doorkeeper 5.1.0.rc2 → 5.1.0
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of doorkeeper might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/.hound.yml +2 -1
- data/.rubocop.yml +37 -4
- data/.travis.yml +4 -27
- data/Appraisals +8 -12
- data/Gemfile +6 -2
- data/NEWS.md +16 -0
- data/README.md +11 -2
- data/Rakefile +10 -8
- data/app/controllers/doorkeeper/application_controller.rb +1 -2
- data/app/controllers/doorkeeper/application_metal_controller.rb +2 -13
- data/app/controllers/doorkeeper/applications_controller.rb +17 -5
- data/app/controllers/doorkeeper/token_info_controller.rb +1 -1
- data/app/controllers/doorkeeper/tokens_controller.rb +7 -7
- data/app/helpers/doorkeeper/dashboard_helper.rb +1 -1
- data/app/validators/redirect_uri_validator.rb +5 -2
- data/app/views/doorkeeper/applications/_form.html.erb +6 -0
- data/bin/console +5 -4
- data/config/locales/en.yml +1 -0
- data/doorkeeper.gemspec +24 -22
- data/gemfiles/rails_5_0.gemfile +2 -1
- data/gemfiles/rails_5_1.gemfile +2 -1
- data/gemfiles/rails_5_2.gemfile +2 -1
- data/gemfiles/rails_6_0.gemfile +1 -0
- data/gemfiles/rails_master.gemfile +1 -0
- data/lib/doorkeeper.rb +68 -66
- data/lib/doorkeeper/config.rb +53 -90
- data/lib/doorkeeper/config/option.rb +64 -0
- data/lib/doorkeeper/engine.rb +1 -1
- data/lib/doorkeeper/grape/authorization_decorator.rb +4 -4
- data/lib/doorkeeper/grape/helpers.rb +3 -3
- data/lib/doorkeeper/helpers/controller.rb +1 -1
- data/lib/doorkeeper/models/access_grant_mixin.rb +4 -2
- data/lib/doorkeeper/models/access_token_mixin.rb +10 -10
- data/lib/doorkeeper/models/application_mixin.rb +1 -0
- data/lib/doorkeeper/models/concerns/expirable.rb +1 -0
- data/lib/doorkeeper/models/concerns/ownership.rb +1 -6
- data/lib/doorkeeper/models/concerns/revocable.rb +2 -1
- data/lib/doorkeeper/models/concerns/scopes.rb +1 -1
- data/lib/doorkeeper/models/concerns/secret_storable.rb +2 -0
- data/lib/doorkeeper/oauth.rb +5 -5
- data/lib/doorkeeper/oauth/authorization/code.rb +1 -1
- data/lib/doorkeeper/oauth/authorization/token.rb +9 -6
- data/lib/doorkeeper/oauth/authorization/uri_builder.rb +1 -1
- data/lib/doorkeeper/oauth/authorization_code_request.rb +5 -3
- data/lib/doorkeeper/oauth/client_credentials/validation.rb +1 -1
- data/lib/doorkeeper/oauth/client_credentials_request.rb +1 -1
- data/lib/doorkeeper/oauth/error_response.rb +5 -5
- data/lib/doorkeeper/oauth/forbidden_token_response.rb +1 -1
- data/lib/doorkeeper/oauth/helpers/scope_checker.rb +1 -1
- data/lib/doorkeeper/oauth/helpers/unique_token.rb +2 -1
- data/lib/doorkeeper/oauth/helpers/uri_checker.rb +6 -2
- data/lib/doorkeeper/oauth/invalid_token_response.rb +1 -1
- data/lib/doorkeeper/oauth/pre_authorization.rb +4 -3
- data/lib/doorkeeper/oauth/refresh_token_request.rb +1 -1
- data/lib/doorkeeper/oauth/scopes.rb +5 -3
- data/lib/doorkeeper/oauth/token.rb +2 -2
- data/lib/doorkeeper/oauth/token_introspection.rb +4 -4
- data/lib/doorkeeper/oauth/token_response.rb +9 -9
- data/lib/doorkeeper/orm/active_record.rb +6 -6
- data/lib/doorkeeper/orm/active_record/access_grant.rb +5 -12
- data/lib/doorkeeper/orm/active_record/access_token.rb +6 -13
- data/lib/doorkeeper/orm/active_record/application.rb +6 -5
- data/lib/doorkeeper/orm/active_record/stale_records_cleaner.rb +10 -3
- data/lib/doorkeeper/rails/helpers.rb +1 -1
- data/lib/doorkeeper/rails/routes.rb +11 -11
- data/lib/doorkeeper/rails/routes/mapping.rb +7 -7
- data/lib/doorkeeper/rake.rb +1 -1
- data/lib/doorkeeper/rake/db.rake +13 -13
- data/lib/doorkeeper/request.rb +1 -1
- data/lib/doorkeeper/secret_storing/base.rb +7 -6
- data/lib/doorkeeper/secret_storing/bcrypt.rb +4 -3
- data/lib/doorkeeper/secret_storing/plain.rb +4 -4
- data/lib/doorkeeper/secret_storing/sha256_hash.rb +3 -2
- data/lib/doorkeeper/stale_records_cleaner.rb +1 -1
- data/lib/doorkeeper/version.rb +2 -2
- data/lib/generators/doorkeeper/application_owner_generator.rb +10 -9
- data/lib/generators/doorkeeper/confidential_applications_generator.rb +10 -9
- data/lib/generators/doorkeeper/install_generator.rb +11 -9
- data/lib/generators/doorkeeper/migration_generator.rb +9 -9
- data/lib/generators/doorkeeper/pkce_generator.rb +10 -9
- data/lib/generators/doorkeeper/previous_refresh_token_generator.rb +10 -9
- data/lib/generators/doorkeeper/templates/initializer.rb +30 -5
- data/lib/generators/doorkeeper/templates/migration.rb.erb +15 -7
- data/lib/generators/doorkeeper/views_generator.rb +6 -4
- data/spec/controllers/application_metal_controller_spec.rb +10 -10
- data/spec/controllers/applications_controller_spec.rb +54 -52
- data/spec/controllers/authorizations_controller_spec.rb +136 -142
- data/spec/controllers/protected_resources_controller_spec.rb +78 -76
- data/spec/controllers/token_info_controller_spec.rb +13 -11
- data/spec/controllers/tokens_controller_spec.rb +109 -94
- data/spec/dummy/Rakefile +3 -1
- data/spec/dummy/app/controllers/application_controller.rb +2 -0
- data/spec/dummy/app/controllers/custom_authorizations_controller.rb +2 -0
- data/spec/dummy/app/controllers/full_protected_resources_controller.rb +4 -2
- data/spec/dummy/app/controllers/home_controller.rb +5 -3
- data/spec/dummy/app/controllers/metal_controller.rb +2 -0
- data/spec/dummy/app/controllers/semi_protected_resources_controller.rb +4 -2
- data/spec/dummy/app/helpers/application_helper.rb +2 -0
- data/spec/dummy/app/models/user.rb +2 -0
- data/spec/dummy/config.ru +3 -1
- data/spec/dummy/config/application.rb +13 -0
- data/spec/dummy/config/environments/development.rb +2 -0
- data/spec/dummy/config/environments/production.rb +2 -0
- data/spec/dummy/config/environments/test.rb +3 -1
- data/spec/dummy/config/initializers/backtrace_silencers.rb +2 -0
- data/spec/dummy/config/initializers/doorkeeper.rb +5 -2
- data/spec/dummy/config/initializers/secret_token.rb +3 -1
- data/spec/dummy/config/initializers/session_store.rb +3 -1
- data/spec/dummy/config/initializers/wrap_parameters.rb +2 -0
- data/spec/dummy/db/migrate/20151223192035_create_doorkeeper_tables.rb +17 -10
- data/spec/dummy/db/migrate/20170822064514_enable_pkce.rb +2 -0
- data/spec/dummy/db/schema.rb +1 -1
- data/spec/dummy/script/rails +5 -3
- data/spec/factories.rb +5 -3
- data/spec/generators/application_owner_generator_spec.rb +13 -26
- data/spec/generators/confidential_applications_generator_spec.rb +12 -28
- data/spec/generators/install_generator_spec.rb +17 -15
- data/spec/generators/migration_generator_spec.rb +13 -26
- data/spec/generators/pkce_generator_spec.rb +11 -26
- data/spec/generators/previous_refresh_token_generator_spec.rb +16 -29
- data/spec/generators/templates/routes.rb +2 -0
- data/spec/generators/views_generator_spec.rb +14 -12
- data/spec/grape/grape_integration_spec.rb +34 -32
- data/spec/helpers/doorkeeper/dashboard_helper_spec.rb +9 -7
- data/spec/lib/config_spec.rb +137 -136
- data/spec/lib/doorkeeper_spec.rb +3 -1
- data/spec/lib/models/expirable_spec.rb +12 -10
- data/spec/lib/models/reusable_spec.rb +6 -6
- data/spec/lib/models/revocable_spec.rb +8 -6
- data/spec/lib/models/scopes_spec.rb +19 -17
- data/spec/lib/models/secret_storable_spec.rb +71 -49
- data/spec/lib/oauth/authorization/uri_builder_spec.rb +17 -15
- data/spec/lib/oauth/authorization_code_request_spec.rb +18 -12
- data/spec/lib/oauth/base_request_spec.rb +20 -8
- data/spec/lib/oauth/base_response_spec.rb +3 -1
- data/spec/lib/oauth/client/credentials_spec.rb +24 -22
- data/spec/lib/oauth/client_credentials/creator_spec.rb +13 -11
- data/spec/lib/oauth/client_credentials/issuer_spec.rb +27 -18
- data/spec/lib/oauth/client_credentials/validation_spec.rb +17 -15
- data/spec/lib/oauth/client_credentials_integration_spec.rb +7 -5
- data/spec/lib/oauth/client_credentials_request_spec.rb +27 -21
- data/spec/lib/oauth/client_spec.rb +15 -13
- data/spec/lib/oauth/code_request_spec.rb +8 -6
- data/spec/lib/oauth/code_response_spec.rb +9 -7
- data/spec/lib/oauth/error_response_spec.rb +14 -12
- data/spec/lib/oauth/error_spec.rb +4 -2
- data/spec/lib/oauth/forbidden_token_response_spec.rb +7 -5
- data/spec/lib/oauth/helpers/scope_checker_spec.rb +35 -33
- data/spec/lib/oauth/helpers/unique_token_spec.rb +8 -6
- data/spec/lib/oauth/helpers/uri_checker_spec.rb +103 -101
- data/spec/lib/oauth/invalid_token_response_spec.rb +3 -1
- data/spec/lib/oauth/password_access_token_request_spec.rb +52 -34
- data/spec/lib/oauth/pre_authorization_spec.rb +64 -62
- data/spec/lib/oauth/refresh_token_request_spec.rb +36 -33
- data/spec/lib/oauth/scopes_spec.rb +63 -61
- data/spec/lib/oauth/token_request_spec.rb +66 -26
- data/spec/lib/oauth/token_response_spec.rb +39 -37
- data/spec/lib/oauth/token_spec.rb +51 -49
- data/spec/lib/request/strategy_spec.rb +3 -1
- data/spec/lib/secret_storing/base_spec.rb +23 -23
- data/spec/lib/secret_storing/bcrypt_spec.rb +18 -18
