RubyGems - google_sign_in - Versions diffs - 1.0.2 → 1.1.0 - Mend

google_sign_in 1.0.2 → 1.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (9) hide show

checksums.yaml +4 -4
data/Gemfile.lock +1 -1
data/README.md +5 -1
data/app/controllers/google_sign_in/authorizations_controller.rb +1 -1
data/google_sign_in.gemspec +1 -1
data/lib/google_sign_in/identity.rb +4 -0
data/test/controllers/authorizations_controller_test.rb +1 -1
data/test/models/identity_test.rb +4 -0
metadata +2 -2

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 24c15501a3592c3084e2c010f28b27286fbc1063fc14a4e12cae6a39d45e2d91
-  data.tar.gz: 641fa3446a70fd92c3c4118df79622c3584df23d045b76665b536fad7640f31c
+  metadata.gz: a9f61243974b069b039924957b8a03b39daad94f8e76109f88cfbbb60769b321
+  data.tar.gz: 782d1b3520a08d7ea1ee9b0d4bd1179d94679d02ab9187d2bc82aeaa8c28a481
 SHA512:
-  metadata.gz: 8a9582961f9e2c3dd6943e7759165fea8dd3ad7c5dd7f3ea4a20952caaf4b148e613682d2846ee5995e8776fc56ecd94239365212f5b08f8e8e0f49dc19b6c54
-  data.tar.gz: 9c21ca9843a11d54482106c0b8889d313fc4a70b3b5686df7e0fb27042d4e8b100918b67789d81d625a829ee8b632025cd433f119c0d8320983cc4c49caf9e82
+  metadata.gz: 7d53ffc9c30b06696d4f6e726570a9262e711cb1d5b2700d2deee935cc2009d68b2addd8262a6cd105380f1ba210a42b6e070cd8b6dfe45b6cb80584e70c4051
+  data.tar.gz: b01f4f9a120d08c61f00169622162461435c26ba154c73d20f232815411b2636d582a3de3c6bca3209a0fe69bea79ab31aa164b75768958759b87b3a6ed81870

data/Gemfile.lock CHANGED Viewed

@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    google_sign_in (1.0.2)
+    google_sign_in (1.1.0)
       google-id-token (>= 1.4.0)
       oauth2 (>= 1.4.0)
       rails (>= 5.2.0)

data/README.md CHANGED Viewed

@@ -123,6 +123,8 @@ origin as your application. This means it must have the same protocol, host, and
 `google_sign_in_button` is used. We enforce this before redirecting to the `proceed_to` URL to guard against
 [open redirects](https://www.owasp.org/index.php/Unvalidated_Redirects_and_Forwards_Cheat_Sheet).
+### `GoogleSignIn::Identity`
 The `GoogleSignIn::Identity` class decodes and verifies the integrity of a Google ID token. It exposes the profile
 information contained in the token via the following instance methods:
@@ -130,7 +132,7 @@ information contained in the token via the following instance methods:
 * `email_address`
-* `user_id`: A value that uniquely identifies a single Google user. Use this, not `email_address`, to associate a
+* `user_id`: A string that uniquely identifies a single Google user. Use this, not `email_address`, to associate a
   Google user with an application user. A Google user’s email address may change, but their `user_id` will remain constant.
 * `email_verified?`
@@ -139,6 +141,8 @@ information contained in the token via the following instance methods:
 * `locale`
+* `hosted_domain`: The user’s hosted G Suite domain, provided only if they belong to a G Suite.
 ## Security

data/app/controllers/google_sign_in/authorizations_controller.rb CHANGED Viewed

@@ -12,6 +12,6 @@ class GoogleSignIn::AuthorizationsController < GoogleSignIn::BaseController
     end
     def state
-      @state ||= SecureRandom.base64(16)
+      @state ||= SecureRandom.base64(24)
     end
 end

data/google_sign_in.gemspec CHANGED Viewed

@@ -1,6 +1,6 @@
 Gem::Specification.new do |s|
   s.name     = 'google_sign_in'
-  s.version  = '1.0.2'
+  s.version  = '1.1.0'
   s.authors  = ['David Heinemeier Hansson', 'George Claghorn']
   s.email    = ['david@basecamp.com', 'george@basecamp.com']
   s.summary  = 'Sign in (or up) with Google for Rails applications'

data/lib/google_sign_in/identity.rb CHANGED Viewed

@@ -36,6 +36,10 @@ module GoogleSignIn
       @payload["locale"]
     end
+    def hosted_domain
+      @payload["hd"]
+    end
     private
       delegate :client_id, to: GoogleSignIn

data/test/controllers/authorizations_controller_test.rb CHANGED Viewed

@@ -12,7 +12,7 @@ class GoogleSignIn::AuthorizationsControllerTest < ActionDispatch::IntegrationTe
     assert_equal 'code', params[:response_type]
     assert_equal 'http://www.example.com/google_sign_in/callback', params[:redirect_uri]
     assert_equal 'openid profile email', params[:scope]
-    assert_match /[A-Za-z0-9+\/]{22}==/, params[:state]
+    assert_match /[A-Za-z0-9+\/]{32}/, params[:state]
     assert_equal 'http://www.example.com/login', flash[:proceed_to]
     assert_equal params[:state], flash[:state]

data/test/models/identity_test.rb CHANGED Viewed

@@ -61,6 +61,10 @@ class GoogleSignIn::IdentityTest < ActiveSupport::TestCase
     assert_equal "en-US", GoogleSignIn::Identity.new(token_with(locale: "en-US")).locale
   end
+  test "extracting hosted G Suite domain" do
+    assert_equal "basecamp.com", GoogleSignIn::Identity.new(token_with(hd: "basecamp.com")).hosted_domain
+  end
   private
     def switch_client_id_to(value)
       previous_value = GoogleSignIn.client_id

metadata CHANGED Viewed

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: google_sign_in
 version: !ruby/object:Gem::Version
-  version: 1.0.2
+  version: 1.1.0
 platform: ruby
 authors:
 - David Heinemeier Hansson
@@ -9,7 +9,7 @@ authors:
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2018-09-12 00:00:00.000000000 Z
+date: 2018-09-14 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rails