doorkeeper 1.0.0.rc1 → 1.0.0.rc2

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.


This version of doorkeeper might be problematic. Click here for more details.

Files changed (32) hide show
  1. checksums.yaml +4 -4
  2. data/.travis.yml +6 -2
  3. data/CHANGELOG.md +4 -2
  4. data/README.md +2 -2
  5. data/app/controllers/doorkeeper/token_info_controller.rb +1 -0
  6. data/app/validators/redirect_uri_validator.rb +11 -5
  7. data/app/views/doorkeeper/applications/_form.html.erb +2 -1
  8. data/app/views/doorkeeper/applications/show.html.erb +4 -2
  9. data/config/locales/en.yml +6 -0
  10. data/lib/doorkeeper.rb +34 -42
  11. data/lib/doorkeeper/config.rb +9 -0
  12. data/lib/doorkeeper/helpers/filter.rb +14 -10
  13. data/lib/doorkeeper/oauth/error_response.rb +16 -1
  14. data/lib/doorkeeper/oauth/helpers/uri_checker.rb +1 -1
  15. data/lib/doorkeeper/oauth/invalid_token_response.rb +27 -0
  16. data/lib/doorkeeper/version.rb +1 -1
  17. data/lib/generators/doorkeeper/templates/initializer.rb +3 -0
  18. data/lib/generators/doorkeeper/templates/migration.rb +2 -2
  19. data/spec/controllers/protected_resources_controller_spec.rb +10 -2
  20. data/spec/controllers/token_info_controller_spec.rb +2 -0
  21. data/spec/controllers/tokens_controller_spec.rb +1 -0
  22. data/spec/dummy/config/application.rb +0 -3
  23. data/spec/dummy/config/initializers/doorkeeper.rb +3 -0
  24. data/spec/dummy/db/schema.rb +2 -2
  25. data/spec/lib/config_spec.rb +14 -0
  26. data/spec/lib/oauth/error_response_spec.rb +14 -0
  27. data/spec/lib/oauth/helpers/uri_checker_spec.rb +18 -0
  28. data/spec/lib/oauth/invalid_token_response_spec.rb +23 -0
  29. data/spec/requests/protected_resources/private_api_spec.rb +1 -1
  30. data/spec/support/shared/controllers_shared_context.rb +1 -1
  31. metadata +28 -27
  32. data/lib/doorkeeper/oauth/authorization.rb +0 -10
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 9c87a791f0146a97560be08975e4e0fd05b72e2d
4
- data.tar.gz: 19030e24765e04a10ef4338dee46b6d9faf13620
3
+ metadata.gz: ae8cc51afce1ad54ec55111bb85b4600ca71cb56
4
+ data.tar.gz: b7428fa37924af29c5966314c80bcc128da798f4
5
5
  SHA512:
6
- metadata.gz: 1a12c6bec0463233f4b7dd69dfc33f88b2a3b42e94fe9fb9bc542c94aadd51f2c39c29f73921616424493d68bc3100f6f937c032119438e72d9a083a4607c13b
7
- data.tar.gz: 1b7ce3260177a092ed16e511750f751ec3f8f172cd372c0b31de46d65eaab2c04a5f7d9524c6344dd5ee73938275651d78181f8a0618fee5fb83cfbd99c9b90b
6
+ metadata.gz: 1134ce61d519eb471479aa670f14ff152628a899a645d4538aea709a23d9a0214558539ff10b66648a206ffc180d745c822a8603800389b3a1b62b8c1719721a
7
+ data.tar.gz: 3224e98b3c233acd314699d83aa722f4cf27540e53fdbed9f64e98fff041d55da3f0678496c3bc921a12621e0c709d63cce6e38308dbb008ba9cae0615e70c67
@@ -1,12 +1,16 @@
1
1
  language: ruby
2
+ before_install:
3
+ - gem install bundler -v '= 1.5.1'
2
4
  rvm:
3
5
  - 1.9.3
4
6
  - 2.0.0
7
+ - 2.1.0
5
8
  env:
6
9
  - rails=3.1.8
7
10
  - rails=3.2.8
8
- - rails=3.2.13
9
- - rails=4.0.0
11
+ - rails=3.2.16
12
+ - rails=4.0.2
13
+ - rails=4.1.0.beta1
10
14
  - orm=mongoid2
11
15
  - orm=mongoid3
12
16
  - orm=mongo_mapper
@@ -1,6 +1,6 @@
1
1
  # Changelog
2
2
 
3
- ## 1.0.0.rc1
3
+ ## 1.0.0.rc2
4
4
 
5
5
  - bug (spec)
6
6
  - [#228] token response `expires_in` value is now in seconds, relative to
@@ -14,11 +14,13 @@
14
14
  the spec.
15
15
  - [#329] access tokens' `scopes` string wa being compared against
16
16
  `default_scopes` symbols, always unauthorizing.
17
+ - [#318] Include "WWW-Authenticate" header with Unauthorized responses
17
18
  - enhancements
18
19
  - [#293] Adds ActionController::Instrumentation in TokensController
20
+ - [#298] Support for multiple redirect_uris added.
19
21
  - [#313] `AccessToken.revoke_all_for` actually revokes all non-revoked
20
22
  tokens for an application/owner instead of deleting them.
21
- [@bryanrite](https://github.com/bryanrite)
23
+ - [#333] Rails 4.1 support
22
24
  - internals
23
25
  - Removes jQuery dependency [fixes #300] [PR #312 is related]
24
26
  - [#294] Client uid and secret will be generated only if not present.
data/README.md CHANGED
@@ -16,8 +16,8 @@ The gem is under constant development. It is based in the [version 22 of the OAu
16
16
 
17
17
  ## Requirements
18
18
 
19
- - Ruby 1.9.3 or 2.0.0
20
- - Rails 3.1, 3.2, 4.0
19
+ - Ruby >1.9.3
20
+ - Rails >3.1
21
21
  - ORM ActiveRecord, Mongoid 2, Mongoid 3, MongoMapper
22
22
 
23
23
  ## Installation
@@ -5,6 +5,7 @@ module Doorkeeper
5
5
  render :json => doorkeeper_token, :status => :ok
6
6
  else
7
7
  error = OAuth::ErrorResponse.new(:name => :invalid_request)
8
+ response.headers.merge!(error.headers)
8
9
  render :json => error.body, :status => error.status
9
10
  end
10
11
  end
@@ -6,11 +6,17 @@ class RedirectUriValidator < ActiveModel::EachValidator
6
6
  end
7
7
 
8
8
  def validate_each(record, attribute, value)
9
- uri = ::URI.parse(value)
10
- return if test_redirect_uri?(uri)
11
- record.errors.add(attribute, :fragment_present) unless uri.fragment.nil?
12
- record.errors.add(attribute, :relative_uri) if uri.scheme.nil? || uri.host.nil?
13
- record.errors.add(attribute, :has_query_parameter) unless uri.query.nil?
9
+ if value.blank?
10
+ record.errors.add(attribute, :blank)
11
+ else
12
+ value.split.each do |val|
13
+ uri = ::URI.parse(val)
14
+ return if test_redirect_uri?(uri)
15
+ record.errors.add(attribute, :fragment_present) unless uri.fragment.nil?
16
+ record.errors.add(attribute, :relative_uri) if uri.scheme.nil? || uri.host.nil?
17
+ record.errors.add(attribute, :has_query_parameter) unless uri.query.nil?
18
+ end
19
+ end
14
20
  rescue URI::InvalidURIError
15
21
  record.errors.add(attribute, :invalid_uri)
16
22
  end
@@ -15,8 +15,9 @@
15
15
  <div class="clearfix">
16
16
  <%= f.label :redirect_uri %>
17
17
  <div class="input">
18
- <%= f.text_field :redirect_uri %>
18
+ <%= f.text_area :redirect_uri %>
19
19
  <%= errors_for application, :redirect_uri %>
20
+ <span class="help-inline">Please use one line per URI.</span>
20
21
  <% if Doorkeeper.configuration.test_redirect_uri %>
21
22
  <span class="help-inline">Use <%= Doorkeeper.configuration.test_redirect_uri %> for local tests</span>
22
23
  <% end %>
@@ -5,8 +5,10 @@
5
5
  </div>
6
6
 
7
7
  <div class="span10">
8
- <h4>Callback url:</h4>
9
- <p><code id="callback_url"><%= @application.redirect_uri %></code></p>
8
+ <h4>Callback urls:</h4>
9
+ <p id="callback_url">
10
+ <% @application.redirect_uri.split.each do |uri| %><code><%= uri %></code> <% end %>
11
+ </p>
10
12
 
11
13
  <h4>Application Id:</h4>
12
14
  <p><code id="application_id"><%= @application.uid %></code></p>
@@ -55,6 +55,12 @@ en:
55
55
 
56
56
  # Password Access token errors
57
57
  invalid_resource_owner: 'The provided resource owner credentials are not valid, or resource owner cannot be found'
58
+
59
+ invalid_token:
60
+ revoked: "The access token was revoked"
61
+ expired: "The access token expired"
62
+ unknown: "The access token is invalid"
63
+
58
64
  flash:
59
65
  applications:
60
66
  create:
@@ -6,50 +6,42 @@ require "doorkeeper/doorkeeper_for"
6
6
  require 'doorkeeper/errors'
7
7
  require 'doorkeeper/server'
8
8
  require 'doorkeeper/request'
9
+ require "doorkeeper/validations"
10
+
11
+ require "doorkeeper/oauth/authorization/code"
12
+ require "doorkeeper/oauth/authorization/token"
13
+ require "doorkeeper/oauth/authorization/uri_builder"
14
+ require "doorkeeper/oauth/helpers/scope_checker"
15
+ require "doorkeeper/oauth/helpers/uri_checker"
16
+ require "doorkeeper/oauth/helpers/unique_token"
17
+
18
+ require "doorkeeper/oauth/scopes"
19
+ require "doorkeeper/oauth/error"
20
+ require "doorkeeper/oauth/code_response"
21
+ require "doorkeeper/oauth/token_response"
22
+ require "doorkeeper/oauth/error_response"
23
+ require "doorkeeper/oauth/pre_authorization"
24
+ require "doorkeeper/oauth/authorization_code_request"
25
+ require "doorkeeper/oauth/refresh_token_request"
26
+ require "doorkeeper/oauth/password_access_token_request"
27
+ require "doorkeeper/oauth/client_credentials_request"
28
+ require "doorkeeper/oauth/code_request"
29
+ require "doorkeeper/oauth/token_request"
30
+ require "doorkeeper/oauth/client"
31
+ require "doorkeeper/oauth/token"
32
+ require "doorkeeper/oauth/invalid_token_response"
33
+
34
+ require 'doorkeeper/models/scopes'
35
+ require 'doorkeeper/models/expirable'
36
+ require 'doorkeeper/models/revocable'
37
+ require 'doorkeeper/models/accessible'
38
+
39
+ require "doorkeeper/helpers/filter"
40
+ require "doorkeeper/helpers/controller"
41
+
42
+ require "doorkeeper/rails/routes"
9
43
 
