cf-uaac 4.15.0 → 4.16.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (6) hide show
  1. checksums.yaml +4 -4
  2. data/.github/workflows/ruby.yml +1 -1
  3. data/cf-uaac.gemspec +1 -1
  4. data/lib/uaa/cli/token.rb +17 -10
  5. data/version.txt +1 -1
  6. metadata +4 -4
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 3d94ad3cb51d11a269c37db22e0192eb3ad33beb11413994650db7a1eee96704
4
- data.tar.gz: c6a9d43f901ef43e146ae5ba1237b93c1e25cbc7c5e4df690afe37dba4f276b5
3
+ metadata.gz: 276b109b1fa40107102c91b342869bf30767a3ee9f7be7aaf480c801d923b2fc
4
+ data.tar.gz: 81c401c741ae0092cbb997df969a6b0435080fde6dc876235ca2b8b115e46a63
5
5
  SHA512:
6
- metadata.gz: 90dc3285e451dd7d435d7eada8edce46449dce10cea09415b58e80d37269867f265bd3b10485093e1e44604c5ab187633b7b4c9b561748a22f2b0ea8e1d036b8
7
- data.tar.gz: b8088a02f28b76a828df8e2a4a898b69dbce15db166a97fba76d3d881b7b378a0eceb19bbd378173db90e4f2267b6e3b465502d4d75fc83586df05a74e8ca338
6
+ metadata.gz: '0888529f04a01b043f6d552f366d32b873e9e715c6b78c14173cc6b96ae31da930c339209c5940023a150c165c1fcc7486311c23e1c2080a81226cd6f80e1dfa'
7
+ data.tar.gz: c9daacd917c2bdb037a2e0876368eaaabae0c41446c8b005e0a6728ad282f2c8141c184f4200b2982069f20030168dc064cca07c2a15a544b7822887b8ea2c8b
data/.github/workflows/ruby.yml CHANGED
@@ -16,7 +16,7 @@ jobs:
16
16
  ruby-version: ['2.5', '2.7', '3.0', '3.1', '3.2']
17
17
 
18
18
  steps:
19
- - uses: actions/checkout@v3
19
+ - uses: actions/checkout@v4
20
20
  - name: Set up Ruby
21
21
  uses: ruby/setup-ruby@v1
22
22
  with:
data/cf-uaac.gemspec CHANGED
@@ -31,7 +31,7 @@ Gem::Specification.new do |s|
31
31
  s.require_paths = ['lib']
32
32
 
33
33
  # dependencies
34
- s.add_runtime_dependency 'cf-uaa-lib', '~> 4.0'
34
+ s.add_runtime_dependency 'cf-uaa-lib', '~> 4.0.3'
35
35
  s.add_development_dependency 'rake', '~> 13.0'
36
36
  s.add_development_dependency 'rspec', '~> 3.12'
37
37
  s.add_development_dependency 'simplecov', '~> 0.22.0'
data/lib/uaa/cli/token.rb CHANGED
@@ -23,11 +23,14 @@ class TokenCatcher < Stub::Base
23
23
  def process_grant(data)
24
24
  server.logger.debug "processing grant for path #{request.path}"
25
25
  secret = server.info.delete(:client_secret)
26
+ do_authcode = server.info.delete(:do_authcode)
26
27
  ti = TokenIssuer.new(Config.target, server.info.delete(:client_id), secret,
27
28
  { token_target: Config.target_value(:token_target),
28
29
  basic_auth: Config.target_value(:basic_auth),
30
+ use_pkce: true,
31
+ code_verifier: server.info.delete(:code_verifier),
29
32
  skip_ssl_validation: Config.target_value(:skip_ssl_validation)})
30
- tkn = secret ? ti.authcode_grant(server.info.delete(:uri), data) :
33
+ tkn = do_authcode ? ti.authcode_grant(server.info.delete(:uri), data) :
31
34
  ti.implicit_grant(server.info.delete(:uri), data)
32
35
  server.info.update(token_info: tkn.info)
33
36
  reply.text "you are now logged in and can close this window"
@@ -87,11 +90,13 @@ class TokenCli < CommonCli
87
90
  did_save
88
91
  end
89
92
 
