authlete 1.21.0 → 1.24.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (7) hide show
  1. checksums.yaml +4 -4
  2. data/lib/authlete/model/client.rb +13 -1
  3. data/lib/authlete/model/service.rb +30 -0
  4. data/lib/authlete/version.rb +1 -1
  5. data/test/authlete/model/test_client.rb +15 -5
  6. data/test/authlete/model/test_service.rb +24 -1
  7. metadata +2 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: aa7e3f6284c06767eef0769f49d23b45d814b05143e1e814851601d7b0fe4d4d
4
- data.tar.gz: 592b75c5d9b63bf1ce2b6e6043a60b2b5a349d8b93d54215e168bfb20b9bb4d5
3
+ metadata.gz: 26deda3ee39d63a3c94018735d82e3e2f49bb53e88e69650ac02e1944f461d10
4
+ data.tar.gz: da2ff9c8b30b51dd73f9247800980843b8416fce9130b69a8d8d1cd693e5c892
5
5
  SHA512:
6
- metadata.gz: 97116cc29a6312fc46f738b503b350b030cbdd7bd28c33fdab6d0761ec5774244472bf3bb4400bfd0457caf0fe16a6c1bb9480fcf22d0929b21202581bda856d
7
- data.tar.gz: b1df3677a66b7cd5526405c7a71d024753ecba058a4152aa9f4a68e020bc4483cd705aecb68ced4c7796bf137be3799380268074277a2ac42c12a070d54a3622
6
+ metadata.gz: 4301023dc6242a227432e9d65a0769b915cb0d327b3b22627fa5023147085f9b301bf1f04a43c3093f0a011bed5be5fef29a4b47eda34428825451a797719476
7
+ data.tar.gz: ee39ea5c34a9095f9316dd7544d3e0697b495bbe02520129eef46a6c34b255b4a44936aaaa70b2382d5d3ea60f36d8bd9f8a401bbd6c13af48a918ef03e408b5
data/lib/authlete/model/client.rb CHANGED
@@ -312,6 +312,14 @@ module Authlete
312
312
  attr_accessor :singleAccessTokenPerSubject
313
313
  alias_method :single_access_token_per_subject, :singleAccessTokenPerSubject
314
314
  alias_method :single_access_token_per_subject=, :singleAccessTokenPerSubject=
315
+
316
+ attr_accessor :pkceRequired
317
+ alias_method :pkce_required, :pkceRequired
318
+ alias_method :pkce_required=, :pkceRequired=
319
+
320
+ attr_accessor :pkceS256Required
321
+ alias_method :pkce_s256_required, :pkceS256Required
322
+ alias_method :pkce_s256_required=, :pkceS256Required=
315
323
  private
316
324
 
317
325
  def defaults
@@ -392,7 +400,9 @@ module Authlete
392
400
  requestObjectEncryptionAlgMatchRequired: false,
393
401
  requestObjectEncryptionEncMatchRequired: false,
394
402
  digestAlgorithm: nil,
395
- singleAccessTokenPerSubject: false
403
+ singleAccessTokenPerSubject: false,
404
+ pkceRequired: false,
405
+ pkceS256Required: false,
396
406
  }
397
407
  end
398
408
 
@@ -474,6 +484,8 @@ module Authlete
474
484
  @requestObjectEncryptionEncMatchRequired = hash[:requestObjectEncryptionEncMatchRequired]
475
485
  @digestAlgorithm = hash[:digestAlgorithm]
476
486
  @singleAccessTokenPerSubject = hash[:singleAccessTokenPerSubject]
487
+ @pkceRequired = hash[:pkceRequired]
488
+ @pkceS256Required = hash[:pkceS256Required]
477
489
  end
478
490
 
479
491
  def to_hash_value(key, var)
data/lib/authlete/model/service.rb CHANGED
@@ -575,6 +575,26 @@ module Authlete
575
575
  alias_method :token_exchange_by_permitted_clients_only, :tokenExchangeByPermittedClientsOnly
576
576
  alias_method :token_exchange_by_permitted_clients_only=, :tokenExchangeByPermittedClientsOnly=
577
577
 
