oidc_provider 0.1.0 → 0.3.3

checksums.yaml

@@ -1,7 +1,7 @@
 ---
-SHA1:
-  metadata.gz: f9ecb70ab0d1be5f3dae4837a3e073a1360e0bba
-  data.tar.gz: 0e1f83398394d4441377dd28e48401ccfcd891f9
+SHA256:
+  metadata.gz: af88d7a1a90be16f18a1725d75375b20b2b0b7586436f092832d039e4ca799db
+  data.tar.gz: 837fd66a06796b8e61339bd65315b1cec835aa8c4562b1c78d1ef4c1e7962b34
 SHA512:
-  metadata.gz: 05b71caa7fe69bd7162beb297d509e586f2e5a37f1520b5362549e8a31aeb0a654269f80fb24bac832fd4991a0634d59a481cd58fa36b62a50e65ddfc1d3df2f
-  data.tar.gz: '088d8b1ceb4d00dbc3de928187017e9f72505f73e15564a519083addb9409e9b814f31199b7c32bb1d20494bb5932bea3f477a9f204de4572576ab3d16c2f90e'
+  metadata.gz: 269012396cb7b2b8f4d433bedfdec0e672783f15fd491e0f57a286efdc53c17caddcc9dd52ec68db1474f0c63dfa44e6272886a2d6283d0e492456594a8f8a1c
+  data.tar.gz: 148d4541487dafcb2386f3acc0071b5bab1c711a4ed8d7f732fd9ea145134b34f3f6c1f3829ff6098483f4ad78f0e0bf7b3d0161b412ad3002cecd09ecb791a5

data/README.md

@@ -1,5 +1,5 @@
 # OIDCProvider
-Short description and motivation.
+A Rails engine for providing OpenID Connect authorization. Uses the openid_connect gem to turn a Rails app into an OpenID Connect provider.
 
 ## Usage
 Use your application as an Open ID provider.
@@ -49,7 +49,15 @@ $ ssh-keygen
 
 Due to Docker Composes' lack of support for multiline `.env` variables, put a passphrase on it. Then add the key to your application at `lib/oidc_provider_key.pem` and add the passphrase as an environment variables in your application: `ENV["OIDC_PROVIDER_KEY_PASSPHRASE"]`.
 
-# Testing configuration
+# Testing
+
+Visit: https://demo.c2id.com/oidc-client/
+
+Click "Client details"
+
+Copy and paste the client ID, secret, and redirection URI into your `config/initializers/oidc_provider.rb` config for a new client.
+
+# Testing Provider Details
 
 Visit: https://demo.c2id.com/oidc-client/
 
@@ -59,6 +67,20 @@ Put in your website as the issuer and click "Query"
 
 You should see values generated for all 4 endpoints below.
 
+# Testing Access
+
+Visit: https://demo.c2id.com/oidc-client/
+
+Click "Authenticate end-user"
+
+Click "Log in with OpenID Connect". You should see the following headings:
+
+* OpenID authentication response
+* Token response
+* Provider public RSA JSON Web Key (JWK)
+* ID token
+* UserInfo (with your email in there)
+
 
 ## Contributing
 Contribution directions go here.
@@ -70,6 +92,5 @@ The gem is available as open source under the terms of the [MIT License](https:/
 
 ```
 gem build oidc_provider.gemspec
-gem push channel_research_stationery-2.10.gem
-gem yank -v 2.10 channel_research_stationery
+gem push oidc_provider-0.3.2.gem
 ```

data/app/controllers/oidc_provider/authorizations_controller.rb

@@ -13,7 +13,7 @@ module OIDCProvider
         client_id: @client.identifier,
         nonce: oauth_request.nonce,
         scopes: requested_scopes,
-        account: current_account
+        account: oidc_current_account
       )
 
       oauth_response.code = authorization.code

data/app/controllers/oidc_provider/concerns/authentication.rb

@@ -1,7 +1,7 @@
 module OIDCProvider
   module Concerns
     module Authentication
-      def current_account
+      def oidc_current_account
         send(OIDCProvider.current_account_method)
       end
 
