oidc_provider 0.2.0 → 0.3.4

checksums.yaml

@@ -1,7 +1,7 @@
 ---
-SHA1:
-  metadata.gz: 41bdbed874e8113e65850159b35a33a11a2b9a8d
-  data.tar.gz: fe9d64dee100c3db0f904093547ef53f1de75100
+SHA256:
+  metadata.gz: 870b6649344b4113019e2690061f7dc6d09b20cb5fc88a5fd6ac26ec7c5626ad
+  data.tar.gz: 7854f39520f20e47c58b6421549ee82696a8ed358be2266e1f91097ce6b2e9cc
 SHA512:
-  metadata.gz: 11d61e2c1235091847cc52d681fc2e5814cc8b52aa88d25edb4946362d24ab2c145ef743f5bd2ce1b99b47a810a1bd0bb3c3023ebcdaf6f7e652024c1c743094
-  data.tar.gz: b0a8161350e3d45e813ab53cbf85e8ed9904f2c5aab96500873893138685b0bc65f8925aad26e4fd1b59a0fd8b7720e080fe1cb8feb9f825f61af3e167a057a0
+  metadata.gz: fcd437edb297d48443801da04f658950591862462bd7f17c317b035f69e342b81a87ea92680a314027bb5ee0b1078e6db6503b0b587d26f38a31f78153ed9c0c
+  data.tar.gz: c95958f9cc40d67b8a2a0e86d8f222343732a063ba71e24420d91751e05d78615a9dbc0c9b2b36173b117381ea83b902b9cf98d966469642080d449b011f5b6f

data/README.md

@@ -92,5 +92,5 @@ The gem is available as open source under the terms of the [MIT License](https:/
 
 ```
 gem build oidc_provider.gemspec
-gem push oidc_provider-0.1.0.gem
+gem push oidc_provider-0.3.2.gem
 ```

data/app/controllers/oidc_provider/authorizations_controller.rb

@@ -13,7 +13,7 @@ module OIDCProvider
         client_id: @client.identifier,
         nonce: oauth_request.nonce,
         scopes: requested_scopes,
-        account: current_account
+        account: oidc_current_account
       )
 
       oauth_response.code = authorization.code

data/app/controllers/oidc_provider/concerns/authentication.rb

@@ -1,7 +1,7 @@
 module OIDCProvider
   module Concerns
     module Authentication
-      def current_account
+      def oidc_current_account
         send(OIDCProvider.current_account_method)
       end
 
@@ -10,7 +10,7 @@ module OIDCProvider
       end
 
       def require_authentication
-        authenticate_user!
+        send(OIDCProvider.current_authentication_method)
       end
 
       def require_access_token
@@ -18,6 +18,10 @@ module OIDCProvider
           raise Rack::OAuth2::Server::Resource::Bearer::Unauthorized.new
         end
       end
+
+      def unauthenticate!
+        send(OIDCProvider.current_unauthenticate_method)
+      end
     end
   end
 end

data/app/controllers/oidc_provider/discovery_controller.rb

@@ -27,10 +27,11 @@ module OIDCProvider
     def openid_configuration
       config = OpenIDConnect::Discovery::Provider::Config::Response.new(
         issuer: OIDCProvider.issuer,
-        authorization_endpoint: authorizations_url,
-        token_endpoint: tokens_url,
-        userinfo_endpoint: user_info_url,
-        jwks_uri: jwks_url,
+        authorization_endpoint: authorizations_url(host: OIDCProvider.issuer),
+        token_endpoint: tokens_url(host: OIDCProvider.issuer),
+        userinfo_endpoint: user_info_url(host: OIDCProvider.issuer),
+        end_session_endpoint: end_session_url(host: OIDCProvider.issuer),
+        jwks_uri: jwks_url(host: OIDCProvider.issuer),
         scopes_supported: ["openid"] + OIDCProvider.supported_scopes.map(&:name),
         response_types_supported: [:code],
         grant_types_supported: [:authorization_code],

data/app/controllers/oidc_provider/sessions_controller.rb

@@ -0,0 +1,10 @@
+module OIDCProvider
+  class SessionsController < ApplicationController
+    before_action :require_authentication
+
+    def destroy
+      unauthenticate!
+      redirect_to root_url
+    end
+  end
+end

