New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
With enable_application_owner, issuing a token with grant_type=client_credentials does not associate the token with the owner #1580
Comments
This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions. |
I was wondering the exact same thing here as per the oauth.com website mention:
|
This issue is coming from Doorkeeper.config.access_token_model.create_for(
application: application,
resource_owner: nil,
scopes: scopes,
**attributes,
) we should have something like Doorkeeper.config.access_token_model.create_for(
application: application,
resource_owner: Doorkeeper.config.enable_application_owner? ? application&.owner : nil,
scopes: scopes,
**attributes,
) |
This quote is correct: Access Tokens that are Client Credentials access resources on behalf of the client, and not a user. That is, even if the Application belongs to a user, the client credential only belongs to the application, not to the owner of that application. |
I stumbled upon this today, and it looks like a bug to me: What's the point of having an application owner if that's not for allowing to associate the application owner as a token resource owner when using client credentials? I agree the spec outlines that client credentials are used to access their own resources, but it doesn't mean much. OAuth applications do not have resources per-se. They typically belongs to someone/something (the owner), and the owner is the real resource owner. Typical usage is a website where a user can create an oauth application to access their data using client_credential flow, in a server to server scenario. If an api uses both class Api::TransactionsController < Api::BaseController
def index
@transactions = resource_owner.transactions
end
private
def resource_owner
if doorkeeper_token.resource_owner.present?
doorkeeper_token.resource_owner # token created using authorization_code
else
doorkeeper_token.application.owner # token created using client_credentials
end
end
end Maybe I'm missing something, happy to discuss |
The specifications for OAuth 2.0 are extremely clear here: client credentials act on behalf of the application, not the user. Unless you have resources that should only be access by the application, e.g., to manipulate the application registration, then you probably don't need the client_credentials grant type. The fact that an application may be owned by a user account doesn't mean the application should be granted full access to the creator's account through usage of client_credentials, and in fact, that'd be a major security issue potentially. |
@ThisIsMissEm Thank you for your answer, I'm ready to change my mind about this 🙂 Can you explain a bit what would be the security issue here, in the context of the example i gave: A user create an oauth app, owned only by them. App would be used only for server to server communications. And what would you recommend as an alternative? Access tokens used, similar to github personal tokens? |
Yes, you'd want to use access tokens for that purpose, if you really need to use OAuth at all for it. e.g., you don't have to wait until a 2-legged oauth flow to issue access tokens (or authorization grants) But client_credentials have a very specific purpose which is to access resources on behalf of the application, not the user. |
Steps to reproduce
enable_application_owner
in the config (I even enabled confirmation:enable_application_owner confirmation: true
)use_polymorphic_resource_owner
in the configCompany
in my case):Expected behavior
If an application is associated with a resource owner, then tokens created from this application should inherit the application's owner as its resource owner. Otherwise, how can one assign a resource owner to an access token when using the client_credentials grant type?
Actual behavior
The access token is not associated with the resource owner, see screenshot above.
Maybe I misunderstood something here, in that case please enlighten me.
System configuration
You can help us to understand your problem if you will share some very
useful information about your project environment (don't forget to
remove any confidential data if it exists).
Doorkeeper initializer:
Ruby version:
2.7.3p183
Gemfile.lock:
Gemfile.lock content
GIT remote: https://github.com/quorak/active_record-postgres-constraints.git revision: aa91422e869cdde215269214bc54e40f7f6fcd72 branch: support-rails-6.1 specs: active_record-postgres-constraints (0.2.3) pg rails (>= 5.0, <= 8.0)GIT
remote: https://github.com/quorak/array_enum.git
revision: bca5f44d1805989726a359ef63f7d35f6a5ec289
specs:
array_enum (1.2.0)
activemodel
GIT
remote: https://github.com/quorak/exception_notification.git
revision: fcbb970f96269efe0f34f77c0c5ce2b137bdc085
branch: quorak-patch-module_parent_name
specs:
exception_notification (4.4.0)
actionmailer (>= 4.0, < 7)
activesupport (>= 4.0, < 7)
GIT
remote: https://github.com/quorak/jbuilder_cache_multi.git
revision: b6cf2c7798b195f031fa7eb51dde1e17885d0d2f
specs:
jbuilder_cache_multi (0.1.0)
jbuilder (>= 1.5.0, < 3)
GEM
remote: https://rubygems.org/
specs:
action_policy (0.3.4)
actioncable (6.1.5.1)
actionpack (= 6.1.5.1)
activesupport (= 6.1.5.1)
nio4r (
> 2.0)> 2.5, >= 2.5.4)websocket-driver (>= 0.6.1)
actionmailbox (6.1.5.1)
actionpack (= 6.1.5.1)
activejob (= 6.1.5.1)
activerecord (= 6.1.5.1)
activestorage (= 6.1.5.1)
activesupport (= 6.1.5.1)
mail (>= 2.7.1)
actionmailer (6.1.5.1)
actionpack (= 6.1.5.1)
actionview (= 6.1.5.1)
activejob (= 6.1.5.1)
activesupport (= 6.1.5.1)
mail (
rails-dom-testing (
> 2.0)> 2.0, >= 2.0.9)actionpack (6.1.5.1)
actionview (= 6.1.5.1)
activesupport (= 6.1.5.1)
rack (
rack-test (>= 0.6.3)
rails-dom-testing (
> 2.0)> 1.0, >= 1.2.0)rails-html-sanitizer (
actiontext (6.1.5.1)
actionpack (= 6.1.5.1)
activerecord (= 6.1.5.1)
activestorage (= 6.1.5.1)
activesupport (= 6.1.5.1)
nokogiri (>= 1.8.5)
actionview (6.1.5.1)
activesupport (= 6.1.5.1)
builder (
> 3.1)> 1.4)erubi (
rails-dom-testing (
> 2.0)> 1.1, >= 1.2.0)rails-html-sanitizer (
active_model_validates_intersection_of (3.0.0)
activemodel (>= 5.0.0)
active_storage_validations (0.8.9)
rails (>= 5.2.0)
activejob (6.1.5.1)
activesupport (= 6.1.5.1)
globalid (>= 0.3.6)
activemodel (6.1.5.1)
activesupport (= 6.1.5.1)
activerecord (6.1.5.1)
activemodel (= 6.1.5.1)
activesupport (= 6.1.5.1)
activestorage (6.1.5.1)
actionpack (= 6.1.5.1)
activejob (= 6.1.5.1)
activerecord (= 6.1.5.1)
activesupport (= 6.1.5.1)
marcel (
> 1.0)> 1.0)mini_mime (>= 1.1.0)
activestorage-openstack (1.5.1)
fog-openstack (
marcel
rails (>= 5.2.2)
activesupport (6.1.5.1)
concurrent-ruby (
> 1.0, >= 1.0.2)> 2.0)i18n (>= 1.6, < 2)
minitest (>= 5.1)
tzinfo (
zeitwerk (
> 2.3)> 2.0)addressable (2.8.0)
public_suffix (>= 2.0.2, < 5.0)
ahoy_matey (3.2.0)
activesupport (>= 5)
device_detector
geocoder (>= 1.4.5)
safely_block (>= 0.2.1)
annotate (3.1.1)
activerecord (>= 3.2, < 7.0)
rake (>= 10.4, < 14.0)
ansi (1.5.0)
api-pagination (5.0.0)
ast (2.4.2)
azure-storage-blob (2.0.3)
azure-storage-common (
nokogiri (
> 1, >= 1.10.8)> 1.0)azure-storage-common (2.0.4)
faraday (
faraday_middleware (
> 1.0, >= 1.0.0.rc1)> 4.0)net-http-persistent (
nokogiri (
> 1, >= 1.10.8)> 2.0)babel-source (5.8.35)
babel-transpiler (0.7.0)
babel-source (>= 4.0, < 6)
execjs (
bcrypt (3.1.17)
better_html (1.0.16)
actionview (>= 4.0)
activesupport (>= 4.0)
ast (
> 2.0)> 1.4)erubi (
html_tokenizer (
> 0.0.6)> 1.0)parser (>= 2.4)
smart_properties
bindex (0.8.1)
biz (1.8.2)
clavius (
tzinfo
bootsnap (1.11.1)
msgpack (
> 1.2)> 1.11)brakeman (4.10.1)
builder (3.2.4)
bullet (7.0.1)
activesupport (>= 3.0.0)
uniform_notifier (
bundler-audit (0.9.0.1)
bundler (>= 1.2.0, < 3)
thor (
> 1.0)> 1.8)byebug (11.1.3)
cairo (1.17.5)
native-package-installer (>= 1.0.3)
pkg-config (>= 1.2.2)
red-colors
cairo-gobject (3.4.4)
cairo (>= 1.16.2)
glib2 (= 3.4.4)
capybara (3.36.0)
addressable
matrix
mini_mime (>= 0.1.3)
nokogiri (
rack (>= 1.6.0)
rack-test (>= 0.6.3)
regexp_parser (>= 1.5, < 3.0)
xpath (
> 3.2)> 1.1)chewy (7.2.5)
activesupport (>= 5.2)
elasticsearch (>= 7.12.0, < 7.14.0)
elasticsearch-dsl
childprocess (4.1.0)
chunky_png (1.4.0)
circuitbox (1.1.1)
activesupport
moneta
city-state (0.0.13)
rubyzip (
clavius (1.0.4)
coderay (1.1.3)
concurrent-ruby (1.1.10)
connection_pool (2.2.5)
countries (3.1.0)
i18n_data (
> 0.11.0)> 1.1)sixarm_ruby_unaccent (
unicode_utils (
> 1.4)> 3.0)country_select (4.0.0)
countries (
sort_alphabetical (
> 1.0)> 3.0)crass (1.0.6)
declarative (0.0.20)
deepl-rb (2.5.1)
device_detector (1.0.5)
devise (4.8.1)
bcrypt (
orm_adapter (
> 0.1)> 1.2.3)railties (>= 4.1.0)
responders
warden (
devise-jwt (0.9.0)
devise (
> 4.0)> 0.6)warden-jwt_auth (
devise_invitable (2.0.5)
actionmailer (>= 5.0)
devise (>= 4.6)
digest-crc (0.6.3)
rake (>= 12.0.0, < 14.0.0)
discard (1.2.0)
activerecord (>= 4.2, < 7)
docile (1.4.0)
domain_name (0.5.20190701)
unf (>= 0.0.5, < 1.0.0)
doorkeeper (5.5.4)
railties (>= 5)
dotenv (2.7.6)
dotenv-rails (2.7.6)
dotenv (= 2.7.6)
railties (>= 3.2)
dry-auto_inject (0.9.0)
dry-container (>= 0.3.4)
dry-configurable (0.15.0)
concurrent-ruby (
> 1.0)> 0.6)dry-core (
dry-container (0.9.0)
concurrent-ruby (
> 1.0)> 0.13, >= 0.13.0)dry-configurable (
dry-core (0.7.1)
concurrent-ruby (
> 1.0)> 1.0)dry-inflector (0.2.1)
dry-initializer (3.1.1)
dry-logic (1.2.0)
concurrent-ruby (
dry-core (
> 0.5, >= 0.5)> 1.0)dry-schema (1.9.1)
concurrent-ruby (
dry-configurable (
> 0.13, >= 0.13.0)> 0.5, >= 0.5)dry-core (
dry-initializer (
> 3.0)> 1.0)dry-logic (
dry-types (
> 1.5)> 1.0)dry-types (1.5.1)
concurrent-ruby (
dry-container (
> 0.3)> 0.5, >= 0.5)dry-core (
dry-inflector (
> 0.1, >= 0.1.2)> 1.0, >= 1.0.2)dry-logic (
dry-validation (1.8.0)
concurrent-ruby (
> 1.0)> 0.7, >= 0.7.1)dry-container (
dry-core (
> 0.5, >= 0.5)> 3.0)dry-initializer (
