omniauth-atproto 0.1.2 → 0.1.4

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 2dacca65da2377668999f5815835a51e76d4d04e5e0cdcf6a00098a52595fef1
-  data.tar.gz: a8118eaa5ddc0783e1ffdef5dc247249dff770448b815f4d41f22084ebf00159
+  metadata.gz: 4f160f72bb32ee424debc508de26eb57909a0099dd843514c4787f925ab49339
+  data.tar.gz: e17bf34036b05597a16b25aec8003fce7422fe511ae3c82074144b5546f8cc16
 SHA512:
-  metadata.gz: 0b9bdf0247dc29d947be68633642a9da43ef6332b39e126c05766dea3dc694e087bf9c95aa935d3a7681335138fbb6393a6a5da0316955fefad2267d0f265c23
-  data.tar.gz: c8687b847a82eee5a57023940184033dc01294bfcc5b4cc0b9da05737b8c2120fafe5ecca5503f4ab63f66d6a1630db5f324a3a98b4d14b5dcf8b2b8da1b6b64
+  metadata.gz: c88cd60ddba8dcb55801fc80ef932ccdfea21fdcb6bc4f9e646f6bf5cd1185608bd497a6ce9a55547c3a03fd7920191c482a89a795b0ba3b5ef0fbb813ebbd64
+  data.tar.gz: ff8baae3478d2ad51e8291252a0d08a5552631ff692416ffc40b26fa0d65e4b2bc73b8861aa8fc2d0e89094076b5eb24ce56a38538ab7d69dd06a386f18aac64

data/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2024 François Brault
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

data/README.md

@@ -78,7 +78,7 @@ rails atproto:generate_metadata
 ```
 The values from the metadata endpoint should correspond to those you gave as option for the strategy (that's why a generator would be very handy).
 
-All subsequent request made with the token should use the same private_key (with dpop, see the atproto_client gem).
+All subsequent request made with the token should use the same private_key (with dpop), you might want to use https://github.com/lasercatspro/atproto-ruby.
 
 The pds is going to request your app at oauth/client-metadata.json. For developement you will have to use some kind of proxy, like ngrok (there is a "development mode" in the spec but I didnt try it)
 

data/lib/omniauth/strategies/atproto.rb

@@ -52,61 +52,19 @@ module OmniAuth
       private
 
       def build_access_token
-        new_token_params = token_params.merge(
-          {
-            grant_type: 'authorization_code',
-            redirect_uri: full_host + callback_path,
-            code: request.params['code'],
-            client_id: options.client_id,
-            client_assertion_type: 'urn:ietf:params:oauth:client-assertion-type:jwt-bearer',
-            client_assertion: generate_client_assertion,
-          }
+        response = AtProto::Client.new(private_key: options.private_key).get_token!(
+          **token_params.merge({
+                                 code: request.params['code'],
+                                 jwk: options.client_jwk,
+                                 client_id: options.client_id,
+                                 redirect_uri: full_host + callback_path,
+                                 site: options.client_options.site,
+                                 endpoint: options.client_options.token_url
+                               }).to_h.symbolize_keys
         )
-        dpop_handler = AtProto::DpopHandler.new(options.private_key)
-        response = dpop_handler.make_request(
-          client.token_url,
-          :post,
-          headers: { 'Content-Type' => 'application/json', 'Accept' => 'application/json' },
-          body: new_token_params
-        )
-
         ::OAuth2::AccessToken.from_hash(client, response)
       end
 
-      def generate_client_assertion
-        # Should return a JWT signed with the private key corresponding to the one in client-metadata.json
-
-        raise 'Client ID is required' unless options.client_id
-        raise 'Client JWK is required' unless options.client_jwk
-
-        private_key = if options.private_key.is_a?(String)
-                        OpenSSL::PKey::EC.new(options.private_key)
-                      elsif options.private_key.is_a?(OpenSSL::PKey::EC)
-                        options.private_key
-                      else
-                        raise 'Invalid private_key format'
-                      end
-        jwt_payload = {
-          iss: options.client_id,
-          sub: options.client_id,
-          aud: options.client_options.site,
-          jti: SecureRandom.uuid,
-          iat: Time.now.to_i,
-          exp: Time.now.to_i + 300
-        }
-
-        JWT.encode(
-          jwt_payload,
-          private_key,
-          'ES256',
-          {
-            typ: 'jwt',
-            alg: 'ES256',
-            kid: options.client_jwk[:kid]
-          }
-        )
-      end
-
       def self.get_authorization_server(pds_endpoint)
         response = Faraday.get("#{pds_endpoint}/.well-known/oauth-protected-resource")
 

data/lib/omniauth-atproto/version.rb

@@ -1,5 +1,5 @@
 module OmniAuth
   module Atproto
-    VERSION = '0.1.2'
+    VERSION = '0.1.4'
   end
 end

metadata

@@ -1,29 +1,28 @@
 --- !ruby/object:Gem::Specification
 name: omniauth-atproto
 version: !ruby/object:Gem::Version
-  version: 0.1.2
+  version: 0.1.4
 platform: ruby
 authors:
 - frabr
-autorequire: 
 bindir: exe
 cert_chain: []
-date: 2024-12-06 00:00:00.000000000 Z
+date: 1980-01-01 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: atproto_client
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: '0'
+        version: 0.1.4
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: '0'
+        version: 0.1.4
 - !ruby/object:Gem::Dependency
   name: didkit
   requirement: !ruby/object:Gem::Requirement
@@ -56,14 +55,14 @@ dependencies:
   name: jwt
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
         version: '2.7'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
         version: '2.7'
 - !ruby/object:Gem::Dependency
@@ -129,6 +128,7 @@ executables: []
 extensions: []
 extra_rdoc_files: []
 files:
+- LICENSE
 - README.md
 - lib/omniauth-atproto.rb
 - lib/omniauth-atproto/key_manager.rb
@@ -142,7 +142,6 @@ metadata:
   homepage_uri: https://github.com/lasercats/omniauth-atproto
   source_code_uri: https://github.com/lasercats/omniauth-atproto
   changelog_uri: https://github.com/lasercats/omniauth-atproto/blob/master/CHANGELOG.md
-post_install_message: 
 rdoc_options: []
 require_paths:
 - lib
@@ -157,8 +156,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.5.3
-signing_key: 
+rubygems_version: 3.7.2
 specification_version: 4
 summary: OmniAuth strategy for AtProto
 test_files: []