aca-omniauth-jwt 1.1.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +7 -0
- data/.gitignore +18 -0
- data/.rspec +2 -0
- data/.travis.yml +6 -0
- data/Gemfile +8 -0
- data/Guardfile +8 -0
- data/LICENSE.txt +22 -0
- data/README.md +85 -0
- data/Rakefile +6 -0
- data/ci/deploy-gems.sh +11 -0
- data/lib/omniauth/jwt.rb +2 -0
- data/lib/omniauth/jwt/version.rb +5 -0
- data/lib/omniauth/strategies/jwt.rb +128 -0
- data/omniauth-jwt.gemspec +31 -0
- data/spec/lib/omniauth/strategies/jwt_spec.rb +96 -0
- data/spec/spec_helper.rb +24 -0
- metadata +189 -0
checksums.yaml
ADDED
@@ -0,0 +1,7 @@
|
|
1
|
+
---
|
2
|
+
SHA1:
|
3
|
+
metadata.gz: '09f6de0ede8105d2426f6d8abb8d508bd6222398'
|
4
|
+
data.tar.gz: 7c4a412cb5b4d430f5c3c3736b810b25082715f0
|
5
|
+
SHA512:
|
6
|
+
metadata.gz: 89fe9813930f8370574d236b50b039bc96226f28b7295ca060b6519808e9b83e19104fd06af07218d371281152751279d29273b2e33cb1470aa152584935698a
|
7
|
+
data.tar.gz: e6af4d1cfa5eab2aed18b6b4a2091830cac6356e236e78c5355f508ae98404050b60771d69ff5ec0ae57e81c86b2d9bed31e4da99269121bb138b34700f9f4a5
|
data/.gitignore
ADDED
data/.rspec
ADDED
data/.travis.yml
ADDED
data/Gemfile
ADDED
data/Guardfile
ADDED
data/LICENSE.txt
ADDED
@@ -0,0 +1,22 @@
|
|
1
|
+
Copyright (c) 2013 Michael Bleigh
|
2
|
+
|
3
|
+
MIT License
|
4
|
+
|
5
|
+
Permission is hereby granted, free of charge, to any person obtaining
|
6
|
+
a copy of this software and associated documentation files (the
|
7
|
+
"Software"), to deal in the Software without restriction, including
|
8
|
+
without limitation the rights to use, copy, modify, merge, publish,
|
9
|
+
distribute, sublicense, and/or sell copies of the Software, and to
|
10
|
+
permit persons to whom the Software is furnished to do so, subject to
|
11
|
+
the following conditions:
|
12
|
+
|
13
|
+
The above copyright notice and this permission notice shall be
|
14
|
+
included in all copies or substantial portions of the Software.
|
15
|
+
|
16
|
+
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
|
17
|
+
EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
|
18
|
+
MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
|
19
|
+
NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
|
20
|
+
LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
|
21
|
+
OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
|
22
|
+
WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
|
data/README.md
ADDED
@@ -0,0 +1,85 @@
|
|
1
|
+
# OmniAuth::JWT
|
2
|
+
|
3
|
+
[![Build Status](https://travis-ci.org/mbleigh/omniauth-jwt.png)](https://travis-ci.org/mbleigh/omniauth-jwt)
|
4
|
+
|
5
|
+
[JSON Web Token](http://self-issued.info/docs/draft-ietf-oauth-json-web-token.html) (JWT) is a simple
|
6
|
+
way to send verified information between two parties online. This can be useful as a mechanism for
|
7
|
+
providing Single Sign-On (SSO) to an application by allowing an authentication server to send a validated
|
8
|
+
claim and log the user in. This is how [Zendesk does SSO](https://support.zendesk.com/entries/23675367-Setting-up-single-sign-on-with-JWT-JSON-Web-Token-),
|
9
|
+
for example.
|
10
|
+
|
11
|
+
OmniAuth::JWT provides a clean, simple wrapper on top of JWT so that you can easily implement this kind
|
12
|
+
of SSO either between your own applications or allow third parties to delegate authentication.
|
13
|
+
|
14
|
+
## Installation
|
15
|
+
|
16
|
+
Add this line to your application's Gemfile:
|
17
|
+
|
18
|
+
gem 'omniauth-jwt'
|
19
|
+
|
20
|
+
And then execute:
|
21
|
+
|
22
|
+
$ bundle
|
23
|
+
|
24
|
+
Or install it yourself as:
|
25
|
+
|
26
|
+
$ gem install omniauth-jwt
|
27
|
+
|
28
|
+
## Usage
|
29
|
+
|
30
|
+
You use OmniAuth::JWT just like you do any other OmniAuth strategy:
|
31
|
+
|
32
|
+
```ruby
|
33
|
+
use OmniAuth::JWT, 'SHAREDSECRET', auth_url: 'http://example.com/login'
|
34
|
+
```
|
35
|
+
|
36
|
+
The first parameter is the shared secret that will be used by the external authenticator to verify
|
37
|
+
that. You must also specify the `auth_url` option to tell the strategy where to redirect to log
|
38
|
+
in. Other available options are:
|
39
|
+
|
40
|
+
* **algorithm:** the algorithm to use to decode the JWT token. This is `HS256` by default but can
|
41
|
+
be set to anything supported by [ruby-jwt](https://github.com/progrium/ruby-jwt)
|
42
|
+
* **uid_claim:** this determines which claim will be used to uniquely identify the user. Defaults
|
43
|
+
to `email`
|
44
|
+
* **required_claims:** array of claims that are required to make this a valid authentication call.
|
45
|
+
Defaults to `['name', 'email']`
|
46
|
+
* **info_map:** array mapping claim values to info hash values. Defaults to mapping `name` and `email`
|
47
|
+
to the same in the info hash.
|
48
|
+
* **valid_within:** integer of how many seconds of time skew you will allow. Defaults to `nil`. If this
|
49
|
+
is set, the `iat` claim becomes required and must be within the specified number of seconds of the
|
50
|
+
current time. This helps to prevent replay attacks.
|
51
|
+
|
52
|
+
### Authentication Process
|
53
|
+
|
54
|
+
When you authenticate through `omniauth-jwt` you can send users to `/auth/jwt` and it will redirect
|
55
|
+
them to the URL specified in the `auth_url` option. From there, the provider must generate a JWT
|
56
|
+
and send it to the `/auth/jwt/callback` URL as a "jwt" parameter:
|
57
|
+
|
58
|
+
/auth/jwt/callback?jwt=ENCODEDJWTGOESHERE
|
59
|
+
|
60
|
+
An example of how to do that in Sinatra:
|
61
|
+
|
62
|
+
```ruby
|
63
|
+
require 'jwt'
|
64
|
+
|
65
|
+
get '/login/sso/other-app' do
|
66
|
+
# assuming the user is already logged in and this is available as current_user
|
67
|
+
claims = {
|
68
|
+
id: current_user.id,
|
69
|
+
name: current_user.name,
|
70
|
+
email: current_user.email,
|
71
|
+
iat: Time.now.to_i
|
72
|
+
}
|
73
|
+
|
74
|
+
payload = JWT.encode(claims, ENV['SSO_SECRET'])
|
75
|
+
redirect "http://other-app.com/auth/jwt/callback?jwt=#{payload}"
|
76
|
+
end
|
77
|
+
```
|
78
|
+
|
79
|
+
## Contributing
|
80
|
+
|
81
|
+
1. Fork it
|
82
|
+
