duo_web 1.0.1 → 1.0.3

checksums.yaml

@@ -1,7 +1,7 @@
 ---
-SHA1:
-  metadata.gz: 0eb13447a3aed9e9be7a8073b18a54781e174f06
-  data.tar.gz: 952d88272d0e26fe20d254f4f025ba792015c6d2
+SHA256:
+  metadata.gz: c70cb013ea72192e2a4b2d14ccfb380174f1bf14f0759dfbf9ce12cf237bcc4d
+  data.tar.gz: b7ebdc7fb3437ece9f45e2f4532dfff1a30c69ccccfcb99d9ef035712ab0e77f
 SHA512:
-  metadata.gz: d19b8967b13c7a248157d398f57bf428aa2dc01c4159fc07750a99a2ba84f34fa06f8f1bd725518db1ce99b5e5bca3c5328fcac2b7be09a5ecbab443a97bbd79
-  data.tar.gz: b27b8828147e8f8ee78b9dddb22ee5ca80757f53afea04d4ae22a970e15fd795132bd46160e40449907291107b3691f90214b6c391df438993c03a5231a5ce03
+  metadata.gz: bfd2827efeb2efcccbc2eb25b76310890c54c7c38688e8d4b5e56a2a3e305bb083610016946d67b82d03904e45935d5c912b47f7aadcd68f4242011dd5a1b291
+  data.tar.gz: 3823882095cbde2206e0e5c1db43f1cf14f99d828a1eef4e9903f2aa33dc4035244ce22baf1c338e5b0adf3c5402e20d45114001a95549abfc35c454adfadc10

data/js/Duo-Web-v2.js

@@ -1,6 +1,6 @@
 /**
  * Duo Web SDK v2
- * Copyright 2019, Duo Security
+ * Copyright 2021, Duo Security
  */
 
 (function (root, factory) {
@@ -380,9 +380,9 @@
      */
     function generateIframeSrc() {
         return [
-            'https://', host, '/frame/web/v1/auth?tx=', duoSig,
+            'https://', host, '/frame/web/v1/auth?tx=', encodeURIComponent(duoSig),
             '&parent=', encodeURIComponent(document.location.href),
-            '&v=2.8'
+            '&v=2.9'
         ].join('');
     }
 
@@ -512,7 +512,7 @@
             while (promptElement.firstChild) {
                 // We call `removeChild()` instead of doing `innerHTML = ""`
                 // to make sure we unbind any events.
-                promptElement.removeChild(promptElement.firstChild)
+                promptElement.removeChild(promptElement.firstChild);
             }
 
             iframe = document.createElement('iframe');

