RubyGems - grape_oauth2 - Versions diffs - 0.1.1 - Mend

grape_oauth2 0.1.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (93) hide show

checksums.yaml +7 -0
data/.gitignore +11 -0
data/.rspec +2 -0
data/.rubocop.yml +18 -0
data/.travis.yml +42 -0
data/Gemfile +23 -0
data/README.md +820 -0
data/Rakefile +11 -0
data/gemfiles/active_record.rb +25 -0
data/gemfiles/mongoid.rb +14 -0
data/gemfiles/sequel.rb +24 -0
data/grape_oauth2.gemspec +27 -0
data/grape_oauth2.png +0 -0
data/lib/grape_oauth2.rb +129 -0
data/lib/grape_oauth2/configuration.rb +143 -0
data/lib/grape_oauth2/configuration/class_accessors.rb +36 -0
data/lib/grape_oauth2/configuration/validation.rb +71 -0
data/lib/grape_oauth2/endpoints/authorize.rb +34 -0
data/lib/grape_oauth2/endpoints/token.rb +72 -0
data/lib/grape_oauth2/gem_version.rb +24 -0
data/lib/grape_oauth2/generators/authorization.rb +44 -0
data/lib/grape_oauth2/generators/base.rb +26 -0
data/lib/grape_oauth2/generators/token.rb +62 -0
data/lib/grape_oauth2/helpers/access_token_helpers.rb +54 -0
data/lib/grape_oauth2/helpers/oauth_params.rb +41 -0
data/lib/grape_oauth2/mixins/active_record/access_grant.rb +47 -0
data/lib/grape_oauth2/mixins/active_record/access_token.rb +75 -0
data/lib/grape_oauth2/mixins/active_record/client.rb +35 -0
data/lib/grape_oauth2/mixins/mongoid/access_grant.rb +58 -0
data/lib/grape_oauth2/mixins/mongoid/access_token.rb +88 -0
data/lib/grape_oauth2/mixins/mongoid/client.rb +41 -0
data/lib/grape_oauth2/mixins/sequel/access_grant.rb +68 -0
data/lib/grape_oauth2/mixins/sequel/access_token.rb +86 -0
data/lib/grape_oauth2/mixins/sequel/client.rb +46 -0
data/lib/grape_oauth2/responses/authorization.rb +10 -0
data/lib/grape_oauth2/responses/base.rb +56 -0
data/lib/grape_oauth2/responses/token.rb +10 -0
data/lib/grape_oauth2/scopes.rb +74 -0
data/lib/grape_oauth2/strategies/authorization_code.rb +38 -0
data/lib/grape_oauth2/strategies/base.rb +47 -0
data/lib/grape_oauth2/strategies/client_credentials.rb +20 -0
data/lib/grape_oauth2/strategies/password.rb +22 -0
data/lib/grape_oauth2/strategies/refresh_token.rb +47 -0
data/lib/grape_oauth2/unique_token.rb +20 -0
data/lib/grape_oauth2/version.rb +14 -0
data/spec/configuration/config_spec.rb +231 -0
data/spec/configuration/version_spec.rb +12 -0
data/spec/dummy/endpoints/custom_authorization.rb +25 -0
data/spec/dummy/endpoints/custom_token.rb +35 -0
data/spec/dummy/endpoints/status.rb +25 -0
data/spec/dummy/grape_oauth2_config.rb +11 -0
data/spec/dummy/orm/active_record/app/config/db.rb +7 -0
data/spec/dummy/orm/active_record/app/models/access_code.rb +3 -0
data/spec/dummy/orm/active_record/app/models/access_token.rb +3 -0
data/spec/dummy/orm/active_record/app/models/application.rb +3 -0
data/spec/dummy/orm/active_record/app/models/application_record.rb +3 -0
data/spec/dummy/orm/active_record/app/models/user.rb +10 -0
data/spec/dummy/orm/active_record/app/twitter.rb +36 -0
data/spec/dummy/orm/active_record/config.ru +7 -0
data/spec/dummy/orm/active_record/db/schema.rb +53 -0
data/spec/dummy/orm/mongoid/app/config/db.rb +6 -0
data/spec/dummy/orm/mongoid/app/config/mongoid.yml +21 -0
data/spec/dummy/orm/mongoid/app/models/access_code.rb +3 -0
data/spec/dummy/orm/mongoid/app/models/access_token.rb +3 -0
data/spec/dummy/orm/mongoid/app/models/application.rb +3 -0
data/spec/dummy/orm/mongoid/app/models/user.rb +11 -0
data/spec/dummy/orm/mongoid/app/twitter.rb +34 -0
data/spec/dummy/orm/mongoid/config.ru +5 -0
data/spec/dummy/orm/sequel/app/config/db.rb +1 -0
data/spec/dummy/orm/sequel/app/models/access_code.rb +4 -0
data/spec/dummy/orm/sequel/app/models/access_token.rb +4 -0
data/spec/dummy/orm/sequel/app/models/application.rb +4 -0
data/spec/dummy/orm/sequel/app/models/application_record.rb +2 -0
data/spec/dummy/orm/sequel/app/models/user.rb +11 -0
data/spec/dummy/orm/sequel/app/twitter.rb +47 -0
data/spec/dummy/orm/sequel/config.ru +5 -0
data/spec/dummy/orm/sequel/db/schema.rb +50 -0
data/spec/lib/scopes_spec.rb +50 -0
data/spec/mixins/active_record/access_token_spec.rb +185 -0
data/spec/mixins/active_record/client_spec.rb +95 -0
data/spec/mixins/mongoid/access_token_spec.rb +185 -0
data/spec/mixins/mongoid/client_spec.rb +95 -0
data/spec/mixins/sequel/access_token_spec.rb +185 -0
data/spec/mixins/sequel/client_spec.rb +96 -0
data/spec/requests/flows/authorization_code_spec.rb +67 -0
data/spec/requests/flows/client_credentials_spec.rb +101 -0
data/spec/requests/flows/password_spec.rb +210 -0
data/spec/requests/flows/refresh_token_spec.rb +222 -0
data/spec/requests/flows/revoke_token_spec.rb +103 -0
data/spec/requests/protected_resources_spec.rb +64 -0
data/spec/spec_helper.rb +60 -0
data/spec/support/api_helper.rb +11 -0
metadata +257 -0

data/lib/grape_oauth2/mixins/active_record/client.rb ADDED Viewed

@@ -0,0 +1,35 @@
+module Grape
+  module OAuth2
+    module ActiveRecord
+      # Grape::OAuth2 Client role mixin for ActiveRecord.
+      # Includes all the required API, associations, validations and callbacks.
+      module Client
+        extend ActiveSupport::Concern
+        included do
+          has_many :access_tokens, class_name: Grape::OAuth2.config.access_token_class_name, foreign_key: :client_id
+          validates :key, :secret, presence: true
+          validates :key, uniqueness: true
+          before_validation :generate_keys, on: :create
+          def self.authenticate(key, secret = nil)
+            if secret.nil?
+              find_by(key: key)
+            else
+              find_by(key: key, secret: secret)
+            end
+          end
+          protected
+          def generate_keys
+            self.key = Grape::OAuth2::UniqueToken.generate if key.blank?
+            self.secret = Grape::OAuth2::UniqueToken.generate if secret.blank?
+          end
+        end
+      end
+    end
+  end
+end

data/lib/grape_oauth2/mixins/mongoid/access_grant.rb ADDED Viewed

@@ -0,0 +1,58 @@
+module Grape
+  module OAuth2
+    module Mongoid
+      # Grape::OAuth2 Authorization Grant role mixin for Mongoid ORM.
+      # Includes all the required API, associations, validations and callbacks.
+      module AccessGrant
+        extend ActiveSupport::Concern
+        included do
+          include ::Mongoid::Document
+          include ::Mongoid::Timestamps
+          field :resource_owner_id, type: BSON::ObjectId
+          field :client_id, type: BSON::ObjectId
+          field :token, type: String
+          field :scopes, type: String
+          field :redirect_uri, type: String
+          field :expires_at, type: DateTime
+          belongs_to :client, class_name: Grape::OAuth2.config.client_class_name,
+                              foreign_key: :client_id
+          belongs_to :resource_owner, class_name: Grape::OAuth2.config.resource_owner_class_name,
+                                      foreign_key: :resource_owner_id, optional: true # required!
+          before_validation :generate_token, on: :create
+          before_validation :setup_expiration, on: :create
+          index({ token: 1 }, unique: true)
+          index({ refresh_token: 1 }, unique: true, sparse: true)
+          class << self
+            def create_for(client, resource_owner, redirect_uri, scopes = nil)
+              create(
+                client_id: client.id,
+                resource_owner_id: resource_owner && resource_owner.id,
+                redirect_uri: redirect_uri,
+                scopes: scopes.to_s
+              )
+            end
+          end
+          protected
+          def generate_token
+            self.token = Grape::OAuth2.config.token_generator.generate(attributes)
+          end
+          def setup_expiration
+            self.expires_at = Time.now.utc + Grape::OAuth2.config.authorization_code_lifetime if expires_at.nil?
+          end
+        end
+      end
+    end
+  end
+end

data/lib/grape_oauth2/mixins/mongoid/access_token.rb ADDED Viewed

@@ -0,0 +1,88 @@
+module Grape
+  module OAuth2
+    module Mongoid
+      # Grape::OAuth2 Access Token role mixin for Mongoid ORM.
+      # Includes all the required API, associations, validations and callbacks.
+      module AccessToken
+        extend ActiveSupport::Concern
+        included do
+          include ::Mongoid::Document
+          include ::Mongoid::Timestamps
+          field :resource_owner_id, type: BSON::ObjectId
+          field :client_id, type: BSON::ObjectId
+          belongs_to :client, class_name: 'Application', foreign_key: :client_id, optional: true
+          belongs_to :resource_owner, class_name: 'User', foreign_key: :resource_owner_id, optional: true
+          field :token, type: String
+          field :refresh_token, type: String
+          field :scopes, type: String
+          field :expires_at, type: DateTime
+          field :revoked_at, type: DateTime
+          index({ token: 1 }, unique: true)
+          index({ refresh_token: 1 }, unique: true, sparse: true)
+          before_validation :setup_expiration, on: :create
+          before_validation :generate_tokens, on: :create
+          validates :token, presence: true, uniqueness: true
+          class << self
+            def create_for(client, resource_owner, scopes = nil)
+              create(
+                client: client,
+                resource_owner: resource_owner,
+                scopes: scopes.to_s
+              )
+            end
+            def authenticate(token, type: :access_token)
+              if type && type.to_sym == :refresh_token
+                find_by(refresh_token: token.to_s)
+              else
+                find_by(token: token.to_s)
+              end
+            end
+          end
+          def expired?
+            !expires_at.nil? && Time.now.utc > expires_at
+          end
+          def revoked?
+            !revoked_at.nil? && revoked_at <= Time.now.utc
+          end
+          def revoke!(revoked_at = Time.now)
+            update_attribute :revoked_at, revoked_at.utc
+          end
+          def to_bearer_token
+            {
+              access_token: token,
+              expires_in: expires_at && Grape::OAuth2.config.access_token_lifetime.to_i,
+              refresh_token: refresh_token,
+              scope: scopes
+            }
+          end
+          protected
+          def generate_tokens
+            self.token = Grape::OAuth2.config.token_generator.generate(attributes) if token.blank?
+            self.refresh_token = Grape::OAuth2::UniqueToken.generate if Grape::OAuth2.config.issue_refresh_token
+          end
+          def setup_expiration
+            expires_in = Grape::OAuth2.config.access_token_lifetime
+            self.expires_at = Time.now + expires_in if expires_at.nil? && !expires_in.nil?
+          end
+        end
+      end
+    end
+  end
+end

