RubyGems - oauth2-provider - Versions diffs - 0.0.16 → 0.0.17 - Mend

oauth2-provider 0.0.16 → 0.0.17

Files changed (21) hide show

data/Rakefile +1 -0
data/examples/client/config.ru +1 -1
data/lib/oauth2-provider.rb +0 -1
data/lib/oauth2/provider.rb +2 -0
data/lib/oauth2/provider/models/authorization.rb +9 -0
data/lib/oauth2/provider/models/client.rb +13 -0
data/lib/oauth2/provider/models/mongoid/authorization.rb +1 -1
data/lib/oauth2/provider/models/mongoid/client.rb +1 -0
data/lib/oauth2/provider/rack.rb +3 -0
data/lib/oauth2/provider/rack/authorization_code_request.rb +11 -15
data/lib/oauth2/provider/rack/authorization_codes_support.rb +1 -3
data/lib/oauth2/provider/rack/middleware.rb +4 -9
data/lib/oauth2/provider/rack/resource_request.rb +1 -2
data/lib/oauth2/provider/version.rb +1 -1
data/oauth2-provider.gemspec +4 -5
data/spec/models/authorization_spec.rb +48 -8
data/spec/models/client_spec.rb +34 -0
data/spec/requests/{authorization_codes_support_spec.rb → authorization_code_request_spec.rb} +61 -9
data/spec/schema.rb +1 -0
data/spec/spec_helper.rb +1 -1
metadata +73 -74

data/Rakefile CHANGED Viewed

@@ -1,6 +1,7 @@
 require 'bundler'
 Bundler::GemHelper.install_tasks
+require 'bundler/setup'
 require 'rspec/core/rake_task'
 namespace :spec do

data/examples/client/config.ru CHANGED Viewed

@@ -1,3 +1,3 @@
-require 'app'
+require File.dirname(__FILE__) + '/app'
 run Sinatra::Application

data/lib/oauth2-provider.rb CHANGED Viewed

@@ -1,3 +1,2 @@
-require 'active_support/all'
 require 'oauth2/provider/rails' if defined?(Rails)
 require 'oauth2/provider'

data/lib/oauth2/provider.rb CHANGED Viewed

@@ -1,3 +1,5 @@
+require 'active_support/all'
 module OAuth2
   module Provider
     autoload :Rails, 'oauth2/provider/rails'

data/lib/oauth2/provider/models/authorization.rb CHANGED Viewed

@@ -32,6 +32,15 @@ module OAuth2::Provider::Models::Authorization
   end
   module ClassMethods
+    def allowing(client, owner, scope)
+      where(
+        :client_id => client.id,
+        :resource_owner_id => owner && owner.id,
+        :resource_owner_type => owner && owner.class.name,
+        :scope => scope
+      ).select(&:fresh?)
+    end
     def all_for(ro)
       return [] unless ro
       self.where(:resource_owner_id => ro.id, :resource_owner_type => ro.class.name).all

data/lib/oauth2/provider/models/client.rb CHANGED Viewed

@@ -1,3 +1,5 @@
+require 'addressable/uri'
 module OAuth2::Provider::Models::Client
   extend ActiveSupport::Concern
@@ -20,6 +22,17 @@ module OAuth2::Provider::Models::Client
     true
   end
+  def allow_redirection?(uri)
+    uri_host = Addressable::URI.parse(uri).host
+    if oauth_redirect_uri
+      Addressable::URI.parse(oauth_redirect_uri).host == uri_host
+    else
+      !uri_host.nil? && true
+    end
+  rescue Addressable::URI::InvalidURIError
+    false
+  end
   module ClassMethods
     def from_param(identifier)
       self.find_by_oauth_identifier(identifier)

data/lib/oauth2/provider/models/mongoid/authorization.rb CHANGED Viewed

@@ -13,7 +13,7 @@ class OAuth2::Provider::Models::Mongoid::Authorization
       referenced_in(:client,
         :class_name => OAuth2::Provider.client_class_name,
-        :foreign_key => :oauth_client_id
+        :foreign_key => :client_id
       )
       references_many(:access_tokens,

