oauth-bwergemn 1.0.5 → 1.0.10
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/Gemfile.lock +40 -35
- data/lib/oauth_bwergemn/oauth2.rb +25 -8
- data/lib/oauth_bwergemn/version.rb +1 -1
- data/oauth-bwergemn.gemspec +1 -2
- metadata +4 -18
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: e46c6acfa64976a4efd66ac4e880f2b82c83354d275b81edadbd66632563c0db
|
4
|
+
data.tar.gz: 813e8774a700ed3225a3a5065928d39500b1110b2ee54e68dd6d229ed374ffc9
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 28f9010d626ed0d8e1c4d51cb6fe370eb95eed73485077cbd1146caf1504cf8579c66d6725514c8b161d3f334464fdb7f98c9488898531ac4ee3890e7dbe010c
|
7
|
+
data.tar.gz: 05ecce137a71d52d379dbbb72674abd5b54c731ffa2c42d394720002f7344f544612fb2a644338e1d8f8d0b57bd6a01ac552e8c7fb0634b6746086cf3a99de80
|
data/Gemfile.lock
CHANGED
@@ -1,55 +1,66 @@
|
|
1
1
|
PATH
|
2
2
|
remote: .
|
3
3
|
specs:
|
4
|
-
oauth-bwergemn (1.0.
|
5
|
-
grape (~> 1.
|
4
|
+
oauth-bwergemn (1.0.8)
|
5
|
+
grape (~> 1.3.0)
|
6
6
|
|
7
7
|
GEM
|
8
8
|
remote: https://rubygems.org/
|
9
9
|
specs:
|
10
|
-
activesupport (6.0.2
|
10
|
+
activesupport (6.0.3.2)
|
11
11
|
concurrent-ruby (~> 1.0, >= 1.0.2)
|
12
12
|
i18n (>= 0.7, < 2)
|
13
13
|
minitest (~> 5.1)
|
14
14
|
tzinfo (~> 1.1)
|
15
|
-
zeitwerk (~> 2.2)
|
16
|
-
ast (2.4.
|
17
|
-
axiom-types (0.1.1)
|
18
|
-
descendants_tracker (~> 0.0.4)
|
19
|
-
ice_nine (~> 0.11.0)
|
20
|
-
thread_safe (~> 0.3, >= 0.3.1)
|
15
|
+
zeitwerk (~> 2.2, >= 2.2.2)
|
16
|
+
ast (2.4.1)
|
21
17
|
builder (3.2.4)
|
22
|
-
|
23
|
-
|
24
|
-
|
25
|
-
|
26
|
-
|
27
|
-
|
28
|
-
|
29
|
-
|
18
|
+
concurrent-ruby (1.1.6)
|
19
|
+
diff-lcs (1.4.4)
|
20
|
+
dry-configurable (0.11.6)
|
21
|
+
concurrent-ruby (~> 1.0)
|
22
|
+
dry-core (~> 0.4, >= 0.4.7)
|
23
|
+
dry-equalizer (~> 0.2)
|
24
|
+
dry-container (0.7.2)
|
25
|
+
concurrent-ruby (~> 1.0)
|
26
|
+
dry-configurable (~> 0.1, >= 0.1.3)
|
27
|
+
dry-core (0.4.9)
|
28
|
+
concurrent-ruby (~> 1.0)
|
29
|
+
dry-equalizer (0.3.0)
|
30
|
+
dry-inflector (0.2.0)
|
31
|
+
dry-logic (1.0.6)
|
32
|
+
concurrent-ruby (~> 1.0)
|
33
|
+
dry-core (~> 0.2)
|
34
|
+
dry-equalizer (~> 0.2)
|
35
|
+
dry-types (1.4.0)
|
36
|
+
concurrent-ruby (~> 1.0)
|
37
|
+
dry-container (~> 0.3)
|
38
|
+
dry-core (~> 0.4, >= 0.4.4)
|
39
|
+
dry-equalizer (~> 0.3)
|
40
|
+
dry-inflector (~> 0.1, >= 0.1.2)
|
41
|
+
dry-logic (~> 1.0, >= 1.0.2)
|
42
|
+
grape (1.3.3)
|
30
43
|
activesupport
|
31
44
|
builder
|
45
|
+
dry-types (>= 1.1)
|
32
46
|
mustermann-grape (~> 1.0.0)
|
33
47
|
rack (>= 1.3.0)
|
34
48
|
rack-accept
|
35
|
-
|
36
|
-
i18n (1.8.1)
|
49
|
+
i18n (1.8.3)
|
37
50
|
concurrent-ruby (~> 1.0)
|
38
|
-
ice_nine (0.11.2)
|
39
51
|
jaro_winkler (1.5.4)
|
40
|
-
minitest (5.
