doorkeeper 5.0.0 → 5.0.1
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of doorkeeper might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/.travis.yml +5 -0
- data/Dangerfile +57 -0
- data/NEWS.md +32 -1
- data/README.md +18 -3
- data/app/controllers/doorkeeper/application_controller.rb +2 -0
- data/app/controllers/doorkeeper/application_metal_controller.rb +2 -0
- data/app/controllers/doorkeeper/applications_controller.rb +4 -2
- data/app/controllers/doorkeeper/authorizations_controller.rb +3 -3
- data/app/controllers/doorkeeper/authorized_applications_controller.rb +2 -0
- data/app/controllers/doorkeeper/token_info_controller.rb +2 -0
- data/app/controllers/doorkeeper/tokens_controller.rb +2 -0
- data/app/helpers/doorkeeper/dashboard_helper.rb +2 -0
- data/app/validators/redirect_uri_validator.rb +2 -0
- data/doorkeeper.gemspec +23 -22
- data/lib/doorkeeper.rb +1 -0
- data/lib/doorkeeper/config.rb +7 -2
- data/lib/doorkeeper/engine.rb +2 -0
- data/lib/doorkeeper/errors.rb +17 -0
- data/lib/doorkeeper/grape/authorization_decorator.rb +2 -0
- data/lib/doorkeeper/grape/helpers.rb +2 -0
- data/lib/doorkeeper/helpers/controller.rb +2 -0
- data/lib/doorkeeper/models/access_grant_mixin.rb +5 -3
- data/lib/doorkeeper/models/access_token_mixin.rb +5 -3
- data/lib/doorkeeper/models/application_mixin.rb +2 -0
- data/lib/doorkeeper/models/concerns/accessible.rb +2 -0
- data/lib/doorkeeper/models/concerns/expirable.rb +2 -0
- data/lib/doorkeeper/models/concerns/orderable.rb +2 -0
- data/lib/doorkeeper/models/concerns/ownership.rb +2 -0
- data/lib/doorkeeper/models/concerns/revocable.rb +2 -0
- data/lib/doorkeeper/models/concerns/scopes.rb +2 -0
- data/lib/doorkeeper/oauth/authorization/code.rb +2 -0
- data/lib/doorkeeper/oauth/authorization/context.rb +2 -0
- data/lib/doorkeeper/oauth/authorization/token.rb +2 -0
- data/lib/doorkeeper/oauth/authorization/uri_builder.rb +2 -0
- data/lib/doorkeeper/oauth/authorization_code_request.rb +2 -0
- data/lib/doorkeeper/oauth/base_request.rb +2 -0
- data/lib/doorkeeper/oauth/base_response.rb +2 -0
- data/lib/doorkeeper/oauth/client.rb +2 -0
- data/lib/doorkeeper/oauth/client/credentials.rb +2 -0
- data/lib/doorkeeper/oauth/client_credentials/creator.rb +2 -0
- data/lib/doorkeeper/oauth/client_credentials/issuer.rb +2 -0
- data/lib/doorkeeper/oauth/client_credentials/validation.rb +2 -0
- data/lib/doorkeeper/oauth/client_credentials_request.rb +2 -0
- data/lib/doorkeeper/oauth/code_request.rb +2 -0
- data/lib/doorkeeper/oauth/code_response.rb +2 -0
- data/lib/doorkeeper/oauth/error.rb +2 -0
- data/lib/doorkeeper/oauth/error_response.rb +10 -0
- data/lib/doorkeeper/oauth/forbidden_token_response.rb +9 -2
- data/lib/doorkeeper/oauth/helpers/scope_checker.rb +2 -0
- data/lib/doorkeeper/oauth/helpers/unique_token.rb +2 -0
- data/lib/doorkeeper/oauth/helpers/uri_checker.rb +5 -2
- data/lib/doorkeeper/oauth/invalid_token_response.rb +18 -0
- data/lib/doorkeeper/oauth/password_access_token_request.rb +2 -0
- data/lib/doorkeeper/oauth/pre_authorization.rb +2 -0
- data/lib/doorkeeper/oauth/refresh_token_request.rb +10 -2
- data/lib/doorkeeper/oauth/scopes.rb +2 -0
- data/lib/doorkeeper/oauth/token.rb +2 -0
- data/lib/doorkeeper/oauth/token_introspection.rb +2 -0
- data/lib/doorkeeper/oauth/token_request.rb +2 -0
- data/lib/doorkeeper/oauth/token_response.rb +2 -0
- data/lib/doorkeeper/orm/active_record.rb +2 -0
- data/lib/doorkeeper/rails/helpers.rb +4 -0
- data/lib/doorkeeper/rails/routes.rb +9 -2
- data/lib/doorkeeper/rails/routes/mapper.rb +2 -0
- data/lib/doorkeeper/rails/routes/mapping.rb +2 -0
- data/lib/doorkeeper/rake/db.rake +4 -4
- data/lib/doorkeeper/request.rb +2 -0
- data/lib/doorkeeper/request/authorization_code.rb +2 -0
- data/lib/doorkeeper/request/client_credentials.rb +2 -0
- data/lib/doorkeeper/request/code.rb +2 -0
- data/lib/doorkeeper/request/password.rb +2 -0
- data/lib/doorkeeper/request/refresh_token.rb +2 -0
- data/lib/doorkeeper/request/strategy.rb +2 -0
- data/lib/doorkeeper/request/token.rb +2 -0
- data/lib/doorkeeper/server.rb +2 -0
- data/lib/doorkeeper/stale_records_cleaner.rb +20 -0
- data/lib/doorkeeper/validations.rb +2 -0
- data/lib/doorkeeper/version.rb +3 -1
- data/lib/generators/doorkeeper/templates/initializer.rb +20 -2
- data/lib/generators/doorkeeper/templates/migration.rb.erb +2 -2
- data/spec/controllers/applications_controller_spec.rb +37 -41
- data/spec/controllers/authorizations_controller_spec.rb +71 -18
- data/spec/controllers/protected_resources_controller_spec.rb +44 -2
- data/spec/controllers/tokens_controller_spec.rb +4 -5
- data/spec/dummy/Rakefile +1 -1
- data/spec/dummy/app/controllers/custom_authorizations_controller.rb +1 -1
- data/spec/dummy/app/controllers/home_controller.rb +1 -2
- data/spec/dummy/config.ru +1 -1
- data/spec/dummy/config/application.rb +1 -1
- data/spec/dummy/config/boot.rb +2 -4
- data/spec/dummy/config/environment.rb +1 -1
- data/spec/dummy/config/environments/test.rb +1 -1
- data/spec/dummy/config/initializers/doorkeeper.rb +2 -1
- data/spec/dummy/config/initializers/new_framework_defaults.rb +1 -3
- data/spec/dummy/config/initializers/secret_token.rb +1 -1
- data/spec/dummy/db/migrate/20151223192035_create_doorkeeper_tables.rb +4 -4
- data/spec/dummy/db/migrate/20151223200000_add_owner_to_application.rb +1 -1
- data/spec/dummy/script/rails +4 -3
- data/spec/factories.rb +6 -6
- data/spec/generators/install_generator_spec.rb +4 -1
- data/spec/generators/templates/routes.rb +0 -1
- data/spec/generators/views_generator_spec.rb +1 -1
- data/spec/grape/grape_integration_spec.rb +1 -1
- data/spec/lib/config_spec.rb +25 -8
- data/spec/lib/doorkeeper_spec.rb +5 -5
- data/spec/lib/oauth/authorization_code_request_spec.rb +9 -6
- data/spec/lib/oauth/base_request_spec.rb +10 -10
- data/spec/lib/oauth/client/credentials_spec.rb +2 -2
- data/spec/lib/oauth/client_credentials/issuer_spec.rb +0 -2
- data/spec/lib/oauth/client_credentials/validation_spec.rb +2 -1
- data/spec/lib/oauth/client_credentials_integration_spec.rb +1 -1
- data/spec/lib/oauth/code_request_spec.rb +2 -2
- data/spec/lib/oauth/code_response_spec.rb +1 -1
- data/spec/lib/oauth/helpers/scope_checker_spec.rb +8 -8
- data/spec/lib/oauth/helpers/uri_checker_spec.rb +17 -6
- data/spec/lib/oauth/password_access_token_request_spec.rb +17 -5
- data/spec/lib/oauth/refresh_token_request_spec.rb +11 -7
- data/spec/lib/oauth/token_request_spec.rb +5 -5
- data/spec/lib/oauth/token_spec.rb +4 -1
- data/spec/lib/server_spec.rb +6 -6
- data/spec/lib/{orm/active_record/stale_records_cleaner_spec.rb → stale_records_cleaner_spec.rb} +14 -4
- data/spec/models/doorkeeper/access_token_spec.rb +14 -10
- data/spec/models/doorkeeper/application_spec.rb +4 -4
- data/spec/requests/applications/applications_request_spec.rb +2 -2
- data/spec/requests/endpoints/authorization_spec.rb +2 -2
- data/spec/requests/flows/authorization_code_errors_spec.rb +1 -1
- data/spec/requests/flows/authorization_code_spec.rb +75 -15
- data/spec/requests/flows/implicit_grant_errors_spec.rb +2 -2
- data/spec/requests/flows/password_spec.rb +6 -2
- data/spec/requests/flows/refresh_token_spec.rb +57 -0
- data/spec/requests/flows/revoke_token_spec.rb +9 -9
- data/spec/requests/protected_resources/private_api_spec.rb +2 -2
- data/spec/support/doorkeeper_rspec.rb +2 -1
- data/spec/support/helpers/model_helper.rb +8 -4
- data/spec/support/helpers/url_helper.rb +11 -11
- data/spec/support/shared/controllers_shared_context.rb +56 -0
- data/spec/validators/redirect_uri_validator_spec.rb +2 -2
- metadata +20 -4
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: ca4c29978b53dcffbe1a130f0c14609fb83d838b
|
4
|
+
data.tar.gz: d3e2964493e5a09e680a2f2a8049ab4fad2db52a
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 73f369296eae02dffc8e0611bf6dcfbbdecc7c2ef4b3cd395b3a154ffb579c9ccf442e726cae2c63fc963a84e52c4900242225f90b3d4f7367977747b4047205
|
7
|
+
data.tar.gz: 2af877910b73b8baf2f9f27306fd1a40b5e6cb1a93849a09403607ac9b3420be7b8bd46d7be1c128eec5ad9bdaf003ee6484c16df928bc7df3f80881813cdf35
|
data/.travis.yml
CHANGED
data/Dangerfile
ADDED
@@ -0,0 +1,57 @@
|
|
1
|
+
CHANGELOG_FILE = 'NEWS.md'
|
2
|
+
GITHUB_REPO = 'https://github.com/doorkeeper-gem/doorkeeper'
|
3
|
+
|
4
|
+
def changelog_changed?
|
5
|
+
git.modified_files.include?(CHANGELOG_FILE) || git.added_files.include?(CHANGELOG_FILE)
|
6
|
+
end
|
7
|
+
|
8
|
+
def changelog_entry_example
|
9
|
+
pr_number = github.pr_json['number']
|
10
|
+
pr_url = github.pr_json['html_url']
|
11
|
+
pr_title = github.pr_title
|
12
|
+
.sub(/[?.!,;]?$/, '')
|
13
|
+
.capitalize
|
14
|
+
|
15
|
+
"- [##{pr_number}](#{pr_url}): #{pr_title}."
|
16
|
+
end
|
17
|
+
|
18
|
+
# --------------------------------------------------------------------------------------------------------------------
|
19
|
+
# Has any changes happened inside the actual library code?
|
20
|
+
# --------------------------------------------------------------------------------------------------------------------
|
21
|
+
has_app_changes = !git.modified_files.grep(/lib/).empty?
|
22
|
+
has_spec_changes = !git.modified_files.grep(/spec/).empty?
|
23
|
+
|
24
|
+
# --------------------------------------------------------------------------------------------------------------------
|
25
|
+
# You've made changes to lib, but didn't write any tests?
|
26
|
+
# --------------------------------------------------------------------------------------------------------------------
|
27
|
+
if has_app_changes && !has_spec_changes
|
28
|
+
warn("There're library changes, but not tests. That's OK as long as you're refactoring existing code.", sticky: false)
|
29
|
+
end
|
30
|
+
|
31
|
+
# --------------------------------------------------------------------------------------------------------------------
|
32
|
+
# You've made changes to specs, but no library code has changed?
|
33
|
+
# --------------------------------------------------------------------------------------------------------------------
|
34
|
+
if !has_app_changes && has_spec_changes
|
35
|
+
message('We really appreciate pull requests that demonstrate issues, even without a fix. That said, the next step is to try and fix the failing tests!', sticky: false)
|
36
|
+
end
|
37
|
+
|
38
|
+
# Mainly to encourage writing up some reasoning about the PR, rather than
|
39
|
+
# just leaving a title
|
40
|
+
if github.pr_body.length < 10
|
41
|
+
fail "Please provide a summary in the Pull Request description"
|
42
|
+
end
|
43
|
+
|
44
|
+
# --------------------------------------------------------------------------------------------------------------------
|
45
|
+
# Have you updated CHANGELOG.md?
|
46
|
+
# --------------------------------------------------------------------------------------------------------------------
|
47
|
+
# Add a CHANGELOG entry for app changes
|
48
|
+
if has_app_changes && !changelog_changed?
|
49
|
+
markdown <<-MARKDOWN
|
50
|
+
Here's an example of a #{CHANGELOG_FILE} entry:
|
51
|
+
```markdown
|
52
|
+
#{changelog_entry_example}
|
53
|
+
```
|
54
|
+
MARKDOWN
|
55
|
+
|
56
|
+
fail("Please include a changelog entry. \nYou can find it at [#{CHANGELOG_FILE}](#{GITHUB_REPO}/blob/master/#{CHANGELOG_FILE}).")
|
57
|
+
end
|
data/NEWS.md
CHANGED
@@ -7,7 +7,17 @@ User-visible changes worth mentioning.
|
|
7
7
|
|
8
8
|
## master
|
9
9
|
|
10
|
-
- [#
|
10
|
+
- [#] Add your description here.
|
11
|
+
|
12
|
+
## 5.0.1
|
13
|
+
|
14
|
+
- [#1140] Allow rendering custom errors from exceptions (issue #844). Originally opened as [#944].
|
15
|
+
- [#1138] Revert regression bug (check for token expiration in Authorizations controller so authorization
|
16
|
+
triggers every time)
|
17
|
+
- [#1149] Fix for `URIChecker#valid_for_authorization?` false negative when query is blank, but `?` present.
|
18
|
+
- [#1151] Fix Refresh Token strategy: add proper validation of client credentials both for Public & Private clients.
|
19
|
+
- [#1152] Fix migration template: change resource owner data type from integer to Rails generic `references`
|
20
|
+
- [#1154] Refactor `StaleRecordsCleaner` to be ORM agnostic.
|
11
21
|
|
12
22
|
## 5.0.0
|
13
23
|
|
@@ -43,6 +53,12 @@ User-visible changes worth mentioning.
|
|
43
53
|
`Doorkeeper#installed?` method
|
44
54
|
- [#1031] Allow public clients to authenticate without `client_secret`. Define an app as
|
45
55
|
either public or private/confidential
|
56
|
+
|
57
|
+
**[IMPORTANT]**: all the applications (clients) now are considered as private by default.
|
58
|
+
You need to manually change `confidential` column to `false` if you are using public clients,
|
59
|
+
in other case your mobile (or other) applications will not be able to authorize.
|
60
|
+
See [#1142](https://github.com/doorkeeper-gem/doorkeeper/issues/1142) for more details.
|
61
|
+
|
46
62
|
- [#1010] Add configuration to enforce configured scopes (`default_scopes` and
|
47
63
|
`optional_scopes`) for applications
|
48
64
|
- [#1060] Ensure that the native redirect_uri parameter matches with redirect_uri of the client
|
@@ -61,6 +77,12 @@ User-visible changes worth mentioning.
|
|
61
77
|
- Fix bug with `force_ssl_in_redirect_uri` when it breaks existing applications with an
|
62
78
|
SSL redirect_uri.
|
63
79
|
|
80
|
+
## 4.4.3
|
81
|
+
|
82
|
+
- [#1143] Adds a config option `opt_out_native_route_change` to opt out of the breaking api
|
83
|
+
changed introduced in https://github.com/doorkeeper-gem/doorkeeper/pull/1003
|
84
|
+
|
85
|
+
|
64
86
|
## 4.4.2
|
65
87
|
|
66
88
|
- [#1130] Backport fix for native redirect_uri from 5.x.
|
@@ -73,6 +95,11 @@ User-visible changes worth mentioning.
|
|
73
95
|
## 4.4.0
|
74
96
|
|
75
97
|
- [#1120] Backport security fix from 5.x for token revocation when using public clients
|
98
|
+
|
99
|
+
**[IMPORTANT]**: all the applications (clients) now are considered as private by default.
|
100
|
+
You need to manually change `confidential` column to `false` if you are using public clients,
|
101
|
+
in other case your mobile (or other) applications will not be able to authorize.
|
102
|
+
See [#1142](https://github.com/doorkeeper-gem/doorkeeper/issues/1142) for more details.
|
76
103
|
|
77
104
|
## 4.3.2
|
78
105
|
|
@@ -101,6 +128,10 @@ User-visible changes worth mentioning.
|
|
101
128
|
- [#985] Generate valid migration files for Rails >= 5
|
102
129
|
- [#972] Replace Struct subclassing with block-form initialization
|
103
130
|
- [#1003] Use URL query param to pass through native redirect auth code so automated apps can find it.
|
131
|
+
|
132
|
+
**[IMPORTANT]**: Previously authorization code response route was `/oauth/authorize/<code>`,
|
133
|
+
now it is `oauth/authorize/native?code=<code>` (in order to help applications to automatically find the code value).
|
134
|
+
|
104
135
|
- [#868] `Scopes#&` and `Scopes#+` now take an array or any other enumerable
|
105
136
|
object.
|
106
137
|
- [#1019] Remove translation not in use: `invalid_resource_owner`.
|
data/README.md
CHANGED
@@ -23,6 +23,9 @@ Supported features:
|
|
23
23
|
- [OAuth 2.0 Token Revocation](http://tools.ietf.org/html/rfc7009)
|
24
24
|
- [OAuth 2.0 Token Introspection](https://tools.ietf.org/html/rfc7662)
|
25
25
|
|
26
|
+
See [list of tutorials](https://github.com/doorkeeper-gem/doorkeeper/wiki#how-tos--tutorials) in order to
|
27
|
+
learn how to use the gem or integrate it with other solutions / gems.
|
28
|
+
|
26
29
|
## Documentation valid for `master` branch
|
27
30
|
|
28
31
|
Please check the documentation for the version of doorkeeper you are using in:
|
@@ -50,6 +53,7 @@ https://github.com/doorkeeper-gem/doorkeeper/releases
|
|
50
53
|
- [Routes](#routes)
|
51
54
|
- [Authenticating](#authenticating)
|
52
55
|
- [Internationalization (I18n)](#internationalization-i18n)
|
56
|
+
- [Customizing errors](#customizing-errors)
|
53
57
|
- [Rake Tasks](#rake-tasks)
|
54
58
|
- [Protecting resources with OAuth (a.k.a your API endpoint)](#protecting-resources-with-oauth-aka-your-api-endpoint)
|
55
59
|
- [Ruby on Rails controllers](#ruby-on-rails-controllers)
|
@@ -237,6 +241,14 @@ You may want to check other ways of authentication
|
|
237
241
|
Doorkeeper support multiple languages. See language files in
|
238
242
|
[the I18n repository](https://github.com/doorkeeper-gem/doorkeeper-i18n).
|
239
243
|
|
244
|
+
### Customizing errors
|
245
|
+
|
246
|
+
If you don't want to use default Doorkeeper error responses you can raise and rescue it's
|
247
|
+
exceptions. All you need is to set configuration option `handle_auth_errors` to `:raise`.
|
248
|
+
In this case Doorkeeper will raise `Doorkeeper::Errors::TokenForbidden`,
|
249
|
+
`Doorkeeper::Errors::TokenExpired`, `Doorkeeper::Errors::TokenRevoked` or other exceptions
|
250
|
+
that you need to care about.
|
251
|
+
|
240
252
|
### Rake Tasks
|
241
253
|
|
242
254
|
If you are using `rake`, you can load rake tasks provided by this gem, by adding
|
@@ -372,7 +384,7 @@ end
|
|
372
384
|
Please note that there is a logical OR between multiple required scopes. In the
|
373
385
|
above example, `doorkeeper_authorize! :admin, :write` means that the access
|
374
386
|
token is required to have either `:admin` scope or `:write` scope, but does not
|
375
|
-
need have both of them.
|
387
|
+
need to have both of them.
|
376
388
|
|
377
389
|
If you want to require the access token to have multiple scopes at the same
|
378
390
|
time, use multiple `doorkeeper_authorize!`, for example:
|
@@ -448,8 +460,11 @@ token owner.
|
|
448
460
|
|
449
461
|
### Applications list
|
450
462
|
|
451
|
-
By default, the applications list (`/oauth/applications`) is publicly available.
|
452
|
-
|
463
|
+
By default, the applications list (`/oauth/applications`) is publicly available (before 5.0 release).
|
464
|
+
Starting from Doorkeeper 5.0 it returns 403 Forbidden if `admin_authenticator` option is not configured
|
465
|
+
by developers.
|
466
|
+
|
467
|
+
To change the protection rules of this endpoint you should uncomment these lines:
|
453
468
|
|
454
469
|
```ruby
|
455
470
|
# config/initializers/doorkeeper.rb
|
@@ -1,3 +1,5 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
1
3
|
module Doorkeeper
|
2
4
|
class ApplicationsController < Doorkeeper::ApplicationController
|
3
5
|
layout 'doorkeeper/admin' unless Doorkeeper.configuration.api_only
|
@@ -77,8 +79,8 @@ module Doorkeeper
|
|
77
79
|
end
|
78
80
|
|
79
81
|
def application_params
|
80
|
-
params.require(:doorkeeper_application)
|
81
|
-
permit(:name, :redirect_uri, :scopes, :confidential)
|
82
|
+
params.require(:doorkeeper_application)
|
83
|
+
.permit(:name, :redirect_uri, :scopes, :confidential)
|
82
84
|
end
|
83
85
|
end
|
84
86
|
end
|
@@ -1,3 +1,5 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
1
3
|
module Doorkeeper
|
2
4
|
class AuthorizationsController < Doorkeeper::ApplicationController
|
3
5
|
before_action :authenticate_resource_owner!
|
@@ -41,13 +43,11 @@ module Doorkeeper
|
|
41
43
|
end
|
42
44
|
|
43
45
|
def matching_token?
|
44
|
-
|
46
|
+
AccessToken.matching_token_for(
|
45
47
|
pre_auth.client,
|
46
48
|
current_resource_owner.id,
|
47
49
|
pre_auth.scopes
|
48
50
|
)
|
49
|
-
|
50
|
-
token && token.accessible?
|
51
51
|
end
|
52
52
|
|
53
53
|
def redirect_or_render(auth)
|
data/doorkeeper.gemspec
CHANGED
@@ -2,29 +2,30 @@ $LOAD_PATH.push File.expand_path('../lib', __FILE__)
|
|
2
2
|
|
3
3
|
require 'doorkeeper/version'
|
4
4
|
|
5
|
-
Gem::Specification.new do |
|
6
|
-
|
7
|
-
|
8
|
-
|
9
|
-
|
10
|
-
|
11
|
-
|
12
|
-
|
13
|
-
|
5
|
+
Gem::Specification.new do |gem|
|
6
|
+
gem.name = 'doorkeeper'
|
7
|
+
gem.version = Doorkeeper.gem_version
|
8
|
+
gem.authors = ['Felipe Elias Philipp', 'Tute Costa', 'Jon Moss', 'Nikita Bulai']
|
9
|
+
gem.email = %w(bulaj.nikita@gmail.com)
|
10
|
+
gem.homepage = 'https://github.com/doorkeeper-gem/doorkeeper'
|
11
|
+
gem.summary = 'OAuth 2 provider for Rails and Grape'
|
12
|
+
gem.description = 'Doorkeeper is an OAuth 2 provider for Rails and Grape.'
|
13
|
+
gem.license = 'MIT'
|
14
14
|
|
15
|
-
|
16
|
-
|
17
|
-
|
15
|
+
gem.files = `git ls-files`.split("\n")
|
16
|
+
gem.test_files = `git ls-files -- spec/*`.split("\n")
|
17
|
+
gem.require_paths = ['lib']
|
18
18
|
|
19
|
-
|
20
|
-
|
19
|
+
gem.add_dependency 'railties', '>= 4.2'
|
20
|
+
gem.required_ruby_version = '>= 2.1'
|
21
21
|
|
22
|
-
|
23
|
-
|
24
|
-
|
25
|
-
|
26
|
-
|
27
|
-
|
28
|
-
|
29
|
-
|
22
|
+
gem.add_development_dependency 'capybara', '~> 2.18'
|
23
|
+
gem.add_development_dependency 'coveralls'
|
24
|
+
gem.add_development_dependency 'danger', '~> 5.0'
|
25
|
+
gem.add_development_dependency 'grape'
|
26
|
+
gem.add_development_dependency 'database_cleaner', '~> 1.6'
|
27
|
+
gem.add_development_dependency 'factory_bot', '~> 4.8'
|
28
|
+
gem.add_development_dependency 'generator_spec', '~> 0.9.3'
|
29
|
+
gem.add_development_dependency 'rake', '>= 11.3.0'
|
30
|
+
gem.add_development_dependency 'rspec-rails'
|
30
31
|
end
|
data/lib/doorkeeper.rb
CHANGED
data/lib/doorkeeper/config.rb
CHANGED
@@ -107,7 +107,7 @@ module Doorkeeper
|
|
107
107
|
def use_refresh_token(enabled = true, &block)
|
108
108
|
@config.instance_variable_set(
|
109
109
|
:@refresh_token_enabled,
|
110
|
-
block
|
110
|
+
block || enabled
|
111
111
|
)
|
112
112
|
end
|
113
113
|
|
@@ -177,7 +177,7 @@ module Doorkeeper
|
|
177
177
|
value = if attribute_builder
|
178
178
|
attribute_builder.new(&block).build
|
179
179
|
else
|
180
|
-
block
|
180
|
+
block || args.first
|
181
181
|
end
|
182
182
|
|
183
183
|
@config.instance_variable_set(:"@#{attribute}", value)
|
@@ -239,6 +239,7 @@ module Doorkeeper
|
|
239
239
|
option :native_redirect_uri, default: 'urn:ietf:wg:oauth:2.0:oob'
|
240
240
|
option :active_record_options, default: {}
|
241
241
|
option :grant_flows, default: %w[authorization_code client_credentials]
|
242
|
+
option :handle_auth_errors, default: :render
|
242
243
|
|
243
244
|
# Allows to forbid specific Application redirect URI's by custom rules.
|
244
245
|
# Doesn't forbid any URI by default.
|
@@ -317,6 +318,10 @@ module Doorkeeper
|
|
317
318
|
!!(defined?(@confirm_application_owner) && @confirm_application_owner)
|
318
319
|
end
|
319
320
|
|
321
|
+
def raise_on_errors?
|
322
|
+
handle_auth_errors == :raise
|
323
|
+
end
|
324
|
+
|
320
325
|
def default_scopes
|
321
326
|
@default_scopes ||= OAuth::Scopes.new
|
322
327
|
end
|
data/lib/doorkeeper/engine.rb
CHANGED
data/lib/doorkeeper/errors.rb
CHANGED
@@ -1,3 +1,5 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
1
3
|
module Doorkeeper
|
2
4
|
module Errors
|
3
5
|
class DoorkeeperError < StandardError
|
@@ -36,7 +38,22 @@ module Doorkeeper
|
|
36
38
|
end
|
37
39
|
end
|
38
40
|
|
41
|
+
class BaseResponseError < DoorkeeperError
|
42
|
+
attr_reader :response
|
43
|
+
|
44
|
+
def initialize(response)
|
45
|
+
@response = response
|
46
|
+
end
|
47
|
+
end
|
48
|
+
|
39
49
|
UnableToGenerateToken = Class.new(DoorkeeperError)
|
40
50
|
TokenGeneratorNotFound = Class.new(DoorkeeperError)
|
51
|
+
NoOrmCleaner = Class.new(DoorkeeperError)
|
52
|
+
|
53
|
+
InvalidToken = Class.new BaseResponseError
|
54
|
+
TokenExpired = Class.new InvalidToken
|
55
|
+
TokenRevoked = Class.new InvalidToken
|
56
|
+
TokenUnknown = Class.new InvalidToken
|
57
|
+
TokenForbidden = Class.new InvalidToken
|
41
58
|
end
|
42
59
|
end
|