doorkeeper 5.1.0.rc2 → 5.1.0

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.


This version of doorkeeper might be problematic. Click here for more details.

Files changed (208) hide show
  1. checksums.yaml +4 -4
  2. data/.hound.yml +2 -1
  3. data/.rubocop.yml +37 -4
  4. data/.travis.yml +4 -27
  5. data/Appraisals +8 -12
  6. data/Gemfile +6 -2
  7. data/NEWS.md +16 -0
  8. data/README.md +11 -2
  9. data/Rakefile +10 -8
  10. data/app/controllers/doorkeeper/application_controller.rb +1 -2
  11. data/app/controllers/doorkeeper/application_metal_controller.rb +2 -13
  12. data/app/controllers/doorkeeper/applications_controller.rb +17 -5
  13. data/app/controllers/doorkeeper/token_info_controller.rb +1 -1
  14. data/app/controllers/doorkeeper/tokens_controller.rb +7 -7
  15. data/app/helpers/doorkeeper/dashboard_helper.rb +1 -1
  16. data/app/validators/redirect_uri_validator.rb +5 -2
  17. data/app/views/doorkeeper/applications/_form.html.erb +6 -0
  18. data/bin/console +5 -4
  19. data/config/locales/en.yml +1 -0
  20. data/doorkeeper.gemspec +24 -22
  21. data/gemfiles/rails_5_0.gemfile +2 -1
  22. data/gemfiles/rails_5_1.gemfile +2 -1
  23. data/gemfiles/rails_5_2.gemfile +2 -1
  24. data/gemfiles/rails_6_0.gemfile +1 -0
  25. data/gemfiles/rails_master.gemfile +1 -0
  26. data/lib/doorkeeper.rb +68 -66
  27. data/lib/doorkeeper/config.rb +53 -90
  28. data/lib/doorkeeper/config/option.rb +64 -0
  29. data/lib/doorkeeper/engine.rb +1 -1
  30. data/lib/doorkeeper/grape/authorization_decorator.rb +4 -4
  31. data/lib/doorkeeper/grape/helpers.rb +3 -3
  32. data/lib/doorkeeper/helpers/controller.rb +1 -1
  33. data/lib/doorkeeper/models/access_grant_mixin.rb +4 -2
  34. data/lib/doorkeeper/models/access_token_mixin.rb +10 -10
  35. data/lib/doorkeeper/models/application_mixin.rb +1 -0
  36. data/lib/doorkeeper/models/concerns/expirable.rb +1 -0
  37. data/lib/doorkeeper/models/concerns/ownership.rb +1 -6
  38. data/lib/doorkeeper/models/concerns/revocable.rb +2 -1
  39. data/lib/doorkeeper/models/concerns/scopes.rb +1 -1
  40. data/lib/doorkeeper/models/concerns/secret_storable.rb +2 -0
  41. data/lib/doorkeeper/oauth.rb +5 -5
  42. data/lib/doorkeeper/oauth/authorization/code.rb +1 -1
  43. data/lib/doorkeeper/oauth/authorization/token.rb +9 -6
  44. data/lib/doorkeeper/oauth/authorization/uri_builder.rb +1 -1
  45. data/lib/doorkeeper/oauth/authorization_code_request.rb +5 -3
  46. data/lib/doorkeeper/oauth/client_credentials/validation.rb +1 -1
  47. data/lib/doorkeeper/oauth/client_credentials_request.rb +1 -1
  48. data/lib/doorkeeper/oauth/error_response.rb +5 -5
  49. data/lib/doorkeeper/oauth/forbidden_token_response.rb +1 -1
  50. data/lib/doorkeeper/oauth/helpers/scope_checker.rb +1 -1
  51. data/lib/doorkeeper/oauth/helpers/unique_token.rb +2 -1
  52. data/lib/doorkeeper/oauth/helpers/uri_checker.rb +6 -2
  53. data/lib/doorkeeper/oauth/invalid_token_response.rb +1 -1
  54. data/lib/doorkeeper/oauth/pre_authorization.rb +4 -3
  55. data/lib/doorkeeper/oauth/refresh_token_request.rb +1 -1
  56. data/lib/doorkeeper/oauth/scopes.rb +5 -3
  57. data/lib/doorkeeper/oauth/token.rb +2 -2
  58. data/lib/doorkeeper/oauth/token_introspection.rb +4 -4
  59. data/lib/doorkeeper/oauth/token_response.rb +9 -9
  60. data/lib/doorkeeper/orm/active_record.rb +6 -6
  61. data/lib/doorkeeper/orm/active_record/access_grant.rb +5 -12
  62. data/lib/doorkeeper/orm/active_record/access_token.rb +6 -13
  63. data/lib/doorkeeper/orm/active_record/application.rb +6 -5
  64. data/lib/doorkeeper/orm/active_record/stale_records_cleaner.rb +10 -3
  65. data/lib/doorkeeper/rails/helpers.rb +1 -1
  66. data/lib/doorkeeper/rails/routes.rb +11 -11
  67. data/lib/doorkeeper/rails/routes/mapping.rb +7 -7
  68. data/lib/doorkeeper/rake.rb +1 -1
  69. data/lib/doorkeeper/rake/db.rake +13 -13
  70. data/lib/doorkeeper/request.rb +1 -1
  71. data/lib/doorkeeper/secret_storing/base.rb +7 -6
  72. data/lib/doorkeeper/secret_storing/bcrypt.rb +4 -3
  73. data/lib/doorkeeper/secret_storing/plain.rb +4 -4
  74. data/lib/doorkeeper/secret_storing/sha256_hash.rb +3 -2
