googleauth 0.8.1 → 0.16.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (59) hide show
  1. checksums.yaml +4 -4
  2. data/.github/CODEOWNERS +7 -0
  3. data/.github/workflows/release.yml +39 -0
  4. data/.kokoro/build.bat +9 -1
  5. data/.kokoro/continuous/linux.cfg +12 -2
  6. data/.kokoro/continuous/osx.cfg +5 -0
  7. data/.kokoro/continuous/post.cfg +30 -0
  8. data/.kokoro/continuous/windows.cfg +27 -1
  9. data/.kokoro/presubmit/linux.cfg +11 -1
  10. data/.kokoro/presubmit/osx.cfg +5 -0
  11. data/.kokoro/presubmit/windows.cfg +27 -1
  12. data/.kokoro/release.cfg +42 -1
  13. data/.kokoro/trampoline.bat +10 -0
  14. data/.repo-metadata.json +5 -0
  15. data/.rubocop.yml +8 -2
  16. data/CHANGELOG.md +94 -20
  17. data/Gemfile +7 -7
  18. data/{COPYING → LICENSE} +0 -0
  19. data/README.md +12 -15
  20. data/Rakefile +48 -5
  21. data/googleauth.gemspec +7 -3
  22. data/integration/helper.rb +31 -0
  23. data/integration/id_tokens/key_source_test.rb +74 -0
  24. data/lib/googleauth.rb +1 -0
  25. data/lib/googleauth/application_default.rb +2 -2
  26. data/lib/googleauth/compute_engine.rb +45 -20
  27. data/lib/googleauth/credentials.rb +445 -71
  28. data/lib/googleauth/credentials_loader.rb +11 -9
  29. data/lib/googleauth/iam.rb +1 -1
  30. data/lib/googleauth/id_tokens.rb +233 -0
  31. data/lib/googleauth/id_tokens/errors.rb +71 -0
  32. data/lib/googleauth/id_tokens/key_sources.rb +396 -0
  33. data/lib/googleauth/id_tokens/verifier.rb +142 -0
  34. data/lib/googleauth/json_key_reader.rb +6 -2
  35. data/lib/googleauth/scope_util.rb +1 -1
  36. data/lib/googleauth/service_account.rb +42 -23
  37. data/lib/googleauth/signet.rb +9 -6
  38. data/lib/googleauth/stores/file_token_store.rb +1 -0
  39. data/lib/googleauth/stores/redis_token_store.rb +1 -0
  40. data/lib/googleauth/user_authorizer.rb +6 -1
  41. data/lib/googleauth/user_refresh.rb +2 -2
  42. data/lib/googleauth/version.rb +1 -1
  43. data/lib/googleauth/web_user_authorizer.rb +16 -14
  44. data/rakelib/devsite_builder.rb +45 -0
  45. data/rakelib/link_checker.rb +64 -0
  46. data/rakelib/repo_metadata.rb +59 -0
  47. data/spec/googleauth/apply_auth_examples.rb +28 -5
  48. data/spec/googleauth/compute_engine_spec.rb +69 -13
  49. data/spec/googleauth/credentials_spec.rb +492 -165
  50. data/spec/googleauth/service_account_spec.rb +31 -16
  51. data/spec/googleauth/signet_spec.rb +46 -7
  52. data/spec/googleauth/user_authorizer_spec.rb +21 -1
  53. data/spec/googleauth/user_refresh_spec.rb +1 -1
  54. data/spec/googleauth/web_user_authorizer_spec.rb +6 -0
  55. data/test/helper.rb +33 -0
  56. data/test/id_tokens/key_sources_test.rb +240 -0
  57. data/test/id_tokens/verifier_test.rb +269 -0
  58. metadata +49 -13
  59. data/.kokoro/windows.sh +0 -4
@@ -0,0 +1,269 @@
1
+ # Copyright 2020 Google LLC
2
+ #
3
+ # Redistribution and use in source and binary forms, with or without
4
+ # modification, are permitted provided that the following conditions are
5
+ # met:
6
+ #
7
+ # * Redistributions of source code must retain the above copyright
8
+ # notice, this list of conditions and the following disclaimer.
