Add client_secret_expires_at to OAuth Applications (#30317)
parent
ace4268308
commit
2bd56f726a
|
@ -1,7 +1,7 @@
|
|||
# frozen_string_literal: true
|
||||
|
||||
class REST::CredentialApplicationSerializer < REST::ApplicationSerializer
|
||||
attributes :client_id, :client_secret
|
||||
attributes :client_id, :client_secret, :client_secret_expires_at
|
||||
|
||||
def client_id
|
||||
object.uid
|
||||
|
@ -10,4 +10,10 @@ class REST::CredentialApplicationSerializer < REST::ApplicationSerializer
|
|||
def client_secret
|
||||
object.secret
|
||||
end
|
||||
|
||||
# Added for future forwards compatibility when we may decide to expire OAuth
|
||||
# Applications. Set to zero means that the client_secret never expires.
|
||||
def client_secret_expires_at
|
||||
0
|
||||
end
|
||||
end
|
||||
|
|
|
@ -44,6 +44,7 @@ RSpec.describe 'Credentials' do
|
|||
expect(response.parsed_body)
|
||||
.to not_include(client_id: be_present)
|
||||
.and not_include(client_secret: be_present)
|
||||
.and not_include(client_secret_expires_at: be_present)
|
||||
end
|
||||
end
|
||||
|
||||
|
|
|
@ -42,6 +42,7 @@ RSpec.describe 'Apps' do
|
|||
id: app.id.to_s,
|
||||
client_id: app.uid,
|
||||
client_secret: app.secret,
|
||||
client_secret_expires_at: 0,
|
||||
name: client_name,
|
||||
website: website,
|
||||
scopes: ['read', 'write'],
|
||||
|
|
Loading…
Reference in New Issue