oauth2 1.1.0 → 1.2.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +4 -4
- data/lib/oauth2/access_token.rb +4 -2
- data/lib/oauth2/client.rb +3 -3
- data/lib/oauth2/error.rb +21 -5
- data/lib/oauth2/mac_token.rb +2 -2
- data/lib/oauth2/strategy/assertion.rb +12 -10
- data/lib/oauth2/strategy/client_credentials.rb +1 -1
- data/lib/oauth2/strategy/implicit.rb +1 -1
- data/lib/oauth2/strategy/password.rb +1 -1
- data/lib/oauth2/version.rb +1 -1
- data/oauth2.gemspec +1 -1
- metadata +2 -8
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 64323d2b66a74a3aba80fa955d23d280e64ede95
|
|
4
|
+
data.tar.gz: b5d9c12d616a0ccd67d15eed3b887cd6b1e174ec
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: d0c36b6f6f2a2b8db5d8aae0f7897ffa6de5321ee06064f757f523ca144a119befde42d13943f4507848999adc0f68b011534ddd64258210dbabbcfa6c83e34b
|
|
7
|
+
data.tar.gz: 8aef0531493683b4b9fc390a545e297e1107611d76363486acc473925264337438992b3f7b288a546e17685a7d198e306fc8b2d4f3dc153c1acd1f20f7e6cca7
|
data/README.md
CHANGED
|
@@ -106,12 +106,12 @@ implementations:
|
|
|
106
106
|
* Ruby 1.8.7
|
|
107
107
|
* Ruby 1.9.3
|
|
108
108
|
* Ruby 2.0.0
|
|
109
|
-
* Ruby 2.1
|
|
110
|
-
*
|
|
111
|
-
*
|
|
109
|
+
* Ruby 2.1
|
|
110
|
+
* Ruby 2.2
|
|
111
|
+
* Ruby 2.3
|
|
112
|
+
* [JRuby 9K][]
|
|
112
113
|
|
|
113
114
|
[jruby]: http://jruby.org/
|
|
114
|
-
[rubinius]: http://rubini.us/
|
|
115
115
|
|
|
116
116
|
If something doesn't work on one of these interpreters, it's a bug.
|
|
117
117
|
|
data/lib/oauth2/access_token.rb
CHANGED
|
@@ -10,6 +10,7 @@ module OAuth2
|
|
|
10
10
|
# @param [Hash] a hash of AccessToken property values
|
|
11
11
|
# @return [AccessToken] the initalized AccessToken
|
|
12
12
|
def from_hash(client, hash)
|
|
13
|
+
hash = hash.dup
|
|
13
14
|
new(client, hash.delete('access_token') || hash.delete(:access_token), hash)
|
|
14
15
|
end
|
|
15
16
|
|
|
@@ -39,6 +40,7 @@ module OAuth2
|
|
|
39
40
|
def initialize(client, token, opts = {}) # rubocop:disable Metrics/AbcSize
|
|
40
41
|
@client = client
|
|
41
42
|
@token = token.to_s
|
|
43
|
+
opts = opts.dup
|
|
42
44
|
[:refresh_token, :expires_in, :expires_at].each do |arg|
|
|
43
45
|
instance_variable_set("@#{arg}", opts.delete(arg) || opts.delete(arg.to_s))
|
|
44
46
|
end
|
|
@@ -78,7 +80,7 @@ module OAuth2
|
|
|
78
80
|
# @return [AccessToken] a new AccessToken
|
|
79
81
|
# @note options should be carried over to the new AccessToken
|
|
80
82
|
def refresh!(params = {})
|
|
81
|
-
|
|
83
|
+
raise('A refresh_token is not available') unless refresh_token
|
|
82
84
|
params[:client_id] = @client.id
|
|
83
85
|
params[:client_secret] = @client.secret
|
|
84
86
|
params[:grant_type] = 'refresh_token'
|
|
@@ -166,7 +168,7 @@ module OAuth2
|
|
|
166
168
|
end
|
|
167
169
|
# @todo support for multi-part (file uploads)
|
|
168
170
|
else
|
|
169
|
-
|
|
171
|
+
raise("invalid :mode option of #{options[:mode]}")
|
|
170
172
|
end
|
|
171
173
|
end
|
|
172
174
|
end
|
data/lib/oauth2/client.rb
CHANGED
|
@@ -110,12 +110,12 @@ module OAuth2
|
|
|
110
110
|
response
|
|
111
111
|
when 400..599
|
|
112
112
|
error = Error.new(response)
|
|
113
|
-
|
|
113
|
+
raise(error) if opts.fetch(:raise_errors, options[:raise_errors])
|
|
114
114
|
response.error = error
|
|
115
115
|
response
|
|
116
116
|
else
|
|
117
117
|
error = Error.new(response)
|
|
118
|
-
|
|
118
|
+
raise(error, "Unhandled status code value of #{response.status}")
|
|
119
119
|
end
|
|
120
120
|
end
|
|
121
121
|
|
|
@@ -137,7 +137,7 @@ module OAuth2
|
|
|
137
137
|
end
|
|
138
138
|
response = request(options[:token_method], token_url, opts)
|
|
139
139
|
error = Error.new(response)
|
|
140
|
-
|
|
140
|
+
raise(error) if options[:raise_errors] && !(response.parsed.is_a?(Hash) && response.parsed['access_token'])
|
|
141
141
|
access_token_class.from_hash(self, response.parsed.merge(access_token_opts))
|
|
142
142
|
end
|
|
143
143
|
|
data/lib/oauth2/error.rb
CHANGED
|
@@ -8,17 +8,33 @@ module OAuth2
|
|
|
8
8
|
response.error = self
|
|
9
9
|
@response = response
|
|
10
10
|
|
|
11
|
-
message = []
|
|
12
|
-
|
|
13
11
|
if response.parsed.is_a?(Hash)
|
|
14
12
|
@code = response.parsed['error']
|
|
15
13
|
@description = response.parsed['error_description']
|
|
16
|
-
|
|
14
|
+
error_description = "#{@code}: #{@description}"
|
|
17
15
|
end
|
|
18
16
|
|
|
19
|
-
|
|
17
|
+
super(error_message(response.body, :error_description => error_description))
|
|
18
|
+
end
|
|
19
|
+
|
|
20
|
+
# Makes a error message
|
|
21
|
+
# @param [String] response_body response body of request
|
|
22
|
+
# @param [String] opts :error_description error description to show first line
|
|
23
|
+
def error_message(response_body, opts = {})
|
|
24
|
+
message = []
|
|
25
|
+
|
|
26
|
+
opts[:error_description] && message << opts[:error_description]
|
|
27
|
+
|
|
28
|
+
error_message = if opts[:error_description] && opts[:error_description].respond_to?(:encoding)
|
|
29
|
+
script_encoding = opts[:error_description].encoding
|
|
30
|
+
response_body.encode(script_encoding)
|
|
31
|
+
else
|
|
32
|
+
response_body
|
|
33
|
+
end
|
|
34
|
+
|
|
35
|
+
message << error_message
|
|
20
36
|
|
|
21
|
-
|
|
37
|
+
message.join("\n")
|
|
22
38
|
end
|
|
23
39
|
end
|
|
24
40
|
end
|
data/lib/oauth2/mac_token.rb
CHANGED
|
@@ -64,7 +64,7 @@ module OAuth2
|
|
|
64
64
|
|
|
65
65
|
uri = URI.parse(url)
|
|
66
66
|
|
|
67
|
-
|
|
67
|
+
raise(ArgumentError, "could not parse \"#{url}\" into URI") unless uri.is_a?(URI::HTTP)
|
|
68
68
|
|
|
69
69
|
mac = signature(timestamp, nonce, verb, uri)
|
|
70
70
|
|
|
@@ -102,7 +102,7 @@ module OAuth2
|
|
|
102
102
|
when 'hmac-sha-256'
|
|
103
103
|
OpenSSL::Digest::SHA256.new
|
|
104
104
|
else
|
|
105
|
-
|
|
105
|
+
raise(ArgumentError, 'Unsupported algorithm')
|
|
106
106
|
end
|
|
107
107
|
end
|
|
108
108
|
end
|
|
@@ -25,7 +25,7 @@ module OAuth2
|
|
|
25
25
|
#
|
|
26
26
|
# @raise [NotImplementedError]
|
|
27
27
|
def authorize_url
|
|
28
|
-
|
|
28
|
+
raise(NotImplementedError, 'The authorization endpoint is not used in this strategy')
