oauth2 1.4.5 → 1.4.9
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +37 -1
- data/LICENSE +1 -1
- data/README.md +276 -111
- data/lib/oauth2/access_token.rb +7 -7
- data/lib/oauth2/authenticator.rb +3 -1
- data/lib/oauth2/client.rb +105 -70
- data/lib/oauth2/error.rb +3 -1
- data/lib/oauth2/mac_token.rb +18 -18
- data/lib/oauth2/response.rb +2 -0
- data/lib/oauth2/strategy/assertion.rb +3 -1
- data/lib/oauth2/strategy/auth_code.rb +3 -1
- data/lib/oauth2/strategy/base.rb +2 -0
- data/lib/oauth2/strategy/client_credentials.rb +3 -1
- data/lib/oauth2/strategy/implicit.rb +3 -1
- data/lib/oauth2/strategy/password.rb +3 -1
- data/lib/oauth2/version.rb +8 -3
- data/lib/oauth2.rb +2 -0
- data/spec/fixtures/README.md +11 -0
- data/spec/fixtures/RS256/jwtRS256.key +51 -0
- data/spec/fixtures/RS256/jwtRS256.key.pub +14 -0
- data/spec/helper.rb +33 -0
- data/spec/oauth2/access_token_spec.rb +218 -0
- data/spec/oauth2/authenticator_spec.rb +86 -0
- data/spec/oauth2/client_spec.rb +556 -0
- data/spec/oauth2/mac_token_spec.rb +122 -0
- data/spec/oauth2/response_spec.rb +96 -0
- data/spec/oauth2/strategy/assertion_spec.rb +113 -0
- data/spec/oauth2/strategy/auth_code_spec.rb +108 -0
- data/spec/oauth2/strategy/base_spec.rb +7 -0
- data/spec/oauth2/strategy/client_credentials_spec.rb +71 -0
- data/spec/oauth2/strategy/implicit_spec.rb +28 -0
- data/spec/oauth2/strategy/password_spec.rb +58 -0
- data/spec/oauth2/version_spec.rb +23 -0
- metadata +49 -90
- data/.document +0 -5
- data/.github/dependabot.yml +0 -8
- data/.github/workflows/style.yml +0 -37
- data/.github/workflows/test.yml +0 -58
- data/.gitignore +0 -19
- data/.jrubyrc +0 -1
- data/.rspec +0 -4
- data/.rubocop.yml +0 -112
- data/.rubocop_rspec.yml +0 -26
- data/.rubocop_todo.yml +0 -113
- data/.ruby-version +0 -1
- data/.travis.yml +0 -75
- data/CONTRIBUTING.md +0 -18
- data/Gemfile +0 -61
- data/Rakefile +0 -45
- data/gemfiles/jruby_1.7.gemfile +0 -11
- data/gemfiles/jruby_9.0.gemfile +0 -7
- data/gemfiles/jruby_9.1.gemfile +0 -3
- data/gemfiles/jruby_9.2.gemfile +0 -3
- data/gemfiles/jruby_head.gemfile +0 -3
- data/gemfiles/ruby_1.9.gemfile +0 -11
- data/gemfiles/ruby_2.0.gemfile +0 -6
- data/gemfiles/ruby_head.gemfile +0 -9
- data/gemfiles/truffleruby.gemfile +0 -3
- data/maintenance-branch +0 -1
- data/oauth2.gemspec +0 -52
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: ecc51b3695e669f4853934aa43c64de29380877340685e35e44ccc1be8957226
|
4
|
+
data.tar.gz: aa8e0e388084a5374743b1fc7122fd85729f41876fdbe9d679a441813cb3e10c
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 06c89fbcf461bc08dce02c484b7fef1284d31bed026c606bf966fe85ca351451063763e9c580e9f716bd7a811e0dd8d2f0b3572df5190724dcaf0c539fd9d4aa
|
7
|
+
data.tar.gz: cf59ec61aa6d7e7c595ff2b5ea73a24441364300ba846efb52508907568ed5aa62619b69dec6428bbfbd341540a4d802709b03703e431fc83ed1de9634d10523
|
data/CHANGELOG.md
CHANGED
@@ -3,10 +3,41 @@ All notable changes to this project will be documented in this file.
