From fcc5e37cf33892403750579094a0895c63e7b666 Mon Sep 17 00:00:00 2001 From: Nikita Bulai Date: Wed, 26 Sep 2018 10:57:08 +0300 Subject: [PATCH] Fix code style issues --- .../doorkeeper/applications_controller.rb | 4 +- lib/doorkeeper/config.rb | 2 +- lib/doorkeeper/models/access_grant_mixin.rb | 6 +- lib/doorkeeper/models/access_token_mixin.rb | 4 +- lib/doorkeeper/rails/routes.rb | 9 +- .../applications_controller_spec.rb | 78 ++++++++-------- .../authorizations_controller_spec.rb | 89 +++++++++++++++---- .../protected_resources_controller_spec.rb | 3 +- spec/controllers/tokens_controller_spec.rb | 9 +- spec/dummy/Rakefile | 2 +- .../custom_authorizations_controller.rb | 2 +- spec/dummy/app/controllers/home_controller.rb | 3 +- spec/dummy/config.ru | 2 +- spec/dummy/config/application.rb | 2 +- spec/dummy/config/boot.rb | 6 +- spec/dummy/config/environment.rb | 2 +- spec/dummy/config/environments/test.rb | 2 +- spec/dummy/config/initializers/doorkeeper.rb | 3 +- .../initializers/new_framework_defaults.rb | 4 +- .../dummy/config/initializers/secret_token.rb | 2 +- ...20151223192035_create_doorkeeper_tables.rb | 8 +- ...20151223200000_add_owner_to_application.rb | 2 +- spec/dummy/script/rails | 7 +- spec/generators/install_generator_spec.rb | 5 +- spec/generators/templates/routes.rb | 1 - spec/generators/views_generator_spec.rb | 2 +- spec/lib/config_spec.rb | 24 ++--- spec/lib/doorkeeper_spec.rb | 10 +-- .../oauth/authorization_code_request_spec.rb | 15 ++-- spec/lib/oauth/base_request_spec.rb | 20 ++--- spec/lib/oauth/client/credentials_spec.rb | 4 +- .../oauth/client_credentials/issuer_spec.rb | 2 - .../client_credentials/validation_spec.rb | 3 +- .../client_credentials_integration_spec.rb | 2 +- spec/lib/oauth/code_request_spec.rb | 4 +- spec/lib/oauth/code_response_spec.rb | 2 +- spec/lib/oauth/helpers/scope_checker_spec.rb | 16 ++-- .../password_access_token_request_spec.rb | 22 +++-- spec/lib/oauth/refresh_token_request_spec.rb | 18 ++-- spec/lib/oauth/token_request_spec.rb | 10 +-- .../stale_records_cleaner_spec.rb | 6 +- spec/lib/server_spec.rb | 12 +-- spec/models/doorkeeper/access_token_spec.rb | 24 ++--- spec/models/doorkeeper/application_spec.rb | 8 +- .../applications/applications_request_spec.rb | 4 +- spec/requests/endpoints/authorization_spec.rb | 4 +- .../flows/authorization_code_errors_spec.rb | 2 +- .../requests/flows/authorization_code_spec.rb | 74 ++++++++++++--- .../flows/implicit_grant_errors_spec.rb | 4 +- spec/requests/flows/password_spec.rb | 8 +- spec/requests/flows/revoke_token_spec.rb | 18 ++-- .../protected_resources/private_api_spec.rb | 4 +- spec/support/helpers/model_helper.rb | 8 +- .../shared/controllers_shared_context.rb | 1 - .../validators/redirect_uri_validator_spec.rb | 4 +- 55 files changed, 359 insertions(+), 233 deletions(-) mode change 100644 => 100755 spec/dummy/Rakefile diff --git a/app/controllers/doorkeeper/applications_controller.rb b/app/controllers/doorkeeper/applications_controller.rb index 9b78d3494..550368271 100644 --- a/app/controllers/doorkeeper/applications_controller.rb +++ b/app/controllers/doorkeeper/applications_controller.rb @@ -77,8 +77,8 @@ def set_application end def application_params - params.require(:doorkeeper_application). - permit(:name, :redirect_uri, :scopes, :confidential) + params.require(:doorkeeper_application) + .permit(:name, :redirect_uri, :scopes, :confidential) end end end diff --git a/lib/doorkeeper/config.rb b/lib/doorkeeper/config.rb index 2e361d1d9..3c7ab71ae 100644 --- a/lib/doorkeeper/config.rb +++ b/lib/doorkeeper/config.rb @@ -177,7 +177,7 @@ def option(name, options = {}) value = if attribute_builder attribute_builder.new(&block).build else - block ? block : args.first + block || args.first end @config.instance_variable_set(:"@#{attribute}", value) diff --git a/lib/doorkeeper/models/access_grant_mixin.rb b/lib/doorkeeper/models/access_grant_mixin.rb index 3c1d189a7..2665db1bc 100644 --- a/lib/doorkeeper/models/access_grant_mixin.rb +++ b/lib/doorkeeper/models/access_grant_mixin.rb @@ -42,8 +42,8 @@ def by_token(token) def revoke_all_for(application_id, resource_owner, clock = Time) where(application_id: application_id, resource_owner_id: resource_owner.id, - revoked_at: nil). - update_all(revoked_at: clock.now.utc) + revoked_at: nil) + .update_all(revoked_at: clock.now.utc) end # Implements PKCE code_challenge encoding without base64 padding as described in the spec. @@ -78,7 +78,7 @@ def revoke_all_for(application_id, resource_owner, clock = Time) # # urlsafe_encode64(bin) # Returns the Base64-encoded version of bin. This method complies with - # “Base 64 Encoding with URL and Filename Safe Alphabet” in RFC 4648. + # "Base 64 Encoding with URL and Filename Safe Alphabet" in RFC 4648. # The alphabet uses '-' instead of '+' and '_' instead of '/'. # @param code_verifier [#to_s] a one time use value (any object that responds to `#to_s`) diff --git a/lib/doorkeeper/models/access_token_mixin.rb b/lib/doorkeeper/models/access_token_mixin.rb index 0bd4b1c24..71dcb611b 100644 --- a/lib/doorkeeper/models/access_token_mixin.rb +++ b/lib/doorkeeper/models/access_token_mixin.rb @@ -47,8 +47,8 @@ def by_refresh_token(refresh_token) def revoke_all_for(application_id, resource_owner, clock = Time) where(application_id: application_id, resource_owner_id: resource_owner.id, - revoked_at: nil). - update_all(revoked_at: clock.now.utc) + revoked_at: nil) + .update_all(revoked_at: clock.now.utc) end # Looking for not revoked Access Token with a matching set of scopes diff --git a/lib/doorkeeper/rails/routes.rb b/lib/doorkeeper/rails/routes.rb index 78715a7fe..a44b2df99 100644 --- a/lib/doorkeeper/rails/routes.rb +++ b/lib/doorkeeper/rails/routes.rb @@ -91,11 +91,16 @@ def token_info_routes(mapping) end def application_routes(mapping) - routes.resources :doorkeeper_applications, controller: mapping[:controllers], as: :applications, path: 'applications' + routes.resources :doorkeeper_applications, + controller: mapping[:controllers], + as: :applications, + path: 'applications' end def authorized_applications_routes(mapping) - routes.resources :authorized_applications, only: %i[index destroy], controller: mapping[:controllers] + routes.resources :authorized_applications, + only: %i[index destroy], + controller: mapping[:controllers] end end end diff --git a/spec/controllers/applications_controller_spec.rb b/spec/controllers/applications_controller_spec.rb index c18d934cb..664421acd 100644 --- a/spec/controllers/applications_controller_spec.rb +++ b/spec/controllers/applications_controller_spec.rb @@ -13,12 +13,12 @@ module Doorkeeper it 'creates an application' do expect do post :create, params: { - doorkeeper_application: { - name: 'Example', - redirect_uri: 'https://example.com' - }, format: :json - } - end.to change { Doorkeeper::Application.count } + doorkeeper_application: { + name: 'Example', + redirect_uri: 'https://example.com' + }, format: :json + } + end.to(change { Doorkeeper::Application.count }) expect(response).to be_successful @@ -31,11 +31,11 @@ module Doorkeeper it 'returns validation errors on wrong create params' do expect do post :create, params: { - doorkeeper_application: { - name: 'Example' - }, format: :json - } - end.not_to change { Doorkeeper::Application.count } + doorkeeper_application: { + name: 'Example' + }, format: :json + } + end.not_to(change { Doorkeeper::Application.count }) expect(response).to have_http_status(422) @@ -108,14 +108,13 @@ module Doorkeeper it 'does not create application' do expect do - post :create, - params: { - doorkeeper_application: { - name: 'Example', - redirect_uri: 'https://example.com' - } - } - end.not_to change { Doorkeeper::Application.count } + post :create, params: { + doorkeeper_application: { + name: 'Example', + redirect_uri: 'https://example.com' + } + } + end.not_to(change { Doorkeeper::Application.count }) end end @@ -139,13 +138,12 @@ module Doorkeeper it 'creates application' do expect do - post :create, - params: { - doorkeeper_application: { - name: 'Example', - redirect_uri: 'https://example.com' - } - } + post :create, params: { + doorkeeper_application: { + name: 'Example', + redirect_uri: 'https://example.com' + } + } end.to change { Doorkeeper::Application.count }.by(1) expect(response).to be_redirect @@ -153,27 +151,25 @@ module Doorkeeper it 'does not allow mass assignment of uid or secret' do application = FactoryBot.create(:application) - put :update, - params: { - id: application.id, - doorkeeper_application: { - uid: '1A2B3C4D', - secret: '1A2B3C4D' - } - } + put :update, params: { + id: application.id, + doorkeeper_application: { + uid: '1A2B3C4D', + secret: '1A2B3C4D' + } + } expect(application.reload.uid).not_to eq '1A2B3C4D' end it 'updates application' do application = FactoryBot.create(:application) - put :update, - params: { - id: application.id, doorkeeper_application: { - name: 'Example', - redirect_uri: 'https://example.com' - } - } + put :update, params: { + id: application.id, doorkeeper_application: { + name: 'Example', + redirect_uri: 'https://example.com' + } + } expect(application.reload.name).to eq 'Example' end diff --git a/spec/controllers/authorizations_controller_spec.rb b/spec/controllers/authorizations_controller_spec.rb index a05e746cc..a2d58c407 100644 --- a/spec/controllers/authorizations_controller_spec.rb +++ b/spec/controllers/authorizations_controller_spec.rb @@ -49,7 +49,7 @@ def translated_error_message(key) end it 'redirects to client redirect uri' do - expect(response.location).to match(%r{^#{client.redirect_uri}}) + expect(response.location).to match(/^#{client.redirect_uri}/) end it 'includes access token in fragment' do @@ -114,7 +114,13 @@ def translated_error_message(key) describe 'POST #create with errors' do before do default_scopes_exist :public - post :create, params: { client_id: client.uid, response_type: 'token', scope: 'invalid', redirect_uri: client.redirect_uri } + + post :create, params: { + client_id: client.uid, + response_type: 'token', + scope: 'invalid', + redirect_uri: client.redirect_uri + } end it 'redirects after authorization' do @@ -146,7 +152,13 @@ def translated_error_message(key) before do allow(Doorkeeper.configuration).to receive(:api_only).and_return(true) default_scopes_exist :public - post :create, params: { client_id: client.uid, response_type: 'token', scope: 'invalid', redirect_uri: client.redirect_uri } + + post :create, params: { + client_id: client.uid, + response_type: 'token', + scope: 'invalid', + redirect_uri: client.redirect_uri + } end let(:response_json_body) { JSON.parse(response.body) } @@ -182,7 +194,12 @@ def translated_error_message(key) allow(Doorkeeper.configuration).to receive(:reuse_access_token).and_return(true) access_token.save! - post :create, params: { client_id: client.uid, response_type: 'token', redirect_uri: client.redirect_uri } + + post :create, params: { + client_id: client.uid, + response_type: 'token', + redirect_uri: client.redirect_uri + } end it 'returns the existing access token in a fragment' do @@ -201,15 +218,21 @@ def translated_error_message(key) describe 'when successful' do after do - post :create, params: { client_id: client.uid, response_type: 'token', redirect_uri: client.redirect_uri } + post :create, params: { + client_id: client.uid, + response_type: 'token', + redirect_uri: client.redirect_uri + } end it 'should call :before_successful_authorization callback' do - expect(Doorkeeper.configuration).to receive_message_chain(:before_successful_authorization, :call).with(instance_of(described_class)) + expect(Doorkeeper.configuration) + .to receive_message_chain(:before_successful_authorization, :call).with(instance_of(described_class)) end it 'should call :after_successful_authorization callback' do - expect(Doorkeeper.configuration).to receive_message_chain(:after_successful_authorization, :call).with(instance_of(described_class)) + expect(Doorkeeper.configuration) + .to receive_message_chain(:after_successful_authorization, :call).with(instance_of(described_class)) end end @@ -233,13 +256,19 @@ def translated_error_message(key) allow(Doorkeeper.configuration).to receive(:skip_authorization).and_return(proc do true end) + client.update_attribute :redirect_uri, 'urn:ietf:wg:oauth:2.0:oob' - get :new, params: { client_id: client.uid, response_type: 'token', redirect_uri: client.redirect_uri } + + get :new, params: { + client_id: client.uid, + response_type: 'token', + redirect_uri: client.redirect_uri + } end it 'should redirect immediately' do expect(response).to be_redirect - expect(response.location).to match(/oauth\/token\/info\?access_token=/) + expect(response.location).to match(%r{/oauth/token/info\?access_token=}) end it 'should not issue a grant' do @@ -257,13 +286,20 @@ def translated_error_message(key) allow(Doorkeeper.configuration).to receive(:skip_authorization).and_return(proc do true end) + client.update_attribute :redirect_uri, 'urn:ietf:wg:oauth:2.0:oob' - get :new, params: { client_id: client.uid, response_type: 'code', redirect_uri: client.redirect_uri } + + get :new, params: { + client_id: client.uid, + response_type: 'code', + redirect_uri: client.redirect_uri + } end it 'should redirect immediately' do expect(response).to be_redirect - expect(response.location).to match(/oauth\/authorize\/native\?code=#{Doorkeeper::AccessGrant.first.token}/) + expect(response.location) + .to match(%r{/oauth/authorize/native\?code=#{Doorkeeper::AccessGrant.first.token}}) end it 'should issue a grant' do @@ -280,12 +316,17 @@ def translated_error_message(key) allow(Doorkeeper.configuration).to receive(:skip_authorization).and_return(proc do true end) - get :new, params: { client_id: client.uid, response_type: 'token', redirect_uri: client.redirect_uri } + + get :new, params: { + client_id: client.uid, + response_type: 'token', + redirect_uri: client.redirect_uri + } end it 'should redirect immediately' do expect(response).to be_redirect - expect(response.location).to match(%r{^#{client.redirect_uri}}) + expect(response.location).to match(/^#{client.redirect_uri}/) end it 'should issue a token' do @@ -312,7 +353,12 @@ def translated_error_message(key) describe 'GET #new in API mode' do before do allow(Doorkeeper.configuration).to receive(:api_only).and_return(true) - get :new, params: { client_id: client.uid, response_type: 'token', redirect_uri: client.redirect_uri } + + get :new, params: { + client_id: client.uid, + response_type: 'token', + redirect_uri: client.redirect_uri + } end it 'should render success' do @@ -337,7 +383,11 @@ def translated_error_message(key) allow(Doorkeeper.configuration).to receive(:skip_authorization).and_return(proc { true }) allow(Doorkeeper.configuration).to receive(:api_only).and_return(true) - get :new, params: { client_id: client.uid, response_type: 'token', redirect_uri: client.redirect_uri } + get :new, params: { + client_id: client.uid, + response_type: 'token', + redirect_uri: client.redirect_uri + } end it 'should render success' do @@ -405,7 +455,8 @@ def translated_error_message(key) end it 'includes error description in body' do - expect(response_json_body['error_description']).to eq(translated_error_message(:unsupported_response_type)) + expect(response_json_body['error_description']) + .to eq(translated_error_message(:unsupported_response_type)) end it 'does not issue any token' do @@ -426,11 +477,13 @@ def translated_error_message(key) end it 'should call :before_successful_authorization callback' do - expect(Doorkeeper.configuration).to receive_message_chain(:before_successful_authorization, :call).with(instance_of(described_class)) + expect(Doorkeeper.configuration) + .to receive_message_chain(:before_successful_authorization, :call).with(instance_of(described_class)) end it 'should call :after_successful_authorization callback' do - expect(Doorkeeper.configuration).to receive_message_chain(:after_successful_authorization, :call).with(instance_of(described_class)) + expect(Doorkeeper.configuration) + .to receive_message_chain(:after_successful_authorization, :call).with(instance_of(described_class)) end end diff --git a/spec/controllers/protected_resources_controller_spec.rb b/spec/controllers/protected_resources_controller_spec.rb index 48456dad1..d2fa5fc16 100644 --- a/spec/controllers/protected_resources_controller_spec.rb +++ b/spec/controllers/protected_resources_controller_spec.rb @@ -157,8 +157,7 @@ def doorkeeper_unauthorized_render_options(error: nil) module ControllerActions remove_method :doorkeeper_unauthorized_render_options - def doorkeeper_unauthorized_render_options(error: nil) - end + def doorkeeper_unauthorized_render_options(error: nil); end end end diff --git a/spec/controllers/tokens_controller_spec.rb b/spec/controllers/tokens_controller_spec.rb index d87a32b17..e7bb9e4a8 100644 --- a/spec/controllers/tokens_controller_spec.rb +++ b/spec/controllers/tokens_controller_spec.rb @@ -4,7 +4,6 @@ describe 'when authorization has succeeded' do let(:token) { double(:token, authorize: true) } - it 'returns the authorization' do skip 'verify need of these specs' @@ -30,12 +29,12 @@ it 'returns the error response with a custom message' do # I18n looks for `doorkeeper.errors.messages.custom_message` in locale files custom_message = "my_message" - allow(I18n).to receive(:translate). - with( + allow(I18n).to receive(:translate) + .with( custom_message, hash_including(scope: %i[doorkeeper errors messages]) - ). - and_return('Authorization custom message') + ) + .and_return('Authorization custom message') doorkeeper_error = Doorkeeper::Errors::DoorkeeperError.new(custom_message) diff --git a/spec/dummy/Rakefile b/spec/dummy/Rakefile old mode 100644 new mode 100755 index 36458522c..0b210da1b --- a/spec/dummy/Rakefile +++ b/spec/dummy/Rakefile @@ -2,6 +2,6 @@ # Add your own tasks in files placed in lib/tasks ending in .rake, # for example lib/tasks/capistrano.rake, and they will automatically be available to Rake. -require File.expand_path('../config/application', __FILE__) +require File.expand_path('config/application', __dir__) Dummy::Application.load_tasks diff --git a/spec/dummy/app/controllers/custom_authorizations_controller.rb b/spec/dummy/app/controllers/custom_authorizations_controller.rb index b490d27ce..467e26eb2 100644 --- a/spec/dummy/app/controllers/custom_authorizations_controller.rb +++ b/spec/dummy/app/controllers/custom_authorizations_controller.rb @@ -1,5 +1,5 @@ class CustomAuthorizationsController < ::ApplicationController - %w(index show new create edit update destroy).each do |action| + %w[index show new create edit update destroy].each do |action| define_method action do render nothing: true end diff --git a/spec/dummy/app/controllers/home_controller.rb b/spec/dummy/app/controllers/home_controller.rb index bce67de58..1d50a4e81 100644 --- a/spec/dummy/app/controllers/home_controller.rb +++ b/spec/dummy/app/controllers/home_controller.rb @@ -1,6 +1,5 @@ class HomeController < ApplicationController - def index - end + def index; end def sign_in session[:user_id] = if Rails.env.development? diff --git a/spec/dummy/config.ru b/spec/dummy/config.ru index 1989ed8d0..cbd74159c 100644 --- a/spec/dummy/config.ru +++ b/spec/dummy/config.ru @@ -1,4 +1,4 @@ # This file is used by Rack-based servers to start the application. -require ::File.expand_path('../config/environment', __FILE__) +require ::File.expand_path('../config/environment', __FILE__) run Dummy::Application diff --git a/spec/dummy/config/application.rb b/spec/dummy/config/application.rb index 581121dbd..9a6024cd4 100644 --- a/spec/dummy/config/application.rb +++ b/spec/dummy/config/application.rb @@ -1,4 +1,4 @@ -require File.expand_path('../boot', __FILE__) +require File.expand_path('boot', __dir__) require 'rails/all' diff --git a/spec/dummy/config/boot.rb b/spec/dummy/config/boot.rb index b3aa1b088..e288efb04 100644 --- a/spec/dummy/config/boot.rb +++ b/spec/dummy/config/boot.rb @@ -2,8 +2,6 @@ require 'bundler/setup' orm = ENV['BUNDLE_GEMFILE'].match(/Gemfile\.(.+)\.rb/) -unless defined?(DOORKEEPER_ORM) - DOORKEEPER_ORM = (orm && orm[1]) || :active_record -end +DOORKEEPER_ORM = (orm && orm[1]) || :active_record unless defined?(DOORKEEPER_ORM) -$LOAD_PATH.unshift File.expand_path('../../../../lib', __FILE__) +$LOAD_PATH.unshift File.expand_path('../../../lib', __dir__) diff --git a/spec/dummy/config/environment.rb b/spec/dummy/config/environment.rb index df3006d34..ad9dd149d 100644 --- a/spec/dummy/config/environment.rb +++ b/spec/dummy/config/environment.rb @@ -1,5 +1,5 @@ # Load the rails application -require File.expand_path('../application', __FILE__) +require File.expand_path('application', __dir__) # Initialize the rails application Rails.application.initialize! diff --git a/spec/dummy/config/environments/test.rb b/spec/dummy/config/environments/test.rb index 8cf703af5..a0783f18c 100644 --- a/spec/dummy/config/environments/test.rb +++ b/spec/dummy/config/environments/test.rb @@ -24,7 +24,7 @@ config.action_dispatch.show_exceptions = false # Disable request forgery protection in test environment - config.action_controller.allow_forgery_protection = false + config.action_controller.allow_forgery_protection = false # Tell Action Mailer not to deliver emails to the real world. # The :test delivery method accumulates sent emails in the diff --git a/spec/dummy/config/initializers/doorkeeper.rb b/spec/dummy/config/initializers/doorkeeper.rb index c058d1502..2b84ffaa2 100644 --- a/spec/dummy/config/initializers/doorkeeper.rb +++ b/spec/dummy/config/initializers/doorkeeper.rb @@ -64,7 +64,8 @@ # access_token_methods :from_bearer_authorization, :from_access_token_param, :from_bearer_param # Change the native redirect uri for client apps - # When clients register with the following redirect uri, they won't be redirected to any server and the authorization code will be displayed within the provider + # When clients register with the following redirect uri, they won't be redirected to any server and + # the authorization code will be displayed within the provider # The value can be any string. Use nil to disable this feature. When disabled, clients must provide a valid URL # (Similar behaviour: https://developers.google.com/accounts/docs/OAuth2InstalledApp#choosingredirecturi) # diff --git a/spec/dummy/config/initializers/new_framework_defaults.rb b/spec/dummy/config/initializers/new_framework_defaults.rb index 7e2cdf1bc..585b6f380 100644 --- a/spec/dummy/config/initializers/new_framework_defaults.rb +++ b/spec/dummy/config/initializers/new_framework_defaults.rb @@ -4,7 +4,5 @@ if Rails::VERSION::MAJOR >= 5 Rails.application.config.active_record.belongs_to_required_by_default = true - if Rails::VERSION::MINOR >= 2 - Rails.application.config.active_record.sqlite3.represent_boolean_as_integer = true - end + Rails.application.config.active_record.sqlite3.represent_boolean_as_integer = true if Rails::VERSION::MINOR >= 2 end diff --git a/spec/dummy/config/initializers/secret_token.rb b/spec/dummy/config/initializers/secret_token.rb index c15d6e2fd..446146935 100644 --- a/spec/dummy/config/initializers/secret_token.rb +++ b/spec/dummy/config/initializers/secret_token.rb @@ -5,4 +5,4 @@ # Make sure the secret is at least 30 characters and all random, # no regular words or you'll be exposed to dictionary attacks. Dummy::Application.config.secret_key_base = - 'c00157b5a1bb6181792f0f4a8a080485de7bab9987e6cf159dc74c4f0573345c1bfa713b5d756e1491fc0b098567e8a619e2f8d268eda86a20a720d05d633780' + 'c00157b5a1bb6181792f0f4a8a080485de7bab9987e6cf159' diff --git a/spec/dummy/db/migrate/20151223192035_create_doorkeeper_tables.rb b/spec/dummy/db/migrate/20151223192035_create_doorkeeper_tables.rb index 91bdbf507..5a834d324 100644 --- a/spec/dummy/db/migrate/20151223192035_create_doorkeeper_tables.rb +++ b/spec/dummy/db/migrate/20151223192035_create_doorkeeper_tables.rb @@ -28,7 +28,7 @@ def change add_foreign_key( :oauth_access_grants, :oauth_applications, - column: :application_id, + column: :application_id ) create_table :oauth_access_tokens do |t| @@ -41,12 +41,12 @@ def change # https://github.com/doorkeeper-gem/doorkeeper/tree/v3.0.0.rc1#custom-access-token-generator # # t.text :token, null: false - t.string :token, null: false + t.string :token, null: false t.string :refresh_token t.integer :expires_in t.datetime :revoked_at - t.datetime :created_at, null: false + t.datetime :created_at, null: false t.string :scopes end @@ -56,7 +56,7 @@ def change add_foreign_key( :oauth_access_tokens, :oauth_applications, - column: :application_id, + column: :application_id ) end end diff --git a/spec/dummy/db/migrate/20151223200000_add_owner_to_application.rb b/spec/dummy/db/migrate/20151223200000_add_owner_to_application.rb index d4eda38df..3d4ce48bf 100644 --- a/spec/dummy/db/migrate/20151223200000_add_owner_to_application.rb +++ b/spec/dummy/db/migrate/20151223200000_add_owner_to_application.rb @@ -4,6 +4,6 @@ class AddOwnerToApplication < ActiveRecord::Migration[4.2] def change add_column :oauth_applications, :owner_id, :integer, null: true add_column :oauth_applications, :owner_type, :string, null: true - add_index :oauth_applications, [:owner_id, :owner_type] + add_index :oauth_applications, %i[owner_id owner_type] end end diff --git a/spec/dummy/script/rails b/spec/dummy/script/rails index f8da2cffd..77e73a1dd 100755 --- a/spec/dummy/script/rails +++ b/spec/dummy/script/rails @@ -1,6 +1,7 @@ #!/usr/bin/env ruby -# This command will automatically be run when you run "rails" with Rails 3 gems installed from the root of your application. +# This command will automatically be run when you run "rails" with Rails 3 gems +# installed from the root of your application. -APP_PATH = File.expand_path('../../config/application', __FILE__) -require File.expand_path('../../config/boot', __FILE__) +APP_PATH = File.expand_path('../config/application', __dir__) +require File.expand_path('../config/boot', __dir__) require 'rails/commands' diff --git a/spec/generators/install_generator_spec.rb b/spec/generators/install_generator_spec.rb index 4a4ecf989..892e2fdaa 100644 --- a/spec/generators/install_generator_spec.rb +++ b/spec/generators/install_generator_spec.rb @@ -12,7 +12,10 @@ prepare_destination FileUtils.mkdir(::File.expand_path('config', Pathname(destination_root))) FileUtils.mkdir(::File.expand_path('db', Pathname(destination_root))) - FileUtils.copy_file(::File.expand_path('../templates/routes.rb', __FILE__), ::File.expand_path('config/routes.rb', Pathname.new(destination_root))) + FileUtils.copy_file( + ::File.expand_path('../templates/routes.rb', __FILE__), + ::File.expand_path('config/routes.rb', Pathname.new(destination_root)) + ) run_generator end diff --git a/spec/generators/templates/routes.rb b/spec/generators/templates/routes.rb index 9240ef45e..1daf9a412 100644 --- a/spec/generators/templates/routes.rb +++ b/spec/generators/templates/routes.rb @@ -1,3 +1,2 @@ Rails.application.routes.draw do - end diff --git a/spec/generators/views_generator_spec.rb b/spec/generators/views_generator_spec.rb index 1f9484449..2df555e7a 100644 --- a/spec/generators/views_generator_spec.rb +++ b/spec/generators/views_generator_spec.rb @@ -5,7 +5,7 @@ include GeneratorSpec::TestCase tests Doorkeeper::Generators::ViewsGenerator - destination File.expand_path('../tmp/dummy', __FILE__) + destination File.expand_path('tmp/dummy', __dir__) before :each do prepare_destination diff --git a/spec/lib/config_spec.rb b/spec/lib/config_spec.rb index fb85cbc2d..d45addbab 100644 --- a/spec/lib/config_spec.rb +++ b/spec/lib/config_spec.rb @@ -179,10 +179,10 @@ context "is enabled" do before do - Doorkeeper.configure { + Doorkeeper.configure do orm DOORKEEPER_ORM use_refresh_token - } + end end it "includes 'refresh_token' in authorization_response_types" do @@ -208,7 +208,8 @@ describe 'client_credentials' do it 'has defaults order' do - expect(subject.client_credentials_methods).to eq([:from_basic, :from_params]) + expect(subject.client_credentials_methods) + .to eq(%i[from_basic from_params]) end it 'can change the value' do @@ -217,7 +218,8 @@ client_credentials :from_digest, :from_params end - expect(subject.client_credentials_methods).to eq([:from_digest, :from_params]) + expect(subject.client_credentials_methods) + .to eq(%i[from_digest from_params]) end end @@ -249,7 +251,8 @@ describe 'access_token_methods' do it 'has defaults order' do - expect(subject.access_token_methods).to eq([:from_bearer_authorization, :from_access_token_param, :from_bearer_param]) + expect(subject.access_token_methods) + .to eq(%i[from_bearer_authorization from_access_token_param from_bearer_param]) end it 'can change the value' do @@ -258,7 +261,8 @@ access_token_methods :from_access_token_param, :from_bearer_param end - expect(subject.access_token_methods).to eq([:from_access_token_param, :from_bearer_param]) + expect(subject.access_token_methods) + .to eq(%i[from_access_token_param from_bearer_param]) end end @@ -336,8 +340,8 @@ describe "grant_flows" do it "is set to all grant flows by default" do - expect(Doorkeeper.configuration.grant_flows). - to eq(%w[authorization_code client_credentials]) + expect(Doorkeeper.configuration.grant_flows) + .to eq(%w[authorization_code client_credentials]) end it "can change the value" do @@ -514,10 +518,10 @@ expect(Doorkeeper.configuration.handle_auth_errors).to eq(:render) end it 'can change the value' do - Doorkeeper.configure { + Doorkeeper.configure do orm DOORKEEPER_ORM handle_auth_errors :raise - } + end expect(subject.handle_auth_errors).to eq(:raise) end end diff --git a/spec/lib/doorkeeper_spec.rb b/spec/lib/doorkeeper_spec.rb index 2d216101c..59808a5f3 100644 --- a/spec/lib/doorkeeper_spec.rb +++ b/spec/lib/doorkeeper_spec.rb @@ -7,17 +7,17 @@ it "calls OAuth::Token#authenticate" do token_strategies = Doorkeeper.configuration.access_token_methods - expect(Doorkeeper::OAuth::Token).to receive(:authenticate). - with(request, *token_strategies) + expect(Doorkeeper::OAuth::Token).to receive(:authenticate) + .with(request, *token_strategies) Doorkeeper.authenticate(request) end it "accepts custom token strategies" do - token_strategies = [:first_way, :second_way] + token_strategies = %i[first_way second_way] - expect(Doorkeeper::OAuth::Token).to receive(:authenticate). - with(request, *token_strategies) + expect(Doorkeeper::OAuth::Token).to receive(:authenticate) + .with(request, *token_strategies) Doorkeeper.authenticate(request, token_strategies) end diff --git a/spec/lib/oauth/authorization_code_request_spec.rb b/spec/lib/oauth/authorization_code_request_spec.rb index 09ed2c211..f8cb6c00e 100644 --- a/spec/lib/oauth/authorization_code_request_spec.rb +++ b/spec/lib/oauth/authorization_code_request_spec.rb @@ -25,7 +25,7 @@ module Doorkeeper::OAuth subject.authorize end.to change { client.reload.access_tokens.count }.by(1) - expect(client.reload.access_tokens.sort_by(&:created_at).last.expires_in).to eq(1234) + expect(client.reload.access_tokens.max_by(&:created_at).expires_in).to eq(1234) end it "issues the token with same grant's scopes" do @@ -34,7 +34,7 @@ module Doorkeeper::OAuth end it 'revokes the grant' do - expect { subject.authorize }.to change { grant.reload.accessible? } + expect { subject.authorize }.to(change { grant.reload.accessible? }) end it 'requires the grant to be accessible' do @@ -83,14 +83,17 @@ module Doorkeeper::OAuth end FactoryBot.create(:access_token, application_id: client.id, - resource_owner_id: grant.resource_owner_id, scopes: grant.scopes.to_s) + resource_owner_id: grant.resource_owner_id, scopes: grant.scopes.to_s) - expect { subject.authorize }.to_not change { Doorkeeper::AccessToken.count } + expect { subject.authorize }.to_not(change { Doorkeeper::AccessToken.count }) end it "calls configured request callback methods" do - expect(Doorkeeper.configuration.before_successful_strategy_response).to receive(:call).with(subject).once - expect(Doorkeeper.configuration.after_successful_strategy_response).to receive(:call).with(subject, instance_of(Doorkeeper::OAuth::TokenResponse)).once + expect(Doorkeeper.configuration.before_successful_strategy_response) + .to receive(:call).with(subject).once + expect(Doorkeeper.configuration.after_successful_strategy_response) + .to receive(:call).with(subject, instance_of(Doorkeeper::OAuth::TokenResponse)).once + subject.authorize end diff --git a/spec/lib/oauth/base_request_spec.rb b/spec/lib/oauth/base_request_spec.rb index d78aaa79b..b54735795 100644 --- a/spec/lib/oauth/base_request_spec.rb +++ b/spec/lib/oauth/base_request_spec.rb @@ -4,13 +4,13 @@ module Doorkeeper::OAuth describe BaseRequest do let(:access_token) do double :access_token, - token: "some-token", - expires_in: "3600", - expires_in_seconds: "300", - scopes_string: "two scopes", - refresh_token: "some-refresh-token", - token_type: "bearer", - created_at: 0 + token: "some-token", + expires_in: "3600", + expires_in_seconds: "300", + scopes_string: "two scopes", + refresh_token: "some-refresh-token", + token_type: "bearer", + created_at: 0 end let(:client) { double :client, id: '1' } @@ -19,9 +19,9 @@ module Doorkeeper::OAuth let(:server) do double :server, - access_token_expires_in: 100, - custom_access_token_expires_in: ->(_context) { nil }, - refresh_token_enabled?: false + access_token_expires_in: 100, + custom_access_token_expires_in: ->(_context) { nil }, + refresh_token_enabled?: false end subject do diff --git a/spec/lib/oauth/client/credentials_spec.rb b/spec/lib/oauth/client/credentials_spec.rb index b1731e964..8e866beb7 100644 --- a/spec/lib/oauth/client/credentials_spec.rb +++ b/spec/lib/oauth/client/credentials_spec.rb @@ -16,7 +16,7 @@ class Doorkeeper::OAuth::Client let(:request) { double.as_null_object } let(:method) do - ->(_request) { ['uid', 'secret'] } + ->(_request) { %w[uid secret] } end it 'accepts anything that responds to #call' do @@ -77,7 +77,7 @@ class Doorkeeper::OAuth::Client end it 'is blank if Authorization is not Basic' do - request = double authorization: "#{credentials}" + request = double authorization: credentials.to_s uid, secret = Credentials.from_basic(request) expect(uid).to be_blank diff --git a/spec/lib/oauth/client_credentials/issuer_spec.rb b/spec/lib/oauth/client_credentials/issuer_spec.rb index 67ba5f35b..a5af450a1 100644 --- a/spec/lib/oauth/client_credentials/issuer_spec.rb +++ b/spec/lib/oauth/client_credentials/issuer_spec.rb @@ -73,8 +73,6 @@ class Doorkeeper::OAuth::ClientCredentialsRequest custom_ttl_scope elsif context.grant_type == Doorkeeper::OAuth::CLIENT_CREDENTIALS custom_ttl_grant - else - nil end } ) diff --git a/spec/lib/oauth/client_credentials/validation_spec.rb b/spec/lib/oauth/client_credentials/validation_spec.rb index e306d2dbc..2ea525a56 100644 --- a/spec/lib/oauth/client_credentials/validation_spec.rb +++ b/spec/lib/oauth/client_credentials/validation_spec.rb @@ -23,7 +23,8 @@ class Doorkeeper::OAuth::ClientCredentialsRequest server_scopes = Doorkeeper::OAuth::Scopes.from_string 'email' allow(server).to receive(:scopes).and_return(server_scopes) allow(request).to receive(:scopes).and_return( - Doorkeeper::OAuth::Scopes.from_string 'invalid') + Doorkeeper::OAuth::Scopes.from_string('invalid') + ) expect(subject).not_to be_valid end diff --git a/spec/lib/oauth/client_credentials_integration_spec.rb b/spec/lib/oauth/client_credentials_integration_spec.rb index e7854dc61..588d0e4b7 100644 --- a/spec/lib/oauth/client_credentials_integration_spec.rb +++ b/spec/lib/oauth/client_credentials_integration_spec.rb @@ -20,7 +20,7 @@ module Doorkeeper::OAuth request = ClientCredentialsRequest.new(server, nil, {}) expect do request.authorize - end.to_not change { Doorkeeper::AccessToken.count } + end.to_not(change { Doorkeeper::AccessToken.count }) end end end diff --git a/spec/lib/oauth/code_request_spec.rb b/spec/lib/oauth/code_request_spec.rb index b5b43fc0a..c242b5edd 100644 --- a/spec/lib/oauth/code_request_spec.rb +++ b/spec/lib/oauth/code_request_spec.rb @@ -12,7 +12,7 @@ module Doorkeeper::OAuth error: nil, authorizable?: true, code_challenge: nil, - code_challenge_method: nil, + code_challenge_method: nil ) end @@ -34,7 +34,7 @@ module Doorkeeper::OAuth it 'does not create grant when not authorizable' do allow(pre_auth).to receive(:authorizable?).and_return(false) - expect { subject.authorize }.not_to change { Doorkeeper::AccessGrant.count } + expect { subject.authorize }.not_to(change { Doorkeeper::AccessGrant.count }) end it 'returns a error response' do diff --git a/spec/lib/oauth/code_response_spec.rb b/spec/lib/oauth/code_response_spec.rb index 3261a7a7f..57882f8e2 100644 --- a/spec/lib/oauth/code_response_spec.rb +++ b/spec/lib/oauth/code_response_spec.rb @@ -11,7 +11,7 @@ module OAuth client: double(:application, id: 1), redirect_uri: 'http://tst.com/cb', state: nil, - scopes: Scopes.from_string('public'), + scopes: Scopes.from_string('public') ) end diff --git a/spec/lib/oauth/helpers/scope_checker_spec.rb b/spec/lib/oauth/helpers/scope_checker_spec.rb index f21b1a9fc..895eb5199 100644 --- a/spec/lib/oauth/helpers/scope_checker_spec.rb +++ b/spec/lib/oauth/helpers/scope_checker_spec.rb @@ -43,18 +43,18 @@ module Doorkeeper::OAuth::Helpers it 'is valid if scope is included in the application scope list' do expect(ScopeChecker.valid?( - 'app123', - server_scopes, - application_scopes - )).to be_truthy + 'app123', + server_scopes, + application_scopes + )).to be_truthy end it 'is invalid if any scope is not included in the application' do expect(ScopeChecker.valid?( - 'svr', - server_scopes, - application_scopes - )).to be_falsey + 'svr', + server_scopes, + application_scopes + )).to be_falsey end end end diff --git a/spec/lib/oauth/password_access_token_request_spec.rb b/spec/lib/oauth/password_access_token_request_spec.rb index c14f45586..f2eabc47c 100644 --- a/spec/lib/oauth/password_access_token_request_spec.rb +++ b/spec/lib/oauth/password_access_token_request_spec.rb @@ -24,7 +24,8 @@ module Doorkeeper::OAuth expect do subject.authorize end.to change { client.reload.access_tokens.count }.by(1) - expect(client.reload.access_tokens.sort_by(&:created_at).last.expires_in).to eq(1234) + + expect(client.reload.access_tokens.max_by(&:created_at).expires_in).to eq(1234) end it 'issues a new token without a client' do @@ -39,7 +40,7 @@ module Doorkeeper::OAuth subject.client = nil subject.parameters = { client_id: 'bad_id' } subject.authorize - end.to_not change { Doorkeeper::AccessToken.count } + end.not_to(change { Doorkeeper::AccessToken.count }) expect(subject.error).to eq(:invalid_client) end @@ -57,6 +58,7 @@ module Doorkeeper::OAuth it 'creates token even when there is already one (default)' do FactoryBot.create(:access_token, application_id: client.id, resource_owner_id: owner.id) + expect do subject.authorize end.to change { Doorkeeper::AccessToken.count }.by(1) @@ -65,14 +67,19 @@ module Doorkeeper::OAuth it 'skips token creation if there is already one' do allow(Doorkeeper.configuration).to receive(:reuse_access_token).and_return(true) FactoryBot.create(:access_token, application_id: client.id, resource_owner_id: owner.id) + expect do subject.authorize - end.to_not change { Doorkeeper::AccessToken.count } + end.not_to(change { Doorkeeper::AccessToken.count }) end it "calls configured request callback methods" do - expect(Doorkeeper.configuration.before_successful_strategy_response).to receive(:call).with(subject).once - expect(Doorkeeper.configuration.after_successful_strategy_response).to receive(:call).with(subject, instance_of(Doorkeeper::OAuth::TokenResponse)).once + expect(Doorkeeper.configuration.before_successful_strategy_response) + .to receive(:call).with(subject).once + + expect(Doorkeeper.configuration.after_successful_strategy_response) + .to receive(:call).with(subject, instance_of(Doorkeeper::OAuth::TokenResponse)).once + subject.authorize end @@ -92,6 +99,7 @@ module Doorkeeper::OAuth expect do subject.authorize end.to change { Doorkeeper::AccessToken.count }.by(1) + expect(Doorkeeper::AccessToken.last.scopes).to include('public') end end @@ -112,18 +120,22 @@ module Doorkeeper::OAuth it 'checks scopes' do subject = PasswordAccessTokenRequest.new(server, client, owner, scope: 'public') allow(server).to receive(:scopes).and_return(Doorkeeper::OAuth::Scopes.from_string('public')) + expect do subject.authorize end.to change { Doorkeeper::AccessToken.count }.by(1) + expect(Doorkeeper::AccessToken.last.expires_in).to eq(222) end it 'falls back to the default otherwise' do subject = PasswordAccessTokenRequest.new(server, client, owner, scope: 'private') allow(server).to receive(:scopes).and_return(Doorkeeper::OAuth::Scopes.from_string('private')) + expect do subject.authorize end.to change { Doorkeeper::AccessToken.count }.by(1) + expect(Doorkeeper::AccessToken.last.expires_in).to eq(2.hours) end end diff --git a/spec/lib/oauth/refresh_token_request_spec.rb b/spec/lib/oauth/refresh_token_request_spec.rb index be0c5008a..0305145fb 100644 --- a/spec/lib/oauth/refresh_token_request_spec.rb +++ b/spec/lib/oauth/refresh_token_request_spec.rb @@ -24,7 +24,7 @@ module Doorkeeper::OAuth it 'issues a new token for the client' do expect { subject.authorize }.to change { client.reload.access_tokens.count }.by(1) # #sort_by used for MongoDB ORM extensions for valid ordering - expect(client.reload.access_tokens.sort_by(&:created_at).last.expires_in).to eq(120) + expect(client.reload.access_tokens.max_by(&:created_at).expires_in).to eq(120) end it 'issues a new token for the client with custom expires_in' do @@ -39,7 +39,7 @@ module Doorkeeper::OAuth RefreshTokenRequest.new(server, refresh_token, credentials).authorize # #sort_by used for MongoDB ORM extensions for valid ordering - expect(client.reload.access_tokens.sort_by(&:created_at).last.expires_in).to eq(1234) + expect(client.reload.access_tokens.max_by(&:created_at).expires_in).to eq(1234) end it 'revokes the previous token' do @@ -47,8 +47,12 @@ module Doorkeeper::OAuth end it "calls configured request callback methods" do - expect(Doorkeeper.configuration.before_successful_strategy_response).to receive(:call).with(subject).once - expect(Doorkeeper.configuration.after_successful_strategy_response).to receive(:call).with(subject, instance_of(Doorkeeper::OAuth::TokenResponse)).once + expect(Doorkeeper.configuration.before_successful_strategy_response) + .to receive(:call).with(subject).once + + expect(Doorkeeper.configuration.after_successful_strategy_response) + .to receive(:call).with(subject, instance_of(Doorkeeper::OAuth::TokenResponse)).once + subject.authorize end @@ -109,7 +113,7 @@ module Doorkeeper::OAuth subject.authorize expect( # #sort_by used for MongoDB ORM extensions for valid ordering - client.access_tokens.sort_by(&:created_at).last.previous_refresh_token + client.access_tokens.max_by(&:created_at).previous_refresh_token ).to eq(refresh_token.refresh_token) end end @@ -127,8 +131,8 @@ module Doorkeeper::OAuth context 'with scopes' do let(:refresh_token) do FactoryBot.create :access_token, - use_refresh_token: true, - scopes: 'public write' + use_refresh_token: true, + scopes: 'public write' end let(:parameters) { {} } subject { RefreshTokenRequest.new server, refresh_token, credentials, parameters } diff --git a/spec/lib/oauth/token_request_spec.rb b/spec/lib/oauth/token_request_spec.rb index 0a9546567..fa72eb734 100644 --- a/spec/lib/oauth/token_request_spec.rb +++ b/spec/lib/oauth/token_request_spec.rb @@ -3,7 +3,7 @@ module Doorkeeper::OAuth describe TokenRequest do let :application do - FactoryBot.create(:application, scopes: "public") + FactoryBot.create(:application, scopes: 'public') end let :pre_auth do @@ -38,7 +38,7 @@ module Doorkeeper::OAuth it 'does not create token when not authorizable' do allow(pre_auth).to receive(:authorizable?).and_return(false) - expect { subject.authorize }.not_to change { Doorkeeper::AccessToken.count } + expect { subject.authorize }.not_to(change { Doorkeeper::AccessToken.count }) end it 'returns a error response' do @@ -74,7 +74,7 @@ module Doorkeeper::OAuth it 'creates a new token if scopes do not match' do allow(Doorkeeper.configuration).to receive(:reuse_access_token).and_return(true) FactoryBot.create(:access_token, application_id: pre_auth.client.id, - resource_owner_id: owner.id, scopes: '') + resource_owner_id: owner.id, scopes: '') expect do subject.authorize end.to change { Doorkeeper::AccessToken.count }.by(1) @@ -86,9 +86,9 @@ module Doorkeeper::OAuth allow(application.scopes).to receive(:all?).and_return(true) FactoryBot.create(:access_token, application_id: pre_auth.client.id, - resource_owner_id: owner.id, scopes: 'public') + resource_owner_id: owner.id, scopes: 'public') - expect { subject.authorize }.not_to change { Doorkeeper::AccessToken.count } + expect { subject.authorize }.not_to(change { Doorkeeper::AccessToken.count }) end end end diff --git a/spec/lib/orm/active_record/stale_records_cleaner_spec.rb b/spec/lib/orm/active_record/stale_records_cleaner_spec.rb index 78ba1b608..981dabd66 100644 --- a/spec/lib/orm/active_record/stale_records_cleaner_spec.rb +++ b/spec/lib/orm/active_record/stale_records_cleaner_spec.rb @@ -34,7 +34,7 @@ end it 'keeps the record' do - expect { subject }.not_to change { model.count } + expect { subject }.not_to(change { model.count }) end end @@ -44,7 +44,7 @@ end it 'keeps the record' do - expect { subject }.not_to change { model.count } + expect { subject }.not_to(change { model.count }) end end end @@ -70,7 +70,7 @@ end it 'keeps the record' do - expect { subject }.not_to change { model.count } + expect { subject }.not_to(change { model.count }) end end end diff --git a/spec/lib/server_spec.rb b/spec/lib/server_spec.rb index e69503bfc..1f006c223 100644 --- a/spec/lib/server_spec.rb +++ b/spec/lib/server_spec.rb @@ -22,9 +22,9 @@ context 'when only Authorization Code strategy is enabled' do before do - allow(Doorkeeper.configuration). - to receive(:grant_flows). - and_return(['authorization_code']) + allow(Doorkeeper.configuration) + .to receive(:grant_flows) + .and_return(['authorization_code']) end it 'raises error when using the disabled Implicit strategy' do @@ -47,9 +47,9 @@ end it 'builds the request with composite strategy name' do - allow(Doorkeeper.configuration). - to receive(:authorization_response_types). - and_return(['id_token token']) + allow(Doorkeeper.configuration) + .to receive(:authorization_response_types) + .and_return(['id_token token']) stub_const 'Doorkeeper::Request::IdTokenToken', fake_class expect(fake_class).to receive(:new).with(subject) diff --git a/spec/models/doorkeeper/access_token_spec.rb b/spec/models/doorkeeper/access_token_spec.rb index f50487b46..6f41c6520 100644 --- a/spec/models/doorkeeper/access_token_spec.rb +++ b/spec/models/doorkeeper/access_token_spec.rb @@ -13,8 +13,7 @@ module Doorkeeper end module CustomGeneratorArgs - def self.generate - end + def self.generate; end end describe :generate_token do @@ -42,7 +41,7 @@ def self.generate(opts = {}) end token = FactoryBot.create :access_token - expect(token.token).to match(%r{custom_generator_token_\d+}) + expect(token.token).to match(/custom_generator_token_\d+/) end it 'allows the custom generator to access the application details' do @@ -62,7 +61,7 @@ def self.generate(opts = {}) end token = FactoryBot.create :access_token - expect(token.token).to match(%r{custom_generator_token_Application \d+}) + expect(token.token).to match(/custom_generator_token_Application \d+/) end it 'allows the custom generator to access the scopes' do @@ -214,9 +213,7 @@ def self.generate(_opts = {}) end describe '#same_credential?' do - context 'with default parameters' do - let(:resource_owner_id) { 100 } let(:application) { FactoryBot.create :application } let(:default_attributes) do @@ -233,7 +230,11 @@ def self.generate(_opts = {}) context 'the second token has same owner and different app' do let(:other_application) { FactoryBot.create :application } - let(:access_token2) { FactoryBot.create :access_token, application: other_application, resource_owner_id: resource_owner_id } + let(:access_token2) do + FactoryBot.create :access_token, + application: other_application, + resource_owner_id: resource_owner_id + end it 'fail' do expect(access_token1.same_credential?(access_token2)).to be_falsey @@ -241,9 +242,10 @@ def self.generate(_opts = {}) end context 'the second token has different owner and different app' do - let(:other_application) { FactoryBot.create :application } - let(:access_token2) { FactoryBot.create :access_token, application: other_application, resource_owner_id: 42 } + let(:access_token2) do + FactoryBot.create :access_token, application: other_application, resource_owner_id: 42 + end it 'fail' do expect(access_token1.same_credential?(access_token2)).to be_falsey @@ -251,7 +253,9 @@ def self.generate(_opts = {}) end context 'the second token has different owner and same app' do - let(:access_token2) { FactoryBot.create :access_token, application: application, resource_owner_id: 42 } + let(:access_token2) do + FactoryBot.create :access_token, application: application, resource_owner_id: 42 + end it 'fail' do expect(access_token1.same_credential?(access_token2)).to be_falsey diff --git a/spec/models/doorkeeper/application_spec.rb b/spec/models/doorkeeper/application_spec.rb index ad2c7e926..5237c5ae6 100644 --- a/spec/models/doorkeeper/application_spec.rb +++ b/spec/models/doorkeeper/application_spec.rb @@ -210,10 +210,10 @@ module Doorkeeper it 'revokes all access tokens and access grants' do application_id = 42 resource_owner = double - expect(Doorkeeper::AccessToken). - to receive(:revoke_all_for).with(application_id, resource_owner) - expect(Doorkeeper::AccessGrant). - to receive(:revoke_all_for).with(application_id, resource_owner) + expect(Doorkeeper::AccessToken) + .to receive(:revoke_all_for).with(application_id, resource_owner) + expect(Doorkeeper::AccessGrant) + .to receive(:revoke_all_for).with(application_id, resource_owner) Application.revoke_tokens_and_grants_for(application_id, resource_owner) end diff --git a/spec/requests/applications/applications_request_spec.rb b/spec/requests/applications/applications_request_spec.rb index ddc5baeed..5c375a42c 100644 --- a/spec/requests/applications/applications_request_spec.rb +++ b/spec/requests/applications/applications_request_spec.rb @@ -62,7 +62,7 @@ scenario "adding app validating scope, multiple scopes configured" do config_is_set("enforce_configured_scopes", true) - scopes = Doorkeeper::OAuth::Scopes.from_array(%w(read write admin)) + scopes = Doorkeeper::OAuth::Scopes.from_array(%w[read write admin]) config_is_set("optional_scopes", scopes) fill_in "doorkeeper_application[name]", with: "My Application" @@ -77,7 +77,7 @@ scenario "adding app validating scope, bad scope with multiple scopes configured" do config_is_set("enforce_configured_scopes", true) - scopes = Doorkeeper::OAuth::Scopes.from_array(%w(read write admin)) + scopes = Doorkeeper::OAuth::Scopes.from_array(%w[read write admin]) config_is_set("optional_scopes", scopes) fill_in "doorkeeper_application[name]", with: "My Application" diff --git a/spec/requests/endpoints/authorization_spec.rb b/spec/requests/endpoints/authorization_spec.rb index 5112e8a68..8384f55a6 100644 --- a/spec/requests/endpoints/authorization_spec.rb +++ b/spec/requests/endpoints/authorization_spec.rb @@ -60,11 +60,11 @@ scenario 'raises exception on forged requests' do allowing_forgery_protection do - expect { + expect do page.driver.post authorization_endpoint_url(client_id: @client.uid, redirect_uri: @client.redirect_uri, response_type: 'code') - }.to raise_error(ActionController::InvalidAuthenticityToken) + end.to raise_error(ActionController::InvalidAuthenticityToken) end end end diff --git a/spec/requests/flows/authorization_code_errors_spec.rb b/spec/requests/flows/authorization_code_errors_spec.rb index b8a9951a9..d3738c81b 100644 --- a/spec/requests/flows/authorization_code_errors_spec.rb +++ b/spec/requests/flows/authorization_code_errors_spec.rb @@ -57,7 +57,7 @@ # Second attempt with same token expect do post token_endpoint_url(code: @authorization.token, client: @client) - end.to_not change { Doorkeeper::AccessToken.count } + end.to_not(change { Doorkeeper::AccessToken.count }) should_not_have_json 'access_token' should_have_json 'error', 'invalid_grant' diff --git a/spec/requests/flows/authorization_code_spec.rb b/spec/requests/flows/authorization_code_spec.rb index 3f124b9d7..5730abf9d 100644 --- a/spec/requests/flows/authorization_code_spec.rb +++ b/spec/requests/flows/authorization_code_spec.rb @@ -91,7 +91,11 @@ let(:code_verifier) { 'a45a9fea-0676-477e-95b1-a40f72ac3cfb' } scenario 'resource owner authorizes the client with code_challenge parameter set' do - visit authorization_endpoint_url(client: @client, code_challenge: code_challenge, code_challenge_method: 'plain') + visit authorization_endpoint_url( + client: @client, + code_challenge: code_challenge, + code_challenge_method: 'plain' + ) click_on 'Authorize' url_should_have_param('code', Doorkeeper::AccessGrant.first.token) @@ -110,7 +114,11 @@ end scenario 'mobile app requests an access token with authorization code and plain code challenge method' do - visit authorization_endpoint_url(client: @client, code_challenge: code_challenge, code_challenge_method: 'plain') + visit authorization_endpoint_url( + client: @client, + code_challenge: code_challenge, + code_challenge_method: 'plain' + ) click_on 'Authorize' authorization_code = current_params['code'] @@ -144,7 +152,11 @@ let(:code_verifier) { 'a45a9fea-0676-477e-95b1-a40f72ac3cfb' } scenario 'resource owner authorizes the client with code_challenge parameter set' do - visit authorization_endpoint_url(client: @client, code_challenge: code_challenge, code_challenge_method: 'S256') + visit authorization_endpoint_url( + client: @client, + code_challenge: code_challenge, + code_challenge_method: 'S256' + ) click_on 'Authorize' url_should_have_param('code', Doorkeeper::AccessGrant.first.token) @@ -153,7 +165,11 @@ end scenario 'mobile app requests an access token with authorization code and S256 code challenge method' do - visit authorization_endpoint_url(client: @client, code_challenge: code_challenge, code_challenge_method: 'S256') + visit authorization_endpoint_url( + client: @client, + code_challenge: code_challenge, + code_challenge_method: 'S256' + ) click_on 'Authorize' authorization_code = current_params['code'] @@ -169,7 +185,11 @@ end scenario 'mobile app requests an access token with authorization code and without code_verifier' do - visit authorization_endpoint_url(client: @client, code_challenge: code_challenge, code_challenge_method: 'S256') + visit authorization_endpoint_url( + client: @client, + code_challenge: code_challenge, + code_challenge_method: 'S256' + ) click_on 'Authorize' authorization_code = current_params['code'] create_access_token authorization_code, @client @@ -178,7 +198,11 @@ end scenario 'mobile app requests an access token with authorization code and without secret' do - visit authorization_endpoint_url(client: @client, code_challenge: code_challenge, code_challenge_method: 'S256') + visit authorization_endpoint_url( + client: @client, + code_challenge: code_challenge, + code_challenge_method: 'S256' + ) click_on 'Authorize' authorization_code = current_params['code'] @@ -194,8 +218,12 @@ click_on 'Authorize' authorization_code = current_params['code'] - page.driver.post token_endpoint_url(code: authorization_code, client_id: @client.uid, - redirect_uri: @client.redirect_uri, code_verifier: code_verifier) + page.driver.post token_endpoint_url( + code: authorization_code, + client_id: @client.uid, + redirect_uri: @client.redirect_uri, + code_verifier: code_verifier + ) should_not_have_json 'error' should_have_json 'access_token', Doorkeeper::AccessToken.first.token @@ -204,7 +232,11 @@ end scenario 'mobile app requests an access token with authorization code but no code verifier' do - visit authorization_endpoint_url(client: @client, code_challenge: code_challenge, code_challenge_method: 'S256') + visit authorization_endpoint_url( + client: @client, + code_challenge: code_challenge, + code_challenge_method: 'S256' + ) click_on 'Authorize' authorization_code = current_params['code'] @@ -215,7 +247,11 @@ end scenario 'mobile app requests an access token with authorization code with wrong verifier' do - visit authorization_endpoint_url(client: @client, code_challenge: code_challenge, code_challenge_method: 'S256') + visit authorization_endpoint_url( + client: @client, + code_challenge: code_challenge, + code_challenge_method: 'S256' + ) click_on 'Authorize' authorization_code = current_params['code'] @@ -226,12 +262,20 @@ end scenario 'code_challenge_mehthod in token request is totally ignored' do - visit authorization_endpoint_url(client: @client, code_challenge: code_challenge, code_challenge_method: 'S256') + visit authorization_endpoint_url( + client: @client, + code_challenge: code_challenge, + code_challenge_method: 'S256' + ) click_on 'Authorize' authorization_code = current_params['code'] - page.driver.post token_endpoint_url(code: authorization_code, client: @client, code_verifier: code_challenge, - code_challenge_method: 'plain') + page.driver.post token_endpoint_url( + code: authorization_code, + client: @client, + code_verifier: code_challenge, + code_challenge_method: 'plain' + ) should_not_have_json 'access_token' should_have_json 'error', 'invalid_grant' @@ -338,6 +382,7 @@ orm DOORKEEPER_ORM use_refresh_token end + client_exists end @@ -348,7 +393,8 @@ it 'second of simultaneous client requests get an error for revoked acccess token' do authorization_code = Doorkeeper::AccessGrant.first.token - allow_any_instance_of(Doorkeeper::AccessGrant).to receive(:revoked?).and_return(false, true) + allow_any_instance_of(Doorkeeper::AccessGrant) + .to receive(:revoked?).and_return(false, true) post token_endpoint_url(code: authorization_code, client: @client) diff --git a/spec/requests/flows/implicit_grant_errors_spec.rb b/spec/requests/flows/implicit_grant_errors_spec.rb index e879c85ff..082a461db 100644 --- a/spec/requests/flows/implicit_grant_errors_spec.rb +++ b/spec/requests/flows/implicit_grant_errors_spec.rb @@ -14,8 +14,8 @@ end [ - [:client_id, :invalid_client], - [:redirect_uri, :invalid_redirect_uri] + %i[client_id invalid_client], + %i[redirect_uri invalid_redirect_uri] ].each do |error| scenario "displays #{error.last} error for invalid #{error.first}" do visit authorization_endpoint_url(client: @client, error.first => 'invalid', response_type: 'token') diff --git a/spec/requests/flows/password_spec.rb b/spec/requests/flows/password_spec.rb index 93c6e6840..776f50cbb 100644 --- a/spec/requests/flows/password_spec.rb +++ b/spec/requests/flows/password_spec.rb @@ -57,7 +57,11 @@ context "when client_secret incorrect" do it "should not issue new token" do expect do - post password_token_endpoint_url(client_id: @client.uid, client_secret: 'foobar', resource_owner: @resource_owner) + post password_token_endpoint_url( + client_id: @client.uid, + client_secret: 'foobar', + resource_owner: @resource_owner + ) end.not_to(change { Doorkeeper::AccessToken.count }) expect(response).not_to be_ok @@ -148,7 +152,7 @@ it 'issues new token without any scope' do expect do - post password_token_endpoint_url(client: @client, resource_owner: @resource_owner) + post password_token_endpoint_url(client: @client, resource_owner: @resource_owner) end.to change { Doorkeeper::AccessToken.count }.by(1) token = Doorkeeper::AccessToken.first diff --git a/spec/requests/flows/revoke_token_spec.rb b/spec/requests/flows/revoke_token_spec.rb index 2434ccc3d..d4ae77d07 100644 --- a/spec/requests/flows/revoke_token_spec.rb +++ b/spec/requests/flows/revoke_token_spec.rb @@ -10,9 +10,9 @@ let(:resource_owner) { User.create!(name: 'John', password: 'sekret') } let(:access_token) do FactoryBot.create(:access_token, - application: client_application, - resource_owner_id: resource_owner.id, - use_refresh_token: true) + application: client_application, + resource_owner_id: resource_owner.id, + use_refresh_token: true) end context 'with authenticated, confidential OAuth 2.0 client/application' do @@ -103,9 +103,9 @@ context 'with public OAuth 2.0 client/application' do let(:access_token) do FactoryBot.create(:access_token, - application: nil, - resource_owner_id: resource_owner.id, - use_refresh_token: true) + application: nil, + resource_owner_id: resource_owner.id, + use_refresh_token: true) end it 'should revoke the access token provided' do @@ -129,9 +129,9 @@ context 'with a valid token issued for a confidential client' do let(:access_token) do FactoryBot.create(:access_token, - application: client_application, - resource_owner_id: resource_owner.id, - use_refresh_token: true) + application: client_application, + resource_owner_id: resource_owner.id, + use_refresh_token: true) end it 'should not revoke the access token provided' do diff --git a/spec/requests/protected_resources/private_api_spec.rb b/spec/requests/protected_resources/private_api_spec.rb index 08b766e70..c0fbed8cf 100644 --- a/spec/requests/protected_resources/private_api_spec.rb +++ b/spec/requests/protected_resources/private_api_spec.rb @@ -41,10 +41,10 @@ end scenario 'access token with no default scopes' do - Doorkeeper.configuration.instance_eval { + Doorkeeper.configuration.instance_eval do @default_scopes = Doorkeeper::OAuth::Scopes.from_array([:public]) @scopes = default_scopes + optional_scopes - } + end @token.update_attribute :scopes, 'dummy' with_access_token_header @token.token visit '/full_protected_resources' diff --git a/spec/support/helpers/model_helper.rb b/spec/support/helpers/model_helper.rb index 329600e6f..0e2b3f3d6 100644 --- a/spec/support/helpers/model_helper.rb +++ b/spec/support/helpers/model_helper.rb @@ -18,8 +18,8 @@ def access_token_exists(options = {}) def access_grant_should_exist_for(client, resource_owner) grant = Doorkeeper::AccessGrant.first - expect(grant.application).to have_attributes(id: client.id). - and(be_instance_of(Doorkeeper::Application)) + expect(grant.application).to have_attributes(id: client.id) + .and(be_instance_of(Doorkeeper::Application)) expect(grant.resource_owner_id).to eq(resource_owner.id) end @@ -27,8 +27,8 @@ def access_grant_should_exist_for(client, resource_owner) def access_token_should_exist_for(client, resource_owner) token = Doorkeeper::AccessToken.first - expect(token.application).to have_attributes(id: client.id). - and(be_instance_of(Doorkeeper::Application)) + expect(token.application).to have_attributes(id: client.id) + .and(be_instance_of(Doorkeeper::Application)) expect(token.resource_owner_id).to eq(resource_owner.id) end diff --git a/spec/support/shared/controllers_shared_context.rb b/spec/support/shared/controllers_shared_context.rb index 4ea6ccf88..8528f2ad2 100644 --- a/spec/support/shared/controllers_shared_context.rb +++ b/spec/support/shared/controllers_shared_context.rb @@ -119,4 +119,3 @@ ).to receive(:by_token).with(token_string).and_return(token) end end - diff --git a/spec/validators/redirect_uri_validator_spec.rb b/spec/validators/redirect_uri_validator_spec.rb index 0c7976376..e07f6eeab 100644 --- a/spec/validators/redirect_uri_validator_spec.rb +++ b/spec/validators/redirect_uri_validator_spec.rb @@ -73,8 +73,8 @@ it 'accepts a non secured protocol when disabled' do subject.redirect_uri = 'http://example.com/callback' allow(Doorkeeper.configuration).to receive( - :force_ssl_in_redirect_uri - ).and_return(false) + :force_ssl_in_redirect_uri + ).and_return(false) expect(subject).to be_valid end