omniauth-google-id-token 1.1.0 → 1.1.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 2b9cb7b7839da58f2239f9224c664972d865e66956088790db7275548664ce76
|
|
4
|
+
data.tar.gz: 8ad8ad7214c796bc2836e79b0b3e58f9ab98eb50e20b2fbaaa188be7e07d015a
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 50ed1f84e0399305cbb0e4903e92fce1a83e8c2e238f3490accc1a427e86517348537f94ccacd46db2ff92fbe41b80123b3736dfcd5f825cccbe8771236b726b
|
|
7
|
+
data.tar.gz: 9329c75e85089d0d5935e7713e073a540bc36bed65b971ad26114ad3463ea7057d6c86373bfcf5b2174d89bfd95e3ce5dd6e45cbfe1ccaf60aac94e064598853
|
data/Gemfile
CHANGED
|
@@ -39,13 +39,13 @@ module OmniAuth
|
|
|
39
39
|
params
|
|
40
40
|
end
|
|
41
41
|
|
|
42
|
-
def decoded # rubocop:disable Metrics/
|
|
43
|
-
unless
|
|
44
|
-
|
|
45
|
-
|
|
46
|
-
|
|
47
|
-
|
|
48
|
-
|
|
42
|
+
def decoded # rubocop:disable Metrics/AbcSize
|
|
43
|
+
raise ClaimInvalid, 'Token not found!' unless request.params.key?('id_token')
|
|
44
|
+
|
|
45
|
+
begin
|
|
46
|
+
@decoded = ::Google::Auth::IDTokens.verify_oidc(request.params['id_token'], aud: options.client_id)
|
|
47
|
+
rescue StandardError => e
|
|
48
|
+
raise ClaimInvalid, e.message
|
|
49
49
|
end
|
|
50
50
|
|
|
51
51
|
(options.required_claims || []).each do |field|
|
|
@@ -76,10 +76,6 @@ module OmniAuth
|
|
|
76
76
|
|
|
77
77
|
private
|
|
78
78
|
|
|
79
|
-
def validator
|
|
80
|
-
::Google::Auth::IDTokens::Verifier
|
|
81
|
-
end
|
|
82
|
-
|
|
83
79
|
def uid_lookup
|
|
84
80
|
@uid_lookup ||= options.uid_claim.new(request)
|
|
85
81
|
end
|
|
@@ -33,7 +33,8 @@ describe OmniAuth::Strategies::GoogleIdToken do # rubocop:disable Metrics/BlockL
|
|
|
33
33
|
{
|
|
34
34
|
aud_claim: payload[:aud],
|
|
35
35
|
azp_claim: payload[:azp],
|
|
36
|
-
client_id: client_id
|
|
36
|
+
client_id: client_id,
|
|
37
|
+
provider_ignores_state: true
|
|
37
38
|
}
|
|
38
39
|
]
|
|
39
40
|
end
|
|
@@ -72,7 +73,7 @@ describe OmniAuth::Strategies::GoogleIdToken do # rubocop:disable Metrics/BlockL
|
|
|
72
73
|
|
|
73
74
|
context 'callback phase' do
|
|
74
75
|
it 'should decode the response' do
|
|
75
|
-
allow(::Google::Auth::IDTokens
|
|
76
|
+
allow(::Google::Auth::IDTokens).to receive(:verify_oidc)
|
|
76
77
|
.with(id_token, aud: client_id)
|
|
77
78
|
.and_return(payload)
|
|
78
79
|
|
|
@@ -82,7 +83,7 @@ describe OmniAuth::Strategies::GoogleIdToken do # rubocop:disable Metrics/BlockL
|
|
|
82
83
|
|
|
83
84
|
it 'should not work without required fields' do
|
|
84
85
|
payload.delete('email')
|
|
85
|
-
allow(::Google::Auth::IDTokens
|
|
86
|
+
allow(::Google::Auth::IDTokens).to receive(:verify_oidc)
|
|
86
87
|
.with(id_token, aud: client_id)
|
|
87
88
|
.and_return(payload)
|
|
88
89
|
|
|
@@ -91,7 +92,7 @@ describe OmniAuth::Strategies::GoogleIdToken do # rubocop:disable Metrics/BlockL
|
|
|
91
92
|
end
|
|
92
93
|
|
|
93
94
|
it 'should assign the uid' do
|
|
94
|
-
allow(::Google::Auth::IDTokens
|
|
95
|
+
allow(::Google::Auth::IDTokens).to receive(:verify_oidc)
|
|
95
96
|
.with(id_token, aud: client_id)
|
|
96
97
|
.and_return(payload)
|
|
97
98
|
post "#{api_url}/callback", id_token: id_token
|