Skip to content
Snippets Groups Projects
Commit 45b62dfd authored by Toon Claes's avatar Toon Claes
Browse files

Make the exposing of the Application secret more explicit

To make it more clear to developers that the entity exposes the
application secret, define a separate entity that only should be used
when the secret is needed (probably only on creation).
parent d38faa30
No related branches found
No related tags found
No related merge requests found
Loading
Loading
@@ -6,7 +6,7 @@ module API
resource :applications do
desc 'Create a new application' do
detail 'This feature was introduced in GitLab 10.5'
success Entities::Application
success Entities::ApplicationWithSecret
end
params do
requires :name, type: String, desc: 'Application name'
Loading
Loading
@@ -17,7 +17,7 @@ module API
application = Doorkeeper::Application.new(declared_params)
 
if application.save
present application, with: Entities::Application
present application, with: Entities::ApplicationWithSecret
else
render_validation_error! application
end
Loading
Loading
Loading
Loading
@@ -1160,8 +1160,12 @@ module API
 
class Application < Grape::Entity
expose :uid, as: :application_id
expose :secret
expose :redirect_uri, as: :callback_url
end
# Use with care, this exposes the secret
class ApplicationWithSecret < Application
expose :secret
end
end
end
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment