authlete 1.20.0 → 1.21.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/authlete/model/client-extension.rb +6 -1
- data/lib/authlete/model/service.rb +18 -0
- data/lib/authlete/version.rb +1 -1
- data/test/authlete/model/test_client-extension.rb +7 -2
- data/test/authlete/model/test_client.rb +8 -3
- data/test/authlete/model/test_service.rb +16 -2
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: aa7e3f6284c06767eef0769f49d23b45d814b05143e1e814851601d7b0fe4d4d
|
|
4
|
+
data.tar.gz: 592b75c5d9b63bf1ce2b6e6043a60b2b5a349d8b93d54215e168bfb20b9bb4d5
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 97116cc29a6312fc46f738b503b350b030cbdd7bd28c33fdab6d0761ec5774244472bf3bb4400bfd0457caf0fe16a6c1bb9480fcf22d0929b21202581bda856d
|
|
7
|
+
data.tar.gz: b1df3677a66b7cd5526405c7a71d024753ecba058a4152aa9f4a68e020bc4483cd705aecb68ced4c7796bf137be3799380268074277a2ac42c12a070d54a3622
|
|
@@ -36,6 +36,9 @@ module Authlete
|
|
|
36
36
|
alias_method :refresh_token_duration, :refreshTokenDuration
|
|
37
37
|
alias_method :refresh_token_duration=, :refreshTokenDuration=
|
|
38
38
|
|
|
39
|
+
attr_accessor :tokenExchangePermitted
|
|
40
|
+
alias_method :token_exchange_permitted, :tokenExchangePermitted
|
|
41
|
+
alias_method :token_exchange_permitted=, :tokenExchangePermitted=
|
|
39
42
|
private
|
|
40
43
|
|
|
41
44
|
def defaults
|
|
@@ -43,7 +46,8 @@ module Authlete
|
|
|
43
46
|
requestableScopes: nil,
|
|
44
47
|
requestableScopesEnabled: false,
|
|
45
48
|
accessTokenDuration: 0,
|
|
46
|
-
refreshTokenDuration: 0
|
|
49
|
+
refreshTokenDuration: 0,
|
|
50
|
+
tokenExchangePermitted: false
|
|
47
51
|
}
|
|
48
52
|
end
|
|
49
53
|
|
|
@@ -52,6 +56,7 @@ module Authlete
|
|
|
52
56
|
@requestableScopesEnabled = hash[:requestableScopesEnabled]
|
|
53
57
|
@accessTokenDuration = hash[:accessTokenDuration]
|
|
54
58
|
@refreshTokenDuration = hash[:refreshTokenDuration]
|
|
59
|
+
@tokenExchangePermitted = hash[:tokenExchangePermitted]
|
|
55
60
|
end
|
|
56
61
|
end
|
|
57
62
|
end
|
|
@@ -563,6 +563,18 @@ module Authlete
|
|
|
563
563
|
alias_method :trust_anchors, :trustAnchors
|
|
564
564
|
alias_method :trust_anchors=, :trustAnchors=
|
|
565
565
|
|
|
566
|
+
attr_accessor :tokenExchangeByIdentifiableClientsOnly
|
|
567
|
+
alias_method :token_exchange_by_identifiable_clients_only, :tokenExchangeByIdentifiableClientsOnly
|
|
568
|
+
alias_method :token_exchange_by_identifiable_clients_only=, :tokenExchangeByIdentifiableClientsOnly=
|
|
569
|
+
|
|
570
|
+
attr_accessor :tokenExchangeByConfidentialClientsOnly
|
|
571
|
+
alias_method :token_exchange_by_confidential_clients_only, :tokenExchangeByConfidentialClientsOnly
|
|
572
|
+
alias_method :token_exchange_by_confidential_clients_only=, :tokenExchangeByConfidentialClientsOnly=
|
|
573
|
+
|
|
574
|
+
attr_accessor :tokenExchangeByPermittedClientsOnly
|
|
575
|
+
alias_method :token_exchange_by_permitted_clients_only, :tokenExchangeByPermittedClientsOnly
|
|
576
|
+
alias_method :token_exchange_by_permitted_clients_only=, :tokenExchangeByPermittedClientsOnly=