578
+ attr_accessor :tokenExchangeEncryptedJwtRejected
579
+ alias_method :token_exchange_encrypted_jwt_rejected, :tokenExchangeEncryptedJwtRejected
580
+ alias_method :token_exchange_encrypted_jwt_rejected=, :tokenExchangeEncryptedJwtRejected=
581
+
582
+ attr_accessor :tokenExchangeUnsignedJwtRejected
583
+ alias_method :token_exchange_unsigned_jwt_rejected, :tokenExchangeUnsignedJwtRejected
584
+ alias_method :token_exchange_unsigned_jwt_rejected=, :tokenExchangeUnsignedJwtRejected=
585
+
586
+ attr_accessor :jwtGrantByIdentifiableClientsOnly
587
+ alias_method :jwt_grant_by_identifiable_clients_only, :jwtGrantByIdentifiableClientsOnly
588
+ alias_method :jwt_grant_by_identifiable_clients_only=, :jwtGrantByIdentifiableClientsOnly=
589
+
590
+ attr_accessor :jwtGrantEncryptedJwtRejected
591
+ alias_method :jwt_grant_encrypted_jwt_rejected, :jwtGrantEncryptedJwtRejected
592
+ alias_method :jwt_grant_encrypted_jwt_rejected=, :jwtGrantEncryptedJwtRejected=
593
+
594
+ attr_accessor :jwtGrantUnsignedJwtRejected
595
+ alias_method :jwt_grant_unsigned_jwt_rejected, :jwtGrantUnsignedJwtRejected
596
+ alias_method :jwt_grant_unsigned_jwt_rejected=, :jwtGrantUnsignedJwtRejected=
597
+
578
598
  private
579
599
 
580
600
  def defaults
@@ -721,6 +741,11 @@ module Authlete
721
741
  tokenExchangeByIdentifiableClientsOnly: false,
722
742
  tokenExchangeByConfidentialClientsOnly: false,
723
743
  tokenExchangeByPermittedClientsOnly: false,
744
+ tokenExchangeEncryptedJwtRejected: false,
745
+ tokenExchangeUnsignedJwtRejected: false,
746
+ jwtGrantByIdentifiableClientsOnly: false,
747
+ jwtGrantEncryptedJwtRejected: false,
748
+ jwtGrantUnsignedJwtRejected: false,
724
749
  }
725
750
  end
726
751
 
@@ -867,6 +892,11 @@ module Authlete
867
892
  @tokenExchangeByIdentifiableClientsOnly = hash[:tokenExchangeByIdentifiableClientsOnly]
868
893
  @tokenExchangeByConfidentialClientsOnly = hash[:tokenExchangeByConfidentialClientsOnly]
869
894
  @tokenExchangeByPermittedClientsOnly = hash[:tokenExchangeByPermittedClientsOnly]
895
+ @tokenExchangeEncryptedJwtRejected = hash[:tokenExchangeEncryptedJwtRejected]
896
+ @tokenExchangeUnsignedJwtRejected = hash[:tokenExchangeUnsignedJwtRejected]
897
+ @jwtGrantByIdentifiableClientsOnly = hash[:jwtGrantByIdentifiableClientsOnly]
898
+ @jwtGrantEncryptedJwtRejected = hash[:jwtGrantEncryptedJwtRejected]
899
+ @jwtGrantUnsignedJwtRejected = hash[:jwtGrantUnsignedJwtRejected]
870
900
 
871
901
  end
872
902
 
data/lib/authlete/version.rb CHANGED
@@ -16,5 +16,5 @@
16
16
 
17
17
 
18
18
  module Authlete
19
- VERSION = "1.21.0"
19
+ VERSION = "1.24.0"
20
20
  end
data/test/authlete/model/test_client.rb CHANGED
@@ -123,6 +123,8 @@ class ClientTest < Minitest::Test
123
123
  REQUEST_OBJECT_ENCRYPTION_ENC_MATCH_REQUIRED = false
124
124
  DIGEST_ALGORITHM = '<digest-algorithm>'
125
125
  SINGLE_ACCESS_TOKEN_PER_SUBJECT = false
126
+ PKCE_REQUIRED = false
127
+ PKCE_S256_REQUIRED = false
126
128
 
