googleauth 0.15.1 → 0.17.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.github/renovate.json +6 -0
- data/.github/sync-repo-settings.yaml +18 -0
- data/.github/workflows/ci.yml +55 -0
- data/.github/workflows/{release.yml → release-please.yml} +3 -3
- data/.gitignore +3 -0
- data/.kokoro/populate-secrets.sh +76 -0
- data/.kokoro/release.cfg +7 -49
- data/.kokoro/release.sh +18 -0
- data/.kokoro/trampoline_v2.sh +489 -0
- data/.repo-metadata.json +3 -3
- data/.rubocop.yml +0 -2
- data/.toys/.toys.rb +45 -0
- data/.toys/ci.rb +43 -0
- data/.toys/kokoro/.toys.rb +66 -0
- data/.toys/kokoro/publish-docs.rb +67 -0
- data/.toys/kokoro/publish-gem.rb +53 -0
- data/.toys/linkinator.rb +43 -0
- data/.trampolinerc +48 -0
- data/CHANGELOG.md +28 -0
- data/Gemfile +2 -7
- data/README.md +9 -7
- data/SECURITY.md +7 -0
- data/googleauth.gemspec +2 -1
- data/lib/googleauth/compute_engine.rb +1 -1
- data/lib/googleauth/credentials.rb +8 -3
- data/lib/googleauth/credentials_loader.rb +1 -1
- data/lib/googleauth/iam.rb +1 -1
- data/lib/googleauth/id_tokens/key_sources.rb +7 -5
- data/lib/googleauth/id_tokens/verifier.rb +7 -9
- data/lib/googleauth/scope_util.rb +1 -1
- data/lib/googleauth/service_account.rb +21 -15
- data/lib/googleauth/signet.rb +1 -1
- data/lib/googleauth/stores/file_token_store.rb +1 -0
- data/lib/googleauth/stores/redis_token_store.rb +1 -0
- data/lib/googleauth/version.rb +1 -1
- data/lib/googleauth/web_user_authorizer.rb +1 -1
- data/spec/googleauth/service_account_spec.rb +24 -10
- metadata +19 -23
- data/.kokoro/build.bat +0 -16
- data/.kokoro/build.sh +0 -4
- data/.kokoro/continuous/common.cfg +0 -24
- data/.kokoro/continuous/linux.cfg +0 -25
- data/.kokoro/continuous/osx.cfg +0 -8
- data/.kokoro/continuous/post.cfg +0 -30
- data/.kokoro/continuous/windows.cfg +0 -29
- data/.kokoro/osx.sh +0 -4
- data/.kokoro/presubmit/common.cfg +0 -24
- data/.kokoro/presubmit/linux.cfg +0 -24
- data/.kokoro/presubmit/osx.cfg +0 -8
- data/.kokoro/presubmit/windows.cfg +0 -29
- data/.kokoro/trampoline.bat +0 -10
- data/.kokoro/trampoline.sh +0 -4
- data/Rakefile +0 -132
- data/rakelib/devsite_builder.rb +0 -45
- data/rakelib/link_checker.rb +0 -64
- data/rakelib/repo_metadata.rb +0 -59
data/README.md
CHANGED
@@ -182,17 +182,19 @@ Custom storage implementations can also be used. See
|
|
182
182
|
|
183
183
|
## Supported Ruby Versions
|
184
184
|
|
185
|
-
This library
|
185
|
+
This library is supported on Ruby 2.5+.
|
186
186
|
|
187
|
-
|
188
|
-
|
189
|
-
maintenance
|
190
|
-
|
187
|
+
Google provides official support for Ruby versions that are actively supported
|
188
|
+
by Ruby Core—that is, Ruby versions that are either in normal maintenance or in
|
189
|
+
security maintenance, and not end of life. Currently, this means Ruby 2.5 and
|
190
|
+
later. Older versions of Ruby _may_ still work, but are unsupported and not
|
191
|
+
recommended. See https://www.ruby-lang.org/en/downloads/branches/ for details
|
192
|
+
about the Ruby support schedule.
|
191
193
|
|
192
194
|
## License
|
193
195
|
|
194
196
|
This library is licensed under Apache 2.0. Full license text is
|
195
|
-
available in [
|
197
|
+
available in [LICENSE][license].
|
196
198
|
|
197
199
|
## Contributing
|
198
200
|
|
@@ -208,4 +210,4 @@ about the client or APIs on [StackOverflow](http://stackoverflow.com).
|
|
208
210
|
|
209
211
|
[application default credentials]: https://developers.google.com/accounts/docs/application-default-credentials
|
210
212
|
[contributing]: https://github.com/googleapis/google-auth-library-ruby/tree/master/.github/CONTRIBUTING.md
|
211
|
-
[
|
213
|
+
[license]: https://github.com/googleapis/google-auth-library-ruby/tree/master/LICENSE
|
data/SECURITY.md
ADDED
@@ -0,0 +1,7 @@
|
|
1
|
+
# Security Policy
|
2
|
+
|
3
|
+
To report a security issue, please use [g.co/vulnz](https://g.co/vulnz).
|
4
|
+
|
5
|
+
The Google Security Team will respond within 5 working days of your report on g.co/vulnz.
|
6
|
+
|
7
|
+
We use g.co/vulnz for our intake, and do coordination and disclosure here using GitHub Security Advisory to privately discuss and fix the issue.
|
data/googleauth.gemspec
CHANGED
@@ -24,8 +24,9 @@ Gem::Specification.new do |gem|
|
|
24
24
|
File.basename f
|
25
25
|
end
|
26
26
|
gem.require_paths = ["lib"]
|
27
|
+
|
27
28
|
gem.platform = Gem::Platform::RUBY
|
28
|
-
gem.required_ruby_version = ">= 2.
|
29
|
+
gem.required_ruby_version = ">= 2.5"
|
29
30
|
|
30
31
|
gem.add_dependency "faraday", ">= 0.17.3", "< 2.0"
|
31
32
|
gem.add_dependency "jwt", ">= 1.4", "< 3.0"
|
@@ -112,7 +112,7 @@ module Google
|
|
112
112
|
case resp.status
|
113
113
|
when 200
|
114
114
|
content_type = resp.headers["content-type"]
|
115
|
-
if
|
115
|
+
if ["text/html", "application/text"].include? content_type
|
116
116
|
{ (target_audience ? "id_token" : "access_token") => resp.body }
|
117
117
|
else
|
118
118
|
Signet::OAuth2.parse_credentials resp.body, content_type
|
@@ -369,9 +369,10 @@ module Google
|
|
369
369
|
verify_keyfile_provided! keyfile
|
370
370
|
@project_id = options["project_id"] || options["project"]
|
371
371
|
@quota_project_id = options["quota_project_id"]
|
372
|
-
|
372
|
+
case keyfile
|
373
|
+
when Signet::OAuth2::Client
|
373
374
|
update_from_signet keyfile
|
374
|
-
|
375
|
+
when Hash
|
375
376
|
update_from_hash keyfile, options
|
376
377
|
else
|
377
378
|
update_from_filepath keyfile, options
|
@@ -503,9 +504,11 @@ module Google
|
|
503
504
|
|
504
505
|
# returns a new Hash with string keys instead of symbol keys.
|
505
506
|
def stringify_hash_keys hash
|
506
|
-
|
507
|
+
hash.to_h.transform_keys(&:to_s)
|
507
508
|
end
|
508
509
|
|
510
|
+
# rubocop:disable Metrics/AbcSize
|
511
|
+
|
509
512
|
def client_options options
|
510
513
|
# Keyfile options have higher priority over constructor defaults
|
511
514
|
options["token_credential_uri"] ||= self.class.token_credential_uri
|
@@ -527,6 +530,8 @@ module Google
|
|
527
530
|
signing_key: OpenSSL::PKey::RSA.new(options["private_key"]) }
|
528
531
|
end
|
529
532
|
|
533
|
+
# rubocop:enable Metrics/AbcSize
|
534
|
+
|
530
535
|
def update_from_signet client
|
531
536
|
@project_id ||= client.project_id if client.respond_to? :project_id
|
532
537
|
@quota_project_id ||= client.quota_project_id if client.respond_to? :quota_project_id
|
@@ -103,7 +103,7 @@ module Google
|
|
103
103
|
return make_creds options.merge(json_key_io: f)
|
104
104
|
end
|
105
105
|
elsif service_account_env_vars? || authorized_user_env_vars?