9
+ # * Redistributions in binary form must reproduce the above
10
+ # copyright notice, this list of conditions and the following disclaimer
11
+ # in the documentation and/or other materials provided with the
12
+ # distribution.
13
+ # * Neither the name of Google Inc. nor the names of its
14
+ # contributors may be used to endorse or promote products derived from
15
+ # this software without specific prior written permission.
16
+ #
17
+ # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
18
+ # "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
19
+ # LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
20
+ # A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
21
+ # OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
22
+ # SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
23
+ # LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
24
+ # DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
25
+ # THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
26
+ # (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
27
+ # OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
28
+
29
+ require "helper"
30
+
31
+ describe Google::Auth::IDTokens::Verifier do
32
+ describe "verify_oidc" do
33
+ let(:oidc_token) {
34
+ "eyJhbGciOiJSUzI1NiIsImtpZCI6IjQ5MjcxMGE3ZmNkYjE1Mzk2MGNlMDFmNzYwNTIwY" \
35
+ "TMyYzg0NTVkZmYiLCJ0eXAiOiJKV1QifQ.eyJhdWQiOiJodHRwOi8vZXhhbXBsZS5jb20" \
36
+ "iLCJhenAiOiI1NDIzMzkzNTc2MzgtY3IwZHNlcnIyZXZnN3N2MW1lZ2hxZXU3MDMyNzRm" \
37
+ "M2hAZGV2ZWxvcGVyLmdzZXJ2aWNlYWNjb3VudC5jb20iLCJlbWFpbCI6IjU0MjMzOTM1N" \
38
+ "zYzOC1jcjBkc2VycjJldmc3c3YxbWVnaHFldTcwMzI3NGYzaEBkZXZlbG9wZXIuZ3Nlcn" \
39
+ "ZpY2VhY2NvdW50LmNvbSIsImVtYWlsX3ZlcmlmaWVkIjp0cnVlLCJleHAiOjE1OTEzNDI" \
40
+ "3NzYsImlhdCI6MTU5MTMzOTE3NiwiaXNzIjoiaHR0cHM6Ly9hY2NvdW50cy5nb29nbGUu" \
41
+ "Y29tIiwic3ViIjoiMTA0MzQxNDczMTMxODI1OTU3NjAzIn0.GGDE_5HoLacyqdufdxnAC" \
42
+ "rXxYySKQYAzSQ5qfGjSUriuO3uLm2-rwSPFfLzzBeflEHdVX7XRFFszpxKajuZklF4dXd" \
43
+ "0evB1u5i3QeCJ8MSZKKx6qus_ETJv4rtuPNEuyhaRcShB7BwI8RY0IZ4_EDrhYqYInrO2" \
44
+ "wQyJGYvc41JcmoKzRoNnEVydN0Qppt9bqevq_lJg-9UjJkJ2QHjPfTgMjwhLIgNptKgtR" \
45
+ "qdoRpJmleFlbuUqyPPJfAzv3Tc6h3kw88tEcI8R3n04xmHOSMwERFFQYJdQDMd2F9SSDe" \
46
+ "rh40codO_GuPZ7bEUiKq9Lkx2LH5TuhythfsMzIwJpaEA"
47
+ }
48
+ let(:oidc_jwk_body) {
49
+ <<~JWK
50
+ {
51
+ "keys": [
52
+ {
53
+ "kid": "fb8ca5b7d8d9a5c6c6788071e866c6c40f3fc1f9",
54
+ "e": "AQAB",
55
+ "alg": "RS256",
56
+ "use": "sig",
57
