doorkeeper 5.1.0 → 5.5.0

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.


This version of doorkeeper might be problematic. Click here for more details.

Files changed (265) hide show
  1. checksums.yaml +4 -4
  2. data/{NEWS.md → CHANGELOG.md} +234 -25
  3. data/README.md +21 -11
  4. data/app/controllers/doorkeeper/application_controller.rb +2 -2
  5. data/app/controllers/doorkeeper/application_metal_controller.rb +3 -2
  6. data/app/controllers/doorkeeper/applications_controller.rb +8 -7
  7. data/app/controllers/doorkeeper/authorizations_controller.rb +56 -19
  8. data/app/controllers/doorkeeper/authorized_applications_controller.rb +5 -5
  9. data/app/controllers/doorkeeper/token_info_controller.rb +12 -2
  10. data/app/controllers/doorkeeper/tokens_controller.rb +93 -25
  11. data/app/views/doorkeeper/applications/_form.html.erb +1 -7
  12. data/app/views/doorkeeper/applications/show.html.erb +35 -14
  13. data/app/views/doorkeeper/authorizations/form_post.html.erb +11 -0
  14. data/config/locales/en.yml +13 -3
  15. data/lib/doorkeeper/config/abstract_builder.rb +28 -0
  16. data/lib/doorkeeper/config/option.rb +20 -2
  17. data/lib/doorkeeper/config/validations.rb +53 -0
  18. data/lib/doorkeeper/config.rb +291 -121
  19. data/lib/doorkeeper/engine.rb +1 -1
  20. data/lib/doorkeeper/errors.rb +13 -18
  21. data/lib/doorkeeper/grant_flow/fallback_flow.rb +15 -0
  22. data/lib/doorkeeper/grant_flow/flow.rb +44 -0
  23. data/lib/doorkeeper/grant_flow/registry.rb +50 -0
  24. data/lib/doorkeeper/grant_flow.rb +45 -0
  25. data/lib/doorkeeper/grape/helpers.rb +7 -3
  26. data/lib/doorkeeper/helpers/controller.rb +36 -11
  27. data/lib/doorkeeper/models/access_grant_mixin.rb +22 -18
  28. data/lib/doorkeeper/models/access_token_mixin.rb +194 -51
  29. data/lib/doorkeeper/models/application_mixin.rb +8 -7
  30. data/lib/doorkeeper/models/concerns/ownership.rb +1 -1
  31. data/lib/doorkeeper/models/concerns/resource_ownerable.rb +47 -0
  32. data/lib/doorkeeper/models/concerns/reusable.rb +1 -1
  33. data/lib/doorkeeper/models/concerns/revocable.rb +1 -28
  34. data/lib/doorkeeper/models/concerns/scopes.rb +5 -1
  35. data/lib/doorkeeper/models/concerns/secret_storable.rb +1 -3
  36. data/lib/doorkeeper/oauth/authorization/code.rb +25 -14
  37. data/lib/doorkeeper/oauth/authorization/context.rb +5 -5
  38. data/lib/doorkeeper/oauth/authorization/token.rb +24 -19
  39. data/lib/doorkeeper/oauth/authorization/uri_builder.rb +4 -4
  40. data/lib/doorkeeper/oauth/authorization_code_request.rb +40 -21
  41. data/lib/doorkeeper/oauth/base_request.rb +21 -23
  42. data/lib/doorkeeper/oauth/client/credentials.rb +2 -4
  43. data/lib/doorkeeper/oauth/client.rb +8 -9
  44. data/lib/doorkeeper/oauth/client_credentials/creator.rb +45 -5
  45. data/lib/doorkeeper/oauth/client_credentials/issuer.rb +10 -8
  46. data/lib/doorkeeper/oauth/client_credentials/{validation.rb → validator.rb} +13 -3
  47. data/lib/doorkeeper/oauth/client_credentials_request.rb +8 -7
  48. data/lib/doorkeeper/oauth/code_request.rb +6 -12
  49. data/lib/doorkeeper/oauth/code_response.rb +24 -14
  50. data/lib/doorkeeper/oauth/error.rb +1 -1
  51. data/lib/doorkeeper/oauth/error_response.rb +10 -11
  52. data/lib/doorkeeper/oauth/helpers/scope_checker.rb +8 -12
  53. data/lib/doorkeeper/oauth/helpers/unique_token.rb +8 -5
  54. data/lib/doorkeeper/oauth/helpers/uri_checker.rb +19 -5
  55. data/lib/doorkeeper/oauth/hooks/context.rb +21 -0
  56. data/lib/doorkeeper/oauth/invalid_request_response.rb +43 -0
  57. data/lib/doorkeeper/oauth/invalid_token_response.rb +7 -4
  58. data/lib/doorkeeper/oauth/nonstandard.rb +39 -0
  59. data/lib/doorkeeper/oauth/password_access_token_request.rb +32 -10
  60. data/lib/doorkeeper/oauth/pre_authorization.rb +111 -42
  61. data/lib/doorkeeper/oauth/refresh_token_request.rb +45 -33
  62. data/lib/doorkeeper/oauth/token.rb +6 -7
  63. data/lib/doorkeeper/oauth/token_introspection.rb +24 -18
  64. data/lib/doorkeeper/oauth/token_request.rb +6 -20
  65. data/lib/doorkeeper/oauth/token_response.rb +1 -1
  66. data/lib/doorkeeper/orm/active_record/access_grant.rb +4 -43
  67. data/lib/doorkeeper/orm/active_record/access_token.rb +4 -35
  68. data/lib/doorkeeper/orm/active_record/application.rb +5 -83
  69. data/lib/doorkeeper/orm/active_record/mixins/access_grant.rb +68 -0
  70. data/lib/doorkeeper/orm/active_record/mixins/access_token.rb +59 -0
  71. data/lib/doorkeeper/orm/active_record/mixins/application.rb +198 -0
  72. data/lib/doorkeeper/orm/active_record/redirect_uri_validator.rb +66 -0
  73. data/lib/doorkeeper/orm/active_record.rb +20 -6
  74. data/lib/doorkeeper/rails/helpers.rb +4 -4
  75. data/lib/doorkeeper/rails/routes/abstract_router.rb +35 -0
  76. data/lib/doorkeeper/rails/routes/mapper.rb +2 -2
  77. data/lib/doorkeeper/rails/routes/registry.rb +45 -0
  78. data/lib/doorkeeper/rails/routes.rb +17 -25
  79. data/lib/doorkeeper/rake/db.rake +6 -6
  80. data/lib/doorkeeper/rake/setup.rake +5 -0
  81. data/lib/doorkeeper/request/authorization_code.rb +5 -3
  82. data/lib/doorkeeper/request/client_credentials.rb +2 -2
  83. data/lib/doorkeeper/request/password.rb +2 -2
  84. data/lib/doorkeeper/request/refresh_token.rb +5 -4
  85. data/lib/doorkeeper/request/strategy.rb +2 -2
  86. data/lib/doorkeeper/request.rb +49 -17
  87. data/lib/doorkeeper/server.rb +7 -11
  88. data/lib/doorkeeper/stale_records_cleaner.rb +6 -2
  89. data/lib/doorkeeper/version.rb +1 -5
  90. data/lib/doorkeeper.rb +114 -79
  91. data/lib/generators/doorkeeper/application_owner_generator.rb +1 -1
  92. data/lib/generators/doorkeeper/confidential_applications_generator.rb +2 -2
  93. data/lib/generators/doorkeeper/enable_polymorphic_resource_owner_generator.rb +39 -0
  94. data/lib/generators/doorkeeper/migration_generator.rb +1 -1
  95. data/lib/generators/doorkeeper/pkce_generator.rb +1 -1
  96. data/lib/generators/doorkeeper/previous_refresh_token_generator.rb +7 -7
  97. data/lib/generators/doorkeeper/templates/add_owner_to_application_migration.rb.erb +3 -1
  98. data/lib/generators/doorkeeper/templates/add_previous_refresh_token_to_access_tokens.rb.erb +2 -0
  99. data/lib/generators/doorkeeper/templates/enable_pkce_migration.rb.erb +2 -0
  100. data/lib/generators/doorkeeper/templates/enable_polymorphic_resource_owner_migration.rb.erb +17 -0
  101. data/lib/generators/doorkeeper/templates/initializer.rb +205 -43
  102. data/lib/generators/doorkeeper/templates/migration.rb.erb +18 -6
  103. metadata +43 -310
  104. data/.coveralls.yml +0 -1
  105. data/.github/ISSUE_TEMPLATE.md +0 -25
  106. data/.github/PULL_REQUEST_TEMPLATE.md +0 -17
  107. data/.gitignore +0 -20
  108. data/.gitlab-ci.yml +0 -16
  109. data/.hound.yml +0 -3
  110. data/.rspec +0 -1
  111. data/.rubocop.yml +0 -50
  112. data/.travis.yml +0 -35
  113. data/Appraisals +0 -40
  114. data/CODE_OF_CONDUCT.md +0 -46
  115. data/CONTRIBUTING.md +0 -47
  116. data/Dangerfile +0 -67
  117. data/Gemfile +0 -24
  118. data/RELEASING.md +0 -10
  119. data/Rakefile +0 -28
  120. data/SECURITY.md +0 -15
  121. data/UPGRADE.md +0 -2
  122. data/app/validators/redirect_uri_validator.rb +0 -50
  123. data/bin/console +0 -16
  124. data/doorkeeper.gemspec +0 -34
  125. data/gemfiles/rails_5_0.gemfile +0 -17
  126. data/gemfiles/rails_5_1.gemfile +0 -17
  127. data/gemfiles/rails_5_2.gemfile +0 -17
  128. data/gemfiles/rails_6_0.gemfile +0 -17
  129. data/gemfiles/rails_master.gemfile +0 -17
  130. data/spec/controllers/application_metal_controller_spec.rb +0 -64
  131. data/spec/controllers/applications_controller_spec.rb +0 -180
  132. data/spec/controllers/authorizations_controller_spec.rb +0 -527
  133. data/spec/controllers/protected_resources_controller_spec.rb +0 -353
  134. data/spec/controllers/token_info_controller_spec.rb +0 -50
  135. data/spec/controllers/tokens_controller_spec.rb +0 -330
  136. data/spec/dummy/Rakefile +0 -9
  137. data/spec/dummy/app/assets/config/manifest.js +0 -2
  138. data/spec/dummy/app/controllers/application_controller.rb +0 -5
  139. data/spec/dummy/app/controllers/custom_authorizations_controller.rb +0 -9
  140. data/spec/dummy/app/controllers/full_protected_resources_controller.rb +0 -14
  141. data/spec/dummy/app/controllers/home_controller.rb +0 -18
  142. data/spec/dummy/app/controllers/metal_controller.rb +0 -13
  143. data/spec/dummy/app/controllers/semi_protected_resources_controller.rb +0 -13
  144. data/spec/dummy/app/helpers/application_helper.rb +0 -7
  145. data/spec/dummy/app/models/user.rb +0 -7
  146. data/spec/dummy/app/views/home/index.html.erb +0 -0
  147. data/spec/dummy/app/views/layouts/application.html.erb +0 -14
  148. data/spec/dummy/config/application.rb +0 -47
  149. data/spec/dummy/config/boot.rb +0 -7
  150. data/spec/dummy/config/database.yml +0 -15
  151. data/spec/dummy/config/environment.rb +0 -5
  152. data/spec/dummy/config/environments/development.rb +0 -31
  153. data/spec/dummy/config/environments/production.rb +0 -64
  154. data/spec/dummy/config/environments/test.rb +0 -45
  155. data/spec/dummy/config/initializers/backtrace_silencers.rb +0 -9
  156. data/spec/dummy/config/initializers/doorkeeper.rb +0 -121
  157. data/spec/dummy/config/initializers/secret_token.rb +0 -10
  158. data/spec/dummy/config/initializers/session_store.rb +0 -10
  159. data/spec/dummy/config/initializers/wrap_parameters.rb +0 -16
  160. data/spec/dummy/config/locales/doorkeeper.en.yml +0 -5
  161. data/spec/dummy/config/routes.rb +0 -13
  162. data/spec/dummy/config.ru +0 -6
  163. data/spec/dummy/db/migrate/20111122132257_create_users.rb +0 -11
  164. data/spec/dummy/db/migrate/20120312140401_add_password_to_users.rb +0 -7
  165. data/spec/dummy/db/migrate/20151223192035_create_doorkeeper_tables.rb +0 -69
  166. data/spec/dummy/db/migrate/20151223200000_add_owner_to_application.rb +0 -9
  167. data/spec/dummy/db/migrate/20160320211015_add_previous_refresh_token_to_access_tokens.rb +0 -13
  168. data/spec/dummy/db/migrate/20170822064514_enable_pkce.rb +0 -8
  169. data/spec/dummy/db/migrate/20180210183654_add_confidential_to_applications.rb +0 -13
  170. data/spec/dummy/db/schema.rb +0 -68
  171. data/spec/dummy/public/404.html +0 -26
  172. data/spec/dummy/public/422.html +0 -26
  173. data/spec/dummy/public/500.html +0 -26
  174. data/spec/dummy/public/favicon.ico +0 -0
  175. data/spec/dummy/script/rails +0 -9
  176. data/spec/factories.rb +0 -30
  177. data/spec/generators/application_owner_generator_spec.rb +0 -28
  178. data/spec/generators/confidential_applications_generator_spec.rb +0 -29
  179. data/spec/generators/install_generator_spec.rb +0 -36
  180. data/spec/generators/migration_generator_spec.rb +0 -28
  181. data/spec/generators/pkce_generator_spec.rb +0 -28
  182. data/spec/generators/previous_refresh_token_generator_spec.rb +0 -44
  183. data/spec/generators/templates/routes.rb +0 -4
  184. data/spec/generators/views_generator_spec.rb +0 -29
  185. data/spec/grape/grape_integration_spec.rb +0 -137
  186. data/spec/helpers/doorkeeper/dashboard_helper_spec.rb +0 -26
  187. data/spec/lib/config_spec.rb +0 -697
  188. data/spec/lib/doorkeeper_spec.rb +0 -27
  189. data/spec/lib/models/expirable_spec.rb +0 -61
  190. data/spec/lib/models/reusable_spec.rb +0 -40
  191. data/spec/lib/models/revocable_spec.rb +0 -59
  192. data/spec/lib/models/scopes_spec.rb +0 -53
  193. data/spec/lib/models/secret_storable_spec.rb +0 -135
  194. data/spec/lib/oauth/authorization/uri_builder_spec.rb +0 -39
  195. data/spec/lib/oauth/authorization_code_request_spec.rb +0 -156
  196. data/spec/lib/oauth/base_request_spec.rb +0 -205
  197. data/spec/lib/oauth/base_response_spec.rb +0 -47
  198. data/spec/lib/oauth/client/credentials_spec.rb +0 -90
  199. data/spec/lib/oauth/client_credentials/creator_spec.rb +0 -94
  200. data/spec/lib/oauth/client_credentials/issuer_spec.rb +0 -112
  201. data/spec/lib/oauth/client_credentials/validation_spec.rb +0 -59
  202. data/spec/lib/oauth/client_credentials_integration_spec.rb +0 -29
  203. data/spec/lib/oauth/client_credentials_request_spec.rb +0 -109
  204. data/spec/lib/oauth/client_spec.rb +0 -38
  205. data/spec/lib/oauth/code_request_spec.rb +0 -47
  206. data/spec/lib/oauth/code_response_spec.rb +0 -36
  207. data/spec/lib/oauth/error_response_spec.rb +0 -66
  208. data/spec/lib/oauth/error_spec.rb +0 -23
  209. data/spec/lib/oauth/forbidden_token_response_spec.rb +0 -22
  210. data/spec/lib/oauth/helpers/scope_checker_spec.rb +0 -98
  211. data/spec/lib/oauth/helpers/unique_token_spec.rb +0 -21
  212. data/spec/lib/oauth/helpers/uri_checker_spec.rb +0 -247
  213. data/spec/lib/oauth/invalid_token_response_spec.rb +0 -55
  214. data/spec/lib/oauth/password_access_token_request_spec.rb +0 -192
  215. data/spec/lib/oauth/pre_authorization_spec.rb +0 -215
  216. data/spec/lib/oauth/refresh_token_request_spec.rb +0 -177
  217. data/spec/lib/oauth/scopes_spec.rb +0 -148
  218. data/spec/lib/oauth/token_request_spec.rb +0 -150
  219. data/spec/lib/oauth/token_response_spec.rb +0 -86
  220. data/spec/lib/oauth/token_spec.rb +0 -158
  221. data/spec/lib/request/strategy_spec.rb +0 -54
  222. data/spec/lib/secret_storing/base_spec.rb +0 -60
  223. data/spec/lib/secret_storing/bcrypt_spec.rb +0 -49
  224. data/spec/lib/secret_storing/plain_spec.rb +0 -44
  225. data/spec/lib/secret_storing/sha256_hash_spec.rb +0 -48
  226. data/spec/lib/server_spec.rb +0 -61
  227. data/spec/lib/stale_records_cleaner_spec.rb +0 -89
  228. data/spec/models/doorkeeper/access_grant_spec.rb +0 -144
  229. data/spec/models/doorkeeper/access_token_spec.rb +0 -591
  230. data/spec/models/doorkeeper/application_spec.rb +0 -367
  231. data/spec/requests/applications/applications_request_spec.rb +0 -259
  232. data/spec/requests/applications/authorized_applications_spec.rb +0 -32
  233. data/spec/requests/endpoints/authorization_spec.rb +0 -73
  234. data/spec/requests/endpoints/token_spec.rb +0 -75
  235. data/spec/requests/flows/authorization_code_errors_spec.rb +0 -78
  236. data/spec/requests/flows/authorization_code_spec.rb +0 -447
  237. data/spec/requests/flows/client_credentials_spec.rb +0 -128
  238. data/spec/requests/flows/implicit_grant_errors_spec.rb +0 -34
  239. data/spec/requests/flows/implicit_grant_spec.rb +0 -90
  240. data/spec/requests/flows/password_spec.rb +0 -259
  241. data/spec/requests/flows/refresh_token_spec.rb +0 -233
  242. data/spec/requests/flows/revoke_token_spec.rb +0 -143
  243. data/spec/requests/flows/skip_authorization_spec.rb +0 -66
  244. data/spec/requests/protected_resources/metal_spec.rb +0 -16
  245. data/spec/requests/protected_resources/private_api_spec.rb +0 -83
  246. data/spec/routing/custom_controller_routes_spec.rb +0 -133
  247. data/spec/routing/default_routes_spec.rb +0 -41
  248. data/spec/routing/scoped_routes_spec.rb +0 -47
  249. data/spec/spec_helper.rb +0 -57
  250. data/spec/spec_helper_integration.rb +0 -4
  251. data/spec/support/dependencies/factory_bot.rb +0 -4
  252. data/spec/support/doorkeeper_rspec.rb +0 -22
  253. data/spec/support/helpers/access_token_request_helper.rb +0 -13
  254. data/spec/support/helpers/authorization_request_helper.rb +0 -43
  255. data/spec/support/helpers/config_helper.rb +0 -11
  256. data/spec/support/helpers/model_helper.rb +0 -78
  257. data/spec/support/helpers/request_spec_helper.rb +0 -98
  258. data/spec/support/helpers/url_helper.rb +0 -62
  259. data/spec/support/http_method_shim.rb +0 -29
  260. data/spec/support/orm/active_record.rb +0 -5
  261. data/spec/support/shared/controllers_shared_context.rb +0 -123
  262. data/spec/support/shared/hashing_shared_context.rb +0 -36
  263. data/spec/support/shared/models_shared_examples.rb +0 -54
  264. data/spec/validators/redirect_uri_validator_spec.rb +0 -158
  265. data/spec/version/version_spec.rb +0 -17
data/Appraisals DELETED
@@ -1,40 +0,0 @@
1
- # frozen_string_literal: true
2
-
3
- appraise "rails-5-0" do
4
- gem "rails", "~> 5.0.0"
5
- gem "sqlite3", "~> 1.3", "< 1.4", platform: %i[ruby mswin mingw x64_mingw]
6
- end
7
-
8
- appraise "rails-5-1" do
9
- gem "rails", "~> 5.1.0"
10
- gem "sqlite3", "~> 1.3", "< 1.4", platform: %i[ruby mswin mingw x64_mingw]
11
- end
12
-
13
- appraise "rails-5-2" do
14
- gem "rails", "~> 5.2.0"
15
- gem "sqlite3", "~> 1.3", "< 1.4", platform: %i[ruby mswin mingw x64_mingw]
16
- end
17
-
18
- appraise "rails-6-0" do
19
- gem "rails", "~> 6.0.0.beta3"
20
- gem "sqlite3", "~> 1.4", platform: %i[ruby mswin mingw x64_mingw]
21
-
22
- # TODO: Remove when rspec-rails 4.0 released
23
- gem "rspec-core", github: "rspec/rspec-core"
24
- gem "rspec-expectations", github: "rspec/rspec-expectations"
25
- gem "rspec-mocks", github: "rspec/rspec-mocks"
26
- gem "rspec-rails", github: "rspec/rspec-rails", branch: "4-0-dev"
27
- gem "rspec-support", github: "rspec/rspec-support"
28
- end
29
-
30
- appraise "rails-master" do
31
- gem "rails", git: "https://github.com/rails/rails"
32
- gem "sqlite3", "~> 1.4", platform: %i[ruby mswin mingw x64_mingw]
33
-
34
- # TODO: Remove when rspec-rails 4.0 released
35
- gem "rspec-core", github: "rspec/rspec-core"
36
- gem "rspec-expectations", github: "rspec/rspec-expectations"
37
- gem "rspec-mocks", github: "rspec/rspec-mocks"
38
- gem "rspec-rails", github: "rspec/rspec-rails", branch: "4-0-dev"
39
- gem "rspec-support", github: "rspec/rspec-support"
40
- end
data/CODE_OF_CONDUCT.md DELETED
@@ -1,46 +0,0 @@
1
- # Contributor Covenant Code of Conduct
2
-
3
- ## Our Pledge
4
-
5
- In the interest of fostering an open and welcoming environment, we as contributors and maintainers pledge to making participation in our project and our community a harassment-free experience for everyone, regardless of age, body size, disability, ethnicity, gender identity and expression, level of experience, nationality, personal appearance, race, religion, or sexual identity and orientation.
6
-
7
- ## Our Standards
8
-
9
- Examples of behavior that contributes to creating a positive environment include:
10
-
11
- * Using welcoming and inclusive language
12
- * Being respectful of differing viewpoints and experiences
13
- * Gracefully accepting constructive criticism
14
- * Focusing on what is best for the community
15
- * Showing empathy towards other community members
16
-
17
- Examples of unacceptable behavior by participants include:
18
-
19
- * The use of sexualized language or imagery and unwelcome sexual attention or advances
20
- * Trolling, insulting/derogatory comments, and personal or political attacks
21
- * Public or private harassment
22
- * Publishing others' private information, such as a physical or electronic address, without explicit permission
23
- * Other conduct which could reasonably be considered inappropriate in a professional setting
24
-
25
- ## Our Responsibilities
26
-
27
- Project maintainers are responsible for clarifying the standards of acceptable behavior and are expected to take appropriate and fair corrective action in response to any instances of unacceptable behavior.
28
-
29
- Project maintainers have the right and responsibility to remove, edit, or reject comments, commits, code, wiki edits, issues, and other contributions that are not aligned to this Code of Conduct, or to ban temporarily or permanently any contributor for other behaviors that they deem inappropriate, threatening, offensive, or harmful.
30
-
31
- ## Scope
32
-
33
- This Code of Conduct applies both within project spaces and in public spaces when an individual is representing the project or its community. Examples of representing a project or community include using an official project e-mail address, posting via an official social media account, or acting as an appointed representative at an online or offline event. Representation of a project may be further defined and clarified by project maintainers.
34
-
35
- ## Enforcement
36
-
37
- Instances of abusive, harassing, or otherwise unacceptable behavior may be reported by contacting the project team members or current maintainer email, specified in gemspec. The project team will review and investigate all complaints, and will respond in a way that it deems appropriate to the circumstances. The project team is obligated to maintain confidentiality with regard to the reporter of an incident. Further details of specific enforcement policies may be posted separately.
38
-
39
- Project maintainers who do not follow or enforce the Code of Conduct in good faith may face temporary or permanent repercussions as determined by other members of the project's leadership.
40
-
41
- ## Attribution
42
-
43
- This Code of Conduct is adapted from the [Contributor Covenant][homepage], version 1.4, available at [http://contributor-covenant.org/version/1/4][version]
44
-
45
- [homepage]: http://contributor-covenant.org
46
- [version]: http://contributor-covenant.org/version/1/4/
data/CONTRIBUTING.md DELETED
@@ -1,47 +0,0 @@
1
- # Contributing
2
-
3
- We love pull requests from everyone. By participating in this project, you agree
4
- to abide by the thoughtbot [code of conduct].
5
-
6
- [code of conduct]: https://thoughtbot.com/open-source-code-of-conduct
7
-
8
- Fork, then clone the repo:
9
-
10
- git clone git@github.com:your-username/doorkeeper.git
11
-
12
- Set up Ruby dependencies via Bundler
13
-
14
- bundle install
15
-
16
- Make sure the tests pass:
17
-
18
- rake
19
-
20
- Make your change.
21
- Write tests.
22
- Follow our [style guide][style].
23
- Make the tests pass:
24
-
25
- [style]: https://github.com/thoughtbot/guides/tree/master/style
26
-
27
- rake
28
-
29
- Add notes on your change to the `NEWS.md` file.
30
-
31
- Write a [good commit message][commit].
32
- Push to your fork.
33
- [Submit a pull request][pr].
34
-
35
- [commit]: http://tbaggery.com/2008/04/19/a-note-about-git-commit-messages.html
36
- [pr]: https://github.com/doorkeeper-gem/doorkeeper/compare/
37
-
38
- If [Hound] catches style violations,
39
- fix them.
40
-
41
- [hound]: https://houndci.com
42
-
43
- Wait for us.
44
- We try to at least comment on pull requests within one business day.
45
- We may suggest changes.
46
-
47
- Thank you for your contribution!
data/Dangerfile DELETED
@@ -1,67 +0,0 @@
1
- CHANGELOG_FILE = 'NEWS.md'
2
- GITHUB_REPO = 'https://github.com/doorkeeper-gem/doorkeeper'
3
-
4
- def changelog_changed?
5
- git.modified_files.include?(CHANGELOG_FILE) || git.added_files.include?(CHANGELOG_FILE)
6
- end
7
-
8
- def changelog_entry_example
9
- pr_number = github.pr_json['number']
10
- pr_title = github.pr_title
11
- .sub(/[?.!,;]?$/, '')
12
- .capitalize
13
-
14
- "- [##{pr_number}]: #{pr_title}."
15
- end
16
-
17
- # --------------------------------------------------------------------------------------------------------------------
18
- # Has any changes happened inside the actual library code?
19
- # --------------------------------------------------------------------------------------------------------------------
20
- has_app_changes = !git.modified_files.grep(/lib|app/).empty?
21
- has_spec_changes = !git.modified_files.grep(/spec/).empty?
22
-
23
- # --------------------------------------------------------------------------------------------------------------------
24
- # You've made changes to lib, but didn't write any tests?
25
- # --------------------------------------------------------------------------------------------------------------------
26
- if has_app_changes && !has_spec_changes
27
- warn("There're library changes, but not tests. That's OK as long as you're refactoring existing code.", sticky: false)
28
- end
29
-
30
- # --------------------------------------------------------------------------------------------------------------------
31
- # You've made changes to specs, but no library code has changed?
32
- # --------------------------------------------------------------------------------------------------------------------
33
- if !has_app_changes && has_spec_changes
34
- message('We really appreciate pull requests that demonstrate issues, even without a fix. That said, the next step is to try and fix the failing tests!', sticky: false)
35
- end
36
-
37
- # Mainly to encourage writing up some reasoning about the PR, rather than
38
- # just leaving a title
39
- if github.pr_body.length < 10
40
- fail "Please provide a summary in the Pull Request description"
41
- end
42
-
43
- # --------------------------------------------------------------------------------------------------------------------
44
- # Have you updated CHANGELOG.md?
45
- # --------------------------------------------------------------------------------------------------------------------
46
- # Add a CHANGELOG entry for app changes
47
- if has_app_changes && !changelog_changed?
48
- markdown <<-MARKDOWN
49
- Here's an example of a #{CHANGELOG_FILE} entry:
50
- ```markdown
51
- #{changelog_entry_example}
52
- ```
53
- MARKDOWN
54
-
55
- warn(
56
- "Please include a changelog entry. \nYou can find it at [#{CHANGELOG_FILE}](#{GITHUB_REPO}/blob/master/#{CHANGELOG_FILE})." +
57
- "You can skip this warning only if you made some typo fix or other small changes that didn't affect the API."
58
- )
59
- end
60
-
61
- if git.commits.any? { |commit| commit.message =~ /^Merge branch '#{github.branch_for_base}'/ }
62
- warn('Please rebase to get rid of the merge commits in this PR')
63
- end
64
-
65
- if git.commits.length > 1
66
- warn('Please squash all your commits to a single one')
67
- end
data/Gemfile DELETED
@@ -1,24 +0,0 @@
1
- # frozen_string_literal: true
2
-
3
- source "https://rubygems.org"
4
- git_source(:github) { |repo| "https://github.com/#{repo}.git" }
5
-
6
- gemspec
7
-
8
- gem "rails", "~> 6.0.0.beta3"
9
-
10
- # TODO: Remove when rspec-rails 4.0 released
11
- gem "rspec-core", github: "rspec/rspec-core"
12
- gem "rspec-expectations", github: "rspec/rspec-expectations"
13
- gem "rspec-mocks", github: "rspec/rspec-mocks"
14
- gem "rspec-rails", github: "rspec/rspec-rails", branch: "4-0-dev"
15
- gem "rspec-support", github: "rspec/rspec-support"
16
-
17
- gem "rubocop", "~> 0.66"
18
-
19
- gem "bcrypt", "~> 3.1", require: false
20
-
21
- gem "activerecord-jdbcsqlite3-adapter", platform: :jruby
22
- gem "sqlite3", "~> 1.4", platform: %i[ruby mswin mingw x64_mingw]
23
-
24
- gem "tzinfo-data", platforms: %i[mingw mswin x64_mingw]
data/RELEASING.md DELETED
@@ -1,10 +0,0 @@
1
- # Releasing doorkeeper
2
-
3
- How to release doorkeeper in five easy steps!
4
-
5
- 1. Update `lib/doorkeeper/version.rb` file accordingly.
6
- 2. Update `NEWS.md` to reflect the changes since last release.
7
- 3. Commit changes: `git commit -am 'Bump to vVERSION'`
8
- 4. Run `rake release`
9
- 5. Announce the new release, making sure to say “thank you” to the contributors
10
- who helped shape this version!
data/Rakefile DELETED
@@ -1,28 +0,0 @@
1
- # frozen_string_literal: true
2
-
3
- require "bundler/setup"
4
- require "rspec/core/rake_task"
5
-
6
- desc "Default: run specs."
7
- task default: :spec
8
-
9
- desc "Run all specs"
10
- RSpec::Core::RakeTask.new(:spec) do |config|
11
- config.verbose = false
12
- end
13
-
14
- namespace :doorkeeper do
15
- desc "Install doorkeeper in dummy app"
16
- task :install do
17
- cd "spec/dummy"
18
- system "bundle exec rails g doorkeeper:install --force"
19
- end
20
-
21
- desc "Runs local test server"
22
- task :server do
23
- cd "spec/dummy"
24
- system "bundle exec rails server"
25
- end
26
- end
27
-
28
- Bundler::GemHelper.install_tasks
data/SECURITY.md DELETED
@@ -1,15 +0,0 @@
1
- # Reporting security issues in Doorkeeper
2
-
3
- Hello! Thank you for wanting to disclose a possible security
4
- vulnerability within the Doorkeeper gem! Please follow our disclosure
5
- policy as outlined below:
6
-
7
- 1. Do NOT open up a GitHub issue with your report. Security reports
8
- should be kept private until a possible fix is determined.
9
- 2. Send an email to Nikita Bulai at bulaj.nikita AT gmail.com or one of
10
- the others Doorkeeper maintainers listed in gemspec. You should receive
11
- a prompt response.
12
- 3. Be patient. Since Doorkeeper is in a stable maintenance phase, we want to
13
- do as little as possible to rock the boat of the project.
14
-
15
- Thank you very much for adhering for these policies!
data/UPGRADE.md DELETED
@@ -1,2 +0,0 @@
1
- See [Upgrade Guides](https://github.com/doorkeeper-gem/doorkeeper/wiki/Migration-from-old-versions)
2
- in the project Wiki.
@@ -1,50 +0,0 @@
1
- # frozen_string_literal: true
2
-
3
- require "uri"
4
-
5
- class RedirectUriValidator < ActiveModel::EachValidator
6
- def self.native_redirect_uri
7
- Doorkeeper.configuration.native_redirect_uri
8
- end
9
-
10
- def validate_each(record, attribute, value)
11
- if value.blank?
