about summary refs log tree commit diff
diff options
context:
space:
mode:
authordependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>2020-05-12 15:25:33 +0200
committerGitHub <noreply@github.com>2020-05-12 15:25:33 +0200
commit78202e9138bd605c76d19d5b9d7121d1ae6b5e06 (patch)
tree3e1fcabfb0b192bcc0305693a7bde165f56eb629
parentd8bad8fbf6af52503d9a29da6ce36148e77b9f1b (diff)
Bump doorkeeper from 5.3.3 to 5.4.0 (#13733)
* Bump doorkeeper from 5.3.3 to 5.4.0

Bumps [doorkeeper](https://github.com/doorkeeper-gem/doorkeeper) from 5.3.3 to 5.4.0.
- [Release notes](https://github.com/doorkeeper-gem/doorkeeper/releases)
- [Changelog](https://github.com/doorkeeper-gem/doorkeeper/blob/master/CHANGELOG.md)
- [Commits](https://github.com/doorkeeper-gem/doorkeeper/compare/v5.3.3...v5.4.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

* Fix tests

* Fix use of Doorkeeper::AccessToken.find_or_create_for

* Fix tests?

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Co-authored-by: Thibaut Girka <thib@sitedethib.com>
-rw-r--r--Gemfile2
-rw-r--r--Gemfile.lock4
-rw-r--r--app/models/web/push_subscription.rb10
-rw-r--r--spec/controllers/api/v1/accounts_controller_spec.rb2
-rw-r--r--spec/controllers/oauth/authorizations_controller_spec.rb10
-rw-r--r--spec/controllers/oauth/tokens_controller_spec.rb5
6 files changed, 17 insertions, 16 deletions
diff --git a/Gemfile b/Gemfile
index 890b0ee97..3150c368d 100644
--- a/Gemfile
+++ b/Gemfile
@@ -49,7 +49,7 @@ gem 'omniauth-saml', '~> 1.10'
 gem 'omniauth', '~> 1.9'
 
 gem 'discard', '~> 1.2'
-gem 'doorkeeper', '~> 5.3'
+gem 'doorkeeper', '~> 5.4'
 gem 'fast_blank', '~> 1.0'
 gem 'fastimage'
 gem 'goldfinger', '~> 2.1'
diff --git a/Gemfile.lock b/Gemfile.lock
index 899624064..accac821b 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -194,7 +194,7 @@ GEM
     docile (1.3.2)
     domain_name (0.5.20190701)
       unf (>= 0.0.5, < 1.0.0)
-    doorkeeper (5.3.3)
+    doorkeeper (5.4.0)
       railties (>= 5)
     dotenv (2.7.5)
     dotenv-rails (2.7.5)
@@ -697,7 +697,7 @@ DEPENDENCIES
   devise-two-factor (~> 3.1)
   devise_pam_authenticatable2 (~> 9.2)
   discard (~> 1.2)
-  doorkeeper (~> 5.3)
+  doorkeeper (~> 5.4)
   dotenv-rails (~> 2.7)
   e2mmap (~> 0.1.0)
   fabrication (~> 2.21)
diff --git a/app/models/web/push_subscription.rb b/app/models/web/push_subscription.rb
index c5dbb58ba..c407a7789 100644
--- a/app/models/web/push_subscription.rb
+++ b/app/models/web/push_subscription.rb
@@ -94,11 +94,11 @@ class Web::PushSubscription < ApplicationRecord
 
   def find_or_create_access_token
     Doorkeeper::AccessToken.find_or_create_for(
-      Doorkeeper::Application.find_by(superapp: true),
-      session_activation.user_id,
-      Doorkeeper::OAuth::Scopes.from_string('read write follow push'),
-      Doorkeeper.configuration.access_token_expires_in,
-      Doorkeeper.configuration.refresh_token_enabled?
+      application: Doorkeeper::Application.find_by(superapp: true),
+      resource_owner: session_activation.user_id,
+      scopes: Doorkeeper::OAuth::Scopes.from_string('read write follow push'),
+      expires_in: Doorkeeper.configuration.access_token_expires_in,
+      use_refresh_token: Doorkeeper.configuration.refresh_token_enabled?
     )
   end
 end
diff --git a/spec/controllers/api/v1/accounts_controller_spec.rb b/spec/controllers/api/v1/accounts_controller_spec.rb
index f5f65c000..024409dab 100644
--- a/spec/controllers/api/v1/accounts_controller_spec.rb
+++ b/spec/controllers/api/v1/accounts_controller_spec.rb
@@ -21,7 +21,7 @@ RSpec.describe Api::V1::AccountsController, type: :controller do
 
   describe 'POST #create' do
     let(:app) { Fabricate(:application) }
-    let(:token) { Doorkeeper::AccessToken.find_or_create_for(app, nil, 'read write', nil, false) }
+    let(:token) { Doorkeeper::AccessToken.find_or_create_for(application: app, resource_owner: nil, scopes: 'read write', use_refresh_token: false) }
     let(:agreement) { nil }
 
     before do
diff --git a/spec/controllers/oauth/authorizations_controller_spec.rb b/spec/controllers/oauth/authorizations_controller_spec.rb
index a84260a54..c5eeea397 100644
--- a/spec/controllers/oauth/authorizations_controller_spec.rb
+++ b/spec/controllers/oauth/authorizations_controller_spec.rb
@@ -41,11 +41,11 @@ RSpec.describe Oauth::AuthorizationsController, type: :controller do
       context 'when app is already authorized' do
         before do
           Doorkeeper::AccessToken.find_or_create_for(
-            app,
-            user.id,
-            app.scopes,
-            Doorkeeper.configuration.access_token_expires_in,
-            Doorkeeper.configuration.refresh_token_enabled?
+            application: app,
+            resource_owner: user.id,
+            scopes: app.scopes,
+            expires_in: Doorkeeper.configuration.access_token_expires_in,
+            use_refresh_token: Doorkeeper.configuration.refresh_token_enabled?
           )
         end
 
diff --git a/spec/controllers/oauth/tokens_controller_spec.rb b/spec/controllers/oauth/tokens_controller_spec.rb
index ba8e367a6..3804e035b 100644
--- a/spec/controllers/oauth/tokens_controller_spec.rb
+++ b/spec/controllers/oauth/tokens_controller_spec.rb
@@ -5,11 +5,12 @@ require 'rails_helper'
 RSpec.describe Oauth::TokensController, type: :controller do
   describe 'POST #revoke' do
     let!(:user) { Fabricate(:user) }
-    let!(:access_token) { Fabricate(:accessible_access_token, resource_owner_id: user.id) }
+    let!(:application) { Fabricate(:application, confidential: false) }
+    let!(:access_token) { Fabricate(:accessible_access_token, resource_owner_id: user.id, application: application) }
     let!(:web_push_subscription) { Fabricate(:web_push_subscription, user: user, access_token: access_token) }
 
     before do
-      post :revoke, params: { token: access_token.token }
+      post :revoke, params: { client_id: application.uid, token: access_token.token }
     end
 
     it 'revokes the token' do