|
52
|
+
minitest (5.14.1)
|
41
53
|
mustermann (1.1.1)
|
42
54
|
ruby2_keywords (~> 0.0.1)
|
43
55
|
mustermann-grape (1.0.1)
|
44
56
|
mustermann (>= 1.0.0)
|
45
|
-
parallel (1.19.
|
46
|
-
parser (2.7.
|
47
|
-
ast (~> 2.4.
|
48
|
-
rack (2.
|
57
|
+
parallel (1.19.2)
|
58
|
+
parser (2.7.1.4)
|
59
|
+
ast (~> 2.4.1)
|
60
|
+
rack (2.2.3)
|
49
61
|
rack-accept (0.4.5)
|
50
62
|
rack (>= 0.4)
|
51
63
|
rainbow (3.0.0)
|
52
|
-
rake (10.5.0)
|
53
64
|
rspec (3.7.0)
|
54
65
|
rspec-core (~> 3.7.0)
|
55
66
|
rspec-expectations (~> 3.7.0)
|
@@ -75,15 +86,10 @@ GEM
|
|
75
86
|
ruby-progressbar (1.10.1)
|
76
87
|
ruby2_keywords (0.0.2)
|
77
88
|
thread_safe (0.3.6)
|
78
|
-
tzinfo (1.2.
|
89
|
+
tzinfo (1.2.7)
|
79
90
|
thread_safe (~> 0.1)
|
80
|
-
unicode-display_width (1.6.
|
81
|
-
|
82
|
-
axiom-types (~> 0.1)
|
83
|
-
coercible (~> 1.0)
|
84
|
-
descendants_tracker (~> 0.0, >= 0.0.3)
|
85
|
-
equalizer (~> 0.0, >= 0.0.9)
|
86
|
-
zeitwerk (2.2.2)
|
91
|
+
unicode-display_width (1.6.1)
|
92
|
+
zeitwerk (2.3.1)
|
87
93
|
|
88
94
|
PLATFORMS
|
89
95
|
ruby
|
@@ -91,7 +97,6 @@ PLATFORMS
|
|
91
97
|
DEPENDENCIES
|
92
98
|
bundler (~> 2.1.0)
|
93
99
|
oauth-bwergemn!
|
94
|
-
rake (~> 10.0)
|
95
100
|
rspec (~> 3.7.0)
|
96
101
|
rubocop (~> 0.79.0)
|
97
102
|
rubocop-performance (~> 1.5.2)
|
@@ -49,18 +49,30 @@ module OauthBwergemn
|
|
49
49
|
def scopes
|
50
50
|
results = []
|
51
51
|
auth_strategy.auth_scopes.map { |s| (results << s) unless s.is_a?(Hash) }
|
52
|
-
results
|
52
|
+
results.map! &:to_sym
|
53
|
+
end
|
54
|
+
|
55
|
+
def access_scopes access
|
56
|
+
access.scopes.all.map!(&:to_sym) rescue []
|
53
57
|
end
|
54
58
|
|
55
59
|
def is_args_include_validate?
|
56
|
-
if args.
|
60
|
+
if args.key?(:validate) && ![true, false].include?(args[:validate])
|
57
61
|
raise OauthBwergemn::Errors::InvalidScope.new("Not valid scope '#{args[:validate]}' in `oauth2 scope`")
|
58
62
|
end
|
59
|
-
args.
|
63
|
+
args.key?(:validate)
|
60
64
|
end
|
61
65
|
|
62
66
|
def is_args_include_as?
|
63
|
-
args.
|
67
|
+
args.key?(:as)
|
68
|
+
end
|
69
|
+
|
70
|
+
def scope_authorize! access
|
71
|
+
if scopes.present? && access
|
72
|
+
unless (scopes & (access_scopes access)).present?
|
73
|
+
raise OauthBwergemn::Errors::InvalidScope.new('OAuth Scope is disallowed')
|
74
|
+
end
|
75
|
+
end
|
64
76
|
end
|
65
77
|
|
66
78
|
def token_optional?
|
@@ -68,7 +80,7 @@ module OauthBwergemn
|
|
68
80
|
end
|
69
81
|
|
70
82
|
def token_required?
|
71
|
-
is_args_include_validate? && [true, false].include?(args[:validate]) && args[:validate].eql?(true) ||
|
83
|
+
is_args_include_validate? && [true, false].include?(args[:validate]) && args[:validate].eql?(true) || is_args_include_validate?.blank?
|
72
84
|
end
|
73
85
|
|
74
86
|
def authorize!
|
@@ -76,16 +88,16 @@ module OauthBwergemn
|
|
76
88
|
unless access.present?
|
77
89
|
raise OauthBwergemn::Errors::InvalidToken
|
78
90
|
end
|
91
|
+
scope_authorize! access
|
79
92
|
resource_as = (is_args_include_as? ? args[:as] : OauthBwergemn.default_resources)
|
80
|
-
|
81
93
|
# rubocop:disable Security/Eval
|
82
|
-
resource = eval(OauthBwergemn.resources[resource_as.to_sym]).
|
94
|
+
resource = eval(OauthBwergemn.resources[resource_as.to_sym]).where(id: access.resource_owner_id).last rescue nil
|
83
95
|
# rubocop:enable Security/Eval
|
84
96
|
{
|
85
97
|
resource_owner: resource,
|
86
98
|
resource_credential: {
|
87
99
|
access_token: access.token,
|
88
|
-
scopes:
|
100
|
+
scopes: (access_scopes access),
|
89
101
|
token_type: 'bearer',
|
90
102
|
expires_in: access.expires_in,
|
91
103
|
refresh_token: access.refresh_token,
|
@@ -112,6 +124,11 @@ module OauthBwergemn
|
|
112
124
|
context.resource_token = token
|
113
125
|
context.resource_owner = nil
|
114
126
|
context.resource_credentials = nil
|
127
|
+
response = authorize! rescue nil
|
128
|
+
if response.present?
|
129
|
+
context.resource_owner = response[:resource_owner] rescue nil
|
130
|
+
context.resource_credentials = response[:resource_credentials] rescue nil
|
131
|
+
end
|
115
132
|
elsif token.present? && token_required? && context.protected_endpoint?
|
116
133
|
response = authorize!
|
117
134
|
context.resource_token = token
|
data/oauth-bwergemn.gemspec
CHANGED
@@ -34,9 +34,8 @@ Gem::Specification.new do |spec|
|
|
34
34
|
spec.require_paths = ['lib']
|
35
35
|
|
36
36
|
spec.add_development_dependency 'bundler', '~> 2.1.0'
|
37
|
-
spec.add_development_dependency 'rake', '~> 10.0'
|
38
37
|
spec.add_development_dependency 'rspec', '~> 3.7.0'
|
39
38
|
spec.add_development_dependency 'rubocop', '~> 0.79.0'
|
40
39
|
spec.add_development_dependency 'rubocop-performance', '~> 1.5.2'
|
41
|
-
spec.add_dependency 'grape', '~> 1.
|
40
|
+
spec.add_dependency 'grape', '~> 1.3.0'
|
42
41
|
end
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: oauth-bwergemn
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.0.
|
4
|
+
version: 1.0.10
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Alam Ybs
|
8
8
|
autorequire:
|
9
9
|
bindir: exe
|
10
10
|
cert_chain: []
|
11
|
-
date: 2020-
|
11
|
+
date: 2020-07-08 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: bundler
|
@@ -24,20 +24,6 @@ dependencies:
|
|
24
24
|
- - "~>"
|
25
25
|
- !ruby/object:Gem::Version
|
26
26
|
version: 2.1.0
|
27
|
-
- !ruby/object:Gem::Dependency
|
28
|
-
name: rake
|
29
|
-
requirement: !ruby/object:Gem::Requirement
|
30
|
-
requirements:
|
31
|
-
- - "~>"
|
32
|
-
- !ruby/object:Gem::Version
|
33
|
-
version: '10.0'
|
34
|
-
type: :development
|
35
|
-
prerelease: false
|
36
|
-
version_requirements: !ruby/object:Gem::Requirement
|
37
|
-
requirements:
|
38
|
-
- - "~>"
|
39
|
-
- !ruby/object:Gem::Version
|
40
|
-
version: '10.0'
|
41
27
|
- !ruby/object:Gem::Dependency
|
42
28
|
name: rspec
|
43
29
|
requirement: !ruby/object:Gem::Requirement
|
@@ -86,14 +72,14 @@ dependencies:
|
|
86
72
|
requirements:
|
87
73
|
- - "~>"
|
88
74
|
- !ruby/object:Gem::Version
|
89
|
-
version: 1.
|
75
|
+
version: 1.3.0
|
90
76
|
type: :runtime
|
91
77
|
prerelease: false
|
92
78
|
version_requirements: !ruby/object:Gem::Requirement
|
93
79
|
requirements:
|
94
80
|
- - "~>"
|
95
81
|
- !ruby/object:Gem::Version
|
96
|
-
version: 1.
|
82
|
+
version: 1.3.0
|
97
83
|
description: Oauth Bwergemn is a Grape middleware to connect your API resources with
|
98
84
|
your API authenticator.
|
99
85
|
email:
|