omniauth-atproto 0.1.1 → 0.1.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/omniauth/strategies/atproto.rb +28 -36
- data/lib/omniauth-atproto/key_manager.rb +2 -2
- data/lib/omniauth-atproto/version.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 2dacca65da2377668999f5815835a51e76d4d04e5e0cdcf6a00098a52595fef1
|
|
4
|
+
data.tar.gz: a8118eaa5ddc0783e1ffdef5dc247249dff770448b815f4d41f22084ebf00159
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 0b9bdf0247dc29d947be68633642a9da43ef6332b39e126c05766dea3dc694e087bf9c95aa935d3a7681335138fbb6393a6a5da0316955fefad2267d0f265c23
|
|
7
|
+
data.tar.gz: c8687b847a82eee5a57023940184033dc01294bfcc5b4cc0b9da05737b8c2120fafe5ecca5503f4ab63f66d6a1630db5f324a3a98b4d14b5dcf8b2b8da1b6b64
|
|
@@ -19,47 +19,39 @@ module OmniAuth
|
|
|
19
19
|
}
|
|
20
20
|
end
|
|
21
21
|
|
|
22
|
-
def
|
|
23
|
-
|
|
24
|
-
|
|
25
|
-
|
|
26
|
-
unless @handle
|
|
27
|
-
fail!(:missing_handle,
|
|
28
|
-
OmniAuth::Error.new(
|
|
29
|
-
'Handle parameter is required if no client options are set'
|
|
30
|
-
))
|
|
31
|
-
end
|
|
22
|
+
def self.setup
|
|
23
|
+
lambda do |env|
|
|
24
|
+
session = env["rack.session"]
|
|
32
25
|
|
|
33
|
-
|
|
34
|
-
|
|
35
|
-
|
|
36
|
-
end
|
|
26
|
+
if env["rack.request.form_hash"] && handle = env["rack.request.form_hash"]["handle"]
|
|
27
|
+
resolver = DIDKit::Resolver.new
|
|
28
|
+
did = resolver.resolve_handle(handle)
|
|
37
29
|
|
|
38
|
-
|
|
30
|
+
unless did
|
|
31
|
+
env['omniauth.strategy'].fail!(:unknown_handle,
|
|
32
|
+
OmniAuth::Error.new(
|
|
33
|
+
'Handle parameter did not resolve to a did'
|
|
34
|
+
))
|
|
35
|
+
end
|
|
39
36
|
|
|
40
|
-
|
|
41
|
-
|
|
37
|
+
endpoint = resolver.resolve_did(did).pds_endpoint
|
|
38
|
+
auth_server = get_authorization_server(endpoint)
|
|
39
|
+
session["authorization_info"] = authorization_info = get_authorization_data(auth_server)
|
|
40
|
+
end
|
|
41
|
+
|
|
42
|
+
if authorization_info ||= session.delete("authorization_info")
|
|
43
|
+
env['omniauth.strategy'].options["client_options"]["site"] = authorization_info["issuer"]
|
|
44
|
+
env['omniauth.strategy'].options["client_options"]["authorize_url"] = authorization_info['authorization_endpoint']
|
|
45
|
+
env['omniauth.strategy'].options["client_options"]["token_url"] = authorization_info['token_endpoint']
|
|
46
|
+
end
|
|
47
|
+
end
|
|
42
48
|
end
|
|
43
49
|
|
|
44
|
-
|
|
45
|
-
options.client_options[:site] = authorization_info['issuer']
|
|
46
|
-
options.client_options[:authorize_url] = authorization_info['authorization_endpoint']
|
|
47
|
-
options.client_options[:token_url] = authorization_info['token_endpoint']
|
|
48
|
-
end
|
|
50
|
+
option :setup, setup
|
|
49
51
|
|
|
50
|
-
|
|
51
|
-
session['omniauth.auth_info'] ||= begin
|
|
52
|
-
resolver = DIDKit::Resolver.new
|
|
53
|
-
did = resolver.resolve_handle(@handle)
|
|
54
|
-
endpoint = resolver.resolve_did(did).pds_endpoint
|
|
55
|
-
auth_server = get_authorization_server(endpoint)
|
|
56
|
-
auth_info = get_authorization_data(auth_server)
|
|
57
|
-
end
|
|
58
|
-
end
|
|
52
|
+
private
|
|
59
53
|
|
|
60
54
|
def build_access_token
|
|
61
|
-
set_client_options unless has_default_client_options?
|
|
62
|
-
|
|
63
55
|
new_token_params = token_params.merge(
|
|
64
56
|
{
|
|
65
57
|
grant_type: 'authorization_code',
|
|
@@ -67,7 +59,7 @@ module OmniAuth
|
|
|
67
59
|
code: request.params['code'],
|
|
68
60
|
client_id: options.client_id,
|
|
69
61
|
client_assertion_type: 'urn:ietf:params:oauth:client-assertion-type:jwt-bearer',
|
|
70
|
-
client_assertion: generate_client_assertion
|
|
62
|
+
client_assertion: generate_client_assertion,
|
|
71
63
|
}
|
|
72
64
|
)
|
|
73
65
|
dpop_handler = AtProto::DpopHandler.new(options.private_key)
|
|
@@ -115,7 +107,7 @@ module OmniAuth
|
|
|
115
107
|
)
|
|
116
108
|
end
|
|
117
109
|
|
|
118
|
-
def get_authorization_server(pds_endpoint)
|
|
110
|
+
def self.get_authorization_server(pds_endpoint)
|
|
119
111
|
response = Faraday.get("#{pds_endpoint}/.well-known/oauth-protected-resource")
|
|
120
112
|
|
|
121
113
|
unless response.success?
|
|
@@ -135,7 +127,7 @@ module OmniAuth
|
|
|
135
127
|
auth_server
|
|
136
128
|
end
|
|
137
129
|
|
|
138
|
-
def get_authorization_data(issuer)
|
|
130
|
+
def self.get_authorization_data(issuer)
|
|
139
131
|
response = Faraday.get("#{issuer}/.well-known/oauth-authorization-server")
|
|
140
132
|
|
|
141
133
|
unless response.success?
|
|
@@ -48,11 +48,11 @@ module OmniAuth
|
|
|
48
48
|
def rotate_keys
|
|
49
49
|
# Backup current keys if they exist
|
|
50
50
|
if File.exist?(KEY_PATH)
|
|
51
|
-
|
|
51
|
+
File.write(KEY_PATH, 'config/old_atproto_private_key.pem')
|
|
52
52
|
FileUtils.rm(KEY_PATH)
|
|
53
53
|
end
|
|
54
54
|
if File.exist?(JWK_PATH)
|
|
55
|
-
|
|
55
|
+
File.write(JWK_PATH, 'config/old_atproto_jwk.json')
|
|
56
56
|
FileUtils.rm(JWK_PATH)
|
|
57
57
|
end
|
|
58
58
|
load_or_generate_keys
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: omniauth-atproto
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.1.
|
|
4
|
+
version: 0.1.2
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- frabr
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: exe
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2024-
|
|
11
|
+
date: 2024-12-06 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: atproto_client
|