authlete 1.22.0 → 1.25.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/authlete/model/client.rb +13 -1
- data/lib/authlete/model/service.rb +30 -0
- data/lib/authlete/version.rb +1 -1
- data/test/authlete/model/test_client.rb +15 -5
- data/test/authlete/model/test_service.rb +26 -2
- metadata +2 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 79ece9b673c6fac13369ab9c416eb10bb32042187c6a715255aa4b57431a8e04
|
4
|
+
data.tar.gz: '079c970bf19094115267b90ec8bcb3bcba325344b1f5fbe1cd57dea9961f7ca9'
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 1d5bf5c451530b58976fa7cacccd92bb3b5783789ad3dea8d20acc5b5efada2138a3bb7874eaffab2b82b22de9e859d6b10f25ae95b608ae0b5b7c71d0f528c0
|
7
|
+
data.tar.gz: d79415db8c6cdc3e2b595f7e7848af757f260658eef5329533bef8c6019921070ee3ab589534222fc6284ebb747e363d9b32f7e44fd77073ce3713761b0a0acd
|
@@ -312,6 +312,14 @@ module Authlete
|
|
312
312
|
attr_accessor :singleAccessTokenPerSubject
|
313
313
|
alias_method :single_access_token_per_subject, :singleAccessTokenPerSubject
|
314
314
|
alias_method :single_access_token_per_subject=, :singleAccessTokenPerSubject=
|
315
|
+
|
316
|
+
attr_accessor :pkceRequired
|
317
|
+
alias_method :pkce_required, :pkceRequired
|
318
|
+
alias_method :pkce_required=, :pkceRequired=
|
319
|
+
|
320
|
+
attr_accessor :pkceS256Required
|
321
|
+
alias_method :pkce_s256_required, :pkceS256Required
|
322
|
+
alias_method :pkce_s256_required=, :pkceS256Required=
|
315
323
|
private
|
316
324
|
|
317
325
|
def defaults
|
@@ -392,7 +400,9 @@ module Authlete
|
|
392
400
|
requestObjectEncryptionAlgMatchRequired: false,
|
393
401
|
requestObjectEncryptionEncMatchRequired: false,
|
394
402
|
digestAlgorithm: nil,
|
395
|
-
singleAccessTokenPerSubject: false
|
403
|
+
singleAccessTokenPerSubject: false,
|
404
|
+
pkceRequired: false,
|
405
|
+
pkceS256Required: false,
|
396
406
|
}
|
397
407
|
end
|
398
408
|
|
@@ -474,6 +484,8 @@ module Authlete
|
|
474
484
|
@requestObjectEncryptionEncMatchRequired = hash[:requestObjectEncryptionEncMatchRequired]
|
475
485
|
@digestAlgorithm = hash[:digestAlgorithm]
|
476
486
|
@singleAccessTokenPerSubject = hash[:singleAccessTokenPerSubject]
|
487
|
+
@pkceRequired = hash[:pkceRequired]
|
488
|
+
@pkceS256Required = hash[:pkceS256Required]
|
477
489
|
end
|
478
490
|
|
479
491
|
def to_hash_value(key, var)
|
@@ -583,6 +583,26 @@ module Authlete
|
|
583
583
|
alias_method :token_exchange_unsigned_jwt_rejected, :tokenExchangeUnsignedJwtRejected
|
584
584
|
alias_method :token_exchange_unsigned_jwt_rejected=, :tokenExchangeUnsignedJwtRejected=
|
585
585
|
|
586
|
+
attr_accessor :jwtGrantByIdentifiableClientsOnly
|
587
|
+
alias_method :jwt_grant_by_identifiable_clients_only, :jwtGrantByIdentifiableClientsOnly
|
588
|
+
alias_method :jwt_grant_by_identifiable_clients_only=, :jwtGrantByIdentifiableClientsOnly=
|
589
|
+
|
590
|
+
attr_accessor :jwtGrantEncryptedJwtRejected
|
591
|
+
alias_method :jwt_grant_encrypted_jwt_rejected, :jwtGrantEncryptedJwtRejected
|
592
|
+
alias_method :jwt_grant_encrypted_jwt_rejected=, :jwtGrantEncryptedJwtRejected=
|
593
|
+
|
594
|
+
attr_accessor :jwtGrantUnsignedJwtRejected
|
595
|
+
alias_method :jwt_grant_unsigned_jwt_rejected, :jwtGrantUnsignedJwtRejected
|
596
|
+
alias_method :jwt_grant_unsigned_jwt_rejected=, :jwtGrantUnsignedJwtRejected=
|
597
|
+
|
598
|
+
attr_accessor :federationSignatureKeyId
|
599
|
+
alias_method :federation_signature_key_id, :federationSignatureKeyId
|
600
|
+
alias_method :federation_signature_key_id=, :federationSignatureKeyId=
|
601
|
+
|
602
|
+
attr_accessor :federationConfigurationDuration
|
603
|
+
alias_method :federation_configuration_duration, :federationConfigurationDuration
|
604
|
+
alias_method :federation_configuration_duration=, :federationConfigurationDuration=
|
605
|
+
|
586
606
|
private
|
587
607
|
|
588
608
|
def defaults
|
@@ -731,6 +751,11 @@ module Authlete
|
|
731
751
|
tokenExchangeByPermittedClientsOnly: false,
|
732
752
|
tokenExchangeEncryptedJwtRejected: false,
|
733
753
|
tokenExchangeUnsignedJwtRejected: false,
|
754
|
+
jwtGrantByIdentifiableClientsOnly: false,
|
755
|
+
jwtGrantEncryptedJwtRejected: false,
|
756
|
+
jwtGrantUnsignedJwtRejected: false,
|
757
|
+
federationSignatureKeyId: nil,
|
758
|
+
federationConfigurationDuration: 0,
|
734
759
|
}
|
735
760
|
end
|
736
761
|
|
@@ -879,6 +904,11 @@ module Authlete
|
|
879
904
|
@tokenExchangeByPermittedClientsOnly = hash[:tokenExchangeByPermittedClientsOnly]
|
880
905
|
@tokenExchangeEncryptedJwtRejected = hash[:tokenExchangeEncryptedJwtRejected]
|
881
906
|
@tokenExchangeUnsignedJwtRejected = hash[:tokenExchangeUnsignedJwtRejected]
|
907
|
+
@jwtGrantByIdentifiableClientsOnly = hash[:jwtGrantByIdentifiableClientsOnly]
|
908
|
+
@jwtGrantEncryptedJwtRejected = hash[:jwtGrantEncryptedJwtRejected]
|
909
|
+
@jwtGrantUnsignedJwtRejected = hash[:jwtGrantUnsignedJwtRejected]
|
910
|
+
@federationSignatureKeyId = hash[:federationSignatureKeyId]
|
911
|
+
@federationConfigurationDuration = hash[:federationConfigurationDuration]
|
882
912
|
|
883
913
|
end
|
884
914
|
|
data/lib/authlete/version.rb
CHANGED
@@ -123,6 +123,8 @@ class ClientTest < Minitest::Test
|
|
123
123
|
REQUEST_OBJECT_ENCRYPTION_ENC_MATCH_REQUIRED = false
|
124
124
|
DIGEST_ALGORITHM = '<digest-algorithm>'
|
125
125
|
SINGLE_ACCESS_TOKEN_PER_SUBJECT = false
|
126
|
+
PKCE_REQUIRED = false
|
127
|
+
PKCE_S256_REQUIRED = false
|
126
128
|
|
127
129
|
def generate_json
|
128
130
|
return <<~JSON
|
@@ -209,11 +211,13 @@ class ClientTest < Minitest::Test
|
|
209
211
|
"requestObjectEncryptionAlgMatchRequired": false,
|
210
212
|
"requestObjectEncryptionEncMatchRequired": false,
|
211
213
|
"digestAlgorithm": "<digest-algorithm>",
|
212
|
-
"singleAccessTokenPerSubject": false
|
214
|
+
"singleAccessTokenPerSubject": false,
|
215
|
+
"pkceRequired": false,
|
216
|
+
"pkceS256Required": false
|
213
217
|
}
|
214
|
-
|
215
|
-
|
216
|
-
|
218
|
+
JSON
|
219
|
+
end
|
220
|
+
|
217
221
|
|
218
222
|
def generate_hash
|
219
223
|
{
|
@@ -299,7 +303,9 @@ class ClientTest < Minitest::Test
|
|
299
303
|
requestObjectEncryptionAlgMatchRequired: false,
|
300
304
|
requestObjectEncryptionEncMatchRequired: false,
|
301
305
|
digestAlgorithm: '<digest-algorithm>',
|
302
|
-
singleAccessTokenPerSubject: false
|
306
|
+
singleAccessTokenPerSubject: false,
|
307
|
+
pkceRequired: false,
|
308
|
+
pkceS256Required: false,
|
303
309
|
}
|
304
310
|
end
|
305
311
|
|
@@ -382,6 +388,8 @@ class ClientTest < Minitest::Test
|
|
382
388
|
obj.requestObjectEncryptionEncMatchRequired = REQUEST_OBJECT_ENCRYPTION_ENC_MATCH_REQUIRED
|
383
389
|
obj.digestAlgorithm = DIGEST_ALGORITHM
|
384
390
|
obj.singleAccessTokenPerSubject = SINGLE_ACCESS_TOKEN_PER_SUBJECT
|
391
|
+
obj.pkceRequired = PKCE_REQUIRED
|
392
|
+
obj.pkceS256Required = PKCE_S256_REQUIRED
|
385
393
|
end
|
386
394
|
|
387
395
|
|
@@ -472,6 +480,8 @@ class ClientTest < Minitest::Test
|
|
472
480
|
assert_equal REQUEST_OBJECT_ENCRYPTION_ENC_MATCH_REQUIRED, obj.requestObjectEncryptionEncMatchRequired
|
473
481
|
assert_equal DIGEST_ALGORITHM, obj.digestAlgorithm
|
474
482
|
assert_equal SINGLE_ACCESS_TOKEN_PER_SUBJECT, obj.singleAccessTokenPerSubject
|
483
|
+
assert_equal PKCE_REQUIRED, obj.pkceRequired
|
484
|
+
assert_equal PKCE_S256_REQUIRED, obj.pkceS256Required
|
475
485
|
end
|
476
486
|
|
477
487
|
|
@@ -188,6 +188,11 @@ class ServiceTest < Minitest::Test
|
|
188
188
|
TOKEN_EXCHANGE_BY_PERMITTED_CLIENTS_ONLY = false
|
189
189
|
TOKEN_EXCHANGE_ENCRYPTED_JWT_REJECTED = false
|
190
190
|
TOKEN_EXCHANGE_UNSIGNED_JWT_REJECTED = false
|
191
|
+
JWT_GRANT_BY_IDENTIFIABLE_CLIENTS_ONLY = false
|
192
|
+
JWT_GRANT_ENCRYPTED_JWT_REJECTED = false
|
193
|
+
JWT_GRANT_UNSIGNED_JWT_REJECTED = false
|
194
|
+
FEDERATION_SIGNATURE_KEY_ID = '<federation-signature-key-id>'
|
195
|
+
FEDERATION_CONFIGURATION_DURATION = 100
|
191
196
|
|
192
197
|
def generate_json
|
193
198
|
return <<~JSON
|
@@ -335,7 +340,12 @@ class ServiceTest < Minitest::Test
|
|
335
340
|
"tokenExchangeByConfidentialClientsOnly": false,
|
336
341
|
"tokenExchangeByPermittedClientsOnly": false,
|
337
342
|
"tokenExchangeEncryptedJwtRejected": false,
|
338
|
-
"tokenExchangeUnsignedJwtRejected": false
|
343
|
+
"tokenExchangeUnsignedJwtRejected": false,
|
344
|
+
"jwtGrantByIdentifiableClientsOnly": false,
|
345
|
+
"jwtGrantEncryptedJwtRejected": false,
|
346
|
+
"jwtGrantUnsignedJwtRejected": false,
|
347
|
+
"federationSignatureKeyId": "<federation-signature-key-id>",
|
348
|
+
"federationConfigurationDuration": 100
|
339
349
|
}
|
340
350
|
JSON
|
341
351
|
|
@@ -488,6 +498,11 @@ class ServiceTest < Minitest::Test
|
|
488
498
|
tokenExchangeByPermittedClientsOnly: false,
|
489
499
|
tokenExchangeEncryptedJwtRejected: false,
|
490
500
|
tokenExchangeUnsignedJwtRejected: false,
|
501
|
+
jwtGrantByIdentifiableClientsOnly: false,
|
502
|
+
jwtGrantEncryptedJwtRejected: false,
|
503
|
+
jwtGrantUnsignedJwtRejected: false,
|
504
|
+
federationSignatureKeyId: '<federation-signature-key-id>',
|
505
|
+
federationConfigurationDuration: 100
|
491
506
|
}
|
492
507
|
end
|
493
508
|
|
@@ -635,9 +650,13 @@ class ServiceTest < Minitest::Test
|
|
635
650
|
obj.token_exchange_by_identifiable_clients_only = TOKEN_EXCHANGE_BY_IDENTIFIABLE_CLIENTS_ONLY
|
636
651
|
obj.token_exchange_by_confidential_clients_only = TOKEN_EXCHANGE_BY_CONFIDENTIAL_CLIENTS_ONLY
|
637
652
|
obj.token_exchange_by_permitted_clients_only = TOKEN_EXCHANGE_BY_PERMITTED_CLIENTS_ONLY
|
653
|
+
obj.jwt_grant_by_identifiable_clients_only = JWT_GRANT_BY_IDENTIFIABLE_CLIENTS_ONLY
|
654
|
+
obj.jwt_grant_encrypted_jwt_rejected = JWT_GRANT_ENCRYPTED_JWT_REJECTED
|
655
|
+
obj.jwt_grant_unsigned_jwt_rejected = JWT_GRANT_UNSIGNED_JWT_REJECTED
|
656
|
+
obj.federation_signature_key_id = FEDERATION_SIGNATURE_KEY_ID
|
657
|
+
obj.federation_configuration_duration = FEDERATION_CONFIGURATION_DURATION
|
638
658
|
end
|
639
659
|
|
640
|
-
|
641
660
|
def match(obj)
|
642
661
|
assert_equal NUMBER, obj.number
|
643
662
|
assert_equal SERVICE_OWNER_NUMBER, obj.serviceOwnerNumber
|
@@ -798,6 +817,11 @@ class ServiceTest < Minitest::Test
|
|
798
817
|
assert_equal TOKEN_EXCHANGE_BY_PERMITTED_CLIENTS_ONLY, obj.token_exchange_by_permitted_clients_only
|
799
818
|
assert_equal TOKEN_EXCHANGE_ENCRYPTED_JWT_REJECTED, obj.token_exchange_encrypted_jwt_rejected
|
800
819
|
assert_equal TOKEN_EXCHANGE_UNSIGNED_JWT_REJECTED, obj.token_exchange_unsigned_jwt_rejected
|
820
|
+
assert_equal JWT_GRANT_BY_IDENTIFIABLE_CLIENTS_ONLY, obj.jwtGrantByIdentifiableClientsOnly
|
821
|
+
assert_equal JWT_GRANT_ENCRYPTED_JWT_REJECTED, obj.jwtGrantEncryptedJwtRejected
|
822
|
+
assert_equal JWT_GRANT_UNSIGNED_JWT_REJECTED, obj.jwtGrantUnsignedJwtRejected
|
823
|
+
assert_equal FEDERATION_SIGNATURE_KEY_ID, obj.federationSignatureKeyId
|
824
|
+
assert_equal FEDERATION_CONFIGURATION_DURATION, obj.federationConfigurationDuration
|
801
825
|
end
|
802
826
|
|
803
827
|
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: authlete
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.
|
4
|
+
version: 1.25.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Takahiko Kawasaki
|
@@ -9,7 +9,7 @@ authors:
|
|
9
9
|
autorequire:
|
10
10
|
bindir: bin
|
11
11
|
cert_chain: []
|
12
|
-
date: 2022-
|
12
|
+
date: 2022-08-23 00:00:00.000000000 Z
|
13
13
|
dependencies:
|
14
14
|
- !ruby/object:Gem::Dependency
|
15
15
|
name: rest-client
|