doorkeeper 5.6.0 → 5.6.2

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.


This version of doorkeeper might be problematic. Click here for more details.

checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 5441233047f75695d69268c2f5943c17abc8f521e6e6bcebc4cf206bd6734988
4
- data.tar.gz: 006bbfe6b0548f3e69ac05fc711d08c26722075d41da78783a8ed3ffaaef5021
3
+ metadata.gz: 8c22e5cf14aebfd8b75510d028c123f9a924d13bf08c2717f2d7ce6c8bc202a1
4
+ data.tar.gz: 5c625f6be3f5412c546a175c310577c737407690328e6696a773ab74dd1abe13
5
5
  SHA512:
6
- metadata.gz: 04a629783d029ece5e8669a9e8df10e05fbcf05524958d21b57fbd193cd9626f57b1a081e4f39e2b9a44695e9a885d78bbbc2f92615ff2bcdf5b75acb14bd604
7
- data.tar.gz: b8dc9793418beb7a9af0b7e42c251b5270a5b8fa01008740e2617f49dc74cc60ccfda7eec863a71a5cb340176467ef7755bb9cd66c7d6720e4be4f820490401c
6
+ metadata.gz: 127dd3e716bfde2c825ba1d6c4fee662a80a809063a8bd0d5480767fc472c41a6208742407f47656dae95cb7d41b1cb30a920b0270fd2c194a3267fc2c843626
7
+ data.tar.gz: e17e0349cefce41f7767f944fded43b71221b0df82042a9fb9c0dddb464308f3642fe2af7fc61bc1ec4ebb09cb3d2ea1d7a3040adc41130259e495cf3e129386
data/CHANGELOG.md CHANGED
@@ -9,6 +9,16 @@ User-visible changes worth mentioning.
9
9
 
10
10
  - [#ID] Add your PR description here.
11
11
 
12
+ ## 5.6.2
13
+
14
+ - [#1604] Fix fetching of the application when custom application_class defined.
15
+
16
+ ## 5.6.1
17
+
18
+ - [#1593] Add support for Trilogy ActiveRecord adapter.
19
+ - [#1597] Add optional support to use the url path for the native authorization code flow. Ports forward [#1143] from 4.4.3
20
+ - [#1599] Remove unnecessarily re-fetch of application object when creating an access token.
21
+
12
22
  ## 5.6.0
13
23
 
14
24
  - [#1581] Consider `token_type_hint` when searching for access token in TokensController to avoid extra database calls.
@@ -159,6 +159,15 @@ module Doorkeeper
159
159
  @config.instance_variable_set(:@reuse_access_token, true)
160
160
  end
161
161
 
162
+ # Choose to use the url path for native autorization codes
163
+ # Enabling this flag sets the authorization code response route for
164
+ # native redirect uris to oauth/authorize/<code>. The default is
165
+ # oauth/authorize/native?code=<code>.
166
+ # Rationale: https://github.com/doorkeeper-gem/doorkeeper/issues/1143
167
+ def use_url_path_for_native_authorization
168
+ @config.instance_variable_set(:@use_url_path_for_native_authorization, true)
169
+ end
170
+
162
171
  # TODO: maybe make it more generic for other flows too?
163
172
  # Only allow one valid access token obtained via client credentials
164
173
  # per client. If a new access token is obtained before the old one
@@ -623,6 +632,11 @@ module Doorkeeper
623
632
  def deprecated_token_grant_types_resolver
624
633
  @deprecated_token_grant_types ||= calculate_token_grant_types
625
634
  end
635
+
636
+ def native_authorization_code_route
637
+ @use_url_path_for_native_authorization = false unless defined?(@use_url_path_for_native_authorization)
638
+ @use_url_path_for_native_authorization ? '/:code' : '/native'
639
+ end
626
640
 
627
641
  # [NOTE]: deprecated and will be removed soon
628
642
  def deprecated_authorization_flows
@@ -212,7 +212,7 @@ module Doorkeeper
212
212
  # @return [Doorkeeper::AccessToken] new access token
213
213
  #
214
214
  def create_for(application:, resource_owner:, scopes:, **token_attributes)
215
- token_attributes[:application_id] = application&.id
215
+ token_attributes[:application] = application
216
216
  token_attributes[:scopes] = scopes.to_s
217
217
 
