RubyGems - grape_oauth2 - Versions diffs - 0.1.1 → 0.2.0 - Mend

grape_oauth2 0.1.1 → 0.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (93) hide show

checksums.yaml +4 -4
data/.gitignore +11 -11
data/Gemfile +23 -23
data/Rakefile +11 -11
data/grape_oauth2.gemspec +26 -27
data/lib/grape_oauth2.rb +129 -129
data/lib/grape_oauth2/configuration.rb +143 -143
data/lib/grape_oauth2/configuration/class_accessors.rb +36 -36
data/lib/grape_oauth2/configuration/validation.rb +71 -71
data/lib/grape_oauth2/endpoints/authorize.rb +34 -34
data/lib/grape_oauth2/endpoints/token.rb +72 -72
data/lib/grape_oauth2/gem_version.rb +24 -24
data/lib/grape_oauth2/generators/authorization.rb +44 -44
data/lib/grape_oauth2/generators/base.rb +26 -26
data/lib/grape_oauth2/generators/token.rb +62 -62
data/lib/grape_oauth2/helpers/access_token_helpers.rb +52 -54
data/lib/grape_oauth2/helpers/oauth_params.rb +41 -41
data/lib/grape_oauth2/mixins/active_record/access_grant.rb +47 -47
data/lib/grape_oauth2/mixins/active_record/access_token.rb +75 -75
data/lib/grape_oauth2/mixins/active_record/client.rb +36 -35
data/lib/grape_oauth2/mixins/mongoid/access_grant.rb +58 -58
data/lib/grape_oauth2/mixins/mongoid/access_token.rb +88 -88
data/lib/grape_oauth2/mixins/mongoid/client.rb +44 -41
data/lib/grape_oauth2/mixins/sequel/access_grant.rb +68 -68
data/lib/grape_oauth2/mixins/sequel/access_token.rb +86 -86
data/lib/grape_oauth2/mixins/sequel/client.rb +54 -46
data/lib/grape_oauth2/responses/authorization.rb +11 -10
data/lib/grape_oauth2/responses/base.rb +56 -56
data/lib/grape_oauth2/responses/token.rb +10 -10
data/lib/grape_oauth2/scopes.rb +74 -74
data/lib/grape_oauth2/strategies/authorization_code.rb +38 -38
data/lib/grape_oauth2/strategies/base.rb +47 -47
data/lib/grape_oauth2/strategies/client_credentials.rb +20 -20
data/lib/grape_oauth2/strategies/password.rb +22 -22
data/lib/grape_oauth2/strategies/refresh_token.rb +47 -47
data/lib/grape_oauth2/unique_token.rb +20 -20
data/lib/grape_oauth2/version.rb +14 -14
data/spec/configuration/config_spec.rb +231 -231
data/spec/configuration/version_spec.rb +12 -12
data/spec/dummy/endpoints/custom_authorization.rb +25 -25
data/spec/dummy/endpoints/custom_token.rb +35 -35
data/spec/dummy/endpoints/status.rb +25 -25
data/spec/dummy/grape_oauth2_config.rb +11 -11
data/spec/dummy/orm/active_record/app/config/db.rb +7 -7
data/spec/dummy/orm/active_record/app/models/access_code.rb +3 -3
data/spec/dummy/orm/active_record/app/models/access_token.rb +3 -3
data/spec/dummy/orm/active_record/app/models/application.rb +3 -3
data/spec/dummy/orm/active_record/app/models/application_record.rb +3 -3
data/spec/dummy/orm/active_record/app/models/user.rb +10 -10
data/spec/dummy/orm/active_record/app/twitter.rb +36 -36
data/spec/dummy/orm/active_record/config.ru +7 -7
data/spec/dummy/orm/active_record/db/schema.rb +53 -53
data/spec/dummy/orm/mongoid/app/config/db.rb +6 -6
data/spec/dummy/orm/mongoid/app/config/mongoid.yml +21 -21
data/spec/dummy/orm/mongoid/app/models/access_code.rb +3 -3
data/spec/dummy/orm/mongoid/app/models/access_token.rb +3 -3
data/spec/dummy/orm/mongoid/app/models/application.rb +3 -3
data/spec/dummy/orm/mongoid/app/models/user.rb +11 -11
data/spec/dummy/orm/mongoid/app/twitter.rb +34 -34
data/spec/dummy/orm/mongoid/config.ru +5 -5
data/spec/dummy/orm/sequel/app/config/db.rb +1 -1
data/spec/dummy/orm/sequel/app/models/access_code.rb +4 -4
data/spec/dummy/orm/sequel/app/models/access_token.rb +4 -4
data/spec/dummy/orm/sequel/app/models/application.rb +4 -4
data/spec/dummy/orm/sequel/app/models/application_record.rb +2 -2
data/spec/dummy/orm/sequel/app/models/user.rb +11 -11
data/spec/dummy/orm/sequel/app/twitter.rb +47 -47
data/spec/dummy/orm/sequel/config.ru +5 -5
data/spec/dummy/orm/sequel/db/schema.rb +50 -50
data/spec/lib/scopes_spec.rb +50 -50
data/spec/mixins/active_record/access_token_spec.rb +185 -185
data/spec/mixins/active_record/client_spec.rb +104 -95
data/spec/mixins/mongoid/access_token_spec.rb +185 -185
data/spec/mixins/mongoid/client_spec.rb +104 -95
data/spec/mixins/sequel/access_token_spec.rb +185 -185
data/spec/mixins/sequel/client_spec.rb +105 -96
data/spec/requests/flows/authorization_code_spec.rb +67 -67
data/spec/requests/flows/client_credentials_spec.rb +101 -101
data/spec/requests/flows/password_spec.rb +210 -210
data/spec/requests/flows/refresh_token_spec.rb +222 -222
data/spec/requests/flows/revoke_token_spec.rb +103 -103
data/spec/requests/protected_resources_spec.rb +64 -64
data/spec/spec_helper.rb +60 -60
data/spec/support/api_helper.rb +11 -11
metadata +50 -52
data/.rspec +0 -2
data/.rubocop.yml +0 -18
data/.travis.yml +0 -42
data/README.md +0 -820
data/gemfiles/active_record.rb +0 -25
data/gemfiles/mongoid.rb +0 -14
data/gemfiles/sequel.rb +0 -24
data/grape_oauth2.png +0 -0

data/lib/grape_oauth2/mixins/active_record/access_grant.rb CHANGED

@@ -1,47 +1,47 @@
-module Grape
-  module OAuth2
-    module ActiveRecord
-      # Grape::OAuth2 Authorization Grant role mixin for ActiveRecord.
-      # Includes all the required API, associations, validations and callbacks.
-      module AccessGrant
-        extend ActiveSupport::Concern
-        included do
-          belongs_to :client, class_name: Grape::OAuth2.config.client_class_name,
-                              foreign_key: :client_id
-          belongs_to :resource_owner, class_name: Grape::OAuth2.config.resource_owner_class_name,
-                                      foreign_key: :resource_owner_id
-          # resource_owner_id - required!
-          validates :client_id, :redirect_uri, presence: true
-          validates :token, presence: true, uniqueness: true
-          before_validation :generate_token, on: :create
-          before_validation :setup_expiration, on: :create
-          class << self
-            def create_for(client, resource_owner, redirect_uri, scopes = nil)
-              create(
-                client_id: client.id,
-                resource_owner_id: resource_owner && resource_owner.id,
-                redirect_uri: redirect_uri,
-                scopes: scopes.to_s
-              )
-            end
-          end
-          protected
-          def generate_token
-            self.token = Grape::OAuth2.config.token_generator.generate(attributes)
-          end
-          def setup_expiration
-            self.expires_at = Time.now.utc + Grape::OAuth2.config.authorization_code_lifetime if expires_at.nil?
-          end
-        end
-      end
-    end
-  end
-end
+module Grape
+  module OAuth2
+    module ActiveRecord
+      # Grape::OAuth2 Authorization Grant role mixin for ActiveRecord.
+      # Includes all the required API, associations, validations and callbacks.
+      module AccessGrant
+        extend ActiveSupport::Concern
+        included do
+          belongs_to :client, class_name: Grape::OAuth2.config.client_class_name,
+                              foreign_key: :client_id
+          belongs_to :resource_owner, class_name: Grape::OAuth2.config.resource_owner_class_name,
+                                      foreign_key: :resource_owner_id
+          # resource_owner_id - required!
+          validates :client_id, :redirect_uri, presence: true
+          validates :token, presence: true, uniqueness: true
+          before_validation :generate_token, on: :create
+          before_validation :setup_expiration, on: :create
+          class << self
+            def create_for(client, resource_owner, redirect_uri, scopes = nil)
+              create(
+                client_id: client.id,
+                resource_owner_id: resource_owner && resource_owner.id,
+                redirect_uri: redirect_uri,
+                scopes: scopes.to_s
+              )
+            end
+          end
+          protected
+          def generate_token
+            self.token = Grape::OAuth2.config.token_generator.generate(attributes)
+          end
+          def setup_expiration
+            self.expires_at = Time.now.utc + Grape::OAuth2.config.authorization_code_lifetime if expires_at.nil?
+          end
+        end
+      end
+    end
+  end
+end

