Update dependency doorkeeper to v5.8.0 (#33000)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
This commit is contained in:
		
					parent
					
						
							
								e4d5cc0ca6
							
						
					
				
			
			
				commit
				
					
						4517e18b79
					
				
			
		
					 7 changed files with 8 additions and 17 deletions
				
			
		|  | @ -200,7 +200,7 @@ GEM | ||||||
|       activerecord (>= 4.2, < 9.0) |       activerecord (>= 4.2, < 9.0) | ||||||
|     docile (1.4.1) |     docile (1.4.1) | ||||||
|     domain_name (0.6.20240107) |     domain_name (0.6.20240107) | ||||||
|     doorkeeper (5.7.1) |     doorkeeper (5.8.0) | ||||||
|       railties (>= 5) |       railties (>= 5) | ||||||
|     dotenv (3.1.4) |     dotenv (3.1.4) | ||||||
|     drb (2.2.1) |     drb (2.2.1) | ||||||
|  |  | ||||||
|  | @ -1,13 +0,0 @@ | ||||||
| # frozen_string_literal: true |  | ||||||
| 
 |  | ||||||
| module OauthPreAuthorizationExtension |  | ||||||
|   extend ActiveSupport::Concern |  | ||||||
| 
 |  | ||||||
|   included do |  | ||||||
|     validate :code_challenge_method_s256, error: Doorkeeper::Errors::InvalidCodeChallengeMethod |  | ||||||
|   end |  | ||||||
| 
 |  | ||||||
|   def validate_code_challenge_method_s256 |  | ||||||
|     code_challenge.blank? || code_challenge_method == 'S256' |  | ||||||
|   end |  | ||||||
| end |  | ||||||
|  | @ -65,7 +65,7 @@ class OauthMetadataPresenter < ActiveModelSerializers::Model | ||||||
|   end |   end | ||||||
| 
 | 
 | ||||||
|   def code_challenge_methods_supported |   def code_challenge_methods_supported | ||||||
|     %w(S256) |     doorkeeper.pkce_code_challenge_methods_supported | ||||||
|   end |   end | ||||||
| 
 | 
 | ||||||
|   private |   private | ||||||
|  |  | ||||||
|  | @ -114,7 +114,6 @@ module Mastodon | ||||||
|       Doorkeeper::Application.include ApplicationExtension |       Doorkeeper::Application.include ApplicationExtension | ||||||
|       Doorkeeper::AccessGrant.include AccessGrantExtension |       Doorkeeper::AccessGrant.include AccessGrantExtension | ||||||
|       Doorkeeper::AccessToken.include AccessTokenExtension |       Doorkeeper::AccessToken.include AccessTokenExtension | ||||||
|       Doorkeeper::OAuth::PreAuthorization.include OauthPreAuthorizationExtension |  | ||||||
|       Devise::FailureApp.include AbstractController::Callbacks |       Devise::FailureApp.include AbstractController::Callbacks | ||||||
|       Devise::FailureApp.include Localized |       Devise::FailureApp.include Localized | ||||||
|     end |     end | ||||||
|  |  | ||||||
|  | @ -52,6 +52,9 @@ Doorkeeper.configure do | ||||||
|   # Issue access tokens with refresh token (disabled by default) |   # Issue access tokens with refresh token (disabled by default) | ||||||
|   # use_refresh_token |   # use_refresh_token | ||||||
| 
 | 
 | ||||||
|  |   # Proof of Key Code Exchange | ||||||
|  |   pkce_code_challenge_methods ['S256'] | ||||||
|  | 
 | ||||||
|   # Forbids creating/updating applications with arbitrary scopes that are |   # Forbids creating/updating applications with arbitrary scopes that are | ||||||
|   # not in configuration, i.e. `default_scopes` or `optional_scopes`. |   # not in configuration, i.e. `default_scopes` or `optional_scopes`. | ||||||
|   # (Disabled by default) |   # (Disabled by default) | ||||||
|  |  | ||||||
|  | @ -27,7 +27,7 @@ RSpec.describe 'The /.well-known/oauth-authorization-server request' do | ||||||
|       response_modes_supported: Doorkeeper.configuration.authorization_response_flows.flat_map(&:response_mode_matches).uniq, |       response_modes_supported: Doorkeeper.configuration.authorization_response_flows.flat_map(&:response_mode_matches).uniq, | ||||||
|       token_endpoint_auth_methods_supported: %w(client_secret_basic client_secret_post), |       token_endpoint_auth_methods_supported: %w(client_secret_basic client_secret_post), | ||||||
|       grant_types_supported: grant_types_supported, |       grant_types_supported: grant_types_supported, | ||||||
|       code_challenge_methods_supported: ['S256'], |       code_challenge_methods_supported: Doorkeeper.configuration.pkce_code_challenge_methods_supported, | ||||||
|       # non-standard extension: |       # non-standard extension: | ||||||
|       app_registration_endpoint: api_v1_apps_url |       app_registration_endpoint: api_v1_apps_url | ||||||
|     ) |     ) | ||||||
|  |  | ||||||
|  | @ -115,6 +115,8 @@ RSpec.describe 'Using OAuth from an external app' do | ||||||
|           subject |           subject | ||||||
| 
 | 
 | ||||||
|           within '.form-container .flash-message' do |           within '.form-container .flash-message' do | ||||||
|  |             # FIXME: Replace with doorkeeper.errors.messages.invalid_code_challenge_method.one for Doorkeeper > 5.8.0 | ||||||
|  |             # see: https://github.com/doorkeeper-gem/doorkeeper/pull/1747 | ||||||
|             expect(page).to have_content(I18n.t('doorkeeper.errors.messages.invalid_code_challenge_method')) |             expect(page).to have_content(I18n.t('doorkeeper.errors.messages.invalid_code_challenge_method')) | ||||||
|           end |           end | ||||||
|         end |         end | ||||||
|  |  | ||||||
		Loading…
	
	Add table
		Add a link
		
	
		Reference in a new issue