# end
# end
+ application_class "Oauth2Application"
+
# Enables polymorphic Resource Owner association for Access Tokens and Access Grants.
# By default this option is disabled.
#
# Rationale: https://github.com/doorkeeper-gem/doorkeeper/issues/383
#
# You can not enable this option together with +hash_token_secrets+.
- #
- # reuse_access_token
+
+ reuse_access_token
# In case you enabled `reuse_access_token` option Doorkeeper will try to find matching
# token using `matching_token_for` Access Token API that searches for valid records
#
# Note: If you are already a user of doorkeeper and have existing tokens
# in your installation, they will be invalid without adding 'fallback: :plain'.
-
- hash_token_secrets
-
+ #
+ # hash_token_secrets
# By default, token secrets will be hashed using the
# +Doorkeeper::Hashing::SHA256+ strategy.
#
# If you wish to use another hashing implementation, you can override
# this strategy as follows:
- #
- # hash_token_secrets using: '::Doorkeeper::Hashing::MyCustomHashImpl'
- #
+
+ hash_token_secrets :using => "::Doorkeeper::SecretStoring::Plain",
+ :fallback => "::Doorkeeper::SecretStoring::Sha256Hash"
+
# Keep in mind that changing the hashing function will invalidate all existing
# secrets, if there are any.
# https://doorkeeper.gitbook.io/guides/ruby-on-rails/scopes
# default_scopes :public
- optional_scopes(*Oauth::SCOPES)
+ optional_scopes(*Oauth::SCOPES, *Oauth::PRIVILEGED_SCOPES)
# Allows to restrict only certain scopes for grant_type.
# By default, all the scopes will be available for all the grant types.
# Under some circumstances you might want to have applications auto-approved,
# so that the user skips the authorization step.
# For example if dealing with a trusted application.
- #
- # skip_authorization do |resource_owner, client|
- # client.superapp? or resource_owner.admin?
- # end
+
+ skip_authorization do |_, client|
+ client.scopes.include?("skip_authorization")
+ end
# Configure custom constraints for the Token Introspection request.
# By default this configuration option allows to introspect a token by another