dry-schema (
> 1.9, >= 1.9.1)> 1.0)elastic-apm (4.1.0)
concurrent-ruby (
http (>= 3.0)
elasticsearch (7.13.3)
elasticsearch-api (= 7.13.3)
elasticsearch-transport (= 7.13.3)
elasticsearch-api (7.13.3)
multi_json
elasticsearch-dsl (0.1.10)
elasticsearch-transport (7.13.3)
faraday (
> 1)> 5.2.0)multi_json
errbase (0.2.1)
erubi (1.10.0)
et-orbi (1.2.7)
tzinfo
ethon (0.14.0)
ffi (>= 1.15.0)
excon (0.83.0)
execjs (2.8.1)
factory_bot (5.2.0)
activesupport (>= 4.2.0)
factory_bot_rails (5.2.0)
factory_bot (
railties (>= 4.2.0)
faker (2.18.0)
i18n (>= 1.6, < 2)
faraday (1.10.0)
faraday-em_http (
> 1.0)> 1.0)faraday-em_synchrony (
faraday-excon (
> 1.1)> 1.0)faraday-httpclient (
faraday-multipart (
> 1.0)> 1.0)faraday-net_http (
faraday-net_http_persistent (
> 1.0)> 1.0)faraday-patron (
faraday-rack (
> 1.0)> 1.0)faraday-retry (
ruby2_keywords (>= 0.0.4)
faraday-em_http (1.0.0)
faraday-em_synchrony (1.0.0)
faraday-excon (1.1.0)
faraday-httpclient (1.0.1)
faraday-multipart (1.0.3)
multipart-post (>= 1.2, < 3)
faraday-net_http (1.0.1)
faraday-net_http_persistent (1.2.0)
faraday-patron (1.0.0)
faraday-rack (1.0.0)
faraday-retry (1.0.3)
faraday_middleware (1.2.0)
faraday (
> 1.0)> 0.71)ffi (1.15.5)
ffi-compiler (1.0.1)
ffi (>= 1.0.0)
rake
fog-core (2.2.4)
builder
excon (
formatador (
> 0.2)> 1.10)mime-types
fog-json (1.2.0)
fog-core
multi_json (
fog-openstack (1.0.11)
fog-core (
> 2.1)> 1, >= 1.2.7)fog-json (>= 1.0)
ipaddress (>= 0.8)
formatador (0.3.0)
fugit (1.5.3)
et-orbi (
raabro (
> 1.4)> 2.5, >= 2.5.1)geocoder (1.6.7)
gio2 (3.4.4)
gobject-introspection (= 3.4.4)
glib2 (3.4.4)
native-package-installer (>= 1.0.3)
pkg-config (>= 1.3.5)
globalid (1.0.0)
activesupport (>= 5.0)
gobject-introspection (3.4.4)
glib2 (= 3.4.4)
google-apis-core (0.4.0)
addressable (
googleauth (>= 0.16.2, < 2.a)
httpclient (>= 2.8.1, < 3.a)
mini_mime (
> 1.0)> 3.0)representable (
retriable (>= 2.0, < 4.a)
rexml
webrick
google-apis-iamcredentials_v1 (0.5.0)
google-apis-core (>= 0.3, < 2.a)
google-apis-storage_v1 (0.5.0)
google-apis-core (>= 0.3, < 2.a)
google-cloud-core (1.6.0)
google-cloud-env (
> 1.0)> 1.0)google-cloud-errors (
google-cloud-env (1.5.0)
faraday (>= 0.17.3, < 2.0)
google-cloud-errors (1.1.0)
google-cloud-storage (1.32.0)
addressable (
> 2.5)> 0.4)digest-crc (
google-apis-iamcredentials_v1 (
> 0.1)> 0.1)google-apis-storage_v1 (
google-cloud-core (
> 1.6)> 1.0)googleauth (>= 0.16.2, < 2.a)
mini_mime (
googleauth (0.16.2)
faraday (>= 0.17.3, < 2.0)
jwt (>= 1.4, < 3.0)
memoist (
> 0.16)> 1.11)multi_json (
os (>= 0.9, < 2.0)
signet (
> 0.14)> 2.3)has_scope (0.8.0)
actionpack (>= 5.2)
activesupport (>= 5.2)
hashie (5.0.0)
health_bit (0.1.8)
rack
highline (2.0.3)
holidays (8.4.1)
html_tokenizer (0.0.7)
http (5.0.1)
addressable (
http-cookie (
> 1.0)> 2.2)http-form_data (
llhttp-ffi (
> 0.3.0)> 0.5)http-cookie (1.0.4)
domain_name (
http-form_data (2.3.0)
http_accept_language (2.1.1)
httparty (0.18.1)
mime-types (
> 3.0)> 1.0)multi_xml (>= 0.5.2)
httpclient (2.8.3)
i18n (1.11.0)
concurrent-ruby (
i18n-js (3.8.3)
i18n (>= 0.6.6)
i18n-tasks (1.0.11)
activesupport (>= 4.0.2)
ast (>= 2.1.0)
better_html (
> 1.0)> 0.6)erubi
highline (>= 2.0.0)
i18n
parser (>= 2.2.3.0)
rails-i18n
rainbow (>= 2.2.2, < 4.0)
terminal-table (>= 1.5.1)
i18n_data (0.11.0)
ice_cube (0.16.3)
image_processing (1.12.2)
mini_magick (>= 4.9.5, < 5)
ruby-vips (>= 2.0.17, < 3)
inherited_resources (1.13.0)
actionpack (>= 5.2, < 6.2)
has_scope (
railties (>= 5.2, < 6.2)
responders (>= 2, < 4)
ipaddress (0.8.3)
jbuilder (2.11.2)
activesupport (>= 5.0.0)
js-routes (1.4.14)
railties (>= 4)
jwt (2.3.0)
kaminari (1.2.1)
activesupport (>= 4.1.0)
kaminari-actionview (= 1.2.1)
kaminari-activerecord (= 1.2.1)
kaminari-core (= 1.2.1)
kaminari-actionview (1.2.1)
actionview
kaminari-core (= 1.2.1)
kaminari-activerecord (1.2.1)
activerecord
kaminari-core (= 1.2.1)
kaminari-core (1.2.1)
launchy (2.5.0)
addressable (
> 2.7)> 2.2)letter_opener (1.7.0)
launchy (
letter_opener_web (1.4.0)
actionmailer (>= 3.2)
letter_opener (
> 1.0)> 0.9, >= 0.9.4)railties (>= 3.2)
listen (3.1.5)
rb-fsevent (
rb-inotify (
> 0.9, >= 0.9.7)> 1.2)ruby_dep (
llhttp-ffi (0.3.1)
ffi-compiler (
> 1.0)> 13.0)rake (
lograge (0.11.2)
actionpack (>= 4)
activesupport (>= 4)
railties (>= 4)
request_store (
> 1.0)> 1.2)logstash-event (1.2.02)
logstash-logger (0.26.1)
logstash-event (
loofah (2.18.0)
crass (
> 1.0.2)> 3.2015)nokogiri (>= 1.5.9)
mail (2.7.1)
mini_mime (>= 0.1.1)
marcel (1.0.2)
matrix (0.4.2)
memoist (0.16.2)
method_source (1.0.0)
mime-types (3.3.1)
mime-types-data (
mime-types-data (3.2021.0225)
mini_magick (4.11.0)
mini_mime (1.1.2)
mini_portile2 (2.8.0)
minitest (5.15.0)
minitest-reporters (1.4.3)
ansi
builder
minitest (>= 5.0)
ruby-progressbar
minitest-retry (0.2.2)
minitest (>= 5.0)
minitest-stub_any_instance (1.0.2)
moneta (1.4.2)
mry (0.78.0.0)
rubocop (>= 0.41.0)
msgpack (1.5.1)
multi_json (1.15.0)
multi_xml (0.6.0)
multipart-post (2.1.1)
native-package-installer (1.1.1)
net-http-persistent (4.0.1)
connection_pool (
> 2.2)> 2.8.0)nio4r (2.5.8)
nokogiri (1.13.6)
mini_portile2 (
racc (
> 1.4)> 1.3)oauth2 (1.4.7)
faraday (>= 0.8, < 2.0)
jwt (>= 1.0, < 3.0)
multi_json (
multi_xml (
> 0.5)> 1.0)rack (>= 1.2, < 3)
oj (3.12.0)
olive_branch (4.0.0)
multi_json
rails (>= 4.0)
omniauth (1.9.1)
hashie (>= 3.4.6)
rack (>= 1.6.2, < 3)
omniauth-azure-oauth2 (0.0.10)
jwt (>= 1.0, < 3.0)
omniauth (
omniauth-oauth2 (
> 1.4)> 1.4)omniauth-linkedin-oauth2 (1.0.0)
omniauth-oauth2
omniauth-oauth2 (1.7.1)
oauth2 (
omniauth (>= 1.9, < 3)
omniauth-rails_csrf_protection (0.1.2)
actionpack (>= 4.2)
omniauth (>= 1.3.1)
operator_recordable (1.0.0)
activerecord (>= 5.0)
orm_adapter (0.5.0)
os (1.1.1)
paper_trail (11.1.0)
activerecord (>= 5.2)
request_store (
> 1.1)> 2.4.1)parallel (1.20.1)
parser (3.0.1.1)
ast (
pg (1.2.3)
pg_search (2.3.5)
activerecord (>= 5.2)
activesupport (>= 5.2)
pkg-config (1.4.6)
poppler (3.4.4)
cairo-gobject (= 3.4.4)
gio2 (= 3.4.4)
posthog-ruby (1.2.0)
pretender (0.4.0)
actionpack (>= 5.2)
pry (0.14.1)
coderay (
> 1.1)> 1.0)method_source (
public_suffix (4.0.7)
puma (5.6.4)
nio4r (
> 2.0)> 2.3)pundit (2.1.0)
activesupport (>= 3.0.0)
raabro (1.4.0)
racc (1.6.0)
rack (2.2.4)
rack-proxy (0.7.0)
rack
rack-test (2.0.2)
rack (>= 1.3)
rails (6.1.5.1)
actioncable (= 6.1.5.1)
actionmailbox (= 6.1.5.1)
actionmailer (= 6.1.5.1)
actionpack (= 6.1.5.1)
actiontext (= 6.1.5.1)
actionview (= 6.1.5.1)
activejob (= 6.1.5.1)
activemodel (= 6.1.5.1)
activerecord (= 6.1.5.1)
activestorage (= 6.1.5.1)
activesupport (= 6.1.5.1)
bundler (>= 1.15.0)
railties (= 6.1.5.1)
sprockets-rails (>= 2.0.0)
rails-dom-testing (2.0.3)
activesupport (>= 4.2.0)
nokogiri (>= 1.6)
rails-html-sanitizer (1.4.3)
loofah (
rails-i18n (6.0.0)
i18n (>= 0.7, < 2)
railties (>= 6.0.0, < 7)
railties (6.1.5.1)
actionpack (= 6.1.5.1)
activesupport (= 6.1.5.1)
method_source
rake (>= 12.2)
thor (
> 1.0)> 1.0)rainbow (3.0.0)
rake (13.0.6)
rb-fsevent (0.11.0)
rb-inotify (0.10.1)
ffi (
react-rails (2.6.2)
babel-transpiler (>= 0.7.0)
connection_pool
execjs
railties (>= 3.2)
tilt
red-colors (0.3.0)
matrix
redis (4.6.0)
redis-namespace (1.8.1)
redis (>= 3.0.4)
regexp_parser (2.3.0)
representable (3.1.1)
declarative (< 0.1.0)
trailblazer-option (>= 0.1.1, < 0.2.0)
uber (< 0.2.0)
request_store (1.5.0)
rack (>= 1.4)
request_store-sidekiq (0.1.0)
request_store (>= 1.3)
sidekiq (>= 3.0)
responders (3.0.1)
actionpack (>= 5.0)
railties (>= 5.0)
retriable (3.1.2)
rexml (3.2.5)
rqrcode (1.2.0)
chunky_png (
> 1.0)> 0.2)rqrcode_core (
rqrcode_core (0.2.0)
rubocop (0.91.1)
parallel (
> 1.10)> 1.7)parser (>= 2.7.1.1)
rainbow (>= 2.2.2, < 4.0)
regexp_parser (>= 1.7)
rexml
rubocop-ast (>= 0.4.0, < 1.0)
ruby-progressbar (
unicode-display_width (>= 1.4.0, < 2.0)
rubocop-ast (0.8.0)
parser (>= 2.7.1.5)
rubocop-minitest (0.13.0)
rubocop (>= 0.90, < 2.0)
rubocop-performance (1.10.2)
rubocop (>= 0.90.0, < 2.0)
rubocop-ast (>= 0.4.0)
rubocop-rails (2.9.1)
activesupport (>= 4.2.0)
rack (>= 1.1)
rubocop (>= 0.90.0, < 2.0)
rubocop-thread_safety (0.4.2)
rubocop (>= 0.53.0)
ruby-graphviz (1.2.5)
rexml
ruby-progressbar (1.11.0)
ruby-vips (2.1.4)
ffi (
> 1.12)> 4.0.0)ruby2_keywords (0.0.5)
ruby_dep (1.5.0)
rubyzip (1.3.0)
safely_block (0.3.0)
errbase (>= 0.1.1)
sass (3.7.4)
sass-listen (
sass-listen (4.0.0)
rb-fsevent (
> 0.9, >= 0.9.4)> 0.9, >= 0.9.7)rb-inotify (
sass-rails (5.1.0)
railties (>= 5.2.0)
sass (
> 3.1)> 3.2, >= 3.2.5)sprockets (>= 2.8, < 4.0)
sprockets-rails (>= 2.0, < 4.0)
tilt (>= 1.1, < 3)
selenium-webdriver (4.1.0)
childprocess (>= 0.5, < 5.0)
rexml (
rubyzip (>= 1.2.2)
semantic_range (3.0.0)
sentry-rails (4.5.2)
railties (>= 5.0)
sentry-ruby-core (
> 4.5.0)> 1.0, >= 1.0.2)sentry-ruby (4.5.2)
concurrent-ruby (
faraday (>= 1.0)
sentry-ruby-core (= 4.5.2)
sentry-ruby-core (4.5.2)
concurrent-ruby
faraday
sentry-sidekiq (4.5.2)
sentry-ruby-core (
> 4.5.0)> 2.0)sidekiq (6.4.2)
connection_pool (>= 2.2.2)
rack (
redis (>= 4.2.0)
sidekiq-cron (1.3.0)
fugit (>= 1.1)
sidekiq (>= 4.2.1)
sidekiq_alive (2.1.5)
sidekiq
webrick
signet (0.15.0)
addressable (
> 2.3)> 1.10)faraday (>= 0.17.3, < 2.0)
jwt (>= 1.5, < 3.0)
multi_json (
simple_form (5.1.0)
actionpack (>= 5.2)
activemodel (>= 5.2)
simplecov (0.21.2)
docile (
> 1.1)> 0.11)simplecov-html (
simplecov_json_formatter (
> 0.1)> 0.19)simplecov-cobertura (2.1.0)
rexml
simplecov (
simplecov-html (0.12.3)
simplecov_json_formatter (0.1.4)
sixarm_ruby_unaccent (1.2.0)
slack-notifier (2.4.0)
smart_properties (1.17.0)
sort_alphabetical (1.1.0)
unicode_utils (>= 1.2.2)
spring (2.1.1)
spring-watcher-listen (2.0.1)
listen (>= 2.7, < 4.0)
spring (>= 1.2, < 3.0)
sprockets (3.7.2)
concurrent-ruby (
> 1.0)> 5.2)rack (> 1, < 3)
sprockets-rails (3.4.2)
actionpack (>= 5.2)
activesupport (>= 5.2)
sprockets (>= 3.0.0)
state_machines (0.5.0)
state_machines-activemodel (0.8.0)
activemodel (>= 5.1)
state_machines (>= 0.5.0)
state_machines-activerecord (0.8.0)
activerecord (>= 5.1)
state_machines-activemodel (>= 0.8.0)
state_machines-graphviz (0.0.2)
ruby-graphviz
state_machines
terminal-table (3.0.2)
unicode-display_width (>= 1.1.1, < 3)
thor (1.2.1)
tilt (2.0.10)
trailblazer-option (0.1.1)
ts_routes (1.0.3)
railties (>= 4.0)
turbolinks (5.2.1)
turbolinks-source (
turbolinks-source (5.2.0)
typhoeus (1.4.0)
ethon (>= 0.9.0)
tzinfo (2.0.4)
concurrent-ruby (
> 1.0)> 0.8)tzinfo-data (1.2021.1)
tzinfo (>= 1.0.0)
uber (0.1.0)
unf (0.1.4)
unf_ext
unf_ext (0.0.7.7)
unicode-display_width (1.7.0)
unicode_utils (1.4.0)
uniform_notifier (1.16.0)
warden (1.2.9)
rack (>= 2.0.9)
warden-jwt_auth (0.6.0)
dry-auto_inject (
dry-configurable (
> 0.13)> 2.1)jwt (
warden (
> 1.2)> 1.6)web-console (4.1.0)
actionview (>= 6.0.0)
activemodel (>= 6.0.0)
bindex (>= 0.4.0)
railties (>= 6.0.0)
webdrivers (5.0.0)
nokogiri (
rubyzip (>= 1.3.0)
selenium-webdriver (
> 4.0)> 1.8)webpacker (5.4.0)
activesupport (>= 5.2)
rack-proxy (>= 0.6.1)
railties (>= 5.2)
semantic_range (>= 2.3.0)
webrick (1.7.0)
websocket-driver (0.7.5)
websocket-extensions (>= 0.1.0)
websocket-extensions (0.1.5)
with_advisory_lock (4.6.0)
activerecord (>= 4.2)
xpath (3.2.0)
nokogiri (
zeitwerk (2.6.0)
PLATFORMS
ruby
DEPENDENCIES
action_policy (
> 0.3.2)> 0.8.5)active_model_validates_intersection_of
active_record-postgres-constraints!
