oidc_provider 0.2.0 → 0.3.4
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +5 -5
- data/README.md +1 -1
- data/app/controllers/oidc_provider/authorizations_controller.rb +1 -1
- data/app/controllers/oidc_provider/concerns/authentication.rb +6 -2
- data/app/controllers/oidc_provider/discovery_controller.rb +5 -4
- data/app/controllers/oidc_provider/sessions_controller.rb +10 -0
- data/app/models/oidc_provider/access_token.rb +2 -5
- data/app/models/oidc_provider/authorization.rb +2 -5
- data/app/models/oidc_provider/id_token.rb +1 -4
- data/config/routes.rb +1 -0
- data/lib/oidc_provider.rb +6 -0
- data/lib/oidc_provider/version.rb +1 -1
- metadata +4 -3
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
|
-
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
2
|
+
SHA256:
|
3
|
+
metadata.gz: 870b6649344b4113019e2690061f7dc6d09b20cb5fc88a5fd6ac26ec7c5626ad
|
4
|
+
data.tar.gz: 7854f39520f20e47c58b6421549ee82696a8ed358be2266e1f91097ce6b2e9cc
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: fcd437edb297d48443801da04f658950591862462bd7f17c317b035f69e342b81a87ea92680a314027bb5ee0b1078e6db6503b0b587d26f38a31f78153ed9c0c
|
7
|
+
data.tar.gz: c95958f9cc40d67b8a2a0e86d8f222343732a063ba71e24420d91751e05d78615a9dbc0c9b2b36173b117381ea83b902b9cf98d966469642080d449b011f5b6f
|
data/README.md
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
module OIDCProvider
|
2
2
|
module Concerns
|
3
3
|
module Authentication
|
4
|
-
def
|
4
|
+
def oidc_current_account
|
5
5
|
send(OIDCProvider.current_account_method)
|
6
6
|
end
|
7
7
|
|
@@ -10,7 +10,7 @@ module OIDCProvider
|
|
10
10
|
end
|
11
11
|
|
12
12
|
def require_authentication
|
13
|
-
|
13
|
+
send(OIDCProvider.current_authentication_method)
|
14
14
|
end
|
15
15
|
|
16
16
|
def require_access_token
|
@@ -18,6 +18,10 @@ module OIDCProvider
|
|
18
18
|
raise Rack::OAuth2::Server::Resource::Bearer::Unauthorized.new
|
19
19
|
end
|
20
20
|
end
|
21
|
+
|
22
|
+
def unauthenticate!
|
23
|
+
send(OIDCProvider.current_unauthenticate_method)
|
24
|
+
end
|
21
25
|
end
|
22
26
|
end
|
23
27
|
end
|
@@ -27,10 +27,11 @@ module OIDCProvider
|
|
27
27
|
def openid_configuration
|
28
28
|
config = OpenIDConnect::Discovery::Provider::Config::Response.new(
|
29
29
|
issuer: OIDCProvider.issuer,
|
30
|
-
authorization_endpoint: authorizations_url,
|
31
|
-
token_endpoint: tokens_url,
|
32
|
-
userinfo_endpoint: user_info_url,
|
33
|
-
|
30
|
+
authorization_endpoint: authorizations_url(host: OIDCProvider.issuer),
|
31
|
+
token_endpoint: tokens_url(host: OIDCProvider.issuer),
|
32
|
+
userinfo_endpoint: user_info_url(host: OIDCProvider.issuer),
|
33
|
+
end_session_endpoint: end_session_url(host: OIDCProvider.issuer),
|
34
|
+
jwks_uri: jwks_url(host: OIDCProvider.issuer),
|
34
35
|
scopes_supported: ["openid"] + OIDCProvider.supported_scopes.map(&:name),
|
35
36
|
response_types_supported: [:code],
|
36
37
|
grant_types_supported: [:authorization_code],
|
@@ -4,11 +4,8 @@ module OIDCProvider
|
|
4
4
|
|
5
5
|
scope :valid, -> { where(arel_table[:expires_at].gteq(Time.now.utc)) }
|
6
6
|
|
7
|
-
|
8
|
-
|
9
|
-
self.token = SecureRandom.hex 32
|
10
|
-
self.expires_at = 1.hour.from_now
|
11
|
-
end
|
7
|
+
attribute :token, :string, default: -> { SecureRandom.hex 32 }
