doorkeeper 5.1.0.rc2 → 5.1.0

data/spec/lib/oauth/token_request_spec.rb

@@ -1,18 +1,20 @@
-require 'spec_helper'
+# frozen_string_literal: true
+
+require "spec_helper"
 
 module Doorkeeper::OAuth
   describe TokenRequest do
     let :application do
-      FactoryBot.create(:application, scopes: 'public')
+      FactoryBot.create(:application, scopes: "public")
     end
 
     let :pre_auth do
       double(
         :pre_auth,
         client: application,
-        redirect_uri: 'http://tst.com/cb',
+        redirect_uri: "http://tst.com/cb",
         state: nil,
-        scopes: Scopes.from_string('public'),
+        scopes: Scopes.from_string("public"),
         error: nil,
         authorizable?: true
       )
@@ -26,78 +28,116 @@ module Doorkeeper::OAuth
       TokenRequest.new(pre_auth, owner)
     end
 
-    it 'creates an access token' do
+    it "creates an access token" do
       expect do
         subject.authorize
       end.to change { Doorkeeper::AccessToken.count }.by(1)
     end
 
-    it 'returns a code response' do
+    it "returns a code response" do
       expect(subject.authorize).to be_a(CodeResponse)
     end
 
-    it 'does not create token when not authorizable' do
+    it "does not create token when not authorizable" do
       allow(pre_auth).to receive(:authorizable?).and_return(false)
       expect { subject.authorize }.not_to(change { Doorkeeper::AccessToken.count })
     end
 
-    it 'returns a error response' do
+    it "returns a error response" do
       allow(pre_auth).to receive(:authorizable?).and_return(false)
       expect(subject.authorize).to be_a(ErrorResponse)
     end
 
-    context 'with custom expirations' do
-      before do
-        Doorkeeper.configure do
-          orm DOORKEEPER_ORM
-          custom_access_token_expires_in do |context|
-            context.grant_type == Doorkeeper::OAuth::IMPLICIT ? 1234 : nil
+    describe "with custom expiration" do
+      context "when proper TTL returned" do
+        before do
+          Doorkeeper.configure do
+            orm DOORKEEPER_ORM
+            custom_access_token_expires_in do |context|
+              context.grant_type == Doorkeeper::OAuth::IMPLICIT ? 1234 : nil
+            end
           end
         end
+
+        it "should use the custom ttl" do
+          subject.authorize
+          token = Doorkeeper::AccessToken.first
+          expect(token.expires_in).to eq(1234)
+        end
       end
 
-      it 'should use the custom ttl' do
-        subject.authorize
-        token = Doorkeeper::AccessToken.first
-        expect(token.expires_in).to eq(1234)
+      context "when nil TTL returned" do
+        before do
+          Doorkeeper.configure do
+            orm DOORKEEPER_ORM
+            access_token_expires_in 654
+            custom_access_token_expires_in do |_context|
+              nil
+            end
+          end
+        end
+
+        it "should fallback to access_token_expires_in" do
+          subject.authorize
+          token = Doorkeeper::AccessToken.first
+          expect(token.expires_in).to eq(654)
+        end
+      end
+
+      context "when infinite TTL returned" do
+        before do
+          Doorkeeper.configure do
+            orm DOORKEEPER_ORM
+            access_token_expires_in 654
+            custom_access_token_expires_in do |_context|
+              Float::INFINITY
+            end
+          end
+        end
+
+        it "should fallback to access_token_expires_in" do
+          subject.authorize
+          token = Doorkeeper::AccessToken.first
+          expect(token.expires_in).to be_nil
+        end
       end
     end
 
-    context 'token reuse' do
-      it 'creates a new token if there are no matching tokens' do
+    context "token reuse" do
+      it "creates a new token if there are no matching tokens" do
         allow(Doorkeeper.configuration).to receive(:reuse_access_token).and_return(true)
         expect do
           subject.authorize
         end.to change { Doorkeeper::AccessToken.count }.by(1)
       end
 
-      it 'creates a new token if scopes do not match' do
+      it "creates a new token if scopes do not match" do
         allow(Doorkeeper.configuration).to receive(:reuse_access_token).and_return(true)
         FactoryBot.create(:access_token, application_id: pre_auth.client.id,
-                                         resource_owner_id: owner.id, scopes: '')
+                                         resource_owner_id: owner.id, scopes: "")
         expect do
           subject.authorize
         end.to change { Doorkeeper::AccessToken.count }.by(1)
       end
 
