osso 0.0.3.6 → 0.0.3.11
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.buildkite/pipeline.yml +5 -3
- data/Gemfile.lock +5 -1
- data/bin/annotate +1 -0
- data/db/schema.rb +11 -54
- data/lib/osso/db/migrate/20200714223226_add_identity_provider_service_enum.rb +1 -1
- data/lib/osso/db/migrate/20200722230116_add_identity_provider_status_enum_and_use_on_identity_providers.rb +15 -0
- data/lib/osso/db/migrate/20200723153750_add_missing_timestamps.rb +35 -0
- data/lib/osso/db/migrate/20200723162228_drop_unneeded_tables.rb +9 -0
- data/lib/osso/graphql/mutation.rb +4 -2
- data/lib/osso/graphql/mutations.rb +3 -1
- data/lib/osso/graphql/mutations/base_mutation.rb +8 -2
- data/lib/osso/graphql/mutations/configure_identity_provider.rb +10 -1
- data/lib/osso/graphql/mutations/create_oauth_client.rb +30 -0
- data/lib/osso/graphql/mutations/delete_enterprise_account.rb +34 -0
- data/lib/osso/graphql/mutations/delete_oauth_client.rb +30 -0
- data/lib/osso/graphql/query.rb +4 -1
- data/lib/osso/graphql/resolvers/enterprise_accounts.rb +12 -4
- data/lib/osso/graphql/resolvers/oauth_clients.rb +1 -1
- data/lib/osso/graphql/schema.rb +4 -0
- data/lib/osso/graphql/types.rb +2 -0
- data/lib/osso/graphql/types/base_connection.rb +15 -0
- data/lib/osso/graphql/types/base_object.rb +4 -0
- data/lib/osso/graphql/types/enterprise_account.rb +4 -0
- data/lib/osso/graphql/types/identity_provider.rb +8 -3
- data/lib/osso/graphql/types/identity_provider_status.rb +14 -0
- data/lib/osso/graphql/types/oauth_client.rb +13 -1
- data/lib/osso/helpers/auth.rb +11 -12
- data/lib/osso/models/access_token.rb +18 -0
- data/lib/osso/models/authorization_code.rb +20 -0
- data/lib/osso/models/enterprise_account.rb +20 -0
- data/lib/osso/models/identity_provider.rb +29 -0
- data/lib/osso/models/models.rb +2 -0
- data/lib/osso/models/oauth_client.rb +17 -1
- data/lib/osso/models/redirect_uri.rb +17 -0
- data/lib/osso/models/user.rb +22 -0
- data/lib/osso/version.rb +1 -1
- data/osso-rb.gemspec +1 -0
- data/spec/factories/identity_providers.rb +22 -0
- data/spec/graphql/mutations/configure_identity_provider_spec.rb +14 -4
- data/spec/graphql/mutations/create_oauth_client_spec.rb +55 -0
- data/spec/graphql/mutations/delete_enterprise_account_spec.rb +63 -0
- data/spec/graphql/mutations/delete_oauth_client_spec.rb +51 -0
- data/spec/graphql/query/enterprise_account_spec.rb +1 -1
- data/spec/graphql/query/enterprise_accounts_spec.rb +32 -18
- data/spec/graphql/query/identity_provider_spec.rb +9 -6
- data/spec/graphql/query/{oauth_clients_account_spec.rb → oauth_clients_spec.rb} +2 -0
- metadata +30 -8
- data/lib/osso/db/migrate/20200328143303_create_oauth_tables.rb +0 -57
- data/lib/osso/graphql/mutations/set_identity_provider.rb +0 -27
- data/lib/osso/models/saml_provider.rb +0 -49
- data/lib/osso/models/saml_providers/azure_saml_provider.rb +0 -22
- data/lib/osso/models/saml_providers/okta_saml_provider.rb +0 -23
@@ -0,0 +1,55 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
require 'spec_helper'
|
4
|
+
|
5
|
+
describe Osso::GraphQL::Schema do
|
6
|
+
describe 'CreateOauthClient' do
|
7
|
+
let(:variables) do
|
8
|
+
{
|
9
|
+
input: {
|
10
|
+
name: Faker::Company.name,
|
11
|
+
},
|
12
|
+
}
|
13
|
+
end
|
14
|
+
|
15
|
+
let(:mutation) do
|
16
|
+
<<~GRAPHQL
|
17
|
+
mutation CreateOauthClient($input: CreateOauthClientInput!) {
|
18
|
+
createOauthClient(input: $input) {
|
19
|
+
oauthClient {
|
20
|
+
id
|
21
|
+
name
|
22
|
+
clientId
|
23
|
+
clientSecret
|
24
|
+
}
|
25
|
+
}
|
26
|
+
}
|
27
|
+
GRAPHQL
|
28
|
+
end
|
29
|
+
|
30
|
+
subject do
|
31
|
+
described_class.execute(
|
32
|
+
mutation,
|
33
|
+
variables: variables,
|
34
|
+
context: { scope: current_scope },
|
35
|
+
)
|
36
|
+
end
|
37
|
+
|
38
|
+
describe 'for an admin user' do
|
39
|
+
let(:current_scope) { :admin }
|
40
|
+
it 'creates an OauthClient' do
|
41
|
+
expect { subject }.to change { Osso::Models::OauthClient.count }.by(1)
|
42
|
+
expect(subject.dig('data', 'createOauthClient', 'oauthClient', 'clientId')).
|
43
|
+
to_not be_nil
|
44
|
+
end
|
45
|
+
end
|
46
|
+
|
47
|
+
describe 'for an email scoped user' do
|
48
|
+
let(:current_scope) { 'foo.com' }
|
49
|
+
|
50
|
+
it 'does not create an OauthClient Account' do
|
51
|
+
expect { subject }.to_not(change { Osso::Models::OauthClient.count })
|
52
|
+
end
|
53
|
+
end
|
54
|
+
end
|
55
|
+
end
|
@@ -0,0 +1,63 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
require 'spec_helper'
|
4
|
+
|
5
|
+
describe Osso::GraphQL::Schema do
|
6
|
+
describe 'DeleteEnterpriseAccount' do
|
7
|
+
let(:domain) { Faker::Internet.domain_name }
|
8
|
+
let!(:enterprise_account) { create(:enterprise_account, domain: domain) }
|
9
|
+
let(:variables) do
|
10
|
+
{
|
11
|
+
input: {
|
12
|
+
id: enterprise_account.id,
|
13
|
+
},
|
14
|
+
}
|
15
|
+
end
|
16
|
+
|
17
|
+
let(:mutation) do
|
18
|
+
<<~GRAPHQL
|
19
|
+
mutation DeleteEnterpriseAccount($input: DeleteEnterpriseAccountInput!) {
|
20
|
+
deleteEnterpriseAccount(input: $input) {
|
21
|
+
enterpriseAccount {
|
22
|
+
id
|
23
|
+
}
|
24
|
+
}
|
25
|
+
}
|
26
|
+
GRAPHQL
|
27
|
+
end
|
28
|
+
|
29
|
+
subject do
|
30
|
+
described_class.execute(
|
31
|
+
mutation,
|
32
|
+
variables: variables,
|
33
|
+
context: { scope: current_scope },
|
34
|
+
)
|
35
|
+
end
|
36
|
+
|
37
|
+
describe 'for an admin user' do
|
38
|
+
let(:current_scope) { :admin }
|
39
|
+
it 'deletes an Enterprise Account' do
|
40
|
+
expect { subject }.to change { Osso::Models::EnterpriseAccount.count }.by(-1)
|
41
|
+
expect(subject.dig('data', 'createEnterpriseAccount', 'enterpriseAccount')).
|
42
|
+
to be_nil
|
43
|
+
end
|
44
|
+
end
|
45
|
+
|
46
|
+
describe 'for an email scoped user' do
|
47
|
+
let(:current_scope) { domain }
|
48
|
+
|
49
|
+
it 'deletes the Enterprise Account' do
|
50
|
+
expect { subject }.to change { Osso::Models::EnterpriseAccount.count }.by(-1)
|
51
|
+
expect(subject.dig('data', 'createEnterpriseAccount', 'enterpriseAccount')).
|
52
|
+
to be_nil
|
53
|
+
end
|
54
|
+
end
|
55
|
+
describe 'for the wrong email scoped user' do
|
56
|
+
let(:current_scope) { 'foo.com' }
|
57
|
+
|
58
|
+
it 'does not delete the Enterprise Account' do
|
59
|
+
expect { subject }.to_not(change { Osso::Models::EnterpriseAccount.count })
|
60
|
+
end
|
61
|
+
end
|
62
|
+
end
|
63
|
+
end
|
@@ -0,0 +1,51 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
require 'spec_helper'
|
4
|
+
|
5
|
+
describe Osso::GraphQL::Schema do
|
6
|
+
describe 'DeleteOauthClient' do
|
7
|
+
let!(:oauth_client) { create(:oauth_client) }
|
8
|
+
let(:variables) do
|
9
|
+
{
|
10
|
+
input: {
|
11
|
+
id: oauth_client.id,
|
12
|
+
},
|
13
|
+
}
|
14
|
+
end
|
15
|
+
|
16
|
+
let(:mutation) do
|
17
|
+
<<~GRAPHQL
|
18
|
+
mutation DeleteOauthClient($input: DeleteOauthClientInput!) {
|
19
|
+
deleteOauthClient(input: $input) {
|
20
|
+
oauthClient {
|
21
|
+
id
|
22
|
+
}
|
23
|
+
}
|
24
|
+
}
|
25
|
+
GRAPHQL
|
26
|
+
end
|
27
|
+
|
28
|
+
subject do
|
29
|
+
described_class.execute(
|
30
|
+
mutation,
|
31
|
+
variables: variables,
|
32
|
+
context: { scope: current_scope },
|
33
|
+
)
|
34
|
+
end
|
35
|
+
|
36
|
+
describe 'for an admin user' do
|
37
|
+
let(:current_scope) { :admin }
|
38
|
+
it 'deletes the OauthClient' do
|
39
|
+
expect { subject }.to change { Osso::Models::OauthClient.count }.by(-1)
|
40
|
+
end
|
41
|
+
end
|
42
|
+
|
43
|
+
describe 'for an email scoped user' do
|
44
|
+
let(:current_scope) { 'foo.com' }
|
45
|
+
|
46
|
+
it 'does not create an OauthClient Account' do
|
47
|
+
expect { subject }.to_not(change { Osso::Models::OauthClient.count })
|
48
|
+
end
|
49
|
+
end
|
50
|
+
end
|
51
|
+
end
|
@@ -7,37 +7,51 @@ describe Osso::GraphQL::Schema do
|
|
7
7
|
describe 'for an admin user' do
|
8
8
|
let(:current_scope) { :admin }
|
9
9
|
|
10
|
-
it 'returns Enterprise Accounts' do
|
11
|
-
|
10
|
+
it 'returns paginated Enterprise Accounts' do
|
11
|
+
%w[A B C].map do |name|
|
12
|
+
create(:enterprise_account, name: name)
|
13
|
+
end
|
12
14
|
|
13
15
|
query = <<~GRAPHQL
|
14
|
-
query EnterpriseAccounts {
|
15
|
-
enterpriseAccounts {
|
16
|
-
|
17
|
-
|
18
|
-
|
19
|
-
|
20
|
-
|
21
|
-
|
22
|
-
|
23
|
-
|
24
|
-
|
25
|
-
|
16
|
+
query EnterpriseAccounts($first: Int, $sortColumn: String, $sortOrder: String) {
|
17
|
+
enterpriseAccounts(first: $first, sortColumn: $sortColumn, sortOrder: $sortOrder) {
|
18
|
+
pageInfo {
|
19
|
+
hasNextPage
|
20
|
+
endCursor
|
21
|
+
}
|
22
|
+
totalCount
|
23
|
+
edges {
|
24
|
+
node {
|
25
|
+
domain
|
26
|
+
id
|
27
|
+
identityProviders {
|
28
|
+
id
|
29
|
+
service
|
30
|
+
domain
|
31
|
+
acsUrl
|
32
|
+
ssoCert
|
33
|
+
ssoUrl
|
34
|
+
status
|
35
|
+
}
|
36
|
+
name
|
37
|
+
status
|
38
|
+
}
|
26
39
|
}
|
27
|
-
name
|
28
|
-
status
|
29
40
|
}
|
30
41
|
}
|
31
42
|
GRAPHQL
|
32
43
|
|
33
44
|
response = described_class.execute(
|
34
45
|
query,
|
35
|
-
variables:
|
46
|
+
variables: { first: 2, sortOrder: 'descending', sortColumn: 'name' },
|
36
47
|
context: { scope: current_scope },
|
37
48
|
)
|
38
49
|
|
39
50
|
expect(response['errors']).to be_nil
|
40
|
-
expect(response.dig('data', 'enterpriseAccounts').count).to eq(2)
|
51
|
+
expect(response.dig('data', 'enterpriseAccounts', 'edges').count).to eq(2)
|
52
|
+
expect(response.dig('data', 'enterpriseAccounts', 'edges', 0, 'node', 'name')).to eq('C')
|
53
|
+
expect(response.dig('data', 'enterpriseAccounts', 'totalCount')).to eq(3)
|
54
|
+
expect(response.dig('data', 'enterpriseAccounts', 'pageInfo', 'hasNextPage')).to eq(true)
|
41
55
|
end
|
42
56
|
end
|
43
57
|
end
|
@@ -5,6 +5,7 @@ require 'spec_helper'
|
|
5
5
|
describe Osso::GraphQL::Schema do
|
6
6
|
describe 'Identity Provider' do
|
7
7
|
let(:id) { Faker::Internet.uuid }
|
8
|
+
let(:domain) { Faker::Internet.domain_name }
|
8
9
|
let(:variables) { { id: id } }
|
9
10
|
let(:query) do
|
10
11
|
<<~GRAPHQL
|
@@ -16,7 +17,7 @@ describe Osso::GraphQL::Schema do
|
|
16
17
|
acsUrl
|
17
18
|
ssoCert
|
18
19
|
ssoUrl
|
19
|
-
|
20
|
+
status
|
20
21
|
}
|
21
22
|
}
|
22
23
|
GRAPHQL
|
@@ -24,7 +25,7 @@ describe Osso::GraphQL::Schema do
|
|
24
25
|
|
25
26
|
before do
|
26
27
|
create(:identity_provider)
|
27
|
-
create(:identity_provider, id: id)
|
28
|
+
create(:identity_provider, id: id, domain: domain)
|
28
29
|
end
|
29
30
|
|
30
31
|
subject do
|
@@ -43,18 +44,20 @@ describe Osso::GraphQL::Schema do
|
|
43
44
|
end
|
44
45
|
end
|
45
46
|
|
46
|
-
|
47
|
+
describe 'for an email scoped user' do
|
47
48
|
let(:current_scope) { domain }
|
49
|
+
|
48
50
|
it 'returns Enterprise Account for domain' do
|
49
51
|
expect(subject['errors']).to be_nil
|
50
|
-
expect(subject.dig('data', '
|
52
|
+
expect(subject.dig('data', 'identityProvider', 'domain')).to eq(domain)
|
51
53
|
end
|
52
54
|
end
|
53
55
|
|
54
|
-
|
56
|
+
describe 'for the wrong email scoped user' do
|
55
57
|
let(:current_scope) { 'bar.com' }
|
58
|
+
|
56
59
|
it 'returns Enterprise Account for domain' do
|
57
|
-
expect(subject['errors']).
|
60
|
+
expect(subject['errors']).to_not be_empty
|
58
61
|
expect(subject.dig('data', 'enterpriseAccount')).to be_nil
|
59
62
|
end
|
60
63
|
end
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: osso
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.0.3.
|
4
|
+
version: 0.0.3.11
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Sam Bauch
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2020-07-
|
11
|
+
date: 2020-07-27 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: activesupport
|
@@ -178,6 +178,20 @@ dependencies:
|
|
178
178
|
- - ">="
|
179
179
|
- !ruby/object:Gem::Version
|
180
180
|
version: '0'
|
181
|
+
- !ruby/object:Gem::Dependency
|
182
|
+
name: annotate
|
183
|
+
requirement: !ruby/object:Gem::Requirement
|
184
|
+
requirements:
|
185
|
+
- - "~>"
|
186
|
+
- !ruby/object:Gem::Version
|
187
|
+
version: '3.1'
|
188
|
+
type: :development
|
189
|
+
prerelease: false
|
190
|
+
version_requirements: !ruby/object:Gem::Requirement
|
191
|
+
requirements:
|
192
|
+
- - "~>"
|
193
|
+
- !ruby/object:Gem::Version
|
194
|
+
version: '3.1'
|
181
195
|
- !ruby/object:Gem::Dependency
|
182
196
|
name: bundler
|
183
197
|
requirement: !ruby/object:Gem::Requirement
|
@@ -210,6 +224,7 @@ description: This gem includes the main functionality for Osso apps,
|
|
210
224
|
email:
|
211
225
|
- sbauch@gmail.com
|
212
226
|
executables:
|
227
|
+
- annotate
|
213
228
|
- console
|
214
229
|
- setup
|
215
230
|
extensions: []
|
@@ -229,6 +244,7 @@ files:
|
|
229
244
|
- LICENSE
|
230
245
|
- README.md
|
231
246
|
- Rakefile
|
247
|
+
- bin/annotate
|
232
248
|
- bin/console
|
233
249
|
- bin/setup
|
234
250
|
- config/database.yml
|
@@ -238,7 +254,6 @@ files:
|
|
238
254
|
- lib/osso/Rakefile
|
239
255
|
- lib/osso/db/migrate/20190909230109_enable_uuid.rb
|
240
256
|
- lib/osso/db/migrate/20200328135750_create_users.rb
|
241
|
-
- lib/osso/db/migrate/20200328143303_create_oauth_tables.rb
|
242
257
|
- lib/osso/db/migrate/20200328143305_create_identity_providers.rb
|
243
258
|
- lib/osso/db/migrate/20200411184535_add_provider_id_to_users.rb
|
244
259
|
- lib/osso/db/migrate/20200411192645_create_enterprise_accounts.rb
|
@@ -250,6 +265,9 @@ files:
|
|
250
265
|
- lib/osso/db/migrate/20200714223226_add_identity_provider_service_enum.rb
|
251
266
|
- lib/osso/db/migrate/20200715154211_rename_idp_fields_on_identity_provider_to_sso.rb
|
252
267
|
- lib/osso/db/migrate/20200715205801_add_name_to_enterprise_account.rb
|
268
|
+
- lib/osso/db/migrate/20200722230116_add_identity_provider_status_enum_and_use_on_identity_providers.rb
|
269
|
+
- lib/osso/db/migrate/20200723153750_add_missing_timestamps.rb
|
270
|
+
- lib/osso/db/migrate/20200723162228_drop_unneeded_tables.rb
|
253
271
|
- lib/osso/graphql/.DS_Store
|
254
272
|
- lib/osso/graphql/mutation.rb
|
255
273
|
- lib/osso/graphql/mutations.rb
|
@@ -257,7 +275,9 @@ files:
|
|
257
275
|
- lib/osso/graphql/mutations/configure_identity_provider.rb
|
258
276
|
- lib/osso/graphql/mutations/create_enterprise_account.rb
|
259
277
|
- lib/osso/graphql/mutations/create_identity_provider.rb
|
260
|
-
- lib/osso/graphql/mutations/
|
278
|
+
- lib/osso/graphql/mutations/create_oauth_client.rb
|
279
|
+
- lib/osso/graphql/mutations/delete_enterprise_account.rb
|
280
|
+
- lib/osso/graphql/mutations/delete_oauth_client.rb
|
261
281
|
- lib/osso/graphql/query.rb
|
262
282
|
- lib/osso/graphql/resolvers.rb
|
263
283
|
- lib/osso/graphql/resolvers/enterprise_account.rb
|
@@ -265,12 +285,14 @@ files:
|
|
265
285
|
- lib/osso/graphql/resolvers/oauth_clients.rb
|
266
286
|
- lib/osso/graphql/schema.rb
|
267
287
|
- lib/osso/graphql/types.rb
|
288
|
+
- lib/osso/graphql/types/base_connection.rb
|
268
289
|
- lib/osso/graphql/types/base_enum.rb
|
269
290
|
- lib/osso/graphql/types/base_input_object.rb
|
270
291
|
- lib/osso/graphql/types/base_object.rb
|
271
292
|
- lib/osso/graphql/types/enterprise_account.rb
|
272
293
|
- lib/osso/graphql/types/identity_provider.rb
|
273
294
|
- lib/osso/graphql/types/identity_provider_service.rb
|
295
|
+
- lib/osso/graphql/types/identity_provider_status.rb
|
274
296
|
- lib/osso/graphql/types/oauth_client.rb
|
275
297
|
- lib/osso/graphql/types/user.rb
|
276
298
|
- lib/osso/helpers/auth.rb
|
@@ -285,9 +307,6 @@ files:
|
|
285
307
|
- lib/osso/models/models.rb
|
286
308
|
- lib/osso/models/oauth_client.rb
|
287
309
|
- lib/osso/models/redirect_uri.rb
|
288
|
-
- lib/osso/models/saml_provider.rb
|
289
|
-
- lib/osso/models/saml_providers/azure_saml_provider.rb
|
290
|
-
- lib/osso/models/saml_providers/okta_saml_provider.rb
|
291
310
|
- lib/osso/models/user.rb
|
292
311
|
- lib/osso/rake.rb
|
293
312
|
- lib/osso/routes/admin.rb
|
@@ -308,10 +327,13 @@ files:
|
|
308
327
|
- spec/graphql/mutations/configure_identity_provider_spec.rb
|
309
328
|
- spec/graphql/mutations/create_enterprise_account_spec.rb
|
310
329
|
- spec/graphql/mutations/create_identity_provider_spec.rb
|
330
|
+
- spec/graphql/mutations/create_oauth_client_spec.rb
|
331
|
+
- spec/graphql/mutations/delete_enterprise_account_spec.rb
|
332
|
+
- spec/graphql/mutations/delete_oauth_client_spec.rb
|
311
333
|
- spec/graphql/query/enterprise_account_spec.rb
|
312
334
|
- spec/graphql/query/enterprise_accounts_spec.rb
|
313
335
|
- spec/graphql/query/identity_provider_spec.rb
|
314
|
-
- spec/graphql/query/
|
336
|
+
- spec/graphql/query/oauth_clients_spec.rb
|
315
337
|
- spec/models/azure_saml_provider_spec.rb
|
316
338
|
- spec/models/identity_provider_spec.rb
|
317
339
|
- spec/models/okta_saml_provider_spec.rb
|
@@ -1,57 +0,0 @@
|
|
1
|
-
# frozen_string_literal: true
|
2
|
-
|
3
|
-
class CreateOauthTables < ActiveRecord::Migration[6.0]
|
4
|
-
def change
|
5
|
-
create_table :oauth_applications, id: :uuid do |t|
|
6
|
-
t.string :name, null: false
|
7
|
-
t.string :secret, null: false
|
8
|
-
t.text :redirect_uri, null: false
|
9
|
-
t.string :scopes, null: false, default: ''
|
10
|
-
t.boolean :confidential, null: false, default: true
|
11
|
-
t.timestamps null: false
|
12
|
-
end
|
13
|
-
|
14
|
-
create_table :oauth_access_grants, id: :uuid do |t|
|
15
|
-
t.uuid :resource_owner_id, null: false
|
16
|
-
t.references :application, type: :uuid, null: false
|
17
|
-
t.string :token, null: false
|
18
|
-
t.integer :expires_in, null: false
|
19
|
-
t.text :redirect_uri, null: false
|
20
|
-
t.datetime :created_at, null: false
|
21
|
-
t.datetime :revoked_at
|
22
|
-
t.string :scopes, null: false, default: ''
|
23
|
-
end
|
24
|
-
|
25
|
-
add_index :oauth_access_grants, :token, unique: true
|
26
|
-
add_foreign_key(
|
27
|
-
:oauth_access_grants,
|
28
|
-
:oauth_applications,
|
29
|
-
column: :application_id
|
30
|
-
)
|
31
|
-
|
32
|
-
create_table :oauth_access_tokens, id: :uuid do |t|
|
33
|
-
t.uuid :resource_owner_id
|
34
|
-
t.references :application, type: :uuid
|
35
|
-
t.string :token, null: false
|
36
|
-
|
37
|
-
t.string :refresh_token
|
38
|
-
t.integer :expires_in
|
39
|
-
t.datetime :revoked_at
|
40
|
-
t.datetime :created_at, null: false
|
41
|
-
t.string :scopes
|
42
|
-
|
43
|
-
t.string :previous_refresh_token, null: false, default: ''
|
44
|
-
end
|
45
|
-
|
46
|
-
add_index :oauth_access_tokens, :token, unique: true
|
47
|
-
add_index :oauth_access_tokens, :refresh_token, unique: true
|
48
|
-
add_foreign_key(
|
49
|
-
:oauth_access_tokens,
|
50
|
-
:oauth_applications,
|
51
|
-
column: :application_id
|
52
|
-
)
|
53
|
-
|
54
|
-
add_foreign_key :oauth_access_grants, :users, column: :resource_owner_id
|
55
|
-
add_foreign_key :oauth_access_tokens, :users, column: :resource_owner_id
|
56
|
-
end
|
57
|
-
end
|