AuthorizationsController errors don't adhere to the "handle_auth_errors :raise" config
thatandyrose opened this issue · 2 comments
thatandyrose commented
Steps to reproduce
In Doorkeeper.configure set handle_auth_errors :raise.
Then create an OAuth application without any scope. Now spin up an OAuth client and set an intial authorize request with scope=read for example.
Expected behavior
If I have set handle_auth_errors :raise then it should raise an exception. The issue with the current implementation is that it's very hard to tell if any part of an OAuth flow failed by looking at the logs. If an error was raised I'd clearly see a 500 status code for example.
The issue is not that this happens, but rather that it doesn't respect the handle_auth_errors setting.
Actual behavior
The result will be a 200 response with the error rendered in html, like this:
I think the issue is here (https://github.com/doorkeeper-gem/doorkeeper/blob/main/app/controllers/doorkeeper/authorizations_controller.rb#L43):
Render error surely should raise an exception if the config is set to :raise?
System configuration
You can help us to understand your problem if you will share some very
useful information about your project environment (don't forget to
remove any confidential data if it exists).
Doorkeeper initializer:
# config/initializers/doorkeeper.rb
Doorkeeper.configure do
# Change the ORM that doorkeeper will use (requires ORM extensions installed).
# Check the list of supported ORMs here: https://github.com/doorkeeper-gem/doorkeeper#orms
orm :active_record
# This block will be called to check whether the resource owner is authenticated or not.
resource_owner_authenticator do
# Put your resource owner authentication logic here.
Oauth::DoorkeeperEventHandlers.new(callback_self_context: self).on_is_resource_owner_authenticated_handler
end
# If you didn't skip applications controller from Doorkeeper routes in your application routes.rb
# file then you need to declare this block in order to restrict access to the web interface for
# adding oauth authorized applications. In other case it will return 403 Forbidden response
# every time somebody will try to access the admin web interface.
#
admin_authenticator do
Oauth::DoorkeeperEventHandlers.new(callback_self_context: self).on_admin_interface_authenticated_handler
end
# You can use your own model classes if you need to extend (or even override) default
# Doorkeeper models such as `Application`, `AccessToken` and `AccessGrant.
#
# Be default Doorkeeper ActiveRecord ORM uses it's own classes:
#
# access_token_class "Doorkeeper::AccessToken"
# access_grant_class "Doorkeeper::AccessGrant"
application_class "DoorkeeperOverrides::Application"
#
# Enforce token request content type to application/x-www-form-urlencoded.
# It is not enabled by default to not break prior versions of the gem.
#
# enforce_content_type
# Authorization Code expiration time (default: 10 minutes).
#
# authorization_code_expires_in 10.minutes
# Access token expiration time (default: 2 hours).
# If you want to disable expiration, set this to `nil`.
#
# access_token_expires_in 2.hours
# Assign custom TTL for access tokens. Will be used instead of access_token_expires_in
# option if defined. In case the block returns `nil` value Doorkeeper fallbacks to
# +access_token_expires_in+ configuration option value. If you really need to issue a
# non-expiring access token (which is not recommended) then you need to return
# Float::INFINITY from this block.
#
# `context` has the following properties available:
#
# * `client` - the OAuth client application (see Doorkeeper::OAuth::Client)
# * `grant_type` - the grant type of the request (see Doorkeeper::OAuth)
# * `scopes` - the requested scopes (see Doorkeeper::OAuth::Scopes)
# * `resource_owner` - authorized resource owner instance (if present)
#
# custom_access_token_expires_in do |context|
# context.client.additional_settings.implicit_oauth_expiration
# end
# Use a custom class for generating the access token.
# See https://doorkeeper.gitbook.io/guides/configuration/other-configurations#custom-access-token-generator
#
# access_token_generator '::Doorkeeper::JWT'
# The controller +Doorkeeper::ApplicationController+ inherits from.
# Defaults to +ActionController::Base+ unless +api_only+ is set, which changes the default to
# +ActionController::API+. The return value of this option must be a stringified class name.
# See https://doorkeeper.gitbook.io/guides/configuration/other-configurations#custom-controllers
#
# base_controller 'ApplicationController'
# Reuse access token for the same resource owner within an application (disabled by default).
#
# This option protects your application from creating new tokens before old valid one becomes
# expired so your database doesn't bloat. Keep in mind that when this option is `on` Doorkeeper
# doesn't updates existing token expiration time, it will create a new token instead.
# Rationale: https://github.com/doorkeeper-gem/doorkeeper/issues/383
#
# You can not enable this option together with +hash_token_secrets+.
#
# reuse_access_token
# In case you enabled `reuse_access_token` option Doorkeeper will try to find matching
# token using `matching_token_for` Access Token API that searches for valid records
# in batches in order not to pollute the memory with all the database records. By default
# Doorkeeper uses batch size of 10 000 records. You can increase or decrease this value
# depending on your needs and server capabilities.
#
# token_lookup_batch_size 10_000
# Set a limit for token_reuse if using reuse_access_token option
#
# This option limits token_reusability to some extent.
# If not set then access_token will be reused unless it expires.
# Rationale: https://github.com/doorkeeper-gem/doorkeeper/issues/1189
#
# This option should be a percentage(i.e. (0,100])
#
# token_reuse_limit 100
# Only allow one valid access token obtained via client credentials
# per client. If a new access token is obtained before the old one
# expired, the old one gets revoked (disabled by default)
#
# When enabling this option, make sure that you do not expect multiple processes
# using the same credentials at the same time (e.g. web servers spanning
# multiple machines and/or processes).
#
# revoke_previous_client_credentials_token
# Hash access and refresh tokens before persisting them.
# This will disable the possibility to use +reuse_access_token+
# since plain values can no longer be retrieved.
#
# Note: If you are already a user of doorkeeper and have existing tokens
# in your installation, they will be invalid without adding 'fallback: :plain'.
#
# hash_token_secrets
# By default, token secrets will be hashed using the
# +Doorkeeper::Hashing::SHA256+ strategy.
#
# If you wish to use another hashing implementation, you can override
# this strategy as follows:
#
# hash_token_secrets using: '::Doorkeeper::Hashing::MyCustomHashImpl'
#
# Keep in mind that changing the hashing function will invalidate all existing
# secrets, if there are any.
# Hash application secrets before persisting them.
#
# hash_application_secrets
#
# By default, applications will be hashed
# with the +Doorkeeper::SecretStoring::SHA256+ strategy.
#
# If you wish to use bcrypt for application secret hashing, uncomment
# this line instead:
#
# hash_application_secrets using: '::Doorkeeper::SecretStoring::BCrypt'
# a custom secret_storing strategy defined in lib/core_ext/doorkeeper/secret_storing/generic_encrypt.rb
hash_application_secrets using: '::Doorkeeper::SecretStoring::GenericEncrypt'
# When the above option is enabled, and a hashed token or secret is not found,
# you can allow to fall back to another strategy. For users upgrading
# doorkeeper and wishing to enable hashing, you will probably want to enable
# the fallback to plain tokens.
#
# This will ensure that old access tokens and secrets
# will remain valid even if the hashing above is enabled.
#
# This can be done by adding 'fallback: plain', e.g. :
#
# hash_application_secrets using: '::Doorkeeper::SecretStoring::BCrypt', fallback: :plain
# Issue access tokens with refresh token (disabled by default), you may also
# pass a block which accepts `context` to customize when to give a refresh
# token or not. Similar to +custom_access_token_expires_in+, `context` has
# the following properties:
#
# `client` - the OAuth client application (see Doorkeeper::OAuth::Client)
# `grant_type` - the grant type of the request (see Doorkeeper::OAuth)
# `scopes` - the requested scopes (see Doorkeeper::OAuth::Scopes)
#
use_refresh_token
# Provide support for an owner to be assigned to each registered application (disabled by default)
# Optional parameter confirmation: true (default: false) if you want to enforce ownership of
# a registered application
# NOTE: you must also run the rails g doorkeeper:application_owner generator
# to provide the necessary support
#
# enable_application_owner confirmation: false
# Define access token scopes for your provider
# For more information go to
# https://doorkeeper.gitbook.io/guides/ruby-on-rails/scopes
#
default_scopes :public
# optional_scopes :write, :update
# Allows to restrict only certain scopes for grant_type.
# By default, all the scopes will be available for all the grant types.
#
# Keys to this hash should be the name of grant_type and
# values should be the array of scopes for that grant type.
# Note: scopes should be from configured_scopes (i.e. default or optional)
#
# scopes_by_grant_type password: [:write], client_credentials: [:update]
# Change the way client credentials are retrieved from the request object.
# By default it retrieves first from the `HTTP_AUTHORIZATION` header, then
# falls back to the `:client_id` and `:client_secret` params from the `params` object.
# Check out https://github.com/doorkeeper-gem/doorkeeper/wiki/Changing-how-clients-are-authenticated
# for more information on customization
#
# client_credentials :from_basic, :from_params
# Forces the usage of the HTTPS protocol in non-native redirect uris (enabled
# by default in non-development environments). OAuth2 delegates security in
# communication to the HTTPS protocol so it is wise to keep this enabled.
#
# Callable objects such as proc, lambda, block or any object that responds to
# #call can be used in order to allow conditional checks (to allow non-SSL
# redirects to localhost for example).
#
force_ssl_in_redirect_uri Rails.application.config.force_ssl
#
# force_ssl_in_redirect_uri { |uri| uri.host != 'localhost' }
# Specify how authorization errors should be handled.
# By default, doorkeeper renders json errors when access token
# is invalid, expired, revoked or has invalid scopes.
#
# If you want to render error response yourself (i.e. rescue exceptions),
# set +handle_auth_errors+ to `:raise` and rescue Doorkeeper::Errors::InvalidToken
# or following specific errors:
#
# Doorkeeper::Errors::TokenForbidden, Doorkeeper::Errors::TokenExpired,
# Doorkeeper::Errors::TokenRevoked, Doorkeeper::Errors::TokenUnknown
#
handle_auth_errors :raise
# Hook into Authorization flow in order to implement Single Sign Out
# or add any other functionality. Inside the block you have an access
# to `controller` (authorizations controller instance) and `context`
# (Doorkeeper::OAuth::Hooks::Context instance) which provides pre auth
# or auth objects with issued token based on hook type (before or after).
#
# before_successful_authorization do |controller, context|
# Rails.logger.info(controller.request.params.inspect)
#
# Rails.logger.info(context.pre_auth.inspect)
# end
#
after_successful_authorization do |controller, context|
Oauth::DoorkeeperEventHandlers
.new(callback_self_context: self)
.on_after_successful_authorization_handler(auth_context: context, controller:)
end
# Under some circumstances you might want to have applications auto-approved,
# so that the user skips the authorization step.
# For example if dealing with a trusted application.
#
skip_authorization do |_resource_owner, client|
Oauth::DoorkeeperEventHandlers
.new(callback_self_context: self)
.on_skip_uthorization_handler(client:)
end
# WWW-Authenticate Realm (default: "Doorkeeper").
#
# realm "Doorkeeper"
endRuby version: `` 3.1.3
Gemfile.lock:
Gemfile.lock content
GEM
remote: https://rails-assets.org/
specs:
rails-assets-bootstrap-daterangepicker (3.0.5)
rails-assets-jquery (>= 1.9.1, < 4)
rails-assets-moment (>= 2.9.0)
rails-assets-clipboard (2.0.11)
rails-assets-jcrop (2.0.4)
rails-assets-jquery (3.6.1)
rails-assets-moment (2.29.4)
rails-assets-tether (2.0.0)
GEM
remote: https://rubygems.org/
specs:
actioncable (7.0.4)
actionpack (= 7.0.4)
activesupport (= 7.0.4)
nio4r (~> 2.0)
websocket-driver (>= 0.6.1)
actionmailbox (7.0.4)
actionpack (= 7.0.4)
activejob (= 7.0.4)
activerecord (= 7.0.4)
activestorage (= 7.0.4)
activesupport (= 7.0.4)
mail (>= 2.7.1)
net-imap
net-pop
net-smtp
actionmailer (7.0.4)
actionpack (= 7.0.4)
actionview (= 7.0.4)
activejob (= 7.0.4)
activesupport (= 7.0.4)
mail (~> 2.5, >= 2.5.4)
net-imap
net-pop
net-smtp
rails-dom-testing (~> 2.0)
actionpack (7.0.4)
actionview (= 7.0.4)
activesupport (= 7.0.4)
rack (~> 2.0, >= 2.2.0)
rack-test (>= 0.6.3)
rails-dom-testing (~> 2.0)
rails-html-sanitizer (~> 1.0, >= 1.2.0)
actiontext (7.0.4)
actionpack (= 7.0.4)
activerecord (= 7.0.4)
activestorage (= 7.0.4)
activesupport (= 7.0.4)
globalid (>= 0.6.0)
nokogiri (>= 1.8.5)
actionview (7.0.4)
activesupport (= 7.0.4)
builder (~> 3.1)
erubi (~> 1.4)
rails-dom-testing (~> 2.0)
rails-html-sanitizer (~> 1.1, >= 1.2.0)
active_model_serializers (0.10.13)
actionpack (>= 4.1, < 7.1)
activemodel (>= 4.1, < 7.1)
case_transform (>= 0.2)
jsonapi-renderer (>= 0.1.1.beta1, < 0.3)
active_record_union (1.3.0)
activerecord (>= 4.0)
activeadmin (2.13.1)
arbre (~> 1.2, >= 1.2.1)
formtastic (>= 3.1, < 5.0)
formtastic_i18n (~> 0.4)
inherited_resources (~> 1.7)
jquery-rails (~> 4.2)
kaminari (~> 1.0, >= 1.2.1)
railties (>= 6.1, < 7.1)
ransack (>= 2.1.1, < 4)
activejob (7.0.4)
activesupport (= 7.0.4)
globalid (>= 0.3.6)
activemodel (7.0.4)
activesupport (= 7.0.4)
activemodel-serializers-xml (1.0.2)
activemodel (> 5.x)
activesupport (> 5.x)
builder (~> 3.1)
activerecord (7.0.4)
activemodel (= 7.0.4)
activesupport (= 7.0.4)
activerecord-import (1.4.0)
activerecord (>= 4.2)
activestorage (7.0.4)
actionpack (= 7.0.4)
activejob (= 7.0.4)
activerecord (= 7.0.4)
activesupport (= 7.0.4)
marcel (~> 1.0)
mini_mime (>= 1.1.0)
activesupport (7.0.4)
concurrent-ruby (~> 1.0, >= 1.0.2)
i18n (>= 1.6, < 2)
minitest (>= 5.1)
tzinfo (~> 2.0)
addressable (2.8.1)
public_suffix (>= 2.0.2, < 6.0)
ahoy_email (1.1.1)
actionmailer (>= 5)
addressable (>= 2.3.2)
nokogiri
safely_block (>= 0.1.1)
anycable (1.2.3)
anycable-core (= 1.2.3)
grpc (~> 1.37)
anycable-core (1.2.3)
anyway_config (>= 2.1.0)
google-protobuf (>= 3.13)
anycable-rails (1.3.4)
actioncable (>= 6.0)
anycable (~> 1.2.0)
globalid
anyway_config (2.3.0)
ruby-next-core (>= 0.14.0)
apipie-rails (0.8.2)
actionpack (>= 5.0)
activesupport (>= 5.0)
arbre (1.5.0)
activesupport (>= 3.0.0, < 7.1)
ruby2_keywords (>= 0.0.2, < 1.0)
ast (2.4.2)
authtrail (0.4.3)
activerecord (>= 5.2)
railties (>= 5.2)
warden
autoprefixer-rails (10.4.7.0)
execjs (~> 2)
aws-eventstream (1.2.0)
aws-partitions (1.633.0)
aws-sdk-core (3.151.0)
aws-eventstream (~> 1, >= 1.0.2)
aws-partitions (~> 1, >= 1.525.0)
aws-sigv4 (~> 1.1)
jmespath (~> 1, >= 1.6.1)
aws-sdk-kms (1.58.0)
aws-sdk-core (~> 3, >= 3.127.0)
aws-sigv4 (~> 1.1)
aws-sdk-s3 (1.114.0)
aws-sdk-core (~> 3, >= 3.127.0)
aws-sdk-kms (~> 1)
aws-sigv4 (~> 1.4)
aws-sdk-transcribeservice (1.21.0)
aws-sdk-core (~> 3, >= 3.52.1)
aws-sigv4 (~> 1.1)
aws-sigv4 (1.5.1)
aws-eventstream (~> 1, >= 1.0.2)
axiom-types (0.1.1)
descendants_tracker (~> 0.0.4)
ice_nine (~> 0.11.0)
thread_safe (~> 0.3, >= 0.3.1)
barnes (0.0.9)
multi_json (~> 1)
statsd-ruby (~> 1.1)
bcrypt (3.1.18)
bcrypt_pbkdf (1.1.0)
benchmark-ips (2.10.0)
better_errors (2.9.1)
coderay (>= 1.0.0)
erubi (>= 1.0.0)
rack (>= 0.9.0)
bindex (0.8.1)
binding_of_caller (1.0.0)
debug_inspector (>= 0.0.1)
bootstrap (4.0.0.alpha5)
autoprefixer-rails (>= 6.0.3)
sass (>= 3.4.19)
brakeman (5.3.1)
browser (5.3.1)
bugsnag (6.24.2)
concurrent-ruby (~> 1.0)
builder (3.2.4)
bullet (7.0.3)
activesupport (>= 3.0.0)
uniform_notifier (~> 1.11)
byebug (11.1.3)
capybara (3.37.1)
addressable
matrix
mini_mime (>= 0.1.3)
nokogiri (~> 1.8)
rack (>= 1.6.0)
rack-test (>= 0.6.3)
regexp_parser (>= 1.5, < 3.0)
xpath (~> 3.2)
capybara-screenshot (1.0.26)
capybara (>= 1.0, < 4)
launchy
carrierwave (1.3.2)
activemodel (>= 4.0.0)
activesupport (>= 4.0.0)
mime-types (>= 1.16)
ssrf_filter (~> 1.0)
case_transform (0.2)
activesupport
cgi (0.3.6)
chart-js-rails (0.1.7)
railties (> 3.1)
childprocess (4.1.0)
choice (0.2.0)
coderay (1.1.3)
coercible (1.0.0)
descendants_tracker (~> 0.0.1)
coffee-rails (5.0.0)
coffee-script (>= 2.2.0)
railties (>= 5.2.0)
coffee-script (2.4.1)
coffee-script-source
execjs
coffee-script-source (1.12.2)
concurrent-ruby (1.1.10)
connection_pool (2.3.0)
counter_culture (3.2.1)
activerecord (>= 4.2)
activesupport (>= 4.2)
crack (0.4.5)
rexml
crass (1.0.6)
css_parser (1.12.0)
addressable
daemons (1.4.1)
database_cleaner (2.0.1)
database_cleaner-active_record (~> 2.0.0)
database_cleaner-active_record (2.0.1)
activerecord (>= 5.a)
database_cleaner-core (~> 2.0.0)
database_cleaner-core (2.0.1)
dead_end (4.0.0)
debug_inspector (1.1.0)
derailed (0.1.0)
derailed_benchmarks
derailed_benchmarks (2.1.2)
benchmark-ips (~> 2)
dead_end
get_process_mem (~> 0)
heapy (~> 0)
memory_profiler (>= 0, < 2)
mini_histogram (>= 0.3.0)
rack (>= 1)
rack-test
rake (> 10, < 14)
ruby-statistics (>= 2.1)
thor (>= 0.19, < 2)
descendants_tracker (0.0.4)
thread_safe (~> 0.3, >= 0.3.1)
devise (4.8.1)
bcrypt (~> 3.0)
orm_adapter (~> 0.1)
railties (>= 4.1.0)
responders
warden (~> 1.2.3)
devise_invitable (2.0.6)
actionmailer (>= 5.0)
devise (>= 4.6)
diff-lcs (1.5.0)
discard (1.2.1)
activerecord (>= 4.2, < 8)
docker-sync (1.0.4)
daemons (~> 1.4, >= 1.4.1)
dotenv (~> 2.8, >= 2.8.1)
gem_update_checker (~> 0.2.0, >= 0.2.0)
os (>= 1.0.0)
terminal-notifier (= 2.0.0)
thor (~> 1.2, >= 1.2.0)
domain_name (0.5.20190701)
unf (>= 0.0.5, < 1.0.0)
doorkeeper (5.6.0)
railties (>= 5)
dotenv (2.8.1)
draper (4.0.2)
actionpack (>= 5.0)
activemodel (>= 5.0)
activemodel-serializers-xml (>= 1.0)
activesupport (>= 5.0)
request_store (>= 1.0)
ruby2_keywords
ed25519 (1.3.0)
errbase (0.2.2)
erubi (1.11.0)
erubis (2.7.0)
excon (0.92.4)
execjs (2.8.1)
factory_bot (6.2.1)
activesupport (>= 5.0.0)
factory_bot_rails (6.2.0)
factory_bot (~> 6.2.0)
railties (>= 5.0.0)
faker (2.23.0)
i18n (>= 1.8.11, < 2)
faraday (1.10.2)
faraday-em_http (~> 1.0)
faraday-em_synchrony (~> 1.0)
faraday-excon (~> 1.1)
faraday-httpclient (~> 1.0)
faraday-multipart (~> 1.0)
faraday-net_http (~> 1.0)
faraday-net_http_persistent (~> 1.0)
faraday-patron (~> 1.0)
faraday-rack (~> 1.0)
faraday-retry (~> 1.0)
ruby2_keywords (>= 0.0.4)
faraday-em_http (1.0.0)
faraday-em_synchrony (1.0.0)
faraday-excon (1.1.0)
faraday-httpclient (1.0.1)
faraday-multipart (1.0.4)
multipart-post (~> 2)
faraday-net_http (1.0.1)
faraday-net_http_persistent (1.2.0)
faraday-patron (1.0.0)
faraday-rack (1.0.0)
faraday-retry (1.0.3)
faraday_middleware (1.2.0)
faraday (~> 1.0)
ffaker (2.21.0)
ffi (1.15.5)
figaro (1.2.0)
thor (>= 0.14.0, < 2)
flamegraph (0.9.5)
flipper (0.25.2)
