ylqjgm
/
canvas-lms
mirror of https://github.com/instructure/canvas-lms.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
canvas-lms/db/migrate/20150910191348_add_refresh_...

30 lines
1004 B
Ruby
Raw Normal View History

da licença part 37 add consistent license headers to all source files (ruby, coffeescript, javascript) except for vendor files Change-Id: Ibc881431ca51b7da3b0d3182033e95ebf7d6e524 Reviewed-on: https://gerrit.instructure.com/110067 Tested-by: Jenkins Reviewed-by: Jon Jensen <jon@instructure.com> Product-Review: Jon Jensen <jon@instructure.com> QA-Review: Jon Jensen <jon@instructure.com>
2017-04-28 04:17:40 +08:00
#
# Copyright (C) 2015 - present Instructure, Inc.
#
# This file is part of Canvas.
#
# Canvas is free software: you can redistribute it and/or modify it under
# the terms of the GNU Affero General Public License as published by the Free
# Software Foundation, version 3 of the License.
#
# Canvas is distributed in the hope that it will be useful, but WITHOUT ANY
# WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
# A PARTICULAR PURPOSE. See the GNU Affero General Public License for more
# details.
#
# You should have received a copy of the GNU Affero General Public License along
# with this program. If not, see <http://www.gnu.org/licenses/>.
Rails 5: fix Rails version migration deprecation warning also pins all migrations to Rails 4.2 semantics Change-Id: I386566f7a1f3e3e8aa31675f467c87c443457aee Reviewed-on: https://gerrit.instructure.com/95571 Reviewed-by: Simon Williams <simon@instructure.com> Tested-by: Simon Williams <simon@instructure.com> Product-Review: Cody Cutrer <cody@instructure.com> QA-Review: Cody Cutrer <cody@instructure.com>
2016-11-18 06:06:00 +08:00
class AddRefreshTokenToAccessTokens < ActiveRecord::Migration[4.2]
As a OAuth consumer I want to get a refresh token during OAuth2 Registration refresh token is now returned in oath registration Fixes PLAT-1218 Test Plan: Create a dev_key that has an invalid redirect_ur, this makes it easier to subvert the oauth process later. attempt to authorize your new key with a user. I used something like blackmesa.canvas.dev/login/oauth2/auth?client_id=30000000000001&response_type=code&redirect_uri=http://blackmesa.dev/redirect&state=YYY Sign in and authorize. You should be redirected to something similar to http://blackmesa.dev/redirect?code=1c8d2ff5498eb879db9737d494a4bbd64810c84cf7e1776d1f4cebdb9699244c6209add4838d02f0d67b969a599cee589fecbeef5f84ababb1ef6e4cb9099b68&state=YYY Take the code out of the url. open up [postman](<https://chrome.google.com/webstore/detail/postman/fhbjgbiflinjbdggehcddcbncdddomop?hl=en) create a new post request with the following params code: #{code} client_id: #{your dev key's client id} client_secret: #{your dev key's client secret} make sure the response includes a refresh_token property. A postman request that can be imported [can be found here](https://gist.github.com/defektive/f1cced73b08e5f6a2925) ________ < Thanks > -------- \ ^__^ \ (oo)\_______ (__)\ )\/\ ||----w | || || Change-Id: I8a8a8450825309232c903251231dec8c5d4e7463 Reviewed-on: https://gerrit.instructure.com/63256 Tested-by: Jenkins Reviewed-by: Nathan Mills <nathanm@instructure.com> QA-Review: August Thornton <august@instructure.com> Product-Review: Brad Horrocks <bhorrocks@instructure.com>
2015-09-22 23:56:18 +08:00
tag :predeploy
def self.up
add_column :access_tokens, :crypted_refresh_token, :string
add_index :access_tokens, [:crypted_refresh_token], :unique => true
end
def self.down
remove_column :access_tokens, :crypted_refresh_token
end
end