doorkeeper 5.2.2 → 5.5.4

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.


This version of doorkeeper might be problematic. Click here for more details.

Files changed (260) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +198 -3
  3. data/README.md +28 -20
  4. data/app/controllers/doorkeeper/application_controller.rb +3 -2
  5. data/app/controllers/doorkeeper/application_metal_controller.rb +2 -2
  6. data/app/controllers/doorkeeper/applications_controller.rb +7 -8
  7. data/app/controllers/doorkeeper/authorizations_controller.rb +48 -18
  8. data/app/controllers/doorkeeper/authorized_applications_controller.rb +6 -6
  9. data/app/controllers/doorkeeper/token_info_controller.rb +12 -2
  10. data/app/controllers/doorkeeper/tokens_controller.rb +70 -25
  11. data/app/helpers/doorkeeper/dashboard_helper.rb +1 -1
  12. data/app/views/doorkeeper/applications/_form.html.erb +1 -1
  13. data/app/views/doorkeeper/applications/show.html.erb +35 -14
  14. data/app/views/doorkeeper/authorizations/form_post.html.erb +15 -0
  15. data/app/views/doorkeeper/authorizations/new.html.erb +2 -0
  16. data/config/locales/en.yml +9 -2
  17. data/lib/doorkeeper/config/abstract_builder.rb +28 -0
  18. data/lib/doorkeeper/config/option.rb +26 -14
  19. data/lib/doorkeeper/config/validations.rb +53 -0
  20. data/lib/doorkeeper/config.rb +214 -122
  21. data/lib/doorkeeper/engine.rb +1 -1
  22. data/lib/doorkeeper/grant_flow/fallback_flow.rb +15 -0
  23. data/lib/doorkeeper/grant_flow/flow.rb +44 -0
  24. data/lib/doorkeeper/grant_flow/registry.rb +50 -0
  25. data/lib/doorkeeper/grant_flow.rb +45 -0
  26. data/lib/doorkeeper/grape/helpers.rb +2 -2
  27. data/lib/doorkeeper/helpers/controller.rb +18 -12
  28. data/lib/doorkeeper/models/access_grant_mixin.rb +23 -19
  29. data/lib/doorkeeper/models/access_token_mixin.rb +157 -55
  30. data/lib/doorkeeper/models/application_mixin.rb +8 -7
  31. data/lib/doorkeeper/models/concerns/expirable.rb +1 -1
  32. data/lib/doorkeeper/models/concerns/ownership.rb +1 -1
  33. data/lib/doorkeeper/models/concerns/resource_ownerable.rb +47 -0
  34. data/lib/doorkeeper/models/concerns/reusable.rb +1 -1
  35. data/lib/doorkeeper/models/concerns/revocable.rb +1 -28
  36. data/lib/doorkeeper/models/concerns/scopes.rb +5 -1
  37. data/lib/doorkeeper/models/concerns/secret_storable.rb +1 -3
  38. data/lib/doorkeeper/oauth/authorization/code.rb +22 -9
  39. data/lib/doorkeeper/oauth/authorization/context.rb +5 -5
  40. data/lib/doorkeeper/oauth/authorization/token.rb +23 -18
  41. data/lib/doorkeeper/oauth/authorization/uri_builder.rb +4 -4
  42. data/lib/doorkeeper/oauth/authorization_code_request.rb +30 -20
  43. data/lib/doorkeeper/oauth/base_request.rb +19 -23
  44. data/lib/doorkeeper/oauth/client/credentials.rb +2 -4
  45. data/lib/doorkeeper/oauth/client.rb +8 -9
  46. data/lib/doorkeeper/oauth/client_credentials/creator.rb +38 -12
  47. data/lib/doorkeeper/oauth/client_credentials/issuer.rb +10 -8
  48. data/lib/doorkeeper/oauth/client_credentials/{validation.rb → validator.rb} +7 -5
  49. data/lib/doorkeeper/oauth/client_credentials_request.rb +8 -7
  50. data/lib/doorkeeper/oauth/code_request.rb +4 -4
  51. data/lib/doorkeeper/oauth/code_response.rb +24 -14
  52. data/lib/doorkeeper/oauth/error.rb +1 -1
  53. data/lib/doorkeeper/oauth/error_response.rb +10 -11
  54. data/lib/doorkeeper/oauth/forbidden_token_response.rb +2 -1
  55. data/lib/doorkeeper/oauth/helpers/scope_checker.rb +8 -12
  56. data/lib/doorkeeper/oauth/helpers/unique_token.rb +10 -7
  57. data/lib/doorkeeper/oauth/helpers/uri_checker.rb +1 -19
  58. data/lib/doorkeeper/oauth/hooks/context.rb +21 -0
  59. data/lib/doorkeeper/oauth/invalid_request_response.rb +3 -3
  60. data/lib/doorkeeper/oauth/invalid_token_response.rb +7 -4
  61. data/lib/doorkeeper/oauth/password_access_token_request.rb +28 -10
  62. data/lib/doorkeeper/oauth/pre_authorization.rb +73 -37
  63. data/lib/doorkeeper/oauth/refresh_token_request.rb +35 -26
  64. data/lib/doorkeeper/oauth/token.rb +6 -7