flipper-active_record (0.25.2)
activerecord (>= 4.2, < 8)
flipper (~> 0.25.2)
fog-aws (3.15.0)
fog-core (~> 2.1)
fog-json (~> 1.1)
fog-xml (~> 0.1)
fog-core (2.3.0)
builder
excon (~> 0.71)
formatador (>= 0.2, < 2.0)
mime-types
fog-json (1.2.0)
fog-core
multi_json (~> 1.10)
fog-xml (0.1.4)
fog-core
nokogiri (>= 1.5.11, < 2.0.0)
font-awesome-rails (4.7.0.8)
railties (>= 3.2, < 8.0)
foreman (0.87.2)
formatador (1.1.0)
formtastic (4.0.0)
actionpack (>= 5.2.0)
formtastic_i18n (0.7.0)
foundation_emails (2.2.1.0)
friendly_id (5.4.2)
activerecord (>= 4.0.0)
gem_update_checker (0.2.0)
get_process_mem (0.2.7)
ffi (~> 1.0)
globalid (1.0.0)
activesupport (>= 5.0)
google-protobuf (3.21.9)
googleapis-common-protos-types (1.4.0)
google-protobuf (~> 3.14)
grpc (1.50.0)
google-protobuf (~> 3.21)
googleapis-common-protos-types (~> 1.0)
hal_presenter (1.7.0)
has_scope (0.8.0)
actionpack (>= 5.2)
activesupport (>= 5.2)
hashdiff (1.0.1)
hashie (5.0.0)
heapy (0.2.0)
thor
heroics (0.1.2)
erubis (~> 2.0)
excon
moneta
multi_json (>= 1.9.2)
webrick
htmlentities (4.3.4)
http-accept (1.7.0)
http-cookie (1.0.5)
domain_name (~> 0.5)
httparty (0.20.0)
mime-types (~> 3.0)
multi_xml (>= 0.5.2)
i18n (1.12.0)
concurrent-ruby (~> 1.0)
ice_nine (0.11.2)
inherited_resources (1.13.1)
actionpack (>= 5.2, < 7.1)
has_scope (~> 0.6)
railties (>= 5.2, < 7.1)
responders (>= 2, < 4)
inky-rb (1.4.2.0)
foundation_emails (~> 2)
nokogiri
interactor (3.1.2)
interception (0.5)
intercom (3.5.26)
jbuilder (2.11.5)
actionview (>= 5.0.0)
activesupport (>= 5.0.0)
jmespath (1.6.1)
jquery-rails (4.5.0)
rails-dom-testing (>= 1, < 3)
railties (>= 4.2.0)
thor (>= 0.14, < 2.0)
json (2.6.2)
json_matchers (0.11.1)
json_schema
json_schema (0.21.0)
jsonapi-renderer (0.2.2)
jwt (2.5.0)
kaminari (1.2.2)
activesupport (>= 4.1.0)
kaminari-actionview (= 1.2.2)
kaminari-activerecord (= 1.2.2)
kaminari-core (= 1.2.2)
kaminari-actionview (1.2.2)
actionview
kaminari-core (= 1.2.2)
kaminari-activerecord (1.2.2)
activerecord
kaminari-core (= 1.2.2)
kaminari-core (1.2.2)
launchy (2.5.0)
addressable (~> 2.7)
letter_opener (1.8.1)
launchy (>= 2.2, < 3)
lodash-rails (4.17.21)
railties (>= 3.1)
lograge (0.12.0)
actionpack (>= 4)
activesupport (>= 4)
railties (>= 4)
request_store (~> 1.0)
loofah (2.19.0)
crass (~> 1.0.2)
nokogiri (>= 1.5.9)
mail (2.7.1)
mini_mime (>= 0.1.1)
marcel (1.0.2)
matrix (0.4.2)
memory_profiler (1.0.0)
method_source (1.0.0)
mime-types (3.4.1)
mime-types-data (~> 3.2015)
mime-types-data (3.2022.0105)
mimemagic (0.4.3)
nokogiri (~> 1)
rake
mini_histogram (0.3.1)
mini_mime (1.1.2)
mini_portile2 (2.8.0)
minitest (5.16.3)
moneta (1.0.0)
multi_json (1.15.0)
multi_xml (0.6.0)
multipart-post (2.2.3)
net-imap (0.3.1)
net-protocol
net-pop (0.1.2)
net-protocol
net-protocol (0.1.3)
timeout
net-smtp (0.3.3)
net-protocol
net-ssh (7.0.1)
netrc (0.11.0)
nio4r (2.5.8)
nokogiri (1.13.9)
mini_portile2 (~> 2.8.0)
racc (~> 1.4)
oauth2 (2.0.9)
faraday (>= 0.17.3, < 3.0)
jwt (>= 1.0, < 3.0)
multi_xml (~> 0.5)
rack (>= 1.2, < 4)
snaky_hash (~> 2.0)
version_gem (~> 1.1)
octokit (4.25.1)
faraday (>= 1, < 3)
sawyer (~> 0.9)
omniauth (2.1.0)
hashie (>= 3.4.6)
rack (>= 2.2.3)
rack-protection
omniauth-oauth2 (1.8.0)
oauth2 (>= 1.4, < 3)
omniauth (~> 2.0)
omniauth-rails_csrf_protection (1.0.1)
actionpack (>= 4.2)
omniauth (~> 2.0)
omniauth-saml (2.1.0)
omniauth (~> 2.0)
ruby-saml (~> 1.12)
opentok (4.0.1)
activesupport (>= 2.0)
addressable (~> 2.3)
httparty (>= 0.18.0)
jwt (>= 1.5.6)
orm_adapter (0.5.0)
os (1.1.4)
paper_trail (13.0.0)
activerecord (>= 5.2)
request_store (~> 1.1)
paper_trail-association_tracking (2.2.1)
paper_trail (>= 12.0)
parallel (1.22.1)
parser (3.2.0.0)
ast (~> 2.4.1)
pg (1.4.3)
platform-api (3.5.0)
heroics (~> 0.1.1)
moneta (~> 1.0.0)
rate_throttle_client (~> 0.1.0)
premailer (1.17.0)
addressable
css_parser (>= 1.12.0)
htmlentities (>= 4.0.0)
premailer-rails (1.11.1)
actionmailer (>= 3)
premailer (~> 1.7, >= 1.7.9)
