oidc_provider 0.1.0 → 0.2.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 41bdbed874e8113e65850159b35a33a11a2b9a8d
|
|
4
|
+
data.tar.gz: fe9d64dee100c3db0f904093547ef53f1de75100
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 11d61e2c1235091847cc52d681fc2e5814cc8b52aa88d25edb4946362d24ab2c145ef743f5bd2ce1b99b47a810a1bd0bb3c3023ebcdaf6f7e652024c1c743094
|
|
7
|
+
data.tar.gz: b0a8161350e3d45e813ab53cbf85e8ed9904f2c5aab96500873893138685b0bc65f8925aad26e4fd1b59a0fd8b7720e080fe1cb8feb9f825f61af3e167a057a0
|
data/README.md
CHANGED
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
# OIDCProvider
|
|
2
|
-
|
|
2
|
+
A Rails engine for providing OpenID Connect authorization. Uses the openid_connect gem to turn a Rails app into an OpenID Connect provider.
|
|
3
3
|
|
|
4
4
|
## Usage
|
|
5
5
|
Use your application as an Open ID provider.
|
|
@@ -49,7 +49,15 @@ $ ssh-keygen
|
|
|
49
49
|
|
|
50
50
|
Due to Docker Composes' lack of support for multiline `.env` variables, put a passphrase on it. Then add the key to your application at `lib/oidc_provider_key.pem` and add the passphrase as an environment variables in your application: `ENV["OIDC_PROVIDER_KEY_PASSPHRASE"]`.
|
|
51
51
|
|
|
52
|
-
# Testing
|
|
52
|
+
# Testing
|
|
53
|
+
|
|
54
|
+
Visit: https://demo.c2id.com/oidc-client/
|
|
55
|
+
|
|
56
|
+
Click "Client details"
|
|
57
|
+
|
|
58
|
+
Copy and paste the client ID, secret, and redirection URI into your `config/initializers/oidc_provider.rb` config for a new client.
|
|
59
|
+
|
|
60
|
+
# Testing Provider Details
|
|
53
61
|
|
|
54
62
|
Visit: https://demo.c2id.com/oidc-client/
|
|
55
63
|
|
|
@@ -59,6 +67,20 @@ Put in your website as the issuer and click "Query"
|
|
|
59
67
|
|
|
60
68
|
You should see values generated for all 4 endpoints below.
|
|
61
69
|
|
|
70
|
+
# Testing Access
|
|
71
|
+
|
|
72
|
+
Visit: https://demo.c2id.com/oidc-client/
|
|
73
|
+
|
|
74
|
+
Click "Authenticate end-user"
|
|
75
|
+
|
|
76
|
+
Click "Log in with OpenID Connect". You should see the following headings:
|
|
77
|
+
|
|
78
|
+
* OpenID authentication response
|
|
79
|
+
* Token response
|
|
80
|
+
* Provider public RSA JSON Web Key (JWK)
|
|
81
|
+
* ID token
|
|
82
|
+
* UserInfo (with your email in there)
|
|
83
|
+
|
|
62
84
|
|
|
63
85
|
## Contributing
|
|
64
86
|
Contribution directions go here.
|
|
@@ -70,6 +92,5 @@ The gem is available as open source under the terms of the [MIT License](https:/
|
|
|
70
92
|
|
|
71
93
|
```
|
|
72
94
|
gem build oidc_provider.gemspec
|
|
73
|
-
gem push
|
|
74
|
-
gem yank -v 2.10 channel_research_stationery
|
|
95
|
+
gem push oidc_provider-0.1.0.gem
|
|
75
96
|
```
|
|
@@ -4,8 +4,11 @@ module OIDCProvider
|
|
|
4
4
|
|
|
5
5
|
scope :valid, -> { where(arel_table[:expires_at].gteq(Time.now.utc)) }
|
|
6
6
|
|
|
7
|
-
|
|
8
|
-
|
|
7
|
+
after_initialize :set_defaults, unless: :persisted? # The set_defaults will only work if the object is new
|
|
8
|
+
def set_defaults
|
|
9
|
+
self.token = SecureRandom.hex 32
|
|
10
|
+
self.expires_at = 1.hour.from_now
|
|
11
|
+
end
|
|
9
12
|
|
|
10
13
|
def to_bearer_token
|
|
11
14
|
Rack::OAuth2::AccessToken::Bearer.new(
|
|
@@ -6,8 +6,11 @@ module OIDCProvider
|
|
|
6
6
|
|
|
7
7
|
scope :valid, -> { where(arel_table[:expires_at].gteq(Time.now.utc)) }
|
|
8
8
|
|
|
9
|
-
|
|
10
|
-
|
|
9
|
+
after_initialize :set_defaults, unless: :persisted? # The set_defaults will only work if the object is new
|
|
10
|
+
def set_defaults
|
|
11
|
+
self.code = SecureRandom.hex 32
|
|
12
|
+
self.expires_at = 5.minutes.from_now
|
|
13
|
+
end
|
|
11
14
|
|
|
12
15
|
serialize :scopes, JSON
|
|
13
16
|
|
|
@@ -2,7 +2,10 @@ module OIDCProvider
|
|
|
2
2
|
class IdToken < ApplicationRecord
|
|
3
3
|
belongs_to :authorization
|
|
4
4
|
|
|
5
|
-
|
|
5
|
+
after_initialize :set_defaults, unless: :persisted? # The set_defaults will only work if the object is new
|
|
6
|
+
def set_defaults
|
|
7
|
+
self.expires_at = 1.hour.from_now
|
|
8
|
+
end
|
|
6
9
|
|
|
7
10
|
delegate :account, to: :authorization
|
|
8
11
|
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: oidc_provider
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.2.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- William Carey
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2018-08-
|
|
11
|
+
date: 2018-08-31 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: rails
|