diff options
-rw-r--r-- | Gemfile | 2 | ||||
-rw-r--r-- | Gemfile.lock | 4 | ||||
-rw-r--r-- | app/models/web/push_subscription.rb | 10 | ||||
-rw-r--r-- | spec/controllers/api/v1/accounts_controller_spec.rb | 2 | ||||
-rw-r--r-- | spec/controllers/oauth/authorizations_controller_spec.rb | 10 | ||||
-rw-r--r-- | spec/controllers/oauth/tokens_controller_spec.rb | 5 |
6 files changed, 17 insertions, 16 deletions
diff --git a/Gemfile b/Gemfile index 890b0ee97..3150c368d 100644 --- a/Gemfile +++ b/Gemfile @@ -49,7 +49,7 @@ gem 'omniauth-saml', '~> 1.10' gem 'omniauth', '~> 1.9' gem 'discard', '~> 1.2' -gem 'doorkeeper', '~> 5.3' +gem 'doorkeeper', '~> 5.4' gem 'fast_blank', '~> 1.0' gem 'fastimage' gem 'goldfinger', '~> 2.1' diff --git a/Gemfile.lock b/Gemfile.lock index 899624064..accac821b 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -194,7 +194,7 @@ GEM docile (1.3.2) domain_name (0.5.20190701) unf (>= 0.0.5, < 1.0.0) - doorkeeper (5.3.3) + doorkeeper (5.4.0) railties (>= 5) dotenv (2.7.5) dotenv-rails (2.7.5) @@ -697,7 +697,7 @@ DEPENDENCIES devise-two-factor (~> 3.1) devise_pam_authenticatable2 (~> 9.2) discard (~> 1.2) - doorkeeper (~> 5.3) + doorkeeper (~> 5.4) dotenv-rails (~> 2.7) e2mmap (~> 0.1.0) fabrication (~> 2.21) diff --git a/app/models/web/push_subscription.rb b/app/models/web/push_subscription.rb index c5dbb58ba..c407a7789 100644 --- a/app/models/web/push_subscription.rb +++ b/app/models/web/push_subscription.rb @@ -94,11 +94,11 @@ class Web::PushSubscription < ApplicationRecord def find_or_create_access_token Doorkeeper::AccessToken.find_or_create_for( - Doorkeeper::Application.find_by(superapp: true), - session_activation.user_id, - Doorkeeper::OAuth::Scopes.from_string('read write follow push'), - Doorkeeper.configuration.access_token_expires_in, - Doorkeeper.configuration.refresh_token_enabled? + application: Doorkeeper::Application.find_by(superapp: true), + resource_owner: session_activation.user_id, + scopes: Doorkeeper::OAuth::Scopes.from_string('read write follow push'), + expires_in: Doorkeeper.configuration.access_token_expires_in, + use_refresh_token: Doorkeeper.configuration.refresh_token_enabled? ) end end diff --git a/spec/controllers/api/v1/accounts_controller_spec.rb b/spec/controllers/api/v1/accounts_controller_spec.rb index f5f65c000..024409dab 100644 --- a/spec/controllers/api/v1/accounts_controller_spec.rb +++ b/spec/controllers/api/v1/accounts_controller_spec.rb @@ -21,7 +21,7 @@ RSpec.describe Api::V1::AccountsController, type: :controller do describe 'POST #create' do let(:app) { Fabricate(:application) } - let(:token) { Doorkeeper::AccessToken.find_or_create_for(app, nil, 'read write', nil, false) } + let(:token) { Doorkeeper::AccessToken.find_or_create_for(application: app, resource_owner: nil, scopes: 'read write', use_refresh_token: false) } let(:agreement) { nil } before do diff --git a/spec/controllers/oauth/authorizations_controller_spec.rb b/spec/controllers/oauth/authorizations_controller_spec.rb index a84260a54..c5eeea397 100644 --- a/spec/controllers/oauth/authorizations_controller_spec.rb +++ b/spec/controllers/oauth/authorizations_controller_spec.rb @@ -41,11 +41,11 @@ RSpec.describe Oauth::AuthorizationsController, type: :controller do context 'when app is already authorized' do before do Doorkeeper::AccessToken.find_or_create_for( - app, - user.id, - app.scopes, - Doorkeeper.configuration.access_token_expires_in, - Doorkeeper.configuration.refresh_token_enabled? + application: app, + resource_owner: user.id, + scopes: app.scopes, + expires_in: Doorkeeper.configuration.access_token_expires_in, + use_refresh_token: Doorkeeper.configuration.refresh_token_enabled? ) end diff --git a/spec/controllers/oauth/tokens_controller_spec.rb b/spec/controllers/oauth/tokens_controller_spec.rb index ba8e367a6..3804e035b 100644 --- a/spec/controllers/oauth/tokens_controller_spec.rb +++ b/spec/controllers/oauth/tokens_controller_spec.rb @@ -5,11 +5,12 @@ require 'rails_helper' RSpec.describe Oauth::TokensController, type: :controller do describe 'POST #revoke' do let!(:user) { Fabricate(:user) } - let!(:access_token) { Fabricate(:accessible_access_token, resource_owner_id: user.id) } + let!(:application) { Fabricate(:application, confidential: false) } + let!(:access_token) { Fabricate(:accessible_access_token, resource_owner_id: user.id, application: application) } let!(:web_push_subscription) { Fabricate(:web_push_subscription, user: user, access_token: access_token) } before do - post :revoke, params: { token: access_token.token } + post :revoke, params: { client_id: application.uid, token: access_token.token } end it 'revokes the token' do |