RubyGems - oauth-bwergemn - Versions diffs - 1.0.9 → 1.0.10 - Mend

oauth-bwergemn 1.0.9 → 1.0.10

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (4) hide show

checksums.yaml +4 -4
data/lib/oauth_bwergemn/oauth2.rb +19 -7
data/lib/oauth_bwergemn/version.rb +1 -1
metadata +2 -2

checksums.yaml CHANGED

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: f1198087600f843b4a1500049f999e031aec3631b0d0db76020162883b125a3e
-  data.tar.gz: bc71b01282cd981b8e12e3b3f43f8ffb6a35ac30efd5d649af9decd691ce5612
+  metadata.gz: e46c6acfa64976a4efd66ac4e880f2b82c83354d275b81edadbd66632563c0db
+  data.tar.gz: 813e8774a700ed3225a3a5065928d39500b1110b2ee54e68dd6d229ed374ffc9
 SHA512:
-  metadata.gz: 30c376fb21f5adc63f333de48d8e059beb9fb6a43df7228ea253297ade57122eb500f083f4ccb5a1833b822ed6425fae61e268f89f62d1b09154edcf2f5bfa34
-  data.tar.gz: c843b88a28e9962a15a0dcd7ec0b33da8b30d73444729dd4854cf9f95ff4155cfe2686a3ffad22b50e829ff0464092c40f552fd9d32abc273a4883f0ff6134ff
+  metadata.gz: 28f9010d626ed0d8e1c4d51cb6fe370eb95eed73485077cbd1146caf1504cf8579c66d6725514c8b161d3f334464fdb7f98c9488898531ac4ee3890e7dbe010c
+  data.tar.gz: 05ecce137a71d52d379dbbb72674abd5b54c731ffa2c42d394720002f7344f544612fb2a644338e1d8f8d0b57bd6a01ac552e8c7fb0634b6746086cf3a99de80

data/lib/oauth_bwergemn/oauth2.rb CHANGED

@@ -49,18 +49,30 @@ module OauthBwergemn
     def scopes
       results = []
       auth_strategy.auth_scopes.map { |s| (results << s) unless s.is_a?(Hash) }
-      results
+      results.map! &:to_sym
+    end
+    def access_scopes access
+      access.scopes.all.map!(&:to_sym) rescue []
     end
     def is_args_include_validate?
-      if args.keys.include?(:validate) && ![true, false].include?(args[:validate])
+      if args.key?(:validate) && ![true, false].include?(args[:validate])
         raise OauthBwergemn::Errors::InvalidScope.new("Not valid scope '#{args[:validate]}' in `oauth2 scope`")
       end
-      args.keys.include?(:validate)
+      args.key?(:validate)
     end
     def is_args_include_as?
-      args.keys.include?(:as)
+      args.key?(:as)
+    end
+    def scope_authorize! access
+      if scopes.present? && access
+        unless (scopes & (access_scopes access)).present?
+          raise OauthBwergemn::Errors::InvalidScope.new('OAuth Scope is disallowed')
+        end
+      end
     end
     def token_optional?
@@ -76,16 +88,16 @@ module OauthBwergemn
       unless access.present?
         raise OauthBwergemn::Errors::InvalidToken
       end
+      scope_authorize! access
       resource_as = (is_args_include_as? ? args[:as] : OauthBwergemn.default_resources)
       # rubocop:disable Security/Eval
-      resource = eval(OauthBwergemn.resources[resource_as.to_sym]).find_by(id: access.resource_owner_id) rescue nil
+      resource = eval(OauthBwergemn.resources[resource_as.to_sym]).where(id: access.resource_owner_id).last rescue nil
       # rubocop:enable Security/Eval
       {
         resource_owner:      resource,
         resource_credential: {
           access_token:  access.token,
-          scopes:        scopes,
+          scopes:        (access_scopes access),
           token_type:    'bearer',
           expires_in:    access.expires_in,
           refresh_token: access.refresh_token,

data/lib/oauth_bwergemn/version.rb CHANGED

@@ -1,6 +1,6 @@
 # frozen_string_literal: true
 module OauthBwergemn
-  VERSION = '1.0.9'
+  VERSION = '1.0.10'
   public_constant :VERSION
 end

metadata CHANGED

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: oauth-bwergemn
 version: !ruby/object:Gem::Version
-  version: 1.0.9
+  version: 1.0.10
 platform: ruby
 authors:
 - Alam Ybs
 autorequire:
 bindir: exe
 cert_chain: []
-date: 2020-07-03 00:00:00.000000000 Z
+date: 2020-07-08 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler