oauth-bwergemn 1.0.9 → 1.0.10
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/oauth_bwergemn/oauth2.rb +19 -7
- data/lib/oauth_bwergemn/version.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: e46c6acfa64976a4efd66ac4e880f2b82c83354d275b81edadbd66632563c0db
|
4
|
+
data.tar.gz: 813e8774a700ed3225a3a5065928d39500b1110b2ee54e68dd6d229ed374ffc9
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 28f9010d626ed0d8e1c4d51cb6fe370eb95eed73485077cbd1146caf1504cf8579c66d6725514c8b161d3f334464fdb7f98c9488898531ac4ee3890e7dbe010c
|
7
|
+
data.tar.gz: 05ecce137a71d52d379dbbb72674abd5b54c731ffa2c42d394720002f7344f544612fb2a644338e1d8f8d0b57bd6a01ac552e8c7fb0634b6746086cf3a99de80
|
@@ -49,18 +49,30 @@ module OauthBwergemn
|
|
49
49
|
def scopes
|
50
50
|
results = []
|
51
51
|
auth_strategy.auth_scopes.map { |s| (results << s) unless s.is_a?(Hash) }
|
52
|
-
results
|
52
|
+
results.map! &:to_sym
|
53
|
+
end
|
54
|
+
|
55
|
+
def access_scopes access
|
56
|
+
access.scopes.all.map!(&:to_sym) rescue []
|
53
57
|
end
|
54
58
|
|
55
59
|
def is_args_include_validate?
|
56
|
-
if args.
|
60
|
+
if args.key?(:validate) && ![true, false].include?(args[:validate])
|
57
61
|
raise OauthBwergemn::Errors::InvalidScope.new("Not valid scope '#{args[:validate]}' in `oauth2 scope`")
|
58
62
|
end
|
59
|
-
args.
|
63
|
+
args.key?(:validate)
|
60
64
|
end
|
61
65
|
|
62
66
|
def is_args_include_as?
|
63
|
-
args.
|
67
|
+
args.key?(:as)
|
68
|
+
end
|
69
|
+
|
70
|
+
def scope_authorize! access
|
71
|
+
if scopes.present? && access
|
72
|
+
unless (scopes & (access_scopes access)).present?
|
73
|
+
raise OauthBwergemn::Errors::InvalidScope.new('OAuth Scope is disallowed')
|
74
|
+
end
|
75
|
+
end
|
64
76
|
end
|
65
77
|
|
66
78
|
def token_optional?
|
@@ -76,16 +88,16 @@ module OauthBwergemn
|
|
76
88
|
unless access.present?
|
77
89
|
raise OauthBwergemn::Errors::InvalidToken
|
78
90
|
end
|
91
|
+
scope_authorize! access
|
79
92
|
resource_as = (is_args_include_as? ? args[:as] : OauthBwergemn.default_resources)
|
80
|
-
|
81
93
|
# rubocop:disable Security/Eval
|
82
|
-
resource = eval(OauthBwergemn.resources[resource_as.to_sym]).
|
94
|
+
resource = eval(OauthBwergemn.resources[resource_as.to_sym]).where(id: access.resource_owner_id).last rescue nil
|
83
95
|
# rubocop:enable Security/Eval
|
84
96
|
{
|
85
97
|
resource_owner: resource,
|
86
98
|
resource_credential: {
|
87
99
|
access_token: access.token,
|
88
|
-
scopes:
|
100
|
+
scopes: (access_scopes access),
|
89
101
|
token_type: 'bearer',
|
90
102
|
expires_in: access.expires_in,
|
91
103
|
refresh_token: access.refresh_token,
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: oauth-bwergemn
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.0.
|
4
|
+
version: 1.0.10
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Alam Ybs
|
8
8
|
autorequire:
|
9
9
|
bindir: exe
|
10
10
|
cert_chain: []
|
11
|
-
date: 2020-07-
|
11
|
+
date: 2020-07-08 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: bundler
|