|
|
3
3
|
|
4
4
|
## unreleased
|
5
5
|
|
6
|
-
## [1.4.
|
6
|
+
## [1.4.9] - 2022-02-20
|
7
|
+
|
8
|
+
- Fixes compatibility with Faraday v2 [572](https://github.com/oauth-xx/oauth2/issues/572)
|
9
|
+
- Includes supported versions of Faraday in test matrix:
|
10
|
+
- Faraday ~> 2.2.0 with Ruby >= 2.6
|
11
|
+
- Faraday ~> 1.10 with Ruby >= 2.4
|
12
|
+
- Faraday ~> 0.17.3 with Ruby >= 1.9
|
13
|
+
- Add Windows and MacOS to test matrix
|
14
|
+
|
15
|
+
## [1.4.8] - 2022-02-18
|
16
|
+
|
17
|
+
- MFA is now required to push new gem versions (@pboling)
|
18
|
+
- README overhaul w/ new Ruby Verion and Engine compatibility policies (@pboling)
|
19
|
+
- [#569](https://github.com/oauth-xx/oauth2/pull/569) Backport fixes ([#561](https://github.com/oauth-xx/oauth2/pull/561) by @ryogift), and add more fixes, to allow faraday 1.x and 2.x (@jrochkind)
|
20
|
+
- Improve Code Coverage tracking (Coveralls, CodeCov, CodeClimate), and enable branch coverage (@pboling)
|
21
|
+
- Add CodeQL, Security Policy, Funding info (@pboling)
|
22
|
+
- Added Ruby 3.1, jruby, jruby-head, truffleruby, truffleruby-head to build matrix (@pboling)
|
23
|
+
- [#543](https://github.com/oauth-xx/oauth2/pull/543) - Support for more modern Open SSL libraries (@pboling)
|
24
|
+
|
25
|
+
## [1.4.7] - 2021-03-19
|
26
|
+
|
27
|
+
- [#541](https://github.com/oauth-xx/oauth2/pull/541) - Backport fix to expires_at handling [#533](https://github.com/oauth-xx/oauth2/pull/533) to 1-4-stable branch. (@dobon)
|
28
|
+
|
29
|
+
## [1.4.6] - 2021-03-19
|
30
|
+
|
31
|
+
- [#540](https://github.com/oauth-xx/oauth2/pull/540) - Add VERSION constant (@pboling)
|
32
|
+
- [#537](https://github.com/oauth-xx/oauth2/pull/537) - Fix crash in OAuth2::Client#get_token (@anderscarling)
|
33
|
+
- [#538](https://github.com/oauth-xx/oauth2/pull/538) - Remove reliance on globally included OAuth2 in tests for version 1.4 (@anderscarling)
|
34
|
+
|
35
|
+
## [1.4.5] - 2021-03-18
|
7
36
|
|
8
37
|
- [#535](https://github.com/oauth-xx/oauth2/pull/535) - Compatibility with range of supported Ruby OpenSSL versions, Rubocop updates, Github Actions (@pboling)
|
9
38
|
- [#518](https://github.com/oauth-xx/oauth2/pull/518) - Add extract_access_token option to OAuth2::Client (@jonspalmer)
|
39
|
+
- [#507](https://github.com/oauth-xx/oauth2/pull/507) - Fix camel case content type, response keys (@anvox)
|
40
|
+
- [#500](https://github.com/oauth-xx/oauth2/pull/500) - Fix YARD documentation formatting (@olleolleolle)
|
10
41
|
|
11
42
|
## [1.4.4] - 2020-02-12
|
12
43
|
|
@@ -157,4 +188,9 @@ All notable changes to this project will be documented in this file.
|
|
157
188
|
[1.4.1]: https://github.com/oauth-xx/oauth2/compare/v1.4.0...v1.4.1
|
158
189
|
[1.4.2]: https://github.com/oauth-xx/oauth2/compare/v1.4.1...v1.4.2
|
159
190
|
[1.4.3]: https://github.com/oauth-xx/oauth2/compare/v1.4.2...v1.4.3
|
191
|
+
[1.4.4]: https://github.com/oauth-xx/oauth2/compare/v1.4.3...v1.4.4
|
192
|
+
[1.4.5]: https://github.com/oauth-xx/oauth2/compare/v1.4.4...v1.4.5
|
193
|
+
[1.4.6]: https://github.com/oauth-xx/oauth2/compare/v1.4.5...v1.4.6
|
194
|
+
[1.4.7]: https://github.com/oauth-xx/oauth2/compare/v1.4.6...v1.4.7
|
195
|
+
[1.4.8]: https://github.com/oauth-xx/oauth2/compare/v1.4.7...v1.4.8
|
160
196
|
[unreleased]: https://github.com/oauth-xx/oauth2/compare/v1.4.1...HEAD
|
data/LICENSE
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
MIT License
|
2
2
|
|
3
3
|
Copyright (c) 2011 - 2013 Michael Bleigh and Intridea, Inc.
|
4
|
-
Copyright (c) 2017 -
|
4
|
+
Copyright (c) 2017 - 2022 oauth-xx organization, https://github.com/oauth-xx
|
5
5
|
|
6
6
|
Permission is hereby granted, free of charge, to any person obtaining a copy
|
7
7
|
of this software and associated documentation files (the "Software"), to deal
|
data/README.md
CHANGED
@@ -1,73 +1,260 @@
|
|
1
|
-
|
1
|
+
<p align="center">
|
2
|
+
<a href="http://oauth.net/2/" target="_blank" rel="noopener noreferrer">
|
3
|
+
<img src="https://github.com/oauth-xx/oauth2/raw/master/docs/images/logo/oauth2-logo-124px.png?raw=true" alt="OAuth 2.0 Logo by Chris Messina, CC BY-SA 3.0">
|
4
|
+
</a>
|
5
|
+
<a href="https://www.ruby-lang.org/" target="_blank" rel="noopener noreferrer">
|
6
|
+
<img width="124px" src="https://github.com/oauth-xx/oauth2/raw/master/docs/images/logo/ruby-logo-198px.svg?raw=true" alt="Yukihiro Matsumoto, Ruby Visual Identity Team, CC BY-SA 2.5">
|
7
|
+
</a>
|
8
|
+
</p>
|
9
|
+
|
10
|
+
## What
|
11
|
+
|
12
|
+
OAuth 2.0 is the industry-standard protocol for authorization.
|
13
|
+
OAuth 2.0 focuses on client developer simplicity while providing specific authorization flows for web applications,
|
14
|
+
desktop applications, mobile phones, and living room devices.
|
15
|
+
This is a RubyGem for implementing OAuth 2.0 clients and servers in Ruby applications.
|
16
|
+
See the sibling `oauth` gem for OAuth 1.0 implementations in Ruby.
|
17
|
+
|
18
|
+
⚠️ **_WARNING_**: You are viewing the `README` of the soon-to-be-deprecated `1-4-stable`
|
19
|
+
branch which for version 1.4.x releases. Version 2.0 is coming! ⚠️
|
2
20
|
|
3
|
-
|
21
|
+
---
|
22
|
+
|
23
|
+
* [OAuth 2.0 Spec][oauth2-spec]
|
24
|
+
* [OAuth 1.0 sibling gem][sibling-gem]
|
25
|
+
* Help us finish release [![2.0.0 release milestone][next-milestone-pct-img]][next-milestone-pct] by submitting or reviewing PRs and issues.
|
26
|
+
* Oauth2 gem is _always_ looking for additional maintainers. See [#307][maintainers-discussion].
|
27
|
+
|
28
|
+
[oauth2-spec]: https://oauth.net/2/
|
29
|
+
[sibling-gem]: https://github.com/oauth-xx/oauth-ruby
|
30
|
+
[next-milestone-pct]: https://github.com/oauth-xx/oauth2/milestone/1
|
31
|
+
[next-milestone-pct-img]: https://img.shields.io/github/milestones/progress-percent/oauth-xx/oauth2/1
|
32
|
+
[maintainers-discussion]: https://github.com/oauth-xx/oauth2/issues/307
|
33
|
+
|
34
|
+
## Release Documentation
|
35
|
+
|
36
|
+
<details>
|
37
|
+
<summary>1.4.x Readmes</summary>
|
38
|
+
|
39
|
+
| Version | Release Date | Readme |
|
40
|
+
|---------|--------------|----------------------------------------------------------|
|
41
|
+
| 1.4.8 | Feb 18, 2022 | https://github.com/oauth-xx/oauth2/blob/v1.4.8/README.md |
|
42
|
+
| 1.4.7 | Mar 19, 2021 | https://github.com/oauth-xx/oauth2/blob/v1.4.7/README.md |
|
43
|
+
| 1.4.6 | Mar 19, 2021 | https://github.com/oauth-xx/oauth2/blob/v1.4.6/README.md |
|
44
|
+
| 1.4.5 | Mar 18, 2021 | https://github.com/oauth-xx/oauth2/blob/v1.4.5/README.md |
|
45
|
+
| 1.4.4 | Feb 12, 2020 | https://github.com/oauth-xx/oauth2/blob/v1.4.4/README.md |
|
46
|
+
| 1.4.3 | Jan 29, 2020 | https://github.com/oauth-xx/oauth2/blob/v1.4.3/README.md |
|
47
|
+
| 1.4.2 | Oct 1, 2019 | https://github.com/oauth-xx/oauth2/blob/v1.4.2/README.md |
|
48
|
+
| 1.4.1 | Oct 13, 2018 | https://github.com/oauth-xx/oauth2/blob/v1.4.1/README.md |
|
49
|
+
| 1.4.0 | Jun 9, 2017 | https://github.com/oauth-xx/oauth2/blob/v1.4.0/README.md |
|
50
|
+
</details>
|
51
|
+
|
52
|
+
<details>
|
53
|
+
<summary>1.3.x Readmes</summary>
|
4
54
|
|
5
55
|
| Version | Release Date | Readme |
|
6
56
|
|----------|--------------|----------------------------------------------------------|
|
7
|
-
| 1.4.4 | Feb 12, 2020 | https://github.com/oauth-xx/oauth2/blob/v1.4.4/README.md |
|
8
|
-
| 1.4.3 | Jan 29, 2020 | https://github.com/oauth-xx/oauth2/blob/v1.4.3/README.md |
|
9
|
-
| 1.4.2 | Oct 1, 2019 | https://github.com/oauth-xx/oauth2/blob/v1.4.2/README.md |
|
10
|
-
| 1.4.1 | Oct 13, 2018 | https://github.com/oauth-xx/oauth2/blob/v1.4.1/README.md |
|
11
|
-
| 1.4.0 | Jun 9, 2017 | https://github.com/oauth-xx/oauth2/blob/v1.4.0/README.md |
|
12
57
|
| 1.3.1 | Mar 3, 2017 | https://github.com/oauth-xx/oauth2/blob/v1.3.1/README.md |
|
13
58
|
| 1.3.0 | Dec 27, 2016 | https://github.com/oauth-xx/oauth2/blob/v1.3.0/README.md |
|
59
|
+
</details>
|
60
|
+
|
61
|
+
<details>
|
62
|
+
<summary>≤= 1.2.x Readmes (2016 and before)</summary>
|
63
|
+
|
64
|
+
| Version | Release Date | Readme |
|
65
|
+
|----------|--------------|----------------------------------------------------------|
|
14
66
|
| 1.2.0 | Jun 30, 2016 | https://github.com/oauth-xx/oauth2/blob/v1.2.0/README.md |
|
15
67
|
| 1.1.0 | Jan 30, 2016 | https://github.com/oauth-xx/oauth2/blob/v1.1.0/README.md |
|
16
68
|
| 1.0.0 | May 23, 2014 | https://github.com/oauth-xx/oauth2/blob/v1.0.0/README.md |
|
17
69
|
| < 1.0.0 | Find here | https://github.com/oauth-xx/oauth2/tags |
|
70
|
+
</details>
|
71
|
+
|
72
|
+
<!--
|
73
|
+
Numbering rows and badges in each row as a visual "database" lookup,
|
74
|
+
as the table is extremely dense, and it can be very difficult to find anything
|
75
|
+
Putting one on each row here, to document the emoji that should be used, and for ease of copy/paste.
|
76
|
+
|
77
|
+
row #s:
|
78
|
+
1️⃣
|
79
|
+
2️⃣
|
80
|
+
3️⃣
|
81
|
+
4️⃣
|
82
|
+
5️⃣
|
83
|
+
6️⃣
|
84
|
+
7️⃣
|
85
|
+
|
86
|
+
badge #s:
|
87
|
+
⛳️
|
88
|
+
🖇
|
89
|
+
🏘
|
90
|
+
🚎
|
91
|
+
🖐
|
92
|
+
🧮
|
93
|
+
📗
|
94
|
+
-->
|
95
|
+
|
96
|
+
| | Project | oauth2 |
|
97
|
+
|:----|-----------------------|---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
|
98
|
+
| 1️⃣ | name, license, docs | [![RubyGems.org][⛳️name-img]][⛳️gem] [![License: MIT][🖇src-license-img]][🖇src-license] [![FOSSA][🏘fossa-img]][🏘fossa] [![RubyDoc.info][🚎yard-img]][🚎yard] [![InchCI][🖐inch-ci-img]][🚎yard] |
|
99
|
+
| 2️⃣ | version & activity | [![Gem Version][⛳️version-img]][⛳️gem] [![Total Downloads][🖇DL-total-img]][⛳️gem] [![Download Rank][🏘DL-rank-img]][⛳️gem] [![Source Code][🚎src-home-img]][🚎src-home] [![Open PRs][🖐prs-open-img]][🖐prs-open] [![Closed PRs][🧮prs-closed-img]][🧮prs-closed] |
|
100
|
+
| 3️⃣ | maintanence & linting | [![Maintainability][⛳cclim-maint-img]][⛳cclim-maint] [![Helpers][🖇triage-help-img]][🖇triage-help] [![Depfu][🏘depfu-img]][🏘depfu] [![Contributors][🚎contributors-img]][🚎contributors] [![Style][🖐style-wf-img]][🖐style-wf] [![Kloc Roll][🧮kloc-img]][🧮kloc] |
|
101
|
+
| 4️⃣ | testing | [![Build][⛳️tot-bld-img]][⛳️tot-bld] [![supported][🖇supported-wf-img]][🖇supported-wf] [![EOL & Code Coverage Build][🏘eol-wf-img]][🏘eol-wf] [![unsupported][🚎unsupported-wf-img]][🚎unsupported-wf] |
|
102
|
+
| 5️⃣ | coverage & security | [![CodeClimate][⛳cclim-cov-img]][⛳cclim-cov] [![CodeCov][🖇codecov-img]][🖇codecov] [![Coveralls][🏘coveralls-img]][🏘coveralls] [![Security Policy][🚎sec-pol-img]][🚎sec-pol] [![CodeQL][🖐codeQL-img]][🖐codeQL] |
|
103
|
+
| 6️⃣ | resources | [![Discussion][⛳gh-discussions-img]][⛳gh-discussions] [![Get help on Codementor][🖇codementor-img]][🖇codementor] [![Chat][🏘chat-img]][🏘chat] [![Blog][🚎blog-img]][🚎blog] [![Blog][🖐wiki-img]][🖐wiki] |
|
104
|
+
| 7️⃣ | spread 💖 | [![Liberapay Patrons][⛳liberapay-img]][⛳liberapay] [![Sponsor Me][🖇sponsor-img]][🖇sponsor] [![Tweet @ Peter][🏘tweet-img]][🏘tweet] [🌏][aboutme] [👼][angelme] [💻][coderme] [🌹][politicme] |
|
105
|
+
|
106
|
+
<!--
|
107
|
+
The link tokens in the following sections should be kept ordered by the row and badge numbering scheme
|
108
|
+
-->
|
109
|
+
|
110
|
+
<!-- 1️⃣ name, license, docs -->
|
111
|
+
[⛳️gem]: https://rubygems.org/gems/oauth2
|
112
|
+
[⛳️name-img]: https://img.shields.io/badge/name-oauth2-brightgreen.svg?style=flat
|
113
|
+
[🖇src-license]: https://opensource.org/licenses/MIT
|
114
|
+
[🖇src-license-img]: https://img.shields.io/badge/License-MIT-green.svg
|
115
|
+
[🏘fossa]: https://app.fossa.io/projects/git%2Bgithub.com%2Foauth-xx%2Foauth2?ref=badge_shield
|
116
|
+
[🏘fossa-img]: https://app.fossa.io/api/projects/git%2Bgithub.com%2Foauth-xx%2Foauth2.svg?type=shield
|
117
|
+
[🚎yard]: https://www.rubydoc.info/github/oauth-xx/oauth2
|
118
|
+
[🚎yard-img]: https://img.shields.io/badge/documentation-rubydoc-brightgreen.svg?style=flat
|
119
|
+
[🖐inch-ci-img]: http://inch-ci.org/github/oauth-xx/oauth2.png
|
120
|
+
|
121
|
+
<!-- 2️⃣ version & activity -->
|
122
|
+
[⛳️version-img]: http://img.shields.io/gem/v/oauth2.svg
|
123
|
+
[🖇DL-total-img]: https://img.shields.io/gem/dt/oauth2.svg
|
124
|
+
[🏘DL-rank-img]: https://img.shields.io/gem/rt/oauth2.svg
|
125
|
+
[🚎src-home]: https://github.com/oauth-xx/oauth2
|
126
|
+
[🚎src-home-img]: https://img.shields.io/badge/source-github-brightgreen.svg?style=flat
|
127
|
+
[🖐prs-open]: https://github.com/oauth-xx/oauth2/pulls
|
128
|
+
[🖐prs-open-img]: https://img.shields.io/github/issues-pr/oauth-xx/oauth2
|
129
|
+
[🧮prs-closed]: https://github.com/oauth-xx/oauth2/pulls?q=is%3Apr+is%3Aclosed
|
130
|
+
[🧮prs-closed-img]: https://img.shields.io/github/issues-pr-closed/oauth-xx/oauth2
|
131
|
+
|
132
|
+
<!-- 3️⃣ maintanence & linting -->
|
133
|
+
[⛳cclim-maint]: https://codeclimate.com/github/oauth-xx/oauth2/maintainability
|
134
|
+
[⛳cclim-maint-img]: https://api.codeclimate.com/v1/badges/688c612528ff90a46955/maintainability
|
135
|
+
[🖇triage-help]: https://www.codetriage.com/oauth-xx/oauth2
|
136
|
+
[🖇triage-help-img]: https://www.codetriage.com/oauth-xx/oauth2/badges/users.svg
|
137
|
+
[🏘depfu]: https://depfu.com/github/oauth-xx/oauth2?project_id=4445
|
138
|
+
[🏘depfu-img]: https://badges.depfu.com/badges/6d34dc1ba682bbdf9ae2a97848241743/count.svg
|
139
|
+
[🚎contributors]: https://github.com/oauth-xx/oauth2/graphs/contributors
|
140
|
+
[🚎contributors-img]: https://img.shields.io/github/contributors-anon/oauth-xx/oauth2
|
141
|
+
[🖐style-wf]: https://github.com/oauth-xx/oauth2/actions/workflows/style.yml
|
142
|
+
