Merge pull request opf#14165 from opf/bug/oauth-does-not-show-plainte…

…xt-secret Fixed storage oauth credential replace to show plaintext secret
l3dlp-sandbox · Nov 20, 2023 · 0cda27c · 0cda27c
2 parents f1450c8 + 68c45ae
commit 0cda27c
Show file tree

Hide file tree

Showing 2 changed files with 11 additions and 3 deletions.
diff --git a/...les/storages/app/components/storages/admin/oauth_application_info_copy_component.html.erb b/...les/storages/app/components/storages/admin/oauth_application_info_copy_component.html.erb
@@ -24,7 +24,7 @@
           OpenProject::Common::ClipboardCopyComponent.new(
             name: :openproject_oauth_application_secret,
             visually_hide_label: false,
-            value_to_copy: oauth_application.secret,
+            value_to_copy: oauth_application.plaintext_secret,
             label: I18n.t('storages.label_openproject_oauth_application_secret'),
             required: true
           )

diff --git a/modules/storages/spec/features/admin_storages_spec.rb b/modules/storages/spec/features/admin_storages_spec.rb
@@ -91,6 +91,12 @@
 
   describe 'New file storage', with_flag: { storage_primer_design: true } do
     context 'with Nextcloud Storage' do
+      let(:secret) { 'awesome_secret' }
+
+      before do
+        allow(Doorkeeper::OAuth::Helpers::UniqueToken).to receive(:generate).and_return(secret)
+      end
+
       it 'renders a Nextcloud specific multi-step form', :webmock do
         visit admin_settings_storages_path
 
@@ -153,7 +159,7 @@
             expect(page).to have_css('#openproject_oauth_application_uid',
                                      value: storage.reload.oauth_application.uid)
             expect(page).to have_css('#openproject_oauth_application_secret',
-                                     value: storage.reload.oauth_application.secret)
+                                     value: secret)
 
             click_link 'Done, continue'
           end
@@ -304,8 +310,10 @@
       let(:storage) { create(:nextcloud_storage, :as_automatically_managed) }
       let(:oauth_application) { create(:oauth_application, integration: storage) }
       let(:oauth_client) { create(:oauth_client, integration: storage) }
+      let(:secret) { 'awesome_secret' }
 
       before do
+        allow(Doorkeeper::OAuth::Helpers::UniqueToken).to receive(:generate).and_return(secret)
         oauth_application
         oauth_client
       end
@@ -385,7 +393,7 @@
             expect(page).to have_css('#openproject_oauth_application_uid',
                                      value: storage.reload.oauth_application.uid)
             expect(page).to have_css('#openproject_oauth_application_secret',
-                                     value: storage.reload.oauth_application.secret)
+                                     value: secret)
 
             click_link 'Done, continue'
           end