doorkeeper-gem · nbulaj · Nov 28, 2022 · Nov 6, 2022 · sealabcore · Nov 28, 2022
diff --git a/lib/doorkeeper/models/access_token_mixin.rb b/lib/doorkeeper/models/access_token_mixin.rb
@@ -212,7 +212,7 @@ def find_or_create_for(application:, resource_owner:, scopes:, **token_attribute
       # @return [Doorkeeper::AccessToken] new access token
       #
       def create_for(application:, resource_owner:, scopes:, **token_attributes)
-        token_attributes[:application_id] = application&.id
+        token_attributes[:application] = application
         token_attributes[:scopes] = scopes.to_s
 
         if Doorkeeper.config.polymorphic_resource_owner?

diff --git a/lib/doorkeeper/oauth/authorization/token.rb b/lib/doorkeeper/oauth/authorization/token.rb
@@ -59,8 +59,9 @@ def issue_token!
             resource_owner,
           )
 
+          application = pre_auth.client.is_a?(Doorkeeper::Application) ? pre_auth.client : pre_auth.client.application if pre_auth.client
           @token = Doorkeeper.config.access_token_model.find_or_create_for(
-            application: pre_auth.client,
+            application: application,
             resource_owner: resource_owner,
             scopes: pre_auth.scopes,
             expires_in: self.class.access_token_expires_in(Doorkeeper.config, context),

diff --git a/lib/doorkeeper/oauth/base_request.rb b/lib/doorkeeper/oauth/base_request.rb
@@ -28,8 +28,9 @@ def scopes
 
       def find_or_create_access_token(client, resource_owner, scopes, server)
         context = Authorization::Token.build_context(client, grant_type, scopes, resource_owner)
+        application = client.is_a?(Doorkeeper::Application) ? client : client.application if client
         @access_token = server_config.access_token_model.find_or_create_for(
-          application: client,
+          application: application,
           resource_owner: resource_owner,
           scopes: scopes,
           expires_in: Authorization::Token.access_token_expires_in(server, context),

diff --git a/lib/doorkeeper/oauth/client_credentials/creator.rb b/lib/doorkeeper/oauth/client_credentials/creator.rb
@@ -13,8 +13,9 @@ def call(client, scopes, attributes = {})
           end
 
           with_revocation(existing_token: existing_token) do
+            application = client.is_a?(Doorkeeper::Application) ? client : client.application if client
             server_config.access_token_model.create_for(
-              application: client,
+              application: application,
               resource_owner: nil,
               scopes: scopes,
               **attributes,

diff --git a/spec/lib/oauth/base_request_spec.rb b/spec/lib/oauth/base_request_spec.rb
@@ -18,7 +18,7 @@
            created_at: 0
   end
 
-  let(:client) { double :client, id: "1" }
+  let(:client) { Doorkeeper::Application.new(id: "1") }
 
   let(:scopes_array) { %w[public write] }
 

diff --git a/spec/lib/oauth/code_response_spec.rb b/spec/lib/oauth/code_response_spec.rb
@@ -4,9 +4,10 @@
 
 RSpec.describe Doorkeeper::OAuth::CodeResponse do
   let(:pre_auth) do
+    application = FactoryBot.create(:application, scopes: "")
     double(
       :pre_auth,
-      client: double(:application, id: 1),
+      client: application,
       redirect_uri: "http://tst.com/cb",
       state: "state",
       scopes: Doorkeeper::OAuth::Scopes.from_string("public"),