data/lib/grape_oauth2/mixins/active_record/access_token.rb CHANGED

@@ -1,75 +1,75 @@
-module Grape
-  module OAuth2
-    module ActiveRecord
-      # Grape::OAuth2 Access Token role mixin for ActiveRecord.
-      # Includes all the required API, associations, validations and callbacks.
-      module AccessToken
-        extend ActiveSupport::Concern
-        included do
-          belongs_to :client, class_name: Grape::OAuth2.config.client_class_name,
-                              foreign_key: :client_id
-          belongs_to :resource_owner, class_name: Grape::OAuth2.config.resource_owner_class_name,
-                                      foreign_key: :resource_owner_id
-          validates :token, presence: true, uniqueness: true
-          before_validation :setup_expiration, on: :create
-          before_validation :generate_tokens, on: :create
-          class << self
-            def create_for(client, resource_owner, scopes = nil)
-              create(
-                client: client,
-                resource_owner: resource_owner,
-                scopes: scopes.to_s
-              )
-            end
-            def authenticate(token, type: :access_token)
-              if type && type.to_sym == :refresh_token
-                find_by(refresh_token: token.to_s)
-              else
-                find_by(token: token.to_s)
-              end
-            end
-          end
-          def expired?
-            !expires_at.nil? && Time.now.utc > expires_at
-          end
-          def revoked?
-            !revoked_at.nil? && revoked_at <= Time.now.utc
-          end
-          def revoke!(revoked_at = Time.now)
-            update_column :revoked_at, revoked_at.utc
-          end
-          def to_bearer_token
-            {
-              access_token: token,
-              expires_in: expires_at && Grape::OAuth2.config.access_token_lifetime.to_i,
-              refresh_token: refresh_token,
-              scope: scopes
-            }
-          end
-          protected
-          def generate_tokens
-            self.token = Grape::OAuth2.config.token_generator.generate(attributes) if token.blank?
-            self.refresh_token = Grape::OAuth2::UniqueToken.generate if Grape::OAuth2.config.issue_refresh_token
-          end
-          def setup_expiration
-            expires_in = Grape::OAuth2.config.access_token_lifetime
-            self.expires_at = Time.now + expires_in if expires_at.nil? && !expires_in.nil?
-          end
-        end
-      end
-    end
-  end
-end
+module Grape
+  module OAuth2
+    module ActiveRecord
+      # Grape::OAuth2 Access Token role mixin for ActiveRecord.
+      # Includes all the required API, associations, validations and callbacks.
+      module AccessToken
+        extend ActiveSupport::Concern
+        included do
+          belongs_to :client, class_name: Grape::OAuth2.config.client_class_name,
+                              foreign_key: :client_id
+          belongs_to :resource_owner, class_name: Grape::OAuth2.config.resource_owner_class_name,
+                                      foreign_key: :resource_owner_id
+          validates :token, presence: true, uniqueness: true
+          before_validation :setup_expiration, on: :create
+          before_validation :generate_tokens, on: :create
+          class << self
+            def create_for(client, resource_owner, scopes = nil)
+              create(
+                client: client,
+                resource_owner: resource_owner,
+                scopes: scopes.to_s
+              )
+            end
+            def authenticate(token, type: :access_token)
+              if type && type.to_sym == :refresh_token
+                find_by(refresh_token: token.to_s)
+              else
+                find_by(token: token.to_s)
+              end
+            end
+          end
+          def expired?
+            !expires_at.nil? && Time.now.utc > expires_at
+          end
+          def revoked?
+            !revoked_at.nil? && revoked_at <= Time.now.utc
+          end
+          def revoke!(revoked_at = Time.now)
+            update_column :revoked_at, revoked_at.utc
+          end
+          def to_bearer_token
+            {
+              access_token: token,
+              expires_in: expires_at && Grape::OAuth2.config.access_token_lifetime.to_i,
+              refresh_token: refresh_token,
+              scope: scopes
+            }
+          end
+          protected
+          def generate_tokens
+            self.token = Grape::OAuth2.config.token_generator.generate(attributes) if token.blank?
+            self.refresh_token = Grape::OAuth2::UniqueToken.generate if Grape::OAuth2.config.issue_refresh_token
+          end
+          def setup_expiration
+            expires_in = Grape::OAuth2.config.access_token_lifetime
+            self.expires_at = Time.now + expires_in if expires_at.nil? && !expires_in.nil?
+          end
+        end
+      end
+    end
+  end
+end

data/lib/grape_oauth2/mixins/active_record/client.rb CHANGED

@@ -1,35 +1,36 @@
-module Grape
-  module OAuth2
-    module ActiveRecord
-      # Grape::OAuth2 Client role mixin for ActiveRecord.
-      # Includes all the required API, associations, validations and callbacks.
-      module Client
-        extend ActiveSupport::Concern
-        included do
-          has_many :access_tokens, class_name: Grape::OAuth2.config.access_token_class_name, foreign_key: :client_id
-          validates :key, :secret, presence: true
-          validates :key, uniqueness: true
-          before_validation :generate_keys, on: :create
-          def self.authenticate(key, secret = nil)
-            if secret.nil?
-              find_by(key: key)
-            else
-              find_by(key: key, secret: secret)
-            end
-          end
-          protected
-          def generate_keys
-            self.key = Grape::OAuth2::UniqueToken.generate if key.blank?
-            self.secret = Grape::OAuth2::UniqueToken.generate if secret.blank?
-          end
-        end
-      end
-    end
-  end
-end
+module Grape
+  module OAuth2
+    module ActiveRecord
+      # Grape::OAuth2 Client role mixin for ActiveRecord.
+      # Includes all the required API, associations, validations and callbacks.
+      module Client
+        extend ActiveSupport::Concern
+        included do
+          has_many :access_tokens, class_name: Grape::OAuth2.config.access_token_class_name,
+                                   foreign_key: :client_id, dependent: :delete_all
+          validates :key, :secret, presence: true
+          validates :key, uniqueness: true
+          before_validation :generate_keys, on: :create
+          def self.authenticate(key, secret = nil)
+            if secret.nil?
+              find_by(key: key)
+            else
+              find_by(key: key, secret: secret)
+            end
+          end
+          protected
+          def generate_keys
+            self.key = Grape::OAuth2::UniqueToken.generate if key.blank?
+            self.secret = Grape::OAuth2::UniqueToken.generate if secret.blank?
+          end
+        end
+      end
+    end
+  end
+end

