Skip to content
This repository has been archived by the owner on Sep 18, 2019. It is now read-only.

Commit

Permalink
Merge pull request #2 from medley-inc/client_secret_patch
Browse files Browse the repository at this point in the history 
Allow blank string
  • Loading branch information
@seka
seka authored Sep 19, 2018
2 parents df8bddf + 42b32bf commit eee932c
Showing 1 changed file with 6 additions and 2 deletions.
8 changes: 6 additions & 2 deletions lib/doorkeeper-mongodb/mixins/mongoid/application_mixin.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -21,7 +21,7 @@ module ApplicationMixin
has_many :access_grants, has_many_options.merge(class_name: 'Doorkeeper::AccessGrant')
has_many :access_tokens, has_many_options.merge(class_name: 'Doorkeeper::AccessToken')

validates :name, :secret, :uid, presence: true
validates :name, :uid, presence: true
validates :uid, uniqueness: true
validates :redirect_uri, redirect_uri: true

Expand Down Expand Up @@ -71,7 +71,11 @@ def generate_uid
end

def generate_secret
if secret.blank?
# 外部連携 B パターン (院内のサーバーなしのクライアントの場合) でクライアント認証なしの Authorization Code フローを利用することになったため
# 空文字のシークレットを設定できるようにしたかったが、RFC の仕様的に空の場合は省略してもよい (MAY) となっており、
# 実装する側に処理が依存するようなので独自にパッチを当てる
# See https://openid-foundation-japan.github.io/rfc6749.ja.html#client-password
if secret.nil?
self.secret = UniqueToken.generate
end
end
Expand Down

0 comments on commit eee932c

Please # to comment.