doorkeeper 5.2.2 → 5.5.4

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.


This version of doorkeeper might be problematic. Click here for more details.

Files changed (260) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +198 -3
  3. data/README.md +28 -20
  4. data/app/controllers/doorkeeper/application_controller.rb +3 -2
  5. data/app/controllers/doorkeeper/application_metal_controller.rb +2 -2
  6. data/app/controllers/doorkeeper/applications_controller.rb +7 -8
  7. data/app/controllers/doorkeeper/authorizations_controller.rb +48 -18
  8. data/app/controllers/doorkeeper/authorized_applications_controller.rb +6 -6
  9. data/app/controllers/doorkeeper/token_info_controller.rb +12 -2
  10. data/app/controllers/doorkeeper/tokens_controller.rb +70 -25
  11. data/app/helpers/doorkeeper/dashboard_helper.rb +1 -1
  12. data/app/views/doorkeeper/applications/_form.html.erb +1 -1
  13. data/app/views/doorkeeper/applications/show.html.erb +35 -14
  14. data/app/views/doorkeeper/authorizations/form_post.html.erb +15 -0
  15. data/app/views/doorkeeper/authorizations/new.html.erb +2 -0
  16. data/config/locales/en.yml +9 -2
  17. data/lib/doorkeeper/config/abstract_builder.rb +28 -0
  18. data/lib/doorkeeper/config/option.rb +26 -14
  19. data/lib/doorkeeper/config/validations.rb +53 -0
  20. data/lib/doorkeeper/config.rb +214 -122
  21. data/lib/doorkeeper/engine.rb +1 -1
  22. data/lib/doorkeeper/grant_flow/fallback_flow.rb +15 -0
  23. data/lib/doorkeeper/grant_flow/flow.rb +44 -0
  24. data/lib/doorkeeper/grant_flow/registry.rb +50 -0
  25. data/lib/doorkeeper/grant_flow.rb +45 -0
  26. data/lib/doorkeeper/grape/helpers.rb +2 -2
  27. data/lib/doorkeeper/helpers/controller.rb +18 -12
  28. data/lib/doorkeeper/models/access_grant_mixin.rb +23 -19
  29. data/lib/doorkeeper/models/access_token_mixin.rb +157 -55
  30. data/lib/doorkeeper/models/application_mixin.rb +8 -7
  31. data/lib/doorkeeper/models/concerns/expirable.rb +1 -1
  32. data/lib/doorkeeper/models/concerns/ownership.rb +1 -1
  33. data/lib/doorkeeper/models/concerns/resource_ownerable.rb +47 -0
  34. data/lib/doorkeeper/models/concerns/reusable.rb +1 -1
  35. data/lib/doorkeeper/models/concerns/revocable.rb +1 -28
  36. data/lib/doorkeeper/models/concerns/scopes.rb +5 -1
  37. data/lib/doorkeeper/models/concerns/secret_storable.rb +1 -3
  38. data/lib/doorkeeper/oauth/authorization/code.rb +22 -9
  39. data/lib/doorkeeper/oauth/authorization/context.rb +5 -5
  40. data/lib/doorkeeper/oauth/authorization/token.rb +23 -18
  41. data/lib/doorkeeper/oauth/authorization/uri_builder.rb +4 -4
  42. data/lib/doorkeeper/oauth/authorization_code_request.rb +30 -20
  43. data/lib/doorkeeper/oauth/base_request.rb +19 -23
  44. data/lib/doorkeeper/oauth/client/credentials.rb +2 -4
  45. data/lib/doorkeeper/oauth/client.rb +8 -9
  46. data/lib/doorkeeper/oauth/client_credentials/creator.rb +38 -12
  47. data/lib/doorkeeper/oauth/client_credentials/issuer.rb +10 -8
  48. data/lib/doorkeeper/oauth/client_credentials/{validation.rb → validator.rb} +7 -5
  49. data/lib/doorkeeper/oauth/client_credentials_request.rb +8 -7
  50. data/lib/doorkeeper/oauth/code_request.rb +4 -4
  51. data/lib/doorkeeper/oauth/code_response.rb +24 -14
  52. data/lib/doorkeeper/oauth/error.rb +1 -1
  53. data/lib/doorkeeper/oauth/error_response.rb +10 -11
  54. data/lib/doorkeeper/oauth/forbidden_token_response.rb +2 -1
  55. data/lib/doorkeeper/oauth/helpers/scope_checker.rb +8 -12
  56. data/lib/doorkeeper/oauth/helpers/unique_token.rb +10 -7
  57. data/lib/doorkeeper/oauth/helpers/uri_checker.rb +1 -19
  58. data/lib/doorkeeper/oauth/hooks/context.rb +21 -0
  59. data/lib/doorkeeper/oauth/invalid_request_response.rb +3 -3
  60. data/lib/doorkeeper/oauth/invalid_token_response.rb +7 -4
  61. data/lib/doorkeeper/oauth/password_access_token_request.rb +28 -10
  62. data/lib/doorkeeper/oauth/pre_authorization.rb +73 -37
  63. data/lib/doorkeeper/oauth/refresh_token_request.rb +35 -26
  64. data/lib/doorkeeper/oauth/token.rb +6 -7
  65. data/lib/doorkeeper/oauth/token_introspection.rb +12 -16
  66. data/lib/doorkeeper/oauth/token_request.rb +3 -3
  67. data/lib/doorkeeper/oauth/token_response.rb +1 -1
  68. data/lib/doorkeeper/orm/active_record/access_grant.rb +4 -43
  69. data/lib/doorkeeper/orm/active_record/access_token.rb +4 -35
  70. data/lib/doorkeeper/orm/active_record/application.rb +5 -95
  71. data/lib/doorkeeper/orm/active_record/mixins/access_grant.rb +69 -0
  72. data/lib/doorkeeper/orm/active_record/mixins/access_token.rb +60 -0
  73. data/lib/doorkeeper/orm/active_record/mixins/application.rb +199 -0
  74. data/lib/doorkeeper/orm/active_record/redirect_uri_validator.rb +8 -3
  75. data/lib/doorkeeper/orm/active_record.rb +5 -7
  76. data/lib/doorkeeper/rails/helpers.rb +4 -4
  77. data/lib/doorkeeper/rails/routes/abstract_router.rb +35 -0
  78. data/lib/doorkeeper/rails/routes/mapper.rb +2 -2
  79. data/lib/doorkeeper/rails/routes/registry.rb +45 -0
  80. data/lib/doorkeeper/rails/routes.rb +17 -25
  81. data/lib/doorkeeper/rake/db.rake +6 -6
  82. data/lib/doorkeeper/rake/setup.rake +5 -0
  83. data/lib/doorkeeper/request/authorization_code.rb +3 -3
  84. data/lib/doorkeeper/request/client_credentials.rb +2 -2
  85. data/lib/doorkeeper/request/password.rb +3 -2
  86. data/lib/doorkeeper/request/refresh_token.rb +5 -4
  87. data/lib/doorkeeper/request/strategy.rb +2 -2
  88. data/lib/doorkeeper/request.rb +49 -12
  89. data/lib/doorkeeper/server.rb +5 -5
  90. data/lib/doorkeeper/stale_records_cleaner.rb +4 -4
  91. data/lib/doorkeeper/version.rb +2 -6
  92. data/lib/doorkeeper.rb +112 -81
  93. data/lib/generators/doorkeeper/application_owner_generator.rb +1 -1
  94. data/lib/generators/doorkeeper/confidential_applications_generator.rb +2 -2
  95. data/lib/generators/doorkeeper/enable_polymorphic_resource_owner_generator.rb +39 -0
  96. data/lib/generators/doorkeeper/migration_generator.rb +1 -1
  97. data/lib/generators/doorkeeper/pkce_generator.rb +1 -1
  98. data/lib/generators/doorkeeper/previous_refresh_token_generator.rb +2 -2
  99. data/lib/generators/doorkeeper/templates/add_owner_to_application_migration.rb.erb +3 -1
  100. data/lib/generators/doorkeeper/templates/add_previous_refresh_token_to_access_tokens.rb.erb +2 -0
  101. data/lib/generators/doorkeeper/templates/enable_pkce_migration.rb.erb +2 -0
  102. data/lib/generators/doorkeeper/templates/enable_polymorphic_resource_owner_migration.rb.erb +17 -0
  103. data/lib/generators/doorkeeper/templates/initializer.rb +99 -14
  104. data/lib/generators/doorkeeper/templates/migration.rb.erb +14 -5
  105. metadata +37 -306
  106. data/Appraisals +0 -40
  107. data/CODE_OF_CONDUCT.md +0 -46
  108. data/CONTRIBUTING.md +0 -49
  109. data/Dangerfile +0 -67
  110. data/Dockerfile +0 -29
  111. data/Gemfile +0 -25
  112. data/NEWS.md +0 -1
  113. data/RELEASING.md +0 -11
  114. data/Rakefile +0 -28
  115. data/SECURITY.md +0 -15
  116. data/UPGRADE.md +0 -2
  117. data/bin/console +0 -16
  118. data/doorkeeper.gemspec +0 -42
  119. data/gemfiles/rails_5_0.gemfile +0 -18
  120. data/gemfiles/rails_5_1.gemfile +0 -18
  121. data/gemfiles/rails_5_2.gemfile +0 -18
  122. data/gemfiles/rails_6_0.gemfile +0 -18
  123. data/gemfiles/rails_master.gemfile +0 -18
  124. data/spec/controllers/application_metal_controller_spec.rb +0 -64
  125. data/spec/controllers/applications_controller_spec.rb +0 -273
  126. data/spec/controllers/authorizations_controller_spec.rb +0 -608
  127. data/spec/controllers/protected_resources_controller_spec.rb +0 -353
  128. data/spec/controllers/token_info_controller_spec.rb +0 -50
  129. data/spec/controllers/tokens_controller_spec.rb +0 -498
  130. data/spec/dummy/Rakefile +0 -9
  131. data/spec/dummy/app/assets/config/manifest.js +0 -2
  132. data/spec/dummy/app/controllers/application_controller.rb +0 -5
  133. data/spec/dummy/app/controllers/custom_authorizations_controller.rb +0 -9
  134. data/spec/dummy/app/controllers/full_protected_resources_controller.rb +0 -14
  135. data/spec/dummy/app/controllers/home_controller.rb +0 -18
  136. data/spec/dummy/app/controllers/metal_controller.rb +0 -13
  137. data/spec/dummy/app/controllers/semi_protected_resources_controller.rb +0 -13
  138. data/spec/dummy/app/helpers/application_helper.rb +0 -7
  139. data/spec/dummy/app/models/user.rb +0 -7
  140. data/spec/dummy/app/views/home/index.html.erb +0 -0
  141. data/spec/dummy/app/views/layouts/application.html.erb +0 -14
  142. data/spec/dummy/config/application.rb +0 -49
  143. data/spec/dummy/config/boot.rb +0 -7
  144. data/spec/dummy/config/database.yml +0 -15
  145. data/spec/dummy/config/environment.rb +0 -5
  146. data/spec/dummy/config/environments/development.rb +0 -31
  147. data/spec/dummy/config/environments/production.rb +0 -64
  148. data/spec/dummy/config/environments/test.rb +0 -45
  149. data/spec/dummy/config/initializers/backtrace_silencers.rb +0 -9
  150. data/spec/dummy/config/initializers/doorkeeper.rb +0 -166
  151. data/spec/dummy/config/initializers/secret_token.rb +0 -10
  152. data/spec/dummy/config/initializers/session_store.rb +0 -10
  153. data/spec/dummy/config/initializers/wrap_parameters.rb +0 -16
  154. data/spec/dummy/config/locales/doorkeeper.en.yml +0 -5
  155. data/spec/dummy/config/routes.rb +0 -13
  156. data/spec/dummy/config.ru +0 -6
  157. data/spec/dummy/db/migrate/20111122132257_create_users.rb +0 -11
  158. data/spec/dummy/db/migrate/20120312140401_add_password_to_users.rb +0 -7
  159. data/spec/dummy/db/migrate/20151223192035_create_doorkeeper_tables.rb +0 -69
  160. data/spec/dummy/db/migrate/20151223200000_add_owner_to_application.rb +0 -9
  161. data/spec/dummy/db/migrate/20160320211015_add_previous_refresh_token_to_access_tokens.rb +0 -13
  162. data/spec/dummy/db/migrate/20170822064514_enable_pkce.rb +0 -8
  163. data/spec/dummy/db/migrate/20180210183654_add_confidential_to_applications.rb +0 -13
  164. data/spec/dummy/db/schema.rb +0 -68
  165. data/spec/dummy/public/404.html +0 -26
  166. data/spec/dummy/public/422.html +0 -26
  167. data/spec/dummy/public/500.html +0 -26
  168. data/spec/dummy/public/favicon.ico +0 -0
  169. data/spec/dummy/script/rails +0 -9
  170. data/spec/factories.rb +0 -30
  171. data/spec/generators/application_owner_generator_spec.rb +0 -28
  172. data/spec/generators/confidential_applications_generator_spec.rb +0 -29
  173. data/spec/generators/install_generator_spec.rb +0 -36
  174. data/spec/generators/migration_generator_spec.rb +0 -28
  175. data/spec/generators/pkce_generator_spec.rb +0 -28
  176. data/spec/generators/previous_refresh_token_generator_spec.rb +0 -44
  177. data/spec/generators/templates/routes.rb +0 -4
  178. data/spec/generators/views_generator_spec.rb +0 -29
  179. data/spec/grape/grape_integration_spec.rb +0 -137
  180. data/spec/helpers/doorkeeper/dashboard_helper_spec.rb +0 -26
  181. data/spec/lib/config_spec.rb +0 -739
  182. data/spec/lib/doorkeeper_spec.rb +0 -27
  183. data/spec/lib/models/expirable_spec.rb +0 -61
  184. data/spec/lib/models/reusable_spec.rb +0 -40
  185. data/spec/lib/models/revocable_spec.rb +0 -59
  186. data/spec/lib/models/scopes_spec.rb +0 -53
  187. data/spec/lib/models/secret_storable_spec.rb +0 -135
  188. data/spec/lib/oauth/authorization/uri_builder_spec.rb +0 -39
  189. data/spec/lib/oauth/authorization_code_request_spec.rb +0 -168
  190. data/spec/lib/oauth/base_request_spec.rb +0 -222
  191. data/spec/lib/oauth/base_response_spec.rb +0 -47
  192. data/spec/lib/oauth/client/credentials_spec.rb +0 -90
  193. data/spec/lib/oauth/client_credentials/creator_spec.rb +0 -97
  194. data/spec/lib/oauth/client_credentials/issuer_spec.rb +0 -112
  195. data/spec/lib/oauth/client_credentials/validation_spec.rb +0 -59
  196. data/spec/lib/oauth/client_credentials_integration_spec.rb +0 -29
  197. data/spec/lib/oauth/client_credentials_request_spec.rb +0 -109
  198. data/spec/lib/oauth/client_spec.rb +0 -38
  199. data/spec/lib/oauth/code_request_spec.rb +0 -46
  200. data/spec/lib/oauth/code_response_spec.rb +0 -36
  201. data/spec/lib/oauth/error_response_spec.rb +0 -66
  202. data/spec/lib/oauth/error_spec.rb +0 -23
  203. data/spec/lib/oauth/forbidden_token_response_spec.rb +0 -22
  204. data/spec/lib/oauth/helpers/scope_checker_spec.rb +0 -98
  205. data/spec/lib/oauth/helpers/unique_token_spec.rb +0 -21
  206. data/spec/lib/oauth/helpers/uri_checker_spec.rb +0 -262
  207. data/spec/lib/oauth/invalid_request_response_spec.rb +0 -75
  208. data/spec/lib/oauth/invalid_token_response_spec.rb +0 -55
  209. data/spec/lib/oauth/password_access_token_request_spec.rb +0 -192
  210. data/spec/lib/oauth/pre_authorization_spec.rb +0 -225
  211. data/spec/lib/oauth/refresh_token_request_spec.rb +0 -178
  212. data/spec/lib/oauth/scopes_spec.rb +0 -148
  213. data/spec/lib/oauth/token_request_spec.rb +0 -153
  214. data/spec/lib/oauth/token_response_spec.rb +0 -86
  215. data/spec/lib/oauth/token_spec.rb +0 -158
  216. data/spec/lib/request/strategy_spec.rb +0 -54
  217. data/spec/lib/secret_storing/base_spec.rb +0 -60
  218. data/spec/lib/secret_storing/bcrypt_spec.rb +0 -49
  219. data/spec/lib/secret_storing/plain_spec.rb +0 -44
  220. data/spec/lib/secret_storing/sha256_hash_spec.rb +0 -48
  221. data/spec/lib/server_spec.rb +0 -49
  222. data/spec/lib/stale_records_cleaner_spec.rb +0 -89
  223. data/spec/models/doorkeeper/access_grant_spec.rb +0 -163
  224. data/spec/models/doorkeeper/access_token_spec.rb +0 -622
  225. data/spec/models/doorkeeper/application_spec.rb +0 -377
  226. data/spec/requests/applications/applications_request_spec.rb +0 -259
  227. data/spec/requests/applications/authorized_applications_spec.rb +0 -32
  228. data/spec/requests/endpoints/authorization_spec.rb +0 -89
  229. data/spec/requests/endpoints/token_spec.rb +0 -75
  230. data/spec/requests/flows/authorization_code_errors_spec.rb +0 -79
  231. data/spec/requests/flows/authorization_code_spec.rb +0 -513
  232. data/spec/requests/flows/client_credentials_spec.rb +0 -166
  233. data/spec/requests/flows/implicit_grant_errors_spec.rb +0 -46
  234. data/spec/requests/flows/implicit_grant_spec.rb +0 -91
  235. data/spec/requests/flows/password_spec.rb +0 -296
  236. data/spec/requests/flows/refresh_token_spec.rb +0 -233
  237. data/spec/requests/flows/revoke_token_spec.rb +0 -151
  238. data/spec/requests/flows/skip_authorization_spec.rb +0 -66
  239. data/spec/requests/protected_resources/metal_spec.rb +0 -16
  240. data/spec/requests/protected_resources/private_api_spec.rb +0 -83
  241. data/spec/routing/custom_controller_routes_spec.rb +0 -133
  242. data/spec/routing/default_routes_spec.rb +0 -41
  243. data/spec/routing/scoped_routes_spec.rb +0 -47
  244. data/spec/spec_helper.rb +0 -57
  245. data/spec/spec_helper_integration.rb +0 -4
  246. data/spec/support/dependencies/factory_bot.rb +0 -4
  247. data/spec/support/doorkeeper_rspec.rb +0 -22
  248. data/spec/support/helpers/access_token_request_helper.rb +0 -13
  249. data/spec/support/helpers/authorization_request_helper.rb +0 -43
  250. data/spec/support/helpers/config_helper.rb +0 -11
  251. data/spec/support/helpers/model_helper.rb +0 -78
  252. data/spec/support/helpers/request_spec_helper.rb +0 -110
  253. data/spec/support/helpers/url_helper.rb +0 -62
  254. data/spec/support/http_method_shim.rb +0 -29
  255. data/spec/support/orm/active_record.rb +0 -5
  256. data/spec/support/shared/controllers_shared_context.rb +0 -123
  257. data/spec/support/shared/hashing_shared_context.rb +0 -36
  258. data/spec/support/shared/models_shared_examples.rb +0 -54
  259. data/spec/validators/redirect_uri_validator_spec.rb +0 -183
  260. data/spec/version/version_spec.rb +0 -17
@@ -1,15 +0,0 @@
1
- development:
2
- adapter: sqlite3
3
- database: db/development.sqlite3
4
- pool: 5
5
- timeout: 5000
6
-
7
- test:
8
- adapter: sqlite3
9
- database: ":memory:"
10
- timeout: 500
11
-
12
- production:
13
- adapter: sqlite3
14
- database: ":memory:"
15
- timeout: 500
@@ -1,5 +0,0 @@
1
- # Load the rails application
2
- require File.expand_path('application', __dir__)
3
-
4
- # Initialize the rails application
5
- Rails.application.initialize!
@@ -1,31 +0,0 @@
1
- # frozen_string_literal: true
2
-
3
- Dummy::Application.configure do
4
- # Settings specified here will take precedence over those in config/application.rb
5
-
6
- # In the development environment your application's code is reloaded on
7
- # every request. This slows down response time but is perfect for development
8
- # since you don't have to restart the web server when you make code changes.
9
- config.cache_classes = false
10
-
11
- # Show full error reports and disable caching
12
- config.consider_all_requests_local = true
13
- config.action_controller.perform_caching = false
14
-
15
- # Don't care if the mailer can't send
16
- # config.action_mailer.raise_delivery_errors = false
17
-
18
- # Print deprecation notices to the Rails logger
19
- config.active_support.deprecation = :log
20
-
21
- # Only use best-standards-support built into browsers
22
- config.action_dispatch.best_standards_support = :builtin
23
-
24
- # Do not compress assets
25
- config.assets.compress = false
26
-
27
- # Expands the lines which load the assets
28
- config.assets.debug = true
29
-
30
- config.eager_load = false
31
- end
@@ -1,64 +0,0 @@
1
- # frozen_string_literal: true
2
-
3
- Dummy::Application.configure do
4
- # Settings specified here will take precedence over those in config/application.rb
5
-
6
- # Code is not reloaded between requests
7
- config.cache_classes = true
8
-
9
- # Full error reports are disabled and caching is turned on
10
- config.consider_all_requests_local = false
11
- config.action_controller.perform_caching = true
12
-
13
- # Disable Rails's static asset server (Apache or nginx will already do this)
14
- config.serve_static_assets = false
15
-
16
- # Compress JavaScripts and CSS
17
- config.assets.compress = true
18
-
19
- # Don't fallback to assets pipeline if a precompiled asset is missed
20
- config.assets.compile = false
21
-
22
- # Generate digests for assets URLs
23
- config.assets.digest = true
24
-
25
- # Defaults to Rails.root.join("public/assets")
26
- # config.assets.manifest = YOUR_PATH
27
-
28
- # Specifies the header that your server uses for sending files
29
- # config.action_dispatch.x_sendfile_header = "X-Sendfile" # for apache
30
- # config.action_dispatch.x_sendfile_header = 'X-Accel-Redirect' # for nginx
31
-
32
- # Force all access to the app over SSL, use Strict-Transport-Security, and use secure cookies.
33
- # config.force_ssl = true
34
-
35
- # See everything in the log (default is :info)
36
- # config.log_level = :debug
37
-
38
- # Use a different logger for distributed setups
39
- # config.logger = SyslogLogger.new
40
-
41
- # Use a different cache store in production
42
- # config.cache_store = :mem_cache_store
43
-
44
- # Enable serving of images, stylesheets, and JavaScripts from an asset server
45
- # config.action_controller.asset_host = "http://assets.example.com"
46
-
47
- # Precompile additional assets (application.js, application.css, and all non-JS/CSS are already added)
48
- # config.assets.precompile += %w( search.js )
49
-
50
- # Disable delivery errors, bad email addresses will be ignored
51
- # config.action_mailer.raise_delivery_errors = false
52
-
53
- # Enable threaded mode
54
- # config.threadsafe!
55
-
56
- # Enable locale fallbacks for I18n (makes lookups for any locale fall back to
57
- # the I18n.default_locale when a translation can not be found)
58
- config.i18n.fallbacks = true
59
-
60
- # Send deprecation notices to registered listeners
61
- config.active_support.deprecation = :notify
62
-
63
- config.eager_load = true
64
- end
@@ -1,45 +0,0 @@
1
- # frozen_string_literal: true
2
-
3
- Dummy::Application.configure do
4
- # Settings specified here will take precedence over those in config/application.rb
5
-
6
- # The test environment is used exclusively to run your application's
7
- # test suite. You never need to work with it otherwise. Remember that
8
- # your test database is "scratch space" for the test suite and is wiped
9
- # and recreated between test runs. Don't rely on the data there!
10
- config.cache_classes = true
11
-
12
- config.assets.enabled = true
13
- config.assets.version = "1.0"
14
- config.assets.digest = false
15
-
16
- # Do not eager load code on boot. This avoids loading your whole application
17
- # just for the purpose of running a single test. If you are using a tool that
18
- # preloads Rails for running tests, you may have to set it to true.
19
- config.eager_load = false
20
-
21
- # Show full error reports and disable caching
22
- config.consider_all_requests_local = true
23
- config.action_controller.perform_caching = false
24
-
25
- # Raise exceptions instead of rendering exception templates
26
- config.action_dispatch.show_exceptions = false
27
-
28
- # Disable request forgery protection in test environment
29
- config.action_controller.allow_forgery_protection = false
30
-
31
- # Tell Action Mailer not to deliver emails to the real world.
32
- # The :test delivery method accumulates sent emails in the
33
- # ActionMailer::Base.deliveries array.
34
- # config.action_mailer.delivery_method = :test
35
-
36
- # Use SQL instead of Active Record's schema dumper when creating the test database.
37
- # This is necessary if your schema can't be completely dumped by the schema dumper,
38
- # like if you have constraints or database-specific column types
39
- # config.active_record.schema_format = :sql
40
-
41
- # Print deprecation notices to the stderr
42
- config.active_support.deprecation = :stderr
43
-
44
- config.eager_load = true
45
- end
@@ -1,9 +0,0 @@
1
- # frozen_string_literal: true
2
-
3
- # Be sure to restart your server when you modify this file.
4
-
5
- # You can add backtrace silencers for libraries that you're using but don't wish to see in your backtraces.
6
- # Rails.backtrace_cleaner.add_silencer { |line| line =~ /my_noisy_library/ }
7
-
8
- # You can also remove all the silencers if you're trying to debug a problem that might stem from framework code.
9
- # Rails.backtrace_cleaner.remove_silencers!
@@ -1,166 +0,0 @@
1
- # frozen_string_literal: true
2
-
3
- Doorkeeper.configure do
4
- # Change the ORM that doorkeeper will use.
5
- orm DOORKEEPER_ORM
6
-
7
- # This block will be called to check whether the resource owner is authenticated or not.
8
- resource_owner_authenticator do
9
- # Put your resource owner authentication logic here.
10
- User.where(id: session[:user_id]).first || redirect_to(root_url, alert: "Needs sign in.")
11
- end
12
-
13
- # If you didn't skip applications controller from Doorkeeper routes in your application routes.rb
14
- # file then you need to declare this block in order to restrict access to the web interface for
15
- # adding oauth authorized applications. In other case it will return 403 Forbidden response
16
- # every time somebody will try to access the admin web interface.
17
- #
18
- # admin_authenticator do
19
- # # Put your admin authentication logic here.
20
- # # Example implementation:
21
- # Admin.find_by_id(session[:admin_id]) || redirect_to(new_admin_session_url)
22
- # end
23
-
24
- # Authorization Code expiration time (default 10 minutes).
25
- # authorization_code_expires_in 10.minutes
26
-
27
- # Access token expiration time (default 2 hours).
28
- # If you want to disable expiration, set this to nil.
29
- # access_token_expires_in 2.hours
30
-
31
- # Reuse access token for the same resource owner within an application (disabled by default)
32
- # Rationale: https://github.com/doorkeeper-gem/doorkeeper/issues/383
33
- # reuse_access_token
34
-
35
- # Issue access tokens with refresh token (disabled by default)
36
- use_refresh_token
37
-
38
- # Forbids creating/updating applications with arbitrary scopes that are
39
- # not in configuration, i.e. `default_scopes` or `optional_scopes`.
40
- # (disabled by default)
41
- #
42
- # enforce_configured_scopes
43
-
44
- # Provide support for an owner to be assigned to each registered application (disabled by default)
45
- # Optional parameter confirmation: true (default false) if you want to enforce ownership of
46
- # a registered application
47
- # Note: you must also run the rails g doorkeeper:application_owner generator to provide the necessary support
48
- # enable_application_owner confirmation: false
49
-
50
- # Define access token scopes for your provider
51
- # For more information go to
52
- # https://github.com/doorkeeper-gem/doorkeeper/wiki/Using-Scopes
53
- default_scopes :public
54
- optional_scopes :write, :update
55
-
56
- # Change the way client credentials are retrieved from the request object.
57
- # By default it retrieves first from the `HTTP_AUTHORIZATION` header, then
58
- # falls back to the `:client_id` and `:client_secret` params from the `params` object.
59
- # Check out the wiki for more information on customization
60
- # client_credentials :from_basic, :from_params
61
-
62
- # Change the way access token is authenticated from the request object.
63
- # By default it retrieves first from the `HTTP_AUTHORIZATION` header, then
64
- # falls back to the `:access_token` or `:bearer_token` params from the `params` object.
65
- # Check out the wiki for more information on customization
66
- # access_token_methods :from_bearer_authorization, :from_access_token_param, :from_bearer_param
67
-
68
- # Forces the usage of the HTTPS protocol in non-native redirect uris (enabled
69
- # by default in non-development environments). OAuth2 delegates security in
70
- # communication to the HTTPS protocol so it is wise to keep this enabled.
71
- #
72
- # force_ssl_in_redirect_uri !Rails.env.development?
73
-
74
- # Specify what grant flows are enabled in array of Strings. The valid
75
- # strings and the flows they enable are:
76
- #
77
- # "authorization_code" => Authorization Code Grant Flow
78
- # "implicit" => Implicit Grant Flow
79
- # "password" => Resource Owner Password Credentials Grant Flow
80
- # "client_credentials" => Client Credentials Grant Flow
81
- #
82
- # If not specified, Doorkeeper enables authorization_code and
83
- # client_credentials.
84
- #
85
- # implicit and password grant flows have risks that you should understand
86
- # before enabling:
87
- # http://tools.ietf.org/html/rfc6819#section-4.4.2
88
- # http://tools.ietf.org/html/rfc6819#section-4.4.3
89
- #
90
- # grant_flows %w[authorization_code client_credentials]
91
-
92
- # Hook into the strategies' request & response life-cycle in case your
93
- # application needs advanced customization or logging:
94
- #
95
- # before_successful_strategy_response do |request|
96
- # puts "BEFORE HOOK FIRED! #{request}"
97
- # end
98
- #
99
- # after_successful_strategy_response do |request, response|
100
- # puts "AFTER HOOK FIRED! #{request}, #{response}"
101
- # end
102
-
103
- # Under some circumstances you might want to have applications auto-approved,
104
- # so that the user skips the authorization step.
105
- # For example if dealing with a trusted application.
106
- # skip_authorization do |resource_owner, client|
107
- # client.superapp? or resource_owner.admin?
108
- # end
109
-
110
- # Configure custom constraints for the Token Introspection request.
111
- # By default this configuration option allows to introspect a token by another
112
- # token of the same application, OR to introspect the token that belongs to
113
- # authorized client (from authenticated client) OR when token doesn't
114
- # belong to any client (public token). Otherwise requester has no access to the
115
- # introspection and it will return response as stated in the RFC.
116
- #
117
- # Block arguments:
118
- #
119
- # @param token [Doorkeeper::AccessToken]
120
- # token to be introspected
121
- #
122
- # @param authorized_client [Doorkeeper::Application]
123
- # authorized client (if request is authorized using Basic auth with
124
- # Client Credentials for example)
125
- #
126
- # @param authorized_token [Doorkeeper::AccessToken]
127
- # Bearer token used to authorize the request
128
- #
129
- # In case the block returns `nil` or `false` introspection responses with 401 status code
130
- # when using authorized token to introspect, or you'll get 200 with { "active": false } body
131
- # when using authorized client to introspect as stated in the
132
- # RFC 7662 section 2.2. Introspection Response.
133
- #
134
- # Using with caution:
135
- # Keep in mind that these three parameters pass to block can be nil as following case:
136
- # `authorized_client` is nil if and only if `authorized_token` is present, and vice versa.
137
- # `token` will be nil if and only if `authorized_token` is present.
138
- # So remember to use `&` or check if it is present before calling method on
139
- # them to make sure you doesn't get NoMethodError exception.
140
- #
141
- # You can define your custom check:
142
- #
143
- # allow_token_introspection do |token, authorized_client, authorized_token|
144
- # if authorized_token
145
- # # customize: require `introspection` scope
146
- # authorized_token.application == token&.application ||
147
- # authorized_token.scopes.include?("introspection")
148
- # elsif token.application
149
- # # `protected_resource` is a new database boolean column, for example
150
- # authorized_client == token.application || authorized_client.protected_resource?
151
- # else
152
- # # public token (when token.application is nil, token doesn't belong to any application)
153
- # true
154
- # end
155
- # end
156
- #
157
- # Or you can completely disable any token introspection:
158
- #
159
- # allow_token_introspection false
160
- #
161
- # If you need to block the request at all, then configure your routes.rb or web-server
162
- # like nginx to forbid the request.
163
-
164
- # WWW-Authenticate Realm (default "Doorkeeper").
165
- realm "Doorkeeper"
166
- end
@@ -1,10 +0,0 @@
1
- # frozen_string_literal: true
2
-
3
- # Be sure to restart your server when you modify this file.
4
-
5
- # Your secret key for verifying the integrity of signed cookies.
6
- # If you change this key, all old signed cookies will become invalid!
7
- # Make sure the secret is at least 30 characters and all random,
8
- # no regular words or you'll be exposed to dictionary attacks.
9
- Dummy::Application.config.secret_key_base =
10
- "c00157b5a1bb6181792f0f4a8a080485de7bab9987e6cf159"
@@ -1,10 +0,0 @@
1
- # frozen_string_literal: true
2
-
3
- # Be sure to restart your server when you modify this file.
4
-
5
- Dummy::Application.config.session_store :cookie_store, key: "_dummy_session"
6
-
7
- # Use the database for sessions instead of the cookie-based default,
8
- # which shouldn't be used to store highly confidential information
9
- # (create the session table with "rails generate session_migration")
10
- # Dummy::Application.config.session_store :active_record_store
@@ -1,16 +0,0 @@
1
- # frozen_string_literal: true
2
-
3
- # Be sure to restart your server when you modify this file.
4
- #
5
- # This file contains settings for ActionController::ParamsWrapper which
6
- # is enabled by default.
7
-
8
- # Enable parameter wrapping for JSON. You can disable this by setting :format to an empty array.
9
- ActiveSupport.on_load(:action_controller) do
10
- wrap_parameters format: [:json]
11
- end
12
-
13
- # Disable root element in JSON by default.
14
- ActiveSupport.on_load(:active_record) do
15
- self.include_root_in_json = false
16
- end
@@ -1,5 +0,0 @@
1
- en:
2
- doorkeeper:
3
- scopes:
4
- public: "Access your public data"
5
- write: "Update your data"
@@ -1,13 +0,0 @@
1
- Rails.application.routes.draw do
2
- use_doorkeeper
3
-
4
- resources :semi_protected_resources
5
- resources :full_protected_resources
6
-
7
- get 'metal.json' => 'metal#index'
8
-
9
- get '/callback', to: 'home#callback'
10
- get '/sign_in', to: 'home#sign_in'
11
-
12
- root to: 'home#index'
13
- end
data/spec/dummy/config.ru DELETED
@@ -1,6 +0,0 @@
1
- # frozen_string_literal: true
2
-
3
- # This file is used by Rack-based servers to start the application.
4
-
5
- require ::File.expand_path("../config/environment", __FILE__)
6
- run Dummy::Application
@@ -1,11 +0,0 @@
1
- # frozen_string_literal: true
2
-
3
- class CreateUsers < ActiveRecord::Migration[4.2]
4
- def change
5
- create_table :users do |t|
6
- t.string :name
7
-
8
- t.timestamps
9
- end
10
- end
11
- end
@@ -1,7 +0,0 @@
1
- # frozen_string_literal: true
2
-
3
- class AddPasswordToUsers < ActiveRecord::Migration[4.2]
4
- def change
5
- add_column :users, :password, :string
6
- end
7
- end
@@ -1,69 +0,0 @@
1
- # frozen_string_literal: true
2
-
3
- class CreateDoorkeeperTables < ActiveRecord::Migration[4.2]
4
- def change
5
- create_table :oauth_applications do |t|
6
- t.string :name, null: false
7
- t.string :uid, null: false
8
- t.string :secret, null: false
9
-
10
- # Remove `null: false` if you are planning to use grant flows
11
- # that doesn't require redirect URI to be used during authorization
12
- # like Client Credentials flow or Resource Owner Password.
13
- t.text :redirect_uri, null: false
14
- t.string :scopes, null: false, default: ""
15
- t.timestamps null: false
16
- end
17
-
18
- add_index :oauth_applications, :uid, unique: true
19
-
20
- create_table :oauth_access_grants do |t|
21
- t.references :resource_owner, null: false
22
- t.references :application, null: false
23
- t.string :token, null: false
24
- t.integer :expires_in, null: false
25
- t.text :redirect_uri, null: false
26
- t.datetime :created_at, null: false
27
- t.datetime :revoked_at
28
- t.string :scopes, null: false, default: ""
29
- end
30
-
31
- add_index :oauth_access_grants, :token, unique: true
32
- add_foreign_key(
33
- :oauth_access_grants,
34
- :oauth_applications,
35
- column: :application_id
36
- )
37
-
38
- create_table :oauth_access_tokens do |t|
39
- t.references :resource_owner, index: true
40
- t.references :application, null: false
41
-
42
- # If you use a custom token generator you may need to change this column
43
- # from string to text, so that it accepts tokens larger than 255
44
- # characters. More info on custom token generators in:
45
- # https://github.com/doorkeeper-gem/doorkeeper/tree/v3.0.0.rc1#custom-access-token-generator
46
- #
47
- # t.text :token, null: false
48
- t.string :token, null: false
49
-
50
- t.string :refresh_token
51
- t.integer :expires_in
52
- t.datetime :revoked_at
53
- t.datetime :created_at, null: false
54
- t.string :scopes
55
- end
56
-
57
- add_index :oauth_access_tokens, :token, unique: true
58
- add_index :oauth_access_tokens, :refresh_token, unique: true
59
- add_foreign_key(
60
- :oauth_access_tokens,
61
- :oauth_applications,
62
- column: :application_id
63
- )
64
-
65
- # Uncomment below to ensure a valid reference to the resource owner's table
66
- add_foreign_key :oauth_access_grants, :users, column: :resource_owner_id
67
- add_foreign_key :oauth_access_tokens, :users, column: :resource_owner_id
68
- end
69
- end
@@ -1,9 +0,0 @@
1
- # frozen_string_literal: true
2
-
3
- class AddOwnerToApplication < ActiveRecord::Migration[4.2]
4
- def change
5
- add_column :oauth_applications, :owner_id, :integer, null: true
6
- add_column :oauth_applications, :owner_type, :string, null: true
7
- add_index :oauth_applications, %i[owner_id owner_type]
8
- end
9
- end
@@ -1,13 +0,0 @@
1
- # frozen_string_literal: true
2
-
3
- class AddPreviousRefreshTokenToAccessTokens < ActiveRecord::Migration[4.2]
4
- def change
5
- add_column(
6
- :oauth_access_tokens,
7
- :previous_refresh_token,
8
- :string,
9
- default: "",
10
- null: false
11
- )
12
- end
13
- end
@@ -1,8 +0,0 @@
1
- # frozen_string_literal: true
2
-
3
- class EnablePkce < ActiveRecord::Migration[4.2]
4
- def change
5
- add_column :oauth_access_grants, :code_challenge, :string, null: true
6
- add_column :oauth_access_grants, :code_challenge_method, :string, null: true
7
- end
8
- end
@@ -1,13 +0,0 @@
1
- # frozen_string_literal: true
2
-
3
- class AddConfidentialToApplications < ActiveRecord::Migration[5.1]
4
- def change
5
- add_column(
6
- :oauth_applications,
7
- :confidential,
8
- :boolean,
9
- null: false,
10
- default: true # maintaining backwards compatibility: require secrets
11
- )
12
- end
13
- end
@@ -1,68 +0,0 @@
1
- # This file is auto-generated from the current state of the database. Instead
2
- # of editing this file, please use the migrations feature of Active Record to
3
- # incrementally modify your database, and then regenerate this schema definition.
4
- #
5
- # Note that this schema.rb definition is the authoritative source for your
6
- # database schema. If you need to create the application database on another
7
- # system, you should be using db:schema:load, not running all the migrations
8
- # from scratch. The latter is a flawed and unsustainable approach (the more migrations
9
- # you'll amass, the slower it'll run and the greater likelihood for issues).
10
- #
11
- # It's strongly recommended that you check this file into your version control system.
12
-
13
- ActiveRecord::Schema.define(version: 20180210183654) do
14
-
15
- create_table "oauth_access_grants", force: :cascade do |t|
16
- t.integer "resource_owner_id", null: false
17
- t.integer "application_id", null: false
18
- t.string "token", null: false
19
- t.integer "expires_in", null: false
20
- t.text "redirect_uri", null: false
21
- t.datetime "created_at", null: false
22
- t.datetime "revoked_at"
23
- t.string "scopes"
24
- unless ENV['WITHOUT_PKCE']
25
- t.string "code_challenge"
26
- t.string "code_challenge_method"
27
- end
28
- t.index ["token"], name: "index_oauth_access_grants_on_token", unique: true
29
- end
30
-
31
- create_table "oauth_access_tokens", force: :cascade do |t|
32
- t.integer "resource_owner_id"
33
- t.integer "application_id"
34
- t.string "token", null: false
35
- t.string "refresh_token"
36
- t.integer "expires_in"
37
- t.datetime "revoked_at"
38
- t.datetime "created_at", null: false
39
- t.string "scopes"
40
- t.string "previous_refresh_token", default: "", null: false
41
- t.index ["refresh_token"], name: "index_oauth_access_tokens_on_refresh_token", unique: true
42
- t.index ["resource_owner_id"], name: "index_oauth_access_tokens_on_resource_owner_id"
43
- t.index ["token"], name: "index_oauth_access_tokens_on_token", unique: true
44
- end
45
-
46
- create_table "oauth_applications", force: :cascade do |t|
47
- t.string "name", null: false
48
- t.string "uid", null: false
49
- t.string "secret", null: false
50
- t.text "redirect_uri"
51
- t.string "scopes", default: "", null: false
52
- t.datetime "created_at", null: false
53
- t.datetime "updated_at", null: false
54
- t.integer "owner_id"
55
- t.string "owner_type"
56
- t.boolean "confidential", default: true, null: false
57
- t.index ["owner_id", "owner_type"], name: "index_oauth_applications_on_owner_id_and_owner_type"
58
- t.index ["uid"], name: "index_oauth_applications_on_uid", unique: true
59
- end
60
-
61
- create_table "users", force: :cascade do |t|
62
- t.string "name"
63
- t.datetime "created_at"
64
- t.datetime "updated_at"
65
- t.string "password"
66
- end
67
-
68
- end
@@ -1,26 +0,0 @@
1
- <!DOCTYPE html>
2
- <html>
3
- <head>
4
- <title>The page you were looking for doesn't exist (404)</title>
5
- <style type="text/css">
6
- body { background-color: #fff; color: #666; text-align: center; font-family: arial, sans-serif; }
7
- div.dialog {
8
- width: 25em;
9
- padding: 0 4em;
10
- margin: 4em auto 0 auto;
11
- border: 1px solid #ccc;
12
- border-right-color: #999;
13
- border-bottom-color: #999;
14
- }
15
- h1 { font-size: 100%; color: #f00; line-height: 1.5em; }
16
- </style>
17
- </head>
18
-
19
- <body>
20
- <!-- This file lives in public/404.html -->
21
- <div class="dialog">
22
- <h1>The page you were looking for doesn't exist.</h1>
23
- <p>You may have mistyped the address or the page may have moved.</p>
24
- </div>
25
- </body>
26
- </html>