gitlab-omniauth-openid-connect 0.8.0 → 0.9.1

Sign up to get free protection for your applications and to get access to all the features.
Files changed (7) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +8 -0
  3. data/CONTRIBUTING.md +40 -0
  4. data/README.md +2 -2
  5. data/lib/omniauth/openid_connect/version.rb +1 -1
  6. data/lib/omniauth/strategies/openid_connect.rb +2 -2
  7. metadata +7 -6
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 62584a1fdd8af0168b5b81d04cce7f90284f9b8fcc97a59d6c4de38fc55e9ce7
4
- data.tar.gz: d17b803694124786490472be60eccc9f717843c3a3b93e0fa4b449d8868b6a14
3
+ metadata.gz: cfe87cbb7313b1a3d1c25fa167d6a400b076043eb029b603f201e9c8f2bc06a0
4
+ data.tar.gz: 7386c0d5374abd0e310b28bd4a7cca97b0fa71e3a0e66f34d1e650ac16c8c8dc
5
5
  SHA512:
6
- metadata.gz: 77e2a464db549e4bdc30a7ba1d37a6e160688274819af19e8caa0f10ad606d837c40f49c0f887570881d92687dc5c7db1b705e6ed4afa347d97d578365ec5d41
7
- data.tar.gz: 66f5ebc52581daf1c45b2be51e5ec50096a40f979e7d8684b281c84e8fe13edf05e71e7b25d623d75049fed5b8bb1339d509560278014b680cab7247398b9019
6
+ metadata.gz: 34b17d1e9911b4e262efcddc65b7b3f83e9eda3285ca8a3309d37abb3128b9319c1d35a9666b78bf6401d9d02e1ff89011b3b4d7fcb2278fda9187d9d972a56a
7
+ data.tar.gz: ef6276095ef55576545620e9de38098872990a280b9e3c4ea38de48e25755c94dc272b5bce90d04a09c14be6ba758aeb6a141ef5078d7b80d97f3d42f79b852c
data/CHANGELOG.md CHANGED
@@ -1,3 +1,11 @@
1
+ # v0.9.1 (01.03.2022)
2
+
3
+ - [Assume public key encryption unless HMAC is specified](https://gitlab.com/gitlab-org/gitlab-omniauth-openid-connect/-/merge_requests/19)
4
+
5
+ # v0.9.0 (01.03.2022)
6
+
7
+ - [Add support for ES[256|384|512|256K] algorithms](https://gitlab.com/gitlab-org/gitlab-omniauth-openid-connect/-/merge_requests/17)
8
+
1
9
  # v0.8.0 (07.16.2021)
2
10
 
3
11
  - [Add `jwt_secret_base64` option to support binary secrets](https://gitlab.com/gitlab-org/gitlab-omniauth-openid-connect/-/merge_requests/12)
data/CONTRIBUTING.md ADDED
@@ -0,0 +1,40 @@
1
+ ## Developer Certificate of Origin and License
2
+
3
+ By contributing to GitLab B.V., you accept and agree to the following terms and
4
+ conditions for your present and future contributions submitted to GitLab B.V.
5
+ Except for the license granted herein to GitLab B.V. and recipients of software
6
+ distributed by GitLab B.V., you reserve all right, title, and interest in and to
7
+ your Contributions.
8
+
9
+ All contributions are subject to the Developer Certificate of Origin and license set out at [docs.gitlab.com/ce/legal/developer_certificate_of_origin](https://docs.gitlab.com/ce/legal/developer_certificate_of_origin).
10
+
11
+ _This notice should stay as the first item in the CONTRIBUTING.md file._
12
+
13
+ ## Code of conduct
14
+
15
+ As contributors and maintainers of this project, we pledge to respect all people
16
+ who contribute through reporting issues, posting feature requests, updating
17
+ documentation, submitting pull requests or patches, and other activities.
18
+
19
+ We are committed to making participation in this project a harassment-free
20
+ experience for everyone, regardless of level of experience, gender, gender
21
+ identity and expression, sexual orientation, disability, personal appearance,
22
+ body size, race, ethnicity, age, or religion.
23
+
24
+ Examples of unacceptable behavior by participants include the use of sexual
25
+ language or imagery, derogatory comments or personal attacks, trolling, public
26
+ or private harassment, insults, or other unprofessional conduct.
27
+
28
+ Project maintainers have the right and responsibility to remove, edit, or reject
29
+ comments, commits, code, wiki edits, issues, and other contributions that are
30
+ not aligned to this Code of Conduct. Project maintainers who do not follow the
31
+ Code of Conduct may be removed from the project team.
32
+
33
+ This code of conduct applies both within project spaces and in public spaces
34
+ when an individual is representing the project or its community.
35
+
36
+ Instances of abusive, harassing, or otherwise unacceptable behavior can be
37
+ reported by emailing contact@gitlab.com.
38
+
39
+ This Code of Conduct is adapted from the [Contributor Covenant](https://contributor-covenant.org), version 1.1.0,
40
+ available at [https://contributor-covenant.org/version/1/1/0/](https://contributor-covenant.org/version/1/1/0/).
data/README.md CHANGED
@@ -66,8 +66,8 @@ config.omniauth :openid_connect, {
66
66
  | post_logout_redirect_uri | The logout redirect uri to use per the [session management draft](https://openid.net/specs/openid-connect-session-1_0.html) | no | empty | https://myapp.com/logout/callback |
67
67
  | uid_field | The field of the user info response to be used as a unique id | no | 'sub' | "sub", "preferred_username" |
68
68
  | client_options | A hash of client options detailed in its own section | yes | | |
69
- | jwt_secret | no | client_options.secret | For HMAC with SHA2 (e.g. HS256) signing algorithms, specify the secret used to sign the JWT token. Defaults to the OAuth2 client secret if not specified. For secrets in binary, use `jwt_secret_base64`. |
70
- | jwt_secret_base64 | no | client_options.secret | For HMAC with SHA2 (e.g. HS256) signing algorithms, specify the base64-encoded secret used to sign the JWT token. Defaults to the OAuth2 client secret if not specified. |
69
+ | jwt_secret | For HMAC with SHA2 (e.g. HS256) signing algorithms, specify the secret used to sign the JWT token. Defaults to the OAuth2 client secret if not specified. For secrets in binary, use `jwt_secret_base64`. | no | client_options.secret | "mysecret" |
70
+ | jwt_secret_base64 | For HMAC with SHA2 (e.g. HS256) signing algorithms, specify the base64-encoded secret used to sign the JWT token. Defaults to the OAuth2 client secret if not specified. `jwt_secret` takes precedence. | no | client_options.secret | "bXlzZWNyZXQ=\n"
71
71
 
72
72
  ### Client Config Options
73
73
 
data/lib/omniauth/openid_connect/version.rb CHANGED
@@ -2,6 +2,6 @@
2
2
 
3
3
  module OmniAuth
4
4
  module OpenIDConnect
5
- VERSION = '0.8.0'
5
+ VERSION = '0.9.1'.freeze
6
6
  end
7
7
  end
data/lib/omniauth/strategies/openid_connect.rb CHANGED
@@ -265,10 +265,10 @@ module OmniAuth
265
265
 
266
266
  keyset =
267
267
  case algorithm
268
- when :RS256, :RS384, :RS512
269
- public_key
270
268
  when :HS256, :HS384, :HS512
271
269
  secret
270
+ else
271
+ public_key
272
272
  end
273
273
 
274
274
  decoded.verify!(keyset)
metadata CHANGED
@@ -1,15 +1,15 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: gitlab-omniauth-openid-connect
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.8.0
4
+ version: 0.9.1
5
5
  platform: ruby
6
6
  authors:
7
7
  - John Bohn
8
8
  - Ilya Shcherbinin
9
- autorequire:
9
+ autorequire:
10
10
  bindir: bin
11
11
  cert_chain: []
12
- date: 2021-07-16 00:00:00.000000000 Z
12
+ date: 2022-01-04 00:00:00.000000000 Z
13
13
  dependencies:
14
14
  - !ruby/object:Gem::Dependency
15
15
  name: addressable
@@ -209,6 +209,7 @@ files:
209
209
  - ".rubocop.yml"
210
210
  - ".travis.yml"
211
211
  - CHANGELOG.md
212
+ - CONTRIBUTING.md
212
213
  - Gemfile
213
214
  - Guardfile
214
215
  - LICENSE.txt
@@ -229,7 +230,7 @@ homepage: https://gitlab.com/gitlab-org/gitlab-omniauth-openid-connect
229
230
  licenses:
230
231
  - MIT
231
232
  metadata: {}
232
- post_install_message:
233
+ post_install_message:
233
234
  rdoc_options: []
234
235
  require_paths:
235
236
  - lib
@@ -244,8 +245,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
244
245
  - !ruby/object:Gem::Version
245
246
  version: '0'
246
247
  requirements: []
247
- rubygems_version: 3.1.4
248
- signing_key:
248
+ rubygems_version: 3.2.28
249
+ signing_key:
249
250
  specification_version: 4
250
251
  summary: OpenID Connect Strategy for OmniAuth
251
252
  test_files: