super-smart-kit 0.0.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +7 -0
- data/doorkeeper-5.9.3/CHANGELOG.md +1208 -0
- data/doorkeeper-5.9.3/MIT-LICENSE +20 -0
- data/doorkeeper-5.9.3/README.md +186 -0
- data/doorkeeper-5.9.3/app/assets/stylesheets/doorkeeper/admin/application.css +10 -0
- data/doorkeeper-5.9.3/app/assets/stylesheets/doorkeeper/application.css +64 -0
- data/doorkeeper-5.9.3/app/controllers/doorkeeper/application_controller.rb +14 -0
- data/doorkeeper-5.9.3/app/controllers/doorkeeper/application_metal_controller.rb +13 -0
- data/doorkeeper-5.9.3/app/controllers/doorkeeper/applications_controller.rb +99 -0
- data/doorkeeper-5.9.3/app/controllers/doorkeeper/authorizations_controller.rb +164 -0
- data/doorkeeper-5.9.3/app/controllers/doorkeeper/authorized_applications_controller.rb +33 -0
- data/doorkeeper-5.9.3/app/controllers/doorkeeper/token_info_controller.rb +25 -0
- data/doorkeeper-5.9.3/app/controllers/doorkeeper/tokens_controller.rb +180 -0
- data/doorkeeper-5.9.3/app/helpers/doorkeeper/dashboard_helper.rb +21 -0
- data/doorkeeper-5.9.3/app/views/doorkeeper/applications/_delete_form.html.erb +6 -0
- data/doorkeeper-5.9.3/app/views/doorkeeper/applications/_form.html.erb +59 -0
- data/doorkeeper-5.9.3/app/views/doorkeeper/applications/edit.html.erb +5 -0
- data/doorkeeper-5.9.3/app/views/doorkeeper/applications/index.html.erb +38 -0
- data/doorkeeper-5.9.3/app/views/doorkeeper/applications/new.html.erb +5 -0
- data/doorkeeper-5.9.3/app/views/doorkeeper/applications/show.html.erb +63 -0
- data/doorkeeper-5.9.3/app/views/doorkeeper/authorizations/error.html.erb +9 -0
- data/doorkeeper-5.9.3/app/views/doorkeeper/authorizations/form_post.html.erb +15 -0
- data/doorkeeper-5.9.3/app/views/doorkeeper/authorizations/new.html.erb +46 -0
- data/doorkeeper-5.9.3/app/views/doorkeeper/authorizations/show.html.erb +7 -0
- data/doorkeeper-5.9.3/app/views/doorkeeper/authorized_applications/_delete_form.html.erb +4 -0
- data/doorkeeper-5.9.3/app/views/doorkeeper/authorized_applications/index.html.erb +24 -0
- data/doorkeeper-5.9.3/app/views/layouts/doorkeeper/admin.html.erb +39 -0
- data/doorkeeper-5.9.3/app/views/layouts/doorkeeper/application.html.erb +23 -0
- data/doorkeeper-5.9.3/config/locales/en.yml +155 -0
- data/doorkeeper-5.9.3/lib/doorkeeper/config/abstract_builder.rb +28 -0
- data/doorkeeper-5.9.3/lib/doorkeeper/config/option.rb +82 -0
- data/doorkeeper-5.9.3/lib/doorkeeper/config/validations.rb +65 -0
- data/doorkeeper-5.9.3/lib/doorkeeper/config.rb +721 -0
- data/doorkeeper-5.9.3/lib/doorkeeper/engine.rb +38 -0
- data/doorkeeper-5.9.3/lib/doorkeeper/errors.rb +85 -0
- data/doorkeeper-5.9.3/lib/doorkeeper/grant_flow/fallback_flow.rb +15 -0
- data/doorkeeper-5.9.3/lib/doorkeeper/grant_flow/flow.rb +44 -0
- data/doorkeeper-5.9.3/lib/doorkeeper/grant_flow/registry.rb +50 -0
- data/doorkeeper-5.9.3/lib/doorkeeper/grant_flow.rb +45 -0
- data/doorkeeper-5.9.3/lib/doorkeeper/grape/authorization_decorator.rb +19 -0
- data/doorkeeper-5.9.3/lib/doorkeeper/grape/helpers.rb +58 -0
- data/doorkeeper-5.9.3/lib/doorkeeper/helpers/controller.rb +91 -0
- data/doorkeeper-5.9.3/lib/doorkeeper/models/access_grant_mixin.rb +124 -0
- data/doorkeeper-5.9.3/lib/doorkeeper/models/access_token_mixin.rb +526 -0
- data/doorkeeper-5.9.3/lib/doorkeeper/models/application_mixin.rb +96 -0
- data/doorkeeper-5.9.3/lib/doorkeeper/models/concerns/accessible.rb +15 -0
- data/doorkeeper-5.9.3/lib/doorkeeper/models/concerns/expirable.rb +36 -0
- data/doorkeeper-5.9.3/lib/doorkeeper/models/concerns/expiration_time_sql_math.rb +96 -0
- data/doorkeeper-5.9.3/lib/doorkeeper/models/concerns/orderable.rb +15 -0
- data/doorkeeper-5.9.3/lib/doorkeeper/models/concerns/ownership.rb +18 -0
- data/doorkeeper-5.9.3/lib/doorkeeper/models/concerns/polymorphic_resource_owner.rb +29 -0
- data/doorkeeper-5.9.3/lib/doorkeeper/models/concerns/resource_ownerable.rb +47 -0
- data/doorkeeper-5.9.3/lib/doorkeeper/models/concerns/reusable.rb +19 -0
- data/doorkeeper-5.9.3/lib/doorkeeper/models/concerns/revocable.rb +31 -0
- data/doorkeeper-5.9.3/lib/doorkeeper/models/concerns/scopes.rb +27 -0
- data/doorkeeper-5.9.3/lib/doorkeeper/models/concerns/secret_storable.rb +106 -0
- data/doorkeeper-5.9.3/lib/doorkeeper/models/concerns/write_to_primary.rb +57 -0
- data/doorkeeper-5.9.3/lib/doorkeeper/oauth/authorization/code.rb +76 -0
- data/doorkeeper-5.9.3/lib/doorkeeper/oauth/authorization/context.rb +17 -0
- data/doorkeeper-5.9.3/lib/doorkeeper/oauth/authorization/token.rb +100 -0
- data/doorkeeper-5.9.3/lib/doorkeeper/oauth/authorization/uri_builder.rb +33 -0
- data/doorkeeper-5.9.3/lib/doorkeeper/oauth/authorization_code_request.rb +125 -0
- data/doorkeeper-5.9.3/lib/doorkeeper/oauth/base_request.rb +68 -0
- data/doorkeeper-5.9.3/lib/doorkeeper/oauth/base_response.rb +31 -0
- data/doorkeeper-5.9.3/lib/doorkeeper/oauth/client/credentials.rb +34 -0
- data/doorkeeper-5.9.3/lib/doorkeeper/oauth/client.rb +28 -0
- data/doorkeeper-5.9.3/lib/doorkeeper/oauth/client_credentials/creator.rb +57 -0
- data/doorkeeper-5.9.3/lib/doorkeeper/oauth/client_credentials/issuer.rb +48 -0
- data/doorkeeper-5.9.3/lib/doorkeeper/oauth/client_credentials/validator.rb +55 -0
- data/doorkeeper-5.9.3/lib/doorkeeper/oauth/client_credentials_request.rb +46 -0
- data/doorkeeper-5.9.3/lib/doorkeeper/oauth/code_request.rb +25 -0
- data/doorkeeper-5.9.3/lib/doorkeeper/oauth/code_response.rb +51 -0
- data/doorkeeper-5.9.3/lib/doorkeeper/oauth/error.rb +16 -0
- data/doorkeeper-5.9.3/lib/doorkeeper/oauth/error_response.rb +121 -0
- data/doorkeeper-5.9.3/lib/doorkeeper/oauth/forbidden_token_response.rb +31 -0
- data/doorkeeper-5.9.3/lib/doorkeeper/oauth/helpers/scope_checker.rb +50 -0
- data/doorkeeper-5.9.3/lib/doorkeeper/oauth/helpers/unique_token.rb +30 -0
- data/doorkeeper-5.9.3/lib/doorkeeper/oauth/helpers/uri_checker.rb +83 -0
- data/doorkeeper-5.9.3/lib/doorkeeper/oauth/hooks/context.rb +21 -0
- data/doorkeeper-5.9.3/lib/doorkeeper/oauth/invalid_request_response.rb +47 -0
- data/doorkeeper-5.9.3/lib/doorkeeper/oauth/invalid_token_response.rb +54 -0
- data/doorkeeper-5.9.3/lib/doorkeeper/oauth/nonstandard.rb +39 -0
- data/doorkeeper-5.9.3/lib/doorkeeper/oauth/password_access_token_request.rb +75 -0
- data/doorkeeper-5.9.3/lib/doorkeeper/oauth/pre_authorization.rb +187 -0
- data/doorkeeper-5.9.3/lib/doorkeeper/oauth/refresh_token_request.rb +144 -0
- data/doorkeeper-5.9.3/lib/doorkeeper/oauth/scopes.rb +134 -0
- data/doorkeeper-5.9.3/lib/doorkeeper/oauth/token.rb +66 -0
- data/doorkeeper-5.9.3/lib/doorkeeper/oauth/token_introspection.rb +220 -0
- data/doorkeeper-5.9.3/lib/doorkeeper/oauth/token_request.rb +25 -0
- data/doorkeeper-5.9.3/lib/doorkeeper/oauth/token_response.rb +38 -0
- data/doorkeeper-5.9.3/lib/doorkeeper/oauth.rb +13 -0
- data/doorkeeper-5.9.3/lib/doorkeeper/orm/active_record/access_grant.rb +9 -0
- data/doorkeeper-5.9.3/lib/doorkeeper/orm/active_record/access_token.rb +9 -0
- data/doorkeeper-5.9.3/lib/doorkeeper/orm/active_record/application.rb +10 -0
- data/doorkeeper-5.9.3/lib/doorkeeper/orm/active_record/mixins/access_grant.rb +64 -0
- data/doorkeeper-5.9.3/lib/doorkeeper/orm/active_record/mixins/access_token.rb +95 -0
- data/doorkeeper-5.9.3/lib/doorkeeper/orm/active_record/mixins/application.rb +223 -0
- data/doorkeeper-5.9.3/lib/doorkeeper/orm/active_record/redirect_uri_validator.rb +66 -0
- data/doorkeeper-5.9.3/lib/doorkeeper/orm/active_record/stale_records_cleaner.rb +44 -0
- data/doorkeeper-5.9.3/lib/doorkeeper/orm/active_record.rb +41 -0
- data/doorkeeper-5.9.3/lib/doorkeeper/rails/helpers.rb +82 -0
- data/doorkeeper-5.9.3/lib/doorkeeper/rails/routes/abstract_router.rb +35 -0
- data/doorkeeper-5.9.3/lib/doorkeeper/rails/routes/mapper.rb +30 -0
- data/doorkeeper-5.9.3/lib/doorkeeper/rails/routes/mapping.rb +40 -0
- data/doorkeeper-5.9.3/lib/doorkeeper/rails/routes/registry.rb +45 -0
- data/doorkeeper-5.9.3/lib/doorkeeper/rails/routes.rb +110 -0
- data/doorkeeper-5.9.3/lib/doorkeeper/rake/db.rake +40 -0
- data/doorkeeper-5.9.3/lib/doorkeeper/rake/setup.rake +6 -0
- data/doorkeeper-5.9.3/lib/doorkeeper/rake.rb +14 -0
- data/doorkeeper-5.9.3/lib/doorkeeper/request/authorization_code.rb +26 -0
- data/doorkeeper-5.9.3/lib/doorkeeper/request/client_credentials.rb +17 -0
- data/doorkeeper-5.9.3/lib/doorkeeper/request/code.rb +17 -0
