cf-uaac 4.15.0 → 4.16.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.github/workflows/ruby.yml +1 -1
- data/cf-uaac.gemspec +1 -1
- data/lib/uaa/cli/token.rb +17 -10
- data/version.txt +1 -1
- metadata +4 -4
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 276b109b1fa40107102c91b342869bf30767a3ee9f7be7aaf480c801d923b2fc
|
4
|
+
data.tar.gz: 81c401c741ae0092cbb997df969a6b0435080fde6dc876235ca2b8b115e46a63
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: '0888529f04a01b043f6d552f366d32b873e9e715c6b78c14173cc6b96ae31da930c339209c5940023a150c165c1fcc7486311c23e1c2080a81226cd6f80e1dfa'
|
7
|
+
data.tar.gz: c9daacd917c2bdb037a2e0876368eaaabae0c41446c8b005e0a6728ad282f2c8141c184f4200b2982069f20030168dc064cca07c2a15a544b7822887b8ea2c8b
|
data/.github/workflows/ruby.yml
CHANGED
data/cf-uaac.gemspec
CHANGED
@@ -31,7 +31,7 @@ Gem::Specification.new do |s|
|
|
31
31
|
s.require_paths = ['lib']
|
32
32
|
|
33
33
|
# dependencies
|
34
|
-
s.add_runtime_dependency 'cf-uaa-lib', '~> 4.0'
|
34
|
+
s.add_runtime_dependency 'cf-uaa-lib', '~> 4.0.3'
|
35
35
|
s.add_development_dependency 'rake', '~> 13.0'
|
36
36
|
s.add_development_dependency 'rspec', '~> 3.12'
|
37
37
|
s.add_development_dependency 'simplecov', '~> 0.22.0'
|
data/lib/uaa/cli/token.rb
CHANGED
@@ -23,11 +23,14 @@ class TokenCatcher < Stub::Base
|
|
23
23
|
def process_grant(data)
|
24
24
|
server.logger.debug "processing grant for path #{request.path}"
|
25
25
|
secret = server.info.delete(:client_secret)
|
26
|
+
do_authcode = server.info.delete(:do_authcode)
|
26
27
|
ti = TokenIssuer.new(Config.target, server.info.delete(:client_id), secret,
|
27
28
|
{ token_target: Config.target_value(:token_target),
|
28
29
|
basic_auth: Config.target_value(:basic_auth),
|
30
|
+
use_pkce: true,
|
31
|
+
code_verifier: server.info.delete(:code_verifier),
|
29
32
|
skip_ssl_validation: Config.target_value(:skip_ssl_validation)})
|
30
|
-
tkn =
|
33
|
+
tkn = do_authcode ? ti.authcode_grant(server.info.delete(:uri), data) :
|
31
34
|
ti.implicit_grant(server.info.delete(:uri), data)
|
32
35
|
server.info.update(token_info: tkn.info)
|
33
36
|
reply.text "you are now logged in and can close this window"
|
@@ -87,11 +90,13 @@ class TokenCli < CommonCli
|
|
87
90
|
did_save
|
88
91
|
end
|
89
92
|
|
90
|
-
def issuer_request(client_id, secret = nil)
|
93
|
+
def issuer_request(client_id, secret = nil, code_verifier = nil)
|
91
94
|
update_target_info
|
92
95
|
yield TokenIssuer.new(Config.target.to_s, client_id, secret,
|
93
96
|
{ token_target: Config.target_value(:token_endpoint),
|
94
97
|
basic_auth: Config.target_value(:basic_auth),
|
98
|
+
use_pkce: true,
|
99
|
+
code_verifier: code_verifier,
|
95
100
|
skip_ssl_validation: Config.target_value(:skip_ssl_validation),
|
96
101
|
ssl_ca_file: Config.target_value(:ca_cert) })
|
97
102
|
rescue Exception => e
|
@@ -159,24 +164,26 @@ class TokenCli < CommonCli
|
|
159
164
|
CF_TOKEN_FILE = File.join ENV["HOME"], ".cf_token"
|
160
165
|
CF_TARGET_FILE = File.join ENV["HOME"], ".cf_target"
|
161
166
|
|
162
|
-
def use_browser(client_id, secret = nil)
|
167
|
+
def use_browser(client_id, secret = nil, grant = nil)
|
168
|
+
do_authcode = (not grant.nil?) && (grant == 'authcode')
|
169
|
+
code_verifier = SecureRandom.base64(96).tr("+/", "-_").tr("=", "")
|
163
170
|
catcher = Stub::Server.new(TokenCatcher,
|
164
171
|
logger: Util.default_logger(debug? ? :debug : trace? ? :trace : :info),
|
165
|
-
info: {client_id: client_id, client_secret: secret},
|
172
|
+
info: {client_id: client_id, client_secret: secret, code_verifier: code_verifier, do_authcode: do_authcode},
|
166
173
|
port: opts[:port]).run_on_thread
|
167
|
-
uri = issuer_request(client_id, secret) { |ti|
|
168
|
-
|
174
|
+
uri = issuer_request(client_id, secret, code_verifier) { |ti|
|
175
|
+
do_authcode ? ti.authcode_uri("#{catcher.url}/authcode", opts[:scope]) :
|
169
176
|
ti.implicit_uri("#{catcher.url}/callback", opts[:scope])
|
170
177
|
}
|
171
178
|
return unless catcher.info[:uri] = uri
|
172
|
-
say "launching browser with #{uri}"
|
173
|
-
Launchy.open(uri, debug:
|
179
|
+
say " and launching browser with #{uri}"
|
180
|
+
Launchy.open(uri, debug: false, dry_run: false)
|
174
181
|
print "waiting for token "
|
175
182
|
while catcher.info[:uri] || !catcher.info[:token_info]
|
176
183
|
sleep 5
|
177
184
|
print "."
|
178
185
|
end
|
179
|
-
say_success(
|
186
|
+
say_success(do_authcode ? "authorization code" : "implicit") if set_context(catcher.info[:token_info])
|
180
187
|
return unless opts[:cf]
|
181
188
|
begin
|
182
189
|
cf_target = File.open(CF_TARGET_FILE, 'r') { |f| f.read.strip }
|
@@ -193,7 +200,7 @@ class TokenCli < CommonCli
|
|
193
200
|
define_option :port, "--port <number>", "pin internal server to specific port"
|
194
201
|
define_option :cf, "--[no-]cf", "save token in the ~/.cf_tokens file"
|
195
202
|
desc "token authcode get", "Gets a token using the authcode flow with browser",
|
196
|
-
:client, :secret, :scope, :cf, :port do use_browser(clientid,
|
203
|
+
:client, :secret, :scope, :cf, :port do use_browser(clientid, opts[:secret], 'authcode') end
|
197
204
|
|
198
205
|
desc "token implicit get", "Gets a token using the implicit flow with browser",
|
199
206
|
:client, :scope, :cf, :port do use_browser opts[:client] || "cf" end
|
data/version.txt
CHANGED
@@ -1 +1 @@
|
|
1
|
-
4.
|
1
|
+
4.16.0
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: cf-uaac
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 4.
|
4
|
+
version: 4.16.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Dave Syer
|
@@ -12,7 +12,7 @@ authors:
|
|
12
12
|
autorequire:
|
13
13
|
bindir: bin
|
14
14
|
cert_chain: []
|
15
|
-
date: 2023-
|
15
|
+
date: 2023-09-15 00:00:00.000000000 Z
|
16
16
|
dependencies:
|
17
17
|
- !ruby/object:Gem::Dependency
|
18
18
|
name: cf-uaa-lib
|
@@ -20,14 +20,14 @@ dependencies:
|
|
20
20
|
requirements:
|
21
21
|
- - "~>"
|
22
22
|
- !ruby/object:Gem::Version
|
23
|
-
version:
|
23
|
+
version: 4.0.3
|
24
24
|
type: :runtime
|
25
25
|
prerelease: false
|
26
26
|
version_requirements: !ruby/object:Gem::Requirement
|
27
27
|
requirements:
|
28
28
|
- - "~>"
|
29
29
|
- !ruby/object:Gem::Version
|
30
|
-
version:
|
30
|
+
version: 4.0.3
|
31
31
|
- !ruby/object:Gem::Dependency
|
32
32
|
name: rake
|
33
33
|
requirement: !ruby/object:Gem::Requirement
|