Enable get access_token via URL.

Eric-Guo · Eric-Guo · commit 40fc261d966a · 2019-03-04T22:35:33.000+08:00
diff --git a/.yamllint b/.yamllint
@@ -0,0 +1,6 @@
+extends: default
+
+rules:
+  line-length:
+    max: 120
+    level: warning
diff --git a/Gemfile.lock b/Gemfile.lock
@@ -89,7 +89,7 @@ GEM
     ffi (1.10.0-x86-mingw32)
     globalid (0.4.2)
       activesupport (>= 4.2.0)
-    i18n (1.5.3)
+    i18n (1.6.0)
       concurrent-ruby (~> 1.0)
     io-like (0.3.0)
     jbuilder (2.8.0)
diff --git a/config/initializers/doorkeeper.rb b/config/initializers/doorkeeper.rb
@@ -10,6 +10,12 @@
     #   User.find_by_id(session[:user_id]) || redirect_to(new_user_session_url)
   end
 
+  # In this flow, a token is requested in exchange for the resource owner credentials (email and password)
+  resource_owner_from_credentials do |_routes|
+    user = User.find_for_database_authentication(email: params[:email])
+    user&.valid_for_authentication? { user.valid_password?(params[:password]) } && user
+  end
+
   # If you didn't skip applications controller from Doorkeeper routes in your application routes.rb
   # file then you need to declare this block in order to restrict access to the web interface for
   # adding oauth authorized applications. In other case it will return 403 Forbidden response
@@ -181,7 +187,7 @@
   #   http://tools.ietf.org/html/rfc6819#section-4.4.2
   #   http://tools.ietf.org/html/rfc6819#section-4.4.3
   #
-  # grant_flows %w[authorization_code client_credentials]
+  grant_flows %w[authorization_code client_credentials password]
 
   # Hook into the strategies' request & response life-cycle in case your
   # application needs advanced customization or logging:
diff --git a/test/controllers/doorkeeper_controller_test.rb b/test/controllers/doorkeeper_controller_test.rb
@@ -0,0 +1,11 @@
+require 'test_helper'
+
+class DoorkeeperControllerTest < ActionDispatch::IntegrationTest
+  test 'should get token' do
+    post oauth_token_url, params: { email: 'eric@cloud-mes.com',
+                                    password: '123456',
+                                    grant_type: 'password' }
+    assert_response :success
+    assert_match 'Bearer', JSON.parse(@response.body)['token_type']
+  end
+end
diff --git a/test/fixtures/users.yml b/test/fixtures/users.yml
@@ -2,3 +2,5 @@
 eric:
   email: "eric@cloud-mes.com"
   confirmed_at: <%= Time.zone.now %>
+  # password: 123456
+  encrypted_password: '$2a$11$I3DE/JkhWB03DUC.LFaoEuwVRU7Kk474udMsmF/AiX5IAxm5CoXcS'
