oauth2 2.0.9 → 2.0.10

data/lib/oauth2/response.rb

@@ -1,8 +1,8 @@
 # frozen_string_literal: true
 
-require 'json'
-require 'multi_xml'
-require 'rack'
+require "json"
+require "multi_xml"
+require "rack"
 
 module OAuth2
   # OAuth2::Response class
@@ -23,8 +23,8 @@ module OAuth2
 
     # Content type assignments for various potential HTTP content types.
     @@content_types = {
-      'application/x-www-form-urlencoded' => :query,
-      'text/plain' => :text,
+      "application/x-www-form-urlencoded" => :query,
+      "text/plain" => :text,
     }
 
     # Adds a new content type parser.
@@ -68,7 +68,7 @@ module OAuth2
 
     # The HTTP response body
     def body
-      response.body || ''
+      response.body || ""
     end
 
     # The {#response} {#body} as parsed by {#parser}.
@@ -90,16 +90,19 @@ module OAuth2
           end
         end
 
-      @parsed = SnakyHash::StringKeyed.new(@parsed) if options[:snaky] && @parsed.is_a?(Hash)
+      if options[:snaky] && @parsed.is_a?(Hash)
+        parsed = SnakyHash::StringKeyed.new(@parsed)
+        @parsed = parsed.to_h
+      end
 
       @parsed
     end
 
     # Attempts to determine the content type of the response.
     def content_type
-      return nil unless response.headers
+      return unless response.headers
 
-      ((response.headers.values_at('content-type', 'Content-Type').compact.first || '').split(';').first || '').strip.downcase
+      ((response.headers.values_at("content-type", "Content-Type").compact.first || "").split(";").first || "").strip.downcase
     end
 
     # Determines the parser (a Proc or other Object which responds to #call)
@@ -133,16 +136,17 @@ module OAuth2
   end
 end
 
-OAuth2::Response.register_parser(:xml, ['text/xml', 'application/rss+xml', 'application/rdf+xml', 'application/atom+xml', 'application/xml']) do |body|
+OAuth2::Response.register_parser(:xml, ["text/xml", "application/rss+xml", "application/rdf+xml", "application/atom+xml", "application/xml"]) do |body|
   next body unless body.respond_to?(:to_str)
 
   MultiXml.parse(body)
 end
 
-OAuth2::Response.register_parser(:json, ['application/json', 'text/javascript', 'application/hal+json', 'application/vnd.collection+json', 'application/vnd.api+json', 'application/problem+json']) do |body|
+OAuth2::Response.register_parser(:json, ["application/json", "text/javascript", "application/hal+json", "application/vnd.collection+json", "application/vnd.api+json", "application/problem+json"]) do |body|
   next body unless body.respond_to?(:to_str)
 
-  body = body.dup.force_encoding(::Encoding::ASCII_8BIT) if body.respond_to?(:force_encoding)
+  body = body.dup.force_encoding(Encoding::ASCII_8BIT) if body.respond_to?(:force_encoding)
+  next body if body.respond_to?(:empty?) && body.empty?
 
-  ::JSON.parse(body)
+  JSON.parse(body)
 end

data/lib/oauth2/strategy/assertion.rb

@@ -1,6 +1,6 @@
 # frozen_string_literal: true
 
-require 'jwt'
+require "jwt"
 
 module OAuth2
   module Strategy
@@ -34,7 +34,7 @@ module OAuth2
       #
       # @raise [NotImplementedError]
       def authorize_url
-        raise(NotImplementedError, 'The authorization endpoint is not used in this strategy')
+        raise(NotImplementedError, "The authorization endpoint is not used in this strategy")
       end
 
       # Retrieve an access token given the specified client.
@@ -87,13 +87,13 @@ module OAuth2
 
       def build_request(assertion, request_opts = {})
         {
-          grant_type: 'urn:ietf:params:oauth:grant-type:jwt-bearer',
+          grant_type: "urn:ietf:params:oauth:grant-type:jwt-bearer",
           assertion: assertion,
         }.merge(request_opts)
       end
 
       def build_assertion(claims, encoding_opts)
-        raise ArgumentError.new(message: 'Please provide an encoding_opts hash with :algorithm and :key') if !encoding_opts.is_a?(Hash) || (%i[algorithm key] - encoding_opts.keys).any?
+        raise ArgumentError.new(message: "Please provide an encoding_opts hash with :algorithm and :key") if !encoding_opts.is_a?(Hash) || (%i[algorithm key] - encoding_opts.keys).any?
 
         JWT.encode(claims, encoding_opts[:key], encoding_opts[:algorithm])
       end

data/lib/oauth2/strategy/auth_code.rb

@@ -10,7 +10,7 @@ module OAuth2
       #
       # @param [Hash] params additional query parameters
       def authorize_params(params = {})
-        params.merge('response_type' => 'code', 'client_id' => @client.id)
+        params.merge("response_type" => "code", "client_id" => @client.id)
       end
 
       # The authorization URL endpoint of the provider
@@ -28,7 +28,7 @@ module OAuth2
       # @param [Hash] opts access_token_opts, @see Client#get_token
       # @note that you must also provide a :redirect_uri with most OAuth 2.0 providers
       def get_token(code, params = {}, opts = {})
-        params = {'grant_type' => 'authorization_code', 'code' => code}.merge(@client.redirection_params).merge(params)
+        params = {"grant_type" => "authorization_code", "code" => code}.merge(@client.redirection_params).merge(params)
         params_dup = params.dup
         params.each_key do |key|
           params_dup[key.to_s] = params_dup.delete(key) if key.is_a?(Symbol)
@@ -40,7 +40,7 @@ module OAuth2
     private
 
       def assert_valid_params(params)
-        raise(ArgumentError, 'client_secret is not allowed in authorize URL query params') if params.key?(:client_secret) || params.key?('client_secret')
+        raise(ArgumentError, "client_secret is not allowed in authorize URL query params") if params.key?(:client_secret) || params.key?("client_secret")
       end
     end
   end

data/lib/oauth2/strategy/client_credentials.rb

@@ -10,7 +10,7 @@ module OAuth2
       #
       # @raise [NotImplementedError]
       def authorize_url
-        raise(NotImplementedError, 'The authorization endpoint is not used in this strategy')
+        raise(NotImplementedError, "The authorization endpoint is not used in this strategy")
       end
 
       # Retrieve an access token given the specified client.
@@ -18,7 +18,7 @@ module OAuth2
       # @param [Hash] params additional params
       # @param [Hash] opts options
       def get_token(params = {}, opts = {})
-        params = params.merge('grant_type' => 'client_credentials')
+        params = params.merge("grant_type" => "client_credentials")
         @client.get_token(params, opts)
       end
     end

data/lib/oauth2/strategy/implicit.rb

@@ -10,7 +10,7 @@ module OAuth2
       #
       # @param [Hash] params additional query parameters
       def authorize_params(params = {})
-        params.merge('response_type' => 'token', 'client_id' => @client.id)
+        params.merge("response_type" => "token", "client_id" => @client.id)
       end
 
       # The authorization URL endpoint of the provider
@@ -25,13 +25,13 @@ module OAuth2
       #
       # @raise [NotImplementedError]
       def get_token(*)
-        raise(NotImplementedError, 'The token is accessed differently in this strategy')
+        raise(NotImplementedError, "The token is accessed differently in this strategy")
       end
 
     private
 
       def assert_valid_params(params)
-        raise(ArgumentError, 'client_secret is not allowed in authorize URL query params') if params.key?(:client_secret) || params.key?('client_secret')
+        raise(ArgumentError, "client_secret is not allowed in authorize URL query params") if params.key?(:client_secret) || params.key?("client_secret")
       end
     end
   end

data/lib/oauth2/strategy/password.rb

@@ -10,7 +10,7 @@ module OAuth2
       #
       # @raise [NotImplementedError]
       def authorize_url
-        raise(NotImplementedError, 'The authorization endpoint is not used in this strategy')
+        raise(NotImplementedError, "The authorization endpoint is not used in this strategy")
       end
 
       # Retrieve an access token given the specified End User username and password.
@@ -19,9 +19,11 @@ module OAuth2
       # @param [String] password the End User password
       # @param [Hash] params additional params
       def get_token(username, password, params = {}, opts = {})
-        params = {'grant_type' => 'password',
-                  'username' => username,
-                  'password' => password}.merge(params)
+        params = {
+          "grant_type" => "password",
+          "username" => username,
+          "password" => password,
+        }.merge(params)
         @client.get_token(params, opts)
       end
     end

data/lib/oauth2/version.rb

@@ -2,6 +2,6 @@
 
 module OAuth2
   module Version
-    VERSION = '2.0.9'.freeze
+    VERSION = "2.0.10"
   end
 end

data/lib/oauth2.rb

@@ -1,33 +1,38 @@
 # frozen_string_literal: true
 
 # includes modules from stdlib
-require 'cgi'
-require 'time'
+require "cgi"
+require "time"
 
 # third party gems
-require 'snaky_hash'
-require 'version_gem'
+require "snaky_hash"
+require "version_gem"
 
 # includes gem files
-require 'oauth2/version'
-require 'oauth2/error'
-require 'oauth2/authenticator'
-require 'oauth2/client'
-require 'oauth2/strategy/base'
-require 'oauth2/strategy/auth_code'
-require 'oauth2/strategy/implicit'
-require 'oauth2/strategy/password'
-require 'oauth2/strategy/client_credentials'
-require 'oauth2/strategy/assertion'
-require 'oauth2/access_token'
-require 'oauth2/response'
+require_relative "oauth2/version"
+require_relative "oauth2/filtered_attributes"
+require_relative "oauth2/error"
+require_relative "oauth2/authenticator"
+require_relative "oauth2/client"
+require_relative "oauth2/strategy/base"
+require_relative "oauth2/strategy/auth_code"
+require_relative "oauth2/strategy/implicit"
+require_relative "oauth2/strategy/password"
+require_relative "oauth2/strategy/client_credentials"
+require_relative "oauth2/strategy/assertion"
+require_relative "oauth2/access_token"
+require_relative "oauth2/response"
 
 # The namespace of this library
 module OAuth2
-  DEFAULT_CONFIG = SnakyHash::SymbolKeyed.new(silence_extra_tokens_warning: false)
+  OAUTH_DEBUG = ENV.fetch("OAUTH_DEBUG", "false").casecmp("true").zero?
+  DEFAULT_CONFIG = SnakyHash::SymbolKeyed.new(
+    silence_extra_tokens_warning: true,
+    silence_no_tokens_warning: true,
+  )
   @config = DEFAULT_CONFIG.dup
   class << self
-    attr_accessor :config
+    attr_reader :config
   end
   def configure
     yield @config