|
|
29
29
|
end
|
|
30
30
|
|
|
31
31
|
# Retrieve an access token given the specified client.
|
|
@@ -49,19 +49,21 @@ module OAuth2
|
|
|
49
49
|
|
|
50
50
|
def build_request(params)
|
|
51
51
|
assertion = build_assertion(params)
|
|
52
|
-
{
|
|
53
|
-
|
|
54
|
-
|
|
55
|
-
|
|
52
|
+
{
|
|
53
|
+
:grant_type => 'assertion',
|
|
54
|
+
:assertion_type => 'urn:ietf:params:oauth:grant-type:jwt-bearer',
|
|
55
|
+
:assertion => assertion,
|
|
56
|
+
:scope => params[:scope],
|
|
56
57
|
}.merge(client_params)
|
|
57
58
|
end
|
|
58
59
|
|
|
59
60
|
def build_assertion(params)
|
|
60
|
-
claims = {
|
|
61
|
-
|
|
62
|
-
|
|
63
|
-
|
|
64
|
-
|
|
61
|
+
claims = {
|
|
62
|
+
:iss => params[:iss],
|
|
63
|
+
:aud => params[:aud],
|
|
64
|
+
:prn => params[:prn],
|
|
65
|
+
:exp => params[:exp],
|
|
66
|
+
}
|
|
65
67
|
if params[:hmac_secret]
|
|
66
68
|
JWT.encode(claims, params[:hmac_secret], 'HS256')
|
|
67
69
|
elsif params[:private_key]
|
|
@@ -10,7 +10,7 @@ module OAuth2
|
|
|
10
10
|
#
|
|
11
11
|
# @raise [NotImplementedError]
|
|
12
12
|
def authorize_url
|
|
13
|
-
|
|
13
|
+
raise(NotImplementedError, 'The authorization endpoint is not used in this strategy')
|
|
14
14
|
end
|
|
15
15
|
|
|
16
16
|
# Retrieve an access token given the specified client.
|
|
@@ -22,7 +22,7 @@ module OAuth2
|
|
|
22
22
|
#
|
|
23
23
|
# @raise [NotImplementedError]
|
|
24
24
|
def get_token(*)
|
|
25
|
-
|
|
25
|
+
raise(NotImplementedError, 'The token is accessed differently in this strategy')
|
|
26
26
|
end
|
|
27
27
|
end
|
|
28
28
|
end
|
|
@@ -8,7 +8,7 @@ module OAuth2
|
|
|
8
8
|
#
|
|
9
9
|
# @raise [NotImplementedError]
|
|
10
10
|
def authorize_url
|
|
11
|
-
|
|
11
|
+
raise(NotImplementedError, 'The authorization endpoint is not used in this strategy')
|
|
12
12
|
end
|
|
13
13
|
|
|
14
14
|
# Retrieve an access token given the specified End User username and password.
|
data/lib/oauth2/version.rb
CHANGED
data/oauth2.gemspec
CHANGED
|
@@ -5,7 +5,7 @@ require 'oauth2/version'
|
|
|
5
5
|
|
|
6
6
|
Gem::Specification.new do |spec|
|
|
7
7
|
spec.add_dependency 'faraday', ['>= 0.8', '< 0.10']
|
|
8
|
-
spec.add_dependency 'jwt', '~> 1.0'
|
|
8
|
+
spec.add_dependency 'jwt', '~> 1.0'
|
|
9
9
|
spec.add_dependency 'multi_json', '~> 1.3'
|
|
10
10
|
spec.add_dependency 'multi_xml', '~> 0.5'
|
|
11
11
|
spec.add_dependency 'rack', ['>= 1.2', '< 3']
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: oauth2
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.
|
|
4
|
+
version: 1.2.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Michael Bleigh
|
|
@@ -9,7 +9,7 @@ authors:
|
|
|
9
9
|
autorequire:
|
|
10
10
|
bindir: bin
|
|
11
11
|
cert_chain: []
|
|
12
|
-
date: 2016-01
|
|
12
|
+
date: 2016-07-01 00:00:00.000000000 Z
|
|
13
13
|
dependencies:
|
|
14
14
|
- !ruby/object:Gem::Dependency
|
|
15
15
|
name: faraday
|
|
@@ -38,9 +38,6 @@ dependencies:
|
|
|
38
38
|
- - "~>"
|
|
39
39
|
- !ruby/object:Gem::Version
|
|
40
40
|
version: '1.0'
|
|
41
|
-
- - "<"
|
|
42
|
-
- !ruby/object:Gem::Version
|
|
43
|
-
version: 1.5.2
|
|
44
41
|
type: :runtime
|
|
45
42
|
prerelease: false
|
|
46
43
|
version_requirements: !ruby/object:Gem::Requirement
|
|
@@ -48,9 +45,6 @@ dependencies:
|
|
|
48
45
|
- - "~>"
|
|
49
46
|
- !ruby/object:Gem::Version
|
|
50
47
|
version: '1.0'
|
|
51
|
-
- - "<"
|
|
52
|
-
- !ruby/object:Gem::Version
|
|
53
|
-
version: 1.5.2
|
|
54
48
|
- !ruby/object:Gem::Dependency
|
|
55
49
|
name: multi_json
|
|
56
50
|
requirement: !ruby/object:Gem::Requirement
|