data/js/Duo-Web-v2.min.js

@@ -1 +1 @@
-!function(e,t){if("function"==typeof define&&define.amd)define([],t);else if("object"==typeof module&&module.exports)module.exports=t();else{var n=t();n._onReady(n.init),e.Duo=n}}(this,function(){var i,a,r,s,u,f,m,t=/^(?:AUTH|ENROLL)+\|[A-Za-z0-9\+\/=]+\|[A-Za-z0-9\+\/=]+$/,n=/^ERR\|[\w\s\.\(\)]+$/,d=/^DUO_OPEN_WINDOW\|/,c=["duo.com","duosecurity.com","duomobile.s3-us-west-1.amazonaws.com"];function l(){i="",a="sig_response",r=undefined,undefined,s=undefined,u=undefined,f=undefined,m=undefined}function h(e,t){var n=t||"https://www.duosecurity.com/docs/duoweb#3.-show-the-iframe";throw new Error("Duo Web SDK error: "+e+(n?"\nSee "+n+" for more information":""))}function g(e,t){return"dataset"in e?e.dataset[t]:e.getAttribute("data-"+function n(e){return e.replace(/([a-z])([A-Z])/,"$1-$2").toLowerCase()}(t))}function p(e,t,n,o){"addEventListener"in window?e.addEventListener(t,o,!1):e.attachEvent(n,o)}function v(e,t,n,o){"removeEventListener"in window?e.removeEventListener(t,o,!1):e.detachEvent(n,o)}function w(e){p(document,"DOMContentLoaded","onreadystatechange",e)}function _(e){v(document,"DOMContentLoaded","onreadystatechange",e)}function b(e){if(e){0===e.indexOf("ERR|")&&h(e.split("|")[1]),-1!==e.indexOf(":")&&2===e.split(":").length||h("Duo was given a bad token.  This might indicate a configuration problem with one of Duo's client libraries.");var t=e.split(":");return e,s=t[0],u=t[1],{sigRequest:e,duoSig:t[0],appSig:t[1]}}}function E(e){return Boolean(e.origin==="https://"+r&&"string"==typeof e.data&&(e.data.match(t)||e.data.match(n)||e.data.match(d)))}function y(e){var t;return e.iframe&&e.iframeContainer?h("Passing both `iframe` and `iframeContainer` arguments at the same time is not allowed."):e.iframe?function n(e){e&&!D(e)&&h("`iframe` only accepts an iframe element or the id of an iframe. To use a non-iframe element, use the `iframeContainer` argument.")}(t=C(e.iframe)):e.iframeContainer?function o(e){e&&D(e)&&h("`iframeContainer` only accepts a non-iframe element or the id of a non-iframe. To use a non-iframe element, use the `iframeContainer` argument on Duo.init().")}(t=C(e.iframeContainer)):t=document.getElementById("duo_iframe"),t}function C(e){return e.tagName?e:"string"==typeof e?document.getElementById(e):null}function D(e){return e&&e.tagName&&"iframe"===e.tagName.toLowerCase()}function A(){return["https://",r,"/frame/web/v1/auth?tx=",s,"&parent=",encodeURIComponent(document.location.href),"&v=2.8"].join("")}function O(e){if(E(e))if(e.data.match(d)){var t=e.data.substring("DUO_OPEN_WINDOW|".length);(function o(e){if(!e)return!1;var t=document.createElement("a");{if(t.href=e,"duotrustedendpoints:"===t.protocol)return!0;if("https:"!==t.protocol)return!1}for(var n=0;n<c.length;n++)if(t.hostname.endsWith("."+c[n])||t.hostname===c[n])return!0;return!1})(t)&&window.open(t,"_self")}else L(e.data),function n(e){v(window,"message","onmessage",e)}(O)}function R(e,t){if(r||(r=g(e,"host"))||h("No API hostname is given for Duo to use.  Be sure to pass a `host` parameter to Duo.init, or through the `data-host` attribute on the iframe element."),s&&u||(b(g(e,"sigRequest")),s&&u||h("No valid signed request is given.  Be sure to give the `sig_request` parameter to Duo.init, or use the `data-sig-request` attribute on the iframe element.")),""===i&&(i=g(e,"postAction")||i),"sig_response"===a&&(a=g(e,"postArgument")||a),D(e))(f=e).src=A();else{for(;e.firstChild;)e.removeChild(e.firstChild);for(var n in f=document.createElement("iframe"),t.src=A(),t)f.setAttribute(n,t[n]);e.appendChild(f)}!function o(e){p(window,"message","onmessage",e)}(O)}function L(e){var t=document.createElement("input");t.type="hidden",t.name=a,t.value=e+":"+u;var n=document.getElementById("duo_form");n||(n=document.createElement("form"),f.parentElement.insertBefore(n,f.nextSibling)),n.method="POST",n.action=i,n.appendChild(t),"function"==typeof m?m.call(null,n):n.submit()}return l(),{init:function N(e){l(),e&&(e.host&&(r=e.host),e.sig_request&&b(e.sig_request),e.post_action&&(i=e.post_action),e.post_argument&&(a=e.post_argument),"function"==typeof e.submit_callback&&(m=e.submit_callback));var t=y(e);t?R(t,e.iframeAttributes||{}):function o(t){var n=function(){var e=y(t);e||h('This page does not contain an iframe for Duo to use. Add an element like <iframe id="duo_iframe"></iframe> to this page.'),R(e,t.iframeAttributes||{}),_(n)};w(n)}(e),_(N)},_onReady:w,_parseSigRequest:b,_isDuoMessage:E,_doPostBack:L}});
+!function(e,t){if("function"==typeof define&&define.amd)define([],t);else if("object"==typeof module&&module.exports)module.exports=t();else{var n=t();n._onReady(n.init),e.Duo=n}}(this,function(){var e,t,n,o,i,a,r,s=/^(?:AUTH|ENROLL)+\|[A-Za-z0-9\+\/=]+\|[A-Za-z0-9\+\/=]+$/,u=/^ERR\|[\w\s\.\(\)]+$/,m=/^DUO_OPEN_WINDOW\|/,d=["duo.com","duosecurity.com","duomobile.s3-us-west-1.amazonaws.com"];function f(){e="",t="sig_response",n=undefined,undefined,o=undefined,i=undefined,a=undefined,r=undefined}function c(e,t){var n=t||"https://www.duosecurity.com/docs/duoweb#3.-show-the-iframe";throw new Error("Duo Web SDK error: "+e+(n?"\nSee "+n+" for more information":""))}function l(e,t){return"dataset"in e?e.dataset[t]:e.getAttribute("data-"+t.replace(/([a-z])([A-Z])/,"$1-$2").toLowerCase())}function h(e,t,n,o){"addEventListener"in window?e.addEventListener(t,o,!1):e.attachEvent(n,o)}function g(e,t,n,o){"removeEventListener"in window?e.removeEventListener(t,o,!1):e.detachEvent(n,o)}function p(e){h(document,"DOMContentLoaded","onreadystatechange",e)}function v(e){g(document,"DOMContentLoaded","onreadystatechange",e)}function w(e){if(e){0===e.indexOf("ERR|")&&c(e.split("|")[1]),-1!==e.indexOf(":")&&2===e.split(":").length||c("Duo was given a bad token.  This might indicate a configuration problem with one of Duo's client libraries.");var t=e.split(":");return e,o=t[0],i=t[1],{sigRequest:e,duoSig:t[0],appSig:t[1]}}}function _(e){return Boolean(e.origin==="https://"+n&&"string"==typeof e.data&&(e.data.match(s)||e.data.match(u)||e.data.match(m)))}function b(e){var t,n;return e.iframe&&e.iframeContainer?c("Passing both `iframe` and `iframeContainer` arguments at the same time is not allowed."):e.iframe?(t=E(e.iframe),(n=t)&&!y(n)&&c("`iframe` only accepts an iframe element or the id of an iframe. To use a non-iframe element, use the `iframeContainer` argument.")):e.iframeContainer?function(e){e&&y(e)&&c("`iframeContainer` only accepts a non-iframe element or the id of a non-iframe. To use a non-iframe element, use the `iframeContainer` argument on Duo.init().")}(t=E(e.iframeContainer)):t=document.getElementById("duo_iframe"),t}function E(e){return e.tagName?e:"string"==typeof e?document.getElementById(e):null}function y(e){return e&&e.tagName&&"iframe"===e.tagName.toLowerCase()}function C(){return["https://",n,"/frame/web/v1/auth?tx=",encodeURIComponent(o),"&parent=",encodeURIComponent(document.location.href),"&v=2.9"].join("")}function D(e){if(_(e))if(e.data.match(m)){var t=e.data.substring("DUO_OPEN_WINDOW|".length);(function(e){if(!e)return!1;var t=document.createElement("a");if(t.href=e,"duotrustedendpoints:"===t.protocol)return!0;if("https:"!==t.protocol)return!1;for(var n=0;n<d.length;n++)if(t.hostname.endsWith("."+d[n])||t.hostname===d[n])return!0;return!1})(t)&&window.open(t,"_self")}else O(e.data),g(window,"message","onmessage",D)}function A(r,s){if(n||(n=l(r,"host"))||c("No API hostname is given for Duo to use.  Be sure to pass a `host` parameter to Duo.init, or through the `data-host` attribute on the iframe element."),o&&i||(w(l(r,"sigRequest")),o&&i||c("No valid signed request is given.  Be sure to give the `sig_request` parameter to Duo.init, or use the `data-sig-request` attribute on the iframe element.")),""===e&&(e=l(r,"postAction")||e),"sig_response"===t&&(t=l(r,"postArgument")||t),y(r))(a=r).src=C();else{for(;r.firstChild;)r.removeChild(r.firstChild);for(var u in a=document.createElement("iframe"),s.src=C(),s)a.setAttribute(u,s[u]);r.appendChild(a)}h(window,"message","onmessage",D)}function O(n){var o=document.createElement("input");o.type="hidden",o.name=t,o.value=n+":"+i;var s=document.getElementById("duo_form");s||(s=document.createElement("form"),a.parentElement.insertBefore(s,a.nextSibling)),s.method="POST",s.action=e,s.appendChild(o),"function"==typeof r?r.call(null,s):s.submit()}return f(),{init:function R(o){f(),o&&(o.host&&(n=o.host),o.sig_request&&w(o.sig_request),o.post_action&&(e=o.post_action),o.post_argument&&(t=o.post_argument),"function"==typeof o.submit_callback&&(r=o.submit_callback));var i=b(o);i?A(i,o.iframeAttributes||{}):function(e){var t=function(){var n=b(e);n||c('This page does not contain an iframe for Duo to use. Add an element like <iframe id="duo_iframe"></iframe> to this page.'),A(n,e.iframeAttributes||{}),v(t)};p(t)}(o),v(R)},_onReady:p,_parseSigRequest:w,_isDuoMessage:_,_doPostBack:O}});

data/lib/duo_web.rb

@@ -104,4 +104,9 @@ module Duo
   end
 
   extend self
+
+  extend Gem::Deprecate
+  deprecate :sign_request, :none, 2022, 7
+  deprecate :verify_response, :none, 2022, 7
+
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: duo_web
 version: !ruby/object:Gem::Version
-  version: 1.0.1
+  version: 1.0.3
 platform: ruby
 authors:
 - Duo Security
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2019-09-12 00:00:00.000000000 Z
+date: 2022-07-18 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rake
@@ -16,28 +16,28 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '0'
+        version: '13'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '0'
+        version: '13'
 - !ruby/object:Gem::Dependency
   name: rubocop
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.49.0
+        version: 1.27.0
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.49.0
+        version: 1.27.0
 - !ruby/object:Gem::Dependency
   name: test-unit
   requirement: !ruby/object:Gem::Requirement
@@ -80,8 +80,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubyforge_project: 
-rubygems_version: 2.5.2.3
+rubygems_version: 3.0.3.1
 signing_key: 
 specification_version: 4
 summary: Duo Web Ruby