doorkeeper 4.4.3 → 5.0.0

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: doorkeeper
 version: !ruby/object:Gem::Version
-  version: 4.4.3
+  version: 5.0.0
 platform: ruby
 authors:
 - Felipe Elias Philipp
@@ -11,7 +11,7 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2018-09-19 00:00:00.000000000 Z
+date: 2018-08-24 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: railties
@@ -31,16 +31,16 @@ dependencies:
   name: capybara
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: '0'
+        version: '2.18'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: '0'
+        version: '2.18'
 - !ruby/object:Gem::Dependency
   name: coveralls
   requirement: !ruby/object:Gem::Requirement
@@ -150,6 +150,7 @@ files:
 - ".github/ISSUE_TEMPLATE.md"
 - ".github/PULL_REQUEST_TEMPLATE.md"
 - ".gitignore"
+- ".gitlab-ci.yml"
 - ".hound.yml"
 - ".rspec"
 - ".rubocop.yml"
@@ -164,6 +165,7 @@ files:
 - RELEASING.md
 - Rakefile
 - SECURITY.md
+- UPGRADE.md
 - app/assets/stylesheets/doorkeeper/admin/application.css
 - app/assets/stylesheets/doorkeeper/application.css
 - app/controllers/doorkeeper/application_controller.rb
@@ -211,7 +213,9 @@ files:
 - lib/doorkeeper/models/concerns/ownership.rb
 - lib/doorkeeper/models/concerns/revocable.rb
 - lib/doorkeeper/models/concerns/scopes.rb
+- lib/doorkeeper/oauth.rb
 - lib/doorkeeper/oauth/authorization/code.rb
+- lib/doorkeeper/oauth/authorization/context.rb
 - lib/doorkeeper/oauth/authorization/token.rb
 - lib/doorkeeper/oauth/authorization/uri_builder.rb
 - lib/doorkeeper/oauth/authorization_code_request.rb
@@ -244,10 +248,14 @@ files:
 - lib/doorkeeper/orm/active_record/access_grant.rb
 - lib/doorkeeper/orm/active_record/access_token.rb
 - lib/doorkeeper/orm/active_record/application.rb
+- lib/doorkeeper/orm/active_record/stale_records_cleaner.rb
 - lib/doorkeeper/rails/helpers.rb
 - lib/doorkeeper/rails/routes.rb
 - lib/doorkeeper/rails/routes/mapper.rb
 - lib/doorkeeper/rails/routes/mapping.rb
+- lib/doorkeeper/rake.rb
+- lib/doorkeeper/rake/db.rake
+- lib/doorkeeper/rake/setup.rake
 - lib/doorkeeper/request.rb
 - lib/doorkeeper/request/authorization_code.rb
 - lib/doorkeeper/request/client_credentials.rb
@@ -259,25 +267,28 @@ files:
 - lib/doorkeeper/server.rb
 - lib/doorkeeper/validations.rb
 - lib/doorkeeper/version.rb
-- lib/generators/doorkeeper/add_client_confidentiality_generator.rb
 - lib/generators/doorkeeper/application_owner_generator.rb
+- lib/generators/doorkeeper/confidential_applications_generator.rb
 - lib/generators/doorkeeper/install_generator.rb
 - lib/generators/doorkeeper/migration_generator.rb
+- lib/generators/doorkeeper/pkce_generator.rb
 - lib/generators/doorkeeper/previous_refresh_token_generator.rb
 - lib/generators/doorkeeper/templates/README
-- lib/generators/doorkeeper/templates/add_confidential_to_application_migration.rb.erb
+- lib/generators/doorkeeper/templates/add_confidential_to_applications.rb.erb
 - lib/generators/doorkeeper/templates/add_owner_to_application_migration.rb.erb
 - lib/generators/doorkeeper/templates/add_previous_refresh_token_to_access_tokens.rb.erb
+- lib/generators/doorkeeper/templates/enable_pkce_migration.rb.erb
 - lib/generators/doorkeeper/templates/initializer.rb
 - lib/generators/doorkeeper/templates/migration.rb.erb
 - lib/generators/doorkeeper/views_generator.rb
-- spec/controllers/application_metal_controller.rb
+- spec/controllers/application_metal_controller_spec.rb
 - spec/controllers/applications_controller_spec.rb
 - spec/controllers/authorizations_controller_spec.rb
 - spec/controllers/protected_resources_controller_spec.rb
 - spec/controllers/token_info_controller_spec.rb
 - spec/controllers/tokens_controller_spec.rb
 - spec/dummy/Rakefile
+- spec/dummy/app/assets/config/manifest.js
 - spec/dummy/app/controllers/application_controller.rb
 - spec/dummy/app/controllers/custom_authorizations_controller.rb
 - spec/dummy/app/controllers/full_protected_resources_controller.rb
@@ -309,7 +320,8 @@ files:
 - spec/dummy/db/migrate/20151223192035_create_doorkeeper_tables.rb
 - spec/dummy/db/migrate/20151223200000_add_owner_to_application.rb
 - spec/dummy/db/migrate/20160320211015_add_previous_refresh_token_to_access_tokens.rb
-- spec/dummy/db/migrate/20180210183654_add_confidential_to_application.rb
+- spec/dummy/db/migrate/20170822064514_enable_pkce.rb
+- spec/dummy/db/migrate/20180210183654_add_confidential_to_applications.rb
 - spec/dummy/db/schema.rb
 - spec/dummy/public/404.html
 - spec/dummy/public/422.html
@@ -318,8 +330,10 @@ files:
 - spec/dummy/script/rails
 - spec/factories.rb
 - spec/generators/application_owner_generator_spec.rb
+- spec/generators/confidential_applications_generator_spec.rb
 - spec/generators/install_generator_spec.rb
 - spec/generators/migration_generator_spec.rb
+- spec/generators/pkce_generator_spec.rb
 - spec/generators/previous_refresh_token_generator_spec.rb
 - spec/generators/templates/routes.rb
 - spec/generators/views_generator_spec.rb
@@ -357,6 +371,7 @@ files:
 - spec/lib/oauth/token_request_spec.rb
 - spec/lib/oauth/token_response_spec.rb
 - spec/lib/oauth/token_spec.rb
+- spec/lib/orm/active_record/stale_records_cleaner_spec.rb
 - spec/lib/request/strategy_spec.rb
 - spec/lib/server_spec.rb
 - spec/models/doorkeeper/access_grant_spec.rb
@@ -382,7 +397,8 @@ files:
 - spec/routing/scoped_routes_spec.rb
 - spec/spec_helper.rb
 - spec/spec_helper_integration.rb
-- spec/support/dependencies/factory_girl.rb
+- spec/support/dependencies/factory_bot.rb
+- spec/support/doorkeeper_rspec.rb
 - spec/support/helpers/access_token_request_helper.rb
 - spec/support/helpers/authorization_request_helper.rb
 - spec/support/helpers/config_helper.rb
@@ -400,25 +416,7 @@ homepage: https://github.com/doorkeeper-gem/doorkeeper
 licenses:
 - MIT
 metadata: {}
-post_install_message: |2+
-
-
-    WARNING: This is a security release that addresses token revocation not working for public apps (CVE-2018-1000211)
-
-    There is no breaking change in this release, however to take advantage of the security fix you must:
-
-      1. Run `rails generate doorkeeper:add_client_confidentiality` for the migration
-      2. Review your OAuth apps and determine which ones exclusively use public grant flows (eg implicit)
-      3. Update their `confidential` column to `false` for those public apps
-
-    This is a backported security release.
-
-    For more information:
-
-      * https://github.com/doorkeeper-gem/doorkeeper/pull/1119
-      * https://github.com/doorkeeper-gem/doorkeeper/issues/891
-
-
+post_install_message: 
 rdoc_options: []
 require_paths:
 - lib
@@ -439,13 +437,14 @@ signing_key:
 specification_version: 4
 summary: OAuth 2 provider for Rails and Grape
 test_files:
-- spec/controllers/application_metal_controller.rb
+- spec/controllers/application_metal_controller_spec.rb
 - spec/controllers/applications_controller_spec.rb
 - spec/controllers/authorizations_controller_spec.rb
 - spec/controllers/protected_resources_controller_spec.rb
 - spec/controllers/token_info_controller_spec.rb
 - spec/controllers/tokens_controller_spec.rb
 - spec/dummy/Rakefile
+- spec/dummy/app/assets/config/manifest.js
 - spec/dummy/app/controllers/application_controller.rb
 - spec/dummy/app/controllers/custom_authorizations_controller.rb
 - spec/dummy/app/controllers/full_protected_resources_controller.rb
@@ -477,7 +476,8 @@ test_files:
 - spec/dummy/db/migrate/20151223192035_create_doorkeeper_tables.rb
 - spec/dummy/db/migrate/20151223200000_add_owner_to_application.rb
 - spec/dummy/db/migrate/20160320211015_add_previous_refresh_token_to_access_tokens.rb
-- spec/dummy/db/migrate/20180210183654_add_confidential_to_application.rb
+- spec/dummy/db/migrate/20170822064514_enable_pkce.rb
+- spec/dummy/db/migrate/20180210183654_add_confidential_to_applications.rb
 - spec/dummy/db/schema.rb
 - spec/dummy/public/404.html
 - spec/dummy/public/422.html
@@ -486,8 +486,10 @@ test_files:
 - spec/dummy/script/rails
 - spec/factories.rb
 - spec/generators/application_owner_generator_spec.rb
+- spec/generators/confidential_applications_generator_spec.rb
 - spec/generators/install_generator_spec.rb
 - spec/generators/migration_generator_spec.rb
+- spec/generators/pkce_generator_spec.rb
 - spec/generators/previous_refresh_token_generator_spec.rb
 - spec/generators/templates/routes.rb
 - spec/generators/views_generator_spec.rb
@@ -525,6 +527,7 @@ test_files:
 - spec/lib/oauth/token_request_spec.rb
 - spec/lib/oauth/token_response_spec.rb
 - spec/lib/oauth/token_spec.rb
+- spec/lib/orm/active_record/stale_records_cleaner_spec.rb
 - spec/lib/request/strategy_spec.rb
 - spec/lib/server_spec.rb
 - spec/models/doorkeeper/access_grant_spec.rb
@@ -550,7 +553,8 @@ test_files:
 - spec/routing/scoped_routes_spec.rb
 - spec/spec_helper.rb
 - spec/spec_helper_integration.rb
-- spec/support/dependencies/factory_girl.rb
+- spec/support/dependencies/factory_bot.rb
+- spec/support/doorkeeper_rspec.rb
 - spec/support/helpers/access_token_request_helper.rb
 - spec/support/helpers/authorization_request_helper.rb
 - spec/support/helpers/config_helper.rb