- data/spec/lib/secret_storing/plain_spec.rb +17 -17
- data/spec/lib/secret_storing/sha256_hash_spec.rb +16 -16
- data/spec/lib/server_spec.rb +16 -14
- data/spec/lib/stale_records_cleaner_spec.rb +17 -17
- data/spec/models/doorkeeper/access_grant_spec.rb +30 -26
- data/spec/models/doorkeeper/access_token_spec.rb +97 -95
- data/spec/models/doorkeeper/application_spec.rb +98 -57
- data/spec/requests/applications/applications_request_spec.rb +98 -66
- data/spec/requests/applications/authorized_applications_spec.rb +20 -18
- data/spec/requests/endpoints/authorization_spec.rb +25 -23
- data/spec/requests/endpoints/token_spec.rb +38 -36
- data/spec/requests/flows/authorization_code_errors_spec.rb +26 -24
- data/spec/requests/flows/authorization_code_spec.rb +161 -159
- data/spec/requests/flows/client_credentials_spec.rb +53 -51
- data/spec/requests/flows/implicit_grant_errors_spec.rb +10 -8
- data/spec/requests/flows/implicit_grant_spec.rb +27 -25
- data/spec/requests/flows/password_spec.rb +56 -54
- data/spec/requests/flows/refresh_token_spec.rb +45 -43
- data/spec/requests/flows/revoke_token_spec.rb +29 -27
- data/spec/requests/flows/skip_authorization_spec.rb +23 -21
- data/spec/requests/protected_resources/metal_spec.rb +7 -5
- data/spec/requests/protected_resources/private_api_spec.rb +35 -33
- data/spec/routing/custom_controller_routes_spec.rb +67 -65
- data/spec/routing/default_routes_spec.rb +22 -20
- data/spec/routing/scoped_routes_spec.rb +20 -18
- data/spec/spec_helper.rb +14 -13
- data/spec/spec_helper_integration.rb +3 -1
- data/spec/support/dependencies/factory_bot.rb +3 -1
- data/spec/support/doorkeeper_rspec.rb +3 -1
- data/spec/support/helpers/access_token_request_helper.rb +3 -1
- data/spec/support/helpers/authorization_request_helper.rb +4 -2
- data/spec/support/helpers/config_helper.rb +2 -0
- data/spec/support/helpers/model_helper.rb +3 -1
- data/spec/support/helpers/request_spec_helper.rb +5 -3
- data/spec/support/helpers/url_helper.rb +9 -7
- data/spec/support/http_method_shim.rb +4 -9
- data/spec/support/orm/active_record.rb +3 -1
- data/spec/support/shared/controllers_shared_context.rb +18 -16
- data/spec/support/shared/hashing_shared_context.rb +3 -3
- data/spec/support/shared/models_shared_examples.rb +12 -10
- data/spec/validators/redirect_uri_validator_spec.rb +74 -45
- data/spec/version/version_spec.rb +7 -5
- metadata +12 -16
- data/gemfiles/rails_4_2.gemfile +0 -17
- data/spec/dummy/config/initializers/new_framework_defaults.rb +0 -8
- data/spec/support/ruby_2_6_rails_4_2_patch.rb +0 -14
data/spec/lib/config_spec.rb
CHANGED
@@ -1,10 +1,12 @@
|
|
1
|
-
|
1
|
+
# frozen_string_literal: true
|
2
2
|
|
3
|
-
|
3
|
+
require "spec_helper"
|
4
|
+
|
5
|
+
describe Doorkeeper, "configuration" do
|
4
6
|
subject { Doorkeeper.configuration }
|
5
7
|
|
6
|
-
describe
|
7
|
-
it
|
8
|
+
describe "resource_owner_authenticator" do
|
9
|
+
it "sets the block that is accessible via authenticate_resource_owner" do
|
8
10
|
block = proc {}
|
9
11
|
Doorkeeper.configure do
|
10
12
|
orm DOORKEEPER_ORM
|
@@ -14,20 +16,20 @@ describe Doorkeeper, 'configuration' do
|
|
14
16
|
expect(subject.authenticate_resource_owner).to eq(block)
|
15
17
|
end
|
16
18
|
|
17
|
-
it
|
19
|
+
it "prints warning message by default" do
|
18
20
|
Doorkeeper.configure do
|
19
21
|
orm DOORKEEPER_ORM
|
20
22
|
end
|
21
23
|
|
22
24
|
expect(Rails.logger).to receive(:warn).with(
|
23
|
-
I18n.t(
|
25
|
+
I18n.t("doorkeeper.errors.messages.resource_owner_authenticator_not_configured")
|
24
26
|
)
|
25
27
|
subject.authenticate_resource_owner.call(nil)
|
26
28
|
end
|
27
29
|
end
|
28
30
|
|
29
|
-
describe
|
30
|
-
it
|
31
|
+
describe "resource_owner_from_credentials" do
|
32
|
+
it "sets the block that is accessible via authenticate_resource_owner" do
|
31
33
|
block = proc {}
|
32
34
|
Doorkeeper.configure do
|
33
35
|
orm DOORKEEPER_ORM
|
@@ -37,37 +39,37 @@ describe Doorkeeper, 'configuration' do
|
|
37
39
|
expect(subject.resource_owner_from_credentials).to eq(block)
|
38
40
|
end
|
39
41
|
|
40
|
-
it
|
42
|
+
it "prints warning message by default" do
|
41
43
|
Doorkeeper.configure do
|
42
44
|
orm DOORKEEPER_ORM
|
43
45
|
end
|
44
46
|
|
45
47
|
expect(Rails.logger).to receive(:warn).with(
|
46
|
-
I18n.t(
|
48
|
+
I18n.t("doorkeeper.errors.messages.credential_flow_not_configured")
|
47
49
|
)
|
48
50
|
subject.resource_owner_from_credentials.call(nil)
|
49
51
|
end
|
50
52
|
end
|
51
53
|
|
52
|
-
describe
|
53
|
-
it
|
54
|
+
describe "setup_orm_adapter" do
|
55
|
+
it "adds specific error message to NameError exception" do
|
54
56
|
expect do
|
55
|
-
Doorkeeper.configure { orm
|
57
|
+
Doorkeeper.configure { orm "hibernate" }
|
56
58
|
end.to raise_error(NameError, /ORM adapter not found \(hibernate\)/)
|
57
59
|
end
|
58
60
|
|
59
|
-
it
|
60
|
-
|
61
|
+
it "does not change other exceptions" do
|
62
|
+
allow(Doorkeeper).to receive(:setup_orm_adapter) { raise NoMethodError }
|
61
63
|
|
62
64
|
expect do
|
63
|
-
Doorkeeper.configure { orm
|
64
|
-
end.to raise_error(NoMethodError
|
65
|
+
Doorkeeper.configure { orm "hibernate" }
|
66
|
+
end.to raise_error(NoMethodError)
|
65
67
|
end
|
66
68
|
end
|
67
69
|
|
68
|
-
describe
|
69
|
-
it
|
70
|
-
default_behaviour =
|
70
|
+
describe "admin_authenticator" do
|
71
|
+
it "sets the block that is accessible via authenticate_admin" do
|
72
|
+
default_behaviour = "default behaviour"
|
71
73
|
allow(Doorkeeper::Config).to receive(:head).and_return(default_behaviour)
|
72
74
|
|
73
75
|
Doorkeeper.configure do
|
@@ -77,7 +79,7 @@ describe Doorkeeper, 'configuration' do
|
|
77
79
|
expect(subject.authenticate_admin.call({})).to eq(default_behaviour)
|
78
80
|
end
|
79
81
|
|
80
|
-
it
|
82
|
+
it "sets the block that is accessible via authenticate_admin" do
|
81
83
|
block = proc {}
|
82
84
|
Doorkeeper.configure do
|
83
85
|
orm DOORKEEPER_ORM
|
@@ -88,12 +90,12 @@ describe Doorkeeper, 'configuration' do
|
|
88
90
|
end
|
89
91
|
end
|
90
92
|
|
91
|
-
describe
|
92
|
-
it
|
93
|
+
describe "access_token_expires_in" do
|
94
|
+
it "has 2 hours by default" do
|
93
95
|
expect(subject.access_token_expires_in).to eq(2.hours)
|
94
96
|
end
|
95
97
|
|
96
|
-
it
|
98
|
+
it "can change the value" do
|
97
99
|
Doorkeeper.configure do
|
98
100
|
orm DOORKEEPER_ORM
|
99
101
|
access_token_expires_in 4.hours
|
@@ -101,7 +103,7 @@ describe Doorkeeper, 'configuration' do
|
|
101
103
|
expect(subject.access_token_expires_in).to eq(4.hours)
|
102
104
|
end
|
103
105
|
|
104
|
-
it
|
106
|
+
it "can be set to nil" do
|
105
107
|
Doorkeeper.configure do
|
106
108
|
orm DOORKEEPER_ORM
|
107
109
|
access_token_expires_in nil
|
@@ -111,42 +113,42 @@ describe Doorkeeper, 'configuration' do
|
|
111
113
|
end
|
112
114
|
end
|
113
115
|
|
114
|
-
describe
|
115
|
-
it
|
116
|
+
describe "scopes" do
|
117
|
+
it "has default scopes" do
|
116
118
|
Doorkeeper.configure do
|
117
119
|
orm DOORKEEPER_ORM
|
118
120
|
default_scopes :public
|
119
121
|
end
|
120
122
|
|
121
|
-
expect(subject.default_scopes).to include(
|
123
|
+
expect(subject.default_scopes).to include("public")
|
122
124
|
end
|
123
125
|
|
124
|
-
it
|
126
|
+
it "has optional scopes" do
|
125
127
|
Doorkeeper.configure do
|
126
128
|
orm DOORKEEPER_ORM
|
127
129
|
optional_scopes :write, :update
|
128
130
|
end
|
129
131
|
|
130
|
-
expect(subject.optional_scopes).to include(
|
132
|
+
expect(subject.optional_scopes).to include("write", "update")
|
131
133
|
end
|
132
134
|
|
133
|
-
it
|
135
|
+
it "has all scopes" do
|
134
136
|
Doorkeeper.configure do
|
135
137
|
orm DOORKEEPER_ORM
|
136
138
|
default_scopes :normal
|
137
139
|
optional_scopes :admin
|
138
140
|
end
|
139
141
|
|
140
|
-
expect(subject.scopes).to include(
|
142
|
+
expect(subject.scopes).to include("normal", "admin")
|
141
143
|
end
|
142
144
|
end
|
143
145
|
|
144
|
-
describe
|
145
|
-
it
|
146
|
+
describe "scopes_by_grant_type" do
|
147
|
+
it "is {} by default" do
|
146
148
|
expect(subject.scopes_by_grant_type).to eq({})
|
147
149
|
end
|
148
150
|
|
149
|
-
it
|
151
|
+
it "has hash value" do
|
150
152
|
hash = {}
|
151
153
|
Doorkeeper.configure do
|
152
154
|
orm DOORKEEPER_ORM
|
@@ -157,12 +159,12 @@ describe Doorkeeper, 'configuration' do
|
|
157
159
|
end
|
158
160
|
end
|
159
161
|
|
160
|
-
describe
|
161
|
-
it
|
162
|
+
describe "use_refresh_token" do
|
163
|
+
it "is false by default" do
|
162
164
|
expect(subject.refresh_token_enabled?).to eq(false)
|
163
165
|
end
|
164
166
|
|
165
|
-
it
|
167
|
+
it "can change the value" do
|
166
168
|
Doorkeeper.configure do
|
167
169
|
orm DOORKEEPER_ORM
|
168
170
|
use_refresh_token
|
@@ -171,7 +173,7 @@ describe Doorkeeper, 'configuration' do
|
|
171
173
|
expect(subject.refresh_token_enabled?).to eq(true)
|
172
174
|
end
|
173
175
|
|
174
|
-
it
|
176
|
+
it "can accept a boolean parameter" do
|
175
177
|
Doorkeeper.configure do
|
176
178
|
orm DOORKEEPER_ORM
|
177
179
|
use_refresh_token false
|
@@ -180,7 +182,7 @@ describe Doorkeeper, 'configuration' do
|
|
180
182
|
expect(subject.refresh_token_enabled?).to eq(false)
|
181
183
|
end
|
182
184
|
|
183
|
-
it
|
185
|
+
it "can accept a block parameter" do
|
184
186
|
Doorkeeper.configure do
|
185
187
|
orm DOORKEEPER_ORM
|
186
188
|
use_refresh_token { |_context| nil }
|
@@ -190,7 +192,7 @@ describe Doorkeeper, 'configuration' do
|
|
190
192
|
end
|
191
193
|
|
192
194
|
it "does not includes 'refresh_token' in authorization_response_types" do
|
193
|
-
expect(subject.token_grant_types).not_to include
|
195
|
+
expect(subject.token_grant_types).not_to include "refresh_token"
|
194
196
|
end
|
195
197
|
|
196
198
|
context "is enabled" do
|
@@ -202,17 +204,17 @@ describe Doorkeeper, 'configuration' do
|
|
202
204
|
end
|
203
205
|
|
204
206
|
it "includes 'refresh_token' in authorization_response_types" do
|
205
|
-
expect(subject.token_grant_types).to include
|
207
|
+
expect(subject.token_grant_types).to include "refresh_token"
|
206
208
|
end
|
207
209
|
end
|
208
210
|
end
|
209
211
|
|
210
|
-
describe
|
211
|
-
it
|
212
|
+
describe "token_reuse_limit" do
|
213
|
+
it "is 100 by default" do
|
212
214
|
expect(subject.token_reuse_limit).to eq(100)
|
213
215
|
end
|
214
216
|
|
215
|
-
it
|
217
|
+
it "can change the value" do
|
216
218
|
Doorkeeper.configure do
|
217
219
|
token_reuse_limit 90
|
218
220
|
end
|
@@ -220,7 +222,7 @@ describe Doorkeeper, 'configuration' do
|
|
220
222
|
expect(subject.token_reuse_limit).to eq(90)
|
221
223
|
end
|
222
224
|
|
223
|
-
it
|
225
|
+
it "sets the value to 100 if invalid value is being set" do
|
224
226
|
expect(Rails.logger).to receive(:warn).with(/will be set to default 100/)
|
225
227
|
|
226
228
|
Doorkeeper.configure do
|
@@ -232,12 +234,12 @@ describe Doorkeeper, 'configuration' do
|
|
232
234
|
end
|
233
235
|
end
|
234
236
|
|
235
|
-
describe
|
236
|
-
it
|
237
|
+
describe "enforce_configured_scopes" do
|
238
|
+
it "is false by default" do
|
237
239
|
expect(subject.enforce_configured_scopes?).to eq(false)
|
238
240
|
end
|
239
241
|
|
240
|
-
it
|
242
|
+
it "can change the value" do
|
241
243
|
Doorkeeper.configure do
|
242
244
|
orm DOORKEEPER_ORM
|
243
245
|
enforce_configured_scopes
|
@@ -247,13 +249,13 @@ describe Doorkeeper, 'configuration' do
|
|
247
249
|
end
|
248
250
|
end
|
249
251
|
|
250
|
-
describe
|
251
|
-
it
|
252
|
+
describe "client_credentials" do
|
253
|
+
it "has defaults order" do
|
252
254
|
expect(subject.client_credentials_methods)
|
253
255
|
.to eq(%i[from_basic from_params])
|
254
256
|
end
|
255
257
|
|
256
|
-
it
|
258
|
+
it "can change the value" do
|
257
259
|
Doorkeeper.configure do
|
258
260
|
orm DOORKEEPER_ORM
|
259
261
|
client_credentials :from_digest, :from_params
|
@@ -264,12 +266,12 @@ describe Doorkeeper, 'configuration' do
|
|
264
266
|
end
|
265
267
|
end
|
266
268
|
|
267
|
-
describe
|
268
|
-
it
|
269
|
+
describe "force_ssl_in_redirect_uri" do
|
270
|
+
it "is true by default in non-development environments" do
|
269
271
|
expect(subject.force_ssl_in_redirect_uri).to eq(true)
|
270
272
|
end
|
271
273
|
|
272
|
-
it
|
274
|
+
it "can change the value" do
|
273
275
|
Doorkeeper.configure do
|
274
276
|
orm DOORKEEPER_ORM
|
275
277
|
force_ssl_in_redirect_uri(false)
|
@@ -278,7 +280,7 @@ describe Doorkeeper, 'configuration' do
|
|
278
280
|
expect(subject.force_ssl_in_redirect_uri).to eq(false)
|
279
281
|
end
|
280
282
|
|
281
|
-
it
|
283
|
+
it "can be a callable object" do
|
282
284
|
block = proc { false }
|
283
285
|
Doorkeeper.configure do
|
284
286
|
orm DOORKEEPER_ORM
|
@@ -290,13 +292,13 @@ describe Doorkeeper, 'configuration' do
|
|
290
292
|
end
|
291
293
|
end
|
292
294
|
|
293
|
-
describe
|
294
|
-
it
|
295
|
+
describe "access_token_methods" do
|
296
|
+
it "has defaults order" do
|
295
297
|
expect(subject.access_token_methods)
|
296
298
|
.to eq(%i[from_bearer_authorization from_access_token_param from_bearer_param])
|
297
299
|
end
|
298
300
|
|
299
|
-
it
|
301
|
+
it "can change the value" do
|
300
302
|
Doorkeeper.configure do
|
301
303
|
orm DOORKEEPER_ORM
|
302
304
|
access_token_methods :from_access_token_param, :from_bearer_param
|
@@ -307,12 +309,12 @@ describe Doorkeeper, 'configuration' do
