doorkeeper 4.4.3 → 5.0.0.rc1
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of doorkeeper might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/.gitignore +1 -0
- data/.travis.yml +2 -0
- data/Appraisals +2 -2
- data/Gemfile +1 -1
- data/NEWS.md +36 -17
- data/README.md +85 -3
- data/Rakefile +6 -0
- data/app/assets/stylesheets/doorkeeper/admin/application.css +2 -2
- data/app/controllers/doorkeeper/application_controller.rb +4 -3
- data/app/controllers/doorkeeper/application_metal_controller.rb +4 -0
- data/app/controllers/doorkeeper/applications_controller.rb +42 -22
- data/app/controllers/doorkeeper/authorizations_controller.rb +55 -12
- data/app/controllers/doorkeeper/authorized_applications_controller.rb +15 -1
- data/app/controllers/doorkeeper/tokens_controller.rb +12 -15
- data/app/helpers/doorkeeper/dashboard_helper.rb +7 -7
- data/app/validators/redirect_uri_validator.rb +3 -2
- data/app/views/doorkeeper/applications/_delete_form.html.erb +3 -1
- data/app/views/doorkeeper/applications/_form.html.erb +25 -24
- data/app/views/doorkeeper/applications/edit.html.erb +1 -1
- data/app/views/doorkeeper/applications/index.html.erb +17 -7
- data/app/views/doorkeeper/applications/new.html.erb +1 -1
- data/app/views/doorkeeper/applications/show.html.erb +6 -6
- data/app/views/doorkeeper/authorizations/error.html.erb +1 -1
- data/app/views/doorkeeper/authorizations/new.html.erb +4 -0
- data/app/views/layouts/doorkeeper/admin.html.erb +15 -15
- data/config/locales/en.yml +9 -1
- data/doorkeeper.gemspec +0 -2
- data/gemfiles/rails_5_2.gemfile +1 -1
- data/lib/doorkeeper/config.rb +58 -35
- data/lib/doorkeeper/engine.rb +4 -0
- data/lib/doorkeeper/errors.rb +2 -5
- data/lib/doorkeeper/grape/helpers.rb +1 -1
- data/lib/doorkeeper/helpers/controller.rb +7 -2
- data/lib/doorkeeper/models/access_grant_mixin.rb +56 -0
- data/lib/doorkeeper/models/access_token_mixin.rb +38 -21
- data/lib/doorkeeper/models/concerns/scopes.rb +1 -1
- data/lib/doorkeeper/oauth/authorization/code.rb +31 -8
- data/lib/doorkeeper/oauth/authorization/context.rb +15 -0
- data/lib/doorkeeper/oauth/authorization/token.rb +23 -6
- data/lib/doorkeeper/oauth/authorization_code_request.rb +27 -2
- data/lib/doorkeeper/oauth/base_request.rb +18 -8
- data/lib/doorkeeper/oauth/client/credentials.rb +1 -1
- data/lib/doorkeeper/oauth/client_credentials/issuer.rb +6 -1
- data/lib/doorkeeper/oauth/client_credentials/validation.rb +4 -2
- data/lib/doorkeeper/oauth/error_response.rb +11 -3
- data/lib/doorkeeper/oauth/helpers/scope_checker.rb +0 -8
- data/lib/doorkeeper/oauth/password_access_token_request.rb +7 -4
- data/lib/doorkeeper/oauth/pre_authorization.rb +41 -11
- data/lib/doorkeeper/oauth/refresh_token_request.rb +6 -1
- data/lib/doorkeeper/oauth/scopes.rb +1 -1
- data/lib/doorkeeper/oauth/token.rb +5 -2
- data/lib/doorkeeper/oauth/token_introspection.rb +2 -2
- data/lib/doorkeeper/oauth/token_response.rb +4 -2
- data/lib/doorkeeper/oauth.rb +13 -0
- data/lib/doorkeeper/orm/active_record/application.rb +13 -16
- data/lib/doorkeeper/orm/active_record/stale_records_cleaner.rb +26 -0
- data/lib/doorkeeper/orm/active_record.rb +2 -0
- data/lib/doorkeeper/rails/helpers.rb +2 -4
- data/lib/doorkeeper/rails/routes.rb +14 -6
- data/lib/doorkeeper/rake/db.rake +40 -0
- data/lib/doorkeeper/rake/setup.rake +6 -0
- data/lib/doorkeeper/rake.rb +14 -0
- data/lib/doorkeeper/request.rb +28 -28
- data/lib/doorkeeper/version.rb +5 -25
- data/lib/doorkeeper.rb +4 -17
- data/lib/generators/doorkeeper/application_owner_generator.rb +23 -18
- data/lib/generators/doorkeeper/confidential_applications_generator.rb +32 -0
- data/lib/generators/doorkeeper/install_generator.rb +17 -9
- data/lib/generators/doorkeeper/migration_generator.rb +23 -18
- data/lib/generators/doorkeeper/pkce_generator.rb +32 -0
- data/lib/generators/doorkeeper/previous_refresh_token_generator.rb +29 -24
- data/lib/generators/doorkeeper/templates/add_confidential_to_applications.rb.erb +13 -0
- data/lib/generators/doorkeeper/templates/enable_pkce_migration.rb.erb +6 -0
- data/lib/generators/doorkeeper/templates/initializer.rb +60 -9
- data/lib/generators/doorkeeper/views_generator.rb +3 -1
- data/spec/controllers/application_metal_controller_spec.rb +50 -0
- data/spec/controllers/applications_controller_spec.rb +126 -13
- data/spec/controllers/authorizations_controller_spec.rb +252 -49
- data/spec/controllers/protected_resources_controller_spec.rb +16 -16
- data/spec/controllers/token_info_controller_spec.rb +4 -12
- data/spec/controllers/tokens_controller_spec.rb +19 -73
- data/spec/dummy/app/assets/config/manifest.js +2 -0
- data/spec/dummy/config/environments/test.rb +4 -5
- data/spec/dummy/config/initializers/doorkeeper.rb +5 -4
- data/spec/dummy/config/initializers/new_framework_defaults.rb +4 -0
- data/spec/dummy/config/routes.rb +3 -42
- data/spec/dummy/db/migrate/20170822064514_enable_pkce.rb +6 -0
- data/spec/dummy/db/migrate/{20180210183654_add_confidential_to_application.rb → 20180210183654_add_confidential_to_applications.rb} +1 -1
- data/spec/dummy/db/schema.rb +36 -36
- data/spec/generators/application_owner_generator_spec.rb +1 -1
- data/spec/generators/confidential_applications_generator_spec.rb +45 -0
- data/spec/generators/install_generator_spec.rb +1 -1
- data/spec/generators/migration_generator_spec.rb +1 -1
- data/spec/generators/pkce_generator_spec.rb +43 -0
- data/spec/generators/previous_refresh_token_generator_spec.rb +1 -1
- data/spec/generators/views_generator_spec.rb +1 -1
- data/spec/grape/grape_integration_spec.rb +1 -1
- data/spec/helpers/doorkeeper/dashboard_helper_spec.rb +1 -1
- data/spec/lib/config_spec.rb +51 -31
- data/spec/lib/doorkeeper_spec.rb +1 -126
- data/spec/lib/models/expirable_spec.rb +0 -3
- data/spec/lib/models/revocable_spec.rb +0 -2
- data/spec/lib/models/scopes_spec.rb +0 -4
- data/spec/lib/oauth/authorization/uri_builder_spec.rb +0 -4
- data/spec/lib/oauth/authorization_code_request_spec.rb +9 -2
- data/spec/lib/oauth/base_request_spec.rb +16 -2
- data/spec/lib/oauth/base_response_spec.rb +1 -1
- data/spec/lib/oauth/client/credentials_spec.rb +1 -3
- data/spec/lib/oauth/client_credentials/creator_spec.rb +5 -1
- data/spec/lib/oauth/client_credentials/issuer_spec.rb +26 -7
- data/spec/lib/oauth/client_credentials/validation_spec.rb +2 -3
- data/spec/lib/oauth/client_credentials_integration_spec.rb +1 -1
- data/spec/lib/oauth/client_credentials_request_spec.rb +3 -5
- data/spec/lib/oauth/client_spec.rb +0 -3
- data/spec/lib/oauth/code_request_spec.rb +4 -2
- data/spec/lib/oauth/error_response_spec.rb +0 -3
- data/spec/lib/oauth/error_spec.rb +0 -2
- data/spec/lib/oauth/forbidden_token_response_spec.rb +1 -4
- data/spec/lib/oauth/helpers/scope_checker_spec.rb +0 -3
- data/spec/lib/oauth/helpers/unique_token_spec.rb +0 -1
- data/spec/lib/oauth/helpers/uri_checker_spec.rb +5 -7
- data/spec/lib/oauth/invalid_token_response_spec.rb +1 -4
- data/spec/lib/oauth/password_access_token_request_spec.rb +37 -2
- data/spec/lib/oauth/pre_authorization_spec.rb +33 -4
- data/spec/lib/oauth/refresh_token_request_spec.rb +11 -7
- data/spec/lib/oauth/scopes_spec.rb +0 -3
- data/spec/lib/oauth/token_request_spec.rb +4 -5
- data/spec/lib/oauth/token_response_spec.rb +0 -1
- data/spec/lib/oauth/token_spec.rb +37 -14
- data/spec/lib/orm/active_record/stale_records_cleaner_spec.rb +79 -0
- data/spec/lib/request/strategy_spec.rb +0 -1
- data/spec/lib/server_spec.rb +1 -1
- data/spec/models/doorkeeper/access_grant_spec.rb +1 -1
- data/spec/models/doorkeeper/access_token_spec.rb +50 -16
- data/spec/models/doorkeeper/application_spec.rb +1 -47
- data/spec/requests/applications/applications_request_spec.rb +89 -1
- data/spec/requests/applications/authorized_applications_spec.rb +1 -1
- data/spec/requests/endpoints/authorization_spec.rb +1 -1
- data/spec/requests/endpoints/token_spec.rb +7 -5
- data/spec/requests/flows/authorization_code_errors_spec.rb +1 -1
- data/spec/requests/flows/authorization_code_spec.rb +198 -2
- data/spec/requests/flows/client_credentials_spec.rb +46 -6
- data/spec/requests/flows/implicit_grant_errors_spec.rb +1 -1
- data/spec/requests/flows/implicit_grant_spec.rb +38 -11
- data/spec/requests/flows/password_spec.rb +56 -2
- data/spec/requests/flows/refresh_token_spec.rb +2 -2
- data/spec/requests/flows/revoke_token_spec.rb +11 -11
- data/spec/requests/flows/skip_authorization_spec.rb +16 -11
- data/spec/requests/protected_resources/metal_spec.rb +1 -1
- data/spec/requests/protected_resources/private_api_spec.rb +1 -1
- data/spec/routing/custom_controller_routes_spec.rb +59 -7
- data/spec/routing/default_routes_spec.rb +2 -2
- data/spec/routing/scoped_routes_spec.rb +16 -2
- data/spec/spec_helper.rb +54 -3
- data/spec/spec_helper_integration.rb +2 -74
- data/spec/support/dependencies/{factory_girl.rb → factory_bot.rb} +0 -0
- data/spec/support/doorkeeper_rspec.rb +19 -0
- data/spec/support/helpers/authorization_request_helper.rb +4 -4
- data/spec/support/helpers/request_spec_helper.rb +2 -2
- data/spec/support/helpers/url_helper.rb +7 -3
- data/spec/support/http_method_shim.rb +12 -16
- data/spec/validators/redirect_uri_validator_spec.rb +7 -1
- data/spec/version/version_spec.rb +3 -3
- data/vendor/assets/stylesheets/doorkeeper/bootstrap.min.css +4 -5
- metadata +33 -31
- data/lib/generators/doorkeeper/add_client_confidentiality_generator.rb +0 -31
- data/lib/generators/doorkeeper/templates/add_confidential_to_application_migration.rb.erb +0 -11
- data/spec/controllers/application_metal_controller.rb +0 -10
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: doorkeeper
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version:
|
4
|
+
version: 5.0.0.rc1
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Felipe Elias Philipp
|
@@ -11,7 +11,7 @@ authors:
|
|
11
11
|
autorequire:
|
12
12
|
bindir: bin
|
13
13
|
cert_chain: []
|
14
|
-
date: 2018-
|
14
|
+
date: 2018-06-11 00:00:00.000000000 Z
|
15
15
|
dependencies:
|
16
16
|
- !ruby/object:Gem::Dependency
|
17
17
|
name: railties
|
@@ -211,7 +211,9 @@ files:
|
|
211
211
|
- lib/doorkeeper/models/concerns/ownership.rb
|
212
212
|
- lib/doorkeeper/models/concerns/revocable.rb
|
213
213
|
- lib/doorkeeper/models/concerns/scopes.rb
|
214
|
+
- lib/doorkeeper/oauth.rb
|
214
215
|
- lib/doorkeeper/oauth/authorization/code.rb
|
216
|
+
- lib/doorkeeper/oauth/authorization/context.rb
|
215
217
|
- lib/doorkeeper/oauth/authorization/token.rb
|
216
218
|
- lib/doorkeeper/oauth/authorization/uri_builder.rb
|
217
219
|
- lib/doorkeeper/oauth/authorization_code_request.rb
|
@@ -244,10 +246,14 @@ files:
|
|
244
246
|
- lib/doorkeeper/orm/active_record/access_grant.rb
|
245
247
|
- lib/doorkeeper/orm/active_record/access_token.rb
|
246
248
|
- lib/doorkeeper/orm/active_record/application.rb
|
249
|
+
- lib/doorkeeper/orm/active_record/stale_records_cleaner.rb
|
247
250
|
- lib/doorkeeper/rails/helpers.rb
|
248
251
|
- lib/doorkeeper/rails/routes.rb
|
249
252
|
- lib/doorkeeper/rails/routes/mapper.rb
|
250
253
|
- lib/doorkeeper/rails/routes/mapping.rb
|
254
|
+
- lib/doorkeeper/rake.rb
|
255
|
+
- lib/doorkeeper/rake/db.rake
|
256
|
+
- lib/doorkeeper/rake/setup.rake
|
251
257
|
- lib/doorkeeper/request.rb
|
252
258
|
- lib/doorkeeper/request/authorization_code.rb
|
253
259
|
- lib/doorkeeper/request/client_credentials.rb
|
@@ -259,25 +265,28 @@ files:
|
|
259
265
|
- lib/doorkeeper/server.rb
|
260
266
|
- lib/doorkeeper/validations.rb
|
261
267
|
- lib/doorkeeper/version.rb
|
262
|
-
- lib/generators/doorkeeper/add_client_confidentiality_generator.rb
|
263
268
|
- lib/generators/doorkeeper/application_owner_generator.rb
|
269
|
+
- lib/generators/doorkeeper/confidential_applications_generator.rb
|
264
270
|
- lib/generators/doorkeeper/install_generator.rb
|
265
271
|
- lib/generators/doorkeeper/migration_generator.rb
|
272
|
+
- lib/generators/doorkeeper/pkce_generator.rb
|
266
273
|
- lib/generators/doorkeeper/previous_refresh_token_generator.rb
|
267
274
|
- lib/generators/doorkeeper/templates/README
|
268
|
-
- lib/generators/doorkeeper/templates/
|
275
|
+
- lib/generators/doorkeeper/templates/add_confidential_to_applications.rb.erb
|
269
276
|
- lib/generators/doorkeeper/templates/add_owner_to_application_migration.rb.erb
|
270
277
|
- lib/generators/doorkeeper/templates/add_previous_refresh_token_to_access_tokens.rb.erb
|
278
|
+
- lib/generators/doorkeeper/templates/enable_pkce_migration.rb.erb
|
271
279
|
- lib/generators/doorkeeper/templates/initializer.rb
|
272
280
|
- lib/generators/doorkeeper/templates/migration.rb.erb
|
273
281
|
- lib/generators/doorkeeper/views_generator.rb
|
274
|
-
- spec/controllers/
|
282
|
+
- spec/controllers/application_metal_controller_spec.rb
|
275
283
|
- spec/controllers/applications_controller_spec.rb
|
276
284
|
- spec/controllers/authorizations_controller_spec.rb
|
277
285
|
- spec/controllers/protected_resources_controller_spec.rb
|
278
286
|
