Update dependency doorkeeper to v5.8.0 (#33000)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
pull/33005/merge
Emelia Smith 2024-11-21 14:48:30 +01:00 committed by GitHub
parent e4d5cc0ca6
commit 4517e18b79
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
7 changed files with 8 additions and 17 deletions

View File

@ -200,7 +200,7 @@ GEM
activerecord (>= 4.2, < 9.0)
docile (1.4.1)
domain_name (0.6.20240107)
doorkeeper (5.7.1)
doorkeeper (5.8.0)
railties (>= 5)
dotenv (3.1.4)
drb (2.2.1)

View File

@ -1,13 +0,0 @@
# frozen_string_literal: true
module OauthPreAuthorizationExtension
extend ActiveSupport::Concern
included do
validate :code_challenge_method_s256, error: Doorkeeper::Errors::InvalidCodeChallengeMethod
end
def validate_code_challenge_method_s256
code_challenge.blank? || code_challenge_method == 'S256'
end
end

View File

@ -65,7 +65,7 @@ class OauthMetadataPresenter < ActiveModelSerializers::Model
end
def code_challenge_methods_supported
%w(S256)
doorkeeper.pkce_code_challenge_methods_supported
end
private

View File

@ -114,7 +114,6 @@ module Mastodon
Doorkeeper::Application.include ApplicationExtension
Doorkeeper::AccessGrant.include AccessGrantExtension
Doorkeeper::AccessToken.include AccessTokenExtension
Doorkeeper::OAuth::PreAuthorization.include OauthPreAuthorizationExtension
Devise::FailureApp.include AbstractController::Callbacks
Devise::FailureApp.include Localized
end

View File

@ -52,6 +52,9 @@ Doorkeeper.configure do
# Issue access tokens with refresh token (disabled by default)
# use_refresh_token
# Proof of Key Code Exchange
pkce_code_challenge_methods ['S256']
# Forbids creating/updating applications with arbitrary scopes that are
# not in configuration, i.e. `default_scopes` or `optional_scopes`.
# (Disabled by default)

View File

@ -27,7 +27,7 @@ RSpec.describe 'The /.well-known/oauth-authorization-server request' do
response_modes_supported: Doorkeeper.configuration.authorization_response_flows.flat_map(&:response_mode_matches).uniq,
token_endpoint_auth_methods_supported: %w(client_secret_basic client_secret_post),
grant_types_supported: grant_types_supported,
code_challenge_methods_supported: ['S256'],
code_challenge_methods_supported: Doorkeeper.configuration.pkce_code_challenge_methods_supported,
# non-standard extension:
app_registration_endpoint: api_v1_apps_url
)

View File

@ -115,6 +115,8 @@ RSpec.describe 'Using OAuth from an external app' do
subject
within '.form-container .flash-message' do
# FIXME: Replace with doorkeeper.errors.messages.invalid_code_challenge_method.one for Doorkeeper > 5.8.0
# see: https://github.com/doorkeeper-gem/doorkeeper/pull/1747
expect(page).to have_content(I18n.t('doorkeeper.errors.messages.invalid_code_challenge_method'))
end
end