|
8
|
+
attribute :expires_at, :datetime, default: -> { 1.hours.from_now }
|
12
9
|
|
13
10
|
def to_bearer_token
|
14
11
|
Rack::OAuth2::AccessToken::Bearer.new(
|
@@ -6,11 +6,8 @@ module OIDCProvider
|
|
6
6
|
|
7
7
|
scope :valid, -> { where(arel_table[:expires_at].gteq(Time.now.utc)) }
|
8
8
|
|
9
|
-
|
10
|
-
|
11
|
-
self.code = SecureRandom.hex 32
|
12
|
-
self.expires_at = 5.minutes.from_now
|
13
|
-
end
|
9
|
+
attribute :code, :string, default: -> { SecureRandom.hex 32 }
|
10
|
+
attribute :expires_at, :datetime, default: -> { 5.minutes.from_now }
|
14
11
|
|
15
12
|
serialize :scopes, JSON
|
16
13
|
|
@@ -2,10 +2,7 @@ module OIDCProvider
|
|
2
2
|
class IdToken < ApplicationRecord
|
3
3
|
belongs_to :authorization
|
4
4
|
|
5
|
-
|
6
|
-
def set_defaults
|
7
|
-
self.expires_at = 1.hour.from_now
|
8
|
-
end
|
5
|
+
attribute :expires_at, :datetime, default: -> { 1.hour.from_now }
|
9
6
|
|
10
7
|
delegate :account, to: :authorization
|
11
8
|
|
data/config/routes.rb
CHANGED
@@ -1,6 +1,7 @@
|
|
1
1
|
OIDCProvider::Engine.routes.draw do
|
2
2
|
match 'authorizations' => 'authorizations#create', via: [:get, :post]
|
3
3
|
resource :user_info, only: :show
|
4
|
+
get 'sessions/logout', to: 'sessions#destroy', as: :end_session
|
4
5
|
|
5
6
|
post 'tokens', to: proc { |env| OIDCProvider::TokenEndpoint.new.call(env) }
|
6
7
|
get 'jwks.json', as: :jwks, to: proc { |env| [200, {'Content-Type' => 'application/json'}, [OIDCProvider::IdToken.config[:jwk_set].to_json]] }
|
data/lib/oidc_provider.rb
CHANGED
@@ -31,6 +31,12 @@ module OIDCProvider
|
|
31
31
|
mattr_accessor :current_account_method
|
32
32
|
@@current_account_method = :current_user
|
33
33
|
|
34
|
+
mattr_accessor :current_authentication_method
|
35
|
+
@@current_authentication_method = :authenticate_user!
|
36
|
+
|
37
|
+
mattr_accessor :current_unauthenticate_method
|
38
|
+
@@current_unauthenticate_method = :sign_out
|
39
|
+
|
34
40
|
mattr_accessor :account_identifier
|
35
41
|
@@account_identifier = :id
|
36
42
|
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: oidc_provider
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 0.3.4
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- William Carey
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date:
|
11
|
+
date: 2020-10-09 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: rails
|
@@ -53,6 +53,7 @@ files:
|
|
53
53
|
- app/controllers/oidc_provider/concerns/authentication.rb
|
54
54
|
- app/controllers/oidc_provider/concerns/connect_endpoint.rb
|
55
55
|
- app/controllers/oidc_provider/discovery_controller.rb
|
56
|
+
- app/controllers/oidc_provider/sessions_controller.rb
|
56
57
|
- app/controllers/oidc_provider/user_infos_controller.rb
|
57
58
|
- app/models/oidc_provider/access_token.rb
|
58
59
|
- app/models/oidc_provider/application_record.rb
|
@@ -94,7 +95,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
94
95
|
version: '0'
|
95
96
|
requirements: []
|
96
97
|
rubyforge_project:
|
97
|
-
rubygems_version: 2.
|
98
|
+
rubygems_version: 2.7.6.2
|
98
99
|
signing_key:
|
99
100
|
specification_version: 4
|
100
101
|
summary: Uses the openid_connect gem to turn a Rails app into an OpenID Connect provider.
|