RubyGems - oauth2 - Versions diffs - 1.4.7 → 2.0.2 - Mend

oauth2 1.4.7 → 2.0.2

Files changed (35) hide show

checksums.yaml +4 -4
data/CHANGELOG.md +114 -22
data/CONTRIBUTING.md +18 -0
data/LICENSE +1 -1
data/README.md +383 -138
data/SECURITY.md +20 -0
data/lib/oauth2/access_token.rb +32 -21
data/lib/oauth2/authenticator.rb +12 -5
data/lib/oauth2/client.rb +142 -81
data/lib/oauth2/error.rb +29 -18
data/lib/oauth2/response.rb +63 -19
data/lib/oauth2/snaky_hash.rb +8 -0
data/lib/oauth2/strategy/assertion.rb +66 -39
data/lib/oauth2/strategy/auth_code.rb +15 -2
data/lib/oauth2/strategy/base.rb +2 -0
data/lib/oauth2/strategy/client_credentials.rb +3 -1
data/lib/oauth2/strategy/implicit.rb +10 -1
data/lib/oauth2/strategy/password.rb +3 -1
data/lib/oauth2/version.rb +1 -59
data/lib/oauth2.rb +21 -1
metadata +75 -97
data/lib/oauth2/mac_token.rb +0 -130
data/spec/helper.rb +0 -37
data/spec/oauth2/access_token_spec.rb +0 -216
data/spec/oauth2/authenticator_spec.rb +0 -84
data/spec/oauth2/client_spec.rb +0 -506
data/spec/oauth2/mac_token_spec.rb +0 -117
data/spec/oauth2/response_spec.rb +0 -90
data/spec/oauth2/strategy/assertion_spec.rb +0 -58
data/spec/oauth2/strategy/auth_code_spec.rb +0 -107
data/spec/oauth2/strategy/base_spec.rb +0 -5
data/spec/oauth2/strategy/client_credentials_spec.rb +0 -69
data/spec/oauth2/strategy/implicit_spec.rb +0 -26
data/spec/oauth2/strategy/password_spec.rb +0 -55
data/spec/oauth2/version_spec.rb +0 -23

metadata CHANGED Viewed

@@ -1,16 +1,16 @@
 --- !ruby/object:Gem::Specification
 name: oauth2
 version: !ruby/object:Gem::Version
-  version: 1.4.7
+  version: 2.0.2
 platform: ruby
 authors:
 - Peter Boling
-- Michael Bleigh
 - Erik Michaels-Ober
-autorequire:
+- Michael Bleigh
+autorequire:
 bindir: exe
 cert_chain: []
-date: 2021-03-19 00:00:00.000000000 Z
+date: 2022-06-24 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: faraday
@@ -18,20 +18,20 @@ dependencies:
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '0.8'
+        version: 0.17.3
     - - "<"
       - !ruby/object:Gem::Version
-        version: '2.0'
+        version: '3.0'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '0.8'
+        version: 0.17.3
     - - "<"
       - !ruby/object:Gem::Version
-        version: '2.0'
+        version: '3.0'
 - !ruby/object:Gem::Dependency
   name: jwt
   requirement: !ruby/object:Gem::Requirement
@@ -53,157 +53,157 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '3.0'
 - !ruby/object:Gem::Dependency
-  name: multi_json
+  name: multi_xml
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.3'
+        version: '0.5'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.3'
+        version: '0.5'
 - !ruby/object:Gem::Dependency
-  name: multi_xml
+  name: rack
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '0.5'
+        version: '1.2'
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: '3'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '0.5'
+        version: '1.2'
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: '3'
 - !ruby/object:Gem::Dependency
-  name: rack
+  name: rash_alt
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '1.2'
+        version: '0.4'
     - - "<"
       - !ruby/object:Gem::Version
-        version: '3'
+        version: '1'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '1.2'
+        version: '0.4'
     - - "<"
       - !ruby/object:Gem::Version
-        version: '3'
+        version: '1'
 - !ruby/object:Gem::Dependency
-  name: addressable
+  name: version_gem
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '2.3'
-  type: :development
+        version: '1.0'
+  type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '2.3'
+        version: '1.0'
 - !ruby/object:Gem::Dependency
-  name: backports
+  name: addressable
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '3.11'
+        version: '2'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '3.11'
+        version: '2'
 - !ruby/object:Gem::Dependency
-  name: bundler
+  name: backports
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '1.16'
+        version: '3'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '1.16'
+        version: '3'
 - !ruby/object:Gem::Dependency
-  name: coveralls
+  name: bundler
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '0.8'
+        version: '2'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '0.8'
+        version: '2'
 - !ruby/object:Gem::Dependency
   name: rake
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '12.3'
+        version: '12'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '12.3'
+        version: '12'
 - !ruby/object:Gem::Dependency
-  name: rdoc
+  name: rexml
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '5.0'
-    - - "<"
-      - !ruby/object:Gem::Version
-        version: '7'
+        version: '3'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '5.0'
-    - - "<"
-      - !ruby/object:Gem::Version
-        version: '7'
+        version: '3'
 - !ruby/object:Gem::Dependency
   name: rspec
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '3.0'
+        version: '3'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '3.0'
+        version: '3'
 - !ruby/object:Gem::Dependency
   name: rspec-block_is_expected
   requirement: !ruby/object:Gem::Requirement
@@ -247,21 +247,21 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
-  name: silent_stream
+  name: rubocop-lts
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: '0'
+        version: '8.0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: '0'
+        version: '8.0'
 - !ruby/object:Gem::Dependency
-  name: wwtd
+  name: silent_stream
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
@@ -284,15 +284,17 @@ extra_rdoc_files: []
 files:
 - CHANGELOG.md
 - CODE_OF_CONDUCT.md
+- CONTRIBUTING.md
 - LICENSE
 - README.md
+- SECURITY.md
 - lib/oauth2.rb
 - lib/oauth2/access_token.rb
 - lib/oauth2/authenticator.rb
 - lib/oauth2/client.rb
 - lib/oauth2/error.rb
-- lib/oauth2/mac_token.rb
 - lib/oauth2/response.rb
+- lib/oauth2/snaky_hash.rb
 - lib/oauth2/strategy/assertion.rb
 - lib/oauth2/strategy/auth_code.rb
 - lib/oauth2/strategy/base.rb
@@ -300,29 +302,18 @@ files:
 - lib/oauth2/strategy/implicit.rb
 - lib/oauth2/strategy/password.rb
 - lib/oauth2/version.rb
-- spec/helper.rb
-- spec/oauth2/access_token_spec.rb
-- spec/oauth2/authenticator_spec.rb
-- spec/oauth2/client_spec.rb
-- spec/oauth2/mac_token_spec.rb
-- spec/oauth2/response_spec.rb
-- spec/oauth2/strategy/assertion_spec.rb
-- spec/oauth2/strategy/auth_code_spec.rb
-- spec/oauth2/strategy/base_spec.rb
-- spec/oauth2/strategy/client_credentials_spec.rb
-- spec/oauth2/strategy/implicit_spec.rb
-- spec/oauth2/strategy/password_spec.rb
-- spec/oauth2/version_spec.rb
 homepage: https://github.com/oauth-xx/oauth2
 licenses:
 - MIT
 metadata:
+  homepage_uri: https://github.com/oauth-xx/oauth2
+  source_code_uri: https://github.com/oauth-xx/oauth2/tree/v2.0.2
+  changelog_uri: https://github.com/oauth-xx/oauth2/blob/v2.0.2/CHANGELOG.md
   bug_tracker_uri: https://github.com/oauth-xx/oauth2/issues
-  changelog_uri: https://github.com/oauth-xx/oauth2/blob/v1.4.7/CHANGELOG.md
-  documentation_uri: https://www.rubydoc.info/gems/oauth2/1.4.7
-  source_code_uri: https://github.com/oauth-xx/oauth2/tree/v1.4.7
+  documentation_uri: https://www.rubydoc.info/gems/oauth2/2.0.2
   wiki_uri: https://github.com/oauth-xx/oauth2/wiki
-post_install_message:
+  rubygems_mfa_required: 'true'
+post_install_message:
 rdoc_options: []
 require_paths:
 - lib
@@ -330,28 +321,15 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: 1.9.0
+      version: 2.2.0
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: 1.3.5
+      version: '0'
 requirements: []
-rubygems_version: 3.2.9
-signing_key:
+rubygems_version: 3.3.16
+signing_key:
 specification_version: 4
 summary: A Ruby wrapper for the OAuth 2.0 protocol.
-test_files:
-- spec/helper.rb
-- spec/oauth2/client_spec.rb
-- spec/oauth2/version_spec.rb
-- spec/oauth2/authenticator_spec.rb
-- spec/oauth2/mac_token_spec.rb
-- spec/oauth2/access_token_spec.rb
-- spec/oauth2/response_spec.rb
-- spec/oauth2/strategy/password_spec.rb
-- spec/oauth2/strategy/client_credentials_spec.rb
-- spec/oauth2/strategy/assertion_spec.rb
-- spec/oauth2/strategy/implicit_spec.rb
-- spec/oauth2/strategy/auth_code_spec.rb
-- spec/oauth2/strategy/base_spec.rb
+test_files: []

data/lib/oauth2/mac_token.rb DELETED Viewed

@@ -1,130 +0,0 @@
-require 'base64'
-require 'digest'
-require 'openssl'
-require 'securerandom'
-module OAuth2
-  class MACToken < AccessToken
-    # Generates a MACToken from an AccessToken and secret
-    #
-    # @param [AccessToken] token the OAuth2::Token instance
-    # @option [String] secret the secret key value
-    # @param [Hash] opts the options to create the Access Token with
-    # @see MACToken#initialize
-    def self.from_access_token(token, secret, options = {})
-      new(token.client, token.token, secret, token.params.merge(:refresh_token => token.refresh_token, :expires_in => token.expires_in, :expires_at => token.expires_at).merge(options))
-    end
-    attr_reader :secret, :algorithm
-    # Initalize a MACToken
-    #
-    # @param [Client] client the OAuth2::Client instance
-    # @param [String] token the Access Token value
-    # @option [String] secret the secret key value
-    # @param [Hash] opts the options to create the Access Token with
-    # @option opts [String] :refresh_token (nil) the refresh_token value
-    # @option opts [FixNum, String] :expires_in (nil) the number of seconds in which the AccessToken will expire
-    # @option opts [FixNum, String] :expires_at (nil) the epoch time in seconds in which AccessToken will expire
-    # @option opts [FixNum, String] :algorithm (hmac-sha-256) the algorithm to use for the HMAC digest (one of 'hmac-sha-256', 'hmac-sha-1')
-    def initialize(client, token, secret, opts = {})
-      @secret = secret
-      self.algorithm = opts.delete(:algorithm) || 'hmac-sha-256'
-      super(client, token, opts)
-    end
-    # Make a request with the MAC Token
-    #
-    # @param [Symbol] verb the HTTP request method
-    # @param [String] path the HTTP URL path of the request
-    # @param [Hash] opts the options to make the request with
-    # @see Client#request
-    def request(verb, path, opts = {}, &block)
-      url = client.connection.build_url(path, opts[:params]).to_s
-      opts[:headers] ||= {}
-      opts[:headers]['Authorization'] = header(verb, url)
-      @client.request(verb, path, opts, &block)
-    end
-    # Get the headers hash (always an empty hash)
-    def headers
-      {}
-    end
-    # Generate the MAC header
-    #
-    # @param [Symbol] verb the HTTP request method
-    # @param [String] url the HTTP URL path of the request
-    def header(verb, url)
-      timestamp = Time.now.utc.to_i
-      nonce = Digest::MD5.hexdigest([timestamp, SecureRandom.hex].join(':'))
-      uri = URI.parse(url)
-      raise(ArgumentError, "could not parse \"#{url}\" into URI") unless uri.is_a?(URI::HTTP)
-      mac = signature(timestamp, nonce, verb, uri)
-      "MAC id=\"#{token}\", ts=\"#{timestamp}\", nonce=\"#{nonce}\", mac=\"#{mac}\""
-    end
-    # Generate the Base64-encoded HMAC digest signature
-    #
-    # @param [Fixnum] timestamp the timestamp of the request in seconds since epoch
-    # @param [String] nonce the MAC header nonce
-    # @param [Symbol] verb the HTTP request method
-    # @param [String] url the HTTP URL path of the request
-    def signature(timestamp, nonce, verb, uri)
-      signature = [
-        timestamp,
-        nonce,
-        verb.to_s.upcase,
-        uri.request_uri,
-        uri.host,
-        uri.port,
-        '', nil
-      ].join("\n")
-      strict_encode64(OpenSSL::HMAC.digest(@algorithm, secret, signature))
-    end
-    # Set the HMAC algorithm
-    #
-    # @param [String] alg the algorithm to use (one of 'hmac-sha-1', 'hmac-sha-256')
-    def algorithm=(alg)
-      @algorithm = begin
-        case alg.to_s
-        when 'hmac-sha-1'
-          begin
-            OpenSSL::Digest('SHA1').new
-          rescue StandardError
-            OpenSSL::Digest.new('SHA1')
-          end
-        when 'hmac-sha-256'
-          begin
-            OpenSSL::Digest('SHA256').new
-          rescue StandardError
-            OpenSSL::Digest.new('SHA256')
-          end
-        else
-          raise(ArgumentError, 'Unsupported algorithm')
-        end
-      end
-    end
-  private
-    # No-op since we need the verb and path
-    # and the MAC always goes in a header
-    def token=(_noop)
-    end
-    # Base64.strict_encode64 is not available on Ruby 1.8.7
-    def strict_encode64(str)
-      Base64.encode64(str).delete("\n")
-    end
-  end
-end

data/spec/helper.rb DELETED Viewed

@@ -1,37 +0,0 @@
-DEBUG = ENV['DEBUG'] == 'true'
-ruby_version = Gem::Version.new(RUBY_VERSION)
-if ruby_version >= Gem::Version.new('2.7')
-  require 'simplecov'
-  require 'coveralls'
-  SimpleCov.formatters = [SimpleCov::Formatter::HTMLFormatter, Coveralls::SimpleCov::Formatter]
-  SimpleCov.start do
-    add_filter '/spec'
-    minimum_coverage(95)
-  end
-end
-require 'byebug' if DEBUG && ruby_version >= Gem::Version.new('2.4')
-require 'oauth2'
-require 'addressable/uri'
-require 'rspec'
-require 'rspec/stubbed_env'
-require 'silent_stream'
-RSpec.configure do |config|
-  config.expect_with :rspec do |c|
-    c.syntax = :expect
-  end
-end
-Faraday.default_adapter = :test
-RSpec.configure do |conf|
-  conf.include SilentStream
-end
-VERBS = [:get, :post, :put, :delete].freeze