Skip to content
This repository

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
  • 18 commits
  • 24 files changed
  • 0 comments
  • 3 contributors
Feb 29, 2012
David Frey Add destroy action to applications endpoint
Left model spec unfinished with a pending test to verify child records
are not orphaned.
6f3784f
Mar 09, 2012
Jaime Iniesta Fix typos in spec (exists, should exist) 0dff050
Jaime Iniesta Remove extra comma 86b2f6d
Jaime Iniesta TokensController responds with 401 unauthorized status if the token i…
…s not authorized

As seen on this commit by @epicagency , could not merge as it is mixed with other unwanted changes
epicagency@f3c7a77#diff-0
1edb15f
Mar 10, 2012
Jaime Iniesta Fix link to supported ruby versions 67e8056
Felipe Elias Philipp felipeelias Fix typo cff571b
Felipe Elias Philipp felipeelias Remove .gitkeep files 3dc3aba
Felipe Elias Philipp felipeelias Include spec folder in gem files. closes #55 48d5ade
Jaime Iniesta Destroy applications now destroys all access_grants and access_tokens…
… (not only the authorized ones) on cascade
c65536f
Jaime Iniesta Change _path redirections to _url redirections
When redirecting, the _url form of the route helper is preferred.
http://www.ruby-forum.com/topic/101346
ea3816b
Jaime Iniesta git ignore .rvmrc bf9642f
Mar 11, 2012
Felipe Elias Philipp felipeelias Merge pull request #65 from jaimeiniesta/fix_redirects
Change _path redirections to _url redirections
843b88e
Felipe Elias Philipp felipeelias Merge pull request #66 from jaimeiniesta/gitignores
git ignore .rvmrc
15eeb9a
Felipe Elias Philipp felipeelias Merge pull request #62 from jaimeiniesta/typos
Fix typos in spec (exists, should exist)
0bf3119
Mar 13, 2012
Felipe Elias Philipp felipeelias Merge remote-tracking branch 'jaimeiniesta/destroy_applications'
Fix conflicts with _path vs _url routes

Conflicts:
	lib/generators/doorkeeper/templates/initializer.rb
	spec/dummy/config/initializers/doorkeeper.rb
8e1f7f2
Felipe Elias Philipp felipeelias Merge pull request #63 from jaimeiniesta/response_status
TokensController responds with 401 unauthorized status if the token is n...
1107607
Felipe Elias Philipp felipeelias Remove application link in authorized app view
closes #61
e09c73e
Felipe Elias Philipp felipeelias Merge branch 'remove-app-link-in-authorized-apps' f5e520e

Showing 24 changed files with 83 additions and 36 deletions. Show diff stats Hide diff stats

  1. +1 0  .gitignore
  2. +6 0 app/controllers/doorkeeper/applications_controller.rb
  3. +1 1  app/controllers/doorkeeper/authorized_applications_controller.rb
  4. +1 1  app/controllers/doorkeeper/tokens_controller.rb
  5. +2 1  app/models/doorkeeper/application.rb
  6. +1 1  app/views/doorkeeper/applications/index.html.erb
  7. +1 2  app/views/doorkeeper/authorized_applications/index.html.erb
  8. +1 1  lib/doorkeeper/oauth/access_token_request.rb
  9. +2 2 lib/generators/doorkeeper/templates/initializer.rb
  10. +2 2 spec/controllers/applications_controller_spec.rb
  11. +2 2 spec/controllers/authorizations_controller_spec.rb
  12. +1 0  spec/controllers/tokens_controller_spec.rb
  13. +2 2 spec/dummy/config/initializers/doorkeeper.rb
  14. +17 0 spec/models/doorkeeper/application_spec.rb
  15. +22 0 spec/requests/applications/applications_request_spec.rb
  16. +2 2 spec/requests/endpoints/authorization_spec.rb
  17. +3 3 spec/requests/flows/authorization_code_errors_spec.rb
  18. +6 6 spec/requests/flows/authorization_code_spec.rb
  19. +1 1  spec/requests/flows/implicit_grant_errors_spec.rb
  20. +1 1  spec/requests/flows/implicit_grant_spec.rb
  21. +2 2 spec/requests/flows/skip_authorization_spec.rb
  22. +1 1  spec/requests/protected_resources/private_api_spec.rb
  23. +1 1  spec/support/helpers/authorization_request_helper.rb
  24. +4 4 spec/support/helpers/model_helper.rb
1  .gitignore
@@ -9,3 +9,4 @@ spec/dummy/tmp/
9 9 Gemfile.lock
10 10 gemfiles/*.lock
11 11 spec/generators/tmp
  12 +.rvmrc
6 app/controllers/doorkeeper/applications_controller.rb
@@ -31,5 +31,11 @@ def update
31 31 flash[:notice] = "Application updated" if @application.update_attributes(params[:application])
32 32 respond_with @application
33 33 end
  34 +
  35 + def destroy
  36 + @application = Application.find(params[:id])
  37 + flash[:notice] = "Application deleted" if @application.destroy
  38 + redirect_to applications_url
  39 + end
34 40 end
35 41 end
2  app/controllers/doorkeeper/authorized_applications_controller.rb
@@ -7,6 +7,6 @@ def index
7 7
8 8 def destroy
9 9 Doorkeeper::AccessToken.revoke_all_for params[:id], current_resource_owner
10   - redirect_to authorized_applications_path, :notice => "Application revoked."
  10 + redirect_to authorized_applications_url, :notice => "Application revoked."
11 11 end
12 12 end
2  app/controllers/doorkeeper/tokens_controller.rb
@@ -10,7 +10,7 @@ def create
10 10 if token.authorize
11 11 render :json => token.authorization
12 12 else
13   - render :json => token.error_response
  13 + render :json => token.error_response, :status => :unauthorized
14 14 end
15 15 end
16 16
3  app/models/doorkeeper/application.rb
@@ -4,7 +4,8 @@ class Application < ActiveRecord::Base
4 4
5 5 self.table_name = :oauth_applications
6 6
7   - has_many :access_grants
  7 + has_many :access_grants, :dependent => :destroy
  8 + has_many :access_tokens, :dependent => :destroy
8 9 has_many :authorized_tokens, :class_name => "AccessToken", :conditions => { :revoked_at => nil }
9 10 has_many :authorized_applications, :through => :authorized_tokens, :source => :application
10 11
2  app/views/doorkeeper/applications/index.html.erb
@@ -16,7 +16,7 @@
16 16 </thead>
17 17 <tbody>
18 18 <% @applications.each do |application| %>
19   - <tr>
  19 + <tr id="application_<%= application.id %>">
20 20 <td><%= link_to application.name, application %></td>
21 21 <td><%= application.redirect_uri %></td>
22 22 <td><%= link_to 'Edit', edit_application_path(application) %></td>
3  app/views/doorkeeper/authorized_applications/index.html.erb
@@ -15,12 +15,11 @@
15 15 <tbody>
16 16 <% @applications.each do |application| %>
17 17 <tr>
18   - <td><%= link_to application.name, application %></td>
  18 + <td><%= application.name %></td>
19 19 <td><%= application.created_at %></td>
20 20 <td><%= link_to 'Revoke', authorized_application_path(application), :confirm => 'Are you sure?', :method => :delete, :class => 'btn danger' %></td>
21 21 </tr>
22 22 <% end %>
23 23 </tbody>
24 24 </table>
25   -
26 25 </div>
2  lib/doorkeeper/oauth/access_token_request.rb
@@ -8,7 +8,7 @@ class AccessTokenRequest
8 8 :grant_type,
9 9 :code,
10 10 :redirect_uri,
11   - :refresh_token,
  11 + :refresh_token
12 12 ]
13 13
14 14 validate :attributes, :error => :invalid_request
4 lib/generators/doorkeeper/templates/initializer.rb
@@ -7,7 +7,7 @@
7 7 # If you want to use named routes from your app you need
8 8 # to call them on routes object eg.
9 9 # routes.new_user_session_path
10   - # e.g. User.find_by_id(session[:user_id]) || redirect_to(routes.new_user_session_path)
  10 + # e.g. User.find_by_id(session[:user_id]) || redirect_to(routes.new_user_session_url)
11 11 end
12 12
13 13 # If you want to restrict the access to the web interface for
@@ -18,7 +18,7 @@
18 18 # # If you want to use named routes from your app you need
19 19 # # to call them on routes object eg.
20 20 # # routes.new_admin_session_path
21   - # Admin.find_by_id(session[:admin_id]) || redirect_to(routes.new_admin_session_path)
  21 + # Admin.find_by_id(session[:admin_id]) || redirect_to(routes.new_admin_session_url)
22 22 # end
23 23
24 24 # Access token expiration time (default 2 hours)
4 spec/controllers/applications_controller_spec.rb
@@ -5,13 +5,13 @@ module Doorkeeper
5 5 context "when admin is not authenticated" do
6 6 before(:each) do
7 7 Doorkeeper.configuration.stub(:authenticate_admin => proc do
8   - redirect_to main_app.root_path
  8 + redirect_to main_app.root_url
9 9 end)
10 10 end
11 11
12 12 it "redirects as set in Doorkeeper.authenticate_admin" do
13 13 get :index, :use_route => :doorkeeper
14   - response.should redirect_to(controller.main_app.root_path)
  14 + response.should redirect_to(controller.main_app.root_url)
15 15 end
16 16 end
17 17 end
4 spec/controllers/authorizations_controller_spec.rb
@@ -55,7 +55,7 @@ def translated_error_message(key)
55 55
56 56 describe "POST #create with errors" do
57 57 before do
58   - scope_exist :public
  58 + scope_exists :public
59 59 post :create, :client_id => client.uid, :response_type => "token", :scope => "invalid", :redirect_uri => client.redirect_uri, :use_route => :doorkeeper
60 60 end
61 61
@@ -100,7 +100,7 @@ def translated_error_message(key)
100 100
101 101 describe "GET #new with errors" do
102 102 before do
103   - scope_exist :public
  103 + scope_exists :public
104 104 get :new, :client_id => client.uid, :response_type => "token", :scope => "invalid", :redirect_uri => client.redirect_uri, :use_route => :doorkeeper
105 105 end
106 106
1  spec/controllers/tokens_controller_spec.rb
@@ -28,6 +28,7 @@
28 28 it "returns the error response" do
29 29 token.should_receive(:error_response)
30 30 post :create, :use_route => :doorkeeper
  31 + response.status.should == 401
31 32 end
32 33 end
33 34 end
4 spec/dummy/config/initializers/doorkeeper.rb
@@ -6,7 +6,7 @@
6 6 # If you want to use named routes from your app you need
7 7 # to call them on routes object eg.
8 8 # routes.new_user_session_path
9   - # e.g. User.find_by_id(session[:user_id]) || redirect_to(routes.new_user_session_path)
  9 + # e.g. User.find_by_id(session[:user_id]) || redirect_to(routes.new_user_session_url)
10 10 User.find_by_id(session[:user_id]) || redirect_to(routes.root_url, :alert => "Needs sign in.")
11 11 end
12 12
@@ -18,7 +18,7 @@
18 18 # # If you want to use named routes from your app you need
19 19 # # to call them on routes object eg.
20 20 # # routes.new_admin_session_path
21   - # Admin.find_by_id(session[:admin_id]) || redirect_to(routes.new_admin_session_path)
  21 + # Admin.find_by_id(session[:admin_id]) || redirect_to(routes.new_admin_session_url)
22 22 # end
23 23
24 24 authorization_scopes do
17 spec/models/doorkeeper/application_spec.rb
@@ -68,6 +68,23 @@ module Doorkeeper
68 68 new_application.should_not be_valid
69 69 end
70 70
  71 + describe 'destroy related models on cascade' do
  72 + before(:each) do
  73 + new_application.save
  74 + end
  75 +
  76 + it 'should destroy its access grants' do
  77 + Factory(:access_grant, :application => new_application)
  78 + expect { new_application.destroy }.to change { Doorkeeper::AccessGrant.count }.by(-1)
  79 + end
  80 +
  81 + it 'should destroy its access tokens' do
  82 + Factory(:access_token, :application => new_application)
  83 + Factory(:access_token, :application => new_application, :revoked_at => Time.now)
  84 + expect { new_application.destroy }.to change { Doorkeeper::AccessToken.count }.by(-2)
  85 + end
  86 + end
  87 +
71 88 describe :authorized_for do
72 89 let(:resource_owner) { double(:resource_owner, :id => 10) }
73 90
22 spec/requests/applications/applications_request_spec.rb
@@ -68,3 +68,25 @@
68 68 i_should_see 'Whoops! Check your form for possible errors'
69 69 end
70 70 end
  71 +
  72 +feature 'Destroy application' do
  73 + background do
  74 + @app = Factory :application
  75 + end
  76 +
  77 + scenario 'deleting an application from list' do
  78 + visit "/oauth/applications"
  79 + i_should_see @app.name
  80 + within(:css, "tr#application_#{@app.id}") do
  81 + click_link "Destroy"
  82 + end
  83 + i_should_see "Application deleted"
  84 + i_should_not_see @app.name
  85 + end
  86 +
  87 + scenario 'deleting an application from show' do
  88 + visit "/oauth/applications/#{@app.id}"
  89 + click_link 'Remove'
  90 + i_should_see "Application deleted"
  91 + end
  92 +end
4 spec/requests/endpoints/authorization_spec.rb
@@ -38,8 +38,8 @@
38 38 background do
39 39 create_resource_owner
40 40 sign_in
41   - scope_exist :public, :default => true, :description => "Access your public data"
42   - scope_exist :write, :description => "Update your data"
  41 + scope_exists :public, :default => true, :description => "Access your public data"
  42 + scope_exists :write, :description => "Update your data"
43 43 end
44 44
45 45 scenario "displays default scopes when no scope was requested" do
6 spec/requests/flows/authorization_code_errors_spec.rb
@@ -9,7 +9,7 @@
9 9 end
10 10
11 11 after do
12   - access_grant_should_not_exists
  12 + access_grant_should_not_exist
13 13 end
14 14
15 15 scenario "redirects with :invalid_request error when :response_type is missing" do
@@ -66,7 +66,7 @@
66 66
67 67 context 'with scopes' do
68 68 background do
69   - scope_exist :write, :description => "Update your data"
  69 + scope_exists :write, :description => "Update your data"
70 70 end
71 71
72 72 scenario "redirects with :invalid_scope error when scope does not exists" do
@@ -102,7 +102,7 @@
102 102 scenario "returns :invalid_grant error for invalid grant code" do
103 103 post token_endpoint_url(:code => "invalid", :client => @client)
104 104
105   - access_token_should_not_exists
  105 + access_token_should_not_exist
106 106
107 107 should_not_have_json 'access_token'
108 108 should_have_json 'error', 'invalid_grant'
12 spec/requests/flows/authorization_code_spec.rb
@@ -12,7 +12,7 @@
12 12 visit authorization_endpoint_url(:client => @client)
13 13 click_on "Authorize"
14 14
15   - access_grant_should_exists_for(@client, @resource_owner)
  15 + access_grant_should_exist_for(@client, @resource_owner)
16 16
17 17 i_should_be_on_client_callback(@client)
18 18
@@ -62,7 +62,7 @@
62 62 authorization_code = Doorkeeper::AccessGrant.first.token
63 63 post token_endpoint_url(:code => authorization_code, :client => @client)
64 64
65   - access_token_should_exists_for(@client, @resource_owner)
  65 + access_token_should_exist_for(@client, @resource_owner)
66 66
67 67 should_not_have_json 'error'
68 68
@@ -75,14 +75,14 @@
75 75
76 76 context 'with scopes' do
77 77 background do
78   - scope_exist :public, :default => true, :description => "Access your public data"
79   - scope_exist :write, :description => "Update your data"
  78 + scope_exists :public, :default => true, :description => "Access your public data"
  79 + scope_exists :write, :description => "Update your data"
80 80 end
81 81
82 82 scenario 'resource owner authorizes the client with default scopes' do
83 83 visit authorization_endpoint_url(:client => @client)
84 84 click_on "Authorize"
85   - access_grant_should_exists_for(@client, @resource_owner)
  85 + access_grant_should_exist_for(@client, @resource_owner)
86 86 access_grant_should_have_scopes :public
87 87 end
88 88
@@ -99,7 +99,7 @@
99 99 authorization_code = Doorkeeper::AccessGrant.first.token
100 100 post token_endpoint_url(:code => authorization_code, :client => @client)
101 101
102   - access_token_should_exists_for(@client, @resource_owner)
  102 + access_token_should_exist_for(@client, @resource_owner)
103 103 access_token_should_have_scopes :public, :write
104 104 end
105 105
2  spec/requests/flows/implicit_grant_errors_spec.rb
@@ -9,7 +9,7 @@
9 9 end
10 10
11 11 after do
12   - access_token_should_not_exists
  12 + access_token_should_not_exist
13 13 end
14 14
15 15 [
2  spec/requests/flows/implicit_grant_spec.rb
@@ -12,7 +12,7 @@
12 12 visit authorization_endpoint_url(:client => @client, :response_type => 'token')
13 13 click_on "Authorize"
14 14
15   - access_token_should_exists_for @client, @resource_owner
  15 + access_token_should_exist_for @client, @resource_owner
16 16
17 17 i_should_be_on_client_callback @client
18 18 end
4 spec/requests/flows/skip_authorization_spec.rb
@@ -4,8 +4,8 @@
4 4 background do
5 5 config_is_set(:authenticate_resource_owner) { User.first || redirect_to('/sign_in') }
6 6 client_exists
7   - scope_exist :public, :default => true, :description => "Access your public data"
8   - scope_exist :write, :description => "Update your data"
  7 + scope_exists :public, :default => true, :description => "Access your public data"
  8 + scope_exists :write, :description => "Update your data"
9 9 end
10 10
11 11 context 'for previously authorized clients' do
2  spec/requests/protected_resources/private_api_spec.rb
@@ -27,7 +27,7 @@
27 27 end
28 28
29 29 scenario 'access token with no scopes' do
30   - scope_exist :admin, :description => "admin"
  30 + scope_exists :admin, :description => "admin"
31 31 @token.update_attribute :scopes, nil
32 32 with_access_token_header @token.token
33 33 visit '/full_protected_resources/1.json'
2  spec/support/helpers/authorization_request_helper.rb
@@ -8,7 +8,7 @@ def resource_owner_is_not_authenticated
8 8 Doorkeeper.configuration.instance_variable_set(:@authenticate_resource_owner, proc { redirect_to("/sign_in") })
9 9 end
10 10
11   - def scope_exist(*args)
  11 + def scope_exists(*args)
12 12 scopes = Doorkeeper.configuration.instance_variable_get(:@scopes) || Doorkeeper::Scopes.new
13 13 scopes.add(Doorkeeper::Scope.new(*args))
14 14 Doorkeeper.configuration.instance_variable_set(:@scopes, scopes)
8 spec/support/helpers/model_helper.rb
@@ -11,23 +11,23 @@ def authorization_code_exists(options = {})
11 11 @authorization = Factory(:access_grant, options)
12 12 end
13 13
14   - def access_grant_should_exists_for(client, resource_owner)
  14 + def access_grant_should_exist_for(client, resource_owner)
15 15 grant = Doorkeeper::AccessGrant.first
16 16 grant.application.should == client
17 17 grant.resource_owner_id == resource_owner.id
18 18 end
19 19
20   - def access_token_should_exists_for(client, resource_owner)
  20 + def access_token_should_exist_for(client, resource_owner)
21 21 grant = Doorkeeper::AccessToken.first
22 22 grant.application.should == client
23 23 grant.resource_owner_id == resource_owner.id
24 24 end
25 25
26   - def access_grant_should_not_exists
  26 + def access_grant_should_not_exist
27 27 Doorkeeper::AccessGrant.all.should be_empty
28 28 end
29 29
30   - def access_token_should_not_exists
  30 + def access_token_should_not_exist
31 31 Doorkeeper::AccessToken.all.should be_empty
32 32 end
33 33

No commit comments for this range

Something went wrong with that request. Please try again.