+ "n": "zK8PHf_6V3G5rU-viUOL1HvAYn7q--dxMoUkt7x1rSWX6fimla-lpoYAKhFTLUELkRKy_6UDzfybz0P9eItqS2UxVWYpKYmKTQ08HgUBUde4GtO_B0SkSk8iLtGh653UBBjgXmfzdfQEz_DsaWn7BMtuAhY9hpMtJye8LQlwaS8ibQrsC0j0GZM5KXRITHwfx06_T1qqC_MOZRA6iJs-J2HNlgeyFuoQVBTY6pRqGXa-qaVsSG3iU-vqNIciFquIq-xydwxLqZNksRRer5VAsSHf0eD3g2DX-cf6paSy1aM40svO9EfSvG_07MuHafEE44RFvSZZ4ubEN9U7ALSjdw",
58
+ "kty": "RSA"
59
+ },
60
+ {
61
+ "kty": "RSA",
62
+ "kid": "492710a7fcdb153960ce01f760520a32c8455dff",
63
+ "e": "AQAB",
64
+ "alg": "RS256",
65
+ "use": "sig",
66
+ "n": "wl6TaY_3dsuLczYH_hioeQ5JjcLKLGYb--WImN9_IKMkOj49dgs25wkjsdI9XGJYhhPJLlvfjIfXH49ZGA_XKLx7fggNaBRZcj1y-I3_77tVa9N7An5JLq3HT9XVt0PNTq0mtX009z1Hva4IWZ5IhENx2rWlZOfFAXiMUqhnDc8VY3lG7vr8_VG3cw3XRKvlZQKbb6p2YIMFsUwaDGL2tVF4SkxpxIazUYfOY5lijyVugNTslOBhlEMq_43MZlkznSrbFx8ToQ2bQX4Shj-r9pLyofbo6A7K9mgWnQXGY5rQVLPYYRzUg0ThWDzwHdgxYC5MNxKyQH4RC2LPv3U0LQ"
67
+ }
68
+ ]
69
+ }
70
+ JWK
71
+ }
72
+ let(:expected_aud) { "http://example.com" }
73
+ let(:expected_azp) { "542339357638-cr0dserr2evg7sv1meghqeu703274f3h@developer.gserviceaccount.com" }
74
+ let(:unexpired_test_time) { Time.at 1591339181 }
75
+ let(:expired_test_time) { unexpired_test_time + 86400 }
76
+
77
+ after do
78
+ WebMock.reset!
79
+ Google::Auth::IDTokens.forget_sources!
80
+ end
81
+
82
+ it "verifies a good token with iss, aud, and azp checks" do
83
+ stub_request(:get, Google::Auth::IDTokens::OAUTH2_V3_CERTS_URL).to_return(body: oidc_jwk_body)
84
+ Time.stub :now, unexpired_test_time do
85
+ Google::Auth::IDTokens.verify_oidc oidc_token, aud: expected_aud, azp: expected_azp
86
+ end
87
+ end
88
+
89
+ it "fails to verify a bad token" do
90
+ stub_request(:get, Google::Auth::IDTokens::OAUTH2_V3_CERTS_URL).to_return(body: oidc_jwk_body)
91
+ Time.stub :now, unexpired_test_time do
92
+ assert_raises Google::Auth::IDTokens::SignatureError do
93
+ Google::Auth::IDTokens.verify_oidc "#{oidc_token}x"
94
+ end
95
+ end
96
+ end
97
+
98
+ it "fails to verify a token with the wrong aud" do
99
+ stub_request(:get, Google::Auth::IDTokens::OAUTH2_V3_CERTS_URL).to_return(body: oidc_jwk_body)
100
+ Time.stub :now, unexpired_test_time do
101
+ assert_raises Google::Auth::IDTokens::AudienceMismatchError do
102
+ Google::Auth::IDTokens.verify_oidc oidc_token, aud: ["hello", "world"]
103
+ end
104
+ end
105
+ end
106
+
107
+ it "fails to verify a token with the wrong azp" do
108
+ stub_request(:get, Google::Auth::IDTokens::OAUTH2_V3_CERTS_URL).to_return(body: oidc_jwk_body)
109
+ Time.stub :now, unexpired_test_time do
110
+ assert_raises Google::Auth::IDTokens::AuthorizedPartyMismatchError do
111
+ Google::Auth::IDTokens.verify_oidc oidc_token, azp: "hello"
112
+ end
113
+ end
114
+ end
115
+
116
+ it "fails to verify a token with the wrong issuer" do
117
+ stub_request(:get, Google::Auth::IDTokens::OAUTH2_V3_CERTS_URL).to_return(body: oidc_jwk_body)
118
+ Time.stub :now, unexpired_test_time do
119
+ assert_raises Google::Auth::IDTokens::IssuerMismatchError do
120
+ Google::Auth::IDTokens.verify_oidc oidc_token, iss: "hello"
121
+ end
122
+ end
123
+ end
124
+
125
+ it "fails to verify an expired token" do
126
+ stub_request(:get, Google::Auth::IDTokens::OAUTH2_V3_CERTS_URL).to_return(body: oidc_jwk_body)
127
+ Time.stub :now, expired_test_time do
128
+ assert_raises Google::Auth::IDTokens::ExpiredTokenError do
129
+ Google::Auth::IDTokens.verify_oidc oidc_token
130
+ end
131
+ end
132
+ end
133
+ end
134
+
135
+ describe "verify_iap" do
136
+ let(:iap_token) {
137
+ "eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6IjBvZUxjUSJ9.eyJhdWQiOiIvcH" \
138
+ "JvamVjdHMvNjUyNTYyNzc2Nzk4L2FwcHMvY2xvdWQtc2FtcGxlcy10ZXN0cy1waHAtaWFwI" \
139
+ "iwiZW1haWwiOiJkYXp1bWFAZ29vZ2xlLmNvbSIsImV4cCI6MTU5MTMzNTcyNCwiZ29vZ2xl" \
140
+ "Ijp7ImFjY2Vzc19sZXZlbHMiOlsiYWNjZXNzUG9saWNpZXMvNTE4NTUxMjgwOTI0L2FjY2V" \
141
+ "zc0xldmVscy9yZWNlbnRTZWN1cmVDb25uZWN0RGF0YSIsImFjY2Vzc1BvbGljaWVzLzUxOD" \
142
+ "U1MTI4MDkyNC9hY2Nlc3NMZXZlbHMvdGVzdE5vT3AiLCJhY2Nlc3NQb2xpY2llcy81MTg1N" \
143
+ "TEyODA5MjQvYWNjZXNzTGV2ZWxzL2V2YXBvcmF0aW9uUWFEYXRhRnVsbHlUcnVzdGVkIiwi" \
144
+ "YWNjZXNzUG9saWNpZXMvNTE4NTUxMjgwOTI0L2FjY2Vzc0xldmVscy9jYWFfZGlzYWJsZWQ" \
145
+ "iLCJhY2Nlc3NQb2xpY2llcy81MTg1NTEyODA5MjQvYWNjZXNzTGV2ZWxzL3JlY2VudE5vbk" \
146
+ "1vYmlsZVNlY3VyZUNvbm5lY3REYXRhIiwiYWNjZXNzUG9saWNpZXMvNTE4NTUxMjgwOTI0L" \
147
+ "2FjY2Vzc0xldmVscy9jb25jb3JkIiwiYWNjZXNzUG9saWNpZXMvNTE4NTUxMjgwOTI0L2Fj" \
148
+ "Y2Vzc0xldmVscy9mdWxseVRydXN0ZWRfY2FuYXJ5RGF0YSIsImFjY2Vzc1BvbGljaWVzLzU" \
149
+ "xODU1MTI4MDkyNC9hY2Nlc3NMZXZlbHMvZnVsbHlUcnVzdGVkX3Byb2REYXRhIl19LCJoZC" \
150
+ "I6Imdvb2dsZS5jb20iLCJpYXQiOjE1OTEzMzUxMjQsImlzcyI6Imh0dHBzOi8vY2xvdWQuZ" \
151
+ "29vZ2xlLmNvbS9pYXAiLCJzdWIiOiJhY2NvdW50cy5nb29nbGUuY29tOjExMzc3OTI1ODA4" \
152
+ "MTE5ODAwNDY5NCJ9.2BlagZOoonmX35rNY-KPbONiVzFAdNXKRGkX45uGFXeHryjKgv--K6" \
153
+ "siL8syeCFXzHvgmWpJk31sEt4YLxPKvQ"
154
+ }
155
+ let(:iap_jwk_body) {
156
+ <<~JWK
157
+ {
158
+ "keys" : [
159
+ {
160
+ "alg" : "ES256",
161
+ "crv" : "P-256",
162
+ "kid" : "LYyP2g",
163
+ "kty" : "EC",
164
+ "use" : "sig",
165
+ "x" : "SlXFFkJ3JxMsXyXNrqzE3ozl_0913PmNbccLLWfeQFU",
166
+ "y" : "GLSahrZfBErmMUcHP0MGaeVnJdBwquhrhQ8eP05NfCI"
167
+ },
168
+ {
169
+ "alg" : "ES256",
170
+ "crv" : "P-256",
171
+ "kid" : "mpf0DA",
172
+ "kty" : "EC",
173
+ "use" : "sig",
174
+ "x" : "fHEdeT3a6KaC1kbwov73ZwB_SiUHEyKQwUUtMCEn0aI",
