RubyGems - doorkeeper - Versions diffs - 5.2.0.rc2 → 5.2.0.rc3 - Mend

doorkeeper 5.2.0.rc2 → 5.2.0.rc3

Potentially problematic release.

This version of doorkeeper might be problematic. Click here for more details.

Files changed (59) hide show

checksums.yaml +4 -4
data/Appraisals +1 -1
data/CHANGELOG.md +15 -2
data/Gemfile +1 -1
data/README.md +9 -1
data/app/controllers/doorkeeper/application_metal_controller.rb +1 -1
data/app/controllers/doorkeeper/authorizations_controller.rb +11 -9
data/config/locales/en.yml +5 -1
data/doorkeeper.gemspec +8 -0
data/gemfiles/rails_6_0.gemfile +1 -1
data/lib/doorkeeper.rb +1 -0
data/lib/doorkeeper/config.rb +41 -2
data/lib/doorkeeper/errors.rb +13 -18
data/lib/doorkeeper/helpers/controller.rb +6 -2
data/lib/doorkeeper/oauth/authorization/code.rb +1 -5
data/lib/doorkeeper/oauth/authorization_code_request.rb +18 -9
data/lib/doorkeeper/oauth/base_request.rb +2 -0
data/lib/doorkeeper/oauth/client_credentials/validation.rb +8 -0
data/lib/doorkeeper/oauth/code_request.rb +5 -11
data/lib/doorkeeper/oauth/invalid_request_response.rb +43 -0
data/lib/doorkeeper/oauth/password_access_token_request.rb +7 -2
data/lib/doorkeeper/oauth/pre_authorization.rb +70 -37
data/lib/doorkeeper/oauth/refresh_token_request.rb +5 -2
data/lib/doorkeeper/oauth/token_introspection.rb +4 -1
data/lib/doorkeeper/oauth/token_request.rb +4 -18
data/lib/doorkeeper/orm/active_record.rb +2 -2
data/lib/doorkeeper/orm/active_record/application.rb +1 -1
data/lib/doorkeeper/orm/active_record/redirect_uri_validator.rb +61 -0
data/lib/doorkeeper/request.rb +6 -11
data/lib/doorkeeper/request/authorization_code.rb +2 -0
data/lib/doorkeeper/server.rb +2 -6
data/lib/doorkeeper/version.rb +1 -1
data/lib/generators/doorkeeper/templates/initializer.rb +33 -2
data/lib/generators/doorkeeper/templates/migration.rb.erb +1 -1
data/spec/controllers/authorizations_controller_spec.rb +127 -61
data/spec/controllers/protected_resources_controller_spec.rb +3 -3
data/spec/dummy/db/migrate/20151223192035_create_doorkeeper_tables.rb +1 -1
data/spec/lib/config_spec.rb +17 -0
data/spec/lib/oauth/authorization_code_request_spec.rb +11 -1
data/spec/lib/oauth/base_request_spec.rb +33 -16
data/spec/lib/oauth/code_request_spec.rb +27 -28
data/spec/lib/oauth/invalid_request_response_spec.rb +75 -0
data/spec/lib/oauth/pre_authorization_spec.rb +80 -55
data/spec/lib/oauth/refresh_token_request_spec.rb +1 -0
data/spec/lib/oauth/token_request_spec.rb +20 -17
data/spec/lib/server_spec.rb +0 -12
data/spec/requests/endpoints/authorization_spec.rb +21 -5
data/spec/requests/endpoints/token_spec.rb +1 -1
data/spec/requests/flows/authorization_code_errors_spec.rb +1 -0
data/spec/requests/flows/authorization_code_spec.rb +77 -23
data/spec/requests/flows/client_credentials_spec.rb +38 -0
data/spec/requests/flows/implicit_grant_errors_spec.rb +22 -10
data/spec/requests/flows/implicit_grant_spec.rb +9 -8
data/spec/requests/flows/password_spec.rb +37 -0
data/spec/requests/flows/refresh_token_spec.rb +1 -1
data/spec/support/helpers/request_spec_helper.rb +14 -2
data/spec/validators/redirect_uri_validator_spec.rb +1 -1
metadata +12 -4
data/app/validators/redirect_uri_validator.rb +0 -60

data/spec/requests/flows/refresh_token_spec.rb CHANGED

@@ -172,7 +172,7 @@ describe "Refresh Token Flow" do
       post refresh_token_endpoint_url(client: @client, refresh_token: @token.refresh_token)
       should_not_have_json "refresh_token"
-      should_have_json "error", "invalid_request"
+      should_have_json "error", "invalid_grant"
     end
   end

data/spec/support/helpers/request_spec_helper.rb CHANGED

@@ -54,7 +54,7 @@ module RequestSpecHelper
   end
   def with_header(header, value)
-    page.driver.header header, value
+    page.driver.header(header, value)
   end
   def basic_auth_header_for_client(client)
@@ -86,8 +86,20 @@ module RequestSpecHelper
     i_should_see translated_error_message(key)
   end
+  def i_should_not_see_translated_error_message(key)
+    i_should_not_see translated_error_message(key)
+  end
   def translated_error_message(key)
-    I18n.translate key, scope: %i[doorkeeper errors messages]
+    I18n.translate(key, scope: %i[doorkeeper errors messages])
+  end
+  def i_should_see_translated_invalid_request_error_message(key, value)
+    i_should_see translated_invalid_request_error_message(key, value)
+  end
+  def translated_invalid_request_error_message(key, value)
+    I18n.translate key, scope: %i[doorkeeper errors messages invalid_request], value: value
   end
   def response_status_should_be(status)

data/spec/validators/redirect_uri_validator_spec.rb CHANGED

@@ -2,7 +2,7 @@
 require "spec_helper"
-describe RedirectUriValidator do
+describe Doorkeeper::RedirectUriValidator do
   subject do
     FactoryBot.create(:application)
   end

metadata CHANGED

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: doorkeeper
 version: !ruby/object:Gem::Version
-  version: 5.2.0.rc2
+  version: 5.2.0.rc3
 platform: ruby
 authors:
 - Felipe Elias Philipp
@@ -11,7 +11,7 @@ authors:
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2019-06-17 00:00:00.000000000 Z
+date: 2019-08-28 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: railties
@@ -198,7 +198,6 @@ files:
 - app/controllers/doorkeeper/token_info_controller.rb
 - app/controllers/doorkeeper/tokens_controller.rb
 - app/helpers/doorkeeper/dashboard_helper.rb
-- app/validators/redirect_uri_validator.rb
 - app/views/doorkeeper/applications/_delete_form.html.erb
 - app/views/doorkeeper/applications/_form.html.erb
 - app/views/doorkeeper/applications/edit.html.erb
@@ -261,6 +260,7 @@ files:
 - lib/doorkeeper/oauth/helpers/scope_checker.rb
 - lib/doorkeeper/oauth/helpers/unique_token.rb
 - lib/doorkeeper/oauth/helpers/uri_checker.rb
+- lib/doorkeeper/oauth/invalid_request_response.rb
 - lib/doorkeeper/oauth/invalid_token_response.rb
 - lib/doorkeeper/oauth/nonstandard.rb
 - lib/doorkeeper/oauth/password_access_token_request.rb
@@ -275,6 +275,7 @@ files:
 - lib/doorkeeper/orm/active_record/access_grant.rb
 - lib/doorkeeper/orm/active_record/access_token.rb
 - lib/doorkeeper/orm/active_record/application.rb
+- lib/doorkeeper/orm/active_record/redirect_uri_validator.rb
 - lib/doorkeeper/orm/active_record/stale_records_cleaner.rb
 - lib/doorkeeper/rails/helpers.rb
 - lib/doorkeeper/rails/routes.rb
@@ -396,6 +397,7 @@ files:
 - spec/lib/oauth/helpers/scope_checker_spec.rb
 - spec/lib/oauth/helpers/unique_token_spec.rb
 - spec/lib/oauth/helpers/uri_checker_spec.rb
+- spec/lib/oauth/invalid_request_response_spec.rb
 - spec/lib/oauth/invalid_token_response_spec.rb
 - spec/lib/oauth/password_access_token_request_spec.rb
 - spec/lib/oauth/pre_authorization_spec.rb
@@ -453,7 +455,12 @@ files:
 homepage: https://github.com/doorkeeper-gem/doorkeeper
 licenses:
 - MIT
-metadata: {}
+metadata:
+  homepage_uri: https://github.com/doorkeeper-gem/doorkeeper
+  changelog_uri: https://github.com/doorkeeper-gem/doorkeeper/blob/master/CHANGELOG.md
+  source_code_uri: https://github.com/doorkeeper-gem/doorkeeper
+  bug_tracker_uri: https://github.com/doorkeeper-gem/doorkeeper/issues
+  documentation_uri: https://doorkeeper.gitbook.io/guides/
 post_install_message:
 rdoc_options: []
 require_paths:
@@ -557,6 +564,7 @@ test_files:
 - spec/lib/oauth/helpers/scope_checker_spec.rb
 - spec/lib/oauth/helpers/unique_token_spec.rb
 - spec/lib/oauth/helpers/uri_checker_spec.rb
+- spec/lib/oauth/invalid_request_response_spec.rb
 - spec/lib/oauth/invalid_token_response_spec.rb
 - spec/lib/oauth/password_access_token_request_spec.rb
 - spec/lib/oauth/pre_authorization_spec.rb

data/app/validators/redirect_uri_validator.rb DELETED

@@ -1,60 +0,0 @@
-# frozen_string_literal: true
-require "uri"
-# ActiveModel validator for redirect URI validation in according
-# to OAuth standards and Doorkeeper configuration.
-#
-class RedirectUriValidator < ActiveModel::EachValidator
-  def validate_each(record, attribute, value)
-    if value.blank?
-      return if Doorkeeper.configuration.allow_blank_redirect_uri?(record)
-      record.errors.add(attribute, :blank)
-    else
-      value.split.each do |val|
-        next if oob_redirect_uri?(val)
-        uri = ::URI.parse(val)
-        record.errors.add(attribute, :forbidden_uri) if forbidden_uri?(uri)
-        record.errors.add(attribute, :fragment_present) unless uri.fragment.nil?
-        record.errors.add(attribute, :unspecified_scheme) if unspecified_scheme?(uri)
-        record.errors.add(attribute, :relative_uri) if relative_uri?(uri)
-        record.errors.add(attribute, :secured_uri) if invalid_ssl_uri?(uri)
-      end
-    end
-  rescue URI::InvalidURIError
-    record.errors.add(attribute, :invalid_uri)
-  end
-  private
-  def oob_redirect_uri?(uri)
-    Doorkeeper::OAuth::NonStandard::IETF_WG_OAUTH2_OOB_METHODS.include?(uri)
-  end
-  def forbidden_uri?(uri)
-    Doorkeeper.configuration.forbid_redirect_uri.call(uri)
-  end
-  def unspecified_scheme?(uri)
-    return true if uri.opaque.present?
-    %w[localhost].include?(uri.try(:scheme))
-  end
-  def relative_uri?(uri)
-    uri.scheme.nil? && uri.host.nil?
-  end
-  def invalid_ssl_uri?(uri)
-    forces_ssl = Doorkeeper.configuration.force_ssl_in_redirect_uri
-    non_https = uri.try(:scheme) == "http"
-    if forces_ssl.respond_to?(:call)
-      forces_ssl.call(uri) && non_https
-    else
-      forces_ssl && non_https
-    end
-  end
-end