doorkeeper 5.4.0.rc1 → 5.5.0

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.


This version of doorkeeper might be problematic. Click here for more details.

Files changed (219) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +108 -9
  3. data/README.md +4 -4
  4. data/app/controllers/doorkeeper/applications_controller.rb +3 -3
  5. data/app/controllers/doorkeeper/authorizations_controller.rb +16 -5
  6. data/app/controllers/doorkeeper/authorized_applications_controller.rb +1 -1
  7. data/app/controllers/doorkeeper/token_info_controller.rb +12 -2
  8. data/app/controllers/doorkeeper/tokens_controller.rb +34 -26
  9. data/app/views/doorkeeper/applications/_form.html.erb +1 -1
  10. data/app/views/doorkeeper/applications/show.html.erb +16 -12
  11. data/app/views/doorkeeper/authorizations/form_post.html.erb +11 -0
  12. data/config/locales/en.yml +3 -1
  13. data/lib/doorkeeper.rb +6 -1
  14. data/lib/doorkeeper/config.rb +109 -78
  15. data/lib/doorkeeper/config/abstract_builder.rb +1 -1
  16. data/lib/doorkeeper/config/option.rb +1 -3
  17. data/lib/doorkeeper/config/validations.rb +53 -0
  18. data/lib/doorkeeper/engine.rb +1 -1
  19. data/lib/doorkeeper/grant_flow.rb +45 -0
  20. data/lib/doorkeeper/grant_flow/fallback_flow.rb +15 -0
  21. data/lib/doorkeeper/grant_flow/flow.rb +44 -0
  22. data/lib/doorkeeper/grant_flow/registry.rb +50 -0
  23. data/lib/doorkeeper/helpers/controller.rb +8 -4
  24. data/lib/doorkeeper/models/access_grant_mixin.rb +12 -7
  25. data/lib/doorkeeper/models/access_token_mixin.rb +12 -8
  26. data/lib/doorkeeper/models/application_mixin.rb +5 -4
  27. data/lib/doorkeeper/models/concerns/revocable.rb +1 -1
  28. data/lib/doorkeeper/oauth/authorization/code.rb +5 -1
  29. data/lib/doorkeeper/oauth/authorization/context.rb +5 -5
  30. data/lib/doorkeeper/oauth/authorization/token.rb +11 -5
  31. data/lib/doorkeeper/oauth/authorization/uri_builder.rb +1 -1
  32. data/lib/doorkeeper/oauth/authorization_code_request.rb +10 -17
  33. data/lib/doorkeeper/oauth/base_request.rb +1 -1
  34. data/lib/doorkeeper/oauth/client_credentials/creator.rb +3 -2
  35. data/lib/doorkeeper/oauth/client_credentials/issuer.rb +1 -0
  36. data/lib/doorkeeper/oauth/client_credentials/validator.rb +3 -1
  37. data/lib/doorkeeper/oauth/code_request.rb +2 -2
  38. data/lib/doorkeeper/oauth/code_response.rb +17 -11
  39. data/lib/doorkeeper/oauth/error_response.rb +4 -3
  40. data/lib/doorkeeper/oauth/helpers/scope_checker.rb +1 -3
  41. data/lib/doorkeeper/oauth/password_access_token_request.rb +21 -2
  42. data/lib/doorkeeper/oauth/pre_authorization.rb +37 -11
  43. data/lib/doorkeeper/oauth/refresh_token_request.rb +13 -0
  44. data/lib/doorkeeper/oauth/token.rb +4 -5
  45. data/lib/doorkeeper/oauth/token_introspection.rb +1 -5
  46. data/lib/doorkeeper/oauth/token_request.rb +1 -1
  47. data/lib/doorkeeper/orm/active_record.rb +5 -6
  48. data/lib/doorkeeper/orm/active_record/mixins/access_grant.rb +12 -2
  49. data/lib/doorkeeper/orm/active_record/mixins/access_token.rb +10 -2
  50. data/lib/doorkeeper/orm/active_record/mixins/application.rb +76 -10
  51. data/lib/doorkeeper/orm/active_record/redirect_uri_validator.rb +5 -0
  52. data/lib/doorkeeper/rails/routes.rb +1 -3
  53. data/lib/doorkeeper/rake/db.rake +3 -3
  54. data/lib/doorkeeper/rake/setup.rake +5 -0
  55. data/lib/doorkeeper/request.rb +49 -12
  56. data/lib/doorkeeper/request/refresh_token.rb +2 -1
  57. data/lib/doorkeeper/server.rb +1 -1
  58. data/lib/doorkeeper/stale_records_cleaner.rb +4 -4
  59. data/lib/doorkeeper/version.rb +2 -6
  60. data/lib/generators/doorkeeper/templates/add_owner_to_application_migration.rb.erb +1 -1
  61. data/lib/generators/doorkeeper/templates/initializer.rb +9 -7
  62. data/lib/generators/doorkeeper/templates/migration.rb.erb +12 -5
  63. metadata +25 -306
  64. data/Appraisals +0 -26
  65. data/CODE_OF_CONDUCT.md +0 -46
  66. data/CONTRIBUTING.md +0 -49
  67. data/Dangerfile +0 -67
  68. data/Dockerfile +0 -29
  69. data/Gemfile +0 -25
  70. data/NEWS.md +0 -1
  71. data/RELEASING.md +0 -11
  72. data/Rakefile +0 -28
  73. data/SECURITY.md +0 -15
  74. data/UPGRADE.md +0 -2
  75. data/bin/console +0 -30
  76. data/doorkeeper.gemspec +0 -42
  77. data/gemfiles/rails_5_0.gemfile +0 -19
  78. data/gemfiles/rails_5_1.gemfile +0 -19
  79. data/gemfiles/rails_5_2.gemfile +0 -19
  80. data/gemfiles/rails_6_0.gemfile +0 -19
  81. data/gemfiles/rails_master.gemfile +0 -19
  82. data/spec/controllers/application_metal_controller_spec.rb +0 -64
  83. data/spec/controllers/applications_controller_spec.rb +0 -274
  84. data/spec/controllers/authorizations_controller_spec.rb +0 -743
  85. data/spec/controllers/protected_resources_controller_spec.rb +0 -361
  86. data/spec/controllers/token_info_controller_spec.rb +0 -50
  87. data/spec/controllers/tokens_controller_spec.rb +0 -499
  88. data/spec/dummy/Rakefile +0 -9
  89. data/spec/dummy/app/assets/config/manifest.js +0 -2
  90. data/spec/dummy/app/controllers/application_controller.rb +0 -5
  91. data/spec/dummy/app/controllers/custom_authorizations_controller.rb +0 -9
  92. data/spec/dummy/app/controllers/full_protected_resources_controller.rb +0 -14
  93. data/spec/dummy/app/controllers/home_controller.rb +0 -18
  94. data/spec/dummy/app/controllers/metal_controller.rb +0 -13
  95. data/spec/dummy/app/controllers/semi_protected_resources_controller.rb +0 -13
  96. data/spec/dummy/app/helpers/application_helper.rb +0 -7
  97. data/spec/dummy/app/models/user.rb +0 -11
  98. data/spec/dummy/app/views/home/index.html.erb +0 -0
  99. data/spec/dummy/app/views/layouts/application.html.erb +0 -14
  100. data/spec/dummy/config.ru +0 -6
  101. data/spec/dummy/config/application.rb +0 -51
  102. data/spec/dummy/config/boot.rb +0 -7
  103. data/spec/dummy/config/database.yml +0 -15
  104. data/spec/dummy/config/environment.rb +0 -5
  105. data/spec/dummy/config/environments/development.rb +0 -31
  106. data/spec/dummy/config/environments/production.rb +0 -64
  107. data/spec/dummy/config/environments/test.rb +0 -45
  108. data/spec/dummy/config/initializers/backtrace_silencers.rb +0 -9
  109. data/spec/dummy/config/initializers/doorkeeper.rb +0 -166
  110. data/spec/dummy/config/initializers/secret_token.rb +0 -10
  111. data/spec/dummy/config/initializers/session_store.rb +0 -10
  112. data/spec/dummy/config/initializers/wrap_parameters.rb +0 -16
  113. data/spec/dummy/config/locales/doorkeeper.en.yml +0 -5
  114. data/spec/dummy/config/routes.rb +0 -13
  115. data/spec/dummy/db/migrate/20111122132257_create_users.rb +0 -11
  116. data/spec/dummy/db/migrate/20120312140401_add_password_to_users.rb +0 -7
  117. data/spec/dummy/db/migrate/20151223192035_create_doorkeeper_tables.rb +0 -69
  118. data/spec/dummy/db/migrate/20151223200000_add_owner_to_application.rb +0 -9
  119. data/spec/dummy/db/migrate/20160320211015_add_previous_refresh_token_to_access_tokens.rb +0 -13
  120. data/spec/dummy/db/migrate/20170822064514_enable_pkce.rb +0 -8
  121. data/spec/dummy/db/migrate/20180210183654_add_confidential_to_applications.rb +0 -13
  122. data/spec/dummy/db/schema.rb +0 -70
  123. data/spec/dummy/public/404.html +0 -26
  124. data/spec/dummy/public/422.html +0 -26
  125. data/spec/dummy/public/500.html +0 -26
  126. data/spec/dummy/public/favicon.ico +0 -0
  127. data/spec/dummy/script/rails +0 -9
  128. data/spec/factories.rb +0 -30
  129. data/spec/generators/application_owner_generator_spec.rb +0 -28
  130. data/spec/generators/confidential_applications_generator_spec.rb +0 -29
  131. data/spec/generators/enable_polymorphic_resource_owner_generator_spec.rb +0 -47
  132. data/spec/generators/install_generator_spec.rb +0 -36
  133. data/spec/generators/migration_generator_spec.rb +0 -28
  134. data/spec/generators/pkce_generator_spec.rb +0 -28
  135. data/spec/generators/previous_refresh_token_generator_spec.rb +0 -44
  136. data/spec/generators/templates/routes.rb +0 -4
  137. data/spec/generators/views_generator_spec.rb +0 -29
  138. data/spec/grape/grape_integration_spec.rb +0 -137
  139. data/spec/helpers/doorkeeper/dashboard_helper_spec.rb +0 -26
  140. data/spec/lib/config_spec.rb +0 -813
  141. data/spec/lib/doorkeeper_spec.rb +0 -27
  142. data/spec/lib/models/expirable_spec.rb +0 -61
  143. data/spec/lib/models/reusable_spec.rb +0 -40
  144. data/spec/lib/models/revocable_spec.rb +0 -58
  145. data/spec/lib/models/scopes_spec.rb +0 -61
  146. data/spec/lib/models/secret_storable_spec.rb +0 -135
  147. data/spec/lib/oauth/authorization/uri_builder_spec.rb +0 -39
  148. data/spec/lib/oauth/authorization_code_request_spec.rb +0 -180
  149. data/spec/lib/oauth/base_request_spec.rb +0 -210
  150. data/spec/lib/oauth/base_response_spec.rb +0 -45
  151. data/spec/lib/oauth/client/credentials_spec.rb +0 -90
  152. data/spec/lib/oauth/client_credentials/creator_spec.rb +0 -135
  153. data/spec/lib/oauth/client_credentials/issuer_spec.rb +0 -110
  154. data/spec/lib/oauth/client_credentials/validation_spec.rb +0 -57
  155. data/spec/lib/oauth/client_credentials_integration_spec.rb +0 -27
  156. data/spec/lib/oauth/client_credentials_request_spec.rb +0 -108
  157. data/spec/lib/oauth/client_spec.rb +0 -38
  158. data/spec/lib/oauth/code_request_spec.rb +0 -46
  159. data/spec/lib/oauth/code_response_spec.rb +0 -36
  160. data/spec/lib/oauth/error_response_spec.rb +0 -64
  161. data/spec/lib/oauth/error_spec.rb +0 -21
  162. data/spec/lib/oauth/forbidden_token_response_spec.rb +0 -20
  163. data/spec/lib/oauth/helpers/scope_checker_spec.rb +0 -110
  164. data/spec/lib/oauth/helpers/unique_token_spec.rb +0 -21
  165. data/spec/lib/oauth/helpers/uri_checker_spec.rb +0 -262
  166. data/spec/lib/oauth/invalid_request_response_spec.rb +0 -73
  167. data/spec/lib/oauth/invalid_token_response_spec.rb +0 -53
  168. data/spec/lib/oauth/password_access_token_request_spec.rb +0 -201
  169. data/spec/lib/oauth/pre_authorization_spec.rb +0 -218
  170. data/spec/lib/oauth/refresh_token_request_spec.rb +0 -166
  171. data/spec/lib/oauth/scopes_spec.rb +0 -146
  172. data/spec/lib/oauth/token_request_spec.rb +0 -164
  173. data/spec/lib/oauth/token_response_spec.rb +0 -84
  174. data/spec/lib/oauth/token_spec.rb +0 -156
  175. data/spec/lib/option_spec.rb +0 -51
  176. data/spec/lib/request/strategy_spec.rb +0 -54
  177. data/spec/lib/secret_storing/base_spec.rb +0 -60
  178. data/spec/lib/secret_storing/bcrypt_spec.rb +0 -49
  179. data/spec/lib/secret_storing/plain_spec.rb +0 -44
  180. data/spec/lib/secret_storing/sha256_hash_spec.rb +0 -48
  181. data/spec/lib/server_spec.rb +0 -49
  182. data/spec/lib/stale_records_cleaner_spec.rb +0 -102
  183. data/spec/models/doorkeeper/access_grant_spec.rb +0 -175
  184. data/spec/models/doorkeeper/access_token_spec.rb +0 -650
  185. data/spec/models/doorkeeper/application_spec.rb +0 -442
  186. data/spec/requests/applications/applications_request_spec.rb +0 -259
  187. data/spec/requests/applications/authorized_applications_spec.rb +0 -32
  188. data/spec/requests/endpoints/authorization_spec.rb +0 -91
  189. data/spec/requests/endpoints/token_spec.rb +0 -79
  190. data/spec/requests/flows/authorization_code_errors_spec.rb +0 -82
  191. data/spec/requests/flows/authorization_code_spec.rb +0 -530
  192. data/spec/requests/flows/client_credentials_spec.rb +0 -207
  193. data/spec/requests/flows/implicit_grant_errors_spec.rb +0 -46
  194. data/spec/requests/flows/implicit_grant_spec.rb +0 -91
  195. data/spec/requests/flows/password_spec.rb +0 -316
  196. data/spec/requests/flows/refresh_token_spec.rb +0 -241
  197. data/spec/requests/flows/revoke_token_spec.rb +0 -196
  198. data/spec/requests/flows/skip_authorization_spec.rb +0 -66
  199. data/spec/requests/protected_resources/metal_spec.rb +0 -16
  200. data/spec/requests/protected_resources/private_api_spec.rb +0 -83
  201. data/spec/routing/custom_controller_routes_spec.rb +0 -133
  202. data/spec/routing/default_routes_spec.rb +0 -41
  203. data/spec/routing/scoped_routes_spec.rb +0 -47
  204. data/spec/spec_helper.rb +0 -54
  205. data/spec/spec_helper_integration.rb +0 -4
  206. data/spec/support/dependencies/factory_bot.rb +0 -4
  207. data/spec/support/doorkeeper_rspec.rb +0 -22
  208. data/spec/support/helpers/access_token_request_helper.rb +0 -14
  209. data/spec/support/helpers/authorization_request_helper.rb +0 -43
  210. data/spec/support/helpers/config_helper.rb +0 -11
  211. data/spec/support/helpers/model_helper.rb +0 -78
  212. data/spec/support/helpers/request_spec_helper.rb +0 -110
  213. data/spec/support/helpers/url_helper.rb +0 -62
  214. data/spec/support/orm/active_record.rb +0 -5
  215. data/spec/support/shared/controllers_shared_context.rb +0 -133
  216. data/spec/support/shared/hashing_shared_context.rb +0 -36
  217. data/spec/support/shared/models_shared_examples.rb +0 -56
  218. data/spec/validators/redirect_uri_validator_spec.rb +0 -183
  219. data/spec/version/version_spec.rb +0 -17
data/spec/dummy/Rakefile DELETED
@@ -1,9 +0,0 @@
1
- #!/usr/bin/env rake
2
- # frozen_string_literal: true
3
-
4
- # Add your own tasks in files placed in lib/tasks ending in .rake,
5
- # for example lib/tasks/capistrano.rake, and they will automatically be available to Rake.
6
-
7
- require File.expand_path("config/application", __dir__)
8
-
9
- Dummy::Application.load_tasks
@@ -1,2 +0,0 @@
1
- // JS and CSS bundles
2
- //
@@ -1,5 +0,0 @@
1
- # frozen_string_literal: true
2
-
3
- class ApplicationController < ActionController::Base
4
- protect_from_forgery with: :exception
5
- end
@@ -1,9 +0,0 @@
1
- # frozen_string_literal: true
2
-
3
- class CustomAuthorizationsController < ::ApplicationController
4
- %w[index show new create edit update destroy].each do |action|
5
- define_method action do
6
- render nothing: true
7
- end
8
- end
9
- end
@@ -1,14 +0,0 @@
1
- # frozen_string_literal: true
2
-
3
- class FullProtectedResourcesController < ApplicationController
4
- before_action -> { doorkeeper_authorize! :write, :admin }, only: :show
5
- before_action :doorkeeper_authorize!, only: :index
6
-
7
- def index
8
- render plain: "index"
9
- end
10
-
11
- def show
12
- render plain: "show"
13
- end
14
- end
@@ -1,18 +0,0 @@
1
- # frozen_string_literal: true
2
-
3
- class HomeController < ApplicationController
4
- def index; end
5
-
6
- def sign_in
7
- session[:user_id] = if Rails.env.development?
8
- User.first || User.create!(name: "Joe", password: "sekret")
9
- else
10
- User.first
11
- end
12
- redirect_to "/"
13
- end
14
-
15
- def callback
16
- render plain: "ok"
17
- end
18
- end
@@ -1,13 +0,0 @@
1
- # frozen_string_literal: true
2
-
3
- class MetalController < ActionController::Metal
4
- include AbstractController::Callbacks
5
- include ActionController::Head
6
- include Doorkeeper::Rails::Helpers
7
-
8
- before_action :doorkeeper_authorize!
9
-
10
- def index
11
- self.response_body = { ok: true }.to_json
12
- end
13
- end
@@ -1,13 +0,0 @@
1
- # frozen_string_literal: true
2
-
3
- class SemiProtectedResourcesController < ApplicationController
4
- before_action :doorkeeper_authorize!, only: :index
5
-
6
- def index
7
- render plain: "protected index"
8
- end
9
-
10
- def show
11
- render plain: "non protected show"
12
- end
13
- end
@@ -1,7 +0,0 @@
1
- # frozen_string_literal: true
2
-
3
- module ApplicationHelper
4
- def current_user
5
- @current_user ||= User.find_by(id: session[:user_id])
6
- end
7
- end
@@ -1,11 +0,0 @@
1
- # frozen_string_literal: true
2
-
3
- class ApplicationRecord < ::ActiveRecord::Base
4
- self.abstract_class = true
5
- end
6
-
7
- class User < ApplicationRecord
8
- def self.authenticate!(name, password)
9
- User.where(name: name, password: password).first
10
- end
11
- end
File without changes
@@ -1,14 +0,0 @@
1
- <!DOCTYPE html>
2
- <html>
3
- <head>
4
- <title>Dummy</title>
5
- <%= csrf_meta_tags %>
6
- </head>
7
- <body>
8
-
9
- <%= link_to "Sign in", '/sign_in' %>
10
-
11
- <%= yield %>
12
-
13
- </body>
14
- </html>
data/spec/dummy/config.ru DELETED
@@ -1,6 +0,0 @@
1
- # frozen_string_literal: true
2
-
3
- # This file is used by Rack-based servers to start the application.
4
-
5
- require ::File.expand_path("../config/environment", __FILE__)
6
- run Dummy::Application
@@ -1,51 +0,0 @@
1
- require File.expand_path("boot", __dir__)
2
-
3
- require "rails"
4
-
5
- %w[
6
- action_controller/railtie
7
- action_view/railtie
8
- action_cable/engine
9
- sprockets/railtie
10
- ].each do |railtie|
11
- begin
12
- require railtie
13
- rescue LoadError => e
14
- puts "Error loading '#{railtie}' (#{e.message})"
15
- end
16
- end
17
-
18
- Bundler.require(*Rails.groups)
19
-
20
- require "yaml"
21
-
22
- orm = if DOORKEEPER_ORM =~ /mongoid/
23
- Mongoid.load!(File.join(File.dirname(File.expand_path(__FILE__)), "#{DOORKEEPER_ORM}.yml"))
24
- :mongoid
25
- else
26
- DOORKEEPER_ORM
27
- end
28
- require "#{orm}/railtie"
29
-
30
- module Dummy
31
- class Application < Rails::Application
32
- if Rails.gem_version < Gem::Version.new("5.1")
33
- config.action_controller.per_form_csrf_tokens = true
34
- config.action_controller.forgery_protection_origin_check = true
35
-
36
- ActiveSupport.to_time_preserves_timezone = true
37
-
38
- if DOORKEEPER_ORM =~ /active_record/
39
- config.active_record.belongs_to_required_by_default = true
40
- end
41
-
42
- config.ssl_options = { hsts: { subdomains: true } }
43
- else
44
- config.load_defaults "#{Rails::VERSION::MAJOR}.#{Rails::VERSION::MINOR}"
45
- end
46
-
47
- # Settings in config/environments/* take precedence over those specified here.
48
- # Application configuration should go into files in config/initializers
49
- # -- all .rb files in that directory are automatically loaded.
50
- end
51
- end
@@ -1,7 +0,0 @@
1
- require "rubygems"
2
- require "bundler/setup"
3
-
4
- orm = ENV["BUNDLE_GEMFILE"].match(/Gemfile\.(.+)\.rb/)
5
- DOORKEEPER_ORM = (orm && orm[1]) || :active_record unless defined?(DOORKEEPER_ORM)
6
-
7
- $LOAD_PATH.unshift File.expand_path("../../../lib", __dir__)
@@ -1,15 +0,0 @@
1
- development:
2
- adapter: sqlite3
3
- database: db/development.sqlite3
4
- pool: 5
5
- timeout: 5000
6
-
7
- test:
8
- adapter: sqlite3
9
- database: ":memory:"
10
- timeout: 500
11
-
12
- production:
13
- adapter: sqlite3
14
- database: ":memory:"
15
- timeout: 500
@@ -1,5 +0,0 @@
1
- # Load the rails application
2
- require File.expand_path("application", __dir__)
3
-
4
- # Initialize the rails application
5
- Rails.application.initialize!
@@ -1,31 +0,0 @@
1
- # frozen_string_literal: true
2
-
3
- Dummy::Application.configure do
4
- # Settings specified here will take precedence over those in config/application.rb
5
-
6
- # In the development environment your application's code is reloaded on
7
- # every request. This slows down response time but is perfect for development
8
- # since you don't have to restart the web server when you make code changes.
9
- config.cache_classes = false
10
-
11
- # Show full error reports and disable caching
12
- config.consider_all_requests_local = true
13
- config.action_controller.perform_caching = false
14
-
15
- # Don't care if the mailer can't send
16
- # config.action_mailer.raise_delivery_errors = false
17
-
18
- # Print deprecation notices to the Rails logger
19
- config.active_support.deprecation = :log
20
-
21
- # Only use best-standards-support built into browsers
22
- config.action_dispatch.best_standards_support = :builtin
23
-
24
- # Do not compress assets
25
- config.assets.compress = false
26
-
27
- # Expands the lines which load the assets
28
- config.assets.debug = true
29
-
30
- config.eager_load = false
31
- end
@@ -1,64 +0,0 @@
1
- # frozen_string_literal: true
2
-
3
- Dummy::Application.configure do
4
- # Settings specified here will take precedence over those in config/application.rb
5
-
6
- # Code is not reloaded between requests
7
- config.cache_classes = true
8
-
9
- # Full error reports are disabled and caching is turned on
10
- config.consider_all_requests_local = false
11
- config.action_controller.perform_caching = true
12
-
13
- # Disable Rails's static asset server (Apache or nginx will already do this)
14
- config.serve_static_assets = false
15
-
16
- # Compress JavaScripts and CSS
17
- config.assets.compress = true
18
-
19
- # Don't fallback to assets pipeline if a precompiled asset is missed
20
- config.assets.compile = false
21
-
22
- # Generate digests for assets URLs
23
- config.assets.digest = true
24
-
25
- # Defaults to Rails.root.join("public/assets")
26
- # config.assets.manifest = YOUR_PATH
27
-
28
- # Specifies the header that your server uses for sending files
29
- # config.action_dispatch.x_sendfile_header = "X-Sendfile" # for apache
30
- # config.action_dispatch.x_sendfile_header = 'X-Accel-Redirect' # for nginx
31
-
32
- # Force all access to the app over SSL, use Strict-Transport-Security, and use secure cookies.
33
- # config.force_ssl = true
34
-
35
- # See everything in the log (default is :info)
36
- # config.log_level = :debug
37
-
38
- # Use a different logger for distributed setups
39
- # config.logger = SyslogLogger.new
40
-
41
- # Use a different cache store in production
42
- # config.cache_store = :mem_cache_store
43
-
44
- # Enable serving of images, stylesheets, and JavaScripts from an asset server
45
- # config.action_controller.asset_host = "http://assets.example.com"
46
-
47
- # Precompile additional assets (application.js, application.css, and all non-JS/CSS are already added)
48
- # config.assets.precompile += %w( search.js )
49
-
50
- # Disable delivery errors, bad email addresses will be ignored
51
- # config.action_mailer.raise_delivery_errors = false
52
-
53
- # Enable threaded mode
54
- # config.threadsafe!
55
-
56
- # Enable locale fallbacks for I18n (makes lookups for any locale fall back to
57
- # the I18n.default_locale when a translation can not be found)
58
- config.i18n.fallbacks = true
59
-
60
- # Send deprecation notices to registered listeners
61
- config.active_support.deprecation = :notify
62
-
63
- config.eager_load = true
64
- end
@@ -1,45 +0,0 @@
1
- # frozen_string_literal: true
2
-
3
- Dummy::Application.configure do
4
- # Settings specified here will take precedence over those in config/application.rb
5
-
6
- # The test environment is used exclusively to run your application's
7
- # test suite. You never need to work with it otherwise. Remember that
8
- # your test database is "scratch space" for the test suite and is wiped
9
- # and recreated between test runs. Don't rely on the data there!
10
- config.cache_classes = true
11
-
12
- config.assets.enabled = true
13
- config.assets.version = "1.0"
14
- config.assets.digest = false
15
-
16
- # Do not eager load code on boot. This avoids loading your whole application
17
- # just for the purpose of running a single test. If you are using a tool that
18
- # preloads Rails for running tests, you may have to set it to true.
19
- config.eager_load = false
20
-
21
- # Show full error reports and disable caching
22
- config.consider_all_requests_local = true
23
- config.action_controller.perform_caching = false
24
-
25
- # Raise exceptions instead of rendering exception templates
26
- config.action_dispatch.show_exceptions = false
27
-
28
- # Disable request forgery protection in test environment
29
- config.action_controller.allow_forgery_protection = false
30
-
31
- # Tell Action Mailer not to deliver emails to the real world.
32
- # The :test delivery method accumulates sent emails in the
33
- # ActionMailer::Base.deliveries array.
34
- # config.action_mailer.delivery_method = :test
35
-
36
- # Use SQL instead of Active Record's schema dumper when creating the test database.
37
- # This is necessary if your schema can't be completely dumped by the schema dumper,
38
- # like if you have constraints or database-specific column types
39
- # config.active_record.schema_format = :sql
40
-
41
- # Print deprecation notices to the stderr
42
- config.active_support.deprecation = :stderr
43
-
44
- config.eager_load = true
45
- end
@@ -1,9 +0,0 @@
1
- # frozen_string_literal: true
2
-
3
- # Be sure to restart your server when you modify this file.
4
-
5
- # You can add backtrace silencers for libraries that you're using but don't wish to see in your backtraces.
6
- # Rails.backtrace_cleaner.add_silencer { |line| line =~ /my_noisy_library/ }
7
-
8
- # You can also remove all the silencers if you're trying to debug a problem that might stem from framework code.
9
- # Rails.backtrace_cleaner.remove_silencers!
@@ -1,166 +0,0 @@
1
- # frozen_string_literal: true
2
-
3
- Doorkeeper.configure do
4
- # Change the ORM that doorkeeper will use.
5
- orm DOORKEEPER_ORM
6
-
7
- # This block will be called to check whether the resource owner is authenticated or not.
8
- resource_owner_authenticator do
9
- # Put your resource owner authentication logic here.
10
- User.where(id: session[:user_id]).first || redirect_to(root_url, alert: "Needs sign in.")
11
- end
12
-
13
- # If you didn't skip applications controller from Doorkeeper routes in your application routes.rb
14
- # file then you need to declare this block in order to restrict access to the web interface for
15
- # adding oauth authorized applications. In other case it will return 403 Forbidden response
16
- # every time somebody will try to access the admin web interface.
17
- #
18
- # admin_authenticator do
19
- # # Put your admin authentication logic here.
20
- # # Example implementation:
21
- # Admin.find_by_id(session[:admin_id]) || redirect_to(new_admin_session_url)
22
- # end
23
-
24
- # Authorization Code expiration time (default 10 minutes).
25
- # authorization_code_expires_in 10.minutes
26
-
27
- # Access token expiration time (default 2 hours).
28
- # If you want to disable expiration, set this to nil.
29
- # access_token_expires_in 2.hours
30
-
31
- # Reuse access token for the same resource owner within an application (disabled by default)
32
- # Rationale: https://github.com/doorkeeper-gem/doorkeeper/issues/383
33
- # reuse_access_token
34
-
35
- # Issue access tokens with refresh token (disabled by default)
36
- use_refresh_token
37
-
38
- # Forbids creating/updating applications with arbitrary scopes that are
39
- # not in configuration, i.e. `default_scopes` or `optional_scopes`.
40
- # (disabled by default)
41
- #
42
- # enforce_configured_scopes
43
-
44
- # Provide support for an owner to be assigned to each registered application (disabled by default)
45
- # Optional parameter confirmation: true (default false) if you want to enforce ownership of
46
- # a registered application
47
- # Note: you must also run the rails g doorkeeper:application_owner generator to provide the necessary support
48
- # enable_application_owner confirmation: false
49
-
50
- # Define access token scopes for your provider
51
- # For more information go to
52
- # https://github.com/doorkeeper-gem/doorkeeper/wiki/Using-Scopes
53
- default_scopes :public
54
- optional_scopes :write, :update
55
-
56
- # Change the way client credentials are retrieved from the request object.
57
- # By default it retrieves first from the `HTTP_AUTHORIZATION` header, then
58
- # falls back to the `:client_id` and `:client_secret` params from the `params` object.
59
- # Check out the wiki for more information on customization
60
- # client_credentials :from_basic, :from_params
61
-
62
- # Change the way access token is authenticated from the request object.
63
- # By default it retrieves first from the `HTTP_AUTHORIZATION` header, then
64
- # falls back to the `:access_token` or `:bearer_token` params from the `params` object.
65
- # Check out the wiki for more information on customization
66
- # access_token_methods :from_bearer_authorization, :from_access_token_param, :from_bearer_param
67
-
68
- # Forces the usage of the HTTPS protocol in non-native redirect uris (enabled
69
- # by default in non-development environments). OAuth2 delegates security in
70
- # communication to the HTTPS protocol so it is wise to keep this enabled.
71
- #
72
- # force_ssl_in_redirect_uri !Rails.env.development?
73
-
74
- # Specify what grant flows are enabled in array of Strings. The valid
75
- # strings and the flows they enable are:
76
- #
77
- # "authorization_code" => Authorization Code Grant Flow
78
- # "implicit" => Implicit Grant Flow
79
- # "password" => Resource Owner Password Credentials Grant Flow
80
- # "client_credentials" => Client Credentials Grant Flow
81
- #
82
- # If not specified, Doorkeeper enables authorization_code and
83
- # client_credentials.
84
- #
85
- # implicit and password grant flows have risks that you should understand
86
- # before enabling:
87
- # http://tools.ietf.org/html/rfc6819#section-4.4.2
88
- # http://tools.ietf.org/html/rfc6819#section-4.4.3
89
- #
90
- # grant_flows %w[authorization_code client_credentials]
91
-
92
- # Hook into the strategies' request & response life-cycle in case your
93
- # application needs advanced customization or logging:
94
- #
95
- # before_successful_strategy_response do |request|
96
- # puts "BEFORE HOOK FIRED! #{request}"
97
- # end
98
- #
99
- # after_successful_strategy_response do |request, response|
100
- # puts "AFTER HOOK FIRED! #{request}, #{response}"
101
- # end
102
-
103
- # Under some circumstances you might want to have applications auto-approved,
104
- # so that the user skips the authorization step.
105
- # For example if dealing with a trusted application.
106
- # skip_authorization do |resource_owner, client|
107
- # client.superapp? or resource_owner.admin?
108
- # end
109
-
110
- # Configure custom constraints for the Token Introspection request.
111
- # By default this configuration option allows to introspect a token by another
112
- # token of the same application, OR to introspect the token that belongs to
113
- # authorized client (from authenticated client) OR when token doesn't
114
- # belong to any client (public token). Otherwise requester has no access to the
115
- # introspection and it will return response as stated in the RFC.
116
- #
117
- # Block arguments:
118
- #
119
- # @param token [Doorkeeper::AccessToken]
120
- # token to be introspected
121
- #
122
- # @param authorized_client [Doorkeeper::Application]
123
- # authorized client (if request is authorized using Basic auth with
124
- # Client Credentials for example)
125
- #
126
- # @param authorized_token [Doorkeeper::AccessToken]
127
- # Bearer token used to authorize the request
128
- #
129
- # In case the block returns `nil` or `false` introspection responses with 401 status code
130
- # when using authorized token to introspect, or you'll get 200 with { "active": false } body
131
- # when using authorized client to introspect as stated in the
132
- # RFC 7662 section 2.2. Introspection Response.
133
- #
134
- # Using with caution:
135
- # Keep in mind that these three parameters pass to block can be nil as following case:
136
- # `authorized_client` is nil if and only if `authorized_token` is present, and vice versa.
137
- # `token` will be nil if and only if `authorized_token` is present.
138
- # So remember to use `&` or check if it is present before calling method on
139
- # them to make sure you doesn't get NoMethodError exception.
140
- #
141
- # You can define your custom check:
142
- #
143
- # allow_token_introspection do |token, authorized_client, authorized_token|
144
- # if authorized_token
145
- # # customize: require `introspection` scope
146
- # authorized_token.application == token&.application ||
147
- # authorized_token.scopes.include?("introspection")
148
- # elsif token.application
149
- # # `protected_resource` is a new database boolean column, for example
150
- # authorized_client == token.application || authorized_client.protected_resource?
151
- # else
152
- # # public token (when token.application is nil, token doesn't belong to any application)
153
- # true
154
- # end
155
- # end
156
- #
157
- # Or you can completely disable any token introspection:
158
- #
159
- # allow_token_introspection false
160
- #
161
- # If you need to block the request at all, then configure your routes.rb or web-server
162
- # like nginx to forbid the request.
163
-
164
- # WWW-Authenticate Realm (default "Doorkeeper").
165
- realm "Doorkeeper"
166
- end