apple_id 0.5.0 → 1.1.1

Sign up to get free protection for your applications and to get access to all the features.
Files changed (12) hide show
  1. checksums.yaml +4 -4
  2. data/.travis.yml +3 -3
  3. data/VERSION +1 -1
  4. data/apple_id.gemspec +1 -1
  5. data/lib/apple_id.rb +3 -0
  6. data/lib/apple_id/access_token.rb +1 -0
  7. data/lib/apple_id/api/user_migration.rb +36 -0
  8. data/lib/apple_id/client.rb +1 -1
  9. data/lib/apple_id/id_token.rb +9 -9
  10. data/lib/apple_id/id_token/real_user_status.rb +27 -0
  11. data/lib/apple_id/jwks.rb +27 -0
  12. metadata +7 -4
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 428e587e5b398e65d11d97adbdd336ef3ddc61ef8200ade5087ba6435e2e5796
4
- data.tar.gz: 58ffc15a5573a660e55dc0094bb30a8a4793851afdae038a6de4925af0d8bebe
3
+ metadata.gz: 8aec97bdb69637466419df18f24c42dce5ac8fd9fdb87439c71838461c66fdc2
4
+ data.tar.gz: 185267b0bc10970a1932885a4778ca18ec93249c5d12ad8a4c960775cfb0bfc8
5
5
  SHA512:
6
- metadata.gz: 71c0f1ba573dca96972ae9bc73ebb9c993d77274d514a05f3399bcbf123c1b65c72b004bc0bb2deb56313c79d94a504d638bf3a58e027899e62b25ccd90df42b
7
- data.tar.gz: f31da8e0b4c4e94bdbb08e99ae22a26d42fc8e8d526f664285f23f47592f5606cd92d643c5670facbdbfb35e681b0697d5bdf7056ee49c103221bc87a986d524
6
+ metadata.gz: 0d6bfd4581f452e9f7a34dfd7f184dc5444f926a74a06ed3c24a302cc0a6ef5a0c63d18dd68f72bce7e50c26ad35ed1da694b9b5776725a05cde4ad9ce9dc270
7
+ data.tar.gz: 563cb61bf4dc6550b0df458b6518efe0956b09e7fcbef456b670e71228d50f3d8e92a3c0c105bdbaee2d3f7b056a22025b1824dc0c830c936a58de67e877ffe2
data/.travis.yml CHANGED
@@ -4,6 +4,6 @@ language: ruby
4
4
  cache: bundler
5
5
  before_install: gem install bundler
6
6
  rvm:
7
- - 2.4.6
8
- - 2.5.5
9
- - 2.6.2
7
+ - 2.5.8
8
+ - 2.6.6
9
+ - 2.7.1
data/VERSION CHANGED
@@ -1 +1 @@
1
- 0.5.0
1
+ 1.1.1
data/apple_id.gemspec CHANGED
@@ -18,7 +18,7 @@ Gem::Specification.new do |spec|
18
18
  spec.executables = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
19
19
  spec.require_paths = ['lib']
20
20
 
21
- spec.add_runtime_dependency 'rack-oauth2', '~> 1.11'
21
+ spec.add_runtime_dependency 'rack-oauth2', '~> 1.12'
22
22
  spec.add_runtime_dependency 'openid_connect', '~> 1.1.7'
23
23
  spec.add_development_dependency 'bundler'
24
24
  spec.add_development_dependency 'rake'
data/lib/apple_id.rb CHANGED
@@ -54,3 +54,6 @@ end
54
54
  require 'apple_id/client'
55
55
  require 'apple_id/access_token'
56
56
  require 'apple_id/id_token'
57
+ require 'apple_id/id_token/real_user_status'
58
+ require 'apple_id/jwks'
59
+ require 'apple_id/api/user_migration'
data/lib/apple_id/access_token.rb CHANGED
@@ -1,6 +1,7 @@
1
1
  module AppleID
2
2
  class AccessToken < OpenIDConnect::AccessToken
3
3
  undef_required_attributes :client
4
+ attr_optional :client
4
5
 
5
6
  def initialize(access_token, attributes = {})
6
7
  super attributes.merge(access_token: access_token)
data/lib/apple_id/api/user_migration.rb ADDED
@@ -0,0 +1,36 @@
1
+ module AppleID
2
+ module API
3
+ module UserMigration
4
+ def transfer_from!(transfer_sub:)
5
+ resource_request do
6
+ post(
7
+ user_migration_endpoint,
8
+ transfer_sub: transfer_sub,
9
+ client_id: client.identifier,
10
+ client_secret: client.secret
11
+ )
12
+ end
13
+ end
14
+
15
+ def transfer_to!(sub:, target:)
16
+ resource_request do
17
+ post(
18
+ user_migration_endpoint,
19
+ sub: sub,
20
+ target: client.team_id,
21
+ client_id: client.identifier,
22
+ client_secret: client.secret
23
+ )
24
+ end
25
+ end
26
+
27
+ private
28
+
29
+ def user_migration_endpoint
30
+ File.join(ISSUER, '/auth/usermigrationinfo')
31
+ end
32
+ end
33
+
34
+ AccessToken.include UserMigration
35
+ end
36
+ end
data/lib/apple_id/client.rb CHANGED
@@ -40,7 +40,7 @@ module AppleID
40
40
 
41
41
  def handle_success_response(response)
42
42
  token_hash = JSON.parse(response.body).with_indifferent_access
43
- AccessToken.new token_hash.delete(:access_token), token_hash
43
+ AccessToken.new token_hash.delete(:access_token), token_hash.merge(client: self)
44
44
  end
45
45
 
46
46
  def handle_error_response(response)
data/lib/apple_id/id_token.rb CHANGED
@@ -2,7 +2,7 @@ module AppleID
2
2
  class IdToken < OpenIDConnect::ResponseObject::IdToken
3
3
  class VerificationFailed < StandardError; end
4
4
 
5
- attr_optional :email, :email_verified, :is_private_email, :nonce_supported
5
+ attr_optional :email, :email_verified, :is_private_email, :nonce_supported, :real_user_status
6
6
  attr_accessor :original_jwt_string
7
7
  alias_method :original_jwt, :raw_attributes
8
8
 
@@ -18,6 +18,13 @@ module AppleID
18
18
  end
19
19
  end
20
20
 
21
+ def initialize(attributes = {})
22
+ super
23
+ unless self.real_user_status.nil?
24
+ self.real_user_status = RealUserStatus.new(self.real_user_status)
25
+ end
26
+ end
27
+
21
28
  def verify!(verify_signature: true, client: nil, nonce: nil, state: nil, access_token: nil, code: nil)
22
29
  verify_signature! if verify_signature
23
30
  verify_claims! client, nonce, state, access_token, code
@@ -34,15 +41,8 @@ module AppleID
34
41
 
35
42
  private
36
43
 
37
- def jwks
38
- @jwks ||= JSON.parse(
39
- OpenIDConnect.http_client.get_content(JWKS_URI)
40
- ).with_indifferent_access
41
- JSON::JWK::Set.new @jwks[:keys]
42
- end
43
-
44
44
  def verify_signature!
45
- original_jwt.verify! jwks
45
+ original_jwt.verify! JWKS.fetch(original_jwt.kid)
46
46
  rescue
47
47
  raise VerificationFailed, 'Signature Verification Failed'
48
48
  end
data/lib/apple_id/id_token/real_user_status.rb ADDED
@@ -0,0 +1,27 @@
1
+ module AppleID
2
+ class IdToken::RealUserStatus
3
+ class UndefinedStatus < StandardError; end
4
+
5
+ attr_accessor :value
6
+
7
+ STATUSES = [
8
+ :unsupported,
9
+ :unknown,
10
+ :likely_real
11
+ ]
12
+
13
+ def initialize(value)
14
+ self.value = value
15
+ end
16
+
17
+ STATUSES.each do |expected_status|
18
+ define_method :"#{expected_status}?" do
19
+ send(:status) == expected_status
20
+ end
21
+ end
22
+
23
+ def status
24
+ STATUSES[value] or raise UndefinedStatus
25
+ end
26
+ end
27
+ end
data/lib/apple_id/jwks.rb ADDED
@@ -0,0 +1,27 @@
1
+ module AppleID
2
+ class JWKS < JSON::JWK::Set
3
+ class Cache
4
+ def fetch(cache_key)
5
+ yield
6
+ end
7
+ end
8
+
9
+ def self.cache=(cache)
10
+ @@cache = cache
11
+ end
12
+ def self.cache
13
+ @@cache
14
+ end
15
+ self.cache = Cache.new
16
+
17
+ def self.fetch(cache_key)
18
+ jwks = cache.fetch("apple_id:jwks:#{cache_key}") do
19
+ new(
20
+ JSON.parse(
21
+ OpenIDConnect.http_client.get_content(JWKS_URI)
22
+ ).with_indifferent_access[:keys]
23
+ )
24
+ end
25
+ end
26
+ end
27
+ end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: apple_id
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.5.0
4
+ version: 1.1.1
5
5
  platform: ruby
6
6
  authors:
7
7
  - nov
8
8
  autorequire:
9
9
  bindir: exe
10
10
  cert_chain: []
11
- date: 2020-03-25 00:00:00.000000000 Z
11
+ date: 2020-07-11 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: rack-oauth2
@@ -16,14 +16,14 @@ dependencies:
16
16
  requirements:
17
17
  - - "~>"
18
18
  - !ruby/object:Gem::Version
19
- version: '1.11'
19
+ version: '1.12'
20
20
  type: :runtime
21
21
  prerelease: false
22
22
  version_requirements: !ruby/object:Gem::Requirement
23
23
  requirements:
24
24
  - - "~>"
25
25
  - !ruby/object:Gem::Version
26
- version: '1.11'
26
+ version: '1.12'
27
27
  - !ruby/object:Gem::Dependency
28
28
  name: openid_connect
29
29
  requirement: !ruby/object:Gem::Requirement
@@ -143,8 +143,11 @@ files:
143
143
  - bin/setup
144
144
  - lib/apple_id.rb
145
145
  - lib/apple_id/access_token.rb
146
+ - lib/apple_id/api/user_migration.rb
146
147
  - lib/apple_id/client.rb
147
148
  - lib/apple_id/id_token.rb
149
+ - lib/apple_id/id_token/real_user_status.rb
150
+ - lib/apple_id/jwks.rb
148
151
  homepage: https://github.com/nov/apple_id
149
152
  licenses:
150
153
  - MIT