doorkeeper 5.9.2 → 5.9.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +5 -0
- data/lib/doorkeeper/config.rb +2 -2
- data/lib/doorkeeper/orm/active_record/mixins/application.rb +6 -7
- data/lib/doorkeeper/version.rb +1 -1
- metadata +1 -1
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 71a32b8766b44f5eff16fbc128cfff6ab676b5af9104d16d58f060a0ed6d894c
|
|
4
|
+
data.tar.gz: 864e07764f1ba86d6f52a10e5a081291c2748dcecbfb8bcc60b0f27baa4e616e
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 4116cfa7e4e06a1bff79489ddeced66af1803dedd6f2e1b1b5edd67db0d90e444922a87cfc2215a4e61357e54ddf988606c3ecce40e50afb24fdd5e06808a2bd
|
|
7
|
+
data.tar.gz: 558ec2ac88215ba2cde034380a27d44d0c989841942c070e4ea02a746d154944b094ae2aa6a9284c7cca6d310705634fde4f6566fbf8a268a0c1b33e41937107
|
data/CHANGELOG.md
CHANGED
|
@@ -9,6 +9,11 @@ User-visible changes worth mentioning.
|
|
|
9
9
|
|
|
10
10
|
- Please add here
|
|
11
11
|
|
|
12
|
+
## 5.9.3
|
|
13
|
+
|
|
14
|
+
- [#1834] Fix default `allow_token_introspection` returning `false` when a custom `application_class` is configured. The default proc compared application objects with `==`, which fails when the authorized client and the introspected token's application are resolved as different classes (e.g. a base `Doorkeeper::Application` vs. a configured subclass) even though they reference the same record. It now compares application ids instead.
|
|
15
|
+
- [#1832] Fix confusing `belongs_to :owner` side effect: `Doorkeeper::Models::Ownership` is now included only when `enable_application_owner?` is set (read at include time), so models no longer expose a misleading `owner` association/reflection when the application owner feature is disabled and the schema lacks the owner columns.
|
|
16
|
+
|
|
12
17
|
## 5.9.2
|
|
13
18
|
|
|
14
19
|
- [#1822][#1823][#1825] Update Rubocop config, auto-corrections and codebase cleanup.
|
data/lib/doorkeeper/config.rb
CHANGED
|
@@ -444,9 +444,9 @@ module Doorkeeper
|
|
|
444
444
|
option :allow_token_introspection,
|
|
445
445
|
default: (lambda do |token, authorized_client, authorized_token|
|
|
446
446
|
if authorized_token
|
|
447
|
-
authorized_token.
|
|
447
|
+
authorized_token.application_id == token&.application_id
|
|
448
448
|
elsif token&.application
|
|
449
|
-
authorized_client == token.
|
|
449
|
+
authorized_client.id == token.application_id
|
|
450
450
|
else
|
|
451
451
|
true
|
|
452
452
|
end
|
|
@@ -9,13 +9,12 @@ module Doorkeeper::Orm::ActiveRecord::Mixins
|
|
|
9
9
|
self.strict_loading_by_default = false if respond_to?(:strict_loading_by_default)
|
|
10
10
|
|
|
11
11
|
include ::Doorkeeper::ApplicationMixin
|
|
12
|
-
#
|
|
13
|
-
#
|
|
14
|
-
#
|
|
15
|
-
# is
|
|
16
|
-
#
|
|
17
|
-
|
|
18
|
-
include ::Doorkeeper::Models::Ownership
|
|
12
|
+
# `enable_application_owner?` is read once, at parent-class autoload
|
|
13
|
+
# time (#1831): with the feature off the model exposes no `:owner`
|
|
14
|
+
# association — avoiding a misleading reflection on schemas that lack
|
|
15
|
+
# the owner columns. The flag is therefore a load-time switch; turning
|
|
16
|
+
# it on later requires defining a fresh model class.
|
|
17
|
+
include ::Doorkeeper::Models::Ownership if Doorkeeper.config.enable_application_owner?
|
|
19
18
|
|
|
20
19
|
has_many :access_grants,
|
|
21
20
|
foreign_key: :application_id,
|
data/lib/doorkeeper/version.rb
CHANGED