oauth2-provider 0.0.16 → 0.0.17
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- data/Rakefile +1 -0
- data/examples/client/config.ru +1 -1
- data/lib/oauth2-provider.rb +0 -1
- data/lib/oauth2/provider.rb +2 -0
- data/lib/oauth2/provider/models/authorization.rb +9 -0
- data/lib/oauth2/provider/models/client.rb +13 -0
- data/lib/oauth2/provider/models/mongoid/authorization.rb +1 -1
- data/lib/oauth2/provider/models/mongoid/client.rb +1 -0
- data/lib/oauth2/provider/rack.rb +3 -0
- data/lib/oauth2/provider/rack/authorization_code_request.rb +11 -15
- data/lib/oauth2/provider/rack/authorization_codes_support.rb +1 -3
- data/lib/oauth2/provider/rack/middleware.rb +4 -9
- data/lib/oauth2/provider/rack/resource_request.rb +1 -2
- data/lib/oauth2/provider/version.rb +1 -1
- data/oauth2-provider.gemspec +4 -5
- data/spec/models/authorization_spec.rb +48 -8
- data/spec/models/client_spec.rb +34 -0
- data/spec/requests/{authorization_codes_support_spec.rb → authorization_code_request_spec.rb} +61 -9
- data/spec/schema.rb +1 -0
- data/spec/spec_helper.rb +1 -1
- metadata +73 -74
data/Rakefile
CHANGED
data/examples/client/config.ru
CHANGED
data/lib/oauth2-provider.rb
CHANGED
data/lib/oauth2/provider.rb
CHANGED
|
@@ -32,6 +32,15 @@ module OAuth2::Provider::Models::Authorization
|
|
|
32
32
|
end
|
|
33
33
|
|
|
34
34
|
module ClassMethods
|
|
35
|
+
def allowing(client, owner, scope)
|
|
36
|
+
where(
|
|
37
|
+
:client_id => client.id,
|
|
38
|
+
:resource_owner_id => owner && owner.id,
|
|
39
|
+
:resource_owner_type => owner && owner.class.name,
|
|
40
|
+
:scope => scope
|
|
41
|
+
).select(&:fresh?)
|
|
42
|
+
end
|
|
43
|
+
|
|
35
44
|
def all_for(ro)
|
|
36
45
|
return [] unless ro
|
|
37
46
|
self.where(:resource_owner_id => ro.id, :resource_owner_type => ro.class.name).all
|
|
@@ -1,3 +1,5 @@
|
|
|
1
|
+
require 'addressable/uri'
|
|
2
|
+
|
|
1
3
|
module OAuth2::Provider::Models::Client
|
|
2
4
|
extend ActiveSupport::Concern
|
|
3
5
|
|
|
@@ -20,6 +22,17 @@ module OAuth2::Provider::Models::Client
|
|
|
20
22
|
true
|
|
21
23
|
end
|
|
22
24
|
|
|
25
|
+
def allow_redirection?(uri)
|
|
26
|
+
uri_host = Addressable::URI.parse(uri).host
|
|
27
|
+
if oauth_redirect_uri
|
|
28
|
+
Addressable::URI.parse(oauth_redirect_uri).host == uri_host
|
|
29
|
+
else
|
|
30
|
+
!uri_host.nil? && true
|
|
31
|
+
end
|
|
32
|
+
rescue Addressable::URI::InvalidURIError
|
|
33
|
+
false
|
|
34
|
+
end
|
|
35
|
+
|
|
23
36
|
module ClassMethods
|
|
24
37
|
def from_param(identifier)
|
|
25
38
|
self.find_by_oauth_identifier(identifier)
|
data/lib/oauth2/provider/rack.rb
CHANGED
|
@@ -8,4 +8,7 @@ module OAuth2::Provider::Rack
|
|
|
8
8
|
autoload :ResourceRequest, 'oauth2/provider/rack/resource_request'
|
|
9
9
|
autoload :Responses, 'oauth2/provider/rack/responses'
|
|
10
10
|
autoload :AuthorizationCodesSupport, 'oauth2/provider/rack/authorization_codes_support'
|
|
11
|
+
|
|
12
|
+
class InvalidRequest < StandardError
|
|
13
|
+
end
|
|
11
14
|
end
|
|
@@ -1,25 +1,24 @@
|
|
|
1
1
|
module OAuth2::Provider::Rack
|
|
2
2
|
class AuthorizationCodeRequest
|
|
3
|
-
def initialize(
|
|
4
|
-
@env = env
|
|
3
|
+
def initialize(params)
|
|
5
4
|
@params = params
|
|
6
5
|
end
|
|
7
6
|
|
|
8
7
|
def validate!
|
|
9
|
-
unless
|
|
10
|
-
|
|
8
|
+
unless client_id
|
|
9
|
+
raise OAuth2::Provider::Rack::InvalidRequest, 'No client_id provided'
|
|
11
10
|
end
|
|
12
11
|
|
|
13
|
-
unless
|
|
14
|
-
|
|
12
|
+
unless client
|
|
13
|
+
raise OAuth2::Provider::Rack::InvalidRequest, 'client_id is invalid'
|
|
15
14
|
end
|
|
16
15
|
|
|
17
|
-
unless
|
|
18
|
-
|
|
16
|
+
unless redirect_uri
|
|
17
|
+
raise OAuth2::Provider::Rack::InvalidRequest, 'No redirect_uri provided'
|
|
19
18
|
end
|
|
20
19
|
|
|
21
|
-
unless
|
|
22
|
-
|
|
20
|
+
unless redirect_uri_valid?
|
|
21
|
+
raise OAuth2::Provider::Rack::InvalidRequest, 'Provided redirect_uri is invalid'
|
|
23
22
|
end
|
|
24
23
|
end
|
|
25
24
|
|
|
@@ -55,9 +54,7 @@ module OAuth2::Provider::Rack
|
|
|
55
54
|
end
|
|
56
55
|
|
|
57
56
|
def redirect_uri_valid?
|
|
58
|
-
|
|
59
|
-
rescue
|
|
60
|
-
nil
|
|
57
|
+
client && client.allow_redirection?(redirect_uri)
|
|
61
58
|
end
|
|
62
59
|
|
|
63
60
|
def scope
|
|
@@ -67,8 +64,7 @@ module OAuth2::Provider::Rack
|
|
|
67
64
|
private
|
|
68
65
|
|
|
69
66
|
def throw_response(response)
|
|
70
|
-
|
|
71
|
-
throw :oauth2
|
|
67
|
+
throw :oauth2, response
|
|
72
68
|
end
|
|
73
69
|
end
|
|
74
70
|
end
|
|
@@ -1,10 +1,8 @@
|
|
|
1
|
-
require 'addressable/uri'
|
|
2
|
-
|
|
3
1
|
module OAuth2::Provider::Rack::AuthorizationCodesSupport
|
|
4
2
|
protected
|
|
5
3
|
|
|
6
4
|
def oauth2_authorization_request
|
|
7
|
-
request.env['oauth2.authorization_request'] ||= OAuth2::Provider::Rack::AuthorizationCodeRequest.new(request.
|
|
5
|
+
request.env['oauth2.authorization_request'] ||= OAuth2::Provider::Rack::AuthorizationCodeRequest.new(request.params)
|
|
8
6
|
end
|
|
9
7
|
|
|
10
8
|
def block_invalid_authorization_code_requests
|
|
@@ -7,6 +7,8 @@ module OAuth2::Provider::Rack
|
|
|
7
7
|
def call(env)
|
|
8
8
|
request = env['oauth2'] = ResourceRequest.new(env)
|
|
9
9
|
|
|
10
|
+
env['warden'] && env['warden'].custom_failure!
|
|
11
|
+
|
|
10
12
|
response = catch :oauth2 do
|
|
11
13
|
if request.path == "/oauth/access_token"
|
|
12
14
|
AccessTokenHandler.new(@app, env).process
|
|
@@ -14,15 +16,8 @@ module OAuth2::Provider::Rack
|
|
|
14
16
|
@app.call(env)
|
|
15
17
|
end
|
|
16
18
|
end
|
|
17
|
-
|
|
18
|
-
|
|
19
|
-
end
|
|
20
|
-
|
|
21
|
-
def thrown_response(env)
|
|
22
|
-
if env['oauth2.response']
|
|
23
|
-
env['warden'] && env['warden'].custom_failure!
|
|
24
|
-
env['oauth2.response']
|
|
25
|
-
end
|
|
19
|
+
rescue InvalidRequest => e
|
|
20
|
+
[400, {}, e.message]
|
|
26
21
|
end
|
|
27
22
|
end
|
|
28
23
|
end
|
data/oauth2-provider.gemspec
CHANGED
|
@@ -18,12 +18,12 @@ Gem::Specification.new do |s|
|
|
|
18
18
|
s.require_paths = ["lib"]
|
|
19
19
|
|
|
20
20
|
# Main dependencies
|
|
21
|
-
s.add_dependency 'activesupport', '~>3.0
|
|
21
|
+
s.add_dependency 'activesupport', '~>3.0'
|
|
22
22
|
s.add_dependency 'addressable', '~>2.2'
|
|
23
23
|
|
|
24
|
-
|
|
25
|
-
s.add_development_dependency '
|
|
26
|
-
s.add_development_dependency 'rspec
|
|
24
|
+
s.add_development_dependency 'rack-test', '~>0.5.7'
|
|
25
|
+
s.add_development_dependency 'activerecord', '~>3.0.1'
|
|
26
|
+
s.add_development_dependency 'rspec', '~>2.1.0'
|
|
27
27
|
s.add_development_dependency 'rake', '~>0.8.7'
|
|
28
28
|
s.add_development_dependency 'sqlite3-ruby', '~>1.3.1'
|
|
29
29
|
s.add_development_dependency 'timecop', '~>0.3.4'
|
|
@@ -31,5 +31,4 @@ Gem::Specification.new do |s|
|
|
|
31
31
|
s.add_development_dependency 'mongoid', '2.0.0.rc.6'
|
|
32
32
|
s.add_development_dependency 'bson', '1.2.0'
|
|
33
33
|
s.add_development_dependency 'bson_ext', '1.2.0'
|
|
34
|
-
s.add_development_dependency 'sdoc', '~>0.2.20'
|
|
35
34
|
end
|
|
@@ -5,39 +5,39 @@ describe OAuth2::Provider.authorization_class do
|
|
|
5
5
|
subject do
|
|
6
6
|
result = OAuth2::Provider.authorization_class.new :client => create_client
|
|
7
7
|
end
|
|
8
|
-
|
|
8
|
+
|
|
9
9
|
it "is valid with a client" do
|
|
10
10
|
subject.client.should_not be_nil
|
|
11
11
|
subject.should be_valid
|
|
12
12
|
end
|
|
13
|
-
|
|
13
|
+
|
|
14
14
|
it "is invalid without a client" do
|
|
15
15
|
subject.client = nil
|
|
16
16
|
subject.should_not be_valid
|
|
17
17
|
end
|
|
18
|
-
|
|
18
|
+
|
|
19
19
|
it "has a given scope, if scope string includes scope" do
|
|
20
20
|
subject.scope = "first second third"
|
|
21
21
|
subject.should have_scope("first")
|
|
22
22
|
subject.should have_scope("second")
|
|
23
23
|
subject.should have_scope("third")
|
|
24
24
|
end
|
|
25
|
-
|
|
25
|
+
|
|
26
26
|
it "doesn't have a given scope, if scope string doesn't scope" do
|
|
27
27
|
subject.scope = "first second third"
|
|
28
28
|
subject.should_not have_scope("fourth")
|
|
29
29
|
end
|
|
30
30
|
end
|
|
31
|
-
|
|
31
|
+
|
|
32
32
|
describe "a new instance" do
|
|
33
33
|
subject do
|
|
34
34
|
OAuth2::Provider.authorization_class.new
|
|
35
35
|
end
|
|
36
|
-
|
|
36
|
+
|
|
37
37
|
it "has no expiry time by default" do
|
|
38
38
|
subject.expires_at.should be_nil
|
|
39
39
|
end
|
|
40
|
-
|
|
40
|
+
|
|
41
41
|
it "is never expired" do
|
|
42
42
|
subject.should_not be_expired
|
|
43
43
|
Timecop.travel(100.years.from_now)
|
|
@@ -85,7 +85,47 @@ describe OAuth2::Provider.authorization_class do
|
|
|
85
85
|
end
|
|
86
86
|
end
|
|
87
87
|
|
|
88
|
-
describe "
|
|
88
|
+
describe ".allowing(client, owner, scope)" do
|
|
89
|
+
before :each do
|
|
90
|
+
@client = create_client
|
|
91
|
+
@owner = create_resource_owner
|
|
92
|
+
@scope = "any-scope"
|
|
93
|
+
@authorization = OAuth2::Provider.authorization_class.create!(
|
|
94
|
+
:client => @client,
|
|
95
|
+
:resource_owner => @owner,
|
|
96
|
+
:scope => @scope,
|
|
97
|
+
:expires_at => 1.hour.from_now
|
|
98
|
+
)
|
|
99
|
+
end
|
|
100
|
+
|
|
101
|
+
it "returns existing authorizations for the given client, owner and scope" do
|
|
102
|
+
results = OAuth2::Provider.authorization_class.allowing(@client, @owner, @scope).to_a
|
|
103
|
+
results.should eql([@authorization])
|
|
104
|
+
end
|
|
105
|
+
|
|
106
|
+
it "doesn't return authorizations where client is different" do
|
|
107
|
+
results = OAuth2::Provider.authorization_class.allowing(create_client, @owner, @scope).to_a
|
|
108
|
+
results.should eql([])
|
|
109
|
+
end
|
|
110
|
+
|
|
111
|
+
it "doesn't return authorizations where owner is different" do
|
|
112
|
+
results = OAuth2::Provider.authorization_class.allowing(@client, create_resource_owner, @scope).to_a
|
|
113
|
+
results.should eql([])
|
|
114
|
+
end
|
|
115
|
+
|
|
116
|
+
it "doesn't return authorizations where scope is different" do
|
|
117
|
+
results = OAuth2::Provider.authorization_class.allowing(@client, @owner, 'another-scope').to_a
|
|
118
|
+
results.should eql([])
|
|
119
|
+
end
|
|
120
|
+
|
|
121
|
+
it "doesn't return expired authorizations" do
|
|
122
|
+
Timecop.travel 4.hours.from_now
|
|
123
|
+
results = OAuth2::Provider.authorization_class.allowing(@client, @owner, @scope).to_a
|
|
124
|
+
results.should eql([])
|
|
125
|
+
end
|
|
126
|
+
end
|
|
127
|
+
|
|
128
|
+
describe "#revoke" do
|
|
89
129
|
subject do
|
|
90
130
|
OAuth2::Provider.authorization_class.create! :client => create_client
|
|
91
131
|
end
|
data/spec/models/client_spec.rb
CHANGED
|
@@ -72,4 +72,38 @@ describe OAuth2::Provider.client_class do
|
|
|
72
72
|
subject.should == OAuth2::Provider.client_class.from_param(subject.oauth_identifier)
|
|
73
73
|
end
|
|
74
74
|
end
|
|
75
|
+
|
|
76
|
+
describe "#allow_redirection?(uri)" do
|
|
77
|
+
describe "on a client with an oauth_redirect_uri" do
|
|
78
|
+
subject do
|
|
79
|
+
OAuth2::Provider.client_class.new :name => 'client', :oauth_redirect_uri => "http://valid.example.com/any/path"
|
|
80
|
+
end
|
|
81
|
+
|
|
82
|
+
it "returns true if hosts match" do
|
|
83
|
+
subject.allow_redirection?("http://valid.example.com/another/path").should be_true
|
|
84
|
+
end
|
|
85
|
+
|
|
86
|
+
it "returns false if hosts are different match" do
|
|
87
|
+
subject.allow_redirection?("http://invalid.example.com/another/path").should be_false
|
|
88
|
+
end
|
|
89
|
+
|
|
90
|
+
it "returns false if the provided uri isn't a valid uri" do
|
|
91
|
+
subject.allow_redirection?("a-load-of-rubbish").should be_false
|
|
92
|
+
end
|
|
93
|
+
end
|
|
94
|
+
|
|
95
|
+
describe "on a client without an oauth_redirect_uri" do
|
|
96
|
+
subject do
|
|
97
|
+
OAuth2::Provider.client_class.new :name => 'client'
|
|
98
|
+
end
|
|
99
|
+
|
|
100
|
+
it "always returns true" do
|
|
101
|
+
subject.allow_redirection?("http://anything.example.com/any/path").should be_true
|
|
102
|
+
end
|
|
103
|
+
|
|
104
|
+
it "returns false if the provided uri isn't a valid uri" do
|
|
105
|
+
subject.allow_redirection?("a-load-of-rubbish").should be_false
|
|
106
|
+
end
|
|
107
|
+
end
|
|
108
|
+
end
|
|
75
109
|
end
|
data/spec/requests/{authorization_codes_support_spec.rb → authorization_code_request_spec.rb}
RENAMED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
require 'spec_helper'
|
|
2
2
|
|
|
3
|
-
describe OAuth2::Provider::Rack::
|
|
3
|
+
describe OAuth2::Provider::Rack::AuthorizationCodeRequest do
|
|
4
4
|
before :each do
|
|
5
5
|
ExampleResourceOwner.destroy_all
|
|
6
6
|
@client = OAuth2::Provider.client_class.create! :name => 'client'
|
|
@@ -14,7 +14,7 @@ describe OAuth2::Provider::Rack::AuthorizationCodesSupport do
|
|
|
14
14
|
describe "Validating requests" do
|
|
15
15
|
action do |env|
|
|
16
16
|
request = Rack::Request.new(env)
|
|
17
|
-
env['oauth2.authorization_request'] ||= OAuth2::Provider::Rack::AuthorizationCodeRequest.new(
|
|
17
|
+
env['oauth2.authorization_request'] ||= OAuth2::Provider::Rack::AuthorizationCodeRequest.new(request.params)
|
|
18
18
|
env['oauth2.authorization_request'].validate!
|
|
19
19
|
successful_response
|
|
20
20
|
end
|
|
@@ -34,7 +34,9 @@ describe OAuth2::Provider::Rack::AuthorizationCodesSupport do
|
|
|
34
34
|
get '/oauth/authorize', @valid_params.except(:client_id)
|
|
35
35
|
end
|
|
36
36
|
|
|
37
|
-
|
|
37
|
+
it "returns 400" do
|
|
38
|
+
response.status.should == 400
|
|
39
|
+
end
|
|
38
40
|
end
|
|
39
41
|
|
|
40
42
|
describe "Any request without a redirect_uri" do
|
|
@@ -62,13 +64,15 @@ describe OAuth2::Provider::Rack::AuthorizationCodesSupport do
|
|
|
62
64
|
get '/oauth/authorize', @valid_params.merge(:client_id => 'unknown')
|
|
63
65
|
end
|
|
64
66
|
|
|
65
|
-
|
|
67
|
+
it "returns 400" do
|
|
68
|
+
response.status.should == 400
|
|
69
|
+
end
|
|
66
70
|
end
|
|
67
71
|
|
|
68
72
|
describe "A request where the scope is declared invalid" do
|
|
69
73
|
action do |env|
|
|
70
74
|
request = Rack::Request.new(env)
|
|
71
|
-
env['oauth2.authorization_request'] ||= OAuth2::Provider::Rack::AuthorizationCodeRequest.new(
|
|
75
|
+
env['oauth2.authorization_request'] ||= OAuth2::Provider::Rack::AuthorizationCodeRequest.new(request.params)
|
|
72
76
|
env['oauth2.authorization_request'].validate!
|
|
73
77
|
env['oauth2.authorization_request'].invalid_scope!
|
|
74
78
|
successful_response
|
|
@@ -82,10 +86,58 @@ describe OAuth2::Provider::Rack::AuthorizationCodesSupport do
|
|
|
82
86
|
end
|
|
83
87
|
end
|
|
84
88
|
|
|
89
|
+
describe "Intercepting invalid requests" do
|
|
90
|
+
action do |env|
|
|
91
|
+
request = Rack::Request.new(env)
|
|
92
|
+
env['oauth2.authorization_request'] ||= OAuth2::Provider::Rack::AuthorizationCodeRequest.new(request.params)
|
|
93
|
+
begin
|
|
94
|
+
env['oauth2.authorization_request'].validate!
|
|
95
|
+
successful_response
|
|
96
|
+
rescue OAuth2::Provider::Rack::InvalidRequest => e
|
|
97
|
+
[418, {'Content-Type' => 'text/plain'}, e.to_s]
|
|
98
|
+
end
|
|
99
|
+
end
|
|
100
|
+
|
|
101
|
+
before :each do
|
|
102
|
+
get '/oauth/authorize', @valid_params.except(:client_id)
|
|
103
|
+
end
|
|
104
|
+
|
|
105
|
+
it "should return the specific response" do
|
|
106
|
+
response.status.should == 418
|
|
107
|
+
end
|
|
108
|
+
end
|
|
109
|
+
|
|
110
|
+
describe "When the client has a redirect_uri attribute" do
|
|
111
|
+
before :each do
|
|
112
|
+
@client = OAuth2::Provider.client_class.create! :name => 'client', :oauth_redirect_uri => "https://redirect.example.com/callback"
|
|
113
|
+
@valid_params = {
|
|
114
|
+
:client_id => @client.oauth_identifier,
|
|
115
|
+
:redirect_uri => "https://redirect.example.com/callback"
|
|
116
|
+
}
|
|
117
|
+
end
|
|
118
|
+
|
|
119
|
+
action do |env|
|
|
120
|
+
request = Rack::Request.new(env)
|
|
121
|
+
env['oauth2.authorization_request'] ||= OAuth2::Provider::Rack::AuthorizationCodeRequest.new(request.params)
|
|
122
|
+
env['oauth2.authorization_request'].validate!
|
|
123
|
+
successful_response
|
|
124
|
+
end
|
|
125
|
+
|
|
126
|
+
it "returns a 400 if the redirect_uri parameter doesn't match hostnames" do
|
|
127
|
+
get '/oauth/authorize', @valid_params.merge(:redirect_uri => "https://evil.example.com/callback")
|
|
128
|
+
response.status.should == 400
|
|
129
|
+
end
|
|
130
|
+
|
|
131
|
+
it "returns a 200 if the redirect_uri parameter matches hostname but the path is different" do
|
|
132
|
+
get '/oauth/authorize', @valid_params.merge(:redirect_uri => "https://redirect.example.com/other_callback")
|
|
133
|
+
response.status.should == 200
|
|
134
|
+
end
|
|
135
|
+
end
|
|
136
|
+
|
|
85
137
|
describe "Granting a code" do
|
|
86
138
|
action do |env|
|
|
87
139
|
request = Rack::Request.new(env)
|
|
88
|
-
env['oauth2.authorization_request'] ||= OAuth2::Provider::Rack::AuthorizationCodeRequest.new(
|
|
140
|
+
env['oauth2.authorization_request'] ||= OAuth2::Provider::Rack::AuthorizationCodeRequest.new(request.params)
|
|
89
141
|
env['oauth2.authorization_request'].grant! ExampleResourceOwner.first
|
|
90
142
|
end
|
|
91
143
|
|
|
@@ -108,7 +160,7 @@ describe OAuth2::Provider::Rack::AuthorizationCodesSupport do
|
|
|
108
160
|
describe "Granting a code with a scope" do
|
|
109
161
|
action do |env|
|
|
110
162
|
request = Rack::Request.new(env)
|
|
111
|
-
env['oauth2.authorization_request'] ||= OAuth2::Provider::Rack::AuthorizationCodeRequest.new(
|
|
163
|
+
