commit
f8d1ea90bc
124
Gemfile.lock
124
Gemfile.lock
|
@ -20,89 +20,88 @@ PATH
|
|||
GEM
|
||||
remote: https://rubygems.org/
|
||||
specs:
|
||||
actioncable (7.0.2.2)
|
||||
actionpack (= 7.0.2.2)
|
||||
activesupport (= 7.0.2.2)
|
||||
actioncable (7.0.2.3)
|
||||
actionpack (= 7.0.2.3)
|
||||
activesupport (= 7.0.2.3)
|
||||
nio4r (~> 2.0)
|
||||
websocket-driver (>= 0.6.1)
|
||||
actionmailbox (7.0.2.2)
|
||||
actionpack (= 7.0.2.2)
|
||||
activejob (= 7.0.2.2)
|
||||
activerecord (= 7.0.2.2)
|
||||
activestorage (= 7.0.2.2)
|
||||
activesupport (= 7.0.2.2)
|
||||
actionmailbox (7.0.2.3)
|
||||
actionpack (= 7.0.2.3)
|
||||
activejob (= 7.0.2.3)
|
||||
activerecord (= 7.0.2.3)
|
||||
activestorage (= 7.0.2.3)
|
||||
activesupport (= 7.0.2.3)
|
||||
mail (>= 2.7.1)
|
||||
net-imap
|
||||
net-pop
|
||||
net-smtp
|
||||
actionmailer (7.0.2.2)
|
||||
actionpack (= 7.0.2.2)
|
||||
actionview (= 7.0.2.2)
|
||||
activejob (= 7.0.2.2)
|
||||
activesupport (= 7.0.2.2)
|
||||
actionmailer (7.0.2.3)
|
||||
actionpack (= 7.0.2.3)
|
||||
actionview (= 7.0.2.3)
|
||||
activejob (= 7.0.2.3)
|
||||
activesupport (= 7.0.2.3)
|
||||
mail (~> 2.5, >= 2.5.4)
|
||||
net-imap
|
||||
net-pop
|
||||
net-smtp
|
||||
rails-dom-testing (~> 2.0)
|
||||
actionpack (7.0.2.2)
|
||||
actionview (= 7.0.2.2)
|
||||
activesupport (= 7.0.2.2)
|
||||
actionpack (7.0.2.3)
|
||||
actionview (= 7.0.2.3)
|
||||
activesupport (= 7.0.2.3)
|
||||
rack (~> 2.0, >= 2.2.0)
|
||||
rack-test (>= 0.6.3)
|
||||
rails-dom-testing (~> 2.0)
|
||||
rails-html-sanitizer (~> 1.0, >= 1.2.0)
|
||||
actiontext (7.0.2.2)
|
||||
actionpack (= 7.0.2.2)
|
||||
activerecord (= 7.0.2.2)
|
||||
activestorage (= 7.0.2.2)
|
||||
activesupport (= 7.0.2.2)
|
||||
actiontext (7.0.2.3)
|
||||
actionpack (= 7.0.2.3)
|
||||
activerecord (= 7.0.2.3)
|
||||
activestorage (= 7.0.2.3)
|
||||
activesupport (= 7.0.2.3)
|
||||
globalid (>= 0.6.0)
|
||||
nokogiri (>= 1.8.5)
|
||||
actionview (7.0.2.2)
|
||||
activesupport (= 7.0.2.2)
|
||||
actionview (7.0.2.3)
|
||||
activesupport (= 7.0.2.3)
|
||||
builder (~> 3.1)
|
||||
erubi (~> 1.4)
|
||||
rails-dom-testing (~> 2.0)
|
||||
rails-html-sanitizer (~> 1.1, >= 1.2.0)
|
||||
activejob (7.0.2.2)
|
||||
activesupport (= 7.0.2.2)
|
||||
activejob (7.0.2.3)
|
||||
activesupport (= 7.0.2.3)
|
||||
globalid (>= 0.3.6)
|
||||
activemodel (7.0.2.2)
|
||||
activesupport (= 7.0.2.2)
|
||||
activerecord (7.0.2.2)
|
||||
activemodel (= 7.0.2.2)
|
||||
activesupport (= 7.0.2.2)
|
||||
activestorage (7.0.2.2)
