doorkeeper 5.1.0.rc1 → 5.1.0.rc2
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of doorkeeper might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/.travis.yml +11 -2
- data/Appraisals +29 -3
- data/Gemfile +13 -5
- data/NEWS.md +52 -15
- data/README.md +68 -487
- data/app/controllers/doorkeeper/token_info_controller.rb +1 -1
- data/app/controllers/doorkeeper/tokens_controller.rb +1 -1
- data/doorkeeper.gemspec +3 -2
- data/gemfiles/rails_4_2.gemfile +8 -5
- data/gemfiles/rails_5_0.gemfile +9 -6
- data/gemfiles/rails_5_1.gemfile +9 -6
- data/gemfiles/rails_5_2.gemfile +9 -6
- data/gemfiles/rails_6_0.gemfile +16 -0
- data/gemfiles/rails_master.gemfile +8 -10
- data/lib/doorkeeper.rb +7 -1
- data/lib/doorkeeper/config.rb +110 -24
- data/lib/doorkeeper/models/access_grant_mixin.rb +15 -7
- data/lib/doorkeeper/models/access_token_mixin.rb +29 -16
- data/lib/doorkeeper/models/application_mixin.rb +18 -28
- data/lib/doorkeeper/models/concerns/expirable.rb +3 -2
- data/lib/doorkeeper/models/concerns/reusable.rb +19 -0
- data/lib/doorkeeper/models/concerns/scopes.rb +4 -0
- data/lib/doorkeeper/models/concerns/secret_storable.rb +106 -0
- data/lib/doorkeeper/oauth/authorization/token.rb +3 -1
- data/lib/doorkeeper/oauth/error_response.rb +5 -1
- data/lib/doorkeeper/oauth/helpers/unique_token.rb +12 -1
- data/lib/doorkeeper/oauth/invalid_token_response.rb +4 -0
- data/lib/doorkeeper/oauth/token_introspection.rb +72 -6
- data/lib/doorkeeper/orm/active_record/access_grant.rb +9 -8
- data/lib/doorkeeper/orm/active_record/application.rb +10 -6
- data/lib/doorkeeper/secret_storing/base.rb +63 -0
- data/lib/doorkeeper/secret_storing/bcrypt.rb +59 -0
- data/lib/doorkeeper/secret_storing/plain.rb +33 -0
- data/lib/doorkeeper/secret_storing/sha256_hash.rb +25 -0
- data/lib/doorkeeper/version.rb +1 -1
- data/lib/generators/doorkeeper/templates/initializer.rb +62 -20
- data/spec/controllers/authorizations_controller_spec.rb +3 -3
- data/spec/controllers/token_info_controller_spec.rb +1 -1
- data/spec/controllers/tokens_controller_spec.rb +78 -30
- data/spec/dummy/config/application.rb +12 -1
- data/spec/lib/config_spec.rb +119 -35
- data/spec/lib/models/expirable_spec.rb +12 -0
- data/spec/lib/models/reusable_spec.rb +40 -0
- data/spec/lib/models/scopes_spec.rb +13 -1
- data/spec/lib/models/secret_storable_spec.rb +113 -0
- data/spec/lib/oauth/authorization_code_request_spec.rb +18 -1
- data/spec/lib/oauth/client_credentials/creator_spec.rb +51 -7
- data/spec/lib/oauth/error_response_spec.rb +7 -1
- data/spec/lib/oauth/password_access_token_request_spec.rb +11 -1
- data/spec/lib/oauth/token_request_spec.rb +16 -1
- data/spec/lib/secret_storing/base_spec.rb +60 -0
- data/spec/lib/secret_storing/bcrypt_spec.rb +49 -0
- data/spec/lib/secret_storing/plain_spec.rb +44 -0
- data/spec/lib/secret_storing/sha256_hash_spec.rb +48 -0
- data/spec/models/doorkeeper/application_spec.rb +23 -4
- data/spec/requests/flows/authorization_code_spec.rb +3 -3
- data/spec/requests/flows/client_credentials_spec.rb +2 -2
- data/spec/requests/flows/implicit_grant_spec.rb +1 -1
- data/spec/requests/flows/password_spec.rb +3 -3
- data/spec/routing/custom_controller_routes_spec.rb +4 -0
- data/spec/support/shared/hashing_shared_context.rb +12 -5
- metadata +51 -21
- data/lib/doorkeeper/models/concerns/hashable.rb +0 -137
- data/spec/lib/models/hashable_spec.rb +0 -183
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 4933a46b121732bd9b6cc44f53947863ab243f448224e444e6106890bb8d78ca
|
4
|
+
data.tar.gz: d2dd4869d2c08ab587908ab79edec49e307e8c2e73b7c54af4706620bc8fcb83
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: dcd3f3b72d7d3cfdd783dd89eb61be9e21cfd4460a48cea0919a398e10a6aad8e6472a325c338988ad6b888167b2d5037c2e41631e9d43a4fd24532d52dd69a9
|
7
|
+
data.tar.gz: 6dd4f697b11faa4f3702482071fba8383c196bccc448fde8b3a1fb6ef0bf10e687a8dbc8bc3385c857a071c57816cdfc82061061029ef9acaa9ac96fea0ce193
|
data/.travis.yml
CHANGED
@@ -1,6 +1,5 @@
|
|
1
1
|
language: ruby
|
2
2
|
cache: bundler
|
3
|
-
sudo: false
|
4
3
|
|
5
4
|
rvm:
|
6
5
|
- 2.1
|
@@ -8,7 +7,7 @@ rvm:
|
|
8
7
|
- 2.3
|
9
8
|
- 2.4
|
10
9
|
- 2.5
|
11
|
-
- 2.6
|
10
|
+
- 2.6.1
|
12
11
|
- ruby-head
|
13
12
|
|
14
13
|
before_install:
|
@@ -21,6 +20,7 @@ gemfile:
|
|
21
20
|
- gemfiles/rails_5_0.gemfile
|
22
21
|
- gemfiles/rails_5_1.gemfile
|
23
22
|
- gemfiles/rails_5_2.gemfile
|
23
|
+
- gemfiles/rails_6_0.gemfile
|
24
24
|
- gemfiles/rails_master.gemfile
|
25
25
|
|
26
26
|
matrix:
|
@@ -37,6 +37,14 @@ matrix:
|
|
37
37
|
rvm: 2.1
|
38
38
|
- gemfile: gemfiles/rails_5_2.gemfile
|
39
39
|
rvm: 2.1
|
40
|
+
- gemfile: gemfiles/rails_6_0.gemfile
|
41
|
+
rvm: 2.1
|
42
|
+
- gemfile: gemfiles/rails_6_0.gemfile
|
43
|
+
rvm: 2.2
|
44
|
+
- gemfile: gemfiles/rails_6_0.gemfile
|
45
|
+
rvm: 2.3
|
46
|
+
- gemfile: gemfiles/rails_6_0.gemfile
|
47
|
+
rvm: 2.4
|
40
48
|
- gemfile: gemfiles/rails_master.gemfile
|
41
49
|
rvm: 2.1
|
42
50
|
- gemfile: gemfiles/rails_master.gemfile
|
@@ -47,3 +55,4 @@ matrix:
|
|
47
55
|
rvm: 2.4
|
48
56
|
allow_failures:
|
49
57
|
- gemfile: gemfiles/rails_master.gemfile
|
58
|
+
- rvm: ruby-head
|
data/Appraisals
CHANGED
@@ -1,18 +1,44 @@
|
|
1
1
|
appraise "rails-4-2" do
|
2
2
|
gem "rails", "~> 4.2.0"
|
3
|
+
gem "grape", '~> 0.16', '< 0.19.2'
|
4
|
+
gem "sqlite3", "~> 1.3", "< 1.4", platform: [:ruby, :mswin, :mingw, :x64_mingw]
|
3
5
|
end
|
4
6
|
|
5
7
|
appraise "rails-5-0" do
|
6
8
|
gem "rails", "~> 5.0.0"
|
7
|
-
gem "
|
9
|
+
gem "sqlite3", "~> 1.3", "< 1.4", platform: [:ruby, :mswin, :mingw, :x64_mingw]
|
8
10
|
end
|
9
11
|
|
10
12
|
appraise "rails-5-1" do
|
11
13
|
gem "rails", "~> 5.1.0"
|
12
|
-
gem "
|
14
|
+
gem "sqlite3", "~> 1.3", "< 1.4", platform: [:ruby, :mswin, :mingw, :x64_mingw]
|
15
|
+
end
|
16
|
+
|
17
|
+
appraise "rails-5-2" do
|
18
|
+
gem "rails", "~> 5.2.0"
|
19
|
+
gem "sqlite3", "~> 1.3", "< 1.4", platform: [:ruby, :mswin, :mingw, :x64_mingw]
|
20
|
+
end
|
21
|
+
|
22
|
+
appraise "rails-6-0" do
|
23
|
+
gem "rails", "~> 6.0.0.beta2"
|
24
|
+
gem "sqlite3", "~> 1.4", platform: [:ruby, :mswin, :mingw, :x64_mingw]
|
25
|
+
|
26
|
+
# TODO: Remove when rspec-rails 4.0 released
|
27
|
+
gem "rspec-core", github: "rspec/rspec-core"
|
28
|
+
gem "rspec-expectations", github: "rspec/rspec-expectations"
|
29
|
+
gem "rspec-mocks", github: "rspec/rspec-mocks"
|
30
|
+
gem "rspec-rails", github: "rspec/rspec-rails", branch: "4-0-dev"
|
31
|
+
gem "rspec-support", github: "rspec/rspec-support"
|
13
32
|
end
|
14
33
|
|
15
34
|
appraise "rails-master" do
|
16
35
|
gem "rails", git: 'https://github.com/rails/rails'
|
17
|
-
gem "
|
36
|
+
gem "sqlite3", "~> 1.4", platform: [:ruby, :mswin, :mingw, :x64_mingw]
|
37
|
+
|
38
|
+
# TODO: Remove when rspec-rails 4.0 released
|
39
|
+
gem "rspec-core", github: "rspec/rspec-core"
|
40
|
+
gem "rspec-expectations", github: "rspec/rspec-expectations"
|
41
|
+
gem "rspec-mocks", github: "rspec/rspec-mocks"
|
42
|
+
gem "rspec-rails", github: "rspec/rspec-rails", branch: "4-0-dev"
|
43
|
+
gem "rspec-support", github: "rspec/rspec-support"
|
18
44
|
end
|
data/Gemfile
CHANGED
@@ -1,12 +1,20 @@
|
|
1
1
|
source "https://rubygems.org"
|
2
|
+
git_source(:github) { |repo| "https://github.com/#{repo}.git" }
|
2
3
|
|
3
|
-
|
4
|
+
gemspec
|
5
|
+
|
6
|
+
gem "rails", "~> 6.0.0.beta3"
|
4
7
|
|
5
|
-
|
8
|
+
# TODO: Remove when rspec-rails 4.0 released
|
9
|
+
gem "rspec-core", github: "rspec/rspec-core"
|
10
|
+
gem "rspec-expectations", github: "rspec/rspec-expectations"
|
11
|
+
gem "rspec-mocks", github: "rspec/rspec-mocks"
|
12
|
+
gem "rspec-rails", github: "rspec/rspec-rails", branch: "4-0-dev"
|
13
|
+
gem "rspec-support", github: "rspec/rspec-support"
|
6
14
|
|
7
|
-
gem "bcrypt", "~> 3.1"
|
15
|
+
gem "bcrypt", "~> 3.1", require: false
|
8
16
|
|
9
17
|
gem "activerecord-jdbcsqlite3-adapter", platform: :jruby
|
10
|
-
gem "sqlite3", platform: [:ruby, :mswin, :mingw, :x64_mingw]
|
18
|
+
gem "sqlite3", "~> 1.4", platform: [:ruby, :mswin, :mingw, :x64_mingw]
|
19
|
+
|
11
20
|
gem 'tzinfo-data', platforms: [:mingw, :mswin, :x64_mingw]
|
12
|
-
gemspec
|
data/NEWS.md
CHANGED
@@ -7,15 +7,52 @@ User-visible changes worth mentioning.
|
|
7
7
|
|
8
8
|
## master
|
9
9
|
|
10
|
-
- [#
|
11
|
-
|
10
|
+
- [#1208] Unify hashing implementation into secret storing strategies
|
11
|
+
|
12
|
+
**[IMPORTANT]**: If you have been using the master branch of doorkeeper with bcrypt in your Gemfile.lock,
|
13
|
+
your application secrets have been hashed using BCrypt. To restore this behavior, use the initializer option
|
14
|
+
`use_application_hashing using: 'Doorkeeper::SecretStoring::BCrypt`.
|
15
|
+
|
16
|
+
- [#1216] Add nil check to `expires_at` method.
|
17
|
+
- [#1215] Fix deprecates for Rails 6.
|
18
|
+
- [#1214] Scopes field accepts array.
|
19
|
+
- [#1209] Fix tokens validation for Token Introspection request.
|
20
|
+
- [#1202] Use correct HTTP status codes for error responses.
|
21
|
+
|
22
|
+
**[IMPORTANT]**: this change might break your application if you were relying on the previous
|
23
|
+
401 status codes, this is now a 400 by default, or a 401 for `invalid_client` and `invalid_token` errors.
|
24
|
+
|
25
|
+
- [#1201] Fix custom TTL block `client` parameter to always be an `Doorkeeper::Application` instance.
|
26
|
+
|
27
|
+
**[IMPORTANT]**: those who defined `custom_access_token_expires_in` configuration option need to check
|
28
|
+
their block implementation: if you are using `oauth_client.application` to get `Doorkeeper::Application`
|
29
|
+
instance, then you need to replace it with just `oauth_client`.
|
30
|
+
|
31
|
+
- [#1200] Increase default Doorkeeper access token value complexity (`urlsafe_base64` instead of just `hex`)
|
32
|
+
matching RFC6749/RFC6750.
|
33
|
+
|
34
|
+
**[IMPORTANT]**: this change have possible side-effects in case you have custom database constraints for
|
35
|
+
access token value, application secrets, refresh tokens or you patched Doorkeeper models and introduced
|
36
|
+
token value validations, or you are using database with case-insensitive WHERE clause like MySQL
|
37
|
+
(you can face some collisions). Before this change access token value matched `[a-f0-9]` regex, and now
|
38
|
+
it matches `[a-zA-Z0-9\-_]`. In case you have such restrictions and your don't use custom token generator
|
39
|
+
please change configuration option `default_generator_method ` to `:hex`.
|
40
|
+
|
41
|
+
- [#1195] Allow to customize Token Introspection response (fixes #1194).
|
42
|
+
- [#1189] Option to set `token_reuse_limit`.
|
43
|
+
- [#1191] Try to load bcrypt for hashing of application secrets, but add fallback.
|
44
|
+
|
45
|
+
## 5.1.0.rc1
|
46
|
+
|
47
|
+
- [#1188] Use `params` instead of `request.POST` in tokens controller (fixes #1183).
|
12
48
|
- [#1182] Fix loopback IP redirect URIs to conform with RFC8252, p. 7.3 (fixes #1170).
|
49
|
+
- [#1179] Authorization Code Grant Flow without client id returns invalid_client error.
|
13
50
|
- [#1177] Allow to limit `scopes` for certain `grant_types`
|
14
|
-
- [#1162] Fix `enforce_content_type` for requests without body.
|
15
|
-
- [#1164] Fix error when `root_path` is not defined.
|
16
|
-
- [#1175] Internal refactor: use `scopes_string` inside `scopes`.
|
17
51
|
- [#1176] Fix test factory support for `factory_bot_rails`
|
18
|
-
- [#
|
52
|
+
- [#1175] Internal refactor: use `scopes_string` inside `scopes`.
|
53
|
+
- [#1168] Allow optional hashing of tokens and secrets.
|
54
|
+
- [#1164] Fix error when `root_path` is not defined.
|
55
|
+
- [#1162] Fix `enforce_content_type` for requests without body.
|
19
56
|
|
20
57
|
## 5.0.2
|
21
58
|
|
@@ -24,13 +61,13 @@ User-visible changes worth mentioning.
|
|
24
61
|
|
25
62
|
## 5.0.1
|
26
63
|
|
64
|
+
- [#1154] Refactor `StaleRecordsCleaner` to be ORM agnostic.
|
65
|
+
- [#1152] Fix migration template: change resource owner data type from integer to Rails generic `references`
|
66
|
+
- [#1151] Fix Refresh Token strategy: add proper validation of client credentials both for Public & Private clients.
|
67
|
+
- [#1149] Fix for `URIChecker#valid_for_authorization?` false negative when query is blank, but `?` present.
|
27
68
|
- [#1140] Allow rendering custom errors from exceptions (issue #844). Originally opened as [#944].
|
28
69
|
- [#1138] Revert regression bug (check for token expiration in Authorizations controller so authorization
|
29
70
|
triggers every time)
|
30
|
-
- [#1149] Fix for `URIChecker#valid_for_authorization?` false negative when query is blank, but `?` present.
|
31
|
-
- [#1151] Fix Refresh Token strategy: add proper validation of client credentials both for Public & Private clients.
|
32
|
-
- [#1152] Fix migration template: change resource owner data type from integer to Rails generic `references`
|
33
|
-
- [#1154] Refactor `StaleRecordsCleaner` to be ORM agnostic.
|
34
71
|
|
35
72
|
## 5.0.0
|
36
73
|
|
@@ -38,14 +75,14 @@ User-visible changes worth mentioning.
|
|
38
75
|
|
39
76
|
## 5.0.0.rc2
|
40
77
|
|
41
|
-
- [#
|
42
|
-
|
43
|
-
- [#1108] Simple formating of callback URLs when listing oauth applications
|
78
|
+
- [#1122] Fix AuthorizationsController#new error response to be in JSON format
|
79
|
+
- [#1119] Fix token revocation for OAuth apps using "implicit" grant flow
|
44
80
|
- [#1116] `AccessGrant`s will now be revoked along with `AccessToken`s when
|
45
81
|
hitting the `AuthorizedApplicationController#destroy` route.
|
46
82
|
- [#1114] Make token info endpoint's attributes consistent with token creation
|
47
|
-
- [#
|
48
|
-
- [#
|
83
|
+
- [#1108] Simple formating of callback URLs when listing oauth applications
|
84
|
+
- [#1106] Restrict access to AdminController with 'Forbidden 403' if admin_authenticator is not
|
85
|
+
configured by developers.
|
49
86
|
|
50
87
|
## 5.0.0.rc1
|
51
88
|
|
data/README.md
CHANGED
@@ -22,504 +22,112 @@ Supported features:
|
|
22
22
|
- [Proof Key for Code Exchange](https://tools.ietf.org/html/rfc7636)
|
23
23
|
- [OAuth 2.0 Token Revocation](http://tools.ietf.org/html/rfc7009)
|
24
24
|
- [OAuth 2.0 Token Introspection](https://tools.ietf.org/html/rfc7662)
|
25
|
-
|
26
|
-
See [list of tutorials](https://github.com/doorkeeper-gem/doorkeeper/wiki#how-tos--tutorials) in order to
|
27
|
-
learn how to use the gem or integrate it with other solutions / gems.
|
28
|
-
|
29
|
-
## Documentation valid for `master` branch
|
30
|
-
|
31
|
-
Please check the documentation for the version of doorkeeper you are using in:
|
32
|
-
https://github.com/doorkeeper-gem/doorkeeper/releases
|
33
|
-
|
34
|
-
- See the [Wiki](https://github.com/doorkeeper-gem/doorkeeper/wiki)
|
35
|
-
- See [upgrade guides](https://github.com/doorkeeper-gem/doorkeeper/wiki/Migration-from-old-versions)
|
36
|
-
- For general questions, please post in [Stack Overflow](http://stackoverflow.com/questions/tagged/doorkeeper)
|
37
|
-
- See [SECURITY.md](SECURITY.md) for this project's security disclose
|
38
|
-
policy
|
25
|
+
- [OAuth 2.0 Threat Model and Security Considerations](http://tools.ietf.org/html/rfc6819)
|
39
26
|
|
40
27
|
## Table of Contents
|
41
28
|
|
42
29
|
<!-- START doctoc generated TOC please keep comment here to allow auto update -->
|
43
30
|
<!-- DON'T EDIT THIS SECTION, INSTEAD RE-RUN doctoc TO UPDATE -->
|
44
31
|
|
32
|
+
|
33
|
+
- [Documentation](#documentation)
|
45
34
|
- [Installation](#installation)
|
46
|
-
- [
|
47
|
-
- [
|
48
|
-
|
49
|
-
|
50
|
-
|
51
|
-
|
52
|
-
|
53
|
-
- [Routes](#routes)
|
54
|
-
- [Authenticating](#authenticating)
|
55
|
-
- [Internationalization (I18n)](#internationalization-i18n)
|
56
|
-
- [Customizing errors](#customizing-errors)
|
57
|
-
- [Rake Tasks](#rake-tasks)
|
58
|
-
- [Protecting resources with OAuth (a.k.a your API endpoint)](#protecting-resources-with-oauth-aka-your-api-endpoint)
|
59
|
-
- [Ruby on Rails controllers](#ruby-on-rails-controllers)
|
60
|
-
- [Grape endpoints](#grape-endpoints)
|
61
|
-
- [Route Constraints and other integrations](#route-constraints-and-other-integrations)
|
62
|
-
- [Access Token Scopes](#access-token-scopes)
|
63
|
-
- [Custom Access Token Generator](#custom-access-token-generator)
|
64
|
-
- [Authenticated resource owner](#authenticated-resource-owner)
|
65
|
-
- [Applications list](#applications-list)
|
66
|
-
- [Other customizations](#other-customizations)
|
67
|
-
- [Testing](#testing)
|
68
|
-
- [Upgrading](#upgrading)
|
35
|
+
- [Ruby on Rails](#ruby-on-rails)
|
36
|
+
- [Grape](#grape)
|
37
|
+
- [ORMs](#orms)
|
38
|
+
- [Extensions](#extensions)
|
39
|
+
- [Example Applications](#example-applications)
|
40
|
+
- [Tutorials](#tutorials)
|
41
|
+
- [Sponsors](#sponsors)
|
69
42
|
- [Development](#development)
|
70
43
|
- [Contributing](#contributing)
|
71
|
-
- [
|
72
|
-
|
73
|
-
- [Screencast](#screencast)
|
74
|
-
- [Client applications](#client-applications)
|
75
|
-
- [Contributors](#contributors)
|
76
|
-
- [IETF Standards](#ietf-standards)
|
77
|
-
- [License](#license)
|
44
|
+
- [Contributors](#contributors)
|
45
|
+
- [License](#license)
|
78
46
|
|
79
47
|
<!-- END doctoc generated TOC please keep comment here to allow auto update -->
|
80
48
|
|
81
|
-
##
|
82
|
-
|
83
|
-
Put this in your Gemfile:
|
84
|
-
|
85
|
-
``` ruby
|
86
|
-
gem 'doorkeeper'
|
87
|
-
```
|
88
|
-
|
89
|
-
Run the installation generator with:
|
90
|
-
|
91
|
-
rails generate doorkeeper:install
|
92
|
-
|
93
|
-
This will install the doorkeeper initializer into `config/initializers/doorkeeper.rb`.
|
94
|
-
|
95
|
-
## Configuration
|
96
|
-
|
97
|
-
### ORM
|
98
|
-
|
99
|
-
#### Active Record
|
100
|
-
|
101
|
-
By default doorkeeper is configured to use Active Record, so to start you have
|
102
|
-
to generate the migration tables (supports Rails >= 5 migrations versioning):
|
103
|
-
|
104
|
-
rails generate doorkeeper:migration
|
105
|
-
|
106
|
-
You may want to add foreign keys to your migration. For example, if you plan on
|
107
|
-
using `User` as the resource owner, add the following line to the migration file
|
108
|
-
for each table that includes a `resource_owner_id` column:
|
109
|
-
|
110
|
-
```ruby
|
111
|
-
add_foreign_key :table_name, :users, column: :resource_owner_id
|
112
|
-
```
|
113
|
-
|
114
|
-
If you want to enable [PKCE flow] for mobile apps, you need to generate another
|
115
|
-
migration:
|
116
|
-
|
117
|
-
[PKCE flow]: https://tools.ietf.org/html/rfc7636
|
118
|
-
|
119
|
-
```sh
|
120
|
-
rails generate doorkeeper:pkce
|
121
|
-
```
|
122
|
-
|
123
|
-
Then run migrations:
|
124
|
-
|
125
|
-
```sh
|
126
|
-
rake db:migrate
|
127
|
-
```
|
128
|
-
|
129
|
-
Ensure to use non-confidential apps for pkce. PKCE is created, because
|
130
|
-
you cannot trust its apps' secret. So whatever app needs pkce: it means, it cannot
|
131
|
-
be a confidential app by design.
|
132
|
-
|
133
|
-
|
134
|
-
Remember to add associations to your model so the related records are deleted.
|
135
|
-
If you don't do this an `ActiveRecord::InvalidForeignKey`-error will be raised
|
136
|
-
when you try to destroy a model with related access grants or access tokens.
|
137
|
-
|
138
|
-
```ruby
|
139
|
-
class User < ApplicationRecord
|
140
|
-
has_many :access_grants, class_name: "Doorkeeper::AccessGrant",
|
141
|
-
foreign_key: :resource_owner_id,
|
142
|
-
dependent: :delete_all # or :destroy if you need callbacks
|
143
|
-
|
144
|
-
has_many :access_tokens, class_name: "Doorkeeper::AccessToken",
|
145
|
-
foreign_key: :resource_owner_id,
|
146
|
-
dependent: :delete_all # or :destroy if you need callbacks
|
147
|
-
end
|
148
|
-
```
|
149
|
-
|
150
|
-
#### MongoDB
|
151
|
-
|
152
|
-
See [doorkeeper-mongodb project] for Mongoid and MongoMapper support. Follow along
|
153
|
-
the implementation in that repository to extend doorkeeper with other ORMs.
|
154
|
-
|
155
|
-
[doorkeeper-mongodb project]: https://github.com/doorkeeper-gem/doorkeeper-mongodb
|
156
|
-
|
157
|
-
#### Sequel
|
158
|
-
|
159
|
-
If you are using [Sequel gem] then you can add [doorkeeper-sequel extension] to your project.
|
160
|
-
Follow configuration instructions for setting up the necessary Doorkeeper ORM.
|
161
|
-
|
162
|
-
[Sequel gem]: https://github.com/jeremyevans/sequel/
|
163
|
-
[doorkeeper-sequel extension]: https://github.com/nbulaj/doorkeeper-sequel
|
164
|
-
|
165
|
-
#### Couchbase
|
166
|
-
|
167
|
-
Use [doorkeeper-couchbase] extension if you are using Couchbase database.
|
168
|
-
|
169
|
-
[doorkeeper-couchbase]: https://github.com/acaprojects/doorkeeper-couchbase
|
170
|
-
|
171
|
-
### API mode
|
172
|
-
|
173
|
-
By default Doorkeeper uses full Rails stack to provide all the OAuth 2 functionality
|
174
|
-
with additional features like administration area for managing applications. By the
|
175
|
-
way, starting from Doorkeeper 5 you can use API mode for your [API only Rails 5 applications](http://edgeguides.rubyonrails.org/api_app.html).
|
176
|
-
All you need is just to configure the gem to work in desired mode:
|
177
|
-
|
178
|
-
``` ruby
|
179
|
-
Doorkeeper.configure do
|
180
|
-
# ...
|
181
|
-
|
182
|
-
api_only
|
183
|
-
end
|
184
|
-
```
|
185
|
-
|
186
|
-
Keep in mind, that in this mode you will not be able to access `Applications` or
|
187
|
-
`Authorized Applications` controllers because they will be skipped. CSRF protections (which are otherwise enabled) will be skipped, and all the redirects will be returned as JSON response with corresponding locations.
|
188
|
-
|
189
|
-
### Routes
|
190
|
-
|
191
|
-
The installation script will also automatically add the Doorkeeper routes into
|
192
|
-
your app, like this:
|
193
|
-
|
194
|
-
``` ruby
|
195
|
-
Rails.application.routes.draw do
|
196
|
-
use_doorkeeper
|
197
|
-
# your routes
|
198
|
-
end
|
199
|
-
```
|
200
|
-
|
201
|
-
This will mount following routes:
|
202
|
-
|
203
|
-
GET /oauth/authorize/native?code
|
204
|
-
GET /oauth/authorize
|
205
|
-
POST /oauth/authorize
|
206
|
-
DELETE /oauth/authorize
|
207
|
-
POST /oauth/token
|
208
|
-
POST /oauth/revoke
|
209
|
-
POST /oauth/introspect
|
210
|
-
resources /oauth/applications
|
211
|
-
GET /oauth/authorized_applications
|
212
|
-
DELETE /oauth/authorized_applications/:id
|
213
|
-
GET /oauth/token/info
|
214
|
-
|
215
|
-
For more information on how to customize routes, check out [this page on the
|
216
|
-
wiki](https://github.com/doorkeeper-gem/doorkeeper/wiki/Customizing-routes).
|
217
|
-
|
218
|
-
### Authenticating
|
219
|
-
|
220
|
-
You need to configure Doorkeeper in order to provide `resource_owner` model
|
221
|
-
and authentication block in `config/initializers/doorkeeper.rb`:
|
222
|
-
|
223
|
-
``` ruby
|
224
|
-
Doorkeeper.configure do
|
225
|
-
resource_owner_authenticator do
|
226
|
-
User.find_by(id: session[:current_user_id]) || redirect_to(login_url)
|
227
|
-
end
|
228
|
-
end
|
229
|
-
```
|
230
|
-
|
231
|
-
This code is run in the context of your application so you have access to your
|
232
|
-
models, session or routes helpers. However, since this code is not run in the
|
233
|
-
context of your application's `ApplicationController` it doesn't have access to
|
234
|
-
the methods defined over there.
|
235
|
-
|
236
|
-
You may want to check other ways of authentication
|
237
|
-
[here](https://github.com/doorkeeper-gem/doorkeeper/wiki/Authenticating-using-Clearance-or-DIY).
|
238
|
-
|
239
|
-
### Internationalization (I18n)
|
240
|
-
|
241
|
-
Doorkeeper support multiple languages. See language files in
|
242
|
-
[the I18n repository](https://github.com/doorkeeper-gem/doorkeeper-i18n).
|
243
|
-
|
244
|
-
### Customizing errors
|
245
|
-
|
246
|
-
If you don't want to use default Doorkeeper error responses you can raise and rescue it's
|
247
|
-
exceptions. All you need is to set configuration option `handle_auth_errors` to `:raise`.
|
248
|
-
In this case Doorkeeper will raise `Doorkeeper::Errors::TokenForbidden`,
|
249
|
-
`Doorkeeper::Errors::TokenExpired`, `Doorkeeper::Errors::TokenRevoked` or other exceptions
|
250
|
-
that you need to care about.
|
251
|
-
|
252
|
-
### Rake Tasks
|
253
|
-
|
254
|
-
If you are using `rake`, you can load rake tasks provided by this gem, by adding
|
255
|
-
the following line to your `Rakefile`:
|
256
|
-
|
257
|
-
```ruby
|
258
|
-
Doorkeeper::Rake.load_tasks
|
259
|
-
```
|
260
|
-
|
261
|
-
#### Cleaning up
|
262
|
-
|
263
|
-
By default Doorkeeper is retaining expired and revoked access tokens and grants.
|
264
|
-
This allows to keep an audit log of those records, but it also leads to the
|
265
|
-
corresponding tables to grow large over the lifetime of your application.
|
266
|
-
|
267
|
-
If you are concerned about those tables growing too large,
|
268
|
-
you can regularly run the following rake task to remove stale entries
|
269
|
-
from the database:
|
270
|
-
|
271
|
-
```rake
|
272
|
-
rake doorkeeper:db:cleanup
|
273
|
-
```
|
274
|
-
|
275
|
-
Note that this will remove tokens that are expired according to the configured TTL
|
276
|
-
in `Doorkeeper.configuration.access_token_expires_in`. The specific `expires_in`
|
277
|
-
value of each access token **is not considered**. The same is true for access
|
278
|
-
grants.
|
49
|
+
## Documentation
|
279
50
|
|
280
|
-
|
51
|
+
This documentation is valid for `master` branch. Please check the documentation for the version of doorkeeper you are using in:
|
52
|
+
https://github.com/doorkeeper-gem/doorkeeper/releases.
|
281
53
|
|
282
|
-
|
54
|
+
Additionally, other resources can be found on:
|
283
55
|
|
284
|
-
|
285
|
-
|
286
|
-
|
287
|
-
|
288
|
-
|
289
|
-
|
290
|
-
|
291
|
-
|
292
|
-
|
293
|
-
|
294
|
-
# your actions
|
295
|
-
end
|
296
|
-
```
|
297
|
-
|
298
|
-
You can pass any option `before_action` accepts, such as `if`, `only`,
|
299
|
-
`except`, and others.
|
300
|
-
|
301
|
-
### Grape endpoints
|
302
|
-
|
303
|
-
Starting from version 2.2 Doorkeeper provides helpers for the
|
304
|
-
[Grape framework] >= 0.10. One of them is `doorkeeper_authorize!` that
|
305
|
-
can be used in a similar way as an example above to protect your API
|
306
|
-
with OAuth. Note that you have to use `require 'doorkeeper/grape/helpers'`
|
307
|
-
and `helpers Doorkeeper::Grape::Helpers` in your Grape API class.
|
308
|
-
|
309
|
-
For more information about integration with Grape see the [Wiki].
|
310
|
-
|
311
|
-
[Grape framework]: https://github.com/ruby-grape/grape
|
312
|
-
[Wiki]: https://github.com/doorkeeper-gem/doorkeeper/wiki/Grape-Integration
|
313
|
-
|
314
|
-
``` ruby
|
315
|
-
require 'doorkeeper/grape/helpers'
|
316
|
-
|
317
|
-
module API
|
318
|
-
module V1
|
319
|
-
class Users < Grape::API
|
320
|
-
helpers Doorkeeper::Grape::Helpers
|
321
|
-
|
322
|
-
before do
|
323
|
-
doorkeeper_authorize!
|
324
|
-
end
|
325
|
-
|
326
|
-
# route_setting :scopes, ['user:email'] - for old versions of Grape
|
327
|
-
get :emails, scopes: [:user, :write] do
|
328
|
-
[{'email' => current_user.email}]
|
329
|
-
end
|
330
|
-
|
331
|
-
# ...
|
332
|
-
end
|
333
|
-
end
|
334
|
-
end
|
335
|
-
```
|
336
|
-
|
337
|
-
### Route Constraints and other integrations
|
338
|
-
|
339
|
-
You can leverage the `Doorkeeper.authenticate` facade to easily extract a
|
340
|
-
`Doorkeeper::OAuth::Token` based on the current request. You can then ensure
|
341
|
-
that token is still good, find its associated `#resource_owner_id`, etc.
|
342
|
-
|
343
|
-
```ruby
|
344
|
-
module Constraint
|
345
|
-
class Authenticated
|
346
|
-
|
347
|
-
def matches?(request)
|
348
|
-
token = Doorkeeper.authenticate(request)
|
349
|
-
token && token.accessible?
|
350
|
-
end
|
351
|
-
end
|
352
|
-
end
|
353
|
-
```
|
354
|
-
|
355
|
-
For more information about integration and other integrations, check out [the
|
356
|
-
related wiki
|
357
|
-
page](https://github.com/doorkeeper-gem/doorkeeper/wiki/ActionController::Metal-with-doorkeeper).
|
358
|
-
|
359
|
-
### Access Token Scopes
|
360
|
-
|
361
|
-
You can also require the access token to have specific scopes in certain
|
362
|
-
actions:
|
363
|
-
|
364
|
-
First configure the scopes in `initializers/doorkeeper.rb`
|
365
|
-
|
366
|
-
```ruby
|
367
|
-
Doorkeeper.configure do
|
368
|
-
default_scopes :public # if no scope was requested, this will be the default
|
369
|
-
optional_scopes :admin, :write
|
370
|
-
end
|
371
|
-
```
|
372
|
-
|
373
|
-
And in your controllers:
|
374
|
-
|
375
|
-
```ruby
|
376
|
-
class Api::V1::ProductsController < Api::V1::ApiController
|
377
|
-
before_action -> { doorkeeper_authorize! :public }, only: :index
|
378
|
-
before_action only: [:create, :update, :destroy] do
|
379
|
-
doorkeeper_authorize! :admin, :write
|
380
|
-
end
|
381
|
-
end
|
382
|
-
```
|
383
|
-
|
384
|
-
Please note that there is a logical OR between multiple required scopes. In the
|
385
|
-
above example, `doorkeeper_authorize! :admin, :write` means that the access
|
386
|
-
token is required to have either `:admin` scope or `:write` scope, but does not
|
387
|
-
need to have both of them.
|
388
|
-
|
389
|
-
If you want to require the access token to have multiple scopes at the same
|
390
|
-
time, use multiple `doorkeeper_authorize!`, for example:
|
391
|
-
|
392
|
-
```ruby
|
393
|
-
class Api::V1::ProductsController < Api::V1::ApiController
|
394
|
-
before_action -> { doorkeeper_authorize! :public }, only: :index
|
395
|
-
before_action only: [:create, :update, :destroy] do
|
396
|
-
doorkeeper_authorize! :admin
|
397
|
-
doorkeeper_authorize! :write
|
398
|
-
end
|
399
|
-
end
|
400
|
-
```
|
401
|
-
|
402
|
-
In the above example, a client can call `:create` action only if its access token
|
403
|
-
has both `:admin` and `:write` scopes.
|
404
|
-
|
405
|
-
### Custom Access Token Generator
|
406
|
-
|
407
|
-
By default a 128 bit access token will be generated. If you require a custom
|
408
|
-
token, such as [JWT](http://jwt.io), specify an object that responds to
|
409
|
-
`.generate(options = {})` and returns a string to be used as the token.
|
410
|
-
|
411
|
-
```ruby
|
412
|
-
Doorkeeper.configure do
|
413
|
-
access_token_generator "Doorkeeper::JWT"
|
414
|
-
end
|
415
|
-
```
|
416
|
-
|
417
|
-
JWT token support is available with
|
418
|
-
[Doorkeeper-JWT](https://github.com/chriswarren/doorkeeper-jwt).
|
56
|
+
- [Guides](https://doorkeeper.gitbook.io/guides/) with how-to get started and configuration documentation
|
57
|
+
- See the [Wiki](https://github.com/doorkeeper-gem/doorkeeper/wiki) with articles and other documentation
|
58
|
+
- Screencast from [railscasts.com](http://railscasts.com/): [#353
|
59
|
+
OAuth with
|
60
|
+
Doorkeeper](http://railscasts.com/episodes/353-oauth-with-doorkeeper)
|
61
|
+
- See [upgrade guides](https://github.com/doorkeeper-gem/doorkeeper/wiki/Migration-from-old-versions)
|
62
|
+
- For general questions, please post on [Stack Overflow](http://stackoverflow.com/questions/tagged/doorkeeper)
|
63
|
+
- See [SECURITY.md](SECURITY.md) for this project's security disclose
|
64
|
+
policy
|
419
65
|
|
420
|
-
|
66
|
+
## Installation
|
421
67
|
|
422
|
-
|
423
|
-
inherits from `ActionController::Base`. You may want to use your own
|
424
|
-
controller to inherit from, to keep Doorkeeper controllers in the same
|
425
|
-
context than the rest your app:
|
68
|
+
Installation depends on the framework you're using. The first step is to add the following to your Gemfile:
|
426
69
|
|
427
70
|
```ruby
|
428
|
-
|
429
|
-
base_controller 'ApplicationController'
|
430
|
-
end
|
71
|
+
gem 'doorkeeper'
|
431
72
|
```
|
432
73
|
|
433
|
-
|
434
|
-
|
435
|
-
If you want to return data based on the current resource owner, in other
|
436
|
-
words, the access token owner, you may want to define a method in your
|
437
|
-
controller that returns the resource owner instance:
|
74
|
+
And run `bundle install`. After this, check out the guide related to the framework you're using.
|
438
75
|
|
439
|
-
|
440
|
-
class Api::V1::CredentialsController < Api::V1::ApiController
|
441
|
-
before_action :doorkeeper_authorize!
|
442
|
-
respond_to :json
|
76
|
+
### Ruby on Rails
|
443
77
|
|
444
|
-
|
445
|
-
def me
|
446
|
-
respond_with current_resource_owner
|
447
|
-
end
|
78
|
+
Doorkeeper currently supports Ruby on Rails 5. See the guide [here](https://doorkeeper.gitbook.io/guides/ruby-on-rails/getting-started).
|
448
79
|
|
449
|
-
|
80
|
+
### Grape
|
450
81
|
|
451
|
-
|
452
|
-
def current_resource_owner
|
453
|
-
User.find(doorkeeper_token.resource_owner_id) if doorkeeper_token
|
454
|
-
end
|
455
|
-
end
|
456
|
-
```
|
82
|
+
Guide for integration with Grape framework can be found [here](https://doorkeeper.gitbook.io/guides/grape/grape).
|
457
83
|
|
458
|
-
|
459
|
-
token owner.
|
84
|
+
## ORMs
|
460
85
|
|
461
|
-
|
86
|
+
Doorkeeper supports Active Record by default, but can be configured to work with the following ORMs:
|
462
87
|
|
463
|
-
|
464
|
-
|
465
|
-
by
|
88
|
+
| ORM | Support via |
|
89
|
+
| :--- | :--- |
|
90
|
+
| Active Record | by default |
|
91
|
+
| MongoDB | [doorkeeper-gem/doorkeeper-mongodb](https://github.com/doorkeeper-gem/doorkeeper-mongodb) |
|
92
|
+
| Sequel | [nbulaj/doorkeeper-sequel](https://github.com/nbulaj/doorkeeper-sequel) |
|
93
|
+
| Couchbase | [acaprojects/doorkeeper-couchbase](https://github.com/acaprojects/doorkeeper-couchbase) |
|
466
94
|
|
467
|
-
|
95
|
+
## Extensions
|
468
96
|
|
469
|
-
|
470
|
-
# config/initializers/doorkeeper.rb
|
471
|
-
Doorkeeper.configure do
|
472
|
-
admin_authenticator do |routes|
|
473
|
-
Admin.find_by(id: session[:admin_id]) || redirect_to(routes.new_admin_session_url)
|
474
|
-
end
|
475
|
-
end
|
476
|
-
```
|
97
|
+
Extensions that are not included by default and can be installed separately.
