doorkeeper 5.4.0.rc1 → 5.5.0

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.


This version of doorkeeper might be problematic. Click here for more details.

Files changed (219) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +108 -9
  3. data/README.md +4 -4
  4. data/app/controllers/doorkeeper/applications_controller.rb +3 -3
  5. data/app/controllers/doorkeeper/authorizations_controller.rb +16 -5
  6. data/app/controllers/doorkeeper/authorized_applications_controller.rb +1 -1
  7. data/app/controllers/doorkeeper/token_info_controller.rb +12 -2
  8. data/app/controllers/doorkeeper/tokens_controller.rb +34 -26
  9. data/app/views/doorkeeper/applications/_form.html.erb +1 -1
  10. data/app/views/doorkeeper/applications/show.html.erb +16 -12
  11. data/app/views/doorkeeper/authorizations/form_post.html.erb +11 -0
  12. data/config/locales/en.yml +3 -1
  13. data/lib/doorkeeper.rb +6 -1
  14. data/lib/doorkeeper/config.rb +109 -78
  15. data/lib/doorkeeper/config/abstract_builder.rb +1 -1
  16. data/lib/doorkeeper/config/option.rb +1 -3
  17. data/lib/doorkeeper/config/validations.rb +53 -0
  18. data/lib/doorkeeper/engine.rb +1 -1
  19. data/lib/doorkeeper/grant_flow.rb +45 -0
  20. data/lib/doorkeeper/grant_flow/fallback_flow.rb +15 -0
  21. data/lib/doorkeeper/grant_flow/flow.rb +44 -0
  22. data/lib/doorkeeper/grant_flow/registry.rb +50 -0
  23. data/lib/doorkeeper/helpers/controller.rb +8 -4
  24. data/lib/doorkeeper/models/access_grant_mixin.rb +12 -7
  25. data/lib/doorkeeper/models/access_token_mixin.rb +12 -8
  26. data/lib/doorkeeper/models/application_mixin.rb +5 -4
  27. data/lib/doorkeeper/models/concerns/revocable.rb +1 -1
  28. data/lib/doorkeeper/oauth/authorization/code.rb +5 -1
  29. data/lib/doorkeeper/oauth/authorization/context.rb +5 -5
  30. data/lib/doorkeeper/oauth/authorization/token.rb +11 -5
  31. data/lib/doorkeeper/oauth/authorization/uri_builder.rb +1 -1
  32. data/lib/doorkeeper/oauth/authorization_code_request.rb +10 -17
  33. data/lib/doorkeeper/oauth/base_request.rb +1 -1
  34. data/lib/doorkeeper/oauth/client_credentials/creator.rb +3 -2
  35. data/lib/doorkeeper/oauth/client_credentials/issuer.rb +1 -0
  36. data/lib/doorkeeper/oauth/client_credentials/validator.rb +3 -1
  37. data/lib/doorkeeper/oauth/code_request.rb +2 -2
  38. data/lib/doorkeeper/oauth/code_response.rb +17 -11
  39. data/lib/doorkeeper/oauth/error_response.rb +4 -3
  40. data/lib/doorkeeper/oauth/helpers/scope_checker.rb +1 -3
  41. data/lib/doorkeeper/oauth/password_access_token_request.rb +21 -2
  42. data/lib/doorkeeper/oauth/pre_authorization.rb +37 -11
  43. data/lib/doorkeeper/oauth/refresh_token_request.rb +13 -0
  44. data/lib/doorkeeper/oauth/token.rb +4 -5
  45. data/lib/doorkeeper/oauth/token_introspection.rb +1 -5
  46. data/lib/doorkeeper/oauth/token_request.rb +1 -1
  47. data/lib/doorkeeper/orm/active_record.rb +5 -6
  48. data/lib/doorkeeper/orm/active_record/mixins/access_grant.rb +12 -2
  49. data/lib/doorkeeper/orm/active_record/mixins/access_token.rb +10 -2
  50. data/lib/doorkeeper/orm/active_record/mixins/application.rb +76 -10
  51. data/lib/doorkeeper/orm/active_record/redirect_uri_validator.rb +5 -0
  52. data/lib/doorkeeper/rails/routes.rb +1 -3
  53. data/lib/doorkeeper/rake/db.rake +3 -3
  54. data/lib/doorkeeper/rake/setup.rake +5 -0
  55. data/lib/doorkeeper/request.rb +49 -12
  56. data/lib/doorkeeper/request/refresh_token.rb +2 -1
  57. data/lib/doorkeeper/server.rb +1 -1
  58. data/lib/doorkeeper/stale_records_cleaner.rb +4 -4
  59. data/lib/doorkeeper/version.rb +2 -6
  60. data/lib/generators/doorkeeper/templates/add_owner_to_application_migration.rb.erb +1 -1
  61. data/lib/generators/doorkeeper/templates/initializer.rb +9 -7
  62. data/lib/generators/doorkeeper/templates/migration.rb.erb +12 -5
  63. metadata +25 -306
  64. data/Appraisals +0 -26
  65. data/CODE_OF_CONDUCT.md +0 -46
  66. data/CONTRIBUTING.md +0 -49
  67. data/Dangerfile +0 -67
  68. data/Dockerfile +0 -29
  69. data/Gemfile +0 -25
  70. data/NEWS.md +0 -1
  71. data/RELEASING.md +0 -11
  72. data/Rakefile +0 -28
  73. data/SECURITY.md +0 -15
  74. data/UPGRADE.md +0 -2
  75. data/bin/console +0 -30
  76. data/doorkeeper.gemspec +0 -42
  77. data/gemfiles/rails_5_0.gemfile +0 -19
  78. data/gemfiles/rails_5_1.gemfile +0 -19
  79. data/gemfiles/rails_5_2.gemfile +0 -19
  80. data/gemfiles/rails_6_0.gemfile +0 -19
  81. data/gemfiles/rails_master.gemfile +0 -19
  82. data/spec/controllers/application_metal_controller_spec.rb +0 -64
  83. data/spec/controllers/applications_controller_spec.rb +0 -274
  84. data/spec/controllers/authorizations_controller_spec.rb +0 -743
  85. data/spec/controllers/protected_resources_controller_spec.rb +0 -361
  86. data/spec/controllers/token_info_controller_spec.rb +0 -50
  87. data/spec/controllers/tokens_controller_spec.rb +0 -499
  88. data/spec/dummy/Rakefile +0 -9
  89. data/spec/dummy/app/assets/config/manifest.js +0 -2
  90. data/spec/dummy/app/controllers/application_controller.rb +0 -5
  91. data/spec/dummy/app/controllers/custom_authorizations_controller.rb +0 -9
  92. data/spec/dummy/app/controllers/full_protected_resources_controller.rb +0 -14
  93. data/spec/dummy/app/controllers/home_controller.rb +0 -18
  94. data/spec/dummy/app/controllers/metal_controller.rb +0 -13
  95. data/spec/dummy/app/controllers/semi_protected_resources_controller.rb +0 -13
  96. data/spec/dummy/app/helpers/application_helper.rb +0 -7
  97. data/spec/dummy/app/models/user.rb +0 -11
  98. data/spec/dummy/app/views/home/index.html.erb +0 -0
  99. data/spec/dummy/app/views/layouts/application.html.erb +0 -14
  100. data/spec/dummy/config.ru +0 -6
  101. data/spec/dummy/config/application.rb +0 -51
  102. data/spec/dummy/config/boot.rb +0 -7
  103. data/spec/dummy/config/database.yml +0 -15
  104. data/spec/dummy/config/environment.rb +0 -5
  105. data/spec/dummy/config/environments/development.rb +0 -31
  106. data/spec/dummy/config/environments/production.rb +0 -64
  107. data/spec/dummy/config/environments/test.rb +0 -45
  108. data/spec/dummy/config/initializers/backtrace_silencers.rb +0 -9
  109. data/spec/dummy/config/initializers/doorkeeper.rb +0 -166
  110. data/spec/dummy/config/initializers/secret_token.rb +0 -10
  111. data/spec/dummy/config/initializers/session_store.rb +0 -10
  112. data/spec/dummy/config/initializers/wrap_parameters.rb +0 -16
  113. data/spec/dummy/config/locales/doorkeeper.en.yml +0 -5
  114. data/spec/dummy/config/routes.rb +0 -13
  115. data/spec/dummy/db/migrate/20111122132257_create_users.rb +0 -11
  116. data/spec/dummy/db/migrate/20120312140401_add_password_to_users.rb +0 -7
  117. data/spec/dummy/db/migrate/20151223192035_create_doorkeeper_tables.rb +0 -69
  118. data/spec/dummy/db/migrate/20151223200000_add_owner_to_application.rb +0 -9
  119. data/spec/dummy/db/migrate/20160320211015_add_previous_refresh_token_to_access_tokens.rb +0 -13
  120. data/spec/dummy/db/migrate/20170822064514_enable_pkce.rb +0 -8
  121. data/spec/dummy/db/migrate/20180210183654_add_confidential_to_applications.rb +0 -13
  122. data/spec/dummy/db/schema.rb +0 -70
  123. data/spec/dummy/public/404.html +0 -26
