oauth_im 0.7.4 → 0.8.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +16 -6
- data/app/controllers/oauth_im/client_controller.rb +0 -2
- data/app/services/oauth_im/token_decoder.rb +21 -5
- data/lib/oauth_im/configuration.rb +1 -0
- data/lib/oauth_im/version.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: be1d2aa7d9e5c1ac97a5e5aabd89671a48bfc2afc17c53276f961be0a29d357e
|
4
|
+
data.tar.gz: 64f150ae67c0b67efd6a8db20c1390bb69ca21f29837446ad07264947e8e863d
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 11624bb0650c05d8a5f63edee7b8918f6e043f6a4b6d15b25cd593da5940af18ab320a5d4587479ab96c836ef60b99b4e45f49fabfe3a08e23870dd1d1489499
|
7
|
+
data.tar.gz: 4018866ef76985ec65ccb37ab95e7e973caf0e8f07086a25ad3f55b2eb17659d130e75421466f60f8d526aa8929239c935d87fb905d7358edfceae6c81540ff5
|
data/README.md
CHANGED
@@ -40,16 +40,23 @@ module OauthIm
|
|
40
40
|
################################################
|
41
41
|
config.iss_domain = ENV.fetch 'FUSION_AUTH_ISS_DOMAIN', DEFAULT_ISS_DOMAIN
|
42
42
|
|
43
|
-
|
44
|
-
# on FA application OAuth tab #
|
45
|
-
|
43
|
+
####################################
|
44
|
+
# find on FA application OAuth tab #
|
45
|
+
####################################
|
46
46
|
config.client_id = ENV['FUSION_AUTH_CLIENT_ID']
|
47
47
|
config.client_secret = ENV['FUSION_AUTH_CLIENT_SECRET']
|
48
48
|
|
49
|
-
|
50
|
-
#
|
51
|
-
|
49
|
+
#################################################################################
|
50
|
+
# 1. Find signing key name on the app details name. #
|
51
|
+
# 2. Look up the key (by name) under Key Master tab under Settings: #
|
52
|
+
# https://illustrativemath-dev.fusionauth.io/admin/key/ #
|
53
|
+
# 3. The key should be either HMAC or RSA. #
|
54
|
+
# - If HMAC, view the Secret under Details. You will need to click to reveal. #
|
55
|
+
# - If RSA, copy the PEM encoded public key as-is. #
|
56
|
+
# Note: You don't need both keys --- TokenDecoder will use the one available. #
|
57
|
+
#################################################################################
|
52
58
|
config.hmac = ENV['FUSION_AUTH_HMAC']
|
59
|
+
config.rsa_public = ENV['FUSION_AUTH_RSA_PUBLIC]
|
53
60
|
end
|
54
61
|
end
|
55
62
|
```
|
@@ -142,6 +149,9 @@ After many false starts, this repo includes two (seemingly functional) github wo
|
|
142
149
|
you.
|
143
150
|
|
144
151
|
## Version History
|
152
|
+
### 0.8.0
|
153
|
+
* Allow RSA signing keys in addition to HMAC.
|
154
|
+
This is because Terraform creates RSA keys during runs.
|
145
155
|
### 0.7.4
|
146
156
|
* Use https protocol for callback in production; http otherwise
|
147
157
|
|
@@ -20,14 +20,30 @@ module OauthIm
|
|
20
20
|
private
|
21
21
|
|
22
22
|
delegate :configuration, to: OauthIm
|
23
|
-
delegate :hmac, :iss_domain, to: :configuration
|
23
|
+
delegate :hmac, :rsa_public, :iss_domain, to: :configuration
|
24
24
|
|
25
25
|
def decoded_token
|
26
|
-
@decoded_token ||= JWT.decode token,
|
26
|
+
@decoded_token ||= JWT.decode token, key, verify?, decode_params
|
27
27
|
end
|
28
28
|
|
29
|
-
def
|
30
|
-
|
29
|
+
def decode_using_hmac?
|
30
|
+
hmac.present?
|
31
|
+
end
|
32
|
+
|
33
|
+
def key
|
34
|
+
@key ||= decode_using_hmac? ? hmac : rsa_public_key
|
35
|
+
end
|
36
|
+
|
37
|
+
def rsa_public_key
|
38
|
+
@rsa_public_key ||= OpenSSL::PKey::RSA.new rsa_public
|
39
|
+
end
|
40
|
+
|
41
|
+
def algorithm
|
42
|
+
@algorithm ||= decode_using_hmac? ? 'HS256' : 'RS256'
|
43
|
+
end
|
44
|
+
|
45
|
+
def verify?
|
46
|
+
true
|
31
47
|
end
|
32
48
|
|
33
49
|
def verify_iss?
|
@@ -43,7 +59,7 @@ module OauthIm
|
|
43
59
|
iss: iss_domain,
|
44
60
|
verify_aud: verify_aud?,
|
45
61
|
aud: aud,
|
46
|
-
algorithm:
|
62
|
+
algorithm: algorithm }.freeze
|
47
63
|
end
|
48
64
|
end
|
49
65
|
end
|
data/lib/oauth_im/version.rb
CHANGED
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: oauth_im
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 0.8.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Eric Connally
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2022-05-
|
11
|
+
date: 2022-05-25 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: jwt
|