[🖐style-wf-img]: https://github.com/oauth-xx/oauth2/actions/workflows/style.yml/badge.svg
|
143
|
+
[🧮kloc]: https://www.youtube.com/watch?v=dQw4w9WgXcQ
|
144
|
+
[🧮kloc-img]: https://img.shields.io/tokei/lines/github.com/oauth-xx/oauth2
|
145
|
+
|
146
|
+
<!-- 4️⃣ testing -->
|
147
|
+
[⛳️tot-bld]: https://actions-badge.atrox.dev/oauth-xx/oauth2/goto
|
148
|
+
[⛳️tot-bld-img]: https://img.shields.io/endpoint.svg?url=https%3A%2F%2Factions-badge.atrox.dev%2Foauth-xx%2Foauth2%2Fbadge&style=flat
|
149
|
+
[🖇supported-wf]: https://github.com/oauth-xx/oauth2/actions/workflows/supported.yml
|
150
|
+
[🖇supported-wf-img]: https://github.com/oauth-xx/oauth2/actions/workflows/supported.yml/badge.svg
|
151
|
+
[🏘eol-wf]: https://github.com/oauth-xx/oauth2/actions/workflows/coverage.yml
|
152
|
+
[🏘eol-wf-img]: https://github.com/oauth-xx/oauth2/actions/workflows/coverage.yml/badge.svg
|
153
|
+
[🚎unsupported-wf]: https://github.com/oauth-xx/oauth2/actions/workflows/unsupported.yml
|
154
|
+
[🚎unsupported-wf-img]: https://github.com/oauth-xx/oauth2/actions/workflows/unsupported.yml/badge.svg
|
155
|
+
[🖐issues]: https://github.com/oauth-xx/oauth2/issues
|
156
|
+
[🖐issues-img]: https://github.com/oauth-xx/oauth2/issues
|
157
|
+
|
158
|
+
<!-- 5️⃣ coverage & security -->
|
159
|
+
[⛳cclim-cov]: https://codeclimate.com/github/oauth-xx/oauth2/test_coverage
|
160
|
+
[⛳cclim-cov-img]: https://api.codeclimate.com/v1/badges/688c612528ff90a46955/test_coverage
|
161
|
+
[🖇codecov-img]: https://codecov.io/gh/oauth-xx/oauth2/branch/1-4-stable/graph/badge.svg?token=bNqSzNiuo2
|
162
|
+
[🖇codecov]: https://codecov.io/gh/oauth-xx/oauth2
|
163
|
+
[🏘coveralls]: https://coveralls.io/github/oauth-xx/oauth2?branch=1-4-stable
|
164
|
+
[🏘coveralls-img]: https://coveralls.io/repos/github/oauth-xx/oauth2/badge.svg?branch=1-4-stable
|
165
|
+
[🚎sec-pol]: https://github.com/oauth-xx/oauth2/blob/master/SECURITY.md
|
166
|
+
[🚎sec-pol-img]: https://img.shields.io/badge/security-policy-brightgreen.svg?style=flat
|
167
|
+
[🖐codeQL]: https://github.com/oauth-xx/oauth2/security/code-scanning
|
168
|
+
[🖐codeQL-img]: https://github.com/oauth-xx/oauth2/actions/workflows/codeql-analysis.yml/badge.svg
|
169
|
+
|
170
|
+
<!-- 6️⃣ resources -->
|
171
|
+
[⛳gh-discussions]: https://github.com/oauth-xx/oauth2/discussions
|
172
|
+
[⛳gh-discussions-img]: https://img.shields.io/github/discussions/oauth-xx/oauth2
|
173
|
+
[🖇codementor]: https://www.codementor.io/peterboling?utm_source=github&utm_medium=button&utm_term=peterboling&utm_campaign=github
|
174
|
+
[🖇codementor-img]: https://cdn.codementor.io/badges/get_help_github.svg
|
175
|
+
[🏘chat]: https://gitter.im/oauth-xx/oauth2
|
176
|
+
[🏘chat-img]: https://img.shields.io/gitter/room/oauth-xx/oauth2.svg
|
177
|
+
[🚎blog]: http://www.railsbling.com/tags/oauth2/
|
178
|
+
[🚎blog-img]: https://img.shields.io/badge/blog-railsbling-brightgreen.svg?style=flat
|
179
|
+
[🖐wiki]: https://github.com/oauth-xx/oauth2/wiki
|
180
|
+
[🖐wiki-img]: https://img.shields.io/badge/wiki-examples-brightgreen.svg?style=flat
|
181
|
+
|
182
|
+
<!-- 7️⃣ spread 💖 -->
|
183
|
+
[⛳liberapay-img]: https://img.shields.io/liberapay/patrons/pboling.svg?logo=liberapay
|
184
|
+
[⛳liberapay]: https://liberapay.com/pboling/donate
|
185
|
+
[🖇sponsor-img]: https://img.shields.io/badge/sponsor-pboling.svg?style=social&logo=github
|
186
|
+
[🖇sponsor]: https://github.com/sponsors/pboling
|
187
|
+
[🏘tweet-img]: https://img.shields.io/twitter/follow/galtzo.svg?style=social&label=Follow
|
188
|
+
[🏘tweet]: http://twitter.com/galtzo
|
189
|
+
|
190
|
+
<!-- Maintainer Contact Links -->
|
191
|
+
[railsbling]: http://www.railsbling.com
|
192
|
+
[peterboling]: http://www.peterboling.com
|
193
|
+
[aboutme]: https://about.me/peter.boling
|
194
|
+
[angelme]: https://angel.co/peter-boling
|
195
|
+
[coderme]:http://coderwall.com/pboling
|
196
|
+
[politicme]: https://nationalprogressiveparty.org
|
18
197
|
|
19
|
-
[![Gem Version](http://img.shields.io/gem/v/oauth2.svg)][gem]
|
20
|
-
[![Total Downloads](https://img.shields.io/gem/dt/oauth2.svg)][gem]
|
21
|
-
[![Downloads Today](https://img.shields.io/gem/rt/oauth2.svg)][gem]
|
22
|
-
[![Build Status](https://travis-ci.org/oauth-xx/oauth2.svg?branch=1-4-stable)][travis]
|
23
|
-
[![Test Coverage](https://api.codeclimate.com/v1/badges/688c612528ff90a46955/test_coverage)][codeclimate-coverage]
|
24
|
-
[![Maintainability](https://api.codeclimate.com/v1/badges/688c612528ff90a46955/maintainability)][codeclimate-maintainability]
|
25
|
-
[![Depfu](https://badges.depfu.com/badges/6d34dc1ba682bbdf9ae2a97848241743/count.svg)][depfu]
|
26
|
-
[![Open Source Helpers](https://www.codetriage.com/oauth-xx/oauth2/badges/users.svg)][code-triage]
|
27
|
-
[![Chat](https://img.shields.io/gitter/room/oauth-xx/oauth2.svg)](https://gitter.im/oauth-xx/oauth2)
|
28
|
-
[![License: MIT](https://img.shields.io/badge/License-MIT-green.svg)][source-license]
|
29
|
-
[![Documentation](http://inch-ci.org/github/oauth-xx/oauth2.png)][inch-ci]
|
30
|
-
|
31
|
-
[gem]: https://rubygems.org/gems/oauth2
|
32
|
-
[travis]: http://travis-ci.org/oauth-xx/oauth2
|
33
|
-
[coveralls]: https://coveralls.io/r/oauth-xx/oauth2
|
34
|
-
[codeclimate-maintainability]: https://codeclimate.com/github/oauth-xx/oauth2/maintainability
|
35
|
-
[codeclimate-coverage]: https://codeclimate.com/github/oauth-xx/oauth2/test_coverage
|
36
|
-
[depfu]: https://depfu.com/github/oauth-xx/oauth2
|
37
|
-
[source-license]: https://opensource.org/licenses/MIT
|
38
|
-
[inch-ci]: http://inch-ci.org/github/oauth-xx/oauth2
|
39
|
-
[code-triage]: https://www.codetriage.com/oauth-xx/oauth2
|
40
|
-
[fossa1]: https://app.fossa.io/projects/git%2Bgithub.com%2Foauth-xx%2Foauth2?ref=badge_shield
|
41
|
-
|
42
|
-
A Ruby wrapper for the [OAuth 2.0 specification][oauth2-spec].
|
43
|
-
|
44
|
-
[oauth2-spec]: https://oauth.net/2/
|
45
198
|
|
46
199
|
## Installation
|
47
200
|
|
48
|
-
|
201
|
+
```shell
|
202
|
+
gem install oauth2
|
203
|
+
```
|
204
|
+
|
205
|
+
Or inside a `Gemfile`
|
49
206
|
|
50
207
|
```ruby
|
51
208
|
gem 'oauth2'
|
52
209
|
```
|
210
|
+
And then execute in a shell:
|
211
|
+
```shell
|
212
|
+
bundle
|
213
|
+
```
|
53
214
|
|
54
|
-
And then execute:
|
55
215
|
|
56
|
-
|
216
|
+
## Compatibility
|
57
217
|
|
58
|
-
|
218
|
+
Targeted ruby compatibility is non-EOL versions of Ruby, currently 2.7, 3.0 and
|
219
|
+
3.1. Compatibility is further distinguished by supported and unsupported versions of Ruby.
|
220
|
+
Ruby is limited to 1.9+ in the gemspec for the 1.4.x series and will be 2.2+ for 2.x releases (see `master` branch).
|
59
221
|
|
60
|
-
|
222
|
+
<details>
|
223
|
+
<summary>Ruby Engine Compatibility Policy</summary>
|
61
224
|
|
62
|
-
|
225
|
+
This gem is tested against MRI, JRuby, and Truffleruby.
|
226
|
+
Each of those has varying versions that target a specific version of MRI Ruby.
|
227
|
+
This gem should work in the just-listed Ruby engines according to the targeted MRI compatibility in the table below.
|
228
|
+
If you would like to add support for additional engines,
|
229
|
+
first make sure Github Actions supports the engine,
|
230
|
+
then submit a PR to the correct maintenance branch as according to the table below.
|
231
|
+
</details>
|
63
232
|
|
64
|
-
|
65
|
-
|
66
|
-
* [Read More at the Wiki][wiki]
|
233
|
+
<details>
|
234
|
+
<summary>Ruby Version Compatibility Policy</summary>
|
67
235
|
|
68
|
-
|
69
|
-
|
70
|
-
|
236
|
+
If something doesn't work on one of these interpreters, it's a bug.
|
237
|
+
|
238
|
+
This library may inadvertently work (or seem to work) on other Ruby
|
239
|
+
implementations, however support will only be provided for the versions listed
|
240
|
+
above.
|
241
|
+
|
242
|
+
If you would like this library to support another Ruby version, you may
|
243
|
+
volunteer to be a maintainer. Being a maintainer entails making sure all tests
|
244
|
+
run and pass on that implementation. When something breaks on your
|
245
|
+
implementation, you will be responsible for providing patches in a timely
|
246
|
+
fashion. If critical issues for a particular implementation exist at the time
|
247
|
+
of a major release, support for that Ruby version may be dropped.
|
248
|
+
</details>
|
249
|
+
|
250
|
+
| | Ruby OAuth 2 Version | Maintenance Branch | Supported Officially | Supported Unofficially | Supported Incidentally |
|
251
|
+
|:----|----------------------|--------------------|-------------------------|------------------------|------------------------|
|
252
|
+
| 1️⃣ | 2.0.x (unreleased) | `master` | 2.7, 3.0, 3.1 | 2.6, 2.5 | 2.4, 2.3, 2.2 |
|
253
|
+
| 2️⃣ | 1.4.x | `1-4-stable` | 2.5, 2.6, 2.7, 3.0, 3.1 | 2.1, 2.2, 2.3, 2.4 | 2.0, 1.9 |
|
254
|
+
| 3️⃣ | older | N/A | Best of luck to you! | Please upgrade! | |
|
255
|
+
|
256
|
+
NOTE: Once 2.0 is released, the 1.4 series will only receive critical bug and security updates.
|
257
|
+
See [SECURITY.md][🚎sec-pol]
|
71
258
|
|
72
259
|
## Usage Examples
|
73
260
|
|
@@ -83,13 +270,38 @@ response = token.get('/api/resource', :params => {'query_foo' => 'bar'})
|
|
83
270
|
response.class.name
|
84
271
|
# => OAuth2::Response
|
85
272
|
```
|
273
|
+
|
274
|
+
<details>
|
275
|
+
<summary>Debugging</summary>
|
276
|
+
|
277
|
+
Set an environment variable, however you would [normally do that](https://github.com/bkeepers/dotenv).
|
278
|
+
|
279
|
+
```ruby
|
280
|
+
# will log both request and response, including bodies
|
281
|
+
ENV['OAUTH_DEBUG'] = 'true'
|
282
|
+
```
|
283
|
+
|
284
|
+
By default, debug output will go to `$stdout`. This can be overridden when
|
285
|
+
initializing your OAuth2::Client.
|
286
|
+
|
287
|
+
```ruby
|
288
|
+
require 'oauth2'
|
289
|
+
client = OAuth2::Client.new(
|
290
|
+
'client_id',
|
291
|
+
'client_secret',
|
292
|
+
:site => 'https://example.org',
|
293
|
+
:logger => Logger.new('example.log', 'weekly')
|
294
|
+
)
|
295
|
+
```
|
296
|
+
</details>
|
297
|
+
|
86
298
|
## OAuth2::Response
|
87
299
|
|
88
|
-
The AccessToken methods
|
300
|
+
The `AccessToken` methods `#get`, `#post`, `#put` and `#delete` and the generic `#request`
|
89
301
|
will return an instance of the #OAuth2::Response class.
|
90
302
|
|
91
|
-
This instance contains a
|
92
|
-
return a Hash if the Content-Type is application/x-www-form-urlencoded or if
|
303
|
+
This instance contains a `#parsed` method that will parse the response body and
|
304
|
+
return a Hash if the `Content-Type` is `application/x-www-form-urlencoded` or if
|
93
305
|
the body is a JSON object. It will return an Array if the body is a JSON
|
94
306
|
array. Otherwise, it will return the original body string.
|
95
307
|
|
@@ -99,27 +311,27 @@ respective methods.
|
|
99
311
|
## OAuth2::AccessToken
|
100
312
|
|
101
313
|
If you have an existing Access Token for a user, you can initialize an instance
|
102
|
-
using various class methods including the standard new, from_hash (if you have
|
103
|
-
a hash of the values), or from_kvform (if you have an
|
104
|
-
application/x-www-form-urlencoded encoded string of the values).
|
314
|
+
using various class methods including the standard new, `from_hash` (if you have
|
315
|
+
a hash of the values), or `from_kvform` (if you have an
|
316
|
+
`application/x-www-form-urlencoded` encoded string of the values).
|
105
317
|
|
106
318
|
## OAuth2::Error
|
107
319
|
|
108
|
-
On 400+ status code responses, an OAuth2::Error will be raised. If it is a
|
109
|
-
standard OAuth2 error response, the body will be parsed and
|
110
|
-
error_description parameters. The
|
111
|
-
always contain the OAuth2::Response instance.
|
320
|
+
On 400+ status code responses, an `OAuth2::Error` will be raised. If it is a
|
321
|
+
standard OAuth2 error response, the body will be parsed and `#code` and `#description` will contain the values provided from the error and
|
322
|
+
`error_description` parameters. The `#response` property of `OAuth2::Error` will
|
323
|
+
always contain the `OAuth2::Response` instance.
|
112
324
|
|
113
|
-
If you do not want an error to be raised, you may use
|
114
|
-
option on initialization of the client. In this case the OAuth2::Response
|
325
|
+
If you do not want an error to be raised, you may use `:raise_errors => false`
|
326
|
+
option on initialization of the client. In this case the `OAuth2::Response`
|
115
327
|
instance will be returned as usual and on 400+ status code responses, the
|
116
|
-
Response instance will contain the OAuth2::Error instance.
|
328
|
+
Response instance will contain the `OAuth2::Error` instance.
|
117
329
|
|
118
330
|
## Authorization Grants
|
119
331
|
|
120
332
|
Currently the Authorization Code, Implicit, Resource Owner Password Credentials, Client Credentials, and Assertion
|
121
333
|
authentication grant types have helper strategy classes that simplify client
|
122
|
-
use.
|
334
|
+
use. They are available via the `#auth_code`, `#implicit`, `#password`, `#client_credentials`, and `#assertion` methods respectively.
|
123
335
|
|
124
336
|
```ruby
|
125
337
|
auth_url = client.auth_code.authorize_url(:redirect_uri => 'http://localhost:8080/oauth/callback')
|
@@ -143,56 +355,9 @@ request, add a 'headers' hash under 'params':
|
|
143
355
|
token = client.auth_code.get_token('code_value', :redirect_uri => 'http://localhost:8080/oauth/callback', :headers => {'Some' => 'Header'})
|
144
356
|
```
|
145
357
|
|
146
|
-
You can always use the
|
358
|
+
You can always use the `#request` method on the `OAuth2::Client` instance to make
|
147
359
|
requests for tokens for any Authentication grant type.
|
148
360
|
|
149
|
-
## Supported Ruby Versions
|
150
|
-
|
151
|
-
This library aims to support and is [tested against][travis] the following Ruby
|
152
|
-
implementations:
|
153
|
-
|
154
|
-
### Rubies with support ending at Oauth2 1.x
|
155
|
-
|
156
|
-
* Ruby 1.9.3
|
157
|
-
- [JRuby 1.7][jruby-1.7] (targets MRI v1.9)
|
158
|
-
|
159
|
-
* Ruby 2.0.0
|
160
|
-
- [JRuby 9.0][jruby-9.0] (targets MRI v2.0)
|
161
|
-
* Ruby 2.1
|
162
|
-
|
163
|
-
---
|
164
|
-
|
165
|
-
### Rubies with continued support past Oauth2 2.x
|
166
|
-
|
167
|
-
* Ruby 2.2 - Support ends with version 2.x series
|
168
|
-
* Ruby 2.3 - Support ends with version 3.x series
|
169
|
-
- [JRuby 9.1][jruby-9.1] (targets MRI v2.3)
|
170
|
-
* Ruby 2.4 - Support ends with version 4.x series
|
171
|
-
* Ruby 2.5 - Support ends with version 5.x series
|
172
|
-
- [JRuby 9.2][jruby-9.2] (targets MRI v2.5)
|
173
|
-
- [truffleruby][truffleruby] (targets MRI 2.5)
|
174
|
-
* Ruby 2.6 - Support ends with version 6.x series
|
175
|
-
* Ruby 2.7 - Support ends with version 7.x series
|
176
|
-
|
177
|
-
[jruby-1.7]: https://www.jruby.org/2017/05/11/jruby-1-7-27.html
|
178
|
-
[jruby-9.0]: https://www.jruby.org/2016/01/26/jruby-9-0-5-0.html
|
179
|
-
[jruby-9.1]: https://www.jruby.org/2017/05/16/jruby-9-1-9-0.html
|
180
|
-
[jruby-9.2]: https://www.jruby.org/2018/05/24/jruby-9-2-0-0.html
|
181
|
-
[truffleruby]: https://github.com/oracle/truffleruby
|
182
|
-
|
183
|
-
If something doesn't work on one of these interpreters, it's a bug.
|
184
|
-
|
185
|
-
This library may inadvertently work (or seem to work) on other Ruby
|
186
|
-
implementations, however support will only be provided for the versions listed
|
187
|
-
above.
|
188
|
-
|
189
|
-
If you would like this library to support another Ruby version, you may
|
190
|
-
volunteer to be a maintainer. Being a maintainer entails making sure all tests
|
191
|
-
run and pass on that implementation. When something breaks on your
|
192
|
-
implementation, you will be responsible for providing patches in a timely
|
193
|
-
fashion. If critical issues for a particular implementation exist at the time
|
194
|
-
of a major release, support for that Ruby version may be dropped.
|
195
|
-
|
196
361
|
## Versioning
|
197
362
|
|
198
363
|
This library aims to adhere to [Semantic Versioning 2.0.0][semver].
|
@@ -216,21 +381,21 @@ spec.add_dependency 'oauth2', '~> 1.4'
|
|
216
381
|
|
217
382
|
## License
|
218
383
|
|
219
|
-
[![License: MIT]
|
384
|
+
[![License: MIT][🖇src-license-img]][🖇src-license]
|
220
385
|
|
221
386
|
- Copyright (c) 2011-2013 Michael Bleigh and Intridea, Inc.
|
222
|
-
- Copyright (c) 2017-
|
387
|
+
- Copyright (c) 2017-2022 [oauth-xx organization][oauth-xx]
|
223
388
|
- See [LICENSE][license] for details.
|
224
389
|
|
225
390
|
[![FOSSA Status](https://app.fossa.io/api/projects/git%2Bgithub.com%2Foauth-xx%2Foauth2.svg?type=large)][fossa2]
|
226
391
|
|
227
|
-
[license]: LICENSE
|
392
|
+
[license]: https://github.com/oauth-xx/oauth2/blob/master/LICENSE
|
228
393
|
[oauth-xx]: https://github.com/oauth-xx
|
229
394
|
[fossa2]: https://app.fossa.io/projects/git%2Bgithub.com%2Foauth-xx%2Foauth2?ref=badge_large
|
230
395
|
|
231
396
|
## Development
|
232
397
|
|
233
|
-
After checking out the repo, run `bundle install` to install dependencies. Then, run `rake spec` to run the tests.
|
398
|
+
After checking out the repo, run `bundle install` to install dependencies. Then, run `bundle excec rake spec` to run the tests.
|
234
399
|
|
235
400
|
To install this gem onto your local machine, run `bundle exec rake install`. To release a new version, update the version number in `version.rb`, and then run `bundle exec rake release`, which will create a git tag for the version, push git commits and tags, and push the `.gem` file to [rubygems.org](https://rubygems.org).
|
236
401
|
|
data/lib/oauth2/access_token.rb
CHANGED
@@ -1,3 +1,5 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
1
3
|
module OAuth2
|
2
4
|
class AccessToken
|
3
5
|
attr_reader :client, :token, :expires_in, :expires_at, :params
|
@@ -38,7 +40,7 @@ module OAuth2
|
|
38
40
|
# @option opts [String] :header_format ('Bearer %s') the string format to use for the Authorization header
|
39
41
|
# @option opts [String] :param_name ('access_token') the parameter name to use for transmission of the
|
40
42
|
# Access Token value in :body or :query transmission mode
|
41
|
-
def initialize(client, token, opts = {})
|
43
|
+
def initialize(client, token, opts = {})
|
42
44
|
@client = client
|
43
45
|
@token = token.to_s
|
44
46
|
opts = opts.dup
|
@@ -151,7 +153,7 @@ module OAuth2
|
|
151
153
|
|
152
154
|
private
|
153
155
|
|
154
|
-
def configure_authentication!(opts)
|
156
|
+
def configure_authentication!(opts)
|
155
157
|
case options[:mode]
|
156
158
|
when :header
|
157
159
|
opts[:headers] ||= {}
|
@@ -173,11 +175,9 @@ module OAuth2
|
|
173
175
|
end
|
174
176
|
|
175
177
|
def convert_expires_at(expires_at)
|
176
|
-
|
177
|
-
|
178
|
-
|
179
|
-
|
180
|
-
expires_at_i
|
178
|
+
Time.iso8601(expires_at.to_s).to_i
|
179
|
+
rescue ArgumentError
|
180
|
+
expires_at.to_i
|
181
181
|
end
|
182
182
|
end
|
183
183
|
end
|
data/lib/oauth2/authenticator.rb
CHANGED
@@ -1,3 +1,5 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
1
3
|
require 'base64'
|
2
4
|
|
3
5
|
module OAuth2
|
@@ -60,7 +62,7 @@ module OAuth2
|
|
60
62
|
params.merge(:headers => headers)
|
61
63
|
end
|
62
64
|
|
63
|
-
# @see https://
|
65
|
+
# @see https://datatracker.ietf.org/doc/html/rfc2617#section-2
|
64
66
|
def basic_auth_header
|
65
67
|
{'Authorization' => self.class.encode_basic_auth(id, secret)}
|
66
68
|
end
|