218
218
  if Doorkeeper.config.polymorphic_resource_owner?
@@ -56,6 +56,7 @@ module Doorkeeper
56
56
  "postgresql" => PostgresExpirationTimeSqlGenerator,
57
57
  "mysql" => MySqlExpirationTimeSqlGenerator,
58
58
  "mysql2" => MySqlExpirationTimeSqlGenerator,
59
+ "trilogy" => MySqlExpirationTimeSqlGenerator,
59
60
  "sqlserver" => SqlServerExpirationTimeSqlGenerator,
60
61
  "oracleenhanced" => OracleExpirationTimeSqlGenerator,
61
62
  }.freeze
@@ -60,7 +60,7 @@ module Doorkeeper
60
60
  )
61
61
 
62
62
  @token = Doorkeeper.config.access_token_model.find_or_create_for(
63
- application: pre_auth.client,
63
+ application: application,
64
64
  resource_owner: resource_owner,
65
65
  scopes: pre_auth.scopes,
66
66
  expires_in: self.class.access_token_expires_in(Doorkeeper.config, context),
@@ -68,6 +68,12 @@ module Doorkeeper
68
68
  )
69
69
  end
70
70
 
71
+ def application
72
+ return unless pre_auth.client
73
+
74
+ pre_auth.client.is_a?(Doorkeeper.config.application_model) ? pre_auth.client : pre_auth.client.application
75
+ end
76
+
71
77
  def oob_redirect
72
78
  {
73
79
  controller: controller,
@@ -29,7 +29,7 @@ module Doorkeeper
29
29
  def find_or_create_access_token(client, resource_owner, scopes, server)
30
30
  context = Authorization::Token.build_context(client, grant_type, scopes, resource_owner)
31
31
  @access_token = server_config.access_token_model.find_or_create_for(
32
- application: client,
32
+ application: client.is_a?(server_config.application_model) ? client : client&.application,
33
33
  resource_owner: resource_owner,
34
34
  scopes: scopes,
35
35
  expires_in: Authorization::Token.access_token_expires_in(server, context),
@@ -13,8 +13,9 @@ module Doorkeeper
13
13
  end
14
14
 
15
15
  with_revocation(existing_token: existing_token) do
16
+ application = client.is_a?(server_config.application_model) ? client : client&.application
16
17
  server_config.access_token_model.create_for(
17
- application: client,
18
+ application: application,
18
19
  resource_owner: nil,
19
20
  scopes: scopes,
20
21
  **attributes,
@@ -53,8 +53,8 @@ module Doorkeeper
53
53
  as: mapping[:as],
54
54
  controller: mapping[:controllers],
55
55
  ) do
56
- routes.get "/native", action: :show, on: :member
57
- routes.get "/", action: :new, on: :member
56
+ routes.get native_authorization_code_route, action: :show, on: :member
57
+ routes.get '/', action: :new, on: :member
58
58
  end
59
59
  end
60
60
 
@@ -96,6 +96,10 @@ module Doorkeeper
96
96
  only: %i[index destroy],
97
97
  controller: mapping[:controllers]
98
98
  end
99
+
100
+ def native_authorization_code_route
101
+ Doorkeeper.configuration.native_authorization_code_route
102
+ end
99
103
  end
100
104
  end
101
105
  end
@@ -5,7 +5,7 @@ module Doorkeeper
5
5
  # Semantic versioning
6
6
  MAJOR = 5
7
7
  MINOR = 6
8
- TINY = 0
8
+ TINY = 2
9
9
  PRE = nil
10
10
 
11
11
  # Full version number
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: doorkeeper
3
3
  version: !ruby/object:Gem::Version
4
- version: 5.6.0
4
+ version: 5.6.2
5
5
  platform: ruby
6
6
  authors:
7
7
  - Felipe Elias Philipp
@@ -11,7 +11,7 @@ authors:
11
11
  autorequire:
12
12
  bindir: bin
13
13
  cert_chain: []
14
- date: 2022-09-08 00:00:00.000000000 Z
14
+ date: 2022-11-29 00:00:00.000000000 Z
15
15
  dependencies:
16
16
  - !ruby/object:Gem::Dependency
17
17
  name: railties
@@ -359,7 +359,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
359
359
  - !ruby/object:Gem::Version
360
360
  version: '0'
361
361
  requirements: []
362
- rubygems_version: 3.0.8
362
+ rubygems_version: 3.1.4
363
363
  signing_key:
364
364
  specification_version: 4
365
365
  summary: OAuth 2 provider for Rails and Grape