RubyGems - opro - Versions diffs - 0.4.2 → 0.4.3 - Mend

opro 0.4.2 → 0.4.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (10) hide show

data/CHANGELOG.md +3 -0
data/VERSION +1 -1
data/app/controllers/opro/oauth/tests_controller.rb +14 -14
data/app/controllers/opro/oauth/token_controller.rb +18 -11
data/app/models/opro/oauth/auth_grant.rb +30 -20
data/lib/opro/rails/routes.rb +2 -2
data/opro.gemspec +3 -3
data/test/integration/action_dispatch/oauth_flow_test.rb +2 -2
data/test/integration/action_dispatch/refresh_token_test.rb +36 -2
metadata +60 -144

data/CHANGELOG.md CHANGED

@@ -1,5 +1,8 @@
 ## master
+## 0.4.3
+- [#20] Bugfix: expires_in not correctly recalculated after auth_grant refreshed (@nvh)
 ## 0.4.2
 - Fix jRuby compatibility in `Opro.convert_to_lambda`

data/VERSION CHANGED

	@@ -1 +1 @@
1	- 0.4.2
1	+ 0.4.3

data/app/controllers/opro/oauth/tests_controller.rb CHANGED

@@ -7,15 +7,10 @@ class Opro::Oauth::TestsController < OproController
   end
   def show
-    result = if valid_oauth?
-      {:status => 200, :message => 'OAuth worked!', :params => params, :user_id => oauth_user.id }
-    else
-      {:status => :unauthorized, :message => "OAuth did not work :(  #{generate_oauth_error_message!}", :params => params}
-    end
+    result = oauth_result(params)
     respond_to do |format|
       format.html do
-        render :text => result.to_json,   :status => result[:status], :layout => true
+        render :text => result.to_json, :status => result[:status], :layout => true
       end
       format.json do
         render :json => result, :status => result[:status]
@@ -24,15 +19,10 @@ class Opro::Oauth::TestsController < OproController
   end
   def create
-    result = if valid_oauth?
-      {:status => 200, :message => 'OAuth worked!', :params => params, :user_id => oauth_user.id }
-    else
-      {:status => :unauthorized, :message => "OAuth did not work :(  #{generate_oauth_error_message!}", :params => params}
-    end
+    result = oauth_result(params)
     respond_to do |format|
       format.html do
-        render :text => result.to_json,   :status => result[:status], :layout => true
+        render :text => result.to_json, :status => result[:status], :layout => true
       end
       format.json do
         render :json => result, :status => result[:status]
@@ -56,4 +46,14 @@ class Opro::Oauth::TestsController < OproController
       end
     end
   end
+  private
+  def oauth_result(options)
+    if valid_oauth?
+      {:status => 200, :message => 'OAuth worked!', :params => options, :user_id => oauth_user.id }
+    else
+      {:status => :unauthorized, :message => "OAuth did not work :(  #{generate_oauth_error_message!}", :params => params}
+    end
+  end
 end

data/app/controllers/opro/oauth/token_controller.rb CHANGED

@@ -11,33 +11,40 @@ class Opro::Oauth::TokenController < OproController
     application = Opro::Oauth::ClientApp.authenticate(params[:client_id], params[:client_secret])
     if application.nil?
-      render :json => {:error => "Could not find application based on client_id=#{params[:client_id]}
-                                  and client_secret=#{params[:client_secret]}"}, :status => :unauthorized
-      return
+      render :json => {:error => app_not_found_error(params)}, :status => :unauthorized and return
     end
     if params[:code]
       auth_grant = Opro::Oauth::AuthGrant.auth_with_code!(params[:code], application.id)
     elsif params[:refresh_token]
-      auth_grant = Opro::Oauth::AuthGrant.refresh_tokens!(params[:refresh_token], application.id)
+      auth_grant = Opro::Oauth::AuthGrant.find_for_refresh(params[:refresh_token], application.id)
     elsif params[:password].present? || params[:grant_type] == "password"|| params[:grant_type] == "bearer"
       user       = ::Opro.find_user_for_all_auths!(self, params) if Opro.password_exchange_enabled? && oauth_valid_password_auth?(params[:client_id], params[:client_secret])
       auth_grant = Opro::Oauth::AuthGrant.auth_with_user!(user, application.id) if user.present?
     end
     if auth_grant.blank?
-      msg = "Could not find a user that belongs to this application"
-      msg << " & has a refresh_token=#{params[:refresh_token]}" if params[:refresh_token]
-      msg << " & has been granted a code=#{params[:code]}"      if params[:code]
-      msg << " using username and password"                     if params[:password]
-      render :json => {:error => msg }, :status => :unauthorized
-      return
+      render :json => {:error => debug_error_msg(params) }, :status => :unauthorized and return
     end
-    auth_grant.generate_expires_at!
+    auth_grant.refresh!
     render :json => { :access_token   => auth_grant.access_token,
                       :refresh_token  => auth_grant.refresh_token,
                       :expires_in     => auth_grant.expires_in }
   end
+  private
+  def debug_error_msg(options)
+    msg = "Could not find a user that belongs to this application"
+    msg << " & has a refresh_token=#{options[:refresh_token]}" if options[:refresh_token]
+    msg << " & has been granted a code=#{options[:code]}"      if options[:code]
+    msg << " using username and password"                      if options[:password]
+    msg
+  end
+  def app_not_found_error(options)
+    "Could not find application based on client_id=#{options[:client_id]} and client_secret=#{options[:client_secret]}"
+  end
 end

data/app/models/opro/oauth/auth_grant.rb CHANGED

@@ -12,7 +12,7 @@ class Opro::Oauth::AuthGrant < ActiveRecord::Base
   validates :code,           :uniqueness => true
   validates :access_token,   :uniqueness => true
-  before_create :generate_tokens!, :generate_expires_at!
+  before_create :refresh
   alias_attribute :token, :access_token
@@ -60,29 +60,21 @@ class Opro::Oauth::AuthGrant < ActiveRecord::Base
     auth_grant
   end
-  def self.refresh_tokens!(refresh_token, application_id)
-    auth_grant = self.where("refresh_token = ? AND application_id = ?", refresh_token, application_id).first
-    if auth_grant.present?
-      auth_grant.generate_tokens!
-      auth_grant.generate_expires_at!
-      auth_grant.save!
-    end
-    auth_grant
+  def self.find_for_refresh(refresh_token, application_id)
+    self.where("refresh_token = ? AND application_id = ?", refresh_token, application_id).first
   end
-  def generate_expires_at!
-    if ::Opro.require_refresh_within.present?
-      self.access_token_expires_at = Time.now + ::Opro.require_refresh_within
-    else
-      self.access_token_expires_at = nil
-    end
-    true
+  # generates tokens, expires_at and saves
+  def refresh!
+    refresh
+    save!
   end
-  def generate_tokens!
-    self.code          = unique_token_for(:code)
-    self.access_token  = unique_token_for(:access_token)
-    self.refresh_token = unique_token_for(:refresh_token)
+  # generates tokens, expires_at
+  def refresh
+    generate_tokens!
+    generate_expires_at!
+    self
   end
   # used to guarantee that we are generating unique codes, access_tokens and refresh_tokens
@@ -102,4 +94,22 @@ class Opro::Oauth::AuthGrant < ActiveRecord::Base
     redirect_uri << "&state=#{state}" if state.present?
     redirect_uri
   end
+  private
+  # use refresh instead
+  def generate_expires_at!
+    if ::Opro.require_refresh_within.present?
+      self.access_token_expires_at = Time.now + ::Opro.require_refresh_within
+    else
+      self.access_token_expires_at = nil
+    end
+    true
+  end
+  # use refresh instead
+  def generate_tokens!
+    self.code          = unique_token_for(:code)
+    self.access_token  = unique_token_for(:access_token)
+    self.refresh_token = unique_token_for(:refresh_token)
+  end
 end

data/lib/opro/rails/routes.rb CHANGED

@@ -6,7 +6,8 @@ module ActionDispatch::Routing
       skip_routes = options[:except].is_a?(Array) ? options[:except] : [options[:except]]
       controllers = options[:controllers] || {}
-      match 'oauth/new'          => 'opro/oauth/auth#new',          :as => 'oauth_new'
+      oauth_new_controller = controllers[:oauth_new] || 'opro/oauth/auth'
+      match 'oauth/new'          => "#{oauth_new_controller}#new",  :as => 'oauth_new'
       match 'oauth/authorize'    => 'opro/oauth/auth#create',       :as => 'oauth_authorize'
       match 'oauth/token'        => 'opro/oauth/token#create',      :as => 'oauth_token'
@@ -25,4 +26,3 @@ module ActionDispatch::Routing
     end
   end
 end

data/opro.gemspec CHANGED

@@ -5,11 +5,11 @@
 Gem::Specification.new do |s|
   s.name = "opro"
-  s.version = "0.4.2"
+  s.version = "0.4.3"
   s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
   s.authors = ["schneems"]
-  s.date = "2012-11-07"
+  s.date = "2012-11-17"
   s.description = " Enable OAuth clients (iphone, android, web sites, etc.) to access and use your Rails application, what you do with it is up to you"
   s.email = "richard.schneeman@gmail.com"
   s.extra_rdoc_files = [
@@ -124,7 +124,7 @@ Gem::Specification.new do |s|
   s.homepage = "http://github.com/schneems/opro"
   s.licenses = ["MIT"]
   s.require_paths = ["lib"]
-  s.rubygems_version = "1.8.24"
+  s.rubygems_version = "1.8.10"
   s.summary = "oPRO turns your Rails application into an OAuth Provider"
   if s.respond_to? :specification_version then

data/test/integration/action_dispatch/oauth_flow_test.rb CHANGED

@@ -23,10 +23,10 @@ class OauthTokenTest < ActionDispatch::IntegrationTest
     json_hash = JSON.parse(response.body)
     assert json_hash["access_token"]
-    assert_equal json_hash["access_token"], auth_grant.access_token
+    assert_equal json_hash["access_token"], auth_grant.reload.access_token
     assert json_hash["refresh_token"]
-    assert_equal json_hash["refresh_token"], auth_grant.refresh_token
+    assert_equal json_hash["refresh_token"], auth_grant.reload.refresh_token
   end

data/test/integration/action_dispatch/refresh_token_test.rb CHANGED

@@ -25,7 +25,8 @@ class RefreshTokenTest < ActionDispatch::IntegrationTest
     params = {:client_id      => @client_app.client_id ,
               :client_secret  => @client_app.client_secret,
               :code           => @auth_grant.code}
-    as_user(@user).post oauth_token_path(params)
+    post oauth_token_path(params)
     json_hash = JSON.parse(response.body)
     assert_equal json_hash['expires_in'], @auth_grant.expires_in
   end
@@ -37,7 +38,7 @@ class RefreshTokenTest < ActionDispatch::IntegrationTest
     Timecop.travel(2.days.from_now)
-    as_user(@user).post oauth_token_path(params)
+    post oauth_token_path(params)
     json_hash = JSON.parse(response.body)
     refute_equal json_hash['access_token'],   @auth_grant.access_token
@@ -51,4 +52,37 @@ class RefreshTokenTest < ActionDispatch::IntegrationTest
     assert_equal json_hash['expires_in'],     auth_grant.expires_in
   end
+  test "after expires in period, access_token is no longer valid" do
+    Timecop.freeze(@client_app.created_at)
+    params = {:client_id      => @client_app.client_id ,
+              :client_secret  => @client_app.client_secret,
+              :code           => @auth_grant.code}
+    post oauth_token_path(params)
+    json_hash    = JSON.parse(response.body)
+    expires_in   = json_hash['expires_in']
+    access_token = json_hash['access_token']
+    # should be valid
+    Timecop.travel(expires_in.seconds.from_now - 1.second)
+    get oauth_test_path(:show_me_the_money, access_token: access_token)
+    assert_equal 200, response.status
+    # should not be valid
+    Timecop.travel(expires_in.seconds.from_now + 1.second)
+    get oauth_test_path(:show_me_the_money, access_token: access_token)
+    refute_equal 200, response.status
+    params = {:client_id      => @client_app.client_id ,
+              :client_secret  => @client_app.client_secret,
+              :refresh_token  => @auth_grant.reload.refresh_token}
+    # make it valid again by refreshing the token
+    post oauth_token_path(params)
+    access_token = JSON.parse(response.body)['access_token']
+    get oauth_test_path(:show_me_the_money, access_token: access_token)
+    assert_equal 200, response.status
+  end
 end

metadata CHANGED

@@ -1,240 +1,159 @@
 --- !ruby/object:Gem::Specification
 name: opro
 version: !ruby/object:Gem::Version
-  prerelease:
-  version: 0.4.2
+  version: 0.4.3
+  prerelease:
 platform: ruby
 authors:
 - schneems
-autorequire:
+autorequire:
 bindir: bin
 cert_chain: []
-date: 2012-11-07 00:00:00.000000000 Z
+date: 2012-11-17 00:00:00.000000000Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: activesupport
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - ! '>='
-      - !ruby/object:Gem::Version
-        version: 3.1.0
+  requirement: &70297244933200 !ruby/object:Gem::Requirement
     none: false
-  requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ! '>='
       - !ruby/object:Gem::Version
         version: 3.1.0
-    none: false
-  prerelease: false
   type: :runtime
+  prerelease: false
+  version_requirements: *70297244933200
 - !ruby/object:Gem::Dependency
   name: rails
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - ! '>='
-      - !ruby/object:Gem::Version
-        version: 3.1.0
+  requirement: &70297244932520 !ruby/object:Gem::Requirement
     none: false
-  requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ! '>='
       - !ruby/object:Gem::Version
         version: 3.1.0
-    none: false
-  prerelease: false
   type: :runtime
+  prerelease: false
+  version_requirements: *70297244932520
 - !ruby/object:Gem::Dependency
   name: kramdown
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - ! '>='
-      - !ruby/object:Gem::Version
-        version: !binary |-
-          MA==
+  requirement: &70297244931780 !ruby/object:Gem::Requirement
     none: false
-  requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ! '>='
       - !ruby/object:Gem::Version
-        version: !binary |-
-          MA==
-    none: false
-  prerelease: false
+        version: '0'
   type: :runtime
+  prerelease: false
+  version_requirements: *70297244931780
 - !ruby/object:Gem::Dependency
   name: mocha
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - ! '>='
-      - !ruby/object:Gem::Version
-        version: !binary |-
-          MA==
+  requirement: &70297244931120 !ruby/object:Gem::Requirement
     none: false
-  requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ! '>='
       - !ruby/object:Gem::Version
-        version: !binary |-
-          MA==
-    none: false
-  prerelease: false
+        version: '0'
   type: :development
+  prerelease: false
+  version_requirements: *70297244931120
 - !ruby/object:Gem::Dependency
   name: timecop
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - ! '>='
-      - !ruby/object:Gem::Version
-        version: !binary |-
-          MA==
+  requirement: &70297244930600 !ruby/object:Gem::Requirement
     none: false
-  requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ! '>='
       - !ruby/object:Gem::Version
-        version: !binary |-
-          MA==
-    none: false
-  prerelease: false
+        version: '0'
   type: :development
+  prerelease: false
+  version_requirements: *70297244930600
 - !ruby/object:Gem::Dependency
   name: jeweler
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - ~>
-      - !ruby/object:Gem::Version
-        version: 1.6.4
+  requirement: &70297244930000 !ruby/object:Gem::Requirement
     none: false
-  requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ~>
       - !ruby/object:Gem::Version
         version: 1.6.4
-    none: false
-  prerelease: false
   type: :development
+  prerelease: false
+  version_requirements: *70297244930000
 - !ruby/object:Gem::Dependency
   name: bundler
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - ! '>='
-      - !ruby/object:Gem::Version
-        version: 1.1.3
+  requirement: &70297244929400 !ruby/object:Gem::Requirement
     none: false
-  requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ! '>='
       - !ruby/object:Gem::Version
         version: 1.1.3
-    none: false
-  prerelease: false
   type: :development
+  prerelease: false
+  version_requirements: *70297244929400
 - !ruby/object:Gem::Dependency
   name: capybara
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - ! '>='
-      - !ruby/object:Gem::Version
-        version: 0.4.0
+  requirement: &70297244928580 !ruby/object:Gem::Requirement
     none: false
-  requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ! '>='
       - !ruby/object:Gem::Version
         version: 0.4.0
-    none: false
-  prerelease: false
   type: :development
+  prerelease: false
+  version_requirements: *70297244928580
 - !ruby/object:Gem::Dependency
   name: launchy
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - ! '>='
-      - !ruby/object:Gem::Version
-        version: !binary |-
-          MA==
+  requirement: &70297244927960 !ruby/object:Gem::Requirement
     none: false
-  requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ! '>='
       - !ruby/object:Gem::Version
-        version: !binary |-
-          MA==
-    none: false
-  prerelease: false
+        version: '0'
   type: :development
+  prerelease: false
+  version_requirements: *70297244927960
 - !ruby/object:Gem::Dependency
   name: sqlite3
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - ! '>='
-      - !ruby/object:Gem::Version
-        version: !binary |-
-          MA==
+  requirement: &70297244927220 !ruby/object:Gem::Requirement
     none: false
-  requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ! '>='
       - !ruby/object:Gem::Version
-        version: !binary |-
-          MA==
-    none: false
-  prerelease: false
+        version: '0'
   type: :development
+  prerelease: false
+  version_requirements: *70297244927220
 - !ruby/object:Gem::Dependency
   name: activerecord-jdbcsqlite3-adapter
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - ! '>='
-      - !ruby/object:Gem::Version
-        version: !binary |-
-          MA==
+  requirement: &70297244926520 !ruby/object:Gem::Requirement
     none: false
-  requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ! '>='
       - !ruby/object:Gem::Version
-        version: !binary |-
-          MA==
-    none: false
-  prerelease: false
+        version: '0'
   type: :development
+  prerelease: false
+  version_requirements: *70297244926520
 - !ruby/object:Gem::Dependency
   name: jdbc-sqlite3
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - ! '>='
-      - !ruby/object:Gem::Version
-        version: !binary |-
-          MA==
+  requirement: &70297244925900 !ruby/object:Gem::Requirement
     none: false
-  requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ! '>='
       - !ruby/object:Gem::Version
-        version: !binary |-
-          MA==
-    none: false
-  prerelease: false
+        version: '0'
   type: :development
+  prerelease: false
+  version_requirements: *70297244925900
 - !ruby/object:Gem::Dependency
   name: devise
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - ! '>='
-      - !ruby/object:Gem::Version
-        version: !binary |-
-          MA==
+  requirement: &70297244925300 !ruby/object:Gem::Requirement
     none: false
-  requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ! '>='
       - !ruby/object:Gem::Version
-        version: !binary |-
-          MA==
-    none: false
-  prerelease: false
+        version: '0'
   type: :development
+  prerelease: false
+  version_requirements: *70297244925300
 description: ! ' Enable OAuth clients (iphone, android, web sites, etc.) to access
   and use your Rails application, what you do with it is up to you'
 email: richard.schneeman@gmail.com
@@ -350,32 +269,29 @@ files:
 homepage: http://github.com/schneems/opro
 licenses:
 - MIT
-post_install_message:
+post_install_message:
 rdoc_options: []
 require_paths:
 - lib
 required_ruby_version: !ruby/object:Gem::Requirement
+  none: false
   requirements:
   - - ! '>='
     - !ruby/object:Gem::Version
+      version: '0'
       segments:
       - 0
-      hash: 2
-      version: !binary |-
-        MA==
-  none: false
+      hash: -2443235425097345828
 required_rubygems_version: !ruby/object:Gem::Requirement
+  none: false
   requirements:
   - - ! '>='
     - !ruby/object:Gem::Version
-      version: !binary |-
-        MA==
-  none: false
+      version: '0'
 requirements: []
-rubyforge_project:
-rubygems_version: 1.8.24
-signing_key:
+rubyforge_project:
+rubygems_version: 1.8.10
+signing_key:
 specification_version: 3
 summary: oPRO turns your Rails application into an OAuth Provider
 test_files: []
-...