Add client_secret_expires_at to OAuth Applications (#30317)

This commit is contained in:
Emelia Smith 2024-11-12 23:06:13 +01:00 committed by Claire
parent dbedd021f5
commit ea1b598246
3 changed files with 9 additions and 1 deletions

View file

@ -1,7 +1,7 @@
# frozen_string_literal: true
class REST::CredentialApplicationSerializer < REST::ApplicationSerializer
attributes :client_id, :client_secret
attributes :client_id, :client_secret, :client_secret_expires_at
def client_id
object.uid
@ -10,4 +10,10 @@ class REST::CredentialApplicationSerializer < REST::ApplicationSerializer
def client_secret
object.secret
end
# Added for future forwards compatibility when we may decide to expire OAuth
# Applications. Set to zero means that the client_secret never expires.
def client_secret_expires_at
0
end
end

View file

@ -44,6 +44,7 @@ RSpec.describe 'Credentials' do
expect(response.parsed_body)
.to not_include(client_id: be_present)
.and not_include(client_secret: be_present)
.and not_include(client_secret_expires_at: be_present)
end
end

View file

@ -42,6 +42,7 @@ RSpec.describe 'Apps' do
id: app.id.to_s,
client_id: app.uid,
client_secret: app.secret,
client_secret_expires_at: 0,
name: client_name,
website: website,
scopes: ['read', 'write'],