omniauth-apple 1.3.0.alpha → 1.3.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: dfa80b37505eab851337bde06806ca93b16a36d0bba69c25a379842107a53672
4
- data.tar.gz: 001a183e434b6bca8096c78b6dd78d4eb44519bef7a063c0774ac0b269a8b261
3
+ metadata.gz: b0a0049edf786737a4acc4af68aeff8b8323a020822dfd530a01c0f8925cc1f1
4
+ data.tar.gz: 44d8cf583c85cb198f6dd5a9f7e593d5109335a78cc01ec7b32feaa69b449df0
5
5
  SHA512:
6
- metadata.gz: 95c48a4e63f6d8a92655ad3537061cd3877f68114954645cce888e0e1456986164166e28b3c7adffff50bc650dce217a29b34f8004190ddcf346d33c657b1987
7
- data.tar.gz: fde578a7e24aabdf416b46a622753ba86121581898313a367bdbee09495adca1b039c272101a521839294763381c8cb5514bcfc4f81cb469a576857231f46ac4
6
+ metadata.gz: ecc115718bb19ab99e6b15c05432b19ae73499a8b76f98e05e5cb0b45d61b61549a283709180d0df60b188e3c5db789a5d4c0cfe79d147014ca798df5ecc511a
7
+ data.tar.gz: eaa439dee2483186d09f0aa24e6e653118ca37545f01d074c098366c24daa8b355c8e24df1e0138e0fcd93efa0946a7ae9141c21e6cee7c3629941dbe59b2a65
@@ -1,5 +1,5 @@
1
1
  module OmniAuth
2
2
  module Apple
3
- VERSION = '1.3.0.alpha'
3
+ VERSION = '1.3.0'
4
4
  end
5
5
  end
@@ -77,20 +77,27 @@ module OmniAuth
77
77
  @id_info ||= if request.params&.key?('id_token') || access_token&.params&.key?('id_token')
78
78
  id_token_str = request.params['id_token'] || access_token.params['id_token']
79
79
  id_token = JSON::JWT.decode(id_token_str, :skip_verification)
80
- if (jwk = fetch_jwk(id_token.kid))
81
- id_token.verify! jwk
82
- verify_claims!(id_token)
83
- id_token
84
- else
85
- {}
86
- end
80
+ verify_id_token! id_token
81
+ id_token
87
82
  end
88
83
  end
89
84
 
90
- def fetch_jwk(kid)
85
+ def verify_id_token!(id_token)
86
+ jwk = fetch_jwk! id_token.kid
87
+ verify_signature! id_token, jwk
88
+ verify_claims! id_token
89
+ end
90
+
91
+ def fetch_jwk!(kid)
91
92
  JSON::JWK::Set::Fetcher.fetch File.join(ISSUER, 'auth/keys'), kid: kid
92
- rescue JSON::ParserError, JSON::JWT::Exception, Faraday::Error => e
93
- fail!(:jwks_fetching_failed, e) and nil
93
+ rescue => e
94
+ raise CallbackError.new(:jwks_fetching_failed, e)
95
+ end
96
+
97
+ def verify_signature!(id_token, jwk)
98
+ id_token.verify! jwk
99
+ rescue => e
100
+ raise CallbackError.new(:id_token_signature_invalid, e)
94
101
  end
95
102
 
96
103
  def verify_claims!(id_token)
@@ -122,9 +129,7 @@ module OmniAuth
122
129
  end
123
130
 
124
131
  def invalid_claim!(claim)
125
- key = :"#{claim}_invalid"
126
- message = "#{claim} invalid"
127
- fail! key, CallbackError.new(key, message)
132
+ raise CallbackError.new(:id_token_claims_invalid, "#{claim} invalid")
128
133
  end
129
134
 
130
135
  def client_id
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: omniauth-apple
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.3.0.alpha
4
+ version: 1.3.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - nhosoya
@@ -9,7 +9,7 @@ authors:
9
9
  autorequire:
10
10
  bindir: exe
11
11
  cert_chain: []
12
- date: 2022-12-28 00:00:00.000000000 Z
12
+ date: 2023-01-17 00:00:00.000000000 Z
13
13
  dependencies:
14
14
  - !ruby/object:Gem::Dependency
15
15
  name: omniauth-oauth2
@@ -146,9 +146,9 @@ required_ruby_version: !ruby/object:Gem::Requirement
146
146
  version: '0'
147
147
  required_rubygems_version: !ruby/object:Gem::Requirement
148
148
  requirements:
149
- - - ">"
149
+ - - ">="
150
150
  - !ruby/object:Gem::Version
151
- version: 1.3.1
151
+ version: '0'
152
152
  requirements: []
153
153
  rubygems_version: 3.3.26
154
154
  signing_key: