diff options
-rw-r--r-- | Gemfile | 2 | ||||
-rw-r--r-- | Gemfile.lock | 12 | ||||
-rw-r--r-- | changelogs/unreleased/fix-update-doorkeeper-openid-connect.yml | 5 | ||||
-rw-r--r-- | config/initializers/doorkeeper_openid_connect.rb | 2 | ||||
-rw-r--r-- | config/initializers/secret_token.rb | 2 | ||||
-rw-r--r-- | spec/initializers/secret_token_spec.rb | 18 |
6 files changed, 23 insertions, 18 deletions
@@ -23,7 +23,7 @@ gem 'faraday', '~> 0.12' # Authentication libraries gem 'devise', '~> 4.2' gem 'doorkeeper', '~> 4.2.0' -gem 'doorkeeper-openid_connect', '~> 1.1.0' +gem 'doorkeeper-openid_connect', '~> 1.2.0' gem 'omniauth', '~> 1.4.2' gem 'omniauth-auth0', '~> 1.4.1' gem 'omniauth-azure-oauth2', '~> 0.0.9' diff --git a/Gemfile.lock b/Gemfile.lock index 4622fd141ba..6040596dda5 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -80,7 +80,7 @@ GEM coderay (>= 1.0.0) erubis (>= 2.6.6) rack (>= 0.9.0) - bindata (2.3.5) + bindata (2.4.1) binding_of_caller (0.7.2) debug_inspector (>= 0.0.1) bootstrap-sass (3.3.6) @@ -166,9 +166,9 @@ GEM docile (1.1.5) domain_name (0.5.20161021) unf (>= 0.0.5, < 1.0.0) - doorkeeper (4.2.0) + doorkeeper (4.2.6) railties (>= 4.2) - doorkeeper-openid_connect (1.1.2) + doorkeeper-openid_connect (1.2.0) doorkeeper (~> 4.0) json-jwt (~> 1.6) dropzonejs-rails (0.7.2) @@ -410,7 +410,7 @@ GEM railties (>= 4.2.0) thor (>= 0.14, < 2.0) json (1.8.6) - json-jwt (1.7.1) + json-jwt (1.7.2) activesupport bindata multi_json (>= 1.3) @@ -681,7 +681,7 @@ GEM rainbow (2.2.2) rake raindrops (0.18.0) - rake (12.0.0) + rake (12.1.0) rblineprof (0.3.6) debugger-ruby_core_source (~> 1.3) rbnacl (4.0.2) @@ -1002,7 +1002,7 @@ DEPENDENCIES devise-two-factor (~> 3.0.0) diffy (~> 3.1.0) doorkeeper (~> 4.2.0) - doorkeeper-openid_connect (~> 1.1.0) + doorkeeper-openid_connect (~> 1.2.0) dropzonejs-rails (~> 0.7.1) email_reply_trimmer (~> 0.1) email_spec (~> 1.6.0) diff --git a/changelogs/unreleased/fix-update-doorkeeper-openid-connect.yml b/changelogs/unreleased/fix-update-doorkeeper-openid-connect.yml new file mode 100644 index 00000000000..c57fceec92f --- /dev/null +++ b/changelogs/unreleased/fix-update-doorkeeper-openid-connect.yml @@ -0,0 +1,5 @@ +--- +title: Upgrade doorkeeper-openid_connect +merge_request: 14372 +author: Markus Koller +type: other diff --git a/config/initializers/doorkeeper_openid_connect.rb b/config/initializers/doorkeeper_openid_connect.rb index c58f425b19b..af174def047 100644 --- a/config/initializers/doorkeeper_openid_connect.rb +++ b/config/initializers/doorkeeper_openid_connect.rb @@ -1,7 +1,7 @@ Doorkeeper::OpenidConnect.configure do issuer Gitlab.config.gitlab.url - jws_private_key Rails.application.secrets.jws_private_key + signing_key Rails.application.secrets.openid_connect_signing_key resource_owner_from_access_token do |access_token| User.active.find_by(id: access_token.resource_owner_id) diff --git a/config/initializers/secret_token.rb b/config/initializers/secret_token.rb index f9c1d2165d3..750a5b34f3b 100644 --- a/config/initializers/secret_token.rb +++ b/config/initializers/secret_token.rb @@ -25,7 +25,7 @@ def create_tokens secret_key_base: file_secret_key || generate_new_secure_token, otp_key_base: env_secret_key || file_secret_key || generate_new_secure_token, db_key_base: generate_new_secure_token, - jws_private_key: generate_new_rsa_private_key + openid_connect_signing_key: generate_new_rsa_private_key } missing_secrets = set_missing_keys(defaults) diff --git a/spec/initializers/secret_token_spec.rb b/spec/initializers/secret_token_spec.rb index 84ad55e9f98..d56e14e0e0b 100644 --- a/spec/initializers/secret_token_spec.rb +++ b/spec/initializers/secret_token_spec.rb @@ -36,10 +36,10 @@ describe 'create_tokens' do expect(keys).to all(match(HEX_KEY)) end - it 'generates an RSA key for jws_private_key' do + it 'generates an RSA key for openid_connect_signing_key' do create_tokens - keys = secrets.values_at(:jws_private_key) + keys = secrets.values_at(:openid_connect_signing_key) expect(keys.uniq).to eq(keys) expect(keys).to all(match(RSA_KEY)) @@ -49,7 +49,7 @@ describe 'create_tokens' do expect(self).to receive(:warn_missing_secret).with('secret_key_base') expect(self).to receive(:warn_missing_secret).with('otp_key_base') expect(self).to receive(:warn_missing_secret).with('db_key_base') - expect(self).to receive(:warn_missing_secret).with('jws_private_key') + expect(self).to receive(:warn_missing_secret).with('openid_connect_signing_key') create_tokens end @@ -61,7 +61,7 @@ describe 'create_tokens' do expect(new_secrets['secret_key_base']).to eq(secrets.secret_key_base) expect(new_secrets['otp_key_base']).to eq(secrets.otp_key_base) expect(new_secrets['db_key_base']).to eq(secrets.db_key_base) - expect(new_secrets['jws_private_key']).to eq(secrets.jws_private_key) + expect(new_secrets['openid_connect_signing_key']).to eq(secrets.openid_connect_signing_key) end create_tokens @@ -77,7 +77,7 @@ describe 'create_tokens' do context 'when the other secrets all exist' do before do secrets.db_key_base = 'db_key_base' - secrets.jws_private_key = 'jws_private_key' + secrets.openid_connect_signing_key = 'openid_connect_signing_key' allow(File).to receive(:exist?).with('.secret').and_return(true) allow(File).to receive(:read).with('.secret').and_return('file_key') @@ -88,7 +88,7 @@ describe 'create_tokens' do stub_env('SECRET_KEY_BASE', 'env_key') secrets.secret_key_base = 'secret_key_base' secrets.otp_key_base = 'otp_key_base' - secrets.jws_private_key = 'jws_private_key' + secrets.openid_connect_signing_key = 'openid_connect_signing_key' end it 'does not issue a warning' do @@ -114,7 +114,7 @@ describe 'create_tokens' do before do secrets.secret_key_base = 'secret_key_base' secrets.otp_key_base = 'otp_key_base' - secrets.jws_private_key = 'jws_private_key' + secrets.openid_connect_signing_key = 'openid_connect_signing_key' end it 'does not write any files' do @@ -129,7 +129,7 @@ describe 'create_tokens' do expect(secrets.secret_key_base).to eq('secret_key_base') expect(secrets.otp_key_base).to eq('otp_key_base') expect(secrets.db_key_base).to eq('db_key_base') - expect(secrets.jws_private_key).to eq('jws_private_key') + expect(secrets.openid_connect_signing_key).to eq('openid_connect_signing_key') end it 'deletes the .secret file' do @@ -153,7 +153,7 @@ describe 'create_tokens' do expect(new_secrets['secret_key_base']).to eq('file_key') expect(new_secrets['otp_key_base']).to eq('file_key') expect(new_secrets['db_key_base']).to eq('db_key_base') - expect(new_secrets['jws_private_key']).to eq('jws_private_key') + expect(new_secrets['openid_connect_signing_key']).to eq('openid_connect_signing_key') end create_tokens |