oauth2 1.4.9 → 1.4.11
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +77 -85
- data/CONTRIBUTING.md +44 -0
- data/LICENSE +1 -1
- data/README.md +138 -95
- data/SECURITY.md +26 -0
- data/lib/oauth2/client.rb +2 -2
- data/lib/oauth2/mac_token.rb +1 -1
- data/lib/oauth2/version.rb +1 -1
- metadata +74 -63
- data/spec/fixtures/README.md +0 -11
- data/spec/fixtures/RS256/jwtRS256.key +0 -51
- data/spec/fixtures/RS256/jwtRS256.key.pub +0 -14
- data/spec/helper.rb +0 -33
- data/spec/oauth2/access_token_spec.rb +0 -218
- data/spec/oauth2/authenticator_spec.rb +0 -86
- data/spec/oauth2/client_spec.rb +0 -556
- data/spec/oauth2/mac_token_spec.rb +0 -122
- data/spec/oauth2/response_spec.rb +0 -96
- data/spec/oauth2/strategy/assertion_spec.rb +0 -113
- data/spec/oauth2/strategy/auth_code_spec.rb +0 -108
- data/spec/oauth2/strategy/base_spec.rb +0 -7
- data/spec/oauth2/strategy/client_credentials_spec.rb +0 -71
- data/spec/oauth2/strategy/implicit_spec.rb +0 -28
- data/spec/oauth2/strategy/password_spec.rb +0 -58
- data/spec/oauth2/version_spec.rb +0 -23
data/README.md
CHANGED
@@ -1,9 +1,9 @@
|
|
1
1
|
<p align="center">
|
2
|
-
<a href="http://oauth.net/2/" target="_blank" rel="noopener
|
3
|
-
<img src="https://github.com/oauth-xx/oauth2/raw/
|
2
|
+
<a href="http://oauth.net/2/" target="_blank" rel="noopener">
|
3
|
+
<img src="https://github.com/oauth-xx/oauth2/raw/main/docs/images/logo/oauth2-logo-124px.png?raw=true" alt="OAuth 2.0 Logo by Chris Messina, CC BY-SA 3.0">
|
4
4
|
</a>
|
5
|
-
<a href="https://www.ruby-lang.org/" target="_blank" rel="noopener
|
6
|
-
<img width="124px" src="https://github.com/oauth-xx/oauth2/raw/
|
5
|
+
<a href="https://www.ruby-lang.org/" target="_blank" rel="noopener">
|
6
|
+
<img width="124px" src="https://github.com/oauth-xx/oauth2/raw/main/docs/images/logo/ruby-logo-198px.svg?raw=true" alt="Yukihiro Matsumoto, Ruby Visual Identity Team, CC BY-SA 2.5">
|
7
7
|
</a>
|
8
8
|
</p>
|
9
9
|
|
@@ -15,38 +15,41 @@ OAuth 2.0 focuses on client developer simplicity while providing specific author
|
|
15
15
|
This is a RubyGem for implementing OAuth 2.0 clients and servers in Ruby applications.
|
16
16
|
See the sibling `oauth` gem for OAuth 1.0 implementations in Ruby.
|
17
17
|
|
18
|
-
|
19
|
-
|
18
|
+
⚠️⚠️⚠️ **_WARNING_**: You are viewing the `README` of the
|
19
|
+
[supported-only-for-critical-enterprise-security-issues](#oauth2-for-enterprise) `1-4-stable`
|
20
|
+
branch. Please do not use this, and instead upgrade to version 2! ⚠️⚠️⚠️
|
21
|
+
|
22
|
+
No further releases of 1.x series are planned! [Version 2](https://gitlab.com/oauth-xx/oauth2/#what-is-new-for-v20) has *tons* of improvements!
|
23
|
+
|
24
|
+
If you must continue using 1.4.x please consider purchasing an open source security maintenance contract from [Tidelift][tidelift-ref].
|
20
25
|
|
21
26
|
---
|
22
27
|
|
23
28
|
* [OAuth 2.0 Spec][oauth2-spec]
|
24
29
|
* [OAuth 1.0 sibling gem][sibling-gem]
|
25
|
-
* Help us finish release [![2.0.0 release milestone][next-milestone-pct-img]][next-milestone-pct] by submitting or reviewing PRs and issues.
|
26
|
-
* Oauth2 gem is _always_ looking for additional maintainers. See [#307][maintainers-discussion].
|
27
30
|
|
28
31
|
[oauth2-spec]: https://oauth.net/2/
|
29
|
-
[sibling-gem]: https://
|
30
|
-
[next-milestone-pct]: https://github.com/oauth-xx/oauth2/milestone/1
|
31
|
-
[next-milestone-pct-img]: https://img.shields.io/github/milestones/progress-percent/oauth-xx/oauth2/1
|
32
|
-
[maintainers-discussion]: https://github.com/oauth-xx/oauth2/issues/307
|
32
|
+
[sibling-gem]: https://gitlab.com/oauth-xx/oauth
|
33
33
|
|
34
34
|
## Release Documentation
|
35
35
|
|
36
36
|
<details>
|
37
37
|
<summary>1.4.x Readmes</summary>
|
38
38
|
|
39
|
-
| Version | Release Date | Readme
|
40
|
-
|
41
|
-
| 1.4.
|
42
|
-
| 1.4.
|
43
|
-
| 1.4.
|
44
|
-
| 1.4.
|
45
|
-
| 1.4.
|
46
|
-
| 1.4.
|
47
|
-
| 1.4.
|
48
|
-
| 1.4.
|
49
|
-
| 1.4.
|
39
|
+
| Version | Release Date | Readme |
|
40
|
+
|---------|--------------|-------------------------------------------------------------|
|
41
|
+
| 1.4.11 | Sep 16, 2022 | https://gitlab.com/oauth-xx/oauth2/-/blob/v1.4.11/README.md |
|
42
|
+
| 1.4.10 | Jul 1, 2022 | https://gitlab.com/oauth-xx/oauth2/-/blob/v1.4.10/README.md |
|
43
|
+
| 1.4.9 | Feb 20, 2022 | https://gitlab.com/oauth-xx/oauth2/-/blob/v1.4.9/README.md |
|
44
|
+
| 1.4.8 | Feb 18, 2022 | https://gitlab.com/oauth-xx/oauth2/-/blob/v1.4.8/README.md |
|
45
|
+
| 1.4.7 | Mar 19, 2021 | https://gitlab.com/oauth-xx/oauth2/-/blob/v1.4.7/README.md |
|
46
|
+
| 1.4.6 | Mar 19, 2021 | https://gitlab.com/oauth-xx/oauth2/-/blob/v1.4.6/README.md |
|
47
|
+
| 1.4.5 | Mar 18, 2021 | https://gitlab.com/oauth-xx/oauth2/-/blob/v1.4.5/README.md |
|
48
|
+
| 1.4.4 | Feb 12, 2020 | https://gitlab.com/oauth-xx/oauth2/-/blob/v1.4.4/README.md |
|
49
|
+
| 1.4.3 | Jan 29, 2020 | https://gitlab.com/oauth-xx/oauth2/-/blob/v1.4.3/README.md |
|
50
|
+
| 1.4.2 | Oct 1, 2019 | https://gitlab.com/oauth-xx/oauth2/-/blob/v1.4.2/README.md |
|
51
|
+
| 1.4.1 | Oct 13, 2018 | https://gitlab.com/oauth-xx/oauth2/-/blob/v1.4.1/README.md |
|
52
|
+
| 1.4.0 | Jun 9, 2017 | https://gitlab.com/oauth-xx/oauth2/-/blob/v1.4.0/README.md |
|
50
53
|
</details>
|
51
54
|
|
52
55
|
<details>
|
@@ -54,8 +57,8 @@ branch which for version 1.4.x releases. Version 2.0 is coming! ⚠️
|
|
54
57
|
|
55
58
|
| Version | Release Date | Readme |
|
56
59
|
|----------|--------------|----------------------------------------------------------|
|
57
|
-
| 1.3.1 | Mar 3, 2017 | https://
|
58
|
-
| 1.3.0 | Dec 27, 2016 | https://
|
60
|
+
| 1.3.1 | Mar 3, 2017 | https://gitlab.com/oauth-xx/oauth2/-/blob/v1.3.1/README.md |
|
61
|
+
| 1.3.0 | Dec 27, 2016 | https://gitlab.com/oauth-xx/oauth2/-/blob/v1.3.0/README.md |
|
59
62
|
</details>
|
60
63
|
|
61
64
|
<details>
|
@@ -63,12 +66,14 @@ branch which for version 1.4.x releases. Version 2.0 is coming! ⚠️
|
|
63
66
|
|
64
67
|
| Version | Release Date | Readme |
|
65
68
|
|----------|--------------|----------------------------------------------------------|
|
66
|
-
| 1.2.0 | Jun 30, 2016 | https://
|
67
|
-
| 1.1.0 | Jan 30, 2016 | https://
|
68
|
-
| 1.0.0 | May 23, 2014 | https://
|
69
|
-
| < 1.0.0 | Find here | https://
|
69
|
+
| 1.2.0 | Jun 30, 2016 | https://gitlab.com/oauth-xx/oauth2/-/blob/v1.2.0/README.md |
|
70
|
+
| 1.1.0 | Jan 30, 2016 | https://gitlab.com/oauth-xx/oauth2/-/blob/v1.1.0/README.md |
|
71
|
+
| 1.0.0 | May 23, 2014 | https://gitlab.com/oauth-xx/oauth2/-/blob/v1.0.0/README.md |
|
72
|
+
| < 1.0.0 | Find here | https://gitlab.com/oauth-xx/oauth2/-/tags |
|
70
73
|
</details>
|
71
74
|
|
75
|
+
## Status
|
76
|
+
|
72
77
|
<!--
|
73
78
|
Numbering rows and badges in each row as a visual "database" lookup,
|
74
79
|
as the table is extremely dense, and it can be very difficult to find anything
|
@@ -91,17 +96,20 @@ badge #s:
|
|
91
96
|
🖐
|
92
97
|
🧮
|
93
98
|
📗
|
99
|
+
|
100
|
+
appended indicators:
|
101
|
+
♻️ - URL needs to be updated from SASS integration. Find / Replace is insufficient.
|
94
102
|
-->
|
95
103
|
|
96
|
-
| | Project | oauth2
|
97
|
-
|
98
|
-
| 1️⃣ | name, license, docs | [![RubyGems.org][⛳️name-img]][⛳️gem] [![License: MIT][🖇src-license-img]][🖇src-license] [![FOSSA][🏘fossa-img]][🏘fossa] [![RubyDoc.info][🚎yard-img]][🚎yard] [![InchCI][🖐inch-ci-img]][🚎yard]
|
99
|
-
| 2️⃣ | version & activity | [![Gem Version][⛳️version-img]][⛳️gem] [![Total Downloads][🖇DL-total-img]][⛳️gem] [![Download Rank][🏘DL-rank-img]][⛳️gem] [![Source Code][🚎src-home-img]][🚎src-home]
|
100
|
-
| 3️⃣ | maintanence & linting | [![Maintainability][⛳cclim-maint-img]][⛳cclim-maint] [![Helpers][🖇triage-help-img]][🖇triage-help] [![Depfu][🏘depfu-img]][🏘depfu] [![Contributors][🚎contributors-img]][🚎contributors] [![Style][🖐style-wf-img]][🖐style-wf] [![Kloc Roll][🧮kloc-img]][🧮kloc] |
|
101
|
-
| 4️⃣ | testing | [![
|
102
|
-
| 5️⃣ | coverage & security | [![CodeClimate][⛳cclim-cov-img]][⛳cclim-cov] [![CodeCov][🖇codecov-img]][🖇codecov] [![Coveralls][🏘coveralls-img]][🏘coveralls] [![Security Policy][🚎sec-pol-img]][🚎sec-pol] [![CodeQL][🖐codeQL-img]][🖐codeQL]
|
103
|
-
| 6️⃣ | resources | [![Discussion][⛳
|
104
|
-
| 7️⃣ | spread 💖 | [![Liberapay Patrons][⛳liberapay-img]][⛳liberapay] [![Sponsor Me][🖇sponsor-img]][🖇sponsor] [![Tweet @ Peter][🏘tweet-img]][🏘tweet] [🌏][aboutme] [👼][angelme] [💻][coderme]
|
104
|
+
| | Project | bundle add oauth2 |
|
105
|
+
|:----|-----------------------|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
|
106
|
+
| 1️⃣ | name, license, docs | [![RubyGems.org][⛳️name-img]][⛳️gem] [![License: MIT][🖇src-license-img]][🖇src-license] [![FOSSA][🏘fossa-img]][🏘fossa] [![RubyDoc.info][🚎yard-img]][🚎yard] [![InchCI][🖐inch-ci-img]][🚎yard] |
|
107
|
+
| 2️⃣ | version & activity | [![Gem Version][⛳️version-img]][⛳️gem] [![Total Downloads][🖇DL-total-img]][⛳️gem] [![Download Rank][🏘DL-rank-img]][⛳️gem] [![Source Code][🚎src-home-img]][🚎src-home] |
|
108
|
+
| 3️⃣ | maintanence & linting | [![Maintainability][⛳cclim-maint-img♻️]][⛳cclim-maint] [![Helpers][🖇triage-help-img]][🖇triage-help] [![Depfu][🏘depfu-img♻️]][🏘depfu♻️] [![Contributors][🚎contributors-img]][🚎contributors] [![Style][🖐style-wf-img]][🖐style-wf] [![Kloc Roll][🧮kloc-img]][🧮kloc] |
|
109
|
+
| 4️⃣ | testing | [![Supported][🏘sup-wf-img]][🏘sup-wf] [![Heads][🚎heads-wf-img]][🚎heads-wf] [![Unofficial Support][🖐uns-wf-img]][🖐uns-wf] [![MacOS][🧮mac-wf-img]][🧮mac-wf] [![Windows][📗win-wf-img]][📗win-wf] |
|
110
|
+
| 5️⃣ | coverage & security | [![CodeClimate][⛳cclim-cov-img♻️]][⛳cclim-cov] [![CodeCov][🖇codecov-img♻️]][🖇codecov] [![Coveralls][🏘coveralls-img]][🏘coveralls] [![Security Policy][🚎sec-pol-img]][🚎sec-pol] [![CodeQL][🖐codeQL-img]][🖐codeQL] [![Code Coverage][🧮cov-wf-img]][🧮cov-wf] |
|
111
|
+
| 6️⃣ | resources | [![Discussion][⛳gg-discussions-img]][⛳gg-discussions] [![Get help on Codementor][🖇codementor-img]][🖇codementor] [![Chat][🏘chat-img]][🏘chat] [![Blog][🚎blog-img]][🚎blog] [![Blog][🖐wiki-img]][🖐wiki] |
|
112
|
+
| 7️⃣ | spread 💖 | [![Liberapay Patrons][⛳liberapay-img]][⛳liberapay] [![Sponsor Me][🖇sponsor-img]][🖇sponsor] [![Tweet @ Peter][🏘tweet-img]][🏘tweet] [🌏][aboutme] [👼][angelme] [💻][coderme] |
|
105
113
|
|
106
114
|
<!--
|
107
115
|
The link tokens in the following sections should be kept ordered by the row and badge numbering scheme
|
@@ -122,21 +130,17 @@ The link tokens in the following sections should be kept ordered by the row and
|
|
122
130
|
[⛳️version-img]: http://img.shields.io/gem/v/oauth2.svg
|
123
131
|
[🖇DL-total-img]: https://img.shields.io/gem/dt/oauth2.svg
|
124
132
|
[🏘DL-rank-img]: https://img.shields.io/gem/rt/oauth2.svg
|
125
|
-
[🚎src-home]: https://
|
126
|
-
[🚎src-home-img]: https://img.shields.io/badge/source-
|
127
|
-
|
128
|
-
|
129
|
-
[🧮prs-closed]: https://github.com/oauth-xx/oauth2/pulls?q=is%3Apr+is%3Aclosed
|
130
|
-
[🧮prs-closed-img]: https://img.shields.io/github/issues-pr-closed/oauth-xx/oauth2
|
131
|
-
|
132
|
-
<!-- 3️⃣ maintanence & linting -->
|
133
|
+
[🚎src-home]: https://gitlab.com/oauth-xx/oauth2/
|
134
|
+
[🚎src-home-img]: https://img.shields.io/badge/source-gitlab-blue.svg?style=flat
|
135
|
+
|
136
|
+
<!-- 3️⃣ maintenance & linting -->
|
133
137
|
[⛳cclim-maint]: https://codeclimate.com/github/oauth-xx/oauth2/maintainability
|
134
|
-
[⛳cclim-maint-img]: https://api.codeclimate.com/v1/badges/688c612528ff90a46955/maintainability
|
138
|
+
[⛳cclim-maint-img♻️]: https://api.codeclimate.com/v1/badges/688c612528ff90a46955/maintainability
|
135
139
|
[🖇triage-help]: https://www.codetriage.com/oauth-xx/oauth2
|
136
140
|
[🖇triage-help-img]: https://www.codetriage.com/oauth-xx/oauth2/badges/users.svg
|
137
|
-
[🏘depfu]: https://depfu.com/github/oauth-xx/oauth2?project_id=4445
|
138
|
-
[🏘depfu-img]: https://badges.depfu.com/badges/6d34dc1ba682bbdf9ae2a97848241743/count.svg
|
139
|
-
[🚎contributors]: https://
|
141
|
+
[🏘depfu♻️]: https://depfu.com/github/oauth-xx/oauth2?project_id=4445
|
142
|
+
[🏘depfu-img♻️]: https://badges.depfu.com/badges/6d34dc1ba682bbdf9ae2a97848241743/count.svg
|
143
|
+
[🚎contributors]: https://gitlab.com/oauth-xx/oauth2/-/graphs/main
|
140
144
|
[🚎contributors-img]: https://img.shields.io/github/contributors-anon/oauth-xx/oauth2
|
141
145
|
[🖐style-wf]: https://github.com/oauth-xx/oauth2/actions/workflows/style.yml
|
142
146
|
[🖐style-wf-img]: https://github.com/oauth-xx/oauth2/actions/workflows/style.yml/badge.svg
|
@@ -144,39 +148,41 @@ The link tokens in the following sections should be kept ordered by the row and
|
|
144
148
|
[🧮kloc-img]: https://img.shields.io/tokei/lines/github.com/oauth-xx/oauth2
|
145
149
|
|
146
150
|
<!-- 4️⃣ testing -->
|
147
|
-
[
|
148
|
-
[
|
149
|
-
[
|
150
|
-
[
|
151
|
-
[
|
152
|
-
[
|
153
|
-
[
|
154
|
-
[
|
155
|
-
[
|
156
|
-
[
|
151
|
+
[🏘sup-wf]: https://github.com/oauth-xx/oauth2/actions/workflows/supported.yml
|
152
|
+
[🏘sup-wf-img]: https://github.com/oauth-xx/oauth2/actions/workflows/supported.yml/badge.svg
|
153
|
+
[🚎heads-wf]: https://github.com/oauth-xx/oauth2/actions/workflows/heads.yml
|
154
|
+
[🚎heads-wf-img]: https://github.com/oauth-xx/oauth2/actions/workflows/heads.yml/badge.svg
|
155
|
+
[🖐uns-wf]: https://github.com/oauth-xx/oauth2/actions/workflows/unsupported.yml
|
156
|
+
[🖐uns-wf-img]: https://github.com/oauth-xx/oauth2/actions/workflows/unsupported.yml/badge.svg
|
157
|
+
[🧮mac-wf]: https://github.com/oauth-xx/oauth2/actions/workflows/macos.yml
|
158
|
+
[🧮mac-wf-img]: https://github.com/oauth-xx/oauth2/actions/workflows/macos.yml/badge.svg
|
159
|
+
[📗win-wf]: https://github.com/oauth-xx/oauth2/actions/workflows/windows.yml
|
160
|
+
[📗win-wf-img]: https://github.com/oauth-xx/oauth2/actions/workflows/windows.yml/badge.svg
|
157
161
|
|
158
162
|
<!-- 5️⃣ coverage & security -->
|
159
163
|
[⛳cclim-cov]: https://codeclimate.com/github/oauth-xx/oauth2/test_coverage
|
160
|
-
[⛳cclim-cov-img]: https://api.codeclimate.com/v1/badges/688c612528ff90a46955/test_coverage
|
161
|
-
[🖇codecov-img]: https://codecov.io/gh/oauth-xx/oauth2/branch/1-4-stable/graph/badge.svg?token=bNqSzNiuo2
|
164
|
+
[⛳cclim-cov-img♻️]: https://api.codeclimate.com/v1/badges/688c612528ff90a46955/test_coverage
|
165
|
+
[🖇codecov-img♻️]: https://codecov.io/gh/oauth-xx/oauth2/branch/1-4-stable/graph/badge.svg?token=bNqSzNiuo2
|
162
166
|
[🖇codecov]: https://codecov.io/gh/oauth-xx/oauth2
|
163
167
|
[🏘coveralls]: https://coveralls.io/github/oauth-xx/oauth2?branch=1-4-stable
|
164
168
|
[🏘coveralls-img]: https://coveralls.io/repos/github/oauth-xx/oauth2/badge.svg?branch=1-4-stable
|
165
|
-
[🚎sec-pol]: https://
|
169
|
+
[🚎sec-pol]: https://gitlab.com/oauth-xx/oauth2/-/blob/main/SECURITY.md
|
166
170
|
[🚎sec-pol-img]: https://img.shields.io/badge/security-policy-brightgreen.svg?style=flat
|
167
171
|
[🖐codeQL]: https://github.com/oauth-xx/oauth2/security/code-scanning
|
168
172
|
[🖐codeQL-img]: https://github.com/oauth-xx/oauth2/actions/workflows/codeql-analysis.yml/badge.svg
|
173
|
+
[🧮cov-wf]: https://github.com/oauth-xx/oauth2/actions/workflows/coverage.yml
|
174
|
+
[🧮cov-wf-img]: https://github.com/oauth-xx/oauth2/actions/workflows/coverage.yml/badge.svg
|
169
175
|
|
170
176
|
<!-- 6️⃣ resources -->
|
171
|
-
[⛳
|
172
|
-
[⛳
|
177
|
+
[⛳gg-discussions]: https://groups.google.com/g/oauth-ruby
|
178
|
+
[⛳gg-discussions-img]: https://img.shields.io/badge/google-group-purple.svg?style=flat
|
173
179
|
[🖇codementor]: https://www.codementor.io/peterboling?utm_source=github&utm_medium=button&utm_term=peterboling&utm_campaign=github
|
174
180
|
[🖇codementor-img]: https://cdn.codementor.io/badges/get_help_github.svg
|
175
181
|
[🏘chat]: https://gitter.im/oauth-xx/oauth2
|
176
182
|
[🏘chat-img]: https://img.shields.io/gitter/room/oauth-xx/oauth2.svg
|
177
183
|
[🚎blog]: http://www.railsbling.com/tags/oauth2/
|
178
184
|
[🚎blog-img]: https://img.shields.io/badge/blog-railsbling-brightgreen.svg?style=flat
|
179
|
-
[🖐wiki]: https://
|
185
|
+
[🖐wiki]: https://gitlab.com/oauth-xx/oauth2/-/wikis/home
|
180
186
|
[🖐wiki-img]: https://img.shields.io/badge/wiki-examples-brightgreen.svg?style=flat
|
181
187
|
|
182
188
|
<!-- 7️⃣ spread 💖 -->
|
@@ -193,31 +199,61 @@ The link tokens in the following sections should be kept ordered by the row and
|
|
193
199
|
[aboutme]: https://about.me/peter.boling
|
194
200
|
[angelme]: https://angel.co/peter-boling
|
195
201
|
[coderme]:http://coderwall.com/pboling
|
196
|
-
[politicme]: https://nationalprogressiveparty.org
|
197
|
-
|
198
202
|
|
199
203
|
## Installation
|
200
204
|
|
201
|
-
|
202
|
-
gem install oauth2
|
203
|
-
```
|
205
|
+
Install the gem and add to the application's Gemfile by executing:
|
204
206
|
|
205
|
-
|
207
|
+
$ bundle add oauth2
|
206
208
|
|
207
|
-
|
208
|
-
|
209
|
-
|
210
|
-
|
211
|
-
|
212
|
-
bundle
|
213
|
-
```
|
209
|
+
If bundler is not being used to manage dependencies, install the gem by executing:
|
210
|
+
|
211
|
+
$ gem install oauth2
|
212
|
+
|
213
|
+
## OAuth2 for Enterprise
|
214
214
|
|
215
|
+
Available as part of the Tidelift Subscription.
|
216
|
+
|
217
|
+
The maintainers of OAuth2 and thousands of other packages are working with Tidelift to deliver commercial support and maintenance for the open source packages you use to build your applications. Save time, reduce risk, and improve code health, while paying the maintainers of the exact packages you use. [Learn more.][tidelift-ref]
|
218
|
+
|
219
|
+
[tidelift-ref]: https://tidelift.com/subscription/pkg/rubygems-oauth2?utm_source=rubygems-oauth2&utm_medium=referral&utm_campaign=enterprise
|
220
|
+
|
221
|
+
## Security contact information
|
222
|
+
|
223
|
+
To report a security vulnerability, please use the [Tidelift security contact](https://tidelift.com/security).
|
224
|
+
Tidelift will coordinate the fix and disclosure.
|
225
|
+
|
226
|
+
For more see [SECURITY.md][🚎sec-pol].
|
227
|
+
|
228
|
+
## Why should you upgrade to version v2.0?
|
229
|
+
|
230
|
+
- Officially support Ruby versions >= 2.7
|
231
|
+
- Unofficially support Ruby versions >= 2.5
|
232
|
+
- Incidentally support Ruby versions >= 2.2
|
233
|
+
- Drop support for the expired MAC Draft (all versions)
|
234
|
+
- Support IETF rfc7523 JWT Bearer Tokens
|
235
|
+
- Support IETF rfc7231 Relative Location in Redirect
|
236
|
+
- Support IETF rfc6749 Don't set oauth params when nil
|
237
|
+
- Support [OIDC 1.0 Private Key JWT](https://openid.net/specs/openid-connect-core-1_0.html#ClientAuthentication); based on the OAuth JWT assertion specification [(RFC 7523)](https://tools.ietf.org/html/rfc7523)
|
238
|
+
- Support new formats, including from [jsonapi.org](http://jsonapi.org/format/): `application/vdn.api+json`, `application/vnd.collection+json`, `application/hal+json`, `application/problem+json`
|
239
|
+
- Adds new option to `OAuth2::Client#get_token`:
|
240
|
+
- `:access_token_class` (`AccessToken`); user specified class to use for all calls to `get_token`
|
241
|
+
- Adds new option to `OAuth2::AccessToken#initialize`:
|
242
|
+
- `:expires_latency` (`nil`); number of seconds by which AccessToken validity will be reduced to offset latency
|
243
|
+
- By default, keys are transformed to camel case.
|
244
|
+
- Original keys will still work as previously, in most scenarios, thanks to `rash_alt` gem.
|
245
|
+
- However, this is a _breaking_ change if you rely on `response.parsed.to_h`, as the keys in the result will be camel case.
