oidc_provider 0.2.0 → 0.3.4

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
- SHA1:
3
- metadata.gz: 41bdbed874e8113e65850159b35a33a11a2b9a8d
4
- data.tar.gz: fe9d64dee100c3db0f904093547ef53f1de75100
2
+ SHA256:
3
+ metadata.gz: 870b6649344b4113019e2690061f7dc6d09b20cb5fc88a5fd6ac26ec7c5626ad
4
+ data.tar.gz: 7854f39520f20e47c58b6421549ee82696a8ed358be2266e1f91097ce6b2e9cc
5
5
  SHA512:
6
- metadata.gz: 11d61e2c1235091847cc52d681fc2e5814cc8b52aa88d25edb4946362d24ab2c145ef743f5bd2ce1b99b47a810a1bd0bb3c3023ebcdaf6f7e652024c1c743094
7
- data.tar.gz: b0a8161350e3d45e813ab53cbf85e8ed9904f2c5aab96500873893138685b0bc65f8925aad26e4fd1b59a0fd8b7720e080fe1cb8feb9f825f61af3e167a057a0
6
+ metadata.gz: fcd437edb297d48443801da04f658950591862462bd7f17c317b035f69e342b81a87ea92680a314027bb5ee0b1078e6db6503b0b587d26f38a31f78153ed9c0c
7
+ data.tar.gz: c95958f9cc40d67b8a2a0e86d8f222343732a063ba71e24420d91751e05d78615a9dbc0c9b2b36173b117381ea83b902b9cf98d966469642080d449b011f5b6f
data/README.md CHANGED
@@ -92,5 +92,5 @@ The gem is available as open source under the terms of the [MIT License](https:/
92
92
 
93
93
  ```
94
94
  gem build oidc_provider.gemspec
95
- gem push oidc_provider-0.1.0.gem
95
+ gem push oidc_provider-0.3.2.gem
96
96
  ```
@@ -13,7 +13,7 @@ module OIDCProvider
13
13
  client_id: @client.identifier,
14
14
  nonce: oauth_request.nonce,
15
15
  scopes: requested_scopes,
16
- account: current_account
16
+ account: oidc_current_account
17
17
  )
18
18
 
19
19
  oauth_response.code = authorization.code
@@ -1,7 +1,7 @@
1
1
  module OIDCProvider
2
2
  module Concerns
3
3
  module Authentication
4
- def current_account
4
+ def oidc_current_account
5
5
  send(OIDCProvider.current_account_method)
6
6
  end
7
7
 
@@ -10,7 +10,7 @@ module OIDCProvider
10
10
  end
11
11
 
12
12
  def require_authentication
13
- authenticate_user!
13
+ send(OIDCProvider.current_authentication_method)
14
14
  end
15
15
 
16
16
  def require_access_token
@@ -18,6 +18,10 @@ module OIDCProvider
18
18
  raise Rack::OAuth2::Server::Resource::Bearer::Unauthorized.new
19
19
  end
20
20
  end
21
+
22
+ def unauthenticate!
23
+ send(OIDCProvider.current_unauthenticate_method)
24
+ end
21
25
  end
22
26
  end
23
27
  end
@@ -27,10 +27,11 @@ module OIDCProvider
27
27
  def openid_configuration
28
28
  config = OpenIDConnect::Discovery::Provider::Config::Response.new(
29
29
  issuer: OIDCProvider.issuer,
30
- authorization_endpoint: authorizations_url,
31
- token_endpoint: tokens_url,
32
- userinfo_endpoint: user_info_url,
33
- jwks_uri: jwks_url,
30
+ authorization_endpoint: authorizations_url(host: OIDCProvider.issuer),
31
+ token_endpoint: tokens_url(host: OIDCProvider.issuer),
32
+ userinfo_endpoint: user_info_url(host: OIDCProvider.issuer),
33
+ end_session_endpoint: end_session_url(host: OIDCProvider.issuer),
34
+ jwks_uri: jwks_url(host: OIDCProvider.issuer),
34
35
  scopes_supported: ["openid"] + OIDCProvider.supported_scopes.map(&:name),
35
36
  response_types_supported: [:code],
36
37
  grant_types_supported: [:authorization_code],
@@ -0,0 +1,10 @@
1
+ module OIDCProvider
2
+ class SessionsController < ApplicationController
3
+ before_action :require_authentication
4
+
5
+ def destroy
6
+ unauthenticate!
7
+ redirect_to root_url
8
+ end
9
+ end
10
+ end
@@ -4,11 +4,8 @@ module OIDCProvider
4
4
 
5
5
  scope :valid, -> { where(arel_table[:expires_at].gteq(Time.now.utc)) }
6
6
 
7
- after_initialize :set_defaults, unless: :persisted? # The set_defaults will only work if the object is new
8
- def set_defaults
9
- self.token = SecureRandom.hex 32
10
- self.expires_at = 1.hour.from_now
11
- end
7
+ attribute :token, :string, default: -> { SecureRandom.hex 32 }
8
+ attribute :expires_at, :datetime, default: -> { 1.hours.from_now }
12
9
 
13
10
  def to_bearer_token
14
11
  Rack::OAuth2::AccessToken::Bearer.new(
@@ -6,11 +6,8 @@ module OIDCProvider
6
6
 
7
7
  scope :valid, -> { where(arel_table[:expires_at].gteq(Time.now.utc)) }
8
8
 
9
- after_initialize :set_defaults, unless: :persisted? # The set_defaults will only work if the object is new
10
- def set_defaults
11
- self.code = SecureRandom.hex 32
12
- self.expires_at = 5.minutes.from_now
13
- end
9
+ attribute :code, :string, default: -> { SecureRandom.hex 32 }
10
+ attribute :expires_at, :datetime, default: -> { 5.minutes.from_now }
14
11
 
15
12
  serialize :scopes, JSON
16
13
 
@@ -2,10 +2,7 @@ module OIDCProvider
2
2
  class IdToken < ApplicationRecord
3
3
  belongs_to :authorization
4
4
 
5
- after_initialize :set_defaults, unless: :persisted? # The set_defaults will only work if the object is new
6
- def set_defaults
7
- self.expires_at = 1.hour.from_now
8
- end
5
+ attribute :expires_at, :datetime, default: -> { 1.hour.from_now }
9
6
 
10
7
  delegate :account, to: :authorization
11
8
 
@@ -1,6 +1,7 @@
1
1
  OIDCProvider::Engine.routes.draw do
2
2
  match 'authorizations' => 'authorizations#create', via: [:get, :post]
3
3
  resource :user_info, only: :show
4
+ get 'sessions/logout', to: 'sessions#destroy', as: :end_session
4
5
 
5
6
  post 'tokens', to: proc { |env| OIDCProvider::TokenEndpoint.new.call(env) }
6
7
  get 'jwks.json', as: :jwks, to: proc { |env| [200, {'Content-Type' => 'application/json'}, [OIDCProvider::IdToken.config[:jwk_set].to_json]] }
@@ -31,6 +31,12 @@ module OIDCProvider
31
31
  mattr_accessor :current_account_method
32
32
  @@current_account_method = :current_user
33
33
 
34
+ mattr_accessor :current_authentication_method
35
+ @@current_authentication_method = :authenticate_user!
36
+
37
+ mattr_accessor :current_unauthenticate_method
38
+ @@current_unauthenticate_method = :sign_out
39
+
34
40
  mattr_accessor :account_identifier
35
41
  @@account_identifier = :id
36
42
 
@@ -1,3 +1,3 @@
1
1
  module OIDCProvider
2
- VERSION = '0.2.0'
2
+ VERSION = '0.3.4'
3
3
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: oidc_provider
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.2.0
4
+ version: 0.3.4
5
5
  platform: ruby
6
6
  authors:
7
7
  - William Carey
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2018-08-31 00:00:00.000000000 Z
11
+ date: 2020-10-09 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: rails
@@ -53,6 +53,7 @@ files:
53
53
  - app/controllers/oidc_provider/concerns/authentication.rb
54
54
  - app/controllers/oidc_provider/concerns/connect_endpoint.rb
55
55
  - app/controllers/oidc_provider/discovery_controller.rb
56
+ - app/controllers/oidc_provider/sessions_controller.rb
56
57
  - app/controllers/oidc_provider/user_infos_controller.rb
57
58
  - app/models/oidc_provider/access_token.rb
58
59
  - app/models/oidc_provider/application_record.rb
@@ -94,7 +95,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
94
95
  version: '0'
95
96
  requirements: []
96
97
  rubyforge_project:
97
- rubygems_version: 2.5.2
98
+ rubygems_version: 2.7.6.2
98
99
  signing_key:
99
100
  specification_version: 4
100
101
  summary: Uses the openid_connect gem to turn a Rails app into an OpenID Connect provider.