  65. data/lib/doorkeeper/oauth/token_introspection.rb +12 -16
  66. data/lib/doorkeeper/oauth/token_request.rb +3 -3
  67. data/lib/doorkeeper/oauth/token_response.rb +1 -1
  68. data/lib/doorkeeper/orm/active_record/access_grant.rb +4 -43
  69. data/lib/doorkeeper/orm/active_record/access_token.rb +4 -35
  70. data/lib/doorkeeper/orm/active_record/application.rb +5 -95
  71. data/lib/doorkeeper/orm/active_record/mixins/access_grant.rb +69 -0
  72. data/lib/doorkeeper/orm/active_record/mixins/access_token.rb +60 -0
  73. data/lib/doorkeeper/orm/active_record/mixins/application.rb +199 -0
  74. data/lib/doorkeeper/orm/active_record/redirect_uri_validator.rb +8 -3
  75. data/lib/doorkeeper/orm/active_record.rb +5 -7
  76. data/lib/doorkeeper/rails/helpers.rb +4 -4
  77. data/lib/doorkeeper/rails/routes/abstract_router.rb +35 -0
  78. data/lib/doorkeeper/rails/routes/mapper.rb +2 -2
  79. data/lib/doorkeeper/rails/routes/registry.rb +45 -0
  80. data/lib/doorkeeper/rails/routes.rb +17 -25
  81. data/lib/doorkeeper/rake/db.rake +6 -6
  82. data/lib/doorkeeper/rake/setup.rake +5 -0
  83. data/lib/doorkeeper/request/authorization_code.rb +3 -3
  84. data/lib/doorkeeper/request/client_credentials.rb +2 -2
  85. data/lib/doorkeeper/request/password.rb +3 -2
  86. data/lib/doorkeeper/request/refresh_token.rb +5 -4
  87. data/lib/doorkeeper/request/strategy.rb +2 -2
  88. data/lib/doorkeeper/request.rb +49 -12
  89. data/lib/doorkeeper/server.rb +5 -5
  90. data/lib/doorkeeper/stale_records_cleaner.rb +4 -4
  91. data/lib/doorkeeper/version.rb +2 -6
  92. data/lib/doorkeeper.rb +112 -81
  93. data/lib/generators/doorkeeper/application_owner_generator.rb +1 -1
  94. data/lib/generators/doorkeeper/confidential_applications_generator.rb +2 -2
  95. data/lib/generators/doorkeeper/enable_polymorphic_resource_owner_generator.rb +39 -0
  96. data/lib/generators/doorkeeper/migration_generator.rb +1 -1
  97. data/lib/generators/doorkeeper/pkce_generator.rb +1 -1
  98. data/lib/generators/doorkeeper/previous_refresh_token_generator.rb +2 -2
  99. data/lib/generators/doorkeeper/templates/add_owner_to_application_migration.rb.erb +3 -1
  100. data/lib/generators/doorkeeper/templates/add_previous_refresh_token_to_access_tokens.rb.erb +2 -0
  101. data/lib/generators/doorkeeper/templates/enable_pkce_migration.rb.erb +2 -0
  102. data/lib/generators/doorkeeper/templates/enable_polymorphic_resource_owner_migration.rb.erb +17 -0
  103. data/lib/generators/doorkeeper/templates/initializer.rb +99 -14
  104. data/lib/generators/doorkeeper/templates/migration.rb.erb +14 -5
  105. metadata +37 -306
  106. data/Appraisals +0 -40
  107. data/CODE_OF_CONDUCT.md +0 -46
  108. data/CONTRIBUTING.md +0 -49
  109. data/Dangerfile +0 -67
  110. data/Dockerfile +0 -29
  111. data/Gemfile +0 -25
  112. data/NEWS.md +0 -1
  113. data/RELEASING.md +0 -11
  114. data/Rakefile +0 -28
  115. data/SECURITY.md +0 -15
  116. data/UPGRADE.md +0 -2
  117. data/bin/console +0 -16
  118. data/doorkeeper.gemspec +0 -42
  119. data/gemfiles/rails_5_0.gemfile +0 -18
  120. data/gemfiles/rails_5_1.gemfile +0 -18
  121. data/gemfiles/rails_5_2.gemfile +0 -18
  122. data/gemfiles/rails_6_0.gemfile +0 -18
  123. data/gemfiles/rails_master.gemfile +0 -18
  124. data/spec/controllers/application_metal_controller_spec.rb +0 -64
  125. data/spec/controllers/applications_controller_spec.rb +0 -273
  126. data/spec/controllers/authorizations_controller_spec.rb +0 -608
  127. data/spec/controllers/protected_resources_controller_spec.rb +0 -353
  128. data/spec/controllers/token_info_controller_spec.rb +0 -50
  129. data/spec/controllers/tokens_controller_spec.rb +0 -498
  130. data/spec/dummy/Rakefile +0 -9
  131. data/spec/dummy/app/assets/config/manifest.js +0 -2
  132. data/spec/dummy/app/controllers/application_controller.rb +0 -5
  133. data/spec/dummy/app/controllers/custom_authorizations_controller.rb +0 -9
  134. data/spec/dummy/app/controllers/full_protected_resources_controller.rb +0 -14
  135. data/spec/dummy/app/controllers/home_controller.rb +0 -18
  136. data/spec/dummy/app/controllers/metal_controller.rb +0 -13
  137. data/spec/dummy/app/controllers/semi_protected_resources_controller.rb +0 -13
  138. data/spec/dummy/app/helpers/application_helper.rb +0 -7
  139. data/spec/dummy/app/models/user.rb +0 -7
  140. data/spec/dummy/app/views/home/index.html.erb +0 -0
  141. data/spec/dummy/app/views/layouts/application.html.erb +0 -14
  142. data/spec/dummy/config/application.rb +0 -49
  143. data/spec/dummy/config/boot.rb +0 -7
  144. data/spec/dummy/config/database.yml +0 -15
  145. data/spec/dummy/config/environment.rb +0 -5
  146. data/spec/dummy/config/environments/development.rb +0 -31
  147. data/spec/dummy/config/environments/production.rb +0 -64
  148. data/spec/dummy/config/environments/test.rb +0 -45
  149. data/spec/dummy/config/initializers/backtrace_silencers.rb +0 -9
  150. data/spec/dummy/config/initializers/doorkeeper.rb +0 -166
  151. data/spec/dummy/config/initializers/secret_token.rb +0 -10
  152. data/spec/dummy/config/initializers/session_store.rb +0 -10
  153. data/spec/dummy/config/initializers/wrap_parameters.rb +0 -16
  154. data/spec/dummy/config/locales/doorkeeper.en.yml +0 -5
  155. data/spec/dummy/config/routes.rb +0 -13
  156. data/spec/dummy/config.ru +0 -6
  157. data/spec/dummy/db/migrate/20111122132257_create_users.rb +0 -11
  158. data/spec/dummy/db/migrate/20120312140401_add_password_to_users.rb +0 -7
  159. data/spec/dummy/db/migrate/20151223192035_create_doorkeeper_tables.rb +0 -69
  160. data/spec/dummy/db/migrate/20151223200000_add_owner_to_application.rb +0 -9
  161. data/spec/dummy/db/migrate/20160320211015_add_previous_refresh_token_to_access_tokens.rb +0 -13
  162. data/spec/dummy/db/migrate/20170822064514_enable_pkce.rb +0 -8
  163. data/spec/dummy/db/migrate/20180210183654_add_confidential_to_applications.rb +0 -13
  164. data/spec/dummy/db/schema.rb +0 -68
  165. data/spec/dummy/public/404.html +0 -26
  166. data/spec/dummy/public/422.html +0 -26
  167. data/spec/dummy/public/500.html +0 -26
  168. data/spec/dummy/public/favicon.ico +0 -0
  169. data/spec/dummy/script/rails +0 -9
  170. data/spec/factories.rb +0 -30
  171. data/spec/generators/application_owner_generator_spec.rb +0 -28
  172. data/spec/generators/confidential_applications_generator_spec.rb +0 -29
  173. data/spec/generators/install_generator_spec.rb +0 -36
  174. data/spec/generators/migration_generator_spec.rb +0 -28
  175. data/spec/generators/pkce_generator_spec.rb +0 -28
  176. data/spec/generators/previous_refresh_token_generator_spec.rb +0 -44
  177. data/spec/generators/templates/routes.rb +0 -4
  178. data/spec/generators/views_generator_spec.rb +0 -29
  179. data/spec/grape/grape_integration_spec.rb +0 -137
  180. data/spec/helpers/doorkeeper/dashboard_helper_spec.rb +0 -26
  181. data/spec/lib/config_spec.rb +0 -739
  182. data/spec/lib/doorkeeper_spec.rb +0 -27
  183. data/spec/lib/models/expirable_spec.rb +0 -61
  184. data/spec/lib/models/reusable_spec.rb +0 -40
  185. data/spec/lib/models/revocable_spec.rb +0 -59
  186. data/spec/lib/models/scopes_spec.rb +0 -53
  187. data/spec/lib/models/secret_storable_spec.rb +0 -135
  188. data/spec/lib/oauth/authorization/uri_builder_spec.rb +0 -39
  189. data/spec/lib/oauth/authorization_code_request_spec.rb +0 -168
  190. data/spec/lib/oauth/base_request_spec.rb +0 -222
  191. data/spec/lib/oauth/base_response_spec.rb +0 -47
  192. data/spec/lib/oauth/client/credentials_spec.rb +0 -90
  193. data/spec/lib/oauth/client_credentials/creator_spec.rb +0 -97
  194. data/spec/lib/oauth/client_credentials/issuer_spec.rb +0 -112
  195. data/spec/lib/oauth/client_credentials/validation_spec.rb +0 -59
  196. data/spec/lib/oauth/client_credentials_integration_spec.rb +0 -29
  197. data/spec/lib/oauth/client_credentials_request_spec.rb +0 -109
  198. data/spec/lib/oauth/client_spec.rb +0 -38
  199. data/spec/lib/oauth/code_request_spec.rb +0 -46
  200. data/spec/lib/oauth/code_response_spec.rb +0 -36
  201. data/spec/lib/oauth/error_response_spec.rb +0 -66
