Add client_secret_expires_at to OAuth Applications (#30317)
parent
ace4268308
commit
2bd56f726a
|
@ -1,7 +1,7 @@
|
||||||
# frozen_string_literal: true
|
# frozen_string_literal: true
|
||||||
|
|
||||||
class REST::CredentialApplicationSerializer < REST::ApplicationSerializer
|
class REST::CredentialApplicationSerializer < REST::ApplicationSerializer
|
||||||
attributes :client_id, :client_secret
|
attributes :client_id, :client_secret, :client_secret_expires_at
|
||||||
|
|
||||||
def client_id
|
def client_id
|
||||||
object.uid
|
object.uid
|
||||||
|
@ -10,4 +10,10 @@ class REST::CredentialApplicationSerializer < REST::ApplicationSerializer
|
||||||
def client_secret
|
def client_secret
|
||||||
object.secret
|
object.secret
|
||||||
end
|
end
|
||||||
|
|
||||||
|
# Added for future forwards compatibility when we may decide to expire OAuth
|
||||||
|
# Applications. Set to zero means that the client_secret never expires.
|
||||||
|
def client_secret_expires_at
|
||||||
|
0
|
||||||
|
end
|
||||||
end
|
end
|
||||||
|
|
|
@ -44,6 +44,7 @@ RSpec.describe 'Credentials' do
|
||||||
expect(response.parsed_body)
|
expect(response.parsed_body)
|
||||||
.to not_include(client_id: be_present)
|
.to not_include(client_id: be_present)
|
||||||
.and not_include(client_secret: be_present)
|
.and not_include(client_secret: be_present)
|
||||||
|
.and not_include(client_secret_expires_at: be_present)
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
|
|
|
@ -42,6 +42,7 @@ RSpec.describe 'Apps' do
|
||||||
id: app.id.to_s,
|
id: app.id.to_s,
|
||||||
client_id: app.uid,
|
client_id: app.uid,
|
||||||
client_secret: app.secret,
|
client_secret: app.secret,
|
||||||
|
client_secret_expires_at: 0,
|
||||||
name: client_name,
|
name: client_name,
|
||||||
website: website,
|
website: website,
|
||||||
scopes: ['read', 'write'],
|
scopes: ['read', 'write'],
|
||||||
|
|
Loading…
Reference in New Issue