2. Create your feature branch (`git checkout -b my-new-feature`)
|
83
|
+
3. Commit your changes (`git commit -am 'Add some feature'`)
|
84
|
+
4. Push to the branch (`git push origin my-new-feature`)
|
85
|
+
5. Create new Pull Request
|
data/Rakefile
ADDED
data/ci/deploy-gems.sh
ADDED
data/lib/omniauth/jwt.rb
ADDED
@@ -0,0 +1,128 @@
|
|
1
|
+
require 'omniauth'
|
2
|
+
require 'jwt'
|
3
|
+
require 'json'
|
4
|
+
require 'uv-rays'
|
5
|
+
|
6
|
+
module OmniAuth
|
7
|
+
module Strategies
|
8
|
+
VivantApi = UV::HttpEndpoint.new('https://api.internationaltowers.com')
|
9
|
+
|
10
|
+
class JWT
|
11
|
+
class ClaimInvalid < StandardError; end
|
12
|
+
|
13
|
+
include OmniAuth::Strategy
|
14
|
+
|
15
|
+
args [:app_token, :secret]
|
16
|
+
|
17
|
+
option :title, 'Vivant Authentication'
|
18
|
+
option :app_token, nil
|
19
|
+
option :secret, nil
|
20
|
+
option :algorithm, 'HS256'
|
21
|
+
option :uid_claim, 'id'
|
22
|
+
option :required_claims, %w(firstName lastName email)
|
23
|
+
option :info_map, {"name" => proc { |raw| "#{raw['firstName']} #{raw['lastName']}" }, "email" => "email"}
|
24
|
+
option :auth_url, nil
|
25
|
+
option :valid_within, nil
|
26
|
+
|
27
|
+
|
28
|
+
def request_phase
|
29
|
+
f = OmniAuth::Form.new(:title => (options[:title] || "LDAP Authentication"), :url => callback_path)
|
30
|
+
f.text_field 'Login', 'username'
|
31
|
+
f.password_field 'Password', 'password'
|
32
|
+
f.button "Sign In"
|
33
|
+
f.to_response
|
34
|
+
end
|
35
|
+
|
36
|
+
attr_reader :decoded
|
37
|
+
|
38
|
+
def callback_phase
|
39
|
+
return fail!(:missing_credentials) if missing_credentials?
|
40
|
+
|
41
|
+
if params['token'] && !params['token'].empty?
|
42
|
+
parse_token(params['token'])
|
43
|
+
super
|
44
|
+
else
|
45
|
+
req = JSON.generate({
|
46
|
+
username: params['username'],
|
47
|
+
password: params['password'],
|
48
|
+
appToken: options.app_token
|
49
|
+
})
|
50
|
+
|
51
|
+
response = VivantApi.post(path: options.auth_url, body: req, headers: {
|
52
|
+
'content-type' => 'application/json',
|
53
|
+
'Authorization' => "Bearer #{options.app_token}"
|
54
|
+
}).value
|
55
|
+
|
56
|
+
if response.status == 200
|
57
|
+
response = JSON.parse(response.body)
|
58
|
+
parse_token(response['userToken'])
|
59
|
+
puts "\n\ntoken: #{response['userToken']}\n\n"
|
60
|
+
super
|
61
|
+
else
|
62
|
+
fail! :invalid_credentials
|
63
|
+
end
|
64
|
+
end
|
65
|
+
rescue ClaimInvalid => e
|
66
|
+
fail! :claim_invalid, e
|
67
|
+
end
|
68
|
+
|
69
|
+
uid do
|
70
|
+
if options.uid_claim.is_a?(String)
|
71
|
+
decoded[options.uid_claim]
|
72
|
+
else
|
73
|
+
uid_lookup.uid(decoded)
|
74
|
+
end
|
75
|
+
end
|
76
|
+
|
77
|
+
extra do
|
78
|
+
{:raw_info => decoded}
|
79
|
+
end
|
80
|
+
|
81
|
+
info do
|
82
|
+
options.info_map.inject({}) do |h,(k,v)|
|
83
|
+
h[k.to_s] = v.respond_to?(:call) ? v.call(decoded) : decoded[v.to_s]
|
84
|
+
h
|
85
|
+
end
|
86
|
+
end
|
87
|
+
|
88
|
+
private
|
89
|
+
|
90
|
+
def secret
|
91
|
+
if options.secret.is_a?(String)
|
92
|
+
options.secret
|
93
|
+
else
|
94
|
+
secret_lookup.secret
|
95
|
+
end
|
96
|
+
end
|
97
|
+
|
98
|
+
def parse_token(data)
|
99
|
+
@decoded, _ = ::JWT.decode(data, secret, options.algorithm)
|
100
|
+
@decoded = @decoded['userInfo']
|
101
|
+
|
102
|
+
(options.required_claims || []).each do |field|
|
103
|
+
raise ClaimInvalid.new("Missing required '#{field}' claim.") if !@decoded.key?(field.to_s)
|
104
|
+
end
|
105
|
+
raise ClaimInvalid.new("Missing required 'iat' claim.") if options.valid_within && !@decoded["iat"]
|
106
|
+
raise ClaimInvalid.new("'iat' timestamp claim is too skewed from present.") if options.valid_within && (Time.now.to_i - @decoded["iat"]).abs > options.valid_within
|
107
|
+
end
|
108
|
+
|
109
|
+
def secret_lookup
|
110
|
+
@secret_lookup ||= options.secret.new(request)
|
111
|
+
end
|
112
|
+
|
113
|
+
def uid_lookup
|
114
|
+
@uid_lookup ||= options.uid_claim.new(request)
|
115
|
+
end
|
116
|
+
|
117
|
+
def params
|
118
|
+
request.params
|
119
|
+
end
|
120
|
+
|
121
|
+
def missing_credentials?
|
122
|
+
(params['username'].nil? || params['username'].empty? || params['password'].nil? || params['password'].empty?) && (params['token'].nil? || params['token'].empty?)
|
123
|
+
end
|
124
|
+
end
|
125
|
+
|
126
|
+
class Jwt < JWT; end
|
127
|
+
end
|
128
|
+
end
|
@@ -0,0 +1,31 @@
|
|
1
|
+
# coding: utf-8
|
2
|
+
lib = File.expand_path('../lib', __FILE__)
|
3
|
+
$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
|
4
|
+
require 'omniauth/jwt/version'
|
5
|
+
|
6
|
+
Gem::Specification.new do |spec|
|
7
|
+
spec.name = "aca-omniauth-jwt"
|
8
|
+
spec.version = Omniauth::JWT::VERSION
|
9
|
+
spec.authors = ["Michael Bleigh", "Tobias Haar"]
|
10
|
+
spec.email = ["mbleigh@mbleigh.com", "tobias.haar@sage.com"]
|
11
|
+
spec.description = %q{An OmniAuth strategy to accept JWT-based single sign-on.}
|
12
|
+
spec.summary = %q{An OmniAuth strategy to accept JWT-based single sign-on.}
|
13
|
+
spec.homepage = "http://github.com/Sage/omniauth-jwt"
|
14
|
+
spec.license = "MIT"
|
15
|
+
|
16
|
+
spec.files = `git ls-files`.split($/)
|
17
|
+
spec.executables = spec.files.grep(%r{^bin/}) { |f| File.basename(f) }
|
18
|
+
spec.test_files = spec.files.grep(%r{^(test|spec|features)/})
|
19
|
+
spec.require_paths = ["lib"]
|
20
|
+
|
21
|
+
spec.add_development_dependency "bundler", "~> 1.3"
|
22
|
+
spec.add_development_dependency "rake"
|
23
|
+
spec.add_development_dependency "rspec"
|
24
|
+
spec.add_development_dependency "guard"
|
25
|
+
spec.add_development_dependency "guard-rspec"
|
26
|
+
spec.add_development_dependency "rack-test"
|
27
|
+
|
28
|
+
spec.add_dependency "jwt", "~> 1.0"
|
29
|
+
spec.add_dependency "omniauth", "~> 1.1"
|
30
|
+
spec.add_dependency "uv-rays"
|
31
|
+
end
|
@@ -0,0 +1,96 @@
|
|
1
|
+
require 'spec_helper'
|
2
|
+
require 'multi_json'
|
3
|
+
|
4
|
+
class TestLookup
|
5
|
+
def initialize(request)
|
6
|
+
@request = request
|
7
|
+
end
|
8
|
+
|
9
|
+
def secret
|
10
|
+
"test_secret"
|
11
|
+
end
|
12
|
+
|
13
|
+
def uid(decoded)
|
14
|
+
"foo"
|
15
|
+
end
|
16
|
+
end
|
17
|
+
|
18
|
+
describe OmniAuth::Strategies::JWT do
|
19
|
+
let(:response_json){ MultiJson.load(last_response.body) }
|
20
|
+
let(:args){ ['imasecret', {auth_url: 'http://example.com/login'}] }
|
21
|
+
|
22
|
+
let(:app){
|
23
|
+
the_args = args
|
24
|
+
Rack::Builder.new do |b|
|
25
|
+
b.use Rack::Session::Cookie, secret: 'sekrit'
|
26
|
+
b.use OmniAuth::Strategies::JWT, *the_args
|
27
|
+
b.run lambda{|env| [200, {}, [(env['omniauth.auth'] || {}).to_json]]}
|
28
|
+
end
|
29
|
+
}
|
30
|
+
|
31
|
+
context "when lookup class is defined" do
|
32
|
+
let(:args) { [TestLookup, {:uid_claim => TestLookup}] }
|
33
|
+
|
34
|
+
it "uses the provided class to lookup the key" do
|
35
|
+
encoded = JWT.encode({name: 'Bob', email: 'steve@example.com'}, "test_secret")
|
36
|
+
get '/auth/jwt/callback?jwt=' + encoded
|
37
|
+
expect(response_json["info"]["email"]).to eq("steve@example.com")
|
38
|
+
end
|
39
|
+
|
40
|
+
it "provides a UID for the signatory" do
|
41
|
+
encoded = JWT.encode({name: 'Bob', email: 'steve@example.com'}, "test_secret")
|
42
|
+
get '/auth/jwt/callback?jwt=' + encoded
|
43
|
+
expect(response_json["uid"]).to eq('foo')
|
44
|
+
end
|
45
|
+
end
|
46
|
+
|
47
|
+
context 'request phase' do
|
48
|
+
it 'should redirect to the configured login url' do
|
49
|
+
get '/auth/jwt'
|
50
|
+
expect(last_response.status).to eq(302)
|
51
|
+
expect(last_response.headers['Location']).to eq('http://example.com/login')
|
52
|
+
end
|
53
|
+
end
|
54
|
+
|
55
|
+
context 'callback phase' do
|
56
|
+
it 'should decode the response' do
|
57
|
+
encoded = JWT.encode({name: 'Bob', email: 'steve@example.com'}, 'imasecret')
|
58
|
+
get '/auth/jwt/callback?jwt=' + encoded
|
59
|
+
expect(response_json["info"]["email"]).to eq("steve@example.com")
|
60
|
+
end
|
61
|
+
|
62
|
+
it 'should not work without required fields' do
|
63
|
+
encoded = JWT.encode({name: 'Steve'}, 'imasecret')
|
64
|
+
get '/auth/jwt/callback?jwt=' + encoded
|
65
|
+
expect(last_response.status).to eq(302)
|
66
|
+
end
|
67
|
+
|
68
|
+
it 'should assign the uid' do
|
69
|
+
encoded = JWT.encode({name: 'Steve', email: 'dude@awesome.com'}, 'imasecret')
|
70
|
+
get '/auth/jwt/callback?jwt=' + encoded
|
71
|
+
expect(response_json["uid"]).to eq('dude@awesome.com')
|
72
|
+
end
|
73
|
+
|
74
|
+
context 'with a :valid_within option set' do
|
75
|
+
let(:args){ ['imasecret', {auth_url: 'http://example.com/login', valid_within: 300}] }
|
76
|
+
|
77
|
+
it 'should work if the iat key is within the time window' do
|
78
|
+
encoded = JWT.encode({name: 'Ted', email: 'ted@example.com', iat: Time.now.to_i}, 'imasecret')
|
79
|
+
get '/auth/jwt/callback?jwt=' + encoded
|
80
|
+
expect(last_response.status).to eq(200)
|
81
|
+
end
|
82
|
+
|
83
|
+
it 'should not work if the iat key is outside the time window' do
|
84
|
+
encoded = JWT.encode({name: 'Ted', email: 'ted@example.com', iat: Time.now.to_i + 500}, 'imasecret')
|
85
|
+
get '/auth/jwt/callback?jwt=' + encoded
|
86
|
+
expect(last_response.status).to eq(302)
|
87
|
+
end
|
88
|
+
|
89
|
+
it 'should not work if the iat key is missing' do
|
90
|
+
encoded = JWT.encode({name: 'Ted', email: 'ted@example.com'}, 'imasecret')
|
91
|
+
get '/auth/jwt/callback?jwt=' + encoded
|
92
|
+
expect(last_response.status).to eq(302)
|
93
|
+
end
|
94
|
+
end
|
95
|
+
end
|
96
|
+
end
|
data/spec/spec_helper.rb
ADDED
@@ -0,0 +1,24 @@
|
|
1
|
+
$:.unshift File.dirname(__FILE__) + "/../lib"
|
2
|
+
require 'rack/test'
|
3
|
+
|
4
|
+
require 'omniauth/jwt'
|
5
|
+
OmniAuth.config.logger = Logger.new('/dev/null')
|
6
|
+
# This file was generated by the `rspec --init` command. Conventionally, all
|
7
|
+
# specs live under a `spec` directory, which RSpec adds to the `$LOAD_PATH`.
|
8
|
+
# Require this file using `require "spec_helper"` to ensure that it is only
|
9
|
+
# loaded once.
|
10
|
+
#
|
11
|
+
# See http://rubydoc.info/gems/rspec-core/RSpec/Core/Configuration
|
12
|
+
RSpec.configure do |config|
|
13
|
+
config.treat_symbols_as_metadata_keys_with_true_values = true
|
14
|
+
config.run_all_when_everything_filtered = true
|
15
|
+
config.filter_run :focus
|
16
|
+
|
17
|
+
include Rack::Test::Methods
|
18
|
+
|
19
|
+
# Run specs in random order to surface order dependencies. If you find an
|
20
|
+
# order dependency and want to debug it, you can fix the order by providing
|
21
|
+
# the seed, which is printed after each run.
|
22
|
+
# --seed 1234
|
23
|
+
config.order = 'random'
|
24
|
+
end
|
metadata
ADDED
@@ -0,0 +1,189 @@
|
|
1
|
+
--- !ruby/object:Gem::Specification
|
2
|
+
name: aca-omniauth-jwt
|
3
|
+
version: !ruby/object:Gem::Version
|
4
|
+
version: 1.1.1
|
5
|
+
platform: ruby
|
6
|
+
authors:
|
7
|
+
- Michael Bleigh
|
8
|
+
- Tobias Haar
|
9
|
+
autorequire:
|
10
|
+
bindir: bin
|
11
|
+
cert_chain: []
|
12
|
+
date: 2017-10-05 00:00:00.000000000 Z
|
13
|
+
dependencies:
|
