rodauth-oauth 0.10.3 → 1.0.0.pre.beta1

data/templates/new_oauth_application.str

@@ -1,6 +1,6 @@
 <h2>#{rodauth.new_oauth_application_page_title}</h2>
 <form method="post" action="#{rodauth.oauth_applications_path}" class="rodauth" role="form" id="oauth-application-form">
-  #{rodauth.csrf_tag}
+  #{csrf_tag(rodauth.oauth_applications_path) if respond_to?(:csrf_tag)}
   #{rodauth.render('name_field')}
   #{rodauth.render('description_field')}
   #{rodauth.render('homepage_url_field')}
@@ -10,7 +10,6 @@
   #{
     if rodauth.features.include?(:oauth_jwt)
       <<-HTML
-        #{rodauth.render('jwt_public_key_field')}
         #{rodauth.render('jwks_field')}
       HTML
     end

data/templates/oauth_application.str

@@ -3,7 +3,7 @@
     #{
       params = [*rodauth.oauth_application_required_params, "client_id", "client_secret"]
       if rodauth.features.include?(:oauth_jwt)
-        params += %w[jwks jwt_public_key]
+        params += %w[jwks]
       end
       params.map do |param|
         "<dt class=\"#{param}\">#{rodauth.send(:"oauth_applications_#{param}_label")}: </dt>" +
@@ -11,5 +11,5 @@
       end.join
     }
   </dl>
-  <a href="#{rodauth.oauth_applications_path}/#{@oauth_application[rodauth.oauth_applications_id_column]}/#{rodauth.oauth_applications_oauth_tokens_path}" class="btn btn-outline-secondary">#{rodauth.oauth_application_oauth_tokens_page_title}</a>
+  <a href="#{rodauth.oauth_applications_path}/#{@oauth_application[rodauth.oauth_applications_id_column]}/#{rodauth.oauth_applications_oauth_grants_path}" class="btn btn-outline-secondary">#{rodauth.oauth_application_oauth_grants_page_title}</a>
 </div>

data/templates/oauth_application_oauth_grants.str

@@ -0,0 +1,54 @@
+<div id="oauth-grants">
+  #{
+    if @oauth_grants.count.zero?
+      "<p>#{rodauth.oauth_no_grants_text}</p>"
+    else
+      <<-HTML
+        <table class="table">
+          <thead>
+            <tr>
+              <th scope="col">#{rodauth.oauth_grants_type_label}</th>
+              <th scope="col">#{rodauth.oauth_grants_token_label}</th>
+              <th scope="col">#{rodauth.oauth_grants_refresh_token_label}</th>
+              <th scope="col">#{rodauth.oauth_grants_expires_in_label}</th>
+              <th scope="col">#{rodauth.oauth_grants_revoked_at_label}</th>
+              <th scope="col">#{rodauth.oauth_grants_scopes_label}</th>
+              <th scope="col"><span class="badge badge-pill badge-dark">#{@oauth_grants.count}</span>
+            </tr>
+          </thead>
+          <tbody>
+            #{
+              @oauth_grants.map do |oauth_grant|
+                <<-HTML
+                  <tr>
+                    <td><code class="token">#{oauth_grant[rodauth.oauth_grants_type_column]}</code></td>
+                    <td><code class="token">#{oauth_grant[rodauth.oauth_grants_token_column]}</code></td>
+                    <td><code class="token">#{oauth_grant[rodauth.oauth_grants_refresh_token_column]}</code></td>
+                    <td>#{oauth_grant[rodauth.oauth_grants_expires_in_column]}</td>
+                    <td>#{oauth_grant[rodauth.oauth_grants_revoked_at_column]}</td>
+                    <td>#{oauth_grant[rodauth.oauth_grants_scopes_column]}</td>
+                    <td>
+                      #{
+                        if !oauth_grant[rodauth.oauth_grants_revoked_at_column] && !oauth_grant[rodauth.oauth_grants_token_hash_column]
+                          <<-HTML
+                            <form method="post" action="#{rodauth.revoke_path}" class="form-horizontal" role="form" id="revoke-form">
+                              #{csrf_tag(rodauth.revoke_path) if respond_to?(:csrf_tag)}
+                              #{rodauth.input_field_string("token_type_hint", "revoke-token-type-hint", :value => "access_token", :type=>"hidden")}
+                              #{rodauth.input_field_string("token", "revoke-token", :value => oauth_grant[rodauth.oauth_grants_token_column], :type=>"hidden")}
+                              #{rodauth.button(rodauth.oauth_grant_revoke_button)}
+                            </form>
+                          HTML
+                        end
+                      }
+                    </td>
+                  </tr>
+                HTML
+              end.join
+            }
+          </tbody>
+        </table>
+        #{rodauth.oauth_management_pagination_links(@oauth_grants)}
+      HTML
+    end
+  }
+</div>

data/templates/oauth_applications.str

@@ -2,11 +2,11 @@
   <a class="btn btn-outline-primary" href="/oauth-applications/new">#{rodauth.new_oauth_application_page_title}</a>
   #{
     if @oauth_applications.count.zero?
-      "<p>No oauth applications yet!</p>"
+      "<p>#{rodauth.oauth_no_applications_text}</p>"
     else
       "<ul class=\"list-group\">" +
         @oauth_applications.map do |application|
-          "<li class=\"list-group-item\"><a href=\"/oauth-applications/#{application[:id]}\">#{application[:name]}</a></li>"
+          "<li class=\"list-group-item\"><a href=\"#{rodauth.oauth_application_path(application[rodauth.oauth_applications_id_column])}\">#{application[:name]}</a></li>"
         end.join +
       "</ul>"
     end

data/templates/oauth_grants.str

@@ -0,0 +1,52 @@
+<div id="oauth-grants">
+  #{
+    if @oauth_grants.count.zero?
+      "<p>#{rodauth.oauth_no_grants_text}</p>"
+    else
+      <<-HTML
+        <table class="table">
+          <thead>
+            <tr>
+              <th scope="col">#{rodauth.oauth_applications_name_label}</th>
+              <th scope="col">#{rodauth.oauth_grants_type_label}</th>
+              <th scope="col">#{rodauth.oauth_grants_token_label}</th>
+              <th scope="col">#{rodauth.oauth_grants_refresh_token_label}</th>
+              <th scope="col">#{rodauth.oauth_grants_expires_in_label}</th>
+              <th scope="col">#{rodauth.oauth_grants_scopes_label}</th>
+              <th scope="col"><span class="badge badge-pill badge-dark">#{@oauth_grants.count}</span>
+            </tr>
+          </thead>
+          <tbody>
+            #{
+              @oauth_grants.map do |oauth_grant|
+                <<-HTML
+                  <tr>
+                    <td>#{oauth_grant[rodauth.oauth_applications_name_column]}</td>
+                    <td>#{oauth_grant[rodauth.oauth_grants_type_column]}</td>
+                    <td><code class="token">#{oauth_grant[rodauth.oauth_grants_token_column]}</code></td>
+                    <td><code class="token">#{oauth_grant[rodauth.oauth_grants_refresh_token_column]}</code></td>
+                    <td>#{oauth_grant[rodauth.oauth_grants_expires_in_column]}</td>
+                    <td>#{oauth_grant[rodauth.oauth_grants_scopes_column]}</td>
+                    <td>
+                      #{
+                        if !oauth_grant[rodauth.oauth_grants_token_hash_column]
+                          <<-HTML
+                            <form method="post" action="#{rodauth.oauth_grant_path(oauth_grant[rodauth.oauth_grants_id_column])}" class="form-horizontal" role="form" id="grant-revoke-form">
+                              #{csrf_tag(rodauth.oauth_grant_path(oauth_grant[rodauth.oauth_grants_id_column])) if respond_to?(:csrf_tag)}
+                              #{rodauth.button(rodauth.oauth_grant_revoke_button)}
+                            </form>
+                          HTML
+                        end
+                      }
+                    </td>
+                  </tr>
+                HTML
+              end.join
+            }
+          </tbody>
+        </table>
+        #{rodauth.oauth_management_pagination_links(@oauth_grants)}
+      HTML
+    end
+  }
+</div>

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: rodauth-oauth
 version: !ruby/object:Gem::Version
-  version: 0.10.3
+  version: 1.0.0.pre.beta1
 platform: ruby
 authors:
 - Tiago Cardoso
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2022-08-29 00:00:00.000000000 Z
+date: 2022-10-21 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rodauth
@@ -32,6 +32,7 @@ extensions: []
 extra_rdoc_files:
 - LICENSE.txt
 - README.md
+- MIGRATION-GUIDE-v1.md
 - CHANGELOG.md
 - doc/release_notes/0_0_1.md
 - doc/release_notes/0_0_2.md
@@ -43,6 +44,7 @@ extra_rdoc_files:
 - doc/release_notes/0_10_1.md
 - doc/release_notes/0_10_2.md
 - doc/release_notes/0_10_3.md
+- doc/release_notes/0_10_4.md
 - doc/release_notes/0_1_0.md
 - doc/release_notes/0_2_0.md
 - doc/release_notes/0_3_0.md
@@ -64,9 +66,11 @@ extra_rdoc_files:
 - doc/release_notes/0_9_1.md
 - doc/release_notes/0_9_2.md
 - doc/release_notes/0_9_3.md
+- doc/release_notes/1_0_0_beta1.md
 files:
 - CHANGELOG.md
 - LICENSE.txt
+- MIGRATION-GUIDE-v1.md
 - README.md
 - doc/release_notes/0_0_1.md
 - doc/release_notes/0_0_2.md
@@ -78,6 +82,7 @@ files:
 - doc/release_notes/0_10_1.md
 - doc/release_notes/0_10_2.md
 - doc/release_notes/0_10_3.md
+- doc/release_notes/0_10_4.md
 - doc/release_notes/0_1_0.md
 - doc/release_notes/0_2_0.md
 - doc/release_notes/0_3_0.md
@@ -99,49 +104,49 @@ files:
 - doc/release_notes/0_9_1.md
 - doc/release_notes/0_9_2.md
 - doc/release_notes/0_9_3.md
+- doc/release_notes/1_0_0_beta1.md
 - lib/generators/rodauth/oauth/install_generator.rb
 - lib/generators/rodauth/oauth/templates/app/models/oauth_application.rb
 - lib/generators/rodauth/oauth/templates/app/models/oauth_grant.rb
-- lib/generators/rodauth/oauth/templates/app/models/oauth_token.rb
 - lib/generators/rodauth/oauth/templates/app/views/rodauth/authorize.html.erb
 - lib/generators/rodauth/oauth/templates/app/views/rodauth/device_search.html.erb
 - lib/generators/rodauth/oauth/templates/app/views/rodauth/device_verification.html.erb
 - lib/generators/rodauth/oauth/templates/app/views/rodauth/new_oauth_application.html.erb
 - lib/generators/rodauth/oauth/templates/app/views/rodauth/oauth_application.html.erb
-- lib/generators/rodauth/oauth/templates/app/views/rodauth/oauth_application_oauth_tokens.html.erb
+- lib/generators/rodauth/oauth/templates/app/views/rodauth/oauth_application_oauth_grants.html.erb
 - lib/generators/rodauth/oauth/templates/app/views/rodauth/oauth_applications.html.erb
-- lib/generators/rodauth/oauth/templates/app/views/rodauth/oauth_tokens.html.erb
+- lib/generators/rodauth/oauth/templates/app/views/rodauth/oauth_grants.html.erb
 - lib/generators/rodauth/oauth/templates/db/migrate/create_rodauth_oauth.rb
 - lib/generators/rodauth/oauth/views_generator.rb
-- lib/rodauth/features/oauth.rb
 - lib/rodauth/features/oauth_application_management.rb
 - lib/rodauth/features/oauth_assertion_base.rb
 - lib/rodauth/features/oauth_authorization_code_grant.rb
-- lib/rodauth/features/oauth_authorization_server.rb
 - lib/rodauth/features/oauth_authorize_base.rb
 - lib/rodauth/features/oauth_base.rb
 - lib/rodauth/features/oauth_client_credentials_grant.rb
-- lib/rodauth/features/oauth_device_grant.rb
+- lib/rodauth/features/oauth_device_code_grant.rb
 - lib/rodauth/features/oauth_dynamic_client_registration.rb
-- lib/rodauth/features/oauth_http_mac.rb
+- lib/rodauth/features/oauth_grant_management.rb
 - lib/rodauth/features/oauth_implicit_grant.rb
 - lib/rodauth/features/oauth_jwt.rb
+- lib/rodauth/features/oauth_jwt_base.rb
 - lib/rodauth/features/oauth_jwt_bearer_grant.rb
+- lib/rodauth/features/oauth_jwt_jwks.rb
+- lib/rodauth/features/oauth_jwt_secured_authorization_request.rb
 - lib/rodauth/features/oauth_management_base.rb
 - lib/rodauth/features/oauth_pkce.rb
 - lib/rodauth/features/oauth_resource_indicators.rb
 - lib/rodauth/features/oauth_resource_server.rb
 - lib/rodauth/features/oauth_saml_bearer_grant.rb
 - lib/rodauth/features/oauth_token_introspection.rb
-- lib/rodauth/features/oauth_token_management.rb
 - lib/rodauth/features/oauth_token_revocation.rb
 - lib/rodauth/features/oidc.rb
 - lib/rodauth/features/oidc_dynamic_client_registration.rb
 - lib/rodauth/oauth.rb
 - lib/rodauth/oauth/database_extensions.rb
+- lib/rodauth/oauth/http_extensions.rb
 - lib/rodauth/oauth/jwe_extensions.rb
 - lib/rodauth/oauth/railtie.rb
-- lib/rodauth/oauth/refinements.rb
 - lib/rodauth/oauth/ttl_store.rb
 - lib/rodauth/oauth/version.rb
 - locales/en.yml
@@ -153,13 +158,12 @@ files:
 - templates/device_verification.str
 - templates/homepage_url_field.str
 - templates/jwks_field.str
-- templates/jwt_public_key_field.str
 - templates/name_field.str
 - templates/new_oauth_application.str
 - templates/oauth_application.str
-- templates/oauth_application_oauth_tokens.str
+- templates/oauth_application_oauth_grants.str
 - templates/oauth_applications.str
-- templates/oauth_tokens.str
+- templates/oauth_grants.str
 - templates/redirect_uri_field.str
 - templates/scope_field.str
 homepage: https://gitlab.com/honeyryderchuck/rodauth-oauth
@@ -180,12 +184,12 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: '0'
+      version: 2.5.0
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
-  - - ">="
+  - - ">"
     - !ruby/object:Gem::Version
-      version: '0'
+      version: 1.3.1
 requirements: []
 rubygems_version: 3.2.32
 signing_key:

