doorkeeper 5.3.3 → 5.5.0.rc2

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.


This version of doorkeeper might be problematic. Click here for more details.

Files changed (233) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +125 -7
  3. data/README.md +6 -4
  4. data/app/controllers/doorkeeper/applications_controller.rb +4 -4
  5. data/app/controllers/doorkeeper/authorizations_controller.rb +46 -16
  6. data/app/controllers/doorkeeper/authorized_applications_controller.rb +2 -2
  7. data/app/controllers/doorkeeper/tokens_controller.rb +67 -22
  8. data/app/views/doorkeeper/applications/_form.html.erb +1 -1
  9. data/app/views/doorkeeper/applications/show.html.erb +35 -14
  10. data/app/views/doorkeeper/authorizations/form_post.html.erb +11 -0
  11. data/config/locales/en.yml +6 -2
  12. data/lib/doorkeeper.rb +111 -79
  13. data/lib/doorkeeper/config.rb +148 -94
  14. data/lib/doorkeeper/config/abstract_builder.rb +28 -0
  15. data/lib/doorkeeper/config/option.rb +26 -14
  16. data/lib/doorkeeper/config/validations.rb +53 -0
  17. data/lib/doorkeeper/engine.rb +1 -1
  18. data/lib/doorkeeper/grant_flow.rb +45 -0
  19. data/lib/doorkeeper/grant_flow/fallback_flow.rb +15 -0
  20. data/lib/doorkeeper/grant_flow/flow.rb +44 -0
  21. data/lib/doorkeeper/grant_flow/registry.rb +50 -0
  22. data/lib/doorkeeper/grape/helpers.rb +1 -1
  23. data/lib/doorkeeper/helpers/controller.rb +8 -4
  24. data/lib/doorkeeper/models/access_grant_mixin.rb +21 -18
  25. data/lib/doorkeeper/models/access_token_mixin.rb +110 -47
  26. data/lib/doorkeeper/models/application_mixin.rb +5 -4
  27. data/lib/doorkeeper/models/concerns/resource_ownerable.rb +47 -0
  28. data/lib/doorkeeper/models/concerns/revocable.rb +1 -1
  29. data/lib/doorkeeper/models/concerns/scopes.rb +5 -1
  30. data/lib/doorkeeper/models/concerns/secret_storable.rb +1 -3
  31. data/lib/doorkeeper/oauth/authorization/code.rb +19 -6
  32. data/lib/doorkeeper/oauth/authorization/context.rb +5 -5
  33. data/lib/doorkeeper/oauth/authorization/token.rb +18 -16
  34. data/lib/doorkeeper/oauth/authorization/uri_builder.rb +4 -4
  35. data/lib/doorkeeper/oauth/authorization_code_request.rb +17 -14
  36. data/lib/doorkeeper/oauth/base_request.rb +12 -20
  37. data/lib/doorkeeper/oauth/client.rb +1 -1
  38. data/lib/doorkeeper/oauth/client/credentials.rb +2 -4
  39. data/lib/doorkeeper/oauth/client_credentials/creator.rb +27 -8
  40. data/lib/doorkeeper/oauth/client_credentials/issuer.rb +4 -2
  41. data/lib/doorkeeper/oauth/client_credentials/validator.rb +4 -2
  42. data/lib/doorkeeper/oauth/client_credentials_request.rb +8 -7
  43. data/lib/doorkeeper/oauth/code_request.rb +3 -3
  44. data/lib/doorkeeper/oauth/code_response.rb +22 -12
  45. data/lib/doorkeeper/oauth/error_response.rb +6 -7
  46. data/lib/doorkeeper/oauth/helpers/scope_checker.rb +2 -8
  47. data/lib/doorkeeper/oauth/hooks/context.rb +21 -0
  48. data/lib/doorkeeper/oauth/invalid_token_response.rb +2 -2
  49. data/lib/doorkeeper/oauth/password_access_token_request.rb +24 -7
  50. data/lib/doorkeeper/oauth/pre_authorization.rb +63 -32
  51. data/lib/doorkeeper/oauth/refresh_token_request.rb +31 -22
  52. data/lib/doorkeeper/oauth/token.rb +5 -6
  53. data/lib/doorkeeper/oauth/token_introspection.rb +4 -8
  54. data/lib/doorkeeper/oauth/token_request.rb +3 -3