127
129
  def generate_json
128
130
  return <<~JSON
@@ -209,11 +211,13 @@ class ClientTest < Minitest::Test
209
211
  "requestObjectEncryptionAlgMatchRequired": false,
210
212
  "requestObjectEncryptionEncMatchRequired": false,
211
213
  "digestAlgorithm": "<digest-algorithm>",
212
- "singleAccessTokenPerSubject": false
214
+ "singleAccessTokenPerSubject": false,
215
+ "pkceRequired": false,
216
+ "pkceS256Required": false
213
217
  }
214
- JSON
215
- end
216
-
218
+ JSON
219
+ end
220
+
217
221
 
218
222
  def generate_hash
219
223
  {
@@ -299,7 +303,9 @@ class ClientTest < Minitest::Test
299
303
  requestObjectEncryptionAlgMatchRequired: false,
300
304
  requestObjectEncryptionEncMatchRequired: false,
301
305
  digestAlgorithm: '<digest-algorithm>',
302
- singleAccessTokenPerSubject: false
306
+ singleAccessTokenPerSubject: false,
307
+ pkceRequired: false,
308
+ pkceS256Required: false,
303
309
  }
304
310
  end
305
311
 
@@ -382,6 +388,8 @@ class ClientTest < Minitest::Test
382
388
  obj.requestObjectEncryptionEncMatchRequired = REQUEST_OBJECT_ENCRYPTION_ENC_MATCH_REQUIRED
383
389
  obj.digestAlgorithm = DIGEST_ALGORITHM
384
390
  obj.singleAccessTokenPerSubject = SINGLE_ACCESS_TOKEN_PER_SUBJECT
391
+ obj.pkceRequired = PKCE_REQUIRED
392
+ obj.pkceS256Required = PKCE_S256_REQUIRED
385
393
  end
386
394
 
387
395
 
@@ -472,6 +480,8 @@ class ClientTest < Minitest::Test
472
480
  assert_equal REQUEST_OBJECT_ENCRYPTION_ENC_MATCH_REQUIRED, obj.requestObjectEncryptionEncMatchRequired
473
481
  assert_equal DIGEST_ALGORITHM, obj.digestAlgorithm
474
482
  assert_equal SINGLE_ACCESS_TOKEN_PER_SUBJECT, obj.singleAccessTokenPerSubject
483
+ assert_equal PKCE_REQUIRED, obj.pkceRequired
484
+ assert_equal PKCE_S256_REQUIRED, obj.pkceS256Required
475
485
  end
476
486
 
477
487
 
data/test/authlete/model/test_service.rb CHANGED
@@ -186,6 +186,11 @@ class ServiceTest < Minitest::Test
186
186
  TOKEN_EXCHANGE_BY_IDENTIFIABLE_CLIENTS_ONLY = false
187
187
  TOKEN_EXCHANGE_BY_CONFIDENTIAL_CLIENTS_ONLY = false
188
188
  TOKEN_EXCHANGE_BY_PERMITTED_CLIENTS_ONLY = false
189
+ TOKEN_EXCHANGE_ENCRYPTED_JWT_REJECTED = false
190
+ TOKEN_EXCHANGE_UNSIGNED_JWT_REJECTED = false
191
+ JWT_GRANT_BY_IDENTIFIABLE_CLIENTS_ONLY = false
192
+ JWT_GRANT_ENCRYPTED_JWT_REJECTED = false
193
+ JWT_GRANT_UNSIGNED_JWT_REJECTED = false
189
194
 
190
195
  def generate_json
191
196
  return <<~JSON
@@ -331,7 +336,12 @@ class ServiceTest < Minitest::Test
331
336
  "trustAnchors": [{ "entityId": "<entity-id>", "jwks": "<jwks>" }],
332
337
  "tokenExchangeByIdentifiableClientsOnly": false,
333
338
  "tokenExchangeByConfidentialClientsOnly": false,
334
- "tokenExchangeByPermittedClientsOnly": false
339
+ "tokenExchangeByPermittedClientsOnly": false,
340
+ "tokenExchangeEncryptedJwtRejected": false,
341
+ "tokenExchangeUnsignedJwtRejected": false,
342
+ "jwtGrantByIdentifiableClientsOnly": false,
343
+ "jwtGrantEncryptedJwtRejected": false,
344
+ "jwtGrantUnsignedJwtRejected": false
335
345
  }
336
346
  JSON
337
347
 
@@ -482,6 +492,11 @@ class ServiceTest < Minitest::Test
482
492
  tokenExchangeByIdentifiableClientsOnly: false,
483
493
  tokenExchangeByConfidentialClientsOnly: false,
484
494
  tokenExchangeByPermittedClientsOnly: false,
495
+ tokenExchangeEncryptedJwtRejected: false,
496
+ tokenExchangeUnsignedJwtRejected: false,
497
+ jwtGrantByIdentifiableClientsOnly: false,
498
+ jwtGrantEncryptedJwtRejected: false,
499
+ jwtGrantUnsignedJwtRejected: false
485
500
  }
486
501
  end
487
502
 
@@ -629,6 +644,9 @@ class ServiceTest < Minitest::Test
629
644
  obj.token_exchange_by_identifiable_clients_only = TOKEN_EXCHANGE_BY_IDENTIFIABLE_CLIENTS_ONLY
630
645
  obj.token_exchange_by_confidential_clients_only = TOKEN_EXCHANGE_BY_CONFIDENTIAL_CLIENTS_ONLY
631
646
  obj.token_exchange_by_permitted_clients_only = TOKEN_EXCHANGE_BY_PERMITTED_CLIENTS_ONLY
647
+ obj.jwtGrantByIdentifiableClientsOnly = JWT_GRANT_BY_IDENTIFIABLE_CLIENTS_ONLY
648
+ obj.jwtGrantEncryptedJwtRejected = JWT_GRANT_ENCRYPTED_JWT_REJECTED
649
+ obj.jwtGrantUnsignedJwtRejected = JWT_GRANT_UNSIGNED_JWT_REJECTED
632
650
  end
633
651
 
634
652
 
@@ -790,6 +808,11 @@ class ServiceTest < Minitest::Test
790
808
  assert_equal TOKEN_EXCHANGE_BY_IDENTIFIABLE_CLIENTS_ONLY, obj.token_exchange_by_identifiable_clients_only
791
809
  assert_equal TOKEN_EXCHANGE_BY_CONFIDENTIAL_CLIENTS_ONLY, obj.token_exchange_by_confidential_clients_only
792
810
  assert_equal TOKEN_EXCHANGE_BY_PERMITTED_CLIENTS_ONLY, obj.token_exchange_by_permitted_clients_only
811
+ assert_equal TOKEN_EXCHANGE_ENCRYPTED_JWT_REJECTED, obj.token_exchange_encrypted_jwt_rejected
812
+ assert_equal TOKEN_EXCHANGE_UNSIGNED_JWT_REJECTED, obj.token_exchange_unsigned_jwt_rejected
813
+ assert_equal JWT_GRANT_BY_IDENTIFIABLE_CLIENTS_ONLY, obj.jwtGrantByIdentifiableClientsOnly
814
+ assert_equal JWT_GRANT_ENCRYPTED_JWT_REJECTED, obj.jwtGrantEncryptedJwtRejected
815
+ assert_equal JWT_GRANT_UNSIGNED_JWT_REJECTED, obj.jwtGrantUnsignedJwtRejected
793
816
  end
794
817
 
795
818
 
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: authlete
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.21.0
4
+ version: 1.24.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Takahiko Kawasaki
@@ -9,7 +9,7 @@ authors:
9
9
  autorequire:
10
10
  bindir: bin
11
11
  cert_chain: []
12
- date: 2022-07-25 00:00:00.000000000 Z
12
+ date: 2022-08-10 00:00:00.000000000 Z
13
13
  dependencies:
14
14
  - !ruby/object:Gem::Dependency
15
15
  name: rest-client