active_storage_validations (
activestorage-openstack (
> 1.4)> 3.0)ahoy_matey (
annotate
api-pagination (
> 5.0)> 2.0)array_enum!
azure-storage-blob (
biz
bootsnap (>= 1.4.2)
brakeman (
> 4.10.0)> 7.2)bullet
bundler-audit
byebug
capybara (>= 2.15)
chewy (
circuitbox (
> 1.1)> 4.0)city-state (= 0.0.13)
country_select (
deepl-rb
devise (
> 4.7)> 2.0)devise-jwt
devise_invitable (
discard (
> 1.2)> 5.5)doorkeeper (
dotenv-rails
dry-validation (
> 1.5)> 5.2.0)elastic-apm
exception_notification!
factory_bot_rails (
faker
google-cloud-storage (
> 1.11)> 2.1)has_scope
health_bit
holidays
http_accept_language (
httparty
i18n-js
i18n-tasks (
> 1.0)> 0.16.3)ice_cube (
image_processing (
> 1.9)> 1.11)inherited_resources (
jbuilder (
> 2.7)> 1.4.14)jbuilder_cache_multi!
js-routes (
kaminari
letter_opener_web
listen (>= 3.0.5, < 3.2)
lograge
logstash-event
logstash-logger
minitest (= 5.15.0)
minitest-reporters
minitest-retry
minitest-stub_any_instance
mry
multi_json (
> 1.11)> 1.9)oj
olive_branch
omniauth (
omniauth-azure-oauth2 (
> 0.0.10)> 0.1)omniauth-linkedin-oauth2
omniauth-rails_csrf_protection (
operator_recordable
paper_trail (
> 11.1)> 3.4)pg
pg_search
poppler (
posthog-ruby
pretender (
> 0.4.0)> 2.1)pry
puma (>= 5.6.4)
pundit (
rails (
> 6.1)> 6.0)rails-i18n (
react-rails (
> 2.6)> 4.1)redis (
redis-namespace (
> 1.8)> 1.5)request_store (
request_store-sidekiq (
> 0.1.0)> 3.0)responders (
rqrcode (
> 1.1)> 0.91.1)rubocop (
rubocop-minitest
rubocop-performance
rubocop-rails
rubocop-thread_safety
sass-rails (
> 5)> 6.4)sentry-rails
sentry-ruby
sentry-sidekiq
sidekiq (
sidekiq-cron (
> 1.1)> 2.0)sidekiq_alive (
simple_form
simplecov-cobertura
slack-notifier
spring
spring-watcher-listen (
> 2.0.0)> 0.8.0)state_machines-activerecord (
state_machines-graphviz
ts_routes (
> 1.0)> 5)turbolinks (
typhoeus
tzinfo-data
web-console (>= 3.3.0)
webdrivers
webpacker (
> 5.0)> 4.6)with_advisory_lock (
RUBY VERSION
ruby 2.7.3p183
BUNDLED WITH
2.2.32
The text was updated successfully, but these errors were encountered: