Merge pull request #1712 from ransombriggs/add-pragma-no-cache-to-tok…

…en-response Add Pragma: no-cache to token response
doorkeeper-gem · Jul 10, 2024 · df14f0a · df14f0a
2 parents 1cd750b + 745babb
commit df14f0a
Show file tree

Hide file tree

Showing 3 changed files with 3 additions and 0 deletions.
diff --git a/lib/doorkeeper/oauth/token_response.rb b/lib/doorkeeper/oauth/token_response.rb
@@ -30,6 +30,7 @@ def headers
         {
           "Cache-Control" => "no-store, no-cache",
           "Content-Type" => "application/json; charset=utf-8",
+          "Pragma" => "no-cache",
         }
       end
     end

diff --git a/spec/lib/oauth/token_response_spec.rb b/spec/lib/oauth/token_response_spec.rb
@@ -8,6 +8,7 @@
   it "includes access token response headers" do
     headers = response.headers
     expect(headers.fetch("Cache-Control")).to eq("no-store, no-cache")
+    expect(headers.fetch("Pragma")).to eq("no-cache")
   end
 
   it "status is ok" do

diff --git a/spec/requests/endpoints/token_spec.rb b/spec/requests/endpoints/token_spec.rb
@@ -17,6 +17,7 @@
 
     expect(headers["Cache-Control"]).to be_in(["no-store", "no-cache, no-store", "private, no-store"])
     expect(headers["Content-Type"]).to eq("application/json; charset=utf-8")
+    expect(headers["Pragma"]).to eq("no-cache")
   end
 
   it "accepts client credentials with basic auth header" do