-      it 'skips token creation if there is a matching one reusable' do
+      it "skips token creation if there is a matching one reusable" do
         allow(Doorkeeper.configuration).to receive(:reuse_access_token).and_return(true)
         allow(application.scopes).to receive(:has_scopes?).and_return(true)
         allow(application.scopes).to receive(:all?).and_return(true)
 
         FactoryBot.create(:access_token, application_id: pre_auth.client.id,
-                                         resource_owner_id: owner.id, scopes: 'public')
+                                         resource_owner_id: owner.id, scopes: "public")
 
         expect { subject.authorize }.not_to(change { Doorkeeper::AccessToken.count })
       end
 
-      it 'creates new token if there is a matching one but non reusable' do
+      it "creates new token if there is a matching one but non reusable" do
         allow(Doorkeeper.configuration).to receive(:reuse_access_token).and_return(true)
         allow(application.scopes).to receive(:has_scopes?).and_return(true)
         allow(application.scopes).to receive(:all?).and_return(true)
 
         FactoryBot.create(:access_token, application_id: pre_auth.client.id,
-                                         resource_owner_id: owner.id, scopes: 'public')
+                                         resource_owner_id: owner.id, scopes: "public")
 
         allow_any_instance_of(Doorkeeper::AccessToken).to receive(:reusable?).and_return(false)
 

data/spec/lib/oauth/token_response_spec.rb

@@ -1,83 +1,85 @@
-require 'spec_helper'
+# frozen_string_literal: true
+
+require "spec_helper"
 
 module Doorkeeper::OAuth
   describe TokenResponse do
     subject { TokenResponse.new(double.as_null_object) }
 
-    it 'includes access token response headers' do
+    it "includes access token response headers" do
       headers = subject.headers
-      expect(headers.fetch('Cache-Control')).to eq('no-store')
-      expect(headers.fetch('Pragma')).to eq('no-cache')
+      expect(headers.fetch("Cache-Control")).to eq("no-store")
+      expect(headers.fetch("Pragma")).to eq("no-cache")
     end
 
-    it 'status is ok' do
+    it "status is ok" do
       expect(subject.status).to eq(:ok)
     end
 
-    describe '.body' do
+    describe ".body" do
       let(:access_token) do
         double :access_token,
-               plaintext_token:         "some-token",
-               expires_in:              "3600",
-               expires_in_seconds:      "300",
-               scopes_string:           "two scopes",
+               plaintext_token: "some-token",
+               expires_in: "3600",
+               expires_in_seconds: "300",
+               scopes_string: "two scopes",
                plaintext_refresh_token: "some-refresh-token",
-               token_type:              "bearer",
-               created_at:              0
+               token_type: "bearer",
+               created_at: 0
       end
 
       subject { TokenResponse.new(access_token).body }
 
-      it 'includes :access_token' do
-        expect(subject['access_token']).to eq('some-token')
+      it "includes :access_token" do
+        expect(subject["access_token"]).to eq("some-token")
       end
 
-      it 'includes :token_type' do
-        expect(subject['token_type']).to eq('bearer')
+      it "includes :token_type" do
+        expect(subject["token_type"]).to eq("bearer")
       end
 
       # expires_in_seconds is returned as `expires_in` in order to match
       # the OAuth spec (section 4.2.2)
-      it 'includes :expires_in' do
-        expect(subject['expires_in']).to eq('300')
+      it "includes :expires_in" do
+        expect(subject["expires_in"]).to eq("300")
       end
 
-      it 'includes :scope' do
-        expect(subject['scope']).to eq('two scopes')
+      it "includes :scope" do
+        expect(subject["scope"]).to eq("two scopes")
       end
 
-      it 'includes :refresh_token' do
-        expect(subject['refresh_token']).to eq('some-refresh-token')
+      it "includes :refresh_token" do
+        expect(subject["refresh_token"]).to eq("some-refresh-token")
       end
 
