doorkeeper 5.4.0.rc1 → 5.4.0.rc2
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of doorkeeper might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/CHANGELOG.md +28 -1
- data/app/controllers/doorkeeper/applications_controller.rb +3 -3
- data/app/controllers/doorkeeper/authorized_applications_controller.rb +1 -1
- data/app/views/doorkeeper/applications/_form.html.erb +1 -1
- data/lib/doorkeeper.rb +1 -1
- data/lib/doorkeeper/config.rb +24 -18
- data/lib/doorkeeper/config/abstract_builder.rb +1 -1
- data/lib/doorkeeper/helpers/controller.rb +4 -4
- data/lib/doorkeeper/models/access_grant_mixin.rb +11 -5
- data/lib/doorkeeper/models/access_token_mixin.rb +9 -5
- data/lib/doorkeeper/models/application_mixin.rb +5 -4
- data/lib/doorkeeper/oauth/client_credentials/creator.rb +2 -2
- data/lib/doorkeeper/oauth/client_credentials/validator.rb +3 -1
- data/lib/doorkeeper/oauth/password_access_token_request.rb +1 -1
- data/lib/doorkeeper/oauth/pre_authorization.rb +5 -4
- data/lib/doorkeeper/oauth/token.rb +1 -2
- data/lib/doorkeeper/orm/active_record.rb +10 -2
- data/lib/doorkeeper/orm/active_record/mixins/access_grant.rb +1 -1
- data/lib/doorkeeper/orm/active_record/mixins/access_token.rb +1 -1
- data/lib/doorkeeper/orm/active_record/mixins/application.rb +64 -9
- data/lib/doorkeeper/request/refresh_token.rb +2 -1
- data/lib/doorkeeper/version.rb +1 -1
- data/lib/generators/doorkeeper/templates/migration.rb.erb +12 -5
- metadata +5 -299
- data/Appraisals +0 -26
- data/CODE_OF_CONDUCT.md +0 -46
- data/CONTRIBUTING.md +0 -49
- data/Dangerfile +0 -67
- data/Dockerfile +0 -29
- data/Gemfile +0 -25
- data/NEWS.md +0 -1
- data/RELEASING.md +0 -11
- data/Rakefile +0 -28
- data/SECURITY.md +0 -15
- data/UPGRADE.md +0 -2
- data/bin/console +0 -30
- data/doorkeeper.gemspec +0 -42
- data/gemfiles/rails_5_0.gemfile +0 -19
- data/gemfiles/rails_5_1.gemfile +0 -19
- data/gemfiles/rails_5_2.gemfile +0 -19
- data/gemfiles/rails_6_0.gemfile +0 -19
- data/gemfiles/rails_master.gemfile +0 -19
- data/spec/controllers/application_metal_controller_spec.rb +0 -64
- data/spec/controllers/applications_controller_spec.rb +0 -274
- data/spec/controllers/authorizations_controller_spec.rb +0 -743
- data/spec/controllers/protected_resources_controller_spec.rb +0 -361
- data/spec/controllers/token_info_controller_spec.rb +0 -50
- data/spec/controllers/tokens_controller_spec.rb +0 -499
- data/spec/dummy/Rakefile +0 -9
- data/spec/dummy/app/assets/config/manifest.js +0 -2
- data/spec/dummy/app/controllers/application_controller.rb +0 -5
- data/spec/dummy/app/controllers/custom_authorizations_controller.rb +0 -9
- data/spec/dummy/app/controllers/full_protected_resources_controller.rb +0 -14
- data/spec/dummy/app/controllers/home_controller.rb +0 -18
- data/spec/dummy/app/controllers/metal_controller.rb +0 -13
- data/spec/dummy/app/controllers/semi_protected_resources_controller.rb +0 -13
- data/spec/dummy/app/helpers/application_helper.rb +0 -7
- data/spec/dummy/app/models/user.rb +0 -11
- data/spec/dummy/app/views/home/index.html.erb +0 -0
- data/spec/dummy/app/views/layouts/application.html.erb +0 -14
- data/spec/dummy/config.ru +0 -6
- data/spec/dummy/config/application.rb +0 -51
- data/spec/dummy/config/boot.rb +0 -7
- data/spec/dummy/config/database.yml +0 -15
- data/spec/dummy/config/environment.rb +0 -5
- data/spec/dummy/config/environments/development.rb +0 -31
- data/spec/dummy/config/environments/production.rb +0 -64
- data/spec/dummy/config/environments/test.rb +0 -45
- data/spec/dummy/config/initializers/backtrace_silencers.rb +0 -9
- data/spec/dummy/config/initializers/doorkeeper.rb +0 -166
- data/spec/dummy/config/initializers/secret_token.rb +0 -10
- data/spec/dummy/config/initializers/session_store.rb +0 -10
- data/spec/dummy/config/initializers/wrap_parameters.rb +0 -16
- data/spec/dummy/config/locales/doorkeeper.en.yml +0 -5
- data/spec/dummy/config/routes.rb +0 -13
- data/spec/dummy/db/migrate/20111122132257_create_users.rb +0 -11
- data/spec/dummy/db/migrate/20120312140401_add_password_to_users.rb +0 -7
- data/spec/dummy/db/migrate/20151223192035_create_doorkeeper_tables.rb +0 -69
- data/spec/dummy/db/migrate/20151223200000_add_owner_to_application.rb +0 -9
- data/spec/dummy/db/migrate/20160320211015_add_previous_refresh_token_to_access_tokens.rb +0 -13
- data/spec/dummy/db/migrate/20170822064514_enable_pkce.rb +0 -8
- data/spec/dummy/db/migrate/20180210183654_add_confidential_to_applications.rb +0 -13
- data/spec/dummy/db/schema.rb +0 -70
- data/spec/dummy/public/404.html +0 -26
- data/spec/dummy/public/422.html +0 -26
- data/spec/dummy/public/500.html +0 -26
- data/spec/dummy/public/favicon.ico +0 -0
- data/spec/dummy/script/rails +0 -9
- data/spec/factories.rb +0 -30
- data/spec/generators/application_owner_generator_spec.rb +0 -28
- data/spec/generators/confidential_applications_generator_spec.rb +0 -29
- data/spec/generators/enable_polymorphic_resource_owner_generator_spec.rb +0 -47
- data/spec/generators/install_generator_spec.rb +0 -36
- data/spec/generators/migration_generator_spec.rb +0 -28
- data/spec/generators/pkce_generator_spec.rb +0 -28
- data/spec/generators/previous_refresh_token_generator_spec.rb +0 -44
- data/spec/generators/templates/routes.rb +0 -4
- data/spec/generators/views_generator_spec.rb +0 -29
- data/spec/grape/grape_integration_spec.rb +0 -137
- data/spec/helpers/doorkeeper/dashboard_helper_spec.rb +0 -26
- data/spec/lib/config_spec.rb +0 -813
- data/spec/lib/doorkeeper_spec.rb +0 -27
- data/spec/lib/models/expirable_spec.rb +0 -61
- data/spec/lib/models/reusable_spec.rb +0 -40
- data/spec/lib/models/revocable_spec.rb +0 -58
- data/spec/lib/models/scopes_spec.rb +0 -61
- data/spec/lib/models/secret_storable_spec.rb +0 -135
- data/spec/lib/oauth/authorization/uri_builder_spec.rb +0 -39
- data/spec/lib/oauth/authorization_code_request_spec.rb +0 -180
- data/spec/lib/oauth/base_request_spec.rb +0 -210
- data/spec/lib/oauth/base_response_spec.rb +0 -45
- data/spec/lib/oauth/client/credentials_spec.rb +0 -90
- data/spec/lib/oauth/client_credentials/creator_spec.rb +0 -135
- data/spec/lib/oauth/client_credentials/issuer_spec.rb +0 -110
- data/spec/lib/oauth/client_credentials/validation_spec.rb +0 -57
- data/spec/lib/oauth/client_credentials_integration_spec.rb +0 -27
- data/spec/lib/oauth/client_credentials_request_spec.rb +0 -108
- data/spec/lib/oauth/client_spec.rb +0 -38
- data/spec/lib/oauth/code_request_spec.rb +0 -46
- data/spec/lib/oauth/code_response_spec.rb +0 -36
- data/spec/lib/oauth/error_response_spec.rb +0 -64
- data/spec/lib/oauth/error_spec.rb +0 -21
- data/spec/lib/oauth/forbidden_token_response_spec.rb +0 -20
- data/spec/lib/oauth/helpers/scope_checker_spec.rb +0 -110
- data/spec/lib/oauth/helpers/unique_token_spec.rb +0 -21
- data/spec/lib/oauth/helpers/uri_checker_spec.rb +0 -262
- data/spec/lib/oauth/invalid_request_response_spec.rb +0 -73
- data/spec/lib/oauth/invalid_token_response_spec.rb +0 -53
- data/spec/lib/oauth/password_access_token_request_spec.rb +0 -201
- data/spec/lib/oauth/pre_authorization_spec.rb +0 -218
- data/spec/lib/oauth/refresh_token_request_spec.rb +0 -166
- data/spec/lib/oauth/scopes_spec.rb +0 -146
- data/spec/lib/oauth/token_request_spec.rb +0 -164
- data/spec/lib/oauth/token_response_spec.rb +0 -84
- data/spec/lib/oauth/token_spec.rb +0 -156
- data/spec/lib/option_spec.rb +0 -51
- data/spec/lib/request/strategy_spec.rb +0 -54
- data/spec/lib/secret_storing/base_spec.rb +0 -60
- data/spec/lib/secret_storing/bcrypt_spec.rb +0 -49
- data/spec/lib/secret_storing/plain_spec.rb +0 -44
- data/spec/lib/secret_storing/sha256_hash_spec.rb +0 -48
- data/spec/lib/server_spec.rb +0 -49
- data/spec/lib/stale_records_cleaner_spec.rb +0 -102
- data/spec/models/doorkeeper/access_grant_spec.rb +0 -175
- data/spec/models/doorkeeper/access_token_spec.rb +0 -650
- data/spec/models/doorkeeper/application_spec.rb +0 -442
- data/spec/requests/applications/applications_request_spec.rb +0 -259
- data/spec/requests/applications/authorized_applications_spec.rb +0 -32
- data/spec/requests/endpoints/authorization_spec.rb +0 -91
- data/spec/requests/endpoints/token_spec.rb +0 -79
- data/spec/requests/flows/authorization_code_errors_spec.rb +0 -82
- data/spec/requests/flows/authorization_code_spec.rb +0 -530
- data/spec/requests/flows/client_credentials_spec.rb +0 -207
- data/spec/requests/flows/implicit_grant_errors_spec.rb +0 -46
- data/spec/requests/flows/implicit_grant_spec.rb +0 -91
- data/spec/requests/flows/password_spec.rb +0 -316
- data/spec/requests/flows/refresh_token_spec.rb +0 -241
- data/spec/requests/flows/revoke_token_spec.rb +0 -196
- data/spec/requests/flows/skip_authorization_spec.rb +0 -66
- data/spec/requests/protected_resources/metal_spec.rb +0 -16
- data/spec/requests/protected_resources/private_api_spec.rb +0 -83
- data/spec/routing/custom_controller_routes_spec.rb +0 -133
- data/spec/routing/default_routes_spec.rb +0 -41
- data/spec/routing/scoped_routes_spec.rb +0 -47
- data/spec/spec_helper.rb +0 -54
- data/spec/spec_helper_integration.rb +0 -4
- data/spec/support/dependencies/factory_bot.rb +0 -4
- data/spec/support/doorkeeper_rspec.rb +0 -22
- data/spec/support/helpers/access_token_request_helper.rb +0 -14
- data/spec/support/helpers/authorization_request_helper.rb +0 -43
- data/spec/support/helpers/config_helper.rb +0 -11
- data/spec/support/helpers/model_helper.rb +0 -78
- data/spec/support/helpers/request_spec_helper.rb +0 -110
- data/spec/support/helpers/url_helper.rb +0 -62
- data/spec/support/orm/active_record.rb +0 -5
- data/spec/support/shared/controllers_shared_context.rb +0 -133
- data/spec/support/shared/hashing_shared_context.rb +0 -36
- data/spec/support/shared/models_shared_examples.rb +0 -56
- data/spec/validators/redirect_uri_validator_spec.rb +0 -183
- data/spec/version/version_spec.rb +0 -17
@@ -1,84 +0,0 @@
|
|
1
|
-
# frozen_string_literal: true
|
2
|
-
|
3
|
-
require "spec_helper"
|
4
|
-
|
5
|
-
describe Doorkeeper::OAuth::TokenResponse do
|
6
|
-
subject { described_class.new(double.as_null_object) }
|
7
|
-
|
8
|
-
it "includes access token response headers" do
|
9
|
-
headers = subject.headers
|
10
|
-
expect(headers.fetch("Cache-Control")).to eq("no-store")
|
11
|
-
expect(headers.fetch("Pragma")).to eq("no-cache")
|
12
|
-
end
|
13
|
-
|
14
|
-
it "status is ok" do
|
15
|
-
expect(subject.status).to eq(:ok)
|
16
|
-
end
|
17
|
-
|
18
|
-
describe ".body" do
|
19
|
-
let(:access_token) do
|
20
|
-
double :access_token,
|
21
|
-
plaintext_token: "some-token",
|
22
|
-
expires_in: "3600",
|
23
|
-
expires_in_seconds: "300",
|
24
|
-
scopes_string: "two scopes",
|
25
|
-
plaintext_refresh_token: "some-refresh-token",
|
26
|
-
token_type: "bearer",
|
27
|
-
created_at: 0
|
28
|
-
end
|
29
|
-
|
30
|
-
subject { described_class.new(access_token).body }
|
31
|
-
|
32
|
-
it "includes :access_token" do
|
33
|
-
expect(subject["access_token"]).to eq("some-token")
|
34
|
-
end
|
35
|
-
|
36
|
-
it "includes :token_type" do
|
37
|
-
expect(subject["token_type"]).to eq("bearer")
|
38
|
-
end
|
39
|
-
|
40
|
-
# expires_in_seconds is returned as `expires_in` in order to match
|
41
|
-
# the OAuth spec (section 4.2.2)
|
42
|
-
it "includes :expires_in" do
|
43
|
-
expect(subject["expires_in"]).to eq("300")
|
44
|
-
end
|
45
|
-
|
46
|
-
it "includes :scope" do
|
47
|
-
expect(subject["scope"]).to eq("two scopes")
|
48
|
-
end
|
49
|
-
|
50
|
-
it "includes :refresh_token" do
|
51
|
-
expect(subject["refresh_token"]).to eq("some-refresh-token")
|
52
|
-
end
|
53
|
-
|
54
|
-
it "includes :created_at" do
|
55
|
-
expect(subject["created_at"]).to eq(0)
|
56
|
-
end
|
57
|
-
end
|
58
|
-
|
59
|
-
describe ".body filters out empty values" do
|
60
|
-
let(:access_token) do
|
61
|
-
double :access_token,
|
62
|
-
plaintext_token: "some-token",
|
63
|
-
expires_in_seconds: "",
|
64
|
-
scopes_string: "",
|
65
|
-
plaintext_refresh_token: "",
|
66
|
-
token_type: "bearer",
|
67
|
-
created_at: 0
|
68
|
-
end
|
69
|
-
|
70
|
-
subject { described_class.new(access_token).body }
|
71
|
-
|
72
|
-
it "includes :expires_in" do
|
73
|
-
expect(subject["expires_in"]).to be_nil
|
74
|
-
end
|
75
|
-
|
76
|
-
it "includes :scope" do
|
77
|
-
expect(subject["scope"]).to be_nil
|
78
|
-
end
|
79
|
-
|
80
|
-
it "includes :refresh_token" do
|
81
|
-
expect(subject["refresh_token"]).to be_nil
|
82
|
-
end
|
83
|
-
end
|
84
|
-
end
|
@@ -1,156 +0,0 @@
|
|
1
|
-
# frozen_string_literal: true
|
2
|
-
|
3
|
-
require "spec_helper"
|
4
|
-
|
5
|
-
module Doorkeeper
|
6
|
-
unless defined?(AccessToken)
|
7
|
-
class AccessToken
|
8
|
-
end
|
9
|
-
end
|
10
|
-
end
|
11
|
-
|
12
|
-
describe Doorkeeper::OAuth::Token do
|
13
|
-
describe ".from_request" do
|
14
|
-
let(:request) { double.as_null_object }
|
15
|
-
|
16
|
-
let(:method) do
|
17
|
-
->(*) { "token-value" }
|
18
|
-
end
|
19
|
-
|
20
|
-
it "accepts anything that responds to #call" do
|
21
|
-
expect(method).to receive(:call).with(request)
|
22
|
-
described_class.from_request request, method
|
23
|
-
end
|
24
|
-
|
25
|
-
it "delegates methods received as symbols to described_class class" do
|
26
|
-
expect(described_class).to receive(:from_params).with(request)
|
27
|
-
described_class.from_request request, :from_params
|
28
|
-
end
|
29
|
-
|
30
|
-
it "stops at the first credentials found" do
|
31
|
-
not_called_method = double
|
32
|
-
expect(not_called_method).not_to receive(:call)
|
33
|
-
described_class.from_request request, ->(_r) {}, method, not_called_method
|
34
|
-
end
|
35
|
-
|
36
|
-
it "returns the credential from extractor method" do
|
37
|
-
credentials = described_class.from_request request, method
|
38
|
-
expect(credentials).to eq("token-value")
|
39
|
-
end
|
40
|
-
end
|
41
|
-
|
42
|
-
describe ".from_access_token_param" do
|
43
|
-
it "returns token from access_token parameter" do
|
44
|
-
request = double parameters: { access_token: "some-token" }
|
45
|
-
token = described_class.from_access_token_param(request)
|
46
|
-
expect(token).to eq("some-token")
|
47
|
-
end
|
48
|
-
end
|
49
|
-
|
50
|
-
describe ".from_bearer_param" do
|
51
|
-
it "returns token from bearer_token parameter" do
|
52
|
-
request = double parameters: { bearer_token: "some-token" }
|
53
|
-
token = described_class.from_bearer_param(request)
|
54
|
-
expect(token).to eq("some-token")
|
55
|
-
end
|
56
|
-
end
|
57
|
-
|
58
|
-
describe ".from_bearer_authorization" do
|
59
|
-
it "returns token from capitalized authorization bearer" do
|
60
|
-
request = double authorization: "Bearer SomeToken"
|
61
|
-
token = described_class.from_bearer_authorization(request)
|
62
|
-
expect(token).to eq("SomeToken")
|
63
|
-
end
|
64
|
-
|
65
|
-
it "returns token from lowercased authorization bearer" do
|
66
|
-
request = double authorization: "bearer SomeToken"
|
67
|
-
token = described_class.from_bearer_authorization(request)
|
68
|
-
expect(token).to eq("SomeToken")
|
69
|
-
end
|
70
|
-
|
71
|
-
it "does not return token if authorization is not bearer" do
|
72
|
-
request = double authorization: "MAC SomeToken"
|
73
|
-
token = described_class.from_bearer_authorization(request)
|
74
|
-
expect(token).to be_blank
|
75
|
-
end
|
76
|
-
end
|
77
|
-
|
78
|
-
describe ".from_basic_authorization" do
|
79
|
-
it "returns token from capitalized authorization basic" do
|
80
|
-
request = double authorization: "Basic #{Base64.encode64 "SomeToken:"}"
|
81
|
-
token = described_class.from_basic_authorization(request)
|
82
|
-
expect(token).to eq("SomeToken")
|
83
|
-
end
|
84
|
-
|
85
|
-
it "returns token from lowercased authorization basic" do
|
86
|
-
request = double authorization: "basic #{Base64.encode64 "SomeToken:"}"
|
87
|
-
token = described_class.from_basic_authorization(request)
|
88
|
-
expect(token).to eq("SomeToken")
|
89
|
-
end
|
90
|
-
|
91
|
-
it "does not return token if authorization is not basic" do
|
92
|
-
request = double authorization: "MAC #{Base64.encode64 "SomeToken:"}"
|
93
|
-
token = described_class.from_basic_authorization(request)
|
94
|
-
expect(token).to be_blank
|
95
|
-
end
|
96
|
-
end
|
97
|
-
|
98
|
-
describe ".authenticate" do
|
99
|
-
context "refresh tokens are disabled (default)" do
|
100
|
-
context "refresh tokens are enabled" do
|
101
|
-
it "does not revoke previous refresh_token if token was found" do
|
102
|
-
token = ->(_r) { "token" }
|
103
|
-
expect(
|
104
|
-
Doorkeeper::AccessToken,
|
105
|
-
).to receive(:by_token).with("token").and_return(token)
|
106
|
-
expect(token).not_to receive(:revoke_previous_refresh_token!)
|
107
|
-
described_class.authenticate double, token
|
108
|
-
end
|
109
|
-
end
|
110
|
-
|
111
|
-
it "calls the finder if token was returned" do
|
112
|
-
token = ->(_r) { "token" }
|
113
|
-
expect(Doorkeeper::AccessToken).to receive(:by_token).with("token")
|
114
|
-
described_class.authenticate double, token
|
115
|
-
end
|
116
|
-
end
|
117
|
-
|
118
|
-
context "token hashing is enabled" do
|
119
|
-
include_context "with token hashing enabled"
|
120
|
-
|
121
|
-
let(:hashed_token) { hashed_or_plain_token_func.call("token") }
|
122
|
-
let(:token) { ->(_r) { "token" } }
|
123
|
-
|
124
|
-
it "searches with the hashed token" do
|
125
|
-
expect(
|
126
|
-
Doorkeeper::AccessToken,
|
127
|
-
).to receive(:find_by).with(token: hashed_token).and_return(token)
|
128
|
-
described_class.authenticate double, token
|
129
|
-
end
|
130
|
-
end
|
131
|
-
|
132
|
-
context "refresh tokens are enabled" do
|
133
|
-
before do
|
134
|
-
Doorkeeper.configure do
|
135
|
-
orm DOORKEEPER_ORM
|
136
|
-
use_refresh_token
|
137
|
-
end
|
138
|
-
end
|
139
|
-
|
140
|
-
it "revokes previous refresh_token if token was found" do
|
141
|
-
token = ->(_r) { "token" }
|
142
|
-
expect(
|
143
|
-
Doorkeeper::AccessToken,
|
144
|
-
).to receive(:by_token).with("token").and_return(token)
|
145
|
-
expect(token).to receive(:revoke_previous_refresh_token!)
|
146
|
-
described_class.authenticate double, token
|
147
|
-
end
|
148
|
-
|
149
|
-
it "calls the finder if token was returned" do
|
150
|
-
token = ->(_r) { "token" }
|
151
|
-
expect(Doorkeeper::AccessToken).to receive(:by_token).with("token")
|
152
|
-
described_class.authenticate double, token
|
153
|
-
end
|
154
|
-
end
|
155
|
-
end
|
156
|
-
end
|
data/spec/lib/option_spec.rb
DELETED
@@ -1,51 +0,0 @@
|
|
1
|
-
# frozen_string_literal: true
|
2
|
-
|
3
|
-
require "spec_helper"
|
4
|
-
|
5
|
-
describe Doorkeeper, "configuration option DSL" do
|
6
|
-
class Extension
|
7
|
-
def self.configure(&block)
|
8
|
-
@config = Config::Builder.new(Config.new, &block).build
|
9
|
-
end
|
10
|
-
|
11
|
-
def self.configuration
|
12
|
-
@config || (raise Errors::MissingConfiguration)
|
13
|
-
end
|
14
|
-
|
15
|
-
class Config
|
16
|
-
class Builder < Doorkeeper::Config::AbstractBuilder
|
17
|
-
def enforce_something
|
18
|
-
@config.instance_variable_set(:@enforce_something, true)
|
19
|
-
end
|
20
|
-
end
|
21
|
-
|
22
|
-
def enforce_something?
|
23
|
-
if defined?(@enforce_something)
|
24
|
-
@enforce_something
|
25
|
-
else
|
26
|
-
false
|
27
|
-
end
|
28
|
-
end
|
29
|
-
|
30
|
-
def self.builder_class
|
31
|
-
Config::Builder
|
32
|
-
end
|
33
|
-
|
34
|
-
extend Doorkeeper::Config::Option
|
35
|
-
end
|
36
|
-
end
|
37
|
-
|
38
|
-
it "allows to define custom options in extensions" do
|
39
|
-
expect do
|
40
|
-
Extension::Config.option(:some_option, default: 1)
|
41
|
-
end.not_to raise_error
|
42
|
-
|
43
|
-
Extension.configure do
|
44
|
-
some_option 20
|
45
|
-
enforce_something
|
46
|
-
end
|
47
|
-
|
48
|
-
expect(Extension.configuration.some_option).to eq(20)
|
49
|
-
expect(Extension.configuration.enforce_something?).to be(true)
|
50
|
-
end
|
51
|
-
end
|
@@ -1,54 +0,0 @@
|
|
1
|
-
# frozen_string_literal: true
|
2
|
-
|
3
|
-
require "spec_helper"
|
4
|
-
|
5
|
-
module Doorkeeper
|
6
|
-
module Request
|
7
|
-
describe Strategy do
|
8
|
-
let(:server) { double }
|
9
|
-
subject(:strategy) { Strategy.new(server) }
|
10
|
-
|
11
|
-
describe :initialize do
|
12
|
-
it "sets the server attribute" do
|
13
|
-
expect(strategy.server).to eq server
|
14
|
-
end
|
15
|
-
end
|
16
|
-
|
17
|
-
describe :request do
|
18
|
-
it "requires an implementation" do
|
19
|
-
expect { strategy.request }.to raise_exception NotImplementedError
|
20
|
-
end
|
21
|
-
end
|
22
|
-
|
23
|
-
describe "a sample Strategy subclass" do
|
24
|
-
let(:fake_request) { double }
|
25
|
-
|
26
|
-
let(:strategy_class) do
|
27
|
-
subclass = Class.new(Strategy) do
|
28
|
-
class << self
|
29
|
-
attr_accessor :fake_request
|
30
|
-
end
|
31
|
-
|
32
|
-
def request
|
33
|
-
self.class.fake_request
|
34
|
-
end
|
35
|
-
end
|
36
|
-
|
37
|
-
subclass.fake_request = fake_request
|
38
|
-
subclass
|
39
|
-
end
|
40
|
-
|
41
|
-
subject(:strategy) { strategy_class.new(server) }
|
42
|
-
|
43
|
-
it "provides a request implementation" do
|
44
|
-
expect(strategy.request).to eq fake_request
|
45
|
-
end
|
46
|
-
|
47
|
-
it "authorizes the request" do
|
48
|
-
expect(fake_request).to receive :authorize
|
49
|
-
strategy.authorize
|
50
|
-
end
|
51
|
-
end
|
52
|
-
end
|
53
|
-
end
|
54
|
-
end
|
@@ -1,60 +0,0 @@
|
|
1
|
-
# frozen_string_literal: true
|
2
|
-
|
3
|
-
require "spec_helper"
|
4
|
-
|
5
|
-
describe ::Doorkeeper::SecretStoring::Base do
|
6
|
-
let(:instance) { double("instance", token: "foo") }
|
7
|
-
subject { described_class }
|
8
|
-
|
9
|
-
describe "#transform_secret" do
|
10
|
-
it "raises" do
|
11
|
-
expect { subject.transform_secret("foo") }.to raise_error(NotImplementedError)
|
12
|
-
end
|
13
|
-
end
|
14
|
-
|
15
|
-
describe "#store_secret" do
|
16
|
-
it "sends to response of #transform_secret to the instance" do
|
17
|
-
expect(described_class)
|
18
|
-
.to receive(:transform_secret).with("bar")
|
19
|
-
.and_return "bar+transform"
|
20
|
-
|
21
|
-
expect(instance).to receive(:token=).with "bar+transform"
|
22
|
-
result = subject.store_secret instance, :token, "bar"
|
23
|
-
expect(result).to eq "bar+transform"
|
24
|
-
end
|
25
|
-
end
|
26
|
-
|
27
|
-
describe "#restore_secret" do
|
28
|
-
it "raises" do
|
29
|
-
expect { subject.restore_secret(subject, :token) }.to raise_error(NotImplementedError)
|
30
|
-
end
|
31
|
-
end
|
32
|
-
|
33
|
-
describe "#allows_restoring_secrets?" do
|
34
|
-
it "does not allow it" do
|
35
|
-
expect(subject.allows_restoring_secrets?).to eq false
|
36
|
-
end
|
37
|
-
end
|
38
|
-
|
39
|
-
describe "validate_for" do
|
40
|
-
it "allows for valid model" do
|
41
|
-
expect(subject.validate_for(:application)).to eq true
|
42
|
-
expect(subject.validate_for(:token)).to eq true
|
43
|
-
end
|
44
|
-
|
45
|
-
it "raises for invalid model" do
|
46
|
-
expect { subject.validate_for(:wat) }.to raise_error(ArgumentError, /can not be used for wat/)
|
47
|
-
end
|
48
|
-
end
|
49
|
-
|
50
|
-
describe "secret_matches?" do
|
51
|
-
before do
|
52
|
-
allow(subject).to receive(:transform_secret) { |input| "transformed: #{input}" }
|
53
|
-
end
|
54
|
-
|
55
|
-
it "compares input with #transform_secret" do
|
56
|
-
expect(subject.secret_matches?("input", "input")).to eq false
|
57
|
-
expect(subject.secret_matches?("a", "transformed: a")).to eq true
|
58
|
-
end
|
59
|
-
end
|
60
|
-
end
|
@@ -1,49 +0,0 @@
|
|
1
|
-
# frozen_string_literal: true
|
2
|
-
|
3
|
-
require "spec_helper"
|
4
|
-
require "bcrypt"
|
5
|
-
|
6
|
-
describe ::Doorkeeper::SecretStoring::BCrypt do
|
7
|
-
subject { described_class }
|
8
|
-
let(:instance) { double("instance", token: "foo") }
|
9
|
-
|
10
|
-
describe "#transform_secret" do
|
11
|
-
it "creates a bcrypt password" do
|
12
|
-
expect(subject.transform_secret("foo")).to be_a BCrypt::Password
|
13
|
-
end
|
14
|
-
end
|
15
|
-
|
16
|
-
describe "#restore_secret" do
|
17
|
-
it "raises" do
|
18
|
-
expect { subject.restore_secret(instance, :token) }.to raise_error(NotImplementedError)
|
19
|
-
end
|
20
|
-
end
|
21
|
-
|
22
|
-
describe "#allows_restoring_secrets?" do
|
23
|
-
it "does not allow it" do
|
24
|
-
expect(subject.allows_restoring_secrets?).to eq false
|
25
|
-
end
|
26
|
-
end
|
27
|
-
|
28
|
-
describe "validate_for" do
|
29
|
-
it "allows for valid model" do
|
30
|
-
expect(subject.validate_for(:application)).to eq true
|
31
|
-
end
|
32
|
-
|
33
|
-
it "raises for invalid model" do
|
34
|
-
expect { subject.validate_for(:wat) }
|
35
|
-
.to raise_error(ArgumentError, /can only be used for storing application secrets/)
|
36
|
-
expect { subject.validate_for(:token) }
|
37
|
-
.to raise_error(ArgumentError, /can only be used for storing application secrets/)
|
38
|
-
end
|
39
|
-
end
|
40
|
-
|
41
|
-
describe "secret_matches?" do
|
42
|
-
it "compares input with #transform_secret" do
|
43
|
-
expect(subject.secret_matches?("input", "input")).to eq false
|
44
|
-
|
45
|
-
password = BCrypt::Password.create "foobar"
|
46
|
-
expect(subject.secret_matches?("foobar", password.to_s)).to eq true
|
47
|
-
end
|
48
|
-
end
|
49
|
-
end
|