Merge a7ab73f into 4b9f692

doorkeeper-jwt.gemspec

@@ -24,7 +24,7 @@ Gem::Specification.new do |spec|
 
   spec.add_dependency 'jwt', '~> 2.1'
 
-  spec.add_development_dependency 'bundler', '~> 1.16'
+  spec.add_development_dependency 'bundler', '>= 1.16', '< 3'
   spec.add_development_dependency 'pry', '~> 0'
   spec.add_development_dependency 'rake', '~> 12.3'
   spec.add_development_dependency 'rspec', '~> 3.8'

lib/doorkeeper/jwt.rb

@@ -61,14 +61,20 @@ def application_secret(opts)
           )
         end
 
-        if opts[:application][:secret].nil?
+        secret = if opts[:application].respond_to?(:plaintext_secret)
+                   opts[:application].plaintext_secret
+                 else
+                   opts[:application].secret
+                 end
+
+        if secret.nil?
           raise(
             'JWT `use_application_secret` is enabled, but the application' \
             ' secret is nil.'
           )
         end
 
-        opts[:application][:secret]
+        secret
       end
 
       def rsa_encryption?

spec/doorkeeper/jwt_spec.rb

@@ -207,27 +207,69 @@
       expect(decoded_token[1]['alg']).to eq 'ES512'
     end
 
-    it 'creates a signed JWT token encrypted with an app secret' do
-      secret_key = OpenSSL::PKey::RSA.new(1024)
+    context "when use_application_secret used" do
+      let(:secret_key) do
+        OpenSSL::PKey::RSA.new(1024)
+      end
 
-      described_class.configure do
-        use_application_secret true
+      let(:application) do
+        OpenStruct.new(secret: Digest::SHA256.digest(secret_key.to_s),
+                       plaintext_secret: secret_key)
+      end
 
-        token_payload do
-          { foo: 'bar' }
+      before do
+        described_class.configure do
+          use_application_secret true
+
+          token_payload do
+            { foo: "bar" }
+          end
+
+          encryption_method :rs512
         end
+      end
 
-        secret_key secret_key.to_s
-        encryption_method :rs512
+      it "creates a signed JWT token encrypted with an app secret", :aggregate_failures do
+        token = described_class.generate(application: application)
+        decoded_token = ::JWT.decode(token, secret_key, true, algorithm: "RS512")
+
+        expect(decoded_token[0]).to be_a(Hash)
+        expect(decoded_token[0]["foo"]).to eq "bar"
+        expect(decoded_token[1]).to be_a(Hash)
+        expect(decoded_token[1]["alg"]).to eq "RS512"
       end
+    end
 
-      token = described_class.generate(application: { secret: secret_key })
-      decoded_token = ::JWT.decode(token, secret_key, true, algorithm: 'RS512')
+    context "when use_application_secret used and Doorkeeper version < 5.1.0" do
+      let(:secret_key) do
+        OpenSSL::PKey::RSA.new(1024)
+      end
 
-      expect(decoded_token[0]).to be_a(Hash)
-      expect(decoded_token[0]['foo']).to eq 'bar'
-      expect(decoded_token[1]).to be_a(Hash)
-      expect(decoded_token[1]['alg']).to eq 'RS512'
+      let(:application) do
+        OpenStruct.new(secret: secret_key)
+      end
+
+      before do
+        described_class.configure do
+          use_application_secret true
+
+          token_payload do
+            { foo: "bar" }
+          end
+
+          encryption_method :rs512
+        end
+      end
+
+      it "creates a signed JWT token encrypted with an app secret", :aggregate_failures do
+        token = described_class.generate(application: application)
+        decoded_token = ::JWT.decode(token, secret_key, true, algorithm: "RS512")
+
+        expect(decoded_token[0]).to be_a(Hash)
+        expect(decoded_token[0]["foo"]).to eq "bar"
+        expect(decoded_token[1]).to be_a(Hash)
+        expect(decoded_token[1]["alg"]).to eq "RS512"
+      end
     end
   end
 end