-      it 'includes :created_at' do
-        expect(subject['created_at']).to eq(0)
+      it "includes :created_at" do
+        expect(subject["created_at"]).to eq(0)
       end
     end
 
-    describe '.body filters out empty values' do
+    describe ".body filters out empty values" do
       let(:access_token) do
         double :access_token,
-               plaintext_token:         'some-token',
-               expires_in_seconds:      '',
-               scopes_string:           '',
-               plaintext_refresh_token: '',
-               token_type:              'bearer',
-               created_at:              0
+               plaintext_token: "some-token",
+               expires_in_seconds: "",
+               scopes_string: "",
+               plaintext_refresh_token: "",
+               token_type: "bearer",
+               created_at: 0
       end
 
       subject { TokenResponse.new(access_token).body }
 
-      it 'includes :expires_in' do
-        expect(subject['expires_in']).to be_nil
+      it "includes :expires_in" do
+        expect(subject["expires_in"]).to be_nil
       end
 
-      it 'includes :scope' do
-        expect(subject['scope']).to be_nil
+      it "includes :scope" do
+        expect(subject["scope"]).to be_nil
       end
 
-      it 'includes :refresh_token' do
-        expect(subject['refresh_token']).to be_nil
+      it "includes :refresh_token" do
+        expect(subject["refresh_token"]).to be_nil
       end
     end
   end

data/spec/lib/oauth/token_spec.rb

@@ -1,4 +1,6 @@
-require 'spec_helper'
+# frozen_string_literal: true
+
+require "spec_helper"
 
 module Doorkeeper
   unless defined?(AccessToken)
@@ -12,114 +14,114 @@ module Doorkeeper
         let(:request) { double.as_null_object }
 
         let(:method) do
-          ->(*) { 'token-value' }
+          ->(*) { "token-value" }
         end
 
-        it 'accepts anything that responds to #call' do
+        it "accepts anything that responds to #call" do
           expect(method).to receive(:call).with(request)
           Token.from_request request, method
         end
 
-        it 'delegates methods received as symbols to Token class' do
+        it "delegates methods received as symbols to Token class" do
           expect(Token).to receive(:from_params).with(request)
           Token.from_request request, :from_params
         end
 
-        it 'stops at the first credentials found' do
+        it "stops at the first credentials found" do
           not_called_method = double
           expect(not_called_method).not_to receive(:call)
           Token.from_request request, ->(_r) {}, method, not_called_method
         end
 
-        it 'returns the credential from extractor method' do
+        it "returns the credential from extractor method" do
           credentials = Token.from_request request, method
-          expect(credentials).to eq('token-value')
+          expect(credentials).to eq("token-value")
         end
       end
 
       describe :from_access_token_param do
-        it 'returns token from access_token parameter' do
-          request = double parameters: { access_token: 'some-token' }
+        it "returns token from access_token parameter" do
+          request = double parameters: { access_token: "some-token" }
           token   = Token.from_access_token_param(request)
-          expect(token).to eq('some-token')
+          expect(token).to eq("some-token")
         end
       end
 
       describe :from_bearer_param do
-        it 'returns token from bearer_token parameter' do
-          request = double parameters: { bearer_token: 'some-token' }
+        it "returns token from bearer_token parameter" do
+          request = double parameters: { bearer_token: "some-token" }
           token   = Token.from_bearer_param(request)
-          expect(token).to eq('some-token')
+          expect(token).to eq("some-token")
         end
       end
 
       describe :from_bearer_authorization do
-        it 'returns token from capitalized authorization bearer' do
-          request = double authorization: 'Bearer SomeToken'
+        it "returns token from capitalized authorization bearer" do
+          request = double authorization: "Bearer SomeToken"
           token   = Token.from_bearer_authorization(request)
-          expect(token).to eq('SomeToken')
+          expect(token).to eq("SomeToken")
         end
 
-        it 'returns token from lowercased authorization bearer' do
-          request = double authorization: 'bearer SomeToken'
+        it "returns token from lowercased authorization bearer" do
+          request = double authorization: "bearer SomeToken"
           token   = Token.from_bearer_authorization(request)
-          expect(token).to eq('SomeToken')
+          expect(token).to eq("SomeToken")
         end
 
-        it 'does not return token if authorization is not bearer' do
-          request = double authorization: 'MAC SomeToken'
+        it "does not return token if authorization is not bearer" do
+          request = double authorization: "MAC SomeToken"
           token   = Token.from_bearer_authorization(request)
           expect(token).to be_blank
         end
       end
 
       describe :from_basic_authorization do
-        it 'returns token from capitalized authorization basic' do
-          request = double authorization: "Basic #{Base64.encode64 'SomeToken:'}"
+        it "returns token from capitalized authorization basic" do
+          request = double authorization: "Basic #{Base64.encode64 "SomeToken:"}"
           token   = Token.from_basic_authorization(request)
-          expect(token).to eq('SomeToken')
+          expect(token).to eq("SomeToken")
         end
 
-        it 'returns token from lowercased authorization basic' do
-          request = double authorization: "basic #{Base64.encode64 'SomeToken:'}"
+        it "returns token from lowercased authorization basic" do
+          request = double authorization: "basic #{Base64.encode64 "SomeToken:"}"
           token   = Token.from_basic_authorization(request)
-          expect(token).to eq('SomeToken')
+          expect(token).to eq("SomeToken")
         end
 
-        it 'does not return token if authorization is not basic' do
-          request = double authorization: "MAC #{Base64.encode64 'SomeToken:'}"
+        it "does not return token if authorization is not basic" do
+          request = double authorization: "MAC #{Base64.encode64 "SomeToken:"}"
           token   = Token.from_basic_authorization(request)
           expect(token).to be_blank
         end
       end
 
       describe :authenticate do
-        context 'refresh tokens are disabled (default)' do
-          context 'refresh tokens are enabled' do
-            it 'does not revoke previous refresh_token if token was found' do
-              token = ->(_r) { 'token' }
+        context "refresh tokens are disabled (default)" do
+          context "refresh tokens are enabled" do
+            it "does not revoke previous refresh_token if token was found" do
+              token = ->(_r) { "token" }
               expect(
                 AccessToken
-              ).to receive(:by_token).with('token').and_return(token)
+              ).to receive(:by_token).with("token").and_return(token)
               expect(token).not_to receive(:revoke_previous_refresh_token!)
               Token.authenticate double, token
             end
           end
 
-          it 'calls the finder if token was returned' do
-            token = ->(_r) { 'token' }
-            expect(AccessToken).to receive(:by_token).with('token')
+          it "calls the finder if token was returned" do
+            token = ->(_r) { "token" }
+            expect(AccessToken).to receive(:by_token).with("token")
             Token.authenticate double, token
           end
         end
 
-        context 'token hashing is enabled' do
-          include_context 'with token hashing enabled'
+        context "token hashing is enabled" do
+          include_context "with token hashing enabled"
 
-          let(:hashed_token) { hashed_or_plain_token_func.call('token') }
-          let(:token) { ->(_r) { 'token' } }
+          let(:hashed_token) { hashed_or_plain_token_func.call("token") }
+          let(:token) { ->(_r) { "token" } }
 
-          it 'searches with the hashed token' do
+          it "searches with the hashed token" do
             expect(
               AccessToken
             ).to receive(:find_by).with(token: hashed_token).and_return(token)
@@ -127,7 +129,7 @@ module Doorkeeper
           end
         end
 
-        context 'refresh tokens are enabled' do
+        context "refresh tokens are enabled" do
           before do
             Doorkeeper.configure do
               orm DOORKEEPER_ORM
@@ -135,18 +137,18 @@ module Doorkeeper
             end
           end
 
-          it 'revokes previous refresh_token if token was found' do
-            token = ->(_r) { 'token' }
+          it "revokes previous refresh_token if token was found" do
+            token = ->(_r) { "token" }
             expect(
               AccessToken
-            ).to receive(:by_token).with('token').and_return(token)
+            ).to receive(:by_token).with("token").and_return(token)
             expect(token).to receive(:revoke_previous_refresh_token!)
             Token.authenticate double, token
           end
 
-          it 'calls the finder if token was returned' do
-            token = ->(_r) { 'token' }
-            expect(AccessToken).to receive(:by_token).with('token')
+          it "calls the finder if token was returned" do
+            token = ->(_r) { "token" }
+            expect(AccessToken).to receive(:by_token).with("token")
             Token.authenticate double, token
           end
         end