  55. data/lib/doorkeeper/oauth/token_response.rb +1 -1
  56. data/lib/doorkeeper/orm/active_record.rb +14 -7
  57. data/lib/doorkeeper/orm/active_record/mixins/access_grant.rb +8 -3
  58. data/lib/doorkeeper/orm/active_record/mixins/access_token.rb +7 -3
  59. data/lib/doorkeeper/orm/active_record/mixins/application.rb +6 -3
  60. data/lib/doorkeeper/orm/active_record/redirect_uri_validator.rb +5 -0
  61. data/lib/doorkeeper/rails/routes.rb +14 -20
  62. data/lib/doorkeeper/rails/routes/abstract_router.rb +35 -0
  63. data/lib/doorkeeper/rails/routes/mapper.rb +2 -2
  64. data/lib/doorkeeper/rails/routes/registry.rb +45 -0
  65. data/lib/doorkeeper/request.rb +49 -12
  66. data/lib/doorkeeper/request/refresh_token.rb +2 -1
  67. data/lib/doorkeeper/request/strategy.rb +2 -2
  68. data/lib/doorkeeper/server.rb +4 -4
  69. data/lib/doorkeeper/stale_records_cleaner.rb +4 -4
  70. data/lib/doorkeeper/version.rb +3 -7
  71. data/lib/generators/doorkeeper/confidential_applications_generator.rb +1 -1
  72. data/lib/generators/doorkeeper/enable_polymorphic_resource_owner_generator.rb +39 -0
  73. data/lib/generators/doorkeeper/templates/add_owner_to_application_migration.rb.erb +3 -1
  74. data/lib/generators/doorkeeper/templates/add_previous_refresh_token_to_access_tokens.rb.erb +2 -0
  75. data/lib/generators/doorkeeper/templates/enable_pkce_migration.rb.erb +2 -0
  76. data/lib/generators/doorkeeper/templates/enable_polymorphic_resource_owner_migration.rb.erb +17 -0
  77. data/lib/generators/doorkeeper/templates/initializer.rb +48 -10
  78. data/lib/generators/doorkeeper/templates/migration.rb.erb +14 -5
  79. metadata +30 -300
  80. data/Appraisals +0 -40
  81. data/CODE_OF_CONDUCT.md +0 -46
  82. data/CONTRIBUTING.md +0 -49
  83. data/Dangerfile +0 -67
  84. data/Dockerfile +0 -29
  85. data/Gemfile +0 -25
  86. data/NEWS.md +0 -1
  87. data/RELEASING.md +0 -11
  88. data/Rakefile +0 -28
  89. data/SECURITY.md +0 -15
  90. data/UPGRADE.md +0 -2
  91. data/bin/console +0 -16
  92. data/doorkeeper.gemspec +0 -42
  93. data/gemfiles/rails_5_0.gemfile +0 -18
  94. data/gemfiles/rails_5_1.gemfile +0 -18
  95. data/gemfiles/rails_5_2.gemfile +0 -18
  96. data/gemfiles/rails_6_0.gemfile +0 -18
  97. data/gemfiles/rails_master.gemfile +0 -18
  98. data/spec/controllers/application_metal_controller_spec.rb +0 -64
  99. data/spec/controllers/applications_controller_spec.rb +0 -274
  100. data/spec/controllers/authorizations_controller_spec.rb +0 -608
  101. data/spec/controllers/protected_resources_controller_spec.rb +0 -361
  102. data/spec/controllers/token_info_controller_spec.rb +0 -50
  103. data/spec/controllers/tokens_controller_spec.rb +0 -498
  104. data/spec/dummy/Rakefile +0 -9
  105. data/spec/dummy/app/assets/config/manifest.js +0 -2
  106. data/spec/dummy/app/controllers/application_controller.rb +0 -5
  107. data/spec/dummy/app/controllers/custom_authorizations_controller.rb +0 -9
  108. data/spec/dummy/app/controllers/full_protected_resources_controller.rb +0 -14
  109. data/spec/dummy/app/controllers/home_controller.rb +0 -18
  110. data/spec/dummy/app/controllers/metal_controller.rb +0 -13
  111. data/spec/dummy/app/controllers/semi_protected_resources_controller.rb +0 -13
  112. data/spec/dummy/app/helpers/application_helper.rb +0 -7