data/lib/oauth2/provider/models/mongoid/client.rb CHANGED Viewed

@@ -6,6 +6,7 @@ class OAuth2::Provider::Models::Mongoid::Client
       include ::Mongoid::Document
       include OAuth2::Provider::Models::Client
+      field :oauth_redirect_uri
       field :oauth_secret
       field :oauth_identifier

data/lib/oauth2/provider/rack.rb CHANGED Viewed

@@ -8,4 +8,7 @@ module OAuth2::Provider::Rack
   autoload :ResourceRequest, 'oauth2/provider/rack/resource_request'
   autoload :Responses, 'oauth2/provider/rack/responses'
   autoload :AuthorizationCodesSupport, 'oauth2/provider/rack/authorization_codes_support'
+  class InvalidRequest < StandardError
+  end
 end

data/lib/oauth2/provider/rack/authorization_code_request.rb CHANGED Viewed

@@ -1,25 +1,24 @@
 module OAuth2::Provider::Rack
   class AuthorizationCodeRequest
-    def initialize(env, params)
-      @env = env
+    def initialize(params)
       @params = params
     end
     def validate!
-      unless redirect_uri
-        throw_response [400, {}, ['No redirect_uri provided']]
+      unless client_id
+        raise OAuth2::Provider::Rack::InvalidRequest, 'No client_id provided'
       end
-      unless redirect_uri_valid?
-        throw_response [400, {}, ['Provided redirect_uri is invalid']]
+      unless client
+        raise OAuth2::Provider::Rack::InvalidRequest, 'client_id is invalid'
       end
-      unless client_id
-        throw_response Responses.redirect_with_error('invalid_request', redirect_uri)
+      unless redirect_uri
+        raise OAuth2::Provider::Rack::InvalidRequest, 'No redirect_uri provided'
       end
-      unless client
-        throw_response Responses.redirect_with_error('invalid_client', redirect_uri)
+      unless redirect_uri_valid?
+        raise OAuth2::Provider::Rack::InvalidRequest, 'Provided redirect_uri is invalid'
       end
     end
@@ -55,9 +54,7 @@ module OAuth2::Provider::Rack
     end
     def redirect_uri_valid?
-      Addressable::URI.parse(redirect_uri)
-    rescue
-      nil
+      client && client.allow_redirection?(redirect_uri)
     end
     def scope
@@ -67,8 +64,7 @@ module OAuth2::Provider::Rack
     private
     def throw_response(response)
-      @env['oauth2.response'] = response
-      throw :oauth2
+      throw :oauth2, response
     end
   end
 end

data/lib/oauth2/provider/rack/authorization_codes_support.rb CHANGED Viewed

@@ -1,10 +1,8 @@
-require 'addressable/uri'
 module OAuth2::Provider::Rack::AuthorizationCodesSupport
   protected
   def oauth2_authorization_request
-    request.env['oauth2.authorization_request'] ||= OAuth2::Provider::Rack::AuthorizationCodeRequest.new(request.env, request.params)
+    request.env['oauth2.authorization_request'] ||= OAuth2::Provider::Rack::AuthorizationCodeRequest.new(request.params)
   end
   def block_invalid_authorization_code_requests

data/lib/oauth2/provider/rack/middleware.rb CHANGED Viewed

@@ -7,6 +7,8 @@ module OAuth2::Provider::Rack
     def call(env)
       request = env['oauth2'] = ResourceRequest.new(env)
+      env['warden'] && env['warden'].custom_failure!
       response = catch :oauth2 do
         if request.path == "/oauth/access_token"
           AccessTokenHandler.new(@app, env).process
@@ -14,15 +16,8 @@ module OAuth2::Provider::Rack
           @app.call(env)
         end
       end
-      thrown_response(env) || response
-    end
-    def thrown_response(env)
-      if env['oauth2.response']
-        env['warden'] && env['warden'].custom_failure!
-        env['oauth2.response']
-      end
+    rescue InvalidRequest => e
+      [400, {}, e.message]
     end
   end
 end

data/lib/oauth2/provider/rack/resource_request.rb CHANGED Viewed

@@ -84,8 +84,7 @@ module OAuth2::Provider::Rack
     private
     def throw_response(response)
-      @env['oauth2.response'] = response
-      throw :oauth2
+      throw :oauth2, response
     end
   end
 end

data/lib/oauth2/provider/version.rb CHANGED Viewed

@@ -1,5 +1,5 @@
 module OAuth2
   module Provider
-    VERSION = "0.0.16"
+    VERSION = "0.0.17"
   end
 end

data/oauth2-provider.gemspec CHANGED Viewed

@@ -18,12 +18,12 @@ Gem::Specification.new do |s|
   s.require_paths = ["lib"]
   # Main dependencies
-  s.add_dependency 'activesupport', '~>3.0.1'
+  s.add_dependency 'activesupport', '~>3.0'
   s.add_dependency 'addressable', '~>2.2'
-  # Development only dependencies
-  s.add_development_dependency 'rails', '~>3.0.1'
-  s.add_development_dependency 'rspec-rails', '~>2.1.0'
+  s.add_development_dependency 'rack-test', '~>0.5.7'
+  s.add_development_dependency 'activerecord', '~>3.0.1'
+  s.add_development_dependency 'rspec', '~>2.1.0'
   s.add_development_dependency 'rake', '~>0.8.7'
   s.add_development_dependency 'sqlite3-ruby', '~>1.3.1'
   s.add_development_dependency 'timecop', '~>0.3.4'
@@ -31,5 +31,4 @@ Gem::Specification.new do |s|
   s.add_development_dependency 'mongoid', '2.0.0.rc.6'
   s.add_development_dependency 'bson', '1.2.0'
   s.add_development_dependency 'bson_ext', '1.2.0'
-  s.add_development_dependency 'sdoc', '~>0.2.20'
 end

data/spec/models/authorization_spec.rb CHANGED Viewed

@@ -5,39 +5,39 @@ describe OAuth2::Provider.authorization_class do
     subject do
       result = OAuth2::Provider.authorization_class.new :client => create_client
     end
     it "is valid with a client" do
       subject.client.should_not be_nil
       subject.should be_valid
     end
     it "is invalid without a client" do
       subject.client = nil
       subject.should_not be_valid
     end
     it "has a given scope, if scope string includes scope" do
       subject.scope = "first second third"
       subject.should have_scope("first")
       subject.should have_scope("second")
       subject.should have_scope("third")
     end
     it "doesn't have a given scope, if scope string doesn't scope" do
       subject.scope = "first second third"
       subject.should_not have_scope("fourth")
     end
   end
   describe "a new instance" do
     subject do
       OAuth2::Provider.authorization_class.new
     end
     it "has no expiry time by default" do
       subject.expires_at.should be_nil
     end
     it "is never expired" do
       subject.should_not be_expired
       Timecop.travel(100.years.from_now)
@@ -85,7 +85,47 @@ describe OAuth2::Provider.authorization_class do
     end
   end
-  describe "being revoked" do
+  describe ".allowing(client, owner, scope)" do
+    before :each do
+      @client = create_client
+      @owner = create_resource_owner
+      @scope = "any-scope"
+      @authorization = OAuth2::Provider.authorization_class.create!(
+        :client => @client,
+        :resource_owner => @owner,
+        :scope => @scope,
+        :expires_at => 1.hour.from_now
+      )
+    end
+    it "returns existing authorizations for the given client, owner and scope" do
+      results = OAuth2::Provider.authorization_class.allowing(@client, @owner, @scope).to_a
+      results.should eql([@authorization])
+    end
+    it "doesn't return authorizations where client is different" do
+      results = OAuth2::Provider.authorization_class.allowing(create_client, @owner, @scope).to_a
+      results.should eql([])
+    end
+    it "doesn't return authorizations where owner is different" do
+      results = OAuth2::Provider.authorization_class.allowing(@client, create_resource_owner, @scope).to_a
+      results.should eql([])
+    end
+    it "doesn't return authorizations where scope is different" do
+      results = OAuth2::Provider.authorization_class.allowing(@client, @owner, 'another-scope').to_a
+      results.should eql([])
+    end
+    it "doesn't return expired authorizations" do
+      Timecop.travel 4.hours.from_now
+      results = OAuth2::Provider.authorization_class.allowing(@client, @owner, @scope).to_a
+      results.should eql([])
+    end
+  end
+  describe "#revoke" do
     subject do
       OAuth2::Provider.authorization_class.create! :client => create_client
     end

data/spec/models/client_spec.rb CHANGED Viewed

@@ -72,4 +72,38 @@ describe OAuth2::Provider.client_class do
       subject.should == OAuth2::Provider.client_class.from_param(subject.oauth_identifier)
     end
   end
+  describe "#allow_redirection?(uri)" do
+    describe "on a client with an oauth_redirect_uri" do
+      subject do
+        OAuth2::Provider.client_class.new :name => 'client', :oauth_redirect_uri => "http://valid.example.com/any/path"
+      end
+      it "returns true if hosts match" do
+        subject.allow_redirection?("http://valid.example.com/another/path").should be_true
+      end
+      it "returns false if hosts are different match" do
+        subject.allow_redirection?("http://invalid.example.com/another/path").should be_false
+      end
+      it "returns false if the provided uri isn't a valid uri" do
+        subject.allow_redirection?("a-load-of-rubbish").should be_false
+      end
+    end
+    describe "on a client without an oauth_redirect_uri" do
+      subject do
+        OAuth2::Provider.client_class.new :name => 'client'
+      end
+      it "always returns true" do
+        subject.allow_redirection?("http://anything.example.com/any/path").should be_true
+      end
+      it "returns false if the provided uri isn't a valid uri" do
+        subject.allow_redirection?("a-load-of-rubbish").should be_false
+      end
+    end
+  end
 end

data/spec/requests/{authorization_codes_support_spec.rb → authorization_code_request_spec.rb} RENAMED Viewed

@@ -1,6 +1,6 @@
 require 'spec_helper'
-describe OAuth2::Provider::Rack::AuthorizationCodesSupport do
+describe OAuth2::Provider::Rack::AuthorizationCodeRequest do
   before :each do
     ExampleResourceOwner.destroy_all
     @client = OAuth2::Provider.client_class.create! :name => 'client'
@@ -14,7 +14,7 @@ describe OAuth2::Provider::Rack::AuthorizationCodesSupport do
   describe "Validating requests" do
     action do |env|
       request = Rack::Request.new(env)
-      env['oauth2.authorization_request'] ||= OAuth2::Provider::Rack::AuthorizationCodeRequest.new(env, request.params)
+      env['oauth2.authorization_request'] ||= OAuth2::Provider::Rack::AuthorizationCodeRequest.new(request.params)
       env['oauth2.authorization_request'].validate!
       successful_response
     end
@@ -34,7 +34,9 @@ describe OAuth2::Provider::Rack::AuthorizationCodesSupport do
         get '/oauth/authorize', @valid_params.except(:client_id)
       end
-      redirects_back_with_error 'invalid_request'
+      it "returns 400" do
+        response.status.should == 400
+      end
     end
     describe "Any request without a redirect_uri" do
@@ -62,13 +64,15 @@ describe OAuth2::Provider::Rack::AuthorizationCodesSupport do
         get '/oauth/authorize', @valid_params.merge(:client_id => 'unknown')
       end
-      redirects_back_with_error 'invalid_client'
+      it "returns 400" do
+        response.status.should == 400
+      end
     end
     describe "A request where the scope is declared invalid" do
       action do |env|
         request = Rack::Request.new(env)
-        env['oauth2.authorization_request'] ||= OAuth2::Provider::Rack::AuthorizationCodeRequest.new(env, request.params)
+        env['oauth2.authorization_request'] ||= OAuth2::Provider::Rack::AuthorizationCodeRequest.new(request.params)
         env['oauth2.authorization_request'].validate!
         env['oauth2.authorization_request'].invalid_scope!
         successful_response
@@ -82,10 +86,58 @@ describe OAuth2::Provider::Rack::AuthorizationCodesSupport do
     end
   end
+  describe "Intercepting invalid requests" do
+    action do |env|
+      request = Rack::Request.new(env)
+      env['oauth2.authorization_request'] ||= OAuth2::Provider::Rack::AuthorizationCodeRequest.new(request.params)
+      begin
+        env['oauth2.authorization_request'].validate!
+        successful_response
+      rescue OAuth2::Provider::Rack::InvalidRequest => e
+        [418, {'Content-Type' => 'text/plain'}, e.to_s]
+      end
+    end
+    before :each do
+      get '/oauth/authorize', @valid_params.except(:client_id)
+    end
+    it "should return the specific response" do
+      response.status.should == 418
+    end
+  end
+  describe "When the client has a redirect_uri attribute" do
+    before :each do
+      @client = OAuth2::Provider.client_class.create! :name => 'client', :oauth_redirect_uri => "https://redirect.example.com/callback"
+      @valid_params = {
+        :client_id => @client.oauth_identifier,
+        :redirect_uri => "https://redirect.example.com/callback"
+      }
+    end
+    action do |env|
+      request = Rack::Request.new(env)
+      env['oauth2.authorization_request'] ||= OAuth2::Provider::Rack::AuthorizationCodeRequest.new(request.params)
+      env['oauth2.authorization_request'].validate!
+      successful_response
+    end
+    it "returns a 400 if the redirect_uri parameter doesn't match hostnames" do
+      get '/oauth/authorize', @valid_params.merge(:redirect_uri => "https://evil.example.com/callback")
+      response.status.should == 400
+    end
+    it "returns a 200 if the redirect_uri parameter matches hostname but the path is different" do
+      get '/oauth/authorize', @valid_params.merge(:redirect_uri => "https://redirect.example.com/other_callback")
+      response.status.should == 200
+    end
+  end
   describe "Granting a code" do
     action do |env|
       request = Rack::Request.new(env)
-      env['oauth2.authorization_request'] ||= OAuth2::Provider::Rack::AuthorizationCodeRequest.new(env, request.params)
+      env['oauth2.authorization_request'] ||= OAuth2::Provider::Rack::AuthorizationCodeRequest.new(request.params)
       env['oauth2.authorization_request'].grant! ExampleResourceOwner.first
     end
@@ -108,7 +160,7 @@ describe OAuth2::Provider::Rack::AuthorizationCodesSupport do
   describe "Granting a code with a scope" do
     action do |env|
       request = Rack::Request.new(env)
-      env['oauth2.authorization_request'] ||= OAuth2::Provider::Rack::AuthorizationCodeRequest.new(env, request.params)
+      env['oauth2.authorization_request'] ||= OAuth2::Provider::Rack::AuthorizationCodeRequest.new(request.params)
       env['oauth2.authorization_request'].grant! ExampleResourceOwner.first
     end
@@ -126,7 +178,7 @@ describe OAuth2::Provider::Rack::AuthorizationCodesSupport do
   describe "Granting a code with custom authorization length" do
     action do |env|
       request = Rack::Request.new(env)
-      env['oauth2.authorization_request'] ||= OAuth2::Provider::Rack::AuthorizationCodeRequest.new(env, request.params)
+      env['oauth2.authorization_request'] ||= OAuth2::Provider::Rack::AuthorizationCodeRequest.new(request.params)
       env['oauth2.authorization_request'].grant! ExampleResourceOwner.first, 5.years.from_now
     end
@@ -144,7 +196,7 @@ describe OAuth2::Provider::Rack::AuthorizationCodesSupport do
   describe "Denying a code" do
     action do |env|
       request = Rack::Request.new(env)
-      env['oauth2.authorization_request'] ||= OAuth2::Provider::Rack::AuthorizationCodeRequest.new(env, request.params)
+      env['oauth2.authorization_request'] ||= OAuth2::Provider::Rack::AuthorizationCodeRequest.new(request.params)
       env['oauth2.authorization_request'].deny!
     end

