RubyGems - doorkeeper - Versions diffs - 5.9.1 → 5.9.3 - Mend

doorkeeper 5.9.1 → 5.9.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (9) hide show

checksums.yaml +4 -4
data/CHANGELOG.md +12 -1
data/lib/doorkeeper/config.rb +2 -2
data/lib/doorkeeper/orm/active_record/mixins/access_grant.rb +1 -0
data/lib/doorkeeper/orm/active_record/mixins/access_token.rb +1 -0
data/lib/doorkeeper/orm/active_record/mixins/application.rb +6 -0
data/lib/doorkeeper/orm/active_record.rb +8 -16
data/lib/doorkeeper/version.rb +1 -1
metadata +1 -1

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: dd9d528da47dec74a5bb12a6e9ce672279cebd0a52cc6a714347df6c17828dfd
-  data.tar.gz: 61e4dcc2434b3e1c0400e35bf80eef980b3adb81c2a33cbe74e9797fef3963b0
+  metadata.gz: 71a32b8766b44f5eff16fbc128cfff6ab676b5af9104d16d58f060a0ed6d894c
+  data.tar.gz: 864e07764f1ba86d6f52a10e5a081291c2748dcecbfb8bcc60b0f27baa4e616e
 SHA512:
-  metadata.gz: 8a3e115278bfb5540ccde8b7ecc4084138935a4a7c928011f38684908c4e5cd0dadbfb14a93bcb4ce39da91a8bcaf599970d39de6d7953752e7c77aa6c03c31e
-  data.tar.gz: b62a19e584648c28bd9d4a24e21d3501ac35c85c77de950050c8942bb82be4f821d241b41ebc8544b03c354f93f96e4588c051d1b4eafe77ce6b13c06941ab7c
+  metadata.gz: 4116cfa7e4e06a1bff79489ddeced66af1803dedd6f2e1b1b5edd67db0d90e444922a87cfc2215a4e61357e54ddf988606c3ecce40e50afb24fdd5e06808a2bd
+  data.tar.gz: 558ec2ac88215ba2cde034380a27d44d0c989841942c070e4ea02a746d154944b094ae2aa6a9284c7cca6d310705634fde4f6566fbf8a268a0c1b33e41937107

data/CHANGELOG.md CHANGED Viewed

@@ -7,7 +7,18 @@ User-visible changes worth mentioning.
 ## main
-- Add here
+- Please add here
+## 5.9.3
+- [#1834] Fix default `allow_token_introspection` returning `false` when a custom `application_class` is configured. The default proc compared application objects with `==`, which fails when the authorized client and the introspected token's application are resolved as different classes (e.g. a base `Doorkeeper::Application` vs. a configured subclass) even though they reference the same record. It now compares application ids instead.
+- [#1832] Fix confusing `belongs_to :owner` side effect: `Doorkeeper::Models::Ownership` is now included only when `enable_application_owner?` is set (read at include time), so models no longer expose a misleading `owner` association/reflection when the application owner feature is disabled and the schema lacks the owner columns.
+## 5.9.2
+- [#1822][#1823][#1825] Update Rubocop config, auto-corrections and codebase cleanup.
+- [#1830] Fix `NameError: uninitialized constant ApplicationRecord` on `rails db:seed` (and other non-eager-loading flows) caused by `on_load(:active_record)` firing re-entrantly during `ApplicationRecord` autoload. The orm hooks no longer depend on `ActiveSupport.on_load(:active_record)`; model concerns (`Ownership`, `PolymorphicResourceOwner::ForAccessGrant`, `PolymorphicResourceOwner::ForAccessToken`) are now wired up from each `Mixins::*` `included` block, which fires at parent-class autoload time — after `Doorkeeper.configure` has applied user settings and without re-entering the AR load chain.
+  - **Upgrade note**: fully custom model classes that don't include `Doorkeeper::Orm::ActiveRecord::Mixins::{Application,AccessToken,AccessGrant}` will no longer auto-receive `Ownership` / `PolymorphicResourceOwner` concerns (previously injected by `run_orm_hooks` via the configured class name). Either inherit from the Doorkeeper default model, include the corresponding `Mixins::*` module, or `include` the concerns directly.
 ## 5.9.1

