oauth2 1.4.5 → 1.4.9

Sign up to get free protection for your applications and to get access to all the features.
Files changed (61) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +37 -1
  3. data/LICENSE +1 -1
  4. data/README.md +276 -111
  5. data/lib/oauth2/access_token.rb +7 -7
  6. data/lib/oauth2/authenticator.rb +3 -1
  7. data/lib/oauth2/client.rb +105 -70
  8. data/lib/oauth2/error.rb +3 -1
  9. data/lib/oauth2/mac_token.rb +18 -18
  10. data/lib/oauth2/response.rb +2 -0
  11. data/lib/oauth2/strategy/assertion.rb +3 -1
  12. data/lib/oauth2/strategy/auth_code.rb +3 -1
  13. data/lib/oauth2/strategy/base.rb +2 -0
  14. data/lib/oauth2/strategy/client_credentials.rb +3 -1
  15. data/lib/oauth2/strategy/implicit.rb +3 -1
  16. data/lib/oauth2/strategy/password.rb +3 -1
  17. data/lib/oauth2/version.rb +8 -3
  18. data/lib/oauth2.rb +2 -0
  19. data/spec/fixtures/README.md +11 -0
  20. data/spec/fixtures/RS256/jwtRS256.key +51 -0
  21. data/spec/fixtures/RS256/jwtRS256.key.pub +14 -0
  22. data/spec/helper.rb +33 -0
  23. data/spec/oauth2/access_token_spec.rb +218 -0
  24. data/spec/oauth2/authenticator_spec.rb +86 -0
  25. data/spec/oauth2/client_spec.rb +556 -0
  26. data/spec/oauth2/mac_token_spec.rb +122 -0
  27. data/spec/oauth2/response_spec.rb +96 -0
  28. data/spec/oauth2/strategy/assertion_spec.rb +113 -0
  29. data/spec/oauth2/strategy/auth_code_spec.rb +108 -0
  30. data/spec/oauth2/strategy/base_spec.rb +7 -0
  31. data/spec/oauth2/strategy/client_credentials_spec.rb +71 -0
  32. data/spec/oauth2/strategy/implicit_spec.rb +28 -0
  33. data/spec/oauth2/strategy/password_spec.rb +58 -0
  34. data/spec/oauth2/version_spec.rb +23 -0
  35. metadata +49 -90
  36. data/.document +0 -5
  37. data/.github/dependabot.yml +0 -8
  38. data/.github/workflows/style.yml +0 -37
  39. data/.github/workflows/test.yml +0 -58
  40. data/.gitignore +0 -19
  41. data/.jrubyrc +0 -1
  42. data/.rspec +0 -4
  43. data/.rubocop.yml +0 -112
  44. data/.rubocop_rspec.yml +0 -26
  45. data/.rubocop_todo.yml +0 -113
  46. data/.ruby-version +0 -1
  47. data/.travis.yml +0 -75
  48. data/CONTRIBUTING.md +0 -18
  49. data/Gemfile +0 -61
  50. data/Rakefile +0 -45
  51. data/gemfiles/jruby_1.7.gemfile +0 -11
  52. data/gemfiles/jruby_9.0.gemfile +0 -7
  53. data/gemfiles/jruby_9.1.gemfile +0 -3
  54. data/gemfiles/jruby_9.2.gemfile +0 -3
  55. data/gemfiles/jruby_head.gemfile +0 -3
  56. data/gemfiles/ruby_1.9.gemfile +0 -11
  57. data/gemfiles/ruby_2.0.gemfile +0 -6
  58. data/gemfiles/ruby_head.gemfile +0 -9
  59. data/gemfiles/truffleruby.gemfile +0 -3
  60. data/maintenance-branch +0 -1
  61. data/oauth2.gemspec +0 -52
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: a85bca5fd51e149c80b5403207615e23040773582d3e2ae0fc2c44b83d49e866
4
- data.tar.gz: 8022e428b4e48a88bbc84ec5855bce39d3b7b37ffe8a987df161103402b08585
3
+ metadata.gz: ecc51b3695e669f4853934aa43c64de29380877340685e35e44ccc1be8957226
4
+ data.tar.gz: aa8e0e388084a5374743b1fc7122fd85729f41876fdbe9d679a441813cb3e10c
5
5
  SHA512:
6
- metadata.gz: 810d0073495d3e5f05149b41257e02fbfd2ce09294f082dd69ddba67cc7c523d268f8163232ec6da783f05adf3f0e2876980699be3e6de58732cb1d8d988be20
7
- data.tar.gz: d70c9a0303ae519eaa2b0db6af9e8dc56380263fbb30fce15a7ec9ff26ccc467de99a91265bc57d8bdce9bf2ade650312804e161b598e49c29ee81d2f2a3678f
6
+ metadata.gz: 06c89fbcf461bc08dce02c484b7fef1284d31bed026c606bf966fe85ca351451063763e9c580e9f716bd7a811e0dd8d2f0b3572df5190724dcaf0c539fd9d4aa
7
+ data.tar.gz: cf59ec61aa6d7e7c595ff2b5ea73a24441364300ba846efb52508907568ed5aa62619b69dec6428bbfbd341540a4d802709b03703e431fc83ed1de9634d10523
data/CHANGELOG.md CHANGED
@@ -3,10 +3,41 @@ All notable changes to this project will be documented in this file.
3
3
 
4
4
  ## unreleased
5
5
 
6
- ## [1.4.5] - 2020-03-18
6
+ ## [1.4.9] - 2022-02-20
7
+
8
+ - Fixes compatibility with Faraday v2 [572](https://github.com/oauth-xx/oauth2/issues/572)
9
+ - Includes supported versions of Faraday in test matrix:
10
+ - Faraday ~> 2.2.0 with Ruby >= 2.6
11
+ - Faraday ~> 1.10 with Ruby >= 2.4
12
+ - Faraday ~> 0.17.3 with Ruby >= 1.9
13
+ - Add Windows and MacOS to test matrix
14
+
15
+ ## [1.4.8] - 2022-02-18
16
+
17
+ - MFA is now required to push new gem versions (@pboling)
18
+ - README overhaul w/ new Ruby Verion and Engine compatibility policies (@pboling)
19
+ - [#569](https://github.com/oauth-xx/oauth2/pull/569) Backport fixes ([#561](https://github.com/oauth-xx/oauth2/pull/561) by @ryogift), and add more fixes, to allow faraday 1.x and 2.x (@jrochkind)
20
+ - Improve Code Coverage tracking (Coveralls, CodeCov, CodeClimate), and enable branch coverage (@pboling)
21
+ - Add CodeQL, Security Policy, Funding info (@pboling)
22
+ - Added Ruby 3.1, jruby, jruby-head, truffleruby, truffleruby-head to build matrix (@pboling)
23
+ - [#543](https://github.com/oauth-xx/oauth2/pull/543) - Support for more modern Open SSL libraries (@pboling)
24
+
25
+ ## [1.4.7] - 2021-03-19
26
+
27
+ - [#541](https://github.com/oauth-xx/oauth2/pull/541) - Backport fix to expires_at handling [#533](https://github.com/oauth-xx/oauth2/pull/533) to 1-4-stable branch. (@dobon)
28
+
29
+ ## [1.4.6] - 2021-03-19
30
+
31
+ - [#540](https://github.com/oauth-xx/oauth2/pull/540) - Add VERSION constant (@pboling)
32
+ - [#537](https://github.com/oauth-xx/oauth2/pull/537) - Fix crash in OAuth2::Client#get_token (@anderscarling)
33
+ - [#538](https://github.com/oauth-xx/oauth2/pull/538) - Remove reliance on globally included OAuth2 in tests for version 1.4 (@anderscarling)
34
+
35
+ ## [1.4.5] - 2021-03-18
7
36
 
8
37
  - [#535](https://github.com/oauth-xx/oauth2/pull/535) - Compatibility with range of supported Ruby OpenSSL versions, Rubocop updates, Github Actions (@pboling)
9
38
  - [#518](https://github.com/oauth-xx/oauth2/pull/518) - Add extract_access_token option to OAuth2::Client (@jonspalmer)
39
+ - [#507](https://github.com/oauth-xx/oauth2/pull/507) - Fix camel case content type, response keys (@anvox)
40
+ - [#500](https://github.com/oauth-xx/oauth2/pull/500) - Fix YARD documentation formatting (@olleolleolle)
10
41
 
11
42
  ## [1.4.4] - 2020-02-12
12
43
 
@@ -157,4 +188,9 @@ All notable changes to this project will be documented in this file.
157
188
  [1.4.1]: https://github.com/oauth-xx/oauth2/compare/v1.4.0...v1.4.1
158
189
  [1.4.2]: https://github.com/oauth-xx/oauth2/compare/v1.4.1...v1.4.2
159
190
  [1.4.3]: https://github.com/oauth-xx/oauth2/compare/v1.4.2...v1.4.3
191
+ [1.4.4]: https://github.com/oauth-xx/oauth2/compare/v1.4.3...v1.4.4
192
+ [1.4.5]: https://github.com/oauth-xx/oauth2/compare/v1.4.4...v1.4.5
193
+ [1.4.6]: https://github.com/oauth-xx/oauth2/compare/v1.4.5...v1.4.6
194
+ [1.4.7]: https://github.com/oauth-xx/oauth2/compare/v1.4.6...v1.4.7
195
+ [1.4.8]: https://github.com/oauth-xx/oauth2/compare/v1.4.7...v1.4.8
160
196
  [unreleased]: https://github.com/oauth-xx/oauth2/compare/v1.4.1...HEAD
data/LICENSE CHANGED
@@ -1,7 +1,7 @@
1
1
  MIT License
2
2
 
3
3
  Copyright (c) 2011 - 2013 Michael Bleigh and Intridea, Inc.
4
- Copyright (c) 2017 - 2018 oauth-xx organization, https://github.com/oauth-xx
4
+ Copyright (c) 2017 - 2022 oauth-xx organization, https://github.com/oauth-xx
5
5
 
6
6
  Permission is hereby granted, free of charge, to any person obtaining a copy
7
7
  of this software and associated documentation files (the "Software"), to deal
data/README.md CHANGED
@@ -1,73 +1,260 @@
1
- # OAuth2
1
+ <p align="center">
2
+ <a href="http://oauth.net/2/" target="_blank" rel="noopener noreferrer">
3
+ <img src="https://github.com/oauth-xx/oauth2/raw/master/docs/images/logo/oauth2-logo-124px.png?raw=true" alt="OAuth 2.0 Logo by Chris Messina, CC BY-SA 3.0">
4
+ </a>
5
+ <a href="https://www.ruby-lang.org/" target="_blank" rel="noopener noreferrer">
6
+ <img width="124px" src="https://github.com/oauth-xx/oauth2/raw/master/docs/images/logo/ruby-logo-198px.svg?raw=true" alt="Yukihiro Matsumoto, Ruby Visual Identity Team, CC BY-SA 2.5">
7
+ </a>
8
+ </p>
9
+
10
+ ## What
11
+
12
+ OAuth 2.0 is the industry-standard protocol for authorization.
13
+ OAuth 2.0 focuses on client developer simplicity while providing specific authorization flows for web applications,
14
+ desktop applications, mobile phones, and living room devices.
15
+ This is a RubyGem for implementing OAuth 2.0 clients and servers in Ruby applications.
16
+ See the sibling `oauth` gem for OAuth 1.0 implementations in Ruby.
17
+
18
+ ⚠️ **_WARNING_**: You are viewing the `README` of the soon-to-be-deprecated `1-4-stable`
19
+ branch which for version 1.4.x releases. Version 2.0 is coming! ⚠️
2
20
 