|
106
|
-
|
106
|
+
make_creds options
|
107
107
|
end
|
108
108
|
rescue StandardError => e
|
109
109
|
raise "#{NOT_FOUND_ERROR}: #{e}"
|
data/lib/googleauth/iam.rb
CHANGED
@@ -171,7 +171,9 @@ module Google
|
|
171
171
|
curve_name = CURVE_NAME_MAP[jwk[:crv]]
|
172
172
|
raise KeySourceError, "Unsupported EC curve #{jwk[:crv]}" unless curve_name
|
173
173
|
group = OpenSSL::PKey::EC::Group.new curve_name
|
174
|
-
|
174
|
+
x_hex = x_data.unpack1 "H*"
|
175
|
+
y_hex = y_data.unpack1 "H*"
|
176
|
+
bn = OpenSSL::BN.new ["04#{x_hex}#{y_hex}"].pack("H*"), 2
|
175
177
|
key = OpenSSL::PKey::EC.new curve_name
|
176
178
|
key.public_key = OpenSSL::PKey::EC::Point.new group, bn
|
177
179
|
key
|
@@ -284,10 +286,10 @@ module Google
|
|
284
286
|
raise KeySourceError, "Unable to retrieve data from #{uri}" unless response.is_a? Net::HTTPSuccess
|
285
287
|
|
286
288
|
data = begin
|
287
|
-
|
288
|
-
|
289
|
-
|
290
|
-
|
289
|
+
JSON.parse response.body
|
290
|
+
rescue JSON::ParserError
|
291
|
+
raise KeySourceError, "Unable to parse JSON"
|
292
|
+
end
|
291
293
|
|
292
294
|
@current_keys = Array(interpret_json(data))
|
293
295
|
end
|
@@ -105,15 +105,13 @@ module Google
|
|
105
105
|
def decode_token token, keys, aud, azp, iss
|
106
106
|
payload = nil
|
107
107
|
keys.find do |key|
|
108
|
-
|
109
|
-
|
110
|
-
|
111
|
-
|
112
|
-
|
113
|
-
|
114
|
-
|
115
|
-
nil # Try the next key
|
116
|
-
end
|
108
|
+
options = { algorithms: key.algorithm }
|
109
|
+
decoded_token = JWT.decode token, key.key, true, options
|
110
|
+
payload = decoded_token.first
|
111
|
+
rescue JWT::ExpiredSignature
|
112
|
+
raise ExpiredTokenError, "Token signature is expired"
|
113
|
+
rescue JWT::DecodeError
|
114
|
+
nil # Try the next key
|
117
115
|
end
|
118
116
|
|
119
117
|
normalize_and_verify_payload payload, aud, azp, iss
|
@@ -123,11 +123,13 @@ module Google
|
|
123
123
|
def apply_self_signed_jwt! a_hash
|
124
124
|
# Use the ServiceAccountJwtHeaderCredentials using the same cred values
|
125
125
|
cred_json = {
|
126
|
-
private_key:
|
127
|
-
client_email: @issuer
|
126
|
+
private_key: @signing_key.to_s,
|
127
|
+
client_email: @issuer,
|
128
|
+
project_id: @project_id,
|
129
|
+
quota_project_id: @quota_project_id
|
128
130
|
}
|
129
131
|
key_io = StringIO.new MultiJson.dump(cred_json)
|
130
|
-
alt = ServiceAccountJwtHeaderCredentials.make_creds json_key_io: key_io
|
132
|
+
alt = ServiceAccountJwtHeaderCredentials.make_creds json_key_io: key_io, scope: scope
|
131
133
|
alt.apply! a_hash
|
132
134
|
end
|
133
135
|
end
|
@@ -152,15 +154,13 @@ module Google
|
|
152
154
|
attr_reader :project_id
|
153
155
|
attr_reader :quota_project_id
|
154
156
|
|
155
|
-
#
|
157
|
+
# Create a ServiceAccountJwtHeaderCredentials.
|
156
158
|
#
|
157
|
-
#
|
158
|
-
#
|
159
|
-
|
160
|
-
|
161
|
-
|
162
|
-
def self.make_creds *args
|
163
|
-
new json_key_io: args[0][:json_key_io]
