doorkeeper 5.4.0.rc1 → 5.4.0.rc2

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.


This version of doorkeeper might be problematic. Click here for more details.

Files changed (181) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +28 -1
  3. data/app/controllers/doorkeeper/applications_controller.rb +3 -3
  4. data/app/controllers/doorkeeper/authorized_applications_controller.rb +1 -1
  5. data/app/views/doorkeeper/applications/_form.html.erb +1 -1
  6. data/lib/doorkeeper.rb +1 -1
  7. data/lib/doorkeeper/config.rb +24 -18
  8. data/lib/doorkeeper/config/abstract_builder.rb +1 -1
  9. data/lib/doorkeeper/helpers/controller.rb +4 -4
  10. data/lib/doorkeeper/models/access_grant_mixin.rb +11 -5
  11. data/lib/doorkeeper/models/access_token_mixin.rb +9 -5
  12. data/lib/doorkeeper/models/application_mixin.rb +5 -4
  13. data/lib/doorkeeper/oauth/client_credentials/creator.rb +2 -2
  14. data/lib/doorkeeper/oauth/client_credentials/validator.rb +3 -1
  15. data/lib/doorkeeper/oauth/password_access_token_request.rb +1 -1
  16. data/lib/doorkeeper/oauth/pre_authorization.rb +5 -4
  17. data/lib/doorkeeper/oauth/token.rb +1 -2
  18. data/lib/doorkeeper/orm/active_record.rb +10 -2
  19. data/lib/doorkeeper/orm/active_record/mixins/access_grant.rb +1 -1
  20. data/lib/doorkeeper/orm/active_record/mixins/access_token.rb +1 -1
  21. data/lib/doorkeeper/orm/active_record/mixins/application.rb +64 -9
  22. data/lib/doorkeeper/request/refresh_token.rb +2 -1
  23. data/lib/doorkeeper/version.rb +1 -1
  24. data/lib/generators/doorkeeper/templates/migration.rb.erb +12 -5
  25. metadata +5 -299
  26. data/Appraisals +0 -26
  27. data/CODE_OF_CONDUCT.md +0 -46
  28. data/CONTRIBUTING.md +0 -49
  29. data/Dangerfile +0 -67
  30. data/Dockerfile +0 -29
  31. data/Gemfile +0 -25
  32. data/NEWS.md +0 -1
  33. data/RELEASING.md +0 -11
  34. data/Rakefile +0 -28
  35. data/SECURITY.md +0 -15
  36. data/UPGRADE.md +0 -2
  37. data/bin/console +0 -30
  38. data/doorkeeper.gemspec +0 -42
  39. data/gemfiles/rails_5_0.gemfile +0 -19
  40. data/gemfiles/rails_5_1.gemfile +0 -19
  41. data/gemfiles/rails_5_2.gemfile +0 -19
  42. data/gemfiles/rails_6_0.gemfile +0 -19
  43. data/gemfiles/rails_master.gemfile +0 -19
  44. data/spec/controllers/application_metal_controller_spec.rb +0 -64
  45. data/spec/controllers/applications_controller_spec.rb +0 -274
  46. data/spec/controllers/authorizations_controller_spec.rb +0 -743
  47. data/spec/controllers/protected_resources_controller_spec.rb +0 -361
  48. data/spec/controllers/token_info_controller_spec.rb +0 -50
  49. data/spec/controllers/tokens_controller_spec.rb +0 -499
  50. data/spec/dummy/Rakefile +0 -9
  51. data/spec/dummy/app/assets/config/manifest.js +0 -2
  52. data/spec/dummy/app/controllers/application_controller.rb +0 -5
  53. data/spec/dummy/app/controllers/custom_authorizations_controller.rb +0 -9
  54. data/spec/dummy/app/controllers/full_protected_resources_controller.rb +0 -14
  55. data/spec/dummy/app/controllers/home_controller.rb +0 -18
  56. data/spec/dummy/app/controllers/metal_controller.rb +0 -13
  57. data/spec/dummy/app/controllers/semi_protected_resources_controller.rb +0 -13
  58. data/spec/dummy/app/helpers/application_helper.rb +0 -7
  59. data/spec/dummy/app/models/user.rb +0 -11
  60. data/spec/dummy/app/views/home/index.html.erb +0 -0
  61. data/spec/dummy/app/views/layouts/application.html.erb +0 -14
  62. data/spec/dummy/config.ru +0 -6
  63. data/spec/dummy/config/application.rb +0 -51
  64. data/spec/dummy/config/boot.rb +0 -7
  65. data/spec/dummy/config/database.yml +0 -15
  66. data/spec/dummy/config/environment.rb +0 -5
  67. data/spec/dummy/config/environments/development.rb +0 -31
  68. data/spec/dummy/config/environments/production.rb +0 -64
  69. data/spec/dummy/config/environments/test.rb +0 -45
  70. data/spec/dummy/config/initializers/backtrace_silencers.rb +0 -9
  71. data/spec/dummy/config/initializers/doorkeeper.rb +0 -166
  72. data/spec/dummy/config/initializers/secret_token.rb +0 -10
  73. data/spec/dummy/config/initializers/session_store.rb +0 -10
  74. data/spec/dummy/config/initializers/wrap_parameters.rb +0 -16
  75. data/spec/dummy/config/locales/doorkeeper.en.yml +0 -5
  76. data/spec/dummy/config/routes.rb +0 -13
  77. data/spec/dummy/db/migrate/20111122132257_create_users.rb +0 -11
  78. data/spec/dummy/db/migrate/20120312140401_add_password_to_users.rb +0 -7
  79. data/spec/dummy/db/migrate/20151223192035_create_doorkeeper_tables.rb +0 -69
  80. data/spec/dummy/db/migrate/20151223200000_add_owner_to_application.rb +0 -9
  81. data/spec/dummy/db/migrate/20160320211015_add_previous_refresh_token_to_access_tokens.rb +0 -13
  82. data/spec/dummy/db/migrate/20170822064514_enable_pkce.rb +0 -8
  83. data/spec/dummy/db/migrate/20180210183654_add_confidential_to_applications.rb +0 -13
  84. data/spec/dummy/db/schema.rb +0 -70
  85. data/spec/dummy/public/404.html +0 -26
  86. data/spec/dummy/public/422.html +0 -26
  87. data/spec/dummy/public/500.html +0 -26
  88. data/spec/dummy/public/favicon.ico +0 -0
  89. data/spec/dummy/script/rails +0 -9
  90. data/spec/factories.rb +0 -30
  91. data/spec/generators/application_owner_generator_spec.rb +0 -28
  92. data/spec/generators/confidential_applications_generator_spec.rb +0 -29
  93. data/spec/generators/enable_polymorphic_resource_owner_generator_spec.rb +0 -47
  94. data/spec/generators/install_generator_spec.rb +0 -36
  95. data/spec/generators/migration_generator_spec.rb +0 -28
  96. data/spec/generators/pkce_generator_spec.rb +0 -28
  97. data/spec/generators/previous_refresh_token_generator_spec.rb +0 -44
  98. data/spec/generators/templates/routes.rb +0 -4
  99. data/spec/generators/views_generator_spec.rb +0 -29
  100. data/spec/grape/grape_integration_spec.rb +0 -137
  101. data/spec/helpers/doorkeeper/dashboard_helper_spec.rb +0 -26
  102. data/spec/lib/config_spec.rb +0 -813
  103. data/spec/lib/doorkeeper_spec.rb +0 -27
  104. data/spec/lib/models/expirable_spec.rb +0 -61
  105. data/spec/lib/models/reusable_spec.rb +0 -40
  106. data/spec/lib/models/revocable_spec.rb +0 -58
  107. data/spec/lib/models/scopes_spec.rb +0 -61
  108. data/spec/lib/models/secret_storable_spec.rb +0 -135
  109. data/spec/lib/oauth/authorization/uri_builder_spec.rb +0 -39
  110. data/spec/lib/oauth/authorization_code_request_spec.rb +0 -180
  111. data/spec/lib/oauth/base_request_spec.rb +0 -210
  112. data/spec/lib/oauth/base_response_spec.rb +0 -45
  113. data/spec/lib/oauth/client/credentials_spec.rb +0 -90
  114. data/spec/lib/oauth/client_credentials/creator_spec.rb +0 -135
  115. data/spec/lib/oauth/client_credentials/issuer_spec.rb +0 -110
  116. data/spec/lib/oauth/client_credentials/validation_spec.rb +0 -57
  117. data/spec/lib/oauth/client_credentials_integration_spec.rb +0 -27
  118. data/spec/lib/oauth/client_credentials_request_spec.rb +0 -108
  119. data/spec/lib/oauth/client_spec.rb +0 -38
  120. data/spec/lib/oauth/code_request_spec.rb +0 -46
  121. data/spec/lib/oauth/code_response_spec.rb +0 -36
  122. data/spec/lib/oauth/error_response_spec.rb +0 -64
  123. data/spec/lib/oauth/error_spec.rb +0 -21
  124. data/spec/lib/oauth/forbidden_token_response_spec.rb +0 -20
  125. data/spec/lib/oauth/helpers/scope_checker_spec.rb +0 -110
  126. data/spec/lib/oauth/helpers/unique_token_spec.rb +0 -21
  127. data/spec/lib/oauth/helpers/uri_checker_spec.rb +0 -262
  128. data/spec/lib/oauth/invalid_request_response_spec.rb +0 -73
  129. data/spec/lib/oauth/invalid_token_response_spec.rb +0 -53
  130. data/spec/lib/oauth/password_access_token_request_spec.rb +0 -201
  131. data/spec/lib/oauth/pre_authorization_spec.rb +0 -218
  132. data/spec/lib/oauth/refresh_token_request_spec.rb +0 -166
  133. data/spec/lib/oauth/scopes_spec.rb +0 -146
  134. data/spec/lib/oauth/token_request_spec.rb +0 -164
  135. data/spec/lib/oauth/token_response_spec.rb +0 -84
  136. data/spec/lib/oauth/token_spec.rb +0 -156
  137. data/spec/lib/option_spec.rb +0 -51
  138. data/spec/lib/request/strategy_spec.rb +0 -54
  139. data/spec/lib/secret_storing/base_spec.rb +0 -60
  140. data/spec/lib/secret_storing/bcrypt_spec.rb +0 -49
  141. data/spec/lib/secret_storing/plain_spec.rb +0 -44
  142. data/spec/lib/secret_storing/sha256_hash_spec.rb +0 -48
  143. data/spec/lib/server_spec.rb +0 -49
  144. data/spec/lib/stale_records_cleaner_spec.rb +0 -102
  145. data/spec/models/doorkeeper/access_grant_spec.rb +0 -175
  146. data/spec/models/doorkeeper/access_token_spec.rb +0 -650
  147. data/spec/models/doorkeeper/application_spec.rb +0 -442
  148. data/spec/requests/applications/applications_request_spec.rb +0 -259
  149. data/spec/requests/applications/authorized_applications_spec.rb +0 -32
  150. data/spec/requests/endpoints/authorization_spec.rb +0 -91
  151. data/spec/requests/endpoints/token_spec.rb +0 -79
  152. data/spec/requests/flows/authorization_code_errors_spec.rb +0 -82
  153. data/spec/requests/flows/authorization_code_spec.rb +0 -530
  154. data/spec/requests/flows/client_credentials_spec.rb +0 -207
  155. data/spec/requests/flows/implicit_grant_errors_spec.rb +0 -46
  156. data/spec/requests/flows/implicit_grant_spec.rb +0 -91
  157. data/spec/requests/flows/password_spec.rb +0 -316
  158. data/spec/requests/flows/refresh_token_spec.rb +0 -241
  159. data/spec/requests/flows/revoke_token_spec.rb +0 -196
  160. data/spec/requests/flows/skip_authorization_spec.rb +0 -66
  161. data/spec/requests/protected_resources/metal_spec.rb +0 -16
  162. data/spec/requests/protected_resources/private_api_spec.rb +0 -83
  163. data/spec/routing/custom_controller_routes_spec.rb +0 -133
  164. data/spec/routing/default_routes_spec.rb +0 -41
  165. data/spec/routing/scoped_routes_spec.rb +0 -47
  166. data/spec/spec_helper.rb +0 -54
  167. data/spec/spec_helper_integration.rb +0 -4
  168. data/spec/support/dependencies/factory_bot.rb +0 -4
  169. data/spec/support/doorkeeper_rspec.rb +0 -22
  170. data/spec/support/helpers/access_token_request_helper.rb +0 -14
  171. data/spec/support/helpers/authorization_request_helper.rb +0 -43
  172. data/spec/support/helpers/config_helper.rb +0 -11
  173. data/spec/support/helpers/model_helper.rb +0 -78
  174. data/spec/support/helpers/request_spec_helper.rb +0 -110
  175. data/spec/support/helpers/url_helper.rb +0 -62
  176. data/spec/support/orm/active_record.rb +0 -5
  177. data/spec/support/shared/controllers_shared_context.rb +0 -133
  178. data/spec/support/shared/hashing_shared_context.rb +0 -36
  179. data/spec/support/shared/models_shared_examples.rb +0 -56
  180. data/spec/validators/redirect_uri_validator_spec.rb +0 -183
  181. data/spec/version/version_spec.rb +0 -17
@@ -1,210 +0,0 @@
1
- # frozen_string_literal: true
2
-
3
- require "spec_helper"
4
-
5
- describe Doorkeeper::OAuth::BaseRequest do
6
- let(:access_token) do
7
- double :access_token,
8
- plaintext_token: "some-token",
9
- expires_in: "3600",
10
- expires_in_seconds: "300",
11
- scopes_string: "two scopes",
12
- plaintext_refresh_token: "some-refresh-token",
13
- token_type: "bearer",
14
- created_at: 0
15
- end
16
-
17
- let(:client) { double :client, id: "1" }
18
-
19
- let(:scopes_array) { %w[public write] }
20
-
21
- let(:server) do
22
- double :server,
23
- access_token_expires_in: 100,
24
- custom_access_token_expires_in: ->(_context) { nil },
25
- refresh_token_enabled?: false
26
- end
27
-
28
- before do
29
- allow(server).to receive(:option_defined?).with(:custom_access_token_expires_in).and_return(true)
30
- end
31
-
32
- subject do
33
- described_class.new
34
- end
35
-
36
- describe "#authorize" do
37
- before do
38
- allow(subject).to receive(:access_token).and_return(access_token)
39
- end
40
-
41
- it "validates itself" do
42
- expect(subject).to receive(:validate).once
43
- subject.authorize
44
- end
45
-
46
- context "valid" do
47
- before do
48
- allow(subject).to receive(:valid?).and_return(true)
49
- end
50
-
51
- it "calls callback methods" do
52
- expect(subject).to receive(:before_successful_response).once
53
- expect(subject).to receive(:after_successful_response).once
54
- subject.authorize
55
- end
56
-
57
- it "returns a TokenResponse object" do
58
- result = subject.authorize
59
-
60
- expect(result).to be_an_instance_of(Doorkeeper::OAuth::TokenResponse)
61
- expect(result.body).to eq(
62
- Doorkeeper::OAuth::TokenResponse.new(access_token).body,
63
- )
64
- end
65
- end
66
-
67
- context "invalid" do
68
- context "with error other than invalid_request" do
69
- before do
70
- allow(subject).to receive(:valid?).and_return(false)
71
- allow(subject).to receive(:error).and_return(:server_error)
72
- allow(subject).to receive(:state).and_return("hello")
73
- end
74
-
75
- it "returns an ErrorResponse object" do
76
- result = subject.authorize
77
-
78
- expect(result).to be_an_instance_of(Doorkeeper::OAuth::ErrorResponse)
79
-
80
- expect(result.body).to eq(
81
- error: :server_error,
82
- error_description: translated_error_message(:server_error),
83
- state: "hello",
84
- )
85
- end
86
- end
87
-
88
- context "with invalid_request error" do
89
- before do
90
- allow(subject).to receive(:valid?).and_return(false)
91
- allow(subject).to receive(:error).and_return(:invalid_request)
92
- allow(subject).to receive(:state).and_return("hello")
93
- end
94
-
95
- it "returns an InvalidRequestResponse object" do
96
- result = subject.authorize
97
-
98
- expect(result).to be_an_instance_of(Doorkeeper::OAuth::InvalidRequestResponse)
99
-
100
- expect(result.body).to eq(
101
- error: :invalid_request,
102
- error_description: translated_invalid_request_error_message(:unknown, :unknown),
103
- state: "hello",
104
- )
105
- end
106
- end
107
- end
108
- end
109
-
110
- describe "#default_scopes" do
111
- it "delegates to the server" do
112
- expect(subject).to receive(:server).and_return(server).once
113
- expect(server).to receive(:default_scopes).once
114
-
115
- subject.default_scopes
116
- end
117
- end
118
-
119
- describe "#find_or_create_access_token" do
120
- let(:resource_owner) { FactoryBot.build_stubbed(:resource_owner) }
121
-
122
- it "returns an instance of AccessToken" do
123
- result = subject.find_or_create_access_token(
124
- client,
125
- resource_owner,
126
- "public",
127
- server,
128
- )
129
-
130
- expect(result).to be_an_instance_of(Doorkeeper::AccessToken)
131
- end
132
-
133
- it "respects custom_access_token_expires_in" do
134
- server = double(
135
- :server,
136
- access_token_expires_in: 100,
137
- custom_access_token_expires_in: ->(context) { context.scopes == "public" ? 500 : nil },
138
- refresh_token_enabled?: false,
139
- )
140
-
141
- allow(server).to receive(:option_defined?).with(:custom_access_token_expires_in).and_return(true)
142
-
143
- result = subject.find_or_create_access_token(
144
- client,
145
- resource_owner,
146
- "public",
147
- server,
148
- )
149
- expect(result.expires_in).to eql(500)
150
- end
151
-
152
- it "respects use_refresh_token with a block" do
153
- server = double(
154
- :server,
155
- access_token_expires_in: 100,
156
- custom_access_token_expires_in: ->(_context) { nil },
157
- refresh_token_enabled?: lambda { |context|
158
- context.scopes == "public"
159
- },
160
- )
161
-
162
- allow(server).to receive(:option_defined?).with(:custom_access_token_expires_in).and_return(true)
163
-
164
- result = subject.find_or_create_access_token(
165
- client,
166
- resource_owner,
167
- "public",
168
- server,
169
- )
170
- expect(result.refresh_token).to_not be_nil
171
-
172
- result = subject.find_or_create_access_token(
173
- client,
174
- resource_owner,
175
- "private",
176
- server,
177
- )
178
- expect(result.refresh_token).to be_nil
179
- end
180
- end
181
-
182
- describe "#scopes" do
183
- context "@original_scopes is present" do
184
- before do
185
- subject.instance_variable_set(:@original_scopes, "public write")
186
- end
187
-
188
- it "returns array of @original_scopes" do
189
- result = subject.scopes
190
-
191
- expect(result).to eq(scopes_array)
192
- end
193
- end
194
-
195
- context "@original_scopes is not present" do
196
- before do
197
- subject.instance_variable_set(:@original_scopes, "")
198
- end
199
-
200
- it "calls #default_scopes" do
201
- allow(subject).to receive(:server).and_return(server).once
202
- allow(server).to receive(:default_scopes).and_return(scopes_array).once
203
-
204
- result = subject.scopes
205
-
206
- expect(result).to eq(scopes_array)
207
- end
208
- end
209
- end
210
- end
@@ -1,45 +0,0 @@
1
- # frozen_string_literal: true
2
-
3
- require "spec_helper"
4
-
5
- describe Doorkeeper::OAuth::BaseResponse do
6
- subject do
7
- Doorkeeper::OAuth::BaseResponse.new
8
- end
9
-
10
- describe "#body" do
11
- it "returns an empty Hash" do
12
- expect(subject.body).to eq({})
13
- end
14
- end
15
-
16
- describe "#description" do
17
- it "returns an empty String" do
18
- expect(subject.description).to eq("")
19
- end
20
- end
21
-
22
- describe "#headers" do
23
- it "returns an empty Hash" do
24
- expect(subject.headers).to eq({})
25
- end
26
- end
27
-
28
- describe "#redirectable?" do
29
- it "returns false" do
30
- expect(subject.redirectable?).to eq(false)
31
- end
32
- end
33
-
34
- describe "#redirect_uri" do
35
- it "returns an empty String" do
36
- expect(subject.redirect_uri).to eq("")
37
- end
38
- end
39
-
40
- describe "#status" do
41
- it "returns :ok" do
42
- expect(subject.status).to eq(:ok)
43
- end
44
- end
45
- end
@@ -1,90 +0,0 @@
1
- # frozen_string_literal: true
2
-
3
- require "spec_helper"
4
-
5
- class Doorkeeper::OAuth::Client
6
- describe Credentials do
7
- let(:client_id) { "some-uid" }
8
- let(:client_secret) { "some-secret" }
9
-
10
- it "is blank when the uid in credentials is blank" do
11
- expect(Credentials.new(nil, nil)).to be_blank
12
- expect(Credentials.new(nil, "something")).to be_blank
13
- expect(Credentials.new("something", nil)).to be_present
14
- expect(Credentials.new("something", "something")).to be_present
15
- end
16
-
17
- describe ".from_request" do
18
- let(:request) { double.as_null_object }
19
-
20
- let(:method) do
21
- ->(_request) { %w[uid secret] }
22
- end
23
-
24
- it "accepts anything that responds to #call" do
25
- expect(method).to receive(:call).with(request)
26
- Credentials.from_request request, method
27
- end
28
-
29
- it "delegates methods received as symbols to Credentials class" do
30
- expect(Credentials).to receive(:from_params).with(request)
31
- Credentials.from_request request, :from_params
32
- end
33
-
34
- it "stops at the first credentials found" do
35
- not_called_method = double
36
- expect(not_called_method).not_to receive(:call)
37
- Credentials.from_request request, ->(_) {}, method, not_called_method
38
- end
39
-
40
- it "returns new Credentials" do
41
- credentials = Credentials.from_request request, method
42
- expect(credentials).to be_a(Credentials)
43
- end
44
-
45
- it "returns uid and secret from extractor method" do
46
- credentials = Credentials.from_request request, method
47
- expect(credentials.uid).to eq("uid")
48
- expect(credentials.secret).to eq("secret")
49
- end
50
- end
51
-
52
- describe :from_params do
53
- it "returns credentials from parameters when Authorization header is not available" do
54
- request = double parameters: { client_id: client_id, client_secret: client_secret }
55
- uid, secret = Credentials.from_params(request)
56
-
57
- expect(uid).to eq("some-uid")
58
- expect(secret).to eq("some-secret")
59
- end
60
-
61
- it "is blank when there are no credentials" do
62
- request = double parameters: {}
63
- uid, secret = Credentials.from_params(request)
64
-
65
- expect(uid).to be_blank
66
- expect(secret).to be_blank
67
- end
68
- end
69
-
70
- describe :from_basic do
71
- let(:credentials) { Base64.encode64("#{client_id}:#{client_secret}") }
72
-
73
- it "decodes the credentials" do
74
- request = double authorization: "Basic #{credentials}"
75
- uid, secret = Credentials.from_basic(request)
76
-
77
- expect(uid).to eq("some-uid")
78
- expect(secret).to eq("some-secret")
79
- end
80
-
81
- it "is blank if Authorization is not Basic" do
82
- request = double authorization: credentials.to_s
83
- uid, secret = Credentials.from_basic(request)
84
-
85
- expect(uid).to be_blank
86
- expect(secret).to be_blank
87
- end
88
- end
89
- end
90
- end
@@ -1,135 +0,0 @@
1
- # frozen_string_literal: true
2
-
3
- require "spec_helper"
4
-
5
- describe Doorkeeper::OAuth::ClientCredentials::Creator do
6
- let(:client) { FactoryBot.create :application }
7
- let(:scopes) { Doorkeeper::OAuth::Scopes.from_string("public") }
8
-
9
- before do
10
- default_scopes_exist :public
11
- end
12
-
13
- it "creates a new token" do
14
- expect do
15
- subject.call(client, scopes)
16
- end.to change { Doorkeeper::AccessToken.count }.by(1)
17
- end
18
-
19
- context "when reuse_access_token is true" do
20
- before do
21
- allow(Doorkeeper.config).to receive(:reuse_access_token).and_return(true)
22
- end
23
-
24
- context "when expiration is disabled" do
25
- it "returns the existing valid token" do
26
- existing_token = subject.call(client, scopes)
27
-
28
- result = subject.call(client, scopes)
29
-
30
- expect(Doorkeeper::AccessToken.count).to eq(1)
31
- expect(result).to eq(existing_token)
32
- end
33
- end
34
-
35
- context "when existing token has not crossed token_reuse_limit" do
36