  202. data/spec/lib/oauth/error_spec.rb +0 -23
  203. data/spec/lib/oauth/forbidden_token_response_spec.rb +0 -22
  204. data/spec/lib/oauth/helpers/scope_checker_spec.rb +0 -98
  205. data/spec/lib/oauth/helpers/unique_token_spec.rb +0 -21
  206. data/spec/lib/oauth/helpers/uri_checker_spec.rb +0 -262
  207. data/spec/lib/oauth/invalid_request_response_spec.rb +0 -75
  208. data/spec/lib/oauth/invalid_token_response_spec.rb +0 -55
  209. data/spec/lib/oauth/password_access_token_request_spec.rb +0 -192
  210. data/spec/lib/oauth/pre_authorization_spec.rb +0 -225
  211. data/spec/lib/oauth/refresh_token_request_spec.rb +0 -178
  212. data/spec/lib/oauth/scopes_spec.rb +0 -148
  213. data/spec/lib/oauth/token_request_spec.rb +0 -153
  214. data/spec/lib/oauth/token_response_spec.rb +0 -86
  215. data/spec/lib/oauth/token_spec.rb +0 -158
  216. data/spec/lib/request/strategy_spec.rb +0 -54
  217. data/spec/lib/secret_storing/base_spec.rb +0 -60
  218. data/spec/lib/secret_storing/bcrypt_spec.rb +0 -49
  219. data/spec/lib/secret_storing/plain_spec.rb +0 -44
  220. data/spec/lib/secret_storing/sha256_hash_spec.rb +0 -48
  221. data/spec/lib/server_spec.rb +0 -49
  222. data/spec/lib/stale_records_cleaner_spec.rb +0 -89
  223. data/spec/models/doorkeeper/access_grant_spec.rb +0 -163
  224. data/spec/models/doorkeeper/access_token_spec.rb +0 -622
  225. data/spec/models/doorkeeper/application_spec.rb +0 -377
  226. data/spec/requests/applications/applications_request_spec.rb +0 -259
  227. data/spec/requests/applications/authorized_applications_spec.rb +0 -32
  228. data/spec/requests/endpoints/authorization_spec.rb +0 -89
  229. data/spec/requests/endpoints/token_spec.rb +0 -75
  230. data/spec/requests/flows/authorization_code_errors_spec.rb +0 -79
  231. data/spec/requests/flows/authorization_code_spec.rb +0 -513
  232. data/spec/requests/flows/client_credentials_spec.rb +0 -166
  233. data/spec/requests/flows/implicit_grant_errors_spec.rb +0 -46
  234. data/spec/requests/flows/implicit_grant_spec.rb +0 -91
  235. data/spec/requests/flows/password_spec.rb +0 -296
  236. data/spec/requests/flows/refresh_token_spec.rb +0 -233
  237. data/spec/requests/flows/revoke_token_spec.rb +0 -151
  238. data/spec/requests/flows/skip_authorization_spec.rb +0 -66
  239. data/spec/requests/protected_resources/metal_spec.rb +0 -16
  240. data/spec/requests/protected_resources/private_api_spec.rb +0 -83
  241. data/spec/routing/custom_controller_routes_spec.rb +0 -133
  242. data/spec/routing/default_routes_spec.rb +0 -41
  243. data/spec/routing/scoped_routes_spec.rb +0 -47
  244. data/spec/spec_helper.rb +0 -57
  245. data/spec/spec_helper_integration.rb +0 -4
  246. data/spec/support/dependencies/factory_bot.rb +0 -4
  247. data/spec/support/doorkeeper_rspec.rb +0 -22
  248. data/spec/support/helpers/access_token_request_helper.rb +0 -13
  249. data/spec/support/helpers/authorization_request_helper.rb +0 -43
  250. data/spec/support/helpers/config_helper.rb +0 -11
  251. data/spec/support/helpers/model_helper.rb +0 -78
  252. data/spec/support/helpers/request_spec_helper.rb +0 -110
  253. data/spec/support/helpers/url_helper.rb +0 -62
  254. data/spec/support/http_method_shim.rb +0 -29
  255. data/spec/support/orm/active_record.rb +0 -5
  256. data/spec/support/shared/controllers_shared_context.rb +0 -123
  257. data/spec/support/shared/hashing_shared_context.rb +0 -36
  258. data/spec/support/shared/models_shared_examples.rb +0 -54
  259. data/spec/validators/redirect_uri_validator_spec.rb +0 -183
  260. data/spec/version/version_spec.rb +0 -17
@@ -1,43 +0,0 @@
1
- # frozen_string_literal: true
2
-
3
- module AuthorizationRequestHelper
4
- def resource_owner_is_authenticated(resource_owner = nil)
5
- resource_owner ||= User.create!(name: "Joe", password: "sekret")
6
- Doorkeeper.configuration.instance_variable_set(:@authenticate_resource_owner, proc { resource_owner })
7
- end
8
-
9
- def resource_owner_is_not_authenticated
10
- Doorkeeper.configuration.instance_variable_set(:@authenticate_resource_owner, proc { redirect_to("/sign_in") })
11
- end
12
-
13
- def default_scopes_exist(*scopes)
14
- Doorkeeper.configuration.instance_variable_set(:@default_scopes, Doorkeeper::OAuth::Scopes.from_array(scopes))
15
- end
16
-
17
- def optional_scopes_exist(*scopes)
18
- Doorkeeper.configuration.instance_variable_set(:@optional_scopes, Doorkeeper::OAuth::Scopes.from_array(scopes))
19
- end
20
-
21
- def client_should_be_authorized(client)
22
- expect(client.access_grants.size).to eq(1)
23
- end
24
-
25
- def client_should_not_be_authorized(client)
26
- expect(client.size).to eq(0)
27
- end
28
-
29
- def i_should_be_on_client_callback(client)
30
- expect(client.redirect_uri).to eq("#{current_uri.scheme}://#{current_uri.host}#{current_uri.path}")
31
- end
32
-
33
- def allowing_forgery_protection(&_block)
34
- original_value = ActionController::Base.allow_forgery_protection
35
- ActionController::Base.allow_forgery_protection = true
36
-
37
- yield
38
- ensure
39
- ActionController::Base.allow_forgery_protection = original_value
40
- end
41
- end
42
-
43
- RSpec.configuration.send :include, AuthorizationRequestHelper
@@ -1,11 +0,0 @@
1
- # frozen_string_literal: true
2
-
3
- module ConfigHelper
4
- def config_is_set(setting, value = nil, &block)
5
- setting_ivar = "@#{setting}"
6
- value = block_given? ? block : value
7
- Doorkeeper.configuration.instance_variable_set(setting_ivar, value)
8
- end
9
- end
10
-
11
- RSpec.configuration.send :include, ConfigHelper
@@ -1,78 +0,0 @@
1
- # frozen_string_literal: true
2
-
3
- module ModelHelper
4
- def client_exists(client_attributes = {})
5
- @client = FactoryBot.create(:application, client_attributes)
6
- end
7
-
8
- def create_resource_owner
9
- @resource_owner = User.create!(name: "Joe", password: "sekret")
10
- end
11
-
12
- def authorization_code_exists(options = {})
13
- @authorization = FactoryBot.create(:access_grant, options)
14
- end
15
-
16
- def access_token_exists(options = {})
17
- @access_token = FactoryBot.create(:access_token, options)
18
- end
19
-
20
- def access_grant_should_exist_for(client, resource_owner)
21
- grant = Doorkeeper::AccessGrant.first
22
-
23
- expect(grant.application).to have_attributes(id: client.id)
24
- .and(be_instance_of(Doorkeeper::Application))
25
-
26
- expect(grant.resource_owner_id).to eq(resource_owner.id)
27
- end
28
-
29
- def access_token_should_exist_for(client, resource_owner)
30
- token = Doorkeeper::AccessToken.first
31
-
32
- expect(token.application).to have_attributes(id: client.id)
33
- .and(be_instance_of(Doorkeeper::Application))
34
-
35
- expect(token.resource_owner_id).to eq(resource_owner.id)
36
- end
37
-
38
- def access_grant_should_not_exist
39
- expect(Doorkeeper::AccessGrant.all).to be_empty
40
- end
41
-
42
- def access_token_should_not_exist
43
- expect(Doorkeeper::AccessToken.all).to be_empty
44
- end
45
-
46
- def access_grant_should_have_scopes(*args)
47
- grant = Doorkeeper::AccessGrant.first
48
- expect(grant.scopes).to eq(Doorkeeper::OAuth::Scopes.from_array(args))
49
- end
50
-
51
- def access_token_should_have_scopes(*args)
52
- grant = Doorkeeper::AccessToken.last
53
- expect(grant.scopes).to eq(Doorkeeper::OAuth::Scopes.from_array(args))
54
- end
55
-
56
- def uniqueness_error
57
- case DOORKEEPER_ORM
58
- when :active_record
59
- ActiveRecord::RecordNotUnique
60
- when :sequel
61
- error_classes = [Sequel::UniqueConstraintViolation, Sequel::ValidationFailed]
62
- proc { |error| expect(error.class).to be_in(error_classes) }
63
- when :mongo_mapper
64
- error_classes = [MongoMapper::DocumentNotValid, Mongo::OperationFailure]
65
- proc { |error| expect(error.class).to be_in(error_classes) }
66
- when /mongoid/
67
- error_classes = [Mongoid::Errors::Validations]
68
- error_classes << Moped::Errors::OperationFailure if defined?(::Moped) # Mongoid 4
69
- error_classes << Mongo::Error::OperationFailure if defined?(::Mongo) # Mongoid 5
70
-
71
- proc { |error| expect(error.class).to be_in(error_classes) }
72
- else
73
- raise "'#{DOORKEEPER_ORM}' ORM is not supported!"
