doorkeeper-openid_connect 1.6.1 → 1.6.2

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 8b125dc43aa1d61bb63f9e21847c283cab2c049061aab519c6a3c7075537d749
4
- data.tar.gz: e77fd739cd18693a7ad91531ab198d46fa3577328fef7c8301c8e0611038ab41
3
+ metadata.gz: ad886e65fd13b81ceb33165b6108992890073e9069524d383ee45948f64a2b17
4
+ data.tar.gz: c1aaff72cbf9031e456c8f022845ce680799a1eadf6ec6ef171357bd1064f1fd
5
5
  SHA512:
6
- metadata.gz: a9bab8209fe8082dfda99b2055b5a7c60f1181077649ed671765f68596647646cb4462744f8d3e50f224f62ae42c4d3090036fef79e9994995f47af95cff1b39
7
- data.tar.gz: 4b5bea2726c1f2147fdacfec185dbf93cecc4fb36aa9597faf49c57fe33ac40e474b061b4d69a16e49450b26443097ec0461300d2ae4d7d60cf5e87560cd79b8
6
+ metadata.gz: '08aa15acd68b90ebb2dadab4f50a3718a71a13a9fe7a6b6c3f628dfee1ffe85e8c10ac98217ff1b8c33e8afaacbf4ec392043c5ac6b3d27e5516ed5070bf5956'
7
+ data.tar.gz: 1ed88f7c7b84daa5bd95c71ebba114a1bda3e0a1985e4187854113db3f3c2454ac62451e7d581ccfd41de4419eadf64008a920cc540963e6c5a73561351f238f
data/CHANGELOG.md CHANGED
@@ -2,6 +2,12 @@
2
2
 
3
3
  No changes yet.
4
4
 
5
+ ## v1.6.2 (2019-08-09)
6
+
7
+ ### Bugfixes
8
+
9
+ - [#80] Check for client presence in controller, fixes a 500 error when `client_id` is missing (thanks to @cincospenguinos @urnf @isabellechalhoub)
10
+
5
11
  ## v1.6.1 (2019-06-07)
6
12
 
7
13
  ### Bugfixes
@@ -6,14 +6,23 @@ module Doorkeeper
6
6
 
7
7
  def authenticate_resource_owner!
8
8
  super.tap do |owner|
9
- next unless controller_path == Doorkeeper::Rails::Routes.mapping[:authorizations][:controllers] &&
10
- action_name == 'new'
11
- next unless pre_auth.scopes.include?('openid')
9
+ next unless oidc_authorization_request?
12
10
 
13
- handle_prompt_param!(owner)
14
- handle_max_age_param!(owner)
11
+ handle_oidc_prompt_param!(owner)
12
+ handle_oidc_max_age_param!(owner)
15
13
  end
16
14
  rescue Errors::OpenidConnectError => exception
15
+ handle_oidc_error!(exception)
16
+ end
17
+
18
+ def oidc_authorization_request?
19
+ controller_path == Doorkeeper::Rails::Routes.mapping[:authorizations][:controllers] &&
20
+ action_name == 'new' &&
21
+ pre_auth.client &&
22
+ pre_auth.scopes.include?('openid')
23
+ end
24
+
25
+ def handle_oidc_error!(exception)
17
26
  # clear the previous response body to avoid a DoubleRenderError
18
27
  self.response_body = nil
19
28
 
@@ -39,7 +48,7 @@ module Doorkeeper
39
48
  end
40
49
  end
41
50
 
42
- def handle_prompt_param!(owner)
51
+ def handle_oidc_prompt_param!(owner)
43
52
  prompt_values ||= params[:prompt].to_s.split(/ +/).uniq
44
53
 
45
54
  prompt_values.each do |prompt|
@@ -47,9 +56,9 @@ module Doorkeeper
47
56
  when 'none' then
48
57
  raise Errors::InvalidRequest if (prompt_values - [ 'none' ]).any?
49
58
  raise Errors::LoginRequired unless owner
50
- raise Errors::ConsentRequired unless matching_tokens_for_resource_owner(owner).present?
59
+ raise Errors::ConsentRequired unless matching_tokens_for_oidc_resource_owner(owner).present?
51
60
  when 'login' then
52
- reauthenticate_resource_owner(owner) if owner
61
+ reauthenticate_oidc_resource_owner(owner) if owner
53
62
  when 'consent' then
54
63
  render :new
55
64
  when 'select_account' then
@@ -61,7 +70,7 @@ module Doorkeeper
61
70
  end
62
71
  end
63
72
 
64
- def handle_max_age_param!(owner)
73
+ def handle_oidc_max_age_param!(owner)
65
74
  max_age = params[:max_age].to_i
66
75
  return unless max_age > 0 && owner
67
76
 
@@ -69,11 +78,11 @@ module Doorkeeper
69
78
  &Doorkeeper::OpenidConnect.configuration.auth_time_from_resource_owner
70
79
 
71
80
  if !auth_time || (Time.zone.now - auth_time) > max_age
72
- reauthenticate_resource_owner(owner)
81
+ reauthenticate_oidc_resource_owner(owner)
73
82
  end
74
83
  end
75
84
 
76
- def reauthenticate_resource_owner(owner)
85
+ def reauthenticate_oidc_resource_owner(owner)
77
86
  return_to = URI.parse(request.path)
78
87
  return_to.query = request.query_parameters.tap do |params|
79
88
  params['prompt'] = params['prompt'].to_s.sub(/\blogin\s*\b/, '').strip
@@ -86,7 +95,7 @@ module Doorkeeper
86
95
  raise Errors::LoginRequired unless performed?
87
96
  end
88
97
 
89
- def matching_tokens_for_resource_owner(owner)
98
+ def matching_tokens_for_oidc_resource_owner(owner)
90
99
  Doorkeeper::AccessToken.authorized_tokens_for(pre_auth.client.id, owner.id).select do |token|
91
100
  Doorkeeper::AccessToken.scopes_match?(token.scopes, pre_auth.scopes, pre_auth.client.scopes)
92
101
  end
@@ -1,5 +1,5 @@
1
1
  module Doorkeeper
2
2
  module OpenidConnect
3
- VERSION = '1.6.1'.freeze
3
+ VERSION = '1.6.2'.freeze
4
4
  end
5
5
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: doorkeeper-openid_connect
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.6.1
4
+ version: 1.6.2
5
5
  platform: ruby
6
6
  authors:
7
7
  - Sam Dengler
@@ -9,7 +9,7 @@ authors:
9
9
  autorequire:
10
10
  bindir: bin
11
11
  cert_chain: []
12
- date: 2019-06-07 00:00:00.000000000 Z
12
+ date: 2019-08-09 00:00:00.000000000 Z
13
13
  dependencies:
14
14
  - !ruby/object:Gem::Dependency
15
15
  name: doorkeeper