doorkeeper 0.1.1 → 0.2.0

data/README.md

@@ -4,9 +4,9 @@
 
 Doorkeeper is a gem that makes it easy to introduce OAuth 2 provider functionality to your application.
 
-So far it supports only Authorization Code flow, but we will [gradually introduce other flows](https://github.com/applicake/doorkeeper/wiki/Supported-Features).
+The gem is under constant development. It is based in the [version 22 of the OAuth specification](http://tools.ietf.org/html/draft-ietf-oauth-v2-22) and it still does not support all OAuth features.
 
-For more information about OAuth 2 go to [OAuth 2 Specs (Draft)](http://tools.ietf.org/html/draft-ietf-oauth-v2-22).
+For more information about the supported features, check out the related [page in the wiki](https://github.com/applicake/doorkeeper/wiki/Supported-Features). For more information about OAuth 2 go to [OAuth 2 Specs (Draft)](http://tools.ietf.org/html/draft-ietf-oauth-v2-22).
 
 ## Installation
 
@@ -20,13 +20,13 @@ Run the installation generator with:
 
     rails generate doorkeeper:install
 
-This will generate the doorkeeper initializer and the oauth tables migration. Don't forget to run the migration in your application:
+This will generate the doorkeeper initializer and the OAuth tables migration. Don't forget to run the migration in your application:
 
     rake db:migrate
 
 ## Configuration
 
-The installation will mount the Doorkeeper routes to your app like this:
+The installation script will automatically add the Doorkeeper routes into your app, like this:
 
 ``` ruby
 Rails.application.routes.draw do
@@ -53,7 +53,7 @@ Doorkeeper.configure do
 end
 ```
 
-If you use devise, you may want to use warden to authenticate the block:
+If you use [devise](https://github.com/plataformatec/devise), you may want to use warden to authenticate the block:
 
 ``` ruby
 resource_owner_authenticator do |routes|
@@ -61,15 +61,17 @@ resource_owner_authenticator do |routes|
 end
 ```
 
-## Protecting resources (a.k.a your API endpoint)
+## Protecting resources with OAuth (a.k.a your API endpoint)
 
-In your api controller, add the `doorkeeper_for` to require the oauth token:
+To protect your API with OAuth, doorkeeper only requires you to call `doorkeeper_for` helper, specifying the actions you want to protect.
+
+For example, if you have a products controller under api/v1, you can require the OAuth authentication with:
 
 ``` ruby
-class Api::V1::ProtectedResourcesController < Api::V1::ApiController
-  doorkeeper_for :all              # Require access token for all actions
-  doorkeeper_for :only   => :index # Only for index action
-  doorkeeper_for :except => :show  # All actions except show
+class Api::V1::ProductsController < Api::V1::ApiController
+  doorkeeper_for :all                     # Require access token for all actions
+  doorkeeper_for :all, :except => :index  # All actions except show
+  doorkeeper_for :index, :show            # Only for index and show action
 
   # your actions
 end
@@ -77,16 +79,29 @@ end
 
 You don't need to setup any before filter, `doorkeeper_for` will handle that for you.
 
-## Authenticated resource owner
+### Access Token Scopes
+
+You can also require the access token to have specific scopes in certain actions:
+
+```ruby
+class Api::V1::ProductsController < Api::V1::ApiController
+  doorkeeper_for :index, :show,    :scopes => [:public]
+  doorkeeper_for :update, :create, :scopes => [:admin, :write]
+end
+```
+
+For a more detailed explanation about scopes usage, check out the related [page in the wiki](https://github.com/applicake/doorkeeper/wiki/Using-Scopes).
+
+### Authenticated resource owner
 
-If you want to return data based on the current resource owner for example, the access token user credentials, you'll need to define a method in your controller to return the resource owner instance:
+If you want to return data based on the current resource owner, in other words, the access token owner, you may want to define a method in your controller that returns the resource owner instance:
 
 ``` ruby
 class Api::V1::CredentialsController < Api::V1::ApiController
   doorkeeper_for :all
   respond_to     :json
 
-  # GET /api/v1/me.json
+  # GET /me.json
   def me
     respond_with current_resource_owner
   end
@@ -100,6 +115,8 @@ class Api::V1::CredentialsController < Api::V1::ApiController
 end
 ```
 
+In this example, we're returning the credentials (`me.json`) of the access token owner.
+
 ## Other resources
 
 ### Live demo
@@ -119,3 +136,14 @@ Also, check out our [contributing guidelines page](https://github.com/applicake/
 ### Supported ruby versions
 
 All supported ruby versions are [listed here](https://github.com/applicake/doorkeeper/wiki/Supported-Ruby-versions)
+
+## Additional information
+
+### Maintainers
+
+- Felipe Elias Philipp ([github.com/felipeelias](https://github.com/felipeelias))
+- Piotr Jakubowski ([github.com/piotrj](https://github.com/piotrj))
+
+### License
+
+MIT License. Copyright 2011 Applicake. [http://applicake.com](http://applicake.com)

data/Rakefile

@@ -26,7 +26,7 @@ desc 'Default: run specs.'
 task :default => :spec
 
 desc "Run all specs"
-RSpec::Core::RakeTask.new(:spec => "app:test:prepare")
+RSpec::Core::RakeTask.new(:spec)
 
 namespace :doorkeeper do
   desc "Install doorkeeper in dummy app"

data/app/assets/stylesheets/doorkeeper/application.css

@@ -13,3 +13,7 @@ body {
 .inline_block {
   display: inline-block;
 }
+
+table td {
+  vertical-align: middle;
+}

data/app/controllers/doorkeeper/application_controller.rb

@@ -7,11 +7,11 @@ module Doorkeeper
     end
 
     def current_resource_owner
-      instance_exec(main_app, &Doorkeeper.authenticate_resource_owner)
+      instance_exec(main_app, &Doorkeeper.configuration.authenticate_resource_owner)
     end
 
     def authenticate_admin!
-      if block = Doorkeeper.authenticate_admin
+      if block = Doorkeeper.configuration.authenticate_admin
         instance_exec(main_app, &block)
       end
     end

data/app/controllers/doorkeeper/application_controller.rbc

@@ -276,7 +276,7 @@ x
 22
 current_resource_owner
 i
-26
+29
 5
 5
 48
@@ -287,20 +287,23 @@ i
 49
 3
 0
+49
+4
+0
 13
 70
 10
-21
+24
 44
 43
-4
+5
 12
 49
-5
+6
 1
 47
 50
-6
+7
 1
 11
 I
@@ -313,7 +316,7 @@ I
 0
 n
 p
-7
+8
 x
 8
 main_app
@@ -322,6 +325,9 @@ x
 Doorkeeper
 n
 x
+13
+configuration
+x
 27
 authenticate_resource_owner
 x
@@ -344,7 +350,7 @@ I
 I
 a
 I
-1a
+1d
 x
 92
 /Users/felipeelias/Applicake/doorkeeper/app/controllers/doorkeeper/application_controller.rb
@@ -361,40 +367,43 @@ x
 19
 authenticate_admin!
 i
-35
+38
 45
 0
 1
 49
 2
 0
+49
+3
+0
 19
 0
 9
-33
+36
 5
 5
 48
-3
+4
 20
 0
 13
 70
 10
-27
+30
 44
 43
-4
+5
 12
 49
-5
+6
 1
 47
 50
-6
+7
 1
 8
-34
+37
 1
 11
 I
@@ -407,12 +416,15 @@ I
 0
 n
 p
-7
+8
 x
 10
 Doorkeeper
 n
 x
+13
+configuration
+x
 18
 authenticate_admin
 x
@@ -438,19 +450,19 @@ I
 I
 e
 I
-a
+d
 I
 f
 I
-21
+24
 I
 e
 I
-22
+25
 I
 0
 I
-23
+26
 x
 92
 /Users/felipeelias/Applicake/doorkeeper/app/controllers/doorkeeper/application_controller.rb

data/app/controllers/doorkeeper/authorizations_controller.rbc

@@ -180,7 +180,7 @@ x
 3
 new
 i
-19
+47
 5
 48
 0
@@ -188,16 +188,44 @@ i
 1
 0
 9
-11
+39
+5
+48
+0
+49
+2
+0
+9
+36
+5
+48
+0
+49
+3
+0
+15
+5
+5
+48
+0
+49
+4
+0
+47
+49
+5
 1
 8
-18
+37
+1
+8
+46
 5
 7
-2
+6
 47
 49
-3
+7
 1
 11
 I
@@ -210,7 +238,7 @@ I
 0
 n
 p
-4
+8
 x
 13
 authorization
@@ -218,13 +246,25 @@ x
 6
 valid?
 x
+20
+access_token_exists?
+x
+9
+authorize
+x
+20
+success_redirect_uri
+x
+11
+redirect_to
+x
 5
 error
 x
 6
 render
 p
-7
+19
 I
 -1
 I
@@ -234,11 +274,35 @@ I
 I
 5
 I
-12
+8
+I
+6
+I
+10
+I
+7
+I
+17
+I
+8
+I
+24
+I
+6
+I
+25
 I
 0
 I
-13
+27
+I
+b
+I
+2e
+I
+0
+I
+2f
 x
 95
 /Users/felipeelias/Applicake/doorkeeper/app/controllers/doorkeeper/authorizations_controller.rb
@@ -325,19 +389,19 @@ p
 I
 -1
 I
-8
+f
 I
 0
 I
-9
+10
 I
 8
 I
-a
+11
 I
 15
 I
-c
+13
 I
 1c
 I
@@ -408,15 +472,15 @@ p
 I
 -1
 I
-10
+17
 I
 0
 I
-11
+18
 I
 7
 I
-12
+19
 I
 13
 x
@@ -532,11 +596,11 @@ p
 I
 -1
 I
-17
+1e
 I
 0
 I
-18
+1f
 I
 31
 x
@@ -557,19 +621,19 @@ I
 I
 18
 I
-8
+f
 I
 26
 I
-10
+17
 I
 34
 I
-15
+1c
 I
 38
 I
-17
+1e
 I
 46
 x