doorkeeper 5.6.0.rc2 → 5.6.0
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of doorkeeper might be problematic. Click here for more details.
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 5441233047f75695d69268c2f5943c17abc8f521e6e6bcebc4cf206bd6734988
|
|
4
|
+
data.tar.gz: 006bbfe6b0548f3e69ac05fc711d08c26722075d41da78783a8ed3ffaaef5021
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 04a629783d029ece5e8669a9e8df10e05fbcf05524958d21b57fbd193cd9626f57b1a081e4f39e2b9a44695e9a885d78bbbc2f92615ff2bcdf5b75acb14bd604
|
|
7
|
+
data.tar.gz: b8dc9793418beb7a9af0b7e42c251b5270a5b8fa01008740e2617f49dc74cc60ccfda7eec863a71a5cb340176467ef7755bb9cd66c7d6720e4be4f820490401c
|
data/CHANGELOG.md
CHANGED
|
@@ -9,6 +9,10 @@ User-visible changes worth mentioning.
|
|
|
9
9
|
|
|
10
10
|
- [#ID] Add your PR description here.
|
|
11
11
|
|
|
12
|
+
## 5.6.0
|
|
13
|
+
|
|
14
|
+
- [#1581] Consider `token_type_hint` when searching for access token in TokensController to avoid extra database calls.
|
|
15
|
+
|
|
12
16
|
## 5.6.0.rc1
|
|
13
17
|
|
|
14
18
|
- [#1558] Fixed bug: able to obtain a token with default scopes even if they are not present in the
|
|
@@ -30,6 +30,7 @@ module Doorkeeper
|
|
|
30
30
|
end
|
|
31
31
|
end
|
|
32
32
|
|
|
33
|
+
# OAuth 2.0 Token Introspection - https://datatracker.ietf.org/doc/html/rfc7662
|
|
33
34
|
def introspect
|
|
34
35
|
introspection = OAuth::TokenIntrospection.new(server, token)
|
|
35
36
|
|
|
@@ -115,12 +116,14 @@ module Doorkeeper
|
|
|
115
116
|
token.revoke if token&.accessible?
|
|
116
117
|
end
|
|
117
118
|
|
|
118
|
-
# Doorkeeper does not use the token_type_hint logic described in the
|
|
119
|
-
# RFC 7009 due to the refresh token implementation that is a field in
|
|
120
|
-
# the access token model.
|
|
121
119
|
def token
|
|
122
|
-
@token ||=
|
|
123
|
-
|
|
120
|
+
@token ||=
|
|
121
|
+
if params[:token_type_hint] == "refresh_token"
|
|
122
|
+
Doorkeeper.config.access_token_model.by_refresh_token(params["token"])
|
|
123
|
+
else
|
|
124
|
+
Doorkeeper.config.access_token_model.by_token(params["token"]) ||
|
|
125
|
+
Doorkeeper.config.access_token_model.by_refresh_token(params["token"])
|
|
126
|
+
end
|
|
124
127
|
end
|
|
125
128
|
|
|
126
129
|
def strategy
|
data/lib/doorkeeper/config.rb
CHANGED
|
@@ -387,11 +387,20 @@ module Doorkeeper
|
|
|
387
387
|
option :access_token_generator,
|
|
388
388
|
default: "Doorkeeper::OAuth::Helpers::UniqueToken"
|
|
389
389
|
|
|
390
|
+
# Use a custom class for generating the application secret.
|
|
391
|
+
# https://doorkeeper.gitbook.io/guides/configuration/other-configurations#custom-application-secret-generator
|
|
392
|
+
#
|
|
393
|
+
# @param application_secret_generator [String]
|
|
394
|
+
# the name of the application secret generator class
|
|
395
|
+
#
|
|
396
|
+
option :application_secret_generator,
|
|
397
|
+
default: "Doorkeeper::OAuth::Helpers::UniqueToken"
|
|
398
|
+
|
|
390
399
|
# Default access token generator is a SecureRandom class from Ruby stdlib.
|
|
391
400
|
# This option defines which method will be used to generate a unique token value.
|
|
392
401
|
#
|
|
393
|
-
# @param
|
|
394
|
-
# the name of the access token generator
|
|
402
|
+
# @param default_generator_method [Symbol]
|
|
403
|
+
# the method name of the default access token generator
|
|
395
404
|
#
|
|
396
405
|
option :default_generator_method, default: :urlsafe_base64
|
|
397
406
|
|
|
@@ -48,7 +48,7 @@ module Doorkeeper::Orm::ActiveRecord::Mixins
|
|
|
48
48
|
# @return [String] new transformed secret value
|
|
49
49
|
#
|
|
50
50
|
def renew_secret
|
|
51
|
-
@raw_secret =
|
|
51
|
+
@raw_secret = secret_generator.generate
|
|
52
52
|
secret_strategy.store_secret(self, :secret, @raw_secret)
|
|
53
53
|
end
|
|
54
54
|
|
|
@@ -106,6 +106,17 @@ module Doorkeeper::Orm::ActiveRecord::Mixins
|
|
|
106
106
|
|
|
107
107
|
private
|
|
108
108
|
|
|
109
|
+
def secret_generator
|
|
110
|
+
generator_name = Doorkeeper.config.application_secret_generator
|
|
111
|
+
generator = generator_name.constantize
|
|
112
|
+
|
|
113
|
+
return generator if generator.respond_to?(:generate)
|
|
114
|
+
|
|
115
|
+
raise Errors::UnableToGenerateToken, "#{generator} does not respond to `.generate`."
|
|
116
|
+
rescue NameError
|
|
117
|
+
raise Errors::TokenGeneratorNotFound, "#{generator_name} not found"
|
|
118
|
+
end
|
|
119
|
+
|
|
109
120
|
def generate_uid
|
|
110
121
|
self.uid = Doorkeeper::OAuth::Helpers::UniqueToken.generate if uid.blank?
|
|
111
122
|
end
|
data/lib/doorkeeper/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: doorkeeper
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 5.6.0
|
|
4
|
+
version: 5.6.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Felipe Elias Philipp
|
|
@@ -11,7 +11,7 @@ authors:
|
|
|
11
11
|
autorequire:
|
|
12
12
|
bindir: bin
|
|
13
13
|
cert_chain: []
|
|
14
|
-
date: 2022-
|
|
14
|
+
date: 2022-09-08 00:00:00.000000000 Z
|
|
15
15
|
dependencies:
|
|
16
16
|
- !ruby/object:Gem::Dependency
|
|
17
17
|
name: railties
|
|
@@ -355,9 +355,9 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
|
355
355
|
version: '2.5'
|
|
356
356
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
|
357
357
|
requirements:
|
|
358
|
-
- - "
|
|
358
|
+
- - ">="
|
|
359
359
|
- !ruby/object:Gem::Version
|
|
360
|
-
version:
|
|
360
|
+
version: '0'
|
|
361
361
|
requirements: []
|
|
362
362
|
rubygems_version: 3.0.8
|
|
363
363
|
signing_key:
|