doorkeeper 5.2.6 → 5.3.3

data/spec/lib/oauth/client_credentials_integration_spec.rb

@@ -2,28 +2,26 @@
 
 require "spec_helper"
 
-module Doorkeeper::OAuth
-  describe ClientCredentialsRequest do
-    let(:server) { Doorkeeper.configuration }
+describe Doorkeeper::OAuth::ClientCredentialsRequest do
+  let(:server) { Doorkeeper.configuration }
 
-    context "with a valid request" do
-      let(:client) { FactoryBot.create :application }
+  context "with a valid request" do
+    let(:client) { FactoryBot.create :application }
 
-      it "issues an access token" do
-        request = ClientCredentialsRequest.new(server, client, {})
-        expect do
-          request.authorize
-        end.to change { Doorkeeper::AccessToken.count }.by(1)
-      end
+    it "issues an access token" do
+      request = Doorkeeper::OAuth::ClientCredentialsRequest.new(server, client, {})
+      expect do
+        request.authorize
+      end.to change { Doorkeeper::AccessToken.count }.by(1)
     end
+  end
 
-    describe "with an invalid request" do
-      it "does not issue an access token" do
-        request = ClientCredentialsRequest.new(server, nil, {})
-        expect do
-          request.authorize
-        end.to_not(change { Doorkeeper::AccessToken.count })
-      end
+  describe "with an invalid request" do
+    it "does not issue an access token" do
+      request = Doorkeeper::OAuth::ClientCredentialsRequest.new(server, nil, {})
+      expect do
+        request.authorize
+      end.to_not(change { Doorkeeper::AccessToken.count })
     end
   end
 end

data/spec/lib/oauth/client_credentials_request_spec.rb

@@ -2,108 +2,106 @@
 
 require "spec_helper"
 
-module Doorkeeper::OAuth
-  describe ClientCredentialsRequest do
-    let(:server) do
-      double(
-        default_scopes: nil,
-        access_token_expires_in: 2.hours,
-        custom_access_token_expires_in: ->(_context) { nil }
-      )
-    end
+describe Doorkeeper::OAuth::ClientCredentialsRequest do
+  let(:server) do
+    double(
+      default_scopes: nil,
+      access_token_expires_in: 2.hours,
+      custom_access_token_expires_in: ->(_context) { nil },
+    )
+  end
 
-    let(:application)   { FactoryBot.create(:application, scopes: "") }
-    let(:client)        { double :client, application: application }
-    let(:token_creator) { double :issuer, create: true, token: double }
+  let(:application)   { FactoryBot.create(:application, scopes: "") }
+  let(:client)        { double :client, application: application }
+  let(:token_creator) { double :issuer, create: true, token: double }
 
-    before do
-      allow(server).to receive(:option_defined?).with(:custom_access_token_expires_in).and_return(true)
-    end
+  before do
+    allow(server).to receive(:option_defined?).with(:custom_access_token_expires_in).and_return(true)
+  end
+
+  subject { Doorkeeper::OAuth::ClientCredentialsRequest.new(server, client) }
+
+  before do
+    subject.issuer = token_creator
+  end
+
+  it "issues an access token for the current client" do
+    expect(token_creator).to receive(:create).with(client, nil)
+    subject.authorize
+  end
 
-    subject { ClientCredentialsRequest.new(server, client) }
+  it "has successful response when issue was created" do
+    subject.authorize
+    expect(subject.response).to be_a(Doorkeeper::OAuth::TokenResponse)
+  end
 
+  context "if issue was not created" do
     before do
-      subject.issuer = token_creator
+      subject.issuer = double create: false, error: :invalid
     end
 
-    it "issues an access token for the current client" do
-      expect(token_creator).to receive(:create).with(client, nil)
+    it "has an error response" do
       subject.authorize
+      expect(subject.response).to be_a(Doorkeeper::OAuth::ErrorResponse)
     end
 
-    it "has successful response when issue was created" do
+    it "delegates the error to issuer" do
       subject.authorize
-      expect(subject.response).to be_a(TokenResponse)
+      expect(subject.error).to eq(:invalid)
     end
+  end
 
-    context "if issue was not created" do
-      before do
-        subject.issuer = double create: false, error: :invalid
-      end
+  context "with scopes" do
+    let(:default_scopes) { Doorkeeper::OAuth::Scopes.from_string("public email") }
 
-      it "has an error response" do
-        subject.authorize
-        expect(subject.response).to be_a(Doorkeeper::OAuth::ErrorResponse)
-      end
+    before do
+      allow(server).to receive(:default_scopes).and_return(default_scopes)
+    end
 
-      it "delegates the error to issuer" do
-        subject.authorize
-        expect(subject.error).to eq(:invalid)
-      end
+    it "issues an access token with default scopes if none was requested" do
+      expect(token_creator).to receive(:create).with(client, default_scopes)
+      subject.authorize
     end
 
-    context "with scopes" do
-      let(:default_scopes) { Doorkeeper::OAuth::Scopes.from_string("public email") }
+    it "issues an access token with requested scopes" do
+      subject = Doorkeeper::OAuth::ClientCredentialsRequest.new(server, client, scope: "email")
+      subject.issuer = token_creator
+      expect(token_creator).to receive(:create).with(client, Doorkeeper::OAuth::Scopes.from_string("email"))
+      subject.authorize
+    end
+  end
 
-      before do
-        allow(server).to receive(:default_scopes).and_return(default_scopes)
-      end
+  context "with restricted client" do
+    let(:default_scopes) do
+      Doorkeeper::OAuth::Scopes.from_string("public email")
+    end
+    let(:server_scopes) do
+      Doorkeeper::OAuth::Scopes.from_string("public email phone")
+    end
+    let(:client_scopes) do
+      Doorkeeper::OAuth::Scopes.from_string("public phone")
+    end
 
-      it "issues an access token with default scopes if none was requested" do
-        expect(token_creator).to receive(:create).with(client, default_scopes)
-        subject.authorize
-      end
+    before do
+      allow(server).to receive(:default_scopes).and_return(default_scopes)
+      allow(server).to receive(:scopes).and_return(server_scopes)
+      allow(server).to receive(:access_token_expires_in).and_return(100)
+      allow(application).to receive(:scopes).and_return(client_scopes)
+      allow(client).to receive(:id).and_return(nil)
+    end
 
-      it "issues an access token with requested scopes" do
-        subject = ClientCredentialsRequest.new(server, client, scope: "email")
-        subject.issuer = token_creator
-        expect(token_creator).to receive(:create).with(client, Doorkeeper::OAuth::Scopes.from_string("email"))
-        subject.authorize
-      end
+    it "delegates the error to issuer if no scope was requested" do
+      subject = Doorkeeper::OAuth::ClientCredentialsRequest.new(server, client)
+      subject.authorize
+      expect(subject.response).to be_a(Doorkeeper::OAuth::ErrorResponse)
+      expect(subject.error).to eq(:invalid_scope)
     end
 
-    context "with restricted client" do
-      let(:default_scopes) do
-        Doorkeeper::OAuth::Scopes.from_string("public email")
-      end
-      let(:server_scopes) do
-        Doorkeeper::OAuth::Scopes.from_string("public email phone")
-      end
-      let(:client_scopes) do
-        Doorkeeper::OAuth::Scopes.from_string("public phone")
-      end
-
-      before do
-        allow(server).to receive(:default_scopes).and_return(default_scopes)
-        allow(server).to receive(:scopes).and_return(server_scopes)
-        allow(server).to receive(:access_token_expires_in).and_return(100)
-        allow(application).to receive(:scopes).and_return(client_scopes)
-        allow(client).to receive(:id).and_return(nil)
-      end
-
-      it "delegates the error to issuer if no scope was requested" do
-        subject = ClientCredentialsRequest.new(server, client)
-        subject.authorize
-        expect(subject.response).to be_a(Doorkeeper::OAuth::ErrorResponse)
-        expect(subject.error).to eq(:invalid_scope)
-      end
-
-      it "issues an access token with requested scopes" do
-        subject = ClientCredentialsRequest.new(server, client, scope: "phone")
-        subject.authorize
-        expect(subject.response).to be_a(Doorkeeper::OAuth::TokenResponse)
-        expect(subject.response.token.scopes_string).to eq("phone")
-      end
+    it "issues an access token with requested scopes" do
+      subject = Doorkeeper::OAuth::ClientCredentialsRequest.new(server, client, scope: "phone")
+      subject.authorize
+      expect(subject.response).to be_a(Doorkeeper::OAuth::TokenResponse)
+      expect(subject.response.token.scopes_string).to eq("phone")
     end
   end
 end

data/spec/lib/oauth/client_spec.rb

@@ -2,37 +2,37 @@
 
 require "spec_helper"
 
-module Doorkeeper::OAuth
-  describe Client do
-    describe :find do
-      let(:method) { double }
+describe Doorkeeper::OAuth::Client do
+  describe :find do
+    let(:method) { double }
 
