gnh1201/mastodon
1
0
Fork 0
mirror of https://github.com/mastodon/mastodon.git synced 2025-11-27 18:10:58 +00:00
Code Issues Actions 17 Packages Projects Releases Wiki Activity

Try to fix the usage of doorkeeper configuration

Browse Source
This commit is contained in:
Emelia Smith 2025-04-11 22:10:03 +02:00
parent 1af6ae19b9
commit 463d5dd4d5
No known key found for this signature in database
5 changed files with 44 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
app/models/session_activation.rb
View File

@ -65,12 +65,22 @@ class SessionActivation < ApplicationRecord
end end
def access_token_attributes def access_token_attributes
app = Doorkeeper::Application.find_by(superapp: true)
scopes = Doorkeeper::OAuth::Scopes.from_array(DEFAULT_SCOPES)
context = Doorkeeper::OAuth::Authorization::Token.build_context(
app,
Doorkeeper::OAuth::AUTHORIZATION_CODE,
scopes,
user_id
)
{ {
application_id: Doorkeeper::Application.find_by(superapp: true)&.id, application_id: context.client,
resource_owner_id: user_id, resource_owner_id: context.resource_owner,
scopes: DEFAULT_SCOPES.join(' '), scopes: context.scopes,
expires_in: Doorkeeper.configuration.access_token_expires_in, expires_in: Doorkeeper::OAuth::Authorization::Token.access_token_expires_in(Doorkeeper.config, context),
use_refresh_token: Doorkeeper.configuration.refresh_token_enabled?, use_refresh_token: Doorkeeper::OAuth::Authorization::Token.refresh_token_enabled?(Doorkeeper.config, context),
} }
end end
end end

10
app/models/user.rb
View File

@ -310,10 +310,12 @@ class User < ApplicationRecord
def token_for_app(app) def token_for_app(app)
return nil if app.nil? || app.owner != self return nil if app.nil? || app.owner != self
Doorkeeper::AccessToken.find_or_create_by(application_id: app.id, resource_owner_id: id) do |t| context = Doorkeeper::OAuth::Authorization::Token.build_context(app, Doorkeeper::OAuth::AUTHORIZATION_CODE, app.scopes, app.owner)
t.scopes = app.scopes
t.expires_in = Doorkeeper.configuration.access_token_expires_in Doorkeeper::AccessToken.find_or_create_by(application_id: context.client.id, resource_owner_id: context.resource_owner.id) do |t|
t.use_refresh_token = Doorkeeper.configuration.refresh_token_enabled? t.scopes = context.scopes
t.expires_in = Doorkeeper::OAuth::Authorization::Token.access_token_expires_in(Doorkeeper.config, context)
t.use_refresh_token = Doorkeeper::OAuth::Authorization::Token.refresh_token_enabled?(Doorkeeper.config, context)
end end
end end

12
app/services/app_sign_up_service.rb
View File

@ -27,12 +27,14 @@ class AppSignUpService < BaseService
end end
def create_access_token! def create_access_token!
context = Doorkeeper::OAuth::Authorization::Token.build_context(@app, Doorkeeper::OAuth::AUTHORIZATION_CODE, @app.scopes, @user.id)
@access_token = Doorkeeper::AccessToken.create!( @access_token = Doorkeeper::AccessToken.create!(
application: @app, application: context.client,
resource_owner_id: @user.id, resource_owner_id: context.resource_owner,
scopes: @app.scopes, scopes: context.scopes,
expires_in: Doorkeeper.configuration.access_token_expires_in, expires_in: Doorkeeper::OAuth::Authorization::Token.access_token_expires_in(Doorkeeper.config, context),
use_refresh_token: Doorkeeper.configuration.refresh_token_enabled? use_refresh_token: Doorkeeper::OAuth::Authorization::Token.refresh_token_enabled?(Doorkeeper.config, context)
) )
end end

4
config/initializers/doorkeeper.rb
View File

@ -45,6 +45,10 @@ Doorkeeper.configure do
end end
end end
use_refresh_token do |context|
context.scopes.exists?('offline_access')
end
# Use a custom class for generating the access token. # Use a custom class for generating the access token.
# https://github.com/doorkeeper-gem/doorkeeper#custom-access-token-generator # https://github.com/doorkeeper-gem/doorkeeper#custom-access-token-generator
# access_token_generator "::Doorkeeper::JWT" # access_token_generator "::Doorkeeper::JWT"

17
spec/controllers/oauth/authorizations_controller_spec.rb
View File

@ -30,12 +30,19 @@ RSpec.describe Oauth::AuthorizationsController do
context 'when app is already authorized' do context 'when app is already authorized' do
before do before do
context = Doorkeeper::OAuth::Authorization::Token.build_context(
app,
Doorkeeper::OAuth::AUTHORIZATION_CODE,
app.scopes,
user.id
)
Doorkeeper::AccessToken.find_or_create_for( Doorkeeper::AccessToken.find_or_create_for(
application: app, application: context.client,
resource_owner: user.id, resource_owner: context.resource_owner,
scopes: app.scopes, scopes: context.scopes,
expires_in: Doorkeeper.configuration.access_token_expires_in, expires_in: Doorkeeper::OAuth::Authorization::Token.access_token_expires_in(Doorkeeper.config, context),
use_refresh_token: Doorkeeper.configuration.refresh_token_enabled? use_refresh_token: Doorkeeper::OAuth::Authorization::Token.refresh_token_enabled?(Doorkeeper.config, context)
) )
end end