  124. data/spec/dummy/public/422.html +0 -26
  125. data/spec/dummy/public/500.html +0 -26
  126. data/spec/dummy/public/favicon.ico +0 -0
  127. data/spec/dummy/script/rails +0 -9
  128. data/spec/factories.rb +0 -30
  129. data/spec/generators/application_owner_generator_spec.rb +0 -28
  130. data/spec/generators/confidential_applications_generator_spec.rb +0 -29
  131. data/spec/generators/enable_polymorphic_resource_owner_generator_spec.rb +0 -47
  132. data/spec/generators/install_generator_spec.rb +0 -36
  133. data/spec/generators/migration_generator_spec.rb +0 -28
  134. data/spec/generators/pkce_generator_spec.rb +0 -28
  135. data/spec/generators/previous_refresh_token_generator_spec.rb +0 -44
  136. data/spec/generators/templates/routes.rb +0 -4
  137. data/spec/generators/views_generator_spec.rb +0 -29
  138. data/spec/grape/grape_integration_spec.rb +0 -137
  139. data/spec/helpers/doorkeeper/dashboard_helper_spec.rb +0 -26
  140. data/spec/lib/config_spec.rb +0 -813
  141. data/spec/lib/doorkeeper_spec.rb +0 -27
  142. data/spec/lib/models/expirable_spec.rb +0 -61
  143. data/spec/lib/models/reusable_spec.rb +0 -40
  144. data/spec/lib/models/revocable_spec.rb +0 -58
  145. data/spec/lib/models/scopes_spec.rb +0 -61
  146. data/spec/lib/models/secret_storable_spec.rb +0 -135
  147. data/spec/lib/oauth/authorization/uri_builder_spec.rb +0 -39
  148. data/spec/lib/oauth/authorization_code_request_spec.rb +0 -180
  149. data/spec/lib/oauth/base_request_spec.rb +0 -210
  150. data/spec/lib/oauth/base_response_spec.rb +0 -45
  151. data/spec/lib/oauth/client/credentials_spec.rb +0 -90
  152. data/spec/lib/oauth/client_credentials/creator_spec.rb +0 -135
  153. data/spec/lib/oauth/client_credentials/issuer_spec.rb +0 -110
  154. data/spec/lib/oauth/client_credentials/validation_spec.rb +0 -57
  155. data/spec/lib/oauth/client_credentials_integration_spec.rb +0 -27
  156. data/spec/lib/oauth/client_credentials_request_spec.rb +0 -108
  157. data/spec/lib/oauth/client_spec.rb +0 -38
  158. data/spec/lib/oauth/code_request_spec.rb +0 -46
  159. data/spec/lib/oauth/code_response_spec.rb +0 -36
  160. data/spec/lib/oauth/error_response_spec.rb +0 -64
  161. data/spec/lib/oauth/error_spec.rb +0 -21
  162. data/spec/lib/oauth/forbidden_token_response_spec.rb +0 -20
  163. data/spec/lib/oauth/helpers/scope_checker_spec.rb +0 -110
  164. data/spec/lib/oauth/helpers/unique_token_spec.rb +0 -21
  165. data/spec/lib/oauth/helpers/uri_checker_spec.rb +0 -262
  166. data/spec/lib/oauth/invalid_request_response_spec.rb +0 -73
  167. data/spec/lib/oauth/invalid_token_response_spec.rb +0 -53
  168. data/spec/lib/oauth/password_access_token_request_spec.rb +0 -201
  169. data/spec/lib/oauth/pre_authorization_spec.rb +0 -218
  170. data/spec/lib/oauth/refresh_token_request_spec.rb +0 -166
  171. data/spec/lib/oauth/scopes_spec.rb +0 -146
  172. data/spec/lib/oauth/token_request_spec.rb +0 -164
  173. data/spec/lib/oauth/token_response_spec.rb +0 -84
  174. data/spec/lib/oauth/token_spec.rb +0 -156
  175. data/spec/lib/option_spec.rb +0 -51
  176. data/spec/lib/request/strategy_spec.rb +0 -54
  177. data/spec/lib/secret_storing/base_spec.rb +0 -60
  178. data/spec/lib/secret_storing/bcrypt_spec.rb +0 -49
  179. data/spec/lib/secret_storing/plain_spec.rb +0 -44
  180. data/spec/lib/secret_storing/sha256_hash_spec.rb +0 -48
  181. data/spec/lib/server_spec.rb +0 -49
  182. data/spec/lib/stale_records_cleaner_spec.rb +0 -102
  183. data/spec/models/doorkeeper/access_grant_spec.rb +0 -175
  184. data/spec/models/doorkeeper/access_token_spec.rb +0 -650
  185. data/spec/models/doorkeeper/application_spec.rb +0 -442
  186. data/spec/requests/applications/applications_request_spec.rb +0 -259
  187. data/spec/requests/applications/authorized_applications_spec.rb +0 -32
  188. data/spec/requests/endpoints/authorization_spec.rb +0 -91
  189. data/spec/requests/endpoints/token_spec.rb +0 -79
  190. data/spec/requests/flows/authorization_code_errors_spec.rb +0 -82
  191. data/spec/requests/flows/authorization_code_spec.rb +0 -530
  192. data/spec/requests/flows/client_credentials_spec.rb +0 -207
  193. data/spec/requests/flows/implicit_grant_errors_spec.rb +0 -46
  194. data/spec/requests/flows/implicit_grant_spec.rb +0 -91
  195. data/spec/requests/flows/password_spec.rb +0 -316
  196. data/spec/requests/flows/refresh_token_spec.rb +0 -241
  197. data/spec/requests/flows/revoke_token_spec.rb +0 -196
  198. data/spec/requests/flows/skip_authorization_spec.rb +0 -66
  199. data/spec/requests/protected_resources/metal_spec.rb +0 -16
  200. data/spec/requests/protected_resources/private_api_spec.rb +0 -83
  201. data/spec/routing/custom_controller_routes_spec.rb +0 -133
  202. data/spec/routing/default_routes_spec.rb +0 -41
  203. data/spec/routing/scoped_routes_spec.rb +0 -47
  204. data/spec/spec_helper.rb +0 -54
  205. data/spec/spec_helper_integration.rb +0 -4
  206. data/spec/support/dependencies/factory_bot.rb +0 -4
  207. data/spec/support/doorkeeper_rspec.rb +0 -22
  208. data/spec/support/helpers/access_token_request_helper.rb +0 -14
  209. data/spec/support/helpers/authorization_request_helper.rb +0 -43
  210. data/spec/support/helpers/config_helper.rb +0 -11
  211. data/spec/support/helpers/model_helper.rb +0 -78
  212. data/spec/support/helpers/request_spec_helper.rb +0 -110
  213. data/spec/support/helpers/url_helper.rb +0 -62
  214. data/spec/support/orm/active_record.rb +0 -5
  215. data/spec/support/shared/controllers_shared_context.rb +0 -133
  216. data/spec/support/shared/hashing_shared_context.rb +0 -36
  217. data/spec/support/shared/models_shared_examples.rb +0 -56
  218. data/spec/validators/redirect_uri_validator_spec.rb +0 -183
  219. data/spec/version/version_spec.rb +0 -17
@@ -1,16 +0,0 @@
1
- # frozen_string_literal: true
2
-
3
- require "spec_helper"
4
-
5
- describe "ActionController::Metal API" do
6
- before do
7
- @client = FactoryBot.create(:application)
8
- @resource = User.create!(name: "Joe", password: "sekret")
9
- @token = client_is_authorized(@client, @resource)
10
- end
11
-
12
- it "client requests protected resource with valid token" do
13
- get "/metal.json?access_token=#{@token.token}"
14
- should_have_json "ok", true
15
- end
16
- end
@@ -1,83 +0,0 @@
1
- # frozen_string_literal: true
2
-
3
- require "spec_helper"
4
-
5
- feature "Private API" do
6
- background do
7
- @client = FactoryBot.create(:application)
8
- @resource = User.create!(name: "Joe", password: "sekret")
9
- @token = client_is_authorized(@client, @resource)
10
- end
11
-
12
- scenario "client requests protected resource with valid token" do
13
- with_access_token_header @token.token
14
- visit "/full_protected_resources"
15
- expect(page.body).to have_content("index")
16
- end
17
-
18
- scenario "client requests protected resource with disabled header authentication" do
19
- config_is_set :access_token_methods, [:from_access_token_param]
20
- with_access_token_header @token.token
21
- visit "/full_protected_resources"
22
- response_status_should_be 401
23
- end
24
-
25
- scenario "client attempts to request protected resource with invalid token" do
26
- with_access_token_header "invalid"
