Merge branch 'main' into gh-main

Author: pboling

README.md

@@ -24,6 +24,27 @@ This is a RubyGem for implementing OAuth 2.0 clients (not servers) in Ruby appli
 [sibling-gem]: https://gitlab.com/oauth-xx/oauth
 [doorkeeper-gem]: https://github.com/doorkeeper-gem/doorkeeper
 
+If this library has helped you, or your organization,
+please support my efforts by making a donation, becoming a sponsor, or giving me a shout on Mastodon.
+
+[![Liberapay Patrons][⛳liberapay-img]][⛳liberapay]
+[![Sponsor Me on Github][🖇sponsor-img]][🖇sponsor]
+
+<span class="badge-buymeacoffee">
+<a href="https://ko-fi.com/O5O86SNP4" target='_blank' title="Donate to my FLOSS or refugee efforts at ko-fi.com"><img src="https://img.shields.io/badge/buy%20me%20coffee-donate-yellow.svg" alt="Buy me coffee donation button" /></a>
+</span>
+<span class="badge-patreon">
+<a href="https://patreon.com/galtzo" title="Donate to my FLOSS or refugee efforts using Patreon"><img src="https://img.shields.io/badge/patreon-donate-yellow.svg" alt="Patreon donate button" /></a>
+</span>
+
+<a rel="me" alt="Follow me on Ruby.social" href="https://ruby.social/@galtzo"><img src="https://img.shields.io/mastodon/follow/109447111526622197?domain=https%3A%2F%2Fruby.social&style=social&label=Follow%20%40galtzo%20on%20Ruby.social"></a>
+<a rel="me" alt="Follow me on FLOSS.social" href="https://floss.social/@galtzo"><img src="https://img.shields.io/mastodon/follow/110304921404405715?domain=https%3A%2F%2Ffloss.social&style=social&label=Follow%20%40galtzo%20on%20Floss.social"></a>
+
+[⛳liberapay-img]: https://img.shields.io/liberapay/patrons/pboling.svg?logo=liberapay
+[⛳liberapay]: https://liberapay.com/pboling/donate
+[🖇sponsor-img]: https://img.shields.io/badge/Sponsor_Me!-pboling.svg?style=social&logo=github
+[🖇sponsor]: https://github.com/sponsors/pboling
+
 ## Release Documentation
 
 ### Version 2.0.x
@@ -310,7 +331,7 @@ See [SECURITY.md][🚎sec-pol]
 
 ### Global Configuration
 
-If you started seeing this warning, but everything it working fine, you can now silence it.
+If you started seeing this warning, but everything is working fine, you can now silence it.
 ```log
 OAuth2::AccessToken.from_hash: `hash` contained more than one 'token' key
 ```

lib/oauth2.rb

@@ -10,6 +10,7 @@
 
 # includes gem files
 require 'oauth2/version'
+require 'oauth2/filtered_attributes'
 require 'oauth2/error'
 require 'oauth2/authenticator'
 require 'oauth2/client'

lib/oauth2/access_token.rb

@@ -6,8 +6,11 @@ class AccessToken # rubocop:disable Metrics/ClassLength
     TOKEN_KEYS_SYM = %i[access_token id_token token accessToken idToken].freeze
     TOKEN_KEY_LOOKUP = TOKEN_KEYS_STR + TOKEN_KEYS_SYM
 
+    include FilteredAttributes
+
     attr_reader :client, :token, :expires_in, :expires_at, :expires_latency, :params
     attr_accessor :options, :refresh_token, :response
+    filtered_attributes :token, :refresh_token
 
     class << self
       # Initializes an AccessToken from a Hash

lib/oauth2/authenticator.rb

@@ -4,7 +4,10 @@
 
 module OAuth2
   class Authenticator
+    include FilteredAttributes
+
     attr_reader :mode, :id, :secret
+    filtered_attributes :secret
 
     def initialize(id, secret, mode)
       @id = id

lib/oauth2/client.rb

@@ -16,9 +16,12 @@ module OAuth2
   class Client # rubocop:disable Metrics/ClassLength
     RESERVED_PARAM_KEYS = %w[body headers params parse snaky].freeze
 
+    include FilteredAttributes
+
     attr_reader :id, :secret, :site
     attr_accessor :options
     attr_writer :connection
+    filtered_attributes :secret
 
     # Instantiate a new OAuth 2.0 client using the
     # Client ID and Client Secret registered to your

lib/oauth2/filtered_attributes.rb

@@ -0,0 +1,31 @@
+module OAuth2
+  module FilteredAttributes
+    def self.included(base)
+      base.extend(ClassMethods)
+    end
+
+    module ClassMethods
+      def filtered_attributes(*attributes)
+        @filtered_attribute_names = attributes.map(&:to_sym)
+      end
+
+      def filtered_attribute_names
+        @filtered_attribute_names || []
+      end
+    end
+
+    def inspect
+      filtered_attribute_names = self.class.filtered_attribute_names
+      return super if filtered_attribute_names.empty?
+
+      inspected_vars = instance_variables.map do |var|
+        if filtered_attribute_names.any? { |filtered_var| var.to_s.include?(filtered_var.to_s) }
+          "#{var}=[FILTERED]"
+        else
+          "#{var}=#{instance_variable_get(var).inspect}"
+        end
+      end
+      "#<#{self.class}:#{object_id} #{inspected_vars.join(', ')}>"
+    end
+  end
+end

spec/oauth2/access_token_spec.rb

@@ -741,4 +741,16 @@ def self.contains_token?(hash)
       expect(access_token.to_hash).to eq(hash)
     end
   end
+
+  describe '#inspect' do
+    let(:inspect_result) { described_class.new(nil, 'secret-token', { refresh_token: 'secret-refresh-token' }).inspect }
+
+    it 'filters out the @token value' do
+      expect(inspect_result).to include('@token=[FILTERED]')
+    end
+
+    it 'filters out the @refresh_token value' do
+      expect(inspect_result).to include('@refresh_token=[FILTERED]')
+    end
+  end
 end

spec/oauth2/authenticator_spec.rb

@@ -123,4 +123,10 @@
       end
     end
   end
+
+  describe '#inspect' do
+    it 'filters out the @secret value' do
+      expect(subject.inspect).to include('@secret=[FILTERED]')
+    end
+  end
 end

spec/oauth2/client_spec.rb

@@ -967,4 +967,10 @@ def stubbed_client(params = {}, &stubs)
       expect(subject.connection.builder.handlers).to include(Faraday::Request::UrlEncoded)
     end
   end
+
+  describe '#inspect' do
+    it 'filters out the @secret value' do
+      expect(subject.inspect).to include('@secret=[FILTERED]')
+    end
+  end
 end