doorkeeper 5.1.0.rc2 → 5.1.0
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of doorkeeper might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/.hound.yml +2 -1
- data/.rubocop.yml +37 -4
- data/.travis.yml +4 -27
- data/Appraisals +8 -12
- data/Gemfile +6 -2
- data/NEWS.md +16 -0
- data/README.md +11 -2
- data/Rakefile +10 -8
- data/app/controllers/doorkeeper/application_controller.rb +1 -2
- data/app/controllers/doorkeeper/application_metal_controller.rb +2 -13
- data/app/controllers/doorkeeper/applications_controller.rb +17 -5
- data/app/controllers/doorkeeper/token_info_controller.rb +1 -1
- data/app/controllers/doorkeeper/tokens_controller.rb +7 -7
- data/app/helpers/doorkeeper/dashboard_helper.rb +1 -1
- data/app/validators/redirect_uri_validator.rb +5 -2
- data/app/views/doorkeeper/applications/_form.html.erb +6 -0
- data/bin/console +5 -4
- data/config/locales/en.yml +1 -0
- data/doorkeeper.gemspec +24 -22
- data/gemfiles/rails_5_0.gemfile +2 -1
- data/gemfiles/rails_5_1.gemfile +2 -1
- data/gemfiles/rails_5_2.gemfile +2 -1
- data/gemfiles/rails_6_0.gemfile +1 -0
- data/gemfiles/rails_master.gemfile +1 -0
- data/lib/doorkeeper.rb +68 -66
- data/lib/doorkeeper/config.rb +53 -90
- data/lib/doorkeeper/config/option.rb +64 -0
- data/lib/doorkeeper/engine.rb +1 -1
- data/lib/doorkeeper/grape/authorization_decorator.rb +4 -4
- data/lib/doorkeeper/grape/helpers.rb +3 -3
- data/lib/doorkeeper/helpers/controller.rb +1 -1
- data/lib/doorkeeper/models/access_grant_mixin.rb +4 -2
- data/lib/doorkeeper/models/access_token_mixin.rb +10 -10
- data/lib/doorkeeper/models/application_mixin.rb +1 -0
- data/lib/doorkeeper/models/concerns/expirable.rb +1 -0
- data/lib/doorkeeper/models/concerns/ownership.rb +1 -6
- data/lib/doorkeeper/models/concerns/revocable.rb +2 -1
- data/lib/doorkeeper/models/concerns/scopes.rb +1 -1
- data/lib/doorkeeper/models/concerns/secret_storable.rb +2 -0
- data/lib/doorkeeper/oauth.rb +5 -5
- data/lib/doorkeeper/oauth/authorization/code.rb +1 -1
- data/lib/doorkeeper/oauth/authorization/token.rb +9 -6
- data/lib/doorkeeper/oauth/authorization/uri_builder.rb +1 -1
- data/lib/doorkeeper/oauth/authorization_code_request.rb +5 -3
- data/lib/doorkeeper/oauth/client_credentials/validation.rb +1 -1
- data/lib/doorkeeper/oauth/client_credentials_request.rb +1 -1
- data/lib/doorkeeper/oauth/error_response.rb +5 -5
- data/lib/doorkeeper/oauth/forbidden_token_response.rb +1 -1
- data/lib/doorkeeper/oauth/helpers/scope_checker.rb +1 -1
- data/lib/doorkeeper/oauth/helpers/unique_token.rb +2 -1
- data/lib/doorkeeper/oauth/helpers/uri_checker.rb +6 -2
- data/lib/doorkeeper/oauth/invalid_token_response.rb +1 -1
- data/lib/doorkeeper/oauth/pre_authorization.rb +4 -3
- data/lib/doorkeeper/oauth/refresh_token_request.rb +1 -1
- data/lib/doorkeeper/oauth/scopes.rb +5 -3
- data/lib/doorkeeper/oauth/token.rb +2 -2
- data/lib/doorkeeper/oauth/token_introspection.rb +4 -4
- data/lib/doorkeeper/oauth/token_response.rb +9 -9
- data/lib/doorkeeper/orm/active_record.rb +6 -6
- data/lib/doorkeeper/orm/active_record/access_grant.rb +5 -12
- data/lib/doorkeeper/orm/active_record/access_token.rb +6 -13
- data/lib/doorkeeper/orm/active_record/application.rb +6 -5
- data/lib/doorkeeper/orm/active_record/stale_records_cleaner.rb +10 -3
- data/lib/doorkeeper/rails/helpers.rb +1 -1
- data/lib/doorkeeper/rails/routes.rb +11 -11
- data/lib/doorkeeper/rails/routes/mapping.rb +7 -7
- data/lib/doorkeeper/rake.rb +1 -1
- data/lib/doorkeeper/rake/db.rake +13 -13
- data/lib/doorkeeper/request.rb +1 -1
- data/lib/doorkeeper/secret_storing/base.rb +7 -6
- data/lib/doorkeeper/secret_storing/bcrypt.rb +4 -3
- data/lib/doorkeeper/secret_storing/plain.rb +4 -4
- data/lib/doorkeeper/secret_storing/sha256_hash.rb +3 -2
- data/lib/doorkeeper/stale_records_cleaner.rb +1 -1
- data/lib/doorkeeper/version.rb +2 -2
- data/lib/generators/doorkeeper/application_owner_generator.rb +10 -9
- data/lib/generators/doorkeeper/confidential_applications_generator.rb +10 -9
- data/lib/generators/doorkeeper/install_generator.rb +11 -9
- data/lib/generators/doorkeeper/migration_generator.rb +9 -9
- data/lib/generators/doorkeeper/pkce_generator.rb +10 -9
- data/lib/generators/doorkeeper/previous_refresh_token_generator.rb +10 -9
- data/lib/generators/doorkeeper/templates/initializer.rb +30 -5
- data/lib/generators/doorkeeper/templates/migration.rb.erb +15 -7
- data/lib/generators/doorkeeper/views_generator.rb +6 -4
- data/spec/controllers/application_metal_controller_spec.rb +10 -10
- data/spec/controllers/applications_controller_spec.rb +54 -52
- data/spec/controllers/authorizations_controller_spec.rb +136 -142
- data/spec/controllers/protected_resources_controller_spec.rb +78 -76
- data/spec/controllers/token_info_controller_spec.rb +13 -11
- data/spec/controllers/tokens_controller_spec.rb +109 -94
- data/spec/dummy/Rakefile +3 -1
- data/spec/dummy/app/controllers/application_controller.rb +2 -0
- data/spec/dummy/app/controllers/custom_authorizations_controller.rb +2 -0
- data/spec/dummy/app/controllers/full_protected_resources_controller.rb +4 -2
- data/spec/dummy/app/controllers/home_controller.rb +5 -3
- data/spec/dummy/app/controllers/metal_controller.rb +2 -0
- data/spec/dummy/app/controllers/semi_protected_resources_controller.rb +4 -2
- data/spec/dummy/app/helpers/application_helper.rb +2 -0
- data/spec/dummy/app/models/user.rb +2 -0
- data/spec/dummy/config.ru +3 -1
- data/spec/dummy/config/application.rb +13 -0
- data/spec/dummy/config/environments/development.rb +2 -0
- data/spec/dummy/config/environments/production.rb +2 -0
- data/spec/dummy/config/environments/test.rb +3 -1
- data/spec/dummy/config/initializers/backtrace_silencers.rb +2 -0
- data/spec/dummy/config/initializers/doorkeeper.rb +5 -2
- data/spec/dummy/config/initializers/secret_token.rb +3 -1
- data/spec/dummy/config/initializers/session_store.rb +3 -1
- data/spec/dummy/config/initializers/wrap_parameters.rb +2 -0
- data/spec/dummy/db/migrate/20151223192035_create_doorkeeper_tables.rb +17 -10
- data/spec/dummy/db/migrate/20170822064514_enable_pkce.rb +2 -0
- data/spec/dummy/db/schema.rb +1 -1
- data/spec/dummy/script/rails +5 -3
- data/spec/factories.rb +5 -3
- data/spec/generators/application_owner_generator_spec.rb +13 -26
- data/spec/generators/confidential_applications_generator_spec.rb +12 -28
- data/spec/generators/install_generator_spec.rb +17 -15
- data/spec/generators/migration_generator_spec.rb +13 -26
- data/spec/generators/pkce_generator_spec.rb +11 -26
- data/spec/generators/previous_refresh_token_generator_spec.rb +16 -29
- data/spec/generators/templates/routes.rb +2 -0
- data/spec/generators/views_generator_spec.rb +14 -12
- data/spec/grape/grape_integration_spec.rb +34 -32
- data/spec/helpers/doorkeeper/dashboard_helper_spec.rb +9 -7
- data/spec/lib/config_spec.rb +137 -136
- data/spec/lib/doorkeeper_spec.rb +3 -1
- data/spec/lib/models/expirable_spec.rb +12 -10
- data/spec/lib/models/reusable_spec.rb +6 -6
- data/spec/lib/models/revocable_spec.rb +8 -6
- data/spec/lib/models/scopes_spec.rb +19 -17
- data/spec/lib/models/secret_storable_spec.rb +71 -49
- data/spec/lib/oauth/authorization/uri_builder_spec.rb +17 -15
- data/spec/lib/oauth/authorization_code_request_spec.rb +18 -12
- data/spec/lib/oauth/base_request_spec.rb +20 -8
- data/spec/lib/oauth/base_response_spec.rb +3 -1
- data/spec/lib/oauth/client/credentials_spec.rb +24 -22
- data/spec/lib/oauth/client_credentials/creator_spec.rb +13 -11
- data/spec/lib/oauth/client_credentials/issuer_spec.rb +27 -18
- data/spec/lib/oauth/client_credentials/validation_spec.rb +17 -15
- data/spec/lib/oauth/client_credentials_integration_spec.rb +7 -5
- data/spec/lib/oauth/client_credentials_request_spec.rb +27 -21
- data/spec/lib/oauth/client_spec.rb +15 -13
- data/spec/lib/oauth/code_request_spec.rb +8 -6
- data/spec/lib/oauth/code_response_spec.rb +9 -7
- data/spec/lib/oauth/error_response_spec.rb +14 -12
- data/spec/lib/oauth/error_spec.rb +4 -2
- data/spec/lib/oauth/forbidden_token_response_spec.rb +7 -5
- data/spec/lib/oauth/helpers/scope_checker_spec.rb +35 -33
- data/spec/lib/oauth/helpers/unique_token_spec.rb +8 -6
- data/spec/lib/oauth/helpers/uri_checker_spec.rb +103 -101
- data/spec/lib/oauth/invalid_token_response_spec.rb +3 -1
- data/spec/lib/oauth/password_access_token_request_spec.rb +52 -34
- data/spec/lib/oauth/pre_authorization_spec.rb +64 -62
- data/spec/lib/oauth/refresh_token_request_spec.rb +36 -33
- data/spec/lib/oauth/scopes_spec.rb +63 -61
- data/spec/lib/oauth/token_request_spec.rb +66 -26
- data/spec/lib/oauth/token_response_spec.rb +39 -37
- data/spec/lib/oauth/token_spec.rb +51 -49
- data/spec/lib/request/strategy_spec.rb +3 -1
- data/spec/lib/secret_storing/base_spec.rb +23 -23
- data/spec/lib/secret_storing/bcrypt_spec.rb +18 -18
- data/spec/lib/secret_storing/plain_spec.rb +17 -17
- data/spec/lib/secret_storing/sha256_hash_spec.rb +16 -16
- data/spec/lib/server_spec.rb +16 -14
- data/spec/lib/stale_records_cleaner_spec.rb +17 -17
- data/spec/models/doorkeeper/access_grant_spec.rb +30 -26
- data/spec/models/doorkeeper/access_token_spec.rb +97 -95
- data/spec/models/doorkeeper/application_spec.rb +98 -57
- data/spec/requests/applications/applications_request_spec.rb +98 -66
- data/spec/requests/applications/authorized_applications_spec.rb +20 -18
- data/spec/requests/endpoints/authorization_spec.rb +25 -23
- data/spec/requests/endpoints/token_spec.rb +38 -36
- data/spec/requests/flows/authorization_code_errors_spec.rb +26 -24
- data/spec/requests/flows/authorization_code_spec.rb +161 -159
- data/spec/requests/flows/client_credentials_spec.rb +53 -51
- data/spec/requests/flows/implicit_grant_errors_spec.rb +10 -8
- data/spec/requests/flows/implicit_grant_spec.rb +27 -25
- data/spec/requests/flows/password_spec.rb +56 -54
- data/spec/requests/flows/refresh_token_spec.rb +45 -43
- data/spec/requests/flows/revoke_token_spec.rb +29 -27
- data/spec/requests/flows/skip_authorization_spec.rb +23 -21
- data/spec/requests/protected_resources/metal_spec.rb +7 -5
- data/spec/requests/protected_resources/private_api_spec.rb +35 -33
- data/spec/routing/custom_controller_routes_spec.rb +67 -65
- data/spec/routing/default_routes_spec.rb +22 -20
- data/spec/routing/scoped_routes_spec.rb +20 -18
- data/spec/spec_helper.rb +14 -13
- data/spec/spec_helper_integration.rb +3 -1
- data/spec/support/dependencies/factory_bot.rb +3 -1
- data/spec/support/doorkeeper_rspec.rb +3 -1
- data/spec/support/helpers/access_token_request_helper.rb +3 -1
- data/spec/support/helpers/authorization_request_helper.rb +4 -2
- data/spec/support/helpers/config_helper.rb +2 -0
- data/spec/support/helpers/model_helper.rb +3 -1
- data/spec/support/helpers/request_spec_helper.rb +5 -3
- data/spec/support/helpers/url_helper.rb +9 -7
- data/spec/support/http_method_shim.rb +4 -9
- data/spec/support/orm/active_record.rb +3 -1
- data/spec/support/shared/controllers_shared_context.rb +18 -16
- data/spec/support/shared/hashing_shared_context.rb +3 -3
- data/spec/support/shared/models_shared_examples.rb +12 -10
- data/spec/validators/redirect_uri_validator_spec.rb +74 -45
- data/spec/version/version_spec.rb +7 -5
- metadata +12 -16
- data/gemfiles/rails_4_2.gemfile +0 -17
- data/spec/dummy/config/initializers/new_framework_defaults.rb +0 -8
- data/spec/support/ruby_2_6_rails_4_2_patch.rb +0 -14
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: d8ea67fd14f902f63a276aed1f57a134c39fa02322d4b1f114571e2a90310ead
|
4
|
+
data.tar.gz: 44f9f0b886117c6dabe6a09c236107ba6b8c3469b40526a4f6c10f2e4b3e8eac
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 2aa8f4fbe445a84f98035e8ebeb99e715860fb7d29637d8e6cca994bf18a9ba7c051d38fda66829a5dd260f93ee74ff9f6f6d863e610203fa690da7b698b7da1
|
7
|
+
data.tar.gz: 5d474565c95e341b7b4773a7c1e2a782fa1bc27c4f22874428db52ceb4df10ccbb342420ba5266ba0d779380d42df3576f56449d390ecbf795e4deee50bdaff4
|
data/.hound.yml
CHANGED
data/.rubocop.yml
CHANGED
@@ -1,17 +1,50 @@
|
|
1
1
|
AllCops:
|
2
|
+
TargetRubyVersion: 2.4
|
2
3
|
Exclude:
|
3
4
|
- "spec/dummy/db/*"
|
5
|
+
- "spec/dummy/config/*"
|
6
|
+
- "Dangerfile"
|
7
|
+
- "gemfiles/*.gemfile"
|
4
8
|
|
5
9
|
Metrics/BlockLength:
|
6
10
|
Exclude:
|
7
11
|
- spec/**/*
|
12
|
+
- lib/doorkeeper/rake/*
|
8
13
|
|
9
|
-
LineLength:
|
14
|
+
Metrics/LineLength:
|
10
15
|
Exclude:
|
11
16
|
- spec/**/*
|
17
|
+
Max: 100
|
12
18
|
|
13
|
-
|
14
|
-
|
19
|
+
Metrics/MethodLength:
|
20
|
+
Exclude:
|
21
|
+
- spec/dummy/db/*
|
22
|
+
|
23
|
+
Style/StringLiterals:
|
24
|
+
EnforcedStyle: double_quotes
|
25
|
+
Style/StringLiteralsInInterpolation:
|
26
|
+
EnforcedStyle: double_quotes
|
27
|
+
|
28
|
+
Style/FrozenStringLiteralComment:
|
29
|
+
Enabled: true
|
30
|
+
|
31
|
+
Style/TrailingCommaInHashLiteral:
|
32
|
+
EnforcedStyleForMultiline: consistent_comma
|
33
|
+
Style/TrailingCommaInArrayLiteral:
|
34
|
+
EnforcedStyleForMultiline: consistent_comma
|
35
|
+
|
36
|
+
Style/SymbolArray:
|
37
|
+
MinSize: 3
|
38
|
+
Style/WordArray:
|
39
|
+
MinSize: 3
|
40
|
+
|
41
|
+
Style/ClassAndModuleChildren:
|
42
|
+
Exclude:
|
43
|
+
- spec/**/*
|
15
44
|
|
16
|
-
|
45
|
+
Layout/MultilineMethodCallIndentation:
|
46
|
+
EnforcedStyle: indented
|
47
|
+
Layout/TrailingBlankLines:
|
17
48
|
Enabled: true
|
49
|
+
Layout/DotPosition:
|
50
|
+
EnforcedStyle: leading
|
data/.travis.yml
CHANGED
@@ -2,21 +2,16 @@ language: ruby
|
|
2
2
|
cache: bundler
|
3
3
|
|
4
4
|
rvm:
|
5
|
-
- 2.1
|
6
|
-
- 2.2
|
7
|
-
- 2.3
|
8
5
|
- 2.4
|
9
6
|
- 2.5
|
10
|
-
- 2.6
|
7
|
+
- 2.6
|
11
8
|
- ruby-head
|
12
9
|
|
13
|
-
before_install:
|
14
|
-
-
|
15
|
-
-
|
16
|
-
- gem install bundler -v '~> 1.10'
|
10
|
+
#before_install:
|
11
|
+
# - gem update --system
|
12
|
+
# - gem install bundler
|
17
13
|
|
18
14
|
gemfile:
|
19
|
-
- gemfiles/rails_4_2.gemfile
|
20
15
|
- gemfiles/rails_5_0.gemfile
|
21
16
|
- gemfiles/rails_5_1.gemfile
|
22
17
|
- gemfiles/rails_5_2.gemfile
|
@@ -31,26 +26,8 @@ matrix:
