From 745babb99f426dd8a6463267a14d0774bf67e19c Mon Sep 17 00:00:00 2001
From: Ransom Briggs <ransom.briggs@ezcater.com>
Date: Fri, 28 Jun 2024 10:04:43 -0500
Subject: [PATCH] Add Pragma: no-cache to token response

---
 lib/doorkeeper/oauth/token_response.rb | 1 +
 spec/lib/oauth/token_response_spec.rb  | 1 +
 spec/requests/endpoints/token_spec.rb  | 1 +
 3 files changed, 3 insertions(+)

diff --git a/lib/doorkeeper/oauth/token_response.rb b/lib/doorkeeper/oauth/token_response.rb
index a1d44b493..a31ba7c46 100644
--- a/lib/doorkeeper/oauth/token_response.rb
+++ b/lib/doorkeeper/oauth/token_response.rb
@@ -30,6 +30,7 @@ def headers
         {
           "Cache-Control" => "no-store, no-cache",
           "Content-Type" => "application/json; charset=utf-8",
+          "Pragma" => "no-cache",
         }
       end
     end
diff --git a/spec/lib/oauth/token_response_spec.rb b/spec/lib/oauth/token_response_spec.rb
index 70a7de0a0..f6afb8e37 100644
--- a/spec/lib/oauth/token_response_spec.rb
+++ b/spec/lib/oauth/token_response_spec.rb
@@ -8,6 +8,7 @@
   it "includes access token response headers" do
     headers = response.headers
     expect(headers.fetch("Cache-Control")).to eq("no-store, no-cache")
+    expect(headers.fetch("Pragma")).to eq("no-cache")
   end
 
   it "status is ok" do
diff --git a/spec/requests/endpoints/token_spec.rb b/spec/requests/endpoints/token_spec.rb
index 6c1a824bd..898af80b1 100644
--- a/spec/requests/endpoints/token_spec.rb
+++ b/spec/requests/endpoints/token_spec.rb
@@ -17,6 +17,7 @@
 
     expect(headers["Cache-Control"]).to be_in(["no-store", "no-cache, no-store", "private, no-store"])
     expect(headers["Content-Type"]).to eq("application/json; charset=utf-8")
+    expect(headers["Pragma"]).to eq("no-cache")
   end
 
   it "accepts client credentials with basic auth header" do