oidc_provider 0.1.0 → 0.3.3
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +5 -5
- data/README.md +25 -4
- data/app/controllers/oidc_provider/authorizations_controller.rb +1 -1
- data/app/controllers/oidc_provider/concerns/authentication.rb +2 -2
- data/app/controllers/oidc_provider/discovery_controller.rb +5 -4
- data/app/controllers/oidc_provider/sessions_controller.rb +10 -0
- data/config/routes.rb +1 -0
- data/lib/oidc_provider.rb +3 -0
- data/lib/oidc_provider/version.rb +1 -1
- metadata +4 -3
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
|
-
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
2
|
+
SHA256:
|
3
|
+
metadata.gz: af88d7a1a90be16f18a1725d75375b20b2b0b7586436f092832d039e4ca799db
|
4
|
+
data.tar.gz: 837fd66a06796b8e61339bd65315b1cec835aa8c4562b1c78d1ef4c1e7962b34
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 269012396cb7b2b8f4d433bedfdec0e672783f15fd491e0f57a286efdc53c17caddcc9dd52ec68db1474f0c63dfa44e6272886a2d6283d0e492456594a8f8a1c
|
7
|
+
data.tar.gz: 148d4541487dafcb2386f3acc0071b5bab1c711a4ed8d7f732fd9ea145134b34f3f6c1f3829ff6098483f4ad78f0e0bf7b3d0161b412ad3002cecd09ecb791a5
|
data/README.md
CHANGED
@@ -1,5 +1,5 @@
|
|
1
1
|
# OIDCProvider
|
2
|
-
|
2
|
+
A Rails engine for providing OpenID Connect authorization. Uses the openid_connect gem to turn a Rails app into an OpenID Connect provider.
|
3
3
|
|
4
4
|
## Usage
|
5
5
|
Use your application as an Open ID provider.
|
@@ -49,7 +49,15 @@ $ ssh-keygen
|
|
49
49
|
|
50
50
|
Due to Docker Composes' lack of support for multiline `.env` variables, put a passphrase on it. Then add the key to your application at `lib/oidc_provider_key.pem` and add the passphrase as an environment variables in your application: `ENV["OIDC_PROVIDER_KEY_PASSPHRASE"]`.
|
51
51
|
|
52
|
-
# Testing
|
52
|
+
# Testing
|
53
|
+
|
54
|
+
Visit: https://demo.c2id.com/oidc-client/
|
55
|
+
|
56
|
+
Click "Client details"
|
57
|
+
|
58
|
+
Copy and paste the client ID, secret, and redirection URI into your `config/initializers/oidc_provider.rb` config for a new client.
|
59
|
+
|
60
|
+
# Testing Provider Details
|
53
61
|
|
54
62
|
Visit: https://demo.c2id.com/oidc-client/
|
55
63
|
|
@@ -59,6 +67,20 @@ Put in your website as the issuer and click "Query"
|
|
59
67
|
|
60
68
|
You should see values generated for all 4 endpoints below.
|
61
69
|
|
70
|
+
# Testing Access
|
71
|
+
|
72
|
+
Visit: https://demo.c2id.com/oidc-client/
|
73
|
+
|
74
|
+
Click "Authenticate end-user"
|
75
|
+
|
76
|
+
Click "Log in with OpenID Connect". You should see the following headings:
|
77
|
+
|
78
|
+
* OpenID authentication response
|
79
|
+
* Token response
|
80
|
+
* Provider public RSA JSON Web Key (JWK)
|
81
|
+
* ID token
|
82
|
+
* UserInfo (with your email in there)
|
83
|
+
|
62
84
|
|
63
85
|
## Contributing
|
64
86
|
Contribution directions go here.
