wine_bouncer 0.3.1 → 0.4.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 1d520f0842f9978dde501b13eecd7ec124f30a57
-  data.tar.gz: 4f74158125be0303fb0e4c3efb28407190c3628d
+  metadata.gz: 4f574523e9139e98523e7ee4fa55f53c08d523d5
+  data.tar.gz: 57f194faf3e53dd0382c9ad5d55193510eca3646
 SHA512:
-  metadata.gz: 752d4043b4360f1e8baa23457e611d6cdb3fea714e07e518652adc51a8e95099f798576cc36acc4e550201722e42adc437c3ad68435c6fae499f9a7d5b0db83f
-  data.tar.gz: e160c6f796b00889e233d6da793754c7053ddc3bc296b6471fe81fcff13ef8cf9781829bcacd43377e42ec59a9076a8b874768c003321b7fb40cb8e839801d62
+  metadata.gz: 8f15e202eff6141fef5a1717ab23a542b63ab49ca8558aa98dfebb3f91b8a00512893720b1c8e0858cde16d55158334522c17997b0a9411051ad2c86af60f46f
+  data.tar.gz: a232f4bc101f50924f4c794071c1c4411498da7a45b6558994471569441cc61b7a55ff12de8480a76c0094f6fa417f75585d101d982c572a064c76d1d39741e4

data/.travis.yml

@@ -2,20 +2,26 @@ before_install:
   - gem update bundler
   - bundle --version
 language: ruby
+cache: bundler
 rvm:
-  - 1.9.3
   - 2.0
   - 2.1
+  - 2.2
 env:
-  - rails=3.2.18 grape=0.9.0
-  - rails=4.1.1 grape=0.9.0
   - rails=3.2.18 grape=0.10.0
-  - rails=4.1.1 grape=0.10.0 doorkeeper=1.4.1
-  - rails=4.1.1 grape=0.10.0
-  - rails=4.1.1 grape=0.11.0 doorkeeper=2.1.3
+  - rails=3.2.18 grape=0.12.0
+  - rails=4.1.1 grape=0.12.0 doorkeeper=2.0.1
+  - rails=4.1.1 grape=0.12.0 doorkeeper=2.1.4
+  - rails=4.2.0 grape=0.10.0 doorkeeper=2.2.1
+  - rails=4.2.0 grape=0.11.0 doorkeeper=2.2.1
+  - rails=4.2.0 grape=0.12.0 doorkeeper=2.2.1
 matrix:
-  allow_failures:
-    - rvm: 1.9.3
+  exclude:
+    - env: rails=3.2.18 grape=0.10.0
+      rvm: 2.2
+
+    - env: rails=3.2.18 grape=0.12.0
+      rvm: 2.2
 addons:
   code_climate:
     repo_token: ab1b6ce5f973da033f80ae2e99fadbb32b2f9c37892703956d8ef954c8e8134e

data/CHANGELOG.md

@@ -1,22 +1,30 @@
 Changelog
 =========
+
+## Next
+
+## 0.4.0
+* [#42](https://github.com/antek-drzewiecki/wine_bouncer/pull/42): Added support for Doorkeeper 2.2
+* [#41](https://github.com/antek-drzewiecki/wine_bouncer/pull/41): Added support for Grape 0.12.0, Removed support for Grape 0.8 and 0.9 (though they still work).
+* [#39](https://github.com/antek-drzewiecki/wine_bouncer/pull/39): Add option to disable WineBouncer conditionally. Thanks @Fryie .
+
 ## 0.3.1
-[#31](https://github.com/antek-drzewiecki/wine_bouncer/pull/31): Improves support for default scopes trough DSL.
-[#30](https://github.com/antek-drzewiecki/wine_bouncer/pull/30): Restricted grape dependencies to the next minor level of grape.
-[#29](https://github.com/antek-drzewiecki/wine_bouncer/pull/29): Doorkeepers dependencies are restricted to minor levels. Thanks @nickcharlton
-[#27](https://github.com/antek-drzewiecki/wine_bouncer/pull/27): Fixes DSL default and protected strategy. Fixes #24 and #26.
+* [#31](https://github.com/antek-drzewiecki/wine_bouncer/pull/31): Improves support for default scopes trough DSL.
+* [#30](https://github.com/antek-drzewiecki/wine_bouncer/pull/30): Restricted grape dependencies to the next minor level of grape.
+* [#29](https://github.com/antek-drzewiecki/wine_bouncer/pull/29): Doorkeepers dependencies are restricted to minor levels. Thanks @nickcharlton
+* [#27](https://github.com/antek-drzewiecki/wine_bouncer/pull/27): Fixes DSL default and protected strategy. Fixes #24 and #26.
 
 ## 0.3.0
-[#21](https://github.com/antek-drzewiecki/wine_bouncer/pull/21): Added an Easy DSL for WineBouncer. Thanks @masarakki .
-[#23](https://github.com/antek-drzewiecki/wine_bouncer/pull/23): Added support for Doorkeeper 2.1.1 and refactored strategies.
+* [#21](https://github.com/antek-drzewiecki/wine_bouncer/pull/21): Added an Easy DSL for WineBouncer. Thanks @masarakki .
+* [#23](https://github.com/antek-drzewiecki/wine_bouncer/pull/23): Added support for Doorkeeper 2.1.1 and refactored strategies.
 
 ## 0.2.2
-[#17](https://github.com/antek-drzewiecki/wine_bouncer/pull/17): Added a new protected strategy. Thanks @whatasunnyday .
+* [#17](https://github.com/antek-drzewiecki/wine_bouncer/pull/17): Added a new protected strategy. Thanks @whatasunnyday .
 
 ## 0.2.1
-[#12](https://github.com/antek-drzewiecki/wine_bouncer/pull/12): Added a rails generator to generate the WineBouncer configuration file. Thanks @whatasunnyday.
-[#7](https://github.com/antek-drzewiecki/wine_bouncer/pull/7): Added support for Doorkeeper 2.0.0 and 2.0.1. Thanks @whatasunnyday .
+* [#12](https://github.com/antek-drzewiecki/wine_bouncer/pull/12): Added a rails generator to generate the WineBouncer configuration file. Thanks @whatasunnyday.
+* [#7](https://github.com/antek-drzewiecki/wine_bouncer/pull/7): Added support for Doorkeeper 2.0.0 and 2.0.1. Thanks @whatasunnyday .
 
 ## 0.2.0
-[#4](https://github.com/antek-drzewiecki/wine_bouncer/pull/4): Support for newer versions of grape ( > 0.8 ).
-[#6](https://github.com/antek-drzewiecki/wine_bouncer/pull/6): Added the option to configure the resource owner.
+* [#4](https://github.com/antek-drzewiecki/wine_bouncer/pull/4): Support for newer versions of grape ( > 0.8 ).
+* [#6](https://github.com/antek-drzewiecki/wine_bouncer/pull/6): Added the option to configure the resource owner.

data/Gemfile

@@ -1,8 +1,8 @@
 source 'https://rubygems.org'
 
-ENV['grape'] ||= '0.10.0'
-ENV['rails'] ||= '4.1.1'
-ENV['doorkeeper'] ||= '2.0.1'
+ENV['grape'] ||= '0.12.0'
+ENV['rails'] ||= '4.2.0'
+ENV['doorkeeper'] ||= '2.2.1'
 
 gem 'rails', ENV['rails']
 

data/README.md

@@ -19,6 +19,7 @@ Table of Contents
       * [Swagger](#swagger)
       * [Protected](#protected)
     * [Token information](#token-information)
+    * [Disable WineBouncer](#disable-winebouncer)
   * [Exceptions and Exception handling](#exceptions-and-exception-handling)
   * [Example Application](#example-application)
   * [Development](#development)
@@ -26,16 +27,16 @@ Table of Contents
 
 
 ## Requirements
-- Ruby > 1.9.3
-- Doorkeeper > 1.4.0 and < 2.2
-- Grape > 0.8 and < 0.12
+- Ruby > 2.0
+- Doorkeeper > 1.4.0 and < 3
+- Grape > 0.10 and < 0.13
 
 ## Installation
 
 Add this line to your application's Gemfile:
 
 ```ruby
-gem 'wine_bouncer'
+gem 'wine_bouncer', '~> 0.4.0'
 ```
 
 And then execute:
@@ -46,7 +47,7 @@ bundle
 
 ## Upgrading
 When upgrading from a previous version, see [UPGRADING](UPGRADING.md). You might also be interested at the [CHANGELOG](CHANGELOG.md).
-Note this is the last version that will support Grape 0.8 and 0.9. Grape 0.10 will be the next minimum Grape version.
+
 
 ## Usage
 WineBouncer is a custom Grape Middleware used for Authentication and Authorization. We assume you have a Grape API mounted in your Rails application together with Doorkeeper.
@@ -185,6 +186,26 @@ To protect your endpoint with other scopes append the following method `oauth2 '
 
 WineBouncer comes with free extras! Methods for `resource_owner` and `doorkeeper_access_token` get included in your endpoints. You can use them to get the current resource owner, and the access_token object of doorkeeper.
 
+### Disable WineBouncer
+
+If you want to disable WineBouncer conditionally - e.g. in specs - you can add a block to the WineBouncer configuration. When this block evaluates to true, any request will be unprotected. For example:
+```{ruby}
+WineBouncer.configure do |config|
+  config.disable do
+    Rails.env.test?
+  end
+end
+```
+
+The block is newly evaluated for every request, so you could in principle have something like:
+```{ruby}
+config.disable do
+  [true, false].sample
+end
+```
+
+You probably shouldn't, though.
+
 ## Exceptions and Exception handling
 
 This gem raises the following exceptions which can be handled in your Grape API, see [Grape documentation](https://github.com/intridea/grape#exception-handling).
@@ -194,9 +215,9 @@ This gem raises the following exceptions which can be handled in your Grape API,
 * `WineBouncer::Errors::OAuthForbiddenError`
    when the token is found but scopes do not match.
 
-## Example Application
+## Example/Template Application
 
-A full working sample app can be found on [sethherr page](https://github.com/sethherr/grape-doorkeeper) and can be accessed on [heroku](https://grape-doorkeeper.herokuapp.com/)
+A full working sample app (or starter template) can be found at [grape-doorkeeper on github](https://github.com/sethherr/grape-doorkeeper). It has one click deploy to Heroku and [a live example](https://grape-doorkeeper.herokuapp.com/).
 
 ## Development
 

data/lib/wine_bouncer/configuration.rb

@@ -30,6 +30,16 @@ module WineBouncer
       fail(Errors::UnconfiguredError, 'Please define define_resource_owner to configure the resource owner') unless @defined_resource_owner
       @defined_resource_owner
     end
+
+    # when the block evaluates to true, WineBouncer should be disabled
+    # if no block is provided, WineBouncer is always enabled
+    def disable(&block)
+      @disable_block = block
+    end
+
+    def disable_block
+      @disable_block || ->() { false }
+    end
   end
 
    def self.configuration

data/lib/wine_bouncer/oauth2.rb

@@ -1,6 +1,7 @@
 module WineBouncer
   class OAuth2 < Grape::Middleware::Base
 
+    include Doorkeeper::Helpers::Controller
     ###
     # returns the api context
     ###
@@ -22,17 +23,10 @@ module WineBouncer
     ###
     # Returns the request context.
     ###
-    def doorkeeper_request
+    def request
       @_doorkeeper_request
     end
 
-    ###
-    # Authenticates from a request and returns a valid or invalid token.
-    ###
-    def doorkeeper_token
-      @_doorkeeper_token ||= Doorkeeper.authenticate(doorkeeper_request,Doorkeeper.configuration.access_token_methods)
-    end
-
     ###
     # Returns true if the doorkeeper token is valid, false otherwise.
     ###
@@ -86,6 +80,8 @@ module WineBouncer
     # Before do.
     ###
     def before
+      return if WineBouncer.configuration.disable_block.call
+
       set_auth_strategy(WineBouncer.configuration.auth_strategy)
       auth_strategy.api_context = context
       #extend the context with auth methods.

data/lib/wine_bouncer/version.rb

@@ -1,3 +1,3 @@
 module WineBouncer
-  VERSION = '0.3.1'
+  VERSION = '0.4.0'
 end

data/spec/dummy/app/api/default_api.rb

@@ -54,6 +54,11 @@ module Api
       { hello: 'oauth dsl default scopes' }
     end
 
+    oauth2 'multiple', 'scopes'
+    get '/oauth2_dsl_multiple_scopes' do
+      { hello: 'oauth2 dsl multiple scopes' }
+    end
+
   end
 
   class DefaultApiUnderTest < Grape::API

data/spec/intergration/oauth2_default_strategy_spec.rb

@@ -139,6 +139,32 @@ describe Api::MountedDefaultApiUnderTest, type: :api do
         expect { get '/default_api/oauth2_dsl_custom_scope', nil, 'HTTP_AUTHORIZATION' => "Bearer #{token.token}" }.to raise_exception(WineBouncer::Errors::OAuthForbiddenError)
       end
     end
+
+    context 'oauth2_dsl_multiple_scopes' do
+
+      it 'allows call on the first scope' do
+        scope_token = FactoryGirl.create :clientless_access_token, resource_owner_id: user.id, scopes: 'multiple'
+        get '/default_api/oauth2_dsl_multiple_scopes', nil, 'HTTP_AUTHORIZATION' => "Bearer #{scope_token.token}"
+        expect(last_response.status).to eq(200)
+        json = JSON.parse(last_response.body)
+        expect(json).to have_key('hello')
+        expect(json['hello']).to eq('oauth2 dsl multiple scopes')
+      end
+
+      it 'allows call on the second scope' do
+        scope_token = FactoryGirl.create :clientless_access_token, resource_owner_id: user.id, scopes: 'scopes'
+        get '/default_api/oauth2_dsl_multiple_scopes', nil, 'HTTP_AUTHORIZATION' => "Bearer #{scope_token.token}"
+        expect(last_response.status).to eq(200)
+        json = JSON.parse(last_response.body)
+        expect(json).to have_key('hello')
+        expect(json['hello']).to eq('oauth2 dsl multiple scopes')
+      end
+
+      it 'raises an error scope does not match any of the scopes' do
+        expect { get '/default_api/oauth2_dsl_multiple_scopes' }.to raise_exception(WineBouncer::Errors::OAuthUnauthorizedError)
+      end
+
+    end
   end
 
   context 'not_described_world' do

data/spec/intergration/oauth2_protected_strategy_spec.rb

@@ -18,6 +18,27 @@ describe Api::MountedProtectedApiUnderTest, type: :api do
     end
   end
 
+  context 'when WineBouncer is disabled' do
+    before :all do
+      WineBouncer.configure do |c|
+        c.disable { true }
+      end
+    end
+
+    after :all do
+      WineBouncer.configure do |c|
+        c.disable { false }
+      end
+    end
+
+    it 'allows request to protected resource without token' do
+      get '/protected_api/protected'
+      expect(last_response.status).to eq(200)
+      json = JSON.parse(last_response.body)
+      expect(json).to have_key('hello')
+    end
+  end
+
   context 'tokens and scopes' do
     it 'gives access when the token and scope are correct' do
       get '/protected_api/protected', nil, 'HTTP_AUTHORIZATION' => "Bearer #{token.token}"

data/wine_bouncer.gemspec

@@ -7,7 +7,7 @@ Gem::Specification.new do |spec|
   spec.name          = "wine_bouncer"
   spec.version       = WineBouncer::VERSION
   spec.authors       = ["Antek Drzewiecki"]
-  spec.email         = ["antek.drzewiecki@tass.nl"]
+  spec.email         = ["antek.drzewiecki@altran.com"]
   spec.summary       = %q{A Ruby gem that allows Oauth2 protection with Doorkeeper for Grape Api's}
   spec.homepage      = ""
   spec.license       = "MIT"
@@ -17,8 +17,8 @@ Gem::Specification.new do |spec|
   spec.test_files    = spec.files.grep(%r{^(test|spec|features)/})
   spec.require_paths = ["lib"]
 
-  spec.add_runtime_dependency 'grape', '~> 0.8', '< 0.12'
-  spec.add_runtime_dependency 'doorkeeper', '>= 1.4', '< 2.2'
+  spec.add_runtime_dependency 'grape', '~> 0.10', '< 0.13'
+  spec.add_runtime_dependency 'doorkeeper', '>= 1.4', '< 3.0'
 
   spec.add_development_dependency "railties"
   spec.add_development_dependency "bundler", "~> 1.7"

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: wine_bouncer
 version: !ruby/object:Gem::Version
-  version: 0.3.1
+  version: 0.4.0
 platform: ruby
 authors:
 - Antek Drzewiecki
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2015-03-05 00:00:00.000000000 Z
+date: 2015-07-01 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: grape
@@ -16,20 +16,20 @@ dependencies:
     requirements:
     - - ~>
       - !ruby/object:Gem::Version
-        version: '0.8'
+        version: '0.10'
     - - <
       - !ruby/object:Gem::Version
-        version: '0.12'
+        version: '0.13'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - ~>
       - !ruby/object:Gem::Version
-        version: '0.8'
+        version: '0.10'
     - - <
       - !ruby/object:Gem::Version
-        version: '0.12'
+        version: '0.13'
 - !ruby/object:Gem::Dependency
   name: doorkeeper
   requirement: !ruby/object:Gem::Requirement
@@ -39,7 +39,7 @@ dependencies:
         version: '1.4'
     - - <
       - !ruby/object:Gem::Version
-        version: '2.2'
+        version: '3.0'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
@@ -49,7 +49,7 @@ dependencies:
         version: '1.4'
     - - <
       - !ruby/object:Gem::Version
-        version: '2.2'
+        version: '3.0'
 - !ruby/object:Gem::Dependency
   name: railties
   requirement: !ruby/object:Gem::Requirement
@@ -164,7 +164,7 @@ dependencies:
         version: 1.3.0
 description: 
 email:
-- antek.drzewiecki@tass.nl
+- antek.drzewiecki@altran.com
 executables: []
 extensions: []
 extra_rdoc_files: []