Add client_secret_expires_at to Application, for forward-compatibility with expiring applications

2024-05-15 23:56:20 +02:00 · 2024-05-15 23:56:20 +02:00 · 9544ee54c8
parent 2da2a1dae9
commit 9544ee54c8
3 changed files with 9 additions and 1 deletions
--- a/app/serializers/rest/credential_application_serializer.rb
+++ b/app/serializers/rest/credential_application_serializer.rb
@ -1,7 +1,7 @@
 # frozen_string_literal: true

 class REST::CredentialApplicationSerializer < REST::ApplicationSerializer
-  attributes :client_id, :client_secret
+  attributes :client_id, :client_secret, :client_secret_expires_at

  def client_id
    object.uid
@ -10,4 +10,10 @@ class REST::CredentialApplicationSerializer < REST::ApplicationSerializer
  def client_secret
    object.secret
  end
+
+  # Added for future forwards compatibility when we may decide to expire OAuth
+  # Applications. Set to zero means that the client_secret never expires.
+  def client_secret_expires_at
+    0
+  end
 end
--- a/spec/requests/api/v1/apps/credentials_spec.rb
+++ b/spec/requests/api/v1/apps/credentials_spec.rb
@ -39,6 +39,7 @@ describe 'Credentials' do

        expect(body_as_json[:client_id]).to_not be_present
        expect(body_as_json[:client_secret]).to_not be_present
+        expect(body_as_json[:client_secret_expires_at]).to_not be_present
      end
    end

--- a/spec/requests/api/v1/apps_spec.rb
+++ b/spec/requests/api/v1/apps_spec.rb
@ -40,6 +40,7 @@ RSpec.describe 'Apps' do
            id: app.id.to_s,
            client_id: app.uid,
            client_secret: app.secret,
+            client_secret_expires_at: 0,
            name: client_name,
            website: website,
            scopes: ['read', 'write'],