doorkeeper 5.0.0 → 5.0.1
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of doorkeeper might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/.travis.yml +5 -0
- data/Dangerfile +57 -0
- data/NEWS.md +32 -1
- data/README.md +18 -3
- data/app/controllers/doorkeeper/application_controller.rb +2 -0
- data/app/controllers/doorkeeper/application_metal_controller.rb +2 -0
- data/app/controllers/doorkeeper/applications_controller.rb +4 -2
- data/app/controllers/doorkeeper/authorizations_controller.rb +3 -3
- data/app/controllers/doorkeeper/authorized_applications_controller.rb +2 -0
- data/app/controllers/doorkeeper/token_info_controller.rb +2 -0
- data/app/controllers/doorkeeper/tokens_controller.rb +2 -0
- data/app/helpers/doorkeeper/dashboard_helper.rb +2 -0
- data/app/validators/redirect_uri_validator.rb +2 -0
- data/doorkeeper.gemspec +23 -22
- data/lib/doorkeeper.rb +1 -0
- data/lib/doorkeeper/config.rb +7 -2
- data/lib/doorkeeper/engine.rb +2 -0
- data/lib/doorkeeper/errors.rb +17 -0
- data/lib/doorkeeper/grape/authorization_decorator.rb +2 -0
- data/lib/doorkeeper/grape/helpers.rb +2 -0
- data/lib/doorkeeper/helpers/controller.rb +2 -0
- data/lib/doorkeeper/models/access_grant_mixin.rb +5 -3
- data/lib/doorkeeper/models/access_token_mixin.rb +5 -3
- data/lib/doorkeeper/models/application_mixin.rb +2 -0
- data/lib/doorkeeper/models/concerns/accessible.rb +2 -0
- data/lib/doorkeeper/models/concerns/expirable.rb +2 -0
- data/lib/doorkeeper/models/concerns/orderable.rb +2 -0
- data/lib/doorkeeper/models/concerns/ownership.rb +2 -0
- data/lib/doorkeeper/models/concerns/revocable.rb +2 -0
- data/lib/doorkeeper/models/concerns/scopes.rb +2 -0
- data/lib/doorkeeper/oauth/authorization/code.rb +2 -0
- data/lib/doorkeeper/oauth/authorization/context.rb +2 -0
- data/lib/doorkeeper/oauth/authorization/token.rb +2 -0
- data/lib/doorkeeper/oauth/authorization/uri_builder.rb +2 -0
- data/lib/doorkeeper/oauth/authorization_code_request.rb +2 -0
- data/lib/doorkeeper/oauth/base_request.rb +2 -0
- data/lib/doorkeeper/oauth/base_response.rb +2 -0
- data/lib/doorkeeper/oauth/client.rb +2 -0
- data/lib/doorkeeper/oauth/client/credentials.rb +2 -0
- data/lib/doorkeeper/oauth/client_credentials/creator.rb +2 -0
- data/lib/doorkeeper/oauth/client_credentials/issuer.rb +2 -0
- data/lib/doorkeeper/oauth/client_credentials/validation.rb +2 -0
- data/lib/doorkeeper/oauth/client_credentials_request.rb +2 -0
- data/lib/doorkeeper/oauth/code_request.rb +2 -0
- data/lib/doorkeeper/oauth/code_response.rb +2 -0
- data/lib/doorkeeper/oauth/error.rb +2 -0
- data/lib/doorkeeper/oauth/error_response.rb +10 -0
- data/lib/doorkeeper/oauth/forbidden_token_response.rb +9 -2
- data/lib/doorkeeper/oauth/helpers/scope_checker.rb +2 -0
- data/lib/doorkeeper/oauth/helpers/unique_token.rb +2 -0
- data/lib/doorkeeper/oauth/helpers/uri_checker.rb +5 -2
- data/lib/doorkeeper/oauth/invalid_token_response.rb +18 -0
- data/lib/doorkeeper/oauth/password_access_token_request.rb +2 -0
- data/lib/doorkeeper/oauth/pre_authorization.rb +2 -0
- data/lib/doorkeeper/oauth/refresh_token_request.rb +10 -2
- data/lib/doorkeeper/oauth/scopes.rb +2 -0
- data/lib/doorkeeper/oauth/token.rb +2 -0
- data/lib/doorkeeper/oauth/token_introspection.rb +2 -0
- data/lib/doorkeeper/oauth/token_request.rb +2 -0
- data/lib/doorkeeper/oauth/token_response.rb +2 -0