|
|
577
|
+
|
|
566
578
|
private
|
|
567
579
|
|
|
568
580
|
def defaults
|
|
@@ -706,6 +718,9 @@ module Authlete
|
|
|
706
718
|
federationRegistrationEndpoint: nil,
|
|
707
719
|
supportedClientRegistrationTypes: nil,
|
|
708
720
|
trustAnchors: nil,
|
|
721
|
+
tokenExchangeByIdentifiableClientsOnly: false,
|
|
722
|
+
tokenExchangeByConfidentialClientsOnly: false,
|
|
723
|
+
tokenExchangeByPermittedClientsOnly: false,
|
|
709
724
|
}
|
|
710
725
|
end
|
|
711
726
|
|
|
@@ -849,6 +864,9 @@ module Authlete
|
|
|
849
864
|
@federationRegistrationEndpoint = hash[:federationRegistrationEndpoint]
|
|
850
865
|
@supportedClientRegistrationTypes = hash[:supportedClientRegistrationTypes]
|
|
851
866
|
@trustAnchors = get_parsed_array(hash[:trustAnchors]) { |e| Authlete::Model::TrustAnchor.parse(e) }
|
|
867
|
+
@tokenExchangeByIdentifiableClientsOnly = hash[:tokenExchangeByIdentifiableClientsOnly]
|
|
868
|
+
@tokenExchangeByConfidentialClientsOnly = hash[:tokenExchangeByConfidentialClientsOnly]
|
|
869
|
+
@tokenExchangeByPermittedClientsOnly = hash[:tokenExchangeByPermittedClientsOnly]
|
|
852
870
|
|
|
853
871
|
end
|
|
854
872
|
|
data/lib/authlete/version.rb
CHANGED
|
@@ -25,6 +25,7 @@ class ClientExtensionTest < Minitest::Test
|
|
|
25
25
|
REQUESTABLE_SCOPES_ENABLED = true
|
|
26
26
|
ACCESS_TOKEN_DURATION = 10000
|
|
27
27
|
REFRESH_TOKEN_DURATION = 10000
|
|
28
|
+
TOKEN_EXCHANGE_PERMITTED = false
|
|
28
29
|
|
|
29
30
|
|
|
30
31
|
def generate_json
|
|
@@ -33,7 +34,8 @@ class ClientExtensionTest < Minitest::Test
|
|
|
33
34
|
"requestableScopes": [ "<requestable-scope0>", "<requestable-scope1>" ],
|
|
34
35
|
"requestableScopesEnabled": true,
|
|
35
36
|
"accessTokenDuration": 10000,
|
|
36
|
-
"refreshTokenDuration": 10000
|
|
37
|
+
"refreshTokenDuration": 10000,
|
|
38
|
+
"tokenExchangePermitted": false
|
|
37
39
|
}
|
|
38
40
|
JSON
|
|
39
41
|
end
|
|
@@ -44,7 +46,8 @@ class ClientExtensionTest < Minitest::Test
|
|
|
44
46
|
requestableScopes: %w(<requestable-scope0> <requestable-scope1>),
|
|
45
47
|
requestableScopesEnabled: true,
|
|
46
48
|
accessTokenDuration: 10000,
|
|
47
|
-
refreshTokenDuration: 10000
|
|
49
|
+
refreshTokenDuration: 10000,
|
|
50
|
+
tokenExchangePermitted: false
|
|
48
51
|
}
|
|
49
52
|
end
|
|
50
53
|
|
|
@@ -54,6 +57,7 @@ class ClientExtensionTest < Minitest::Test
|
|
|
54
57
|
obj.requestable_scopes_enabled = REQUESTABLE_SCOPES_ENABLED
|
|
55
58
|
obj.access_token_duration = ACCESS_TOKEN_DURATION
|
|
56
59
|
obj.refresh_token_duration = REFRESH_TOKEN_DURATION
|
|
60
|
+
obj.token_exchange_permitted = TOKEN_EXCHANGE_PERMITTED
|
|
57
61
|
end
|
|
58
62
|
|
|
59
63
|
|
|
@@ -62,6 +66,7 @@ class ClientExtensionTest < Minitest::Test
|
|
|
62
66
|
assert_equal REQUESTABLE_SCOPES_ENABLED, obj.requestableScopesEnabled
|
|
63
67
|
assert_equal ACCESS_TOKEN_DURATION, obj.accessTokenDuration
|
|
64
68
|
assert_equal REFRESH_TOKEN_DURATION, obj.refreshTokenDuration
|
|
69
|
+
assert_equal TOKEN_EXCHANGE_PERMITTED, obj.tokenExchangePermitted
|
|
65
70
|
end
|
|
66
71
|
|
|
67
72
|
|
|
@@ -85,11 +85,13 @@ class ClientTest < Minitest::Test
|
|
|
85
85
|
REQUESTABLE_SCOPES_ENABLED = true
|
|
86
86
|
ACCESS_TOKEN_DURATION = 10000
|
|
87
87
|
REFRESH_TOKEN_DURATION = 10000
|
|
88
|
+
TOKEN_EXCHANGE_PERMITTED = false
|
|
88
89
|
EXTENSION = Authlete::Model::ClientExtension.new(
|
|
89
90
|
requestableScopes: REQUESTABLE_SCOPES,
|
|
90
91
|
requestableScopesEnabled: REQUESTABLE_SCOPES_ENABLED,
|
|
91
92
|
accessTokenDuration: ACCESS_TOKEN_DURATION,
|
|
92
|
-
refreshTokenDuration: REFRESH_TOKEN_DURATION
|
|
93
|
+
refreshTokenDuration: REFRESH_TOKEN_DURATION,
|
|
94
|
+
tokenExchangePermitted: TOKEN_EXCHANGE_PERMITTED
|
|
93
95
|
)
|
|
94
96
|
TLS_CLIENT_AUTH_SUBJECT_DN = '<tls-client-auth-subject-dn>'
|
|
95
97
|
TLS_CLIENT_AUTH_SAN_DNS = '<tls-client-auth-san-dns>'
|
|
@@ -177,7 +179,8 @@ class ClientTest < Minitest::Test
|
|
|
177
179
|
"requestableScopes": [ "<requestable-scope0>", "<requestable-scope1>" ],
|
|
178
180
|
"requestableScopesEnabled": true,
|
|
179
181
|
"accessTokenDuration": 10000,
|
|
180
|
-
"refreshTokenDuration": 10000
|
|
182
|
+
"refreshTokenDuration": 10000,
|
|
183
|
+
"tokenExchangePermitted": false
|
|
181
184
|
},
|
|
182
185
|
"tlsClientAuthSubjectDn": "<tls-client-auth-subject-dn>",
|
|
183
186
|
"tlsClientAuthSanDns": "<tls-client-auth-san-dns>",
|
|
@@ -266,7 +269,8 @@ class ClientTest < Minitest::Test
|
|
|
266
269
|
requestableScopes: [ '<requestable-scope0>', '<requestable-scope1>' ],
|
|
267
270
|
requestableScopesEnabled: true,
|
|
268
271
|
accessTokenDuration: 10000,
|
|
269
|
-
refreshTokenDuration: 10000
|
|
272
|
+
refreshTokenDuration: 10000,
|
|
273
|
+
tokenExchangePermitted: false
|
|
270
274
|
},
|
|
271
275
|
tlsClientAuthSubjectDn: '<tls-client-auth-subject-dn>',
|
|
272
276
|
tlsClientAuthSanDns: '<tls-client-auth-san-dns>',
|
|
@@ -440,6 +444,7 @@ class ClientTest < Minitest::Test
|
|
|
440
444
|
assert_equal REQUESTABLE_SCOPES_ENABLED, obj.extension.requestableScopesEnabled
|
|
441
445
|
assert_equal ACCESS_TOKEN_DURATION, obj.extension.accessTokenDuration
|
|
442
446
|
assert_equal REFRESH_TOKEN_DURATION, obj.extension.refreshTokenDuration
|
|
447
|
+
assert_equal TOKEN_EXCHANGE_PERMITTED, obj.extension.tokenExchangePermitted
|
|
443
448
|
assert_equal TLS_CLIENT_AUTH_SUBJECT_DN, obj.tlsClientAuthSubjectDn
|
|
444
449
|
assert_equal TLS_CLIENT_AUTH_SAN_DNS, obj.tlsClientAuthSanDns
|
|
445
450
|
assert_equal TLS_CLIENT_AUTH_SAN_URI, obj.tlsClientAuthSanUri
|
|
@@ -183,7 +183,9 @@ class ServiceTest < Minitest::Test
|
|
|
183
183
|
TRUST_ANCHOR_ENTITY_ID = '<entity-id>'
|
|
184
184
|
TRUST_ANCHOR_JWKS = '<jwks>'
|
|
185
185
|
TRUST_ANCHORS = [ Authlete::Model::TrustAnchor.new(entityId: TRUST_ANCHOR_ENTITY_ID, jwks: TRUST_ANCHOR_JWKS) ]
|
|
186
|
-
|
|
186
|
+
TOKEN_EXCHANGE_BY_IDENTIFIABLE_CLIENTS_ONLY = false
|
|
187
|
+
TOKEN_EXCHANGE_BY_CONFIDENTIAL_CLIENTS_ONLY = false
|
|
188
|
+
TOKEN_EXCHANGE_BY_PERMITTED_CLIENTS_ONLY = false
|
|
187
189
|
|
|
188
190
|
def generate_json
|
|
189
