googleauth 0.15.1 → 0.16.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.rubocop.yml +0 -2
- data/CHANGELOG.md +7 -0
- data/Gemfile +2 -7
- data/README.md +8 -6
- data/googleauth.gemspec +2 -1
- data/lib/googleauth/credentials.rb +8 -3
- data/lib/googleauth/credentials_loader.rb +1 -1
- data/lib/googleauth/iam.rb +1 -1
- data/lib/googleauth/id_tokens/key_sources.rb +7 -5
- data/lib/googleauth/id_tokens/verifier.rb +7 -9
- data/lib/googleauth/scope_util.rb +1 -1
- data/lib/googleauth/service_account.rb +1 -1
- data/lib/googleauth/signet.rb +1 -1
- data/lib/googleauth/stores/file_token_store.rb +1 -0
- data/lib/googleauth/stores/redis_token_store.rb +1 -0
- data/lib/googleauth/version.rb +1 -1
- data/lib/googleauth/web_user_authorizer.rb +1 -1
- metadata +4 -4
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 48c5d834a399888143ea83075944e2986844be9c39b0932a5a3ffc4b5d39ddaa
|
4
|
+
data.tar.gz: 5967e63455f08bbceae1f4ca0860d043fecea202c34d4792c8e868e9f0a7645a
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 805fa56609f1574e85ca263be3cb8880f823db525951380ca5c3499d6600304ef81b643ce02879ea2fb4863f2ecefbbe8b37d4be658f64cb86a056fb6b67b48d
|
7
|
+
data.tar.gz: 57db9596321060154f8da5438ecaf96744d9102adde97b45b824c63b4c4ea2b246a1d85887de263f06d723f960dc27721509cc408af9f0cf29631ef1554cac56
|
data/.rubocop.yml
CHANGED
data/CHANGELOG.md
CHANGED
@@ -1,5 +1,12 @@
|
|
1
1
|
# Release History
|
2
2
|
|
3
|
+
## [0.16.0](https://www.github.com/googleapis/google-auth-library-ruby/compare/v0.15.1...v0.16.0) (2021-03-04)
|
4
|
+
|
5
|
+
|
6
|
+
### Features
|
7
|
+
|
8
|
+
* Drop support for Ruby 2.4 and add support for Ruby 3.0 ([6644806](https://www.github.com/googleapis/google-auth-library-ruby/commit/6644806ab47cea6d08e1901c2ed808e53a579bc3))
|
9
|
+
|
3
10
|
## [0.15.1](https://www.github.com/googleapis/google-auth-library-ruby/compare/v0.15.0...v0.15.1) (2021-02-08)
|
4
11
|
|
5
12
|
|
data/Gemfile
CHANGED
@@ -8,7 +8,7 @@ group :development do
|
|
8
8
|
gem "coveralls", "~> 0.7"
|
9
9
|
gem "fakefs", "~> 0.6"
|
10
10
|
gem "fakeredis", "~> 0.5"
|
11
|
-
gem "google-style", "~> 1.
|
11
|
+
gem "google-style", "~> 1.25.1"
|
12
12
|
gem "logging", "~> 2.0"
|
13
13
|
gem "minitest", "~> 5.14"
|
14
14
|
gem "minitest-focus", "~> 1.1"
|
@@ -21,10 +21,5 @@ group :development do
|
|
21
21
|
gem "webmock", "~> 3.8"
|
22
22
|
end
|
23
23
|
|
24
|
-
|
25
|
-
group :development do
|
26
|
-
end
|
27
|
-
end
|
28
|
-
|
29
|
-
gem "faraday", "~> 0.17"
|
24
|
+
gem "faraday", ">= 0.17.3", "< 2.0"
|
30
25
|
gem "gems", "~> 1.2"
|
data/README.md
CHANGED
@@ -182,12 +182,14 @@ Custom storage implementations can also be used. See
|
|
182
182
|
|
183
183
|
## Supported Ruby Versions
|
184
184
|
|
185
|
-
This library
|
186
|
-
|
187
|
-
|
188
|
-
|
189
|
-
maintenance
|
190
|
-
|
185
|
+
This library is supported on Ruby 2.5+.