- data/lib/doorkeeper/orm/active_record.rb +2 -0
- data/lib/doorkeeper/rails/helpers.rb +4 -0
- data/lib/doorkeeper/rails/routes.rb +9 -2
- data/lib/doorkeeper/rails/routes/mapper.rb +2 -0
- data/lib/doorkeeper/rails/routes/mapping.rb +2 -0
- data/lib/doorkeeper/rake/db.rake +4 -4
- data/lib/doorkeeper/request.rb +2 -0
- data/lib/doorkeeper/request/authorization_code.rb +2 -0
- data/lib/doorkeeper/request/client_credentials.rb +2 -0
- data/lib/doorkeeper/request/code.rb +2 -0
- data/lib/doorkeeper/request/password.rb +2 -0
- data/lib/doorkeeper/request/refresh_token.rb +2 -0
- data/lib/doorkeeper/request/strategy.rb +2 -0
- data/lib/doorkeeper/request/token.rb +2 -0
- data/lib/doorkeeper/server.rb +2 -0
- data/lib/doorkeeper/stale_records_cleaner.rb +20 -0
- data/lib/doorkeeper/validations.rb +2 -0
- data/lib/doorkeeper/version.rb +3 -1
- data/lib/generators/doorkeeper/templates/initializer.rb +20 -2
- data/lib/generators/doorkeeper/templates/migration.rb.erb +2 -2
- data/spec/controllers/applications_controller_spec.rb +37 -41
- data/spec/controllers/authorizations_controller_spec.rb +71 -18
- data/spec/controllers/protected_resources_controller_spec.rb +44 -2
- data/spec/controllers/tokens_controller_spec.rb +4 -5
- data/spec/dummy/Rakefile +1 -1
- data/spec/dummy/app/controllers/custom_authorizations_controller.rb +1 -1
- data/spec/dummy/app/controllers/home_controller.rb +1 -2
- data/spec/dummy/config.ru +1 -1
- data/spec/dummy/config/application.rb +1 -1
- data/spec/dummy/config/boot.rb +2 -4
- data/spec/dummy/config/environment.rb +1 -1
- data/spec/dummy/config/environments/test.rb +1 -1
- data/spec/dummy/config/initializers/doorkeeper.rb +2 -1
- data/spec/dummy/config/initializers/new_framework_defaults.rb +1 -3
- data/spec/dummy/config/initializers/secret_token.rb +1 -1
- data/spec/dummy/db/migrate/20151223192035_create_doorkeeper_tables.rb +4 -4
- data/spec/dummy/db/migrate/20151223200000_add_owner_to_application.rb +1 -1
- data/spec/dummy/script/rails +4 -3
- data/spec/factories.rb +6 -6
- data/spec/generators/install_generator_spec.rb +4 -1
- data/spec/generators/templates/routes.rb +0 -1
- data/spec/generators/views_generator_spec.rb +1 -1
- data/spec/grape/grape_integration_spec.rb +1 -1
- data/spec/lib/config_spec.rb +25 -8
- data/spec/lib/doorkeeper_spec.rb +5 -5
- data/spec/lib/oauth/authorization_code_request_spec.rb +9 -6
- data/spec/lib/oauth/base_request_spec.rb +10 -10
- data/spec/lib/oauth/client/credentials_spec.rb +2 -2
- data/spec/lib/oauth/client_credentials/issuer_spec.rb +0 -2
- data/spec/lib/oauth/client_credentials/validation_spec.rb +2 -1
- data/spec/lib/oauth/client_credentials_integration_spec.rb +1 -1
- data/spec/lib/oauth/code_request_spec.rb +2 -2
- data/spec/lib/oauth/code_response_spec.rb +1 -1
- data/spec/lib/oauth/helpers/scope_checker_spec.rb +8 -8
- data/spec/lib/oauth/helpers/uri_checker_spec.rb +17 -6
- data/spec/lib/oauth/password_access_token_request_spec.rb +17 -5
- data/spec/lib/oauth/refresh_token_request_spec.rb +11 -7
- data/spec/lib/oauth/token_request_spec.rb +5 -5
- data/spec/lib/oauth/token_spec.rb +4 -1
- data/spec/lib/server_spec.rb +6 -6
- data/spec/lib/{orm/active_record/stale_records_cleaner_spec.rb → stale_records_cleaner_spec.rb} +14 -4
- data/spec/models/doorkeeper/access_token_spec.rb +14 -10