- spec/controllers/token_info_controller_spec.rb
|
279
287
|
- spec/controllers/tokens_controller_spec.rb
|
280
288
|
- spec/dummy/Rakefile
|
289
|
+
- spec/dummy/app/assets/config/manifest.js
|
281
290
|
- spec/dummy/app/controllers/application_controller.rb
|
282
291
|
- spec/dummy/app/controllers/custom_authorizations_controller.rb
|
283
292
|
- spec/dummy/app/controllers/full_protected_resources_controller.rb
|
@@ -309,7 +318,8 @@ files:
|
|
309
318
|
- spec/dummy/db/migrate/20151223192035_create_doorkeeper_tables.rb
|
310
319
|
- spec/dummy/db/migrate/20151223200000_add_owner_to_application.rb
|
311
320
|
- spec/dummy/db/migrate/20160320211015_add_previous_refresh_token_to_access_tokens.rb
|
312
|
-
- spec/dummy/db/migrate/
|
321
|
+
- spec/dummy/db/migrate/20170822064514_enable_pkce.rb
|
322
|
+
- spec/dummy/db/migrate/20180210183654_add_confidential_to_applications.rb
|
313
323
|
- spec/dummy/db/schema.rb
|
314
324
|
- spec/dummy/public/404.html
|
315
325
|
- spec/dummy/public/422.html
|
@@ -318,8 +328,10 @@ files:
|
|
318
328
|
- spec/dummy/script/rails
|
319
329
|
- spec/factories.rb
|
320
330
|
- spec/generators/application_owner_generator_spec.rb
|
331
|
+
- spec/generators/confidential_applications_generator_spec.rb
|
321
332
|
- spec/generators/install_generator_spec.rb
|
322
333
|
- spec/generators/migration_generator_spec.rb
|
334
|
+
- spec/generators/pkce_generator_spec.rb
|
323
335
|
- spec/generators/previous_refresh_token_generator_spec.rb
|
324
336
|
- spec/generators/templates/routes.rb
|
325
337
|
- spec/generators/views_generator_spec.rb
|
@@ -357,6 +369,7 @@ files:
|
|
357
369
|
- spec/lib/oauth/token_request_spec.rb
|
358
370
|
- spec/lib/oauth/token_response_spec.rb
|
359
371
|
- spec/lib/oauth/token_spec.rb
|
372
|
+
- spec/lib/orm/active_record/stale_records_cleaner_spec.rb
|
360
373
|
- spec/lib/request/strategy_spec.rb
|
361
374
|
- spec/lib/server_spec.rb
|
362
375
|
- spec/models/doorkeeper/access_grant_spec.rb
|
@@ -382,7 +395,8 @@ files:
|
|
382
395
|
- spec/routing/scoped_routes_spec.rb
|
383
396
|
- spec/spec_helper.rb
|
384
397
|
- spec/spec_helper_integration.rb
|
385
|
-
- spec/support/dependencies/
|
398
|
+
- spec/support/dependencies/factory_bot.rb
|
399
|
+
- spec/support/doorkeeper_rspec.rb
|
386
400
|
- spec/support/helpers/access_token_request_helper.rb
|
387
401
|
- spec/support/helpers/authorization_request_helper.rb
|
388
402
|
- spec/support/helpers/config_helper.rb
|
@@ -400,25 +414,7 @@ homepage: https://github.com/doorkeeper-gem/doorkeeper
|
|
400
414
|
licenses:
|
401
415
|
- MIT
|
402
416
|
metadata: {}
|
403
|
-
post_install_message:
|
404
|
-
|
405
|
-
|
406
|
-
WARNING: This is a security release that addresses token revocation not working for public apps (CVE-2018-1000211)
|
407
|
-
|
408
|
-
There is no breaking change in this release, however to take advantage of the security fix you must:
|
409
|
-
|
410
|
-
1. Run `rails generate doorkeeper:add_client_confidentiality` for the migration
|
411
|
-
2. Review your OAuth apps and determine which ones exclusively use public grant flows (eg implicit)
|
412
|
-
3. Update their `confidential` column to `false` for those public apps
|
413
|
-
|
414
|
-
This is a backported security release.
|
415
|
-
|
416
|
-
For more information:
|
417
|
-
|
418
|
-
* https://github.com/doorkeeper-gem/doorkeeper/pull/1119
|
419
|
-
* https://github.com/doorkeeper-gem/doorkeeper/issues/891
|
420
|
-
|
421
|
-
|
417
|
+
post_install_message:
|
422
418
|
rdoc_options: []
|
423
419
|
require_paths:
|
424
420
|
- lib
|
@@ -429,9 +425,9 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
429
425
|
version: '2.1'
|
430
426
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
431
427
|
requirements:
|
432
|
-
- - "
|
428
|
+
- - ">"
|
433
429
|
- !ruby/object:Gem::Version
|
434
|
-
version:
|
430
|
+
version: 1.3.1
|
435
431
|
requirements: []
|
436
432
|
rubyforge_project:
|
437
433
|
rubygems_version: 2.6.11
|
@@ -439,13 +435,14 @@ signing_key:
|
|
439
435
|
specification_version: 4
|
440
436
|
summary: OAuth 2 provider for Rails and Grape
|
441
437
|
test_files:
|
442
|
-
- spec/controllers/
|
438
|
+
- spec/controllers/application_metal_controller_spec.rb
|
443
439
|
- spec/controllers/applications_controller_spec.rb
|
444
440
|
- spec/controllers/authorizations_controller_spec.rb
|
445
441
|
- spec/controllers/protected_resources_controller_spec.rb
|
446
442
|
- spec/controllers/token_info_controller_spec.rb
|
447
443
|
- spec/controllers/tokens_controller_spec.rb
|
448
444
|
- spec/dummy/Rakefile
|
445
|
+
- spec/dummy/app/assets/config/manifest.js
|
449
446
|
- spec/dummy/app/controllers/application_controller.rb
|
450
447
|
- spec/dummy/app/controllers/custom_authorizations_controller.rb
|
451
448
|
- spec/dummy/app/controllers/full_protected_resources_controller.rb
|
@@ -477,7 +474,8 @@ test_files:
|
|
477
474
|
- spec/dummy/db/migrate/20151223192035_create_doorkeeper_tables.rb
|
478
475
|
- spec/dummy/db/migrate/20151223200000_add_owner_to_application.rb
|
479
476
|
- spec/dummy/db/migrate/20160320211015_add_previous_refresh_token_to_access_tokens.rb
|
480
|
-
- spec/dummy/db/migrate/
|
477
|
+
- spec/dummy/db/migrate/20170822064514_enable_pkce.rb
|
478
|
+
- spec/dummy/db/migrate/20180210183654_add_confidential_to_applications.rb
|
481
479
|
- spec/dummy/db/schema.rb
|
482
480
|
- spec/dummy/public/404.html
|
483
481
|
- spec/dummy/public/422.html
|
@@ -486,8 +484,10 @@ test_files:
|
|
486
484
|
- spec/dummy/script/rails
|
487
485
|
- spec/factories.rb
|
488
486
|
- spec/generators/application_owner_generator_spec.rb
|
487
|
+
- spec/generators/confidential_applications_generator_spec.rb
|
489
488
|
- spec/generators/install_generator_spec.rb
|
490
489
|
- spec/generators/migration_generator_spec.rb