|
186
|
+
|
187
|
+
Google provides official support for Ruby versions that are actively supported
|
188
|
+
by Ruby Core—that is, Ruby versions that are either in normal maintenance or in
|
189
|
+
security maintenance, and not end of life. Currently, this means Ruby 2.5 and
|
190
|
+
later. Older versions of Ruby _may_ still work, but are unsupported and not
|
191
|
+
recommended. See https://www.ruby-lang.org/en/downloads/branches/ for details
|
192
|
+
about the Ruby support schedule.
|
191
193
|
|
192
194
|
## License
|
193
195
|
|
data/googleauth.gemspec
CHANGED
@@ -24,8 +24,9 @@ Gem::Specification.new do |gem|
|
|
24
24
|
File.basename f
|
25
25
|
end
|
26
26
|
gem.require_paths = ["lib"]
|
27
|
+
|
27
28
|
gem.platform = Gem::Platform::RUBY
|
28
|
-
gem.required_ruby_version = ">= 2.
|
29
|
+
gem.required_ruby_version = ">= 2.5"
|
29
30
|
|
30
31
|
gem.add_dependency "faraday", ">= 0.17.3", "< 2.0"
|
31
32
|
gem.add_dependency "jwt", ">= 1.4", "< 3.0"
|
@@ -369,9 +369,10 @@ module Google
|
|
369
369
|
verify_keyfile_provided! keyfile
|
370
370
|
@project_id = options["project_id"] || options["project"]
|
371
371
|
@quota_project_id = options["quota_project_id"]
|
372
|
-
|
372
|
+
case keyfile
|
373
|
+
when Signet::OAuth2::Client
|
373
374
|
update_from_signet keyfile
|
374
|
-
|
375
|
+
when Hash
|
375
376
|
update_from_hash keyfile, options
|
376
377
|
else
|
377
378
|
update_from_filepath keyfile, options
|
@@ -503,9 +504,11 @@ module Google
|
|
503
504
|
|
504
505
|
# returns a new Hash with string keys instead of symbol keys.
|
505
506
|
def stringify_hash_keys hash
|
506
|
-
|
507
|
+
hash.to_h.transform_keys(&:to_s)
|
507
508
|
end
|
508
509
|
|
510
|
+
# rubocop:disable Metrics/AbcSize
|
511
|
+
|
509
512
|
def client_options options
|
510
513
|
# Keyfile options have higher priority over constructor defaults
|
511
514
|
options["token_credential_uri"] ||= self.class.token_credential_uri
|
@@ -527,6 +530,8 @@ module Google
|
|
527
530
|
signing_key: OpenSSL::PKey::RSA.new(options["private_key"]) }
|
528
531
|
end
|
529
532
|
|
533
|
+
# rubocop:enable Metrics/AbcSize
|
534
|
+
|
530
535
|
def update_from_signet client
|
531
536
|
@project_id ||= client.project_id if client.respond_to? :project_id
|
532
537
|
@quota_project_id ||= client.quota_project_id if client.respond_to? :quota_project_id
|
@@ -103,7 +103,7 @@ module Google
|
|
103
103
|
return make_creds options.merge(json_key_io: f)
|
104
104
|
end
|
105
105
|
elsif service_account_env_vars? || authorized_user_env_vars?
