doorkeeper 5.3.2 → 5.5.0.rc1

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.


This version of doorkeeper might be problematic. Click here for more details.

Files changed (231) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +106 -2
  3. data/README.md +6 -4
  4. data/app/controllers/doorkeeper/applications_controller.rb +4 -4
  5. data/app/controllers/doorkeeper/authorizations_controller.rb +32 -12
  6. data/app/controllers/doorkeeper/authorized_applications_controller.rb +2 -2
  7. data/app/controllers/doorkeeper/tokens_controller.rb +60 -20
  8. data/app/views/doorkeeper/applications/_form.html.erb +1 -1
  9. data/app/views/doorkeeper/applications/show.html.erb +19 -2
  10. data/config/locales/en.yml +3 -2
  11. data/lib/doorkeeper.rb +107 -79
  12. data/lib/doorkeeper/config.rb +140 -94
  13. data/lib/doorkeeper/config/abstract_builder.rb +28 -0
  14. data/lib/doorkeeper/config/option.rb +26 -14
  15. data/lib/doorkeeper/config/validations.rb +53 -0
  16. data/lib/doorkeeper/engine.rb +1 -1
  17. data/lib/doorkeeper/grant_flow.rb +43 -0
  18. data/lib/doorkeeper/grant_flow/fallback_flow.rb +15 -0
  19. data/lib/doorkeeper/grant_flow/flow.rb +34 -0
  20. data/lib/doorkeeper/grant_flow/registry.rb +50 -0
  21. data/lib/doorkeeper/grape/helpers.rb +1 -1
  22. data/lib/doorkeeper/helpers/controller.rb +6 -4
  23. data/lib/doorkeeper/models/access_grant_mixin.rb +20 -16
  24. data/lib/doorkeeper/models/access_token_mixin.rb +110 -47
  25. data/lib/doorkeeper/models/application_mixin.rb +5 -4
  26. data/lib/doorkeeper/models/concerns/resource_ownerable.rb +47 -0
  27. data/lib/doorkeeper/models/concerns/revocable.rb +1 -1
  28. data/lib/doorkeeper/models/concerns/scopes.rb +5 -1
  29. data/lib/doorkeeper/models/concerns/secret_storable.rb +1 -3
  30. data/lib/doorkeeper/oauth/authorization/code.rb +15 -6
  31. data/lib/doorkeeper/oauth/authorization/context.rb +5 -5
  32. data/lib/doorkeeper/oauth/authorization/token.rb +14 -16
  33. data/lib/doorkeeper/oauth/authorization/uri_builder.rb +4 -4
  34. data/lib/doorkeeper/oauth/authorization_code_request.rb +17 -14
  35. data/lib/doorkeeper/oauth/base_request.rb +12 -20
  36. data/lib/doorkeeper/oauth/client.rb +1 -1
  37. data/lib/doorkeeper/oauth/client/credentials.rb +2 -4
  38. data/lib/doorkeeper/oauth/client_credentials/creator.rb +27 -8
  39. data/lib/doorkeeper/oauth/client_credentials/issuer.rb +4 -2
  40. data/lib/doorkeeper/oauth/client_credentials/validator.rb +4 -2
  41. data/lib/doorkeeper/oauth/client_credentials_request.rb +8 -7
  42. data/lib/doorkeeper/oauth/code_request.rb +3 -3
  43. data/lib/doorkeeper/oauth/code_response.rb +28 -14
  44. data/lib/doorkeeper/oauth/error_response.rb +6 -7
  45. data/lib/doorkeeper/oauth/helpers/scope_checker.rb +2 -8
  46. data/lib/doorkeeper/oauth/hooks/context.rb +21 -0
  47. data/lib/doorkeeper/oauth/invalid_token_response.rb +2 -2
  48. data/lib/doorkeeper/oauth/password_access_token_request.rb +24 -7
  49. data/lib/doorkeeper/oauth/pre_authorization.rb +41 -31
  50. data/lib/doorkeeper/oauth/refresh_token_request.rb +31 -22
  51. data/lib/doorkeeper/oauth/token.rb +5 -6
  52. data/lib/doorkeeper/oauth/token_introspection.rb +4 -8
  53. data/lib/doorkeeper/oauth/token_request.rb +3 -3
  54. data/lib/doorkeeper/oauth/token_response.rb +1 -1
  55. data/lib/doorkeeper/orm/active_record.rb +10 -2
  56. data/lib/doorkeeper/orm/active_record/mixins/access_grant.rb +8 -3
  57. data/lib/doorkeeper/orm/active_record/mixins/access_token.rb +7 -3
  58. data/lib/doorkeeper/orm/active_record/mixins/application.rb +20 -16
  59. data/lib/doorkeeper/rails/routes.rb +14 -18
  60. data/lib/doorkeeper/rails/routes/abstract_router.rb +35 -0
  61. data/lib/doorkeeper/rails/routes/mapper.rb +2 -2
  62. data/lib/doorkeeper/rails/routes/registry.rb +45 -0
  63. data/lib/doorkeeper/request.rb +49 -12
  64. data/lib/doorkeeper/request/refresh_token.rb +2 -1
  65. data/lib/doorkeeper/request/strategy.rb +2 -2
  66. data/lib/doorkeeper/server.rb +4 -4
  67. data/lib/doorkeeper/stale_records_cleaner.rb +4 -4
  68. data/lib/doorkeeper/version.rb +3 -3
  69. data/lib/generators/doorkeeper/confidential_applications_generator.rb +1 -1
  70. data/lib/generators/doorkeeper/enable_polymorphic_resource_owner_generator.rb +39 -0
  71. data/lib/generators/doorkeeper/templates/add_owner_to_application_migration.rb.erb +2 -0
  72. data/lib/generators/doorkeeper/templates/add_previous_refresh_token_to_access_tokens.rb.erb +2 -0
  73. data/lib/generators/doorkeeper/templates/enable_pkce_migration.rb.erb +2 -0
  74. data/lib/generators/doorkeeper/templates/enable_polymorphic_resource_owner_migration.rb.erb +17 -0
  75. data/lib/generators/doorkeeper/templates/initializer.rb +48 -10
  76. data/lib/generators/doorkeeper/templates/migration.rb.erb +14 -5
  77. metadata +21 -299
  78. data/Appraisals +0 -40
  79. data/CODE_OF_CONDUCT.md +0 -46
  80. data/CONTRIBUTING.md +0 -49
  81. data/Dangerfile +0 -67
  82. data/Dockerfile +0 -29
  83. data/Gemfile +0 -25
  84. data/NEWS.md +0 -1
  85. data/RELEASING.md +0 -11
  86. data/Rakefile +0 -28
  87. data/SECURITY.md +0 -15
  88. data/UPGRADE.md +0 -2
  89. data/bin/console +0 -16
  90. data/doorkeeper.gemspec +0 -42
  91. data/gemfiles/rails_5_0.gemfile +0 -18
  92. data/gemfiles/rails_5_1.gemfile +0 -18
  93. data/gemfiles/rails_5_2.gemfile +0 -18
  94. data/gemfiles/rails_6_0.gemfile +0 -18
  95. data/gemfiles/rails_master.gemfile +0 -18
  96. data/spec/controllers/application_metal_controller_spec.rb +0 -64
  97. data/spec/controllers/applications_controller_spec.rb +0 -274
  98. data/spec/controllers/authorizations_controller_spec.rb +0 -608
  99. data/spec/controllers/protected_resources_controller_spec.rb +0 -361
  100. data/spec/controllers/token_info_controller_spec.rb +0 -50
  101. data/spec/controllers/tokens_controller_spec.rb +0 -498
  102. data/spec/dummy/Rakefile +0 -9
  103. data/spec/dummy/app/assets/config/manifest.js +0 -2
  104. data/spec/dummy/app/controllers/application_controller.rb +0 -5
  105. data/spec/dummy/app/controllers/custom_authorizations_controller.rb +0 -9
  106. data/spec/dummy/app/controllers/full_protected_resources_controller.rb +0 -14
  107. data/spec/dummy/app/controllers/home_controller.rb +0 -18
  108. data/spec/dummy/app/controllers/metal_controller.rb +0 -13
  109. data/spec/dummy/app/controllers/semi_protected_resources_controller.rb +0 -13
  110. data/spec/dummy/app/helpers/application_helper.rb +0 -7
  111. data/spec/dummy/app/models/user.rb +0 -7
  112. data/spec/dummy/app/views/home/index.html.erb +0 -0
  113. data/spec/dummy/app/views/layouts/application.html.erb +0 -14
  114. data/spec/dummy/config.ru +0 -6
  115. data/spec/dummy/config/application.rb +0 -49
  116. data/spec/dummy/config/boot.rb +0 -7
  117. data/spec/dummy/config/database.yml +0 -15
  118. data/spec/dummy/config/environment.rb +0 -5
  119. data/spec/dummy/config/environments/development.rb +0 -31
  120. data/spec/dummy/config/environments/production.rb +0 -64
  121. data/spec/dummy/config/environments/test.rb +0 -45
  122. data/spec/dummy/config/initializers/backtrace_silencers.rb +0 -9
  123. data/spec/dummy/config/initializers/doorkeeper.rb +0 -166
  124. data/spec/dummy/config/initializers/secret_token.rb +0 -10
  125. data/spec/dummy/config/initializers/session_store.rb +0 -10
  126. data/spec/dummy/config/initializers/wrap_parameters.rb +0 -16
  127. data/spec/dummy/config/locales/doorkeeper.en.yml +0 -5
  128. data/spec/dummy/config/routes.rb +0 -13
  129. data/spec/dummy/db/migrate/20111122132257_create_users.rb +0 -11
  130. data/spec/dummy/db/migrate/20120312140401_add_password_to_users.rb +0 -7
  131. data/spec/dummy/db/migrate/20151223192035_create_doorkeeper_tables.rb +0 -69
  132. data/spec/dummy/db/migrate/20151223200000_add_owner_to_application.rb +0 -9
  133. data/spec/dummy/db/migrate/20160320211015_add_previous_refresh_token_to_access_tokens.rb +0 -13
  134. data/spec/dummy/db/migrate/20170822064514_enable_pkce.rb +0 -8
  135. data/spec/dummy/db/migrate/20180210183654_add_confidential_to_applications.rb +0 -13
  136. data/spec/dummy/db/schema.rb +0 -68
  137. data/spec/dummy/public/404.html +0 -26
  138. data/spec/dummy/public/422.html +0 -26
  139. data/spec/dummy/public/500.html +0 -26
  140. data/spec/dummy/public/favicon.ico +0 -0
  141. data/spec/dummy/script/rails +0 -9
  142. data/spec/factories.rb +0 -30
  143. data/spec/generators/application_owner_generator_spec.rb +0 -28
  144. data/spec/generators/confidential_applications_generator_spec.rb +0 -29
  145. data/spec/generators/install_generator_spec.rb +0 -36
  146. data/spec/generators/migration_generator_spec.rb +0 -28
  147. data/spec/generators/pkce_generator_spec.rb +0 -28
  148. data/spec/generators/previous_refresh_token_generator_spec.rb +0 -44
  149. data/spec/generators/templates/routes.rb +0 -4
  150. data/spec/generators/views_generator_spec.rb +0 -29
  151. data/spec/grape/grape_integration_spec.rb +0 -137
  152. data/spec/helpers/doorkeeper/dashboard_helper_spec.rb +0 -26
  153. data/spec/lib/config_spec.rb +0 -809
  154. data/spec/lib/doorkeeper_spec.rb +0 -27
  155. data/spec/lib/models/expirable_spec.rb +0 -61
  156. data/spec/lib/models/reusable_spec.rb +0 -40
  157. data/spec/lib/models/revocable_spec.rb +0 -59
  158. data/spec/lib/models/scopes_spec.rb +0 -53
  159. data/spec/lib/models/secret_storable_spec.rb +0 -135
  160. data/spec/lib/oauth/authorization/uri_builder_spec.rb +0 -39
  161. data/spec/lib/oauth/authorization_code_request_spec.rb +0 -170
  162. data/spec/lib/oauth/base_request_spec.rb +0 -224
  163. data/spec/lib/oauth/base_response_spec.rb +0 -45
  164. data/spec/lib/oauth/client/credentials_spec.rb +0 -90
  165. data/spec/lib/oauth/client_credentials/creator_spec.rb +0 -134
  166. data/spec/lib/oauth/client_credentials/issuer_spec.rb +0 -112
  167. data/spec/lib/oauth/client_credentials/validation_spec.rb +0 -59
  168. data/spec/lib/oauth/client_credentials_integration_spec.rb +0 -27
  169. data/spec/lib/oauth/client_credentials_request_spec.rb +0 -107
  170. data/spec/lib/oauth/client_spec.rb +0 -38
  171. data/spec/lib/oauth/code_request_spec.rb +0 -46
  172. data/spec/lib/oauth/code_response_spec.rb +0 -32
  173. data/spec/lib/oauth/error_response_spec.rb +0 -64
  174. data/spec/lib/oauth/error_spec.rb +0 -21
  175. data/spec/lib/oauth/forbidden_token_response_spec.rb +0 -20
  176. data/spec/lib/oauth/helpers/scope_checker_spec.rb +0 -110
  177. data/spec/lib/oauth/helpers/unique_token_spec.rb +0 -21
  178. data/spec/lib/oauth/helpers/uri_checker_spec.rb +0 -262
  179. data/spec/lib/oauth/invalid_request_response_spec.rb +0 -73
  180. data/spec/lib/oauth/invalid_token_response_spec.rb +0 -53
  181. data/spec/lib/oauth/password_access_token_request_spec.rb +0 -190
  182. data/spec/lib/oauth/pre_authorization_spec.rb +0 -223
  183. data/spec/lib/oauth/refresh_token_request_spec.rb +0 -177
  184. data/spec/lib/oauth/scopes_spec.rb +0 -146
  185. data/spec/lib/oauth/token_request_spec.rb +0 -157
  186. data/spec/lib/oauth/token_response_spec.rb +0 -84
  187. data/spec/lib/oauth/token_spec.rb +0 -156
  188. data/spec/lib/request/strategy_spec.rb +0 -54
  189. data/spec/lib/secret_storing/base_spec.rb +0 -60
  190. data/spec/lib/secret_storing/bcrypt_spec.rb +0 -49
  191. data/spec/lib/secret_storing/plain_spec.rb +0 -44
  192. data/spec/lib/secret_storing/sha256_hash_spec.rb +0 -48
  193. data/spec/lib/server_spec.rb +0 -49
  194. data/spec/lib/stale_records_cleaner_spec.rb +0 -89
  195. data/spec/models/doorkeeper/access_grant_spec.rb +0 -161
  196. data/spec/models/doorkeeper/access_token_spec.rb +0 -622
  197. data/spec/models/doorkeeper/application_spec.rb +0 -482
  198. data/spec/requests/applications/applications_request_spec.rb +0 -259
  199. data/spec/requests/applications/authorized_applications_spec.rb +0 -32
  200. data/spec/requests/endpoints/authorization_spec.rb +0 -91
  201. data/spec/requests/endpoints/token_spec.rb +0 -75
  202. data/spec/requests/flows/authorization_code_errors_spec.rb +0 -79
  203. data/spec/requests/flows/authorization_code_spec.rb +0 -525
  204. data/spec/requests/flows/client_credentials_spec.rb +0 -166
  205. data/spec/requests/flows/implicit_grant_errors_spec.rb +0 -46
  206. data/spec/requests/flows/implicit_grant_spec.rb +0 -91
  207. data/spec/requests/flows/password_spec.rb +0 -316
  208. data/spec/requests/flows/refresh_token_spec.rb +0 -233
  209. data/spec/requests/flows/revoke_token_spec.rb +0 -157
  210. data/spec/requests/flows/skip_authorization_spec.rb +0 -66
  211. data/spec/requests/protected_resources/metal_spec.rb +0 -16
  212. data/spec/requests/protected_resources/private_api_spec.rb +0 -83
  213. data/spec/routing/custom_controller_routes_spec.rb +0 -133
  214. data/spec/routing/default_routes_spec.rb +0 -41
  215. data/spec/routing/scoped_routes_spec.rb +0 -47
  216. data/spec/spec_helper.rb +0 -54
  217. data/spec/spec_helper_integration.rb +0 -4
  218. data/spec/support/dependencies/factory_bot.rb +0 -4
  219. data/spec/support/doorkeeper_rspec.rb +0 -22
  220. data/spec/support/helpers/access_token_request_helper.rb +0 -13
  221. data/spec/support/helpers/authorization_request_helper.rb +0 -43
  222. data/spec/support/helpers/config_helper.rb +0 -11
  223. data/spec/support/helpers/model_helper.rb +0 -78
  224. data/spec/support/helpers/request_spec_helper.rb +0 -110
  225. data/spec/support/helpers/url_helper.rb +0 -62
  226. data/spec/support/orm/active_record.rb +0 -5
  227. data/spec/support/shared/controllers_shared_context.rb +0 -133
  228. data/spec/support/shared/hashing_shared_context.rb +0 -36
  229. data/spec/support/shared/models_shared_examples.rb +0 -54
  230. data/spec/validators/redirect_uri_validator_spec.rb +0 -183
  231. data/spec/version/version_spec.rb +0 -17
@@ -1,16 +0,0 @@
1
- # frozen_string_literal: true
2
-
3
- require "spec_helper"
4
-
5
- describe "ActionController::Metal API" do
6
- before do
7
- @client = FactoryBot.create(:application)
8
- @resource = User.create!(name: "Joe", password: "sekret")
9
- @token = client_is_authorized(@client, @resource)
10
- end
11
-
12
- it "client requests protected resource with valid token" do
13
- get "/metal.json?access_token=#{@token.token}"
14
- should_have_json "ok", true
15
- end
16
- end
@@ -1,83 +0,0 @@
1
- # frozen_string_literal: true
2
-
3
- require "spec_helper"
4
-
5
- feature "Private API" do
6
- background do
7
- @client = FactoryBot.create(:application)
8
- @resource = User.create!(name: "Joe", password: "sekret")
9
- @token = client_is_authorized(@client, @resource)
10
- end
11
-
12
- scenario "client requests protected resource with valid token" do
13
- with_access_token_header @token.token
14
- visit "/full_protected_resources"
15
- expect(page.body).to have_content("index")
16
- end
17
-
18
- scenario "client requests protected resource with disabled header authentication" do
19
- config_is_set :access_token_methods, [:from_access_token_param]
20
- with_access_token_header @token.token
21
- visit "/full_protected_resources"
22
- response_status_should_be 401
23
- end
24
-
25
- scenario "client attempts to request protected resource with invalid token" do
26
- with_access_token_header "invalid"
27
- visit "/full_protected_resources"
28
- response_status_should_be 401
29
- end
30
-
31
- scenario "client attempts to request protected resource with expired token" do
32
- @token.update_attribute :expires_in, -100 # expires token
33
- with_access_token_header @token.token
34
- visit "/full_protected_resources"
35
- response_status_should_be 401
36
- end
37
-
38
- scenario "client requests protected resource with permanent token" do
39
- @token.update_attribute :expires_in, nil # never expires
40
- with_access_token_header @token.token
41
- visit "/full_protected_resources"
42
- expect(page.body).to have_content("index")
43
- end
44
-
45
- scenario "access token with no default scopes" do
46
- Doorkeeper.configuration.instance_eval do
47
- @default_scopes = Doorkeeper::OAuth::Scopes.from_array([:public])
48
- @scopes = default_scopes + optional_scopes
49
- end
50
- @token.update_attribute :scopes, "dummy"
51
- with_access_token_header @token.token
52
- visit "/full_protected_resources"
53
- response_status_should_be 403
54
- end
55
-
56
- scenario "access token with no allowed scopes" do
57
- @token.update_attribute :scopes, nil
58
- with_access_token_header @token.token
59
- visit "/full_protected_resources/1.json"
60
- response_status_should_be 403
61
- end
62
-
63
- scenario "access token with one of allowed scopes" do
64
- @token.update_attribute :scopes, "admin"
65
- with_access_token_header @token.token
66
- visit "/full_protected_resources/1.json"
67
- expect(page.body).to have_content("show")
68
- end
69
-
70
- scenario "access token with another of allowed scopes" do
71
- @token.update_attribute :scopes, "write"
72
- with_access_token_header @token.token
73
- visit "/full_protected_resources/1.json"
74
- expect(page.body).to have_content("show")
75
- end
76
-
77
- scenario "access token with both allowed scopes" do
78
- @token.update_attribute :scopes, "write admin"
79
- with_access_token_header @token.token
80
- visit "/full_protected_resources/1.json"
81
- expect(page.body).to have_content("show")
82
- end
83
- end
@@ -1,133 +0,0 @@
1
- # frozen_string_literal: true
2
-
3
- require "spec_helper"
4
-
5
- describe "Custom controller for routes" do
6
- before :all do
7
- Doorkeeper.configure do
8
- orm DOORKEEPER_ORM
9
- end
10
-
11
- Rails.application.routes.disable_clear_and_finalize = true
12
-
13
- Rails.application.routes.draw do
14
- scope "inner_space" do
15
- use_doorkeeper scope: "scope" do
16
- controllers authorizations: "custom_authorizations",
17
- tokens: "custom_authorizations",
18
- applications: "custom_authorizations",
19
- token_info: "custom_authorizations"
20
-
21
- as authorizations: "custom_auth",
22
- tokens: "custom_token",
23
- token_info: "custom_token_info"
24
- end
25
- end
26
-
27
- scope "space" do
28
- use_doorkeeper do
29
- controllers authorizations: "custom_authorizations",
30
- tokens: "custom_authorizations",
31
- applications: "custom_authorizations",
32
- token_info: "custom_authorizations"
33
-
34
- as authorizations: "custom_auth",
35
- tokens: "custom_token",
36
- token_info: "custom_token_info"
37
- end
38
- end
39
-
40
- scope "outer_space" do
41
- use_doorkeeper do
42
- controllers authorizations: "custom_authorizations",
43
- tokens: "custom_authorizations",
44
- token_info: "custom_authorizations"
45
-
46
- as authorizations: "custom_auth",
47
- tokens: "custom_token",
48
- token_info: "custom_token_info"
49
-
50
- skip_controllers :tokens, :applications, :token_info
51
- end
52
- end
53
- end
54
- end
55
-
56
- after :all do
57
- Rails.application.routes.clear!
58
-
59
- load File.expand_path("../dummy/config/routes.rb", __dir__)
60
- end
61
-
62
- it "GET /inner_space/scope/authorize routes to custom authorizations controller" do
63
- expect(get("/inner_space/scope/authorize")).to route_to("custom_authorizations#new")
64
- end
65
-
66
- it "POST /inner_space/scope/authorize routes to custom authorizations controller" do
67
- expect(post("/inner_space/scope/authorize")).to route_to("custom_authorizations#create")
68
- end
69
-
70
- it "DELETE /inner_space/scope/authorize routes to custom authorizations controller" do
71
- expect(delete("/inner_space/scope/authorize")).to route_to("custom_authorizations#destroy")
72
- end
73
-
74
- it "POST /inner_space/scope/token routes to tokens controller" do
75
- expect(post("/inner_space/scope/token")).to route_to("custom_authorizations#create")
76
- end
77
-
78
- it "GET /inner_space/scope/applications routes to applications controller" do
79
- expect(get("/inner_space/scope/applications")).to route_to("custom_authorizations#index")
80
- end
81
-
82
- it "GET /inner_space/scope/token/info routes to the token_info controller" do
83
- expect(get("/inner_space/scope/token/info")).to route_to("custom_authorizations#show")
84
- end
85
-
86
- it "GET /space/oauth/authorize routes to custom authorizations controller" do
87
- expect(get("/space/oauth/authorize")).to route_to("custom_authorizations#new")
88
- end
89
-
90
- it "POST /space/oauth/authorize routes to custom authorizations controller" do
91
- expect(post("/space/oauth/authorize")).to route_to("custom_authorizations#create")
92
- end
93
-
94
- it "DELETE /space/oauth/authorize routes to custom authorizations controller" do
95
- expect(delete("/space/oauth/authorize")).to route_to("custom_authorizations#destroy")
96
- end
97
-
98
- it "POST /space/oauth/token routes to tokens controller" do
99
- expect(post("/space/oauth/token")).to route_to("custom_authorizations#create")
100
- end
101
-
102
- it "POST /space/oauth/revoke routes to tokens controller" do
103
- expect(post("/space/oauth/revoke")).to route_to("custom_authorizations#revoke")
104
- end
105
-
106
- it "POST /space/oauth/introspect routes to tokens controller" do
107
- expect(post("/space/oauth/introspect")).to route_to("custom_authorizations#introspect")
108
- end
109
-
110
- it "GET /space/oauth/applications routes to applications controller" do
111
- expect(get("/space/oauth/applications")).to route_to("custom_authorizations#index")
112
- end
113
-
114
- it "GET /space/oauth/token/info routes to the token_info controller" do
115
- expect(get("/space/oauth/token/info")).to route_to("custom_authorizations#show")
116
- end
117
-
118
- it "POST /outer_space/oauth/token is not be routable" do
119
- expect(post("/outer_space/oauth/token")).not_to be_routable
120
- end
121
-
122
- it "GET /outer_space/oauth/authorize routes to custom authorizations controller" do
123
- expect(get("/outer_space/oauth/authorize")).to be_routable
124
- end
125
-
126
- it "GET /outer_space/oauth/applications is not routable" do
127
- expect(get("/outer_space/oauth/applications")).not_to be_routable
128
- end
129
-
130
- it "GET /outer_space/oauth/token_info is not routable" do
131
- expect(get("/outer_space/oauth/token/info")).not_to be_routable
132
- end
133
- end
@@ -1,41 +0,0 @@
1
- # frozen_string_literal: true
2
-
3
- require "spec_helper"
4
-
5
- describe "Default routes" do
6
- it "GET /oauth/authorize routes to authorizations controller" do
7
- expect(get("/oauth/authorize")).to route_to("doorkeeper/authorizations#new")
8
- end
9
-
10
- it "POST /oauth/authorize routes to authorizations controller" do
11
- expect(post("/oauth/authorize")).to route_to("doorkeeper/authorizations#create")
12
- end
13
-
14
- it "DELETE /oauth/authorize routes to authorizations controller" do
15
- expect(delete("/oauth/authorize")).to route_to("doorkeeper/authorizations#destroy")
16
- end
17
-
18
- it "POST /oauth/token routes to tokens controller" do
19
- expect(post("/oauth/token")).to route_to("doorkeeper/tokens#create")
20
- end
21
-
22
- it "POST /oauth/revoke routes to tokens controller" do
23
- expect(post("/oauth/revoke")).to route_to("doorkeeper/tokens#revoke")
24
- end
25
-
26
- it "POST /oauth/introspect routes to tokens controller" do
27
- expect(post("/oauth/introspect")).to route_to("doorkeeper/tokens#introspect")
28
- end
29
-
30
- it "GET /oauth/applications routes to applications controller" do
31
- expect(get("/oauth/applications")).to route_to("doorkeeper/applications#index")
32
- end
33
-
34
- it "GET /oauth/authorized_applications routes to authorized applications controller" do
35
- expect(get("/oauth/authorized_applications")).to route_to("doorkeeper/authorized_applications#index")
36
- end
37
-
38
- it "GET /oauth/token/info route to authorized TokenInfo controller" do
39
- expect(get("/oauth/token/info")).to route_to("doorkeeper/token_info#show")
40
- end
41
- end
@@ -1,47 +0,0 @@
1
- # frozen_string_literal: true
2
-
3
- require "spec_helper"
4
-
5
- describe "Scoped routes" do
6
- before :all do
7
- Rails.application.routes.disable_clear_and_finalize = true
8
-
9
- Rails.application.routes.draw do
10
- use_doorkeeper scope: "scope"
11
- end
12
- end
13
-
14
- after :all do
15
- Rails.application.routes.clear!
16
-
17
- load File.expand_path("../dummy/config/routes.rb", __dir__)
18
- end
19
-
20
- it "GET /scope/authorize routes to authorizations controller" do
21
- expect(get("/scope/authorize")).to route_to("doorkeeper/authorizations#new")
22
- end
23
-
24
- it "POST /scope/authorize routes to authorizations controller" do
25
- expect(post("/scope/authorize")).to route_to("doorkeeper/authorizations#create")
26
- end
27
-
28
- it "DELETE /scope/authorize routes to authorizations controller" do
29
- expect(delete("/scope/authorize")).to route_to("doorkeeper/authorizations#destroy")
30
- end
31
-
32
- it "POST /scope/token routes to tokens controller" do
33
- expect(post("/scope/token")).to route_to("doorkeeper/tokens#create")
34
- end
35
-
36
- it "GET /scope/applications routes to applications controller" do
37
- expect(get("/scope/applications")).to route_to("doorkeeper/applications#index")
38
- end
39
-
40
- it "GET /scope/authorized_applications routes to authorized applications controller" do
41
- expect(get("/scope/authorized_applications")).to route_to("doorkeeper/authorized_applications#index")
42
- end
43
-
44
- it "GET /scope/token/info route to authorized TokenInfo controller" do
45
- expect(get("/scope/token/info")).to route_to("doorkeeper/token_info#show")
46
- end
47
- end
@@ -1,54 +0,0 @@
1
- # frozen_string_literal: true
2
-
3
- require "coveralls"
4
-
5
- Coveralls.wear!("rails") do
6
- add_filter("/spec/")
7
- add_filter("/lib/generators/doorkeeper/templates/")
8
- end
9
-
10
- ENV["RAILS_ENV"] ||= "test"
11
-
12
- $LOAD_PATH.unshift File.dirname(__FILE__)
13
-
14
- require "#{File.dirname(__FILE__)}/support/doorkeeper_rspec.rb"
15
-
16
- DOORKEEPER_ORM = Doorkeeper::RSpec.detect_orm
17
-
18
- require "dummy/config/environment"
19
- require "rspec/rails"
20
- require "capybara/rspec"
21
- require "database_cleaner"
22
- require "generator_spec/test_case"
23
-
24
- # Load JRuby SQLite3 if in that platform
25
- if defined? JRUBY_VERSION
26
- require "jdbc/sqlite3"
27
- Jdbc::SQLite3.load_driver
28
- end
29
-
30
- Doorkeeper::RSpec.print_configuration_info
31
-
32
- require "support/orm/#{DOORKEEPER_ORM}"
33
-
34
- Dir["#{File.dirname(__FILE__)}/support/{dependencies,helpers,shared}/*.rb"].sort.each { |file| require file }
35
-
36
- RSpec.configure do |config|
37
- config.infer_spec_type_from_file_location!
38
- config.mock_with :rspec
39
-
40
- config.infer_base_class_for_anonymous_controllers = false
41
-
42
- config.include RSpec::Rails::RequestExampleGroup, type: :request
43
-
44
- config.before do
45
- DatabaseCleaner.start
46
- Doorkeeper.configure { orm DOORKEEPER_ORM }
47
- end
48
-
49
- config.after do
50
- DatabaseCleaner.clean
51
- end
52
-
53
- config.order = "random"
54
- end
@@ -1,4 +0,0 @@
1
- # frozen_string_literal: true
2
-
3
- # For compatibility only
4
- require "spec_helper"
@@ -1,4 +0,0 @@
1
- # frozen_string_literal: true
2
-
3
- require "factory_bot"
4
- FactoryBot.find_definitions
@@ -1,22 +0,0 @@
1
- # frozen_string_literal: true
2
-
3
- module Doorkeeper
4
- class RSpec
5
- # Print's useful information about env: Ruby / Rails versions,
6
- # Doorkeeper configuration, etc.
7
- def self.print_configuration_info
8
- puts <<-INFO.strip_heredoc
9
- ====> Doorkeeper ORM: '#{Doorkeeper.configuration.orm}'
10
- ====> Doorkeeper version: #{Doorkeeper.gem_version}
11
- ====> Rails version: #{::Rails.version}
12
- ====> Ruby version: #{RUBY_VERSION} on #{RUBY_PLATFORM}
13
- INFO
14
- end
15
-
16
- # Tries to find ORM from the Gemfile used to run test suite
17
- def self.detect_orm
18
- orm = (ENV["BUNDLE_GEMFILE"] || "").match(/Gemfile\.(.+)\.rb/)
19
- (orm && orm[1] || ENV["ORM"] || :active_record).to_sym
20
- end
21
- end
22
- end
@@ -1,13 +0,0 @@
1
- # frozen_string_literal: true
2
-
3
- module AccessTokenRequestHelper
4
- def client_is_authorized(client, resource_owner, access_token_attributes = {})
5
- attributes = {
6
- application: client,
7
- resource_owner_id: resource_owner.id,
8
- }.merge(access_token_attributes)
9
- FactoryBot.create(:access_token, attributes)
10
- end
11
- end
12
-
13
- RSpec.configuration.send :include, AccessTokenRequestHelper
@@ -1,43 +0,0 @@
1
- # frozen_string_literal: true
2
-
3
- module AuthorizationRequestHelper
4
- def resource_owner_is_authenticated(resource_owner = nil)
5
- resource_owner ||= User.create!(name: "Joe", password: "sekret")
6
- Doorkeeper.configuration.instance_variable_set(:@authenticate_resource_owner, proc { resource_owner })
7
- end
8
-
9
- def resource_owner_is_not_authenticated
10
- Doorkeeper.configuration.instance_variable_set(:@authenticate_resource_owner, proc { redirect_to("/sign_in") })
11
- end
12
-
13
- def default_scopes_exist(*scopes)
14
- Doorkeeper.configuration.instance_variable_set(:@default_scopes, Doorkeeper::OAuth::Scopes.from_array(scopes))
15
- end
16
-
17
- def optional_scopes_exist(*scopes)
18
- Doorkeeper.configuration.instance_variable_set(:@optional_scopes, Doorkeeper::OAuth::Scopes.from_array(scopes))
19
- end
20
-
21
- def client_should_be_authorized(client)
22
- expect(client.access_grants.size).to eq(1)
23
- end
24
-
25
- def client_should_not_be_authorized(client)
26
- expect(client.size).to eq(0)
27
- end
28
-
29
- def i_should_be_on_client_callback(client)
30
- expect(client.redirect_uri).to eq("#{current_uri.scheme}://#{current_uri.host}#{current_uri.path}")
31
- end
32
-
33
- def allowing_forgery_protection(&_block)
34
- original_value = ActionController::Base.allow_forgery_protection
35
- ActionController::Base.allow_forgery_protection = true
36
-
37
- yield
38
- ensure
39
- ActionController::Base.allow_forgery_protection = original_value
40
- end
41
- end
42
-
43
- RSpec.configuration.send :include, AuthorizationRequestHelper