|
159
|
+
# @param json_key_io [IO] an IO from which the JSON key can be read
|
160
|
+
# @param scope [string|array|nil] the scope(s) to access
|
161
|
+
def self.make_creds options = {}
|
162
|
+
json_key_io, scope = options.values_at :json_key_io, :scope
|
163
|
+
new json_key_io: json_key_io, scope: scope
|
164
164
|
end
|
165
165
|
|
166
166
|
# Initializes a ServiceAccountJwtHeaderCredentials.
|
@@ -179,6 +179,7 @@ module Google
|
|
179
179
|
end
|
180
180
|
@project_id ||= CredentialsLoader.load_gcloud_project_id
|
181
181
|
@signing_key = OpenSSL::PKey::RSA.new @private_key
|
182
|
+
@scope = options[:scope]
|
182
183
|
end
|
183
184
|
|
184
185
|
# Construct a jwt token if the JWT_AUD_URI key is present in the input
|
@@ -187,7 +188,7 @@ module Google
|
|
187
188
|
# The jwt token is used as the value of a 'Bearer '.
|
188
189
|
def apply! a_hash, opts = {}
|
189
190
|
jwt_aud_uri = a_hash.delete JWT_AUD_URI_KEY
|
190
|
-
return a_hash if jwt_aud_uri.nil?
|
191
|
+
return a_hash if jwt_aud_uri.nil? && @scope.nil?
|
191
192
|
jwt_token = new_jwt_token jwt_aud_uri, opts
|
192
193
|
a_hash[AUTH_METADATA_KEY] = "Bearer #{jwt_token}"
|
193
194
|
a_hash
|
@@ -203,22 +204,27 @@ module Google
|
|
203
204
|
# Returns a reference to the #apply method, suitable for passing as
|
204
205
|
# a closure
|
205
206
|
def updater_proc
|
206
|
-
|
207
|
+
proc { |a_hash, opts = {}| apply a_hash, opts }
|
207
208
|
end
|
208
209
|
|
209
210
|
protected
|
210
211
|
|
211
212
|
# Creates a jwt uri token.
|
212
|
-
def new_jwt_token jwt_aud_uri, options = {}
|
213
|
+
def new_jwt_token jwt_aud_uri = nil, options = {}
|
213
214
|
now = Time.new
|
214
215
|
skew = options[:skew] || 60
|
215
216
|
assertion = {
|
216
217
|
"iss" => @issuer,
|
217
218
|
"sub" => @issuer,
|
218
|
-
"aud" => jwt_aud_uri,
|
219
219
|
"exp" => (now + EXPIRY).to_i,
|
220
220
|
"iat" => (now - skew).to_i
|
221
221
|
}
|
222
|
+
|
223
|
+
jwt_aud_uri = nil if @scope
|
224
|
+
|
225
|
+
assertion["scope"] = Array(@scope).join " " if @scope
|
226
|
+
assertion["aud"] = jwt_aud_uri if jwt_aud_uri
|
227
|
+
|
222
228
|
JWT.encode assertion, @signing_key, SIGNING_ALGORITHM
|
223
229
|
end
|
224
230
|
end
|
data/lib/googleauth/signet.rb
CHANGED
data/lib/googleauth/version.rb
CHANGED
@@ -189,7 +189,7 @@ module Google
|
|
189
189
|
# May raise an error if an authorization code is present in the session
|
190
190
|
# and exchange of the code fails
|
191
191
|
def get_credentials user_id, request = nil, scope = nil
|
192
|
-
if request
|
192
|
+
if request&.session&.key? CALLBACK_STATE_KEY
|
193
193
|
# Note - in theory, no need to check required scope as this is
|
194
194
|
# expected to be called immediately after a return from authorization
|
195
195
|
state_json = request.session.delete CALLBACK_STATE_KEY
|
@@ -44,9 +44,10 @@ require "os"
|
|
44
44
|
|
45
45
|
include Google::Auth::CredentialsLoader
|
46
46
|
|
47
|
-
shared_examples "jwt header auth" do
|
47
|
+
shared_examples "jwt header auth" do |aud="https://www.googleapis.com/myservice"|
|
48
48
|
context "when jwt_aud_uri is present" do
|
49
|
-
let(:test_uri) {
|
49
|
+
let(:test_uri) { aud }
|
50
|
+
let(:test_scope) { "scope/1 scope/2" }
|
50
51
|
let(:auth_prefix) { "Bearer " }
|
51
52
|
let(:auth_key) { ServiceAccountJwtHeaderCredentials::AUTH_METADATA_KEY }
|
52
53
|
let(:jwt_uri_key) { ServiceAccountJwtHeaderCredentials::JWT_AUD_URI_KEY }
|
@@ -56,14 +57,16 @@ shared_examples "jwt header auth" do
|
|
56
57
|
expect(hdr.start_with?(auth_prefix)).to be true
|
57
58
|
authorization = hdr[auth_prefix.length..-1]
|
58
59
|
payload, = JWT.decode authorization, @key.public_key, true, algorithm: "RS256"
|
59
|
-
|
60
|
+
|
61
|
+
expect(payload["aud"]).to eq(test_uri) if not test_uri.nil?
|
62
|
+
expect(payload["scope"]).to eq(test_scope) if test_uri.nil?
|
60
63
|
expect(payload["iss"]).to eq(client_email)
|
61
64
|
end
|
62
65
|
|
63
66
|
describe "#apply!" do
|
64
67
|
it "should update the target hash with a jwt token" do
|
65
68
|
md = { foo: "bar" }
|
66
|
-
md[jwt_uri_key] = test_uri
|
69
|
+
md[jwt_uri_key] = test_uri if test_uri
|
67
70
|
@client.apply! md
|
68
71
|
auth_header = md[auth_key]
|
69
72
|
expect_is_encoded_jwt auth_header
|
@@ -74,31 +77,31 @@ shared_examples "jwt header auth" do
|
|
74
77
|
describe "updater_proc" do
|
75
78
|
it "should provide a proc that updates a hash with a jwt token" do
|
76
79
|
md = { foo: "bar" }
|
77
|
-
md[jwt_uri_key] = test_uri
|
80
|
+
md[jwt_uri_key] = test_uri if test_uri
|
78
81
|
the_proc = @client.updater_proc
|
79
82
|
got = the_proc.call md
|
80
83
|
auth_header = got[auth_key]
|
81
84
|
expect_is_encoded_jwt auth_header
|
82
85
|
expect(got[jwt_uri_key]).to be_nil
|
83
|
-
expect(md[jwt_uri_key]).to_not be_nil
|
86
|
+
expect(md[jwt_uri_key]).to_not be_nil if test_uri
|
84
87
|
end
|
85
88
|
end
|
86
89
|
|
87
90
|
describe "#apply" do
|
88
91
|
it "should not update the original hash with a jwt token" do
|
89
92
|
md = { foo: "bar" }
|
90
|
-
md[jwt_uri_key] = test_uri
|
93
|
+
md[jwt_uri_key] = test_uri if test_uri
|
91
94
|
the_proc = @client.updater_proc
|
92
95
|
got = the_proc.call md
|
93
96
|
auth_header = md[auth_key]
|
94
97
|
expect(auth_header).to be_nil
|
95
98
|
expect(got[jwt_uri_key]).to be_nil
|
96
|
-
expect(md[jwt_uri_key]).to_not be_nil
|
99
|
+
expect(md[jwt_uri_key]).to_not be_nil if test_uri
|
97
100
|
end
|
98
101
|
|
99
102
|
it "should add a jwt token to the returned hash" do
|
100
103
|
md = { foo: "bar" }
|
101
|
-
md[jwt_uri_key] = test_uri
|
104
|
+
md[jwt_uri_key] = test_uri if test_uri
|
102
105
|
got = @client.apply md
|
103
106
|
auth_header = got[auth_key]
|
104
107
|
expect_is_encoded_jwt auth_header
|
@@ -107,6 +110,7 @@ shared_examples "jwt header auth" do
|
|
107
110
|
end
|
108
111
|
end
|
109
112
|
|
113
|
+
|
110
114
|
describe Google::Auth::ServiceAccountCredentials do
|
111
115
|
ServiceAccountCredentials = Google::Auth::ServiceAccountCredentials
|
112
116
|
let(:client_email) { "app@developer.gserviceaccount.com" }
|
@@ -169,14 +173,24 @@ describe Google::Auth::ServiceAccountCredentials do
|
|
169
173
|
it_behaves_like "jwt header auth"
|
170
174
|
end
|
171
175
|
|
172
|
-
context "when enable_self_signed_jwt is set" do
|
176
|
+
context "when enable_self_signed_jwt is set with aud" do
|
173
177
|
before :example do
|
178
|
+
@client.scope = nil
|
174
179
|
@client.instance_variable_set(:@enable_self_signed_jwt, true)
|
175
180
|
end
|
176
181
|
|
177
182
|
it_behaves_like "jwt header auth"
|
178
183
|
end
|
179
184
|
|
185
|
+
context "when enable_self_signed_jwt is set with scope" do
|
186
|
+
before :example do
|
187
|
+
@client.scope = ['scope/1', 'scope/2']
|
188
|
+
@client.instance_variable_set(:@enable_self_signed_jwt, true)
|
189
|
+
end
|
190
|
+
|
191
|
+
it_behaves_like "jwt header auth", nil
|
192
|
+
end
|
193
|
+
|
180
194
|
describe "#from_env" do
|
181
195
|
before :example do
|
182
196
|
@var_name = ENV_VAR
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: googleauth
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 0.17.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Tim Emiola
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2021-
|
11
|
+
date: 2021-07-30 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: faraday
|
@@ -140,32 +140,31 @@ files:
|
|
140
140
|
- ".github/ISSUE_TEMPLATE/bug_report.md"
|
141
141
|
- ".github/ISSUE_TEMPLATE/feature_request.md"
|
142
142
|
- ".github/ISSUE_TEMPLATE/support_request.md"
|
143
|
-
- ".github/
|
143
|
+
- ".github/renovate.json"
|
144
|
+
- ".github/sync-repo-settings.yaml"
|
145
|
+
- ".github/workflows/ci.yml"
|
146
|
+
- ".github/workflows/release-please.yml"
|
144
147
|
- ".gitignore"
|
145
|
-
- ".kokoro/
|
146
|
-
- ".kokoro/build.sh"
|
147
|
-
- ".kokoro/continuous/common.cfg"
|
148
|
-
- ".kokoro/continuous/linux.cfg"
|
149
|
-
- ".kokoro/continuous/osx.cfg"
|
150
|
-
- ".kokoro/continuous/post.cfg"
|
151
|
-
- ".kokoro/continuous/windows.cfg"
|
152
|
-
- ".kokoro/osx.sh"
|
153
|
-
- ".kokoro/presubmit/common.cfg"
|
154
|
-
- ".kokoro/presubmit/linux.cfg"
|
155
|
-
- ".kokoro/presubmit/osx.cfg"
|
156
|
-
- ".kokoro/presubmit/windows.cfg"
|
148
|
+
- ".kokoro/populate-secrets.sh"
|
157
149
|
- ".kokoro/release.cfg"
|
158
|
-
- ".kokoro/
|
159
|
-
- ".kokoro/
|
150
|
+
- ".kokoro/release.sh"
|
151
|
+
- ".kokoro/trampoline_v2.sh"
|
160
152
|
- ".repo-metadata.json"
|
161
153
|
- ".rspec"
|
162
154
|
- ".rubocop.yml"
|
155
|
+
- ".toys/.toys.rb"
|
156
|
+
- ".toys/ci.rb"
|
157
|
+
- ".toys/kokoro/.toys.rb"
|
158
|
+
- ".toys/kokoro/publish-docs.rb"
|
159
|
+
- ".toys/kokoro/publish-gem.rb"
|
160
|
+
- ".toys/linkinator.rb"
|
161
|
+
- ".trampolinerc"
|
163
162
|
- CHANGELOG.md
|
164
163
|
- CODE_OF_CONDUCT.md
|
165
164
|
- Gemfile
|
166
165
|
- LICENSE
|
167
166
|
- README.md
|
168
|
-
-
|
167
|
+
- SECURITY.md
|
169
168
|
- googleauth.gemspec
|
170
169
|
- integration/helper.rb
|
171
170
|
- integration/id_tokens/key_source_test.rb
|
@@ -192,9 +191,6 @@ files:
|
|
192
191
|
- lib/googleauth/user_refresh.rb
|
193
192
|
- lib/googleauth/version.rb
|
194
193
|
- lib/googleauth/web_user_authorizer.rb
|
195
|
-
- rakelib/devsite_builder.rb
|
196
|
-
- rakelib/link_checker.rb
|
197
|
-
- rakelib/repo_metadata.rb
|
198
194
|
- spec/googleauth/apply_auth_examples.rb
|
199
195
|
- spec/googleauth/client_id_spec.rb
|
200
196
|
- spec/googleauth/compute_engine_spec.rb
|
@@ -226,14 +222,14 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
226
222
|
requirements:
|
227
223
|
- - ">="
|
228
224
|
- !ruby/object:Gem::Version
|
229
|
-
version: 2.
|
225
|
+
version: '2.5'
|
230
226
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
231
227
|
requirements:
|
232
228
|
- - ">="
|
233
229
|
- !ruby/object:Gem::Version
|
234
230
|
version: '0'
|
235
231
|
requirements: []
|
236
|
-
rubygems_version: 3.2.
|
232
|
+
rubygems_version: 3.2.17
|
237
233
|
signing_key:
|
238
234
|
specification_version: 4
|
239
235
|
summary: Google Auth Library for Ruby
|