doorkeeper-openid_connect 1.8.0 → 1.8.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +8 -0
- data/README.md +1 -1
- data/app/controllers/doorkeeper/openid_connect/discovery_controller.rb +10 -1
- data/lib/doorkeeper/openid_connect/oauth/password_access_token_request.rb +10 -3
- data/lib/doorkeeper/openid_connect/rails/routes.rb +1 -0
- data/lib/doorkeeper/openid_connect/version.rb +1 -1
- metadata +3 -3
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: '09f27d32ffb416432a70412926bdd053ef3c715615d503ea468fe00471e00dc0'
|
|
4
|
+
data.tar.gz: 36c769e0736aba2a90576b9837201b692205bbd4506db709b70e9cd544b7e15f
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 9d9a70bf130b96e1f1d51d28781c7d2bab443876c7d2a25f8fa3ab674b5bcc406342e7787f8681fa6ec81ea8223011f48600e2c9b257c774766c522a8e74c1b9
|
|
7
|
+
data.tar.gz: 063e9d61009275044b6b6ff98bfd068a7873d7986e407616c5363aedba127989f48da9ff1fe6489895d6ea62b3db5ed69185557b505d02391dc6f935c3dbbc7b
|
data/CHANGELOG.md
CHANGED
|
@@ -1,5 +1,13 @@
|
|
|
1
1
|
## Unreleased
|
|
2
2
|
|
|
3
|
+
- [#] Add here
|
|
4
|
+
|
|
5
|
+
## v1.8.1 (2022-02-09)
|
|
6
|
+
|
|
7
|
+
- [#153] Fix ArgumentError caused by client credential validation introduced in Doorkeeper 5.5.1 (thanks to @CircumnavigatingFlatEarther)
|
|
8
|
+
- [#161] Fix .well-known/openid-connect issuer (respond to block if provided) (thanks to @fkowal).
|
|
9
|
+
- [#152] Expose oauth-authorization-server in routes (thanks to @mitar)
|
|
10
|
+
|
|
3
11
|
## v1.8.0 (2021-05-11)
|
|
4
12
|
|
|
5
13
|
No changes from v1.8.0-rc1.
|
data/README.md
CHANGED
|
@@ -104,7 +104,7 @@ The following settings are required in `config/initializers/doorkeeper_openid_co
|
|
|
104
104
|
|
|
105
105
|
- `issuer`
|
|
106
106
|
- Identifier for the issuer of the response (i.e. your application URL). The value is a case sensitive URL using the `https` scheme that contains scheme, host, and optionally, port number and path components and no query or fragment components.
|
|
107
|
-
- You can either pass a string value, or a block to generate the issuer dynamically based on the `resource_owner` and `application` passed to the block.
|
|
107
|
+
- You can either pass a string value, or a block to generate the issuer dynamically based on the `resource_owner` and `application` or [request](app/controllers/doorkeeper/openid_connect/discovery_controller.rb#L123) passed to the block.
|
|
108
108
|
- `subject`
|
|
109
109
|
- Identifier for the resource owner (i.e. the authenticated user). A locally unique and never reassigned identifier within the issuer for the end-user, which is intended to be consumed by the client. The value is a case-sensitive string and must not exceed 255 ASCII characters in length.
|
|
110
110
|
- The database ID of the user is an acceptable choice if you don't mind leaking that information.
|
|
@@ -24,8 +24,9 @@ module Doorkeeper
|
|
|
24
24
|
def provider_response
|
|
25
25
|
doorkeeper = ::Doorkeeper.configuration
|
|
26
26
|
openid_connect = ::Doorkeeper::OpenidConnect.configuration
|
|
27
|
+
|
|
27
28
|
{
|
|
28
|
-
issuer:
|
|
29
|
+
issuer: issuer,
|
|
29
30
|
authorization_endpoint: oauth_authorization_url(authorization_url_options),
|
|
30
31
|
token_endpoint: oauth_token_url(token_url_options),
|
|
31
32
|
revocation_endpoint: oauth_revoke_url(revocation_url_options),
|
|
@@ -119,6 +120,14 @@ module Doorkeeper
|
|
|
119
120
|
}
|
|
120
121
|
end
|
|
121
122
|
|
|
123
|
+
def issuer
|
|
124
|
+
if Doorkeeper::OpenidConnect.configuration.issuer.respond_to?(:call)
|
|
125
|
+
Doorkeeper::OpenidConnect.configuration.issuer.call(request).to_s
|
|
126
|
+
else
|
|
127
|
+
Doorkeeper::OpenidConnect.configuration.issuer
|
|
128
|
+
end
|
|
129
|
+
end
|
|
130
|
+
|
|
122
131
|
%i[authorization token revocation introspection userinfo jwks webfinger].each do |endpoint|
|
|
123
132
|
define_method :"#{endpoint}_url_options" do
|
|
124
133
|
discovery_url_default_options.merge(discovery_url_options[endpoint.to_sym] || {})
|
|
@@ -6,9 +6,16 @@ module Doorkeeper
|
|
|
6
6
|
module PasswordAccessTokenRequest
|
|
7
7
|
attr_reader :nonce
|
|
8
8
|
|
|
9
|
-
|
|
10
|
-
|
|
11
|
-
|
|
9
|
+
if Gem.loaded_specs['doorkeeper'].version >= Gem::Version.create('5.5.1')
|
|
10
|
+
def initialize(server, client, credentials, resource_owner, parameters = {})
|
|
11
|
+
super
|
|
12
|
+
@nonce = parameters[:nonce]
|
|
13
|
+
end
|
|
14
|
+
else
|
|
15
|
+
def initialize(server, client, resource_owner, parameters = {})
|
|
16
|
+
super
|
|
17
|
+
@nonce = parameters[:nonce]
|
|
18
|
+
end
|
|
12
19
|
end
|
|
13
20
|
|
|
14
21
|
private
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: doorkeeper-openid_connect
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.8.
|
|
4
|
+
version: 1.8.1
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Sam Dengler
|
|
@@ -9,7 +9,7 @@ authors:
|
|
|
9
9
|
autorequire:
|
|
10
10
|
bindir: bin
|
|
11
11
|
cert_chain: []
|
|
12
|
-
date:
|
|
12
|
+
date: 2022-02-09 00:00:00.000000000 Z
|
|
13
13
|
dependencies:
|
|
14
14
|
- !ruby/object:Gem::Dependency
|
|
15
15
|
name: doorkeeper
|
|
@@ -184,7 +184,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
184
184
|
- !ruby/object:Gem::Version
|
|
185
185
|
version: '0'
|
|
186
186
|
requirements: []
|
|
187
|
-
rubygems_version: 3.
|
|
187
|
+
rubygems_version: 3.0.8
|
|
188
188
|
signing_key:
|
|
189
189
|
specification_version: 4
|
|
190
190
|
summary: OpenID Connect extension for Doorkeeper.
|