|
246
|
+
- As of version 2.0.4 you can turn key transformation off with the `snaky: false` option.
|
247
|
+
- By default, the `:auth_scheme` is now `:basic_auth` (instead of `:request_body`)
|
248
|
+
- Third-party strategies and gems may need to be updated if a provider was requiring client id/secret in the request body
|
249
|
+
- [... A lot more](https://gitlab.com/oauth-xx/oauth2/-/blob/main/CHANGELOG.md#2.0.0)
|
215
250
|
|
216
251
|
## Compatibility
|
217
252
|
|
218
|
-
Targeted ruby compatibility is
|
219
|
-
|
220
|
-
|
253
|
+
Targeted ruby compatibility is 2.7, 3.0 and 3.1. Compatibility is further distinguished by
|
254
|
+
supported and unsupported versions of Ruby.
|
255
|
+
This gem will work with Ruby versions back to 1.9, though it remains unsupported.
|
256
|
+
Ruby is limited to 1.9+ in the gemspec for the 1.4.x series and is be 2.2+ for next major version releases (see `master` branch).
|
221
257
|
|
222
258
|
<details>
|
223
259
|
<summary>Ruby Engine Compatibility Policy</summary>
|
@@ -226,8 +262,7 @@ This gem is tested against MRI, JRuby, and Truffleruby.
|
|
226
262
|
Each of those has varying versions that target a specific version of MRI Ruby.
|
227
263
|
This gem should work in the just-listed Ruby engines according to the targeted MRI compatibility in the table below.
|
228
264
|
If you would like to add support for additional engines,
|
229
|
-
|
230
|
-
then submit a PR to the correct maintenance branch as according to the table below.
|
265
|
+
see `gemfiles/README.md`, then submit a PR to the correct maintenance branch as according to the table below.
|
231
266
|
</details>
|
232
267
|
|
233
268
|
<details>
|
@@ -247,13 +282,13 @@ fashion. If critical issues for a particular implementation exist at the time
|
|
247
282
|
of a major release, support for that Ruby version may be dropped.
|
248
283
|
</details>
|
249
284
|
|
250
|
-
| | Ruby
|
251
|
-
|
252
|
-
| 1️⃣ | 2.0.x
|
253
|
-
| 2️⃣ | 1.4.x
|
254
|
-
| 3️⃣ | older
|
285
|
+
| | Ruby OAuth2 Version | Maintenance Branch | Supported Officially | Supported Unofficially | Supported Incidentally |
|
286
|
+
|:----|---------------------|--------------------|-------------------------|------------------------|------------------------|
|
287
|
+
| 1️⃣ | 2.0.x | `main` | 2.7, 3.0, 3.1 | 2.5, 2.6 | 2.2, 2.3, 2.4 |
|
288
|
+
| 2️⃣ | 1.4.x | `1-4-stable` | 2.5, 2.6, 2.7, 3.0, 3.1 | 2.1, 2.2, 2.3, 2.4 | 1.9, 2.0 |
|
289
|
+
| 3️⃣ | older | N/A | Best of luck to you! | Please upgrade! | |
|
255
290
|
|
256
|
-
NOTE:
|
291
|
+
NOTE: The 1.4 series will only receive critical security updates.
|
257
292
|
See [SECURITY.md][🚎sec-pol]
|
258
293
|
|
259
294
|
## Usage Examples
|
@@ -389,20 +424,28 @@ spec.add_dependency 'oauth2', '~> 1.4'
|
|
389
424
|
|
390
425
|
[![FOSSA Status](https://app.fossa.io/api/projects/git%2Bgithub.com%2Foauth-xx%2Foauth2.svg?type=large)][fossa2]
|
391
426
|
|
392
|
-
[license]: https://
|
393
|
-
[oauth-xx]: https://
|
427
|
+
[license]: https://gitlab.com/oauth-xx/oauth2/-/blob/main/LICENSE
|
428
|
+
[oauth-xx]: https://gitlab.com/oauth-xx
|
394
429
|
[fossa2]: https://app.fossa.io/projects/git%2Bgithub.com%2Foauth-xx%2Foauth2?ref=badge_large
|
395
430
|
|
396
431
|
## Development
|
397
432
|
|
398
|
-
After checking out the repo, run `
|
433
|
+
After checking out the repo, run `bin/setup` to install dependencies. Then, run `rake spec` to run the tests. You can also run `bin/console` for an interactive prompt that will allow you to experiment.
|
399
434
|
|
400
435
|
To install this gem onto your local machine, run `bundle exec rake install`. To release a new version, update the version number in `version.rb`, and then run `bundle exec rake release`, which will create a git tag for the version, push git commits and tags, and push the `.gem` file to [rubygems.org](https://rubygems.org).
