googleauth 1.10.0 → 1.11.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +13 -0
- data/lib/googleauth/base_client.rb +3 -3
- data/lib/googleauth/compute_engine.rb +10 -1
- data/lib/googleauth/external_account/base_credentials.rb +1 -1
- data/lib/googleauth/signet.rb +17 -0
- data/lib/googleauth/token_store.rb +3 -3
- data/lib/googleauth/user_authorizer.rb +8 -4
- data/lib/googleauth/version.rb +1 -1
- data/lib/googleauth/web_user_authorizer.rb +11 -4
- metadata +3 -3
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: d69318fbe3400719c053c16d4de765ae8a87ad1250c6f62c2c1c2e9c51a97d89
|
|
4
|
+
data.tar.gz: be832e5bfb8417794534ba11186a6175a2e0e28b06c702c095330f2818345973
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: cb7ac3b1d73c1375434d0bfa14ed2e83a2b5fd4f2a5c917a656ff12bdf91028b62724ef9b3774092ac377941b7a6596828a4a87d1ea7e00d1e82a57893981505
|
|
7
|
+
data.tar.gz: 8f00b43299f1dcc2989b256fbc917f12f0df9ee1b4a000752225a834a8d5a360aea2bf58cb80ec5888e114f14a0e7cd9cae8958be8ebde146c21953b12a74c6d
|
data/CHANGELOG.md
CHANGED
|
@@ -1,5 +1,18 @@
|
|
|
1
1
|
# Release History
|
|
2
2
|
|
|
3
|
+
### 1.11.1 (2024-10-04)
|
|
4
|
+
|
|
5
|
+
#### Bug Fixes
|
|
6
|
+
|
|
7
|
+
* Fixed parsing of expiration timestamp from ID tokens ([#492](https://github.com/googleapis/google-auth-library-ruby/issues/492))
|
|
8
|
+
* Use NoMethodError instead of NotImplementedError for unimplemented base class methods ([#487](https://github.com/googleapis/google-auth-library-ruby/issues/487))
|
|
9
|
+
|
|
10
|
+
### 1.11.0 (2024-02-09)
|
|
11
|
+
|
|
12
|
+
#### Features
|
|
13
|
+
|
|
14
|
+
* Deprecate the positional argument for callback_uri, and introduce keyword argument instead ([#475](https://github.com/googleapis/google-auth-library-ruby/issues/475))
|
|
15
|
+
|
|
3
16
|
### 1.10.0 (2024-02-08)
|
|
4
17
|
|
|
5
18
|
#### Features
|
|
@@ -63,17 +63,17 @@ module Google
|
|
|
63
63
|
end
|
|
64
64
|
|
|
65
65
|
def expires_within?
|
|
66
|
-
raise
|
|
66
|
+
raise NoMethodError, "expires_within? not implemented"
|
|
67
67
|
end
|
|
68
68
|
|
|
69
69
|
private
|
|
70
70
|
|
|
71
71
|
def token_type
|
|
72
|
-
raise
|
|
72
|
+
raise NoMethodError, "token_type not implemented"
|
|
73
73
|
end
|
|
74
74
|
|
|
75
75
|
def fetch_access_token!
|
|
76
|
-
raise
|
|
76
|
+
raise NoMethodError, "fetch_access_token! not implemented"
|
|
77
77
|
end
|
|
78
78
|
end
|
|
79
79
|
end
|
|
@@ -123,7 +123,7 @@ module Google
|
|
|
123
123
|
def build_token_hash body, content_type, retrieval_time
|
|
124
124
|
hash =
|
|
125
125
|
if ["text/html", "application/text"].include? content_type
|
|
126
|
-
|
|
126
|
+
parse_encoded_token body
|
|
127
127
|
else
|
|
128
128
|
Signet::OAuth2.parse_credentials body, content_type
|
|
129
129
|
end
|
|
@@ -143,6 +143,15 @@ module Google
|
|
|
143
143
|
end
|
|
144
144
|
hash
|
|
145
145
|
end
|
|
146
|
+
|
|
147
|
+
def parse_encoded_token body
|
|
148
|
+
hash = { token_type.to_s => body }
|
|
149
|
+
if token_type == :id_token
|
|
150
|
+
expires_at = expires_at_from_id_token body
|
|
151
|
+
hash["expires_at"] = expires_at if expires_at
|
|
152
|
+
end
|
|
153
|
+
hash
|
|
154
|
+
end
|
|
146
155
|
end
|
|
147
156
|
end
|
|
148
157
|
end
|
|
@@ -76,7 +76,7 @@ module Google
|
|
|
76
76
|
# The retrieved subject token.
|
|
77
77
|
#
|
|
78
78
|
def retrieve_subject_token!
|
|
79
|
-
raise
|
|
79
|
+
raise NoMethodError, "retrieve_subject_token! not implemented"
|
|
80
80
|
end
|
|
81
81
|
|
|
82
82
|
# Returns whether the credentials represent a workforce pool (True) or
|
data/lib/googleauth/signet.rb
CHANGED
|
@@ -12,6 +12,8 @@
|
|
|
12
12
|
# See the License for the specific language governing permissions and
|
|
13
13
|
# limitations under the License.
|
|
14
14
|
|
|
15
|
+
require "base64"
|
|
16
|
+
require "json"
|
|
15
17
|
require "signet/oauth_2/client"
|
|
16
18
|
require "googleauth/base_client"
|
|
17
19
|
|
|
@@ -29,6 +31,8 @@ module Signet
|
|
|
29
31
|
|
|
30
32
|
def update_token! options = {}
|
|
31
33
|
options = deep_hash_normalize options
|
|
34
|
+
id_token_expires_at = expires_at_from_id_token options[:id_token]
|
|
35
|
+
options[:expires_at] = id_token_expires_at if id_token_expires_at
|
|
32
36
|
update_token_signet_base options
|
|
33
37
|
self.universe_domain = options[:universe_domain] if options.key? :universe_domain
|
|
34
38
|
self
|
|
@@ -89,6 +93,19 @@ module Signet
|
|
|
89
93
|
end
|
|
90
94
|
end
|
|
91
95
|
end
|
|
96
|
+
|
|
97
|
+
private
|
|
98
|
+
|
|
99
|
+
def expires_at_from_id_token id_token
|
|
100
|
+
match = /^[\w=-]+\.([\w=-]+)\.[\w=-]+$/.match id_token.to_s
|
|
101
|
+
return unless match
|
|
102
|
+
json = JSON.parse Base64.urlsafe_decode64 match[1]
|
|
103
|
+
return unless json.key? "exp"
|
|
104
|
+
Time.at json["exp"].to_i
|
|
105
|
+
rescue StandardError
|
|
106
|
+
# Shouldn't happen unless we get a garbled ID token
|
|
107
|
+
nil
|
|
108
|
+
end
|
|
92
109
|
end
|
|
93
110
|
end
|
|
94
111
|
end
|
|
@@ -29,7 +29,7 @@ module Google
|
|
|
29
29
|
# @return [String]
|
|
30
30
|
# The loaded token data.
|
|
31
31
|
def load _id
|
|
32
|
-
raise "
|
|
32
|
+
raise NoMethodError, "load not implemented"
|
|
33
33
|
end
|
|
34
34
|
|
|
35
35
|
# Put the token data into storage for the given ID.
|
|
@@ -39,7 +39,7 @@ module Google
|
|
|
39
39
|
# @param [String] token
|
|
40
40
|
# The token data to store.
|
|
41
41
|
def store _id, _token
|
|
42
|
-
raise "
|
|
42
|
+
raise NoMethodError, "store not implemented"
|
|
43
43
|
end
|
|
44
44
|
|
|
45
45
|
# Remove the token data from storage for the given ID.
|
|
@@ -47,7 +47,7 @@ module Google
|
|
|
47
47
|
# @param [String] id
|
|
48
48
|
# ID of the token data to delete
|
|
49
49
|
def delete _id
|
|
50
|
-
raise "
|
|
50
|
+
raise NoMethodError, "delete not implemented"
|
|
51
51
|
end
|
|
52
52
|
end
|
|
53
53
|
end
|
|
@@ -55,21 +55,25 @@ module Google
|
|
|
55
55
|
# Authorization scope to request
|
|
56
56
|
# @param [Google::Auth::Stores::TokenStore] token_store
|
|
57
57
|
# Backing storage for persisting user credentials
|
|
58
|
-
# @param [String]
|
|
58
|
+
# @param [String] legacy_callback_uri
|
|
59
59
|
# URL (either absolute or relative) of the auth callback.
|
|
60
|
-
# Defaults to '/oauth2callback'
|
|
60
|
+
# Defaults to '/oauth2callback'.
|
|
61
|
+
# @deprecated This field is deprecated. Instead, use the keyword
|
|
62
|
+
# argument callback_uri.
|
|
61
63
|
# @param [String] code_verifier
|
|
62
64
|
# Random string of 43-128 chars used to verify the key exchange using
|
|
63
65
|
# PKCE.
|
|
64
66
|
def initialize client_id, scope, token_store,
|
|
65
|
-
|
|
67
|
+
legacy_callback_uri = nil,
|
|
68
|
+
callback_uri: nil,
|
|
69
|
+
code_verifier: nil
|
|
66
70
|
raise NIL_CLIENT_ID_ERROR if client_id.nil?
|
|
67
71
|
raise NIL_SCOPE_ERROR if scope.nil?
|
|
68
72
|
|
|
69
73
|
@client_id = client_id
|
|
70
74
|
@scope = Array(scope)
|
|
71
75
|
@token_store = token_store
|
|
72
|
-
@callback_uri = callback_uri || "/oauth2callback"
|
|
76
|
+
@callback_uri = legacy_callback_uri || callback_uri || "/oauth2callback"
|
|
73
77
|
@code_verifier = code_verifier
|
|
74
78
|
end
|
|
75
79
|
|
data/lib/googleauth/version.rb
CHANGED
|
@@ -93,15 +93,22 @@ module Google
|
|
|
93
93
|
# Authorization scope to request
|
|
94
94
|
# @param [Google::Auth::Stores::TokenStore] token_store
|
|
95
95
|
# Backing storage for persisting user credentials
|
|
96
|
-
# @param [String]
|
|
96
|
+
# @param [String] legacy_callback_uri
|
|
97
97
|
# URL (either absolute or relative) of the auth callback. Defaults
|
|
98
|
-
# to '/oauth2callback'
|
|
98
|
+
# to '/oauth2callback'.
|
|
99
|
+
# @deprecated This field is deprecated. Instead, use the keyword
|
|
100
|
+
# argument callback_uri.
|
|
99
101
|
# @param [String] code_verifier
|
|
100
102
|
# Random string of 43-128 chars used to verify the key exchange using
|
|
101
103
|
# PKCE.
|
|
102
104
|
def initialize client_id, scope, token_store,
|
|
103
|
-
|
|
104
|
-
|
|
105
|
+
legacy_callback_uri = nil,
|
|
106
|
+
callback_uri: nil,
|
|
107
|
+
code_verifier: nil
|
|
108
|
+
super client_id, scope, token_store,
|
|
109
|
+
legacy_callback_uri,
|
|
110
|
+
code_verifier: code_verifier,
|
|
111
|
+
callback_uri: callback_uri
|
|
105
112
|
end
|
|
106
113
|
|
|
107
114
|
# Handle the result of the oauth callback. Exchanges the authorization
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: googleauth
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.
|
|
4
|
+
version: 1.11.1
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Tim Emiola
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2024-
|
|
11
|
+
date: 2024-10-04 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: faraday
|
|
@@ -186,7 +186,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
186
186
|
- !ruby/object:Gem::Version
|
|
187
187
|
version: '0'
|
|
188
188
|
requirements: []
|
|
189
|
-
rubygems_version: 3.5.
|
|
189
|
+
rubygems_version: 3.5.6
|
|
190
190
|
signing_key:
|
|
191
191
|
specification_version: 4
|
|
192
192
|
summary: Google Auth Library for Ruby
|