hackathon_manager 0.9.2 → 0.10.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/app/models/user.rb +7 -1
- data/app/views/layouts/manage/application.html.haml +6 -0
- data/config/initializers/devise.rb +5 -1
- data/config/initializers/doorkeeper.rb +220 -0
- data/config/locales/doorkeeper.en.yml +137 -0
- data/config/routes.rb +1 -0
- data/db/migrate/20181221194407_create_doorkeeper_tables.rb +68 -0
- data/db/migrate/20181221195241_enable_pkce.rb +6 -0
- data/lib/hackathon_manager/engine.rb +15 -2
- data/lib/hackathon_manager/version.rb +1 -1
- data/test/factories/temp_doorkeeper.rb +30 -0
- metadata +36 -4
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 75702c73df8a6c3d94f11a7c8f0a067aa747d2862aba1d949e77c180f30c87b5
|
4
|
+
data.tar.gz: a04a9c400928c649cd152c4aadfdf98a8ac80e7c88db24fc7cb88c39843d1b05
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: b1484e04b959ec1ef418a07b359f12bfcf08d014c87c15fb8758029461e6bf8eab912f1f60d3944dbef566623da82c11f3b1a0153a223b1eeddd347907552f21
|
7
|
+
data.tar.gz: 7299d07a9f27c86d576a2e7dc257c305a9d6655304d65c3857fc9816ea3fffe5d9a8391472c23326b597cdda0260f89c225cd95e4367d056695368e6d106bd85
|
data/app/models/user.rb
CHANGED
@@ -1,9 +1,15 @@
|
|
1
1
|
class User < ApplicationRecord
|
2
2
|
devise :database_authenticatable, :registerable, :timeoutable,
|
3
3
|
:recoverable, :rememberable, :trackable, :validatable,
|
4
|
-
:omniauthable, omniauth_providers: [:mlh]
|
4
|
+
:doorkeeper, :omniauthable, omniauth_providers: [:mlh]
|
5
5
|
|
6
6
|
has_one :questionnaire
|
7
|
+
has_many :access_grants, class_name: "Doorkeeper::AccessGrant",
|
8
|
+
foreign_key: :resource_owner_id,
|
9
|
+
dependent: :delete_all # or :destroy if you need callbacks
|
10
|
+
has_many :access_tokens, class_name: "Doorkeeper::AccessToken",
|
11
|
+
foreign_key: :resource_owner_id,
|
12
|
+
dependent: :delete_all # or :destroy if you need callbacks
|
7
13
|
|
8
14
|
after_create :queue_reminder_email
|
9
15
|
|
@@ -74,6 +74,12 @@
|
|
74
74
|
Blazer
|
75
75
|
%span.fa.fa-external-link.icon-space-l-half
|
76
76
|
.nav-item-description Run custom SQL queries
|
77
|
+
%li.nav-item
|
78
|
+
= active_link_to oauth_applications_path, target: '_blank', class: "nav-link" do
|
79
|
+
.fa.fa-unlock.fa-fw.icon-space-r-half
|
80
|
+
Doorkeeper
|
81
|
+
%span.fa.fa-external-link.icon-space-l-half
|
82
|
+
.nav-item-description OAuth2 provider management
|
77
83
|
%main.col-md-10.ml-sm-auto.px-4{role: "main"}
|
78
84
|
= render "layouts/manage/flashes"
|
79
85
|
= yield
|
@@ -1,6 +1,9 @@
|
|
1
1
|
# Use this hook to configure devise mailer, warden hooks and so forth.
|
2
2
|
# Many of these configuration options can be set straight in your model.
|
3
3
|
Devise.setup do |config|
|
4
|
+
# Enable easy doorkeeper integration
|
5
|
+
Devise::Doorkeeper.configure_devise(config)
|
6
|
+
|
4
7
|
# The secret key used by Devise. Devise uses this key to generate
|
5
8
|
# random tokens. Changing this key will render invalid all existing
|
6
9
|
# confirmation, reset password and unlock tokens in the database.
|
@@ -77,7 +80,8 @@ Devise.setup do |config|
|
|
77
80
|
# Notice that if you are skipping storage for all authentication paths, you
|
78
81
|
# may want to disable generating routes to Devise's sessions controller by
|
79
82
|
# passing skip: :sessions to `devise_for` in your config/routes.rb
|
80
|
-
config.skip_session_storage = [:http_auth]
|
83
|
+
config.skip_session_storage = [:http_auth] # this is the default devise config
|
84
|
+
config.skip_session_storage << :doorkeeper # disable session storage for oauth requests
|
81
85
|
|
82
86
|
# By default, Devise cleans up the CSRF token on authentication to
|
83
87
|
# avoid CSRF token fixation attacks. This means that, when using AJAX
|
@@ -0,0 +1,220 @@
|
|
1
|
+
Doorkeeper.configure do
|
2
|
+
# Enable easy devise integration
|
3
|
+
Devise::Doorkeeper.configure_doorkeeper(self)
|
4
|
+
|
5
|
+
# Change the ORM that doorkeeper will use (needs plugins)
|
6
|
+
orm :active_record
|
7
|
+
|
8
|
+
# This block will be called to check whether the resource owner is authenticated or not.
|
9
|
+
# resource_owner_authenticator do
|
10
|
+
# # Put your resource owner authentication logic here.
|
11
|
+
# # Example implementation:
|
12
|
+
# # User.find_by_id(session[:user_id]) || redirect_to(new_user_session_url)
|
13
|
+
# end
|
14
|
+
|
15
|
+
# If you didn't skip applications controller from Doorkeeper routes in your application routes.rb
|
16
|
+
# file then you need to declare this block in order to restrict access to the web interface for
|
17
|
+
# adding oauth authorized applications. In other case it will return 403 Forbidden response
|
18
|
+
# every time somebody will try to access the admin web interface.
|
19
|
+
admin_authenticator do
|
20
|
+
if current_user
|
21
|
+
head :forbidden unless current_user.admin? || current_user.admin_limited_access?
|
22
|
+
else
|
23
|
+
redirect_to new_user_session_url
|
24
|
+
end
|
25
|
+
end
|
26
|
+
|
27
|
+
# If you are planning to use Doorkeeper in Rails 5 API-only application, then you might
|
28
|
+
# want to use API mode that will skip all the views management and change the way how
|
29
|
+
# Doorkeeper responds to a requests.
|
30
|
+
#
|
31
|
+
# api_only
|
32
|
+
|
33
|
+
# Enforce token request content type to application/x-www-form-urlencoded.
|
34
|
+
# It is not enabled by default to not break prior versions of the gem.
|
35
|
+
#
|
36
|
+
# enforce_content_type
|
37
|
+
|
38
|
+
# Authorization Code expiration time (default 10 minutes).
|
39
|
+
#
|
40
|
+
# authorization_code_expires_in 10.minutes
|
41
|
+
|
42
|
+
# Access token expiration time (default 2 hours).
|
43
|
+
# If you want to disable expiration, set this to nil.
|
44
|
+
#
|
45
|
+
# access_token_expires_in 2.hours
|
46
|
+
|
47
|
+
# Assign custom TTL for access tokens. Will be used instead of access_token_expires_in
|
48
|
+
# option if defined. `context` has the following properties available
|
49
|
+
#
|
50
|
+
# `client` - the OAuth client application (see Doorkeeper::OAuth::Client)
|
51
|
+
# `grant_type` - the grant type of the request (see Doorkeeper::OAuth)
|
52
|
+
# `scopes` - the requested scopes (see Doorkeeper::OAuth::Scopes)
|
53
|
+
#
|
54
|
+
# custom_access_token_expires_in do |context|
|
55
|
+
# context.client.application.additional_settings.implicit_oauth_expiration
|
56
|
+
# end
|
57
|
+
|
58
|
+
# Use a custom class for generating the access token.
|
59
|
+
# See https://github.com/doorkeeper-gem/doorkeeper#custom-access-token-generator
|
60
|
+
#
|
61
|
+
# access_token_generator '::Doorkeeper::JWT'
|
62
|
+
|
63
|
+
# The controller Doorkeeper::ApplicationController inherits from.
|
64
|
+
# Defaults to ActionController::Base.
|
65
|
+
# See https://github.com/doorkeeper-gem/doorkeeper#custom-base-controller
|
66
|
+
#
|
67
|
+
# base_controller 'ApplicationController'
|
68
|
+
|
69
|
+
# Reuse access token for the same resource owner within an application (disabled by default).
|
70
|
+
#
|
71
|
+
# This option protects your application from creating new tokens before old valid one becomes
|
72
|
+
# expired so your database doesn't bloat. Keep in mind that when this option is `on` Doorkeeper
|
73
|
+
# doesn't updates existing token expiration time, it will create a new token instead.
|
74
|
+
# Rationale: https://github.com/doorkeeper-gem/doorkeeper/issues/383
|
75
|
+
#
|
76
|
+
# reuse_access_token
|
77
|
+
|
78
|
+
# Issue access tokens with refresh token (disabled by default), you may also
|
79
|
+
# pass a block which accepts `context` to customize when to give a refresh
|
80
|
+
# token or not. Similar to `custom_access_token_expires_in`, `context` has
|
81
|
+
# the properties:
|
82
|
+
#
|
83
|
+
# `client` - the OAuth client application (see Doorkeeper::OAuth::Client)
|
84
|
+
# `grant_type` - the grant type of the request (see Doorkeeper::OAuth)
|
85
|
+
# `scopes` - the requested scopes (see Doorkeeper::OAuth::Scopes)
|
86
|
+
#
|
87
|
+
# use_refresh_token
|
88
|
+
|
89
|
+
# Forbids creating/updating applications with arbitrary scopes that are
|
90
|
+
# not in configuration, i.e. `default_scopes` or `optional_scopes`.
|
91
|
+
# (disabled by default)
|
92
|
+
#
|
93
|
+
# enforce_configured_scopes
|
94
|
+
|
95
|
+
# Provide support for an owner to be assigned to each registered application (disabled by default)
|
96
|
+
# Optional parameter confirmation: true (default false) if you want to enforce ownership of
|
97
|
+
# a registered application
|
98
|
+
# Note: you must also run the rails g doorkeeper:application_owner generator to provide the necessary support
|
99
|
+
#
|
100
|
+
# enable_application_owner confirmation: false
|
101
|
+
|
102
|
+
# Define access token scopes for your provider
|
103
|
+
# For more information go to
|
104
|
+
# https://github.com/doorkeeper-gem/doorkeeper/wiki/Using-Scopes
|
105
|
+
#
|
106
|
+
# default_scopes :public
|
107
|
+
# optional_scopes :write, :update
|
108
|
+
|
109
|
+
# Change the way client credentials are retrieved from the request object.
|
110
|
+
# By default it retrieves first from the `HTTP_AUTHORIZATION` header, then
|
111
|
+
# falls back to the `:client_id` and `:client_secret` params from the `params` object.
|
112
|
+
# Check out https://github.com/doorkeeper-gem/doorkeeper/wiki/Changing-how-clients-are-authenticated
|
113
|
+
# for more information on customization
|
114
|
+
#
|
115
|
+
# client_credentials :from_basic, :from_params
|
116
|
+
|
117
|
+
# Change the way access token is authenticated from the request object.
|
118
|
+
# By default it retrieves first from the `HTTP_AUTHORIZATION` header, then
|
119
|
+
# falls back to the `:access_token` or `:bearer_token` params from the `params` object.
|
120
|
+
# Check out https://github.com/doorkeeper-gem/doorkeeper/wiki/Changing-how-clients-are-authenticated
|
121
|
+
# for more information on customization
|
122
|
+
#
|
123
|
+
# access_token_methods :from_bearer_authorization, :from_access_token_param, :from_bearer_param
|
124
|
+
|
125
|
+
# Change the native redirect uri for client apps
|
126
|
+
# When clients register with the following redirect uri, they won't be redirected to any server and
|
127
|
+
# the authorizationcode will be displayed within the provider
|
128
|
+
# The value can be any string. Use nil to disable this feature. When disabled, clients must provide a valid URL
|
129
|
+
# (Similar behaviour: https://developers.google.com/accounts/docs/OAuth2InstalledApp#choosingredirecturi)
|
130
|
+
#
|
131
|
+
# native_redirect_uri 'urn:ietf:wg:oauth:2.0:oob'
|
132
|
+
|
133
|
+
# Forces the usage of the HTTPS protocol in non-native redirect uris (enabled
|
134
|
+
# by default in non-development environments). OAuth2 delegates security in
|
135
|
+
# communication to the HTTPS protocol so it is wise to keep this enabled.
|
136
|
+
#
|
137
|
+
# Callable objects such as proc, lambda, block or any object that responds to
|
138
|
+
# #call can be used in order to allow conditional checks (to allow non-SSL
|
139
|
+
# redirects to localhost for example).
|
140
|
+
#
|
141
|
+
# force_ssl_in_redirect_uri !Rails.env.development?
|
142
|
+
#
|
143
|
+
# force_ssl_in_redirect_uri { |uri| uri.host != 'localhost' }
|
144
|
+
|
145
|
+
# Specify what redirect URI's you want to block during Application creation.
|
146
|
+
# Any redirect URI is whitelisted by default.
|
147
|
+
#
|
148
|
+
# You can use this option in order to forbid URI's with 'javascript' scheme
|
149
|
+
# for example.
|
150
|
+
#
|
151
|
+
# forbid_redirect_uri { |uri| uri.scheme.to_s.downcase == 'javascript' }
|
152
|
+
|
153
|
+
# Specify how authorization errors should be handled.
|
154
|
+
# By default, doorkeeper renders json errors when access token
|
155
|
+
# is invalid, expired, revoked or has invalid scopes.
|
156
|
+
#
|
157
|
+
# If you want to render error response yourself (i.e. rescue exceptions),
|
158
|
+
# set handle_auth_errors to `:raise` and rescue Doorkeeper::Errors::InvalidToken
|
159
|
+
# or following specific errors:
|
160
|
+
#
|
161
|
+
# Doorkeeper::Errors::TokenForbidden, Doorkeeper::Errors::TokenExpired,
|
162
|
+
# Doorkeeper::Errors::TokenRevoked, Doorkeeper::Errors::TokenUnknown
|
163
|
+
#
|
164
|
+
# handle_auth_errors :raise
|
165
|
+
|
166
|
+
# Specify what grant flows are enabled in array of Strings. The valid
|
167
|
+
# strings and the flows they enable are:
|
168
|
+
#
|
169
|
+
# "authorization_code" => Authorization Code Grant Flow
|
170
|
+
# "implicit" => Implicit Grant Flow
|
171
|
+
# "password" => Resource Owner Password Credentials Grant Flow
|
172
|
+
# "client_credentials" => Client Credentials Grant Flow
|
173
|
+
#
|
174
|
+
# If not specified, Doorkeeper enables authorization_code and
|
175
|
+
# client_credentials.
|
176
|
+
#
|
177
|
+
# implicit and password grant flows have risks that you should understand
|
178
|
+
# before enabling:
|
179
|
+
# http://tools.ietf.org/html/rfc6819#section-4.4.2
|
180
|
+
# http://tools.ietf.org/html/rfc6819#section-4.4.3
|
181
|
+
|
182
|
+
grant_flows %w[authorization_code client_credentials implicit]
|
183
|
+
|
184
|
+
# Hook into the strategies' request & response life-cycle in case your
|
185
|
+
# application needs advanced customization or logging:
|
186
|
+
#
|
187
|
+
# before_successful_strategy_response do |request|
|
188
|
+
# puts "BEFORE HOOK FIRED! #{request}"
|
189
|
+
# end
|
190
|
+
#
|
191
|
+
# after_successful_strategy_response do |request, response|
|
192
|
+
# puts "AFTER HOOK FIRED! #{request}, #{response}"
|
193
|
+
# end
|
194
|
+
|
195
|
+
# Hook into Authorization flow in order to implement Single Sign Out
|
196
|
+
# or add ny other functionality.
|
197
|
+
#
|
198
|
+
# before_successful_authorization do |controller|
|
199
|
+
# Rails.logger.info(params.inspect)
|
200
|
+
# end
|
201
|
+
#
|
202
|
+
# after_successful_authorization do |controller|
|
203
|
+
# controller.session[:logout_urls] <<
|
204
|
+
# Doorkeeper::Application
|
205
|
+
# .find_by(controller.request.params.slice(:redirect_uri))
|
206
|
+
# .logout_uri
|
207
|
+
# end
|
208
|
+
|
209
|
+
# Under some circumstances you might want to have applications auto-approved,
|
210
|
+
# so that the user skips the authorization step.
|
211
|
+
# For example if dealing with a trusted application.
|
212
|
+
#
|
213
|
+
# skip_authorization do |resource_owner, client|
|
214
|
+
# client.superapp? or resource_owner.admin?
|
215
|
+
# end
|
216
|
+
|
217
|
+
# WWW-Authenticate Realm (default "Doorkeeper").
|
218
|
+
#
|
219
|
+
# realm "Doorkeeper"
|
220
|
+
end
|
@@ -0,0 +1,137 @@
|
|
1
|
+
en:
|
2
|
+
activerecord:
|
3
|
+
attributes:
|
4
|
+
doorkeeper/application:
|
5
|
+
name: 'Name'
|
6
|
+
redirect_uri: 'Redirect URI'
|
7
|
+
errors:
|
8
|
+
models:
|
9
|
+
doorkeeper/application:
|
10
|
+
attributes:
|
11
|
+
redirect_uri:
|
12
|
+
fragment_present: 'cannot contain a fragment.'
|
13
|
+
invalid_uri: 'must be a valid URI.'
|
14
|
+
relative_uri: 'must be an absolute URI.'
|
15
|
+
secured_uri: 'must be an HTTPS/SSL URI.'
|
16
|
+
forbidden_uri: 'is forbidden by the server.'
|
17
|
+
scopes:
|
18
|
+
not_match_configured: "doesn't match configured on the server."
|
19
|
+
|
20
|
+
doorkeeper:
|
21
|
+
applications:
|
22
|
+
confirmations:
|
23
|
+
destroy: 'Are you sure?'
|
24
|
+
buttons:
|
25
|
+
edit: 'Edit'
|
26
|
+
destroy: 'Destroy'
|
27
|
+
submit: 'Submit'
|
28
|
+
cancel: 'Cancel'
|
29
|
+
authorize: 'Authorize'
|
30
|
+
form:
|
31
|
+
error: 'Whoops! Check your form for possible errors'
|
32
|
+
help:
|
33
|
+
confidential: 'Application will be used where the client secret can be kept confidential. Native mobile apps and Single Page Apps are considered non-confidential.'
|
34
|
+
redirect_uri: 'Use one line per URI'
|
35
|
+
native_redirect_uri: 'Use %{native_redirect_uri} if you want to add localhost URIs for development purposes'
|
36
|
+
scopes: 'Separate scopes with spaces. Leave blank to use the default scopes.'
|
37
|
+
edit:
|
38
|
+
title: 'Edit application'
|
39
|
+
index:
|
40
|
+
title: 'Your applications'
|
41
|
+
new: 'New Application'
|
42
|
+
name: 'Name'
|
43
|
+
callback_url: 'Callback URL'
|
44
|
+
confidential: 'Confidential?'
|
45
|
+
actions: 'Actions'
|
46
|
+
confidentiality:
|
47
|
+
'yes': 'Yes'
|
48
|
+
'no': 'No'
|
49
|
+
new:
|
50
|
+
title: 'New Application'
|
51
|
+
show:
|
52
|
+
title: 'Application: %{name}'
|
53
|
+
application_id: 'Application UID'
|
54
|
+
secret: 'Secret'
|
55
|
+
scopes: 'Scopes'
|
56
|
+
confidential: 'Confidential'
|
57
|
+
callback_urls: 'Callback urls'
|
58
|
+
actions: 'Actions'
|
59
|
+
|
60
|
+
authorizations:
|
61
|
+
buttons:
|
62
|
+
authorize: 'Authorize'
|
63
|
+
deny: 'Deny'
|
64
|
+
error:
|
65
|
+
title: 'An error has occurred'
|
66
|
+
new:
|
67
|
+
title: 'Authorization required'
|
68
|
+
prompt: 'Authorize %{client_name} to use your account?'
|
69
|
+
able_to: 'This application will be able to'
|
70
|
+
show:
|
71
|
+
title: 'Authorization code'
|
72
|
+
|
73
|
+
authorized_applications:
|
74
|
+
confirmations:
|
75
|
+
revoke: 'Are you sure?'
|
76
|
+
buttons:
|
77
|
+
revoke: 'Revoke'
|
78
|
+
index:
|
79
|
+
title: 'Your authorized applications'
|
80
|
+
application: 'Application'
|
81
|
+
created_at: 'Created At'
|
82
|
+
date_format: '%Y-%m-%d %H:%M:%S'
|
83
|
+
|
84
|
+
pre_authorization:
|
85
|
+
status: 'Pre-authorization'
|
86
|
+
|
87
|
+
errors:
|
88
|
+
messages:
|
89
|
+
# Common error messages
|
90
|
+
invalid_request: 'The request is missing a required parameter, includes an unsupported parameter value, or is otherwise malformed.'
|
91
|
+
invalid_redirect_uri: "The requested redirect uri is malformed or doesn't match client redirect URI."
|
92
|
+
unauthorized_client: 'The client is not authorized to perform this request using this method.'
|
93
|
+
access_denied: 'The resource owner or authorization server denied the request.'
|
94
|
+
invalid_scope: 'The requested scope is invalid, unknown, or malformed.'
