wine_bouncer 0.3.0 → 0.3.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: e08374333bc4fe68a78e7f177b74179d550ddba2
-  data.tar.gz: e9e635c0d5f531108e3bf39dbfb847a4eab71ddf
+  metadata.gz: 1d520f0842f9978dde501b13eecd7ec124f30a57
+  data.tar.gz: 4f74158125be0303fb0e4c3efb28407190c3628d
 SHA512:
-  metadata.gz: 3fbecb2d1db85e84b23f059d5a73bd9313c8cb73c259797bc7e78bd06694ed80ac3dee5e295b1fc15373bcdc39587f1a470cade1e9533698ba8c261a450e680e
-  data.tar.gz: b3060def1967e6361ca3c8a174c97face42dacd6821288dc2206cb7b678d9a8d4aa0f5732a63a8dd913052ec9d832d395f8940f2200106bae34e7801b10db098
+  metadata.gz: 752d4043b4360f1e8baa23457e611d6cdb3fea714e07e518652adc51a8e95099f798576cc36acc4e550201722e42adc437c3ad68435c6fae499f9a7d5b0db83f
+  data.tar.gz: e160c6f796b00889e233d6da793754c7053ddc3bc296b6471fe81fcff13ef8cf9781829bcacd43377e42ec59a9076a8b874768c003321b7fb40cb8e839801d62

data/.travis.yml

@@ -12,7 +12,7 @@ env:
   - rails=3.2.18 grape=0.10.0
   - rails=4.1.1 grape=0.10.0 doorkeeper=1.4.1
   - rails=4.1.1 grape=0.10.0
-  - rails=4.1.1 grape=0.11.0 doorkeeper=2.1.1
+  - rails=4.1.1 grape=0.11.0 doorkeeper=2.1.3
 matrix:
   allow_failures:
     - rvm: 1.9.3

data/CHANGELOG.md

@@ -1,17 +1,22 @@
 Changelog
 =========
+## 0.3.1
+[#31](https://github.com/antek-drzewiecki/wine_bouncer/pull/31): Improves support for default scopes trough DSL.
+[#30](https://github.com/antek-drzewiecki/wine_bouncer/pull/30): Restricted grape dependencies to the next minor level of grape.
+[#29](https://github.com/antek-drzewiecki/wine_bouncer/pull/29): Doorkeepers dependencies are restricted to minor levels. Thanks @nickcharlton
+[#27](https://github.com/antek-drzewiecki/wine_bouncer/pull/27): Fixes DSL default and protected strategy. Fixes #24 and #26.
 
 ## 0.3.0
 [#21](https://github.com/antek-drzewiecki/wine_bouncer/pull/21): Added an Easy DSL for WineBouncer. Thanks @masarakki .
 [#23](https://github.com/antek-drzewiecki/wine_bouncer/pull/23): Added support for Doorkeeper 2.1.1 and refactored strategies.
 
 ## 0.2.2
-*[#17](https://github.com/antek-drzewiecki/wine_bouncer/pull/17): Added a new protected strategy. Thanks @whatasunnyday .
+[#17](https://github.com/antek-drzewiecki/wine_bouncer/pull/17): Added a new protected strategy. Thanks @whatasunnyday .
 
 ## 0.2.1
-*[#12](https://github.com/antek-drzewiecki/wine_bouncer/pull/12): Added a rails generator to generate the WineBouncer configuration file. Thanks @whatasunnyday.
-*[#7](https://github.com/antek-drzewiecki/wine_bouncer/pull/7): Added support for Doorkeeper 2.0.0 and 2.0.1. Thanks @whatasunnyday .
+[#12](https://github.com/antek-drzewiecki/wine_bouncer/pull/12): Added a rails generator to generate the WineBouncer configuration file. Thanks @whatasunnyday.
+[#7](https://github.com/antek-drzewiecki/wine_bouncer/pull/7): Added support for Doorkeeper 2.0.0 and 2.0.1. Thanks @whatasunnyday .
 
 ## 0.2.0
-*[#4](https://github.com/antek-drzewiecki/wine_bouncer/pull/4): Support for newer versions of grape ( > 0.8 ).
-*[#6](https://github.com/antek-drzewiecki/wine_bouncer/pull/6): Added the option to configure the resource owner.
+[#4](https://github.com/antek-drzewiecki/wine_bouncer/pull/4): Support for newer versions of grape ( > 0.8 ).
+[#6](https://github.com/antek-drzewiecki/wine_bouncer/pull/6): Added the option to configure the resource owner.

data/README.md

@@ -13,20 +13,22 @@ Table of Contents
   * [Installation](#installation)
   * [Upgrading](#upgrading)
   * [Usage](#usage)
+    * [Easy DSL](#easy-dsl)
     * [Authentication strategies](#authentication-strategies)
       * [Default](#default)
       * [Swagger](#swagger)
       * [Protected](#protected)
     * [Token information](#token-information)
   * [Exceptions and Exception handling](#exceptions-and-exception-handling)
+  * [Example Application](#example-application)
   * [Development](#development)
   * [Contributing](#contributing)
 
 
 ## Requirements
 - Ruby > 1.9.3
-- Doorkeeper > 1.4.0 and =< 2.1.1
-- Grape > 0.8 and =< 0.11.0
+- Doorkeeper > 1.4.0 and < 2.2
+- Grape > 0.8 and < 0.12
 
 ## Installation
 
@@ -174,8 +176,9 @@ The Swagger strategy uses scopes and injects them in the authorizations descript
 
 #### Protected
 
-The protected strategy is very similar to the default strategy except any public end point must explicitly set. To make an end point public, use `oauth2: false`.
-If the authorization is not set, the end point is assumed to be protected and Doorkeeper's default scopes are used.
+The protected strategy is very similar to the default strategy except any public endpoint must explicitly set. To make an end point public, use `oauth2 false`.
+If the authorization method is not set, the end point is assumed to be __protected with Doorkeeper's default scopes__ (which is the same as `oauth2 nil `.)
+To protect your endpoint with other scopes append the following method `oauth2 'first scope', 'second scope'`.
 
 
 ### Token information
@@ -191,6 +194,10 @@ This gem raises the following exceptions which can be handled in your Grape API,
 * `WineBouncer::Errors::OAuthForbiddenError`
    when the token is found but scopes do not match.
 
+## Example Application
+
+A full working sample app can be found on [sethherr page](https://github.com/sethherr/grape-doorkeeper) and can be accessed on [heroku](https://grape-doorkeeper.herokuapp.com/)
+
 ## Development
 
 Since we want the gem tested against several rails versions we use the same way to prepare our development environment as Doorkeeper.

data/lib/wine_bouncer/auth_strategies/protected.rb

@@ -23,8 +23,16 @@ module WineBouncer
       end
 
 
+      # returns true if an authorization hash has been found
+      # First it checks for the old syntax, then for the new.
       def has_authorizations?
-        nil_authorizations? || endpoint_authorizations
+        (nil_authorizations? || !!endpoint_authorizations) && scope_keys?
+      end
+
+      # if false or nil scopes are entered the authorization should be skipped.
+      # nil_authorizations? is used to check against the legacy hash.
+      def scope_keys?
+        nil_authorizations? || endpoint_authorizations[:scopes] != [false]
       end
 
       def endpoint_authorizations

data/lib/wine_bouncer/extension.rb

@@ -1,15 +1,15 @@
 module WineBouncer
   module Extension
     def oauth2(*scopes)
-      scopes = Array(scopes)
+      scopes = Doorkeeper.configuration.default_scopes.all if scopes.all? { |x| x.nil? }
       description = if respond_to?(:route_setting) # >= grape-0.10.0
-        route_setting(:description)
+        route_setting(:description) || route_setting(:description, {})
       else
         @last_description ||= {}
       end
       # case WineBouncer.configuration.auth_strategy
       # when :default
-      description[:auth] = { scope: scopes }
+      description[:auth] = { scopes: scopes }
       # when :swagger
       description[:authorizations] = { oauth2: scopes.map{|x| {scope: x}} }
       # end

data/lib/wine_bouncer/version.rb

@@ -1,3 +1,3 @@
 module WineBouncer
-  VERSION = '0.3.0'
+  VERSION = '0.3.1'
 end

data/spec/dummy/app/api/default_api.rb

@@ -14,6 +14,11 @@ module Api
       { hello: 'scoped world' }
     end
 
+    desc 'Protected method with custom scope', auth: { scopes: ['custom_scope'] }
+    get '/oauth2_custom_scope' do
+      { hello: 'oauth2_custom_scope' }
+    end
+
     desc 'Unprotected method'
     get '/unprotected' do
       { hello: 'unprotected world' }
@@ -29,14 +34,24 @@ module Api
       { hello: 'protected unscoped world' }
     end
 
+    get '/not_described_world' do
+      { hello: 'non described world' }
+    end
+
     desc 'oauth2_dsl'
     oauth2 'public'
     get '/oauth2_dsl' do
-      { hello: 'oauth2_dsl' }
+      { hello: 'oauth2 dsl' }
     end
 
-    get '/not_described_world' do
-      { hello: 'non described world' }
+    oauth2 'custom_scope'
+    get '/oauth2_dsl_custom_scope' do
+      { hello: 'oauth2 dsl custom scope' }
+    end
+
+    oauth2
+    get '/oauth2_dsl_default_scopes' do
+      { hello: 'oauth dsl default scopes' }
     end
 
   end

data/spec/dummy/app/api/protected_api.rb

@@ -35,6 +35,21 @@ module Api
       { hello: 'oauth2_dsl' }
     end
 
+    oauth2 'custom_scope'
+    get '/oauth2_dsl_custom_scope' do
+      { hello: 'custom scope' }
+    end
+
+    oauth2
+    get '/oauth2_protected_with_default_scopes' do
+      { hello: 'default oauth2 dsl' }
+    end
+
+    oauth2 false
+    get '/unprotected_endpoint' do
+      { hello: 'public oauth2 dsl' }
+    end
+
     get '/not_described_world' do
       { hello: 'non described world' }
     end

data/spec/dummy/app/api/swagger_api.rb

@@ -29,15 +29,27 @@ module Api
       { hello: 'protected unscoped world' }
     end
 
+    get '/not_described_world' do
+      { hello: 'non described world' }
+    end
+
+
     desc 'oauth2 dsl'
     oauth2 'public'
     get '/oauth2_dsl' do
       { hello: 'oauth2_dsl' }
     end
 
-    get '/not_described_world' do
-      { hello: 'non described world' }
+    oauth2
+    get '/oauth2_dsl_default_scopes' do
+      { hello: 'oauth dsl default scopes' }
     end
+
+    oauth2 'custom_scope'
+    get '/oauth2_dsl_custom_scopes' do
+      { hello: 'oauth dsl custom scopes' }
+    end
+
   end
 
   class SwaggerApiUnderTest < Grape::API

data/spec/dummy/config/initializers/doorkeeper.rb

@@ -41,7 +41,7 @@ Doorkeeper.configure do
   # Define access token scopes for your provider
   # For more information go to
   # https://github.com/doorkeeper-gem/doorkeeper/wiki/Using-Scopes
-  default_scopes  :public
+  default_scopes  :public, :default
   optional_scopes :write, :update
 
   # Change the way client credentials are retrieved from the request object.

data/spec/intergration/oauth2_default_strategy_spec.rb

@@ -4,8 +4,9 @@ require 'json'
 describe Api::MountedDefaultApiUnderTest, type: :api do
 
   let(:user) { FactoryGirl.create :user }
-  let(:token) { FactoryGirl.create :clientless_access_token, resource_owner_id: user.id, scopes: "public" }
-  let(:unscoped_token) { FactoryGirl.create :clientless_access_token, resource_owner_id: user.id, scopes: "" }
+  let(:token) { FactoryGirl.create :clientless_access_token, resource_owner_id: user.id, scopes: 'public' }
+  let(:unscoped_token) { FactoryGirl.create :clientless_access_token, resource_owner_id: user.id, scopes: '' }
+  let(:custom_scope) { FactoryGirl.create :clientless_access_token, resource_owner_id: user.id, scopes: 'custom_scope' } #not a default scope
 
   before (:example) do
     WineBouncer.configure do |c|
@@ -26,6 +27,15 @@ describe Api::MountedDefaultApiUnderTest, type: :api do
       expect(json).to have_key('hello')
     end
 
+    it 'gives access when tokens are correct and an non doorkeeper default scope is used.' do
+      get '/default_api/oauth2_custom_scope', nil, 'HTTP_AUTHORIZATION' => "Bearer #{custom_scope.token}"
+
+      expect(last_response.status).to eq(200)
+      json = JSON.parse(last_response.body)
+      expect(json).to have_key('hello')
+      expect(json['hello']).to eq('oauth2_custom_scope')
+    end
+
     it 'raises an authentication error when the token is invalid' do
       expect { get '/default_api/protected', nil, 'HTTP_AUTHORIZATION' => "Bearer #{token.token}-invalid" }.to raise_exception(WineBouncer::Errors::OAuthUnauthorizedError)
     end
@@ -87,15 +97,49 @@ describe Api::MountedDefaultApiUnderTest, type: :api do
       expect(last_response.status).to eq(200)
       json = JSON.parse(last_response.body)
       expect(json).to have_key('hello')
-      expect(json['hello']).to eq('oauth2_dsl')
-
+      expect(json['hello']).to eq('oauth2 dsl')
     end
 
     it 'raises an error when an protected endpoint without scopes is called without token ' do
       expect { get '/default_api/oauth2_dsl' }.to raise_exception(WineBouncer::Errors::OAuthUnauthorizedError)
     end
-  end
 
+    context 'without parameters' do
+      it 'accepts tokens with default scopes' do
+        get '/swagger_api/oauth2_dsl_default_scopes', nil, 'HTTP_AUTHORIZATION' => "Bearer #{token.token}"
+        expect(last_response.status).to eq(200)
+        json = JSON.parse(last_response.body)
+        expect(json).to have_key('hello')
+        expect(json['hello']).to eq('oauth dsl default scopes')
+      end
+
+      it 'raises an error when an protected endpoint without scopes is called without token ' do
+        expect { get '/default_api/oauth2_dsl_default_scopes' }.to raise_exception(WineBouncer::Errors::OAuthUnauthorizedError)
+      end
+
+      it 'raises an error when token scopes are not default scopes ' do
+        expect { get '/default_api/oauth2_dsl_default_scopes', nil, 'HTTP_AUTHORIZATION' => "Bearer #{custom_scope.token}" }.to raise_exception(WineBouncer::Errors::OAuthForbiddenError)
+      end
+    end
+
+    context 'custom scopes' do
+      it 'allows to call custom scopes' do
+        get '/default_api/oauth2_dsl_custom_scope', nil, 'HTTP_AUTHORIZATION' => "Bearer #{custom_scope.token}"
+        expect(last_response.status).to eq(200)
+        json = JSON.parse(last_response.body)
+        expect(json).to have_key('hello')
+        expect(json['hello']).to eq('oauth2 dsl custom scope')
+      end
+
+      it 'raises an error when an protected endpoint without scopes is called without token ' do
+        expect { get '/default_api/oauth2_dsl_custom_scope' }.to raise_exception(WineBouncer::Errors::OAuthUnauthorizedError)
+      end
+
+      it 'raises an error when token scopes do not match' do
+        expect { get '/default_api/oauth2_dsl_custom_scope', nil, 'HTTP_AUTHORIZATION' => "Bearer #{token.token}" }.to raise_exception(WineBouncer::Errors::OAuthForbiddenError)
+      end
+    end
+  end
 
   context 'not_described_world' do
     it 'allows to call an endpoint without description' do

data/spec/intergration/oauth2_protected_strategy_spec.rb

@@ -4,8 +4,9 @@ require 'json'
 describe Api::MountedProtectedApiUnderTest, type: :api do
 
   let(:user) { FactoryGirl.create :user }
-  let(:token) { FactoryGirl.create :clientless_access_token, resource_owner_id: user.id, scopes: "public" }
-  let(:unscoped_token) { FactoryGirl.create :clientless_access_token, resource_owner_id: user.id, scopes: "" }
+  let(:token) { FactoryGirl.create :clientless_access_token, resource_owner_id: user.id, scopes: 'public' }
+  let(:unscoped_token) { FactoryGirl.create :clientless_access_token, resource_owner_id: user.id, scopes: '' }
+  let(:custom_scope) { FactoryGirl.create :clientless_access_token, resource_owner_id: user.id, scopes: 'custom_scope' } #not a default scope
 
   before (:example) do
     WineBouncer.configure do |c|
@@ -91,12 +92,61 @@ describe Api::MountedProtectedApiUnderTest, type: :api do
       json = JSON.parse(last_response.body)
       expect(json).to have_key('hello')
       expect(json['hello']).to eq('oauth2_dsl')
-
     end
 