- let!(:existing_token) { subject.call(client, scopes, expires_in: 1000) }
37
-
38
- before do
39
- allow(Doorkeeper.config).to receive(:token_reuse_limit).and_return(50)
40
- allow_any_instance_of(Doorkeeper::AccessToken).to receive(:expires_in_seconds).and_return(600)
41
- end
42
-
43
- it "returns the existing valid token" do
44
- result = subject.call(client, scopes, expires_in: 1000)
45
-
46
- expect(Doorkeeper::AccessToken.count).to eq(1)
47
- expect(result).to eq(existing_token)
48
- end
49
-
50
- context "and when revoke_previous_client_credentials_token is false" do
51
- before do
52
- allow(Doorkeeper.config).to receive(:revoke_previous_client_credentials_token).and_return(false)
53
- end
54
-
55
- it "does not revoke the existing valid token" do
56
- subject.call(client, scopes, expires_in: 1000)
57
- expect(existing_token.reload).not_to be_revoked
58
- end
59
- end
60
- end
61
-
62
- context "when existing token has crossed token_reuse_limit" do
63
- it "returns a new token" do
64
- allow(Doorkeeper.config).to receive(:token_reuse_limit).and_return(50)
65
- existing_token = subject.call(client, scopes, expires_in: 1000)
66
-
67
- allow_any_instance_of(Doorkeeper::AccessToken).to receive(:expires_in_seconds).and_return(400)
68
- result = subject.call(client, scopes, expires_in: 1000)
69
-
70
- expect(Doorkeeper::AccessToken.count).to eq(2)
71
- expect(result).not_to eq(existing_token)
72
- end
73
- end
74
-
75
- context "when existing token has been expired" do
76
- it "returns a new token" do
77
- allow(Doorkeeper.configuration).to receive(:token_reuse_limit).and_return(50)
78
- existing_token = subject.call(client, scopes, expires_in: 1000)
79
-
80
- allow_any_instance_of(Doorkeeper::AccessToken).to receive(:expired?).and_return(true)
81
- result = subject.call(client, scopes, expires_in: 1000)
82
-
83
- expect(Doorkeeper::AccessToken.count).to eq(2)
84
- expect(result).not_to eq(existing_token)
85
- end
86
- end
87
- end
88
-
89
- context "when reuse_access_token is false" do
90
- before do
91
- allow(Doorkeeper.config).to receive(:reuse_access_token).and_return(false)
92
- end
93
-
94
- it "returns a new token" do
95
- existing_token = subject.call(client, scopes)
96
-
97
- result = subject.call(client, scopes)
98
-
99
- expect(Doorkeeper::AccessToken.count).to eq(2)
100
- expect(result).not_to eq(existing_token)
101
- end
102
- end
103
-
104
- context "when revoke_previous_client_credentials_token is true" do
105
- let!(:existing_token) { subject.call(client, scopes, expires_in: 1000) }
106
-
107
- before do
108
- allow(Doorkeeper.configuration).to receive(:revoke_previous_client_credentials_token).and_return(true)
109
- end
110
-
111
- it "revokes the existing token" do
112
- subject.call(client, scopes, expires_in: 1000)
113
- expect(existing_token.reload).to be_revoked
114
- end
115
- end
116
-
117
- context "when revoke_previous_client_credentials_token is false" do
118
- let!(:existing_token) { subject.call(client, scopes, expires_in: 1000) }
119
-
120
- before do
121
- allow(Doorkeeper.configuration).to receive(:revoke_previous_client_credentials_token).and_return(false)
122
- end
123
-
124
- it "does not revoke the existing token" do
125
- subject.call(client, scopes, expires_in: 1000)
126
- expect(existing_token.reload).not_to be_revoked
127
- end
128
- end
129
-
130
- it "returns false if creation fails" do
131
- expect(Doorkeeper::AccessToken).to receive(:find_or_create_for).and_return(false)
132
- created = subject.call(client, scopes)
133
- expect(created).to be_falsey
134
- end
135
- end