data/lib/generators/rodauth/oauth/templates/app/models/oauth_token.rb

@@ -1,4 +0,0 @@
-# frozen_string_literal: true
-
-class OauthToken < ApplicationRecord
-end

data/lib/generators/rodauth/oauth/templates/app/views/rodauth/oauth_application_oauth_tokens.html.erb

@@ -1,39 +0,0 @@
-<% oauth_tokens = rodauth.scope.instance_variable_get(:@oauth_tokens) %>
-<% tokens_count = oauth_tokens.count %>
-<% if tokens_count.zero? %>
-  <p>No oauth tokens yet!</p>
-<% else %>
-  <table class="table">
-    <thead>
-      <tr>
-        <th scope="col"><=% rodauth.oauth_tokens_token_label %></th>
-        <th scope="col"><=% rodauth.oauth_tokens_refresh_token_label %></th>
-        <th scope="col"><=% rodauth.oauth_tokens_expires_in_label %></th>
-        <th scope="col"><=% rodauth.oauth_tokens_revoked_at_label %></th>
-        <th scope="col"><=% rodauth.oauth_tokens_scopes_label %></th>
-        <th scope="col"><span class="badge badge-pill badge-dark"><%= tokens_count %></span>
-      </tr>
-    </thead>
-    <tbody>
-      <% oauth_tokens.each do |oauth_token| %>
-        <tr>
-          <td><code class="token"><%= oauth_token[rodauth.oauth_tokens_token_column] %></code></td>
-          <td><code class="token"><%= oauth_token[rodauth.oauth_tokens_refresh_token_column] %></code></td>
-          <td><%= oauth_token[rodauth.oauth_tokens_expires_in_column] %></td>
-          <td><%= oauth_token[rodauth.oauth_tokens_revoked_at_column] %></td>
-          <td><%= oauth_token[rodauth.oauth_tokens_scopes_column] %></td>
-          <td>
-            <% if !oauth_token[rodauth.oauth_tokens_revoked_at_column] %>
-              <%= form_tag rodauth.revoke_path, method: :post do %>
-                <%= hidden_field_tag :token_type_hint, "access_token" %>
-                <%= hidden_field_tag :token, oauth_token[rodauth.oauth_tokens_token_column] %>
-                <%= submit_tag rodauth.oauth_token_revoke_button, class: "btn btn-danger" %>
-              <% end %>
-            <% end %>
-          </td>
-        </tr>
-      <% end %>
-    </tbody>
-  </table>
-  <%= rodauth.oauth_management_pagination_links(@oauth_tokens) %>
-<% end %>

data/lib/generators/rodauth/oauth/templates/app/views/rodauth/oauth_tokens.html.erb

@@ -1,35 +0,0 @@
-<% oauth_tokens = rodauth.scope.instance_variable_get(:@oauth_tokens) %>
-<% tokens_count = oauth_tokens.count %>
-<% if tokens_count.zero? %>
-  <p>No oauth tokens yet!</p>
-<% else %>
-  <table class="table">
-    <thead>
-      <tr>
-        <th scope="col"><=% rodauth.oauth_applications_name_label %></th>
-        <th scope="col"><=% rodauth.oauth_tokens_token_label %></th>
-        <th scope="col"><=% rodauth.oauth_tokens_refresh_token_label %></th>
-        <th scope="col"><=% rodauth.oauth_tokens_expires_in_label %></th>
-        <th scope="col"><=% rodauth.oauth_tokens_scopes_label %></th>
-        <th scope="col"><span class="badge badge-pill badge-dark"><%= tokens_count %></span>
-      </tr>
-    </thead>
-    <tbody>
-      <% oauth_tokens.each do |oauth_token| %>
-        <tr>
-          <td><%= oauth_token[rodauth.oauth_applications_name_column] %></td>
-          <td><code class="token"><%= oauth_token[rodauth.oauth_tokens_token_column] %></code></td>
-          <td><code class="token"><%= oauth_token[rodauth.oauth_tokens_refresh_token_column] %></code></td>
-          <td><%= oauth_token[rodauth.oauth_tokens_expires_in_column] %></td>
-          <td><%= oauth_token[rodauth.oauth_tokens_scopes_column] %></td>
-          <td>
-            <%= form_tag rodauth.oauth_token_path(oauth_token[rodauth.oauth_tokens_id_column]), method: :post do %>
-              <%= submit_tag rodauth.oauth_token_revoke_button, class: "btn btn-danger" %>
-            <% end %>
-          </td>
-        </tr>
-      <% end %>
-    </tbody>
-  </table>
-  <%= rodauth.oauth_management_pagination_links(oauth_tokens) %>
-<% end %>

data/lib/rodauth/features/oauth.rb

@@ -1,9 +0,0 @@
-# frozen_string_literal: true
-
-module Rodauth
-  Feature.define(:oauth, :Oauth) do
-    depends :oauth_base, :oauth_authorization_code_grant, :oauth_pkce, :oauth_implicit_grant,
-            :oauth_client_credentials_grant, :oauth_device_grant, :oauth_token_introspection,
-            :oauth_token_revocation, :oauth_application_management, :oauth_token_management
-  end
-end

data/lib/rodauth/features/oauth_http_mac.rb

@@ -1,86 +0,0 @@
-# frozen_string_literal: true
-
-require "rodauth/oauth/refinements"
-
-module Rodauth
-  Feature.define(:oauth_http_mac, :OauthHttpMac) do
-    using PrefixExtensions
-
-    depends :oauth
-
-    auth_value_method :oauth_token_type, "mac"
-    auth_value_method :oauth_mac_algorithm, "hmac-sha-256" # hmac-sha-256, hmac-sha-1
-    auth_value_method :oauth_tokens_mac_key_column, :mac_key
-
-    def authorization_token
-      return @authorization_token if defined?(@authorization_token)
-
-      @authorization_token = begin
-        value = request.get_header("HTTP_AUTHORIZATION").to_s
-
-        scheme, token = value.split(/ +/, 2)
-
-        return unless scheme == "MAC"
-
-        mac_attributes = parse_mac_authorization_header_props(token)
-
-        oauth_token = oauth_token_by_token(mac_attributes["id"])
-
-        return unless oauth_token && mac_signature_matches?(oauth_token, mac_attributes)
-
-        oauth_token
-
-        # TODO: set new MAC-KEY for the next request
-      end
-    end
-
-    private
-
-    def generate_oauth_token(params = {}, *args)
-      super({ oauth_tokens_mac_key_column => oauth_unique_id_generator }.merge(params), *args)
-    end
-
-    def json_access_token_payload(oauth_token)
-      payload = super
-
-      payload["mac_key"] = oauth_token[oauth_tokens_mac_key_column]
-      payload["mac_algorithm"] = oauth_mac_algorithm
-
-      payload
-    end
-
-    def mac_signature_matches?(oauth_token, mac_attributes)
-      nonce = mac_attributes["nonce"]
-      uri = URI(request.url)
-
-      request_signature = [
-        nonce,
-        request.request_method,
-        uri.request_uri,
-        uri.host,
-        uri.port
-      ].join("\n") + ("\n" * 3)
-
-      mac_algorithm = case oauth_mac_algorithm
-                      when "hmac-sha-256"
-                        OpenSSL::Digest::SHA256
-                      when "hmac-sha-1"
-                        OpenSSL::Digest::SHA1
-                      else
-                        raise ArgumentError, "Unsupported algorithm"
-                      end
-
-      mac_signature = Base64.strict_encode64 \
-        OpenSSL::HMAC.digest(mac_algorithm.new, oauth_token[oauth_tokens_mac_key_column], request_signature)
-
-      mac_signature == mac_attributes["mac"]
-    end
-
-    def parse_mac_authorization_header_props(token)
-      @mac_authorization_header_props = token.split(/ *, */).each_with_object({}) do |prop, props|
-        field, value = prop.split(/ *= */, 2)
-        props[field] = value.delete_prefix("\"").delete_suffix("\"")
-      end
-    end
-  end
-end

