RubyGems - discourse-omniauth-jwt-xsolla - Versions diffs - 0.1.9 → 0.2.0 - Mend

discourse-omniauth-jwt-xsolla 0.1.9 → 0.2.0

Files changed (5) hide show

checksums.yaml +4 -4
data/README.md +0 -85
data/lib/omniauth/jwt/version.rb +1 -1
data/lib/omniauth/strategies/jwt.rb +5 -1
metadata +2 -2

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 3b821f80225985aa7566f1fc54ef9bad9ebb8223d22d82dc5643ae2a5bb0b3eb
-  data.tar.gz: 4cc84b87743d2f6f1733b94697d6f37dd62312a58021d42bc5a6fd8100aefa4a
+  metadata.gz: 8923f38506b8bbf100624c7b766a75f0ca387140911a105d4e96bb61ac3829b8
+  data.tar.gz: 20a32280b8cd55875490bb7301397726b759b62df552bfefd39027af17c4ddf0
 SHA512:
-  metadata.gz: f3bc6d8698bd11db4632b1caecc5c66ef0a8902d75cb497eec210e33aee615109fcd4738b298ffb29c22ebf90b8e5033c1d05467b2b00e47a3a7831b469b64d0
-  data.tar.gz: bfc97f50ad92690b381ee024198ed9fe8de52f13821fc2c7bf7a5a63c62b81ae7571bce70072a11ac351e14152137afccf683bc36578dede6ee2561e7245cab7
+  metadata.gz: 7a18fec04cdc14504639f260a0c2c52cca5c1d7be2fda5588e003aa284875f6587fa5d4468540442e50a8a1b75de359e2a54a04329b13b54f1ad1523cbd62718
+  data.tar.gz: 2f9e050894c520ea17b9d384676429e47b120aca3022c5032725811ad38218173bae1ec289cccfecab29c6a710dc9a1680b1544f2db381ffd5f87275d1ae614c

data/README.md CHANGED Viewed

@@ -1,85 +0,0 @@
-# OmniAuth::JWT
-[![Build Status](https://travis-ci.org/mbleigh/omniauth-jwt.png)](https://travis-ci.org/mbleigh/omniauth-jwt)
-[JSON Web Token](http://self-issued.info/docs/draft-ietf-oauth-json-web-token.html) (JWT) is a simple
-way to send verified information between two parties online. This can be useful as a mechanism for
-providing Single Sign-On (SSO) to an application by allowing an authentication server to send a validated
-claim and log the user in. This is how [Zendesk does SSO](https://support.zendesk.com/entries/23675367-Setting-up-single-sign-on-with-JWT-JSON-Web-Token-),
-for example.
-OmniAuth::JWT provides a clean, simple wrapper on top of JWT so that you can easily implement this kind
-of SSO either between your own applications or allow third parties to delegate authentication.
-## Installation
-Add this line to your application's Gemfile:
-    gem 'omniauth-jwt'
-And then execute:
-    $ bundle
-Or install it yourself as:
-    $ gem install omniauth-jwt
-## Usage
-You use OmniAuth::JWT just like you do any other OmniAuth strategy:
-```ruby
-use OmniAuth::JWT, 'SHAREDSECRET', auth_url: 'http://example.com/login'
-```
-The first parameter is the shared secret that will be used by the external authenticator to verify
-that. You must also specify the `auth_url` option to tell the strategy where to redirect to log
-in. Other available options are:
-* **algorithm:** the algorithm to use to decode the JWT token. This is `HS256` by default but can
-  be set to anything supported by [ruby-jwt](https://github.com/progrium/ruby-jwt)
-* **uid_claim:** this determines which claim will be used to uniquely identify the user. Defaults
-  to `email`
-* **required_claims:** array of claims that are required to make this a valid authentication call.
-  Defaults to `['name', 'email']`
-* **info_map:** array mapping claim values to info hash values. Defaults to mapping `name` and `email`
-  to the same in the info hash.
-* **valid_within:** integer of how many seconds of time skew you will allow. Defaults to `nil`. If this
-  is set, the `iat` claim becomes required and must be within the specified number of seconds of the
-  current time. This helps to prevent replay attacks.
-### Authentication Process
-When you authenticate through `omniauth-jwt` you can send users to `/auth/jwt` and it will redirect
-them to the URL specified in the `auth_url` option. From there, the provider must generate a JWT
-and send it to the `/auth/jwt/callback` URL as a "jwt" parameter:
-    /auth/jwt/callback?jwt=ENCODEDJWTGOESHERE
-An example of how to do that in Sinatra:
-```ruby
-require 'jwt'
-get '/login/sso/other-app' do
-  # assuming the user is already logged in and this is available as current_user
-  claims = {
-    id: current_user.id,
-    name: current_user.name,
-    email: current_user.email,
-    iat: Time.now.to_i
-  }
-  payload = JWT.encode(claims, ENV['SSO_SECRET'])
-  redirect "http://other-app.com/auth/jwt/callback?jwt=#{payload}"
-end
-```
-## Contributing
-1. Fork it
-2. Create your feature branch (`git checkout -b my-new-feature`)
-3. Commit your changes (`git commit -am 'Add some feature'`)
-4. Push to the branch (`git push origin my-new-feature`)
-5. Create new Pull Request

data/lib/omniauth/jwt/version.rb CHANGED Viewed

@@ -1,5 +1,5 @@
 module Omniauth
   module JWT
-    VERSION = "0.1.9"
+    VERSION = "0.2.0"
   end
 end

data/lib/omniauth/strategies/jwt.rb CHANGED Viewed

@@ -1,6 +1,7 @@
 require 'omniauth'
 require 'jwt'
 require 'net/http'
+require 'json'
 module OmniAuth
   module Strategies
@@ -26,7 +27,10 @@ module OmniAuth
       def decoded
         @decoded ||= ::JWT.decode(request.params['token'], options.secret, false, {algorithm: options.algorithm})[0]
         uri = URI('https://login.xsolla.com/api/token/validate')
-        res = Net::HTTP.post_form(uri, 'token' => request.params['token'])
+        req = Net::HTTP::Post.new(uri, 'Content-Type' => 'application/json')
+        req.body = {token: request.params['token']}.to_json
+        res = http.request(req)
         raise ClaimInvalid.new("Token is not valid.") if res.code != '204'
         (options.required_claims || []).each do |field|

metadata CHANGED Viewed

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: discourse-omniauth-jwt-xsolla
 version: !ruby/object:Gem::Version
-  version: 0.1.9
+  version: 0.2.0
 platform: ruby
 authors:
 - Michael Bleigh
@@ -10,7 +10,7 @@ authors:
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2019-06-18 00:00:00.000000000 Z
+date: 2019-07-24 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler