doorkeeper-openid_connect 1.7.1 → 1.8.0.pre.rc1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +45 -0
- data/README.md +40 -0
- data/app/controllers/doorkeeper/authorizations_controller.rb +1 -1
- data/app/controllers/doorkeeper/openid_connect/discovery_controller.rb +52 -26
- data/app/controllers/doorkeeper/openid_connect/userinfo_controller.rb +5 -1
- data/config/locales/en.yml +1 -0
- data/lib/doorkeeper/oauth/id_token_request.rb +7 -1
- data/lib/doorkeeper/oauth/id_token_response.rb +7 -7
- data/lib/doorkeeper/oauth/id_token_token_request.rb +2 -0
- data/lib/doorkeeper/oauth/id_token_token_response.rb +3 -3
- data/lib/doorkeeper/openid_connect.rb +21 -2
- data/lib/doorkeeper/openid_connect/claims/aggregated_claim.rb +2 -0
- data/lib/doorkeeper/openid_connect/claims/claim.rb +6 -4
- data/lib/doorkeeper/openid_connect/claims/distributed_claim.rb +2 -0
- data/lib/doorkeeper/openid_connect/claims/normal_claim.rb +2 -0
- data/lib/doorkeeper/openid_connect/claims_builder.rb +3 -1
- data/lib/doorkeeper/openid_connect/config.rb +24 -10
- data/lib/doorkeeper/openid_connect/engine.rb +2 -0
- data/lib/doorkeeper/openid_connect/errors.rb +2 -1
- data/lib/doorkeeper/openid_connect/helpers/controller.rb +52 -26
- data/lib/doorkeeper/openid_connect/id_token.rb +8 -2
- data/lib/doorkeeper/openid_connect/id_token_token.rb +2 -0
- data/lib/doorkeeper/openid_connect/oauth/authorization/code.rb +25 -8
- data/lib/doorkeeper/openid_connect/oauth/authorization_code_request.rb +4 -2
- data/lib/doorkeeper/openid_connect/oauth/password_access_token_request.rb +3 -1
- data/lib/doorkeeper/openid_connect/oauth/pre_authorization.rb +12 -14
- data/lib/doorkeeper/openid_connect/oauth/token_response.rb +3 -1
- data/lib/doorkeeper/openid_connect/orm/active_record.rb +2 -0
- data/lib/doorkeeper/openid_connect/orm/active_record/access_grant.rb +3 -1
- data/lib/doorkeeper/openid_connect/orm/active_record/request.rb +5 -3
- data/lib/doorkeeper/openid_connect/rails/routes.rb +3 -1
- data/lib/doorkeeper/openid_connect/rails/routes/mapper.rb +2 -0
- data/lib/doorkeeper/openid_connect/rails/routes/mapping.rb +2 -0
- data/lib/doorkeeper/openid_connect/user_info.rb +2 -0
- data/lib/doorkeeper/openid_connect/version.rb +3 -1
- data/lib/doorkeeper/request/id_token.rb +2 -0
- data/lib/doorkeeper/request/id_token_token.rb +2 -0
- data/lib/generators/doorkeeper/openid_connect/install_generator.rb +4 -2
- data/lib/generators/doorkeeper/openid_connect/migration_generator.rb +3 -1
- data/lib/generators/doorkeeper/openid_connect/templates/initializer.rb +22 -6
- data/lib/generators/doorkeeper/openid_connect/templates/migration.rb.erb +1 -1
- metadata +26 -36
- data/.gitignore +0 -8
- data/.ruby-version +0 -1
- data/.travis.yml +0 -27
- data/CONTRIBUTING.md +0 -45
- data/Gemfile +0 -8
- data/Rakefile +0 -24
- data/bin/console +0 -9
- data/bin/setup +0 -8
- data/doorkeeper-openid_connect.gemspec +0 -32
- data/lib/doorkeeper/openid_connect/response_types_config.rb +0 -17
@@ -1,12 +1,14 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
1
3
|
module Doorkeeper
|
2
4
|
module OpenidConnect
|
3
|
-
class Request < ActiveRecord::Base
|
5
|
+
class Request < ::ActiveRecord::Base
|
4
6
|
self.table_name = "#{table_name_prefix}oauth_openid_requests#{table_name_suffix}".to_sym
|
5
7
|
|
6
8
|
validates :access_grant_id, :nonce, presence: true
|
7
9
|
belongs_to :access_grant,
|
8
|
-
|
9
|
-
|
10
|
+
class_name: 'Doorkeeper::AccessGrant',
|
11
|
+
inverse_of: :openid_request
|
10
12
|
end
|
11
13
|
end
|
12
14
|
end
|
@@ -1,3 +1,5 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
1
3
|
require 'doorkeeper/openid_connect/rails/routes/mapping'
|
2
4
|
require 'doorkeeper/openid_connect/rails/routes/mapper'
|
3
5
|
|
@@ -12,7 +14,7 @@ module Doorkeeper
|
|
12
14
|
end
|
13
15
|
|
14
16
|
def self.install!
|
15
|
-
ActionDispatch::Routing::Mapper.
|
17
|
+
ActionDispatch::Routing::Mapper.include Doorkeeper::OpenidConnect::Rails::Routes::Helper
|
16
18
|
end
|
17
19
|
|
18
20
|
attr_accessor :routes
|
@@ -1,13 +1,15 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
1
3
|
module Doorkeeper
|
2
4
|
module OpenidConnect
|
3
5
|
class InstallGenerator < ::Rails::Generators::Base
|
4
6
|
include ::Rails::Generators::Migration
|
5
|
-
source_root File.expand_path('
|
7
|
+
source_root File.expand_path('templates', __dir__)
|
6
8
|
desc 'Installs Doorkeeper OpenID Connect.'
|
7
9
|
|
8
10
|
def install
|
9
11
|
template 'initializer.rb', 'config/initializers/doorkeeper_openid_connect.rb'
|
10
|
-
copy_file File.expand_path('
|
12
|
+
copy_file File.expand_path('../../../../config/locales/en.yml', __dir__), 'config/locales/doorkeeper_openid_connect.en.yml'
|
11
13
|
route 'use_doorkeeper_openid_connect'
|
12
14
|
end
|
13
15
|
end
|
@@ -1,10 +1,12 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
1
3
|
require 'rails/generators/active_record'
|
2
4
|
|
3
5
|
module Doorkeeper
|
4
6
|
module OpenidConnect
|
5
7
|
class MigrationGenerator < ::Rails::Generators::Base
|
6
8
|
include ::Rails::Generators::Migration
|
7
|
-
source_root File.expand_path('
|
9
|
+
source_root File.expand_path('templates', __dir__)
|
8
10
|
desc 'Installs Doorkeeper OpenID Connect migration file.'
|
9
11
|
|
10
12
|
def install
|
@@ -1,11 +1,15 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
1
3
|
Doorkeeper::OpenidConnect.configure do
|
2
|
-
issuer
|
4
|
+
issuer do |resource_owner, application|
|
5
|
+
'issuer string'
|
6
|
+
end
|
3
7
|
|
4
|
-
signing_key
|
5
|
-
-----BEGIN RSA PRIVATE KEY-----
|
6
|
-
....
|
7
|
-
-----END RSA PRIVATE KEY-----
|
8
|
-
|
8
|
+
signing_key <<~KEY
|
9
|
+
-----BEGIN RSA PRIVATE KEY-----
|
10
|
+
....
|
11
|
+
-----END RSA PRIVATE KEY-----
|
12
|
+
KEY
|
9
13
|
|
10
14
|
subject_types_supported [:public]
|
11
15
|
|
@@ -26,6 +30,18 @@ EOL
|
|
26
30
|
# redirect_to new_user_session_url
|
27
31
|
end
|
28
32
|
|
33
|
+
# Depending on your configuration, a DoubleRenderError could be raised
|
34
|
+
# if render/redirect_to is called at some point before this callback is executed.
|
35
|
+
# To avoid the DoubleRenderError, you could add these two lines at the beginning
|
36
|
+
# of this callback: (Reference: https://github.com/rails/rails/issues/25106)
|
37
|
+
# self.response_body = nil
|
38
|
+
# @_response_body = nil
|
39
|
+
select_account_for_resource_owner do |resource_owner, return_to|
|
40
|
+
# Example implementation:
|
41
|
+
# store_location_for resource_owner, return_to
|
42
|
+
# redirect_to account_select_url
|
43
|
+
end
|
44
|
+
|
29
45
|
subject do |resource_owner, application|
|
30
46
|
# Example implementation:
|
31
47
|
# resource_owner.id
|
@@ -1,7 +1,7 @@
|
|
1
1
|
class CreateDoorkeeperOpenidConnectTables < ActiveRecord::Migration<%= migration_version %>
|
2
2
|
def change
|
3
3
|
create_table :oauth_openid_requests do |t|
|
4
|
-
t.
|
4
|
+
t.references :access_grant, null: false, index: true
|
5
5
|
t.string :nonce, null: false
|
6
6
|
end
|
7
7
|
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: doorkeeper-openid_connect
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.
|
4
|
+
version: 1.8.0.pre.rc1
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Sam Dengler
|
@@ -9,7 +9,7 @@ authors:
|
|
9
9
|
autorequire:
|
10
10
|
bindir: bin
|
11
11
|
cert_chain: []
|
12
|
-
date:
|
12
|
+
date: 2021-04-20 00:00:00.000000000 Z
|
13
13
|
dependencies:
|
14
14
|
- !ruby/object:Gem::Dependency
|
15
15
|
name: doorkeeper
|
@@ -17,20 +17,20 @@ dependencies:
|
|
17
17
|
requirements:
|
18
18
|
- - ">="
|
19
19
|
- !ruby/object:Gem::Version
|
20
|
-
version: '5.
|
20
|
+
version: '5.5'
|
21
21
|
- - "<"
|
22
22
|
- !ruby/object:Gem::Version
|
23
|
-
version: '5.
|
23
|
+
version: '5.6'
|
24
24
|
type: :runtime
|
25
25
|
prerelease: false
|
26
26
|
version_requirements: !ruby/object:Gem::Requirement
|
27
27
|
requirements:
|
28
28
|
- - ">="
|
29
29
|
- !ruby/object:Gem::Version
|
30
|
-
version: '5.
|
30
|
+
version: '5.5'
|
31
31
|
- - "<"
|
32
32
|
- !ruby/object:Gem::Version
|
33
|
-
version: '5.
|
33
|
+
version: '5.6'
|
34
34
|
- !ruby/object:Gem::Dependency
|
35
35
|
name: json-jwt
|
36
36
|
requirement: !ruby/object:Gem::Requirement
|
@@ -46,19 +46,19 @@ dependencies:
|
|
46
46
|
- !ruby/object:Gem::Version
|
47
47
|
version: 1.11.0
|
48
48
|
- !ruby/object:Gem::Dependency
|
49
|
-
name:
|
49
|
+
name: conventional-changelog
|
50
50
|
requirement: !ruby/object:Gem::Requirement
|
51
51
|
requirements:
|
52
|
-
- - "
|
52
|
+
- - "~>"
|
53
53
|
- !ruby/object:Gem::Version
|
54
|
-
version: '
|
54
|
+
version: '1.2'
|
55
55
|
type: :development
|
56
56
|
prerelease: false
|
57
57
|
version_requirements: !ruby/object:Gem::Requirement
|
58
58
|
requirements:
|
59
|
-
- - "
|
59
|
+
- - "~>"
|
60
60
|
- !ruby/object:Gem::Version
|
61
|
-
version: '
|
61
|
+
version: '1.2'
|
62
62
|
- !ruby/object:Gem::Dependency
|
63
63
|
name: factory_bot
|
64
64
|
requirement: !ruby/object:Gem::Requirement
|
@@ -74,21 +74,21 @@ dependencies:
|
|
74
74
|
- !ruby/object:Gem::Version
|
75
75
|
version: '0'
|
76
76
|
- !ruby/object:Gem::Dependency
|
77
|
-
name:
|
77
|
+
name: pry-byebug
|
78
78
|
requirement: !ruby/object:Gem::Requirement
|
79
79
|
requirements:
|
80
|
-
- - "
|
80
|
+
- - ">="
|
81
81
|
- !ruby/object:Gem::Version
|
82
|
-
version:
|
82
|
+
version: '0'
|
83
83
|
type: :development
|
84
84
|
prerelease: false
|
85
85
|
version_requirements: !ruby/object:Gem::Requirement
|
86
86
|
requirements:
|
87
|
-
- - "
|
87
|
+
- - ">="
|
88
88
|
- !ruby/object:Gem::Version
|
89
|
-
version:
|
89
|
+
version: '0'
|
90
90
|
- !ruby/object:Gem::Dependency
|
91
|
-
name:
|
91
|
+
name: rspec-rails
|
92
92
|
requirement: !ruby/object:Gem::Requirement
|
93
93
|
requirements:
|
94
94
|
- - ">="
|
@@ -102,19 +102,19 @@ dependencies:
|
|
102
102
|
- !ruby/object:Gem::Version
|
103
103
|
version: '0'
|
104
104
|
- !ruby/object:Gem::Dependency
|
105
|
-
name:
|
105
|
+
name: sqlite3
|
106
106
|
requirement: !ruby/object:Gem::Requirement
|
107
107
|
requirements:
|
108
|
-
- - "
|
108
|
+
- - ">="
|
109
109
|
- !ruby/object:Gem::Version
|
110
|
-
version:
|
110
|
+
version: 1.3.6
|
111
111
|
type: :development
|
112
112
|
prerelease: false
|
113
113
|
version_requirements: !ruby/object:Gem::Requirement
|
114
114
|
requirements:
|
115
|
-
- - "
|
115
|
+
- - ">="
|
116
116
|
- !ruby/object:Gem::Version
|
117
|
-
version:
|
117
|
+
version: 1.3.6
|
118
118
|
description: OpenID Connect extension for Doorkeeper.