10
44
  module Doorkeeper
11
- autoload :Validations, "doorkeeper/validations"
12
-
13
- module OAuth
14
- autoload :Scopes, "doorkeeper/oauth/scopes"
15
- autoload :Error, "doorkeeper/oauth/error"
16
- autoload :CodeResponse, "doorkeeper/oauth/code_response"
17
- autoload :TokenResponse, "doorkeeper/oauth/token_response"
18
- autoload :ErrorResponse, "doorkeeper/oauth/error_response"
19
- autoload :PreAuthorization, "doorkeeper/oauth/pre_authorization"
20
- autoload :AuthorizationCodeRequest, "doorkeeper/oauth/authorization_code_request"
21
- autoload :RefreshTokenRequest, "doorkeeper/oauth/refresh_token_request"
22
- autoload :PasswordAccessTokenRequest, "doorkeeper/oauth/password_access_token_request"
23
- autoload :ClientCredentialsRequest, "doorkeeper/oauth/client_credentials_request"
24
- autoload :Authorization, "doorkeeper/oauth/authorization"
25
- autoload :CodeRequest, "doorkeeper/oauth/code_request"
26
- autoload :TokenRequest, "doorkeeper/oauth/token_request"
27
- autoload :Client, "doorkeeper/oauth/client"
28
- autoload :Token, "doorkeeper/oauth/token"
29
-
30
- module Helpers
31
- autoload :ScopeChecker, "doorkeeper/oauth/helpers/scope_checker"
32
- autoload :URIChecker, "doorkeeper/oauth/helpers/uri_checker"
33
- autoload :UniqueToken, "doorkeeper/oauth/helpers/unique_token"
34
- end
35
- end
36
-
37
- module Models
38
- autoload :Scopes, 'doorkeeper/models/scopes'
39
- autoload :Expirable, 'doorkeeper/models/expirable'
40
- autoload :Revocable, 'doorkeeper/models/revocable'
41
- autoload :Accessible, 'doorkeeper/models/accessible'
42
- end
43
-
44
- module Helpers
45
- autoload :Filter, "doorkeeper/helpers/filter"
46
- autoload :Controller, "doorkeeper/helpers/controller"
47
- end
48
-
49
- module Rails
50
- autoload :Routes, "doorkeeper/rails/routes"
51
- end
52
-
53
45
  def self.configured?
54
46
  @config.present?
55
47
  end
@@ -68,6 +68,10 @@ module Doorkeeper
68
68
  def use_refresh_token
69
69
  @config.instance_variable_set("@refresh_token_enabled", true)
70
70
  end
71
+
72
+ def realm(realm)
73
+ @config.instance_variable_set("@realm", realm)
74
+ end
71
75
  end
72
76
 
73
77
  module Option
@@ -154,6 +158,7 @@ module Doorkeeper
154
158
  option :orm, :default => :active_record
155
159
  option :test_redirect_uri, :default => 'urn:ietf:wg:oauth:2.0:oob'
156
160
  option :active_record_options, :default => {}
161
+ option :realm, :default => "Doorkeeper"
157
162
 
158
163
  def refresh_token_enabled?
159
164
  !!@refresh_token_enabled
@@ -190,5 +195,9 @@ module Doorkeeper
190
195
  def access_token_methods
191
196
  @access_token_methods ||= [:from_bearer_authorization, :from_access_token_param, :from_bearer_param]
192
197
  end
198
+
199
+ def realm
200
+ @realm ||= "Doorkeeper"
201
+ end
193
202
  end
194
203
  end
@@ -6,15 +6,18 @@ module Doorkeeper
6
6
  doorkeeper_for = DoorkeeperForBuilder.create_doorkeeper_for(*args)
7
7
 
8
8
  before_filter doorkeeper_for.filter_options do
9
- return if doorkeeper_for.validate_token(doorkeeper_token)
10
- # TODO: use ErrorRespose class for this
11
- render_options = doorkeeper_unauthorized_render_options
12
- if render_options.nil? || render_options.empty?
13
- head :unauthorized
14
- else
15
- render_options[:status] = :unauthorized
16
- render_options[:layout] = false if render_options[:layout].nil?
17
- render render_options
9
+ unless doorkeeper_for.validate_token(doorkeeper_token)
10
+ render_options = doorkeeper_unauthorized_render_options
11
+ @error = OAuth::InvalidTokenResponse.from_access_token(doorkeeper_token)
12
+ headers.merge!(@error.headers.reject {|k, v| ['Content-Type'].include? k })
13
+
14
+ if render_options.nil? || render_options.empty?
15
+ head :unauthorized
16
+ else
17
+ render_options[:status] = :unauthorized
18
+ render_options[:layout] = false if render_options[:layout].nil?
19
+ render render_options
20
+ end
18
21
  end
19
22
  end
20
23
  end
@@ -26,8 +29,9 @@ module Doorkeeper
26
29
  end
27
30
 
28
31
  def doorkeeper_token
32
+ return @token if instance_variable_defined?(:@token)
29
33
  methods = Doorkeeper.configuration.access_token_methods
30
- @token ||= OAuth::Token.authenticate request, *methods
34
+ @token = OAuth::Token.authenticate request, *methods
31
35
  end
32
36
 
33
37
  def doorkeeper_unauthorized_render_options
@@ -36,8 +36,23 @@ module Doorkeeper
36
36
  end
37
37
  end
38
38
 
39
+ def authenticate_info
40
+ %{Bearer realm="#{realm}", error="#{name}", error_description="#{description}"}
41
+ end
42
+
39
43
  def headers
40
- { 'Cache-Control' => 'no-store', 'Pragma' => 'no-cache', 'Content-Type' => 'application/json; charset=utf-8' }
44
+ { 'Cache-Control' => 'no-store',
45
+ 'Pragma' => 'no-cache',
46
+ 'Content-Type' => 'application/json; charset=utf-8',
47
+ 'WWW-Authenticate' => authenticate_info }
48
+ end
49
+
50
+ protected
51
+
52
+ delegate :realm, :to => :configuration
53
+
54
+ def configuration
55
+ Doorkeeper.configuration
41
56
  end
42
57
  end
43
58
  end
@@ -16,7 +16,7 @@ module Doorkeeper
16
16
  end
17
17
 
18
18
  def self.valid_for_authorization?(url, client_url)
19
- valid?(url) && matches?(url, client_url)
19
+ valid?(url) && client_url.split.any?{|other_url| matches?(url, other_url) }
20
20
  end
21
21
 
22
22
  def self.as_uri(url)
@@ -0,0 +1,27 @@
1
+ module Doorkeeper
2
+ module OAuth
3
+ class InvalidTokenResponse < ErrorResponse
4
+ def self.from_access_token(access_token, attributes = {})
5
+ reason = case
6
+ when access_token.try(:revoked?)
7
+ :revoked
8
+ when access_token.try(:expired?)
9
+ :expired
10
+ else
11
+ :unknown
12
+ end
13
+
14
+ new(attributes.merge(:reason => reason))
15
+ end
16
+
17
+ def initialize(attributes = {})
18
+ super(attributes.merge(:name => :invalid_token, :state => :unauthorized))
19
+ @reason = attributes[:reason] || :unknown
20
+ end
21
+
22
+ def description
23
+ @description ||= I18n.translate @reason, :scope => [:doorkeeper, :errors, :messages, :invalid_token]
24
+ end
25
+ end
26
+ end
27
+ end
@@ -1,3 +1,3 @@
1
1
  module Doorkeeper
2
- VERSION = '1.0.0.rc1'
2
+ VERSION = '1.0.0.rc2'
3
3
  end
@@ -64,4 +64,7 @@ Doorkeeper.configure do
64
64
  # skip_authorization do |resource_owner, client|
65
65
  # client.superapp? or resource_owner.admin?
66
66
  # end
67
+
68
+ # WWW-Authenticate Realm (default "Doorkeeper").
69
+ # realm "Doorkeeper"
67
70
  end
@@ -4,7 +4,7 @@ class CreateDoorkeeperTables < ActiveRecord::Migration
4
4
  t.string :name, :null => false
5
5
  t.string :uid, :null => false
6
6
  t.string :secret, :null => false
7
- t.string :redirect_uri, :null => false, :limit => 2048
7
+ t.text :redirect_uri, :null => false
8
8
  t.timestamps
9
9
  end
10
10
 
@@ -15,7 +15,7 @@ class CreateDoorkeeperTables < ActiveRecord::Migration
15
15
  t.integer :application_id, :null => false
16
16
  t.string :token, :null => false
17
17
  t.integer :expires_in, :null => false
18
- t.string :redirect_uri, :null => false, :limit => 2048
18
+ t.text :redirect_uri, :null => false
19
19
  t.datetime :created_at, :null => false
20
20
  t.datetime :revoked_at
21
21
  t.string :scopes
@@ -29,6 +29,7 @@ shared_examples "specified for particular actions" do
29
29
  it "does not allow into index action" do
30
30
  get :index, :access_token => token_string
31
31
  expect(response.status).to eq 401
32
+ expect(response.headers["WWW-Authenticate"]).to match(/^Bearer/)
32
33
  end
33
34
 
34
35
  it "allows into show action" do
@@ -60,6 +61,7 @@ shared_examples "specified with except" do
60
61
  it "does not allow into show action" do
61
62
  get :show, :id => "14", :access_token => token_string
62
63
  expect(response.status).to eq 401
64
+ expect(response.headers["WWW-Authenticate"]).to match(/^Bearer/)
63
65
  end
64
66
  end
65
67
  end
@@ -102,6 +104,7 @@ describe "Doorkeeper_for helper" do
102
104
  Doorkeeper::AccessToken.should_receive(:authenticate).exactly(2).times
103
105
  request.env["HTTP_AUTHORIZATION"] = "Bearer #{token_string}"
104
106
  get :index
107
+ controller.send(:remove_instance_variable, :@token)
105
108
  get :index
106
109
  end
107
110
  end
@@ -129,11 +132,13 @@ describe "Doorkeeper_for helper" do
129
132
  it "does not allow into index action" do
130
133
  get :index, :access_token => token_string
131
134
  expect(response.status).to eq 401
135
+ expect(response.header["WWW-Authenticate"]).to match(/^Bearer/)
132
136
  end
133
137
 
134
138
  it "does not allow into show action" do
135
139
  get :show, :id => "4", :access_token => token_string
136
140
  expect(response.status).to eq 401
141
+ expect(response.header["WWW-Authenticate"]).to match(/^Bearer/)
137
142
  end
138
143
  end
139
144
  end
@@ -153,7 +158,6 @@ describe "Doorkeeper_for helper" do
153
158
 
154
159
  include ControllerActions
155
160
  end
156
-
157
161
  include_examples "specified with except"
158
162
  end
159
163
 
@@ -174,10 +178,11 @@ describe "Doorkeeper_for helper" do
174
178
  end
175
179
 
176
180
  it "does not allow if the token does not include given scope" do
177
- token = double(Doorkeeper::AccessToken, :accessible? => true, :scopes => ['public'])
181
+ token = double(Doorkeeper::AccessToken, :accessible? => true, :scopes => ['public'], :revoked? => false, :expired? => false)
178
182
  Doorkeeper::AccessToken.should_receive(:authenticate).with(token_string).and_return(token)
179
183
  get :index, :access_token => token_string
180
184
  expect(response.status).to eq 401
185
+ expect(response.header["WWW-Authenticate"]).to match(/^Bearer/)
181
186
  end
182
187
  end
183
188
 
@@ -197,6 +202,7 @@ describe "Doorkeeper_for helper" do
197
202
  get :index, :access_token => token_string
198
203
  expect(response.status).to eq 401
199
204
  expect(response.content_type).to eq('application/json')
205
+ expect(response.header["WWW-Authenticate"]).to match(/^Bearer/)
200
206
  parsed_body = JSON.parse(response.body)
201
207
  expect(parsed_body).not_to be_nil
202
208
  expect(parsed_body['error']).to eq('Unauthorized')
@@ -213,6 +219,7 @@ describe "Doorkeeper_for helper" do
213
219
  get :index, :access_token => token_string
214
220
  expect(response.status).to eq 401
215
221
  expect(response.content_type).to eq('text/html')
222
+ expect(response.header["WWW-Authenticate"]).to match(/^Bearer/)
216
223
  expect(response.body.should).to eq('Unauthorized')
217
224
  end
218
225
  end
@@ -256,6 +263,7 @@ describe "Doorkeeper_for helper" do
256
263
  it "does not enable access if passed block evaluates to true" do
257
264
  get :show, :id => 3, :access_token => token_string
258
265
  expect(response.status).to eq 401
266
+ expect(response.header["WWW-Authenticate"]).to match(/^Bearer/)
259
267
  end
260
268
  end
261
269
  end
@@ -34,6 +34,7 @@ describe Doorkeeper::TokenInfoController do
34
34
  it "responds with 401 when doorkeeper_token is not valid" do
35
35
  do_get
36
36
  expect(response.status).to eq 401
37
+ expect(response.headers["WWW-Authenticate"]).to match(/^Bearer/)
37
38
  end
38
39
 
39
40
  it "responds with 401 when doorkeeper_token is invalid, expired or revoked" do
@@ -41,6 +42,7 @@ describe Doorkeeper::TokenInfoController do
41
42
  doorkeeper_token.stub(:accessible? => false)
42
43
  do_get
43
44
  expect(response.status).to eq 401
45
+ expect(response.headers["WWW-Authenticate"]).to match(/^Bearer/)
44
46
  end
45
47
 
46
48
  it "responds body message for error" do
@@ -31,6 +31,7 @@ describe Doorkeeper::TokensController do
31
31
  token.stub(:error_response => double(:to_json => [], :status => :unauthorized))
32
32
  post :create
33
33
  expect(response.status).to eq 401
34
+ expect(response.headers["WWW-Authenticate"]).to match(/Bearer/)
34
35
  end
35
36
  end
36
37
  end
@@ -20,9 +20,6 @@ module Dummy
20
20
  # Application configuration should go into files in config/initializers
21
21
  # -- all .rb files in that directory are automatically loaded.
22
22
 
23
- # Custom directories with classes and modules you want to be autoloadable.
24
- # config.autoload_paths += %W(#{config.root}/extras)
25
-
26
23
  # Only load the plugins named here, in the order given (default is alphabetical).
27
24
  # :all can be used as a placeholder for all plugins not explicitly named.
28
25
  # config.plugins = [ :exception_notification, :ssl_requirement, :all ]
@@ -53,4 +53,7 @@ Doorkeeper.configure do
53
53
  # (Similar behaviour: https://developers.google.com/accounts/docs/OAuth2InstalledApp#choosingredirecturi)
54
54
  #
55
55
  # test_redirect_uri 'urn:ietf:wg:oauth:2.0:oob'
56
+
57
+ # WWW-Authenticate Realm (default "Doorkeeper").
58
+ realm "Doorkeeper"
56
59
  end
@@ -18,7 +18,7 @@ ActiveRecord::Schema.define(:version => 20130902175349) do
18
18
  t.integer "application_id", :null => false
19
19
  t.string "token", :null => false
20
20
  t.integer "expires_in", :null => false
21
- t.string "redirect_uri", :limit => 2048, :null => false
21
+ t.text "redirect_uri", :null => false
22
22
  t.datetime "created_at", :null => false
23
23
  t.datetime "revoked_at"
24
24
  t.string "scopes"
@@ -45,7 +45,7 @@ ActiveRecord::Schema.define(:version => 20130902175349) do
45
45
  t.string "name", :null => false
46
46
  t.string "uid", :null => false
47
47
  t.string "secret", :null => false
48
- t.string "redirect_uri", :limit => 2048, :null => false
48
+ t.text "redirect_uri", :null => false
49
49
  t.datetime "created_at", :null => false
50
50
  t.datetime "updated_at", :null => false
51
51
  t.integer "owner_id"
@@ -153,6 +153,20 @@ describe Doorkeeper, "configuration" do
153
153
 
154
154
  end
155
155
 
156
+ describe "realm" do
157
+ it "is \"Doorkeeper\" by default" do
158
+ Doorkeeper.configuration.realm.should == "Doorkeeper"
159
+ end
160
+
161
+ it "can change the value" do
162
+ Doorkeeper.configure {
163
+ orm DOORKEEPER_ORM
164
+ realm "Example"
165
+ }
166
+ subject.realm.should == "Example"
167
+ end
168
+ end
169
+
156
170
  it 'raises an exception when configuration is not set' do
157
171
  old_config = Doorkeeper.configuration
158
172
  Doorkeeper.module_eval do
@@ -36,5 +36,19 @@ module Doorkeeper::OAuth
36
36
  its(:body) { should have_key(:error_description) }
37
37
  its(:body) { should have_key(:state) }
38
38
  end
39
+
40
+ describe '.authenticate_info' do
41
+ subject { ErrorResponse.new(:name => :some_error, :state => :some_state) }
42
+
43
+ its(:authenticate_info) { should include("realm=\"#{subject.realm}\"") }
44
+ its(:authenticate_info) { should include("error=\"#{subject.name}\"") }
45
+ its(:authenticate_info) { should include("error_description=\"#{subject.description}\"") }
46
+ end
47
+
48
+ describe '.headers' do
49
+ subject { ErrorResponse.new(:name => :some_error, :state => :some_state) }
50
+
51
+ its(:headers) { should include "WWW-Authenticate" }
52
+ end
39
53
  end
40
54
  end
@@ -59,6 +59,24 @@ module Doorkeeper::OAuth::Helpers
59
59
  uri = client_uri = 'http://app.co/aaa'
60
60
  URIChecker.valid_for_authorization?(uri, client_uri).should be_true
61
61
  end
62
+
63
+ it "is false if valid and mismatches" do
64
+ uri = 'http://app.co/aaa'
65
+ client_uri = 'http://app.co/bbb'
66
+ URIChecker.valid_for_authorization?(uri, client_uri).should be_false
67
+ end
68
+
69
+ it "is true if valid and included in array" do
70
+ uri = 'http://app.co/aaa'
71
+ client_uri = "http://example.com/bbb\nhttp://app.co/aaa"
72
+ URIChecker.valid_for_authorization?(uri, client_uri).should be_true
73
+ end
74
+
75
+ it "is false if valid and not included in array" do
76
+ uri = 'http://app.co/aaa'
77
+ client_uri = "http://example.com/bbb\nhttp://app.co/cc"
78
+ URIChecker.valid_for_authorization?(uri, client_uri).should be_false
79
+ end
62
80
  end
63
81
  end
64
82
  end
@@ -0,0 +1,23 @@
1
+ require 'spec_helper'
2
+ require 'active_model'
3
+ require 'doorkeeper'
4
+ require 'doorkeeper/oauth/invalid_token_response'
5
+
6
+ module Doorkeeper::OAuth
7
+ describe InvalidTokenResponse do
8
+ its(:name) { should == :invalid_token }
9
+ its(:status) { should == :unauthorized }
10
+
11
+ describe :from_access_token do
12
+ it 'revoked' do
13
+ response = InvalidTokenResponse.from_access_token double(:revoked? => true, :expired? => true)
14
+ response.description.should include("revoked")
15
+ end
16
+
17
+ it 'expired' do
18
+ response = InvalidTokenResponse.from_access_token double(:revoked? => false, :expired? => true)
19
+ response.description.should include("expired")
20
+ end
21
+ end
22
+ end
23
+ end
@@ -50,7 +50,7 @@ feature 'Private API' do
50
50
 
51
51
  scenario 'access token with default scope' do
52
52
  default_scopes_exist :admin
53
- @token.update_column :scopes, :admin
53
+ @token.update_column :scopes, 'admin'
54
54
  with_access_token_header @token.token
55
55
  visit '/full_protected_resources/1.json'
56
56
  page.body.should have_content("show")
@@ -18,7 +18,7 @@ shared_context "invalid token", :token => :invalid do
18
18
  end
19
19
 
20
20
  let :token do
21
- double(Doorkeeper::AccessToken, :accessible? => false)
21
+ double(Doorkeeper::AccessToken, :accessible? => false, :revoked? => false, :expired? => false)
22
22
  end
23
23
 
24
24
  before :each do
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: doorkeeper
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.0.0.rc1
4
+ version: 1.0.0.rc2
5
5
  platform: ruby
6
6
  authors:
7
7
  - Felipe Elias Philipp
@@ -9,132 +9,132 @@ authors:
9
9
  autorequire:
10
10
  bindir: bin
11
11
  cert_chain: []
12
- date: 2013-12-11 00:00:00.000000000 Z
12
+ date: 2014-01-09 00:00:00.000000000 Z
13
13
  dependencies:
14
14
  - !ruby/object:Gem::Dependency
15
15
  name: railties
16
16
  requirement: !ruby/object:Gem::Requirement
17
17
  requirements:
18
- - - '>='
18
+ - - ">="
19
19
  - !ruby/object:Gem::Version
20
20
  version: '3.1'
21
21
  type: :runtime
22
22
  prerelease: false
23
23
  version_requirements: !ruby/object:Gem::Requirement
24
24
  requirements:
25
- - - '>='
25
+ - - ">="
26
26
  - !ruby/object:Gem::Version
27
27
  version: '3.1'
28
28
  - !ruby/object:Gem::Dependency
29
29
  name: sqlite3
30
30
  requirement: !ruby/object:Gem::Requirement
31
31
  requirements:
32
- - - ~>
32
+ - - "~>"
33
33
  - !ruby/object:Gem::Version
34
34
  version: 1.3.5
35
35
  type: :development
36
36
  prerelease: false
37
37
  version_requirements: !ruby/object:Gem::Requirement
38
38
  requirements:
39
- - - ~>
39
+ - - "~>"
40
40
  - !ruby/object:Gem::Version
41
41
  version: 1.3.5
42
42
  - !ruby/object:Gem::Dependency
43
43
  name: rspec-rails
44
44
  requirement: !ruby/object:Gem::Requirement
45
45
  requirements:
46
- - - '>='
46
+ - - ">="
47
47
  - !ruby/object:Gem::Version
48
48
  version: 2.11.4
49
49
  type: :development
50
50
  prerelease: false
51
51
  version_requirements: !ruby/object:Gem::Requirement
52
52
  requirements:
53
- - - '>='
53
+ - - ">="
54
54
  - !ruby/object:Gem::Version
55
55
  version: 2.11.4
56
56
  - !ruby/object:Gem::Dependency
57
57
  name: capybara
58
58
  requirement: !ruby/object:Gem::Requirement
59
59
  requirements:
60
- - - ~>
60
+ - - "~>"
61
61
  - !ruby/object:Gem::Version
62
62
  version: 1.1.2
63
63
  type: :development
64
64
  prerelease: false
65
65
  version_requirements: !ruby/object:Gem::Requirement
66
66
  requirements:
67
- - - ~>
67
+ - - "~>"
68
68
  - !ruby/object:Gem::Version
69
69
  version: 1.1.2
70
70
  - !ruby/object:Gem::Dependency
71
71
  name: generator_spec
72
72
  requirement: !ruby/object:Gem::Requirement
73
73
  requirements:
74
- - - ~>
74
+ - - "~>"
75
75
  - !ruby/object:Gem::Version
76
76
  version: 0.9.0
77
77
  type: :development
78
78
  prerelease: false
79
79
  version_requirements: !ruby/object:Gem::Requirement
80
80
  requirements:
81
- - - ~>
81
+ - - "~>"
82
82
  - !ruby/object:Gem::Version
83
83
  version: 0.9.0
84
84
  - !ruby/object:Gem::Dependency
85
85
  name: factory_girl
86
86
  requirement: !ruby/object:Gem::Requirement
87
87
  requirements:
88
- - - ~>
88
+ - - "~>"
89
89
  - !ruby/object:Gem::Version
90
90
  version: 2.6.4
91
91
  type: :development
92
92
  prerelease: false
93
93
  version_requirements: !ruby/object:Gem::Requirement
94
94
  requirements:
95
- - - ~>
95
+ - - "~>"
96
96
  - !ruby/object:Gem::Version
97
97
  version: 2.6.4
98
98
  - !ruby/object:Gem::Dependency
99
99
  name: timecop
100
100
  requirement: !ruby/object:Gem::Requirement
101
101
  requirements:
102
- - - ~>
102
+ - - "~>"
103
103
  - !ruby/object:Gem::Version
104
104
  version: 0.5.2
105
105
  type: :development
106
106
  prerelease: false
107
107
  version_requirements: !ruby/object:Gem::Requirement
108
108
  requirements:
109
- - - ~>
109
+ - - "~>"
110
110
  - !ruby/object:Gem::Version
111
111
  version: 0.5.2
112
112
  - !ruby/object:Gem::Dependency
113
113
  name: database_cleaner
114
114
  requirement: !ruby/object:Gem::Requirement
115
115
  requirements:
116
- - - ~>
116
+ - - "~>"
117
117
  - !ruby/object:Gem::Version
118
118
  version: 0.9.1
119
119
  type: :development
120
120
  prerelease: false
121
121
  version_requirements: !ruby/object:Gem::Requirement
122
122
  requirements:
123
- - - ~>
123
+ - - "~>"
124
124
  - !ruby/object:Gem::Version
125
125
  version: 0.9.1
126
126
  - !ruby/object:Gem::Dependency
127
127
  name: bcrypt-ruby
128
128
  requirement: !ruby/object:Gem::Requirement
129
129
  requirements:
130
- - - ~>
130
+ - - "~>"
131
131
  - !ruby/object:Gem::Version
132
132
  version: 3.0.1
133
133
  type: :development
134
134
  prerelease: false
135
135
  version_requirements: !ruby/object:Gem::Requirement
136
136
  requirements:
137
- - - ~>
137
+ - - "~>"
138
138
  - !ruby/object:Gem::Version
139
139
  version: 3.0.1
140
140
  description: Doorkeeper is an OAuth 2 provider for Rails.
@@ -145,9 +145,9 @@ executables: []
145
145
  extensions: []
146
146
  extra_rdoc_files: []
147
147
  files:
148
- - .gitignore
149
- - .rspec
150
- - .travis.yml
148
+ - ".gitignore"
149
+ - ".rspec"
150
+ - ".travis.yml"
151
151
  - CHANGELOG.md
152
152
  - Gemfile
153
153
  - MIT-LICENSE
@@ -206,7 +206,6 @@ files:
206
206
  - lib/doorkeeper/models/ownership.rb
207
207
  - lib/doorkeeper/models/revocable.rb
208
208
  - lib/doorkeeper/models/scopes.rb
209
- - lib/doorkeeper/oauth/authorization.rb
210
209
  - lib/doorkeeper/oauth/authorization/code.rb
211
210
  - lib/doorkeeper/oauth/authorization/token.rb
212
211
  - lib/doorkeeper/oauth/authorization/uri_builder.rb
@@ -225,6 +224,7 @@ files:
225
224
  - lib/doorkeeper/oauth/helpers/scope_checker.rb
226
225
  - lib/doorkeeper/oauth/helpers/unique_token.rb
227
226
  - lib/doorkeeper/oauth/helpers/uri_checker.rb
227
+ - lib/doorkeeper/oauth/invalid_token_response.rb
228
228
  - lib/doorkeeper/oauth/password_access_token_request.rb
229
229
  - lib/doorkeeper/oauth/pre_authorization.rb
230
230
  - lib/doorkeeper/oauth/refresh_token_request.rb
@@ -329,6 +329,7 @@ files:
329
329
  - spec/lib/oauth/helpers/scope_checker_spec.rb
330
330
  - spec/lib/oauth/helpers/unique_token_spec.rb
331
331
  - spec/lib/oauth/helpers/uri_checker_spec.rb
332
+ - spec/lib/oauth/invalid_token_response_spec.rb
332
333
  - spec/lib/oauth/password_access_token_request_spec.rb
333
334
  - spec/lib/oauth/pre_authorization_spec.rb
334
335
  - spec/lib/oauth/refresh_token_request_spec.rb
@@ -383,17 +384,17 @@ require_paths:
383
384
  - lib
384
385
  required_ruby_version: !ruby/object:Gem::Requirement
385
386
  requirements:
386
- - - '>='
387
+ - - ">="
387
388
  - !ruby/object:Gem::Version
388
389
  version: '0'
389
390
  required_rubygems_version: !ruby/object:Gem::Requirement
390
391
  requirements:
391
- - - '>'
392
+ - - ">"
392
393
  - !ruby/object:Gem::Version
393
394
  version: 1.3.1
394
395
  requirements: []
395
396
  rubyforge_project:
396
- rubygems_version: 2.0.14
397
+ rubygems_version: 2.2.0
397
398
  signing_key:
398
399
  specification_version: 4
399
400
  summary: Doorkeeper is an OAuth 2 provider for Rails.
@@ -1,10 +0,0 @@
1
- module Doorkeeper
2
- module OAuth
3
- # TODO: move this to doorkeeper.rb
4
- module Authorization
5
- autoload :Code, "doorkeeper/oauth/authorization/code"
6
- autoload :Token, "doorkeeper/oauth/authorization/token"
7
- autoload :URIBuilder, "doorkeeper/oauth/authorization/uri_builder"
8
- end
9
- end
10
- end