- data/spec/models/doorkeeper/application_spec.rb +4 -4
- data/spec/requests/applications/applications_request_spec.rb +2 -2
- data/spec/requests/endpoints/authorization_spec.rb +2 -2
- data/spec/requests/flows/authorization_code_errors_spec.rb +1 -1
- data/spec/requests/flows/authorization_code_spec.rb +75 -15
- data/spec/requests/flows/implicit_grant_errors_spec.rb +2 -2
- data/spec/requests/flows/password_spec.rb +6 -2
- data/spec/requests/flows/refresh_token_spec.rb +57 -0
- data/spec/requests/flows/revoke_token_spec.rb +9 -9
- data/spec/requests/protected_resources/private_api_spec.rb +2 -2
- data/spec/support/doorkeeper_rspec.rb +2 -1
- data/spec/support/helpers/model_helper.rb +8 -4
- data/spec/support/helpers/url_helper.rb +11 -11
- data/spec/support/shared/controllers_shared_context.rb +56 -0
- data/spec/validators/redirect_uri_validator_spec.rb +2 -2
- metadata +20 -4
@@ -63,3 +63,59 @@ shared_context 'invalid authorization request' do
|
|
63
63
|
allow(controller).to receive(:authorization) { authorization }
|
64
64
|
end
|
65
65
|
end
|
66
|
+
|
67
|
+
shared_context 'expired token', token: :expired do
|
68
|
+
let :token_string do
|
69
|
+
'1A2B3C4DEXP'
|
70
|
+
end
|
71
|
+
|
72
|
+
let :token do
|
73
|
+
double(Doorkeeper::AccessToken,
|
74
|
+
accessible?: false, revoked?: false, expired?: true,
|
75
|
+
includes_scope?: false, acceptable?: false,
|
76
|
+
previous_refresh_token: "", revoke_previous_refresh_token!: true)
|
77
|
+
end
|
78
|
+
|
79
|
+
before :each do
|
80
|
+
allow(
|
81
|
+
Doorkeeper::AccessToken
|
82
|
+
).to receive(:by_token).with(token_string).and_return(token)
|
83
|
+
end
|
84
|
+
end
|
85
|
+
|
86
|
+
shared_context 'revoked token', token: :revoked do
|
87
|
+
let :token_string do
|
88
|
+
'1A2B3C4DREV'
|
89
|
+
end
|
90
|
+
|
91
|
+
let :token do
|
92
|
+
double(Doorkeeper::AccessToken,
|
93
|
+
accessible?: false, revoked?: true, expired?: false,
|
94
|
+
includes_scope?: false, acceptable?: false,
|
95
|
+
previous_refresh_token: "", revoke_previous_refresh_token!: true)
|
96
|
+
end
|
97
|
+
|
98
|
+
before :each do
|
99
|
+
allow(
|
100
|
+
Doorkeeper::AccessToken
|
101
|
+
).to receive(:by_token).with(token_string).and_return(token)
|
102
|
+
end
|
103
|
+
end
|
104
|
+
|
105
|
+
shared_context 'forbidden token', token: :forbidden do
|
106
|
+
let :token_string do
|
107
|
+
'1A2B3C4DFORB'
|
108
|
+
end
|
109
|
+
|
110
|
+
let :token do
|
111
|
+
double(Doorkeeper::AccessToken,
|
112
|
+
accessible?: true, includes_scope?: true, acceptable?: false,
|
113
|
+
previous_refresh_token: "", revoke_previous_refresh_token!: true)
|
114
|
+
end
|
115
|
+
|
116
|
+
before :each do
|
117
|
+
allow(
|
118
|
+
Doorkeeper::AccessToken
|
119
|
+
).to receive(:by_token).with(token_string).and_return(token)
|
120
|
+
end
|
121
|
+
end
|
@@ -73,8 +73,8 @@ describe RedirectUriValidator do
|
|
73
73
|
it 'accepts a non secured protocol when disabled' do
|
74
74
|
subject.redirect_uri = 'http://example.com/callback'
|
75
75
|
allow(Doorkeeper.configuration).to receive(
|
76
|
-
|
77
|
-
|
76
|
+
:force_ssl_in_redirect_uri
|
77
|
+
).and_return(false)
|
78
78
|
expect(subject).to be_valid
|
79
79
|
end
|
80
80
|
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: doorkeeper
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 5.0.
|
4
|
+
version: 5.0.1
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Felipe Elias Philipp
|
@@ -11,7 +11,7 @@ authors:
|
|
11
11
|
autorequire:
|
12
12
|
bindir: bin
|
13
13
|
cert_chain: []
|
14
|
-
date: 2018-
|
14
|
+
date: 2018-10-10 00:00:00.000000000 Z
|
15
15
|
dependencies:
|
16
16
|
- !ruby/object:Gem::Dependency
|
17
17
|
name: railties
|
@@ -55,6 +55,20 @@ dependencies:
|
|
55
55
|
- - ">="
|
56
56
|
- !ruby/object:Gem::Version
|
57
57
|
version: '0'
|
58
|
+
- !ruby/object:Gem::Dependency
|
59
|
+
name: danger
|
60
|
+
requirement: !ruby/object:Gem::Requirement
|
61
|
+
requirements:
|
62
|
+
- - "~>"
|
63
|
+
- !ruby/object:Gem::Version
|
64
|
+
version: '5.0'
|
65
|
+
type: :development
|
66
|
+
prerelease: false
|
67
|
+
version_requirements: !ruby/object:Gem::Requirement
|
68
|
+
requirements:
|
69
|
+
- - "~>"
|
70
|
+
- !ruby/object:Gem::Version
|
71
|
+
version: '5.0'
|
58
72
|
- !ruby/object:Gem::Dependency
|
59
73
|
name: grape
|
60
74
|
requirement: !ruby/object:Gem::Requirement
|
@@ -158,6 +172,7 @@ files:
|
|
158
172
|
- Appraisals
|
159
173
|
- CODE_OF_CONDUCT.md
|
160
174
|
- CONTRIBUTING.md
|
175
|
+
- Dangerfile
|
161
176
|
- Gemfile
|
162
177
|
- MIT-LICENSE
|
163
178
|
- NEWS.md
|
@@ -265,6 +280,7 @@ files:
|
|
265
280
|
- lib/doorkeeper/request/strategy.rb
|
266
281
|
- lib/doorkeeper/request/token.rb
|
267
282
|
- lib/doorkeeper/server.rb
|
283
|
+
- lib/doorkeeper/stale_records_cleaner.rb
|
268
284
|
- lib/doorkeeper/validations.rb
|
269
285
|
- lib/doorkeeper/version.rb
|
270
286
|
- lib/generators/doorkeeper/application_owner_generator.rb
|
@@ -371,9 +387,9 @@ files:
|
|
371
387
|
- spec/lib/oauth/token_request_spec.rb
|
372
388
|
- spec/lib/oauth/token_response_spec.rb
|
373
389
|
- spec/lib/oauth/token_spec.rb
|
374
|
-
- spec/lib/orm/active_record/stale_records_cleaner_spec.rb
|
375
390
|
- spec/lib/request/strategy_spec.rb
|
376
391
|
- spec/lib/server_spec.rb
|
392
|
+
- spec/lib/stale_records_cleaner_spec.rb
|
377
393
|
- spec/models/doorkeeper/access_grant_spec.rb
|
378
394
|
- spec/models/doorkeeper/access_token_spec.rb
|
379
395
|
- spec/models/doorkeeper/application_spec.rb
|
@@ -527,9 +543,9 @@ test_files:
|
|
527
543
|
- spec/lib/oauth/token_request_spec.rb
|
528
544
|
- spec/lib/oauth/token_response_spec.rb
|
529
545
|
- spec/lib/oauth/token_spec.rb
|
530
|
-
- spec/lib/orm/active_record/stale_records_cleaner_spec.rb
|
531
546
|
- spec/lib/request/strategy_spec.rb
|
532
547
|
- spec/lib/server_spec.rb
|
548
|
+
- spec/lib/stale_records_cleaner_spec.rb
|
533
549
|
- spec/models/doorkeeper/access_grant_spec.rb
|
534
550
|
- spec/models/doorkeeper/access_token_spec.rb
|
535
551
|
- spec/models/doorkeeper/application_spec.rb
|