doorkeeper 5.2.1 → 5.2.2

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 40f547a3fdce5d12fc2cac4eacd6de0d99f57994f503d9b2e5a1d423195e748d
-  data.tar.gz: 152612d3fad63c298d2143b1a2811d388dc0c84b57ff121f465b496c01319717
+  metadata.gz: 64def194ba59abd58240aa70f39ac3406d98b22f5d7b8b9cfe5399806a4e151f
+  data.tar.gz: 746dd0ba0787e9c2d2fae79557c5bea548eb5553c8912c5fa9fbc39fe7ef3669
 SHA512:
-  metadata.gz: 3a2e829aa9101e71720484f5faa044db3d5b67aac940ab12e0265d27cb46a443247235a64958dcc5bec05995017e78479e2c08146bc25ab04c984dc3b735bc86
-  data.tar.gz: b579173c6564b9415fd411afdeea5dbfd647b561e7fa2627285dd158d729bbec90fb447db7fa0fdb858822d67a71ba707deaaf8e75768e8a67b5b3a4c66662c6
+  metadata.gz: 1d04c62db89266915673e8527bcfbe61da5ebff72141de2a1b5712c2989fd283eb379008ef78c5f365e5f04fcfc10646a7614069ab23ddf0acc14a445bd54bed
+  data.tar.gz: 788ea936761f3f91aa5906fedfea068427ac9f2a8412440fbde81938947f56b62beed61be8fcce4591fa252212a0072779711d3214488f3bc94723baa1468bf0

data/CHANGELOG.md

@@ -7,12 +7,18 @@ User-visible changes worth mentioning.
 
 ## master
 
-- [#PD ID] Your PR short description.
+- [#PR ID] Your PR short description.
+
+## 5.2.2
+
+- [#1320] Call configured `authenticate_resource_owner` method once per request.
+- [#1315] Allow generation of new secret with `Doorkeeper::Application#renew_secret`.
+- [#1309] Allow `Doorkeeper::Application#to_json` to work without arguments.
 
 ## 5.2.1
 
 - [#1308] Fix flash types for `api_only` mode (no flashes for `ActionController::API`).
-- [#1306] Fix interpolation of `missing_param` i18n.
+- [#1306] Fix interpolation of `missing_param` I18n.
 
 ## 5.2.0
 

data/Gemfile

@@ -11,7 +11,7 @@ gem "rails", "~> 6.0.0"
 gem "rspec-core", github: "rspec/rspec-core"
 gem "rspec-expectations", github: "rspec/rspec-expectations"
 gem "rspec-mocks", github: "rspec/rspec-mocks"
-gem "rspec-rails", github: "rspec/rspec-rails", branch: "4-0-dev"
+gem "rspec-rails", github: "rspec/rspec-rails", branch: "4-0-maintenance"
 gem "rspec-support", github: "rspec/rspec-support"
 
 gem "rubocop", "~> 0.66"

data/lib/doorkeeper/helpers/controller.rb

@@ -16,7 +16,9 @@ module Doorkeeper
 
       # :doc:
       def current_resource_owner
-        instance_eval(&Doorkeeper.configuration.authenticate_resource_owner)
+        @current_resource_owner ||= begin
+          instance_eval(&Doorkeeper.configuration.authenticate_resource_owner)
+        end
       end
 
       def resource_owner_from_credentials

data/lib/doorkeeper/orm/active_record/application.rb

@@ -46,6 +46,14 @@ module Doorkeeper
       AccessGrant.revoke_all_for(id, resource_owner)
     end
 
+    # Generates a new secret for this application, intended to be used
+    # for rotating the secret or in case of compromise.
+    #
+    def renew_secret
+      @raw_secret = UniqueToken.generate
+      secret_strategy.store_secret(self, :secret, @raw_secret)
+    end
+
     # We keep a volatile copy of the raw secret for initial communication
     # The stored refresh_token may be mapped and not available in cleartext.
     #
@@ -60,7 +68,7 @@ module Doorkeeper
       end
     end
 
-    def to_json(options)
+    def to_json(options = nil)
       serializable_hash(except: :secret)
         .merge(secret: plaintext_secret)
         .to_json(options)
@@ -74,9 +82,7 @@ module Doorkeeper
 
     def generate_secret
       return unless secret.blank?
-
-      @raw_secret = UniqueToken.generate
-      secret_strategy.store_secret(self, :secret, @raw_secret)
+      renew_secret
     end
 
     def scopes_match_configured

data/lib/doorkeeper/version.rb

@@ -9,7 +9,7 @@ module Doorkeeper
     # Semantic versioning
     MAJOR = 5
     MINOR = 2
-    TINY = 1
+    TINY = 2
     PRE = nil
 