data/lib/grape_oauth2/mixins/mongoid/client.rb ADDED Viewed

@@ -0,0 +1,41 @@
+module Grape
+  module OAuth2
+    module Mongoid
+      # Grape::OAuth2 Client role mixin for Mongoid ORM.
+      # Includes all the required API, associations, validations and callbacks.
+      module Client
+        extend ActiveSupport::Concern
+        included do
+          include ::Mongoid::Document
+          include ::Mongoid::Timestamps
+          field :name, type: String
+          field :key, type: String
+          field :secret, type: String
+          field :redirect_uri, type: String
+          before_validation :generate_keys, on: :create
+          validates :key, :secret, presence: true
+          validates :key, uniqueness: true
+          def self.authenticate(key, secret = nil)
+            if secret.nil?
+              Application.find_by(key: key)
+            else
+              Application.find_by(key: key, secret: secret)
+            end
+          end
+          protected
+          def generate_keys
+            self.key = Grape::OAuth2::UniqueToken.generate if key.blank?
+            self.secret = Grape::OAuth2::UniqueToken.generate if secret.blank?
+          end
+        end
+      end
+    end
+  end
+end

data/lib/grape_oauth2/mixins/sequel/access_grant.rb ADDED Viewed

@@ -0,0 +1,68 @@
+module Grape
+  module OAuth2
+    module Sequel
+      # Grape::OAuth2 Authorization Grant role mixin for Sequel toolkit.
+      # Includes all the required API, associations, validations and callbacks.
+      module AccessGrant
+        extend ActiveSupport::Concern
+        included do
+          plugin :validation_helpers
+          plugin :timestamps
+          many_to_one :client, class: Grape::OAuth2.config.client_class_name, key: :client_id
+          many_to_one :resource_owner, class: Grape::OAuth2.config.resource_owner_class_name, key: :resource_owner_id
+          def before_validation
+            if new?
+              generate_token
+              setup_expiration
+            end
+            super
+          end
+          class << self
+            def create_for(client, resource_owner, redirect_uri, scopes = nil)
+              create(
+                client_id: client.id,
+                resource_owner_id: resource_owner && resource_owner.id,
+                redirect_uri: redirect_uri,
+                scopes: scopes.to_s
+              )
+            end
+          end
+          def validate
+            super
+            validates_presence [:token, :client_id]
+            validates_unique [:token]
+          end
+          def expired?
+            expires_at && Time.now.utc > expires_at
+          end
+          def revoked?
+            revoked_at && revoked_at <= Time.now.utc
+          end
+          def revoke!(revoked_at = Time.now)
+            set(revoked_at: revoked_at.utc)
+            save(columns: [:revoked_at], validate: false)
+          end
+          protected
+          def generate_token
+            self.token = Grape::OAuth2.config.token_generator.generate(values)
+          end
+          def setup_expiration
+            self.expires_at = Time.now.utc + Grape::OAuth2.config.authorization_code_lifetime if expires_at.nil?
+          end
+        end
+      end
+    end
+  end
+end

data/lib/grape_oauth2/mixins/sequel/access_token.rb ADDED Viewed

@@ -0,0 +1,86 @@
+module Grape
+  module OAuth2
+    module Sequel
+      # Grape::OAuth2 Access Token role mixin for Sequel toolkit.
+      # Includes all the required API, associations, validations and callbacks.
+      module AccessToken
+        extend ActiveSupport::Concern
+        included do
+          plugin :validation_helpers
+          plugin :timestamps
+          many_to_one :client, class: Grape::OAuth2.config.client_class_name, key: :client_id
+          many_to_one :resource_owner, class: Grape::OAuth2.config.resource_owner_class_name, key: :resource_owner_id
+          def before_validation
+            if new?
+              setup_expiration
+              generate_tokens
+            end
+            super
+          end
+          def validate
+            super
+            validates_presence :token
+            validates_unique :token
+          end
+          class << self
+            def create_for(client, resource_owner, scopes = nil)
+              create(
+                client: client,
+                resource_owner: resource_owner,
+                scopes: scopes.to_s
+              )
+            end
+            def authenticate(token, type: :access_token)
+              if type && type.to_sym == :refresh_token
+                first(refresh_token: token.to_s)
+              else
+                first(token: token.to_s)
+              end
+            end
+          end
+          def expired?
+            !expires_at.nil? && Time.now.utc > expires_at.utc
+          end
+          def revoked?
+            !revoked_at.nil? && revoked_at <= Time.now.utc
+          end
+          def revoke!(revoked_at = Time.now)
+            set(revoked_at: revoked_at.utc)
+            save(columns: [:revoked_at], validate: false)
+          end
+          def to_bearer_token
+            {
+              access_token: token,
+              expires_in: expires_at && Grape::OAuth2.config.access_token_lifetime.to_i,
+              refresh_token: refresh_token,
+              scope: scopes
+            }
+          end
+          protected
+          def generate_tokens
+            self.token = Grape::OAuth2.config.token_generator.generate(values) if token.blank?
+            self.refresh_token = Grape::OAuth2::UniqueToken.generate if Grape::OAuth2.config.issue_refresh_token
+          end
+          def setup_expiration
+            expires_in = Grape::OAuth2.config.access_token_lifetime
+            self.expires_at = Time.now + expires_in if expires_at.nil? && !expires_in.nil?
+          end
+        end
+      end
+    end
+  end
+end

data/lib/grape_oauth2/mixins/sequel/client.rb ADDED Viewed

@@ -0,0 +1,46 @@
+module Grape
+  module OAuth2
+    module Sequel
+      # Grape::OAuth2 Client role mixin for Sequel toolkit.
+      # Includes all the required API, associations, validations and callbacks.
+      module Client
+        extend ActiveSupport::Concern
+        included do
+          plugin :validation_helpers
+          plugin :timestamps
+          set_allowed_columns :name, :redirect_uri
+          one_to_many :access_tokens, class: Grape::OAuth2.config.access_token_class_name, key: :client_id
+          def before_validation
+            generate_keys if new?
+            super
+          end
+          def validate
+            super
+            validates_presence [:key, :secret]
+            validates_unique :key
+          end
+          def self.authenticate(key, secret = nil)
+            if secret.nil?
+              find(key: key)
+            else
+              find(key: key, secret: secret)
+            end
+          end
+          protected
+          def generate_keys
+            self.key = Grape::OAuth2::UniqueToken.generate if key.blank?
+            self.secret = Grape::OAuth2::UniqueToken.generate if secret.blank?
+          end
+        end
+      end
+    end
+  end
+end

data/lib/grape_oauth2/responses/authorization.rb ADDED Viewed

@@ -0,0 +1,10 @@
+module Grape
+  module OAuth2
+    # Grape::OAuth2 responses namespace.
+    module Responses
+      # Authorization response.
+      class Authorization < Base
+      end
+    end
+  end
+end

data/lib/grape_oauth2/responses/base.rb ADDED Viewed

@@ -0,0 +1,56 @@
+module Grape
+  module OAuth2
+    # Grape::OAuth2 responses namespace.
+    module Responses
+      # Base class for Grape::OAuth2 endpoints responses.
+      # Processes raw Rack Responses and contains helper methods.
+      class Base
+        # Raw Rack::Response to process
+        #
+        # @return [Array] Rack response
+        #
+        # @example
+        #   response = Grape::OAuth2::Responses::Base.new([200, {}, Rack::BodyProxy.new('Test')])
+        #   response.rack_response
+        #
+        #   #=> [200, {}, Rack::BodyProxy.new('Test')]
+        #
+        attr_reader :rack_response
+        # OAuth2 response class.
+        #
+        # @param rack_response [Array]
+        #   raw Rack::Response object
+        #
+        def initialize(rack_response)
+          # Rack Body:
+          #   [Status Code, Headers, Body]
+          @rack_response = rack_response
+        end
+        # Response status
+        def status
+          @rack_response[0]
+        end
+        # Response headers
+        def headers
+          @rack_response[1]
+        end
+        # Raw Rack body
+        def raw_body
+          @rack_response[2].body
+        end
+        # JSON-parsed body
+        def body
+          response_body = raw_body.first
+          return {} if response_body.nil? || response_body.empty?
+          JSON.parse(response_body)
+        end
+      end
+    end
+  end
+end