data/lib/generators/doorkeeper/add_client_confidentiality_generator.rb

@@ -1,31 +0,0 @@
-# frozen_string_literal: true
-
-require 'rails/generators/active_record'
-
-module Doorkeeper
-  class AddClientConfidentialityGenerator < ::Rails::Generators::Base
-    include ::Rails::Generators::Migration
-    source_root File.expand_path('templates', __dir__)
-    desc 'Adds a migration to fix CVE-2018-1000211.'
-
-    def install
-      migration_template(
-        'add_confidential_to_application_migration.rb.erb',
-        'db/migrate/add_confidential_to_doorkeeper_application.rb',
-        migration_version: migration_version
-      )
-    end
-
-    def self.next_migration_number(dirname)
-      ::ActiveRecord::Generators::Base.next_migration_number(dirname)
-    end
-
-    private
-
-    def migration_version
-      if ::ActiveRecord::VERSION::MAJOR >= 5
-        "[#{::ActiveRecord::VERSION::MAJOR}.#{::ActiveRecord::VERSION::MINOR}]"
-      end
-    end
-  end
-end

data/lib/generators/doorkeeper/templates/add_confidential_to_application_migration.rb.erb

@@ -1,11 +0,0 @@
-class AddConfidentialToDoorkeeperApplication < ActiveRecord::Migration<%= migration_version %>
-  def change
-    add_column(
-      :oauth_applications,
-      :confidential,
-      :boolean,
-      null: false,
-      default: true # maintaining backwards compatibility: require secrets
-    )
-  end
-end

data/spec/controllers/application_metal_controller.rb

@@ -1,10 +0,0 @@
-require "spec_helper_integration"
-
-describe Doorkeeper::ApplicationMetalController do
-  it "lazy run hooks" do
-    i = 0
-    ActiveSupport.on_load(:doorkeeper_metal_controller) { i += 1 }
-
-    expect(i).to eq 1
-  end
-end