2018-11-18 11:00:15 +05:30
|
|
|
# frozen_string_literal: true
|
|
|
|
|
2017-08-17 22:00:37 +05:30
|
|
|
class OauthAccessToken < Doorkeeper::AccessToken
|
2016-06-02 11:05:42 +05:30
|
|
|
belongs_to :resource_owner, class_name: 'User'
|
|
|
|
belongs_to :application, class_name: 'Doorkeeper::Application'
|
2018-03-17 18:26:18 +05:30
|
|
|
|
|
|
|
alias_attribute :user, :resource_owner
|
|
|
|
|
2022-08-13 15:12:31 +05:30
|
|
|
scope :latest_per_application, -> { select('distinct on(application_id) *').order(application_id: :desc, created_at: :desc) }
|
|
|
|
scope :preload_application, -> { preload(:application) }
|
2019-12-04 20:38:33 +05:30
|
|
|
|
2018-03-17 18:26:18 +05:30
|
|
|
def scopes=(value)
|
|
|
|
if value.is_a?(Array)
|
|
|
|
super(Doorkeeper::OAuth::Scopes.from_array(value).to_s)
|
|
|
|
else
|
|
|
|
super
|
|
|
|
end
|
|
|
|
end
|
2022-08-27 11:52:29 +05:30
|
|
|
|
|
|
|
# this method overrides a shortcoming upstream, more context:
|
|
|
|
# https://gitlab.com/gitlab-org/gitlab/-/issues/367888
|
|
|
|
def self.find_by_fallback_token(attr, plain_secret)
|
|
|
|
return unless fallback_secret_strategy && fallback_secret_strategy == Doorkeeper::SecretStoring::Plain
|
|
|
|
# token is hashed, don't allow plaintext comparison
|
|
|
|
return if plain_secret.starts_with?("$")
|
|
|
|
|
|
|
|
super
|
|
|
|
end
|
2022-10-11 01:57:18 +05:30
|
|
|
|
|
|
|
# Override Doorkeeper::AccessToken.matching_token_for since we
|
|
|
|
# have `reuse_access_tokens` disabled and we also hash tokens.
|
|
|
|
# This ensures we don't accidentally return a hashed token value.
|
|
|
|
def self.matching_token_for(application, resource_owner, scopes)
|
2023-01-13 00:05:48 +05:30
|
|
|
# no-op
|
2022-10-11 01:57:18 +05:30
|
|
|
end
|
2016-06-02 11:05:42 +05:30
|
|
|
end
|