omniauth-doximity-oauth2 1.1.0 → 1.2.0.pre
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/.github/CODEOWNERS +3 -0
- data/CHANGELOG.md +4 -0
- data/Gemfile.lock +1 -1
- data/lib/omniauth/strategies/doximity_oauth2.rb +6 -7
- data/lib/omniauth-doximity-oauth2/crypto.rb +30 -0
- data/lib/omniauth-doximity-oauth2/version.rb +1 -1
- metadata +5 -4
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 7a115db51c6901227e768b5d4e6b3936cece507e74e95c56e863df69ea8df6a9
|
|
4
|
+
data.tar.gz: d271503b99bac24d5c48f2671f50d2fee7f2d76f154a6964910e567af76f8f5c
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: d3e64fd03c57ced3f0b77ebb95a0ef3b8d32e6907ad16d3b65da5fc314f1a4085ed7c7b0b2d6b89dadfc67a641d5693bfa71ff9b8348d3b292cb03e55ad5f04b
|
|
7
|
+
data.tar.gz: '0208112352a8904c69b7a54c602c10f3e017881efc73f6e5e257bf9bca130288fd3438aa35bdac7f2dcd697004f077bd0fc5fc9833a1e290ba5c8d3794ab894e'
|
data/.github/CODEOWNERS
CHANGED
data/CHANGELOG.md
CHANGED
|
@@ -1,6 +1,10 @@
|
|
|
1
1
|
Changelog
|
|
2
2
|
=========
|
|
3
3
|
|
|
4
|
+
## 1.2.0.pre - 05/05/2023
|
|
5
|
+
* Update mechanism for verifying RSA public keys to work on OpenSSL 3
|
|
6
|
+
* Ensure state persists between initial call and on callback
|
|
7
|
+
|
|
4
8
|
## 1.1.0 - 06/13/2022
|
|
5
9
|
* Add "prompt" parameter to be persisted on request, allowing for silent authentication (among other things)
|
|
6
10
|
|
data/Gemfile.lock
CHANGED
|
@@ -1,6 +1,7 @@
|
|
|
1
1
|
# frozen_string_literal: true
|
|
2
2
|
|
|
3
3
|
require "omniauth/strategies/oauth2"
|
|
4
|
+
require "omniauth-doximity-oauth2/crypto"
|
|
4
5
|
require "omniauth-doximity-oauth2/errors"
|
|
5
6
|
require "active_support/core_ext/hash/indifferent_access"
|
|
6
7
|
require "uri"
|
|
@@ -74,13 +75,16 @@ module OmniAuth
|
|
|
74
75
|
@raw_credential_info ||= access_token.to_hash.with_indifferent_access
|
|
75
76
|
end
|
|
76
77
|
|
|
77
|
-
def authorize_params
|
|
78
|
+
def authorize_params # rubocop:disable Metrics/AbcSize
|
|
78
79
|
super.tap do |params|
|
|
79
80
|
options[:authorize_options].each do |v|
|
|
80
81
|
params[v.to_sym] = request.params[v.to_s] if request.params[v.to_s]
|
|
81
82
|
end
|
|
82
83
|
|
|
83
84
|
params[:scope] = get_scope(params)
|
|
85
|
+
|
|
86
|
+
# Ensure state is persisted
|
|
87
|
+
session['omniauth.state'] = params[:state] if params[:state]
|
|
84
88
|
end
|
|
85
89
|
end
|
|
86
90
|
|
|
@@ -98,7 +102,7 @@ module OmniAuth
|
|
|
98
102
|
keys = request_keys
|
|
99
103
|
|
|
100
104
|
public_key_params = keys.find { |key| key["kid"] == header["kid"] }
|
|
101
|
-
rsa_key = create_rsa_key(public_key_params["n"], public_key_params["e"])
|
|
105
|
+
rsa_key = Crypto.create_rsa_key(public_key_params["n"], public_key_params["e"])
|
|
102
106
|
|
|
103
107
|
body, = JWT.decode(token, rsa_key.public_key, true, { algorithm: header["alg"] })
|
|
104
108
|
body
|
|
@@ -125,11 +129,6 @@ module OmniAuth
|
|
|
125
129
|
|
|
126
130
|
MultiJson.load(response.body)["keys"]
|
|
127
131
|
end
|
|
128
|
-
|
|
129
|
-
def create_rsa_key(n, e)
|
|
130
|
-
key = OpenSSL::PKey::RSA.new
|
|
131
|
-
key.set_key(OpenSSL::BN.new(Base64.urlsafe_decode64(n), 2), OpenSSL::BN.new(Base64.urlsafe_decode64(e), 2), nil)
|
|
132
|
-
end
|
|
133
132
|
end
|
|
134
133
|
end
|
|
135
134
|
end
|
|
@@ -0,0 +1,30 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
module Omniauth
|
|
4
|
+
module DoximityOauth2
|
|
5
|
+
# Static crypto methods
|
|
6
|
+
class Crypto
|
|
7
|
+
def self.create_rsa_key(n, e)
|
|
8
|
+
data_sequence = OpenSSL::ASN1::Sequence([
|
|
9
|
+
OpenSSL::ASN1::Integer(base64_to_long(n)),
|
|
10
|
+
OpenSSL::ASN1::Integer(base64_to_long(e))
|
|
11
|
+
])
|
|
12
|
+
asn1 = OpenSSL::ASN1::Sequence(data_sequence)
|
|
13
|
+
OpenSSL::PKey::RSA.new(asn1.to_der)
|
|
14
|
+
end
|
|
15
|
+
|
|
16
|
+
private
|
|
17
|
+
|
|
18
|
+
def base64_to_long(data)
|
|
19
|
+
decoded_with_padding = Base64.urlsafe_decode64(data) + Base64.decode64("==")
|
|
20
|
+
decoded_with_padding.to_s.unpack("C*").map do |byte|
|
|
21
|
+
byte_to_hex(byte)
|
|
22
|
+
end.join.to_i(16)
|
|
23
|
+
end
|
|
24
|
+
|
|
25
|
+
def byte_to_hex(int)
|
|
26
|
+
int < 16 ? "0#{int.to_s(16)}" : int.to_s(16)
|
|
27
|
+
end
|
|
28
|
+
end
|
|
29
|
+
end
|
|
30
|
+
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: omniauth-doximity-oauth2
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.
|
|
4
|
+
version: 1.2.0.pre
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- William Harvey
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date:
|
|
11
|
+
date: 2023-05-05 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: activesupport
|
|
@@ -199,6 +199,7 @@ files:
|
|
|
199
199
|
- README.md
|
|
200
200
|
- Rakefile
|
|
201
201
|
- lib/omniauth-doximity-oauth2.rb
|
|
202
|
+
- lib/omniauth-doximity-oauth2/crypto.rb
|
|
202
203
|
- lib/omniauth-doximity-oauth2/errors.rb
|
|
203
204
|
- lib/omniauth-doximity-oauth2/version.rb
|
|
204
205
|
- lib/omniauth/strategies/doximity_oauth2.rb
|
|
@@ -264,9 +265,9 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
|
264
265
|
version: 2.5.0
|
|
265
266
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
|
266
267
|
requirements:
|
|
267
|
-
- - "
|
|
268
|
+
- - ">"
|
|
268
269
|
- !ruby/object:Gem::Version
|
|
269
|
-
version:
|
|
270
|
+
version: 1.3.1
|
|
270
271
|
requirements: []
|
|
271
272
|
rubygems_version: 3.3.11
|
|
272
273
|
signing_key:
|