  75. data/lib/doorkeeper/stale_records_cleaner.rb +1 -1
  76. data/lib/doorkeeper/version.rb +2 -2
  77. data/lib/generators/doorkeeper/application_owner_generator.rb +10 -9
  78. data/lib/generators/doorkeeper/confidential_applications_generator.rb +10 -9
  79. data/lib/generators/doorkeeper/install_generator.rb +11 -9
  80. data/lib/generators/doorkeeper/migration_generator.rb +9 -9
  81. data/lib/generators/doorkeeper/pkce_generator.rb +10 -9
  82. data/lib/generators/doorkeeper/previous_refresh_token_generator.rb +10 -9
  83. data/lib/generators/doorkeeper/templates/initializer.rb +30 -5
  84. data/lib/generators/doorkeeper/templates/migration.rb.erb +15 -7
  85. data/lib/generators/doorkeeper/views_generator.rb +6 -4
  86. data/spec/controllers/application_metal_controller_spec.rb +10 -10
  87. data/spec/controllers/applications_controller_spec.rb +54 -52
  88. data/spec/controllers/authorizations_controller_spec.rb +136 -142
  89. data/spec/controllers/protected_resources_controller_spec.rb +78 -76
  90. data/spec/controllers/token_info_controller_spec.rb +13 -11
  91. data/spec/controllers/tokens_controller_spec.rb +109 -94
  92. data/spec/dummy/Rakefile +3 -1
  93. data/spec/dummy/app/controllers/application_controller.rb +2 -0
  94. data/spec/dummy/app/controllers/custom_authorizations_controller.rb +2 -0
  95. data/spec/dummy/app/controllers/full_protected_resources_controller.rb +4 -2
  96. data/spec/dummy/app/controllers/home_controller.rb +5 -3
  97. data/spec/dummy/app/controllers/metal_controller.rb +2 -0
  98. data/spec/dummy/app/controllers/semi_protected_resources_controller.rb +4 -2
  99. data/spec/dummy/app/helpers/application_helper.rb +2 -0
  100. data/spec/dummy/app/models/user.rb +2 -0
  101. data/spec/dummy/config.ru +3 -1
  102. data/spec/dummy/config/application.rb +13 -0
  103. data/spec/dummy/config/environments/development.rb +2 -0
  104. data/spec/dummy/config/environments/production.rb +2 -0
  105. data/spec/dummy/config/environments/test.rb +3 -1
  106. data/spec/dummy/config/initializers/backtrace_silencers.rb +2 -0
  107. data/spec/dummy/config/initializers/doorkeeper.rb +5 -2
  108. data/spec/dummy/config/initializers/secret_token.rb +3 -1
  109. data/spec/dummy/config/initializers/session_store.rb +3 -1
  110. data/spec/dummy/config/initializers/wrap_parameters.rb +2 -0
  111. data/spec/dummy/db/migrate/20151223192035_create_doorkeeper_tables.rb +17 -10
  112. data/spec/dummy/db/migrate/20170822064514_enable_pkce.rb +2 -0
  113. data/spec/dummy/db/schema.rb +1 -1
  114. data/spec/dummy/script/rails +5 -3
  115. data/spec/factories.rb +5 -3
  116. data/spec/generators/application_owner_generator_spec.rb +13 -26
  117. data/spec/generators/confidential_applications_generator_spec.rb +12 -28
  118. data/spec/generators/install_generator_spec.rb +17 -15
  119. data/spec/generators/migration_generator_spec.rb +13 -26
  120. data/spec/generators/pkce_generator_spec.rb +11 -26
  121. data/spec/generators/previous_refresh_token_generator_spec.rb +16 -29
  122. data/spec/generators/templates/routes.rb +2 -0
  123. data/spec/generators/views_generator_spec.rb +14 -12
  124. data/spec/grape/grape_integration_spec.rb +34 -32
  125. data/spec/helpers/doorkeeper/dashboard_helper_spec.rb +9 -7
  126. data/spec/lib/config_spec.rb +137 -136
  127. data/spec/lib/doorkeeper_spec.rb +3 -1
  128. data/spec/lib/models/expirable_spec.rb +12 -10
  129. data/spec/lib/models/reusable_spec.rb +6 -6
  130. data/spec/lib/models/revocable_spec.rb +8 -6
  131. data/spec/lib/models/scopes_spec.rb +19 -17
  132. data/spec/lib/models/secret_storable_spec.rb +71 -49
  133. data/spec/lib/oauth/authorization/uri_builder_spec.rb +17 -15
  134. data/spec/lib/oauth/authorization_code_request_spec.rb +18 -12
  135. data/spec/lib/oauth/base_request_spec.rb +20 -8
  136. data/spec/lib/oauth/base_response_spec.rb +3 -1
  137. data/spec/lib/oauth/client/credentials_spec.rb +24 -22
  138. data/spec/lib/oauth/client_credentials/creator_spec.rb +13 -11
  139. data/spec/lib/oauth/client_credentials/issuer_spec.rb +27 -18
  140. data/spec/lib/oauth/client_credentials/validation_spec.rb +17 -15
  141. data/spec/lib/oauth/client_credentials_integration_spec.rb +7 -5
  142. data/spec/lib/oauth/client_credentials_request_spec.rb +27 -21
  143. data/spec/lib/oauth/client_spec.rb +15 -13
  144. data/spec/lib/oauth/code_request_spec.rb +8 -6
  145. data/spec/lib/oauth/code_response_spec.rb +9 -7
  146. data/spec/lib/oauth/error_response_spec.rb +14 -12
  147. data/spec/lib/oauth/error_spec.rb +4 -2
  148. data/spec/lib/oauth/forbidden_token_response_spec.rb +7 -5
  149. data/spec/lib/oauth/helpers/scope_checker_spec.rb +35 -33
  150. data/spec/lib/oauth/helpers/unique_token_spec.rb +8 -6
  151. data/spec/lib/oauth/helpers/uri_checker_spec.rb +103 -101
  152. data/spec/lib/oauth/invalid_token_response_spec.rb +3 -1
  153. data/spec/lib/oauth/password_access_token_request_spec.rb +52 -34
  154. data/spec/lib/oauth/pre_authorization_spec.rb +64 -62
  155. data/spec/lib/oauth/refresh_token_request_spec.rb +36 -33
  156. data/spec/lib/oauth/scopes_spec.rb +63 -61
  157. data/spec/lib/oauth/token_request_spec.rb +66 -26
  158. data/spec/lib/oauth/token_response_spec.rb +39 -37
  159. data/spec/lib/oauth/token_spec.rb +51 -49
  160. data/spec/lib/request/strategy_spec.rb +3 -1
  161. data/spec/lib/secret_storing/base_spec.rb +23 -23
  162. data/spec/lib/secret_storing/bcrypt_spec.rb +18 -18
  163. data/spec/lib/secret_storing/plain_spec.rb +17 -17
  164. data/spec/lib/secret_storing/sha256_hash_spec.rb +16 -16
  165. data/spec/lib/server_spec.rb +16 -14
  166. data/spec/lib/stale_records_cleaner_spec.rb +17 -17
  167. data/spec/models/doorkeeper/access_grant_spec.rb +30 -26
  168. data/spec/models/doorkeeper/access_token_spec.rb +97 -95
  169. data/spec/models/doorkeeper/application_spec.rb +98 -57
  170. data/spec/requests/applications/applications_request_spec.rb +98 -66
  171. data/spec/requests/applications/authorized_applications_spec.rb +20 -18
  172. data/spec/requests/endpoints/authorization_spec.rb +25 -23
  173. data/spec/requests/endpoints/token_spec.rb +38 -36
  174. data/spec/requests/flows/authorization_code_errors_spec.rb +26 -24
  175. data/spec/requests/flows/authorization_code_spec.rb +161 -159
  176. data/spec/requests/flows/client_credentials_spec.rb +53 -51
  177. data/spec/requests/flows/implicit_grant_errors_spec.rb +10 -8
  178. data/spec/requests/flows/implicit_grant_spec.rb +27 -25
  179. data/spec/requests/flows/password_spec.rb +56 -54
  180. data/spec/requests/flows/refresh_token_spec.rb +45 -43
  181. data/spec/requests/flows/revoke_token_spec.rb +29 -27
  182. data/spec/requests/flows/skip_authorization_spec.rb +23 -21
  183. data/spec/requests/protected_resources/metal_spec.rb +7 -5
  184. data/spec/requests/protected_resources/private_api_spec.rb +35 -33
  185. data/spec/routing/custom_controller_routes_spec.rb +67 -65
  186. data/spec/routing/default_routes_spec.rb +22 -20
  187. data/spec/routing/scoped_routes_spec.rb +20 -18
  188. data/spec/spec_helper.rb +14 -13
  189. data/spec/spec_helper_integration.rb +3 -1
  190. data/spec/support/dependencies/factory_bot.rb +3 -1
  191. data/spec/support/doorkeeper_rspec.rb +3 -1
  192. data/spec/support/helpers/access_token_request_helper.rb +3 -1
  193. data/spec/support/helpers/authorization_request_helper.rb +4 -2
  194. data/spec/support/helpers/config_helper.rb +2 -0
  195. data/spec/support/helpers/model_helper.rb +3 -1
  196. data/spec/support/helpers/request_spec_helper.rb +5 -3
  197. data/spec/support/helpers/url_helper.rb +9 -7
  198. data/spec/support/http_method_shim.rb +4 -9
  199. data/spec/support/orm/active_record.rb +3 -1
  200. data/spec/support/shared/controllers_shared_context.rb +18 -16
  201. data/spec/support/shared/hashing_shared_context.rb +3 -3
  202. data/spec/support/shared/models_shared_examples.rb +12 -10
  203. data/spec/validators/redirect_uri_validator_spec.rb +74 -45
  204. data/spec/version/version_spec.rb +7 -5
  205. metadata +12 -16
  206. data/gemfiles/rails_4_2.gemfile +0 -17
  207. data/spec/dummy/config/initializers/new_framework_defaults.rb +0 -8
  208. data/spec/support/ruby_2_6_rails_4_2_patch.rb +0 -14
@@ -33,7 +33,7 @@ module Doorkeeper
33
33
  end
34
34
 
35
35
  def build_strategy_class(grant_or_request_type)
36
- strategy_class_name = grant_or_request_type.to_s.tr(' ', '_').camelize
36
+ strategy_class_name = grant_or_request_type.to_s.tr(" ", "_").camelize
37
37
  "Doorkeeper::Request::#{strategy_class_name}".constantize
38
38
  end
39
39
  end
@@ -1,6 +1,7 @@
1
+ # frozen_string_literal: true
2
+
1
3
  module Doorkeeper
2
4
  module SecretStoring
3
-
4
5
  ##
5
6
  # Base class for secret storing, including common helpers
6
7
  class Base
@@ -8,7 +9,7 @@ module Doorkeeper
8
9
  # Return the value to be stored by the database
9
10
  # used for looking up a database value.
10
11
  # @param plain_secret The plain secret input / generated
11
- def self.transform_secret(plain_secret)
12
+ def self.transform_secret(_plain_secret)
12
13
  raise NotImplementedError
13
14
  end
14
15
 
@@ -19,8 +20,8 @@ module Doorkeeper
19
20
  # @param attribute The secret attribute
20
21
  # @param plain_secret The plain secret input / generated
21
22
  def self.store_secret(resource, attribute, plain_secret)
22
- transformed_value = self.transform_secret plain_secret
23
- resource.public_send :"#{attribute}=", transformed_value
23
+ transformed_value = transform_secret(plain_secret)
24
+ resource.public_send(:"#{attribute}=", transformed_value)
24
25
 
25
26
  transformed_value
26
27
  end
@@ -30,7 +31,7 @@ module Doorkeeper
30
31
  # @param resource The resource instance to act on
31
32
  # @param attribute The secret attribute to restore
32
33
  # as retrieved from the database.
33
- def self.restore_secret(resource, attribute)
34
+ def self.restore_secret(_resource, _attribute)
34
35
  raise NotImplementedError
35
36
  end
36
37
 
@@ -60,4 +61,4 @@ module Doorkeeper
60
61
  end
61
62
  end
62
63
  end
63
- end
64
+ end
@@ -1,6 +1,7 @@
1
+ # frozen_string_literal: true
2
+
1
3
  module Doorkeeper
2
4
  module SecretStoring
3
-
4
5
  ##
5
6
  # Plain text secret storing, which is the default
6
7
  # but also provides fallback lookup if
@@ -49,11 +50,11 @@ module Doorkeeper
49
50
  ##
50
51
  # Test if we can require the BCrypt gem
51
52
  def self.bcrypt_present?
52
- require 'bcrypt'
53
+ require "bcrypt"
53
54
  true
54
55
  rescue LoadError
55
56
  false
56
57
  end
57
58
  end
58
59
  end
59
- end
60
+ end
@@ -1,12 +1,12 @@
1
+ # frozen_string_literal: true
2
+
1
3
  module Doorkeeper
2
4
  module SecretStoring
3
-
4
5
  ##
5
6
  # Plain text secret storing, which is the default
6
7
  # but also provides fallback lookup if
7
8
  # other secret storing mechanisms are enabled.
8
9
  class Plain < Base
9
-
10
10
  ##
11
11
  # Return the value to be stored by the database
12
12
  # @param plain_secret The plain secret input / generated
@@ -20,7 +20,7 @@ module Doorkeeper
20
20
  # @param attribute The secret attribute to restore
21
21
  # as retrieved from the database.
22
22
  def self.restore_secret(resource, attribute)
23
- resource.public_send attribute
23
+ resource.public_send(attribute)
24
24
  end
25
25
 
26
26
  ##
@@ -30,4 +30,4 @@ module Doorkeeper
30
30
  end
31
31
  end
32
32
  end
33
- end
33
+ end
@@ -1,6 +1,7 @@
1
+ # frozen_string_literal: true
2
+
1
3
  module Doorkeeper
2
4
  module SecretStoring
3
-
4
5
  ##
5
6
  # Plain text secret storing, which is the default
6
7
  # but also provides fallback lookup if
@@ -22,4 +23,4 @@ module Doorkeeper
22
23
  end
23
24
  end
24
25
  end
25
- end
26
+ end
@@ -2,7 +2,7 @@
2
2
 
3
3
  module Doorkeeper
4
4
  class StaleRecordsCleaner
5
- CLEANER_CLASS = 'StaleRecordsCleaner'.freeze
5
+ CLEANER_CLASS = "StaleRecordsCleaner"
6
6
 
7
7
  def self.for(base_scope)
8
8
  orm_adapter = "doorkeeper/orm/#{Doorkeeper.configuration.orm}".classify
@@ -10,9 +10,9 @@ module Doorkeeper
10
10
  MAJOR = 5
11
11
  MINOR = 1
12
12
  TINY = 0
13
- PRE = 'rc2'
13
+ PRE = nil
14
14
 
15
15
  # Full version number
16
- STRING = [MAJOR, MINOR, TINY, PRE].compact.join('.')
16
+ STRING = [MAJOR, MINOR, TINY, PRE].compact.join(".")
17
17
  end
18
18
  end
@@ -1,18 +1,21 @@
1
1
  # frozen_string_literal: true
2
2
 
3
- require 'rails/generators'
4
- require 'rails/generators/active_record'
3
+ require "rails/generators"
4
+ require "rails/generators/active_record"
5
5
 
6
6
  module Doorkeeper
7
+ # Generates migration to add reference to owner of the
8
+ # Doorkeeper application.
9
+ #
7
10
  class ApplicationOwnerGenerator < ::Rails::Generators::Base
8
11
  include ::Rails::Generators::Migration
9
- source_root File.expand_path('templates', __dir__)
10
- desc 'Provide support for client application ownership.'
12
+ source_root File.expand_path("templates", __dir__)
13
+ desc "Provide support for client application ownership."
11
14
 
12
15
  def application_owner
13
16
  migration_template(
14
- 'add_owner_to_application_migration.rb.erb',
15
- 'db/migrate/add_owner_to_application.rb',
17
+ "add_owner_to_application_migration.rb.erb",
18
+ "db/migrate/add_owner_to_application.rb",
16
19
  migration_version: migration_version
17
20
  )
18
21
  end
@@ -24,9 +27,7 @@ module Doorkeeper
24
27
  private
25
28
 
26
29
  def migration_version
27
- if ActiveRecord::VERSION::MAJOR >= 5
28
- "[#{ActiveRecord::VERSION::MAJOR}.#{ActiveRecord::VERSION::MINOR}]"
29
- end
30
+ "[#{ActiveRecord::VERSION::MAJOR}.#{ActiveRecord::VERSION::MINOR}]"
30
31
  end
31
32
  end
32
33
  end
@@ -1,18 +1,21 @@
1
1
  # frozen_string_literal: true
2
2
 
3
- require 'rails/generators'
4
- require 'rails/generators/active_record'
3
+ require "rails/generators"
4
+ require "rails/generators/active_record"
5
5
 