- data/doorkeeper-5.9.3/lib/doorkeeper/request/password.rb +19 -0
- data/doorkeeper-5.9.3/lib/doorkeeper/request/refresh_token.rb +22 -0
- data/doorkeeper-5.9.3/lib/doorkeeper/request/strategy.rb +19 -0
- data/doorkeeper-5.9.3/lib/doorkeeper/request/token.rb +17 -0
- data/doorkeeper-5.9.3/lib/doorkeeper/request.rb +73 -0
- data/doorkeeper-5.9.3/lib/doorkeeper/revocable_tokens/revocable_access_token.rb +21 -0
- data/doorkeeper-5.9.3/lib/doorkeeper/revocable_tokens/revocable_refresh_token.rb +21 -0
- data/doorkeeper-5.9.3/lib/doorkeeper/secret_storing/base.rb +64 -0
- data/doorkeeper-5.9.3/lib/doorkeeper/secret_storing/bcrypt.rb +60 -0
- data/doorkeeper-5.9.3/lib/doorkeeper/secret_storing/plain.rb +33 -0
- data/doorkeeper-5.9.3/lib/doorkeeper/secret_storing/sha256_hash.rb +26 -0
- data/doorkeeper-5.9.3/lib/doorkeeper/server.rb +44 -0
- data/doorkeeper-5.9.3/lib/doorkeeper/stale_records_cleaner.rb +24 -0
- data/doorkeeper-5.9.3/lib/doorkeeper/validations.rb +33 -0
- data/doorkeeper-5.9.3/lib/doorkeeper/version.rb +14 -0
- data/doorkeeper-5.9.3/lib/doorkeeper.rb +209 -0
- data/doorkeeper-5.9.3/lib/generators/doorkeeper/application_owner_generator.rb +33 -0
- data/doorkeeper-5.9.3/lib/generators/doorkeeper/confidential_applications_generator.rb +33 -0
- data/doorkeeper-5.9.3/lib/generators/doorkeeper/enable_polymorphic_resource_owner_generator.rb +39 -0
- data/doorkeeper-5.9.3/lib/generators/doorkeeper/install_generator.rb +22 -0
- data/doorkeeper-5.9.3/lib/generators/doorkeeper/migration_generator.rb +32 -0
- data/doorkeeper-5.9.3/lib/generators/doorkeeper/pkce_generator.rb +33 -0
- data/doorkeeper-5.9.3/lib/generators/doorkeeper/previous_refresh_token_generator.rb +41 -0
- data/doorkeeper-5.9.3/lib/generators/doorkeeper/remove_applications_secret_not_null_constraint_generator.rb +33 -0
- data/doorkeeper-5.9.3/lib/generators/doorkeeper/templates/README +24 -0
- data/doorkeeper-5.9.3/lib/generators/doorkeeper/templates/add_confidential_to_applications.rb.erb +13 -0
- data/doorkeeper-5.9.3/lib/generators/doorkeeper/templates/add_owner_to_application_migration.rb.erb +9 -0
- data/doorkeeper-5.9.3/lib/generators/doorkeeper/templates/add_previous_refresh_token_to_access_tokens.rb.erb +13 -0
- data/doorkeeper-5.9.3/lib/generators/doorkeeper/templates/enable_pkce_migration.rb.erb +8 -0
- data/doorkeeper-5.9.3/lib/generators/doorkeeper/templates/enable_polymorphic_resource_owner_migration.rb.erb +17 -0
- data/doorkeeper-5.9.3/lib/generators/doorkeeper/templates/initializer.rb +544 -0
- data/doorkeeper-5.9.3/lib/generators/doorkeeper/templates/migration.rb.erb +99 -0
- data/doorkeeper-5.9.3/lib/generators/doorkeeper/templates/remove_applications_secret_not_null_constraint.rb.erb +7 -0
- data/doorkeeper-5.9.3/lib/generators/doorkeeper/views_generator.rb +18 -0
- data/doorkeeper-5.9.3/vendor/assets/stylesheets/doorkeeper/bootstrap.min.css +6 -0
- data/super-smart-kit.gemspec +12 -0
- metadata +188 -0
|
@@ -0,0 +1,180 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
module Doorkeeper
|
|
4
|
+
class TokensController < Doorkeeper::ApplicationMetalController
|
|
5
|
+
before_action :validate_presence_of_client, only: [:revoke]
|
|
6
|
+
|
|
7
|
+
rescue_from Errors::DoorkeeperError do |e|
|
|
8
|
+
handle_token_exception(e)
|
|
9
|
+
end
|
|
10
|
+
|
|
11
|
+
def create
|
|
12
|
+
headers.merge!(authorize_response.headers)
|
|
13
|
+
render json: authorize_response.body,
|
|
14
|
+
status: authorize_response.status
|
|
15
|
+
end
|
|
16
|
+
|
|
17
|
+
# OAuth 2.0 Token Revocation - https://datatracker.ietf.org/doc/html/rfc7009
|
|
18
|
+
def revoke
|
|
19
|
+
# The authorization server responds with HTTP status code 200 if the client
|
|
20
|
+
# submitted an invalid token or the token has been revoked successfully.
|
|
21
|
+
if token.blank?
|
|
22
|
+
render json: {}, status: 200
|
|
23
|
+
# The authorization server validates [...] and whether the token
|
|
24
|
+
# was issued to the client making the revocation request. If this
|
|
25
|
+
# validation fails, the request is refused and the client is informed
|
|
26
|
+
# of the error by the authorization server as described below.
|
|
27
|
+
elsif authorized?
|
|
28
|
+
revoke_token
|
|
29
|
+
render json: {}, status: 200
|
|
30
|
+
else
|
|
31
|
+
render json: revocation_error_response, status: :forbidden
|
|
32
|
+
end
|
|
33
|
+
end
|
|
34
|
+
|
|
35
|
+
# OAuth 2.0 Token Introspection - https://datatracker.ietf.org/doc/html/rfc7662
|
|
36
|
+
def introspect
|
|
37
|
+
introspection = OAuth::TokenIntrospection.new(server, token)
|
|
38
|
+
|
|
39
|
+
if introspection.authorized?
|
|
40
|
+
render json: introspection.to_json, status: 200
|
|
41
|
+
else
|
|
42
|
+
error = introspection.error_response
|
|
43
|
+
headers.merge!(error.headers)
|
|
44
|
+
render json: error.body, status: error.status
|
|
45
|
+
end
|
|
46
|
+
end
|
|
47
|
+
|
|
48
|
+
private
|
|
49
|
+
|
|
50
|
+
def validate_presence_of_client
|
|
51
|
+
return if Doorkeeper.config.skip_client_authentication_for_password_grant
|
|
52
|
+
|
|
53
|
+
# @see 2.1. Revocation Request
|
|
54
|
+
#
|
|
55
|
+
# The client constructs the request by including the following
|
|
56
|
+
# parameters using the "application/x-www-form-urlencoded" format in
|
|
57
|
+
# the HTTP request entity-body:
|
|
58
|
+
# token REQUIRED.
|
|
59
|
+
# token_type_hint OPTIONAL.
|
|
60
|
+
#
|
|
61
|
+
# The client also includes its authentication credentials as described
|
|
62
|
+
# in Section 2.3. of [RFC6749].
|
|
63
|
+
#
|
|
64
|
+
# The authorization server first validates the client credentials (in
|
|
65
|
+
# case of a confidential client) and then verifies whether the token
|
|
66
|
+
# was issued to the client making the revocation request.
|
|
67
|
+
return if server.client
|
|
68
|
+
|
|
69
|
+
# If this validation [client credentials / token ownership] fails, the request is
|
|
70
|
+
# refused and the client is informed of the error by the authorization server as
|
|
71
|
+
# described below.
|
|
72
|
+
#
|
|
73
|
+
# @see 2.2.1. Error Response
|
|
74
|
+
#
|
|
75
|
+
# The error presentation conforms to the definition in Section 5.2 of [RFC6749].
|
|
76
|
+
render json: revocation_error_response, status: :forbidden
|
|
77
|
+
end
|
|
78
|
+
|
|
79
|
+
# OAuth 2.0 Section 2.1 defines two client types, "public" & "confidential".
|
|
80
|
+
#
|
|
81
|
+
# RFC7009
|
|
82
|
+
# Section 5. Security Considerations
|
|
83
|
+
# A malicious client may attempt to guess valid tokens on this endpoint
|
|
84
|
+
# by making revocation requests against potential token strings.
|
|
85
|
+
# According to this specification, a client's request must contain a
|
|
86
|
+
# valid client_id, in the case of a public client, or valid client
|
|
87
|
+
# credentials, in the case of a confidential client. The token being
|
|
88
|
+
# revoked must also belong to the requesting client.
|
|
89
|
+
#
|
|
90
|
+
# Once a client is authenticated, it must be authorized to
|
|
91
|
+
# revoke the provided access or refresh token. This ensures one client
|
|
92
|
+
# cannot revoke another's tokens.
|
|
93
|
+
#
|
|
94
|
+
# Doorkeeper checks token ownership for any token that has an
|
|
95
|
+
# application_id set. Tokens issued without a client (application_id
|
|
96
|
+
# is null) can be revoked without client authorization.
|
|
97
|
+
#
|
|
98
|
+
# https://datatracker.ietf.org/doc/html/rfc6749#section-2.1
|
|
99
|
+
# https://datatracker.ietf.org/doc/html/rfc7009
|
|
100
|
+
def authorized?
|
|
101
|
+
# Token belongs to specific client, so we need to check if
|
|
102
|
+
# authenticated client could access it.
|
|
103
|
+
if token.application_id?
|
|
104
|
+
# We authorize client by comparing client and token application IDs
|
|
105
|
+
server.client && server.client.id == token.application_id
|
|
106
|
+
else
|
|
107
|
+
# Token was issued without client, authorization unnecessary
|
|
108
|
+
true
|
|
109
|
+
end
|
|
110
|
+
end
|
|
111
|
+
|
|
112
|
+
def revoke_token
|
|
113
|
+
# The authorization server responds with HTTP status code 200 if the token
|
|
114
|
+
# has been revoked successfully or if the client submitted an invalid
|
|
115
|
+
# token
|
|
116
|
+
revocable_token.revoke if revocable_token.revocable?
|
|
117
|
+
end
|
|
118
|
+
|
|
119
|
+
def token
|
|
120
|
+
revocable_token&.token
|
|
121
|
+
end
|
|
122
|
+
|
|
123
|
+
def revocable_token
|
|
124
|
+
return @revocable_token if defined? @revocable_token
|
|
125
|
+
|
|
126
|
+
@revocable_token =
|
|
127
|
+
if params[:token_type_hint] == "refresh_token"
|
|
128
|
+
refresh_token
|
|
129
|
+
else
|
|
130
|
+
access_token || refresh_token
|
|
131
|
+
end
|
|
132
|
+
end
|
|
133
|
+
|
|
134
|
+
def refresh_token
|
|
135
|
+
token = Doorkeeper.config.access_token_model.by_refresh_token(params["token"])
|
|
136
|
+
return unless token
|
|
137
|
+
|
|
138
|
+
RevocableTokens::RevocableRefreshToken.new(token)
|
|
139
|
+
end
|
|
140
|
+
|
|
141
|
+
def access_token
|
|
142
|
+
token = Doorkeeper.config.access_token_model.by_token(params["token"])
|
|
143
|
+
return unless token
|
|
144
|
+
|
|
145
|
+
RevocableTokens::RevocableAccessToken.new(token)
|
|
146
|
+
end
|
|
147
|
+
|
|
148
|
+
def strategy
|
|
149
|
+
@strategy ||= server.token_request(params[:grant_type])
|
|
150
|
+
end
|
|
151
|
+
|
|
152
|
+
def authorize_response
|
|
153
|
+
@authorize_response ||= begin
|
|
154
|
+
before_successful_authorization
|
|
155
|
+
auth = strategy.authorize
|
|
156
|
+
context = build_context(auth: auth)
|
|
157
|
+
after_successful_authorization(context) unless auth.is_a?(Doorkeeper::OAuth::ErrorResponse)
|
|
158
|
+
auth
|
|
159
|
+
end
|
|
160
|
+
end
|
|
161
|
+
|
|
162
|
+
def build_context(**attributes)
|
|
163
|
+
Doorkeeper::OAuth::Hooks::Context.new(**attributes)
|
|
164
|
+
end
|
|
165
|
+
|
|
166
|
+
def before_successful_authorization(context = nil)
|
|
167
|
+
Doorkeeper.config.before_successful_authorization.call(self, context)
|
|
168
|
+
end
|
|
169
|
+
|
|
170
|
+
def after_successful_authorization(context)
|
|
171
|
+
Doorkeeper.config.after_successful_authorization.call(self, context)
|
|
172
|
+
end
|
|
173
|
+
|
|
174
|
+
def revocation_error_response
|
|
175
|
+
error_description = I18n.t(:unauthorized, scope: %i[doorkeeper errors messages revoke])
|
|
176
|
+
|
|
177
|
+
{ error: :unauthorized_client, error_description: error_description }
|
|
178
|
+
end
|
|
179
|
+
end
|
|
180
|
+
end
|
|
@@ -0,0 +1,21 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
module Doorkeeper
|
|
4
|
+
module DashboardHelper
|
|
5
|
+
def doorkeeper_errors_for(object, method)
|
|
6
|
+
return if object.errors[method].blank?
|
|
7
|
+
|
|
8
|
+
output = object.errors[method].map do |msg|
|
|
9
|
+
content_tag(:span, class: "invalid-feedback") do
|
|
10
|
+
msg.capitalize
|
|
11
|
+
end
|
|
12
|
+
end
|
|
13
|
+
|
|
14
|
+
safe_join(output)
|
|
15
|
+
end
|
|
16
|
+
|
|
17
|
+
def doorkeeper_submit_path(application)
|
|
18
|
+
application.persisted? ? oauth_application_path(application) : oauth_applications_path
|
|
19
|
+
end
|
|
20
|
+
end
|
|
21
|
+
end
|
|
@@ -0,0 +1,6 @@
|
|
|
1
|
+
<%- submit_btn_css ||= 'btn btn-link' %>
|
|
2
|
+
<%= form_tag oauth_application_path(application), method: :delete do %>
|
|
3
|
+
<%= submit_tag t('doorkeeper.applications.buttons.destroy'),
|
|
4
|
+
onclick: "return confirm('#{ t('doorkeeper.applications.confirmations.destroy') }')",
|
|
5
|
+
class: submit_btn_css %>
|
|
6
|
+
<% end %>
|
|
@@ -0,0 +1,59 @@
|
|
|
1
|
+
<%= form_for application, url: doorkeeper_submit_path(application), as: :doorkeeper_application, html: { role: 'form' } do |f| %>
|
|
2
|
+
<% if application.errors.any? %>
|
|
3
|
+
<div class="alert alert-danger" data-alert><p><%= t('doorkeeper.applications.form.error') %></p></div>
|
|
4
|
+
<% end %>
|
|
5
|
+
|
|
6
|
+
<div class="form-group row">
|
|
7
|
+
<%= f.label :name, class: 'col-sm-2 col-form-label font-weight-bold' %>
|
|
8
|
+
<div class="col-sm-10">
|
|
9
|
+
<%= f.text_field :name, class: "form-control #{ 'is-invalid' if application.errors[:name].present? }", required: true %>
|
|
10
|
+
<%= doorkeeper_errors_for application, :name %>
|
|
11
|
+
</div>
|
|
12
|
+
</div>
|
|
13
|
+
|
|
14
|
+
<div class="form-group row">
|
|
15
|
+
<%= f.label :redirect_uri, class: 'col-sm-2 col-form-label font-weight-bold' %>
|
|
16
|
+
<div class="col-sm-10">
|
|
17
|
+
<%= f.text_area :redirect_uri, class: "form-control #{ 'is-invalid' if application.errors[:redirect_uri].present? }" %>