12
- return if Doorkeeper.configuration.allow_blank_redirect_uri?(record)
13
-
14
- record.errors.add(attribute, :blank)
15
- else
16
- value.split.each do |val|
17
- uri = ::URI.parse(val)
18
- next if native_redirect_uri?(uri)
19
-
20
- record.errors.add(attribute, :forbidden_uri) if forbidden_uri?(uri)
21
- record.errors.add(attribute, :fragment_present) unless uri.fragment.nil?
22
- record.errors.add(attribute, :relative_uri) if uri.scheme.nil? || uri.host.nil?
23
- record.errors.add(attribute, :secured_uri) if invalid_ssl_uri?(uri)
24
- end
25
- end
26
- rescue URI::InvalidURIError
27
- record.errors.add(attribute, :invalid_uri)
28
- end
29
-
30
- private
31
-
32
- def native_redirect_uri?(uri)
33
- self.class.native_redirect_uri.present? && uri.to_s == self.class.native_redirect_uri.to_s
34
- end
35
-
36
- def forbidden_uri?(uri)
37
- Doorkeeper.configuration.forbid_redirect_uri.call(uri)
38
- end
39
-
40
- def invalid_ssl_uri?(uri)
41
- forces_ssl = Doorkeeper.configuration.force_ssl_in_redirect_uri
42
- non_https = uri.try(:scheme) == "http"
43
-
44
- if forces_ssl.respond_to?(:call)
45
- forces_ssl.call(uri) && non_https
46
- else
47
- forces_ssl && non_https
48
- end
49
- end
50
- end
data/bin/console DELETED
@@ -1,16 +0,0 @@
1
- #!/usr/bin/env ruby
2
- # frozen_string_literal: true
3
-
4
- require "bundler/setup"
5
- require "rails/all"
6
- require "doorkeeper"
7
-
8
- # You can add fixtures and/or initialization code here to make experimenting
9
- # with your gem easier. You can also use a different console, if you like.
10
-
11
- # (If you use this, don't forget to add pry to your Gemfile!)
12
- # require "pry"
13
- # Pry.start
14
-
15
- require "irb"
16
- IRB.start(__FILE__)
data/doorkeeper.gemspec DELETED
@@ -1,34 +0,0 @@
1
- # frozen_string_literal: true
2
-
3
- $LOAD_PATH.push File.expand_path("lib", __dir__)
4
-
5
- require "doorkeeper/version"
6
-
7
- Gem::Specification.new do |gem|
8
- gem.name = "doorkeeper"
9
- gem.version = Doorkeeper.gem_version
10
- gem.authors = ["Felipe Elias Philipp", "Tute Costa", "Jon Moss", "Nikita Bulai"]
11
- gem.email = %w[bulaj.nikita@gmail.com]
12
- gem.homepage = "https://github.com/doorkeeper-gem/doorkeeper"
13
- gem.summary = "OAuth 2 provider for Rails and Grape"
14
- gem.description = "Doorkeeper is an OAuth 2 provider for Rails and Grape."
15
- gem.license = "MIT"
16
-
17
- gem.files = `git ls-files`.split("\n")
18
- gem.test_files = `git ls-files -- spec/*`.split("\n")
19
- gem.require_paths = ["lib"]
20
-
21
- gem.add_dependency "railties", ">= 5"
22
- gem.required_ruby_version = ">= 2.4"
23
-
24
- gem.add_development_dependency "appraisal"
25
- gem.add_development_dependency "capybara"
26
- gem.add_development_dependency "coveralls"
27
- gem.add_development_dependency "danger", "~> 6.0"
28
- gem.add_development_dependency "database_cleaner", "~> 1.6"
29
- gem.add_development_dependency "factory_bot", "~> 5.0"
30
- gem.add_development_dependency "generator_spec", "~> 0.9.3"
31
- gem.add_development_dependency "grape"
32
- gem.add_development_dependency "rake", ">= 11.3.0"
33
- gem.add_development_dependency "rspec-rails"
34
- end
@@ -1,17 +0,0 @@
1
- # This file was generated by Appraisal
2
-
3
- source "https://rubygems.org"
4
-
5
- gem "rails", "~> 5.0.0"
6
- gem "rspec-core", git: "https://github.com/rspec/rspec-core.git"
7
- gem "rspec-expectations", git: "https://github.com/rspec/rspec-expectations.git"
8
- gem "rspec-mocks", git: "https://github.com/rspec/rspec-mocks.git"
9
- gem "rspec-rails", branch: "4-0-dev", git: "https://github.com/rspec/rspec-rails.git"
10
- gem "rspec-support", git: "https://github.com/rspec/rspec-support.git"
11
- gem "rubocop", "~> 0.66"
12
- gem "bcrypt", "~> 3.1", require: false
13
- gem "activerecord-jdbcsqlite3-adapter", platform: :jruby
14
- gem "sqlite3", "~> 1.3", "< 1.4", platform: [:ruby, :mswin, :mingw, :x64_mingw]
15
- gem "tzinfo-data", platforms: [:mingw, :mswin, :x64_mingw]
16
-
17
- gemspec path: "../"
@@ -1,17 +0,0 @@
1
- # This file was generated by Appraisal
2
-
3
- source "https://rubygems.org"
4
-
5
- gem "rails", "~> 5.1.0"
6
- gem "rspec-core", git: "https://github.com/rspec/rspec-core.git"
7
- gem "rspec-expectations", git: "https://github.com/rspec/rspec-expectations.git"
8
- gem "rspec-mocks", git: "https://github.com/rspec/rspec-mocks.git"
9
- gem "rspec-rails", branch: "4-0-dev", git: "https://github.com/rspec/rspec-rails.git"
10
- gem "rspec-support", git: "https://github.com/rspec/rspec-support.git"
11
- gem "rubocop", "~> 0.66"
12
- gem "bcrypt", "~> 3.1", require: false
13
- gem "activerecord-jdbcsqlite3-adapter", platform: :jruby
14
- gem "sqlite3", "~> 1.3", "< 1.4", platform: [:ruby, :mswin, :mingw, :x64_mingw]
15
- gem "tzinfo-data", platforms: [:mingw, :mswin, :x64_mingw]
16
-
17
- gemspec path: "../"
@@ -1,17 +0,0 @@
1
- # This file was generated by Appraisal
2
-
3
- source "https://rubygems.org"
4
-
5
- gem "rails", "~> 5.2.0"
6
- gem "rspec-core", git: "https://github.com/rspec/rspec-core.git"
7
- gem "rspec-expectations", git: "https://github.com/rspec/rspec-expectations.git"
8
- gem "rspec-mocks", git: "https://github.com/rspec/rspec-mocks.git"
9
- gem "rspec-rails", branch: "4-0-dev", git: "https://github.com/rspec/rspec-rails.git"
10
- gem "rspec-support", git: "https://github.com/rspec/rspec-support.git"
11
- gem "rubocop", "~> 0.66"
12
- gem "bcrypt", "~> 3.1", require: false
13
- gem "activerecord-jdbcsqlite3-adapter", platform: :jruby
14
- gem "sqlite3", "~> 1.3", "< 1.4", platform: [:ruby, :mswin, :mingw, :x64_mingw]
15
- gem "tzinfo-data", platforms: [:mingw, :mswin, :x64_mingw]
16
-
17
- gemspec path: "../"
@@ -1,17 +0,0 @@
1
- # This file was generated by Appraisal
2
-
3
- source "https://rubygems.org"
4
-
5
- gem "rails", "~> 6.0.0.beta3"
6
- gem "rspec-core", git: "https://github.com/rspec/rspec-core.git"
7
- gem "rspec-expectations", git: "https://github.com/rspec/rspec-expectations.git"
8
- gem "rspec-mocks", git: "https://github.com/rspec/rspec-mocks.git"
9
- gem "rspec-rails", branch: "4-0-dev", git: "https://github.com/rspec/rspec-rails.git"
10
- gem "rspec-support", git: "https://github.com/rspec/rspec-support.git"
11
- gem "rubocop", "~> 0.66"
12
- gem "bcrypt", "~> 3.1", require: false
13
- gem "activerecord-jdbcsqlite3-adapter", platform: :jruby
14
- gem "sqlite3", "~> 1.4", platform: [:ruby, :mswin, :mingw, :x64_mingw]
15
- gem "tzinfo-data", platforms: [:mingw, :mswin, :x64_mingw]
16
-
17
- gemspec path: "../"
@@ -1,17 +0,0 @@
1
- # This file was generated by Appraisal
2
-
3
- source "https://rubygems.org"
4
-
5
- gem "rails", git: "https://github.com/rails/rails"
6
- gem "rspec-core", git: "https://github.com/rspec/rspec-core.git"
7
- gem "rspec-expectations", git: "https://github.com/rspec/rspec-expectations.git"
8
- gem "rspec-mocks", git: "https://github.com/rspec/rspec-mocks.git"
9
- gem "rspec-rails", branch: "4-0-dev", git: "https://github.com/rspec/rspec-rails.git"
10
- gem "rspec-support", git: "https://github.com/rspec/rspec-support.git"
11
- gem "rubocop", "~> 0.66"
12
- gem "bcrypt", "~> 3.1", require: false
13
- gem "activerecord-jdbcsqlite3-adapter", platform: :jruby
14
- gem "sqlite3", "~> 1.4", platform: [:ruby, :mswin, :mingw, :x64_mingw]
15
- gem "tzinfo-data", platforms: [:mingw, :mswin, :x64_mingw]
16
-
17
- gemspec path: "../"
@@ -1,64 +0,0 @@
1
- # frozen_string_literal: true
2
-
3
- require "spec_helper_integration"
4
-
5
- describe Doorkeeper::ApplicationMetalController do
6
- controller(Doorkeeper::ApplicationMetalController) do
7
- def index
8
- render json: {}, status: 200
9
- end
10
-
11
- def create
12
- render json: {}, status: 200
13
- end
14
- end
15
-
16
- it "lazy run hooks" do
17
- i = 0
18
- ActiveSupport.on_load(:doorkeeper_metal_controller) { i += 1 }
19
-
20
- expect(i).to eq 1
21
- end
22
-
23
- describe "enforce_content_type" do
24
- before { allow(Doorkeeper.configuration).to receive(:enforce_content_type).and_return(flag) }
25
-
26
- context "enabled" do
27
- let(:flag) { true }
28
-
29
- it "returns a 200 for the requests without body" do
30
- get :index, params: {}
31
- expect(response).to have_http_status 200
32
- end
33
-
34
- it "returns a 200 for the requests with body and correct media type" do
35
- post :create, params: {}, as: :url_encoded_form
36
- expect(response).to have_http_status 200
37
- end
38
-
39
- it "returns a 415 for the requests with body and incorrect media type" do
40
- post :create, params: {}, as: :json
41
- expect(response).to have_http_status 415
42
- end
43
- end
44
-
45
- context "disabled" do
46
- let(:flag) { false }
47
-
48
- it "returns a 200 for the correct media type" do
49
- get :index, as: :url_encoded_form
50
- expect(response).to have_http_status 200
51
- end
52
-
53
- it "returns a 200 for an incorrect media type" do
54
- get :index, as: :json
55
- expect(response).to have_http_status 200
56
- end
57
-
58
- it "returns a 200 for the requests with body and incorrect media type" do
59
- post :create, params: {}, as: :json
60
- expect(response).to have_http_status 200
61
- end
62
- end
63
- end
64
- end