|
477
98
|
|
478
|
-
|
479
|
-
|
480
|
-
|
481
|
-
|
482
|
-
|
99
|
+
| | Link |
|
100
|
+
| :--- | :--- |
|
101
|
+
| OpenID Connect extension | [doorkeeper-gem/doorkeeper-openid\_connect](https://github.com/doorkeeper-gem/doorkeeper-openid_connect) |
|
102
|
+
| JWT Token support | [doorkeeper-gem/doorkeeper-jwt](https://github.com/doorkeeper-gem/doorkeeper-jwt) |
|
103
|
+
| Assertion grant extension | [doorkeeper-gem/doorkeeper-grants\_assertion](https://github.com/doorkeeper-gem/doorkeeper-grants_assertion) |
|
104
|
+
| I18n translations | [doorkeeper-gem/doorkeeper-i18n](https://github.com/doorkeeper-gem/doorkeeper-i18n) |
|
483
105
|
|
484
|
-
|
485
|
-
you can enforce users to create applications only with configured scopes
|
486
|
-
(`default_scopes` and `optional_scopes` from the Doorkeeper initializer):
|
106
|
+
## Example Applications
|
487
107
|
|
488
|
-
|
489
|
-
# config/initializers/doorkeeper.rb
|
490
|
-
Doorkeeper.configure do
|
491
|
-
# ...
|
492
|
-
|
493
|
-
default_scopes :read, :write
|
494
|
-
optional_scopes :create, :update
|
495
|
-
|
496
|
-
enforce_configured_scopes
|
497
|
-
end
|
498
|
-
```
|
108
|
+
These applications show how Doorkeeper works and how to integrate with it. Start with the oAuth2 server and use the clients to connect with the server.
|
499
109
|
|
500
|
-
|
110
|
+
| Application | Link |
|
111
|
+
| :--- | :--- |
|
112
|
+
| oAuth2 Server with Doorkeeper | [doorkeeper-gem/doorkeeper-provider-app](https://github.com/doorkeeper-gem/doorkeeper-provider-app) |
|
113
|
+
| Sinatra Client connected to Provider App | [doorkeeper-gem/doorkeeper-sinatra-client](https://github.com/doorkeeper-gem/doorkeeper-sinatra-client) |
|
114
|
+
| Devise + Omniauth Client | [doorkeeper-gem/doorkeeper-devise-client](https://github.com/doorkeeper-gem/doorkeeper-devise-client) |
|
501
115
|
|
502
|
-
|
503
|
-
|
504
|
-
|
116
|
+
You may want to create a client application to
|
117
|
+
test the integration. Check out these [client
|
118
|
+
examples](https://github.com/doorkeeper-gem/doorkeeper/wiki/Example-Applications)
|
119
|
+
in our wiki or follow this [tutorial
|
120
|
+
here](https://github.com/doorkeeper-gem/doorkeeper/wiki/Testing-your-provider-with-OAuth2-gem).
|
505
121
|
|
506
|
-
##
|
122
|
+
## Tutorials
|
507
123
|
|
508
|
-
|
509
|
-
Doorkeeper 4.3.0 it uses [ActiveSupport lazy loading hooks](http://api.rubyonrails.org/classes/ActiveSupport/LazyLoadHooks.html)
|
510
|
-
to load models. There are [known issue](https://github.com/doorkeeper-gem/doorkeeper/issues/1043)
|
511
|
-
with the `factory_bot_rails` gem (it executes factories building before `ActiveRecord::Base`
|
512
|
-
is initialized using hooks in gem railtie, so you can catch a `uninitialized constant` error).
|
513
|
-
It is recommended to use pure `factory_bot` gem to solve this problem.
|
124
|
+
See [list of tutorials](https://github.com/doorkeeper-gem/doorkeeper/wiki#how-tos--tutorials) in order to learn how to use the gem or integrate it with other solutions / gems.
|
514
125
|
|
515
|
-
##
|
126
|
+
## Sponsors
|
516
127
|
|
517
|
-
|
518
|
-
notes](https://github.com/doorkeeper-gem/doorkeeper/wiki/Migration-from-old-versions)
|
519
|
-
and take a look at the
|
520
|
-
[changelog](https://github.com/doorkeeper-gem/doorkeeper/blob/master/NEWS.md).
|
128
|
+
<a href="https://oauth.io/?utm_source=doorkeeper-gem" target="_blank"><img src="https://oauth.io/img/logo_text.png"/></a>
|
521
129
|
|
522
|
-
|
130
|
+
> If you prefer not to deal with the gory details of OAuth 2, need dedicated customer support & consulting, try the cloud-based SaaS version: [https://oauth.io](https://oauth.io/?utm_source=doorkeeper-gem)
|
523
131
|
|
524
132
|
## Development
|
525
133
|
|
@@ -548,38 +156,11 @@ integrate the gem with your app and let us know!
|
|
548
156
|
Also, check out our [contributing guidelines
|
549
157
|
page](https://github.com/doorkeeper-gem/doorkeeper/wiki/Contributing).
|
550
158
|
|
551
|
-
##
|
552
|
-
|
553
|
-
### Wiki
|
554
|
-
|
555
|
-
You can find everything about Doorkeeper in our [wiki
|
556
|
-
here](https://github.com/doorkeeper-gem/doorkeeper/wiki).
|
557
|
-
|
558
|
-
### Screencast
|
559
|
-
|
560
|
-
Check out this screencast from [railscasts.com](http://railscasts.com/): [#353
|
561
|
-
OAuth with
|
562
|
-
Doorkeeper](http://railscasts.com/episodes/353-oauth-with-doorkeeper)
|
563
|
-
|
564
|
-
### Client applications
|
565
|
-
|
566
|
-
After you set up the provider, you may want to create a client application to
|
567
|
-
test the integration. Check out these [client
|
568
|
-
examples](https://github.com/doorkeeper-gem/doorkeeper/wiki/Example-Applications)
|
569
|
-
in our wiki or follow this [tutorial
|
570
|
-
here](https://github.com/doorkeeper-gem/doorkeeper/wiki/Testing-your-provider-with-OAuth2-gem).
|
571
|
-
|
572
|
-
### Contributors
|
159
|
+
## Contributors
|
573
160
|
|
574
161
|
Thanks to all our [awesome
|
575
162
|
contributors](https://github.com/doorkeeper-gem/doorkeeper/graphs/contributors)!
|
576
163
|
|
577
|
-
|
578
|
-
|
579
|
-
* [The OAuth 2.0 Authorization Framework](http://tools.ietf.org/html/rfc6749)
|
580
|
-
* [OAuth 2.0 Threat Model and Security Considerations](http://tools.ietf.org/html/rfc6819)
|
581
|
-
* [OAuth 2.0 Token Revocation](http://tools.ietf.org/html/rfc7009)
|
582
|
-
|
583
|
-
### License
|
164
|
+
## License
|
584
165
|
|
585
166
|
MIT License. Copyright 2011 Applicake.
|