|
95
|
+
invalid_code_challenge_method: 'The code challenge method must be plain or S256.'
|
96
|
+
server_error: 'The authorization server encountered an unexpected condition which prevented it from fulfilling the request.'
|
97
|
+
temporarily_unavailable: 'The authorization server is currently unable to handle the request due to a temporary overloading or maintenance of the server.'
|
98
|
+
|
99
|
+
# Configuration error messages
|
100
|
+
credential_flow_not_configured: 'Resource Owner Password Credentials flow failed due to Doorkeeper.configure.resource_owner_from_credentials being unconfigured.'
|
101
|
+
resource_owner_authenticator_not_configured: 'Resource Owner find failed due to Doorkeeper.configure.resource_owner_authenticator being unconfigured.'
|
102
|
+
admin_authenticator_not_configured: 'Access to admin panel is forbidden due to Doorkeeper.configure.admin_authenticator being unconfigured.'
|
103
|
+
|
104
|
+
# Access grant errors
|
105
|
+
unsupported_response_type: 'The authorization server does not support this response type.'
|
106
|
+
|
107
|
+
# Access token errors
|
108
|
+
invalid_client: 'Client authentication failed due to unknown client, no client authentication included, or unsupported authentication method.'
|
109
|
+
invalid_grant: 'The provided authorization grant is invalid, expired, revoked, does not match the redirection URI used in the authorization request, or was issued to another client.'
|
110
|
+
unsupported_grant_type: 'The authorization grant type is not supported by the authorization server.'
|
111
|
+
|
112
|
+
invalid_token:
|
113
|
+
revoked: "The access token was revoked"
|
114
|
+
expired: "The access token expired"
|
115
|
+
unknown: "The access token is invalid"
|
116
|
+
|
117
|
+
flash:
|
118
|
+
applications:
|
119
|
+
create:
|
120
|
+
notice: 'Application created.'
|
121
|
+
destroy:
|
122
|
+
notice: 'Application deleted.'
|
123
|
+
update:
|
124
|
+
notice: 'Application updated.'
|
125
|
+
authorized_applications:
|
126
|
+
destroy:
|
127
|
+
notice: 'Application revoked.'
|
128
|
+
|
129
|
+
layouts:
|
130
|
+
admin:
|
131
|
+
title: 'Doorkeeper'
|
132
|
+
nav:
|
133
|
+
oauth2_provider: 'OAuth2 Provider'
|
134
|
+
applications: 'Applications'
|
135
|
+
home: 'Home'
|
136
|
+
application:
|
137
|
+
title: 'OAuth authorization required'
|
data/config/routes.rb
CHANGED
@@ -0,0 +1,68 @@
|
|
1
|
+
class CreateDoorkeeperTables < ActiveRecord::Migration[5.2]
|
2
|
+
def change
|
3
|
+
create_table :oauth_applications do |t|
|
4
|
+
t.string :name, null: false
|
5
|
+
t.string :uid, null: false
|
6
|
+
t.string :secret, null: false
|
7
|
+
t.text :redirect_uri, null: false
|
8
|
+
t.string :scopes, null: false, default: ''
|
9
|
+
t.boolean :confidential, null: false, default: true
|
10
|
+
t.timestamps null: false
|
11
|
+
end
|
12
|
+
|
13
|
+
add_index :oauth_applications, :uid, unique: true
|
14
|
+
|
15
|
+
create_table :oauth_access_grants do |t|
|
16
|
+
t.references :resource_owner, null: false
|
17
|
+
t.references :application, null: false
|
18
|
+
t.string :token, null: false
|
19
|
+
t.integer :expires_in, null: false
|
20
|
+
t.text :redirect_uri, null: false
|
21
|
+
t.datetime :created_at, null: false
|
22
|
+
t.datetime :revoked_at
|
23
|
+
t.string :scopes
|
24
|
+
end
|
25
|
+
|
26
|
+
add_index :oauth_access_grants, :token, unique: true
|
27
|
+
add_foreign_key(
|
28
|
+
:oauth_access_grants,
|
29
|
+
:oauth_applications,
|
30
|
+
column: :application_id
|
31
|
+
)
|
32
|
+
|
33
|
+
create_table :oauth_access_tokens do |t|
|
34
|
+
t.references :resource_owner, index: true
|
35
|
+
t.references :application
|
36
|
+
|
37
|
+
# If you use a custom token generator you may need to change this column
|
38
|
+
# from string to text, so that it accepts tokens larger than 255
|
39
|
+
# characters. More info on custom token generators in:
|
40
|
+
# https://github.com/doorkeeper-gem/doorkeeper/tree/v3.0.0.rc1#custom-access-token-generator
|
41
|
+
#
|
42
|
+
# t.text :token, null: false
|
43
|
+
t.string :token, null: false
|
44
|
+
|
45
|
+
t.string :refresh_token
|
46
|
+
t.integer :expires_in
|
47
|
+
t.datetime :revoked_at
|
48
|
+
t.datetime :created_at, null: false
|
49
|
+
t.string :scopes
|
50
|
+
|
51
|
+
# If there is a previous_refresh_token column,
|
52
|
+
# refresh tokens will be revoked after a related access token is used.
|
53
|
+
# If there is no previous_refresh_token column,
|
54
|
+
# previous tokens are revoked as soon as a new access token is created.
|
55
|
+
# Comment out this line if you'd rather have refresh tokens
|
56
|
+
# instantly revoked.
|
57
|
+
t.string :previous_refresh_token, null: false, default: ""
|
58
|
+
end
|
59
|
+
|
60
|
+
add_index :oauth_access_tokens, :token, unique: true
|
61
|
+
add_index :oauth_access_tokens, :refresh_token, unique: true
|
62
|
+
add_foreign_key(
|
63
|
+
:oauth_access_tokens,
|
64
|
+
:oauth_applications,
|
65
|
+
column: :application_id
|
66
|
+
)
|
67
|
+
end
|
68
|
+
end
|
@@ -1,5 +1,14 @@
|
|
1
|
+
def require_name(dependency_name)
|
2
|
+
case dependency_name
|
3
|
+
when 'devise-doorkeeper'
|
4
|
+
'devise/doorkeeper'
|
5
|
+
else
|
6
|
+
dependency_name
|
7
|
+
end
|
8
|
+
end
|
9
|
+
|
1
10
|
Gem.loaded_specs['hackathon_manager'].dependencies.each do |d|
|
2
|
-
require d.name
|
11
|
+
require require_name(d.name)
|
3
12
|
end
|
4
13
|
|
5
14
|
module HackathonManager
|
@@ -33,7 +42,11 @@ module HackathonManager
|
|
33
42
|
end
|
34
43
|
|
35
44
|
initializer 'hackathon_manager.factories', after: 'factory_bot.set_factory_paths' do
|
36
|
-
|
45
|
+
if defined?(FactoryBot)
|
46
|
+
FactoryBot.definition_file_paths << File.expand_path('../../test/factories', __dir__)
|
47
|
+
# doorkeeper_dir = Gem::Specification.find_by_name('doorkeeper').gem_dir
|
48
|
+
# FactoryBot.definition_file_paths << File.join(doorkeeper_dir, 'spec/factories')
|
49
|
+
end
|
37
50
|
end
|
38
51
|
|
39
52
|
ActionController::Base.class_eval do
|
@@ -0,0 +1,30 @@
|
|
1
|
+
# Temporary fix until https://github.com/doorkeeper-gem/doorkeeper/pull/1176 merges
|
2
|
+
|
3
|
+
FactoryBot.define do
|
4
|
+
factory :access_grant, class: "Doorkeeper::AccessGrant" do
|
5
|
+
sequence(:resource_owner_id) { |n| n }
|
6
|
+
application
|
7
|
+
redirect_uri { 'https://app.com/callback' }
|
8
|
+
expires_in { 100 }
|
9
|
+
scopes { 'public write' }
|
10
|
+
end
|
11
|
+
|
12
|
+
factory :access_token, class: "Doorkeeper::AccessToken" do
|
13
|
+
sequence(:resource_owner_id) { |n| n }
|
14
|
+
application
|
15
|
+
expires_in { 2.hours }
|
16
|
+
|
17
|
+
factory :clientless_access_token do
|
18
|
+
application { nil }
|
19
|
+
end
|
20
|
+
end
|
21
|
+
|
22
|
+
factory :application, class: "Doorkeeper::Application" do
|
23
|
+
sequence(:name) { |n| "Application #{n}" }
|
24
|
+
redirect_uri { 'https://app.com/callback' }
|
25
|
+
end
|
26
|
+
|
27
|
+
# do not name this factory :user, otherwise it will conflict with factories
|
28
|
+
# from applications that use doorkeeper factories in their own tests
|
29
|
+
factory :doorkeeper_testing_user, class: :user
|
30
|
+
end
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: hackathon_manager
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 0.10.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Stuart Olivera
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date:
|
11
|
+
date: 2019-01-02 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: rails
|
@@ -108,6 +108,34 @@ dependencies:
|
|
108
108
|
- - "~>"
|
109
109
|
- !ruby/object:Gem::Version
|
110
110
|
version: '0.1'
|
111
|
+
- !ruby/object:Gem::Dependency
|
112
|
+
name: doorkeeper
|
113
|
+
requirement: !ruby/object:Gem::Requirement
|
114
|
+
requirements:
|
115
|
+
- - "~>"
|
116
|
+
- !ruby/object:Gem::Version
|
117
|
+
version: '5.0'
|
118
|
+
type: :runtime
|
119
|
+
prerelease: false
|
120
|
+
version_requirements: !ruby/object:Gem::Requirement
|
121
|
+
requirements:
|
122
|
+
- - "~>"
|
123
|
+
- !ruby/object:Gem::Version
|
124
|
+
version: '5.0'
|
125
|
+
- !ruby/object:Gem::Dependency
|
126
|
+
name: devise-doorkeeper
|
127
|
+
requirement: !ruby/object:Gem::Requirement
|
128
|
+
requirements:
|
129
|
+
- - ">="
|
130
|
+
- !ruby/object:Gem::Version
|
131
|
+
version: '0'
|
132
|
+
type: :runtime
|
133
|
+
prerelease: false
|
134
|
+
version_requirements: !ruby/object:Gem::Requirement
|
135
|
+
requirements:
|
136
|
+
- - ">="
|
137
|
+
- !ruby/object:Gem::Version
|
138
|
+
version: '0'
|
111
139
|
- !ruby/object:Gem::Dependency
|
112
140
|
name: httparty
|
113
141
|
requirement: !ruby/object:Gem::Requirement
|
@@ -602,12 +630,14 @@ files:
|
|
602
630
|
- config/initializers/ajax_datatables_rails.rb
|
603
631
|
- config/initializers/chartkick.rb
|
604
632
|
- config/initializers/devise.rb
|
633
|
+
- config/initializers/doorkeeper.rb
|
605
634
|
- config/initializers/mime_types.rb
|
606
635
|
- config/initializers/new_framework_defaults.rb
|
607
636
|
- config/initializers/sidekiq.rb
|
608
637
|
- config/initializers/simple_form.rb
|
609
638
|
- config/initializers/simple_form_bootstrap.rb
|
610
639
|
- config/initializers/wrap_parameters.rb
|
640
|
+
- config/locales/doorkeeper.en.yml
|
611
641
|
- config/locales/en.yml
|
612
642
|
- config/routes.rb
|
613
643
|
- db/migrate/20141011210642_create_participants.rb
|
@@ -656,6 +686,8 @@ files:
|
|
656
686
|
- db/migrate/20180701160855_remove_email_from_questionnaires.rb
|
657
687
|
- db/migrate/20180801144544_add_type_to_messages.rb
|
658
688
|
- db/migrate/20181125213158_add_grad_year_and_race_ethnicity_to_questionnaires.rb
|
689
|
+
- db/migrate/20181221194407_create_doorkeeper_tables.rb
|
690
|
+
- db/migrate/20181221195241_enable_pkce.rb
|
659
691
|
- db/schools.csv
|
660
692
|
- db/seed_messages/questionnaire--accepted.md
|
661
693
|
- db/seed_messages/questionnaire--denied.md
|
@@ -674,6 +706,7 @@ files:
|
|
674
706
|
- test/factories/questionnaire.rb
|
675
707
|
- test/factories/school.rb
|
676
708
|
- test/factories/school_name_duplicate.rb
|
709
|
+
- test/factories/temp_doorkeeper.rb
|
677
710
|
- test/factories/users.rb
|
678
711
|
homepage: https://github.com/sman591/hackathon_manager
|
679
712
|
licenses:
|
@@ -694,8 +727,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
694
727
|
- !ruby/object:Gem::Version
|
695
728
|
version: '0'
|
696
729
|
requirements: []
|
697
|
-
|
698
|
-
rubygems_version: 2.7.6
|
730
|
+
rubygems_version: 3.0.1
|
699
731
|
signing_key:
|
700
732
|
specification_version: 4
|
701
733
|
summary: Full-featured application for managing hackathon logistics
|