data/app/models/oidc_provider/access_token.rb

@@ -4,11 +4,8 @@ module OIDCProvider
 
     scope :valid, -> { where(arel_table[:expires_at].gteq(Time.now.utc)) }
 
-    after_initialize :set_defaults, unless: :persisted?  # The set_defaults will only work if the object is new
-    def set_defaults
-      self.token = SecureRandom.hex 32
-      self.expires_at = 1.hour.from_now
-    end
+    attribute :token, :string, default: -> { SecureRandom.hex 32 }
+    attribute :expires_at, :datetime, default: -> { 1.hours.from_now } 
 
     def to_bearer_token
       Rack::OAuth2::AccessToken::Bearer.new(

data/app/models/oidc_provider/authorization.rb

@@ -6,11 +6,8 @@ module OIDCProvider
 
     scope :valid, -> { where(arel_table[:expires_at].gteq(Time.now.utc)) }
 
-    after_initialize :set_defaults, unless: :persisted?  # The set_defaults will only work if the object is new
-    def set_defaults
-      self.code  = SecureRandom.hex 32
-      self.expires_at = 5.minutes.from_now
-    end
+    attribute :code, :string, default: -> { SecureRandom.hex 32 }
+    attribute :expires_at, :datetime, default: -> { 5.minutes.from_now }
 
     serialize :scopes, JSON
 

data/app/models/oidc_provider/id_token.rb

@@ -2,10 +2,7 @@ module OIDCProvider
   class IdToken < ApplicationRecord
     belongs_to :authorization
 
-    after_initialize :set_defaults, unless: :persisted?  # The set_defaults will only work if the object is new
-    def set_defaults
-      self.expires_at = 1.hour.from_now
-    end
+    attribute :expires_at, :datetime, default: -> { 1.hour.from_now }
 
     delegate :account, to: :authorization
 

data/config/routes.rb

@@ -1,6 +1,7 @@
 OIDCProvider::Engine.routes.draw do
   match 'authorizations' => 'authorizations#create', via: [:get, :post]
   resource :user_info, only: :show
+  get 'sessions/logout', to: 'sessions#destroy', as: :end_session
 
   post 'tokens', to: proc { |env| OIDCProvider::TokenEndpoint.new.call(env) }
   get 'jwks.json', as: :jwks, to: proc { |env| [200, {'Content-Type' => 'application/json'}, [OIDCProvider::IdToken.config[:jwk_set].to_json]] }

data/lib/oidc_provider.rb

@@ -31,6 +31,12 @@ module OIDCProvider
   mattr_accessor :current_account_method
   @@current_account_method = :current_user
 
+  mattr_accessor :current_authentication_method
+  @@current_authentication_method = :authenticate_user!
+
+  mattr_accessor :current_unauthenticate_method
+  @@current_unauthenticate_method = :sign_out
+
   mattr_accessor :account_identifier
   @@account_identifier = :id
 

data/lib/oidc_provider/version.rb

@@ -1,3 +1,3 @@
 module OIDCProvider
-  VERSION = '0.2.0'
+  VERSION = '0.3.4'
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: oidc_provider
 version: !ruby/object:Gem::Version
-  version: 0.2.0
+  version: 0.3.4
 platform: ruby
 authors:
 - William Carey
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2018-08-31 00:00:00.000000000 Z
+date: 2020-10-09 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rails
@@ -53,6 +53,7 @@ files:
 - app/controllers/oidc_provider/concerns/authentication.rb
 - app/controllers/oidc_provider/concerns/connect_endpoint.rb
 - app/controllers/oidc_provider/discovery_controller.rb
+- app/controllers/oidc_provider/sessions_controller.rb
 - app/controllers/oidc_provider/user_infos_controller.rb
 - app/models/oidc_provider/access_token.rb
 - app/models/oidc_provider/application_record.rb
@@ -94,7 +95,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubyforge_project: 
-rubygems_version: 2.5.2
+rubygems_version: 2.7.6.2
 signing_key: 
 specification_version: 4
 summary: Uses the openid_connect gem to turn a Rails app into an OpenID Connect provider.