doorkeeper 5.2.2 → 5.2.3

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.


This version of doorkeeper might be problematic. Click here for more details.

checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 64def194ba59abd58240aa70f39ac3406d98b22f5d7b8b9cfe5399806a4e151f
4
- data.tar.gz: 746dd0ba0787e9c2d2fae79557c5bea548eb5553c8912c5fa9fbc39fe7ef3669
3
+ metadata.gz: c9d518348b70a1f9aed5f17d689151c1c5129c8508b25f9965887e101e9c1fd3
4
+ data.tar.gz: d41ca23bd09b61ede59a73cc8e23ed3355d9ff4045019c15a65180836b5f597a
5
5
  SHA512:
6
- metadata.gz: 1d04c62db89266915673e8527bcfbe61da5ebff72141de2a1b5712c2989fd283eb379008ef78c5f365e5f04fcfc10646a7614069ab23ddf0acc14a445bd54bed
7
- data.tar.gz: 788ea936761f3f91aa5906fedfea068427ac9f2a8412440fbde81938947f56b62beed61be8fcce4591fa252212a0072779711d3214488f3bc94723baa1468bf0
6
+ metadata.gz: 812f872a66a89ac7a3a33efd529a04ff78af4bcddce2c0024f979994bd3855bc74f24c3e01dcdfbce31f90e8bb65efefec121abbd94469706b89fc00b0c43c2b
7
+ data.tar.gz: f447e906568a6ba487772fd5555c861c51c3eaa97ee15bb1250aa51db71f5fece1e0cc652de1e6d0c385a47bd61d96cff984b9e493dc23b925e620fa6a293d85
@@ -9,6 +9,13 @@ User-visible changes worth mentioning.
9
9
 
10
10
  - [#PR ID] Your PR short description.
11
11
 
12
+ ## 5.2.3
13
+
14
+ - [#1334] Remove `application_secret` flash helper and `redirect_to` keyword.
15
+ - [#1331] Move redirect_uri_validator to where it is used (`Application` model).
16
+ - [#1326] Move response_type check in pre_authorization to a method to be easily to override.
17
+ - [#1329] Fix `find_in_batches` order warning.
18
+
12
19
  ## 5.2.2
13
20
 
14
21
  - [#1320] Call configured `authenticate_resource_owner` method once per request.
@@ -4,7 +4,6 @@ module Doorkeeper
4
4
  class ApplicationsController < Doorkeeper::ApplicationController
5
5
  layout "doorkeeper/admin" unless Doorkeeper.configuration.api_only
6
6
 
7
- add_flash_types :application_secret unless Doorkeeper.configuration.api_only
8
7
  before_action :authenticate_admin!
9
8
  before_action :set_application, only: %i[show edit update destroy]
10
9
 
@@ -191,10 +191,9 @@ module Doorkeeper
191
191
  # @return [Doorkeeper::AccessToken] array of matching AccessToken objects
192
192
  #
193
193
  def authorized_tokens_for(application_id, resource_owner_id)
194
- ordered_by(:created_at, :desc)
195
- .where(application_id: application_id,
196
- resource_owner_id: resource_owner_id,
197
- revoked_at: nil)
194
+ where(application_id: application_id,
195
+ resource_owner_id: resource_owner_id,
196
+ revoked_at: nil)
198
197
  end
199
198
 
200
199
  # Convenience method for backwards-compatibility, return the last
@@ -209,7 +208,8 @@ module Doorkeeper
209
208
  # nil if nothing was found
210
209
  #
211
210
  def last_authorized_token_for(application_id, resource_owner_id)
212
- authorized_tokens_for(application_id, resource_owner_id).first
211
+ authorized_tokens_for(application_id, resource_owner_id)
212
+ .ordered_by(:created_at, :desc).first
213
213
  end
214
214
 
215
215
  ##
@@ -45,12 +45,11 @@ module Doorkeeper
45
45
  end
46
46
 
47
47
  def error_response
48
- is_implicit_flow = response_type == "token"
49
-
50
48
  if error == :invalid_request
51
- OAuth::InvalidRequestResponse.from_request(self, response_on_fragment: is_implicit_flow)
49
+ OAuth::InvalidRequestResponse.from_request(self,
50
+ response_on_fragment: response_on_fragment?)
52
51
  else
53
- OAuth::ErrorResponse.from_request(self, response_on_fragment: is_implicit_flow)
52
+ OAuth::ErrorResponse.from_request(self, response_on_fragment: response_on_fragment?)
54
53
  end
55
54
  end
56
55
 
@@ -123,6 +122,10 @@ module Doorkeeper
123
122
  (code_challenge_method.present? && code_challenge_method =~ /^plain$|^S256$/)
124
123
  end
125
124
 
125
+ def response_on_fragment?
126
+ response_type == "token"
127
+ end
128
+
126
129
  def pre_auth_hash
127
130
  {
128
131
  client_id: client.uid,
@@ -16,7 +16,6 @@ module Doorkeeper
16
16
  def self.initialize_models!
17
17
  lazy_load do
18
18
  require "doorkeeper/orm/active_record/stale_records_cleaner"
19
- require "doorkeeper/orm/active_record/redirect_uri_validator"
20
19
  require "doorkeeper/orm/active_record/access_grant"
21
20
  require "doorkeeper/orm/active_record/access_token"
22
21
  require "doorkeeper/orm/active_record/application"
@@ -1,5 +1,7 @@
1
1
  # frozen_string_literal: true
2
2
 
3
+ require "doorkeeper/orm/active_record/redirect_uri_validator"
4
+
3
5
  module Doorkeeper
4
6
  class Application < ActiveRecord::Base
5
7
  self.table_name = "#{table_name_prefix}oauth_applications#{table_name_suffix}"
@@ -9,7 +9,7 @@ module Doorkeeper
9
9
  # Semantic versioning
10
10
  MAJOR = 5
11
11
  MINOR = 2
12
- TINY = 2
12
+ TINY = 3
13
13
  PRE = nil
14
14
 
15
15
  # Full version number
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: doorkeeper
3
3
  version: !ruby/object:Gem::Version
4
- version: 5.2.2
4
+ version: 5.2.3
5
5
  platform: ruby
6
6
  authors:
7
7
  - Felipe Elias Philipp
@@ -11,7 +11,7 @@ authors:
11
11
  autorequire:
12
12
  bindir: bin
13
13
  cert_chain: []
14
- date: 2019-11-10 00:00:00.000000000 Z
14
+ date: 2019-12-12 00:00:00.000000000 Z
15
15
  dependencies:
16
16
  - !ruby/object:Gem::Dependency
17
17
  name: railties