191
|
return <<~JSON
|
|
@@ -326,7 +328,10 @@ class ServiceTest < Minitest::Test
|
|
|
326
328
|
"signedJwksUri": "<signed-jwks-uri>",
|
|
327
329
|
"federationRegistrationEndpoint": "<federation-registration-endpoint>",
|
|
328
330
|
"supportedClientRegistrationTypes": [ "AUTOMATIC", "EXPLICIT"],
|
|
329
|
-
"trustAnchors": [{ "entityId": "<entity-id>", "jwks": "<jwks>" }]
|
|
331
|
+
"trustAnchors": [{ "entityId": "<entity-id>", "jwks": "<jwks>" }],
|
|
332
|
+
"tokenExchangeByIdentifiableClientsOnly": false,
|
|
333
|
+
"tokenExchangeByConfidentialClientsOnly": false,
|
|
334
|
+
"tokenExchangeByPermittedClientsOnly": false
|
|
330
335
|
}
|
|
331
336
|
JSON
|
|
332
337
|
|
|
@@ -474,6 +479,9 @@ class ServiceTest < Minitest::Test
|
|
|
474
479
|
federationRegistrationEndpoint: '<federation-registration-endpoint>',
|
|
475
480
|
supportedClientRegistrationTypes: [ 'AUTOMATIC', 'EXPLICIT'],
|
|
476
481
|
trustAnchors: [{ entityId: "<entity-id>", jwks: "<jwks>" }],
|
|
482
|
+
tokenExchangeByIdentifiableClientsOnly: false,
|
|
483
|
+
tokenExchangeByConfidentialClientsOnly: false,
|
|
484
|
+
tokenExchangeByPermittedClientsOnly: false,
|
|
477
485
|
}
|
|
478
486
|
end
|
|
479
487
|
|
|
@@ -618,6 +626,9 @@ class ServiceTest < Minitest::Test
|
|
|
618
626
|
obj.federation_registration_endpoint = FEDERATION_REGISTRATION_ENDPOINT
|
|
619
627
|
obj.supported_client_registration_types = SUPPORTED_CLIENT_REGISTRATION_TYPES
|
|
620
628
|
obj.trust_anchors = TRUST_ANCHORS
|
|
629
|
+
obj.token_exchange_by_identifiable_clients_only = TOKEN_EXCHANGE_BY_IDENTIFIABLE_CLIENTS_ONLY
|
|
630
|
+
obj.token_exchange_by_confidential_clients_only = TOKEN_EXCHANGE_BY_CONFIDENTIAL_CLIENTS_ONLY
|
|
631
|
+
obj.token_exchange_by_permitted_clients_only = TOKEN_EXCHANGE_BY_PERMITTED_CLIENTS_ONLY
|
|
621
632
|
end
|
|
622
633
|
|
|
623
634
|
|
|
@@ -776,6 +787,9 @@ class ServiceTest < Minitest::Test
|
|
|
776
787
|
assert_equal SUPPORTED_CLIENT_REGISTRATION_TYPES, obj.supported_client_registration_types
|
|
777
788
|
assert_equal TRUST_ANCHOR_ENTITY_ID, obj.trustAnchors[0].entityId
|
|
778
789
|
assert_equal TRUST_ANCHOR_JWKS, obj.trustAnchors[0].jwks
|
|
790
|
+
assert_equal TOKEN_EXCHANGE_BY_IDENTIFIABLE_CLIENTS_ONLY, obj.token_exchange_by_identifiable_clients_only
|
|
791
|
+
assert_equal TOKEN_EXCHANGE_BY_CONFIDENTIAL_CLIENTS_ONLY, obj.token_exchange_by_confidential_clients_only
|
|
792
|
+
assert_equal TOKEN_EXCHANGE_BY_PERMITTED_CLIENTS_ONLY, obj.token_exchange_by_permitted_clients_only
|
|
779
793
|
end
|
|
780
794
|
|
|
781
795
|
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: authlete
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.
|
|
4
|
+
version: 1.21.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Takahiko Kawasaki
|
|
@@ -9,7 +9,7 @@ authors:
|
|
|
9
9
|
autorequire:
|
|
10
10
|
bindir: bin
|
|
11
11
|
cert_chain: []
|
|
12
|
-
date: 2022-07-
|
|
12
|
+
date: 2022-07-25 00:00:00.000000000 Z
|
|
13
13
|
dependencies:
|
|
14
14
|
- !ruby/object:Gem::Dependency
|
|
15
15
|
name: rest-client
|