env['oauth2.authorization_request'] ||= OAuth2::Provider::Rack::AuthorizationCodeRequest.new(request.params)
|
|
112
164
|
env['oauth2.authorization_request'].grant! ExampleResourceOwner.first
|
|
113
165
|
end
|
|
114
166
|
|
|
@@ -126,7 +178,7 @@ describe OAuth2::Provider::Rack::AuthorizationCodesSupport do
|
|
|
126
178
|
describe "Granting a code with custom authorization length" do
|
|
127
179
|
action do |env|
|
|
128
180
|
request = Rack::Request.new(env)
|
|
129
|
-
env['oauth2.authorization_request'] ||= OAuth2::Provider::Rack::AuthorizationCodeRequest.new(
|
|
181
|
+
env['oauth2.authorization_request'] ||= OAuth2::Provider::Rack::AuthorizationCodeRequest.new(request.params)
|
|
130
182
|
env['oauth2.authorization_request'].grant! ExampleResourceOwner.first, 5.years.from_now
|
|
131
183
|
end
|
|
132
184
|
|
|
@@ -144,7 +196,7 @@ describe OAuth2::Provider::Rack::AuthorizationCodesSupport do
|
|
|
144
196
|
describe "Denying a code" do
|
|
145
197
|
action do |env|
|
|
146
198
|
request = Rack::Request.new(env)
|
|
147
|
-
env['oauth2.authorization_request'] ||= OAuth2::Provider::Rack::AuthorizationCodeRequest.new(
|
|
199
|
+
env['oauth2.authorization_request'] ||= OAuth2::Provider::Rack::AuthorizationCodeRequest.new(request.params)
|
|
148
200
|
env['oauth2.authorization_request'].deny!
|
|
149
201
|
end
|
|
150
202
|
|
data/spec/schema.rb
CHANGED
data/spec/spec_helper.rb
CHANGED
metadata
CHANGED
|
@@ -1,13 +1,13 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: oauth2-provider
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
hash:
|
|
4
|
+
hash: 61
|
|
5
5
|
prerelease:
|
|
6
6
|
segments:
|
|
7
7
|
- 0
|
|
8
8
|
- 0
|
|
9
|
-
-
|
|
10
|
-
version: 0.0.
|
|
9
|
+
- 17
|
|
10
|
+
version: 0.0.17
|
|
11
11
|
platform: ruby
|
|
12
12
|
authors:
|
|
13
13
|
- Tom Ward
|
|
@@ -15,28 +15,26 @@ autorequire:
|
|
|
15
15
|
bindir: bin
|
|
16
16
|
cert_chain: []
|
|
17
17
|
|
|
18
|
-
date: 2011-05-
|
|
18
|
+
date: 2011-05-31 00:00:00 +01:00
|
|
19
19
|
default_executable:
|
|
20
20
|
dependencies:
|
|
21
21
|
- !ruby/object:Gem::Dependency
|
|
22
|
-
|
|
23
|
-
prerelease: false
|
|
22
|
+
type: :runtime
|
|
24
23
|
requirement: &id001 !ruby/object:Gem::Requirement
|
|
25
24
|
none: false
|
|
26
25
|
requirements:
|
|
27
26
|
- - ~>
|
|
28
27
|
- !ruby/object:Gem::Version
|
|
29
|
-
hash:
|
|
28
|
+
hash: 7
|
|
30
29
|
segments:
|
|
31
30
|
- 3
|
|
32
31
|
- 0
|
|
33
|
-
|
|
34
|
-
version: 3.0.1
|
|
35
|
-
type: :runtime
|
|
32
|
+
version: "3.0"
|
|
36
33
|
version_requirements: *id001
|
|
37
|
-
|
|
38
|
-
name: addressable
|
|
34
|
+
name: activesupport
|
|
39
35
|
prerelease: false
|
|
36
|
+
- !ruby/object:Gem::Dependency
|
|
37
|
+
type: :runtime
|
|
40
38
|
requirement: &id002 !ruby/object:Gem::Requirement
|
|
41
39
|
none: false
|
|
42
40
|
requirements:
|
|
@@ -47,12 +45,28 @@ dependencies:
|
|
|
47
45
|
- 2
|
|
48
46
|
- 2
|
|
49
47
|
version: "2.2"
|
|
50
|
-
type: :runtime
|
|
51
48
|
version_requirements: *id002
|
|
52
|
-
|
|
53
|
-
name: rails
|
|
49
|
+
name: addressable
|
|
54
50
|
prerelease: false
|
|
51
|
+
- !ruby/object:Gem::Dependency
|
|
52
|
+
type: :development
|
|
55
53
|
