omniauth-globalid 0.1.2 → 0.1.4

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 9c564c5362740d38c5a31e3dbccba87586db783127a3416a7f0e55dc13429caa
-  data.tar.gz: 5b6b0484eacbf3ebab858cfd3e757261753d34c675e10984279e5f99699657fd
+  metadata.gz: '09664b26f11207b69b017e70d168614cabab576a179c53ff208bf8a74a1696a7'
+  data.tar.gz: c0e9257def49062aef8e9b34bdcd14e520aec23b50ddc7393edcf77965cd9e46
 SHA512:
-  metadata.gz: 0362dbaf66eef9378c048020f41773d2723857a9a49f0ada7fa05c67f7d31ac8532e0f67164a8bf9fbe4252ecab5ad5dbc7f41222bedeb4c5744de618685c99c
-  data.tar.gz: 907a483a2acbb90088c9e6860e92c1d79157875e5b660bed1855b0e18d062e02c9562448ae1421f19153fe27fc0b15d308da6fc71d20ba4cc95ca787dca8612b
+  metadata.gz: 3aaf1e094e8fd1322c111d76e1ecbdde70fdb3b460d3c50956e2bac89838d7491b483e882c17789b9ee0dd782d0aee4c98c6268485fc09fe320fb5dd0558bfb2
+  data.tar.gz: d13997f78247c117873e8874c58894f86e5297d9b13127f8656a2336bdfabba2135c2281a0958976f5d229614529d0bc782a0ccbdc3f09507694400a7dabd216

data/README.md

@@ -1,6 +1,6 @@
 # OmniAuth globaliD
 
-This gem contains the GlobaliD strategy for OmniAuth, and includes functionality for accessing PII that authenticated users share with you.
+`omniauth-globalid` is a rack middleware for authenticating with globaliD. It supports OAuth2 authentication and openID Connect. This gem contains the GlobaliD strategy for OmniAuth, and includes functionality for accessing PII that authenticated users share with you.
 
 ## Installation
 
@@ -12,15 +12,13 @@ gem "omniauth-globalid"
 
 Then `bundle install`
 
-`Omniauth::Strategies::Globalid` is a rack middleware for authenticating with globaliD. It supports OAuth2 authentication and openID Connect.
-
-If you're adding this to a Rails app using [devise](https://github.com/plataformatec/devise) for authentication, add this to your `config/initializers/devise.rb`:
+If you're adding this to a Rails app using [devise with OmniAuth](https://github.com/plataformatec/devise/wiki/OmniAuth:-Overview), add this to your `config/initializers/devise.rb`:
 
 ```ruby
 config.omniauth :globalid, ENV["GLOBALID_CLIENT_ID"], ENV["GLOBALID_CLIENT_SECRET"],
 ```
 
-Here's an example not using devise, adding this to the middleware to a Rails app in `config/initializers/omniauth.rb`:
+Otherwise, you'll probably want to add this to the middleware of the Rails app in `config/initializers/omniauth.rb`:
 
 ```ruby
 Rails.application.config.middleware.use OmniAuth::Builder do
@@ -36,6 +34,7 @@ Options you can pass in the initialization (none are required):
 | `scope` | Must be `openid` if passing an `acrc_id` that specifies [PII sharing](#access-pii-from-the-vault) |
 | `private_key` | Private key given to globaliD. Required for [PII sharing](#access-pii-from-the-vault) |
 | `private_key_pass` | Password for `private_key` specified |
+| `decrypt_pii_on_login` | Decrypt PII on login, passing it through the authentication hash |
 
 Here is what a configuration for a setup that uses PII sharing looks like:
 
@@ -46,7 +45,8 @@ provider :globalid,
          acrc_id: ENV["ACRC_ID"],
          scope: "openid",
          private_key: ENV["GLOBALID_PRIVATE_KEY"],
-         private_key_pass: ENV["GLOBALID_PRIVATE_KEY_PASS"]
+         private_key_pass: ENV["GLOBALID_PRIVATE_KEY_PASS"],
+         decrypt_pii_on_login: true
 ```
 
 If you're curious about what those options mean, or how to use them, read [globaliD's documentation](https://developer.global.id/external/documentation/index.html) or the [walkthroughs in this readme](#globalid-authentication-walkthroughs).

data/lib/omniauth/globalid/vault.rb

@@ -11,6 +11,9 @@ module OmniAuth
         @client_id = client_id || ENV["GLOBALID_CLIENT_ID"]
         @client_secret = client_secret || ENV["GLOBALID_CLIENT_SECRET"]
         @redirect_uri = redirect_uri || ENV["GLOBALID_REDIRECT_URL"]
+        # Clean up the private key in case environmental variables were extra escaped
+        private_key ||= ENV["GLOBALID_PRIVATE_KEY"].gsub("\\n", "\n").gsub("\"", "")
+        private_key_pass ||= ENV["GLOBALID_PRIVATE_KEY_PASS"]
         @private_key = OpenSSL::PKey::RSA.new(private_key, private_key_pass)
       end
 

data/lib/omniauth/globalid/version.rb

@@ -2,6 +2,6 @@
 
 module OmniAuth
   module Globalid
-    VERSION = "0.1.2"
+    VERSION = "0.1.4"
   end
 end

data/lib/omniauth/strategies/globalid.rb

@@ -47,7 +47,6 @@ module OmniAuth
           description: raw_info["description"],
           image: raw_info["display_image_url"],
           location: location(raw_info),
-          email: decrypted_pii,
         }.merge(id_token: openid_token)
          .merge(decrypted_pii: decrypted_pii)
       end

data/omniauth-globalid.gemspec

@@ -18,7 +18,7 @@ Gem::Specification.new do |s|
 
   s.add_runtime_dependency "omniauth", "~> 1.2"
   s.add_runtime_dependency "omniauth-oauth2", "~> 1.1"
-  s.add_runtime_dependency "jwt", "~> 2.2.1"
+  s.add_runtime_dependency "jwt", "~> 2.2"
   s.add_dependency "rack"
   s.add_development_dependency "bundler", "~> 1.14"
   s.add_development_dependency "rake", "~> 12.0"

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: omniauth-globalid
 version: !ruby/object:Gem::Version
-  version: 0.1.2
+  version: 0.1.4
 platform: ruby
 authors:
 - Seth Herr
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2019-11-19 00:00:00.000000000 Z
+date: 2019-11-20 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: omniauth
@@ -44,14 +44,14 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 2.2.1
+        version: '2.2'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 2.2.1
+        version: '2.2'
 - !ruby/object:Gem::Dependency
   name: rack
   requirement: !ruby/object:Gem::Requirement