data/lib/rodauth/features/oauth_token_management.rb

@@ -1,81 +0,0 @@
-# frozen_string_literal: true
-
-require "rodauth/oauth/refinements"
-
-module Rodauth
-  Feature.define(:oauth_token_management, :OauthTokenManagement) do
-    using RegexpExtensions
-
-    depends :oauth_management_base, :oauth_token_revocation
-
-    view "oauth_tokens", "My Oauth Tokens", "oauth_tokens"
-
-    button "Revoke", "oauth_token_revoke"
-
-    auth_value_method :oauth_tokens_path, "oauth-tokens"
-
-    %w[token refresh_token expires_in revoked_at].each do |param|
-      translatable_method :"oauth_tokens_#{param}_label", param.gsub("_", " ").capitalize
-    end
-
-    auth_value_method :oauth_tokens_route, "oauth-tokens"
-    auth_value_method :oauth_tokens_id_pattern, Integer
-    auth_value_method :oauth_tokens_per_page, 20
-
-    auth_value_methods(
-      :oauth_token_path
-    )
-
-    def oauth_tokens_path(opts = {})
-      route_path(oauth_tokens_route, opts)
-    end
-
-    def oauth_tokens_url(opts = {})
-      route_url(oauth_tokens_route, opts)
-    end
-
-    def oauth_token_path(id)
-      "#{oauth_tokens_path}/#{id}"
-    end
-
-    def oauth_tokens
-      request.on(oauth_tokens_route) do
-        require_account
-
-        request.get do
-          page = Integer(param_or_nil("page") || 1)
-          per_page = per_page_param(oauth_tokens_per_page)
-
-          scope.instance_variable_set(:@oauth_tokens, db[oauth_tokens_table]
-            .select(Sequel[oauth_tokens_table].*, Sequel[oauth_applications_table][oauth_applications_name_column])
-            .join(oauth_applications_table, Sequel[oauth_tokens_table][oauth_tokens_oauth_application_id_column] =>
-              Sequel[oauth_applications_table][oauth_applications_id_column])
-            .where(Sequel[oauth_tokens_table][oauth_tokens_account_id_column] => account_id)
-            .where(oauth_tokens_revoked_at_column => nil)
-            .order(Sequel.desc(oauth_tokens_id_column))
-            .paginate(page, per_page))
-          oauth_tokens_view
-        end
-
-        request.post(oauth_tokens_id_pattern) do |id|
-          db[oauth_tokens_table]
-            .where(oauth_tokens_id_column => id)
-            .where(oauth_tokens_account_id_column => account_id)
-            .update(oauth_tokens_revoked_at_column => Sequel::CURRENT_TIMESTAMP)
-
-          set_notice_flash revoke_oauth_token_notice_flash
-          redirect oauth_tokens_path || "/"
-        end
-      end
-    end
-
-    def check_csrf?
-      case request.path
-      when oauth_tokens_path
-        only_json? ? false : super
-      else
-        super
-      end
-    end
-  end
-end

data/lib/rodauth/oauth/refinements.rb

@@ -1,48 +0,0 @@
-# frozen_string_literal: true
-
-module Rodauth
-  module PrefixExtensions
-    unless String.method_defined?(:delete_prefix)
-      refine(String) do
-        def delete_suffix(suffix)
-          suffix = suffix.to_s
-          len = suffix.length
-          return dup unless len.positive? && index(suffix, -len)
-
-          self[0...-len]
-        end
-
-        def delete_prefix(prefix)
-          prefix = prefix.to_s
-          return dup unless rindex(prefix, 0)
-
-          self[prefix.length..-1]
-        end
-      end
-    end
-
-    unless String.method_defined?(:delete_suffix!)
-      refine(String) do
-        def delete_suffix!(suffix)
-          suffix = suffix.to_s
-          chomp! if frozen?
-          len = suffix.length
-          return unless len.positive? && index(suffix, -len)
-
-          self[-len..-1] = ""
-          self
-        end
-      end
-    end
-  end
-
-  module RegexpExtensions
-    unless Regexp.method_defined?(:match?)
-      refine(Regexp) do
-        def match?(*args)
-          !match(*args).nil?
-        end
-      end
-    end
-  end
-end

data/templates/jwt_public_key_field.str

@@ -1,4 +0,0 @@
-<div class="form-group">
-  <label for="name">#{rodauth.oauth_applications_jwt_public_key_label}#{rodauth.input_field_label_suffix}</label>
-  #{rodauth.input_field_string(rodauth.oauth_application_jwt_public_key_param, "jwt_public_key", :type=>"text", :required=>false)}
-</div>