doorkeeper-openid_connect 1.6.0 → 1.6.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: d467023607fa5295674a557f197d8c40ffa87122705962abc889bfbcf3e2c59a
-  data.tar.gz: 527da818de86aab93ecd047905b77caa271a3d80e6874dcc69b6718afc14ad21
+  metadata.gz: 8b125dc43aa1d61bb63f9e21847c283cab2c049061aab519c6a3c7075537d749
+  data.tar.gz: e77fd739cd18693a7ad91531ab198d46fa3577328fef7c8301c8e0611038ab41
 SHA512:
-  metadata.gz: b9dada4d39d61d18a86be2fb1d086d270561138df2ca7237cca65c467d9954cf5a6f2bbbbc9f8a453db1aa003c97514990106eff2f3e44fb0994cf8c132a5999
-  data.tar.gz: dc3c4639a13b56e1d6f76b2efa1367b716e296642deb17e37ef3659847f6a309b7f5c41d2ed63657865bf1f40edfeb3189a0491607513a8dcb0187e99f56484f
+  metadata.gz: a9bab8209fe8082dfda99b2055b5a7c60f1181077649ed671765f68596647646cb4462744f8d3e50f224f62ae42c4d3090036fef79e9994995f47af95cff1b39
+  data.tar.gz: 4b5bea2726c1f2147fdacfec185dbf93cecc4fb36aa9597faf49c57fe33ac40e474b061b4d69a16e49450b26443097ec0461300d2ae4d7d60cf5e87560cd79b8

data/.ruby-version

@@ -1 +1 @@
-2.6.1
+2.6.3

data/CHANGELOG.md

@@ -2,6 +2,16 @@
 
 No changes yet.
 
+## v1.6.1 (2019-06-07)
+
+### Bugfixes
+
+- [#75] Fix return value for `after_successful_response` (thanks to @daveed)
+
+### Changes
+
+- [#72] Add `revocation_endpoint` and `introspection_endpoint` to discovery response (thanks to @scarfacedeb)
+
 ## v1.6.0 (2019-03-06)
 
 ### Changes
@@ -16,7 +26,7 @@ No changes yet.
 
 ### Bugfixes
 
-- [#66] Fix an open redirect vulnerability (thanks to @meagar)
+- [#66] Fix an open redirect vulnerability ([CVE-2019-9837](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9837), thanks to @meagar)
 - [#67] Don't delete existing tokens with `prompt=consent` (thanks to @nov)
 
 ### Changes

data/app/controllers/doorkeeper/openid_connect/discovery_controller.rb

@@ -26,6 +26,8 @@ module Doorkeeper
           issuer: openid_connect.issuer,
           authorization_endpoint: oauth_authorization_url(protocol: protocol),
           token_endpoint: oauth_token_url(protocol: protocol),
+          revocation_endpoint: oauth_revoke_url(protocol: protocol),
+          introspection_endpoint: oauth_introspect_url(protocol: protocol),
           userinfo_endpoint: oauth_userinfo_url(protocol: protocol),
           jwks_uri: oauth_discovery_keys_url(protocol: protocol),
 

data/lib/doorkeeper/openid_connect/oauth/password_access_token_request.rb

@@ -12,9 +12,9 @@ module Doorkeeper
         private
 
         def after_successful_response
-          super
           id_token = Doorkeeper::OpenidConnect::IdToken.new(access_token, nonce)
           @response.id_token = id_token
+          super
         end
       end
     end

data/lib/doorkeeper/openid_connect/version.rb

@@ -1,5 +1,5 @@
 module Doorkeeper
   module OpenidConnect
-    VERSION = '1.6.0'.freeze
+    VERSION = '1.6.1'.freeze
   end
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: doorkeeper-openid_connect
 version: !ruby/object:Gem::Version
-  version: 1.6.0
+  version: 1.6.1
 platform: ruby
 authors:
 - Sam Dengler
@@ -9,7 +9,7 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2019-03-06 00:00:00.000000000 Z
+date: 2019-06-07 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: doorkeeper
@@ -187,7 +187,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.0.1
+rubygems_version: 3.0.3
 signing_key: 
 specification_version: 4
 summary: OpenID Connect extension for Doorkeeper.