mirror of
https://github.com/mastodon/mastodon
synced 2024-11-23 14:46:18 +09:00
Update dependency doorkeeper to v5.8.0 (#33000)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
This commit is contained in:
parent
e4d5cc0ca6
commit
4517e18b79
@ -200,7 +200,7 @@ GEM
|
||||
activerecord (>= 4.2, < 9.0)
|
||||
docile (1.4.1)
|
||||
domain_name (0.6.20240107)
|
||||
doorkeeper (5.7.1)
|
||||
doorkeeper (5.8.0)
|
||||
railties (>= 5)
|
||||
dotenv (3.1.4)
|
||||
drb (2.2.1)
|
||||
|
@ -1,13 +0,0 @@
|
||||
# frozen_string_literal: true
|
||||
|
||||
module OauthPreAuthorizationExtension
|
||||
extend ActiveSupport::Concern
|
||||
|
||||
included do
|
||||
validate :code_challenge_method_s256, error: Doorkeeper::Errors::InvalidCodeChallengeMethod
|
||||
end
|
||||
|
||||
def validate_code_challenge_method_s256
|
||||
code_challenge.blank? || code_challenge_method == 'S256'
|
||||
end
|
||||
end
|
@ -65,7 +65,7 @@ class OauthMetadataPresenter < ActiveModelSerializers::Model
|
||||
end
|
||||
|
||||
def code_challenge_methods_supported
|
||||
%w(S256)
|
||||
doorkeeper.pkce_code_challenge_methods_supported
|
||||
end
|
||||
|
||||
private
|
||||
|
@ -114,7 +114,6 @@ module Mastodon
|
||||
Doorkeeper::Application.include ApplicationExtension
|
||||
Doorkeeper::AccessGrant.include AccessGrantExtension
|
||||
Doorkeeper::AccessToken.include AccessTokenExtension
|
||||
Doorkeeper::OAuth::PreAuthorization.include OauthPreAuthorizationExtension
|
||||
Devise::FailureApp.include AbstractController::Callbacks
|
||||
Devise::FailureApp.include Localized
|
||||
end
|
||||
|
@ -52,6 +52,9 @@ Doorkeeper.configure do
|
||||
# Issue access tokens with refresh token (disabled by default)
|
||||
# use_refresh_token
|
||||
|
||||
# Proof of Key Code Exchange
|
||||
pkce_code_challenge_methods ['S256']
|
||||
|
||||
# Forbids creating/updating applications with arbitrary scopes that are
|
||||
# not in configuration, i.e. `default_scopes` or `optional_scopes`.
|
||||
# (Disabled by default)
|
||||
|
@ -27,7 +27,7 @@ RSpec.describe 'The /.well-known/oauth-authorization-server request' do
|
||||
response_modes_supported: Doorkeeper.configuration.authorization_response_flows.flat_map(&:response_mode_matches).uniq,
|
||||
token_endpoint_auth_methods_supported: %w(client_secret_basic client_secret_post),
|
||||
grant_types_supported: grant_types_supported,
|
||||
code_challenge_methods_supported: ['S256'],
|
||||
code_challenge_methods_supported: Doorkeeper.configuration.pkce_code_challenge_methods_supported,
|
||||
# non-standard extension:
|
||||
app_registration_endpoint: api_v1_apps_url
|
||||
)
|
||||
|
@ -115,6 +115,8 @@ RSpec.describe 'Using OAuth from an external app' do
|
||||
subject
|
||||
|
||||
within '.form-container .flash-message' do
|
||||
# FIXME: Replace with doorkeeper.errors.messages.invalid_code_challenge_method.one for Doorkeeper > 5.8.0
|
||||
# see: https://github.com/doorkeeper-gem/doorkeeper/pull/1747
|
||||
expect(page).to have_content(I18n.t('doorkeeper.errors.messages.invalid_code_challenge_method'))
|
||||
end
|
||||
end
|
||||
|
Loading…
Reference in New Issue
Block a user