data/lib/grape_oauth2/mixins/mongoid/access_grant.rb CHANGED

@@ -1,58 +1,58 @@
-module Grape
-  module OAuth2
-    module Mongoid
-      # Grape::OAuth2 Authorization Grant role mixin for Mongoid ORM.
-      # Includes all the required API, associations, validations and callbacks.
-      module AccessGrant
-        extend ActiveSupport::Concern
-        included do
-          include ::Mongoid::Document
-          include ::Mongoid::Timestamps
-          field :resource_owner_id, type: BSON::ObjectId
-          field :client_id, type: BSON::ObjectId
-          field :token, type: String
-          field :scopes, type: String
-          field :redirect_uri, type: String
-          field :expires_at, type: DateTime
-          belongs_to :client, class_name: Grape::OAuth2.config.client_class_name,
-                              foreign_key: :client_id
-          belongs_to :resource_owner, class_name: Grape::OAuth2.config.resource_owner_class_name,
-                                      foreign_key: :resource_owner_id, optional: true # required!
-          before_validation :generate_token, on: :create
-          before_validation :setup_expiration, on: :create
-          index({ token: 1 }, unique: true)
-          index({ refresh_token: 1 }, unique: true, sparse: true)
-          class << self
-            def create_for(client, resource_owner, redirect_uri, scopes = nil)
-              create(
-                client_id: client.id,
-                resource_owner_id: resource_owner && resource_owner.id,
-                redirect_uri: redirect_uri,
-                scopes: scopes.to_s
-              )
-            end
-          end
-          protected
-          def generate_token
-            self.token = Grape::OAuth2.config.token_generator.generate(attributes)
-          end
-          def setup_expiration
-            self.expires_at = Time.now.utc + Grape::OAuth2.config.authorization_code_lifetime if expires_at.nil?
-          end
-        end
-      end
-    end
-  end
-end
+module Grape
+  module OAuth2
+    module Mongoid
+      # Grape::OAuth2 Authorization Grant role mixin for Mongoid ORM.
+      # Includes all the required API, associations, validations and callbacks.
+      module AccessGrant
+        extend ActiveSupport::Concern
+        included do
+          include ::Mongoid::Document
+          include ::Mongoid::Timestamps
+          field :resource_owner_id, type: BSON::ObjectId
+          field :client_id, type: BSON::ObjectId
+          field :token, type: String
+          field :scopes, type: String
+          field :redirect_uri, type: String
+          field :expires_at, type: DateTime
+          belongs_to :client, class_name: Grape::OAuth2.config.client_class_name,
+                              foreign_key: :client_id
+          belongs_to :resource_owner, class_name: Grape::OAuth2.config.resource_owner_class_name,
+                                      foreign_key: :resource_owner_id, optional: true # required!
+          before_validation :generate_token, on: :create
+          before_validation :setup_expiration, on: :create
+          index({ token: 1 }, unique: true)
+          index({ refresh_token: 1 }, unique: true, sparse: true)
+          class << self
+            def create_for(client, resource_owner, redirect_uri, scopes = nil)
+              create(
+                client_id: client.id,
+                resource_owner_id: resource_owner && resource_owner.id,
+                redirect_uri: redirect_uri,
+                scopes: scopes.to_s
+              )
+            end
+          end
+          protected
+          def generate_token
+            self.token = Grape::OAuth2.config.token_generator.generate(attributes)
+          end
+          def setup_expiration
+            self.expires_at = Time.now.utc + Grape::OAuth2.config.authorization_code_lifetime if expires_at.nil?
+          end
+        end
+      end
+    end
+  end
+end

data/lib/grape_oauth2/mixins/mongoid/access_token.rb CHANGED

@@ -1,88 +1,88 @@
-module Grape
-  module OAuth2
-    module Mongoid
-      # Grape::OAuth2 Access Token role mixin for Mongoid ORM.
-      # Includes all the required API, associations, validations and callbacks.
-      module AccessToken
-        extend ActiveSupport::Concern
-        included do
-          include ::Mongoid::Document
-          include ::Mongoid::Timestamps
-          field :resource_owner_id, type: BSON::ObjectId
-          field :client_id, type: BSON::ObjectId
-          belongs_to :client, class_name: 'Application', foreign_key: :client_id, optional: true
-          belongs_to :resource_owner, class_name: 'User', foreign_key: :resource_owner_id, optional: true
-          field :token, type: String
-          field :refresh_token, type: String
-          field :scopes, type: String
-          field :expires_at, type: DateTime
-          field :revoked_at, type: DateTime
-          index({ token: 1 }, unique: true)
-          index({ refresh_token: 1 }, unique: true, sparse: true)
-          before_validation :setup_expiration, on: :create
-          before_validation :generate_tokens, on: :create
-          validates :token, presence: true, uniqueness: true
-          class << self
-            def create_for(client, resource_owner, scopes = nil)
-              create(
-                client: client,
-                resource_owner: resource_owner,
-                scopes: scopes.to_s
-              )
-            end
-            def authenticate(token, type: :access_token)
-              if type && type.to_sym == :refresh_token
-                find_by(refresh_token: token.to_s)
-              else
-                find_by(token: token.to_s)
-              end
-            end
-          end
-          def expired?
-            !expires_at.nil? && Time.now.utc > expires_at
-          end
-          def revoked?
-            !revoked_at.nil? && revoked_at <= Time.now.utc
-          end
-          def revoke!(revoked_at = Time.now)
-            update_attribute :revoked_at, revoked_at.utc
-          end
-          def to_bearer_token
-            {
-              access_token: token,
-              expires_in: expires_at && Grape::OAuth2.config.access_token_lifetime.to_i,
-              refresh_token: refresh_token,
-              scope: scopes
-            }
-          end
-          protected
-          def generate_tokens
-            self.token = Grape::OAuth2.config.token_generator.generate(attributes) if token.blank?
-            self.refresh_token = Grape::OAuth2::UniqueToken.generate if Grape::OAuth2.config.issue_refresh_token
-          end
-          def setup_expiration
-            expires_in = Grape::OAuth2.config.access_token_lifetime
-            self.expires_at = Time.now + expires_in if expires_at.nil? && !expires_in.nil?
-          end
-        end
-      end
-    end
-  end
-end
+module Grape
+  module OAuth2
+    module Mongoid
+      # Grape::OAuth2 Access Token role mixin for Mongoid ORM.
+      # Includes all the required API, associations, validations and callbacks.
+      module AccessToken
+        extend ActiveSupport::Concern
+        included do
+          include ::Mongoid::Document
+          include ::Mongoid::Timestamps
+          field :resource_owner_id, type: BSON::ObjectId
+          field :client_id, type: BSON::ObjectId
+          belongs_to :client, class_name: Grape::OAuth2.config.client_class_name, foreign_key: :client_id, optional: true
+          belongs_to :resource_owner, class_name: Grape::OAuth2.config.resource_owner_class_name, foreign_key: :resource_owner_id, optional: true
+          field :token, type: String
+          field :refresh_token, type: String
+          field :scopes, type: String
+          field :expires_at, type: DateTime
+          field :revoked_at, type: DateTime
+          index({ token: 1 }, unique: true)
+          index({ refresh_token: 1 }, unique: true, sparse: true)
+          before_validation :setup_expiration, on: :create
+          before_validation :generate_tokens, on: :create
+          validates :token, presence: true, uniqueness: true
+          class << self
+            def create_for(client, resource_owner, scopes = nil)
+              create(
+                client: client,
+                resource_owner: resource_owner,
+                scopes: scopes.to_s
+              )
+            end
+            def authenticate(token, type: :access_token)
+              if type && type.to_sym == :refresh_token
+                find_by(refresh_token: token.to_s)
+              else
+                find_by(token: token.to_s)
+              end
+            end
+          end
+          def expired?
+            !expires_at.nil? && Time.now.utc > expires_at
+          end
+          def revoked?
+            !revoked_at.nil? && revoked_at <= Time.now.utc
+          end
+          def revoke!(revoked_at = Time.now)
+            update_attribute :revoked_at, revoked_at.utc
+          end
+          def to_bearer_token
+            {
+              access_token: token,
+              expires_in: expires_at && Grape::OAuth2.config.access_token_lifetime.to_i,
+              refresh_token: refresh_token,
+              scope: scopes
+            }
+          end
+          protected
+          def generate_tokens
+            self.token = Grape::OAuth2.config.token_generator.generate(attributes) if token.blank?
+            self.refresh_token = Grape::OAuth2::UniqueToken.generate if Grape::OAuth2.config.issue_refresh_token
+          end
+          def setup_expiration
+            expires_in = Grape::OAuth2.config.access_token_lifetime
+            self.expires_at = Time.now + expires_in if expires_at.nil? && !expires_in.nil?
+          end
+        end
+      end
+    end
+  end
+end