74
- end
75
- end
76
- end
77
-
78
- RSpec.configuration.send :include, ModelHelper
@@ -1,110 +0,0 @@
1
- # frozen_string_literal: true
2
-
3
- module RequestSpecHelper
4
- def i_am_logged_in
5
- allow(Doorkeeper.configuration).to receive(:authenticate_admin).and_return(->(*) {})
6
- end
7
-
8
- def i_should_see(content)
9
- expect(page).to have_content(content)
10
- end
11
-
12
- def i_should_not_see(content)
13
- expect(page).to have_no_content(content)
14
- end
15
-
16
- def i_should_be_on(path)
17
- expect(current_path).to eq(path)
18
- end
19
-
20
- def url_should_have_param(param, value)
21
- expect(current_params[param]).to eq(value)
22
- end
23
-
24
- def url_should_not_have_param(param)
25
- expect(current_params).not_to have_key(param)
26
- end
27
-
28
- def current_params
29
- Rack::Utils.parse_query(current_uri.query)
30
- end
31
-
32
- def current_uri
33
- URI.parse(page.current_url)
34
- end
35
-
36
- def request_response
37
- respond_to?(:response) ? response : page.driver.response
38
- end
39
-
40
- def json_response
41
- JSON.parse(request_response.body)
42
- end
43
-
44
- def should_have_header(header, value)
45
- expect(headers[header]).to eq(value)
46
- end
47
-
48
- def should_have_status(status)
49
- expect(page.driver.response.status).to eq(status)
50
- end
51
-
52
- def with_access_token_header(token)
53
- with_header "Authorization", "Bearer #{token}"
54
- end
55
-
56
- def with_header(header, value)
57
- page.driver.header(header, value)
58
- end
59
-
60
- def basic_auth_header_for_client(client)
61
- ActionController::HttpAuthentication::Basic.encode_credentials client.uid, client.secret
62
- end
63
-
64
- def should_have_json(key, value)
65
- expect(json_response.fetch(key)).to eq(value)
66
- end
67
-
68
- def should_have_json_within(key, value, range)
69
- expect(json_response.fetch(key)).to be_within(range).of(value)
70
- end
71
-
72
- def should_not_have_json(key)
73
- expect(json_response).not_to have_key(key)
74
- end
75
-
76
- def sign_in
77
- visit "/"
78
- click_on "Sign in"
79
- end
80
-
81
- def create_access_token(authorization_code, client, code_verifier = nil)
82
- page.driver.post token_endpoint_url(code: authorization_code, client: client, code_verifier: code_verifier)
83
- end
84
-
85
- def i_should_see_translated_error_message(key)
86
- i_should_see translated_error_message(key)
87
- end
88
-
89
- def i_should_not_see_translated_error_message(key)
90
- i_should_not_see translated_error_message(key)
91
- end
92
-
93
- def translated_error_message(key)
94
- I18n.translate(key, scope: %i[doorkeeper errors messages])
95
- end
96
-
97
- def i_should_see_translated_invalid_request_error_message(key, value)
98
- i_should_see translated_invalid_request_error_message(key, value)
99
- end
100
-
101
- def translated_invalid_request_error_message(key, value)
102
- I18n.translate key, scope: %i[doorkeeper errors messages invalid_request], value: value
103
- end
104
-
105
- def response_status_should_be(status)
106
- expect(request_response.status.to_i).to eq(status)
107
- end
108
- end
109
-
110
- RSpec.configuration.send :include, RequestSpecHelper
@@ -1,62 +0,0 @@
1
- # frozen_string_literal: true
2
-
3
- module UrlHelper
4
- def token_endpoint_url(options = {})
5
- parameters = {
6
- code: options[:code],
7
- client_id: options[:client_id] || options[:client].try(:uid),
8
- client_secret: options[:client_secret] || options[:client].try(:secret),
9
- redirect_uri: options[:redirect_uri] || options[:client].try(:redirect_uri),
10
- grant_type: options[:grant_type] || "authorization_code",
11
- code_verifier: options[:code_verifier],
12
- code_challenge_method: options[:code_challenge_method],
13
- }.reject { |_, v| v.blank? }
14
- "/oauth/token?#{build_query(parameters)}"
15
- end
16
-
17
- def password_token_endpoint_url(options = {})
18
- parameters = {
19
- code: options[:code],
20
- client_id: options[:client_id] || options[:client].try(:uid),
21
- client_secret: options[:client_secret] || options[:client].try(:secret),
22
- username: options[:resource_owner_username] || options[:resource_owner].try(:name),
23
- password: options[:resource_owner_password] || options[:resource_owner].try(:password),
24
- scope: options[:scope],
25
- grant_type: "password",
26
- }
27
- "/oauth/token?#{build_query(parameters)}"
28
- end
29
-
30
- def authorization_endpoint_url(options = {})
31
- parameters = {
32
- client_id: options[:client_id] || options[:client].try(:uid),
33
- redirect_uri: options[:redirect_uri] || options[:client].try(:redirect_uri),
34
- response_type: options[:response_type] || "code",
35
- scope: options[:scope],
36
- state: options[:state],
37
- code_challenge: options[:code_challenge],
38
- code_challenge_method: options[:code_challenge_method],
39
- }.reject { |_, v| v.blank? }
40
- "/oauth/authorize?#{build_query(parameters)}"
41
- end
42
-
43
- def refresh_token_endpoint_url(options = {})
44
- parameters = {
45
- refresh_token: options[:refresh_token],
46
- client_id: options[:client_id] || options[:client].try(:uid),
47
- client_secret: options[:client_secret] || options[:client].try(:secret),
48
- grant_type: options[:grant_type] || "refresh_token",
49
- }
50
- "/oauth/token?#{build_query(parameters)}"
51
- end
52
-
53
- def revocation_token_endpoint_url
54
- "/oauth/revoke"
55
- end
56
-
57
- def build_query(hash)
58
- Rack::Utils.build_query(hash)
59
- end
60
- end
61
-
62
- RSpec.configuration.send :include, UrlHelper
@@ -1,29 +0,0 @@
1
- # frozen_string_literal: true
2
-
3
- # Rails 5 deprecates calling HTTP action methods with positional arguments
4
- # in favor of keyword arguments. However, the keyword argument form is only
5
- # supported in Rails 5+. Since we support back to 4, we need some sort of shim
6
- # to avoid super noisy deprecations when running tests.
7
- module RoutingHTTPMethodShim
8
- def get(path, **args)
9
- super(path, args[:params], args[:headers])
10
- end
11
-
12
- def post(path, **args)
13
- super(path, args[:params], args[:headers])
14
- end
15
-
16
- def put(path, **args)
17
- super(path, args[:params], args[:headers])
18
- end
19
- end
20
-
21
- module ControllerHTTPMethodShim
22
- def process(action, http_method = "GET", **args)
23
- if (as = args.delete(:as))
24
- @request.headers["Content-Type"] = Mime[as].to_s
25
- end
26
-
27
- super(action, http_method, args[:params], args[:session], args[:flash])
28
- end
29
- end
@@ -1,5 +0,0 @@
1
- # frozen_string_literal: true
2
-
3
- # load schema to in memory sqlite
4
- ActiveRecord::Migration.verbose = false
5
- load Rails.root + "db/schema.rb"
@@ -1,123 +0,0 @@
1
- # frozen_string_literal: true
2
-
3
- shared_context "valid token", token: :valid do
4
- let(:token_string) { "1A2B3C4D" }
5
-
6
- let :token do
7
- double(Doorkeeper::AccessToken,
8
- accessible?: true, includes_scope?: true, acceptable?: true,
9
- previous_refresh_token: "", revoke_previous_refresh_token!: true)
10
- end
11
-
12
- before :each do
13
- allow(
14
- Doorkeeper::AccessToken
15
- ).to receive(:by_token).with(token_string).and_return(token)
16
- end
17
- end
18
-
19
- shared_context "invalid token", token: :invalid do
20
- let(:token_string) { "1A2B3C4D" }
21
-
22
- let :token do
23
- double(Doorkeeper::AccessToken,
24
- accessible?: false, revoked?: false, expired?: false,
25
- includes_scope?: false, acceptable?: false,
26
- previous_refresh_token: "", revoke_previous_refresh_token!: true)
27
- end
28
-
29
- before :each do
30
- allow(
31
- Doorkeeper::AccessToken
32
- ).to receive(:by_token).with(token_string).and_return(token)
33
- end
34
- end
35
-
36
- shared_context "authenticated resource owner" do
37
- before do
38
- user = double(:resource, id: 1)
39
- allow(Doorkeeper.configuration).to receive(:authenticate_resource_owner) { proc { user } }
40
- end
41
- end
42
-
43
- shared_context "not authenticated resource owner" do
44
- before do
45
- allow(Doorkeeper.configuration).to receive(:authenticate_resource_owner) { proc { redirect_to "/" } }
46
- end
47
- end
48
-
49
- shared_context "valid authorization request" do
50
- let :authorization do
51
- double(:authorization, valid?: true, authorize: true, success_redirect_uri: "http://something.com/cb?code=token")
52
- end
53
-
54
- before do
55
- allow(controller).to receive(:authorization) { authorization }
56
- end
57
- end
58
-
59
- shared_context "invalid authorization request" do
60
- let :authorization do
61
- double(:authorization, valid?: false, authorize: false, redirect_on_error?: false)
62
- end
63
-
64
- before do
65
- allow(controller).to receive(:authorization) { authorization }
66
- end
67
- end
68
-
69
- shared_context "expired token", token: :expired do
70
- let :token_string do
71
- "1A2B3C4DEXP"
72
- end
73
-
74
- let :token do
75
- double(Doorkeeper::AccessToken,
76
- accessible?: false, revoked?: false, expired?: true,
77
- includes_scope?: false, acceptable?: false,
78
- previous_refresh_token: "", revoke_previous_refresh_token!: true)
79
- end
80
-
81
- before :each do
82
- allow(
83
- Doorkeeper::AccessToken
84
- ).to receive(:by_token).with(token_string).and_return(token)
85
- end
86
- end
87
-
88
- shared_context "revoked token", token: :revoked do
89
- let :token_string do
90
- "1A2B3C4DREV"
91
- end
92
-
93
- let :token do
94
- double(Doorkeeper::AccessToken,
95
- accessible?: false, revoked?: true, expired?: false,
96
- includes_scope?: false, acceptable?: false,
97
- previous_refresh_token: "", revoke_previous_refresh_token!: true)
98
- end
99
-
100
- before :each do
101
- allow(
102
- Doorkeeper::AccessToken
103
- ).to receive(:by_token).with(token_string).and_return(token)
104
- end
105
- end
106
-
107
- shared_context "forbidden token", token: :forbidden do
108
- let :token_string do
109
- "1A2B3C4DFORB"
110
- end
111
-
112
- let :token do
113
- double(Doorkeeper::AccessToken,
114
- accessible?: true, includes_scope?: true, acceptable?: false,
115
- previous_refresh_token: "", revoke_previous_refresh_token!: true)
116
- end
117
-
118
- before :each do
119
- allow(
120
- Doorkeeper::AccessToken
121
- ).to receive(:by_token).with(token_string).and_return(token)
122
- end
123
- end
@@ -1,36 +0,0 @@
1
- # frozen_string_literal: true
2
-
3
- shared_context "with token hashing enabled" do
4
- let(:hashed_or_plain_token_func) do
5
- Doorkeeper::SecretStoring::Sha256Hash.method(:transform_secret)
6
- end
7
-
8
- before do
9
- Doorkeeper.configure do
10
- hash_token_secrets
11
- end
12
- end
13
- end
14
-
15
- shared_context "with token hashing and fallback lookup enabled" do
16
- let(:hashed_or_plain_token_func) do
17
- Doorkeeper::SecretStoring::Sha256Hash.method(:transform_secret)
18
- end
19
-
20
- before do
21
- Doorkeeper.configure do
22
- hash_token_secrets fallback: :plain
23
- end
24
- end
25
- end
26
-
27
- shared_context "with application hashing enabled" do
28
- let(:hashed_or_plain_token_func) do
29
- Doorkeeper::SecretStoring::Sha256Hash.method(:transform_secret)
30
- end
31
- before do
32
- Doorkeeper.configure do
33
- hash_application_secrets
34
- end
35
- end
36
- end
@@ -1,54 +0,0 @@
1
- # frozen_string_literal: true
2
-
3
- shared_examples "an accessible token" do
4
- describe :accessible? do
5
- it "is accessible if token is not expired" do
6
- allow(subject).to receive(:expired?).and_return(false)
7
- should be_accessible
8
- end
9
-
10
- it "is not accessible if token is expired" do
11
- allow(subject).to receive(:expired?).and_return(true)
12
- should_not be_accessible
13
- end
14
- end
15
- end
16
-
17
- shared_examples "a revocable token" do
18
- describe :accessible? do
19
- before { subject.save! }
20
-
21
- it "is accessible if token is not revoked" do
22
- expect(subject).to be_accessible
23
- end
24
-
25
- it "is not accessible if token is revoked" do
26
- subject.revoke
27
- expect(subject).not_to be_accessible
28
- end
29
- end
30
- end
31
-
32
- shared_examples "a unique token" do
33
- describe :token do
34
- it "is generated before validation" do
35
- expect { subject.valid? }.to change { subject.token }.from(nil)
36
- end
37
-
38
- it "is not valid if token exists" do
39
- token1 = FactoryBot.create factory_name
40
- token2 = FactoryBot.create factory_name
41
- token2.token = token1.token
42
- expect(token2).not_to be_valid
43
- end
44
-
45
- it "expects database to throw an error when tokens are the same" do
46
- token1 = FactoryBot.create factory_name
47
- token2 = FactoryBot.create factory_name
48
- token2.token = token1.token
49
- expect do
50
- token2.save!(validate: false)
51
- end.to raise_error(uniqueness_error)
52
- end
53
- end
54
- end