Refactor to use attribute instead of delegate for :redirect_uri

2024-06-01 19:43:29 +00:00 · 2024-05-16 18:04:19 +02:00 · 2024-05-16 18:04:19 +02:00 · 150b2fafa7
parent f5a063b1d7
commit 150b2fafa7
3 changed files with 28 additions and 10 deletions
--- a/app/serializers/rest/application_serializer.rb
+++ b/app/serializers/rest/application_serializer.rb
@ -1,12 +1,15 @@
 # frozen_string_literal: true

 class REST::ApplicationSerializer < ActiveModel::Serializer
-  attributes :id, :name, :website, :scopes, :redirect_uri, :redirect_uris,
+  attributes :id, :name, :website, :scopes, :redirect_uris,
             :client_id, :client_secret

  # NOTE: Deprecated in 4.3.0, needs to be removed in 5.0.0
  attribute :vapid_key

+  # We should consider this property deprecated for 4.3.0
+  attribute :redirect_uri
+
  def id
    object.id.to_s
  end
@ -19,9 +22,6 @@ class REST::ApplicationSerializer < ActiveModel::Serializer
    object.secret
  end

-  # We should consider this property deprecated for 4.3.0
-  delegate :redirect_uri, to: :object
-
  def website
    object.website.presence
  end
--- a/spec/requests/api/v1/apps/credentials_spec.rb
+++ b/spec/requests/api/v1/apps/credentials_spec.rb
@ -20,12 +20,15 @@ describe 'Credentials' do

        expect(body_as_json).to match(
          a_hash_including(
+            id: token.application.id.to_s,
+            client_id: token.application.uid,
            name: token.application.name,
            website: token.application.website,
-            vapid_key: Rails.configuration.x.vapid_public_key,
            scopes: token.application.scopes.map(&:to_s),
            redirect_uris: token.application.redirect_uris,
-            client_id: token.application.uid
+            # Deprecated properties as of 4.3:
+            redirect_uri: token.application.redirect_uri.split.first,
+            vapid_key: Rails.configuration.x.vapid_public_key
          )
        )
      end
@ -59,12 +62,15 @@ describe 'Credentials' do

        expect(body_as_json).to match(
          a_hash_including(
+            id: token.application.id.to_s,
+            client_id: token.application.uid,
            name: token.application.name,
            website: token.application.website,
-            vapid_key: Rails.configuration.x.vapid_public_key,
            scopes: token.application.scopes.map(&:to_s),
            redirect_uris: token.application.redirect_uris,
-            client_id: token.application.uid
+            # Deprecated properties as of 4.3:
+            redirect_uri: token.application.redirect_uri.split.first,
+            vapid_key: Rails.configuration.x.vapid_public_key
          )
        )
      end
--- a/spec/requests/api/v1/apps_spec.rb
+++ b/spec/requests/api/v1/apps_spec.rb
@ -36,6 +36,7 @@ RSpec.describe 'Apps' do

        body = body_as_json

+        expect(body[:id]).to eq app.id.to_s
        expect(body[:client_id]).to be_present
        expect(body[:client_secret]).to be_present
        expect(body[:scopes]).to eq ['read', 'write']
@ -119,8 +120,19 @@ RSpec.describe 'Apps' do
      end
    end

-    context 'with a too-long redirect_uris' do
-      let(:redirect_uris) { "https://foo.bar/#{'hoge' * 2_000}" }
+    context 'with a too-long redirect_uri' do
+      let(:redirect_uris) { "https://app.example/#{'hoge' * 2_000}" }
+
+      it 'returns http unprocessable entity' do
+        subject
+
+        expect(response).to have_http_status(422)
+      end
+    end
+
+    # NOTE: This spec currently tests the same as the "with a too-long redirect_uri test case"
+    context 'with too many redirect_uris' do
+      let(:redirect_uris) { (0...500).map { |i| "https://app.example/#{i}/callback" } }

      it 'returns http unprocessable entity' do
        subject