From 109c99c323fb82f55a97512bf173dd794fe3ecb1 Mon Sep 17 00:00:00 2001 From: Felipe Zavan Date: Sat, 22 Oct 2022 18:25:37 +0100 Subject: [PATCH 1/3] Add support for Trilogy MySQL adapter This adds support for GitHub's [Trilogy](https://github.blog/2022-08-25-introducing-trilogy-a-new-database-adapter-for-ruby-on-rails/) MySQL adapter to `ExpirationTimeSqlMath`, it uses the same class as `mysql` and `mysql2`. --- lib/doorkeeper/models/concerns/expiration_time_sql_math.rb | 1 + 1 file changed, 1 insertion(+) diff --git a/lib/doorkeeper/models/concerns/expiration_time_sql_math.rb b/lib/doorkeeper/models/concerns/expiration_time_sql_math.rb index 0bc5c6e59..ea436f522 100644 --- a/lib/doorkeeper/models/concerns/expiration_time_sql_math.rb +++ b/lib/doorkeeper/models/concerns/expiration_time_sql_math.rb @@ -56,6 +56,7 @@ def generate_sql "postgresql" => PostgresExpirationTimeSqlGenerator, "mysql" => MySqlExpirationTimeSqlGenerator, "mysql2" => MySqlExpirationTimeSqlGenerator, + "trilogy" => MySqlExpirationTimeSqlGenerator, "sqlserver" => SqlServerExpirationTimeSqlGenerator, "oracleenhanced" => OracleExpirationTimeSqlGenerator, }.freeze From cb99bc49d480b31200642adbf9bcd7c3d9daea33 Mon Sep 17 00:00:00 2001 From: Nikita Bulai Date: Tue, 25 Oct 2022 09:48:52 +0300 Subject: [PATCH 2/3] [ci skip] Update changelog --- CHANGELOG.md | 1 + 1 file changed, 1 insertion(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 99797c2dc..2963266d2 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -7,6 +7,7 @@ User-visible changes worth mentioning. ## main +- [#1593] Add support for Trilogy ActiveRecord adapter. - [#ID] Add your PR description here. ## 5.6.0 From 64673e7fbaa63329f19a0071f8d3036f71612cf6 Mon Sep 17 00:00:00 2001 From: Patrick Foley Date: Mon, 17 Sep 2018 13:34:36 -0700 Subject: [PATCH 3/3] Add support for optionally using the url path for native authorization This functionality is being added to provide backwords compatiblity with older versions of doorkeeper where this was the default behavior --- CHANGELOG.md | 1 + lib/doorkeeper/config.rb | 14 ++++++++ lib/doorkeeper/rails/routes.rb | 8 +++-- .../authorizations_controller_spec.rb | 32 +++++++++++++++++++ spec/dummy/config/initializers/doorkeeper.rb | 5 +++ spec/lib/config_spec.rb | 25 +++++++++++++++ 6 files changed, 83 insertions(+), 2 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 2963266d2..6c9ed8654 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -8,6 +8,7 @@ User-visible changes worth mentioning. ## main - [#1593] Add support for Trilogy ActiveRecord adapter. +- [#1597] Add optional support to use the url path for the native authorization code flow. Ports forward [#1143] from 4.4.3 - [#ID] Add your PR description here. ## 5.6.0 diff --git a/lib/doorkeeper/config.rb b/lib/doorkeeper/config.rb index d9cb2902b..18991a9bc 100644 --- a/lib/doorkeeper/config.rb +++ b/lib/doorkeeper/config.rb @@ -159,6 +159,15 @@ def reuse_access_token @config.instance_variable_set(:@reuse_access_token, true) end + # Choose to use the url path for native autorization codes + # Enabling this flag sets the authorization code response route for + # native redirect uris to oauth/authorize/. The default is + # oauth/authorize/native?code=. + # Rationale: https://github.com/doorkeeper-gem/doorkeeper/issues/1143 + def use_url_path_for_native_authorization + @config.instance_variable_set(:@use_url_path_for_native_authorization, true) + end + # TODO: maybe make it more generic for other flows too? # Only allow one valid access token obtained via client credentials # per client. If a new access token is obtained before the old one @@ -623,6 +632,11 @@ def token_grant_types def deprecated_token_grant_types_resolver @deprecated_token_grant_types ||= calculate_token_grant_types end + + def native_authorization_code_route + @use_url_path_for_native_authorization = false unless defined?(@use_url_path_for_native_authorization) + @use_url_path_for_native_authorization ? '/:code' : '/native' + end # [NOTE]: deprecated and will be removed soon def deprecated_authorization_flows diff --git a/lib/doorkeeper/rails/routes.rb b/lib/doorkeeper/rails/routes.rb index 159f036a8..842d7e14e 100644 --- a/lib/doorkeeper/rails/routes.rb +++ b/lib/doorkeeper/rails/routes.rb @@ -53,8 +53,8 @@ def authorization_routes(mapping) as: mapping[:as], controller: mapping[:controllers], ) do - routes.get "/native", action: :show, on: :member - routes.get "/", action: :new, on: :member + routes.get native_authorization_code_route, action: :show, on: :member + routes.get '/', action: :new, on: :member end end @@ -96,6 +96,10 @@ def authorized_applications_routes(mapping) only: %i[index destroy], controller: mapping[:controllers] end + + def native_authorization_code_route + Doorkeeper.configuration.native_authorization_code_route + end end end end diff --git a/spec/controllers/authorizations_controller_spec.rb b/spec/controllers/authorizations_controller_spec.rb index 212f72685..d2f72d060 100644 --- a/spec/controllers/authorizations_controller_spec.rb +++ b/spec/controllers/authorizations_controller_spec.rb @@ -646,6 +646,38 @@ def query_params it "does not issue a token" do expect(Doorkeeper::AccessToken.count).to be 0 end + + context 'with use_url_path_for_native_authorization' do + around(:each) do |example| + Doorkeeper.configure do + orm DOORKEEPER_ORM + use_url_path_for_native_authorization + end + + Rails.application.reload_routes! + + example.run + + Doorkeeper.configure do + orm DOORKEEPER_ORM + end + + Rails.application.reload_routes! + end + + it 'should redirect immediately' do + expect(response).to be_redirect + expect(response.location).to match(/oauth\/authorize\/#{Doorkeeper::AccessGrant.first.token}/) + end + + it 'should issue a grant' do + expect(Doorkeeper::AccessGrant.count).to be 1 + end + + it 'should not issue a token' do + expect(Doorkeeper::AccessToken.count).to be 0 + end + end end describe "GET #new with skip_authorization true" do diff --git a/spec/dummy/config/initializers/doorkeeper.rb b/spec/dummy/config/initializers/doorkeeper.rb index 73364ae31..1d312c94a 100644 --- a/spec/dummy/config/initializers/doorkeeper.rb +++ b/spec/dummy/config/initializers/doorkeeper.rb @@ -41,6 +41,11 @@ # # enforce_configured_scopes + # Use the url path for the native authorization code flow. Enabling this flag sets the authorization + # code response route for native redirect uris to oauth/authorize/. The default is oauth/authorize/native?code=. + # Rationale: https://github.com/doorkeeper-gem/doorkeeper/issues/1143 + # use_url_path_for_native_authorization + # Provide support for an owner to be assigned to each registered application (disabled by default) # Optional parameter confirmation: true (default false) if you want to enforce ownership of # a registered application diff --git a/spec/lib/config_spec.rb b/spec/lib/config_spec.rb index 83638561c..48d6b3ff7 100644 --- a/spec/lib/config_spec.rb +++ b/spec/lib/config_spec.rb @@ -253,6 +253,31 @@ end end + describe 'use_url_path_for_native_authorization' do + around(:each) do |example| + Doorkeeper.configure do + orm DOORKEEPER_ORM + use_url_path_for_native_authorization + end + + Rails.application.reload_routes! + + subject { Doorkeeper.configuration } + + example.run + + Doorkeeper.configure do + orm DOORKEEPER_ORM + end + + Rails.application.reload_routes! + end + + it 'sets the native authorization code route /:code' do + expect(subject.native_authorization_code_route).to eq('/:code') + end + end + describe "client_credentials" do it "has defaults order" do expect(config.client_credentials_methods)