|
119
119
|
email:
|
120
120
|
- sam.dengler@playonsports.com
|
@@ -123,22 +123,13 @@ executables: []
|
|
123
123
|
extensions: []
|
124
124
|
extra_rdoc_files: []
|
125
125
|
files:
|
126
|
-
- ".gitignore"
|
127
|
-
- ".ruby-version"
|
128
|
-
- ".travis.yml"
|
129
126
|
- CHANGELOG.md
|
130
|
-
- CONTRIBUTING.md
|
131
|
-
- Gemfile
|
132
127
|
- LICENSE.txt
|
133
128
|
- README.md
|
134
|
-
- Rakefile
|
135
129
|
- app/controllers/doorkeeper/authorizations_controller.rb
|
136
130
|
- app/controllers/doorkeeper/openid_connect/discovery_controller.rb
|
137
131
|
- app/controllers/doorkeeper/openid_connect/userinfo_controller.rb
|
138
|
-
- bin/console
|
139
|
-
- bin/setup
|
140
132
|
- config/locales/en.yml
|
141
|
-
- doorkeeper-openid_connect.gemspec
|
142
133
|
- lib/doorkeeper/oauth/id_token_request.rb
|
143
134
|
- lib/doorkeeper/oauth/id_token_response.rb
|
144
135
|
- lib/doorkeeper/oauth/id_token_token_request.rb
|
@@ -166,7 +157,6 @@ files:
|
|
166
157
|
- lib/doorkeeper/openid_connect/rails/routes.rb
|
167
158
|
- lib/doorkeeper/openid_connect/rails/routes/mapper.rb
|
168
159
|
- lib/doorkeeper/openid_connect/rails/routes/mapping.rb
|
169
|
-
- lib/doorkeeper/openid_connect/response_types_config.rb
|
170
160
|
- lib/doorkeeper/openid_connect/user_info.rb
|
171
161
|
- lib/doorkeeper/openid_connect/version.rb
|
172
162
|
- lib/doorkeeper/request/id_token.rb
|
@@ -187,14 +177,14 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
187
177
|
requirements:
|
188
178
|
- - ">="
|
189
179
|
- !ruby/object:Gem::Version
|
190
|
-
version: '2.
|
180
|
+
version: '2.5'
|
191
181
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
192
182
|
requirements:
|
193
|
-
- - "
|
183
|
+
- - ">"
|
194
184
|
- !ruby/object:Gem::Version
|
195
|
-
version:
|
185
|
+
version: 1.3.1
|
196
186
|
requirements: []
|
197
|
-
rubygems_version: 3.
|
187
|
+
rubygems_version: 3.1.4
|
198
188
|
signing_key:
|
199
189
|
specification_version: 4
|
200
190
|
summary: OpenID Connect extension for Doorkeeper.
|
data/.gitignore
DELETED
data/.ruby-version
DELETED
@@ -1 +0,0 @@
|
|
1
|
-
2.6.5
|
data/.travis.yml
DELETED
@@ -1,27 +0,0 @@
|
|
1
|
-
language: ruby
|
2
|
-
cache: bundler
|
3
|
-
sudo: false
|
4
|
-
|
5
|
-
before_install:
|
6
|
-
- gem update --system
|
7
|
-
# Bundler 2.0 is not compatible with Rails 4.2
|
8
|
-
# https://docs.travis-ci.com/user/languages/ruby/#bundler-20
|
9
|
-
- "find /home/travis/.rvm/rubies -wholename '*default/bundler-*.gemspec' -delete"
|
10
|
-
- rvm @global do gem uninstall bundler -a -x -I || true
|
11
|
-
- gem install bundler -v '< 2'
|
12
|
-
|
13
|
-
before_script:
|
14
|
-
- bundle update
|
15
|
-
- bundle exec rake migrate
|
16
|
-
|
17
|
-
script:
|
18
|
-
- bundle exec rake spec
|
19
|
-
|
20
|
-
env:
|
21
|
-
- rails=5.0.0
|
22
|
-
- rails=5.2.0
|
23
|
-
|
24
|
-
rvm:
|
25
|
-
- 2.4
|
26
|
-
- 2.5
|
27
|
-
- 2.6
|
data/CONTRIBUTING.md
DELETED
@@ -1,45 +0,0 @@
|
|
1
|
-
# Contributing
|
2
|
-
|
3
|
-
## Workflow
|
4
|
-
|
5
|
-
We are using the [Feature Branch Workflow (also known as GitHub Flow)](https://guides.github.com/introduction/flow/), and prefer delivery as pull requests.
|
6
|
-
|
7
|
-
Our first line of defense is the [Travis CI](https://travis-ci.org/doorkeeper-gem/doorkeeper-openid_connect) build defined within [.travis.yml](.travis.yml) and triggered for every pull request.
|
8
|
-
|
9
|
-
Create a feature branch:
|
10
|
-
|
11
|
-
```sh
|
12
|
-
git checkout -B feature/contributing
|
13
|
-
```
|
14
|
-
|
15
|
-
## Creating Good Commits
|
16
|
-
|
17
|
-
The cardinal rule for creating good commits is to ensure there is only one
|
18
|
-
"logical change" per commit. Why is this an important rule?
|
19
|
-
|
20
|
-
* The smaller the amount of code being changed, the quicker & easier it is to
|
21
|
-
review & identify potential flaws.
|
22
|
-
|
23
|
-
* If a change is found to be flawed later, it may be necessary to revert the
|
24
|
-
broken commit. This is much easier to do if there are not other unrelated
|
25
|
-
code changes entangled with the original commit.
|
26
|
-
|
27
|
-
* When troubleshooting problems using Git's bisect capability, small well
|
28
|
-
defined changes will aid in isolating exactly where the code problem was
|
29
|
-
introduced.
|
30
|
-
|
31
|
-
* When browsing history using Git annotate/blame, small well defined changes
|
32
|
-
also aid in isolating exactly where & why a piece of code came from.
|
33
|
-
|
34
|
-
Things to avoid when creating commits:
|
35
|
-
|
36
|
-
* Mixing whitespace changes with functional code changes.
|
37
|
-
* Mixing two unrelated functional changes.
|
38
|
-
* Sending large new features in a single giant commit.
|
39
|
-
|
40
|
-
## Release process
|
41
|
-
|
42
|
-
- Bump version in `lib/doorkeeper/openid_connect/version.rb`
|
43
|
-
- Update `CHANGELOG.md`
|
44
|
-
- Commit all changes
|
45
|
-
- Tag release and publish gem with `rake release`
|
data/Gemfile
DELETED
data/Rakefile
DELETED
@@ -1,24 +0,0 @@
|
|
1
|
-
ENV['RAILS_ENV'] ||= 'test'
|
2
|
-
|
3
|
-
require "bundler/gem_tasks"
|
4
|
-
require "rspec/core/rake_task"
|
5
|
-
|
6
|
-
RSpec::Core::RakeTask.new
|
7
|
-
|
8
|
-
task default: :spec
|
9
|
-
task test: :spec
|
10
|
-
|
11
|
-
desc 'Generate and run migrations in the test application'
|
12
|
-
task :migrate do
|
13
|
-
Dir.chdir('spec/dummy') do
|
14
|
-
system('bin/rails generate doorkeeper:openid_connect:migration')
|
15
|
-
system('bin/rake db:migrate')
|
16
|
-
end
|
17
|
-
end
|
18
|
-
|
19
|
-
desc 'Run server in the test application'
|
20
|
-
task :server do
|
21
|
-
Dir.chdir('spec/dummy') do
|
22
|
-
system('bin/rails server')
|
23
|
-
end
|
24
|
-
end
|