doorkeeper 4.4.2 → 4.4.3

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.


This version of doorkeeper might be problematic. Click here for more details.

checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: c92e80cb652104645d4ec7634af2c3699f90da68
4
- data.tar.gz: 3d3e22b8dfa7288c8a120645db4cc4193809d60f
3
+ metadata.gz: 8d8d3550d8406d4abb224c4960d1d6e8a0c4c706
4
+ data.tar.gz: b12408cb8b0dc2b14ee69b57798943b5c1bfaa30
5
5
  SHA512:
6
- metadata.gz: e6546445a2ab9db13ff53fe16633b8769f1c70b1b76931e9709346984cb8aed18eec91a5a4fa29c2f06786999c0e87697897064603a918b868bd55b32874faa8
7
- data.tar.gz: 7717301a83ea02e249e8cc121bd0894cb08fafa272340715829de78020bb6428d3d8c7764ed5200c7e22ecf9bb99c5f206503ae938e89ed1817620c1f42388cd
6
+ metadata.gz: 0674af950f6070d6457e09f73fc89736b092ae6595e484ca6e67e7f126912ea007509d9249fdc4eb01e66bf981c1e49da33712203d8428d10401a43faabd1cfd
7
+ data.tar.gz: e447513c202dfde4c622b898da2a98dff64272193136fe399b890bb97488e7915156a2588caa6de3566db411f4c7dfa89e88be3a8b8d0a76511251f2f980c382
data/NEWS.md CHANGED
@@ -4,6 +4,11 @@ User-visible changes worth mentioning.
4
4
 
5
5
  ## master
6
6
 
7
+ ## 4.4.3
8
+ - [#1143] Adds a config option opt_out_native_route_change to opt out of the
9
+ breaking api changed introduced in
10
+ https://github.com/doorkeeper-gem/doorkeeper/pull/1003
11
+
7
12
  ## 4.4.2
8
13
  - [#1130] Backport fix for native redirect_uri from 5.x.
9
14
 
@@ -114,6 +114,15 @@ doorkeeper.
114
114
  def reuse_access_token
115
115
  @config.instance_variable_set(:@reuse_access_token, true)
116
116
  end
117
+
118
+ # Opt out of breaking api change to the native authorization code flow.
119
+ # Opting out sets the authorization code response route for native
120
+ # redirect uris to oauth/authorize/<code>. The default is
121
+ # oauth/authorize/native?code=<code>.
122
+ # Rationale: https://github.com/doorkeeper-gem/doorkeeper/issues/1143
123
+ def opt_out_native_route_change
124
+ @config.instance_variable_set(:@opt_out_native_route_change, true)
125
+ end
117
126
  end
118
127
 
119
128
  module Option
@@ -295,6 +304,11 @@ doorkeeper.
295
304
  @token_grant_types ||= calculate_token_grant_types
296
305
  end
297
306
 
307
+ def native_authorization_code_route
308
+ @opt_out_native_route_change ||= false
309
+ @opt_out_native_route_change ? '/:code' : '/native'
310
+ end
311
+
298
312
  private
299
313
 
300
314
  # Determines what values are acceptable for 'response_type' param in
@@ -47,7 +47,7 @@ module Doorkeeper
47
47
  as: mapping[:as],
48
48
  controller: mapping[:controllers]
49
49
  ) do
50
- routes.get '/native', action: :show, on: :member
50
+ routes.get native_authorization_code_route, action: :show, on: :member
51
51
  routes.get '/', action: :new, on: :member
52
52
  end
53
53
  end
@@ -85,6 +85,10 @@ module Doorkeeper
85
85
  def authorized_applications_routes(mapping)
86
86
  routes.resources :authorized_applications, only: %i[index destroy], controller: mapping[:controllers]
87
87
  end
88
+
89
+ def native_authorization_code_route
90
+ Doorkeeper.configuration.native_authorization_code_route
91
+ end
88
92
  end
89
93
  end
90
94
  end
@@ -28,7 +28,7 @@ HEREDOC
28
28
  # Semantic versioning
29
29
  MAJOR = 4
30
30
  MINOR = 4
31
- TINY = 2
31
+ TINY = 3
32
32
 
33
33
  # Full version number
34
34
  STRING = [MAJOR, MINOR, TINY].compact.join('.')
@@ -164,6 +164,38 @@ describe Doorkeeper::AuthorizationsController, 'implicit grant flow' do
164
164
  it 'should not issue a token' do
165
165
  expect(Doorkeeper::AccessToken.count).to be 0
166
166
  end
167
+
168
+ context 'with opt_out_native_route_change' do
169
+ around(:each) do |example|
170
+ Doorkeeper.configure do
171
+ orm DOORKEEPER_ORM
172
+ opt_out_native_route_change
173
+ end
174
+
175
+ Rails.application.reload_routes!
176
+
177
+ example.run
178
+
179
+ Doorkeeper.configure do
180
+ orm DOORKEEPER_ORM
181
+ end
182
+
183
+ Rails.application.reload_routes!
184
+ end
185
+
186
+ it 'should redirect immediately' do
187
+ expect(response).to be_redirect
188
+ expect(response.location).to match(/oauth\/authorize\/#{Doorkeeper::AccessGrant.first.token}/)
189
+ end
190
+
191
+ it 'should issue a grant' do
192
+ expect(Doorkeeper::AccessGrant.count).to be 1
193
+ end
194
+
195
+ it 'should not issue a token' do
196
+ expect(Doorkeeper::AccessToken.count).to be 0
197
+ end
198
+ end
167
199
  end
168
200
 
169
201
  describe 'GET #new with skip_authorization true' do
@@ -29,6 +29,11 @@ Doorkeeper.configure do
29
29
  # Issue access tokens with refresh token (disabled by default)
30
30
  use_refresh_token
31
31
 
32
+ # Opt out of breaking api change to the native authorization code flow. Opting out sets the authorization
33
+ # code response route for native redirect uris to oauth/authorize/<code>. The default is oauth/authorize/native?code=<code>.
34
+ # Rationale: https://github.com/doorkeeper-gem/doorkeeper/issues/1143
35
+ # opt_out_native_route_change
36
+
32
37
  # Provide support for an owner to be assigned to each registered application (disabled by default)
33
38
  # Optional parameter confirmation: true (default false) if you want to enforce ownership of
34
39
  # a registered application
@@ -162,6 +162,31 @@ describe Doorkeeper, 'configuration' do
162
162
  end
163
163
  end
164
164
 
165
+ describe 'opt_out_native_route_change' do
166
+ around(:each) do |example|
167
+ Doorkeeper.configure do
168
+ orm DOORKEEPER_ORM
169
+ opt_out_native_route_change
170
+ end
171
+
172
+ Rails.application.reload_routes!
173
+
174
+ subject { Doorkeeper.configuration }
175
+
176
+ example.run
177
+
178
+ Doorkeeper.configure do
179
+ orm DOORKEEPER_ORM
180
+ end
181
+
182
+ Rails.application.reload_routes!
183
+ end
184
+
185
+ it 'sets the native authorization code route /:code' do
186
+ expect(subject.native_authorization_code_route).to eq('/:code')
187
+ end
188
+ end
189
+
165
190
  describe 'client_credentials' do
166
191
  it 'has defaults order' do
167
192
  expect(subject.client_credentials_methods).to eq([:from_basic, :from_params])
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: doorkeeper
3
3
  version: !ruby/object:Gem::Version
4
- version: 4.4.2
4
+ version: 4.4.3
5
5
  platform: ruby
6
6
  authors:
7
7
  - Felipe Elias Philipp
@@ -11,7 +11,7 @@ authors:
11
11
  autorequire:
12
12
  bindir: bin
13
13
  cert_chain: []
14
- date: 2018-08-20 00:00:00.000000000 Z
14
+ date: 2018-09-19 00:00:00.000000000 Z
15
15
  dependencies:
16
16
  - !ruby/object:Gem::Dependency
17
17
  name: railties