6
6
  module Doorkeeper
7
+ # Generates migration to add confidential column to Doorkeeper
8
+ # applications table.
9
+ #
7
10
  class ConfidentialApplicationsGenerator < ::Rails::Generators::Base
8
11
  include ::Rails::Generators::Migration
9
- source_root File.expand_path('templates', __dir__)
10
- desc 'Add confidential column to Doorkeeper applications'
12
+ source_root File.expand_path("templates", __dir__)
13
+ desc "Add confidential column to Doorkeeper applications"
11
14
 
12
15
  def pkce
13
16
  migration_template(
14
- 'add_confidential_to_applications.rb.erb',
15
- 'db/migrate/add_confidential_to_applications.rb',
17
+ "add_confidential_to_applications.rb.erb",
18
+ "db/migrate/add_confidential_to_applications.rb",
16
19
  migration_version: migration_version
17
20
  )
18
21
  end
@@ -24,9 +27,7 @@ module Doorkeeper
24
27
  private
25
28
 
26
29
  def migration_version
27
- if ActiveRecord::VERSION::MAJOR >= 5
28
- "[#{ActiveRecord::VERSION::MAJOR}.#{ActiveRecord::VERSION::MINOR}]"
29
- end
30
+ "[#{ActiveRecord::VERSION::MAJOR}.#{ActiveRecord::VERSION::MINOR}]"
30
31
  end
31
32
  end
32
33
  end
@@ -1,20 +1,22 @@
1
1
  # frozen_string_literal: true
2
2
 
3
- require 'rails/generators'
4
- require 'rails/generators/active_record'
3
+ require "rails/generators"
4
+ require "rails/generators/active_record"
5
5
 
6
6
  module Doorkeeper
7
+ # Setup doorkeeper into Rails application: locales, routes, etc.
8
+ #
7
9
  class InstallGenerator < ::Rails::Generators::Base
8
10
  include ::Rails::Generators::Migration
9
- source_root File.expand_path('templates', __dir__)
10
- desc 'Installs Doorkeeper.'
11
+ source_root File.expand_path("templates", __dir__)
12
+ desc "Installs Doorkeeper."
11
13
 
12
14
  def install
13
- template 'initializer.rb', 'config/initializers/doorkeeper.rb'
14
- copy_file File.expand_path('../../../config/locales/en.yml', __dir__),
15
- 'config/locales/doorkeeper.en.yml'
16
- route 'use_doorkeeper'
17
- readme 'README'
15
+ template "initializer.rb", "config/initializers/doorkeeper.rb"
16
+ copy_file File.expand_path("../../../config/locales/en.yml", __dir__),
17
+ "config/locales/doorkeeper.en.yml"
18
+ route "use_doorkeeper"
19
+ readme "README"
18
20
  end
19
21
  end
20
22
  end
@@ -1,18 +1,20 @@
1
1
  # frozen_string_literal: true
2
2
 
3
- require 'rails/generators'
4
- require 'rails/generators/active_record'
3
+ require "rails/generators"
4
+ require "rails/generators/active_record"
5
5
 
6
6
  module Doorkeeper
7
+ # Copies main Doorkeeper migration into parent Rails application.
8
+ #
7
9
  class MigrationGenerator < ::Rails::Generators::Base
8
10
  include ::Rails::Generators::Migration
9
- source_root File.expand_path('templates', __dir__)
10
- desc 'Installs Doorkeeper migration file.'
11
+ source_root File.expand_path("templates", __dir__)
12
+ desc "Installs Doorkeeper migration file."
11
13
 
12
14
  def install
13
15
  migration_template(
14
- 'migration.rb.erb',
15
- 'db/migrate/create_doorkeeper_tables.rb',
16
+ "migration.rb.erb",
17
+ "db/migrate/create_doorkeeper_tables.rb",
16
18
  migration_version: migration_version
17
19
  )
18
20
  end
@@ -24,9 +26,7 @@ module Doorkeeper
24
26
  private
25
27
 
26
28
  def migration_version
27
- if ActiveRecord::VERSION::MAJOR >= 5
28
- "[#{ActiveRecord::VERSION::MAJOR}.#{ActiveRecord::VERSION::MINOR}]"
29
- end
29
+ "[#{ActiveRecord::VERSION::MAJOR}.#{ActiveRecord::VERSION::MINOR}]"
30
30
  end
31
31
  end
32
32
  end
@@ -1,18 +1,21 @@
1
1
  # frozen_string_literal: true
2
2
 
3
- require 'rails/generators'
4
- require 'rails/generators/active_record'
3
+ require "rails/generators"
4
+ require "rails/generators/active_record"
5
5
 