pry (0.14.1)
coderay (~> 1.1)
method_source (~> 1.0)
pry-rails (0.3.9)
pry (>= 0.10.4)
pry-rescue (1.5.2)
interception (>= 0.5)
pry (>= 0.12.0)
public_activity (2.0.2)
actionpack (>= 5.0.0)
activerecord (>= 5.0)
i18n (>= 0.5.0)
railties (>= 5.0.0)
public_suffix (5.0.0)
puma (5.6.5)
nio4r (~> 2.0)
racc (1.6.0)
rack (2.2.4)
rack-cors (1.1.1)
rack (>= 2.0.0)
rack-mini-profiler (3.0.0)
rack (>= 1.2.0)
rack-protection (2.2.2)
rack
rack-test (2.0.2)
rack (>= 1.3)
rack-timeout (0.6.3)
rails (7.0.4)
actioncable (= 7.0.4)
actionmailbox (= 7.0.4)
actionmailer (= 7.0.4)
actionpack (= 7.0.4)
actiontext (= 7.0.4)
actionview (= 7.0.4)
activejob (= 7.0.4)
activemodel (= 7.0.4)
activerecord (= 7.0.4)
activestorage (= 7.0.4)
activesupport (= 7.0.4)
bundler (>= 1.15.0)
railties (= 7.0.4)
rails-controller-testing (1.0.5)
actionpack (>= 5.0.1.rc1)
actionview (>= 5.0.1.rc1)
activesupport (>= 5.0.1.rc1)
rails-dom-testing (2.0.3)
activesupport (>= 4.2.0)
nokogiri (>= 1.6)
rails-erd (1.7.2)
activerecord (>= 4.2)
activesupport (>= 4.2)
choice (~> 0.2.0)
ruby-graphviz (~> 1.2)
rails-html-sanitizer (1.4.3)
loofah (~> 2.3)
rails_12factor (0.0.3)
rails_serve_static_assets
rails_stdout_logging
rails_layout (1.0.42)
rails_real_favicon (0.1.1)
json (>= 1.7, < 3)
rails
rubyzip (~> 2)
rails_same_site_cookie (0.1.9)
rack (>= 1.5)
user_agent_parser (~> 2.6)
rails_serve_static_assets (0.0.5)
rails_stdout_logging (0.0.5)
railties (7.0.4)
actionpack (= 7.0.4)
activesupport (= 7.0.4)
method_source
rake (>= 12.2)
thor (~> 1.0)
zeitwerk (~> 2.5)
rainbow (3.1.1)
rake (13.0.6)
ransack (3.2.1)
activerecord (>= 6.1.5)
activesupport (>= 6.1.5)
i18n
rate_throttle_client (0.1.2)
rb-fsevent (0.11.2)
rb-inotify (0.10.1)
ffi (~> 1.0)
recaptcha (5.12.3)
json
redis (5.0.4)
redis-client (>= 0.7.4)
redis-client (0.10.0)
connection_pool
redis-semaphore (0.3.1)
redis
regexp_parser (2.5.0)
request_store (1.5.1)
rack (>= 1.4)
responders (3.0.1)
actionpack (>= 5.0)
railties (>= 5.0)
rest-client (2.1.0)
http-accept (>= 1.7.0, < 2.0)
http-cookie (>= 1.0.2, < 2.0)
mime-types (>= 1.16, < 4.0)
netrc (~> 0.8)
rexml (3.2.5)
rmagick (4.2.6)
rspec (3.11.0)
rspec-core (~> 3.11.0)
rspec-expectations (~> 3.11.0)
rspec-mocks (~> 3.11.0)
rspec-core (3.11.0)
rspec-support (~> 3.11.0)
rspec-expectations (3.11.1)
diff-lcs (>= 1.2.0, < 2.0)
rspec-support (~> 3.11.0)
rspec-mocks (3.11.1)
diff-lcs (>= 1.2.0, < 2.0)
rspec-support (~> 3.11.0)
rspec-rails (5.1.2)
actionpack (>= 5.2)
activesupport (>= 5.2)
railties (>= 5.2)
rspec-core (~> 3.10)
rspec-expectations (~> 3.10)
rspec-mocks (~> 3.10)
rspec-support (~> 3.10)
rspec-retry (0.6.2)
rspec-core (> 3.3)
rspec-sqlimit (0.0.5)
activerecord (> 4.2, < 7.1)
rspec (~> 3.0)
rspec-support (3.11.1)
rspec_junit_formatter (0.5.1)
rspec-core (>= 2, < 4, != 2.12.0)
rubocop (1.36.0)
json (~> 2.3)
parallel (~> 1.10)
parser (>= 3.1.2.1)
rainbow (>= 2.2.2, < 4.0)
regexp_parser (>= 1.8, < 3.0)
rexml (>= 3.2.5, < 4.0)
rubocop-ast (>= 1.20.1, < 2.0)
ruby-progressbar (~> 1.7)
unicode-display_width (>= 1.4.0, < 3.0)
rubocop-ast (1.21.0)
parser (>= 3.1.1.0)
ruby-graphviz (1.2.5)
rexml
ruby-next-core (0.15.3)
ruby-progressbar (1.11.0)
ruby-saml (1.14.0)
nokogiri (>= 1.10.5)
rexml
ruby-statistics (3.0.0)
ruby2_keywords (0.0.5)
rubyzip (2.3.2)
safely_block (0.3.0)
errbase (>= 0.1.1)
sass (3.7.4)
sass-listen (~> 4.0.0)
sass-listen (4.0.0)
rb-fsevent (~> 0.9, >= 0.9.4)
rb-inotify (~> 0.9, >= 0.9.7)
sass-rails (6.0.0)
sassc-rails (~> 2.1, >= 2.1.1)
sassc (2.4.0)
ffi (~> 1.9)
sassc-rails (2.1.2)
railties (>= 4.0.0)
sassc (>= 2.0)
sprockets (> 3.0)
sprockets-rails
tilt
sawyer (0.9.2)
addressable (>= 2.3.5)
faraday (>= 0.17.3, < 3)
scenic (1.6.0)
activerecord (>= 4.0.0)
railties (>= 4.0.0)
scout_apm (5.3.3)
parser
seed_migration (1.2.3)
selectize-rails (0.12.6)
selenium-webdriver (4.4.0)
childprocess (>= 0.5, < 5.0)
rexml (~> 3.2, >= 3.2.5)
rubyzip (>= 1.2.2, < 3.0)
websocket (~> 1.0)
shoulda (4.0.0)
shoulda-context (~> 2.0)
shoulda-matchers (~> 4.0)
shoulda-context (2.0.0)
shoulda-matchers (4.5.1)
activesupport (>= 4.2.0)
sidekiq (6.5.5)
connection_pool (>= 2.2.2)
rack (~> 2.0)
redis (>= 4.5.0)
slim (4.1.0)
temple (>= 0.7.6, < 0.9)
tilt (>= 2.0.6, < 2.1)
slim-rails (3.5.1)
actionpack (>= 3.1)
railties (>= 3.1)
slim (>= 3.0, < 5.0)
snaky_hash (2.0.0)
hashie
version_gem (~> 1.1)
spring (4.0.0)
spring-commands-rspec (1.0.4)
spring (>= 0.9.1)
sprockets (4.1.1)
concurrent-ruby (~> 1.0)
rack (> 1, < 3)
sprockets-rails (3.4.2)
actionpack (>= 5.2)
activesupport (>= 5.2)
sprockets (>= 3.0.0)
sprockets_uglifier_with_source_maps (2.1.0)
sprockets-rails (~> 3.0)
uglifier (>= 2.5)
ssrf_filter (1.1.1)
stackprof (0.2.21)
statsd-ruby (1.5.0)
streamio-ffmpeg (3.0.2)
multi_json (~> 1.8)
temple (0.8.2)
terminal-notifier (2.0.0)
textacular (5.5.1)
activerecord (>= 5.0, < 7.1)
thor (1.2.1)
thread_safe (0.3.6)
tilt (2.0.11)
timecop (0.9.5)
timeout (0.3.0)
transloadit (2.0.1)
mime-types
multi_json
rest-client
tzinfo (2.0.5)
concurrent-ruby (~> 1.0)
uglifier (4.2.0)
execjs (>= 0.3.0, < 3)
unf (0.1.4)
unf_ext
unf_ext (0.0.8.2)
unicode-display_width (2.3.0)
uniform_notifier (1.16.0)
user_agent_parser (2.11.0)
vcr (6.1.0)
version_gem (1.1.1)
virtus (2.0.0)
axiom-types (~> 0.1)
coercible (~> 1.0)
descendants_tracker (~> 0.0, >= 0.0.3)
warden (1.2.9)
rack (>= 2.0.9)
web-console (3.7.0)
actionview (>= 5.0)
activemodel (>= 5.0)
bindex (>= 0.4.0)
railties (>= 5.0)
webdrivers (5.1.0)
nokogiri (~> 1.6)
rubyzip (>= 1.3.0)
selenium-webdriver (~> 4.0)
webmock (3.18.1)
addressable (>= 2.8.0)
crack (>= 0.3.2)
hashdiff (>= 0.4.0, < 2.0.0)
webrick (1.7.0)
websocket (1.2.9)
websocket-driver (0.7.5)
websocket-extensions (>= 0.1.0)
websocket-extensions (0.1.5)
xpath (3.2.0)
nokogiri (~> 1.8)
zeitwerk (2.6.6)
PLATFORMS
ruby
DEPENDENCIES
active_model_serializers (~> 0.10.0)
active_record_union
activeadmin
activerecord-import
ahoy_email (~> 1.1)
anycable-rails
apipie-rails
authtrail
autoprefixer-rails
aws-sdk-s3
aws-sdk-transcribeservice (= 1.21.0)
barnes
bcrypt_pbkdf
better_errors
binding_of_caller
bootstrap (= 4.0.0.alpha5)
brakeman
browser
bugsnag
bullet
byebug
capybara
capybara-screenshot
carrierwave (~> 1.0)
cgi
chart-js-rails
coffee-rails
counter_culture
database_cleaner
derailed
devise
devise_invitable
discard
docker-sync
doorkeeper
draper
ed25519
factory_bot_rails
faker
faraday
faraday_middleware
ffaker
figaro
flamegraph
flipper-active_record
fog-aws
font-awesome-rails
foreman
friendly_id
hal_presenter
httparty
inky-rb
interactor (~> 3.0)
intercom (~> 3.5.23)
jbuilder
jquery-rails
json_matchers
jwt
kaminari
launchy
letter_opener
lodash-rails
lograge
memory_profiler
mimemagic
multi_json
net-ssh
octokit (~> 4.0)
omniauth
omniauth-oauth2
omniauth-rails_csrf_protection
omniauth-saml
opentok (~> 4.0.0)
paper_trail
paper_trail-association_tracking
pg
platform-api
premailer-rails
pry-rails
pry-rescue
public_activity
puma
rack-cors
rack-mini-profiler
rack-timeout
rails
rails-assets-bootstrap-daterangepicker!
rails-assets-clipboard!
rails-assets-jcrop!
rails-assets-tether!
rails-controller-testing
rails-erd
rails_12factor
rails_layout
rails_real_favicon
rails_same_site_cookie
recaptcha
redis
redis-semaphore
responders
rmagick
rspec-rails
rspec-retry
rspec-sqlimit
rspec_junit_formatter
rubocop
rubyzip
sass-rails
scenic
scout_apm
seed_migration
selectize-rails (~> 0.12.4)
selenium-webdriver
shoulda
sidekiq
slim-rails
spring
spring-commands-rspec
sprockets_uglifier_with_source_maps
stackprof
streamio-ffmpeg (~> 3.0.2)
textacular
thor
timecop
transloadit
vcr
virtus
web-console (~> 3.0)
webdrivers
webmock
RUBY VERSION
ruby 3.1.3p185
BUNDLED WITH
2.3.22
nbulaj commented
Hey @thatandyrose . I think you're correct and this case was missed in original MR. Do you want to propose a MR to fix it?
thatandyrose commented
Hey @nbulaj , I'd LOVE to contribute, for sure. I'll get a MR/PR together and send it over. Thanks!