atproto_auth 0.0.1 → 0.1.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/.rubocop.yml +17 -2
- data/CHANGELOG.md +23 -2
- data/README.md +91 -5
- data/examples/confidential_client/.gitignore +2 -0
- data/examples/confidential_client/Gemfile +1 -0
- data/examples/confidential_client/Gemfile.lock +10 -1
- data/examples/confidential_client/README.md +86 -9
- data/examples/confidential_client/app.rb +83 -12
- data/examples/confidential_client/{public/client-metadata.json → config/client-metadata.example.json} +5 -4
- data/examples/confidential_client/screenshots/screenshot-1-sign-in.png +0 -0
- data/examples/confidential_client/screenshots/screenshot-2-success.png +0 -0
- data/examples/confidential_client/scripts/generate_keys.rb +0 -0
- data/examples/confidential_client/views/authorized.erb +1 -1
- data/lib/atproto_auth/client.rb +98 -38
- data/lib/atproto_auth/client_metadata.rb +2 -2
- data/lib/atproto_auth/configuration.rb +35 -1
- data/lib/atproto_auth/dpop/key_manager.rb +1 -1
- data/lib/atproto_auth/dpop/nonce_manager.rb +30 -47
- data/lib/atproto_auth/encryption.rb +156 -0
- data/lib/atproto_auth/http_client.rb +2 -2
- data/lib/atproto_auth/identity/document.rb +1 -1
- data/lib/atproto_auth/identity/resolver.rb +1 -1
- data/lib/atproto_auth/serialization/base.rb +189 -0
- data/lib/atproto_auth/serialization/dpop_key.rb +29 -0
- data/lib/atproto_auth/serialization/session.rb +77 -0
- data/lib/atproto_auth/serialization/stored_nonce.rb +37 -0
- data/lib/atproto_auth/serialization/token_set.rb +43 -0
- data/lib/atproto_auth/server_metadata/authorization_server.rb +20 -1
- data/lib/atproto_auth/state/session_manager.rb +67 -20
- data/lib/atproto_auth/storage/interface.rb +112 -0
- data/lib/atproto_auth/storage/key_builder.rb +39 -0
- data/lib/atproto_auth/storage/memory.rb +191 -0
- data/lib/atproto_auth/storage/redis.rb +119 -0
- data/lib/atproto_auth/token/refresh.rb +249 -0
- data/lib/atproto_auth/version.rb +1 -1
- data/lib/atproto_auth.rb +29 -1
- metadata +32 -5
- data/examples/confidential_client/config/client-metadata.json +0 -25
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: atproto_auth
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.1.1
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Josh Huckabee
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: exe
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2024-12-
|
|
11
|
+
date: 2024-12-07 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: jose
|
|
@@ -38,6 +38,20 @@ dependencies:
|
|
|
38
38
|
- - "~>"
|
|
39
39
|
- !ruby/object:Gem::Version
|
|
40
40
|
version: '2.9'
|
|
41
|
+
- !ruby/object:Gem::Dependency
|
|
42
|
+
name: redis
|
|
43
|
+
requirement: !ruby/object:Gem::Requirement
|
|
44
|
+
requirements:
|
|
45
|
+
- - "~>"
|
|
46
|
+
- !ruby/object:Gem::Version
|
|
47
|
+
version: '5.3'
|
|
48
|
+
type: :runtime
|
|
49
|
+
prerelease: false
|
|
50
|
+
version_requirements: !ruby/object:Gem::Requirement
|
|
51
|
+
requirements:
|
|
52
|
+
- - "~>"
|
|
53
|
+
- !ruby/object:Gem::Version
|
|
54
|
+
version: '5.3'
|
|
41
55
|
description: A Ruby library for implementing AT Protocol OAuth flows, including DPoP,
|
|
42
56
|
PAR, and dynamic client registration. Supports both client and server-side implementations
|
|
43
57
|
with comprehensive security features.
|
|
@@ -52,14 +66,16 @@ files:
|
|
|
52
66
|
- LICENSE.txt
|
|
53
67
|
- README.md
|
|
54
68
|
- Rakefile
|
|
69
|
+
- examples/confidential_client/.gitignore
|
|
55
70
|
- examples/confidential_client/Gemfile
|
|
56
71
|
- examples/confidential_client/Gemfile.lock
|
|
57
72
|
- examples/confidential_client/README.md
|
|
58
73
|
- examples/confidential_client/app.rb
|
|
59
74
|
- examples/confidential_client/config.ru
|
|
60
|
-
- examples/confidential_client/config/client-metadata.json
|
|
61
|
-
- examples/confidential_client/public/client-metadata.json
|
|
75
|
+
- examples/confidential_client/config/client-metadata.example.json
|
|
62
76
|
- examples/confidential_client/public/styles.css
|
|
77
|
+
- examples/confidential_client/screenshots/screenshot-1-sign-in.png
|
|
78
|
+
- examples/confidential_client/screenshots/screenshot-2-success.png
|
|
63
79
|
- examples/confidential_client/scripts/generate_keys.rb
|
|
64
80
|
- examples/confidential_client/views/authorized.erb
|
|
65
81
|
- examples/confidential_client/views/index.erb
|
|
@@ -72,6 +88,7 @@ files:
|
|
|
72
88
|
- lib/atproto_auth/dpop/key_manager.rb
|
|
73
89
|
- lib/atproto_auth/dpop/nonce_manager.rb
|
|
74
90
|
- lib/atproto_auth/dpop/proof_generator.rb
|
|
91
|
+
- lib/atproto_auth/encryption.rb
|
|
75
92
|
- lib/atproto_auth/errors.rb
|
|
76
93
|
- lib/atproto_auth/http_client.rb
|
|
77
94
|
- lib/atproto_auth/identity.rb
|
|
@@ -83,6 +100,11 @@ files:
|
|
|
83
100
|
- lib/atproto_auth/par/request.rb
|
|
84
101
|
- lib/atproto_auth/par/response.rb
|
|
85
102
|
- lib/atproto_auth/pkce.rb
|
|
103
|
+
- lib/atproto_auth/serialization/base.rb
|
|
104
|
+
- lib/atproto_auth/serialization/dpop_key.rb
|
|
105
|
+
- lib/atproto_auth/serialization/session.rb
|
|
106
|
+
- lib/atproto_auth/serialization/stored_nonce.rb
|
|
107
|
+
- lib/atproto_auth/serialization/token_set.rb
|
|
86
108
|
- lib/atproto_auth/server_metadata.rb
|
|
87
109
|
- lib/atproto_auth/server_metadata/authorization_server.rb
|
|
88
110
|
- lib/atproto_auth/server_metadata/origin_url.rb
|
|
@@ -91,6 +113,11 @@ files:
|
|
|
91
113
|
- lib/atproto_auth/state/session.rb
|
|
92
114
|
- lib/atproto_auth/state/session_manager.rb
|
|
93
115
|
- lib/atproto_auth/state/token_set.rb
|
|
116
|
+
- lib/atproto_auth/storage/interface.rb
|
|
117
|
+
- lib/atproto_auth/storage/key_builder.rb
|
|
118
|
+
- lib/atproto_auth/storage/memory.rb
|
|
119
|
+
- lib/atproto_auth/storage/redis.rb
|
|
120
|
+
- lib/atproto_auth/token/refresh.rb
|
|
94
121
|
- lib/atproto_auth/version.rb
|
|
95
122
|
- sig/atproto_auth.rbs
|
|
96
123
|
- sig/atproto_auth/client_metadata.rbs
|
|
@@ -128,7 +155,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
|
128
155
|
requirements:
|
|
129
156
|
- - ">="
|
|
130
157
|
- !ruby/object:Gem::Version
|
|
131
|
-
version: 3.
|
|
158
|
+
version: 3.3.0
|
|
132
159
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
|
133
160
|
requirements:
|
|
134
161
|
- - ">="
|
|
@@ -1,25 +0,0 @@
|
|
|
1
|
-
{
|
|
2
|
-
"client_id": "https://mac.tail7f768.ts.net/client-metadata.json",
|
|
3
|
-
"client_name": "AT Protocol OAuth Ruby Example",
|
|
4
|
-
"redirect_uris": ["https://mac.tail7f768.ts.net/callback"],
|
|
5
|
-
"grant_types": ["authorization_code", "refresh_token"],
|
|
6
|
-
"response_types": ["code"],
|
|
7
|
-
"scope": "atproto",
|
|
8
|
-
"token_endpoint_auth_method": "private_key_jwt",
|
|
9
|
-
"token_endpoint_auth_signing_alg": "ES256",
|
|
10
|
-
"application_type": "web",
|
|
11
|
-
"dpop_bound_access_tokens": true,
|
|
12
|
-
"jwks": {
|
|
13
|
-
"keys": [
|
|
14
|
-
{
|
|
15
|
-
"use": "sig",
|
|
16
|
-
"kid": "key-1",
|
|
17
|
-
"x": "SzXlDk9rSyrZ3b0fVKOWFYY-AFZtld2zElycsmDZ3Xk",
|
|
18
|
-
"crv": "P-256",
|
|
19
|
-
"d": "OLJJKo9T9W7taz8gFd5YdsBw8cOpv3p5zPPtv2XaKcM",
|
|
20
|
-
"kty": "EC",
|
|
21
|
-
"y": "4hIBLl-BLD1Ypk-mvPxT2OR52ezMs4XI1MGBdhlLLm4"
|
|
22
|
-
}
|
|
23
|
-
]
|
|
24
|
-
}
|
|
25
|
-
}
|