grape_oauth2 0.1.1 → 0.2.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (93) hide show
  1. checksums.yaml +4 -4
  2. data/.gitignore +11 -11
  3. data/Gemfile +23 -23
  4. data/Rakefile +11 -11
  5. data/grape_oauth2.gemspec +26 -27
  6. data/lib/grape_oauth2.rb +129 -129
  7. data/lib/grape_oauth2/configuration.rb +143 -143
  8. data/lib/grape_oauth2/configuration/class_accessors.rb +36 -36
  9. data/lib/grape_oauth2/configuration/validation.rb +71 -71
  10. data/lib/grape_oauth2/endpoints/authorize.rb +34 -34
  11. data/lib/grape_oauth2/endpoints/token.rb +72 -72
  12. data/lib/grape_oauth2/gem_version.rb +24 -24
  13. data/lib/grape_oauth2/generators/authorization.rb +44 -44
  14. data/lib/grape_oauth2/generators/base.rb +26 -26
  15. data/lib/grape_oauth2/generators/token.rb +62 -62
  16. data/lib/grape_oauth2/helpers/access_token_helpers.rb +52 -54
  17. data/lib/grape_oauth2/helpers/oauth_params.rb +41 -41
  18. data/lib/grape_oauth2/mixins/active_record/access_grant.rb +47 -47
  19. data/lib/grape_oauth2/mixins/active_record/access_token.rb +75 -75
  20. data/lib/grape_oauth2/mixins/active_record/client.rb +36 -35
  21. data/lib/grape_oauth2/mixins/mongoid/access_grant.rb +58 -58
  22. data/lib/grape_oauth2/mixins/mongoid/access_token.rb +88 -88
  23. data/lib/grape_oauth2/mixins/mongoid/client.rb +44 -41
  24. data/lib/grape_oauth2/mixins/sequel/access_grant.rb +68 -68
  25. data/lib/grape_oauth2/mixins/sequel/access_token.rb +86 -86
  26. data/lib/grape_oauth2/mixins/sequel/client.rb +54 -46
  27. data/lib/grape_oauth2/responses/authorization.rb +11 -10
  28. data/lib/grape_oauth2/responses/base.rb +56 -56
  29. data/lib/grape_oauth2/responses/token.rb +10 -10
  30. data/lib/grape_oauth2/scopes.rb +74 -74
  31. data/lib/grape_oauth2/strategies/authorization_code.rb +38 -38
  32. data/lib/grape_oauth2/strategies/base.rb +47 -47
  33. data/lib/grape_oauth2/strategies/client_credentials.rb +20 -20
  34. data/lib/grape_oauth2/strategies/password.rb +22 -22
  35. data/lib/grape_oauth2/strategies/refresh_token.rb +47 -47
  36. data/lib/grape_oauth2/unique_token.rb +20 -20
  37. data/lib/grape_oauth2/version.rb +14 -14
  38. data/spec/configuration/config_spec.rb +231 -231
  39. data/spec/configuration/version_spec.rb +12 -12
  40. data/spec/dummy/endpoints/custom_authorization.rb +25 -25
  41. data/spec/dummy/endpoints/custom_token.rb +35 -35
  42. data/spec/dummy/endpoints/status.rb +25 -25
  43. data/spec/dummy/grape_oauth2_config.rb +11 -11
  44. data/spec/dummy/orm/active_record/app/config/db.rb +7 -7
  45. data/spec/dummy/orm/active_record/app/models/access_code.rb +3 -3
  46. data/spec/dummy/orm/active_record/app/models/access_token.rb +3 -3
  47. data/spec/dummy/orm/active_record/app/models/application.rb +3 -3
  48. data/spec/dummy/orm/active_record/app/models/application_record.rb +3 -3
  49. data/spec/dummy/orm/active_record/app/models/user.rb +10 -10
  50. data/spec/dummy/orm/active_record/app/twitter.rb +36 -36
  51. data/spec/dummy/orm/active_record/config.ru +7 -7
  52. data/spec/dummy/orm/active_record/db/schema.rb +53 -53
  53. data/spec/dummy/orm/mongoid/app/config/db.rb +6 -6
  54. data/spec/dummy/orm/mongoid/app/config/mongoid.yml +21 -21
  55. data/spec/dummy/orm/mongoid/app/models/access_code.rb +3 -3
  56. data/spec/dummy/orm/mongoid/app/models/access_token.rb +3 -3
  57. data/spec/dummy/orm/mongoid/app/models/application.rb +3 -3
  58. data/spec/dummy/orm/mongoid/app/models/user.rb +11 -11
  59. data/spec/dummy/orm/mongoid/app/twitter.rb +34 -34
  60. data/spec/dummy/orm/mongoid/config.ru +5 -5
  61. data/spec/dummy/orm/sequel/app/config/db.rb +1 -1
  62. data/spec/dummy/orm/sequel/app/models/access_code.rb +4 -4
  63. data/spec/dummy/orm/sequel/app/models/access_token.rb +4 -4
  64. data/spec/dummy/orm/sequel/app/models/application.rb +4 -4
  65. data/spec/dummy/orm/sequel/app/models/application_record.rb +2 -2
  66. data/spec/dummy/orm/sequel/app/models/user.rb +11 -11
  67. data/spec/dummy/orm/sequel/app/twitter.rb +47 -47
  68. data/spec/dummy/orm/sequel/config.ru +5 -5
  69. data/spec/dummy/orm/sequel/db/schema.rb +50 -50
  70. data/spec/lib/scopes_spec.rb +50 -50
  71. data/spec/mixins/active_record/access_token_spec.rb +185 -185
  72. data/spec/mixins/active_record/client_spec.rb +104 -95
  73. data/spec/mixins/mongoid/access_token_spec.rb +185 -185
  74. data/spec/mixins/mongoid/client_spec.rb +104 -95
  75. data/spec/mixins/sequel/access_token_spec.rb +185 -185
  76. data/spec/mixins/sequel/client_spec.rb +105 -96
  77. data/spec/requests/flows/authorization_code_spec.rb +67 -67
  78. data/spec/requests/flows/client_credentials_spec.rb +101 -101
  79. data/spec/requests/flows/password_spec.rb +210 -210
  80. data/spec/requests/flows/refresh_token_spec.rb +222 -222
  81. data/spec/requests/flows/revoke_token_spec.rb +103 -103
  82. data/spec/requests/protected_resources_spec.rb +64 -64
  83. data/spec/spec_helper.rb +60 -60
  84. data/spec/support/api_helper.rb +11 -11
  85. metadata +50 -52
  86. data/.rspec +0 -2
  87. data/.rubocop.yml +0 -18
  88. data/.travis.yml +0 -42
  89. data/README.md +0 -820
  90. data/gemfiles/active_record.rb +0 -25
  91. data/gemfiles/mongoid.rb +0 -14
  92. data/gemfiles/sequel.rb +0 -24
  93. data/grape_oauth2.png +0 -0
@@ -1,36 +1,36 @@
1
- module Grape
2
- module OAuth2
3
- # Grape::OAuth2 accessors for configured classes.
4
- module ClassAccessors
5
- # Returns Access Token class by configured name
6
- def access_token_class
7
- @_access_token_class ||= access_token_class_name.constantize
8
- end
9
-
10
- # Returns Resource Owner class by configured name
11
- def resource_owner_class
12
- @_resource_owner_class ||= resource_owner_class_name.constantize
13
- end
14
-
15
- # Returns Client class by configured name
16
- def client_class
17
- @_client_class ||= client_class_name.constantize
18
- end
19
-
20
- # Returns Access Grant class by configured name
21
- def access_grant_class
22
- @_access_grant_class ||= access_grant_class_name.constantize
23
- end
24
-
25
- # Returns Scopes Validator class by configured name
26
- def scopes_validator
27
- scopes_validator_class_name.constantize
28
- end
29
-
30
- # Returns Token Generator class by configured name
31
- def token_generator
32
- token_generator_class_name.constantize
33
- end
34
- end
35
- end
36
- end
1
+ module Grape
2
+ module OAuth2
3
+ # Grape::OAuth2 accessors for configured classes.
4
+ module ClassAccessors
5
+ # Returns Access Token class by configured name
6
+ def access_token_class
7
+ @_access_token_class ||= access_token_class_name.constantize
8
+ end
9
+
10
+ # Returns Resource Owner class by configured name
11
+ def resource_owner_class
12
+ @_resource_owner_class ||= resource_owner_class_name.constantize
13
+ end
14
+
15
+ # Returns Client class by configured name
16
+ def client_class
17
+ @_client_class ||= client_class_name.constantize
18
+ end
19
+
20
+ # Returns Access Grant class by configured name
21
+ def access_grant_class
22
+ @_access_grant_class ||= access_grant_class_name.constantize
23
+ end
24
+
25
+ # Returns Scopes Validator class by configured name
26
+ def scopes_validator
27
+ scopes_validator_class_name.constantize
28
+ end
29
+
30
+ # Returns Token Generator class by configured name
31
+ def token_generator
32
+ token_generator_class_name.constantize
33
+ end
34
+ end
35
+ end
36
+ end
@@ -1,71 +1,71 @@
1
- module Grape
2
- module OAuth2
3
- class Configuration
4
- # Validates Grape::OAuth2 configuration.
5
- module Validation
6
- # Checks configuration to be set correctly
7
- # (required classes must be defined and implement specific set of API).
8
- def check!
9
- check_required_classes!
10
- check_required_classes_api!
11
- end
12
-
13
- private
14
-
15
- # API mapping.
16
- # Classes, that represents OAuth2 roles, must have described methods.
17
- REQUIRED_CLASSES_API = {
18
- access_token_class: {
19
- class_methods: %i(authenticate create_for),
20
- instance_methods: %i(expired? revoked? revoke! to_bearer_token)
21
- },
22
- client_class: {
23
- class_methods: %i(authenticate)
24
- },
25
- token_generator: {
26
- class_methods: %i(generate)
27
- },
28
- scopes_validator: {
29
- instance_methods: %i(valid_for?)
30
- }
31
- }.freeze
32
-
33
- # Validates that required classes defined.
34
- def check_required_classes!
35
- REQUIRED_CLASSES_API.keys.each do |klass|
36
- begin
37
- object = send(klass)
38
- rescue NoMethodError
39
- raise Error, "'#{klass}' must be defined!" if object.nil? || !defined?(object)
40
- end
41
- end
42
- end
43
-
44
- # Validates that required classes have all the API.
45
- def check_required_classes_api!
46
- REQUIRED_CLASSES_API.each do |klass, api_methods|
47
- check_class_methods(klass, api_methods[:class_methods])
48
- check_instance_methods(klass, api_methods[:instance_methods])
49
- end
50
- end
51
-
52
- # Validates that required classes have required class methods.
53
- def check_class_methods(klass, required_methods)
54
- (required_methods || []).each do |method|
55
- method_exist = send(klass).respond_to?(method)
56
- raise APIMissing, "Class method '#{method}' must be defined for the '#{klass}'!" unless method_exist
57
- end
58
- end
59
-
60
- # Validates that required classes have required instance methods.
61
- def check_instance_methods(klass, required_methods)
62
- (required_methods || []).each do |method|
63
- unless send(klass).method_defined?(method)
64
- raise APIMissing, "Instance method '#{method}' must be defined for the '#{klass}'!"
65
- end
66
- end
67
- end
68
- end
69
- end
70
- end
71
- end
1
+ module Grape
2
+ module OAuth2
3
+ class Configuration
4
+ # Validates Grape::OAuth2 configuration.
5
+ module Validation
6
+ # Checks configuration to be set correctly
7
+ # (required classes must be defined and implement specific set of API).
8
+ def check!
9
+ check_required_classes!
10
+ check_required_classes_api!
11
+ end
12
+
13
+ private
14
+
15
+ # API mapping.
16
+ # Classes, that represents OAuth2 roles, must have described methods.
17
+ REQUIRED_CLASSES_API = {
18
+ access_token_class: {
19
+ class_methods: %i[authenticate create_for],
20
+ instance_methods: %i[expired? revoked? revoke! to_bearer_token]
21
+ },
22
+ client_class: {
23
+ class_methods: %i[authenticate]
24
+ },
25
+ token_generator: {
26
+ class_methods: %i[generate]
27
+ },
28
+ scopes_validator: {
29
+ instance_methods: %i[valid_for?]
30
+ }
31
+ }.freeze
32
+
33
+ # Validates that required classes defined.
34
+ def check_required_classes!
35
+ REQUIRED_CLASSES_API.keys.each do |klass|
36
+ begin
37
+ object = send(klass)
38
+ rescue NoMethodError
39
+ raise Error, "'#{klass}' must be defined!" if object.nil? || !defined?(object)
40
+ end
41
+ end
42
+ end
43
+
44
+ # Validates that required classes have all the API.
45
+ def check_required_classes_api!
46
+ REQUIRED_CLASSES_API.each do |klass, api_methods|
47
+ check_class_methods(klass, api_methods[:class_methods])
48
+ check_instance_methods(klass, api_methods[:instance_methods])
49
+ end
50
+ end
51
+
52
+ # Validates that required classes have required class methods.
53
+ def check_class_methods(klass, required_methods)
54
+ (required_methods || []).each do |method|
55
+ method_exist = send(klass).respond_to?(method)
56
+ raise APIMissing, "Class method '#{method}' must be defined for the '#{klass}'!" unless method_exist
57
+ end
58
+ end
59
+
60
+ # Validates that required classes have required instance methods.
61
+ def check_instance_methods(klass, required_methods)
62
+ (required_methods || []).each do |method|
63
+ unless send(klass).method_defined?(method)
64
+ raise APIMissing, "Instance method '#{method}' must be defined for the '#{klass}'!"
65
+ end
66
+ end
67
+ end
68
+ end
69
+ end
70
+ end
71
+ end
@@ -1,34 +1,34 @@
1
- module Grape
2
- module OAuth2
3
- # Grape::OAuth2 endpoints namespace
4
- module Endpoints
5
- # OAuth2 Grape authorization endpoint.
6
- class Authorize < ::Grape::API
7
- helpers Grape::OAuth2::Helpers::OAuthParams
8
-
9
- namespace :oauth do
10
- desc 'OAuth 2.0 Authorization Endpoint'
11
-
12
- params do
13
- use :oauth_authorization_params
14
- end
15
-
16
- post :authorize do
17
- response = Grape::OAuth2::Generators::Authorization.generate_for(env)
18
-
19
- # Status
20
- status response.status
21
-
22
- # Headers
23
- response.headers.each do |key, value|
24
- header key, value
25
- end
26
-
27
- # Body
28
- body response.body
29
- end
30
- end
31
- end
32
- end
33
- end
34
- end
1
+ module Grape
2
+ module OAuth2
3
+ # Grape::OAuth2 endpoints namespace
4
+ module Endpoints
5
+ # OAuth2 Grape authorization endpoint.
6
+ class Authorize < ::Grape::API
7
+ helpers Grape::OAuth2::Helpers::OAuthParams
8
+
9
+ namespace :oauth do
10
+ desc 'OAuth 2.0 Authorization Endpoint'
11
+
12
+ params do
13
+ use :oauth_authorization_params
14
+ end
15
+
16
+ post :authorize do
17
+ response = Grape::OAuth2::Generators::Authorization.generate_for(env)
18
+
19
+ # Status
20
+ status response.status
21
+
22
+ # Headers
23
+ response.headers.each do |key, value|
24
+ header key, value
25
+ end
26
+
27
+ # Body
28
+ body response.body
29
+ end
30
+ end
31
+ end
32
+ end
33
+ end
34
+ end
@@ -1,72 +1,72 @@
1
- module Grape
2
- module OAuth2
3
- # Grape::OAuth2 endpoints namespace
4
- module Endpoints
5
- # OAuth2 Grape token endpoint.
6
- class Token < ::Grape::API
7
- helpers Grape::OAuth2::Helpers::OAuthParams
8
-
9
- namespace :oauth do
10
- # @see https://tools.ietf.org/html/rfc6749#section-3.2
11
- #
12
- desc 'OAuth 2.0 Token Endpoint'
13
-
14
- params do
15
- use :oauth_token_params
16
- end
17
-
18
- post :token do
19
- token_response = Grape::OAuth2::Generators::Token.generate_for(env)
20
-
21
- # Status
22
- status token_response.status
23
-
24
- # Headers
25
- token_response.headers.each do |key, value|
26
- header key, value
27
- end
28
-
29
- # Body
30
- body token_response.body
31
- end
32
-
33
- desc 'OAuth 2.0 Token Revocation'
34
-
35
- params do
36
- use :oauth_token_revocation_params
37
- end
38
-
39
- post :revoke do
40
- access_token = Grape::OAuth2.config.access_token_class.authenticate(params[:token],
41
- type: params[:token_type_hint])
42
-
43
- if access_token
44
- if access_token.client
45
- request = Rack::OAuth2::Server::Token::Request.new(env)
46
-
47
- # The authorization server, if applicable, first authenticates the client
48
- # and checks its ownership of the provided token.
49
- client = Grape::OAuth2::Strategies::Base.authenticate_client(request)
50
- request.invalid_client! if client.nil?
51
-
52
- access_token.revoke! if client && client == access_token.client
53
- else
54
- # Access token is public
55
- access_token.revoke!
56
- end
57
- end
58
-
59
- # The authorization server responds with HTTP status code 200 if the token
60
- # has been revoked successfully or if the client submitted an invalid
61
- # token.
62
- #
63
- # @see https://tools.ietf.org/html/rfc7009#section-2.2 Revocation Response
64
- #
65
- status 200
66
- {}
67
- end
68
- end
69
- end
70
- end
71
- end
72
- end
1
+ module Grape
2
+ module OAuth2
3
+ # Grape::OAuth2 endpoints namespace
4
+ module Endpoints
5
+ # OAuth2 Grape token endpoint.
6
+ class Token < ::Grape::API
7
+ helpers Grape::OAuth2::Helpers::OAuthParams
8
+
9
+ namespace :oauth do
10
+ # @see https://tools.ietf.org/html/rfc6749#section-3.2
11
+ #
12
+ desc 'OAuth 2.0 Token Endpoint'
13
+
14
+ params do
15
+ use :oauth_token_params
16
+ end
17
+
18
+ post :token do
19
+ token_response = Grape::OAuth2::Generators::Token.generate_for(env)
20
+
21
+ # Status
22
+ status token_response.status
23
+
24
+ # Headers
25
+ token_response.headers.each do |key, value|
26
+ header key, value
27
+ end
28
+
29
+ # Body
30
+ body token_response.body
31
+ end
32
+
33
+ desc 'OAuth 2.0 Token Revocation'
34
+
35
+ params do
36
+ use :oauth_token_revocation_params
37
+ end
38
+
39
+ post :revoke do
40
+ access_token = Grape::OAuth2.config.access_token_class.authenticate(params[:token],
41
+ type: params[:token_type_hint])
42
+
43
+ if access_token
44
+ if access_token.client
45
+ request = Rack::OAuth2::Server::Token::Request.new(env)
46
+
47
+ # The authorization server, if applicable, first authenticates the client
48
+ # and checks its ownership of the provided token.
49
+ client = Grape::OAuth2::Strategies::Base.authenticate_client(request)
50
+ request.invalid_client! if client.nil?
51
+
52
+ access_token.revoke! if client && client == access_token.client
53
+ else
54
+ # Access token is public
55
+ access_token.revoke!
56
+ end
57
+ end
58
+
59
+ # The authorization server responds with HTTP status code 200 if the token
60
+ # has been revoked successfully or if the client submitted an invalid
61
+ # token.
62
+ #
63
+ # @see https://tools.ietf.org/html/rfc7009#section-2.2 Revocation Response
64
+ #
65
+ status 200
66
+ {}
67
+ end
68
+ end
69
+ end
70
+ end
71
+ end
72
+ end
@@ -1,24 +1,24 @@
1
- module Grape
2
- module OAuth2
3
- # Grape::OAuth2 version.
4
- # @return [Gem::Version] version of the gem
5
- #
6
- def self.gem_version
7
- Gem::Version.new VERSION::STRING
8
- end
9
-
10
- # Grape::OAuth2 semantic versioning module.
11
- # Contains detailed info about gem version.
12
- module VERSION
13
- # Major version of the gem
14
- MAJOR = 0
15
- # Minor version of the gem
16
- MINOR = 1
17
- # Tiny version of the gem
18
- TINY = 1
19
-
20
- # Full gem version string
21
- STRING = [MAJOR, MINOR, TINY].compact.join('.')
22
- end
23
- end
24
- end
1
+ module Grape
2
+ module OAuth2
3
+ # Grape::OAuth2 version.
4
+ # @return [Gem::Version] version of the gem
5
+ #
6
+ def self.gem_version
7
+ Gem::Version.new VERSION::STRING
8
+ end
9
+
10
+ # Grape::OAuth2 semantic versioning module.
11
+ # Contains detailed info about gem version.
12
+ module VERSION
13
+ # Major version of the gem
14
+ MAJOR = 0
15
+ # Minor version of the gem
16
+ MINOR = 2
17
+ # Tiny version of the gem
18
+ TINY = 0
19
+
20
+ # Full gem version string
21
+ STRING = [MAJOR, MINOR, TINY].compact.join('.')
22
+ end
23
+ end
24
+ end