     # Full version number

data/spec/controllers/authorizations_controller_spec.rb

@@ -28,7 +28,9 @@ describe Doorkeeper::AuthorizationsController, "implicit grant flow" do
     end
 
     allow(Doorkeeper.configuration).to receive(:grant_flows).and_return(["implicit"])
-    allow(controller).to receive(:current_resource_owner).and_return(user)
+    allow(Doorkeeper.configuration).to receive(:authenticate_resource_owner).and_return(->(_) { authenticator_method })
+    allow(controller).to receive(:authenticator_method).and_return(user)
+    expect(controller).to receive(:authenticator_method).at_most(:once)
   end
 
   describe "POST #create" do

data/spec/lib/oauth/authorization_code_request_spec.rb

@@ -69,6 +69,8 @@ module Doorkeeper::OAuth
     end
 
     it "invalid code_verifier param because server does not support pkce" do
+      # Some other ORMs work relies on #respond_to? so it's not a good idea to stub it :\
+      allow_any_instance_of(Doorkeeper::AccessGrant).to receive(:respond_to?).with(anything).and_call_original
       allow_any_instance_of(Doorkeeper::AccessGrant).to receive(:respond_to?).with(:code_challenge).and_return(false)
 
       subject.code_verifier = "a45a9fea-0676-477e-95b1-a40f72ac3cfb"

data/spec/models/doorkeeper/access_grant_spec.rb

@@ -61,10 +61,29 @@ describe Doorkeeper::AccessGrant do
         it "upgrades a plain token when falling back to it" do
           # Side-effect: This will automatically upgrade the token
           expect(clazz).to receive(:upgrade_fallback_value).and_call_original
-          expect(clazz.by_token(plain_text_token)).to eq(grant)
+          expect(clazz.by_token(plain_text_token))
+            .to have_attributes(
+              resource_owner_id: grant.resource_owner_id,
+              application_id: grant.application_id,
+              redirect_uri: grant.redirect_uri,
+              expires_in: grant.expires_in,
+              scopes: grant.scopes,
+            )
 
           # Will find subsequently by hashing the token
-          expect(clazz.by_token(plain_text_token)).to eq(grant)
+          expect(clazz.by_token(plain_text_token))
+            .to have_attributes(
+              resource_owner_id: grant.resource_owner_id,
+              application_id: grant.application_id,
+              redirect_uri: grant.redirect_uri,
+              expires_in: grant.expires_in,
+              scopes: grant.scopes,
+            )
+
+          # Not all the ORM support :id PK
+          if grant.respond_to?(:id)
+            expect(clazz.by_token(plain_text_token).id).to eq(grant.id)
+          end
 
           # And it modifies the token value
           grant.reload

data/spec/models/doorkeeper/access_token_spec.rb

@@ -73,10 +73,25 @@ module Doorkeeper
             it "upgrades a plain token when falling back to it" do
               # Side-effect: This will automatically upgrade the token
               expect(clazz).to receive(:upgrade_fallback_value).and_call_original
-              expect(clazz.by_token(plain_text_token)).to eq(access_token)
+              expect(clazz.by_token(plain_text_token))
+                .to have_attributes(
+                  resource_owner_id: access_token.resource_owner_id,
+                  application_id: access_token.application_id,
+                  scopes: access_token.scopes,
+                )
 
               # Will find subsequently by hashing the token
-              expect(clazz.by_token(plain_text_token)).to eq(access_token)
+              expect(clazz.by_token(plain_text_token))
+                .to have_attributes(
+                  resource_owner_id: access_token.resource_owner_id,
+                  application_id: access_token.application_id,
+                  scopes: access_token.scopes,
+                )
+
+              # Not all the ORM support :id PK
+              if access_token.respond_to?(:id)
+                expect(clazz.by_token(plain_text_token).id).to eq(access_token.id)
+              end
 
               # And it modifies the token value
               access_token.reload
@@ -113,6 +128,7 @@ module Doorkeeper
         eigenclass.class_eval do
           remove_method :generate
         end
+
         module CustomGeneratorArgs
           def self.generate(opts = {})
             "custom_generator_token_#{opts[:application].name}"
@@ -307,10 +323,25 @@ module Doorkeeper
             it "upgrades a plain token when falling back to it" do
               # Side-effect: This will automatically upgrade the token
               expect(clazz).to receive(:upgrade_fallback_value).and_call_original
-              expect(clazz.by_refresh_token(plain_refresh_token)).to eq(access_token)
+              expect(clazz.by_refresh_token(plain_refresh_token))
+                .to have_attributes(
+                  token: access_token.token,
+                  resource_owner_id: access_token.resource_owner_id,
+                  application_id: access_token.application_id,
+                )
 
               # Will find subsequently by hashing the token
-              expect(clazz.by_refresh_token(plain_refresh_token)).to eq(access_token)
+              expect(clazz.by_refresh_token(plain_refresh_token))
+                .to have_attributes(
+                  token: access_token.token,
+                  resource_owner_id: access_token.resource_owner_id,
+                  application_id: access_token.application_id,
+                )
+
+              # Not all the ORM support :id PK
+              if access_token.respond_to?(:id)
+                expect(clazz.by_refresh_token(plain_refresh_token).id).to eq(access_token.id)
+              end
 
               # And it modifies the token value
               access_token.reload

data/spec/models/doorkeeper/application_spec.rb

@@ -271,6 +271,16 @@ module Doorkeeper
       end
     end
 
+    describe "#renew_secret" do
+      let(:app) { FactoryBot.create :application }
+
+      it "should generate a new secret" do
+        old_secret = app.secret
+        app.renew_secret
+        expect(old_secret).not_to eq(app.secret)
+      end
+    end
+
     describe :authorized_for do
       let(:resource_owner) { double(:resource_owner, id: 10) }
 

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: doorkeeper
 version: !ruby/object:Gem::Version
-  version: 5.2.1
+  version: 5.2.2
 platform: ruby
 authors:
 - Felipe Elias Philipp
@@ -11,7 +11,7 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2019-09-17 00:00:00.000000000 Z
+date: 2019-11-10 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: railties