175
+ "y" : "QWOjwPhInNuPlqjxLQyhveXpWqOFcQPhZ3t-koMNbZI"
176
+ },
177
+ {
178
+ "alg" : "ES256",
179
+ "crv" : "P-256",
180
+ "kid" : "b9vTLA",
181
+ "kty" : "EC",
182
+ "use" : "sig",
183
+ "x" : "qCByTAvci-jRAD7uQSEhTdOs8iA714IbcY2L--YzynI",
184
+ "y" : "WQY0uCoQyPSozWKGQ0anmFeOH5JNXiZa9i6SNqOcm7w"
185
+ },
186
+ {
187
+ "alg" : "ES256",
188
+ "crv" : "P-256",
189
+ "kid" : "0oeLcQ",
190
+ "kty" : "EC",
191
+ "use" : "sig",
192
+ "x" : "MdhRXGEoGJLtBjQEIjnYLPkeci9rXnca2TffkI0Kac0",
193
+ "y" : "9BoREHfX7g5OK8ELpA_4RcOnFCGSjfR4SGZpBo7juEY"
194
+ },
195
+ {
196
+ "alg" : "ES256",
197
+ "crv" : "P-256",
198
+ "kid" : "g5X6ig",
199
+ "kty" : "EC",
200
+ "use" : "sig",
201
+ "x" : "115LSuaFVzVROJiGfdPN1kT14Hv3P4RIjthfslZ010s",
202
+ "y" : "-FAaRtO4yvrN4uJ89xwGWOEJcSwpLmFOtb0SDJxEAuc"
203
+ }
204
+ ]
205
+ }
206
+ JWK
207
+ }
208
+ let(:expected_aud) { "/projects/652562776798/apps/cloud-samples-tests-php-iap" }
209
+ let(:unexpired_test_time) { Time.at 1591335143 }
210
+ let(:expired_test_time) { unexpired_test_time + 86400 }
211
+
212
+ after do
213
+ WebMock.reset!
214
+ Google::Auth::IDTokens.forget_sources!
215
+ end
216
+
217
+ it "verifies a good token with iss and aud checks" do
218
+ stub_request(:get, Google::Auth::IDTokens::IAP_JWK_URL).to_return(body: iap_jwk_body)
219
+ Time.stub :now, unexpired_test_time do
220
+ Google::Auth::IDTokens.verify_iap iap_token, aud: expected_aud
221
+ end
222
+ end
223
+
224
+ it "fails to verify a bad token" do
225
+ stub_request(:get, Google::Auth::IDTokens::IAP_JWK_URL).to_return(body: iap_jwk_body)
226
+ Time.stub :now, unexpired_test_time do
227
+ assert_raises Google::Auth::IDTokens::SignatureError do
228
+ Google::Auth::IDTokens.verify_iap "#{iap_token}x"
229
+ end
230
+ end
231
+ end
232
+
233
+ it "fails to verify a token with the wrong aud" do
234
+ stub_request(:get, Google::Auth::IDTokens::IAP_JWK_URL).to_return(body: iap_jwk_body)
235
+ Time.stub :now, unexpired_test_time do
236
+ assert_raises Google::Auth::IDTokens::AudienceMismatchError do
237
+ Google::Auth::IDTokens.verify_iap iap_token, aud: ["hello", "world"]
238
+ end
239
+ end
240
+ end
241
+
242
+ it "fails to verify a token with the wrong azp" do
243
+ stub_request(:get, Google::Auth::IDTokens::IAP_JWK_URL).to_return(body: iap_jwk_body)
244
+ Time.stub :now, unexpired_test_time do
245
+ assert_raises Google::Auth::IDTokens::AuthorizedPartyMismatchError do
246
+ Google::Auth::IDTokens.verify_iap iap_token, azp: "hello"
247
+ end
248
+ end
249
+ end
250
+
251
+ it "fails to verify a token with the wrong issuer" do
252
+ stub_request(:get, Google::Auth::IDTokens::IAP_JWK_URL).to_return(body: iap_jwk_body)
253
+ Time.stub :now, unexpired_test_time do
254
+ assert_raises Google::Auth::IDTokens::IssuerMismatchError do
255
+ Google::Auth::IDTokens.verify_iap iap_token, iss: "hello"
256
+ end
257
+ end
258
+ end
259
+
260
+ it "fails to verify an expired token" do
261
+ stub_request(:get, Google::Auth::IDTokens::IAP_JWK_URL).to_return(body: iap_jwk_body)
262
+ Time.stub :now, expired_test_time do
263
+ assert_raises Google::Auth::IDTokens::ExpiredTokenError do
264
+ Google::Auth::IDTokens.verify_iap iap_token
265
+ end
266
+ end
267
+ end
268
+ end
269
+ end
metadata CHANGED
@@ -1,29 +1,35 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: googleauth
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.8.1
4
+ version: 0.16.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Tim Emiola
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2019-03-27 00:00:00.000000000 Z
11
+ date: 2021-03-04 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: faraday
15
15
  requirement: !ruby/object:Gem::Requirement
16
16
  requirements:
17
- - - "~>"
17
+ - - ">="
18
+ - !ruby/object:Gem::Version
19
+ version: 0.17.3
20
+ - - "<"
18
21
  - !ruby/object:Gem::Version
19
- version: '0.12'
22
+ version: '2.0'
20
23
  type: :runtime
21
24
  prerelease: false
22
25
  version_requirements: !ruby/object:Gem::Requirement
23
26
  requirements:
24
- - - "~>"
27
+ - - ">="
28
+ - !ruby/object:Gem::Version
29
+ version: 0.17.3
30
+ - - "<"
25
31
  - !ruby/object:Gem::Version
26
- version: '0.12'
32
+ version: '2.0'
27
33
  - !ruby/object:Gem::Dependency
28
34
  name: jwt
29
35
  requirement: !ruby/object:Gem::Requirement
@@ -98,14 +104,28 @@ dependencies:
98
104
  requirements:
99
105
  - - "~>"
100
106
  - !ruby/object:Gem::Version
101
- version: '0.7'
107
+ version: '0.14'
102
108
  type: :runtime
103
109
  prerelease: false
104
110
  version_requirements: !ruby/object:Gem::Requirement
105
111
  requirements:
106
112
  - - "~>"
107
113
  - !ruby/object:Gem::Version
108
- version: '0.7'
114
+ version: '0.14'
115
+ - !ruby/object:Gem::Dependency
116
+ name: yard
117
+ requirement: !ruby/object:Gem::Requirement
118
+ requirements:
119
+ - - "~>"
120
+ - !ruby/object:Gem::Version
121
+ version: '0.9'
122
+ type: :development
123
+ prerelease: false
124
+ version_requirements: !ruby/object:Gem::Requirement
125
+ requirements:
126
+ - - "~>"
127
+ - !ruby/object:Gem::Version
128
+ version: '0.9'
109
129
  description: |2
110
130
  Allows simple authorization for accessing Google APIs.
111
131
  Provide support for Application Default Credentials, as described at
@@ -115,16 +135,19 @@ executables: []
115
135
  extensions: []
116
136
  extra_rdoc_files: []
117
137
  files:
138
+ - ".github/CODEOWNERS"
118
139
  - ".github/CONTRIBUTING.md"
119
140
  - ".github/ISSUE_TEMPLATE/bug_report.md"
120
141
  - ".github/ISSUE_TEMPLATE/feature_request.md"
121
142
  - ".github/ISSUE_TEMPLATE/support_request.md"
143
+ - ".github/workflows/release.yml"
122
144
  - ".gitignore"
123
145
  - ".kokoro/build.bat"
124
146
  - ".kokoro/build.sh"
125
147
  - ".kokoro/continuous/common.cfg"
126
148
  - ".kokoro/continuous/linux.cfg"
127
149
  - ".kokoro/continuous/osx.cfg"
150
+ - ".kokoro/continuous/post.cfg"
128
151
  - ".kokoro/continuous/windows.cfg"
129
152
  - ".kokoro/osx.sh"
130
153
  - ".kokoro/presubmit/common.cfg"
@@ -132,17 +155,20 @@ files:
132
155
  - ".kokoro/presubmit/osx.cfg"
133
156
  - ".kokoro/presubmit/windows.cfg"
134
157
  - ".kokoro/release.cfg"
158
+ - ".kokoro/trampoline.bat"
135
159
  - ".kokoro/trampoline.sh"
136
- - ".kokoro/windows.sh"
160
+ - ".repo-metadata.json"
137
161
  - ".rspec"
138
162
  - ".rubocop.yml"
139
163
  - CHANGELOG.md
140
164
  - CODE_OF_CONDUCT.md
141
- - COPYING
142
165
  - Gemfile
166
+ - LICENSE
143
167
  - README.md
144
168
  - Rakefile
145
169
  - googleauth.gemspec
170
+ - integration/helper.rb
171
+ - integration/id_tokens/key_source_test.rb
146
172
  - lib/googleauth.rb
147
173
  - lib/googleauth/application_default.rb
148
174
  - lib/googleauth/client_id.rb
@@ -151,6 +177,10 @@ files:
151
177
  - lib/googleauth/credentials_loader.rb
152
178
  - lib/googleauth/default_credentials.rb
153
179
  - lib/googleauth/iam.rb
180
+ - lib/googleauth/id_tokens.rb
181
+ - lib/googleauth/id_tokens/errors.rb
182
+ - lib/googleauth/id_tokens/key_sources.rb
183
+ - lib/googleauth/id_tokens/verifier.rb
154
184
  - lib/googleauth/json_key_reader.rb
155
185
  - lib/googleauth/scope_util.rb
156
186
  - lib/googleauth/service_account.rb
@@ -162,6 +192,9 @@ files:
162
192
  - lib/googleauth/user_refresh.rb
163
193
  - lib/googleauth/version.rb
164
194
  - lib/googleauth/web_user_authorizer.rb
195
+ - rakelib/devsite_builder.rb
196
+ - rakelib/link_checker.rb
197
+ - rakelib/repo_metadata.rb
165
198
  - spec/googleauth/apply_auth_examples.rb
166
199
  - spec/googleauth/client_id_spec.rb
167
200
  - spec/googleauth/compute_engine_spec.rb
@@ -178,7 +211,10 @@ files:
178
211
  - spec/googleauth/user_refresh_spec.rb
179
212
  - spec/googleauth/web_user_authorizer_spec.rb
180
213
  - spec/spec_helper.rb
181
- homepage: https://github.com/google/google-auth-library-ruby
214
+ - test/helper.rb
215
+ - test/id_tokens/key_sources_test.rb
216
+ - test/id_tokens/verifier_test.rb
217
+ homepage: https://github.com/googleapis/google-auth-library-ruby
182
218
  licenses:
183
219
  - Apache-2.0
184
220
  metadata: {}
@@ -190,14 +226,14 @@ required_ruby_version: !ruby/object:Gem::Requirement
190
226
  requirements:
191
227
  - - ">="
192
228
  - !ruby/object:Gem::Version
193
- version: '0'
229
+ version: '2.5'
194
230
  required_rubygems_version: !ruby/object:Gem::Requirement
195
231
  requirements:
196
232
  - - ">="
197
233
  - !ruby/object:Gem::Version
198
234
  version: '0'
199
235
  requirements: []
200
- rubygems_version: 3.0.3
236
+ rubygems_version: 3.2.11
201
237
  signing_key:
202
238
  specification_version: 4
203
239
  summary: Google Auth Library for Ruby
data/.kokoro/windows.sh DELETED
@@ -1,4 +0,0 @@
1
- #!/bin/bash
2
-
3
- script_url="https://raw.githubusercontent.com/googleapis/google-cloud-ruby/master/.kokoro/windows.sh"
4
- curl -o master-windows.sh $script_url && source master-windows.sh