|
|
18
|
+
<%= doorkeeper_errors_for application, :redirect_uri %>
|
|
19
|
+
<span class="form-text text-secondary">
|
|
20
|
+
<%= t('doorkeeper.applications.help.redirect_uri') %>
|
|
21
|
+
</span>
|
|
22
|
+
|
|
23
|
+
<% if Doorkeeper.configuration.allow_blank_redirect_uri?(application) %>
|
|
24
|
+
<span class="form-text text-secondary">
|
|
25
|
+
<%= t('doorkeeper.applications.help.blank_redirect_uri') %>
|
|
26
|
+
</span>
|
|
27
|
+
<% end %>
|
|
28
|
+
</div>
|
|
29
|
+
</div>
|
|
30
|
+
|
|
31
|
+
<div class="form-group row">
|
|
32
|
+
<%= f.label :confidential, class: 'col-sm-2 form-check-label font-weight-bold' %>
|
|
33
|
+
<div class="col-sm-10">
|
|
34
|
+
<%= f.check_box :confidential, class: "checkbox #{ 'is-invalid' if application.errors[:confidential].present? }" %>
|
|
35
|
+
<%= doorkeeper_errors_for application, :confidential %>
|
|
36
|
+
<span class="form-text text-secondary">
|
|
37
|
+
<%= t('doorkeeper.applications.help.confidential') %>
|
|
38
|
+
</span>
|
|
39
|
+
</div>
|
|
40
|
+
</div>
|
|
41
|
+
|
|
42
|
+
<div class="form-group row">
|
|
43
|
+
<%= f.label :scopes, class: 'col-sm-2 col-form-label font-weight-bold' %>
|
|
44
|
+
<div class="col-sm-10">
|
|
45
|
+
<%= f.text_field :scopes, class: "form-control #{ 'has-error' if application.errors[:scopes].present? }" %>
|
|
46
|
+
<%= doorkeeper_errors_for application, :scopes %>
|
|
47
|
+
<span class="form-text text-secondary">
|
|
48
|
+
<%= t('doorkeeper.applications.help.scopes') %>
|
|
49
|
+
</span>
|
|
50
|
+
</div>
|
|
51
|
+
</div>
|
|
52
|
+
|
|
53
|
+
<div class="form-group">
|
|
54
|
+
<div class="col-sm-offset-2 col-sm-10">
|
|
55
|
+
<%= f.submit t('doorkeeper.applications.buttons.submit'), class: 'btn btn-primary' %>
|
|
56
|
+
<%= link_to t('doorkeeper.applications.buttons.cancel'), oauth_applications_path, class: 'btn btn-secondary' %>
|
|
57
|
+
</div>
|
|
58
|
+
</div>
|
|
59
|
+
<% end %>
|
|
@@ -0,0 +1,38 @@
|
|
|
1
|
+
<div class="border-bottom mb-4">
|
|
2
|
+
<h1><%= t('.title') %></h1>
|
|
3
|
+
</div>
|
|
4
|
+
|
|
5
|
+
<p><%= link_to t('.new'), new_oauth_application_path, class: 'btn btn-success' %></p>
|
|
6
|
+
|
|
7
|
+
<table class="table table-striped">
|
|
8
|
+
<thead>
|
|
9
|
+
<tr>
|
|
10
|
+
<th><%= t('.name') %></th>
|
|
11
|
+
<th><%= t('.callback_url') %></th>
|
|
12
|
+
<th><%= t('.confidential') %></th>
|
|
13
|
+
<th><%= t('.actions') %></th>
|
|
14
|
+
<th></th>
|
|
15
|
+
</tr>
|
|
16
|
+
</thead>
|
|
17
|
+
<tbody>
|
|
18
|
+
<% @applications.each do |application| %>
|
|
19
|
+
<tr id="application_<%= application.id %>">
|
|
20
|
+
<td class="align-middle">
|
|
21
|
+
<%= link_to application.name, oauth_application_path(application) %>
|
|
22
|
+
</td>
|
|
23
|
+
<td class="align-middle">
|
|
24
|
+
<%= simple_format(application.redirect_uri) %>
|
|
25
|
+
</td>
|
|
26
|
+
<td class="align-middle">
|
|
27
|
+
<%= application.confidential? ? t('doorkeeper.applications.index.confidentiality.yes') : t('doorkeeper.applications.index.confidentiality.no') %>
|
|
28
|
+
</td>
|
|
29
|
+
<td class="align-middle">
|
|
30
|
+
<%= link_to t('doorkeeper.applications.buttons.edit'), edit_oauth_application_path(application), class: 'btn btn-link' %>
|
|
31
|
+
</td>
|
|
32
|
+
<td class="align-middle">
|
|
33
|
+
<%= render 'delete_form', application: application %>
|
|
34
|
+
</td>
|
|
35
|
+
</tr>
|
|
36
|
+
<% end %>
|
|
37
|
+
</tbody>
|
|
38
|
+
</table>
|
|
@@ -0,0 +1,63 @@
|
|
|
1
|
+
<div class="border-bottom mb-4">
|
|
2
|
+
<h1><%= t('.title', name: @application.name) %></h1>
|
|
3
|
+
</div>
|
|
4
|
+
|
|
5
|
+
<div class="row">
|
|
6
|
+
<div class="col-md-8">
|
|
7
|
+
<h4><%= t('.application_id') %></h4>
|
|
8
|
+
<p><code class="bg-light" id="application_id"><%= @application.uid %></code></p>
|
|
9
|
+
|
|
10
|
+
<h4><%= t('.secret') %></h4>
|
|
11
|
+
<p>
|
|
12
|
+
<code class="bg-light" id="secret">
|
|
13
|
+
<% secret = flash[:application_secret].presence || @application.plaintext_secret %>
|
|
14
|
+
<% if secret.blank? && Doorkeeper.config.application_secret_hashed? %>
|
|
15
|
+
<span class="bg-light font-italic text-uppercase text-muted"><%= t('.secret_hashed') %></span>
|
|
16
|
+
<% else %>
|
|
17
|
+
<%= secret %>
|
|
18
|
+
<% end %>
|
|
19
|
+
</code>
|
|
20
|
+
</p>
|
|
21
|
+
|
|
22
|
+
<h4><%= t('.scopes') %></h4>
|
|
23
|
+
<p>
|
|
24
|
+
<code class="bg-light" id="scopes">
|
|
25
|
+
<% if @application.scopes.present? %>
|
|
26
|
+
<%= @application.scopes %>
|
|
27
|
+
<% else %>
|
|
28
|
+
<span class="bg-light font-italic text-uppercase text-muted"><%= t('.not_defined') %></span>
|
|
29
|
+
<% end %>
|
|
30
|
+
</code>
|
|
31
|
+
</p>
|
|
32
|
+
|
|
33
|
+
<h4><%= t('.confidential') %></h4>
|
|
34
|
+
<p><code class="bg-light" id="confidential"><%= @application.confidential? %></code></p>
|
|
35
|
+
|
|
36
|
+
<h4><%= t('.callback_urls') %></h4>
|
|
37
|
+
|
|
38
|
+
<% if @application.redirect_uri.present? %>
|
|
39
|
+
<table>
|
|
40
|
+
<% @application.redirect_uri.split.each do |uri| %>
|
|
41
|
+
<tr>
|
|
42
|
+
<td>
|
|
43
|
+
<code class="bg-light"><%= uri %></code>
|
|
44
|
+
</td>
|
|
45
|
+
<td>
|
|
46
|
+
<%= link_to t('doorkeeper.applications.buttons.authorize'), oauth_authorization_path(client_id: @application.uid, redirect_uri: uri, response_type: 'code', scope: @application.scopes), class: 'btn btn-success', target: '_blank' %>
|
|
47
|
+
</td>
|
|
48
|
+
</tr>
|
|
49
|
+
<% end %>
|
|
50
|
+
</table>
|
|
51
|
+
<% else %>
|
|
52
|
+
<span class="bg-light font-italic text-uppercase text-muted"><%= t('.not_defined') %></span>
|
|
53
|
+
<% end %>
|
|
54
|
+
</div>
|
|
55
|
+
|
|
56
|
+
<div class="col-md-4">
|
|
57
|
+
<h3><%= t('.actions') %></h3>
|
|
58
|
+
|
|
59
|
+
<p><%= link_to t('doorkeeper.applications.buttons.edit'), edit_oauth_application_path(@application), class: 'btn btn-primary' %></p>
|
|
60
|
+
|
|
61
|
+
<p><%= render 'delete_form', application: @application, submit_btn_css: 'btn btn-danger' %></p>
|
|
62
|
+
</div>
|
|
63
|
+
</div>
|
|
@@ -0,0 +1,15 @@
|
|
|
1
|
+
<header class="page-header">
|
|
2
|
+
<h1><%= t('.title') %></h1>
|
|
3
|
+
</header>
|
|
4
|
+
|
|
5
|
+
<%= form_tag @pre_auth.redirect_uri, method: :post, name: :redirect_form, authenticity_token: false do %>
|
|
6
|
+
<% auth.body.compact.each do |key, value| %>
|
|
7
|
+
<%= hidden_field_tag key, value %>
|
|
8
|
+
<% end %>
|
|
9
|
+
<% end %>
|
|
10
|
+
|
|
11
|
+
<script>
|
|
12
|
+
window.onload = function () {
|
|
13
|
+
document.forms['redirect_form'].submit();
|
|
14
|
+
};
|
|
15
|
+
</script>
|
|
@@ -0,0 +1,46 @@
|
|
|
1
|
+
<header class="page-header" role="banner">
|
|
2
|
+
<h1><%= t('.title') %></h1>
|
|
3
|
+
</header>
|
|
4
|
+
|
|
5
|
+
<main role="main">
|
|
6
|
+
<p class="h4">
|
|
7
|
+
<%= raw t('.prompt', client_name: content_tag(:strong, class: 'text-info') { @pre_auth.client.name }) %>
|
|
8
|
+
</p>
|
|
9
|
+
|
|
10
|
+
<% if @pre_auth.scopes.count > 0 %>
|
|
11
|
+
<div id="oauth-permissions">
|
|
12
|
+
<p><%= t('.able_to') %></p>
|
|
13
|
+
|
|
14
|
+
<ul class="text-info">
|
|
15
|
+
<% @pre_auth.scopes.each do |scope| %>
|
|
16
|
+
<li><%= t scope, scope: [:doorkeeper, :scopes] %></li>
|
|
17
|
+
<% end %>
|
|
18
|
+
</ul>
|
|
19
|
+
</div>
|
|
20
|
+
<% end %>
|
|
21
|
+
|
|
22
|
+
<div class="actions">
|
|
23
|
+
<%= form_tag oauth_authorization_path, method: :post do %>
|
|
24
|
+
<%= hidden_field_tag :client_id, @pre_auth.client.uid, id: nil %>
|
|
25
|
+
<%= hidden_field_tag :redirect_uri, @pre_auth.redirect_uri, id: nil %>
|
|
26
|
+
<%= hidden_field_tag :state, @pre_auth.state, id: nil %>
|
|
27
|
+
<%= hidden_field_tag :response_type, @pre_auth.response_type, id: nil %>
|
|
28
|
+
<%= hidden_field_tag :response_mode, @pre_auth.response_mode, id: nil %>
|
|
29
|
+
<%= hidden_field_tag :scope, @pre_auth.scope, id: nil %>
|
|
30
|
+
<%= hidden_field_tag :code_challenge, @pre_auth.code_challenge, id: nil %>
|
|
31
|
+
<%= hidden_field_tag :code_challenge_method, @pre_auth.code_challenge_method, id: nil %>
|
|
32
|
+
<%= submit_tag t('doorkeeper.authorizations.buttons.authorize'), class: "btn btn-success btn-lg btn-block" %>
|
|
33
|
+
<% end %>
|
|
34
|
+
<%= form_tag oauth_authorization_path, method: :delete do %>
|
|
35
|
+
<%= hidden_field_tag :client_id, @pre_auth.client.uid, id: nil %>
|
|
36
|
+
<%= hidden_field_tag :redirect_uri, @pre_auth.redirect_uri, id: nil %>
|
|
37
|
+
<%= hidden_field_tag :state, @pre_auth.state, id: nil %>
|
|
38
|
+
<%= hidden_field_tag :response_type, @pre_auth.response_type, id: nil %>
|
|
39
|
+
<%= hidden_field_tag :response_mode, @pre_auth.response_mode, id: nil %>
|
|
40
|
+
<%= hidden_field_tag :scope, @pre_auth.scope, id: nil %>
|
|
41
|
+
<%= hidden_field_tag :code_challenge, @pre_auth.code_challenge, id: nil %>
|
|
42
|
+
<%= hidden_field_tag :code_challenge_method, @pre_auth.code_challenge_method, id: nil %>
|
|
43
|
+
<%= submit_tag t('doorkeeper.authorizations.buttons.deny'), class: "btn btn-danger btn-lg btn-block" %>
|
|
44
|
+
<% end %>
|
|
45
|
+
</div>
|
|
46
|
+
</main>
|
|
@@ -0,0 +1,4 @@
|
|
|
1
|
+
<%- submit_btn_css ||= 'btn btn-link' %>
|
|
2
|
+
<%= form_tag oauth_authorized_application_path(application), method: :delete do %>
|
|
3
|
+
<%= submit_tag t('doorkeeper.authorized_applications.buttons.revoke'), onclick: "return confirm('#{ t('doorkeeper.authorized_applications.confirmations.revoke') }')", class: submit_btn_css %>
|
|
4
|
+
<% end %>
|
|
@@ -0,0 +1,24 @@
|
|
|
1
|
+
<header class="page-header">
|
|
2
|
+
<h1><%= t('doorkeeper.authorized_applications.index.title') %></h1>
|
|
3
|
+
</header>
|
|
4
|
+
|
|
5
|
+
<main role="main">
|
|
6
|
+
<table class="table table-striped">
|
|
7
|
+
<thead>
|
|
8
|
+
<tr>
|
|
9
|
+
<th><%= t('doorkeeper.authorized_applications.index.application') %></th>
|
|
10
|
+
<th><%= t('doorkeeper.authorized_applications.index.created_at') %></th>
|
|
11
|
+
<th></th>
|
|
12
|
+
</tr>
|
|
13
|
+
</thead>
|
|
14
|
+
<tbody>
|
|
15
|
+
<% @applications.each do |application| %>
|
|
16
|
+
<tr>
|
|
17
|
+
<td><%= application.name %></td>
|
|
18
|
+
<td><%= application.created_at.strftime(t('doorkeeper.authorized_applications.index.date_format')) %></td>
|
|
19
|
+
<td><%= render 'delete_form', application: application %></td>
|
|
20
|
+
</tr>
|
|
21
|
+
<% end %>
|
|
22
|
+
</tbody>
|
|
23
|
+
</table>
|
|
24
|
+
</main>
|
|
@@ -0,0 +1,39 @@
|
|
|
1
|
+
<!DOCTYPE html>
|
|
2
|
+
<html>
|
|
3
|
+
<head>
|
|
4
|
+
<meta charset="utf-8">
|
|
5
|
+
<meta http-equiv="X-UA-Compatible" content="IE=edge">
|
|
6
|
+
<meta name="viewport" content="width=device-width, initial-scale=1.0">
|
|
7
|
+
<title><%= t('doorkeeper.layouts.admin.title') %></title>
|
|
8
|
+
<%= stylesheet_link_tag "doorkeeper/admin/application" %>
|
|
9
|
+
<%= csrf_meta_tags %>
|
|
10
|
+
</head>
|
|
11
|
+
<body>
|
|
12
|
+
<nav class="navbar navbar-expand-lg navbar-dark bg-dark mb-5">
|
|
13
|
+
<%= link_to t('doorkeeper.layouts.admin.nav.oauth2_provider'), oauth_applications_path, class: 'navbar-brand' %>
|
|
14
|
+
|
|
15
|
+
<div class="collapse navbar-collapse">
|
|
16
|
+
<ul class="navbar-nav mr-auto">
|
|
17
|
+
<li class="nav-item <%= 'active' if request.path == oauth_applications_path %>">
|
|
18
|
+
<%= link_to t('doorkeeper.layouts.admin.nav.applications'), oauth_applications_path, class: 'nav-link' %>
|
|
19
|
+
</li>
|
|
20
|
+
<% if respond_to?(:root_path) %>
|
|
21
|
+
<li class="nav-item">
|
|
22
|
+
<%= link_to t('doorkeeper.layouts.admin.nav.home'), root_path, class: 'nav-link' %>
|
|
23
|
+
</li>
|
|
24
|
+
<% end %>
|
|
25
|
+
</ul>
|
|
26
|
+
</div>
|
|
27
|
+
</nav>
|
|
28
|
+
|
|
29
|
+
<div class="doorkeeper-admin container">
|
|
30
|
+
<%- if flash[:notice].present? %>
|
|
31
|
+
<div class="alert alert-info">
|
|
32
|
+
<%= flash[:notice] %>
|
|
33
|
+
</div>
|
|
34
|
+
<% end -%>
|
|
35
|
+
|
|
36
|
+
<%= yield %>
|
|
37
|
+
</div>
|
|
38
|
+
</body>
|
|
39
|
+
</html>
|
|
@@ -0,0 +1,23 @@
|
|
|
1
|
+
<!DOCTYPE html>
|
|
2
|
+
<html>
|
|
3
|
+
<head>
|
|
4
|
+
<title><%= t('doorkeeper.layouts.application.title') %></title>
|
|
5
|
+
<meta charset="utf-8">
|
|
6
|
+
<meta http-equiv="X-UA-Compatible" content="IE=edge">
|
|
7
|
+
<meta name="viewport" content="width=device-width, initial-scale=1.0">
|
|
8
|
+
|
|
9
|
+
<%= stylesheet_link_tag "doorkeeper/application" %>
|
|
10
|
+
<%= csrf_meta_tags %>
|
|
11
|
+
</head>
|
|
12
|
+
<body>
|
|
13
|
+
<div id="container">
|
|
14
|
+
<%- if flash[:notice].present? %>
|
|
15
|
+
<div class="alert alert-info">
|
|
16
|
+
<%= flash[:notice] %>
|
|
17
|
+
</div>
|
|
18
|
+
<% end -%>
|
|
19
|
+
|
|
20
|
+
<%= yield %>
|
|
21
|
+
</div>
|
|
22
|
+
</body>
|
|
23
|
+
</html>
|