|
|
307
309
|
end
|
308
310
|
end
|
309
311
|
|
310
|
-
describe
|
311
|
-
it
|
312
|
-
expect(subject.forbid_redirect_uri.call(URI.parse(
|
312
|
+
describe "forbid_redirect_uri" do
|
313
|
+
it "is false by default" do
|
314
|
+
expect(subject.forbid_redirect_uri.call(URI.parse("https://localhost"))).to eq(false)
|
313
315
|
end
|
314
316
|
|
315
|
-
it
|
317
|
+
it "can be a callable object" do
|
316
318
|
block = proc { true }
|
317
319
|
Doorkeeper.configure do
|
318
320
|
orm DOORKEEPER_ORM
|
@@ -324,12 +326,12 @@ describe Doorkeeper, 'configuration' do
|
|
324
326
|
end
|
325
327
|
end
|
326
328
|
|
327
|
-
describe
|
328
|
-
it
|
329
|
+
describe "enable_application_owner" do
|
330
|
+
it "is disabled by default" do
|
329
331
|
expect(Doorkeeper.configuration.enable_application_owner?).not_to eq(true)
|
330
332
|
end
|
331
333
|
|
332
|
-
context
|
334
|
+
context "when enabled without confirmation" do
|
333
335
|
before do
|
334
336
|
Doorkeeper.configure do
|
335
337
|
orm DOORKEEPER_ORM
|
@@ -337,16 +339,16 @@ describe Doorkeeper, 'configuration' do
|
|
337
339
|
end
|
338
340
|
end
|
339
341
|
|
340
|
-
it
|
342
|
+
it "adds support for application owner" do
|
341
343
|
expect(Doorkeeper::Application.new).to respond_to :owner
|
342
344
|
end
|
343
345
|
|
344
|
-
it
|
346
|
+
it "Doorkeeper.configuration.confirm_application_owner? returns false" do
|
345
347
|
expect(Doorkeeper.configuration.confirm_application_owner?).not_to eq(true)
|
346
348
|
end
|
347
349
|
end
|
348
350
|
|
349
|
-
context
|
351
|
+
context "when enabled with confirmation set to true" do
|
350
352
|
before do
|
351
353
|
Doorkeeper.configure do
|
352
354
|
orm DOORKEEPER_ORM
|
@@ -354,28 +356,28 @@ describe Doorkeeper, 'configuration' do
|
|
354
356
|
end
|
355
357
|
end
|
356
358
|
|
357
|
-
it
|
359
|
+
it "adds support for application owner" do
|
358
360
|
expect(Doorkeeper::Application.new).to respond_to :owner
|
359
361
|
end
|
360
362
|
|
361
|
-
it
|
363
|
+
it "Doorkeeper.configuration.confirm_application_owner? returns true" do
|
362
364
|
expect(Doorkeeper.configuration.confirm_application_owner?).to eq(true)
|
363
365
|
end
|
364
366
|
end
|
365
367
|
end
|
366
368
|
|
367
|
-
describe
|
368
|
-
it
|
369
|
-
expect(Doorkeeper.configuration.realm).to eq(
|
369
|
+
describe "realm" do
|
370
|
+
it "is 'Doorkeeper' by default" do
|
371
|
+
expect(Doorkeeper.configuration.realm).to eq("Doorkeeper")
|
370
372
|
end
|
371
373
|
|
372
|
-
it
|
374
|
+
it "can change the value" do
|
373
375
|
Doorkeeper.configure do
|
374
376
|
orm DOORKEEPER_ORM
|
375
|
-
realm
|
377
|
+
realm "Example"
|
376
378
|
end
|
377
379
|
|
378
|
-
expect(subject.realm).to eq(
|
380
|
+
expect(subject.realm).to eq("Example")
|
379
381
|
end
|
380
382
|
end
|
381
383
|
|
@@ -398,16 +400,16 @@ describe Doorkeeper, 'configuration' do
|
|
398
400
|
before do
|
399
401
|
Doorkeeper.configure do
|
400
402
|
orm DOORKEEPER_ORM
|
401
|
-
grant_flows [
|
403
|
+
grant_flows ["authorization_code"]
|
402
404
|
end
|
403
405
|
end
|
404
406
|
|
405
407
|
it "includes 'code' in authorization_response_types" do
|
406
|
-
expect(subject.authorization_response_types).to include
|
408
|
+
expect(subject.authorization_response_types).to include "code"
|
407
409
|
end
|
408
410
|
|
409
411
|
it "includes 'authorization_code' in token_grant_types" do
|
410
|
-
expect(subject.token_grant_types).to include
|
412
|
+
expect(subject.token_grant_types).to include "authorization_code"
|
411
413
|
end
|
412
414
|
end
|
413
415
|
|
@@ -415,12 +417,12 @@ describe Doorkeeper, 'configuration' do
|
|
415
417
|
before do
|
416
418
|
Doorkeeper.configure do
|
417
419
|
orm DOORKEEPER_ORM
|
418
|
-
grant_flows [
|
420
|
+
grant_flows ["implicit"]
|
419
421
|
end
|
420
422
|
end
|
421
423
|
|
422
424
|
it "includes 'token' in authorization_response_types" do
|
423
|
-
expect(subject.authorization_response_types).to include
|
425
|
+
expect(subject.authorization_response_types).to include "token"
|
424
426
|
end
|
425
427
|
end
|
426
428
|
|
@@ -428,12 +430,12 @@ describe Doorkeeper, 'configuration' do
|
|
428
430
|
before do
|
429
431
|
Doorkeeper.configure do
|
430
432
|
orm DOORKEEPER_ORM
|
431
|
-
grant_flows [
|
433
|
+
grant_flows ["password"]
|
432
434
|
end
|
433
435
|
end
|
434
436
|
|
435
437
|
it "includes 'password' in token_grant_types" do
|
436
|
-
expect(subject.token_grant_types).to include
|
438
|
+
expect(subject.token_grant_types).to include "password"
|
437
439
|
end
|
438
440
|
end
|
439
441
|
|
@@ -441,17 +443,17 @@ describe Doorkeeper, 'configuration' do
|
|
441
443
|
before do
|
442
444
|
Doorkeeper.configure do
|
443
445
|
orm DOORKEEPER_ORM
|
444
|
-
grant_flows [
|
446
|
+
grant_flows ["client_credentials"]
|
445
447
|
end
|
446
448
|
end
|
447
449
|
|
448
450
|
it "includes 'client_credentials' in token_grant_types" do
|
449
|
-
expect(subject.token_grant_types).to include
|
451
|
+
expect(subject.token_grant_types).to include "client_credentials"
|
450
452
|
end
|
451
453
|
end
|
452
454
|
end
|
453
455
|
|
454
|
-
it
|
456
|
+
it "raises an exception when configuration is not set" do
|
455
457
|
old_config = Doorkeeper.configuration
|
456
458
|
Doorkeeper.module_eval do
|
457
459
|
@config = nil
|
@@ -466,29 +468,29 @@ describe Doorkeeper, 'configuration' do
|
|
466
468
|
end
|
467
469
|
end
|
468
470
|
|
469
|
-
describe
|
470
|
-
it
|
471
|
+
describe "access_token_generator" do
|
472
|
+
it "is 'Doorkeeper::OAuth::Helpers::UniqueToken' by default" do
|
471
473
|
expect(Doorkeeper.configuration.access_token_generator).to(
|
472
|
-
eq(
|
474
|
+
eq("Doorkeeper::OAuth::Helpers::UniqueToken")
|
473
475
|
)
|
474
476
|
end
|
475
477
|
|
476
|
-
it
|
478
|
+
it "can change the value" do
|
477
479
|
Doorkeeper.configure do
|
478
480
|
orm DOORKEEPER_ORM
|
479
|
-
access_token_generator
|
481
|
+
access_token_generator "Example"
|
480
482
|
end
|
481
|
-
expect(subject.access_token_generator).to eq(
|
483
|
+
expect(subject.access_token_generator).to eq("Example")
|
482
484
|
end
|
483
485
|
end
|
484
486
|
|
485
|
-
describe
|
487
|
+
describe "default_generator_method" do
|
486
488
|
it "is :urlsafe_base64 by default" do
|
487
489
|
expect(Doorkeeper.configuration.default_generator_method)
|
488
490
|
.to eq(:urlsafe_base64)
|
489
491
|
end
|
490
492
|
|
491
|
-
it
|
493
|
+
it "can change the value" do
|
492
494
|
Doorkeeper.configure do
|
493
495
|
orm DOORKEEPER_ORM
|
494
496
|
default_generator_method :hex
|
@@ -498,25 +500,25 @@ describe Doorkeeper, 'configuration' do
|
|
498
500
|
end
|
499
501
|
end
|
500
502
|
|
501
|
-
describe
|
502
|
-
context
|
503
|
-
it { expect(Doorkeeper.configuration.base_controller).to eq(
|
503
|
+
describe "base_controller" do
|
504
|
+
context "default" do
|
505
|
+
it { expect(Doorkeeper.configuration.base_controller).to eq("ActionController::Base") }
|
504
506
|
end
|
505
507
|
|
506
|
-
context
|
508
|
+
context "custom" do
|
507
509
|
before do
|
508
510
|
Doorkeeper.configure do
|
509
511
|
orm DOORKEEPER_ORM
|
510
|
-
base_controller
|
512
|
+
base_controller "ApplicationController"
|
511
513
|
end
|
512
514
|
end
|
513
515
|
|
514
|
-
it { expect(Doorkeeper.configuration.base_controller).to eq(
|
516
|
+
it { expect(Doorkeeper.configuration.base_controller).to eq("ApplicationController") }
|
515
517
|
end
|
516
518
|
end
|
517
519
|
|
518
520
|
if DOORKEEPER_ORM == :active_record
|
519
|
-
describe
|
521
|
+
describe "active_record_options" do
|
520
522
|
let(:models) { [Doorkeeper::AccessGrant, Doorkeeper::AccessToken, Doorkeeper::Application] }
|
521
523
|
|
522
524
|
before do
|
@@ -525,7 +527,7 @@ describe Doorkeeper, 'configuration' do
|
|
525
527
|
end
|
526
528
|
end
|
527
529
|
|
528
|
-
it
|
530
|
+
it "establishes connection for Doorkeeper models based on options" do
|
529
531
|
models.each do |model|
|
530
532
|
expect(model).to receive(:establish_connection)
|
531
533
|
end
|
@@ -555,8 +557,8 @@ describe Doorkeeper, 'configuration' do
|
|
555
557
|
end
|
556
558
|
end
|
557
559
|
|
558
|
-
describe
|
559
|
-
it
|
560
|
+
describe "strict_content_type" do
|
561
|
+
it "is false by default" do
|
560
562
|
expect(subject.enforce_content_type).to eq(false)
|
561
563
|
end
|
562
564
|
|
@@ -570,11 +572,11 @@ describe Doorkeeper, 'configuration' do
|
|
570
572
|
end
|
571
573
|
end
|
572
574
|
|
573
|
-
describe
|
574
|
-
it
|
575
|
+
describe "handle_auth_errors" do
|
576
|
+
it "is set to render by default" do
|
575
577
|
expect(Doorkeeper.configuration.handle_auth_errors).to eq(:render)
|
576
578
|
end
|
577
|
-
it
|
579
|
+
it "can change the value" do
|
578
580
|
Doorkeeper.configure do
|
579
581
|
orm DOORKEEPER_ORM
|
580
582
|
handle_auth_errors :raise
|
@@ -583,62 +585,61 @@ describe Doorkeeper, 'configuration' do
|
|
583
585
|
end
|
584
586
|
end
|
585
587
|
|
586
|
-
describe
|
587
|
-
it
|
588
|
+
describe "token_secret_strategy" do
|
589
|
+
it "is plain by default" do
|
588
590
|
expect(subject.token_secret_strategy).to eq(Doorkeeper::SecretStoring::Plain)
|
589
591
|
expect(subject.token_secret_fallback_strategy).to eq(nil)
|
590
592
|
end
|
591
593
|
|
592
|
-
context
|
594
|
+
context "when provided" do
|
593
595
|
before do
|
594
596
|
Doorkeeper.configure do
|
595
597
|
hash_token_secrets
|
596
598
|
end
|
597
599
|
end
|
598
600
|
|
599
|
-
it
|
601
|
+
it "will enable hashing for applications" do
|
600
602
|
expect(subject.token_secret_strategy).to eq(Doorkeeper::SecretStoring::Sha256Hash)
|
601
603
|
expect(subject.token_secret_fallback_strategy).to eq(nil)
|
602
604
|
end
|
603
605
|
end
|
604
606
|
|
605
|
-
context
|
606
|
-
it
|
607
|
-
expect
|
607
|
+
context "when manually provided with invalid constant" do
|
608
|
+
it "raises an exception" do
|
609
|
+
expect do
|
608
610
|
Doorkeeper.configure do
|
609
|
-
hash_token_secrets using:
|
611
|
+
hash_token_secrets using: "does not exist"
|
610
612
|
end
|
611
|
-
|
613
|
+
end.to raise_error(NameError)
|
612
614
|
end
|
613
615
|
end
|
614
616
|
|
615
|
-
context
|
616
|
-
it
|
617
|
+
context "when manually provided with invalid option" do
|
618
|
+
it "raises an exception" do
|
617
619
|
expect do
|
618
620
|
Doorkeeper.configure do
|
619
|
-
hash_token_secrets using:
|
621
|
+
hash_token_secrets using: "Doorkeeper::SecretStoring::BCrypt"
|
620
622
|
end
|
621
623
|
end.to raise_error(ArgumentError,
|
622
624
|
/can only be used for storing application secrets/)
|
623
625
|
end
|
624
626
|
end
|
625
627
|
|
626
|
-
context
|
628
|
+
context "when provided with fallback" do
|
627
629
|
before do
|
628
630
|
Doorkeeper.configure do
|
629
631
|
hash_token_secrets fallback: :plain
|
630
632
|
end
|
631
633
|
end
|
632
634
|
|
633
|
-
it
|
635
|
+
it "will enable hashing for applications" do
|
634
636
|
expect(subject.token_secret_strategy).to eq(Doorkeeper::SecretStoring::Sha256Hash)
|
635
637
|
expect(subject.token_secret_fallback_strategy).to eq(Doorkeeper::SecretStoring::Plain)
|
636
638
|
end
|
637
639
|
end
|
638
640
|
|
639
|
-
|
640
|
-
|
641
|
-
it 'will disable reuse_access_token' do
|
641
|
+
describe "hash_token_secrets together with reuse_access_token" do
|
642
|
+
it "will disable reuse_access_token" do
|
642
643
|
expect(Rails.logger).to receive(:warn).with(/reuse_access_token will be disabled/)
|
643
644
|
|
644
645
|
Doorkeeper.configure do
|
@@ -651,43 +652,43 @@ describe Doorkeeper, 'configuration' do
|
|
651
652
|
end
|
652
653
|
end
|
653
654
|
|
654
|
-
describe
|
655
|
-
it
|
655
|
+
describe "application_secret_strategy" do
|
656
|
+
it "is plain by default" do
|
656
657
|
expect(subject.application_secret_strategy).to eq(Doorkeeper::SecretStoring::Plain)
|
657
658
|
expect(subject.application_secret_fallback_strategy).to eq(nil)
|
658
659
|
end
|
659
660
|
|
660
|
-
context
|
661
|
+
context "when provided" do
|
661
662
|
before do
|
662
663
|
Doorkeeper.configure do
|
663
664
|
hash_application_secrets
|
664
665
|
end
|
665
666
|
end
|
666
667
|
|
667
|
-
it
|
668
|
+
it "will enable hashing for applications" do
|
668
669
|
expect(subject.application_secret_strategy).to eq(Doorkeeper::SecretStoring::Sha256Hash)
|
669
670
|
expect(subject.application_secret_fallback_strategy).to eq(nil)
|
670
671
|
end
|
671
672
|
end
|
672
673
|
|
673
|
-
context
|
674
|
-
it
|
675
|
-
expect
|
674
|
+
context "when manually provided with invalid constant" do
|
675
|
+
it "raises an exception" do
|
676
|
+
expect do
|
676
677
|
Doorkeeper.configure do
|
677
|
-
hash_application_secrets using:
|
678
|
+
hash_application_secrets using: "does not exist"
|
678
679
|
end
|
679
|
-
|
680
|
+
end.to raise_error(NameError)
|
680
681
|
end
|
681
682
|
end
|
682
683
|
|
683
|
-
context
|
684
|
+
context "when provided with fallback" do
|
684
685
|
before do
|
685
686
|
Doorkeeper.configure do
|
686
687
|
hash_application_secrets fallback: :plain
|
687
688
|
end
|
688
689
|
end
|
689
690
|
|
690
|
-
it
|
691
|
+
it "will enable hashing for applications" do
|
691
692
|
expect(subject.application_secret_strategy).to eq(Doorkeeper::SecretStoring::Sha256Hash)
|
692
693
|
expect(subject.application_secret_fallback_strategy).to eq(Doorkeeper::SecretStoring::Plain)
|
693
694
|
end
|