|
||||
actionpack (= 7.0.2.2)
|
||||
activejob (= 7.0.2.2)
|
||||
activerecord (= 7.0.2.2)
|
||||
activesupport (= 7.0.2.2)
|
||||
activemodel (7.0.2.3)
|
||||
activesupport (= 7.0.2.3)
|
||||
activerecord (7.0.2.3)
|
||||
activemodel (= 7.0.2.3)
|
||||
activesupport (= 7.0.2.3)
|
||||
activestorage (7.0.2.3)
|
||||
actionpack (= 7.0.2.3)
|
||||
activejob (= 7.0.2.3)
|
||||
activerecord (= 7.0.2.3)
|
||||
activesupport (= 7.0.2.3)
|
||||
marcel (~> 1.0)
|
||||
mini_mime (>= 1.1.0)
|
||||
activesupport (7.0.2.2)
|
||||
activesupport (7.0.2.3)
|
||||
concurrent-ruby (~> 1.0, >= 1.0.2)
|
||||
i18n (>= 1.6, < 2)
|
||||
minitest (>= 5.1)
|
||||
tzinfo (~> 2.0)
|
||||
bcrypt (3.1.16)
|
||||
bcrypt (3.1.17)
|
||||
builder (3.2.4)
|
||||
concurrent-ruby (1.1.9)
|
||||
concurrent-ruby (1.1.10)
|
||||
crass (1.0.6)
|
||||
digest (3.1.0)
|
||||
erubi (1.10.0)
|
||||
faraday (2.2.0)
|
||||
faraday-net_http (~> 2.0)
|
||||
ruby2_keywords (>= 0.0.4)
|
||||
faraday-net_http (2.0.1)
|
||||
faraday-net_http (2.0.2)
|
||||
globalid (1.0.0)
|
||||
activesupport (>= 5.0)
|
||||
hashie (5.0.0)
|
||||
i18n (1.10.0)
|
||||
concurrent-ruby (~> 1.0)
|
||||
io-wait (0.2.1)
|
||||
jwt (2.3.0)
|
||||
loofah (2.14.0)
|
||||
loofah (2.16.0)
|
||||
crass (~> 1.0.2)
|
||||
nokogiri (>= 1.5.9)
|
||||
mail (2.7.1)
|
||||
|
@ -123,8 +122,7 @@ GEM
|
|||
digest
|
||||
net-protocol
|
||||
timeout
|
||||
net-protocol (0.1.2)
|
||||
io-wait
|
||||
net-protocol (0.1.3)
|
||||
timeout
|
||||
net-smtp (0.3.1)
|
||||
digest
|
||||
|
@ -140,9 +138,9 @@ GEM
|
|||
multi_json (~> 1.3)
|
||||
multi_xml (~> 0.5)
|
||||
rack (>= 1.2, < 3)
|
||||
omniauth (2.0.4)
|
||||
omniauth (2.1.0)
|
||||
hashie (>= 3.4.6)
|
||||
rack (>= 1.6.2, < 3)
|
||||
rack (>= 2.2.3)
|
||||
rack-protection
|
||||
omniauth-facebook (9.0.0)
|
||||
omniauth-oauth2 (~> 1.2)
|
||||
|
@ -164,28 +162,28 @@ GEM
|
|||
rack
|
||||
rack-test (1.1.0)
|
||||
rack (>= 1.0, < 3)
|
||||
rails (7.0.2.2)
|
||||
actioncable (= 7.0.2.2)
|
||||
actionmailbox (= 7.0.2.2)
|
||||
actionmailer (= 7.0.2.2)
|
||||
actionpack (= 7.0.2.2)
|
||||
actiontext (= 7.0.2.2)
|
||||
actionview (= 7.0.2.2)
|
||||
activejob (= 7.0.2.2)
|
||||
activemodel (= 7.0.2.2)
|
||||
activerecord (= 7.0.2.2)
|
||||
activestorage (= 7.0.2.2)
|
||||
activesupport (= 7.0.2.2)
|
||||
rails (7.0.2.3)
|
||||
actioncable (= 7.0.2.3)
|
||||
actionmailbox (= 7.0.2.3)
|
||||
actionmailer (= 7.0.2.3)
|
||||
actionpack (= 7.0.2.3)
|
||||
actiontext (= 7.0.2.3)
|
||||
actionview (= 7.0.2.3)
|
||||
activejob (= 7.0.2.3)
|
||||
activemodel (= 7.0.2.3)
|
||||
activerecord (= 7.0.2.3)
|
||||
activestorage (= 7.0.2.3)
|
||||
activesupport (= 7.0.2.3)
|
||||
bundler (>= 1.15.0)
|
||||
railties (= 7.0.2.2)
|
||||
railties (= 7.0.2.3)
|
||||
rails-dom-testing (2.0.3)
|
||||
activesupport (>= 4.2.0)
|
||||
nokogiri (>= 1.6)
|
||||
rails-html-sanitizer (1.4.2)
|
||||
loofah (~> 2.3)
|
||||
railties (7.0.2.2)
|
||||
actionpack (= 7.0.2.2)
|
||||
activesupport (= 7.0.2.2)
|
||||
railties (7.0.2.3)
|
||||
actionpack (= 7.0.2.3)
|
||||
activesupport (= 7.0.2.3)
|
||||
method_source
|
||||
rake (>= 12.2)
|
||||
thor (~> 1.0)
|
||||
|
@ -203,7 +201,7 @@ GEM
|
|||
stringio (3.0.1)
|
||||
strscan (3.0.1)
|
||||
thor (1.2.1)
|
||||
timecop (0.9.4)
|
||||
timecop (0.9.5)
|
||||
timeout (0.2.0)
|
||||
tzinfo (2.0.4)
|
||||
concurrent-ruby (~> 1.0)
|
||||
|
|
|
@ -2,6 +2,11 @@
|
|||
|
||||
source "https://rubygems.org"
|
||||
|
||||
git_source(:github) do |repo_name|
|
||||
repo_name = "#{repo_name}/#{repo_name}" unless repo_name.include?('/')
|
||||
"https://github.com/#{repo_name}.git"
|
||||
end
|
||||
|
||||
gemspec path: ".."
|
||||
|
||||
gem "rails", github: "rails/rails", branch: "4-1-stable"
|
||||
|
|
|
@ -2,6 +2,11 @@
|
|||
|
||||
source "https://rubygems.org"
|
||||
|
||||
git_source(:github) do |repo_name|
|
||||
repo_name = "#{repo_name}/#{repo_name}" unless repo_name.include?('/')
|
||||
"https://github.com/#{repo_name}.git"
|
||||
end
|
||||
|
||||
gemspec path: ".."
|
||||
|
||||
gem "rails", github: "rails/rails", branch: "4-2-stable"
|
||||
|
|
|
@ -4,6 +4,11 @@ Warden::Manager.after_authentication do |record, warden, options|
|
|||
clean_up_for_winning_strategy = !warden.winning_strategy.respond_to?(:clean_up_csrf?) ||
|
||||
warden.winning_strategy.clean_up_csrf?
|
||||
if Devise.clean_up_csrf_token_on_authentication && clean_up_for_winning_strategy
|
||||
warden.request.session.try(:delete, :_csrf_token)
|
||||
if warden.request.respond_to?(:reset_csrf_token)
|
||||
# Rails 7.1+
|
||||
warden.request.reset_csrf_token
|
||||
else
|
||||
warden.request.session.try(:delete, :_csrf_token)
|
||||
end
|
||||
end
|
||||
end
|
||||
|
|
|
@ -213,9 +213,13 @@ class FailureTest < ActiveSupport::TestCase
|
|||
|
||||
test 'set up a default message' do
|
||||
call_failure
|
||||
assert_match(/You are being/, @response.last.body)
|
||||
assert_match(/redirected/, @response.last.body)
|
||||
assert_match(/users\/sign_in/, @response.last.body)
|
||||
if Devise::Test.rails71_and_up?
|
||||
assert_empty @response.last.body
|
||||
else
|
||||
assert_match(/You are being/, @response.last.body)
|
||||
assert_match(/redirected/, @response.last.body)
|
||||
assert_match(/users\/sign_in/, @response.last.body)
|
||||
end
|
||||
end
|
||||
|
||||
test 'works for any navigational format' do
|
||||
|
|
|
@ -346,10 +346,18 @@ class AuthenticationSessionTest < Devise::IntegrationTest
|
|||
test 'refreshes _csrf_token' do
|
||||
swap ApplicationController, allow_forgery_protection: true do
|
||||
get new_user_session_path
|
||||
token = request.session[:_csrf_token]
|
||||
token_from_session = request.session[:_csrf_token]
|
||||
|
||||
if Devise::Test.rails71_and_up?
|
||||
token_from_env = request.env["action_controller.csrf_token"]
|
||||
end
|
||||
|
||||
sign_in_as_user
|
||||
assert_not_equal request.session[:_csrf_token], token
|
||||
assert_not_equal request.session[:_csrf_token], token_from_session
|
||||
|
||||
if Devise::Test.rails71_and_up?
|
||||
assert_not_equal request.env["action_controller.csrf_token"], token_from_env
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
|
|
|
@ -50,7 +50,7 @@ module RailsApp
|
|||
Rails.application.config.active_record.sqlite3.represent_boolean_as_integer = true
|
||||
end
|
||||
|
||||
if Devise::Test.rails7_and_up?
|
||||
if Devise::Test.rails70?
|
||||
config.active_record.legacy_connection_handling = false
|
||||
end
|
||||
end
|
||||
|
|
|
@ -8,8 +8,12 @@ module Devise
|
|||
module Test
|
||||
# Detection for minor differences between Rails versions in tests.
|
||||
|
||||
def self.rails7_and_up?
|
||||
Rails::VERSION::MAJOR >= 7
|
||||
def self.rails71_and_up?
|
||||
!rails70? && Rails::VERSION::MAJOR >= 7
|
||||
end
|
||||
|
||||
def self.rails70?
|
||||
Rails.version.start_with? '7.0'
|
||||
end
|
||||
|
||||
def self.rails6_and_up?
|
||||
|
|
|
@ -97,7 +97,12 @@ class TestControllerHelpersTest < Devise::ControllerTestCase
|
|||
|
||||
test "returns the body of a failure app" do
|
||||
get :index
|
||||
assert_equal "<html><body>You are being <a href=\"http://test.host/users/sign_in\">redirected</a>.</body></html>", response.body
|
||||
|
||||
if Devise::Test.rails71_and_up?
|
||||
assert_empty response.body
|
||||
else
|
||||
assert_equal "<html><body>You are being <a href=\"http://test.host/users/sign_in\">redirected</a>.</body></html>", response.body
|
||||
end
|
||||
end
|
||||
|
||||
test "returns the content type of a failure app" do
|
||||
|
@ -203,6 +208,11 @@ class TestControllerHelpersForStreamingControllerTest < Devise::ControllerTestCa
|
|||
|
||||
test "doesn't hang when sending an authentication error response body" do
|
||||
get :index
|
||||
assert_equal "<html><body>You are being <a href=\"http://test.host/users/sign_in\">redirected</a>.</body></html>", response.body
|
||||
|
||||
if Devise::Test.rails71_and_up?
|
||||
assert_empty response.body
|
||||
else
|
||||
assert_equal "<html><body>You are being <a href=\"http://test.host/users/sign_in\">redirected</a>.</body></html>", response.body
|
||||
end
|
||||
end
|
||||
end
|
||||
|
|
Loading…
Reference in New Issue