From 78202e9138bd605c76d19d5b9d7121d1ae6b5e06 Mon Sep 17 00:00:00 2001 From: "dependabot-preview[bot]" <27856297+dependabot-preview[bot]@users.noreply.github.com> Date: Tue, 12 May 2020 15:25:33 +0200 Subject: [PATCH] Bump doorkeeper from 5.3.3 to 5.4.0 (#13733) * Bump doorkeeper from 5.3.3 to 5.4.0 Bumps [doorkeeper](https://github.com/doorkeeper-gem/doorkeeper) from 5.3.3 to 5.4.0. - [Release notes](https://github.com/doorkeeper-gem/doorkeeper/releases) - [Changelog](https://github.com/doorkeeper-gem/doorkeeper/blob/master/CHANGELOG.md) - [Commits](https://github.com/doorkeeper-gem/doorkeeper/compare/v5.3.3...v5.4.0) Signed-off-by: dependabot-preview[bot] * Fix tests * Fix use of Doorkeeper::AccessToken.find_or_create_for * Fix tests? Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com> Co-authored-by: Thibaut Girka --- Gemfile | 2 +- Gemfile.lock | 4 ++-- app/models/web/push_subscription.rb | 10 +++++----- spec/controllers/api/v1/accounts_controller_spec.rb | 2 +- .../oauth/authorizations_controller_spec.rb | 10 +++++----- spec/controllers/oauth/tokens_controller_spec.rb | 5 +++-- 6 files changed, 17 insertions(+), 16 deletions(-) diff --git a/Gemfile b/Gemfile index 890b0ee97e1..3150c368d05 100644 --- a/Gemfile +++ b/Gemfile @@ -49,7 +49,7 @@ gem 'omniauth-saml', '~> 1.10' gem 'omniauth', '~> 1.9' gem 'discard', '~> 1.2' -gem 'doorkeeper', '~> 5.3' +gem 'doorkeeper', '~> 5.4' gem 'fast_blank', '~> 1.0' gem 'fastimage' gem 'goldfinger', '~> 2.1' diff --git a/Gemfile.lock b/Gemfile.lock index 8996240640b..accac821b5b 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -194,7 +194,7 @@ GEM docile (1.3.2) domain_name (0.5.20190701) unf (>= 0.0.5, < 1.0.0) - doorkeeper (5.3.3) + doorkeeper (5.4.0) railties (>= 5) dotenv (2.7.5) dotenv-rails (2.7.5) @@ -697,7 +697,7 @@ DEPENDENCIES devise-two-factor (~> 3.1) devise_pam_authenticatable2 (~> 9.2) discard (~> 1.2) - doorkeeper (~> 5.3) + doorkeeper (~> 5.4) dotenv-rails (~> 2.7) e2mmap (~> 0.1.0) fabrication (~> 2.21) diff --git a/app/models/web/push_subscription.rb b/app/models/web/push_subscription.rb index c5dbb58baad..c407a7789be 100644 --- a/app/models/web/push_subscription.rb +++ b/app/models/web/push_subscription.rb @@ -94,11 +94,11 @@ class Web::PushSubscription < ApplicationRecord def find_or_create_access_token Doorkeeper::AccessToken.find_or_create_for( - Doorkeeper::Application.find_by(superapp: true), - session_activation.user_id, - Doorkeeper::OAuth::Scopes.from_string('read write follow push'), - Doorkeeper.configuration.access_token_expires_in, - Doorkeeper.configuration.refresh_token_enabled? + application: Doorkeeper::Application.find_by(superapp: true), + resource_owner: session_activation.user_id, + scopes: Doorkeeper::OAuth::Scopes.from_string('read write follow push'), + expires_in: Doorkeeper.configuration.access_token_expires_in, + use_refresh_token: Doorkeeper.configuration.refresh_token_enabled? ) end end diff --git a/spec/controllers/api/v1/accounts_controller_spec.rb b/spec/controllers/api/v1/accounts_controller_spec.rb index f5f65c000e5..024409dab85 100644 --- a/spec/controllers/api/v1/accounts_controller_spec.rb +++ b/spec/controllers/api/v1/accounts_controller_spec.rb @@ -21,7 +21,7 @@ RSpec.describe Api::V1::AccountsController, type: :controller do describe 'POST #create' do let(:app) { Fabricate(:application) } - let(:token) { Doorkeeper::AccessToken.find_or_create_for(app, nil, 'read write', nil, false) } + let(:token) { Doorkeeper::AccessToken.find_or_create_for(application: app, resource_owner: nil, scopes: 'read write', use_refresh_token: false) } let(:agreement) { nil } before do diff --git a/spec/controllers/oauth/authorizations_controller_spec.rb b/spec/controllers/oauth/authorizations_controller_spec.rb index a84260a54d2..c5eeea397ec 100644 --- a/spec/controllers/oauth/authorizations_controller_spec.rb +++ b/spec/controllers/oauth/authorizations_controller_spec.rb @@ -41,11 +41,11 @@ RSpec.describe Oauth::AuthorizationsController, type: :controller do context 'when app is already authorized' do before do Doorkeeper::AccessToken.find_or_create_for( - app, - user.id, - app.scopes, - Doorkeeper.configuration.access_token_expires_in, - Doorkeeper.configuration.refresh_token_enabled? + application: app, + resource_owner: user.id, + scopes: app.scopes, + expires_in: Doorkeeper.configuration.access_token_expires_in, + use_refresh_token: Doorkeeper.configuration.refresh_token_enabled? ) end diff --git a/spec/controllers/oauth/tokens_controller_spec.rb b/spec/controllers/oauth/tokens_controller_spec.rb index ba8e367a68a..3804e035bbc 100644 --- a/spec/controllers/oauth/tokens_controller_spec.rb +++ b/spec/controllers/oauth/tokens_controller_spec.rb @@ -5,11 +5,12 @@ require 'rails_helper' RSpec.describe Oauth::TokensController, type: :controller do describe 'POST #revoke' do let!(:user) { Fabricate(:user) } - let!(:access_token) { Fabricate(:accessible_access_token, resource_owner_id: user.id) } + let!(:application) { Fabricate(:application, confidential: false) } + let!(:access_token) { Fabricate(:accessible_access_token, resource_owner_id: user.id, application: application) } let!(:web_push_subscription) { Fabricate(:web_push_subscription, user: user, access_token: access_token) } before do - post :revoke, params: { token: access_token.token } + post :revoke, params: { client_id: application.uid, token: access_token.token } end it 'revokes the token' do