oidc_provider 0.1.0 → 0.3.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +5 -5
- data/README.md +25 -4
- data/app/controllers/oidc_provider/authorizations_controller.rb +1 -1
- data/app/controllers/oidc_provider/concerns/authentication.rb +2 -2
- data/app/controllers/oidc_provider/discovery_controller.rb +5 -4
- data/app/controllers/oidc_provider/sessions_controller.rb +10 -0
- data/config/routes.rb +1 -0
- data/lib/oidc_provider.rb +3 -0
- data/lib/oidc_provider/version.rb +1 -1
- metadata +4 -3
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
|
-
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
2
|
+
SHA256:
|
|
3
|
+
metadata.gz: af88d7a1a90be16f18a1725d75375b20b2b0b7586436f092832d039e4ca799db
|
|
4
|
+
data.tar.gz: 837fd66a06796b8e61339bd65315b1cec835aa8c4562b1c78d1ef4c1e7962b34
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 269012396cb7b2b8f4d433bedfdec0e672783f15fd491e0f57a286efdc53c17caddcc9dd52ec68db1474f0c63dfa44e6272886a2d6283d0e492456594a8f8a1c
|
|
7
|
+
data.tar.gz: 148d4541487dafcb2386f3acc0071b5bab1c711a4ed8d7f732fd9ea145134b34f3f6c1f3829ff6098483f4ad78f0e0bf7b3d0161b412ad3002cecd09ecb791a5
|
data/README.md
CHANGED
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
# OIDCProvider
|
|
2
|
-
|
|
2
|
+
A Rails engine for providing OpenID Connect authorization. Uses the openid_connect gem to turn a Rails app into an OpenID Connect provider.
|
|
3
3
|
|
|
4
4
|
## Usage
|
|
5
5
|
Use your application as an Open ID provider.
|
|
@@ -49,7 +49,15 @@ $ ssh-keygen
|
|
|
49
49
|
|
|
50
50
|
Due to Docker Composes' lack of support for multiline `.env` variables, put a passphrase on it. Then add the key to your application at `lib/oidc_provider_key.pem` and add the passphrase as an environment variables in your application: `ENV["OIDC_PROVIDER_KEY_PASSPHRASE"]`.
|
|
51
51
|
|
|
52
|
-
# Testing
|
|
52
|
+
# Testing
|
|
53
|
+
|
|
54
|
+
Visit: https://demo.c2id.com/oidc-client/
|
|
55
|
+
|
|
56
|
+
Click "Client details"
|
|
57
|
+
|
|
58
|
+
Copy and paste the client ID, secret, and redirection URI into your `config/initializers/oidc_provider.rb` config for a new client.
|
|
59
|
+
|
|
60
|
+
# Testing Provider Details
|
|
53
61
|
|
|
54
62
|
Visit: https://demo.c2id.com/oidc-client/
|
|
55
63
|
|
|
@@ -59,6 +67,20 @@ Put in your website as the issuer and click "Query"
|
|
|
59
67
|
|
|
60
68
|
You should see values generated for all 4 endpoints below.
|
|
61
69
|
|
|
70
|
+
# Testing Access
|
|
71
|
+
|
|
72
|
+
Visit: https://demo.c2id.com/oidc-client/
|
|
73
|
+
|
|
74
|
+
Click "Authenticate end-user"
|
|
75
|
+
|
|
76
|
+
Click "Log in with OpenID Connect". You should see the following headings:
|
|
77
|
+
|
|
78
|
+
* OpenID authentication response
|
|
79
|
+
* Token response
|
|
80
|
+
* Provider public RSA JSON Web Key (JWK)
|
|
81
|
+
* ID token
|
|
82
|
+
* UserInfo (with your email in there)
|
|
83
|
+
|
|
62
84
|
|
|
63
85
|
## Contributing
|
|
64
86
|
Contribution directions go here.
|
|
@@ -70,6 +92,5 @@ The gem is available as open source under the terms of the [MIT License](https:/
|
|
|
70
92
|
|
|
71
93
|
```
|
|
72
94
|
gem build oidc_provider.gemspec
|
|
73
|
-
gem push
|
|
74
|
-
gem yank -v 2.10 channel_research_stationery
|
|
95
|
+
gem push oidc_provider-0.3.2.gem
|
|
75
96
|
```
|
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
module OIDCProvider
|
|
2
2
|
module Concerns
|
|
3
3
|
module Authentication
|
|
4
|
-
def
|
|
4
|
+
def oidc_current_account
|
|
5
5
|
send(OIDCProvider.current_account_method)
|
|
6
6
|
end
|
|
7
7
|
|
|
@@ -10,7 +10,7 @@ module OIDCProvider
|
|
|
10
10
|
end
|
|
11
11
|
|
|
12
12
|
def require_authentication
|
|
13
|
-
|
|
13
|
+
send(OIDCProvider.current_authentication_method)
|
|
14
14
|
end
|
|
15
15
|
|
|
16
16
|
def require_access_token
|
|
@@ -27,10 +27,11 @@ module OIDCProvider
|
|
|
27
27
|
def openid_configuration
|
|
28
28
|
config = OpenIDConnect::Discovery::Provider::Config::Response.new(
|
|
29
29
|
issuer: OIDCProvider.issuer,
|
|
30
|
-
authorization_endpoint: authorizations_url,
|
|
31
|
-
token_endpoint: tokens_url,
|
|
32
|
-
userinfo_endpoint: user_info_url,
|
|
33
|
-
|
|
30
|
+
authorization_endpoint: authorizations_url(host: OIDCProvider.issuer),
|
|
31
|
+
token_endpoint: tokens_url(host: OIDCProvider.issuer),
|
|
32
|
+
userinfo_endpoint: user_info_url(host: OIDCProvider.issuer),
|
|
33
|
+
end_session_endpoint: end_session_url(host: OIDCProvider.issuer),
|
|
34
|
+
jwks_uri: jwks_url(host: OIDCProvider.issuer),
|
|
34
35
|
scopes_supported: ["openid"] + OIDCProvider.supported_scopes.map(&:name),
|
|
35
36
|
response_types_supported: [:code],
|
|
36
37
|
grant_types_supported: [:authorization_code],
|
data/config/routes.rb
CHANGED
|
@@ -1,6 +1,7 @@
|
|
|
1
1
|
OIDCProvider::Engine.routes.draw do
|
|
2
2
|
match 'authorizations' => 'authorizations#create', via: [:get, :post]
|
|
3
3
|
resource :user_info, only: :show
|
|
4
|
+
get 'sessions/logout', to: 'sessions#destroy', as: :end_session
|
|
4
5
|
|
|
5
6
|
post 'tokens', to: proc { |env| OIDCProvider::TokenEndpoint.new.call(env) }
|
|
6
7
|
get 'jwks.json', as: :jwks, to: proc { |env| [200, {'Content-Type' => 'application/json'}, [OIDCProvider::IdToken.config[:jwk_set].to_json]] }
|
data/lib/oidc_provider.rb
CHANGED
|
@@ -31,6 +31,9 @@ module OIDCProvider
|
|
|
31
31
|
mattr_accessor :current_account_method
|
|
32
32
|
@@current_account_method = :current_user
|
|
33
33
|
|
|
34
|
+
mattr_accessor :current_authentication_method
|
|
35
|
+
@@current_authentication_method = :authenticate_user!
|
|
36
|
+
|
|
34
37
|
mattr_accessor :account_identifier
|
|
35
38
|
@@account_identifier = :id
|
|
36
39
|
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: oidc_provider
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.3.3
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- William Carey
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date:
|
|
11
|
+
date: 2020-10-09 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: rails
|
|
@@ -53,6 +53,7 @@ files:
|
|
|
53
53
|
- app/controllers/oidc_provider/concerns/authentication.rb
|
|
54
54
|
- app/controllers/oidc_provider/concerns/connect_endpoint.rb
|
|
55
55
|
- app/controllers/oidc_provider/discovery_controller.rb
|
|
56
|
+
- app/controllers/oidc_provider/sessions_controller.rb
|
|
56
57
|
- app/controllers/oidc_provider/user_infos_controller.rb
|
|
57
58
|
- app/models/oidc_provider/access_token.rb
|
|
58
59
|
- app/models/oidc_provider/application_record.rb
|
|
@@ -94,7 +95,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
94
95
|
version: '0'
|
|
95
96
|
requirements: []
|
|
96
97
|
rubyforge_project:
|
|
97
|
-
rubygems_version: 2.
|
|
98
|
+
rubygems_version: 2.7.6.2
|
|
98
99
|
signing_key:
|
|
99
100
|
specification_version: 4
|
|
100
101
|
summary: Uses the openid_connect gem to turn a Rails app into an OpenID Connect provider.
|