data/lib/doorkeeper/config.rb CHANGED Viewed

@@ -444,9 +444,9 @@ module Doorkeeper
     option :allow_token_introspection,
            default: (lambda do |token, authorized_client, authorized_token|
              if authorized_token
-               authorized_token.application == token&.application
+               authorized_token.application_id == token&.application_id
              elsif token&.application
-               authorized_client == token.application
+               authorized_client.id == token.application_id
              else
                true
              end

data/lib/doorkeeper/orm/active_record/mixins/access_grant.rb CHANGED Viewed

@@ -9,6 +9,7 @@ module Doorkeeper::Orm::ActiveRecord::Mixins
       self.strict_loading_by_default = false if respond_to?(:strict_loading_by_default)
       include ::Doorkeeper::AccessGrantMixin
+      include ::Doorkeeper::Models::PolymorphicResourceOwner::ForAccessGrant
       belongs_to :application, class_name: Doorkeeper.config.application_class.to_s,
                                optional: true,

data/lib/doorkeeper/orm/active_record/mixins/access_token.rb CHANGED Viewed

@@ -9,6 +9,7 @@ module Doorkeeper::Orm::ActiveRecord::Mixins
       self.strict_loading_by_default = false if respond_to?(:strict_loading_by_default)
       include ::Doorkeeper::AccessTokenMixin
+      include ::Doorkeeper::Models::PolymorphicResourceOwner::ForAccessToken
       belongs_to :application, class_name: Doorkeeper.config.application_class.to_s,
                                inverse_of: :access_tokens,

data/lib/doorkeeper/orm/active_record/mixins/application.rb CHANGED Viewed

@@ -9,6 +9,12 @@ module Doorkeeper::Orm::ActiveRecord::Mixins
       self.strict_loading_by_default = false if respond_to?(:strict_loading_by_default)
       include ::Doorkeeper::ApplicationMixin
+      # `enable_application_owner?` is read once, at parent-class autoload
+      # time (#1831): with the feature off the model exposes no `:owner`
+      # association — avoiding a misleading reflection on schemas that lack
+      # the owner columns. The flag is therefore a load-time switch; turning
+      # it on later requires defining a fresh model class.
+      include ::Doorkeeper::Models::Ownership if Doorkeeper.config.enable_application_owner?
       has_many :access_grants,
                foreign_key: :application_id,

data/lib/doorkeeper/orm/active_record.rb CHANGED Viewed

@@ -28,22 +28,14 @@ module Doorkeeper
         autoload :Application, "doorkeeper/orm/active_record/mixins/application"
       end
-      def self.run_hooks
-        initialize_configured_associations
-      end
-      def self.initialize_configured_associations
-        # NOTE: on_load block is instance_exec'd on ActiveRecord::Base,
-        #       so use fully qualified references (e.g. Doorkeeper.config).
-        ActiveSupport.on_load(:active_record) do
-          if Doorkeeper.config.enable_application_owner?
-            Doorkeeper.config.application_model.include ::Doorkeeper::Models::Ownership
-          end
-          Doorkeeper.config.access_grant_model.include ::Doorkeeper::Models::PolymorphicResourceOwner::ForAccessGrant
-          Doorkeeper.config.access_token_model.include ::Doorkeeper::Models::PolymorphicResourceOwner::ForAccessToken
-        end
-      end
+      # Kept as a no-op so `Doorkeeper.run_orm_hooks` (and any plugin that
+      # checks `respond_to?(:run_hooks)`) stays quiet. The model concerns
+      # that used to be wired up here are now included from each Mixin's
+      # `included` block, which runs at parent-class autoload time — well
+      # after `Doorkeeper.configure` has applied user settings, and without
+      # touching `ActiveSupport.on_load(:active_record)` (whose re-entrant
+      # firing during `ApplicationRecord` autoload caused #1828).
+      def self.run_hooks; end
     end
   end
 end

data/lib/doorkeeper/version.rb CHANGED Viewed

@@ -5,7 +5,7 @@ module Doorkeeper
     # Semantic versioning
     MAJOR = 5
     MINOR = 9
-    TINY = 1
+    TINY = 3
     PRE = nil
     # Full version number

metadata CHANGED Viewed

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: doorkeeper
 version: !ruby/object:Gem::Version
-  version: 5.9.1
+  version: 5.9.3
 platform: ruby
 authors:
 - Felipe Elias Philipp