requirement: &id003 !ruby/object:Gem::Requirement
|
|
54
|
+
none: false
|
|
55
|
+
requirements:
|
|
56
|
+
- - ~>
|
|
57
|
+
- !ruby/object:Gem::Version
|
|
58
|
+
hash: 5
|
|
59
|
+
segments:
|
|
60
|
+
- 0
|
|
61
|
+
- 5
|
|
62
|
+
- 7
|
|
63
|
+
version: 0.5.7
|
|
64
|
+
version_requirements: *id003
|
|
65
|
+
name: rack-test
|
|
66
|
+
prerelease: false
|
|
67
|
+
- !ruby/object:Gem::Dependency
|
|
68
|
+
type: :development
|
|
69
|
+
requirement: &id004 !ruby/object:Gem::Requirement
|
|
56
70
|
none: false
|
|
57
71
|
requirements:
|
|
58
72
|
- - ~>
|
|
@@ -63,12 +77,12 @@ dependencies:
|
|
|
63
77
|
- 0
|
|
64
78
|
- 1
|
|
65
79
|
version: 3.0.1
|
|
66
|
-
|
|
67
|
-
|
|
68
|
-
- !ruby/object:Gem::Dependency
|
|
69
|
-
name: rspec-rails
|
|
80
|
+
version_requirements: *id004
|
|
81
|
+
name: activerecord
|
|
70
82
|
prerelease: false
|
|
71
|
-
|
|
83
|
+
- !ruby/object:Gem::Dependency
|
|
84
|
+
type: :development
|
|
85
|
+
requirement: &id005 !ruby/object:Gem::Requirement
|
|
72
86
|
none: false
|
|
73
87
|
requirements:
|
|
74
88
|
- - ~>
|
|
@@ -79,12 +93,12 @@ dependencies:
|
|
|
79
93
|
- 1
|
|
80
94
|
- 0
|
|
81
95
|
version: 2.1.0
|
|
82
|
-
|
|
83
|
-
|
|
84
|
-
- !ruby/object:Gem::Dependency
|
|
85
|
-
name: rake
|
|
96
|
+
version_requirements: *id005
|
|
97
|
+
name: rspec
|
|
86
98
|
prerelease: false
|
|
87
|
-
|
|
99
|
+
- !ruby/object:Gem::Dependency
|
|
100
|
+
type: :development
|
|
101
|
+
requirement: &id006 !ruby/object:Gem::Requirement
|
|
88
102
|
none: false
|
|
89
103
|
requirements:
|
|
90
104
|
- - ~>
|
|
@@ -95,12 +109,12 @@ dependencies:
|
|
|
95
109
|
- 8
|
|
96
110
|
- 7
|
|
97
111
|
version: 0.8.7
|
|
98
|
-
|
|
99
|
-
|
|
100
|
-
- !ruby/object:Gem::Dependency
|
|
101
|
-
name: sqlite3-ruby
|
|
112
|
+
version_requirements: *id006
|
|
113
|
+
name: rake
|
|
102
114
|
prerelease: false
|
|
103
|
-
|
|
115
|
+
- !ruby/object:Gem::Dependency
|
|
116
|
+
type: :development
|
|
117
|
+
requirement: &id007 !ruby/object:Gem::Requirement
|
|
104
118
|
none: false
|
|
105
119
|
requirements:
|
|
106
120
|
- - ~>
|
|
@@ -111,12 +125,12 @@ dependencies:
|
|
|
111
125
|
- 3
|
|
112
126
|
- 1
|
|
113
127
|
version: 1.3.1
|
|
114
|
-
|
|
115
|
-
|
|
116
|
-
- !ruby/object:Gem::Dependency
|
|
117
|
-
name: timecop
|
|
128
|
+
version_requirements: *id007
|
|
129
|
+
name: sqlite3-ruby
|
|
118
130
|
prerelease: false
|
|
119
|
-
|
|
131
|
+
- !ruby/object:Gem::Dependency
|
|
132
|
+
type: :development
|
|
133
|
+
requirement: &id008 !ruby/object:Gem::Requirement
|
|
120
134
|
none: false
|
|
121
135
|
requirements:
|
|
122
136
|
- - ~>
|
|
@@ -127,12 +141,12 @@ dependencies:
|
|
|
127
141
|
- 3
|
|
128
142
|
- 4
|
|
129
143
|
version: 0.3.4
|
|
130
|
-
|
|
131
|
-
|
|
132
|
-
- !ruby/object:Gem::Dependency
|
|
133
|
-
name: yajl-ruby
|
|
144
|
+
version_requirements: *id008
|
|
145
|
+
name: timecop
|
|
134
146
|
prerelease: false
|
|
135
|
-
|
|
147
|
+
- !ruby/object:Gem::Dependency
|
|
148
|
+
type: :development
|
|
149
|
+
requirement: &id009 !ruby/object:Gem::Requirement
|
|
136
150
|
none: false
|
|
137
151
|
requirements:
|
|
138
152
|
- - ~>
|
|
@@ -143,12 +157,12 @@ dependencies:
|
|
|
143
157
|
- 7
|
|
144
158
|
- 5
|
|
145
159
|
version: 0.7.5
|
|
146
|
-
|
|
147
|
-
|
|
148
|
-
- !ruby/object:Gem::Dependency
|
|
149
|
-
name: mongoid
|
|
160
|
+
version_requirements: *id009
|
|
161
|
+
name: yajl-ruby
|
|
150
162
|
prerelease: false
|
|
151
|
-
|
|
163
|
+
- !ruby/object:Gem::Dependency
|
|
164
|
+
type: :development
|
|
165
|
+
requirement: &id010 !ruby/object:Gem::Requirement
|
|
152
166
|
none: false
|
|
153
167
|
requirements:
|
|
154
168
|
- - "="
|
|
@@ -161,12 +175,12 @@ dependencies:
|
|
|
161
175
|
- rc
|
|
162
176
|
- 6
|
|
163
177
|
version: 2.0.0.rc.6
|
|
164
|
-
|
|
165
|
-
|
|
166
|
-
- !ruby/object:Gem::Dependency
|
|
167
|
-
name: bson
|
|
178
|
+
version_requirements: *id010
|
|
179
|
+
name: mongoid
|
|
168
180
|
prerelease: false
|
|
169
|
-
|
|
181
|
+
- !ruby/object:Gem::Dependency
|
|
182
|
+
type: :development
|
|
183
|
+
requirement: &id011 !ruby/object:Gem::Requirement
|
|
170
184
|
none: false
|
|
171
185
|
requirements:
|
|
172
186
|
- - "="
|
|
@@ -177,12 +191,12 @@ dependencies:
|
|
|
177
191
|
- 2
|
|
178
192
|
- 0
|
|
179
193
|
version: 1.2.0
|
|
180
|
-
|
|
181
|
-
|
|
182
|
-
- !ruby/object:Gem::Dependency
|
|
183
|
-
name: bson_ext
|
|
194
|
+
version_requirements: *id011
|
|
195
|
+
name: bson
|
|
184
196
|
prerelease: false
|
|
185
|
-
|
|
197
|
+
- !ruby/object:Gem::Dependency
|
|
198
|
+
type: :development
|
|
199
|
+
requirement: &id012 !ruby/object:Gem::Requirement
|
|
186
200
|
none: false
|
|
187
201
|
requirements:
|
|
188
202
|
- - "="
|
|
@@ -193,24 +207,9 @@ dependencies:
|
|
|
193
207
|
- 2
|
|
194
208
|
- 0
|
|
195
209
|
version: 1.2.0
|
|
196
|
-
type: :development
|
|
197
|
-
version_requirements: *id011
|
|
198
|
-
- !ruby/object:Gem::Dependency
|
|
199
|
-
name: sdoc
|
|
200
|
-
prerelease: false
|
|
201
|
-
requirement: &id012 !ruby/object:Gem::Requirement
|
|
202
|
-
none: false
|
|
203
|
-
requirements:
|
|
204
|
-
- - ~>
|
|
205
|
-
- !ruby/object:Gem::Version
|
|
206
|
-
hash: 63
|
|
207
|
-
segments:
|
|
208
|
-
- 0
|
|
209
|
-
- 2
|
|
210
|
-
- 20
|
|
211
|
-
version: 0.2.20
|
|
212
|
-
type: :development
|
|
213
210
|
version_requirements: *id012
|
|
211
|
+
name: bson_ext
|
|
212
|
+
prerelease: false
|
|
214
213
|
description: OAuth2 Provider, extracted from api.hashblue.com
|
|
215
214
|
email:
|
|
216
215
|
- tom@popdog.net
|
|
@@ -312,7 +311,7 @@ files:
|
|
|
312
311
|
- spec/models/client_spec.rb
|
|
313
312
|
- spec/requests/access_tokens_controller_spec.rb
|
|
314
313
|
- spec/requests/authentication_spec.rb
|
|
315
|
-
- spec/requests/
|
|
314
|
+
- spec/requests/authorization_code_request_spec.rb
|
|
316
315
|
- spec/schema.rb
|
|
317
316
|
- spec/set_backend_env_to_mongoid.rb
|
|
318
317
|
- spec/spec_helper.rb
|
|
@@ -362,7 +361,7 @@ test_files:
|
|
|
362
361
|
- spec/models/client_spec.rb
|
|
363
362
|
- spec/requests/access_tokens_controller_spec.rb
|
|
364
363
|
- spec/requests/authentication_spec.rb
|
|
365
|
-
- spec/requests/
|
|
364
|
+
- spec/requests/authorization_code_request_spec.rb
|
|
366
365
|
- spec/schema.rb
|
|
367
366
|
- spec/set_backend_env_to_mongoid.rb
|
|
368
367
|
- spec/spec_helper.rb
|