3
- If you need the readme for a released version of the gem please find it below:
21
+ ---
22
+
23
+ * [OAuth 2.0 Spec][oauth2-spec]
24
+ * [OAuth 1.0 sibling gem][sibling-gem]
25
+ * Help us finish release [![2.0.0 release milestone][next-milestone-pct-img]][next-milestone-pct] by submitting or reviewing PRs and issues.
26
+ * Oauth2 gem is _always_ looking for additional maintainers. See [#307][maintainers-discussion].
27
+
28
+ [oauth2-spec]: https://oauth.net/2/
29
+ [sibling-gem]: https://github.com/oauth-xx/oauth-ruby
30
+ [next-milestone-pct]: https://github.com/oauth-xx/oauth2/milestone/1
31
+ [next-milestone-pct-img]: https://img.shields.io/github/milestones/progress-percent/oauth-xx/oauth2/1
32
+ [maintainers-discussion]: https://github.com/oauth-xx/oauth2/issues/307
33
+
34
+ ## Release Documentation
35
+
36
+ <details>
37
+ <summary>1.4.x Readmes</summary>
38
+
39
+ | Version | Release Date | Readme |
40
+ |---------|--------------|----------------------------------------------------------|
41
+ | 1.4.8 | Feb 18, 2022 | https://github.com/oauth-xx/oauth2/blob/v1.4.8/README.md |
42
+ | 1.4.7 | Mar 19, 2021 | https://github.com/oauth-xx/oauth2/blob/v1.4.7/README.md |
43
+ | 1.4.6 | Mar 19, 2021 | https://github.com/oauth-xx/oauth2/blob/v1.4.6/README.md |
44
+ | 1.4.5 | Mar 18, 2021 | https://github.com/oauth-xx/oauth2/blob/v1.4.5/README.md |
45
+ | 1.4.4 | Feb 12, 2020 | https://github.com/oauth-xx/oauth2/blob/v1.4.4/README.md |
46
+ | 1.4.3 | Jan 29, 2020 | https://github.com/oauth-xx/oauth2/blob/v1.4.3/README.md |
47
+ | 1.4.2 | Oct 1, 2019 | https://github.com/oauth-xx/oauth2/blob/v1.4.2/README.md |
48
+ | 1.4.1 | Oct 13, 2018 | https://github.com/oauth-xx/oauth2/blob/v1.4.1/README.md |
49
+ | 1.4.0 | Jun 9, 2017 | https://github.com/oauth-xx/oauth2/blob/v1.4.0/README.md |
50
+ </details>
51
+
52
+ <details>
53
+ <summary>1.3.x Readmes</summary>
4
54
 
5
55
  | Version | Release Date | Readme |
6
56
  |----------|--------------|----------------------------------------------------------|
7
- | 1.4.4 | Feb 12, 2020 | https://github.com/oauth-xx/oauth2/blob/v1.4.4/README.md |
8
- | 1.4.3 | Jan 29, 2020 | https://github.com/oauth-xx/oauth2/blob/v1.4.3/README.md |
9
- | 1.4.2 | Oct 1, 2019 | https://github.com/oauth-xx/oauth2/blob/v1.4.2/README.md |
10
- | 1.4.1 | Oct 13, 2018 | https://github.com/oauth-xx/oauth2/blob/v1.4.1/README.md |
11
- | 1.4.0 | Jun 9, 2017 | https://github.com/oauth-xx/oauth2/blob/v1.4.0/README.md |
12
57
  | 1.3.1 | Mar 3, 2017 | https://github.com/oauth-xx/oauth2/blob/v1.3.1/README.md |
13
58
  | 1.3.0 | Dec 27, 2016 | https://github.com/oauth-xx/oauth2/blob/v1.3.0/README.md |
59
+ </details>
60
+
61
+ <details>
62
+ <summary>&le;= 1.2.x Readmes (2016 and before)</summary>
63
+
64
+ | Version | Release Date | Readme |
65
+ |----------|--------------|----------------------------------------------------------|
14
66
  | 1.2.0 | Jun 30, 2016 | https://github.com/oauth-xx/oauth2/blob/v1.2.0/README.md |
15
67
  | 1.1.0 | Jan 30, 2016 | https://github.com/oauth-xx/oauth2/blob/v1.1.0/README.md |
16
68
  | 1.0.0 | May 23, 2014 | https://github.com/oauth-xx/oauth2/blob/v1.0.0/README.md |
17
69
  | < 1.0.0 | Find here | https://github.com/oauth-xx/oauth2/tags |
70
+ </details>
71
+
72
+ <!--
73
+ Numbering rows and badges in each row as a visual "database" lookup,
74
+ as the table is extremely dense, and it can be very difficult to find anything
75
+ Putting one on each row here, to document the emoji that should be used, and for ease of copy/paste.
76
+
77
+ row #s:
78
+ 1️⃣
79
+ 2️⃣
80
+ 3️⃣
81
+ 4️⃣
82
+ 5️⃣
83
+ 6️⃣
84
+ 7️⃣
85
+
86
+ badge #s:
87
+ ⛳️
88
+ 🖇
89
+ 🏘
90
+ 🚎
91
+ 🖐
92
+ 🧮
93
+ 📗
94
+ -->
95
+
96
+ | | Project | oauth2 |
97
+ |:----|-----------------------|---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
98
+ | 1️⃣ | name, license, docs | [![RubyGems.org][⛳️name-img]][⛳️gem] [![License: MIT][🖇src-license-img]][🖇src-license] [![FOSSA][🏘fossa-img]][🏘fossa] [![RubyDoc.info][🚎yard-img]][🚎yard] [![InchCI][🖐inch-ci-img]][🚎yard] |
99
+ | 2️⃣ | version & activity | [![Gem Version][⛳️version-img]][⛳️gem] [![Total Downloads][🖇DL-total-img]][⛳️gem] [![Download Rank][🏘DL-rank-img]][⛳️gem] [![Source Code][🚎src-home-img]][🚎src-home] [![Open PRs][🖐prs-open-img]][🖐prs-open] [![Closed PRs][🧮prs-closed-img]][🧮prs-closed] |
100
+ | 3️⃣ | maintanence & linting | [![Maintainability][⛳cclim-maint-img]][⛳cclim-maint] [![Helpers][🖇triage-help-img]][🖇triage-help] [![Depfu][🏘depfu-img]][🏘depfu] [![Contributors][🚎contributors-img]][🚎contributors] [![Style][🖐style-wf-img]][🖐style-wf] [![Kloc Roll][🧮kloc-img]][🧮kloc] |
101
+ | 4️⃣ | testing | [![Build][⛳️tot-bld-img]][⛳️tot-bld] [![supported][🖇supported-wf-img]][🖇supported-wf] [![EOL & Code Coverage Build][🏘eol-wf-img]][🏘eol-wf] [![unsupported][🚎unsupported-wf-img]][🚎unsupported-wf] |
102
+ | 5️⃣ | coverage & security | [![CodeClimate][⛳cclim-cov-img]][⛳cclim-cov] [![CodeCov][🖇codecov-img]][🖇codecov] [![Coveralls][🏘coveralls-img]][🏘coveralls] [![Security Policy][🚎sec-pol-img]][🚎sec-pol] [![CodeQL][🖐codeQL-img]][🖐codeQL] |
103
+ | 6️⃣ | resources | [![Discussion][⛳gh-discussions-img]][⛳gh-discussions] [![Get help on Codementor][🖇codementor-img]][🖇codementor] [![Chat][🏘chat-img]][🏘chat] [![Blog][🚎blog-img]][🚎blog] [![Blog][🖐wiki-img]][🖐wiki] |
104
+ | 7️⃣ | spread 💖 | [![Liberapay Patrons][⛳liberapay-img]][⛳liberapay] [![Sponsor Me][🖇sponsor-img]][🖇sponsor] [![Tweet @ Peter][🏘tweet-img]][🏘tweet] [🌏][aboutme] [👼][angelme] [💻][coderme] [🌹][politicme] |
105
+
106
+ <!--
107
+ The link tokens in the following sections should be kept ordered by the row and badge numbering scheme
108
+ -->
109
+
110
+ <!-- 1️⃣ name, license, docs -->
111
+ [⛳️gem]: https://rubygems.org/gems/oauth2
112
+ [⛳️name-img]: https://img.shields.io/badge/name-oauth2-brightgreen.svg?style=flat
113
+ [🖇src-license]: https://opensource.org/licenses/MIT
114
+ [🖇src-license-img]: https://img.shields.io/badge/License-MIT-green.svg
115
+ [🏘fossa]: https://app.fossa.io/projects/git%2Bgithub.com%2Foauth-xx%2Foauth2?ref=badge_shield
116
+ [🏘fossa-img]: https://app.fossa.io/api/projects/git%2Bgithub.com%2Foauth-xx%2Foauth2.svg?type=shield
117
+ [🚎yard]: https://www.rubydoc.info/github/oauth-xx/oauth2
118
+ [🚎yard-img]: https://img.shields.io/badge/documentation-rubydoc-brightgreen.svg?style=flat
119
+ [🖐inch-ci-img]: http://inch-ci.org/github/oauth-xx/oauth2.png
120
+
121
+ <!-- 2️⃣ version & activity -->
122
+ [⛳️version-img]: http://img.shields.io/gem/v/oauth2.svg
123
+ [🖇DL-total-img]: https://img.shields.io/gem/dt/oauth2.svg
124
+ [🏘DL-rank-img]: https://img.shields.io/gem/rt/oauth2.svg
125
+ [🚎src-home]: https://github.com/oauth-xx/oauth2
126
+ [🚎src-home-img]: https://img.shields.io/badge/source-github-brightgreen.svg?style=flat
127
+ [🖐prs-open]: https://github.com/oauth-xx/oauth2/pulls
128
+ [🖐prs-open-img]: https://img.shields.io/github/issues-pr/oauth-xx/oauth2
129
+ [🧮prs-closed]: https://github.com/oauth-xx/oauth2/pulls?q=is%3Apr+is%3Aclosed
130
+ [🧮prs-closed-img]: https://img.shields.io/github/issues-pr-closed/oauth-xx/oauth2
131
+
132
+ <!-- 3️⃣ maintanence & linting -->
133
+ [⛳cclim-maint]: https://codeclimate.com/github/oauth-xx/oauth2/maintainability
134
+ [⛳cclim-maint-img]: https://api.codeclimate.com/v1/badges/688c612528ff90a46955/maintainability
135
+ [🖇triage-help]: https://www.codetriage.com/oauth-xx/oauth2
136
+ [🖇triage-help-img]: https://www.codetriage.com/oauth-xx/oauth2/badges/users.svg
137
+ [🏘depfu]: https://depfu.com/github/oauth-xx/oauth2?project_id=4445
138
+ [🏘depfu-img]: https://badges.depfu.com/badges/6d34dc1ba682bbdf9ae2a97848241743/count.svg
139
+ [🚎contributors]: https://github.com/oauth-xx/oauth2/graphs/contributors
140
+ [🚎contributors-img]: https://img.shields.io/github/contributors-anon/oauth-xx/oauth2
141
+ [🖐style-wf]: https://github.com/oauth-xx/oauth2/actions/workflows/style.yml
142
+ [🖐style-wf-img]: https://github.com/oauth-xx/oauth2/actions/workflows/style.yml/badge.svg
143
+ [🧮kloc]: https://www.youtube.com/watch?v=dQw4w9WgXcQ
144
+ [🧮kloc-img]: https://img.shields.io/tokei/lines/github.com/oauth-xx/oauth2
145
+
146
+ <!-- 4️⃣ testing -->
147
+ [⛳️tot-bld]: https://actions-badge.atrox.dev/oauth-xx/oauth2/goto
148
+ [⛳️tot-bld-img]: https://img.shields.io/endpoint.svg?url=https%3A%2F%2Factions-badge.atrox.dev%2Foauth-xx%2Foauth2%2Fbadge&style=flat
149
+ [🖇supported-wf]: https://github.com/oauth-xx/oauth2/actions/workflows/supported.yml
150
+ [🖇supported-wf-img]: https://github.com/oauth-xx/oauth2/actions/workflows/supported.yml/badge.svg
151
+ [🏘eol-wf]: https://github.com/oauth-xx/oauth2/actions/workflows/coverage.yml
152
+ [🏘eol-wf-img]: https://github.com/oauth-xx/oauth2/actions/workflows/coverage.yml/badge.svg
153
+ [🚎unsupported-wf]: https://github.com/oauth-xx/oauth2/actions/workflows/unsupported.yml
154
+ [🚎unsupported-wf-img]: https://github.com/oauth-xx/oauth2/actions/workflows/unsupported.yml/badge.svg
155
+ [🖐issues]: https://github.com/oauth-xx/oauth2/issues
156
+ [🖐issues-img]: https://github.com/oauth-xx/oauth2/issues
157
+
158
+ <!-- 5️⃣ coverage & security -->
159
+ [⛳cclim-cov]: https://codeclimate.com/github/oauth-xx/oauth2/test_coverage
160
+ [⛳cclim-cov-img]: https://api.codeclimate.com/v1/badges/688c612528ff90a46955/test_coverage
161
+ [🖇codecov-img]: https://codecov.io/gh/oauth-xx/oauth2/branch/1-4-stable/graph/badge.svg?token=bNqSzNiuo2
162
+ [🖇codecov]: https://codecov.io/gh/oauth-xx/oauth2
163
+ [🏘coveralls]: https://coveralls.io/github/oauth-xx/oauth2?branch=1-4-stable
164
+ [🏘coveralls-img]: https://coveralls.io/repos/github/oauth-xx/oauth2/badge.svg?branch=1-4-stable
165
+ [🚎sec-pol]: https://github.com/oauth-xx/oauth2/blob/master/SECURITY.md
166
+ [🚎sec-pol-img]: https://img.shields.io/badge/security-policy-brightgreen.svg?style=flat
167
+ [🖐codeQL]: https://github.com/oauth-xx/oauth2/security/code-scanning
168
+ [🖐codeQL-img]: https://github.com/oauth-xx/oauth2/actions/workflows/codeql-analysis.yml/badge.svg
169
+
170
+ <!-- 6️⃣ resources -->
171
+ [⛳gh-discussions]: https://github.com/oauth-xx/oauth2/discussions
172
+ [⛳gh-discussions-img]: https://img.shields.io/github/discussions/oauth-xx/oauth2
173
+ [🖇codementor]: https://www.codementor.io/peterboling?utm_source=github&utm_medium=button&utm_term=peterboling&utm_campaign=github
174
+ [🖇codementor-img]: https://cdn.codementor.io/badges/get_help_github.svg
175
+ [🏘chat]: https://gitter.im/oauth-xx/oauth2
176
+ [🏘chat-img]: https://img.shields.io/gitter/room/oauth-xx/oauth2.svg
177
+ [🚎blog]: http://www.railsbling.com/tags/oauth2/
178
+ [🚎blog-img]: https://img.shields.io/badge/blog-railsbling-brightgreen.svg?style=flat
179
+ [🖐wiki]: https://github.com/oauth-xx/oauth2/wiki
180
+ [🖐wiki-img]: https://img.shields.io/badge/wiki-examples-brightgreen.svg?style=flat
181
+
182
+ <!-- 7️⃣ spread 💖 -->
183
+ [⛳liberapay-img]: https://img.shields.io/liberapay/patrons/pboling.svg?logo=liberapay
184
+ [⛳liberapay]: https://liberapay.com/pboling/donate
185
+ [🖇sponsor-img]: https://img.shields.io/badge/sponsor-pboling.svg?style=social&logo=github
186
+ [🖇sponsor]: https://github.com/sponsors/pboling
187
+ [🏘tweet-img]: https://img.shields.io/twitter/follow/galtzo.svg?style=social&label=Follow
188
+ [🏘tweet]: http://twitter.com/galtzo
189
+
190
+ <!-- Maintainer Contact Links -->
191
+ [railsbling]: http://www.railsbling.com
192
+ [peterboling]: http://www.peterboling.com
193
+ [aboutme]: https://about.me/peter.boling
194
+ [angelme]: https://angel.co/peter-boling
195
+ [coderme]:http://coderwall.com/pboling
196
+ [politicme]: https://nationalprogressiveparty.org
18
197
 
19
- [![Gem Version](http://img.shields.io/gem/v/oauth2.svg)][gem]
20
- [![Total Downloads](https://img.shields.io/gem/dt/oauth2.svg)][gem]
21
- [![Downloads Today](https://img.shields.io/gem/rt/oauth2.svg)][gem]
22
- [![Build Status](https://travis-ci.org/oauth-xx/oauth2.svg?branch=1-4-stable)][travis]
23
- [![Test Coverage](https://api.codeclimate.com/v1/badges/688c612528ff90a46955/test_coverage)][codeclimate-coverage]
24
- [![Maintainability](https://api.codeclimate.com/v1/badges/688c612528ff90a46955/maintainability)][codeclimate-maintainability]
25
- [![Depfu](https://badges.depfu.com/badges/6d34dc1ba682bbdf9ae2a97848241743/count.svg)][depfu]
26
- [![Open Source Helpers](https://www.codetriage.com/oauth-xx/oauth2/badges/users.svg)][code-triage]
27
- [![Chat](https://img.shields.io/gitter/room/oauth-xx/oauth2.svg)](https://gitter.im/oauth-xx/oauth2)
28
- [![License: MIT](https://img.shields.io/badge/License-MIT-green.svg)][source-license]
29
- [![Documentation](http://inch-ci.org/github/oauth-xx/oauth2.png)][inch-ci]
30
-
31
- [gem]: https://rubygems.org/gems/oauth2
32
- [travis]: http://travis-ci.org/oauth-xx/oauth2
33
- [coveralls]: https://coveralls.io/r/oauth-xx/oauth2
34
- [codeclimate-maintainability]: https://codeclimate.com/github/oauth-xx/oauth2/maintainability
35
- [codeclimate-coverage]: https://codeclimate.com/github/oauth-xx/oauth2/test_coverage
36
- [depfu]: https://depfu.com/github/oauth-xx/oauth2
37
- [source-license]: https://opensource.org/licenses/MIT
38
- [inch-ci]: http://inch-ci.org/github/oauth-xx/oauth2
39
- [code-triage]: https://www.codetriage.com/oauth-xx/oauth2
40
- [fossa1]: https://app.fossa.io/projects/git%2Bgithub.com%2Foauth-xx%2Foauth2?ref=badge_shield
41
-
42
- A Ruby wrapper for the [OAuth 2.0 specification][oauth2-spec].
43
-
44
- [oauth2-spec]: https://oauth.net/2/
45
198
 
46
199
  ## Installation
47
200
 
48
- Add this line to your application's Gemfile:
201
+ ```shell
202
+ gem install oauth2
203
+ ```
204
+
205
+ Or inside a `Gemfile`
49
206
 
50
207
  ```ruby
51
208
  gem 'oauth2'
52
209
  ```
210
+ And then execute in a shell:
211
+ ```shell
212
+ bundle
213
+ ```
53
214
 
54
- And then execute:
55
215
 
56
- $ bundle
216
+ ## Compatibility
57
217
 
58
- Or install it yourself as:
218
+ Targeted ruby compatibility is non-EOL versions of Ruby, currently 2.7, 3.0 and
219
+ 3.1. Compatibility is further distinguished by supported and unsupported versions of Ruby.
220
+ Ruby is limited to 1.9+ in the gemspec for the 1.4.x series and will be 2.2+ for 2.x releases (see `master` branch).
59
221
 
60
- $ gem install oauth2
222
+ <details>
223
+ <summary>Ruby Engine Compatibility Policy</summary>
61
224
 
62
- ## Resources
225
+ This gem is tested against MRI, JRuby, and Truffleruby.
226
+ Each of those has varying versions that target a specific version of MRI Ruby.
227
+ This gem should work in the just-listed Ruby engines according to the targeted MRI compatibility in the table below.
228
+ If you would like to add support for additional engines,
229
+ first make sure Github Actions supports the engine,
230
+ then submit a PR to the correct maintenance branch as according to the table below.
231
+ </details>
63
232
 
64
- * [View Source on GitHub][code]
65
- * [Report Issues on GitHub][issues]
66
- * [Read More at the Wiki][wiki]
233
+ <details>
234
+ <summary>Ruby Version Compatibility Policy</summary>
67
235
 
68
- [code]: https://github.com/oauth-xx/oauth2
69
- [issues]: https://github.com/oauth-xx/oauth2/issues
70
- [wiki]: https://wiki.github.com/oauth-xx/oauth2
236
+ If something doesn't work on one of these interpreters, it's a bug.
237
+
238
+ This library may inadvertently work (or seem to work) on other Ruby
239
+ implementations, however support will only be provided for the versions listed
240
+ above.
241
+
242
+ If you would like this library to support another Ruby version, you may
243
+ volunteer to be a maintainer. Being a maintainer entails making sure all tests
244
+ run and pass on that implementation. When something breaks on your
245
+ implementation, you will be responsible for providing patches in a timely
246
+ fashion. If critical issues for a particular implementation exist at the time
247
+ of a major release, support for that Ruby version may be dropped.
248
+ </details>
249
+
250
+ | | Ruby OAuth 2 Version | Maintenance Branch | Supported Officially | Supported Unofficially | Supported Incidentally |
251
+ |:----|----------------------|--------------------|-------------------------|------------------------|------------------------|
252
+ | 1️⃣ | 2.0.x (unreleased) | `master` | 2.7, 3.0, 3.1 | 2.6, 2.5 | 2.4, 2.3, 2.2 |
253
+ | 2️⃣ | 1.4.x | `1-4-stable` | 2.5, 2.6, 2.7, 3.0, 3.1 | 2.1, 2.2, 2.3, 2.4 | 2.0, 1.9 |
254
+ | 3️⃣ | older | N/A | Best of luck to you! | Please upgrade! | |
255
+
256
+ NOTE: Once 2.0 is released, the 1.4 series will only receive critical bug and security updates.
257
+ See [SECURITY.md][🚎sec-pol]
71
258
 
72
259
  ## Usage Examples
73
260
 
@@ -83,13 +270,38 @@ response = token.get('/api/resource', :params => {'query_foo' => 'bar'})
83
270
  response.class.name
84
271
  # => OAuth2::Response
85
272
  ```
273
+
274
+ <details>
275
+ <summary>Debugging</summary>
276
+
277
+ Set an environment variable, however you would [normally do that](https://github.com/bkeepers/dotenv).
278
+
279
+ ```ruby
280
+ # will log both request and response, including bodies
281
+ ENV['OAUTH_DEBUG'] = 'true'
282
+ ```
283
+
284
+ By default, debug output will go to `$stdout`. This can be overridden when
285
+ initializing your OAuth2::Client.
286
+
287
+ ```ruby
288
+ require 'oauth2'
289
+ client = OAuth2::Client.new(
290
+ 'client_id',
291
+ 'client_secret',
292
+ :site => 'https://example.org',
293
+ :logger => Logger.new('example.log', 'weekly')
294
+ )
295
+ ```
296
+ </details>
297
+
86
298
  ## OAuth2::Response
87
299
 
88
- The AccessToken methods #get, #post, #put and #delete and the generic #request
300
+ The `AccessToken` methods `#get`, `#post`, `#put` and `#delete` and the generic `#request`
89
301
  will return an instance of the #OAuth2::Response class.
90
302
 
91
- This instance contains a #parsed method that will parse the response body and
92
- return a Hash if the Content-Type is application/x-www-form-urlencoded or if
303
+ This instance contains a `#parsed` method that will parse the response body and
304
+ return a Hash if the `Content-Type` is `application/x-www-form-urlencoded` or if
93
305
  the body is a JSON object. It will return an Array if the body is a JSON
94
306
  array. Otherwise, it will return the original body string.
95
307
 
@@ -99,27 +311,27 @@ respective methods.
99
311
  ## OAuth2::AccessToken
100
312
 
101
313
  If you have an existing Access Token for a user, you can initialize an instance
102
- using various class methods including the standard new, from_hash (if you have
103
- a hash of the values), or from_kvform (if you have an
104
- application/x-www-form-urlencoded encoded string of the values).
314
+ using various class methods including the standard new, `from_hash` (if you have
315
+ a hash of the values), or `from_kvform` (if you have an
316
+ `application/x-www-form-urlencoded` encoded string of the values).
105
317
 
106
318
  ## OAuth2::Error
107
319
 
108
- On 400+ status code responses, an OAuth2::Error will be raised. If it is a
109
- standard OAuth2 error response, the body will be parsed and #code and #description will contain the values provided from the error and
110
- error_description parameters. The #response property of OAuth2::Error will
111
- always contain the OAuth2::Response instance.
320
+ On 400+ status code responses, an `OAuth2::Error` will be raised. If it is a
321
+ standard OAuth2 error response, the body will be parsed and `#code` and `#description` will contain the values provided from the error and
322
+ `error_description` parameters. The `#response` property of `OAuth2::Error` will
323
+ always contain the `OAuth2::Response` instance.
112
324
 
113
- If you do not want an error to be raised, you may use :raise_errors => false
114
- option on initialization of the client. In this case the OAuth2::Response
325
+ If you do not want an error to be raised, you may use `:raise_errors => false`
326
+ option on initialization of the client. In this case the `OAuth2::Response`
115
327
  instance will be returned as usual and on 400+ status code responses, the
116
- Response instance will contain the OAuth2::Error instance.
328
+ Response instance will contain the `OAuth2::Error` instance.
117
329
 
118
330
  ## Authorization Grants
119
331
 
120
332
  Currently the Authorization Code, Implicit, Resource Owner Password Credentials, Client Credentials, and Assertion
121
333
  authentication grant types have helper strategy classes that simplify client
122
- use. They are available via the #auth_code, #implicit, #password, #client_credentials, and #assertion methods respectively.
334
+ use. They are available via the `#auth_code`, `#implicit`, `#password`, `#client_credentials`, and `#assertion` methods respectively.
123
335
 
124
336
  ```ruby
125
337
  auth_url = client.auth_code.authorize_url(:redirect_uri => 'http://localhost:8080/oauth/callback')
@@ -143,56 +355,9 @@ request, add a 'headers' hash under 'params':
143
355
  token = client.auth_code.get_token('code_value', :redirect_uri => 'http://localhost:8080/oauth/callback', :headers => {'Some' => 'Header'})
144
356
  ```
145
357
 
146
- You can always use the #request method on the OAuth2::Client instance to make
358
+ You can always use the `#request` method on the `OAuth2::Client` instance to make
147
359
  requests for tokens for any Authentication grant type.
148
360
 
149
- ## Supported Ruby Versions
150
-
151
- This library aims to support and is [tested against][travis] the following Ruby
152
- implementations:
153
-
154
- ### Rubies with support ending at Oauth2 1.x
155
-
156
- * Ruby 1.9.3
157
- - [JRuby 1.7][jruby-1.7] (targets MRI v1.9)
158
-
159
- * Ruby 2.0.0
160
- - [JRuby 9.0][jruby-9.0] (targets MRI v2.0)
161
- * Ruby 2.1
162
-
163
- ---
164
-
165
- ### Rubies with continued support past Oauth2 2.x
166
-
167
- * Ruby 2.2 - Support ends with version 2.x series
168
- * Ruby 2.3 - Support ends with version 3.x series
169
- - [JRuby 9.1][jruby-9.1] (targets MRI v2.3)
170
- * Ruby 2.4 - Support ends with version 4.x series
171
- * Ruby 2.5 - Support ends with version 5.x series
172
- - [JRuby 9.2][jruby-9.2] (targets MRI v2.5)
173
- - [truffleruby][truffleruby] (targets MRI 2.5)
174
- * Ruby 2.6 - Support ends with version 6.x series
175
- * Ruby 2.7 - Support ends with version 7.x series
176
-
177
- [jruby-1.7]: https://www.jruby.org/2017/05/11/jruby-1-7-27.html
178
- [jruby-9.0]: https://www.jruby.org/2016/01/26/jruby-9-0-5-0.html
179
- [jruby-9.1]: https://www.jruby.org/2017/05/16/jruby-9-1-9-0.html
180
- [jruby-9.2]: https://www.jruby.org/2018/05/24/jruby-9-2-0-0.html
181
- [truffleruby]: https://github.com/oracle/truffleruby
182
-
183
- If something doesn't work on one of these interpreters, it's a bug.
184
-
185
- This library may inadvertently work (or seem to work) on other Ruby
186
- implementations, however support will only be provided for the versions listed
187
- above.
188
-
189
- If you would like this library to support another Ruby version, you may
190
- volunteer to be a maintainer. Being a maintainer entails making sure all tests
191
- run and pass on that implementation. When something breaks on your
192
- implementation, you will be responsible for providing patches in a timely
193
- fashion. If critical issues for a particular implementation exist at the time
194
- of a major release, support for that Ruby version may be dropped.
195
-
196
361
  ## Versioning
197
362
 
198
363
  This library aims to adhere to [Semantic Versioning 2.0.0][semver].
@@ -216,21 +381,21 @@ spec.add_dependency 'oauth2', '~> 1.4'
216
381
 
217
382
  ## License
218
383
 
219
- [![License: MIT](https://img.shields.io/badge/License-MIT-green.svg)][source-license]
384
+ [![License: MIT][🖇src-license-img]][🖇src-license]
220
385
 
221
386
  - Copyright (c) 2011-2013 Michael Bleigh and Intridea, Inc.
222
- - Copyright (c) 2017-2018 [oauth-xx organization][oauth-xx]
387
+ - Copyright (c) 2017-2022 [oauth-xx organization][oauth-xx]
223
388
  - See [LICENSE][license] for details.
224
389
 
225
390
  [![FOSSA Status](https://app.fossa.io/api/projects/git%2Bgithub.com%2Foauth-xx%2Foauth2.svg?type=large)][fossa2]
226
391
 
227
- [license]: LICENSE
392
+ [license]: https://github.com/oauth-xx/oauth2/blob/master/LICENSE
228
393
  [oauth-xx]: https://github.com/oauth-xx
229
394
  [fossa2]: https://app.fossa.io/projects/git%2Bgithub.com%2Foauth-xx%2Foauth2?ref=badge_large
230
395
 
231
396
  ## Development
232
397
 
233
- After checking out the repo, run `bundle install` to install dependencies. Then, run `rake spec` to run the tests.
398
+ After checking out the repo, run `bundle install` to install dependencies. Then, run `bundle excec rake spec` to run the tests.
234
399
 
235
400
  To install this gem onto your local machine, run `bundle exec rake install`. To release a new version, update the version number in `version.rb`, and then run `bundle exec rake release`, which will create a git tag for the version, push git commits and tags, and push the `.gem` file to [rubygems.org](https://rubygems.org).
236
401
 
@@ -1,3 +1,5 @@
1
+ # frozen_string_literal: true
2
+
1
3
  module OAuth2
2
4
  class AccessToken
3
5
  attr_reader :client, :token, :expires_in, :expires_at, :params
@@ -38,7 +40,7 @@ module OAuth2
38
40
  # @option opts [String] :header_format ('Bearer %s') the string format to use for the Authorization header
39
41
  # @option opts [String] :param_name ('access_token') the parameter name to use for transmission of the
40
42
  # Access Token value in :body or :query transmission mode
41
- def initialize(client, token, opts = {}) # rubocop:disable Metrics/AbcSize
43
+ def initialize(client, token, opts = {})
42
44
  @client = client
43
45
  @token = token.to_s
44
46
  opts = opts.dup
@@ -151,7 +153,7 @@ module OAuth2
151
153
 
152
154
  private
153
155
 
154
- def configure_authentication!(opts) # rubocop:disable Metrics/AbcSize
156
+ def configure_authentication!(opts)
155
157
  case options[:mode]
156
158
  when :header
157
159
  opts[:headers] ||= {}
@@ -173,11 +175,9 @@ module OAuth2
173
175
  end
174
176
 
175
177
  def convert_expires_at(expires_at)
176
- expires_at_i = expires_at.to_i
177
- return expires_at_i if expires_at_i > Time.now.utc.to_i
178
- return Time.parse(expires_at).to_i if expires_at.is_a?(String)
179
-
180
- expires_at_i
178
+ Time.iso8601(expires_at.to_s).to_i
179
+ rescue ArgumentError
180
+ expires_at.to_i
181
181
  end
182
182
  end
183
183
  end
@@ -1,3 +1,5 @@
1
+ # frozen_string_literal: true
2
+
1
3
  require 'base64'
2
4
 
3
5
  module OAuth2
@@ -60,7 +62,7 @@ module OAuth2
60
62
  params.merge(:headers => headers)
61
63
  end
62
64
 
63
- # @see https://tools.ietf.org/html/rfc2617#section-2
65
+ # @see https://datatracker.ietf.org/doc/html/rfc2617#section-2
64
66
  def basic_auth_header
65
67
  {'Authorization' => self.class.encode_basic_auth(id, secret)}
66
68
  end