27
- visit "/full_protected_resources"
28
- response_status_should_be 401
29
- end
30
-
31
- scenario "client attempts to request protected resource with expired token" do
32
- @token.update_attribute :expires_in, -100 # expires token
33
- with_access_token_header @token.token
34
- visit "/full_protected_resources"
35
- response_status_should_be 401
36
- end
37
-
38
- scenario "client requests protected resource with permanent token" do
39
- @token.update_attribute :expires_in, nil # never expires
40
- with_access_token_header @token.token
41
- visit "/full_protected_resources"
42
- expect(page.body).to have_content("index")
43
- end
44
-
45
- scenario "access token with no default scopes" do
46
- Doorkeeper.configuration.instance_eval do
47
- @default_scopes = Doorkeeper::OAuth::Scopes.from_array([:public])
48
- @scopes = default_scopes + optional_scopes
49
- end
50
- @token.update_attribute :scopes, "dummy"
51
- with_access_token_header @token.token
52
- visit "/full_protected_resources"
53
- response_status_should_be 403
54
- end
55
-
56
- scenario "access token with no allowed scopes" do
57
- @token.update_attribute :scopes, nil
58
- with_access_token_header @token.token
59
- visit "/full_protected_resources/1.json"
60
- response_status_should_be 403
61
- end
62
-
63
- scenario "access token with one of allowed scopes" do
64
- @token.update_attribute :scopes, "admin"
65
- with_access_token_header @token.token
66
- visit "/full_protected_resources/1.json"
67
- expect(page.body).to have_content("show")
68
- end
69
-
70
- scenario "access token with another of allowed scopes" do
71
- @token.update_attribute :scopes, "write"
72
- with_access_token_header @token.token
73
- visit "/full_protected_resources/1.json"
74
- expect(page.body).to have_content("show")
75
- end
76
-
77
- scenario "access token with both allowed scopes" do
78
- @token.update_attribute :scopes, "write admin"
79
- with_access_token_header @token.token
80
- visit "/full_protected_resources/1.json"
81
- expect(page.body).to have_content("show")
82
- end
83
- end
@@ -1,133 +0,0 @@
1
- # frozen_string_literal: true
2
-
3
- require "spec_helper"
4
-
5
- describe "Custom controller for routes" do
6
- before :all do
7
- Doorkeeper.configure do
8
- orm DOORKEEPER_ORM
9
- end
10
-
11
- Rails.application.routes.disable_clear_and_finalize = true
12
-
13
- Rails.application.routes.draw do
14
- scope "inner_space" do
15
- use_doorkeeper scope: "scope" do
16
- controllers authorizations: "custom_authorizations",
17
- tokens: "custom_authorizations",
18
- applications: "custom_authorizations",
19
- token_info: "custom_authorizations"
20
-
21
- as authorizations: "custom_auth",
22
- tokens: "custom_token",
23
- token_info: "custom_token_info"
24
- end
25
- end
26
-
27
- scope "space" do
28
- use_doorkeeper do
29
- controllers authorizations: "custom_authorizations",
30
- tokens: "custom_authorizations",
31
- applications: "custom_authorizations",
32
- token_info: "custom_authorizations"
33
-
34
- as authorizations: "custom_auth",
35
- tokens: "custom_token",
36
- token_info: "custom_token_info"
37
- end
38
- end
39
-
40
- scope "outer_space" do
41
- use_doorkeeper do
42
- controllers authorizations: "custom_authorizations",
43
- tokens: "custom_authorizations",
44
- token_info: "custom_authorizations"
45
-
46
- as authorizations: "custom_auth",
47
- tokens: "custom_token",
48
- token_info: "custom_token_info"
49
-
50
- skip_controllers :tokens, :applications, :token_info
51
- end
52
- end
53
- end
54
- end
55
-
56
- after :all do
57
- Rails.application.routes.clear!
