doorkeeper 5.2.6 → 5.3.3

data/spec/requests/flows/refresh_token_spec.rb

@@ -44,17 +44,17 @@ describe "Refresh Token Flow" do
         :access_token,
         application: @client,
         resource_owner_id: 1,
-        use_refresh_token: true
+        use_refresh_token: true,
       )
     end
 
     context "refresh_token revoked on use" do
       it "client request a token with refresh token" do
         post refresh_token_endpoint_url(
-          client: @client, refresh_token: @token.refresh_token
+          client: @client, refresh_token: @token.refresh_token,
         )
         should_have_json(
-          "refresh_token", Doorkeeper::AccessToken.last.refresh_token
+          "refresh_token", Doorkeeper::AccessToken.last.refresh_token,
         )
         expect(@token.reload).not_to be_revoked
       end
@@ -62,10 +62,10 @@ describe "Refresh Token Flow" do
       it "client request a token with expired access token" do
         @token.update_attribute :expires_in, -100
         post refresh_token_endpoint_url(
-          client: @client, refresh_token: @token.refresh_token
+          client: @client, refresh_token: @token.refresh_token,
         )
         should_have_json(
-          "refresh_token", Doorkeeper::AccessToken.last.refresh_token
+          "refresh_token", Doorkeeper::AccessToken.last.refresh_token,
         )
         expect(@token.reload).not_to be_revoked
       end
@@ -78,10 +78,10 @@ describe "Refresh Token Flow" do
 
       it "client request a token with refresh token" do
         post refresh_token_endpoint_url(
-          client: @client, refresh_token: @token.refresh_token
+          client: @client, refresh_token: @token.refresh_token,
         )
         should_have_json(
-          "refresh_token", Doorkeeper::AccessToken.last.refresh_token
+          "refresh_token", Doorkeeper::AccessToken.last.refresh_token,
         )
         expect(@token.reload).to be_revoked
       end
@@ -89,10 +89,10 @@ describe "Refresh Token Flow" do
       it "client request a token with expired access token" do
         @token.update_attribute :expires_in, -100
         post refresh_token_endpoint_url(
-          client: @client, refresh_token: @token.refresh_token
+          client: @client, refresh_token: @token.refresh_token,
         )
         should_have_json(
-          "refresh_token", Doorkeeper::AccessToken.last.refresh_token
+          "refresh_token", Doorkeeper::AccessToken.last.refresh_token,
         )
         expect(@token.reload).to be_revoked
       end
@@ -102,7 +102,7 @@ describe "Refresh Token Flow" do
       let(:public_client) do
         FactoryBot.create(
           :application,
-          confidential: false
+          confidential: false,
         )
       end
 
@@ -111,7 +111,7 @@ describe "Refresh Token Flow" do
           :access_token,
           application: @client,
           resource_owner_id: 1,
-          use_refresh_token: true
+          use_refresh_token: true,
         )
       end
 
@@ -120,14 +120,14 @@ describe "Refresh Token Flow" do
           :access_token,
           application: public_client,
           resource_owner_id: 1,
-          use_refresh_token: true
+          use_refresh_token: true,
         )
       end
 
       it "issues a new token without client_secret when refresh token was issued to a public client" do
         post refresh_token_endpoint_url(
           client_id: public_client.uid,
-          refresh_token: token_for_public_client.refresh_token
+          refresh_token: token_for_public_client.refresh_token,
         )
 
         new_token = Doorkeeper::AccessToken.last
@@ -146,7 +146,7 @@ describe "Refresh Token Flow" do
         post refresh_token_endpoint_url(
           client_id: "1",
           client_secret: "1",
-          refresh_token: token_for_private_client.refresh_token
+          refresh_token: token_for_private_client.refresh_token,
         )
 
         should_not_have_json "refresh_token"
@@ -185,7 +185,7 @@ describe "Refresh Token Flow" do
       end
       create_resource_owner
       _another_token = post password_token_endpoint_url(
-        client: @client, resource_owner: @resource_owner
+        client: @client, resource_owner: @resource_owner,
       )
       last_token.update_attribute :created_at, 5.seconds.ago
 
