google_sign_in 1.0.2 → 1.1.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (9) hide show
  1. checksums.yaml +4 -4
  2. data/Gemfile.lock +1 -1
  3. data/README.md +5 -1
  4. data/app/controllers/google_sign_in/authorizations_controller.rb +1 -1
  5. data/google_sign_in.gemspec +1 -1
  6. data/lib/google_sign_in/identity.rb +4 -0
  7. data/test/controllers/authorizations_controller_test.rb +1 -1
  8. data/test/models/identity_test.rb +4 -0
  9. metadata +2 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 24c15501a3592c3084e2c010f28b27286fbc1063fc14a4e12cae6a39d45e2d91
4
- data.tar.gz: 641fa3446a70fd92c3c4118df79622c3584df23d045b76665b536fad7640f31c
3
+ metadata.gz: a9f61243974b069b039924957b8a03b39daad94f8e76109f88cfbbb60769b321
4
+ data.tar.gz: 782d1b3520a08d7ea1ee9b0d4bd1179d94679d02ab9187d2bc82aeaa8c28a481
5
5
  SHA512:
6
- metadata.gz: 8a9582961f9e2c3dd6943e7759165fea8dd3ad7c5dd7f3ea4a20952caaf4b148e613682d2846ee5995e8776fc56ecd94239365212f5b08f8e8e0f49dc19b6c54
7
- data.tar.gz: 9c21ca9843a11d54482106c0b8889d313fc4a70b3b5686df7e0fb27042d4e8b100918b67789d81d625a829ee8b632025cd433f119c0d8320983cc4c49caf9e82
6
+ metadata.gz: 7d53ffc9c30b06696d4f6e726570a9262e711cb1d5b2700d2deee935cc2009d68b2addd8262a6cd105380f1ba210a42b6e070cd8b6dfe45b6cb80584e70c4051
7
+ data.tar.gz: b01f4f9a120d08c61f00169622162461435c26ba154c73d20f232815411b2636d582a3de3c6bca3209a0fe69bea79ab31aa164b75768958759b87b3a6ed81870
data/Gemfile.lock CHANGED
@@ -1,7 +1,7 @@
1
1
  PATH
2
2
  remote: .
3
3
  specs:
4
- google_sign_in (1.0.2)
4
+ google_sign_in (1.1.0)
5
5
  google-id-token (>= 1.4.0)
6
6
  oauth2 (>= 1.4.0)
7
7
  rails (>= 5.2.0)
data/README.md CHANGED
@@ -123,6 +123,8 @@ origin as your application. This means it must have the same protocol, host, and
123
123
  `google_sign_in_button` is used. We enforce this before redirecting to the `proceed_to` URL to guard against
124
124
  [open redirects](https://www.owasp.org/index.php/Unvalidated_Redirects_and_Forwards_Cheat_Sheet).
125
125
 
126
+ ### `GoogleSignIn::Identity`
127
+
126
128
  The `GoogleSignIn::Identity` class decodes and verifies the integrity of a Google ID token. It exposes the profile
127
129
  information contained in the token via the following instance methods:
128
130
 
@@ -130,7 +132,7 @@ information contained in the token via the following instance methods:
130
132
 
131
133
  * `email_address`
132
134
 
133
- * `user_id`: A value that uniquely identifies a single Google user. Use this, not `email_address`, to associate a
135
+ * `user_id`: A string that uniquely identifies a single Google user. Use this, not `email_address`, to associate a
134
136
  Google user with an application user. A Google user’s email address may change, but their `user_id` will remain constant.
135
137
 
136
138
  * `email_verified?`
@@ -139,6 +141,8 @@ information contained in the token via the following instance methods:
139
141
 
140
142
  * `locale`
141
143
 
144
+ * `hosted_domain`: The user’s hosted G Suite domain, provided only if they belong to a G Suite.
145
+
142
146
 
143
147
  ## Security
144
148
 
data/app/controllers/google_sign_in/authorizations_controller.rb CHANGED
@@ -12,6 +12,6 @@ class GoogleSignIn::AuthorizationsController < GoogleSignIn::BaseController
12
12
  end
13
13
 
14
14
  def state
15
- @state ||= SecureRandom.base64(16)
15
+ @state ||= SecureRandom.base64(24)
16
16
  end
17
17
  end
data/google_sign_in.gemspec CHANGED
@@ -1,6 +1,6 @@
1
1
  Gem::Specification.new do |s|
2
2
  s.name = 'google_sign_in'
3
- s.version = '1.0.2'
3
+ s.version = '1.1.0'
4
4
  s.authors = ['David Heinemeier Hansson', 'George Claghorn']
5
5
  s.email = ['david@basecamp.com', 'george@basecamp.com']
6
6
  s.summary = 'Sign in (or up) with Google for Rails applications'
data/lib/google_sign_in/identity.rb CHANGED
@@ -36,6 +36,10 @@ module GoogleSignIn
36
36
  @payload["locale"]
37
37
  end
38
38
 
39
+ def hosted_domain
40
+ @payload["hd"]
41
+ end
42
+
39
43
  private
40
44
  delegate :client_id, to: GoogleSignIn
41
45
 
data/test/controllers/authorizations_controller_test.rb CHANGED
@@ -12,7 +12,7 @@ class GoogleSignIn::AuthorizationsControllerTest < ActionDispatch::IntegrationTe
12
12
  assert_equal 'code', params[:response_type]
13
13
  assert_equal 'http://www.example.com/google_sign_in/callback', params[:redirect_uri]
14
14
  assert_equal 'openid profile email', params[:scope]
15
- assert_match /[A-Za-z0-9+\/]{22}==/, params[:state]
15
+ assert_match /[A-Za-z0-9+\/]{32}/, params[:state]
16
16
 
17
17
  assert_equal 'http://www.example.com/login', flash[:proceed_to]
18
18
  assert_equal params[:state], flash[:state]
data/test/models/identity_test.rb CHANGED
@@ -61,6 +61,10 @@ class GoogleSignIn::IdentityTest < ActiveSupport::TestCase
61
61
  assert_equal "en-US", GoogleSignIn::Identity.new(token_with(locale: "en-US")).locale
62
62
  end
63
63
 
64
+ test "extracting hosted G Suite domain" do
65
+ assert_equal "basecamp.com", GoogleSignIn::Identity.new(token_with(hd: "basecamp.com")).hosted_domain
66
+ end
67
+
64
68
  private
65
69
  def switch_client_id_to(value)
66
70
  previous_value = GoogleSignIn.client_id
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: google_sign_in
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.0.2
4
+ version: 1.1.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - David Heinemeier Hansson
@@ -9,7 +9,7 @@ authors:
9
9
  autorequire:
10
10
  bindir: bin
11
11
  cert_chain: []
12
- date: 2018-09-12 00:00:00.000000000 Z
12
+ date: 2018-09-14 00:00:00.000000000 Z
13
13
  dependencies:
14
14
  - !ruby/object:Gem::Dependency
15
15
  name: rails