|
490
|
+
- spec/generators/pkce_generator_spec.rb
|
491
491
|
- spec/generators/previous_refresh_token_generator_spec.rb
|
492
492
|
- spec/generators/templates/routes.rb
|
493
493
|
- spec/generators/views_generator_spec.rb
|
@@ -525,6 +525,7 @@ test_files:
|
|
525
525
|
- spec/lib/oauth/token_request_spec.rb
|
526
526
|
- spec/lib/oauth/token_response_spec.rb
|
527
527
|
- spec/lib/oauth/token_spec.rb
|
528
|
+
- spec/lib/orm/active_record/stale_records_cleaner_spec.rb
|
528
529
|
- spec/lib/request/strategy_spec.rb
|
529
530
|
- spec/lib/server_spec.rb
|
530
531
|
- spec/models/doorkeeper/access_grant_spec.rb
|
@@ -550,7 +551,8 @@ test_files:
|
|
550
551
|
- spec/routing/scoped_routes_spec.rb
|
551
552
|
- spec/spec_helper.rb
|
552
553
|
- spec/spec_helper_integration.rb
|
553
|
-
- spec/support/dependencies/
|
554
|
+
- spec/support/dependencies/factory_bot.rb
|
555
|
+
- spec/support/doorkeeper_rspec.rb
|
554
556
|
- spec/support/helpers/access_token_request_helper.rb
|
555
557
|
- spec/support/helpers/authorization_request_helper.rb
|
556
558
|
- spec/support/helpers/config_helper.rb
|
@@ -1,31 +0,0 @@
|
|
1
|
-
# frozen_string_literal: true
|
2
|
-
|
3
|
-
require 'rails/generators/active_record'
|
4
|
-
|
5
|
-
module Doorkeeper
|
6
|
-
class AddClientConfidentialityGenerator < ::Rails::Generators::Base
|
7
|
-
include ::Rails::Generators::Migration
|
8
|
-
source_root File.expand_path('templates', __dir__)
|
9
|
-
desc 'Adds a migration to fix CVE-2018-1000211.'
|
10
|
-
|
11
|
-
def install
|
12
|
-
migration_template(
|
13
|
-
'add_confidential_to_application_migration.rb.erb',
|
14
|
-
'db/migrate/add_confidential_to_doorkeeper_application.rb',
|
15
|
-
migration_version: migration_version
|
16
|
-
)
|
17
|
-
end
|
18
|
-
|
19
|
-
def self.next_migration_number(dirname)
|
20
|
-
::ActiveRecord::Generators::Base.next_migration_number(dirname)
|
21
|
-
end
|
22
|
-
|
23
|
-
private
|
24
|
-
|
25
|
-
def migration_version
|
26
|
-
if ::ActiveRecord::VERSION::MAJOR >= 5
|
27
|
-
"[#{::ActiveRecord::VERSION::MAJOR}.#{::ActiveRecord::VERSION::MINOR}]"
|
28
|
-
end
|
29
|
-
end
|
30
|
-
end
|
31
|
-
end
|
@@ -1,11 +0,0 @@
|
|
1
|
-
class AddConfidentialToDoorkeeperApplication < ActiveRecord::Migration<%= migration_version %>
|
2
|
-
def change
|
3
|
-
add_column(
|
4
|
-
:oauth_applications,
|
5
|
-
:confidential,
|
6
|
-
:boolean,
|
7
|
-
null: false,
|
8
|
-
default: true # maintaining backwards compatibility: require secrets
|
9
|
-
)
|
10
|
-
end
|
11
|
-
end
|