  113. data/spec/dummy/app/models/user.rb +0 -7
  114. data/spec/dummy/app/views/home/index.html.erb +0 -0
  115. data/spec/dummy/app/views/layouts/application.html.erb +0 -14
  116. data/spec/dummy/config.ru +0 -6
  117. data/spec/dummy/config/application.rb +0 -49
  118. data/spec/dummy/config/boot.rb +0 -7
  119. data/spec/dummy/config/database.yml +0 -15
  120. data/spec/dummy/config/environment.rb +0 -5
  121. data/spec/dummy/config/environments/development.rb +0 -31
  122. data/spec/dummy/config/environments/production.rb +0 -64
  123. data/spec/dummy/config/environments/test.rb +0 -45
  124. data/spec/dummy/config/initializers/backtrace_silencers.rb +0 -9
  125. data/spec/dummy/config/initializers/doorkeeper.rb +0 -166
  126. data/spec/dummy/config/initializers/secret_token.rb +0 -10
  127. data/spec/dummy/config/initializers/session_store.rb +0 -10
  128. data/spec/dummy/config/initializers/wrap_parameters.rb +0 -16
  129. data/spec/dummy/config/locales/doorkeeper.en.yml +0 -5
  130. data/spec/dummy/config/routes.rb +0 -13
  131. data/spec/dummy/db/migrate/20111122132257_create_users.rb +0 -11
  132. data/spec/dummy/db/migrate/20120312140401_add_password_to_users.rb +0 -7
  133. data/spec/dummy/db/migrate/20151223192035_create_doorkeeper_tables.rb +0 -69
  134. data/spec/dummy/db/migrate/20151223200000_add_owner_to_application.rb +0 -9
  135. data/spec/dummy/db/migrate/20160320211015_add_previous_refresh_token_to_access_tokens.rb +0 -13
  136. data/spec/dummy/db/migrate/20170822064514_enable_pkce.rb +0 -8
  137. data/spec/dummy/db/migrate/20180210183654_add_confidential_to_applications.rb +0 -13
  138. data/spec/dummy/db/schema.rb +0 -68
  139. data/spec/dummy/public/404.html +0 -26
  140. data/spec/dummy/public/422.html +0 -26
  141. data/spec/dummy/public/500.html +0 -26
  142. data/spec/dummy/public/favicon.ico +0 -0
  143. data/spec/dummy/script/rails +0 -9
  144. data/spec/factories.rb +0 -30
  145. data/spec/generators/application_owner_generator_spec.rb +0 -28
  146. data/spec/generators/confidential_applications_generator_spec.rb +0 -29
  147. data/spec/generators/install_generator_spec.rb +0 -36
  148. data/spec/generators/migration_generator_spec.rb +0 -28
  149. data/spec/generators/pkce_generator_spec.rb +0 -28
  150. data/spec/generators/previous_refresh_token_generator_spec.rb +0 -44
  151. data/spec/generators/templates/routes.rb +0 -4
  152. data/spec/generators/views_generator_spec.rb +0 -29
  153. data/spec/grape/grape_integration_spec.rb +0 -137
  154. data/spec/helpers/doorkeeper/dashboard_helper_spec.rb +0 -26
  155. data/spec/lib/config_spec.rb +0 -809
  156. data/spec/lib/doorkeeper_spec.rb +0 -27
  157. data/spec/lib/models/expirable_spec.rb +0 -61
  158. data/spec/lib/models/reusable_spec.rb +0 -40
  159. data/spec/lib/models/revocable_spec.rb +0 -59
  160. data/spec/lib/models/scopes_spec.rb +0 -53
  161. data/spec/lib/models/secret_storable_spec.rb +0 -135
  162. data/spec/lib/oauth/authorization/uri_builder_spec.rb +0 -39
  163. data/spec/lib/oauth/authorization_code_request_spec.rb +0 -170
  164. data/spec/lib/oauth/base_request_spec.rb +0 -224
  165. data/spec/lib/oauth/base_response_spec.rb +0 -45
  166. data/spec/lib/oauth/client/credentials_spec.rb +0 -90
  167. data/spec/lib/oauth/client_credentials/creator_spec.rb +0 -134
  168. data/spec/lib/oauth/client_credentials/issuer_spec.rb +0 -112
  169. data/spec/lib/oauth/client_credentials/validation_spec.rb +0 -59
  170. data/spec/lib/oauth/client_credentials_integration_spec.rb +0 -27
  171. data/spec/lib/oauth/client_credentials_request_spec.rb +0 -107
  172. data/spec/lib/oauth/client_spec.rb +0 -38
  173. data/spec/lib/oauth/code_request_spec.rb +0 -46
  174. data/spec/lib/oauth/code_response_spec.rb +0 -32
  175. data/spec/lib/oauth/error_response_spec.rb +0 -64
  176. data/spec/lib/oauth/error_spec.rb +0 -21
  177. data/spec/lib/oauth/forbidden_token_response_spec.rb +0 -20
  178. data/spec/lib/oauth/helpers/scope_checker_spec.rb +0 -110
  179. data/spec/lib/oauth/helpers/unique_token_spec.rb +0 -21
  180. data/spec/lib/oauth/helpers/uri_checker_spec.rb +0 -262
  181. data/spec/lib/oauth/invalid_request_response_spec.rb +0 -73
  182. data/spec/lib/oauth/invalid_token_response_spec.rb +0 -53
  183. data/spec/lib/oauth/password_access_token_request_spec.rb +0 -190
  184. data/spec/lib/oauth/pre_authorization_spec.rb +0 -223
  185. data/spec/lib/oauth/refresh_token_request_spec.rb +0 -177
  186. data/spec/lib/oauth/scopes_spec.rb +0 -146
  187. data/spec/lib/oauth/token_request_spec.rb +0 -157
  188. data/spec/lib/oauth/token_response_spec.rb +0 -84
  189. data/spec/lib/oauth/token_spec.rb +0 -156
  190. data/spec/lib/request/strategy_spec.rb +0 -54
  191. data/spec/lib/secret_storing/base_spec.rb +0 -60
  192. data/spec/lib/secret_storing/bcrypt_spec.rb +0 -49
  193. data/spec/lib/secret_storing/plain_spec.rb +0 -44
  194. data/spec/lib/secret_storing/sha256_hash_spec.rb +0 -48
  195. data/spec/lib/server_spec.rb +0 -49
  196. data/spec/lib/stale_records_cleaner_spec.rb +0 -89
  197. data/spec/models/doorkeeper/access_grant_spec.rb +0 -161
  198. data/spec/models/doorkeeper/access_token_spec.rb +0 -622
  199. data/spec/models/doorkeeper/application_spec.rb +0 -482
  200. data/spec/requests/applications/applications_request_spec.rb +0 -259
  201. data/spec/requests/applications/authorized_applications_spec.rb +0 -32
  202. data/spec/requests/endpoints/authorization_spec.rb +0 -91
  203. data/spec/requests/endpoints/token_spec.rb +0 -75
  204. data/spec/requests/flows/authorization_code_errors_spec.rb +0 -79
  205. data/spec/requests/flows/authorization_code_spec.rb +0 -525
  206. data/spec/requests/flows/client_credentials_spec.rb +0 -166
  207. data/spec/requests/flows/implicit_grant_errors_spec.rb +0 -46
  208. data/spec/requests/flows/implicit_grant_spec.rb +0 -91
  209. data/spec/requests/flows/password_spec.rb +0 -316
  210. data/spec/requests/flows/refresh_token_spec.rb +0 -233
  211. data/spec/requests/flows/revoke_token_spec.rb +0 -157
  212. data/spec/requests/flows/skip_authorization_spec.rb +0 -66
  213. data/spec/requests/protected_resources/metal_spec.rb +0 -16
  214. data/spec/requests/protected_resources/private_api_spec.rb +0 -83
  215. data/spec/routing/custom_controller_routes_spec.rb +0 -133
  216. data/spec/routing/default_routes_spec.rb +0 -41
  217. data/spec/routing/scoped_routes_spec.rb +0 -47
  218. data/spec/spec_helper.rb +0 -54
  219. data/spec/spec_helper_integration.rb +0 -4
  220. data/spec/support/dependencies/factory_bot.rb +0 -4
  221. data/spec/support/doorkeeper_rspec.rb +0 -22
  222. data/spec/support/helpers/access_token_request_helper.rb +0 -13
  223. data/spec/support/helpers/authorization_request_helper.rb +0 -43
  224. data/spec/support/helpers/config_helper.rb +0 -11
  225. data/spec/support/helpers/model_helper.rb +0 -78
  226. data/spec/support/helpers/request_spec_helper.rb +0 -110
  227. data/spec/support/helpers/url_helper.rb +0 -62
  228. data/spec/support/orm/active_record.rb +0 -5
  229. data/spec/support/shared/controllers_shared_context.rb +0 -133
  230. data/spec/support/shared/hashing_shared_context.rb +0 -36
  231. data/spec/support/shared/models_shared_examples.rb +0 -54
  232. data/spec/validators/redirect_uri_validator_spec.rb +0 -183
  233. data/spec/version/version_spec.rb +0 -17
@@ -1,84 +0,0 @@
1
- # frozen_string_literal: true
2
-
3
- require "spec_helper"
4
-
5
- describe Doorkeeper::OAuth::TokenResponse do
6
- subject { described_class.new(double.as_null_object) }
7
-
8
- it "includes access token response headers" do
9
- headers = subject.headers
10
- expect(headers.fetch("Cache-Control")).to eq("no-store")
11
- expect(headers.fetch("Pragma")).to eq("no-cache")
12
- end
13
-
14
- it "status is ok" do
15
- expect(subject.status).to eq(:ok)
16
- end
17
-
18
- describe ".body" do
19
- let(:access_token) do
20
- double :access_token,
21
- plaintext_token: "some-token",
22
- expires_in: "3600",
23
- expires_in_seconds: "300",
24
- scopes_string: "two scopes",
25
- plaintext_refresh_token: "some-refresh-token",
26
- token_type: "bearer",
27
- created_at: 0
28
- end
29
-
30
- subject { described_class.new(access_token).body }
31
-
32
- it "includes :access_token" do
33
- expect(subject["access_token"]).to eq("some-token")
34
- end
35
-
36
- it "includes :token_type" do
37
- expect(subject["token_type"]).to eq("bearer")
38
- end
39
-
40
- # expires_in_seconds is returned as `expires_in` in order to match
41
- # the OAuth spec (section 4.2.2)
42
- it "includes :expires_in" do
43
- expect(subject["expires_in"]).to eq("300")
44
- end
45
-
46
- it "includes :scope" do
47
- expect(subject["scope"]).to eq("two scopes")
48
- end
49
-
50
- it "includes :refresh_token" do
51
- expect(subject["refresh_token"]).to eq("some-refresh-token")
52
- end
53
-
54
- it "includes :created_at" do
55
- expect(subject["created_at"]).to eq(0)
56
- end
57
- end
58
-
59
- describe ".body filters out empty values" do
60
- let(:access_token) do
61
- double :access_token,
62
- plaintext_token: "some-token",
63
- expires_in_seconds: "",
64
- scopes_string: "",
65
- plaintext_refresh_token: "",
66
- token_type: "bearer",
67
- created_at: 0
68
- end
69
-
70
- subject { described_class.new(access_token).body }
71
-
72
- it "includes :expires_in" do
73
- expect(subject["expires_in"]).to be_nil
74
- end
75
-
76
- it "includes :scope" do
77
- expect(subject["scope"]).to be_nil
78
- end
79
-
80
- it "includes :refresh_token" do
81
- expect(subject["refresh_token"]).to be_nil
82
- end
83
- end
84
- end
@@ -1,156 +0,0 @@
1
- # frozen_string_literal: true
2
-
3
- require "spec_helper"
4
-
5
- module Doorkeeper
6
- unless defined?(AccessToken)
7
- class AccessToken
8
- end
9
- end
10
- end
11
-
12
- describe Doorkeeper::OAuth::Token do
13
- describe ".from_request" do
14
- let(:request) { double.as_null_object }
15
-
16
- let(:method) do
17
- ->(*) { "token-value" }
18
- end
19
-
20
- it "accepts anything that responds to #call" do
21
- expect(method).to receive(:call).with(request)
22
- described_class.from_request request, method
23
- end
24
-
25
- it "delegates methods received as symbols to described_class class" do
26
- expect(described_class).to receive(:from_params).with(request)
27
- described_class.from_request request, :from_params
28
- end
29
-
30
- it "stops at the first credentials found" do
31
- not_called_method = double
32
- expect(not_called_method).not_to receive(:call)
33
- described_class.from_request request, ->(_r) {}, method, not_called_method
34
- end
35
-
36
- it "returns the credential from extractor method" do
37
- credentials = described_class.from_request request, method
38
- expect(credentials).to eq("token-value")
39
- end
40
- end
41
-
42
- describe ".from_access_token_param" do
43
- it "returns token from access_token parameter" do
44
- request = double parameters: { access_token: "some-token" }
45
- token = described_class.from_access_token_param(request)
46
- expect(token).to eq("some-token")
47
- end
48
- end
49
-
50
- describe ".from_bearer_param" do
51
- it "returns token from bearer_token parameter" do
52
- request = double parameters: { bearer_token: "some-token" }
53
- token = described_class.from_bearer_param(request)
54
- expect(token).to eq("some-token")
55
- end
56
- end
57
-
58
- describe ".from_bearer_authorization" do
59
- it "returns token from capitalized authorization bearer" do
60
- request = double authorization: "Bearer SomeToken"
61
- token = described_class.from_bearer_authorization(request)
62
- expect(token).to eq("SomeToken")
63
- end
64
-
65
- it "returns token from lowercased authorization bearer" do
66
- request = double authorization: "bearer SomeToken"
67
- token = described_class.from_bearer_authorization(request)
68
- expect(token).to eq("SomeToken")
69
- end
70
-
71
- it "does not return token if authorization is not bearer" do
72
- request = double authorization: "MAC SomeToken"
73
- token = described_class.from_bearer_authorization(request)
74
- expect(token).to be_blank
75
- end
76
- end
77
-
78
- describe ".from_basic_authorization" do
79
- it "returns token from capitalized authorization basic" do
80
- request = double authorization: "Basic #{Base64.encode64 "SomeToken:"}"
81
- token = described_class.from_basic_authorization(request)
82
- expect(token).to eq("SomeToken")
83
- end
84
-
85
- it "returns token from lowercased authorization basic" do
86
- request = double authorization: "basic #{Base64.encode64 "SomeToken:"}"
87
- token = described_class.from_basic_authorization(request)
88
- expect(token).to eq("SomeToken")
89
- end
90
-
91
- it "does not return token if authorization is not basic" do
92
- request = double authorization: "MAC #{Base64.encode64 "SomeToken:"}"
93
- token = described_class.from_basic_authorization(request)
94
- expect(token).to be_blank
95
- end
96
- end
97
-
98
- describe ".authenticate" do
99
- context "refresh tokens are disabled (default)" do
100
- context "refresh tokens are enabled" do
101
- it "does not revoke previous refresh_token if token was found" do
102
- token = ->(_r) { "token" }
103
- expect(
104
- Doorkeeper::AccessToken,
105
- ).to receive(:by_token).with("token").and_return(token)
106
- expect(token).not_to receive(:revoke_previous_refresh_token!)
107
- described_class.authenticate double, token
108
- end
109
- end
110
-
111
- it "calls the finder if token was returned" do
112
- token = ->(_r) { "token" }
113
- expect(Doorkeeper::AccessToken).to receive(:by_token).with("token")
114
- described_class.authenticate double, token
115
- end
116
- end
117
-
118
- context "token hashing is enabled" do
119
- include_context "with token hashing enabled"
120
-
121
- let(:hashed_token) { hashed_or_plain_token_func.call("token") }
122
- let(:token) { ->(_r) { "token" } }
123
-
124
- it "searches with the hashed token" do
125
- expect(
126
- Doorkeeper::AccessToken,
127
- ).to receive(:find_by).with(token: hashed_token).and_return(token)
128
- described_class.authenticate double, token
129
- end
130
- end
131
-
132
- context "refresh tokens are enabled" do
133
- before do
134
- Doorkeeper.configure do
135
- orm DOORKEEPER_ORM
136
- use_refresh_token
137
- end
138
- end
139
-
140
- it "revokes previous refresh_token if token was found" do
141
- token = ->(_r) { "token" }
142
- expect(
143
- Doorkeeper::AccessToken,
144
- ).to receive(:by_token).with("token").and_return(token)
145
- expect(token).to receive(:revoke_previous_refresh_token!)
146
- described_class.authenticate double, token
147
- end
148
-
149
- it "calls the finder if token was returned" do
150
- token = ->(_r) { "token" }
151
- expect(Doorkeeper::AccessToken).to receive(:by_token).with("token")
152
- described_class.authenticate double, token
153
- end
154
- end
155
- end
156
- end
@@ -1,54 +0,0 @@
1
- # frozen_string_literal: true
2
-
3
- require "spec_helper"
4
-
5
- module Doorkeeper
6
- module Request
7
- describe Strategy do
8
- let(:server) { double }
9
- subject(:strategy) { Strategy.new(server) }
10
-
11
- describe :initialize do
12
- it "sets the server attribute" do
13
- expect(strategy.server).to eq server
14
- end
15
- end
16
-
17
- describe :request do
18
- it "requires an implementation" do
19
- expect { strategy.request }.to raise_exception NotImplementedError
20
- end
21
- end
22
-
23
- describe "a sample Strategy subclass" do
24
- let(:fake_request) { double }
25
-
26
- let(:strategy_class) do
27
- subclass = Class.new(Strategy) do
28
- class << self
29
- attr_accessor :fake_request
30
- end
31
-
32
- def request
33
- self.class.fake_request
34
- end
35
- end
36
-
37
- subclass.fake_request = fake_request
38
- subclass
39
- end
40
-
41
- subject(:strategy) { strategy_class.new(server) }
42
-
43
- it "provides a request implementation" do
44
- expect(strategy.request).to eq fake_request
45
- end
46
-
47
- it "authorizes the request" do
48
- expect(fake_request).to receive :authorize
49
- strategy.authorize
50
- end
51
- end
52
- end
53
- end
54
- end
@@ -1,60 +0,0 @@
1
- # frozen_string_literal: true
2
-
3
- require "spec_helper"
4
-
5
- describe ::Doorkeeper::SecretStoring::Base do
6
- let(:instance) { double("instance", token: "foo") }
7
- subject { described_class }
8
-
9
- describe "#transform_secret" do
10
- it "raises" do
11
- expect { subject.transform_secret("foo") }.to raise_error(NotImplementedError)
12
- end
13
- end
14
-
15
- describe "#store_secret" do
16
- it "sends to response of #transform_secret to the instance" do
17
- expect(described_class)
18
- .to receive(:transform_secret).with("bar")
19
- .and_return "bar+transform"
20
-
21
- expect(instance).to receive(:token=).with "bar+transform"
22
- result = subject.store_secret instance, :token, "bar"
23
- expect(result).to eq "bar+transform"
24
- end
25
- end
26
-
27
- describe "#restore_secret" do
28
- it "raises" do
29
- expect { subject.restore_secret(subject, :token) }.to raise_error(NotImplementedError)
30
- end
31
- end
32
-
33
- describe "#allows_restoring_secrets?" do
34
- it "does not allow it" do
35
- expect(subject.allows_restoring_secrets?).to eq false
36
- end
37
- end
38
-
39
- describe "validate_for" do
40
- it "allows for valid model" do
41
- expect(subject.validate_for(:application)).to eq true
42
- expect(subject.validate_for(:token)).to eq true
43
- end
44
-
45
- it "raises for invalid model" do
46
- expect { subject.validate_for(:wat) }.to raise_error(ArgumentError, /can not be used for wat/)
47
- end
48
- end
49
-
50
- describe "secret_matches?" do
51
- before do
52
- allow(subject).to receive(:transform_secret) { |input| "transformed: #{input}" }
53
- end
54
-
55
- it "compares input with #transform_secret" do
56
- expect(subject.secret_matches?("input", "input")).to eq false
57
- expect(subject.secret_matches?("a", "transformed: a")).to eq true
58
- end
59
- end
60
- end
@@ -1,49 +0,0 @@
1
- # frozen_string_literal: true
2
-
3
- require "spec_helper"
4
- require "bcrypt"
5
-
6
- describe ::Doorkeeper::SecretStoring::BCrypt do
7
- subject { described_class }
8
- let(:instance) { double("instance", token: "foo") }
9
-
10
- describe "#transform_secret" do
11
- it "creates a bcrypt password" do
12
- expect(subject.transform_secret("foo")).to be_a BCrypt::Password
13
- end
14
- end
15
-
16
- describe "#restore_secret" do
17
- it "raises" do
18
- expect { subject.restore_secret(instance, :token) }.to raise_error(NotImplementedError)
19
- end
20
- end
21
-
22
- describe "#allows_restoring_secrets?" do
23
- it "does not allow it" do
24
- expect(subject.allows_restoring_secrets?).to eq false
25
- end
26
- end
27
-
28
- describe "validate_for" do
29
- it "allows for valid model" do
30
- expect(subject.validate_for(:application)).to eq true
31
- end
32
-
33
- it "raises for invalid model" do
34
- expect { subject.validate_for(:wat) }
35
- .to raise_error(ArgumentError, /can only be used for storing application secrets/)
36
- expect { subject.validate_for(:token) }
37
- .to raise_error(ArgumentError, /can only be used for storing application secrets/)
38
- end
39
- end
40
-
41
- describe "secret_matches?" do
42
- it "compares input with #transform_secret" do
43
- expect(subject.secret_matches?("input", "input")).to eq false
44
-
45
- password = BCrypt::Password.create "foobar"
46
- expect(subject.secret_matches?("foobar", password.to_s)).to eq true
47
- end
48
- end
49
- end
@@ -1,44 +0,0 @@
1
- # frozen_string_literal: true
2
-
3
- require "spec_helper"
4
-
5
- describe ::Doorkeeper::SecretStoring::Plain do
6
- subject { described_class }
7
- let(:instance) { double("instance", token: "foo") }
8
-
9
- describe "#transform_secret" do
10
- it "raises" do
11
- expect(subject.transform_secret("foo")).to eq "foo"
12
- end
13
- end
14
-
15
- describe "#restore_secret" do
16
- it "raises" do
17
- expect(subject.restore_secret(instance, :token)).to eq "foo"
18
- end
19
- end
20
-
21
- describe "#allows_restoring_secrets?" do
22
- it "does allow it" do
23
- expect(subject.allows_restoring_secrets?).to eq true
24
- end
25
- end
26
-
27
- describe "validate_for" do
28
- it "allows for valid model" do
29
- expect(subject.validate_for(:application)).to eq true
30
- expect(subject.validate_for(:token)).to eq true
31
- end
32
-
33
- it "raises for invalid model" do
34
- expect { subject.validate_for(:wat) }.to raise_error(ArgumentError, /can not be used for wat/)
35
- end
36
- end
37
-
38
- describe "secret_matches?" do
39
- it "compares input with #transform_secret" do
40
- expect(subject.secret_matches?("input", "input")).to eq true
41
- expect(subject.secret_matches?("a", "b")).to eq false
42
- end
43
- end
44
- end