6
6
  module Doorkeeper
7
+ # Generates migration with PKCE required database columns for
8
+ # Doorkeeper tables.
9
+ #
7
10
  class PkceGenerator < ::Rails::Generators::Base
8
11
  include ::Rails::Generators::Migration
9
- source_root File.expand_path('templates', __dir__)
10
- desc 'Provide support for PKCE.'
12
+ source_root File.expand_path("templates", __dir__)
13
+ desc "Provide support for PKCE."
11
14
 
12
15
  def pkce
13
16
  migration_template(
14
- 'enable_pkce_migration.rb.erb',
15
- 'db/migrate/enable_pkce.rb',
17
+ "enable_pkce_migration.rb.erb",
18
+ "db/migrate/enable_pkce.rb",
16
19
  migration_version: migration_version
17
20
  )
18
21
  end
@@ -24,9 +27,7 @@ module Doorkeeper
24
27
  private
25
28
 
26
29
  def migration_version
27
- if ActiveRecord::VERSION::MAJOR >= 5
28
- "[#{ActiveRecord::VERSION::MAJOR}.#{ActiveRecord::VERSION::MINOR}]"
29
- end
30
+ "[#{ActiveRecord::VERSION::MAJOR}.#{ActiveRecord::VERSION::MINOR}]"
30
31
  end
31
32
  end
32
33
  end
@@ -1,13 +1,16 @@
1
1
  # frozen_string_literal: true
2
2
 
3
- require 'rails/generators'
4
- require 'rails/generators/active_record'
3
+ require "rails/generators"
4
+ require "rails/generators/active_record"
5
5
 
6
6
  module Doorkeeper
7
+ # Generates migration to add previous refresh token column to the
8
+ # database for Doorkeeper tables.
9
+ #
7
10
  class PreviousRefreshTokenGenerator < ::Rails::Generators::Base
8
11
  include ::Rails::Generators::Migration
9
- source_root File.expand_path('templates', __dir__)
10
- desc 'Support revoke refresh token on access token use'
12
+ source_root File.expand_path("templates", __dir__)
13
+ desc "Support revoke refresh token on access token use"
11
14
 
12
15
  def self.next_migration_number(path)
13
16
  ActiveRecord::Generators::Base.next_migration_number(path)
@@ -16,8 +19,8 @@ module Doorkeeper
16
19
  def previous_refresh_token
17
20
  if no_previous_refresh_token_column?
18
21
  migration_template(
19
- 'add_previous_refresh_token_to_access_tokens.rb.erb',
20
- 'db/migrate/add_previous_refresh_token_to_access_tokens.rb'
22
+ "add_previous_refresh_token_to_access_tokens.rb.erb",
23
+ "db/migrate/add_previous_refresh_token_to_access_tokens.rb"
21
24
  )
22
25
  end
23
26
  end
@@ -25,9 +28,7 @@ module Doorkeeper
25
28
  private
26
29
 
27
30
  def migration_version
28
- if ActiveRecord::VERSION::MAJOR >= 5
29
- "[#{ActiveRecord::VERSION::MAJOR}.#{ActiveRecord::VERSION::MINOR}]"
30
- end
31
+ "[#{ActiveRecord::VERSION::MAJOR}.#{ActiveRecord::VERSION::MINOR}]"
31
32
  end
32
33
 
33
34
  def no_previous_refresh_token_column?
@@ -1,3 +1,5 @@
1
+ # frozen_string_literal: true
2
+
1
3
  Doorkeeper.configure do
2
4
  # Change the ORM that doorkeeper will use (needs plugins)
3
5
  orm :active_record
@@ -47,7 +49,12 @@ Doorkeeper.configure do
47
49
  # access_token_expires_in 2.hours
48
50
 
49
51
  # Assign custom TTL for access tokens. Will be used instead of access_token_expires_in
50
- # option if defined. `context` has the following properties available
52
+ # option if defined. In case the block returns `nil` value Doorkeeper fallbacks to
53
+ # `access_token_expires_in` configuration option value. If you really need to issue a
54
+ # non-expiring access token (which is not recommended) then you need to return
55
+ # Float::INFINITY from this block.
56
+ #
57
+ # `context` has the following properties available:
51
58
  #
52
59
  # `client` - the OAuth client application (see Doorkeeper::OAuth::Client)
53
60
  # `grant_type` - the grant type of the request (see Doorkeeper::OAuth)
@@ -146,7 +153,8 @@ Doorkeeper.configure do
146
153
  # Provide support for an owner to be assigned to each registered application (disabled by default)
147
154
  # Optional parameter confirmation: true (default false) if you want to enforce ownership of
148
155
  # a registered application
149
- # Note: you must also run the rails g doorkeeper:application_owner generator to provide the necessary support
156
+ # NOTE: you must also run the rails g doorkeeper:application_owner generator
157
+ # to provide the necessary support
150
158
  #
151
159
  # enable_application_owner confirmation: false
152
160
 
