omniauth-apple 1.3.0.alpha → 1.3.0.alpha2

Sign up to get free protection for your applications and to get access to all the features.
Files changed (4) hide show
  1. checksums.yaml +4 -4
  2. data/lib/omniauth/apple/version.rb +1 -1
  3. data/lib/omniauth/strategies/apple.rb +18 -13
  4. metadata +1 -1
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: dfa80b37505eab851337bde06806ca93b16a36d0bba69c25a379842107a53672
4
- data.tar.gz: 001a183e434b6bca8096c78b6dd78d4eb44519bef7a063c0774ac0b269a8b261
3
+ metadata.gz: ccdbe86490c5f075471da1d840b32d7cf2d8fff5269f69e28b8a1f3bd2fc181e
4
+ data.tar.gz: '08e94e6b4c9e87ae72d1e0e311c389a920dead7925a9ffe7debb128c71fd7024'
5
5
  SHA512:
6
- metadata.gz: 95c48a4e63f6d8a92655ad3537061cd3877f68114954645cce888e0e1456986164166e28b3c7adffff50bc650dce217a29b34f8004190ddcf346d33c657b1987
7
- data.tar.gz: fde578a7e24aabdf416b46a622753ba86121581898313a367bdbee09495adca1b039c272101a521839294763381c8cb5514bcfc4f81cb469a576857231f46ac4
6
+ metadata.gz: 200b3f18382054a6571771f4f5f6856192d5df2b185f8f4af2848d25ecde5411f0e91177f5b418e92db1c229b4fe90af54e83ece8aee2f8820af3225c2ff534d
7
+ data.tar.gz: 9440a958201d0506cc153ded2a1d9ed82819611c4beae85eb80b96ec9624a99838866445bb217dd88a4062c674c8348511341cc8e2d7d6be3ec64476a2917a3c
data/lib/omniauth/apple/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  module OmniAuth
2
2
  module Apple
3
- VERSION = '1.3.0.alpha'
3
+ VERSION = '1.3.0.alpha2'
4
4
  end
5
5
  end
data/lib/omniauth/strategies/apple.rb CHANGED
@@ -77,20 +77,27 @@ module OmniAuth
77
77
  @id_info ||= if request.params&.key?('id_token') || access_token&.params&.key?('id_token')
78
78
  id_token_str = request.params['id_token'] || access_token.params['id_token']
79
79
  id_token = JSON::JWT.decode(id_token_str, :skip_verification)
80
- if (jwk = fetch_jwk(id_token.kid))
81
- id_token.verify! jwk
82
- verify_claims!(id_token)
83
- id_token
84
- else
85
- {}
86
- end
80
+ verify_id_token! id_token
81
+ id_token
87
82
  end
88
83
  end
89
84
 
90
- def fetch_jwk(kid)
85
+ def verify_id_token!(id_token)
86
+ jwk = fetch_jwk! id_token.kid
87
+ verify_signature! id_token, jwk
88
+ verify_claims! id_token
89
+ end
90
+
91
+ def fetch_jwk!(kid)
91
92
  JSON::JWK::Set::Fetcher.fetch File.join(ISSUER, 'auth/keys'), kid: kid
92
- rescue JSON::ParserError, JSON::JWT::Exception, Faraday::Error => e
93
- fail!(:jwks_fetching_failed, e) and nil
93
+ rescue => e
94
+ raise CallbackError.new(:jwks_fetching_failed, e)
95
+ end
96
+
97
+ def verify_signature!(id_token, jwk)
98
+ id_token.verify! jwk
99
+ rescue => e
100
+ raise CallbackError.new(:id_token_signature_invalid, e)
94
101
  end
95
102
 
96
103
  def verify_claims!(id_token)
@@ -122,9 +129,7 @@ module OmniAuth
122
129
  end
123
130
 
124
131
  def invalid_claim!(claim)
125
- key = :"#{claim}_invalid"
126
- message = "#{claim} invalid"
127
- fail! key, CallbackError.new(key, message)
132
+ raise CallbackError.new(:id_token_claims_invalid, "#{claim} invalid")
128
133
  end
129
134
 
130
135
  def client_id
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: omniauth-apple
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.3.0.alpha
4
+ version: 1.3.0.alpha2
5
5
  platform: ruby
6
6
  authors:
7
7
  - nhosoya