doorkeeper you are using in:
|
28
|
-
https://github.com/doorkeeper-gem/doorkeeper/releases
|
29
|
-
|
30
|
-
- See the [wiki](https://github.com/doorkeeper-gem/doorkeeper/wiki)
|
31
|
-
- For general questions, please post in [Stack Overflow](http://stackoverflow.com/questions/tagged/doorkeeper)
|
32
|
-
- See [SECURITY.md](SECURITY.md) for this project's security disclose
|
33
|
-
policy
|
16
|
+
- [The OAuth 2.0 Authorization Framework](https://datatracker.ietf.org/doc/html/rfc6749)
|
17
|
+
- [Authorization Code Flow](https://datatracker.ietf.org/doc/html/rfc6749#section-4.1)
|
18
|
+
- [Access Token Scopes](https://datatracker.ietf.org/doc/html/rfc6749#section-3.3)
|
19
|
+
- [Refresh token](https://datatracker.ietf.org/doc/html/rfc6749#section-1.5)
|
20
|
+
- [Implicit grant](https://datatracker.ietf.org/doc/html/rfc6749#section-4.2)
|
21
|
+
- [Resource Owner Password Credentials](https://datatracker.ietf.org/doc/html/rfc6749#section-4.3)
|
22
|
+
- [Client Credentials](https://datatracker.ietf.org/doc/html/rfc6749#section-4.4)
|
23
|
+
- [OAuth 2.0 Token Revocation](https://datatracker.ietf.org/doc/html/rfc7009)
|
24
|
+
- [OAuth 2.0 Token Introspection](https://datatracker.ietf.org/doc/html/rfc7662)
|
25
|
+
- [OAuth 2.0 Threat Model and Security Considerations](https://datatracker.ietf.org/doc/html/rfc6819)
|
26
|
+
- [OAuth 2.0 for Native Apps](https://datatracker.ietf.org/doc/html/rfc8252)
|
27
|
+
- [Proof Key for Code Exchange by OAuth Public Clients](https://datatracker.ietf.org/doc/html/rfc7636)
|
34
28
|
|
35
29
|
## Table of Contents
|
36
30
|
|
37
31
|
<!-- START doctoc generated TOC please keep comment here to allow auto update -->
|
38
32
|
<!-- DON'T EDIT THIS SECTION, INSTEAD RE-RUN doctoc TO UPDATE -->
|
39
33
|
|
34
|
+
|
35
|
+
- [Documentation](#documentation)
|
40
36
|
- [Installation](#installation)
|
41
|
-
- [
|
42
|
-
- [
|
43
|
-
|
44
|
-
|
45
|
-
|
46
|
-
|
47
|
-
|
48
|
-
- [Authenticating](#authenticating)
|
49
|
-
- [Internationalization (I18n)](#internationalization-i18n)
|
50
|
-
- [Protecting resources with OAuth (a.k.a your API endpoint)](#protecting-resources-with-oauth-aka-your-api-endpoint)
|
51
|
-
- [Ruby on Rails controllers](#ruby-on-rails-controllers)
|
52
|
-
- [Grape endpoints](#grape-endpoints)
|
53
|
-
- [Route Constraints and other integrations](#route-constraints-and-other-integrations)
|
54
|
-
- [Access Token Scopes](#access-token-scopes)
|
55
|
-
- [Custom Access Token Generator](#custom-access-token-generator)
|
56
|
-
- [Authenticated resource owner](#authenticated-resource-owner)
|
57
|
-
- [Applications list](#applications-list)
|
58
|
-
- [Other customizations](#other-customizations)
|
59
|
-
- [Testing](#testing)
|
60
|
-
- [Upgrading](#upgrading)
|
37
|
+
- [Ruby on Rails](#ruby-on-rails)
|
38
|
+
- [Grape](#grape)
|
39
|
+
- [ORMs](#orms)
|
40
|
+
- [Extensions](#extensions)
|
41
|
+
- [Example Applications](#example-applications)
|
42
|
+
- [Tutorials](#tutorials)
|
43
|
+
- [Sponsors](#sponsors)
|
61
44
|
- [Development](#development)
|
62
45
|
- [Contributing](#contributing)
|
63
|
-
- [
|
64
|
-
|
65
|
-
- [Screencast](#screencast)
|
66
|
-
- [Client applications](#client-applications)
|
67
|
-
- [Contributors](#contributors)
|
68
|
-
- [IETF Standards](#ietf-standards)
|
69
|
-
- [License](#license)
|
46
|
+
- [Contributors](#contributors)
|
47
|
+
- [License](#license)
|
70
48
|
|
71
49
|
<!-- END doctoc generated TOC please keep comment here to allow auto update -->
|
72
50
|
|
73
|
-
##
|
74
|
-
|
75
|
-
Put this in your Gemfile:
|
76
|
-
|
77
|
-
``` ruby
|
78
|
-
gem 'doorkeeper'
|
79
|
-
```
|
80
|
-
|
81
|
-
Run the installation generator with:
|
82
|
-
|
83
|
-
rails generate doorkeeper:install
|
84
|
-
|
85
|
-
This will install the doorkeeper initializer into `config/initializers/doorkeeper.rb`.
|
86
|
-
|
87
|
-
## Configuration
|
88
|
-
|
89
|
-
### ORM
|
90
|
-
|
91
|
-
#### Active Record
|
92
|
-
|
93
|
-
By default doorkeeper is configured to use Active Record, so to start you have
|
94
|
-
to generate the migration tables (supports Rails >= 5 migrations versioning):
|
95
|
-
|
96
|
-
rails generate doorkeeper:migration
|
97
|
-
|
98
|
-
You may want to add foreign keys to your migration. For example, if you plan on
|
99
|
-
using `User` as the resource owner, add the following line to the migration file
|
100
|
-
for each table that includes a `resource_owner_id` column:
|
101
|
-
|
102
|
-
```ruby
|
103
|
-
add_foreign_key :table_name, :users, column: :resource_owner_id
|
104
|
-
```
|
105
|
-
|
106
|
-
Then run migrations:
|
107
|
-
|
108
|
-
```sh
|
109
|
-
rake db:migrate
|
110
|
-
```
|
111
|
-
|
112
|
-
Remember to add associations to your model so the related records are deleted.
|
113
|
-
If you don't do this an `ActiveRecord::InvalidForeignKey`-error will be raised
|
114
|
-
when you try to destroy a model with related access grants or access tokens.
|
115
|
-
|
116
|
-
```ruby
|
117
|
-
class User < ApplicationRecord
|
118
|
-
has_many :access_grants, class_name: "Doorkeeper::AccessGrant",
|
119
|
-
foreign_key: :resource_owner_id,
|
120
|
-
dependent: :delete_all # or :destroy if you need callbacks
|
121
|
-
|
122
|
-
has_many :access_tokens, class_name: "Doorkeeper::AccessToken",
|
123
|
-
foreign_key: :resource_owner_id,
|
124
|
-
dependent: :delete_all # or :destroy if you need callbacks
|
125
|
-
end
|
126
|
-
```
|
127
|
-
|
128
|
-
#### MongoDB
|
129
|
-
|
130
|
-
See [doorkeeper-mongodb project] for Mongoid and MongoMapper support. Follow along
|
131
|
-
the implementation in that repository to extend doorkeeper with other ORMs.
|
132
|
-
|
133
|
-
[doorkeeper-mongodb project]: https://github.com/doorkeeper-gem/doorkeeper-mongodb
|
134
|
-
|
135
|
-
#### Sequel
|
136
|
-
|
137
|
-
If you are using [Sequel gem] then you can add [doorkeeper-sequel extension] to your project.
|
138
|
-
Follow configuration instructions for setting up the necessary Doorkeeper ORM.
|
139
|
-
|
140
|
-
[Sequel gem]: https://github.com/jeremyevans/sequel/
|
141
|
-
[doorkeeper-sequel extension]: https://github.com/nbulaj/doorkeeper-sequel
|
142
|
-
|
143
|
-
#### Couchbase
|
144
|
-
|
145
|
-
Use [doorkeeper-couchbase] extension if you are using Couchbase database.
|
146
|
-
|
147
|
-
[doorkeeper-couchbase]: https://github.com/acaprojects/doorkeeper-couchbase
|
148
|
-
|
149
|
-
### Routes
|
150
|
-
|
151
|
-
The installation script will also automatically add the Doorkeeper routes into
|
152
|
-
your app, like this:
|
153
|
-
|
154
|
-
``` ruby
|
155
|
-
Rails.application.routes.draw do
|
156
|
-
use_doorkeeper
|
157
|
-
# your routes
|
158
|
-
end
|
159
|
-
```
|
160
|
-
|
161
|
-
This will mount following routes:
|
162
|
-
|
163
|
-
GET /oauth/authorize/native?code
|
164
|
-
GET /oauth/authorize
|
165
|
-
POST /oauth/authorize
|
166
|
-
DELETE /oauth/authorize
|
167
|
-
POST /oauth/token
|
168
|
-
POST /oauth/revoke
|
169
|
-
POST /oauth/introspect
|
170
|
-
resources /oauth/applications
|
171
|
-
GET /oauth/authorized_applications
|
172
|
-
DELETE /oauth/authorized_applications/:id
|
173
|
-
GET /oauth/token/info
|
174
|
-
|
175
|
-
For more information on how to customize routes, check out [this page on the
|
176
|
-
wiki](https://github.com/doorkeeper-gem/doorkeeper/wiki/Customizing-routes).
|
177
|
-
|
178
|
-
### Authenticating
|
179
|
-
|
180
|
-
You need to configure Doorkeeper in order to provide `resource_owner` model
|
181
|
-
and authentication block in `config/initializers/doorkeeper.rb`:
|
182
|
-
|
183
|
-
``` ruby
|
184
|
-
Doorkeeper.configure do
|
185
|
-
resource_owner_authenticator do
|
186
|
-
User.find_by(id: session[:current_user_id]) || redirect_to(login_url)
|
187
|
-
end
|
188
|
-
end
|
189
|
-
```
|
190
|
-
|
191
|
-
This code is run in the context of your application so you have access to your
|
192
|
-
models, session or routes helpers. However, since this code is not run in the
|
193
|
-
context of your application's `ApplicationController` it doesn't have access to
|
194
|
-
the methods defined over there.
|
195
|
-
|
196
|
-
You may want to check other ways of authentication
|
197
|
-
[here](https://github.com/doorkeeper-gem/doorkeeper/wiki/Authenticating-using-Clearance-or-DIY).
|
198
|
-
|
199
|
-
### Internationalization (I18n)
|
200
|
-
|
201
|
-
See language files in [the I18n repository](https://github.com/doorkeeper-gem/doorkeeper-i18n).
|
202
|
-
|
203
|
-
## Protecting resources with OAuth (a.k.a your API endpoint)
|
204
|
-
|
205
|
-
### Ruby on Rails controllers
|
206
|
-
|
207
|
-
To protect your controllers (usual one or `ActionController::API`) with OAuth,
|
208
|
-
you just need to setup `before_action`s specifying the actions you want to
|
209
|
-
protect. For example:
|
210
|
-
|
211
|
-
``` ruby
|
212
|
-
class Api::V1::ProductsController < Api::V1::ApiController
|
213
|
-
before_action :doorkeeper_authorize! # Require access token for all actions
|
214
|
-
|
215
|
-
# your actions
|
216
|
-
end
|
217
|
-
```
|
51
|
+
## Documentation
|
218
52
|
|
219
|
-
|
220
|
-
|
53
|
+
This documentation is valid for `main` branch. Please check the documentation for the version of doorkeeper you are using in:
|
54
|
+
https://github.com/doorkeeper-gem/doorkeeper/releases.
|
221
55
|
|
222
|
-
|
56
|
+
Additionally, other resources can be found on:
|
223
57
|
|
224
|
-
|
225
|
-
|
226
|
-
|
227
|
-
|
228
|
-
|
229
|
-
|
230
|
-
For
|
231
|
-
|
232
|
-
|
233
|
-
[Wiki]: https://github.com/doorkeeper-gem/doorkeeper/wiki/Grape-Integration
|
234
|
-
|
235
|
-
``` ruby
|
236
|
-
require 'doorkeeper/grape/helpers'
|
237
|
-
|
238
|
-
module API
|
239
|
-
module V1
|
240
|
-
class Users < Grape::API
|
241
|
-
helpers Doorkeeper::Grape::Helpers
|
242
|
-
|
243
|
-
before do
|
244
|
-
doorkeeper_authorize!
|
245
|
-
end
|
246
|
-
|
247
|
-
# route_setting :scopes, ['user:email'] - for old versions of Grape
|
248
|
-
get :emails, scopes: [:user, :write] do
|
249
|
-
[{'email' => current_user.email}]
|
250
|
-
end
|
251
|
-
|
252
|
-
# ...
|
253
|
-
end
|
254
|
-
end
|
255
|
-
end
|
256
|
-
```
|
257
|
-
|
258
|
-
### Route Constraints and other integrations
|
259
|
-
|
260
|
-
You can leverage the `Doorkeeper.authenticate` facade to easily extract a
|
261
|
-
`Doorkeeper::OAuth::Token` based on the current request. You can then ensure
|
262
|
-
that token is still good, find its associated `#resource_owner_id`, etc.
|
263
|
-
|
264
|
-
```ruby
|
265
|
-
module Constraint
|
266
|
-
class Authenticated
|
267
|
-
|
268
|
-
def matches?(request)
|
269
|
-
token = Doorkeeper.authenticate(request)
|
270
|
-
token && token.accessible?
|
271
|
-
end
|
272
|
-
end
|
273
|
-
end
|
274
|
-
```
|
275
|
-
|
276
|
-
For more information about integration and other integrations, check out [the
|
277
|
-
related wiki
|
278
|
-
page](https://github.com/doorkeeper-gem/doorkeeper/wiki/ActionController::Metal-with-doorkeeper).
|
279
|
-
|
280
|
-
### Access Token Scopes
|
281
|
-
|
282
|
-
You can also require the access token to have specific scopes in certain
|
283
|
-
actions:
|
284
|
-
|
285
|
-
First configure the scopes in `initializers/doorkeeper.rb`
|
58
|
+
- [Guides](https://doorkeeper.gitbook.io/guides/) with how-to get started and configuration documentation
|
59
|
+
- See the [Wiki](https://github.com/doorkeeper-gem/doorkeeper/wiki) with articles and other documentation
|
60
|
+
- Screencast from [railscasts.com](http://railscasts.com/): [#353
|
61
|
+
OAuth with
|
62
|
+
Doorkeeper](http://railscasts.com/episodes/353-oauth-with-doorkeeper)
|
63
|
+
- See [upgrade guides](https://github.com/doorkeeper-gem/doorkeeper/wiki/Migration-from-old-versions)
|
64
|
+
- For general questions, please post on [Stack Overflow](http://stackoverflow.com/questions/tagged/doorkeeper)
|
65
|
+
- See [SECURITY.md](SECURITY.md) for this project's security disclose
|
66
|
+
policy
|
286
67
|
|
287
|
-
|
288
|
-
Doorkeeper.configure do
|
289
|
-
default_scopes :public # if no scope was requested, this will be the default
|
290
|
-
optional_scopes :admin, :write
|
291
|
-
end
|
292
|
-
```
|
68
|
+
## Installation
|
293
69
|
|
294
|
-
|
70
|
+
Installation depends on the framework you're using. The first step is to add the following to your Gemfile:
|
295
71
|
|
296
72
|
```ruby
|
297
|
-
|
298
|
-
before_action -> { doorkeeper_authorize! :public }, only: :index
|
299
|
-
before_action only: [:create, :update, :destroy] do
|
300
|
-
doorkeeper_authorize! :admin, :write
|
301
|
-
end
|
302
|
-
end
|
73
|
+
gem 'doorkeeper'
|
303
74
|
```
|
304
75
|
|
305
|
-
|
306
|
-
above example, `doorkeeper_authorize! :admin, :write` means that the access
|
307
|
-
token is required to have either `:admin` scope or `:write` scope, but does not
|
308
|
-
need have both of them.
|
309
|
-
|
310
|
-
If you want to require the access token to have multiple scopes at the same
|
311
|
-
time, use multiple `doorkeeper_authorize!`, for example:
|
76
|
+
And run `bundle install`. After this, check out the guide related to the framework you're using.
|
312
77
|
|
313
|
-
|
314
|
-
class Api::V1::ProductsController < Api::V1::ApiController
|
315
|
-
before_action -> { doorkeeper_authorize! :public }, only: :index
|
316
|
-
before_action only: [:create, :update, :destroy] do
|
317
|
-
doorkeeper_authorize! :admin
|
318
|
-
doorkeeper_authorize! :write
|
319
|
-
end
|
320
|
-
end
|
321
|
-
```
|
78
|
+
### Ruby on Rails
|
322
79
|
|
323
|
-
|
324
|
-
has both `:admin` and `:write` scopes.
|
80
|
+
Doorkeeper currently supports Ruby on Rails >= 5.0. See the guide [here](https://doorkeeper.gitbook.io/guides/ruby-on-rails/getting-started).
|
325
81
|
|
326
|
-
###
|
82
|
+
### Grape
|
327
83
|
|
328
|
-
|
329
|
-
token, such as [JWT](http://jwt.io), specify an object that responds to
|
330
|
-
`.generate(options = {})` and returns a string to be used as the token.
|
84
|
+
Guide for integration with Grape framework can be found [here](https://doorkeeper.gitbook.io/guides/grape/grape).
|
331
85
|
|
332
|
-
|
333
|
-
Doorkeeper.configure do
|
334
|
-
access_token_generator "Doorkeeper::JWT"
|
335
|
-
end
|
336
|
-
```
|
86
|
+
## ORMs
|
337
87
|
|
338
|
-
|
339
|
-
[Doorkeeper-JWT](https://github.com/chriswarren/doorkeeper-jwt).
|
88
|
+
Doorkeeper supports Active Record by default, but can be configured to work with the following ORMs:
|
340
89
|
|
341
|
-
|
90
|
+
| ORM | Support via |
|
91
|
+
| :--- | :--- |
|
92
|
+
| Active Record | by default |
|
93
|
+
| MongoDB | [doorkeeper-gem/doorkeeper-mongodb](https://github.com/doorkeeper-gem/doorkeeper-mongodb) |
|
94
|
+
| Sequel | [nbulaj/doorkeeper-sequel](https://github.com/nbulaj/doorkeeper-sequel) |
|
95
|
+
| Couchbase | [acaprojects/doorkeeper-couchbase](https://github.com/acaprojects/doorkeeper-couchbase) |
|
96
|
+
| RethinkDB | [aca-labs/doorkeeper-rethinkdb](https://github.com/aca-labs/doorkeeper-rethinkdb) |
|
342
97
|
|
343
|
-
|
344
|
-
inherits from `ActionController::Base`. You may want to use your own
|
345
|
-
controller to inherit from, to keep Doorkeeper controllers in the same
|
346
|
-
context than the rest your app:
|
98
|
+
## Extensions
|
347
99
|
|
348
|
-
|
349
|
-
Doorkeeper.configure do
|
350
|
-
base_controller 'ApplicationController'
|
351
|
-
end
|
352
|
-
```
|
100
|
+
Extensions that are not included by default and can be installed separately.
|
353
101
|
|
354
|
-
|
102
|
+
| | Link |
|
103
|
+
| :--- | :--- |
|
104
|
+
| OpenID Connect extension | [doorkeeper-gem/doorkeeper-openid\_connect](https://github.com/doorkeeper-gem/doorkeeper-openid_connect) |
|
105
|
+
| JWT Token support | [doorkeeper-gem/doorkeeper-jwt](https://github.com/doorkeeper-gem/doorkeeper-jwt) |
|
106
|
+
| Assertion grant extension | [doorkeeper-gem/doorkeeper-grants\_assertion](https://github.com/doorkeeper-gem/doorkeeper-grants_assertion) |
|
107
|
+
| I18n translations | [doorkeeper-gem/doorkeeper-i18n](https://github.com/doorkeeper-gem/doorkeeper-i18n) |
|
108
|
+
| CIBA - Client Initiated Backchannel Authentication Flow extension | [doorkeeper-ciba](https://github.com/autoseg/doorkeeper-ciba) |
|
109
|
+
| Device Authorization Grant | [doorkeeper-device_authorization_grant](https://github.com/exop-group/doorkeeper-device_authorization_grant) |
|
355
110
|
|
356
|
-
|
357
|
-
words, the access token owner, you may want to define a method in your
|
358
|
-
controller that returns the resource owner instance:
|
111
|
+
## Example Applications
|
359
112
|
|
360
|
-
|
361
|
-
class Api::V1::CredentialsController < Api::V1::ApiController
|
362
|
-
before_action :doorkeeper_authorize!
|
363
|
-
respond_to :json
|
113
|
+
These applications show how Doorkeeper works and how to integrate with it. Start with the oAuth2 server and use the clients to connect with the server.
|
364
114
|
|
365
|
-
|
366
|
-
|
367
|
-
|
368
|
-
|
115
|
+
| Application | Link |
|
116
|
+
| :--- | :--- |
|
117
|
+
| OAuth2 Server with Doorkeeper | [doorkeeper-gem/doorkeeper-provider-app](https://github.com/doorkeeper-gem/doorkeeper-provider-app) |
|
118
|
+
| Sinatra Client connected to Provider App | [doorkeeper-gem/doorkeeper-sinatra-client](https://github.com/doorkeeper-gem/doorkeeper-sinatra-client) |
|
119
|
+
| Devise + Omniauth Client | [doorkeeper-gem/doorkeeper-devise-client](https://github.com/doorkeeper-gem/doorkeeper-devise-client) |
|
369
120
|
|
370
|
-
|
121
|
+
You may want to create a client application to
|
122
|
+
test the integration. Check out these [client
|
123
|
+
examples](https://github.com/doorkeeper-gem/doorkeeper/wiki/Example-Applications)
|
124
|
+
in our wiki or follow this [tutorial
|
125
|
+
here](https://github.com/doorkeeper-gem/doorkeeper/wiki/Testing-your-provider-with-OAuth2-gem).
|
371
126
|
|
372
|
-
|
373
|
-
def current_resource_owner
|
374
|
-
User.find(doorkeeper_token.resource_owner_id) if doorkeeper_token
|
375
|
-
end
|
376
|
-
end
|
377
|
-
```
|
127
|
+
## Tutorials
|
378
128
|
|
379
|
-
|
380
|
-
token owner.
|
129
|
+
See [list of tutorials](https://github.com/doorkeeper-gem/doorkeeper/wiki#how-tos--tutorials) in order to learn how to use the gem or integrate it with other solutions / gems.
|
381
130
|
|
382
|
-
|
131
|
+
## Sponsors
|
383
132
|
|
384
|
-
|
385
|
-
|
133
|
+
[![OpenCollective](https://opencollective.com/doorkeeper-gem/backers/badge.svg)](#backers)
|
134
|
+
[![OpenCollective](https://opencollective.com/doorkeeper-gem/sponsors/badge.svg)](#sponsors)
|
386
135
|
|
387
|
-
|
388
|
-
# config/initializers/doorkeeper.rb
|
389
|
-
Doorkeeper.configure do
|
390
|
-
admin_authenticator do |routes|
|
391
|
-
Admin.find_by(id: session[:admin_id]) || redirect_to(routes.new_admin_session_url)
|
392
|
-
end
|
393
|
-
end
|
394
|
-
```
|
136
|
+
Support this project by becoming a sponsor. Your logo will show up here with a link to your website. [[Become a sponsor](https://opencollective.com/doorkeeper-gem#sponsor)]
|
395
137
|
|
396
|
-
|
397
|
-
since the application list is just a scaffold, it's recommended to either
|
398
|
-
customize the controller used by the list or skip the controller all together.
|
399
|
-
For more information see the page
|
400
|
-
[in the wiki](https://github.com/doorkeeper-gem/doorkeeper/wiki/Customizing-routes).
|
138
|
+
<a href="https://codecademy.com/about/careers?utm_source=doorkeeper-gem" target="_blank"><img src="https://static-assets.codecademy.com/marketing/codecademy_logo_padded.png"/></a>
|
401
139
|
|
402
|
-
|
140
|
+
> Codecademy supports open source as part of its mission to democratize tech. Come help us build the education the world deserves: [https://codecademy.com/about/careers](https://codecademy.com/about/careers?utm_source=doorkeeper-gem)
|
403
141
|
|
404
|
-
|
405
|
-
- [CORS - Cross Origin Resource Sharing](https://github.com/doorkeeper-gem/doorkeeper/wiki/%5BCORS%5D-Cross-Origin-Resource-Sharing)
|
406
|
-
- see more on [Wiki page](https://github.com/doorkeeper-gem/doorkeeper/wiki)
|
142
|
+
<br>
|
407
143
|
|
408
|
-
|
144
|
+
<a href="https://oauth.io/?utm_source=doorkeeper-gem" target="_blank"><img src="https://oauth.io/img/logo_text.png"/></a>
|
409
145
|
|
410
|
-
|
411
|
-
Doorkeeper 4.3.0 it uses [ActiveSupport lazy loading hooks](http://api.rubyonrails.org/classes/ActiveSupport/LazyLoadHooks.html)
|
412
|
-
to load models. There are [known issue](https://github.com/doorkeeper-gem/doorkeeper/issues/1043)
|
413
|
-
with the `factory_bot_rails` gem (it executes factories building before `ActiveRecord::Base`
|
414
|
-
is initialized using hooks in gem railtie, so you can catch a `uninitialized constant` error).
|
415
|
-
It is recommended to use pure `factory_bot` gem to solve this problem.
|
146
|
+
> If you prefer not to deal with the gory details of OAuth 2, need dedicated customer support & consulting, try the cloud-based SaaS version: [https://oauth.io](https://oauth.io/?utm_source=doorkeeper-gem)
|
416
147
|
|
417
|
-
|
148
|
+
<br>
|
418
149
|
|
419
|
-
|
420
|
-
notes](https://github.com/doorkeeper-gem/doorkeeper/wiki/Migration-from-old-versions)
|
421
|
-
and take a look at the
|
422
|
-
[changelog](https://github.com/doorkeeper-gem/doorkeeper/blob/master/NEWS.md).
|
150
|
+
<a href="https://www.wealthsimple.com/?utm_source=doorkeeper-gem" target="_blank"><img src="https://wealthsimple.s3.amazonaws.com/branding/medium-black.svg"/></a>
|
423
151
|
|
424
|
-
|
152
|
+
> Wealthsimple is a financial company on a mission to help everyone achieve financial freedom by providing products and advice that are accessible and affordable. Using smart technology, Wealthsimple takes financial services that are often confusing, opaque and expensive and makes them simple, transparent, and low-cost. See what Investing on Autopilot is all about: [https://www.wealthsimple.com](https://www.wealthsimple.com/?utm_source=doorkeeper-gem)
|
425
153
|
|
426
154
|
## Development
|
427
155
|
|
@@ -429,16 +157,19 @@ To run the local engine server:
|
|
429
157
|
|
430
158
|
```
|
431
159
|
bundle install
|
432
|
-
bundle exec
|
160
|
+
bundle exec rake doorkeeper:server
|
433
161
|
````
|
434
162
|
|
435
163
|
By default, it uses the latest Rails version with ActiveRecord. To run the
|
436
|
-
tests with a specific
|
164
|
+
tests with a specific Rails version:
|
437
165
|
|
438
166
|
```
|
439
|
-
|
167
|
+
BUNDLE_GEMFILE=gemfiles/rails_6_0.gemfile bundle exec rake
|
440
168
|
```
|
441
169
|
|
170
|
+
You can also experiment with the changes using `bin/console`. It uses in-memory SQLite database and default
|
171
|
+
Doorkeeper config, but you can reestablish connection or reconfigure the gem if you need.
|
172
|
+
|
442
173
|
## Contributing
|
443
174
|
|
444
175
|
Want to contribute and don't know where to start? Check out [features we're
|
@@ -447,41 +178,15 @@ create [example
|
|
447
178
|
apps](https://github.com/doorkeeper-gem/doorkeeper/wiki/Example-Applications),
|
448
179
|
integrate the gem with your app and let us know!
|
449
180
|
|
450
|
-
Also, check out our [contributing guidelines
|
451
|
-
page](https://github.com/doorkeeper-gem/doorkeeper/wiki/Contributing).
|
452
|
-
|
453
|
-
## Other resources
|
181
|
+
Also, check out our [contributing guidelines page](CONTRIBUTING.md).
|
454
182
|
|
455
|
-
|
456
|
-
|
457
|
-
You can find everything about Doorkeeper in our [wiki
|
458
|
-
here](https://github.com/doorkeeper-gem/doorkeeper/wiki).
|
459
|
-
|
460
|
-
### Screencast
|
461
|
-
|
462
|
-
Check out this screencast from [railscasts.com](http://railscasts.com/): [#353
|
463
|
-
OAuth with
|
464
|
-
Doorkeeper](http://railscasts.com/episodes/353-oauth-with-doorkeeper)
|
465
|
-
|
466
|
-
### Client applications
|
467
|
-
|
468
|
-
After you set up the provider, you may want to create a client application to
|
469
|
-
test the integration. Check out these [client
|
470
|
-
examples](https://github.com/doorkeeper-gem/doorkeeper/wiki/Example-Applications)
|
471
|
-
in our wiki or follow this [tutorial
|
472
|
-
here](https://github.com/doorkeeper-gem/doorkeeper/wiki/Testing-your-provider-with-OAuth2-gem).
|
473
|
-
|
474
|
-
### Contributors
|
183
|
+
## Contributors
|
475
184
|
|
476
185
|
Thanks to all our [awesome
|
477
186
|
contributors](https://github.com/doorkeeper-gem/doorkeeper/graphs/contributors)!
|
478
187
|
|
479
|
-
|
480
|
-
|
481
|
-
* [The OAuth 2.0 Authorization Framework](http://tools.ietf.org/html/rfc6749)
|
482
|
-
* [OAuth 2.0 Threat Model and Security Considerations](http://tools.ietf.org/html/rfc6819)
|
483
|
-
* [OAuth 2.0 Token Revocation](http://tools.ietf.org/html/rfc7009)
|
188
|
+
<a href="https://github.com/doorkeeper-gem/doorkeeper/graphs/contributors"><img src="https://opencollective.com/doorkeeper-gem/contributors.svg?width=890&button=false" /></a>
|
484
189
|
|
485
|
-
|
190
|
+
## License
|
486
191
|
|
487
|
-
MIT License.
|
192
|
+
MIT License. Created in Applicake. Maintained by the community.
|
@@ -1,11 +1,14 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
1
3
|
module Doorkeeper
|
2
4
|
class ApplicationController <
|
3
|
-
Doorkeeper.
|
4
|
-
|
5
|
+
Doorkeeper.config.resolve_controller(:base)
|
5
6
|
include Helpers::Controller
|
7
|
+
include ActionController::MimeResponds if Doorkeeper.config.api_only
|
6
8
|
|
7
|
-
|
8
|
-
|
9
|
-
|
9
|
+
unless Doorkeeper.config.api_only
|
10
|
+
protect_from_forgery with: :exception
|
11
|
+
helper "doorkeeper/dashboard"
|
12
|
+
end
|
10
13
|
end
|
11
14
|
end
|
@@ -1,16 +1,12 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
1
3
|
module Doorkeeper
|
2
|
-
class ApplicationMetalController <
|
3
|
-
|
4
|
-
|
5
|
-
AbstractController::Rendering,
|
6
|
-
ActionController::Rendering,
|
7
|
-
ActionController::Renderers::All,
|
8
|
-
Helpers::Controller
|
9
|
-
].freeze
|
4
|
+
class ApplicationMetalController <
|
5
|
+
Doorkeeper.config.resolve_controller(:base_metal)
|
6
|
+
include Helpers::Controller
|
10
7
|
|
11
|
-
|
12
|
-
|
13
|
-
end
|
8
|
+
before_action :enforce_content_type,
|
9
|
+
if: -> { Doorkeeper.config.enforce_content_type }
|
14
10
|
|
15
11
|
ActiveSupport.run_load_hooks(:doorkeeper_metal_controller, self)
|
16
12
|
end
|