devise 4.4.2 → 4.4.3
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of devise might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/CHANGELOG.md +6 -0
- data/Gemfile.lock +2 -2
- data/gemfiles/Gemfile.rails-4.1-stable.lock +2 -2
- data/gemfiles/Gemfile.rails-4.2-stable.lock +2 -2
- data/gemfiles/Gemfile.rails-5.0-stable.lock +2 -2
- data/gemfiles/Gemfile.rails-5.2-rc1.lock +3 -3
- data/lib/devise.rb +1 -0
- data/lib/devise/rails.rb +1 -7
- data/lib/devise/secret_key_finder.rb +25 -0
- data/lib/devise/test/controller_helpers.rb +1 -1
- data/lib/devise/version.rb +1 -1
- data/test/secret_key_finder_test.rb +97 -0
- metadata +6 -3
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 554c50f7db4c13beb0b2eb9ee1dbdd863aef2e7647de61d7070adac0b60fd1c7
|
|
4
|
+
data.tar.gz: 7624cffe7f3383660d08bca3c10b4f0c3ce2d5696b1f52cfe2e8b2b023c79fed
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: fa0cacb024cecbfb7a031f0dd5b5e8cf2ea518ecbd89b3f2d3994614bf8d859548984b4675f4cd1be1f73b17c0a07214e9d62e08e4d7362450664b27083bc1a4
|
|
7
|
+
data.tar.gz: e249d22cc464e7b04b53e990ff0c6e15b3c48a1bb7e8d9ef0a10722b867649840b7b5d48b30f234e9963400b773608b31c3732aeb5665287cea940d568bb5abe
|
data/CHANGELOG.md
CHANGED
|
@@ -1,5 +1,11 @@
|
|
|
1
1
|
### Unreleased
|
|
2
2
|
|
|
3
|
+
### 4.4.3 - 2018-03-17
|
|
4
|
+
|
|
5
|
+
* bug fixes
|
|
6
|
+
* Fix undefined method `rails5?` for Devise::Test:Module (by @tegon)
|
|
7
|
+
* Fix: secret key was being required to be set inside credentials on Rails 5.2 (by @tegon)
|
|
8
|
+
|
|
3
9
|
### 4.4.2 - 2018-03-15
|
|
4
10
|
|
|
5
11
|
* enhancements
|
data/Gemfile.lock
CHANGED
|
@@ -10,10 +10,10 @@ GIT
|
|
|
10
10
|
PATH
|
|
11
11
|
remote: ..
|
|
12
12
|
specs:
|
|
13
|
-
devise (4.4.
|
|
13
|
+
devise (4.4.3)
|
|
14
14
|
bcrypt (~> 3.0)
|
|
15
15
|
orm_adapter (~> 0.1)
|
|
16
|
-
railties (>= 4.1.0, <
|
|
16
|
+
railties (>= 4.1.0, < 6.0)
|
|
17
17
|
responders
|
|
18
18
|
warden (~> 1.2.3)
|
|
19
19
|
|
|
@@ -198,4 +198,4 @@ DEPENDENCIES
|
|
|
198
198
|
webrat (= 0.7.3)
|
|
199
199
|
|
|
200
200
|
BUNDLED WITH
|
|
201
|
-
1.16.
|
|
201
|
+
1.16.1
|
data/lib/devise.rb
CHANGED
|
@@ -18,6 +18,7 @@ module Devise
|
|
|
18
18
|
autoload :TestHelpers, 'devise/test_helpers'
|
|
19
19
|
autoload :TimeInflector, 'devise/time_inflector'
|
|
20
20
|
autoload :TokenGenerator, 'devise/token_generator'
|
|
21
|
+
autoload :SecretKeyFinder, 'devise/secret_key_finder'
|
|
21
22
|
|
|
22
23
|
module Controllers
|
|
23
24
|
autoload :Helpers, 'devise/controllers/helpers'
|
data/lib/devise/rails.rb
CHANGED
|
@@ -34,13 +34,7 @@ module Devise
|
|
|
34
34
|
end
|
|
35
35
|
|
|
36
36
|
initializer "devise.secret_key" do |app|
|
|
37
|
-
|
|
38
|
-
Devise.secret_key ||= app.credentials.secret_key_base
|
|
39
|
-
elsif app.respond_to?(:secrets)
|
|
40
|
-
Devise.secret_key ||= app.secrets.secret_key_base
|
|
41
|
-
elsif app.config.respond_to?(:secret_key_base)
|
|
42
|
-
Devise.secret_key ||= app.config.secret_key_base
|
|
43
|
-
end
|
|
37
|
+
Devise.secret_key ||= Devise::SecretKeyFinder.new(app).find
|
|
44
38
|
|
|
45
39
|
Devise.token_generator ||=
|
|
46
40
|
if secret_key = Devise.secret_key
|
|
@@ -0,0 +1,25 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
module Devise
|
|
4
|
+
class SecretKeyFinder
|
|
5
|
+
def initialize(application)
|
|
6
|
+
@application = application
|
|
7
|
+
end
|
|
8
|
+
|
|
9
|
+
def find
|
|
10
|
+
if @application.respond_to?(:credentials) && key_exists?(@application.credentials)
|
|
11
|
+
@application.credentials.secret_key_base
|
|
12
|
+
elsif @application.respond_to?(:secrets) && key_exists?(@application.secrets)
|
|
13
|
+
@application.secrets.secret_key_base
|
|
14
|
+
elsif @application.config.respond_to?(:secret_key_base) && key_exists?(@application.config)
|
|
15
|
+
@application.config.secret_key_base
|
|
16
|
+
end
|
|
17
|
+
end
|
|
18
|
+
|
|
19
|
+
private
|
|
20
|
+
|
|
21
|
+
def key_exists?(object)
|
|
22
|
+
object.secret_key_base.present?
