search

zooniverse / panoptes

Zooniverse API to support user defined volunteer research projects
Apache License 2.0
102 stars 41 forks source link

Bump doorkeeper from 4.4.3 to 5.7.0 #4318

Open dependabot[bot] opened 2 months ago

dependabot[bot] commented 2 months ago

Bumps doorkeeper from 4.4.3 to 5.7.0.

Release notes

Sourced from doorkeeper's releases.

v5.7.0

  • #1696 Add missing #issued_token method to OAuth::TokenResponse
  • #1697 Allow a TokenResponse body to be customized (memoize response body).
  • #1702 Fix bugs for error response in the form_post and error view
  • #1660 Custom access token attributes are now considered when finding matching tokens (fixes #1665). Introduce revoke_previous_client_credentials_token configuration option.

v5.6.9

  • #1691 Make new Doorkeeper errors backward compatible with older extensions.

v5.6.8

  • #1680 Fix handle_auth_errors :raise NotImplementedError

v5.6.7

  • #1662 Specify uri_redirect validation class explicitly.
  • #1652 Add custom attributes support to token generator.
  • #1667 Pass client instead of grant.application to find_or_create_access_token.
  • #1673 Honor custom_access_token_attributes in client credentials grant flow.
  • #1676 Improve AuthorizationsController error response handling
  • #1677 Fix URIHelper.valid_for_authorization? breaking for non url URIs.

v5.6.6

  • #1644 Update HTTP headers.
  • #1646 Block public clients automatic authorization skip.
  • #1648 Add custom token attributes to Refresh Token Request.
  • #1649 Fixed custom_access_token_attributes related errors.

v5.6.5

  • #1602 Allow custom data to be stored inside access grants/tokens.
  • #1634 Code refactoring for custom token attributes.
  • #1639 Add grant type validation to avoid Internal Server Error for DELETE /oauth/authorize endpoint.

v5.6.4

  • #1633 Apply ORM configuration in #to_prepare block to avoid autoloading errors.

v5.6.3

  • #1622 Drop support for Rubies 2.5 and 2.6
  • #1605 Fix URI validation for Ruby 3.2+.
  • #1625 Exclude endless access tokens from StaleRecordsCleaner.
  • #1626 Remove deprecated active_record_options config option.
  • #1631 Fix regression with redirect behavior after token lookup optimizations (redirect to app URI when found).
  • #1630 Special case unique index creation for refresh_token on SQL Server.
  • #1627 Lazy evaluate Doorkeeper config when loading files and executing initializers.

v5.6.2

  • #1604 Fix fetching of the application when custom application_class defined.

v5.6.1

  • #1593 Add support for Trilogy ActiveRecord adapter.
  • #1597 Add optional support to use the url path for the native authorization code flow. Ports forward #1143 from 4.4.3
  • #1599 Remove unnecessarily re-fetch of application object when creating an access token.

... (truncated)

Changelog

Sourced from doorkeeper's changelog.

5.7.0

  • #1696 Add missing #issued_token method to OAuth::TokenResponse
  • #1697 Allow a TokenResponse body to be customized (memoize response body).
  • #1702 Fix bugs for error response in the form_post and error view
  • #1660 Custom access token attributes are now considered when finding matching tokens (fixes #1665). Introduce revoke_previous_client_credentials_token configuration option.

5.6.9

  • #1691 Make new Doorkeeper errors backward compatible with older extensions.

5.6.8

  • #1680 Fix handle_auth_errors :raise NotImplementedError

5.6.7

  • #1662 Specify uri_redirect validation class explicitly.
  • #1652 Add custom attributes support to token generator.
  • #1667 Pass client instead of grant.application to find_or_create_access_token.
  • #1673 Honor custom_access_token_attributes in client credentials grant flow.
  • #1676 Improve AuthorizationsController error response handling
  • #1677 Fix URIHelper.valid_for_authorization? breaking for non url URIs.

5.6.6

  • #1644 Update HTTP headers.
  • #1646 Block public clients automatic authorization skip.
  • #1648 Add custom token attributes to Refresh Token Request.
  • #1649 Fixed custom_access_token_attributes related errors.

5.6.5

  • #1602 Allow custom data to be stored inside access grants/tokens.
  • #1634 Code refactoring for custom token attributes.
  • #1639 Add grant type validation to avoid Internal Server Error for DELETE /oauth/authorize endpoint.

5.6.4

  • #1633 Apply ORM configuration in #to_prepare block to avoid autoloading errors.

5.6.3

  • #1622 Drop support for Rubies 2.5 and 2.6
  • #1605 Fix URI validation for Ruby 3.2+.
  • #1625 Exclude endless access tokens from StaleRecordsCleaner.
  • #1626 Remove deprecated active_record_options config option.
  • #1631 Fix regression with redirect behavior after token lookup optimizations (redirect to app URI when found).
  • #1630 Special case unique index creation for refresh_token on SQL Server.

... (truncated)

Upgrade guide

Sourced from doorkeeper's upgrade guide.

See Upgrade Guides in the project Wiki.

Commits
  • 8626b85 Release 5.7.0 :tada:
  • 1cc7145 [ci skip] Update changelog
  • 50c9300 Merge pull request #1660 from JeremyC-za/custom_attributes_multitenancy_patch
  • 58f68b4 Custom access token attributes are now considered when matching tokens (fixes...
  • 9c2b1d3 Mark AR specific tests with AR tag
  • 424b885 Mark AR specific tests with AR tag
  • 72f3c30 Merge pull request #1702 from lurz/form-post-error-redirect
  • 4cea951 Add CHANGELOG
  • a888789 Fix bugs for error response in the form_post and error view
  • e93f2d7 Merge pull request #1697 from kmayer/kmayer-customzied-token-response
  • Additional commits viewable in compare view


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)