rack-oauth2 0.0.7 → 0.0.8

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
data/VERSION CHANGED
@@ -1 +1 @@
1
- 0.0.7
1
+ 0.0.8
data/lib/rack/oauth2.rb CHANGED
@@ -1,4 +1,10 @@
1
1
  require 'rack'
2
2
  require 'json'
3
3
  require 'active_support/core_ext'
4
- require 'rack/oauth2/server'
4
+ require 'rack/oauth2/server'
5
+
6
+ module Rack
7
+ module OAuth2
8
+ ACCESS_TOKEN = "rack.oauth2.oauth_token"
9
+ end
10
+ end
@@ -2,4 +2,5 @@ require 'rack/oauth2/server/util'
2
2
  require 'rack/oauth2/server/error'
3
3
  require 'rack/oauth2/server/abstract'
4
4
  require 'rack/oauth2/server/authorize'
5
- require 'rack/oauth2/server/token'
5
+ require 'rack/oauth2/server/token'
6
+ require 'rack/oauth2/server/resource'
@@ -5,7 +5,7 @@ module Rack
5
5
  class Handler
6
6
  attr_accessor :realm, :authenticator, :request, :response
7
7
 
8
- def initialize(realm = '', &authenticator)
8
+ def initialize(realm = nil, &authenticator)
9
9
  @realm = realm
10
10
  @authenticator = authenticator
11
11
  end
@@ -3,7 +3,7 @@ module Rack
3
3
  module Server
4
4
 
5
5
  class Error < StandardError
6
- attr_accessor :code, :error, :description, :uri, :redirect_uri, :state
6
+ attr_accessor :code, :error, :description, :uri, :state, :scope, :redirect_uri, :realm
7
7
 
8
8
  def initialize(code, error, description = "", options = {})
9
9
  @code = code
@@ -11,7 +11,17 @@ module Rack
11
11
  @description = description
12
12
  @uri = options[:uri]
13
13
  @state = options[:state]
14
+ @realm = options[:realm]
15
+ @scope = Array(options[:scope])
14
16
  @redirect_uri = Util.parse_uri(options[:redirect_uri]) if options[:redirect_uri]
17
+ @www_authenticate =
18
+ @channel = if options[:www_authenticate].present?
19
+ :www_authenticate
20
+ elsif @redirect_uri.present?
21
+ :query_string
22
+ else
23
+ :json_body
24
+ end
15
25
  end
16
26
 
17
27
  def finish
@@ -19,11 +29,18 @@ module Rack
19
29
  :error => error,
20
30
  :error_description => description,
21
31
  :error_uri => uri,
22
- :state => state
32
+ :state => state,
33
+ :scope => scope.join(' ')
23
34
  }.delete_if do |key, value|
24
35
  value.blank?
25
36
  end
26
- if redirect_uri
37
+ case @channel
38
+ when :www_authenticate
39
+ params = params.collect do |key, value|
40
+ "#{key}=\"#{URI.encode value.to_s}\""
41
+ end
42
+ [code, {'WWW-Authenticate' => "OAuth realm=\"#{realm}\" #{params.join(" ")}"}, []]
43
+ when :query_string
27
44
  redirect_uri.query = if redirect_uri.query
28
45
  [redirect_uri.query, params.to_query].join('&')
29
46
  else
@@ -32,7 +49,7 @@ module Rack
32
49
  response = Rack::Response.new
33
50
  response.redirect redirect_uri.to_s
34
51
  response.finish
35
- else
52
+ when :json_body
36
53
  [code, {'Content-Type' => 'application/json'}, params.to_json]
37
54
  end
38
55
  end
@@ -40,12 +57,7 @@ module Rack
40
57
 
41
58
  class Unauthorized < Error
42
59
  def initialize(error, description = "", options = {})
43
- status = if options[:payload] == :header
44
- 401
45
- else
46
- 400
47
- end
48
- super(status, error, description, options)
60
+ super(401, error, description, options)
49
61
  end
50
62
  end
51
63
 
@@ -0,0 +1,76 @@
1
+ require 'rack/auth/abstract/request'
2
+
3
+ module Rack
4
+ module OAuth2
5
+ module Server
6
+ class Resource < Abstract::Handler
7
+
8
+ def initialize(app, realm=nil, &authenticator)
9
+ @app = app
10
+ super(realm, &authenticator)
11
+ end
12
+
13
+ def call(env)
14
+ request = Request.new(env)
15
+ if request.oauth2?
16
+ authenticate!(request)
17
+ env[ACCESS_TOKEN] = request.access_token
18
+ end
19
+ @app.call(env)
20
+ rescue Error => e
21
+ e.realm = realm
22
+ e.finish
23
+ end
24
+
25
+ private
26
+
27
+ def authenticate!(request)
28
+ @authenticator.call(request)
29
+ end
30
+
31
+ class Request < Rack::Request
32
+
33
+ def initialize(env)
34
+ @env = env
35
+ @auth_header = Rack::Auth::AbstractRequest.new(env)
36
+ end
37
+
38
+ def oauth2?
39
+ access_token.present?
40
+ end
41
+
42
+ def access_token
43
+ @access_token ||= case
44
+ when access_token_in_haeder.present? && access_token_in_payload.blank?
45
+ access_token_in_haeder
46
+ when access_token_in_haeder.blank? && access_token_in_payload.present?
47
+ access_token_in_payload
48
+ when access_token_in_haeder.present? && access_token_in_payload.present?
49
+ raise BadRequest.new(:invalid_request, 'Both Authorization header and payload includes oauth_token.', :www_authenticate => true)
50
+ else
51
+ nil
52
+ end
53
+ end
54
+
55
+ def access_token_in_haeder
56
+ if @auth_header.provided? && @auth_header.scheme == :oauth && @auth_header.params !~ /oauth_signature_method/
57
+ @auth_header.params
58
+ else
59
+ nil
60
+ end
61
+ end
62
+
63
+ def access_token_in_payload
64
+ if params['oauth_token'] && !params['oauth_signature_method']
65
+ params['oauth_token']
66
+ else
67
+ nil # This is OAuth1 request
68
+ end
69
+ end
70
+
71
+ end
72
+
73
+ end
74
+ end
75
+ end
76
+ end
data/rack-oauth2.gemspec CHANGED
@@ -5,7 +5,7 @@
5
5
 
6
6
  Gem::Specification.new do |s|
7
7
  s.name = %q{rack-oauth2}
8
- s.version = "0.0.7"
8
+ s.version = "0.0.8"
9
9
 
10
10
  s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
11
11
  s.authors = ["nov matake"]
@@ -37,6 +37,7 @@ Gem::Specification.new do |s|
37
37
  "lib/rack/oauth2/server/authorize/code_and_token.rb",
38
38
  "lib/rack/oauth2/server/authorize/token.rb",
39
39
  "lib/rack/oauth2/server/error.rb",
40
+ "lib/rack/oauth2/server/resource.rb",
40
41
  "lib/rack/oauth2/server/token.rb",
41
42
  "lib/rack/oauth2/server/token/assertion.rb",
42
43
  "lib/rack/oauth2/server/token/authorization_code.rb",
@@ -49,6 +50,7 @@ Gem::Specification.new do |s|
49
50
  "spec/rack/oauth2/server/authorize/token_spec.rb",
50
51
  "spec/rack/oauth2/server/authorize_spec.rb",
51
52
  "spec/rack/oauth2/server/error_spec.rb",
53
+ "spec/rack/oauth2/server/resource_spec.rb",
52
54
  "spec/rack/oauth2/server/token/assertion_spec.rb",
53
55
  "spec/rack/oauth2/server/token/authorization_code_spec.rb",
54
56
  "spec/rack/oauth2/server/token/password_spec.rb",
@@ -68,6 +70,7 @@ Gem::Specification.new do |s|
68
70
  "spec/rack/oauth2/server/authorize/token_spec.rb",
69
71
  "spec/rack/oauth2/server/authorize_spec.rb",
70
72
  "spec/rack/oauth2/server/error_spec.rb",
73
+ "spec/rack/oauth2/server/resource_spec.rb",
71
74
  "spec/rack/oauth2/server/token/assertion_spec.rb",
72
75
  "spec/rack/oauth2/server/token/authorization_code_spec.rb",
73
76
  "spec/rack/oauth2/server/token/password_spec.rb",
@@ -28,7 +28,23 @@ describe Rack::OAuth2::Server::Error, '#finish' do
28
28
  end
29
29
  end
30
30
 
31
- context "when redirect_uri isn't given" do
31
+ context "when www_authenticate isn given" do
32
+ before do
33
+ @params = {
34
+ :error => :invalid_request,
35
+ :error_description => "Something invalid!!"
36
+ }
37
+ @error = Rack::OAuth2::Server::Error.new(401, @params[:error], @params[:error_description], :www_authenticate => true)
38
+ end
39
+
40
+ it "should return failure response with error message in WWW-Authenticate header" do
41
+ status, header, body = @error.finish
42
+ status.should === 401
43
+ header['WWW-Authenticate'].should == "OAuth realm=\"\" error_description=\"Something%20invalid!!\" error=\"invalid_request\""
44
+ end
45
+ end
46
+
47
+ context "when either redirect_uri nor www_authenticate isn't given" do
32
48
  before do
33
49
  @params = {
34
50
  :error => :invalid_request,
@@ -39,6 +55,7 @@ describe Rack::OAuth2::Server::Error, '#finish' do
39
55
 
40
56
  it "should return failure response with error message in json body" do
41
57
  status, header, body = @error.finish
58
+ status.should === 400
42
59
  body.should == @params.to_json
43
60
  end
44
61
  end
@@ -53,17 +70,8 @@ describe Rack::OAuth2::Server::BadRequest do
53
70
  end
54
71
 
55
72
  describe Rack::OAuth2::Server::Unauthorized do
56
- context "when payload is header" do
57
- it "should use 401 as status" do
58
- error = Rack::OAuth2::Server::Unauthorized.new(:invalid_client, '', :payload => :header)
59
- error.code.should == 401
60
- end
61
- end
62
-
63
- context "when payload isn't header" do
64
- it "should use 400 as status" do
65
- error = Rack::OAuth2::Server::Unauthorized.new(:invalid_request)
66
- error.code.should == 400
67
- end
73
+ it "should use 400 as status" do
74
+ error = Rack::OAuth2::Server::Unauthorized.new(:invalid_request)
75
+ error.code.should == 401
68
76
  end
69
77
  end
@@ -0,0 +1,111 @@
1
+ require 'spec_helper.rb'
2
+
3
+ describe Rack::OAuth2::Server::Resource do
4
+ it "should support realm" do
5
+ app = Rack::OAuth2::Server::Resource.new(simple_app, "server.example.com")
6
+ app.realm.should == "server.example.com"
7
+ end
8
+ end
9
+
10
+ describe Rack::OAuth2::Server::Resource, '#call' do
11
+
12
+ before do
13
+ @app = Rack::OAuth2::Server::Resource.new(simple_app, "server.example.com") do |request|
14
+ case request.access_token
15
+ when "valid_token"
16
+ # nothing to do
17
+ when "insufficient_scope_token"
18
+ raise Rack::OAuth2::Server::Unauthorized.new(:insufficient_scope, "More scope is required.", :www_authenticate => true)
19
+ when "expired_token"
20
+ raise Rack::OAuth2::Server::Unauthorized.new(:expired_token, "Given access token has been expired.", :www_authenticate => true)
21
+ else
22
+ raise Rack::OAuth2::Server::Unauthorized.new(:invalid_token, "Given access token is invalid.", :www_authenticate => true)
23
+ end
24
+ end
25
+ @request = Rack::MockRequest.new @app
26
+ end
27
+
28
+ context "when no access token is given" do
29
+ it "should skip OAuth 2.0 authentication" do
30
+ env = Rack::MockRequest.env_for("/protected_resource")
31
+ status, header, body = @app.call(env)
32
+ status.should == 200
33
+ env[Rack::OAuth2::ACCESS_TOKEN].should be_nil
34
+ end
35
+ end
36
+
37
+ context "when valid_token is given" do
38
+ it "should succeed" do
39
+ response = @request.get("/protected_resource?oauth_token=valid_token")
40
+ response.status.should == 200
41
+ end
42
+
43
+ it "should store access token in env" do
44
+ env = Rack::MockRequest.env_for("/protected_resource?oauth_token=valid_token")
45
+ @app.call(env)
46
+ env[Rack::OAuth2::ACCESS_TOKEN].should == "valid_token"
47
+ end
48
+ end
49
+
50
+ context "when expired_token is given" do
51
+ it "should fail with expired_token error" do
52
+ response = @request.get("/protected_resource?oauth_token=expired_token")
53
+ response.status.should == 401
54
+ response.headers["WWW-Authenticate"].should == "OAuth realm=\"server.example.com\" error_description=\"Given%20access%20token%20has%20been%20expired.\" error=\"expired_token\""
55
+ end
56
+
57
+ it "should not store access token in env" do
58
+ env = Rack::MockRequest.env_for("/protected_resource?oauth_token=expired_token")
59
+ @app.call(env)
60
+ env[Rack::OAuth2::ACCESS_TOKEN].should be_nil
61
+ end
62
+ end
63
+
64
+ context "when expired_token is given" do
65
+ it "should fail with invalid_token error" do
66
+ response = @request.get("/protected_resource?oauth_token=invalid_token")
67
+ response.status.should == 401
68
+ response.headers["WWW-Authenticate"].should == "OAuth realm=\"server.example.com\" error_description=\"Given%20access%20token%20is%20invalid.\" error=\"invalid_token\""
69
+ end
70
+
71
+ it "should not store access token in env" do
72
+ env = Rack::MockRequest.env_for("/protected_resource?oauth_token=invalid_token")
73
+ @app.call(env)
74
+ env[Rack::OAuth2::ACCESS_TOKEN].should be_nil
75
+ end
76
+ end
77
+
78
+ context "when multiple access_token is given" do
79
+ it "should fail with invalid_request error" do
80
+ response = @request.get("/protected_resource?oauth_token=invalid_token", "HTTP_AUTHORIZATION" => "OAuth valid_token")
81
+ response.status.should == 400
82
+ response.headers["WWW-Authenticate"].should == "OAuth realm=\"server.example.com\" error_description=\"Both%20Authorization%20header%20and%20payload%20includes%20oauth_token.\" error=\"invalid_request\""
83
+ end
84
+ end
85
+
86
+ context "when OAuth 1.0 Authorization header is given" do
87
+ it "should ignore the OAuth params" do
88
+ env = Rack::MockRequest.env_for("/protected_resource", "HTTP_AUTHORIZATION" => "OAuth realm=\"server.example.com\" oauth_consumer_key=\"key\" oauth_token=\"token\" oauth_signature_method=\"HMAC-SHA1\" oauth_signature=\"sig\" oauth_timestamp=\"123456789\" oauth_nonce=\"nonce\"")
89
+ status, header, body = @app.call(env)
90
+ status.should == 200
91
+ env[Rack::OAuth2::ACCESS_TOKEN].should be_nil
92
+ end
93
+ end
94
+
95
+ context "when OAuth 1.0 params is given" do
96
+ it "should ignore the OAuth params" do
97
+ env = Rack::MockRequest.env_for("/protected_resource", :params => {
98
+ :oauth_consumer_key => "key",
99
+ :oauth_token => "token",
100
+ :oauth_signature_method => "HMAC-SHA1",
101
+ :oauth_signature => "sig",
102
+ :oauth_timestamp => 123456789,
103
+ :oauth_nonce => "nonce"
104
+ })
105
+ status, header, body = @app.call(env)
106
+ status.should == 200
107
+ env[Rack::OAuth2::ACCESS_TOKEN].should be_nil
108
+ end
109
+ end
110
+
111
+ end
@@ -43,7 +43,7 @@ describe Rack::OAuth2::Server::Token::Assertion do
43
43
  :assertion => "invalid_assertion",
44
44
  :assertion_type => "something"
45
45
  })
46
- response.status.should == 400
46
+ response.status.should == 401
47
47
  response.content_type.should == "application/json"
48
48
  response.body.should == "{\"error_description\":\"Invalid assertion.\",\"error\":\"invalid_grant\"}"
49
49
  end
@@ -43,7 +43,7 @@ describe Rack::OAuth2::Server::Token::AuthorizationCode do
43
43
  :code => "invalid_authorization_code",
44
44
  :redirect_uri => "http://client.example.com/callback"
45
45
  })
46
- response.status.should == 400
46
+ response.status.should == 401
47
47
  response.content_type.should == "application/json"
48
48
  response.body.should == "{\"error_description\":\"Invalid authorization code.\",\"error\":\"invalid_grant\"}"
49
49
  end
@@ -67,7 +67,7 @@ describe Rack::OAuth2::Server::Token::AuthorizationCode do
67
67
  :code => "valid_authorization_code",
68
68
  :redirect_uri => "http://client.example.com/callback"
69
69
  })
70
- response.status.should == 400
70
+ response.status.should == 401
71
71
  response.content_type.should == "application/json"
72
72
  response.body.should == "{\"error_description\":\"Invalid client identifier.\",\"error\":\"invalid_client\"}"
73
73
  end
@@ -43,7 +43,7 @@ describe Rack::OAuth2::Server::Token::Password do
43
43
  :username => "nov",
44
44
  :password => "invalid_pass"
45
45
  })
46
- response.status.should == 400
46
+ response.status.should == 401
47
47
  response.content_type.should == "application/json"
48
48
  response.body.should == "{\"error_description\":\"Invalid resource owner credentials.\",\"error\":\"invalid_grant\"}"
49
49
  end
@@ -41,7 +41,7 @@ describe Rack::OAuth2::Server::Token::RefreshToken do
41
41
  :client_id => "valid_client",
42
42
  :refresh_token => "invalid_refresh_token"
43
43
  })
44
- response.status.should == 400
44
+ response.status.should == 401
45
45
  response.content_type.should == "application/json"
46
46
  response.body.should == "{\"error_description\":\"Invalid refresh_token.\",\"error\":\"invalid_grant\"}"
47
47
  end
@@ -19,28 +19,50 @@ describe Rack::OAuth2::Server::Token::Request do
19
19
  context "when any required parameters are missing" do
20
20
  it "should return invalid_request error" do
21
21
  assert_error_response(:json, :invalid_request) do
22
- @request.get('/')
22
+ @request.post('/')
23
23
  end
24
24
  assert_error_response(:json, :invalid_request) do
25
- @request.get('/?grant_type=authorization_code')
25
+ @request.post('/', :params => {
26
+ :grant_type => "authorization_code"
27
+ })
26
28
  end
27
29
  assert_error_response(:json, :invalid_request) do
28
- @request.get('/?grant_type=authorization_code&client_id=client')
30
+ @request.post('/', :params => {
31
+ :grant_type => "authorization_code",
32
+ :client_id => "client"
33
+ })
29
34
  end
30
35
  assert_error_response(:json, :invalid_request) do
31
- @request.get('/?grant_type=authorization_code&redirect_uri=http://client.example.com/callback')
36
+ @request.post('/', :params => {
37
+ :grant_type => "authorization_code",
38
+ :redirect_uri => "http://client.example.com/callback"
39
+ })
32
40
  end
33
41
  assert_error_response(:json, :invalid_request) do
34
- @request.get('/?client_id=client&redirect_uri=http://client.example.com/callback')
42
+ @request.post('/', :params => {
43
+ :client_id => "client",
44
+ :redirect_uri => "http://client.example.com/callback"
45
+ })
35
46
  end
36
47
  assert_error_response(:json, :invalid_request) do
37
- @request.get('/?grant_type=authorization_code&redirect_uri=http://client.example.com/callback')
48
+ @request.post('/', :params => {
49
+ :grant_type => "authorization_code",
50
+ :redirect_uri => "http://client.example.com/callback"
51
+ })
38
52
  end
39
53
  assert_error_response(:json, :invalid_request) do
40
- @request.get('/?grant_type=authorization_code&client_id=client&redirect_uri=http://client.example.com/callback')
54
+ @request.post('/', :params => {
55
+ :grant_type => "authorization_code",
56
+ :client_id => "client",
57
+ :redirect_uri => "http://client.example.com/callback"
58
+ })
41
59
  end
42
60
  assert_error_response(:json, :invalid_request) do
43
- @request.get('/?grant_type=authorization_code&code=authorization_code&redirect_uri=http://client.example.com/callback')
61
+ @request.post('/', :params => {
62
+ :grant_type => "authorization_code",
63
+ :code => "authorization_code",
64
+ :redirect_uri => "http://client.example.com/callback"
65
+ })
44
66
  end
45
67
  end
46
68
  end
@@ -48,14 +70,24 @@ describe Rack::OAuth2::Server::Token::Request do
48
70
  context "when unsupported grant_type is given" do
49
71
  it "should return unsupported_response_type error" do
50
72
  assert_error_response(:json, :unsupported_grant_type) do
51
- @request.get('/?grant_type=hello&client_id=client&code=authorization_code&redirect_uri=http://client.example.com/callback')
73
+ @request.post('/', :params => {
74
+ :grant_type => "hello",
75
+ :client_id => "client",
76
+ :code => "authorization_code",
77
+ :redirect_uri => "http://client.example.com/callback"
78
+ })
52
79
  end
53
80
  end
54
81
  end
55
82
 
