oauth2 2.0.4 → 2.0.5

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: fc4158398289799f1200f2706539766ebcec6b3be4c861427d9b11fb6f6a8d8f
4
- data.tar.gz: cd7bec320053ae8d114f9c3f730ce7252872b2fbf0b4c716d5447ac1642b7e7e
3
+ metadata.gz: b016b4a0d35d5e6b17d60c9417f7a456b78a38462120fff7d68021235dee6f6d
4
+ data.tar.gz: 5627dc50a7dfc395f226a1209606aa63d1c8c9642ba6aba390f5ba3605567b33
5
5
  SHA512:
6
- metadata.gz: 57f0ddd1d875238c5b98e358cea1114fb09847c01af8231e2d6a6e6c70e928500bd3f2b45c566302f70481d802ff7db6b649105765692f7107542e49edf06e2b
7
- data.tar.gz: 13e0e6fcf0b7090bd5068c08522fc5ca52b8f719d230e7355334785e9795581c011b437b6eca4897f86d30ef7dd856f924a8a3e5b1488e7c99a7fa595973368b
6
+ metadata.gz: cbbfb987df74ec80833a13f2d7ae5fc090af533cfe3e0ce7146ed3f1dcec45159a8ac4447c0aacbc5ad2c9e8490d76a9c227dcb857b9fc2cc4a5b6b6634d1b41
7
+ data.tar.gz: ebf819a7fcfb1c66041bb01b46f023fcfd8cb06f1762ff938795faab71e4871d00986899c592465e8424ebd40eff1e90c6a85a77e4717f4211a07ec41a148144
data/CHANGELOG.md CHANGED
@@ -4,6 +4,16 @@ All notable changes to this project will be documented in this file.
4
4
  The format (since v2) is based on [Keep a Changelog v1](https://keepachangelog.com/en/1.0.0/),
5
5
  and this project adheres to [Semantic Versioning v2](https://semver.org/spec/v2.0.0.html).
6
6
 
7
+ ## [2.0.5] - 2022-07-07
8
+ ### Fixed
9
+ - [#620](https://github.com/oauth-xx/oauth2/pull/620) - Documentation improvements, to help with upgrading (@swanson)
10
+ - [#621](https://github.com/oauth-xx/oauth2/pull/621) - Fixed [#528](https://github.com/oauth-xx/oauth2/issues/528) and [#619](https://github.com/oauth-xx/oauth2/issues/619) (@pboling)
11
+ - All data in responses is now returned, with the access token removed and set as `token`
12
+ - `refresh_token` is no longer dropped
13
+ - **BREAKING**: Microsoft's `id_token` is no longer left as `access_token['id_token']`, but moved to the standard `access_token.token` that all other strategies use
14
+ - Remove `parse` and `snaky` from options so they don't get included in response
15
+ - There is now 100% test coverage, for lines _and_ branches, and it will stay that way.
16
+
7
17
  ## [2.0.4] - 2022-07-01
8
18
  ### Fixed
9
19
  - [#618](https://github.com/oauth-xx/oauth2/pull/618) - In some scenarios the `snaky` option default value was not applied (@pboling)
@@ -65,6 +75,10 @@ and this project adheres to [Semantic Versioning v2](https://semver.org/spec/v2.
65
75
  - [#414](https://github.com/oauth-xx/oauth2/pull/414) - Use Base64.strict_encode64 instead of custom internal logic (@meganemura)
66
76
  - [#489](https://github.com/oauth-xx/oauth2/pull/489) - **BREAKING**: Default value for option `OAuth2::Client` - `:authorize_url` removed leading slash to work with relative paths by default (`'oauth/authorize'`) (@ghost)
67
77
  - [#489](https://github.com/oauth-xx/oauth2/pull/489) - **BREAKING**: Default value for option `OAuth2::Client` - `:token_url` removed leading slash to work with relative paths by default (`'oauth/token'`) (@ghost)
78
+ - [#507](https://github.com/oauth-xx/oauth2/pull/507), [#575](https://github.com/oauth-xx/oauth2/pull/575) - **BREAKING**: Transform keys to camel case, always, by default (ultimately via `rash_alt` gem)
79
+ - Original keys will still work as previously, in most scenarios, thanks to `rash_alt` gem.
80
+ - However, this is a _breaking_ change if you rely on `response.parsed.to_h`, as the keys in the result will be camel case.
81
+ - As of version 2.0.4 you can turn key transformation off with the `snaky: false` option.
68
82
  - [#576](https://github.com/oauth-xx/oauth2/pull/576) - **BREAKING**: Stop rescuing parsing errors (@pboling)
69
83
  - [#591](https://github.com/oauth-xx/oauth2/pull/576) - _DEPRECATION_: `OAuth2::Client` - `:extract_access_token` option is deprecated
70
84
  ### Fixed
@@ -277,5 +291,6 @@ and this project adheres to [Semantic Versioning v2](https://semver.org/spec/v2.
277
291
  [2.0.2]: https://github.com/oauth-xx/oauth2/compare/v2.0.1...v2.0.2
278
292
  [2.0.3]: https://github.com/oauth-xx/oauth2/compare/v2.0.2...v2.0.3
279
293
  [2.0.4]: https://github.com/oauth-xx/oauth2/compare/v2.0.3...v2.0.4
280
- [Unreleased]: https://github.com/oauth-xx/oauth2/compare/v2.0.4...HEAD
294
+ [2.0.5]: https://github.com/oauth-xx/oauth2/compare/v2.0.4...v2.0.5
295
+ [Unreleased]: https://github.com/oauth-xx/oauth2/compare/v2.0.5...HEAD
281
296
  [gemfiles/readme]: gemfiles/README.md
data/README.md CHANGED
@@ -257,6 +257,12 @@ For more see [SECURITY.md][🚎sec-pol].
257
257
  - `:access_token_class` (`AccessToken`); user specified class to use for all calls to `get_token`
258
258
  - Adds new option to `OAuth2::AccessToken#initialize`:
259
259
  - `:expires_latency` (`nil`); number of seconds by which AccessToken validity will be reduced to offset latency
260
+ - By default, keys are transformed to camel case.
261
+ - Original keys will still work as previously, in most scenarios, thanks to `rash_alt` gem.
262
+ - However, this is a _breaking_ change if you rely on `response.parsed.to_h`, as the keys in the result will be camel case.
263
+ - As of version 2.0.4 you can turn key transformation off with the `snaky: false` option.
264
+ - By default, the `:auth_scheme` is now `:basic_auth` (instead of `:request_body`)
265
+ - Third-party strategies and gems may need to be updated if a provider was requiring client id/secret in the request body
260
266
  - [... A lot more](https://github.com/oauth-xx/oauth2/blob/master/CHANGELOG.md#2.0.0)
261
267
 
262
268
  ## Compatibility
@@ -517,7 +523,7 @@ To install this gem onto your local machine, run `bundle exec rake install`. To
517
523
 
518
524
  See [CONTRIBUTING.md][contributing]
519
525
 
520
- [contributing]: https://github.com/oauth-xx/oauth2/blob/main/CONTRIBUTING.md
526
+ [contributing]: https://github.com/oauth-xx/oauth2/blob/master/CONTRIBUTING.md
521
527
 
522
528
  ## Contributors
523
529
 
@@ -8,12 +8,18 @@ module OAuth2
8
8
  class << self
9
9
  # Initializes an AccessToken from a Hash
10
10
  #
11
- # @param client [Client] the OAuth2::Client instance
12
- # @param hash [Hash] a hash of AccessToken property values
11
+ # @param [Client] client the OAuth2::Client instance
12
+ # @param [Hash] hash a hash of AccessToken property values
13
+ # @option hash [String] 'access_token', 'id_token', 'token', :access_token, :id_token, or :token the access token
13
14
  # @return [AccessToken] the initialized AccessToken
14
15
  def from_hash(client, hash)
15
16
  hash = hash.dup
16
- new(client, hash.delete('access_token') || hash.delete(:access_token) || hash.delete('token') || hash.delete(:token), hash)
17
+ token = hash.delete('access_token') || hash.delete(:access_token) ||
18
+ hash.delete('id_token') || hash.delete(:id_token) ||
19
+ hash.delete('token') || hash.delete(:token) ||
20
+ hash.delete('accessToken') || hash.delete(:accessToken) ||
21
+ hash.delete('idToken') || hash.delete(:idToken)
22
+ new(client, token, hash)
17
23
  end
18
24
 
19
25
  # Initializes an AccessToken from a key/value application/x-www-form-urlencoded string
@@ -24,10 +30,6 @@ module OAuth2
24
30
  def from_kvform(client, kvform)
25
31
  from_hash(client, Rack::Utils.parse_query(kvform))
26
32
  end
27
-
28
- def contains_token?(hash)
29
- hash.key?('access_token') || hash.key?('id_token') || hash.key?('token')
30
- end
31
33
  end
32
34
 
33
35
  # Initialize an AccessToken
@@ -47,6 +49,11 @@ module OAuth2
47
49
  def initialize(client, token, opts = {})
48
50
  @client = client
49
51
  @token = token.to_s
52
+
53
+ if @client.options[:raise_errors] && (@token.nil? || @token.empty?)
54
+ error = Error.new(opts)
55
+ raise(error)
56
+ end
50
57
  opts = opts.dup
51
58
  %i[refresh_token expires_in expires_at expires_latency].each do |arg|
52
59
  instance_variable_set("@#{arg}", opts.delete(arg) || opts.delete(arg.to_s))
@@ -95,7 +102,11 @@ module OAuth2
95
102
  params[:refresh_token] = refresh_token
96
103
  new_token = @client.get_token(params, access_token_opts)
97
104
  new_token.options = options
98
- new_token.refresh_token = refresh_token unless new_token.refresh_token
105
+ if new_token.refresh_token
106
+ # Keep it, if there is one
107
+ else
108
+ new_token.refresh_token = refresh_token
109
+ end
99
110
  new_token
100
111
  end
101
112
  # A compatibility alias
data/lib/oauth2/client.rb CHANGED
@@ -165,10 +165,13 @@ module OAuth2
165
165
  end
166
166
  end.to_h
167
167
 
168
+ parse = params.key?(:parse) ? params.delete(:parse) : Response::DEFAULT_OPTIONS[:parse]
169
+ snaky = params.key?(:snaky) ? params.delete(:snaky) : Response::DEFAULT_OPTIONS[:snaky]
170
+
168
171
  request_opts = {
169
172
  raise_errors: options[:raise_errors],
170
- parse: params.fetch(:parse, Response::DEFAULT_OPTIONS[:parse]),
171
- snaky: params.fetch(:snaky, Response::DEFAULT_OPTIONS[:snaky]),
173
+ parse: parse,
174
+ snaky: snaky,
172
175
  }
173
176
  params = authenticator.apply(params)
174
177
  headers = params.delete(:headers) || {}
@@ -266,8 +269,8 @@ module OAuth2
266
269
  raise TimeoutError, e
267
270
  end
268
271
 
269
- parse = opts.fetch(:parse, Response::DEFAULT_OPTIONS[:parse])
270
- snaky = opts.fetch(:snaky, Response::DEFAULT_OPTIONS[:snaky])
272
+ parse = opts.key?(:parse) ? opts.delete(:parse) : Response::DEFAULT_OPTIONS[:parse]
273
+ snaky = opts.key?(:snaky) ? opts.delete(:snaky) : Response::DEFAULT_OPTIONS[:snaky]
271
274
 
272
275
  Response.new(response, parse: parse, snaky: snaky)
273
276
  end
@@ -296,7 +299,7 @@ module OAuth2
296
299
  access_token_class = options[:access_token_class]
297
300
  data = response.parsed
298
301
 
299
- unless data.is_a?(Hash) && access_token_class.contains_token?(data)
302
+ unless data.is_a?(Hash) && !data.empty?
300
303
  return unless options[:raise_errors]
301
304
 
302
305
  error = Error.new(response)
data/lib/oauth2/error.rb CHANGED
@@ -2,21 +2,29 @@
2
2
 
3
3
  module OAuth2
4
4
  class Error < StandardError
5
- attr_reader :response, :code, :description
5
+ attr_reader :response, :body, :code, :description
6
6
 
7
7
  # standard error codes include:
8
8
  # 'invalid_request', 'invalid_client', 'invalid_token', 'invalid_grant', 'unsupported_grant_type', 'invalid_scope'
9
+ # response might be a Response object, or the response.parsed hash
9
10
  def initialize(response)
10
11
  @response = response
11
- message_opts = {}
12
-
13
- if response.parsed.is_a?(Hash)
14
- @code = response.parsed['error']
15
- @description = response.parsed['error_description']
16
- message_opts = parse_error_description(@code, @description)
12
+ if response.respond_to?(:parsed)
13
+ if response.parsed.is_a?(Hash)
14
+ @code = response.parsed['error']
15
+ @description = response.parsed['error_description']
16
+ end
17
+ elsif response.is_a?(Hash)
18
+ @code = response['error']
19
+ @description = response['error_description']
17
20
  end
18
-
19
- super(error_message(response.body, message_opts))
21
+ @body = if response.respond_to?(:body)
22
+ response.body
23
+ else
24
+ @response
25
+ end
26
+ message_opts = parse_error_description(@code, @description)
27
+ super(error_message(@body, message_opts))
20
28
  end
21
29
 
22
30
  private
@@ -80,7 +80,7 @@ module OAuth2
80
80
  assertion = build_assertion(claims, encoding_opts)
81
81
  params = build_request(assertion, request_opts)
82
82
 
83
- @client.get_token(params, response_opts.merge('refresh_token' => nil))
83
+ @client.get_token(params, response_opts)
84
84
  end
85
85
 
86
86
  private
@@ -25,7 +25,7 @@ module OAuth2
25
25
  #
26
26
  # @param [String] code The Authorization Code value
27
27
  # @param [Hash] params additional params
28
- # @param [Hash] opts options
28
+ # @param [Hash] opts access_token_opts, @see Client#get_token
29
29
  # @note that you must also provide a :redirect_uri with most OAuth 2.0 providers
30
30
  def get_token(code, params = {}, opts = {})
31
31
  params = {'grant_type' => 'authorization_code', 'code' => code}.merge(@client.redirection_params).merge(params)
@@ -19,7 +19,7 @@ module OAuth2
19
19
  # @param [Hash] opts options
20
20
  def get_token(params = {}, opts = {})
21
21
  params = params.merge('grant_type' => 'client_credentials')
22
- @client.get_token(params, opts.merge('refresh_token' => nil))
22
+ @client.get_token(params, opts)
23
23
  end
24
24
  end
25
25
  end
@@ -2,6 +2,6 @@
2
2
 
3
3
  module OAuth2
4
4
  module Version
5
- VERSION = '2.0.4'.freeze
5
+ VERSION = '2.0.5'.freeze
6
6
  end
7
7
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: oauth2
3
3
  version: !ruby/object:Gem::Version
4
- version: 2.0.4
4
+ version: 2.0.5
5
5
  platform: ruby
6
6
  authors:
7
7
  - Peter Boling
@@ -10,7 +10,7 @@ authors:
10
10
  autorequire:
11
11
  bindir: exe
12
12
  cert_chain: []
13
- date: 2022-07-01 00:00:00.000000000 Z
13
+ date: 2022-07-07 00:00:00.000000000 Z
14
14
  dependencies:
15
15
  - !ruby/object:Gem::Dependency
16
16
  name: faraday
@@ -307,10 +307,10 @@ licenses:
307
307
  - MIT
308
308
  metadata:
309
309
  homepage_uri: https://github.com/oauth-xx/oauth2
310
- source_code_uri: https://github.com/oauth-xx/oauth2/tree/v2.0.4
311
- changelog_uri: https://github.com/oauth-xx/oauth2/blob/v2.0.4/CHANGELOG.md
310
+ source_code_uri: https://github.com/oauth-xx/oauth2/tree/v2.0.5
311
+ changelog_uri: https://github.com/oauth-xx/oauth2/blob/v2.0.5/CHANGELOG.md
312
312
  bug_tracker_uri: https://github.com/oauth-xx/oauth2/issues
313
- documentation_uri: https://www.rubydoc.info/gems/oauth2/2.0.4
313
+ documentation_uri: https://www.rubydoc.info/gems/oauth2/2.0.5
314
314
  wiki_uri: https://github.com/oauth-xx/oauth2/wiki
315
315
  rubygems_mfa_required: 'true'
316
316
  post_install_message: |2+