|
@@ -70,6 +92,5 @@ The gem is available as open source under the terms of the [MIT License](https:/
|
|
70
92
|
|
71
93
|
```
|
72
94
|
gem build oidc_provider.gemspec
|
73
|
-
gem push
|
74
|
-
gem yank -v 2.10 channel_research_stationery
|
95
|
+
gem push oidc_provider-0.3.2.gem
|
75
96
|
```
|
@@ -1,7 +1,7 @@
|
|
1
1
|
module OIDCProvider
|
2
2
|
module Concerns
|
3
3
|
module Authentication
|
4
|
-
def
|
4
|
+
def oidc_current_account
|
5
5
|
send(OIDCProvider.current_account_method)
|
6
6
|
end
|
7
7
|
|
@@ -10,7 +10,7 @@ module OIDCProvider
|
|
10
10
|
end
|
11
11
|
|
12
12
|
def require_authentication
|
13
|
-
|
13
|
+
send(OIDCProvider.current_authentication_method)
|
14
14
|
end
|
15
15
|
|
16
16
|
def require_access_token
|
@@ -27,10 +27,11 @@ module OIDCProvider
|
|
27
27
|
def openid_configuration
|
28
28
|
config = OpenIDConnect::Discovery::Provider::Config::Response.new(
|
29
29
|
issuer: OIDCProvider.issuer,
|
30
|
-
authorization_endpoint: authorizations_url,
|
31
|
-
token_endpoint: tokens_url,
|
32
|
-
userinfo_endpoint: user_info_url,
|
33
|
-
|
30
|
+
authorization_endpoint: authorizations_url(host: OIDCProvider.issuer),
|
31
|
+
token_endpoint: tokens_url(host: OIDCProvider.issuer),
|
32
|
+
userinfo_endpoint: user_info_url(host: OIDCProvider.issuer),
|
33
|
+
end_session_endpoint: end_session_url(host: OIDCProvider.issuer),
|
34
|
+
jwks_uri: jwks_url(host: OIDCProvider.issuer),
|
34
35
|
scopes_supported: ["openid"] + OIDCProvider.supported_scopes.map(&:name),
|
35
36
|
response_types_supported: [:code],
|
36
37
|
grant_types_supported: [:authorization_code],
|
data/config/routes.rb
CHANGED
@@ -1,6 +1,7 @@
|
|
1
1
|
OIDCProvider::Engine.routes.draw do
|
2
2
|
match 'authorizations' => 'authorizations#create', via: [:get, :post]
|
3
3
|
resource :user_info, only: :show
|
4
|
+
get 'sessions/logout', to: 'sessions#destroy', as: :end_session
|
4
5
|
|
5
6
|
post 'tokens', to: proc { |env| OIDCProvider::TokenEndpoint.new.call(env) }
|
6
7
|
get 'jwks.json', as: :jwks, to: proc { |env| [200, {'Content-Type' => 'application/json'}, [OIDCProvider::IdToken.config[:jwk_set].to_json]] }
|
data/lib/oidc_provider.rb
CHANGED
@@ -31,6 +31,9 @@ module OIDCProvider
|
|
31
31
|
mattr_accessor :current_account_method
|
32
32
|
@@current_account_method = :current_user
|
33
33
|
|
34
|
+
mattr_accessor :current_authentication_method
|
35
|
+
@@current_authentication_method = :authenticate_user!
|
36
|
+
|
34
37
|
mattr_accessor :account_identifier
|
35
38
|
@@account_identifier = :id
|
36
39
|
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: oidc_provider
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 0.3.3
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- William Carey
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date:
|
11
|
+
date: 2020-10-09 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: rails
|
@@ -53,6 +53,7 @@ files:
|
|
53
53
|
- app/controllers/oidc_provider/concerns/authentication.rb
|
54
54
|
- app/controllers/oidc_provider/concerns/connect_endpoint.rb
|
55
55
|
- app/controllers/oidc_provider/discovery_controller.rb
|
56
|
+
- app/controllers/oidc_provider/sessions_controller.rb
|
56
57
|
- app/controllers/oidc_provider/user_infos_controller.rb
|
57
58
|
- app/models/oidc_provider/access_token.rb
|
58
59
|
- app/models/oidc_provider/application_record.rb
|
@@ -94,7 +95,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
94
95
|
version: '0'
|
95
96
|
requirements: []
|
96
97
|
rubyforge_project:
|
97
|
-
rubygems_version: 2.
|
98
|
+
rubygems_version: 2.7.6.2
|
98
99
|
signing_key:
|
99
100
|
specification_version: 4
|
100
101
|
summary: Uses the openid_connect gem to turn a Rails app into an OpenID Connect provider.
|