Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP

We’re showing branches in this repository, but you can also compare across forks.

base fork: jaimeiniesta/doorkeeper
...
head fork: jaimeiniesta/doorkeeper
  • 18 commits
  • 24 files changed
  • 0 commit comments
  • 3 contributors
Commits on Mar 01, 2012
David Frey Add destroy action to applications endpoint
Left model spec unfinished with a pending test to verify child records
are not orphaned.
6f3784f
Commits on Mar 09, 2012
Jaime Iniesta Fix typos in spec (exists, should exist) 0dff050
Jaime Iniesta Remove extra comma 86b2f6d
Jaime Iniesta TokensController responds with 401 unauthorized status if the token i…
…s not authorized

As seen on this commit by @epicagency , could not merge as it is mixed with other unwanted changes
epicagency@f3c7a77#diff-0
1edb15f
Commits on Mar 10, 2012
Jaime Iniesta Fix link to supported ruby versions 67e8056
Felipe Elias Philipp felipeelias Fix typo cff571b
Felipe Elias Philipp felipeelias Remove .gitkeep files 3dc3aba
Felipe Elias Philipp felipeelias Include spec folder in gem files. closes #55 48d5ade
Jaime Iniesta Destroy applications now destroys all access_grants and access_tokens…
… (not only the authorized ones) on cascade
c65536f
Jaime Iniesta Change _path redirections to _url redirections
When redirecting, the _url form of the route helper is preferred.
http://www.ruby-forum.com/topic/101346
ea3816b
Jaime Iniesta git ignore .rvmrc bf9642f
Commits on Mar 11, 2012
Felipe Elias Philipp felipeelias Merge pull request #65 from jaimeiniesta/fix_redirects
Change _path redirections to _url redirections
843b88e
Felipe Elias Philipp felipeelias Merge pull request #66 from jaimeiniesta/gitignores
git ignore .rvmrc
15eeb9a
Felipe Elias Philipp felipeelias Merge pull request #62 from jaimeiniesta/typos
Fix typos in spec (exists, should exist)
0bf3119
Commits on Mar 13, 2012
Felipe Elias Philipp felipeelias Merge remote-tracking branch 'jaimeiniesta/destroy_applications'
Fix conflicts with _path vs _url routes

Conflicts:
	lib/generators/doorkeeper/templates/initializer.rb
	spec/dummy/config/initializers/doorkeeper.rb
8e1f7f2
Felipe Elias Philipp felipeelias Merge pull request #63 from jaimeiniesta/response_status
TokensController responds with 401 unauthorized status if the token is n...
1107607
Felipe Elias Philipp felipeelias Remove application link in authorized app view
closes #61
e09c73e
Felipe Elias Philipp felipeelias Merge branch 'remove-app-link-in-authorized-apps' f5e520e
Showing with 83 additions and 36 deletions.
  1. +1 −0  .gitignore
  2. +6 −0 app/controllers/doorkeeper/applications_controller.rb
  3. +1 −1  app/controllers/doorkeeper/authorized_applications_controller.rb
  4. +1 −1  app/controllers/doorkeeper/tokens_controller.rb
  5. +2 −1  app/models/doorkeeper/application.rb
  6. +1 −1  app/views/doorkeeper/applications/index.html.erb
  7. +1 −2  app/views/doorkeeper/authorized_applications/index.html.erb
  8. +1 −1  lib/doorkeeper/oauth/access_token_request.rb
  9. +2 −2 lib/generators/doorkeeper/templates/initializer.rb
  10. +2 −2 spec/controllers/applications_controller_spec.rb
  11. +2 −2 spec/controllers/authorizations_controller_spec.rb
  12. +1 −0  spec/controllers/tokens_controller_spec.rb
  13. +2 −2 spec/dummy/config/initializers/doorkeeper.rb
  14. +17 −0 spec/models/doorkeeper/application_spec.rb
  15. +22 −0 spec/requests/applications/applications_request_spec.rb
  16. +2 −2 spec/requests/endpoints/authorization_spec.rb
  17. +3 −3 spec/requests/flows/authorization_code_errors_spec.rb
  18. +6 −6 spec/requests/flows/authorization_code_spec.rb
  19. +1 −1  spec/requests/flows/implicit_grant_errors_spec.rb
  20. +1 −1  spec/requests/flows/implicit_grant_spec.rb
  21. +2 −2 spec/requests/flows/skip_authorization_spec.rb
  22. +1 −1  spec/requests/protected_resources/private_api_spec.rb
  23. +1 −1  spec/support/helpers/authorization_request_helper.rb
  24. +4 −4 spec/support/helpers/model_helper.rb
1  .gitignore
View
@@ -9,3 +9,4 @@ spec/dummy/tmp/
Gemfile.lock
gemfiles/*.lock
spec/generators/tmp
+.rvmrc
6 app/controllers/doorkeeper/applications_controller.rb
View
@@ -31,5 +31,11 @@ def update
flash[:notice] = "Application updated" if @application.update_attributes(params[:application])
respond_with @application
end
+
+ def destroy
+ @application = Application.find(params[:id])
+ flash[:notice] = "Application deleted" if @application.destroy
+ redirect_to applications_url
+ end
end
end
2  app/controllers/doorkeeper/authorized_applications_controller.rb
View
@@ -7,6 +7,6 @@ def index
def destroy
Doorkeeper::AccessToken.revoke_all_for params[:id], current_resource_owner
- redirect_to authorized_applications_path, :notice => "Application revoked."
+ redirect_to authorized_applications_url, :notice => "Application revoked."
end
end
2  app/controllers/doorkeeper/tokens_controller.rb
View
@@ -10,7 +10,7 @@ def create
if token.authorize
render :json => token.authorization
else
- render :json => token.error_response
+ render :json => token.error_response, :status => :unauthorized
end
end
3  app/models/doorkeeper/application.rb
View
@@ -4,7 +4,8 @@ class Application < ActiveRecord::Base
self.table_name = :oauth_applications
- has_many :access_grants
+ has_many :access_grants, :dependent => :destroy
+ has_many :access_tokens, :dependent => :destroy
has_many :authorized_tokens, :class_name => "AccessToken", :conditions => { :revoked_at => nil }
has_many :authorized_applications, :through => :authorized_tokens, :source => :application
2  app/views/doorkeeper/applications/index.html.erb
View
@@ -16,7 +16,7 @@
</thead>
<tbody>
<% @applications.each do |application| %>
- <tr>
+ <tr id="application_<%= application.id %>">
<td><%= link_to application.name, application %></td>
<td><%= application.redirect_uri %></td>
<td><%= link_to 'Edit', edit_application_path(application) %></td>
3  app/views/doorkeeper/authorized_applications/index.html.erb
View
@@ -15,12 +15,11 @@
<tbody>
<% @applications.each do |application| %>
<tr>
- <td><%= link_to application.name, application %></td>
+ <td><%= application.name %></td>
<td><%= application.created_at %></td>
<td><%= link_to 'Revoke', authorized_application_path(application), :confirm => 'Are you sure?', :method => :delete, :class => 'btn danger' %></td>
</tr>
<% end %>
</tbody>
</table>
-
</div>
2  lib/doorkeeper/oauth/access_token_request.rb
View
@@ -8,7 +8,7 @@ class AccessTokenRequest
:grant_type,
:code,
:redirect_uri,
- :refresh_token,
+ :refresh_token
]
validate :attributes, :error => :invalid_request
4 lib/generators/doorkeeper/templates/initializer.rb
View
@@ -7,7 +7,7 @@
# If you want to use named routes from your app you need
# to call them on routes object eg.
# routes.new_user_session_path
- # e.g. User.find_by_id(session[:user_id]) || redirect_to(routes.new_user_session_path)
+ # e.g. User.find_by_id(session[:user_id]) || redirect_to(routes.new_user_session_url)
end
# If you want to restrict the access to the web interface for
@@ -18,7 +18,7 @@
# # If you want to use named routes from your app you need
# # to call them on routes object eg.
# # routes.new_admin_session_path
- # Admin.find_by_id(session[:admin_id]) || redirect_to(routes.new_admin_session_path)
+ # Admin.find_by_id(session[:admin_id]) || redirect_to(routes.new_admin_session_url)
# end
# Access token expiration time (default 2 hours)
4 spec/controllers/applications_controller_spec.rb
View
@@ -5,13 +5,13 @@ module Doorkeeper
context "when admin is not authenticated" do
before(:each) do
Doorkeeper.configuration.stub(:authenticate_admin => proc do
- redirect_to main_app.root_path
+ redirect_to main_app.root_url
end)
end
it "redirects as set in Doorkeeper.authenticate_admin" do
get :index, :use_route => :doorkeeper
- response.should redirect_to(controller.main_app.root_path)
+ response.should redirect_to(controller.main_app.root_url)
end
end
end
4 spec/controllers/authorizations_controller_spec.rb
View
@@ -55,7 +55,7 @@ def translated_error_message(key)
describe "POST #create with errors" do
before do
- scope_exist :public
+ scope_exists :public
post :create, :client_id => client.uid, :response_type => "token", :scope => "invalid", :redirect_uri => client.redirect_uri, :use_route => :doorkeeper
end
@@ -100,7 +100,7 @@ def translated_error_message(key)
describe "GET #new with errors" do
before do
- scope_exist :public
+ scope_exists :public
get :new, :client_id => client.uid, :response_type => "token", :scope => "invalid", :redirect_uri => client.redirect_uri, :use_route => :doorkeeper
end
1  spec/controllers/tokens_controller_spec.rb
View
@@ -28,6 +28,7 @@
it "returns the error response" do
token.should_receive(:error_response)
post :create, :use_route => :doorkeeper
+ response.status.should == 401
end
end
end
4 spec/dummy/config/initializers/doorkeeper.rb
View
@@ -6,7 +6,7 @@
# If you want to use named routes from your app you need
# to call them on routes object eg.
# routes.new_user_session_path
- # e.g. User.find_by_id(session[:user_id]) || redirect_to(routes.new_user_session_path)
+ # e.g. User.find_by_id(session[:user_id]) || redirect_to(routes.new_user_session_url)
User.find_by_id(session[:user_id]) || redirect_to(routes.root_url, :alert => "Needs sign in.")
end
@@ -18,7 +18,7 @@
# # If you want to use named routes from your app you need
# # to call them on routes object eg.
# # routes.new_admin_session_path
- # Admin.find_by_id(session[:admin_id]) || redirect_to(routes.new_admin_session_path)
+ # Admin.find_by_id(session[:admin_id]) || redirect_to(routes.new_admin_session_url)
# end
authorization_scopes do
17 spec/models/doorkeeper/application_spec.rb
View
@@ -68,6 +68,23 @@ module Doorkeeper
new_application.should_not be_valid
end
+ describe 'destroy related models on cascade' do
+ before(:each) do
+ new_application.save
+ end
+
+ it 'should destroy its access grants' do
+ Factory(:access_grant, :application => new_application)
+ expect { new_application.destroy }.to change { Doorkeeper::AccessGrant.count }.by(-1)
+ end
+
+ it 'should destroy its access tokens' do
+ Factory(:access_token, :application => new_application)
+ Factory(:access_token, :application => new_application, :revoked_at => Time.now)
+ expect { new_application.destroy }.to change { Doorkeeper::AccessToken.count }.by(-2)
+ end
+ end
+
describe :authorized_for do
let(:resource_owner) { double(:resource_owner, :id => 10) }
22 spec/requests/applications/applications_request_spec.rb
View
@@ -68,3 +68,25 @@
i_should_see 'Whoops! Check your form for possible errors'
end
end
+
+feature 'Destroy application' do
+ background do
+ @app = Factory :application
+ end
+
+ scenario 'deleting an application from list' do
+ visit "/oauth/applications"
+ i_should_see @app.name
+ within(:css, "tr#application_#{@app.id}") do
+ click_link "Destroy"
+ end
+ i_should_see "Application deleted"
+ i_should_not_see @app.name
+ end
+
+ scenario 'deleting an application from show' do
+ visit "/oauth/applications/#{@app.id}"
+ click_link 'Remove'
+ i_should_see "Application deleted"
+ end
+end
4 spec/requests/endpoints/authorization_spec.rb
View
@@ -38,8 +38,8 @@
background do
create_resource_owner
sign_in
- scope_exist :public, :default => true, :description => "Access your public data"
- scope_exist :write, :description => "Update your data"
+ scope_exists :public, :default => true, :description => "Access your public data"
+ scope_exists :write, :description => "Update your data"
end
scenario "displays default scopes when no scope was requested" do
6 spec/requests/flows/authorization_code_errors_spec.rb
View
@@ -9,7 +9,7 @@
end
after do
- access_grant_should_not_exists
+ access_grant_should_not_exist
end
scenario "redirects with :invalid_request error when :response_type is missing" do
@@ -66,7 +66,7 @@
context 'with scopes' do
background do
- scope_exist :write, :description => "Update your data"
+ scope_exists :write, :description => "Update your data"
end
scenario "redirects with :invalid_scope error when scope does not exists" do
@@ -102,7 +102,7 @@
scenario "returns :invalid_grant error for invalid grant code" do
post token_endpoint_url(:code => "invalid", :client => @client)
- access_token_should_not_exists
+ access_token_should_not_exist
should_not_have_json 'access_token'
should_have_json 'error', 'invalid_grant'
12 spec/requests/flows/authorization_code_spec.rb
View
@@ -12,7 +12,7 @@
visit authorization_endpoint_url(:client => @client)
click_on "Authorize"
- access_grant_should_exists_for(@client, @resource_owner)
+ access_grant_should_exist_for(@client, @resource_owner)
i_should_be_on_client_callback(@client)
@@ -62,7 +62,7 @@
authorization_code = Doorkeeper::AccessGrant.first.token
post token_endpoint_url(:code => authorization_code, :client => @client)
- access_token_should_exists_for(@client, @resource_owner)
+ access_token_should_exist_for(@client, @resource_owner)
should_not_have_json 'error'
@@ -75,14 +75,14 @@
context 'with scopes' do
background do
- scope_exist :public, :default => true, :description => "Access your public data"
- scope_exist :write, :description => "Update your data"
+ scope_exists :public, :default => true, :description => "Access your public data"
+ scope_exists :write, :description => "Update your data"
end
scenario 'resource owner authorizes the client with default scopes' do
visit authorization_endpoint_url(:client => @client)
click_on "Authorize"
- access_grant_should_exists_for(@client, @resource_owner)
+ access_grant_should_exist_for(@client, @resource_owner)
access_grant_should_have_scopes :public
end
@@ -99,7 +99,7 @@
authorization_code = Doorkeeper::AccessGrant.first.token
post token_endpoint_url(:code => authorization_code, :client => @client)
- access_token_should_exists_for(@client, @resource_owner)
+ access_token_should_exist_for(@client, @resource_owner)
access_token_should_have_scopes :public, :write
end
2  spec/requests/flows/implicit_grant_errors_spec.rb
View
@@ -9,7 +9,7 @@
end
after do
- access_token_should_not_exists
+ access_token_should_not_exist
end
[
2  spec/requests/flows/implicit_grant_spec.rb
View
@@ -12,7 +12,7 @@
visit authorization_endpoint_url(:client => @client, :response_type => 'token')
click_on "Authorize"
- access_token_should_exists_for @client, @resource_owner
+ access_token_should_exist_for @client, @resource_owner
i_should_be_on_client_callback @client
end
4 spec/requests/flows/skip_authorization_spec.rb
View
@@ -4,8 +4,8 @@
background do
config_is_set(:authenticate_resource_owner) { User.first || redirect_to('/sign_in') }
client_exists
- scope_exist :public, :default => true, :description => "Access your public data"
- scope_exist :write, :description => "Update your data"
+ scope_exists :public, :default => true, :description => "Access your public data"
+ scope_exists :write, :description => "Update your data"
end
context 'for previously authorized clients' do
2  spec/requests/protected_resources/private_api_spec.rb
View
@@ -27,7 +27,7 @@
end
scenario 'access token with no scopes' do
- scope_exist :admin, :description => "admin"
+ scope_exists :admin, :description => "admin"
@token.update_attribute :scopes, nil
with_access_token_header @token.token
visit '/full_protected_resources/1.json'
2  spec/support/helpers/authorization_request_helper.rb
View
@@ -8,7 +8,7 @@ def resource_owner_is_not_authenticated
Doorkeeper.configuration.instance_variable_set(:@authenticate_resource_owner, proc { redirect_to("/sign_in") })
end
- def scope_exist(*args)
+ def scope_exists(*args)
scopes = Doorkeeper.configuration.instance_variable_get(:@scopes) || Doorkeeper::Scopes.new
scopes.add(Doorkeeper::Scope.new(*args))
Doorkeeper.configuration.instance_variable_set(:@scopes, scopes)
8 spec/support/helpers/model_helper.rb
View
@@ -11,23 +11,23 @@ def authorization_code_exists(options = {})
@authorization = Factory(:access_grant, options)
end
- def access_grant_should_exists_for(client, resource_owner)
+ def access_grant_should_exist_for(client, resource_owner)
grant = Doorkeeper::AccessGrant.first
grant.application.should == client
grant.resource_owner_id == resource_owner.id
end
- def access_token_should_exists_for(client, resource_owner)
+ def access_token_should_exist_for(client, resource_owner)
grant = Doorkeeper::AccessToken.first
grant.application.should == client
grant.resource_owner_id == resource_owner.id
end
- def access_grant_should_not_exists
+ def access_grant_should_not_exist
Doorkeeper::AccessGrant.all.should be_empty
end
- def access_token_should_not_exists
+ def access_token_should_not_exist
Doorkeeper::AccessToken.all.should be_empty
end

No commit comments for this range

Something went wrong with that request. Please try again.