|
106
|
-
|
106
|
+
make_creds options
|
107
107
|
end
|
108
108
|
rescue StandardError => e
|
109
109
|
raise "#{NOT_FOUND_ERROR}: #{e}"
|
data/lib/googleauth/iam.rb
CHANGED
@@ -171,7 +171,9 @@ module Google
|
|
171
171
|
curve_name = CURVE_NAME_MAP[jwk[:crv]]
|
172
172
|
raise KeySourceError, "Unsupported EC curve #{jwk[:crv]}" unless curve_name
|
173
173
|
group = OpenSSL::PKey::EC::Group.new curve_name
|
174
|
-
|
174
|
+
x_hex = x_data.unpack1 "H*"
|
175
|
+
y_hex = y_data.unpack1 "H*"
|
176
|
+
bn = OpenSSL::BN.new ["04#{x_hex}#{y_hex}"].pack("H*"), 2
|
175
177
|
key = OpenSSL::PKey::EC.new curve_name
|
176
178
|
key.public_key = OpenSSL::PKey::EC::Point.new group, bn
|
177
179
|
key
|
@@ -284,10 +286,10 @@ module Google
|
|
284
286
|
raise KeySourceError, "Unable to retrieve data from #{uri}" unless response.is_a? Net::HTTPSuccess
|
285
287
|
|
286
288
|
data = begin
|
287
|
-
|
288
|
-
|
289
|
-
|
290
|
-
|
289
|
+
JSON.parse response.body
|
290
|
+
rescue JSON::ParserError
|
291
|
+
raise KeySourceError, "Unable to parse JSON"
|
292
|
+
end
|
291
293
|
|
292
294
|
@current_keys = Array(interpret_json(data))
|
293
295
|
end
|
@@ -105,15 +105,13 @@ module Google
|
|
105
105
|
def decode_token token, keys, aud, azp, iss
|
106
106
|
payload = nil
|
107
107
|
keys.find do |key|
|
108
|
-
|
109
|
-
|
110
|
-
|
111
|
-
|
112
|
-
|
113
|
-
|
114
|
-
|
115
|
-
nil # Try the next key
|
116
|
-
end
|
108
|
+
options = { algorithms: key.algorithm }
|
109
|
+
decoded_token = JWT.decode token, key.key, true, options
|
110
|
+
payload = decoded_token.first
|
111
|
+
rescue JWT::ExpiredSignature
|
112
|
+
raise ExpiredTokenError, "Token signature is expired"
|
113
|
+
rescue JWT::DecodeError
|
114
|
+
nil # Try the next key
|
117
115
|
end
|
118
116
|
|
119
117
|
normalize_and_verify_payload payload, aud, azp, iss
|
data/lib/googleauth/signet.rb
CHANGED
data/lib/googleauth/version.rb
CHANGED
@@ -189,7 +189,7 @@ module Google
|
|
189
189
|
# May raise an error if an authorization code is present in the session
|
190
190
|
# and exchange of the code fails
|
191
191
|
def get_credentials user_id, request = nil, scope = nil
|
192
|
-
if request
|
192
|
+
if request&.session&.key? CALLBACK_STATE_KEY
|
193
193
|
# Note - in theory, no need to check required scope as this is
|
194
194
|
# expected to be called immediately after a return from authorization
|
195
195
|
state_json = request.session.delete CALLBACK_STATE_KEY
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: googleauth
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 0.16.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Tim Emiola
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2021-
|
11
|
+
date: 2021-03-04 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: faraday
|
@@ -226,14 +226,14 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
226
226
|
requirements:
|
227
227
|
- - ">="
|
228
228
|
- !ruby/object:Gem::Version
|
229
|
-
version: 2.
|
229
|
+
version: '2.5'
|
230
230
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
231
231
|
requirements:
|
232
232
|
- - ">="
|
233
233
|
- !ruby/object:Gem::Version
|
234
234
|
version: '0'
|
235
235
|
requirements: []
|
236
|
-
rubygems_version: 3.2.
|
236
|
+
rubygems_version: 3.2.11
|
237
237
|
signing_key:
|
238
238
|
specification_version: 4
|
239
239
|
summary: Google Auth Library for Ruby
|