-      it "finds the client via uid" do
-        client = double
-        expect(method).to receive(:call).with("uid").and_return(client)
-        expect(Client.find("uid", method)).to be_a(Client)
-      end
+    it "finds the client via uid" do
+      client = double
+      expect(method).to receive(:call).with("uid").and_return(client)
+      expect(Doorkeeper::OAuth::Client.find("uid", method))
+        .to be_a(Doorkeeper::OAuth::Client)
+    end
 
-      it "returns nil if client was not found" do
-        expect(method).to receive(:call).with("uid").and_return(nil)
-        expect(Client.find("uid", method)).to be_nil
-      end
+    it "returns nil if client was not found" do
+      expect(method).to receive(:call).with("uid").and_return(nil)
+      expect(Doorkeeper::OAuth::Client.find("uid", method)).to be_nil
     end
+  end
 
-    describe :authenticate do
-      it "returns the authenticated client via credentials" do
-        credentials = Client::Credentials.new("some-uid", "some-secret")
-        authenticator = double
-        expect(authenticator).to receive(:call).with("some-uid", "some-secret").and_return(double)
-        expect(Client.authenticate(credentials, authenticator)).to be_a(Client)
-      end
+  describe ".authenticate" do
+    it "returns the authenticated client via credentials" do
+      credentials = Doorkeeper::OAuth::Client::Credentials.new("some-uid", "some-secret")
+      authenticator = double
+      expect(authenticator).to receive(:call).with("some-uid", "some-secret").and_return(double)
+      expect(Doorkeeper::OAuth::Client.authenticate(credentials, authenticator))
+        .to be_a(Doorkeeper::OAuth::Client)
+    end
 
-      it "returns nil if client was not authenticated" do
-        credentials = Client::Credentials.new("some-uid", "some-secret")
-        authenticator = double
-        expect(authenticator).to receive(:call).with("some-uid", "some-secret").and_return(nil)
-        expect(Client.authenticate(credentials, authenticator)).to be_nil
-      end
+    it "returns nil if client was not authenticated" do
+      credentials = Doorkeeper::OAuth::Client::Credentials.new("some-uid", "some-secret")
+      authenticator = double
+      expect(authenticator).to receive(:call).with("some-uid", "some-secret").and_return(nil)
+      expect(Doorkeeper::OAuth::Client.authenticate(credentials, authenticator)).to be_nil
     end
   end
 end

data/spec/lib/oauth/code_request_spec.rb

@@ -2,45 +2,45 @@
 
 require "spec_helper"
 
-module Doorkeeper::OAuth
-  describe CodeRequest do
-    let :pre_auth do
-      server = Doorkeeper.configuration
-      allow(server).to receive(:default_scopes).and_return(Scopes.from_string("public"))
-      allow(server).to receive(:grant_flows).and_return(Scopes.from_string("authorization_code"))
-
-      application = FactoryBot.create(:application, scopes: "public")
-      client = Doorkeeper::OAuth::Client.new(application)
-
-      attributes = {
-        client_id: client.uid,
-        response_type: "code",
-        redirect_uri: "https://app.com/callback",
-      }
-
-      pre_auth = PreAuthorization.new(server, attributes)
-      pre_auth.authorizable?
-      pre_auth
-    end
+describe Doorkeeper::OAuth::CodeRequest do
+  let(:pre_auth) do
+    server = Doorkeeper.configuration
+    allow(server)
+      .to receive(:default_scopes).and_return(Doorkeeper::OAuth::Scopes.from_string("public"))
+    allow(server)
+      .to receive(:grant_flows).and_return(Doorkeeper::OAuth::Scopes.from_string("authorization_code"))
+
+    application = FactoryBot.create(:application, scopes: "public")
+    client = Doorkeeper::OAuth::Client.new(application)
+
+    attributes = {
+      client_id: client.uid,
+      response_type: "code",
+      redirect_uri: "https://app.com/callback",
+    }
+
+    pre_auth = Doorkeeper::OAuth::PreAuthorization.new(server, attributes)
+    pre_auth.authorizable?
+    pre_auth
+  end
 
-    let(:owner) { double :owner, id: 8900 }
+  let(:owner) { double :owner, id: 8900 }
 
-    subject do
-      CodeRequest.new(pre_auth, owner)
-    end
+  subject do
+    described_class.new(pre_auth, owner)
+  end
 
-    context "when pre_auth is authorized" do
-      it "creates an access grant and returns a code response" do
-        expect { subject.authorize }.to change { Doorkeeper::AccessGrant.count }.by(1)
-        expect(subject.authorize).to be_a(CodeResponse)
-      end
+  context "when pre_auth is authorized" do
+    it "creates an access grant and returns a code response" do
+      expect { subject.authorize }.to change { Doorkeeper::AccessGrant.count }.by(1)
+      expect(subject.authorize).to be_a(Doorkeeper::OAuth::CodeResponse)
     end
+  end
 
-    context "when pre_auth is denied" do
-      it "does not create access grant and returns a error response" do
-        expect { subject.deny }.not_to(change { Doorkeeper::AccessGrant.count })
-        expect(subject.deny).to be_a(ErrorResponse)
-      end
+  context "when pre_auth is denied" do
+    it "does not create access grant and returns a error response" do
+      expect { subject.deny }.not_to(change { Doorkeeper::AccessGrant.count })
+      expect(subject.deny).to be_a(Doorkeeper::OAuth::ErrorResponse)
     end
   end
 end

data/spec/lib/oauth/code_response_spec.rb

@@ -2,34 +2,30 @@
 
 require "spec_helper"
 
-module Doorkeeper
-  module OAuth
-    describe CodeResponse do
-      describe ".redirect_uri" do
-        context "when generating the redirect URI for an implicit grant" do
-          let :pre_auth do
-            double(
-              :pre_auth,
-              client: double(:application, id: 1),
-              redirect_uri: "http://tst.com/cb",
-              state: nil,
-              scopes: Scopes.from_string("public")
-            )
-          end
+describe Doorkeeper::OAuth::CodeResponse do
+  describe "#redirect_uri" do
+    context "when generating the redirect URI for an implicit grant" do
+      let :pre_auth do
+        double(
+          :pre_auth,
+          client: double(:application, id: 1),
+          redirect_uri: "http://tst.com/cb",
+          state: nil,
+          scopes: Doorkeeper::OAuth::Scopes.from_string("public"),
+        )
+      end
 
-          let :auth do
-            Authorization::Token.new(pre_auth, double(id: 1)).tap do |c|
-              c.issue_token
-              allow(c.token).to receive(:expires_in_seconds).and_return(3600)
-            end
-          end
+      let :auth do
+        Doorkeeper::OAuth::Authorization::Token.new(pre_auth, double(id: 1)).tap do |c|
+          c.issue_token
+          allow(c.token).to receive(:expires_in_seconds).and_return(3600)
+        end
+      end
 
-          subject { CodeResponse.new(pre_auth, auth, response_on_fragment: true).redirect_uri }
+      subject { described_class.new(pre_auth, auth, response_on_fragment: true).redirect_uri }
 
-          it "includes the remaining TTL of the token relative to the time the token was generated" do
-            expect(subject).to include("expires_in=3600")
-          end
-        end
+      it "includes the remaining TTL of the token relative to the time the token was generated" do
+        expect(subject).to include("expires_in=3600")
       end
     end
   end

data/spec/lib/oauth/error_response_spec.rb

@@ -2,65 +2,63 @@
 
 require "spec_helper"
 
-module Doorkeeper::OAuth
-  describe ErrorResponse do
-    describe "#status" do
-      it "should have a status of bad_request" do
-        expect(subject.status).to eq(:bad_request)
-      end
+describe Doorkeeper::OAuth::ErrorResponse do
+  describe "#status" do
+    it "should have a status of bad_request" do
+      expect(subject.status).to eq(:bad_request)
+    end
 
-      it "should have a status of unauthorized for an invalid_client error" do
-        subject = described_class.new(name: :invalid_client)
+    it "should have a status of unauthorized for an invalid_client error" do
+      subject = described_class.new(name: :invalid_client)
 
-        expect(subject.status).to eq(:unauthorized)
-      end
+      expect(subject.status).to eq(:unauthorized)
     end
+  end
 
-    describe :from_request do
-      it "has the error from request" do
-        error = ErrorResponse.from_request double(error: :some_error)
-        expect(error.name).to eq(:some_error)
-      end
-
-      it "ignores state if request does not respond to state" do
-        error = ErrorResponse.from_request double(error: :some_error)
-        expect(error.state).to be_nil
-      end
+  describe ".from_request" do
+    it "has the error from request" do
+      error = described_class.from_request double(error: :some_error)
+      expect(error.name).to eq(:some_error)
+    end
 
-      it "has state if request responds to state" do
-        error = ErrorResponse.from_request double(error: :some_error, state: :hello)
-        expect(error.state).to eq(:hello)
-      end
+    it "ignores state if request does not respond to state" do
+      error = described_class.from_request double(error: :some_error)
+      expect(error.state).to be_nil
     end
 
-    it "ignores empty error values" do
-      subject = ErrorResponse.new(error: :some_error, state: nil)
-      expect(subject.body).not_to have_key(:state)
+    it "has state if request responds to state" do
+      error = described_class.from_request double(error: :some_error, state: :hello)
+      expect(error.state).to eq(:hello)
     end
+  end
+
+  it "ignores empty error values" do
+    subject = described_class.new(error: :some_error, state: nil)
+    expect(subject.body).not_to have_key(:state)
+  end
 
-    describe ".body" do
-      subject { ErrorResponse.new(name: :some_error, state: :some_state).body }
+  describe ".body" do
+    subject { described_class.new(name: :some_error, state: :some_state).body }
 
-      describe "#body" do
-        it { expect(subject).to have_key(:error) }
-        it { expect(subject).to have_key(:error_description) }
-        it { expect(subject).to have_key(:state) }
-      end
+    describe "#body" do
+      it { expect(subject).to have_key(:error) }
+      it { expect(subject).to have_key(:error_description) }
+      it { expect(subject).to have_key(:state) }
     end
+  end
 
-    describe ".headers" do
-      let(:error_response) { ErrorResponse.new(name: :some_error, state: :some_state) }
-      subject { error_response.headers }
+  describe ".headers" do
+    let(:error_response) { described_class.new(name: :some_error, state: :some_state) }
+    subject { error_response.headers }
 
-      it { expect(subject).to include "WWW-Authenticate" }
+    it { expect(subject).to include "WWW-Authenticate" }
 
-      describe "WWW-Authenticate header" do
-        subject { error_response.headers["WWW-Authenticate"] }
+    describe "WWW-Authenticate header" do
+      subject { error_response.headers["WWW-Authenticate"] }
 
-        it { expect(subject).to include("realm=\"#{error_response.realm}\"") }
-        it { expect(subject).to include("error=\"#{error_response.name}\"") }
-        it { expect(subject).to include("error_description=\"#{error_response.description}\"") }
-      end
+      it { expect(subject).to include("realm=\"#{error_response.realm}\"") }
+      it { expect(subject).to include("error=\"#{error_response.name}\"") }
+      it { expect(subject).to include("error_description=\"#{error_response.description}\"") }
     end
   end
 end

data/spec/lib/oauth/error_spec.rb

@@ -2,22 +2,20 @@
 
 require "spec_helper"
 
-module Doorkeeper::OAuth
-  describe Error do
-    subject(:error) { Error.new(:some_error, :some_state) }
+describe Doorkeeper::OAuth::Error do
+  subject(:error) { described_class.new(:some_error, :some_state) }
 
-    it { expect(subject).to respond_to(:name) }
-    it { expect(subject).to respond_to(:state) }
+  it { expect(subject).to respond_to(:name) }
+  it { expect(subject).to respond_to(:state) }
 
-    describe :description do
-      it "is translated from translation messages" do
-        expect(I18n).to receive(:translate).with(
-          :some_error,
-          scope: %i[doorkeeper errors messages],
-          default: :server_error
-        )
-        error.description
-      end
+  describe "#description" do
+    it "is translated from translation messages" do
+      expect(I18n).to receive(:translate).with(
+        :some_error,
+        scope: %i[doorkeeper errors messages],
+        default: :server_error,
+      )
+      error.description
     end
   end
 end

data/spec/lib/oauth/forbidden_token_response_spec.rb

@@ -2,21 +2,19 @@
 
 require "spec_helper"
 
-module Doorkeeper::OAuth
-  describe ForbiddenTokenResponse do
-    describe "#name" do
-      it { expect(subject.name).to eq(:invalid_scope) }
-    end
+describe Doorkeeper::OAuth::ForbiddenTokenResponse do
+  describe "#name" do
+    it { expect(subject.name).to eq(:invalid_scope) }
+  end
 
-    describe "#status" do
-      it { expect(subject.status).to eq(:forbidden) }
-    end
+  describe "#status" do
+    it { expect(subject.status).to eq(:forbidden) }
+  end
 
-    describe :from_scopes do
-      it "should have a list of acceptable scopes" do
-        response = ForbiddenTokenResponse.from_scopes(["public"])
-        expect(response.description).to include("public")
-      end
+  describe ".from_scopes" do
+    it "should have a list of acceptable scopes" do
+      response = described_class.from_scopes(["public"])
+      expect(response.description).to include("public")
     end
   end
 end