|
401
436
|
|
402
437
|
## Contributing
|
403
438
|
|
404
|
-
|
439
|
+
See [CONTRIBUTING.md][contributing]
|
440
|
+
|
441
|
+
[contributing]: https://gitlab.com/oauth-xx/oauth2/-/blob/main/CONTRIBUTING.md
|
442
|
+
|
443
|
+
## Contributors
|
444
|
+
|
445
|
+
[![Contributors](https://contrib.rocks/image?repo=oauth-xx/oauth2)]("https://gitlab.com/oauth-xx/oauth2/-/graphs/main")
|
446
|
+
|
447
|
+
Made with [contributors-img](https://contrib.rocks).
|
405
448
|
|
406
449
|
## Code of Conduct
|
407
450
|
|
408
|
-
Everyone interacting in the OAuth2 project’s codebases, issue trackers, chat rooms and mailing lists is expected to follow the [code of conduct](https://
|
451
|
+
Everyone interacting in the OAuth2 project’s codebases, issue trackers, chat rooms and mailing lists is expected to follow the [code of conduct](https://gitlab.com/oauth-xx/oauth2/-/blob/main/CODE_OF_CONDUCT.md).
|
data/SECURITY.md
ADDED
@@ -0,0 +1,26 @@
|
|
1
|
+
# Security Policy
|
2
|
+
|
3
|
+
## Supported Versions
|
4
|
+
|
5
|
+
| Version | Supported | EOL | Post-EOL / Enterprise |
|
6
|
+
|----------|-----------|---------|---------------------------------------|
|
7
|
+
| 2.latest | ✅ | 04/2024 | [Tidelift Subscription][tidelift-ref] |
|
8
|
+
| 1.latest | ✅ | 04/2023 | [Tidelift Subscription][tidelift-ref] |
|
9
|
+
| <= 1 | ⛔ | ⛔ | ⛔ |
|
10
|
+
|
11
|
+
### EOL Policy
|
12
|
+
|
13
|
+
Non-commercial support for the oldest version of Ruby (which itself is going EOL) will be dropped each year in April.
|
14
|
+
|
15
|
+
## Reporting a Vulnerability
|
16
|
+
|
17
|
+
To report a security vulnerability, please use the [Tidelift security contact](https://tidelift.com/security).
|
18
|
+
Tidelift will coordinate the fix and disclosure.
|
19
|
+
|
20
|
+
## OAuth2 for Enterprise
|
21
|
+
|
22
|
+
Available as part of the Tidelift Subscription.
|
23
|
+
|
24
|
+
The maintainers of oauth2 and thousands of other packages are working with Tidelift to deliver commercial support and maintenance for the open source packages you use to build your applications. Save time, reduce risk, and improve code health, while paying the maintainers of the exact packages you use. [Learn more.][tidelift-ref]
|
25
|
+
|
26
|
+
[tidelift-ref]: https://tidelift.com/subscription/pkg/rubygems-oauth2?utm_source=rubygems-oauth2&utm_medium=referral&utm_campaign=enterprise&utm_term=repo
|
data/lib/oauth2/client.rb
CHANGED
@@ -100,7 +100,7 @@ module OAuth2
|
|
100
100
|
# code response for this request. Will default to client option
|
101
101
|
# @option opts [Symbol] :parse @see Response::initialize
|
102
102
|
# @yield [req] The Faraday request
|
103
|
-
def request(verb, url, opts = {}) # rubocop:disable Metrics/
|
103
|
+
def request(verb, url, opts = {}) # rubocop:disable Metrics/AbcSize
|
104
104
|
url = connection.build_url(url).to_s
|
105
105
|
|
106
106
|
begin
|
@@ -185,7 +185,7 @@ module OAuth2
|
|
185
185
|
response_contains_token = access_token || (
|
186
186
|
response.parsed.is_a?(Hash) &&
|
187
187
|
(response.parsed['access_token'] || response.parsed['id_token'])
|
188
|
-
|
188
|
+
)
|
189
189
|
|
190
190
|
if options[:raise_errors] && !response_contains_token
|
191
191
|
error = Error.new(response)
|
data/lib/oauth2/mac_token.rb
CHANGED
@@ -62,7 +62,7 @@ module OAuth2
|
|
62
62
|
# @param [String] url the HTTP URL path of the request
|
63
63
|
def header(verb, url)
|
64
64
|
timestamp = Time.now.utc.to_i
|
65
|
-
nonce = Digest::
|
65
|
+
nonce = Digest::SHA256.hexdigest([timestamp, SecureRandom.hex].join(':'))
|
66
66
|
|
67
67
|
uri = URI.parse(url)
|
68
68
|
|