@@ -193,7 +193,7 @@ describe "Refresh Token Flow" do
         :access_token,
         application: @client,
         resource_owner_id: @resource_owner.id,
-        use_refresh_token: true
+        use_refresh_token: true,
       )
       @token.update_attribute :expires_in, -100
     end
@@ -201,7 +201,7 @@ describe "Refresh Token Flow" do
     context "refresh_token revoked on use" do
       it "client request a token after creating another token with the same user" do
         post refresh_token_endpoint_url(
-          client: @client, refresh_token: @token.refresh_token
+          client: @client, refresh_token: @token.refresh_token,
         )
 
         should_have_json "refresh_token", last_token.refresh_token
@@ -216,7 +216,7 @@ describe "Refresh Token Flow" do
 
       it "client request a token after creating another token with the same user" do
         post refresh_token_endpoint_url(
-          client: @client, refresh_token: @token.refresh_token
+          client: @client, refresh_token: @token.refresh_token,
         )
 
         should_have_json "refresh_token", last_token.refresh_token
@@ -226,7 +226,7 @@ describe "Refresh Token Flow" do
 
     def last_token
       Doorkeeper::AccessToken.last_authorized_token_for(
-        @client.id, @resource_owner.id
+        @client.id, @resource_owner.id,
       )
     end
   end

data/spec/requests/flows/revoke_token_spec.rb

@@ -11,10 +11,12 @@ describe "Revoke Token Flow" do
     let(:client_application) { FactoryBot.create :application }
     let(:resource_owner) { User.create!(name: "John", password: "sekret") }
     let(:access_token) do
-      FactoryBot.create(:access_token,
-                        application: client_application,
-                        resource_owner_id: resource_owner.id,
-                        use_refresh_token: true)
+      FactoryBot.create(
+        :access_token,
+        application: client_application,
+        resource_owner_id: resource_owner.id,
+        use_refresh_token: true,
+      )
     end
 
     context "with authenticated, confidential OAuth 2.0 client/application" do
@@ -100,10 +102,12 @@ describe "Revoke Token Flow" do
 
     context "with public OAuth 2.0 client/application" do
       let(:access_token) do
-        FactoryBot.create(:access_token,
-                          application: nil,
-                          resource_owner_id: resource_owner.id,
-                          use_refresh_token: true)
+        FactoryBot.create(
+          :access_token,
+          application: nil,
+          resource_owner_id: resource_owner.id,
+          use_refresh_token: true,
+        )
       end
 
       it "should revoke the access token provided" do
@@ -122,10 +126,12 @@ describe "Revoke Token Flow" do
 
       context "with a valid token issued for a confidential client" do
         let(:access_token) do
-          FactoryBot.create(:access_token,
-                            application: client_application,
-                            resource_owner_id: resource_owner.id,
-                            use_refresh_token: true)
+          FactoryBot.create(
+            :access_token,
+            application: client_application,
+            resource_owner_id: resource_owner.id,
+            use_refresh_token: true,
+          )
         end
 
         it "should not revoke the access token provided" do

data/spec/spec_helper.rb

@@ -29,12 +29,9 @@ end
 
 Doorkeeper::RSpec.print_configuration_info
 
-# Remove after dropping support of Rails 4.2
-require "#{File.dirname(__FILE__)}/support/http_method_shim"
-
 require "support/orm/#{DOORKEEPER_ORM}"
 
-Dir["#{File.dirname(__FILE__)}/support/{dependencies,helpers,shared}/*.rb"].each { |file| require file }
+Dir["#{File.dirname(__FILE__)}/support/{dependencies,helpers,shared}/*.rb"].sort.each { |file| require file }
 
 RSpec.configure do |config|
   config.infer_spec_type_from_file_location!

data/spec/support/shared/controllers_shared_context.rb

@@ -4,14 +4,16 @@ shared_context "valid token", token: :valid do
   let(:token_string) { "1A2B3C4D" }
 
   let :token do
-    double(Doorkeeper::AccessToken,
-           accessible?: true, includes_scope?: true, acceptable?: true,
-           previous_refresh_token: "", revoke_previous_refresh_token!: true)
+    double(
+      Doorkeeper::AccessToken,
+      accessible?: true, includes_scope?: true, acceptable?: true,
+      previous_refresh_token: "", revoke_previous_refresh_token!: true,
+    )
   end
 
   before :each do
     allow(
-      Doorkeeper::AccessToken
+      Doorkeeper::AccessToken,
     ).to receive(:by_token).with(token_string).and_return(token)
   end
 end
@@ -20,15 +22,17 @@ shared_context "invalid token", token: :invalid do
   let(:token_string) { "1A2B3C4D" }
 
   let :token do
-    double(Doorkeeper::AccessToken,
-           accessible?: false, revoked?: false, expired?: false,
-           includes_scope?: false, acceptable?: false,
-           previous_refresh_token: "", revoke_previous_refresh_token!: true)
+    double(
+      Doorkeeper::AccessToken,
+      accessible?: false, revoked?: false, expired?: false,
+      includes_scope?: false, acceptable?: false,
+      previous_refresh_token: "", revoke_previous_refresh_token!: true,
+    )
   end
 
   before :each do
     allow(
-      Doorkeeper::AccessToken
+      Doorkeeper::AccessToken,
     ).to receive(:by_token).with(token_string).and_return(token)
   end
 end
@@ -72,15 +76,17 @@ shared_context "expired token", token: :expired do
   end
 
   let :token do
-    double(Doorkeeper::AccessToken,
-           accessible?: false, revoked?: false, expired?: true,
-           includes_scope?: false, acceptable?: false,
-           previous_refresh_token: "", revoke_previous_refresh_token!: true)
+    double(
+      Doorkeeper::AccessToken,
+      accessible?: false, revoked?: false, expired?: true,
+      includes_scope?: false, acceptable?: false,
+      previous_refresh_token: "", revoke_previous_refresh_token!: true,
+    )
   end
 
   before :each do
     allow(
-      Doorkeeper::AccessToken
+      Doorkeeper::AccessToken,
     ).to receive(:by_token).with(token_string).and_return(token)
   end
 end
@@ -91,15 +97,17 @@ shared_context "revoked token", token: :revoked do
   end
 
   let :token do
-    double(Doorkeeper::AccessToken,
-           accessible?: false, revoked?: true, expired?: false,
-           includes_scope?: false, acceptable?: false,
-           previous_refresh_token: "", revoke_previous_refresh_token!: true)
+    double(
+      Doorkeeper::AccessToken,
+      accessible?: false, revoked?: true, expired?: false,
+      includes_scope?: false, acceptable?: false,
+      previous_refresh_token: "", revoke_previous_refresh_token!: true,
+    )
   end
 
   before :each do
     allow(
-      Doorkeeper::AccessToken
+      Doorkeeper::AccessToken,
     ).to receive(:by_token).with(token_string).and_return(token)
   end
 end
@@ -110,14 +118,16 @@ shared_context "forbidden token", token: :forbidden do
   end
 
   let :token do
-    double(Doorkeeper::AccessToken,
-           accessible?: true, includes_scope?: true, acceptable?: false,
-           previous_refresh_token: "", revoke_previous_refresh_token!: true)
+    double(
+      Doorkeeper::AccessToken,
+      accessible?: true, includes_scope?: true, acceptable?: false,
+      previous_refresh_token: "", revoke_previous_refresh_token!: true,
+    )
   end
 
   before :each do
     allow(
-      Doorkeeper::AccessToken
+      Doorkeeper::AccessToken,
     ).to receive(:by_token).with(token_string).and_return(token)
   end
 end

