diff options
| author | Eugen Rochko <eugen@zeonfederated.com> | 2020-11-12 23:05:24 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2020-11-12 23:05:24 +0100 |
| commit | aa10200e58ccb340b6384532ccdba6b7fbac037a (patch) | |
| tree | 079694664dd9fc7b98aef2704cb4b79c69fa7831 /app | |
| parent | 8532429af749339a3ff6af4130de3743cd8d1c68 (diff) | |
Fix streaming API allowing connections to persist after access token invalidation (#15111)
Fix #14816
Diffstat (limited to 'app')
| -rw-r--r-- | app/lib/access_token_extension.rb | 17 | ||||
| -rw-r--r-- | app/models/session_activation.rb | 16 |
2 files changed, 27 insertions, 6 deletions
diff --git a/app/lib/access_token_extension.rb b/app/lib/access_token_extension.rb new file mode 100644 index 000000000..3e184e775 --- /dev/null +++ b/app/lib/access_token_extension.rb @@ -0,0 +1,17 @@ +# frozen_string_literal: true + +module AccessTokenExtension + extend ActiveSupport::Concern + + included do + after_commit :push_to_streaming_api + end + + def revoke(clock = Time) + update(revoked_at: clock.now.utc) + end + + def push_to_streaming_api + Redis.current.publish("timeline:access_token:#{id}", Oj.dump(event: :kill)) if revoked? || destroyed? + end +end diff --git a/app/models/session_activation.rb b/app/models/session_activation.rb index 34d25c83d..b0ce9d112 100644 --- a/app/models/session_activation.rb +++ b/app/models/session_activation.rb @@ -70,12 +70,16 @@ class SessionActivation < ApplicationRecord end def assign_access_token - superapp = Doorkeeper::Application.find_by(superapp: true) + self.access_token = Doorkeeper::AccessToken.create!(access_token_attributes) + end - self.access_token = Doorkeeper::AccessToken.create!(application_id: superapp&.id, - resource_owner_id: user_id, - scopes: 'read write follow', - expires_in: Doorkeeper.configuration.access_token_expires_in, - use_refresh_token: Doorkeeper.configuration.refresh_token_enabled?) + def access_token_attributes + { + application_id: Doorkeeper::Application.find_by(superapp: true)&.id, + resource_owner_id: user_id, + scopes: 'read write follow', + expires_in: Doorkeeper.configuration.access_token_expires_in, + use_refresh_token: Doorkeeper.configuration.refresh_token_enabled?, + } end end |