@@ -10,7 +10,7 @@ module OIDCProvider
       end
 
       def require_authentication
-        authenticate_user!
+        send(OIDCProvider.current_authentication_method)
       end
 
       def require_access_token

data/app/controllers/oidc_provider/discovery_controller.rb

@@ -27,10 +27,11 @@ module OIDCProvider
     def openid_configuration
       config = OpenIDConnect::Discovery::Provider::Config::Response.new(
         issuer: OIDCProvider.issuer,
-        authorization_endpoint: authorizations_url,
-        token_endpoint: tokens_url,
-        userinfo_endpoint: user_info_url,
-        jwks_uri: jwks_url,
+        authorization_endpoint: authorizations_url(host: OIDCProvider.issuer),
+        token_endpoint: tokens_url(host: OIDCProvider.issuer),
+        userinfo_endpoint: user_info_url(host: OIDCProvider.issuer),
+        end_session_endpoint: end_session_url(host: OIDCProvider.issuer),
+        jwks_uri: jwks_url(host: OIDCProvider.issuer),
         scopes_supported: ["openid"] + OIDCProvider.supported_scopes.map(&:name),
         response_types_supported: [:code],
         grant_types_supported: [:authorization_code],

data/app/controllers/oidc_provider/sessions_controller.rb

@@ -0,0 +1,10 @@
+module OIDCProvider
+  class SessionsController < ApplicationController
+    before_action :require_authentication
+
+    def destroy
+      unauthenticate!
+      redirect_to root_url
+    end
+  end
+end

data/config/routes.rb

@@ -1,6 +1,7 @@
 OIDCProvider::Engine.routes.draw do
   match 'authorizations' => 'authorizations#create', via: [:get, :post]
   resource :user_info, only: :show
+  get 'sessions/logout', to: 'sessions#destroy', as: :end_session
 
   post 'tokens', to: proc { |env| OIDCProvider::TokenEndpoint.new.call(env) }
   get 'jwks.json', as: :jwks, to: proc { |env| [200, {'Content-Type' => 'application/json'}, [OIDCProvider::IdToken.config[:jwk_set].to_json]] }

data/lib/oidc_provider.rb

@@ -31,6 +31,9 @@ module OIDCProvider
   mattr_accessor :current_account_method
   @@current_account_method = :current_user
 
+  mattr_accessor :current_authentication_method
+  @@current_authentication_method = :authenticate_user!
+
   mattr_accessor :account_identifier
   @@account_identifier = :id
 

data/lib/oidc_provider/version.rb

@@ -1,3 +1,3 @@
 module OIDCProvider
-  VERSION = '0.1.0'
+  VERSION = '0.3.3'
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: oidc_provider
 version: !ruby/object:Gem::Version
-  version: 0.1.0
+  version: 0.3.3
 platform: ruby
 authors:
 - William Carey
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2018-08-28 00:00:00.000000000 Z
+date: 2020-10-09 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rails
@@ -53,6 +53,7 @@ files:
 - app/controllers/oidc_provider/concerns/authentication.rb
 - app/controllers/oidc_provider/concerns/connect_endpoint.rb
 - app/controllers/oidc_provider/discovery_controller.rb
+- app/controllers/oidc_provider/sessions_controller.rb
 - app/controllers/oidc_provider/user_infos_controller.rb
 - app/models/oidc_provider/access_token.rb
 - app/models/oidc_provider/application_record.rb
@@ -94,7 +95,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubyforge_project: 
-rubygems_version: 2.5.2
+rubygems_version: 2.7.6.2
 signing_key: 
 specification_version: 4
 summary: Uses the openid_connect gem to turn a Rails app into an OpenID Connect provider.