data/spec/validators/redirect_uri_validator_spec.rb

@@ -100,7 +100,7 @@ describe Doorkeeper::RedirectUriValidator do
     it "accepts a non secured protocol when disabled" do
       subject.redirect_uri = "http://example.com/callback"
       allow(Doorkeeper.configuration).to receive(
-        :force_ssl_in_redirect_uri
+        :force_ssl_in_redirect_uri,
       ).and_return(false)
       expect(subject).to be_valid
     end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: doorkeeper
 version: !ruby/object:Gem::Version
-  version: 5.2.6
+  version: 5.3.3
 platform: ruby
 authors:
 - Felipe Elias Philipp
@@ -250,7 +250,7 @@ files:
 - lib/doorkeeper/oauth/client/credentials.rb
 - lib/doorkeeper/oauth/client_credentials/creator.rb
 - lib/doorkeeper/oauth/client_credentials/issuer.rb
-- lib/doorkeeper/oauth/client_credentials/validation.rb
+- lib/doorkeeper/oauth/client_credentials/validator.rb
 - lib/doorkeeper/oauth/client_credentials_request.rb
 - lib/doorkeeper/oauth/code_request.rb
 - lib/doorkeeper/oauth/code_response.rb
@@ -275,6 +275,9 @@ files:
 - lib/doorkeeper/orm/active_record/access_grant.rb
 - lib/doorkeeper/orm/active_record/access_token.rb
 - lib/doorkeeper/orm/active_record/application.rb
+- lib/doorkeeper/orm/active_record/mixins/access_grant.rb
+- lib/doorkeeper/orm/active_record/mixins/access_token.rb
+- lib/doorkeeper/orm/active_record/mixins/application.rb
 - lib/doorkeeper/orm/active_record/redirect_uri_validator.rb
 - lib/doorkeeper/orm/active_record/stale_records_cleaner.rb
 - lib/doorkeeper/rails/helpers.rb
@@ -444,7 +447,6 @@ files:
 - spec/support/helpers/model_helper.rb
 - spec/support/helpers/request_spec_helper.rb
 - spec/support/helpers/url_helper.rb
-- spec/support/http_method_shim.rb
 - spec/support/orm/active_record.rb
 - spec/support/shared/controllers_shared_context.rb
 - spec/support/shared/hashing_shared_context.rb
@@ -476,7 +478,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.0.2
+rubygems_version: 3.1.2
 signing_key: 
 specification_version: 4
 summary: OAuth 2 provider for Rails and Grape
@@ -611,7 +613,6 @@ test_files:
 - spec/support/helpers/model_helper.rb
 - spec/support/helpers/request_spec_helper.rb
 - spec/support/helpers/url_helper.rb
-- spec/support/http_method_shim.rb
 - spec/support/orm/active_record.rb
 - spec/support/shared/controllers_shared_context.rb
 - spec/support/shared/hashing_shared_context.rb

data/spec/support/http_method_shim.rb

@@ -1,29 +0,0 @@
-# frozen_string_literal: true
-
-# Rails 5 deprecates calling HTTP action methods with positional arguments
-# in favor of keyword arguments. However, the keyword argument form is only
-# supported in Rails 5+. Since we support back to 4, we need some sort of shim
-# to avoid super noisy deprecations when running tests.
-module RoutingHTTPMethodShim
-  def get(path, **args)
-    super(path, args[:params], args[:headers])
-  end
-
-  def post(path, **args)
-    super(path, args[:params], args[:headers])
-  end
-
-  def put(path, **args)
-    super(path, args[:params], args[:headers])
-  end
-end
-
-module ControllerHTTPMethodShim
-  def process(action, http_method = "GET", **args)
-    if (as = args.delete(:as))
-      @request.headers["Content-Type"] = Mime[as].to_s
-    end
-
-    super(action, http_method, args[:params], args[:session], args[:flash])
-  end
-end