@@ -189,9 +197,10 @@ Doorkeeper.configure do
189
197
  # access_token_methods :from_bearer_authorization, :from_access_token_param, :from_bearer_param
190
198
 
191
199
  # Change the native redirect uri for client apps
192
- # When clients register with the following redirect uri, they won't be redirected to any server and
193
- # the authorizationcode will be displayed within the provider
194
- # The value can be any string. Use nil to disable this feature. When disabled, clients must provide a valid URL
200
+ # When clients register with the following redirect uri, they won't be redirected to
201
+ # any server and the authorizationcode will be displayed within the provider
202
+ # The value can be any string. Use nil to disable this feature. When disabled, clients
203
+ # must providea valid URL
195
204
  # (Similar behaviour: https://developers.google.com/accounts/docs/OAuth2InstalledApp#choosingredirecturi)
196
205
  #
197
206
  # native_redirect_uri 'urn:ietf:wg:oauth:2.0:oob'
@@ -216,6 +225,22 @@ Doorkeeper.configure do
216
225
  #
217
226
  # forbid_redirect_uri { |uri| uri.scheme.to_s.downcase == 'javascript' }
218
227
 
228
+ # Allows to set blank redirect URIs for Applications in case Doorkeeper configured
229
+ # to use URI-less OAuth grant flows like Client Credentials or Resource Owner
230
+ # Password Credentials. The option is on by default and checks configured grant
231
+ # types, but you **need** to manually drop `NOT NULL` constraint from `redirect_uri`
232
+ # column for `oauth_applications` database table.
233
+ #
234
+ # You can completely disable this feature with:
235
+ #
236
+ # allow_blank_redirect_uri false
237
+ #
238
+ # Or you can define your custom check:
239
+ #
240
+ # allow_blank_redirect_uri do |grant_flows, client|
241
+ # client.superapp?
242
+ # end
243
+
219
244
  # Specify how authorization errors should be handled.
220
245
  # By default, doorkeeper renders json errors when access token
221
246
  # is invalid, expired, revoked or has invalid scopes.
@@ -1,9 +1,13 @@
1
1
  class CreateDoorkeeperTables < ActiveRecord::Migration<%= migration_version %>
2
2
  def change
3
3
  create_table :oauth_applications do |t|
4
- t.string :name, null: false
5
- t.string :uid, null: false
6
- t.string :secret, null: false
4
+ t.string :name, null: false
5
+ t.string :uid, null: false
6
+ t.string :secret, null: false
7
+
8
+ # Remove `null: false` if you are planning to use grant flows
9
+ # that doesn't require redirect URI to be used during authorization
10
+ # like Client Credentials flow or Resource Owner Password.
7
11
  t.text :redirect_uri, null: false
8
12
  t.string :scopes, null: false, default: ''
9
13
  t.boolean :confidential, null: false, default: true
@@ -32,20 +36,20 @@ class CreateDoorkeeperTables < ActiveRecord::Migration<%= migration_version %>
32
36
 
33
37
  create_table :oauth_access_tokens do |t|
34
38
  t.references :resource_owner, index: true
35
- t.references :application
39
+ t.references :application, null: false
36
40
 
37
41
  # If you use a custom token generator you may need to change this column
38
42
  # from string to text, so that it accepts tokens larger than 255
39
43
  # characters. More info on custom token generators in:
40
44
  # https://github.com/doorkeeper-gem/doorkeeper/tree/v3.0.0.rc1#custom-access-token-generator
41
45
  #
42
- # t.text :token, null: false
43
- t.string :token, null: false
46
+ # t.text :token, null: false
47
+ t.string :token, null: false
44
48
 
45
49
  t.string :refresh_token
46
50
  t.integer :expires_in
47
51
  t.datetime :revoked_at
48
- t.datetime :created_at, null: false
52
+ t.datetime :created_at, null: false
49
53
  t.string :scopes
50
54
 
51
55
  # If there is a previous_refresh_token column,
@@ -64,5 +68,9 @@ class CreateDoorkeeperTables < ActiveRecord::Migration<%= migration_version %>
64
68
  :oauth_applications,
65
69
  column: :application_id
66
70
  )
71
+
72
+ # Uncomment below to ensure a valid reference to the resource owner's table
73
+ # add_foreign_key :oauth_access_grants, <model>, column: :resource_owner_id
74
+ # add_foreign_key :oauth_access_tokens, <model>, column: :resource_owner_id
67
75
  end
68
76
  end