oidc_provider 0.2.0 → 0.3.4
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +5 -5
- data/README.md +1 -1
- data/app/controllers/oidc_provider/authorizations_controller.rb +1 -1
- data/app/controllers/oidc_provider/concerns/authentication.rb +6 -2
- data/app/controllers/oidc_provider/discovery_controller.rb +5 -4
- data/app/controllers/oidc_provider/sessions_controller.rb +10 -0
- data/app/models/oidc_provider/access_token.rb +2 -5
- data/app/models/oidc_provider/authorization.rb +2 -5
- data/app/models/oidc_provider/id_token.rb +1 -4
- data/config/routes.rb +1 -0
- data/lib/oidc_provider.rb +6 -0
- data/lib/oidc_provider/version.rb +1 -1
- metadata +4 -3
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
|
-
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
2
|
+
SHA256:
|
|
3
|
+
metadata.gz: 870b6649344b4113019e2690061f7dc6d09b20cb5fc88a5fd6ac26ec7c5626ad
|
|
4
|
+
data.tar.gz: 7854f39520f20e47c58b6421549ee82696a8ed358be2266e1f91097ce6b2e9cc
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: fcd437edb297d48443801da04f658950591862462bd7f17c317b035f69e342b81a87ea92680a314027bb5ee0b1078e6db6503b0b587d26f38a31f78153ed9c0c
|
|
7
|
+
data.tar.gz: c95958f9cc40d67b8a2a0e86d8f222343732a063ba71e24420d91751e05d78615a9dbc0c9b2b36173b117381ea83b902b9cf98d966469642080d449b011f5b6f
|
data/README.md
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
module OIDCProvider
|
|
2
2
|
module Concerns
|
|
3
3
|
module Authentication
|
|
4
|
-
def
|
|
4
|
+
def oidc_current_account
|
|
5
5
|
send(OIDCProvider.current_account_method)
|
|
6
6
|
end
|
|
7
7
|
|
|
@@ -10,7 +10,7 @@ module OIDCProvider
|
|
|
10
10
|
end
|
|
11
11
|
|
|
12
12
|
def require_authentication
|
|
13
|
-
|
|
13
|
+
send(OIDCProvider.current_authentication_method)
|
|
14
14
|
end
|
|
15
15
|
|
|
16
16
|
def require_access_token
|
|
@@ -18,6 +18,10 @@ module OIDCProvider
|
|
|
18
18
|
raise Rack::OAuth2::Server::Resource::Bearer::Unauthorized.new
|
|
19
19
|
end
|
|
20
20
|
end
|
|
21
|
+
|
|
22
|
+
def unauthenticate!
|
|
23
|
+
send(OIDCProvider.current_unauthenticate_method)
|
|
24
|
+
end
|
|
21
25
|
end
|
|
22
26
|
end
|
|
23
27
|
end
|
|
@@ -27,10 +27,11 @@ module OIDCProvider
|
|
|
27
27
|
def openid_configuration
|
|
28
28
|
config = OpenIDConnect::Discovery::Provider::Config::Response.new(
|
|
29
29
|
issuer: OIDCProvider.issuer,
|
|
30
|
-
authorization_endpoint: authorizations_url,
|
|
31
|
-
token_endpoint: tokens_url,
|
|
32
|
-
userinfo_endpoint: user_info_url,
|
|
33
|
-
|
|
30
|
+
authorization_endpoint: authorizations_url(host: OIDCProvider.issuer),
|
|
31
|
+
token_endpoint: tokens_url(host: OIDCProvider.issuer),
|
|
32
|
+
userinfo_endpoint: user_info_url(host: OIDCProvider.issuer),
|
|
33
|
+
end_session_endpoint: end_session_url(host: OIDCProvider.issuer),
|
|
34
|
+
jwks_uri: jwks_url(host: OIDCProvider.issuer),
|
|
34
35
|
scopes_supported: ["openid"] + OIDCProvider.supported_scopes.map(&:name),
|
|
35
36
|
response_types_supported: [:code],
|
|
36
37
|
grant_types_supported: [:authorization_code],
|
|
@@ -4,11 +4,8 @@ module OIDCProvider
|
|
|
4
4
|
|
|
5
5
|
scope :valid, -> { where(arel_table[:expires_at].gteq(Time.now.utc)) }
|
|
6
6
|
|
|
7
|
-
|
|
8
|
-
|
|
9
|
-
self.token = SecureRandom.hex 32
|
|
10
|
-
self.expires_at = 1.hour.from_now
|
|
11
|
-
end
|
|
7
|
+
attribute :token, :string, default: -> { SecureRandom.hex 32 }
|
|
8
|
+
attribute :expires_at, :datetime, default: -> { 1.hours.from_now }
|
|
12
9
|
|
|
13
10
|
def to_bearer_token
|
|
14
11
|
Rack::OAuth2::AccessToken::Bearer.new(
|
|
@@ -6,11 +6,8 @@ module OIDCProvider
|
|
|
6
6
|
|
|
7
7
|
scope :valid, -> { where(arel_table[:expires_at].gteq(Time.now.utc)) }
|
|
8
8
|
|
|
9
|
-
|
|
10
|
-
|
|
11
|
-
self.code = SecureRandom.hex 32
|
|
12
|
-
self.expires_at = 5.minutes.from_now
|
|
13
|
-
end
|
|
9
|
+
attribute :code, :string, default: -> { SecureRandom.hex 32 }
|
|
10
|
+
attribute :expires_at, :datetime, default: -> { 5.minutes.from_now }
|
|
14
11
|
|
|
15
12
|
serialize :scopes, JSON
|
|
16
13
|
|
|
@@ -2,10 +2,7 @@ module OIDCProvider
|
|
|
2
2
|
class IdToken < ApplicationRecord
|
|
3
3
|
belongs_to :authorization
|
|
4
4
|
|
|
5
|
-
|
|
6
|
-
def set_defaults
|
|
7
|
-
self.expires_at = 1.hour.from_now
|
|
8
|
-
end
|
|
5
|
+
attribute :expires_at, :datetime, default: -> { 1.hour.from_now }
|
|
9
6
|
|
|
10
7
|
delegate :account, to: :authorization
|
|
11
8
|
|
data/config/routes.rb
CHANGED
|
@@ -1,6 +1,7 @@
|
|
|
1
1
|
OIDCProvider::Engine.routes.draw do
|
|
2
2
|
match 'authorizations' => 'authorizations#create', via: [:get, :post]
|
|
3
3
|
resource :user_info, only: :show
|
|
4
|
+
get 'sessions/logout', to: 'sessions#destroy', as: :end_session
|
|
4
5
|
|
|
5
6
|
post 'tokens', to: proc { |env| OIDCProvider::TokenEndpoint.new.call(env) }
|
|
6
7
|
get 'jwks.json', as: :jwks, to: proc { |env| [200, {'Content-Type' => 'application/json'}, [OIDCProvider::IdToken.config[:jwk_set].to_json]] }
|
data/lib/oidc_provider.rb
CHANGED
|
@@ -31,6 +31,12 @@ module OIDCProvider
|
|
|
31
31
|
mattr_accessor :current_account_method
|
|
32
32
|
@@current_account_method = :current_user
|
|
33
33
|
|
|
34
|
+
mattr_accessor :current_authentication_method
|
|
35
|
+
@@current_authentication_method = :authenticate_user!
|
|
36
|
+
|
|
37
|
+
mattr_accessor :current_unauthenticate_method
|
|
38
|
+
@@current_unauthenticate_method = :sign_out
|
|
39
|
+
|
|
34
40
|
mattr_accessor :account_identifier
|
|
35
41
|
@@account_identifier = :id
|
|
36
42
|
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: oidc_provider
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.3.4
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- William Carey
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date:
|
|
11
|
+
date: 2020-10-09 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: rails
|
|
@@ -53,6 +53,7 @@ files:
|
|
|
53
53
|
- app/controllers/oidc_provider/concerns/authentication.rb
|
|
54
54
|
- app/controllers/oidc_provider/concerns/connect_endpoint.rb
|
|
55
55
|
- app/controllers/oidc_provider/discovery_controller.rb
|
|
56
|
+
- app/controllers/oidc_provider/sessions_controller.rb
|
|
56
57
|
- app/controllers/oidc_provider/user_infos_controller.rb
|
|
57
58
|
- app/models/oidc_provider/access_token.rb
|
|
58
59
|
- app/models/oidc_provider/application_record.rb
|
|
@@ -94,7 +95,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
94
95
|
version: '0'
|
|
95
96
|
requirements: []
|
|
96
97
|
rubyforge_project:
|
|
97
|
-
rubygems_version: 2.
|
|
98
|
+
rubygems_version: 2.7.6.2
|
|
98
99
|
signing_key:
|
|
99
100
|
specification_version: 4
|
|
100
101
|
summary: Uses the openid_connect gem to turn a Rails app into an OpenID Connect provider.
|