14
|
+
- !ruby/object:Gem::Dependency
|
15
|
+
name: bundler
|
16
|
+
requirement: !ruby/object:Gem::Requirement
|
17
|
+
requirements:
|
18
|
+
- - "~>"
|
19
|
+
- !ruby/object:Gem::Version
|
20
|
+
version: '1.3'
|
21
|
+
type: :development
|
22
|
+
prerelease: false
|
23
|
+
version_requirements: !ruby/object:Gem::Requirement
|
24
|
+
requirements:
|
25
|
+
- - "~>"
|
26
|
+
- !ruby/object:Gem::Version
|
27
|
+
version: '1.3'
|
28
|
+
- !ruby/object:Gem::Dependency
|
29
|
+
name: rake
|
30
|
+
requirement: !ruby/object:Gem::Requirement
|
31
|
+
requirements:
|
32
|
+
- - ">="
|
33
|
+
- !ruby/object:Gem::Version
|
34
|
+
version: '0'
|
35
|
+
type: :development
|
36
|
+
prerelease: false
|
37
|
+
version_requirements: !ruby/object:Gem::Requirement
|
38
|
+
requirements:
|
39
|
+
- - ">="
|
40
|
+
- !ruby/object:Gem::Version
|
41
|
+
version: '0'
|
42
|
+
- !ruby/object:Gem::Dependency
|
43
|
+
name: rspec
|
44
|
+
requirement: !ruby/object:Gem::Requirement
|
45
|
+
requirements:
|
46
|
+
- - ">="
|
47
|
+
- !ruby/object:Gem::Version
|
48
|
+
version: '0'
|
49
|
+
type: :development
|
50
|
+
prerelease: false
|
51
|
+
version_requirements: !ruby/object:Gem::Requirement
|
52
|
+
requirements:
|
53
|
+
- - ">="
|
54
|
+
- !ruby/object:Gem::Version
|
55
|
+
version: '0'
|
56
|
+
- !ruby/object:Gem::Dependency
|
57
|
+
name: guard
|
58
|
+
requirement: !ruby/object:Gem::Requirement
|
59
|
+
requirements:
|
60
|
+
- - ">="
|
61
|
+
- !ruby/object:Gem::Version
|
62
|
+
version: '0'
|
63
|
+
type: :development
|
64
|
+
prerelease: false
|
65
|
+
version_requirements: !ruby/object:Gem::Requirement
|
66
|
+
requirements:
|
67
|
+
- - ">="
|
68
|
+
- !ruby/object:Gem::Version
|
69
|
+
version: '0'
|
70
|
+
- !ruby/object:Gem::Dependency
|
71
|
+
name: guard-rspec
|
72
|
+
requirement: !ruby/object:Gem::Requirement
|
73
|
+
requirements:
|
74
|
+
- - ">="
|
75
|
+
- !ruby/object:Gem::Version
|
76
|
+
version: '0'
|
77
|
+
type: :development
|
78
|
+
prerelease: false
|
79
|
+
version_requirements: !ruby/object:Gem::Requirement
|
80
|
+
requirements:
|
81
|
+
- - ">="
|
82
|
+
- !ruby/object:Gem::Version
|
83
|
+
version: '0'
|
84
|
+
- !ruby/object:Gem::Dependency
|
85
|
+
name: rack-test
|
86
|
+
requirement: !ruby/object:Gem::Requirement
|
87
|
+
requirements:
|
88
|
+
- - ">="
|
89
|
+
- !ruby/object:Gem::Version
|
90
|
+
version: '0'
|
91
|
+
type: :development
|
92
|
+
prerelease: false
|
93
|
+
version_requirements: !ruby/object:Gem::Requirement
|
94
|
+
requirements:
|
95
|
+
- - ">="
|
96
|
+
- !ruby/object:Gem::Version
|
97
|
+
version: '0'
|
98
|
+
- !ruby/object:Gem::Dependency
|
99
|
+
name: jwt
|
100
|
+
requirement: !ruby/object:Gem::Requirement
|
101
|
+
requirements:
|
102
|
+
- - "~>"
|
103
|
+
- !ruby/object:Gem::Version
|
104
|
+
version: '1.0'
|
105
|
+
type: :runtime
|
106
|
+
prerelease: false
|
107
|
+
version_requirements: !ruby/object:Gem::Requirement
|
108
|
+
requirements:
|
109
|
+
- - "~>"
|
110
|
+
- !ruby/object:Gem::Version
|
111
|
+
version: '1.0'
|
112
|
+
- !ruby/object:Gem::Dependency
|
113
|
+
name: omniauth
|
114
|
+
requirement: !ruby/object:Gem::Requirement
|
115
|
+
requirements:
|
116
|
+
- - "~>"
|
117
|
+
- !ruby/object:Gem::Version
|
118
|
+
version: '1.1'
|
119
|
+
type: :runtime
|
120
|
+
prerelease: false
|
121
|
+
version_requirements: !ruby/object:Gem::Requirement
|
122
|
+
requirements:
|
123
|
+
- - "~>"
|
124
|
+
- !ruby/object:Gem::Version
|
125
|
+
version: '1.1'
|
126
|
+
- !ruby/object:Gem::Dependency
|
127
|
+
name: uv-rays
|
128
|
+
requirement: !ruby/object:Gem::Requirement
|
129
|
+
requirements:
|
130
|
+
- - ">="
|
131
|
+
- !ruby/object:Gem::Version
|
132
|
+
version: '0'
|
133
|
+
type: :runtime
|
134
|
+
prerelease: false
|
135
|
+
version_requirements: !ruby/object:Gem::Requirement
|
136
|
+
requirements:
|
137
|
+
- - ">="
|
138
|
+
- !ruby/object:Gem::Version
|
139
|
+
version: '0'
|
140
|
+
description: An OmniAuth strategy to accept JWT-based single sign-on.
|
141
|
+
email:
|
142
|
+
- mbleigh@mbleigh.com
|
143
|
+
- tobias.haar@sage.com
|
144
|
+
executables: []
|
145
|
+
extensions: []
|
146
|
+
extra_rdoc_files: []
|
147
|
+
files:
|
148
|
+
- ".gitignore"
|
149
|
+
- ".rspec"
|
150
|
+
- ".travis.yml"
|
151
|
+
- Gemfile
|
152
|
+
- Guardfile
|
153
|
+
- LICENSE.txt
|
154
|
+
- README.md
|
155
|
+
- Rakefile
|
156
|
+
- ci/deploy-gems.sh
|
157
|
+
- lib/omniauth/jwt.rb
|
158
|
+
- lib/omniauth/jwt/version.rb
|
159
|
+
- lib/omniauth/strategies/jwt.rb
|
160
|
+
- omniauth-jwt.gemspec
|
161
|
+
- spec/lib/omniauth/strategies/jwt_spec.rb
|
162
|
+
- spec/spec_helper.rb
|
163
|
+
homepage: http://github.com/Sage/omniauth-jwt
|
164
|
+
licenses:
|
165
|
+
- MIT
|
166
|
+
metadata: {}
|
167
|
+
post_install_message:
|
168
|
+
rdoc_options: []
|
169
|
+
require_paths:
|
170
|
+
- lib
|
171
|
+
required_ruby_version: !ruby/object:Gem::Requirement
|
172
|
+
requirements:
|
173
|
+
- - ">="
|
174
|
+
- !ruby/object:Gem::Version
|
175
|
+
version: '0'
|
176
|
+
required_rubygems_version: !ruby/object:Gem::Requirement
|
177
|
+
requirements:
|
178
|
+
- - ">="
|
179
|
+
- !ruby/object:Gem::Version
|
180
|
+
version: '0'
|
181
|
+
requirements: []
|
182
|
+
rubyforge_project:
|
183
|
+
rubygems_version: 2.6.12
|
184
|
+
signing_key:
|
185
|
+
specification_version: 4
|
186
|
+
summary: An OmniAuth strategy to accept JWT-based single sign-on.
|
187
|
+
test_files:
|
188
|
+
- spec/lib/omniauth/strategies/jwt_spec.rb
|
189
|
+
- spec/spec_helper.rb
|