|
|
31
26
|
gemfile: gemfiles/rails_5_2.gemfile
|
32
27
|
script: bundle exec danger
|
33
28
|
exclude:
|
34
|
-
- gemfile: gemfiles/rails_5_0.gemfile
|
35
|
-
rvm: 2.1
|
36
|
-
- gemfile: gemfiles/rails_5_1.gemfile
|
37
|
-
rvm: 2.1
|
38
|
-
- gemfile: gemfiles/rails_5_2.gemfile
|
39
|
-
rvm: 2.1
|
40
|
-
- gemfile: gemfiles/rails_6_0.gemfile
|
41
|
-
rvm: 2.1
|
42
|
-
- gemfile: gemfiles/rails_6_0.gemfile
|
43
|
-
rvm: 2.2
|
44
|
-
- gemfile: gemfiles/rails_6_0.gemfile
|
45
|
-
rvm: 2.3
|
46
29
|
- gemfile: gemfiles/rails_6_0.gemfile
|
47
30
|
rvm: 2.4
|
48
|
-
- gemfile: gemfiles/rails_master.gemfile
|
49
|
-
rvm: 2.1
|
50
|
-
- gemfile: gemfiles/rails_master.gemfile
|
51
|
-
rvm: 2.2
|
52
|
-
- gemfile: gemfiles/rails_master.gemfile
|
53
|
-
rvm: 2.3
|
54
31
|
- gemfile: gemfiles/rails_master.gemfile
|
55
32
|
rvm: 2.4
|
56
33
|
allow_failures:
|
data/Appraisals
CHANGED
@@ -1,27 +1,23 @@
|
|
1
|
-
|
2
|
-
gem "rails", "~> 4.2.0"
|
3
|
-
gem "grape", '~> 0.16', '< 0.19.2'
|
4
|
-
gem "sqlite3", "~> 1.3", "< 1.4", platform: [:ruby, :mswin, :mingw, :x64_mingw]
|
5
|
-
end
|
1
|
+
# frozen_string_literal: true
|
6
2
|
|
7
3
|
appraise "rails-5-0" do
|
8
4
|
gem "rails", "~> 5.0.0"
|
9
|
-
gem "sqlite3", "~> 1.3", "< 1.4", platform: [
|
5
|
+
gem "sqlite3", "~> 1.3", "< 1.4", platform: %i[ruby mswin mingw x64_mingw]
|
10
6
|
end
|
11
7
|
|
12
8
|
appraise "rails-5-1" do
|
13
9
|
gem "rails", "~> 5.1.0"
|
14
|
-
gem "sqlite3", "~> 1.3", "< 1.4", platform: [
|
10
|
+
gem "sqlite3", "~> 1.3", "< 1.4", platform: %i[ruby mswin mingw x64_mingw]
|
15
11
|
end
|
16
12
|
|
17
13
|
appraise "rails-5-2" do
|
18
14
|
gem "rails", "~> 5.2.0"
|
19
|
-
gem "sqlite3", "~> 1.3", "< 1.4", platform: [
|
15
|
+
gem "sqlite3", "~> 1.3", "< 1.4", platform: %i[ruby mswin mingw x64_mingw]
|
20
16
|
end
|
21
17
|
|
22
18
|
appraise "rails-6-0" do
|
23
|
-
gem "rails", "~> 6.0.0.
|
24
|
-
gem "sqlite3", "~> 1.4", platform: [
|
19
|
+
gem "rails", "~> 6.0.0.beta3"
|
20
|
+
gem "sqlite3", "~> 1.4", platform: %i[ruby mswin mingw x64_mingw]
|
25
21
|
|
26
22
|
# TODO: Remove when rspec-rails 4.0 released
|
27
23
|
gem "rspec-core", github: "rspec/rspec-core"
|
@@ -32,8 +28,8 @@ appraise "rails-6-0" do
|
|
32
28
|
end
|
33
29
|
|
34
30
|
appraise "rails-master" do
|
35
|
-
gem "rails", git:
|
36
|
-
gem "sqlite3", "~> 1.4", platform: [
|
31
|
+
gem "rails", git: "https://github.com/rails/rails"
|
32
|
+
gem "sqlite3", "~> 1.4", platform: %i[ruby mswin mingw x64_mingw]
|
37
33
|
|
38
34
|
# TODO: Remove when rspec-rails 4.0 released
|
39
35
|
gem "rspec-core", github: "rspec/rspec-core"
|
data/Gemfile
CHANGED
@@ -1,3 +1,5 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
1
3
|
source "https://rubygems.org"
|
2
4
|
git_source(:github) { |repo| "https://github.com/#{repo}.git" }
|
3
5
|
|
@@ -12,9 +14,11 @@ gem "rspec-mocks", github: "rspec/rspec-mocks"
|
|
12
14
|
gem "rspec-rails", github: "rspec/rspec-rails", branch: "4-0-dev"
|
13
15
|
gem "rspec-support", github: "rspec/rspec-support"
|
14
16
|
|
17
|
+
gem "rubocop", "~> 0.66"
|
18
|
+
|
15
19
|
gem "bcrypt", "~> 3.1", require: false
|
16
20
|
|
17
21
|
gem "activerecord-jdbcsqlite3-adapter", platform: :jruby
|
18
|
-
gem "sqlite3", "~> 1.4", platform: [
|
22
|
+
gem "sqlite3", "~> 1.4", platform: %i[ruby mswin mingw x64_mingw]
|
19
23
|
|
20
|
-
gem
|
24
|
+
gem "tzinfo-data", platforms: %i[mingw mswin x64_mingw]
|
data/NEWS.md
CHANGED
@@ -7,6 +7,22 @@ User-visible changes worth mentioning.
|
|
7
7
|
|
8
8
|
## master
|
9
9
|
|
10
|
+
- [#PR] Add your PR description here.
|
11
|
+
|
12
|
+
## 5.1.0
|
13
|
+
|
14
|
+
- [#1243]: Add nil check operator in token checking at token introspection.
|
15
|
+
- [#1241] Explaining foreign key options for resource owner in a single place
|
16
|
+
- [#1237] Allow to set blank redirect URI if Doorkeeper configured to use redirect URI-less grant flows.
|
17
|
+
- [#1234] Fix `StaleRecordsCleaner` to properly work with big amount of records.
|
18
|
+
- [#1228] Allow to explicitly set non-expiring tokens in `custom_access_token_expires_in` configuration
|
19
|
+
option using `Float::INIFINITY` return value.
|
20
|
+
- [#1224] Do not try to store token if not found by fallback hashing strategy.
|
21
|
+
- [#1223] Update Hound/Rubocop rules, correct Doorkeeper codebase to follow style-guides.
|
22
|
+
- [#1220] Drop Rails 4.2 & Ruby < 2.4 support.
|
23
|
+
|
24
|
+
## 5.1.0.rc2
|
25
|
+
|
10
26
|
- [#1208] Unify hashing implementation into secret storing strategies
|
11
27
|
|
12
28
|
**[IMPORTANT]**: If you have been using the master branch of doorkeeper with bcrypt in your Gemfile.lock,
|
data/README.md
CHANGED
@@ -6,6 +6,8 @@
|
|
6
6
|
[![Coverage Status](https://coveralls.io/repos/github/doorkeeper-gem/doorkeeper/badge.svg?branch=master)](https://coveralls.io/github/doorkeeper-gem/doorkeeper?branch=master)
|
7
7
|
[![Security](https://hakiri.io/github/doorkeeper-gem/doorkeeper/master.svg)](https://hakiri.io/github/doorkeeper-gem/doorkeeper/master)
|
8
8
|
[![Reviewed by Hound](https://img.shields.io/badge/Reviewed_by-Hound-8E64B0.svg)](https://houndci.com)
|
9
|
+
[![GuardRails badge](https://badges.production.guardrails.io/doorkeeper-gem/doorkeeper.svg?token=66768ce8f6995814df81f65a2cff40f739f688492704f973e62809e15599bb62)](https://dashboard.guardrails.io/default/gh/doorkeeper-gem/doorkeeper)
|
10
|
+
[![Dependabot](https://img.shields.io/badge/dependabot-enabled-success.svg)](https://dependabot.com)
|
9
11
|
|
10
12
|
Doorkeeper is a gem (Rails engine) that makes it easy to introduce OAuth 2 provider
|
11
13
|
functionality to your Ruby on Rails or Grape application.
|
@@ -75,7 +77,7 @@ And run `bundle install`. After this, check out the guide related to the framewo
|
|
75
77
|
|
76
78
|
### Ruby on Rails
|
77
79
|
|
78
|
-
Doorkeeper currently supports Ruby on Rails 5. See the guide [here](https://doorkeeper.gitbook.io/guides/ruby-on-rails/getting-started).
|
80
|
+
Doorkeeper currently supports Ruby on Rails >= 5.0. See the guide [here](https://doorkeeper.gitbook.io/guides/ruby-on-rails/getting-started).
|
79
81
|
|
80
82
|
### Grape
|
81
83
|
|
@@ -125,6 +127,11 @@ See [list of tutorials](https://github.com/doorkeeper-gem/doorkeeper/wiki#how-to
|
|
125
127
|
|
126
128
|
## Sponsors
|
127
129
|
|
130
|
+
[![OpenCollective](https://opencollective.com/doorkeeper-gem/backers/badge.svg)](#backers)
|
131
|
+
[![OpenCollective](https://opencollective.com/doorkeeper-gem/sponsors/badge.svg)](#sponsors)
|
132
|
+
|
133
|
+
Support this project by becoming a sponsor. Your logo will show up here with a link to your website. [[Become a sponsor](https://opencollective.com/doorkeeper-gem#sponsor)]
|
134
|
+
|
128
135
|
<a href="https://oauth.io/?utm_source=doorkeeper-gem" target="_blank"><img src="https://oauth.io/img/logo_text.png"/></a>
|
129
136
|
|
130
137
|
> If you prefer not to deal with the gory details of OAuth 2, need dedicated customer support & consulting, try the cloud-based SaaS version: [https://oauth.io](https://oauth.io/?utm_source=doorkeeper-gem)
|
@@ -142,7 +149,7 @@ By default, it uses the latest Rails version with ActiveRecord. To run the
|
|
142
149
|
tests with a specific ORM and Rails version:
|
143
150
|
|
144
151
|
```
|
145
|
-
rails=
|
152
|
+
rails=5.2 orm=active_record bundle exec rake
|
146
153
|
```
|
147
154
|
|
148
155
|
## Contributing
|
@@ -161,6 +168,8 @@ page](https://github.com/doorkeeper-gem/doorkeeper/wiki/Contributing).
|
|
161
168
|
Thanks to all our [awesome
|
162
169
|
contributors](https://github.com/doorkeeper-gem/doorkeeper/graphs/contributors)!
|
163
170
|
|
171
|
+
<a href="https://github.com/doorkeeper-gem/doorkeeper/graphs/contributors"><img src="https://opencollective.com/doorkeeper-gem/contributors.svg?width=890&button=false" /></a>
|
172
|
+
|
164
173
|
## License
|
165
174
|
|
166
175
|
MIT License. Copyright 2011 Applicake.
|
data/Rakefile
CHANGED
@@ -1,7 +1,9 @@
|
|
1
|
-
|
2
|
-
require 'rspec/core/rake_task'
|
1
|
+
# frozen_string_literal: true
|
3
2
|
|
4
|
-
|
3
|
+
require "bundler/setup"
|
4
|
+
require "rspec/core/rake_task"
|
5
|
+
|
6
|
+
desc "Default: run specs."
|
5
7
|
task default: :spec
|
6
8
|
|
7
9
|
desc "Run all specs"
|
@@ -12,14 +14,14 @@ end
|
|
12
14
|
namespace :doorkeeper do
|
13
15
|
desc "Install doorkeeper in dummy app"
|
14
16
|
task :install do
|
15
|
-
cd
|
16
|
-
system
|
17
|
+
cd "spec/dummy"
|
18
|
+
system "bundle exec rails g doorkeeper:install --force"
|
17
19
|
end
|
18
20
|
|
19
|
-
desc
|
21
|
+
desc "Runs local test server"
|
20
22
|
task :server do
|
21
|
-
cd
|
22
|
-
system
|
23
|
+
cd "spec/dummy"
|
24
|
+
system "bundle exec rails server"
|
23
25
|
end
|
24
26
|
end
|
25
27
|
|
@@ -3,12 +3,11 @@
|
|
3
3
|
module Doorkeeper
|
4
4
|
class ApplicationController <
|
5
5
|
Doorkeeper.configuration.base_controller.constantize
|
6
|
-
|
7
6
|
include Helpers::Controller
|
8
7
|
|
9
8
|
unless Doorkeeper.configuration.api_only
|
10
9
|
protect_from_forgery with: :exception
|
11
|
-
helper
|
10
|
+
helper "doorkeeper/dashboard"
|
12
11
|
end
|
13
12
|
end
|
14
13
|
end
|
@@ -1,19 +1,8 @@
|
|
1
1
|
# frozen_string_literal: true
|
2
2
|
|
3
3
|
module Doorkeeper
|
4
|
-
class ApplicationMetalController < ActionController::
|
5
|
-
|
6
|
-
ActionController::Instrumentation,
|
7
|
-
AbstractController::Rendering,
|
8
|
-
ActionController::Rendering,
|
9
|
-
ActionController::Renderers::All,
|
10
|
-
AbstractController::Callbacks,
|
11
|
-
Helpers::Controller
|
12
|
-
].freeze
|
13
|
-
|
14
|
-
MODULES.each do |mod|
|
15
|
-
include mod
|
16
|
-
end
|
4
|
+
class ApplicationMetalController < ActionController::API
|
5
|
+
include Helpers::Controller
|
17
6
|
|
18
7
|
before_action :enforce_content_type,
|
19
8
|
if: -> { Doorkeeper.configuration.enforce_content_type }
|
@@ -2,7 +2,7 @@
|
|
2
2
|
|
3
3
|
module Doorkeeper
|
4
4
|
class ApplicationsController < Doorkeeper::ApplicationController
|
5
|
-
layout
|
5
|
+
layout "doorkeeper/admin" unless Doorkeeper.configuration.api_only
|
6
6
|
|
7
7
|
before_action :authenticate_admin!
|
8
8
|
before_action :set_application, only: %i[show edit update destroy]
|
@@ -40,7 +40,11 @@ module Doorkeeper
|
|
40
40
|
else
|
41
41
|
respond_to do |format|
|
42
42
|
format.html { render :new }
|
43
|
-
format.json
|
43
|
+
format.json do
|
44
|
+
errors = @application.errors.full_messages
|
45
|
+
|
46
|
+
render json: { errors: errors }, status: :unprocessable_entity
|
47
|
+
end
|
44
48
|
end
|
45
49
|
end
|
46
50
|
end
|
@@ -49,7 +53,7 @@ module Doorkeeper
|
|
49
53
|
|
50
54
|
def update
|
51
55
|
if @application.update(application_params)
|
52
|
-
flash[:notice] = I18n.t(:notice, scope:
|
56
|
+
flash[:notice] = I18n.t(:notice, scope: i18n_scope(:update))
|
53
57
|
|
54
58
|
respond_to do |format|
|
55
59
|
format.html { redirect_to oauth_application_url(@application) }
|
@@ -58,13 +62,17 @@ module Doorkeeper
|
|
58
62
|
else
|
59
63
|
respond_to do |format|
|
60
64
|
format.html { render :edit }
|
61
|
-
format.json
|
65
|
+
format.json do
|
66
|
+
errors = @application.errors.full_messages
|
67
|
+
|
68
|
+
render json: { errors: errors }, status: :unprocessable_entity
|
69
|
+
end
|
62
70
|
end
|
63
71
|
end
|
64
72
|
end
|
65
73
|
|
66
74
|
def destroy
|
67
|
-
flash[:notice] = I18n.t(:notice, scope:
|
75
|
+
flash[:notice] = I18n.t(:notice, scope: i18n_scope(:destroy)) if @application.destroy
|
68
76
|
|
69
77
|
respond_to do |format|
|
70
78
|
format.html { redirect_to oauth_applications_url }
|
@@ -82,5 +90,9 @@ module Doorkeeper
|
|
82
90
|
params.require(:doorkeeper_application)
|
83
91
|
.permit(:name, :redirect_uri, :scopes, :confidential)
|
84
92
|
end
|
93
|
+
|
94
|
+
def i18n_scope(action)
|
95
|
+
%i[doorkeeper flash applications] << action
|
96
|
+
end
|
85
97
|
end
|
86
98
|
end
|
@@ -3,7 +3,7 @@
|
|
3
3
|
module Doorkeeper
|
4
4
|
class TokenInfoController < Doorkeeper::ApplicationMetalController
|
5
5
|
def show
|
6
|
-
if doorkeeper_token
|
6
|
+
if doorkeeper_token&.accessible?
|
7
7
|
render json: doorkeeper_token, status: :ok
|
8
8
|
else
|
9
9
|
error = OAuth::InvalidTokenResponse.new
|
@@ -3,10 +3,9 @@
|
|
3
3
|
module Doorkeeper
|
4
4
|
class TokensController < Doorkeeper::ApplicationMetalController
|
5
5
|
def create
|
6
|
-
|
7
|
-
|
8
|
-
|
9
|
-
self.status = response.status
|
6
|
+
headers.merge!(authorize_response.headers)
|
7
|
+
render json: authorize_response.body,
|
8
|
+
status: authorize_response.status
|
10
9
|
rescue Errors::DoorkeeperError => error
|
11
10
|
handle_token_exception(error)
|
12
11
|
end
|
@@ -34,7 +33,7 @@ module Doorkeeper
|
|
34
33
|
render json: introspection.to_json, status: 200
|
35
34
|
else
|
36
35
|
error = introspection.error_response
|
37
|
-
|
36
|
+
headers.merge!(error.headers)
|
38
37
|
render json: error.body, status: error.status
|
39
38
|
end
|
40
39
|
end
|
@@ -59,6 +58,7 @@ module Doorkeeper
|
|
59
58
|
# https://tools.ietf.org/html/rfc7009
|
60
59
|
def authorized?
|
61
60
|
return unless token.present?
|
61
|
+
|
62
62
|
# Client is confidential, therefore client authentication & authorization
|
63
63
|
# is required
|
64
64
|
if token.application_id? && token.application.confidential?
|
@@ -75,8 +75,8 @@ module Doorkeeper
|
|
75
75
|
end
|
76
76
|
|
77
77
|
def token
|
78
|
-
@token ||= AccessToken.by_token(params[
|
79
|
-
|
78
|
+
@token ||= AccessToken.by_token(params["token"]) ||
|
79
|
+
AccessToken.by_refresh_token(params["token"])
|
80
80
|
end
|
81
81
|
|
82
82
|
def strategy
|