diff --git a/Gemfile b/Gemfile
index 5ba154c0e618420c45003cb173ce109c8661eda8..542603a312f6eac963863f5319a7aee582140482 100644
--- a/Gemfile
+++ b/Gemfile
@@ -52,8 +52,8 @@ gem 'declarative_policy', '~> 1.1.0'
gem 'devise', '~> 4.8.1'
gem 'devise-pbkdf2-encryptable', '~> 0.0.0', path: 'vendor/gems/devise-pbkdf2-encryptable'
gem 'bcrypt', '~> 3.1', '>= 3.1.14'
-gem 'doorkeeper', '~> 5.5.0.rc2'
-gem 'doorkeeper-openid_connect', '~> 1.7.5'
+gem 'doorkeeper', '~> 5.5'
+gem 'doorkeeper-openid_connect', '~> 1.8'
gem 'rexml', '~> 3.2.5'
gem 'ruby-saml', '~> 1.13.0'
gem 'omniauth', '~> 2.1.0'
diff --git a/Gemfile.checksum b/Gemfile.checksum
index bacb2c5459d89d736e21bc1c86d9f1fc43f654bd..f17b224f5907d9bbb1e424c6a693902e299b1aba 100644
--- a/Gemfile.checksum
+++ b/Gemfile.checksum
@@ -113,8 +113,8 @@
{"name":"discordrb-webhooks","version":"3.4.2","platform":"ruby","checksum":"cfdba8a4b28236b6ab34e37389f881a59c241aeb5be0a4447249efd4e4383c6e"},
{"name":"docile","version":"1.4.0","platform":"ruby","checksum":"5f1734bde23721245c20c3d723e76c104208e1aa01277a69901ce770f0ebb8d3"},
{"name":"domain_name","version":"0.5.20190701","platform":"ruby","checksum":"000a600454cb4a344769b2f10b531765ea7bd3a304fe47ed12e5ca1eab969851"},
-{"name":"doorkeeper","version":"5.5.0.rc2","platform":"ruby","checksum":"93a322ffca3cadbfb862b0199f78674d8372780afdd7471e657064610bb7b2d5"},
-{"name":"doorkeeper-openid_connect","version":"1.7.5","platform":"ruby","checksum":"2dea201ffd9e4bec573609c90bb638254a48bfa3de3ec4af892ec64e0b5947b2"},
+{"name":"doorkeeper","version":"5.5.4","platform":"ruby","checksum":"7fe233a96f93bf0d5496e2284abf431f38ab465fd65d1972b90cbec7c45b1ea1"},
+{"name":"doorkeeper-openid_connect","version":"1.8.2","platform":"ruby","checksum":"48368db38e4a957d85ca5226775f228c08a18c03614ddd060d0287da75739cdd"},
{"name":"dotenv","version":"2.7.6","platform":"ruby","checksum":"2451ed5e8e43776d7a787e51d6f8903b98e446146c7ad143d5678cc2c409d547"},
{"name":"dry-configurable","version":"0.12.0","platform":"ruby","checksum":"87a9579a04dfbae73e401d694282800d64bbdb8631cb3e987bfb79b673df7c67"},
{"name":"dry-container","version":"0.7.2","platform":"ruby","checksum":"a071824ba3451048b23500210f96a2b9facd6e46ac687f65e49c75d18786f6da"},
diff --git a/Gemfile.lock b/Gemfile.lock
index e6a9640c2040f2f1237d8b3ca0060ce775147760..9e479dc250b2a160b055c1ac4023624981f14a87 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -363,10 +363,10 @@ GEM
docile (1.4.0)
domain_name (0.5.20190701)
unf (>= 0.0.5, < 1.0.0)
- doorkeeper (5.5.0.rc2)
+ doorkeeper (5.5.4)
railties (>= 5)
- doorkeeper-openid_connect (1.7.5)
- doorkeeper (>= 5.2, < 5.5)
+ doorkeeper-openid_connect (1.8.2)
+ doorkeeper (>= 5.5, < 5.7)
json-jwt (>= 1.11.0)
dotenv (2.7.6)
dry-configurable (0.12.0)
@@ -1632,8 +1632,8 @@ DEPENDENCIES
diff_match_patch (~> 0.1.0)
diffy (~> 3.4)
discordrb-webhooks (~> 3.4)
- doorkeeper (~> 5.5.0.rc2)
- doorkeeper-openid_connect (~> 1.7.5)
+ doorkeeper (~> 5.5)
+ doorkeeper-openid_connect (~> 1.8)
ed25519 (~> 1.3.0)
elasticsearch-api (= 7.13.3)
elasticsearch-model (~> 7.2)
diff --git a/app/controllers/concerns/enforces_two_factor_authentication.rb b/app/controllers/concerns/enforces_two_factor_authentication.rb
index b1b6e21644e6257c08dffc01b826702026e493b7..28e5bfa45290fb05e54470f624d30c0e14d3ba24 100644
--- a/app/controllers/concerns/enforces_two_factor_authentication.rb
+++ b/app/controllers/concerns/enforces_two_factor_authentication.rb
@@ -10,11 +10,6 @@
module EnforcesTwoFactorAuthentication
extend ActiveSupport::Concern
- MFA_HELP_PAGE = Rails.application.routes.url_helpers.help_page_url(
- 'user/profile/account/two_factor_authentication.html',
- anchor: 'enable-two-factor-authentication'
- )
-
included do
before_action :check_two_factor_requirement, except: [:route_not_found]
@@ -33,7 +28,7 @@ def check_two_factor_requirement
when GraphqlController
render_error(
_("Authentication error: enable 2FA in your profile settings to continue using GitLab: %{mfa_help_page}") %
- { mfa_help_page: MFA_HELP_PAGE },
+ { mfa_help_page: mfa_help_page_url },
status: :unauthorized
)
else
@@ -84,6 +79,13 @@ def skip_two_factor?
def two_factor_verifier
@two_factor_verifier ||= Gitlab::Auth::TwoFactorAuthVerifier.new(current_user) # rubocop:disable Gitlab/ModuleWithInstanceVariables
end
+
+ def mfa_help_page_url
+ Rails.application.routes.url_helpers.help_page_url(
+ 'user/profile/account/two_factor_authentication.html',
+ anchor: 'enable-two-factor-authentication'
+ )
+ end
end
EnforcesTwoFactorAuthentication.prepend_mod_with('EnforcesTwoFactorAuthentication')
diff --git a/spec/controllers/graphql_controller_spec.rb b/spec/controllers/graphql_controller_spec.rb
index fe8b02917338bff4810e9c78d830d1792ee740b9..081e3169c3a37e9c18b486b00862386dda3df1a5 100644
--- a/spec/controllers/graphql_controller_spec.rb
+++ b/spec/controllers/graphql_controller_spec.rb
@@ -191,7 +191,7 @@
expected_message = "Authentication error: " \
"enable 2FA in your profile settings to continue using GitLab: %{mfa_help_page}" %
- { mfa_help_page: EnforcesTwoFactorAuthentication::MFA_HELP_PAGE }
+ { mfa_help_page: controller.mfa_help_page_url }
expect(json_response).to eq({ 'errors' => [{ 'message' => expected_message }] })
end
diff --git a/spec/requests/api/oauth_tokens_spec.rb b/spec/requests/api/oauth_tokens_spec.rb
index f07dcfcccd68039eaabdcf0940de9264bf5adc77..cb7024b7166764b89c8f0b3a39647026fc47f26b 100644
--- a/spec/requests/api/oauth_tokens_spec.rb
+++ b/spec/requests/api/oauth_tokens_spec.rb
@@ -85,8 +85,6 @@ def request_oauth_token(user, headers = {})
context 'with invalid credentials' do
it 'does not create an access token' do
- pending 'Enable this example after https://github.com/doorkeeper-gem/doorkeeper/pull/1488 is merged and released'
-
user = create(:user)
request_oauth_token(user, basic_auth_header(client.uid, 'invalid secret'))