58
-
59
- load File.expand_path("../dummy/config/routes.rb", __dir__)
60
- end
61
-
62
- it "GET /inner_space/scope/authorize routes to custom authorizations controller" do
63
- expect(get("/inner_space/scope/authorize")).to route_to("custom_authorizations#new")
64
- end
65
-
66
- it "POST /inner_space/scope/authorize routes to custom authorizations controller" do
67
- expect(post("/inner_space/scope/authorize")).to route_to("custom_authorizations#create")
68
- end
69
-
70
- it "DELETE /inner_space/scope/authorize routes to custom authorizations controller" do
71
- expect(delete("/inner_space/scope/authorize")).to route_to("custom_authorizations#destroy")
72
- end
73
-
74
- it "POST /inner_space/scope/token routes to tokens controller" do
75
- expect(post("/inner_space/scope/token")).to route_to("custom_authorizations#create")
76
- end
77
-
78
- it "GET /inner_space/scope/applications routes to applications controller" do
79
- expect(get("/inner_space/scope/applications")).to route_to("custom_authorizations#index")
80
- end
81
-
82
- it "GET /inner_space/scope/token/info routes to the token_info controller" do
83
- expect(get("/inner_space/scope/token/info")).to route_to("custom_authorizations#show")
84
- end
85
-
86
- it "GET /space/oauth/authorize routes to custom authorizations controller" do
87
- expect(get("/space/oauth/authorize")).to route_to("custom_authorizations#new")
88
- end
89
-
90
- it "POST /space/oauth/authorize routes to custom authorizations controller" do
91
- expect(post("/space/oauth/authorize")).to route_to("custom_authorizations#create")
92
- end
93
-
94
- it "DELETE /space/oauth/authorize routes to custom authorizations controller" do
95
- expect(delete("/space/oauth/authorize")).to route_to("custom_authorizations#destroy")
96
- end
97
-
98
- it "POST /space/oauth/token routes to tokens controller" do
99
- expect(post("/space/oauth/token")).to route_to("custom_authorizations#create")
100
- end
101
-
102
- it "POST /space/oauth/revoke routes to tokens controller" do
103
- expect(post("/space/oauth/revoke")).to route_to("custom_authorizations#revoke")
104
- end
105
-
106
- it "POST /space/oauth/introspect routes to tokens controller" do
107
- expect(post("/space/oauth/introspect")).to route_to("custom_authorizations#introspect")
108
- end
109
-
110
- it "GET /space/oauth/applications routes to applications controller" do
111
- expect(get("/space/oauth/applications")).to route_to("custom_authorizations#index")
112
- end
113
-
114
- it "GET /space/oauth/token/info routes to the token_info controller" do
115
- expect(get("/space/oauth/token/info")).to route_to("custom_authorizations#show")
116
- end
117
-
118
- it "POST /outer_space/oauth/token is not be routable" do
119
- expect(post("/outer_space/oauth/token")).not_to be_routable
120
- end
121
-
122
- it "GET /outer_space/oauth/authorize routes to custom authorizations controller" do
123
- expect(get("/outer_space/oauth/authorize")).to be_routable
124
- end
125
-
126
- it "GET /outer_space/oauth/applications is not routable" do
127
- expect(get("/outer_space/oauth/applications")).not_to be_routable
128
- end
129
-
130
- it "GET /outer_space/oauth/token_info is not routable" do
131
- expect(get("/outer_space/oauth/token/info")).not_to be_routable
132
- end
133
- end
@@ -1,41 +0,0 @@
1
- # frozen_string_literal: true
2
-
3
- require "spec_helper"
4
-
5
- describe "Default routes" do
6
- it "GET /oauth/authorize routes to authorizations controller" do
7
- expect(get("/oauth/authorize")).to route_to("doorkeeper/authorizations#new")
8
- end
9
-
10
- it "POST /oauth/authorize routes to authorizations controller" do
11
- expect(post("/oauth/authorize")).to route_to("doorkeeper/authorizations#create")
12
- end
13
-
14
- it "DELETE /oauth/authorize routes to authorizations controller" do
15
- expect(delete("/oauth/authorize")).to route_to("doorkeeper/authorizations#destroy")
16
- end
17
-
18
- it "POST /oauth/token routes to tokens controller" do
19
- expect(post("/oauth/token")).to route_to("doorkeeper/tokens#create")
20
- end
21
-
22
- it "POST /oauth/revoke routes to tokens controller" do
23
- expect(post("/oauth/revoke")).to route_to("doorkeeper/tokens#revoke")
24
- end
25
-
26
- it "POST /oauth/introspect routes to tokens controller" do
27
- expect(post("/oauth/introspect")).to route_to("doorkeeper/tokens#introspect")
28
- end
29
-
30
- it "GET /oauth/applications routes to applications controller" do
31
- expect(get("/oauth/applications")).to route_to("doorkeeper/applications#index")
32
- end
33
-
34
- it "GET /oauth/authorized_applications routes to authorized applications controller" do
35
- expect(get("/oauth/authorized_applications")).to route_to("doorkeeper/authorized_applications#index")
36
- end
37
-
38
- it "GET /oauth/token/info route to authorized TokenInfo controller" do
39
- expect(get("/oauth/token/info")).to route_to("doorkeeper/token_info#show")
40
- end
41
- end
@@ -1,47 +0,0 @@
1
- # frozen_string_literal: true
2
-
3
- require "spec_helper"
4
-
5
- describe "Scoped routes" do
6
- before :all do
7
- Rails.application.routes.disable_clear_and_finalize = true
8
-
9
- Rails.application.routes.draw do
10
- use_doorkeeper scope: "scope"
11
- end
12
- end
13
-
14
- after :all do
15
- Rails.application.routes.clear!
16
-
17
- load File.expand_path("../dummy/config/routes.rb", __dir__)
18
- end
19
-
20
- it "GET /scope/authorize routes to authorizations controller" do
21
- expect(get("/scope/authorize")).to route_to("doorkeeper/authorizations#new")
22
- end
23
-
24
- it "POST /scope/authorize routes to authorizations controller" do
25
- expect(post("/scope/authorize")).to route_to("doorkeeper/authorizations#create")
26
- end
27
-
28
- it "DELETE /scope/authorize routes to authorizations controller" do
29
- expect(delete("/scope/authorize")).to route_to("doorkeeper/authorizations#destroy")
30
- end
31
-
32
- it "POST /scope/token routes to tokens controller" do
33
- expect(post("/scope/token")).to route_to("doorkeeper/tokens#create")
34
- end
35
-
36
- it "GET /scope/applications routes to applications controller" do
37
- expect(get("/scope/applications")).to route_to("doorkeeper/applications#index")
38
- end
39
-
40
- it "GET /scope/authorized_applications routes to authorized applications controller" do
41
- expect(get("/scope/authorized_applications")).to route_to("doorkeeper/authorized_applications#index")
42
- end
43
-
44
- it "GET /scope/token/info route to authorized TokenInfo controller" do
45
- expect(get("/scope/token/info")).to route_to("doorkeeper/token_info#show")
46
- end
47
- end
data/spec/spec_helper.rb DELETED
@@ -1,54 +0,0 @@
1
- # frozen_string_literal: true
2
-
3
- require "coveralls"
4
-
5
- Coveralls.wear!("rails") do
6
- add_filter("/spec/")
7
- add_filter("/lib/generators/doorkeeper/templates/")
8
- end
9
-
10
- ENV["RAILS_ENV"] ||= "test"
11
-
12
- $LOAD_PATH.unshift File.dirname(__FILE__)
13
-
14
- require "#{File.dirname(__FILE__)}/support/doorkeeper_rspec.rb"
15
-
16
- DOORKEEPER_ORM = Doorkeeper::RSpec.detect_orm
17
-
18
- require "dummy/config/environment"
19
- require "rspec/rails"
20
- require "capybara/rspec"
21
- require "database_cleaner"
22
- require "generator_spec/test_case"
23
-
24
- # Load JRuby SQLite3 if in that platform
25
- if defined? JRUBY_VERSION
26
- require "jdbc/sqlite3"
27
- Jdbc::SQLite3.load_driver
28
- end
29
-
30
- Doorkeeper::RSpec.print_configuration_info
31
-
32
- require "support/orm/#{DOORKEEPER_ORM}"
33
-
34
- Dir["#{File.dirname(__FILE__)}/support/{dependencies,helpers,shared}/*.rb"].sort.each { |file| require file }
35
-
36
- RSpec.configure do |config|
37
- config.infer_spec_type_from_file_location!
38
- config.mock_with :rspec
39
-
40
- config.infer_base_class_for_anonymous_controllers = false
41
-
42
- config.include RSpec::Rails::RequestExampleGroup, type: :request
43
-
44
- config.before do
45
- DatabaseCleaner.start
46
- Doorkeeper.configure { orm DOORKEEPER_ORM }
47
- end
48
-
49
- config.after do
50
- DatabaseCleaner.clean
51
- end
52
-
53
- config.order = "random"
54
- end
@@ -1,4 +0,0 @@
1
- # frozen_string_literal: true
2
-
3
- # For compatibility only
4
- require "spec_helper"
@@ -1,4 +0,0 @@
1
- # frozen_string_literal: true
2
-
3
- require "factory_bot"
4
- FactoryBot.find_definitions
@@ -1,22 +0,0 @@
1
- # frozen_string_literal: true
2
-
3
- module Doorkeeper
4
- class RSpec
5
- # Print's useful information about env: Ruby / Rails versions,
6
- # Doorkeeper configuration, etc.
7
- def self.print_configuration_info
8
- puts <<-INFO.strip_heredoc
9
- ====> Doorkeeper ORM: '#{Doorkeeper.configuration.orm}'
10
- ====> Doorkeeper version: #{Doorkeeper.gem_version}
11
- ====> Rails version: #{::Rails.version}
12
- ====> Ruby version: #{RUBY_VERSION} on #{RUBY_PLATFORM}
13
- INFO
14
- end
15
-
16
- # Tries to find ORM from the Gemfile used to run test suite
17
- def self.detect_orm
18
- orm = (ENV["BUNDLE_GEMFILE"] || "").match(/Gemfile\.(.+)\.rb/)
19
- (orm && orm[1] || ENV["ORM"] || :active_record).to_sym
20
- end
21
- end
22
- end
@@ -1,14 +0,0 @@
1
- # frozen_string_literal: true
2
-
3
- module AccessTokenRequestHelper
4
- def client_is_authorized(client, resource_owner, access_token_attributes = {})
5
- attributes = {
6
- application: client,
7
- resource_owner_id: resource_owner.id,
8
- resource_owner_type: resource_owner.class.name,
9
- }.merge(access_token_attributes)
10
- FactoryBot.create(:access_token, attributes)
11
- end
12
- end
13
-
14
- RSpec.configuration.send :include, AccessTokenRequestHelper
@@ -1,43 +0,0 @@
1
- # frozen_string_literal: true
2
-
3
- module AuthorizationRequestHelper
4
- def resource_owner_is_authenticated(resource_owner = nil)
5
- resource_owner ||= User.create!(name: "Joe", password: "sekret")
6
- Doorkeeper.config.instance_variable_set(:@authenticate_resource_owner, proc { resource_owner })
7
- end
8
-
9
- def resource_owner_is_not_authenticated
10
- Doorkeeper.config.instance_variable_set(:@authenticate_resource_owner, proc { redirect_to("/sign_in") })
11
- end
12
-
13
- def default_scopes_exist(*scopes)
14
- Doorkeeper.config.instance_variable_set(:@default_scopes, Doorkeeper::OAuth::Scopes.from_array(scopes))
15
- end
16
-
17
- def optional_scopes_exist(*scopes)
18
- Doorkeeper.config.instance_variable_set(:@optional_scopes, Doorkeeper::OAuth::Scopes.from_array(scopes))
19
- end
20
-
21
- def client_should_be_authorized(client)
22
- expect(client.access_grants.size).to eq(1)
23
- end
24
-
25
- def client_should_not_be_authorized(client)
26
- expect(client.size).to eq(0)
27
- end
28
-
29
- def i_should_be_on_client_callback(client)
30
- expect(client.redirect_uri).to eq("#{current_uri.scheme}://#{current_uri.host}#{current_uri.path}")
31
- end
32
-
33
- def allowing_forgery_protection(&_block)
34
- original_value = ActionController::Base.allow_forgery_protection
35
- ActionController::Base.allow_forgery_protection = true
36
-
37
- yield
38
- ensure
39
- ActionController::Base.allow_forgery_protection = original_value
40
- end
41
- end
42
-
43
- RSpec.configuration.send :include, AuthorizationRequestHelper