|
|
23
|
+
end
|
|
24
|
+
end
|
|
25
|
+
end
|
|
@@ -139,7 +139,7 @@ module Devise
|
|
|
139
139
|
|
|
140
140
|
status, headers, response = Devise.warden_config[:failure_app].call(env).to_a
|
|
141
141
|
@controller.response.headers.merge!(headers)
|
|
142
|
-
@controller.response.content_type = headers["Content-Type"] unless
|
|
142
|
+
@controller.response.content_type = headers["Content-Type"] unless Rails.version.start_with?('5')
|
|
143
143
|
@controller.status = status
|
|
144
144
|
@controller.response.body = response.body
|
|
145
145
|
nil # causes process return @response
|
data/lib/devise/version.rb
CHANGED
|
@@ -0,0 +1,97 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
require 'test_helper'
|
|
4
|
+
|
|
5
|
+
class Rails52Credentials
|
|
6
|
+
def credentials
|
|
7
|
+
OpenStruct.new(secret_key_base: 'credentials')
|
|
8
|
+
end
|
|
9
|
+
end
|
|
10
|
+
|
|
11
|
+
class Rails52Secrets
|
|
12
|
+
def credentials
|
|
13
|
+
OpenStruct.new(secret_key_base: nil)
|
|
14
|
+
end
|
|
15
|
+
|
|
16
|
+
def secrets
|
|
17
|
+
OpenStruct.new(secret_key_base: 'secrets')
|
|
18
|
+
end
|
|
19
|
+
end
|
|
20
|
+
|
|
21
|
+
class Rails52Config
|
|
22
|
+
def credentials
|
|
23
|
+
OpenStruct.new(secret_key_base: nil)
|
|
24
|
+
end
|
|
25
|
+
|
|
26
|
+
def secrets
|
|
27
|
+
OpenStruct.new(secret_key_base: nil)
|
|
28
|
+
end
|
|
29
|
+
|
|
30
|
+
def config
|
|
31
|
+
OpenStruct.new(secret_key_base: 'config')
|
|
32
|
+
end
|
|
33
|
+
end
|
|
34
|
+
|
|
35
|
+
class Rails41Secrets
|
|
36
|
+
def secrets
|
|
37
|
+
OpenStruct.new(secret_key_base: 'secrets')
|
|
38
|
+
end
|
|
39
|
+
|
|
40
|
+
def config
|
|
41
|
+
OpenStruct.new(secret_key_base: nil)
|
|
42
|
+
end
|
|
43
|
+
end
|
|
44
|
+
|
|
45
|
+
class Rails41Config
|
|
46
|
+
def secrets
|
|
47
|
+
OpenStruct.new(secret_key_base: nil)
|
|
48
|
+
end
|
|
49
|
+
|
|
50
|
+
def config
|
|
51
|
+
OpenStruct.new(secret_key_base: 'config')
|
|
52
|
+
end
|
|
53
|
+
end
|
|
54
|
+
|
|
55
|
+
class Rails40Config
|
|
56
|
+
def config
|
|
57
|
+
OpenStruct.new(secret_key_base: 'config')
|
|
58
|
+
end
|
|
59
|
+
end
|
|
60
|
+
|
|
61
|
+
class SecretKeyFinderTest < ActiveSupport::TestCase
|
|
62
|
+
test "rails 5.2 uses credentials when they're available" do
|
|
63
|
+
secret_key_finder = Devise::SecretKeyFinder.new(Rails52Credentials.new)
|
|
64
|
+
|
|
65
|
+
assert_equal 'credentials', secret_key_finder.find
|
|
66
|
+
end
|
|
67
|
+
|
|
68
|
+
test "rails 5.2 uses secrets when credentials are empty" do
|
|
69
|
+
secret_key_finder = Devise::SecretKeyFinder.new(Rails52Secrets.new)
|
|
70
|
+
|
|
71
|
+
assert_equal 'secrets', secret_key_finder.find
|
|
72
|
+
end
|
|
73
|
+
|
|
74
|
+
test "rails 5.2 uses config when secrets are empty" do
|
|
75
|
+
secret_key_finder = Devise::SecretKeyFinder.new(Rails52Config.new)
|
|
76
|
+
|
|
77
|
+
assert_equal 'config', secret_key_finder.find
|
|
78
|
+
end
|
|
79
|
+
|
|
80
|
+
test "rails 4.1 uses secrets" do
|
|
81
|
+
secret_key_finder = Devise::SecretKeyFinder.new(Rails41Secrets.new)
|
|
82
|
+
|
|
83
|
+
assert_equal 'secrets', secret_key_finder.find
|
|
84
|
+
end
|
|
85
|
+
|
|
86
|
+
test "rails 4.1 uses config when secrets are empty" do
|
|
87
|
+
secret_key_finder = Devise::SecretKeyFinder.new(Rails41Config.new)
|
|
88
|
+
|
|
89
|
+
assert_equal 'config', secret_key_finder.find
|
|
90
|
+
end
|
|
91
|
+
|
|
92
|
+
test "rails 4.0 uses config" do
|
|
93
|
+
secret_key_finder = Devise::SecretKeyFinder.new(Rails40Config.new)
|
|
94
|
+
|
|
95
|
+
assert_equal 'config', secret_key_finder.find
|
|
96
|
+
end
|
|
97
|
+
end
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: devise
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 4.4.
|
|
4
|
+
version: 4.4.3
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- José Valim
|
|
@@ -9,7 +9,7 @@ authors:
|
|
|
9
9
|
autorequire:
|
|
10
10
|
bindir: bin
|
|
11
11
|
cert_chain: []
|
|
12
|
-
date: 2018-03-
|
|
12
|
+
date: 2018-03-18 00:00:00.000000000 Z
|
|
13
13
|
dependencies:
|
|
14
14
|
- !ruby/object:Gem::Dependency
|
|
15
15
|
name: warden
|
|
@@ -183,6 +183,7 @@ files:
|
|
|
183
183
|
- lib/devise/rails.rb
|
|
184
184
|
- lib/devise/rails/routes.rb
|
|
185
185
|
- lib/devise/rails/warden_compat.rb
|
|
186
|
+
- lib/devise/secret_key_finder.rb
|
|
186
187
|
- lib/devise/strategies/authenticatable.rb
|
|
187
188
|
- lib/devise/strategies/base.rb
|
|
188
189
|
- lib/devise/strategies/database_authenticatable.rb
|
|
@@ -349,6 +350,7 @@ files:
|
|
|
349
350
|
- test/rails_app/public/favicon.ico
|
|
350
351
|
- test/rails_test.rb
|
|
351
352
|
- test/routes_test.rb
|
|
353
|
+
- test/secret_key_finder_test.rb
|
|
352
354
|
- test/support/action_controller/record_identifier.rb
|
|
353
355
|
- test/support/assertions.rb
|
|
354
356
|
- test/support/helpers.rb
|
|
@@ -381,7 +383,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
381
383
|
version: '0'
|
|
382
384
|
requirements: []
|
|
383
385
|
rubyforge_project:
|
|
384
|
-
rubygems_version: 2.7.
|
|
386
|
+
rubygems_version: 2.7.3
|
|
385
387
|
signing_key:
|
|
386
388
|
specification_version: 4
|
|
387
389
|
summary: Flexible authentication solution for Rails with Warden
|
|
@@ -512,6 +514,7 @@ test_files:
|
|
|
512
514
|
- test/rails_app/public/favicon.ico
|
|
513
515
|
- test/rails_test.rb
|
|
514
516
|
- test/routes_test.rb
|
|
517
|
+
- test/secret_key_finder_test.rb
|
|
515
518
|
- test/support/action_controller/record_identifier.rb
|
|
516
519
|
- test/support/assertions.rb
|
|
517
520
|
- test/support/helpers.rb
|