90
- def issuer_request(client_id, secret = nil)
93
+ def issuer_request(client_id, secret = nil, code_verifier = nil)
91
94
  update_target_info
92
95
  yield TokenIssuer.new(Config.target.to_s, client_id, secret,
93
96
  { token_target: Config.target_value(:token_endpoint),
94
97
  basic_auth: Config.target_value(:basic_auth),
98
+ use_pkce: true,
99
+ code_verifier: code_verifier,
95
100
  skip_ssl_validation: Config.target_value(:skip_ssl_validation),
96
101
  ssl_ca_file: Config.target_value(:ca_cert) })
97
102
  rescue Exception => e
@@ -159,24 +164,26 @@ class TokenCli < CommonCli
159
164
  CF_TOKEN_FILE = File.join ENV["HOME"], ".cf_token"
160
165
  CF_TARGET_FILE = File.join ENV["HOME"], ".cf_target"
161
166
 
162
- def use_browser(client_id, secret = nil)
167
+ def use_browser(client_id, secret = nil, grant = nil)
168
+ do_authcode = (not grant.nil?) && (grant == 'authcode')
169
+ code_verifier = SecureRandom.base64(96).tr("+/", "-_").tr("=", "")
163
170
  catcher = Stub::Server.new(TokenCatcher,
164
171
  logger: Util.default_logger(debug? ? :debug : trace? ? :trace : :info),
165
- info: {client_id: client_id, client_secret: secret},
172
+ info: {client_id: client_id, client_secret: secret, code_verifier: code_verifier, do_authcode: do_authcode},
166
173
  port: opts[:port]).run_on_thread
167
- uri = issuer_request(client_id, secret) { |ti|
168
- secret ? ti.authcode_uri("#{catcher.url}/authcode", opts[:scope]) :
174
+ uri = issuer_request(client_id, secret, code_verifier) { |ti|
175
+ do_authcode ? ti.authcode_uri("#{catcher.url}/authcode", opts[:scope]) :
169
176
  ti.implicit_uri("#{catcher.url}/callback", opts[:scope])
170
177
  }
171
178
  return unless catcher.info[:uri] = uri
172
- say "launching browser with #{uri}" if trace?
173
- Launchy.open(uri, debug: true, dry_run: false)
179
+ say " and launching browser with #{uri}"
180
+ Launchy.open(uri, debug: false, dry_run: false)
174
181
  print "waiting for token "
175
182
  while catcher.info[:uri] || !catcher.info[:token_info]
176
183
  sleep 5
177
184
  print "."
178
185
  end
179
- say_success(secret ? "authorization code" : "implicit") if set_context(catcher.info[:token_info])
186
+ say_success(do_authcode ? "authorization code" : "implicit") if set_context(catcher.info[:token_info])
180
187
  return unless opts[:cf]
181
188
  begin
182
189
  cf_target = File.open(CF_TARGET_FILE, 'r') { |f| f.read.strip }
@@ -193,7 +200,7 @@ class TokenCli < CommonCli
193
200
  define_option :port, "--port <number>", "pin internal server to specific port"
194
201
  define_option :cf, "--[no-]cf", "save token in the ~/.cf_tokens file"
195
202
  desc "token authcode get", "Gets a token using the authcode flow with browser",
196
- :client, :secret, :scope, :cf, :port do use_browser(clientid, clientsecret) end
203
+ :client, :secret, :scope, :cf, :port do use_browser(clientid, opts[:secret], 'authcode') end
197
204
 
198
205
  desc "token implicit get", "Gets a token using the implicit flow with browser",
199
206
  :client, :scope, :cf, :port do use_browser opts[:client] || "cf" end
data/version.txt CHANGED
@@ -1 +1 @@
1
- 4.15.0
1
+ 4.16.0
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: cf-uaac
3
3
  version: !ruby/object:Gem::Version
4
- version: 4.15.0
4
+ version: 4.16.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Dave Syer
@@ -12,7 +12,7 @@ authors:
12
12
  autorequire:
13
13
  bindir: bin
14
14
  cert_chain: []
15
- date: 2023-08-09 00:00:00.000000000 Z
15
+ date: 2023-09-15 00:00:00.000000000 Z
16
16
  dependencies:
17
17
  - !ruby/object:Gem::Dependency
18
18
  name: cf-uaa-lib
@@ -20,14 +20,14 @@ dependencies:
20
20
  requirements:
21
21
  - - "~>"
22
22
  - !ruby/object:Gem::Version
23
- version: '4.0'
23
+ version: 4.0.3
24
24
  type: :runtime
25
25
  prerelease: false
26
26
  version_requirements: !ruby/object:Gem::Requirement
27
27
  requirements:
28
28
  - - "~>"
29
29
  - !ruby/object:Gem::Version
30
- version: '4.0'
30
+ version: 4.0.3
31
31
  - !ruby/object:Gem::Dependency
32
32
  name: rake
33
33
  requirement: !ruby/object:Gem::Requirement