data/spec/schema.rb CHANGED Viewed

@@ -6,6 +6,7 @@ ActiveRecord::Schema.define(:version => 20110323171649) do
   create_table 'oauth_clients', :force => true do |t|
     t.string   'name'
+    t.string   'oauth_redirect_uri'
     t.string   'oauth_identifier', :null => false
     t.string   'oauth_secret', :null => false
   end

data/spec/spec_helper.rb CHANGED Viewed

@@ -14,7 +14,7 @@ require 'support/rack'
 RSpec.configure do |config|
   config.before :each do
-    Timecop.freeze
+    Timecop.freeze 2001, 1, 1, 12
   end
   config.after :each do

metadata CHANGED Viewed

@@ -1,13 +1,13 @@
 --- !ruby/object:Gem::Specification
 name: oauth2-provider
 version: !ruby/object:Gem::Version
-  hash: 63
+  hash: 61
   prerelease:
   segments:
   - 0
   - 0
-  - 16
-  version: 0.0.16
+  - 17
+  version: 0.0.17
 platform: ruby
 authors:
 - Tom Ward
@@ -15,28 +15,26 @@ autorequire:
 bindir: bin
 cert_chain: []
-date: 2011-05-17 00:00:00 +01:00
+date: 2011-05-31 00:00:00 +01:00
 default_executable:
 dependencies:
 - !ruby/object:Gem::Dependency
-  name: activesupport
-  prerelease: false
+  type: :runtime
   requirement: &id001 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ~>
       - !ruby/object:Gem::Version
-        hash: 5
+        hash: 7
         segments:
         - 3
         - 0
-        - 1
-        version: 3.0.1
-  type: :runtime
+        version: "3.0"
   version_requirements: *id001
-- !ruby/object:Gem::Dependency
-  name: addressable
+  name: activesupport
   prerelease: false
+- !ruby/object:Gem::Dependency
+  type: :runtime
   requirement: &id002 !ruby/object:Gem::Requirement
     none: false
     requirements:
@@ -47,12 +45,28 @@ dependencies:
         - 2
         - 2
         version: "2.2"
-  type: :runtime
   version_requirements: *id002
-- !ruby/object:Gem::Dependency
-  name: rails
+  name: addressable
   prerelease: false
+- !ruby/object:Gem::Dependency
+  type: :development
   requirement: &id003 !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        hash: 5
+        segments:
+        - 0
+        - 5
+        - 7
+        version: 0.5.7
+  version_requirements: *id003
+  name: rack-test
+  prerelease: false
+- !ruby/object:Gem::Dependency
+  type: :development
+  requirement: &id004 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ~>
@@ -63,12 +77,12 @@ dependencies:
         - 0
         - 1
         version: 3.0.1
-  type: :development
-  version_requirements: *id003
-- !ruby/object:Gem::Dependency
-  name: rspec-rails
+  version_requirements: *id004
+  name: activerecord
   prerelease: false
-  requirement: &id004 !ruby/object:Gem::Requirement
+- !ruby/object:Gem::Dependency
+  type: :development
+  requirement: &id005 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ~>
@@ -79,12 +93,12 @@ dependencies:
         - 1
         - 0
         version: 2.1.0
-  type: :development
-  version_requirements: *id004
-- !ruby/object:Gem::Dependency
-  name: rake
+  version_requirements: *id005
+  name: rspec
   prerelease: false
-  requirement: &id005 !ruby/object:Gem::Requirement
+- !ruby/object:Gem::Dependency
+  type: :development
+  requirement: &id006 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ~>
@@ -95,12 +109,12 @@ dependencies:
         - 8
         - 7
         version: 0.8.7
-  type: :development
-  version_requirements: *id005
-- !ruby/object:Gem::Dependency
-  name: sqlite3-ruby
+  version_requirements: *id006
+  name: rake
   prerelease: false
-  requirement: &id006 !ruby/object:Gem::Requirement
+- !ruby/object:Gem::Dependency
+  type: :development
+  requirement: &id007 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ~>
@@ -111,12 +125,12 @@ dependencies:
         - 3
         - 1
         version: 1.3.1
-  type: :development
-  version_requirements: *id006
-- !ruby/object:Gem::Dependency
-  name: timecop
+  version_requirements: *id007
+  name: sqlite3-ruby
   prerelease: false
-  requirement: &id007 !ruby/object:Gem::Requirement
+- !ruby/object:Gem::Dependency
+  type: :development
+  requirement: &id008 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ~>
@@ -127,12 +141,12 @@ dependencies:
         - 3
         - 4
         version: 0.3.4
-  type: :development
-  version_requirements: *id007
-- !ruby/object:Gem::Dependency
-  name: yajl-ruby
+  version_requirements: *id008
+  name: timecop
   prerelease: false
-  requirement: &id008 !ruby/object:Gem::Requirement
+- !ruby/object:Gem::Dependency
+  type: :development
+  requirement: &id009 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ~>
@@ -143,12 +157,12 @@ dependencies:
         - 7
         - 5
         version: 0.7.5
-  type: :development
-  version_requirements: *id008
-- !ruby/object:Gem::Dependency
-  name: mongoid
+  version_requirements: *id009
+  name: yajl-ruby
   prerelease: false
-  requirement: &id009 !ruby/object:Gem::Requirement
+- !ruby/object:Gem::Dependency
+  type: :development
+  requirement: &id010 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - "="
@@ -161,12 +175,12 @@ dependencies:
         - rc
         - 6
         version: 2.0.0.rc.6
-  type: :development
-  version_requirements: *id009
-- !ruby/object:Gem::Dependency
-  name: bson
+  version_requirements: *id010
+  name: mongoid
   prerelease: false
-  requirement: &id010 !ruby/object:Gem::Requirement
+- !ruby/object:Gem::Dependency
+  type: :development
+  requirement: &id011 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - "="
@@ -177,12 +191,12 @@ dependencies:
         - 2
         - 0
         version: 1.2.0
-  type: :development
-  version_requirements: *id010
-- !ruby/object:Gem::Dependency
-  name: bson_ext
+  version_requirements: *id011
+  name: bson
   prerelease: false
-  requirement: &id011 !ruby/object:Gem::Requirement
+- !ruby/object:Gem::Dependency
+  type: :development
+  requirement: &id012 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - "="
@@ -193,24 +207,9 @@ dependencies:
         - 2
         - 0
         version: 1.2.0
-  type: :development
-  version_requirements: *id011
-- !ruby/object:Gem::Dependency
-  name: sdoc
-  prerelease: false
-  requirement: &id012 !ruby/object:Gem::Requirement
-    none: false
-    requirements:
-    - - ~>
-      - !ruby/object:Gem::Version
-        hash: 63
-        segments:
-        - 0
-        - 2
-        - 20
-        version: 0.2.20
-  type: :development
   version_requirements: *id012
+  name: bson_ext
+  prerelease: false
 description: OAuth2 Provider, extracted from api.hashblue.com
 email:
 - tom@popdog.net
@@ -312,7 +311,7 @@ files:
 - spec/models/client_spec.rb
 - spec/requests/access_tokens_controller_spec.rb
 - spec/requests/authentication_spec.rb
-- spec/requests/authorization_codes_support_spec.rb
+- spec/requests/authorization_code_request_spec.rb
 - spec/schema.rb
 - spec/set_backend_env_to_mongoid.rb
 - spec/spec_helper.rb
@@ -362,7 +361,7 @@ test_files:
 - spec/models/client_spec.rb
 - spec/requests/access_tokens_controller_spec.rb
 - spec/requests/authentication_spec.rb
-- spec/requests/authorization_codes_support_spec.rb
+- spec/requests/authorization_code_request_spec.rb
 - spec/schema.rb
 - spec/set_backend_env_to_mongoid.rb
 - spec/spec_helper.rb