-    it 'raises an error when an protected endpoint without scopes is called without token ' do
+    it 'raises an error when an protected endpoint is called without token' do
       expect { get '/protected_api/oauth2_dsl' }.to raise_exception(WineBouncer::Errors::OAuthUnauthorizedError)
     end
+
+    context 'without parameters' do
+      it 'allows to call an endpoint with default scopes' do
+        get '/protected_api/oauth2_protected_with_default_scopes', nil, 'HTTP_AUTHORIZATION' => "Bearer #{token.token}"
+        expect(last_response.status).to eq(200)
+        json = JSON.parse(last_response.body)
+        expect(json).to have_key('hello')
+        expect(json['hello']).to eq('default oauth2 dsl')
+      end
+
+      it 'raises an error when an protected endpoint without scopes is called without token ' do
+        expect { get '/protected_api/oauth2_protected_with_default_scopes' }.to raise_exception(WineBouncer::Errors::OAuthUnauthorizedError)
+      end
+
+      it 'raises an error when token scopes are not default scopes ' do
+        expect { get '/protected_api/oauth2_protected_with_default_scopes', nil, 'HTTP_AUTHORIZATION' => "Bearer #{custom_scope.token}" }.to raise_exception(WineBouncer::Errors::OAuthForbiddenError)
+      end
+    end
+
+    context 'custom scopes' do
+      it 'protects endpoints with custom scopes' do
+        get '/protected_api/oauth2_dsl_custom_scope', nil, 'HTTP_AUTHORIZATION' => "Bearer #{custom_scope.token}"
+        expect(last_response.status).to eq(200)
+        json = JSON.parse(last_response.body)
+        expect(json).to have_key('hello')
+        expect(json['hello']).to eq('custom scope')
+      end
+
+      it 'raises an error when an protected endpoint without scopes is called without token ' do
+        expect { get '/protected_api/oauth2_dsl_custom_scope' }.to raise_exception(WineBouncer::Errors::OAuthUnauthorizedError)
+      end
+
+      it 'raises an error when token scopes do not match' do
+        expect { get '/protected_api/oauth2_dsl_custom_scope', nil, 'HTTP_AUTHORIZATION' => "Bearer #{token.token}" }.to raise_exception(WineBouncer::Errors::OAuthForbiddenError)
+      end
+    end
+
+    context 'public endpoint' do
+      it 'allows to call an unprotected endpoint without token' do
+        get '/protected_api/unprotected_endpoint'
+        expect(last_response.status).to eq(200)
+        json = JSON.parse(last_response.body)
+        expect(json).to have_key('hello')
+        expect(json['hello']).to eq('public oauth2 dsl')
+      end
+
+      it 'allows requests with tokens to public endpoints with tokens' do
+        expect { get '/protected_api/oauth2_protected_with_default_scopes', nil, 'HTTP_AUTHORIZATION' => "Bearer #{token.token}" }.not_to raise_error
+      end
+    end
   end
 
   context 'not_described_world' do

data/spec/intergration/oauth2_swagger_strategy_spec.rb

@@ -4,8 +4,9 @@ require 'json'
 describe Api::MountedSwaggerApiUnderTest, type: :api do
 
   let(:user) { FactoryGirl.create :user }
-  let(:token) { FactoryGirl.create :clientless_access_token, resource_owner_id: user.id, scopes: "public" }
-  let(:unscoped_token) { FactoryGirl.create :clientless_access_token, resource_owner_id: user.id, scopes: "" }
+  let(:token) { FactoryGirl.create :clientless_access_token, resource_owner_id: user.id, scopes: 'public' }
+  let(:unscoped_token) { FactoryGirl.create :clientless_access_token, resource_owner_id: user.id, scopes: '' }
+  let(:custom_scope) { FactoryGirl.create :clientless_access_token, resource_owner_id: user.id, scopes: 'custom_scope' } #not a default scope
 
 
   before (:example) do
@@ -82,7 +83,7 @@ describe Api::MountedSwaggerApiUnderTest, type: :api do
     end
   end
 
-  context 'oauth2_dsl' do
+  context 'oauth2 dsl' do
     it 'allows to call an protected endpoint without scopes' do
       get '/swagger_api/oauth2_dsl', nil, 'HTTP_AUTHORIZATION' => "Bearer #{token.token}"
 
@@ -90,12 +91,47 @@ describe Api::MountedSwaggerApiUnderTest, type: :api do
       json = JSON.parse(last_response.body)
       expect(json).to have_key('hello')
       expect(json['hello']).to eq('oauth2_dsl')
-
     end
 
     it 'raises an error when an protected endpoint without scopes is called without token ' do
       expect { get '/swagger_api/oauth2_dsl' }.to raise_exception(WineBouncer::Errors::OAuthUnauthorizedError)
     end
+
+    context 'without parameters' do
+      it 'accepts tokens with default scopes' do
+        get '/swagger_api/oauth2_dsl_default_scopes', nil, 'HTTP_AUTHORIZATION' => "Bearer #{token.token}"
+        expect(last_response.status).to eq(200)
+        json = JSON.parse(last_response.body)
+        expect(json).to have_key('hello')
+        expect(json['hello']).to eq('oauth dsl default scopes')
+      end
+
+      it 'raises an error when an protected endpoint without scopes is called without token ' do
+        expect { get '/swagger_api/oauth2_dsl_default_scopes' }.to raise_exception(WineBouncer::Errors::OAuthUnauthorizedError)
+      end
+
+      it 'raises an error when token scopes are not default scopes ' do
+        expect { get '/swagger_api/oauth2_dsl_default_scopes', nil, 'HTTP_AUTHORIZATION' => "Bearer #{custom_scope.token}" }.to raise_exception(WineBouncer::Errors::OAuthForbiddenError)
+      end
+    end
+
+    context 'custom scopes' do
+      it 'accepts tokens with default scopes' do
+        get '/swagger_api/oauth2_dsl_custom_scopes', nil, 'HTTP_AUTHORIZATION' => "Bearer #{custom_scope.token}"
+        expect(last_response.status).to eq(200)
+        json = JSON.parse(last_response.body)
+        expect(json).to have_key('hello')
+        expect(json['hello']).to eq('oauth dsl custom scopes')
+      end
+
+      it 'raises an error when an protected endpoint without scopes is called without token ' do
+        expect { get '/swagger_api/oauth2_dsl_custom_scopes' }.to raise_exception(WineBouncer::Errors::OAuthUnauthorizedError)
+      end
+
+      it 'raises an error when token scopes do not match' do
+        expect { get '/swagger_api/oauth2_dsl_custom_scopes', nil, 'HTTP_AUTHORIZATION' => "Bearer #{token.token}" }.to raise_exception(WineBouncer::Errors::OAuthForbiddenError)
+      end
+    end
   end
 
   context 'not_described_world' do

data/wine_bouncer.gemspec

@@ -17,8 +17,8 @@ Gem::Specification.new do |spec|
   spec.test_files    = spec.files.grep(%r{^(test|spec|features)/})
   spec.require_paths = ["lib"]
 
-  spec.add_runtime_dependency 'grape', '~> 0.8', '<= 0.11.0'
-  spec.add_runtime_dependency 'doorkeeper', '>= 1.4', '<= 2.1.1'
+  spec.add_runtime_dependency 'grape', '~> 0.8', '< 0.12'
+  spec.add_runtime_dependency 'doorkeeper', '>= 1.4', '< 2.2'
 
   spec.add_development_dependency "railties"
   spec.add_development_dependency "bundler", "~> 1.7"

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: wine_bouncer
 version: !ruby/object:Gem::Version
-  version: 0.3.0
+  version: 0.3.1
 platform: ruby
 authors:
 - Antek Drzewiecki
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2015-02-27 00:00:00.000000000 Z
+date: 2015-03-05 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: grape
@@ -17,9 +17,9 @@ dependencies:
     - - ~>
       - !ruby/object:Gem::Version
         version: '0.8'
-    - - <=
+    - - <
       - !ruby/object:Gem::Version
-        version: 0.11.0
+        version: '0.12'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
@@ -27,9 +27,9 @@ dependencies:
     - - ~>
       - !ruby/object:Gem::Version
         version: '0.8'
-    - - <=
+    - - <
       - !ruby/object:Gem::Version
-        version: 0.11.0
+        version: '0.12'
 - !ruby/object:Gem::Dependency
   name: doorkeeper
   requirement: !ruby/object:Gem::Requirement
@@ -37,9 +37,9 @@ dependencies:
     - - '>='
       - !ruby/object:Gem::Version
         version: '1.4'
-    - - <=
+    - - <
       - !ruby/object:Gem::Version
-        version: 2.1.1
+        version: '2.2'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
@@ -47,9 +47,9 @@ dependencies:
     - - '>='
       - !ruby/object:Gem::Version
         version: '1.4'
-    - - <=
+    - - <
       - !ruby/object:Gem::Version
-        version: 2.1.1
+        version: '2.2'
 - !ruby/object:Gem::Dependency
   name: railties
   requirement: !ruby/object:Gem::Requirement