doorkeeper 5.0.0 → 5.0.1

data/spec/controllers/protected_resources_controller_spec.rb

@@ -157,8 +157,7 @@ describe 'doorkeeper authorize filter' do
         module ControllerActions
           remove_method :doorkeeper_unauthorized_render_options
 
-          def doorkeeper_unauthorized_render_options(error: nil)
-          end
+          def doorkeeper_unauthorized_render_options(error: nil); end
         end
       end
 
@@ -306,4 +305,47 @@ describe 'doorkeeper authorize filter' do
       end
     end
   end
+
+  context 'when handle_auth_errors option is set to :raise' do
+    subject { get :index, params: { access_token: token_string } }
+
+    before do
+      config_is_set(:handle_auth_errors, :raise)
+    end
+
+    controller do
+      before_action :doorkeeper_authorize!
+      include ControllerActions
+    end
+
+    context 'when token is unknown' do
+      it 'raises Doorkeeper::Errors::TokenUnknown exception', token: :invalid do
+        expect { subject }.to raise_error(Doorkeeper::Errors::TokenUnknown)
+      end
+    end
+
+    context 'when token is expired' do
+      it 'raises Doorkeeper::Errors::TokenExpired exception', token: :expired do
+        expect { subject }.to raise_error(Doorkeeper::Errors::TokenExpired)
+      end
+    end
+
+    context 'when token is revoked' do
+      it 'raises Doorkeeper::Errors::TokenRevoked exception', token: :revoked do
+        expect { subject }.to raise_error(Doorkeeper::Errors::TokenRevoked)
+      end
+    end
+
+    context 'when token is forbidden' do
+      it 'raises Doorkeeper::Errors::TokenForbidden exception', token: :forbidden do
+        expect { subject }.to raise_error(Doorkeeper::Errors::TokenForbidden)
+      end
+    end
+
+    context 'when token is valid' do
+      it 'allows into index action', token: :valid do
+        expect(response).to be_successful
+      end
+    end
+  end
 end

data/spec/controllers/tokens_controller_spec.rb

@@ -4,7 +4,6 @@ describe Doorkeeper::TokensController do
   describe 'when authorization has succeeded' do
     let(:token) { double(:token, authorize: true) }
 
-
     it 'returns the authorization' do
       skip 'verify need of these specs'
 
@@ -30,12 +29,12 @@ describe Doorkeeper::TokensController do
     it 'returns the error response with a custom message' do
       # I18n looks for `doorkeeper.errors.messages.custom_message` in locale files
       custom_message = "my_message"
-      allow(I18n).to receive(:translate).
-        with(
+      allow(I18n).to receive(:translate)
+        .with(
           custom_message,
           hash_including(scope: %i[doorkeeper errors messages])
-        ).
-        and_return('Authorization custom message')
+        )
+        .and_return('Authorization custom message')
 
       doorkeeper_error = Doorkeeper::Errors::DoorkeeperError.new(custom_message)
 

data/spec/dummy/Rakefile

@@ -2,6 +2,6 @@
 # Add your own tasks in files placed in lib/tasks ending in .rake,
 # for example lib/tasks/capistrano.rake, and they will automatically be available to Rake.
 
-require File.expand_path('../config/application', __FILE__)
+require File.expand_path('config/application', __dir__)
 
 Dummy::Application.load_tasks

data/spec/dummy/app/controllers/custom_authorizations_controller.rb

@@ -1,5 +1,5 @@
 class CustomAuthorizationsController < ::ApplicationController
-  %w(index show new create edit update destroy).each do |action|
+  %w[index show new create edit update destroy].each do |action|
     define_method action do
       render nothing: true
     end

data/spec/dummy/app/controllers/home_controller.rb

@@ -1,6 +1,5 @@
 class HomeController < ApplicationController
-  def index
-  end
+  def index; end
 
   def sign_in
     session[:user_id] = if Rails.env.development?

data/spec/dummy/config.ru

@@ -1,4 +1,4 @@
 # This file is used by Rack-based servers to start the application.
 
-require ::File.expand_path('../config/environment',  __FILE__)
+require ::File.expand_path('../config/environment', __FILE__)
 run Dummy::Application

data/spec/dummy/config/application.rb

@@ -1,4 +1,4 @@
-require File.expand_path('../boot', __FILE__)
+require File.expand_path('boot', __dir__)
 
 require 'rails/all'
 

data/spec/dummy/config/boot.rb

@@ -2,8 +2,6 @@ require 'rubygems'
 require 'bundler/setup'
 
 orm = ENV['BUNDLE_GEMFILE'].match(/Gemfile\.(.+)\.rb/)
-unless defined?(DOORKEEPER_ORM)
-  DOORKEEPER_ORM = (orm && orm[1]) || :active_record
-end
+DOORKEEPER_ORM = (orm && orm[1]) || :active_record unless defined?(DOORKEEPER_ORM)
 
-$LOAD_PATH.unshift File.expand_path('../../../../lib', __FILE__)
+$LOAD_PATH.unshift File.expand_path('../../../lib', __dir__)

data/spec/dummy/config/environment.rb

@@ -1,5 +1,5 @@
 # Load the rails application
-require File.expand_path('../application', __FILE__)
+require File.expand_path('application', __dir__)
 
 # Initialize the rails application
 Rails.application.initialize!

data/spec/dummy/config/environments/test.rb

@@ -24,7 +24,7 @@ Dummy::Application.configure do
   config.action_dispatch.show_exceptions = false
 
   # Disable request forgery protection in test environment
-  config.action_controller.allow_forgery_protection    = false
+  config.action_controller.allow_forgery_protection = false
 
   # Tell Action Mailer not to deliver emails to the real world.
   # The :test delivery method accumulates sent emails in the

data/spec/dummy/config/initializers/doorkeeper.rb

@@ -64,7 +64,8 @@ Doorkeeper.configure do
   # access_token_methods :from_bearer_authorization, :from_access_token_param, :from_bearer_param
 
   # Change the native redirect uri for client apps
-  # When clients register with the following redirect uri, they won't be redirected to any server and the authorization code will be displayed within the provider
+  # When clients register with the following redirect uri, they won't be redirected to any server and
+  # the authorization code will be displayed within the provider
   # The value can be any string. Use nil to disable this feature. When disabled, clients must provide a valid URL
   # (Similar behaviour: https://developers.google.com/accounts/docs/OAuth2InstalledApp#choosingredirecturi)
   #

data/spec/dummy/config/initializers/new_framework_defaults.rb

@@ -4,7 +4,5 @@
 if Rails::VERSION::MAJOR >= 5
   Rails.application.config.active_record.belongs_to_required_by_default = true
 
-  if Rails::VERSION::MINOR >= 2
-    Rails.application.config.active_record.sqlite3.represent_boolean_as_integer = true
-  end
+  Rails.application.config.active_record.sqlite3.represent_boolean_as_integer = true if Rails::VERSION::MINOR >= 2
 end

data/spec/dummy/config/initializers/secret_token.rb

@@ -5,4 +5,4 @@
 # Make sure the secret is at least 30 characters and all random,
 # no regular words or you'll be exposed to dictionary attacks.
 Dummy::Application.config.secret_key_base =
-  'c00157b5a1bb6181792f0f4a8a080485de7bab9987e6cf159dc74c4f0573345c1bfa713b5d756e1491fc0b098567e8a619e2f8d268eda86a20a720d05d633780'
+  'c00157b5a1bb6181792f0f4a8a080485de7bab9987e6cf159'

data/spec/dummy/db/migrate/20151223192035_create_doorkeeper_tables.rb

@@ -28,7 +28,7 @@ class CreateDoorkeeperTables < ActiveRecord::Migration[4.2]
     add_foreign_key(
       :oauth_access_grants,
       :oauth_applications,
-      column: :application_id,
+      column: :application_id
     )
 
     create_table :oauth_access_tokens do |t|
@@ -41,12 +41,12 @@ class CreateDoorkeeperTables < ActiveRecord::Migration[4.2]
       # https://github.com/doorkeeper-gem/doorkeeper/tree/v3.0.0.rc1#custom-access-token-generator
       #
       # t.text     :token,             null: false
-      t.string   :token,             null: false
+      t.string   :token, null: false
 
       t.string   :refresh_token
       t.integer  :expires_in
       t.datetime :revoked_at
-      t.datetime :created_at,        null: false
+      t.datetime :created_at, null: false
       t.string   :scopes
     end
 
@@ -56,7 +56,7 @@ class CreateDoorkeeperTables < ActiveRecord::Migration[4.2]
     add_foreign_key(
       :oauth_access_tokens,
       :oauth_applications,
-      column: :application_id,
+      column: :application_id
     )
   end
 end

data/spec/dummy/db/migrate/20151223200000_add_owner_to_application.rb

@@ -4,6 +4,6 @@ class AddOwnerToApplication < ActiveRecord::Migration[4.2]
   def change
     add_column :oauth_applications, :owner_id, :integer, null: true
     add_column :oauth_applications, :owner_type, :string, null: true
-    add_index :oauth_applications, [:owner_id, :owner_type]
+    add_index :oauth_applications, %i[owner_id owner_type]
   end
 end

data/spec/dummy/script/rails

@@ -1,6 +1,7 @@
 #!/usr/bin/env ruby
-# This command will automatically be run when you run "rails" with Rails 3 gems installed from the root of your application.
+# This command will automatically be run when you run "rails" with Rails 3 gems
+# installed from the root of your application.
 
-APP_PATH = File.expand_path('../../config/application',  __FILE__)
-require File.expand_path('../../config/boot',  __FILE__)
+APP_PATH = File.expand_path('../config/application', __dir__)
+require File.expand_path('../config/boot', __dir__)
 require 'rails/commands'

data/spec/factories.rb

@@ -2,24 +2,24 @@ FactoryBot.define do
   factory :access_grant, class: Doorkeeper::AccessGrant do
     sequence(:resource_owner_id) { |n| n }
     application
-    redirect_uri 'https://app.com/callback'
-    expires_in 100
-    scopes 'public write'
+    redirect_uri { 'https://app.com/callback' }
+    expires_in { 100 }
+    scopes { 'public write' }
   end
 
   factory :access_token, class: Doorkeeper::AccessToken do
     sequence(:resource_owner_id) { |n| n }
     application
-    expires_in 2.hours
+    expires_in { 2.hours }
 
     factory :clientless_access_token do
-      application nil
+      application { nil }
     end
   end
 
   factory :application, class: Doorkeeper::Application do
     sequence(:name) { |n| "Application #{n}" }
-    redirect_uri 'https://app.com/callback'
+    redirect_uri { 'https://app.com/callback' }
   end
 
   # do not name this factory :user, otherwise it will conflict with factories

data/spec/generators/install_generator_spec.rb

@@ -12,7 +12,10 @@ describe 'Doorkeeper::InstallGenerator' do
       prepare_destination
       FileUtils.mkdir(::File.expand_path('config', Pathname(destination_root)))
       FileUtils.mkdir(::File.expand_path('db', Pathname(destination_root)))
-      FileUtils.copy_file(::File.expand_path('../templates/routes.rb', __FILE__), ::File.expand_path('config/routes.rb', Pathname.new(destination_root)))
+      FileUtils.copy_file(
+        ::File.expand_path('../templates/routes.rb', __FILE__),
+        ::File.expand_path('config/routes.rb', Pathname.new(destination_root))
+      )
       run_generator
     end
 

data/spec/generators/templates/routes.rb

@@ -1,3 +1,2 @@
 Rails.application.routes.draw do
-
 end

data/spec/generators/views_generator_spec.rb

@@ -5,7 +5,7 @@ describe Doorkeeper::Generators::ViewsGenerator do
   include GeneratorSpec::TestCase
 
   tests Doorkeeper::Generators::ViewsGenerator
-  destination File.expand_path('../tmp/dummy', __FILE__)
+  destination File.expand_path('tmp/dummy', __dir__)
 
   before :each do
     prepare_destination

data/spec/grape/grape_integration_spec.rb

@@ -68,7 +68,7 @@ describe 'Grape integration' do
   def json_body
     JSON.parse(last_response.body)
   end
-  
+
   let(:client) { FactoryBot.create(:application) }
   let(:resource) { FactoryBot.create(:doorkeeper_testing_user, name: 'Joe', password: 'sekret') }
   let(:access_token) { client_is_authorized(client, resource) }

data/spec/lib/config_spec.rb

@@ -179,10 +179,10 @@ describe Doorkeeper, 'configuration' do
 
     context "is enabled" do
       before do
-        Doorkeeper.configure {
+        Doorkeeper.configure do
           orm DOORKEEPER_ORM
           use_refresh_token
-        }
+        end
       end
 
       it "includes 'refresh_token' in authorization_response_types" do
@@ -208,7 +208,8 @@ describe Doorkeeper, 'configuration' do
 
   describe 'client_credentials' do
     it 'has defaults order' do
-      expect(subject.client_credentials_methods).to eq([:from_basic, :from_params])
+      expect(subject.client_credentials_methods)
+        .to eq(%i[from_basic from_params])
     end
 
     it 'can change the value' do
@@ -217,7 +218,8 @@ describe Doorkeeper, 'configuration' do
         client_credentials :from_digest, :from_params
       end
 
-      expect(subject.client_credentials_methods).to eq([:from_digest, :from_params])
+      expect(subject.client_credentials_methods)
+        .to eq(%i[from_digest from_params])
     end
   end
 
@@ -249,7 +251,8 @@ describe Doorkeeper, 'configuration' do
 
   describe 'access_token_methods' do
     it 'has defaults order' do
-      expect(subject.access_token_methods).to eq([:from_bearer_authorization, :from_access_token_param, :from_bearer_param])
+      expect(subject.access_token_methods)
+        .to eq(%i[from_bearer_authorization from_access_token_param from_bearer_param])
     end
 
     it 'can change the value' do
@@ -258,7 +261,8 @@ describe Doorkeeper, 'configuration' do
         access_token_methods :from_access_token_param, :from_bearer_param
       end
 
-      expect(subject.access_token_methods).to eq([:from_access_token_param, :from_bearer_param])
+      expect(subject.access_token_methods)
+        .to eq(%i[from_access_token_param from_bearer_param])
     end
   end
 
@@ -336,8 +340,8 @@ describe Doorkeeper, 'configuration' do
 
   describe "grant_flows" do
     it "is set to all grant flows by default" do
-      expect(Doorkeeper.configuration.grant_flows).
-        to eq(%w[authorization_code client_credentials])
+      expect(Doorkeeper.configuration.grant_flows)
+        .to eq(%w[authorization_code client_credentials])
     end
 
     it "can change the value" do
@@ -508,4 +512,17 @@ describe Doorkeeper, 'configuration' do
       expect(subject.enforce_content_type).to eq(true)
     end
   end
+
+  describe 'handle_auth_errors' do
+    it 'is set to render by default' do
+      expect(Doorkeeper.configuration.handle_auth_errors).to eq(:render)
+    end
+    it 'can change the value' do
+      Doorkeeper.configure do
+        orm DOORKEEPER_ORM
+        handle_auth_errors :raise
+      end
+      expect(subject.handle_auth_errors).to eq(:raise)
+    end
+  end
 end

data/spec/lib/doorkeeper_spec.rb

@@ -7,17 +7,17 @@ describe Doorkeeper do
     it "calls OAuth::Token#authenticate" do
       token_strategies = Doorkeeper.configuration.access_token_methods
 
-      expect(Doorkeeper::OAuth::Token).to receive(:authenticate).
-        with(request, *token_strategies)
+      expect(Doorkeeper::OAuth::Token).to receive(:authenticate)
+        .with(request, *token_strategies)
 
       Doorkeeper.authenticate(request)
     end
 
     it "accepts custom token strategies" do
-      token_strategies = [:first_way, :second_way]
+      token_strategies = %i[first_way second_way]
 
-      expect(Doorkeeper::OAuth::Token).to receive(:authenticate).
-        with(request, *token_strategies)
+      expect(Doorkeeper::OAuth::Token).to receive(:authenticate)
+        .with(request, *token_strategies)
 
       Doorkeeper.authenticate(request, token_strategies)
     end

data/spec/lib/oauth/authorization_code_request_spec.rb

@@ -25,7 +25,7 @@ module Doorkeeper::OAuth
         subject.authorize
       end.to change { client.reload.access_tokens.count }.by(1)
 
-      expect(client.reload.access_tokens.sort_by(&:created_at).last.expires_in).to eq(1234)
+      expect(client.reload.access_tokens.max_by(&:created_at).expires_in).to eq(1234)
     end
 
     it "issues the token with same grant's scopes" do
@@ -34,7 +34,7 @@ module Doorkeeper::OAuth
     end
 
     it 'revokes the grant' do
-      expect { subject.authorize }.to change { grant.reload.accessible? }
+      expect { subject.authorize }.to(change { grant.reload.accessible? })
     end
 
     it 'requires the grant to be accessible' do
@@ -83,14 +83,17 @@ module Doorkeeper::OAuth
       end
 
       FactoryBot.create(:access_token, application_id: client.id,
-        resource_owner_id: grant.resource_owner_id, scopes: grant.scopes.to_s)
+                                       resource_owner_id: grant.resource_owner_id, scopes: grant.scopes.to_s)
 
-      expect { subject.authorize }.to_not change { Doorkeeper::AccessToken.count }
+      expect { subject.authorize }.to_not(change { Doorkeeper::AccessToken.count })
     end
 
     it "calls configured request callback methods" do
-      expect(Doorkeeper.configuration.before_successful_strategy_response).to receive(:call).with(subject).once
-      expect(Doorkeeper.configuration.after_successful_strategy_response).to receive(:call).with(subject, instance_of(Doorkeeper::OAuth::TokenResponse)).once
+      expect(Doorkeeper.configuration.before_successful_strategy_response)
+        .to receive(:call).with(subject).once
+      expect(Doorkeeper.configuration.after_successful_strategy_response)
+        .to receive(:call).with(subject, instance_of(Doorkeeper::OAuth::TokenResponse)).once
+
       subject.authorize
     end
 

data/spec/lib/oauth/base_request_spec.rb

@@ -4,13 +4,13 @@ module Doorkeeper::OAuth
   describe BaseRequest do
     let(:access_token) do
       double :access_token,
-        token:              "some-token",
-        expires_in:         "3600",
-        expires_in_seconds: "300",
-        scopes_string:      "two scopes",
-        refresh_token:      "some-refresh-token",
-        token_type:         "bearer",
-        created_at:         0
+             token:              "some-token",
+             expires_in:         "3600",
+             expires_in_seconds: "300",
+             scopes_string:      "two scopes",
+             refresh_token:      "some-refresh-token",
+             token_type:         "bearer",
+             created_at:         0
     end
 
     let(:client) { double :client, id: '1' }
@@ -19,9 +19,9 @@ module Doorkeeper::OAuth
 
     let(:server) do
       double :server,
-        access_token_expires_in: 100,
-        custom_access_token_expires_in: ->(_context) { nil },
-        refresh_token_enabled?: false
+             access_token_expires_in: 100,
+             custom_access_token_expires_in: ->(_context) { nil },
+             refresh_token_enabled?: false
     end
 
     subject do