From 1af6ae19b94e46dca52a01b3834aa646d472fa3a Mon Sep 17 00:00:00 2001 From: Emelia Smith Date: Thu, 10 Apr 2025 21:57:25 +0200 Subject: [PATCH] Add offline_access scope --- app/lib/scope_transformer.rb | 2 ++ config/initializers/doorkeeper.rb | 9 +++++---- config/locales/doorkeeper.en.yml | 3 +++ spec/lib/scope_transformer_spec.rb | 6 ++++++ 4 files changed, 16 insertions(+), 4 deletions(-) diff --git a/app/lib/scope_transformer.rb b/app/lib/scope_transformer.rb index 7dda709229..79498cfdef 100644 --- a/app/lib/scope_transformer.rb +++ b/app/lib/scope_transformer.rb @@ -14,6 +14,8 @@ class ScopeTransformer < Parslet::Transform # # override for profile scope which is read only @access = %w(read) if @term == 'profile' + # Override offline_access since it doesn't imply read or write access: + @access = %w(offline) if @term == 'offline_access' end def key diff --git a/config/initializers/doorkeeper.rb b/config/initializers/doorkeeper.rb index d7084647ff..25ddee4659 100644 --- a/config/initializers/doorkeeper.rb +++ b/config/initializers/doorkeeper.rb @@ -35,10 +35,10 @@ Doorkeeper.configure do # context.client for client (Doorkeeper::Application) # context.scopes for scopes custom_access_token_expires_in do |context| - # If the client is confidential (all clients pre 4.3), then we don't want to - # expire access tokens. Applications created by users are also considered - # confidential. - if context.client.confidential? + # If the client is confidential (all clients pre 4.3) and it hasn't + # requested offline_access, then we don't want to expire access tokens. + # Applications created by users are also considered confidential. + if context.client.confidential? && !context.scopes.exists?('offline_access') nil else 15.minutes.to_i @@ -80,6 +80,7 @@ Doorkeeper.configure do # https://github.com/doorkeeper-gem/doorkeeper/wiki/Using-Scopes default_scopes :read optional_scopes :profile, + :offline_access, :write, :'write:accounts', :'write:blocks', diff --git a/config/locales/doorkeeper.en.yml b/config/locales/doorkeeper.en.yml index 3b3b141afa..da48ef97db 100644 --- a/config/locales/doorkeeper.en.yml +++ b/config/locales/doorkeeper.en.yml @@ -89,6 +89,7 @@ en: invalid_request: missing_param: 'Missing required parameter: %{value}.' request_not_authorized: Request need to be authorized. Required parameter for authorizing request is missing or invalid. + offline_access_only: The offline_access scope can only be used with other scopes. unknown: The request is missing a required parameter, includes an unsupported parameter value, or is otherwise malformed. invalid_resource_owner: The provided resource owner credentials are not valid, or resource owner cannot be found invalid_scope: The requested scope is invalid, unknown, or malformed. @@ -118,6 +119,7 @@ en: read: Read-only access read/write: Read and write access write: Write-only access + offline: Access for an extended period of time title: accounts: Accounts admin/accounts: Administration of accounts @@ -138,6 +140,7 @@ en: notifications: Notifications profile: Your Mastodon profile push: Push notifications + offline_access: Offline access reports: Reports search: Search statuses: Posts diff --git a/spec/lib/scope_transformer_spec.rb b/spec/lib/scope_transformer_spec.rb index f4003352e4..e3e4932250 100644 --- a/spec/lib/scope_transformer_spec.rb +++ b/spec/lib/scope_transformer_spec.rb @@ -23,6 +23,12 @@ RSpec.describe ScopeTransformer do it_behaves_like 'a scope', nil, 'profile', 'read' end + context 'with scope "offline_access"' do + let(:input) { 'offline_access' } + + it_behaves_like 'a scope', nil, 'offline_access', 'offline' + end + context 'with scope "read"' do let(:input) { 'read' }