RubyGems - omniauth-fishbrain - Versions diffs - 0.11.0 → 0.11.5 - Mend

omniauth-fishbrain 0.11.0 → 0.11.5

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (9) hide show

checksums.yaml +4 -4
data/README.markdown +2 -2
data/lib/omniauth-fishbrain/version.rb +1 -1
data/lib/omniauth/fishbrain/decode_id_token.rb +54 -0
data/lib/omniauth/fishbrain/premium_status.rb +2 -4
data/lib/omniauth/fishbrain/verifies_id_token.rb +5 -5
data/lib/omniauth/strategies/fishbrain.rb +1 -1
data/lib/omniauth/strategies/fishbrain_id.rb +4 -5
metadata +5 -5

checksums.yaml CHANGED

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: aeee9cc6e162c2f7af87e9e888e5ee6512e3b0733db7e2ea62b36edc3e18f355
-  data.tar.gz: c7e1e870026535bab621a989e3108065b87361b700b819117fc43422f247407b
+  metadata.gz: 1637721816e60eb974b77e438d29b21943e039b2ec6deb97fd621b055ea9b3f9
+  data.tar.gz: 7a25399a0f3cdff975adccbdb46fbf2679417978756fad9336be4e9be26fb9af
 SHA512:
-  metadata.gz: 1581f15f1c259c32b65918776be71fecb61d8a301684168c6c203671f19fb36f13f246135e940b733412eec27afeb9cb065c70412323505792cd1dd8f1848bf8
-  data.tar.gz: f2cb803f3e831ee2607c7ba93ac089d48fdfe3d5a3ec39c17bbfa46b5904862dc5d82c75984a6fcac60cd17569cb485a5206706348285133f1046fb88974dd24
+  metadata.gz: f54afe7e9de9d46401a3c6c387a63a42e2661ccaf81fe674fdd73c840db162a44360e1f4011020d8faa7b191a65ff9073909ef0c498d15a7e09ae544c3e9b35a
+  data.tar.gz: fce1acff0dbc7abbe47f4113c5abb978bd08e8bbc4d6fd59fc62bbe9eaa608caf5175e4490a8369c3f6fa74f81b8e714a5667159e23bbb81ce2e146e5eade613

data/README.markdown CHANGED

@@ -30,11 +30,11 @@ In development/test/staging environments:
 ```ruby
 use OmniAuth::Builder do
   provider :fishbrain, ENV['FISHBRAIN_CLIENT_ID'], ENV['FISHBRAIN_CLIENT_SECRET'],
-                       user_pool_id: 'eu-west-1_K2uP41DlP',
+                       user_pool_id: 'eu-west-1_WlBhbuD6e',
                        client_options: {
                          site: 'https://accounts-staging.fishbrain.com',
                        }
-  provider :fishbrain_id, user_pool_id: 'eu-west-1_K2uP41DlP'
+  provider :fishbrain_id, user_pool_id: 'eu-west-1_WlBhbuD6e'
 end
 ```

data/lib/omniauth-fishbrain/version.rb CHANGED

@@ -2,6 +2,6 @@
 module OmniAuth
   module Fishbrain
-    VERSION = '0.11.0'
+    VERSION = '0.11.5'
   end
 end

data/lib/omniauth/fishbrain/decode_id_token.rb ADDED

@@ -0,0 +1,54 @@
+# frozen_string_literal: true
+require 'net/http'
+require 'jwt'
+module OmniAuth
+  module Fishbrain
+    class DecodeIdToken
+      AWS_REGION = 'eu-west-1'
+      USER_POOL_ID = 'eu-west-1_TKWveIcYu'
+      attr_reader :client_id, :aws_region, :user_pool_id, :jwt_leeway
+      def initialize(client_id, user_pool_id = USER_POOL_ID, aws_region = AWS_REGION)
+        @client_id = client_id
+        @user_pool_id = user_pool_id
+        @aws_region = aws_region
+        @jwt_leeway = 60
+      end
+      def decode(raw_id_token)
+        JWT.decode(raw_id_token, nil, true, decode_options).first
+      end
+      private
+      def decode_options
+        {
+          iss: iss,
+          aud: client_id,
+          verify_aud: false,
+          verify_expiration: true,
+          verify_iat: true,
+          verify_iss: true,
+          verify_not_before: true,
+          leeway: jwt_leeway,
+          algorithm: 'RS256',
+          jwks: jwks,
+        }
+      end
+      def iss
+        "https://cognito-idp.#{aws_region}.amazonaws.com/#{user_pool_id}"
+      end
+      def jwks
+        @_jwks ||= "#{iss}/.well-known/jwks.json"
+          .yield_self(&URI.method(:parse))
+          .yield_self(&Net::HTTP.method(:get))
+          .yield_self { |it| JSON.parse(it, symbolize_names: true) }
+      end
+    end
+  end
+end

data/lib/omniauth/fishbrain/premium_status.rb CHANGED

@@ -1,6 +1,5 @@
 # frozen_string_literal: true
-require 'date'
 require 'json'
 module OmniAuth
@@ -9,15 +8,14 @@ module OmniAuth
       def premium_status
         return {} unless id_token['premium_status']
-        JSON.parse id_token['premium_status']
+        JSON.parse(id_token['premium_status'])
       rescue JSON::ParserError
         {}
       end
       def premium?
-        DateTime.rfc3339(premium_status['premium_end_date']) > DateTime.now
+        Time.xmlschema(premium_status['end_date']) > Time.new.utc
       rescue ArgumentError
-        # if format was wrong
         false
       end
     end

data/lib/omniauth/fishbrain/verifies_id_token.rb CHANGED

@@ -7,11 +7,11 @@ module OmniAuth
   module Fishbrain
     module VerifiesIdToken
       def id_token
-        @_id_token ||= begin
-          return {} unless raw_id_token
-          JWT.decode(raw_id_token, nil, true, decode_options).first
-        end
+        @_id_token ||= if raw_id_token&.strip&.empty?
+                         {}
+                       else
+                         JWT.decode(raw_id_token, nil, true, decode_options).first
+                       end
       end
       def decode_options

data/lib/omniauth/strategies/fishbrain.rb CHANGED

@@ -16,7 +16,7 @@ module OmniAuth
                               token_url: '/oauth2/token',
                               auth_scheme: :basic_auth
       option :scope, 'email openid profile'
-      option :user_pool_id, 'eu-west-1_5r0WbR8OH'
+      option :user_pool_id, 'eu-west-1_TKWveIcYu'
       option :aws_region, 'eu-west-1'
       option :jwt_leeway, 60

data/lib/omniauth/strategies/fishbrain_id.rb CHANGED

@@ -11,7 +11,7 @@ module OmniAuth
       include OmniAuth::Fishbrain::PremiumStatus
       option :name, 'fishbrain_id'
-      option :user_pool_id, 'eu-west-1_5r0WbR8OH'
+      option :user_pool_id, 'eu-west-1_TKWveIcYu'
       option :client_id, nil
       option :aws_region, 'eu-west-1'
       option :jwt_leeway, 60
@@ -37,11 +37,10 @@ module OmniAuth
       end
       def callback_phase
-        if raw_id_token
-          id_token
-          super
-        else
+        if id_token.empty?
           fail! :missing_id_token
+        else
+          super
         end
       rescue JWT::ExpiredSignature
         fail! :invalid_id_token

metadata CHANGED

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: omniauth-fishbrain
 version: !ruby/object:Gem::Version
-  version: 0.11.0
+  version: 0.11.5
 platform: ruby
 authors:
 - Erik Dalen
@@ -9,7 +9,7 @@ authors:
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2020-02-27 00:00:00.000000000 Z
+date: 2020-08-17 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: jwt
@@ -51,6 +51,7 @@ files:
 - README.markdown
 - lib/omniauth-fishbrain.rb
 - lib/omniauth-fishbrain/version.rb
+- lib/omniauth/fishbrain/decode_id_token.rb
 - lib/omniauth/fishbrain/premium_status.rb
 - lib/omniauth/fishbrain/verifies_id_token.rb
 - lib/omniauth/strategies/fishbrain.rb
@@ -67,15 +68,14 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: '0'
+      version: 2.5.0
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubyforge_project:
-rubygems_version: 2.7.6
+rubygems_version: 3.0.3
 signing_key:
 specification_version: 4
 summary: OmniAuth strategy for Fishbrain