Refactor to split ApplicationSerializer into CredentialApplicationSer…

…ializer for /api/v1/apps and ApplicationSerializer for /api/v1/apps/verify_credentials
ThisIsMissEm · May 16, 2024 · 1b04819 · 1b04819
1 parent 150b2fa
commit 1b04819
Show file tree

Hide file tree

Showing 5 changed files with 13 additions and 12 deletions.
diff --git a/app/controllers/api/v1/apps/credentials_controller.rb b/app/controllers/api/v1/apps/credentials_controller.rb
@@ -4,6 +4,6 @@ class Api::V1::Apps::CredentialsController < Api::BaseController
   def show
     return doorkeeper_render_error unless valid_doorkeeper_token?
 
-    render json: doorkeeper_token.application, serializer: REST::ApplicationSerializer, fields: %i(name website vapid_key client_id scopes redirect_uris)
+    render json: doorkeeper_token.application, serializer: REST::ApplicationSerializer
   end
 end
diff --git a/app/controllers/api/v1/apps_controller.rb b/app/controllers/api/v1/apps_controller.rb
@@ -5,7 +5,7 @@ class Api::V1::AppsController < Api::BaseController
 
   def create
     @app = Doorkeeper::Application.create!(application_options)
-    render json: @app, serializer: REST::ApplicationSerializer
+    render json: @app, serializer: REST::CredentialApplicationSerializer
   end
 
   private

diff --git a/app/serializers/rest/application_serializer.rb b/app/serializers/rest/application_serializer.rb
@@ -2,7 +2,7 @@
 
 class REST::ApplicationSerializer < ActiveModel::Serializer
   attributes :id, :name, :website, :scopes, :redirect_uris,
-             :client_id, :client_secret
+             :client_id
 
   # NOTE: Deprecated in 4.3.0, needs to be removed in 5.0.0
   attribute :vapid_key
@@ -18,10 +18,6 @@ def client_id
     object.uid
   end
 
-  def client_secret
-    object.secret
-  end
-
   def website
     object.website.presence
   end

diff --git a/app/serializers/rest/credential_application_serializer.rb b/app/serializers/rest/credential_application_serializer.rb
@@ -0,0 +1,9 @@
+# frozen_string_literal: true
+
+class REST::CredentialApplicationSerializer < REST::ApplicationSerializer
+  attributes :client_secret
+
+  def client_secret
+    object.secret
+  end
+end
diff --git a/spec/requests/api/v1/apps/credentials_spec.rb b/spec/requests/api/v1/apps/credentials_spec.rb
@@ -38,11 +38,7 @@
 
         expect(response).to have_http_status(200)
 
-        expect(body_as_json).to_not match(
-          a_hash_including(
-            client_secret: token.application.secret
-          )
-        )
+        expect(body_as_json[:client_secret]).to_not be_present
       end
     end