56
83
  context "when all required parameters are valid" do
57
84
  it "should succeed" do
58
- response = @request.get('/?grant_type=authorization_code&client_id=client&code=authorization_code&redirect_uri=http://client.example.com/callback')
85
+ response = @request.post('/', :params => {
86
+ :grant_type => "authorization_code",
87
+ :client_id => "client",
88
+ :code => "authorization_code",
89
+ :redirect_uri => "http://client.example.com/callback"
90
+ })
59
91
  response.status.should == 200
60
92
  end
61
93
  end
@@ -75,7 +107,12 @@ describe Rack::OAuth2::Server::Token::Response do
75
107
 
76
108
  it "should raise an error" do
77
109
  lambda do
78
- @request.get("/?grant_type=authorization_code&client_id=client&code=authorization_code&redirect_uri=http://client.example.com/callback")
110
+ @request.post('/', :params => {
111
+ :grant_type => "authorization_code",
112
+ :client_id => "client",
113
+ :code => "authorization_code",
114
+ :redirect_uri => "http://client.example.com/callback"
115
+ })
79
116
  end.should raise_error(StandardError)
80
117
  end
81
118
 
@@ -91,7 +128,12 @@ describe Rack::OAuth2::Server::Token::Response do
91
128
  end
92
129
 
93
130
  it "should succeed" do
94
- response = @request.get("/?grant_type=authorization_code&client_id=client&code=authorization_code&redirect_uri=http://client.example.com/callback")
131
+ response = @request.post('/', :params => {
132
+ :grant_type => "authorization_code",
133
+ :client_id => "client",
134
+ :code => "authorization_code",
135
+ :redirect_uri => "http://client.example.com/callback"
136
+ })
95
137
  response.status.should == 200
96
138
  end
97
139
 
data/spec/spec.opts CHANGED
@@ -1 +1,3 @@
1
- --color
1
+ --colour
2
+ --format
3
+ specdoc
metadata CHANGED
@@ -1,13 +1,13 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: rack-oauth2
3
3
  version: !ruby/object:Gem::Version
4
- hash: 17
4
+ hash: 15
5
5
  prerelease: false
6
6
  segments:
7
7
  - 0
8
8
  - 0
9
- - 7
10
- version: 0.0.7
9
+ - 8
10
+ version: 0.0.8
11
11
  platform: ruby
12
12
  authors:
13
13
  - nov matake
@@ -92,6 +92,7 @@ files:
92
92
  - lib/rack/oauth2/server/authorize/code_and_token.rb
93
93
  - lib/rack/oauth2/server/authorize/token.rb
94
94
  - lib/rack/oauth2/server/error.rb
95
+ - lib/rack/oauth2/server/resource.rb
95
96
  - lib/rack/oauth2/server/token.rb
96
97
  - lib/rack/oauth2/server/token/assertion.rb
97
98
  - lib/rack/oauth2/server/token/authorization_code.rb
@@ -104,6 +105,7 @@ files:
104
105
  - spec/rack/oauth2/server/authorize/token_spec.rb
105
106
  - spec/rack/oauth2/server/authorize_spec.rb
106
107
  - spec/rack/oauth2/server/error_spec.rb
108
+ - spec/rack/oauth2/server/resource_spec.rb
107
109
  - spec/rack/oauth2/server/token/assertion_spec.rb
108
110
  - spec/rack/oauth2/server/token/authorization_code_spec.rb
109
111
  - spec/rack/oauth2/server/token/password_spec.rb
@@ -151,6 +153,7 @@ test_files:
151
153
  - spec/rack/oauth2/server/authorize/token_spec.rb
152
154
  - spec/rack/oauth2/server/authorize_spec.rb
153
155
  - spec/rack/oauth2/server/error_spec.rb
156
+ - spec/rack/oauth2/server/resource_spec.rb
154
157
  - spec/rack/oauth2/server/token/assertion_spec.rb
155
158
  - spec/rack/oauth2/server/token/authorization_code_spec.rb
156
159
  - spec/rack/oauth2/server/token/password_spec.rb