RubyGems - omniauth-google-oauth2 - Versions diffs - 0.5.2 → 0.5.3 - Mend

omniauth-google-oauth2 0.5.2 → 0.5.3

Files changed (10) hide show

checksums.yaml +4 -4
data/.rubocop.yml +5 -2
data/CHANGELOG.md +16 -0
data/examples/Gemfile +1 -0
data/examples/config.ru +4 -5
data/lib/omniauth/google_oauth2/version.rb +1 -1
data/lib/omniauth/strategies/google_oauth2.rb +2 -3
data/omniauth-google-oauth2.gemspec +4 -6
data/spec/omniauth/strategies/google_oauth2_spec.rb +11 -5
metadata +16 -30

checksums.yaml CHANGED

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: de8632659edb78b80d0733a085df62028d80f9a9
-  data.tar.gz: 4efa0f89f831db683973282ff1e909fa98e5ea1d
+  metadata.gz: b272ef7383811111988e246c36713b9cb05808ee
+  data.tar.gz: bcfc5288908b05a8b6b12694e1a5fffb423f3a25
 SHA512:
-  metadata.gz: 299c5484f3e20f6aea8cae2217722476e8acfeda538adb05b51fe84c7924bad13c31fd391cf88f8165dc031ed06c1395b45d4b3c5f906b5ac8a973f4d534097e
-  data.tar.gz: d2f58b86da4cedd7fc66b2b85aad4e8d379589a11496bf66edd8826bed91b0e0b5a603f3f08a607221c2f0935bdad8677242e2680621b0eb6aecad18a51802e2
+  metadata.gz: 20e8acd4f1a5936771232d7eb36f45bd94c652f2732827235d0c14e0d0cfd57db34a6fd0f9205838eecb922e8ca4a429c84fc5f21af971b119bc467a3de76313
+  data.tar.gz: 906640488bc922b90bb224027c2f748e40bd6ae5554ed49a5e63210bbdfeeda17d3e058e21e89ab4a0442468fcebb883afcdf29486b734b6be49003fba085928

data/.rubocop.yml CHANGED

@@ -14,7 +14,10 @@ Metrics/MethodLength:
   Enabled: false
 Metrics/PerceivedComplexity:
   Enabled: false
-Style/FileName:
+Naming:
   Enabled: false
 Style/MutableConstant:
-  Enabled: false
+  Enabled: false
+Gemspec/RequiredRubyVersion:
+  Enabled: false

data/CHANGELOG.md CHANGED

@@ -1,6 +1,22 @@
 # Changelog
 All notable changes to this project will be documented in this file.
+## 0.5.3 - 2018-01-25
+### Added
+- Added support for the JWT 2.x gem.
+- Now fully qualifies the `JWT` class to prevent conflicts with the `Omniauth::JWT` strategy.
+### Deprecated
+- Nothing.
+### Removed
+- Removed the `multijson` dependency.
+- Support for versions of `omniauth-oauth2` < 1.5.
+### Fixed
+- Nothing.
 ## 0.5.2 - 2017-07-30
 ### Added

data/examples/Gemfile CHANGED

@@ -3,4 +3,5 @@
 source 'https://rubygems.org'
 gem 'omniauth-google-oauth2', '~> 0.5'
+gem 'rubocop'
 gem 'sinatra', '~> 1.4'

data/examples/config.ru CHANGED

@@ -85,7 +85,7 @@ class App < Sinatra::Base
     content_type 'text/plain'
     begin
       request.env['omniauth.auth'].to_hash.inspect
-    rescue
+    rescue StandardError
       'No Data'
     end
   end
@@ -94,7 +94,7 @@ class App < Sinatra::Base
     content_type 'text/plain'
     begin
       request.env['omniauth.auth'].to_hash.inspect
-    rescue
+    rescue StandardError
       'No Data'
     end
   end
@@ -103,7 +103,7 @@ class App < Sinatra::Base
     content_type 'text/plain'
     begin
       request.env['omniauth.auth'].to_hash.inspect
-    rescue
+    rescue StandardError
       'No Data'
     end
   end
@@ -114,8 +114,7 @@ use Rack::Session::Cookie, secret: ENV['RACK_COOKIE_SECRET']
 use OmniAuth::Builder do
   # For additional provider examples please look at 'omni_auth.rb'
   # The key provider_ignores_state is only for AJAX flows. It is not recommended for normal logins.
-  # Also, verify_iss is disabled because google now returns an unpredictable value for iss.
-  provider :google_oauth2, ENV['GOOGLE_KEY'], ENV['GOOGLE_SECRET'], verify_iss: false, access_type: 'offline', prompt: 'consent', provider_ignores_state: true, scope: 'email,profile,calendar'
+  provider :google_oauth2, ENV['GOOGLE_KEY'], ENV['GOOGLE_SECRET'], access_type: 'offline', prompt: 'consent', provider_ignores_state: true, scope: 'email,profile,calendar'
 end
 run App.new

data/lib/omniauth/google_oauth2/version.rb CHANGED

@@ -2,6 +2,6 @@
 module OmniAuth
   module GoogleOauth2
-    VERSION = '0.5.2'
+    VERSION = '0.5.3'
   end
 end

data/lib/omniauth/strategies/google_oauth2.rb CHANGED

@@ -1,6 +1,5 @@
 # frozen_string_literal: true
-require 'multi_json'
 require 'jwt'
 require 'omniauth/strategies/oauth2'
 require 'uri'
@@ -60,7 +59,7 @@ module OmniAuth
         hash = {}
         hash[:id_token] = access_token['id_token']
         if !options[:skip_jwt] && !access_token['id_token'].nil?
-          hash[:id_info] = JWT.decode(
+          hash[:id_info] = ::JWT.decode(
             access_token['id_token'], nil, false, verify_iss: options.verify_iss,
                                                   iss: 'accounts.google.com',
                                                   verify_aud: true,
@@ -206,7 +205,7 @@ module OmniAuth
         options.hd = options.hd.call if options.hd.is_a? Proc
         allowed_hosted_domains = Array(options.hd)
-        raise CallbackError.new(:invalid_hd, 'Invalid Hosted Domain') unless allowed_hosted_domains.include? @raw_info['hd']
+        raise CallbackError.new(:invalid_hd, 'Invalid Hosted Domain') unless allowed_hosted_domains.include?(@raw_info['hd']) || options.hd == '*'
         true
       end
     end

data/omniauth-google-oauth2.gemspec CHANGED

@@ -1,4 +1,3 @@
-# -*- encoding: utf-8 -*-
 # frozen_string_literal: true
 require File.expand_path(
@@ -19,14 +18,13 @@ Gem::Specification.new do |gem|
   gem.files         = `git ls-files`.split("\n")
   gem.require_paths = ['lib']
-  gem.required_ruby_version = '>= 2.0'
+  gem.required_ruby_version = '>= 2.1'
+  gem.add_runtime_dependency 'jwt', '>= 1.5'
   gem.add_runtime_dependency 'omniauth', '>= 1.1.1'
-  gem.add_runtime_dependency 'omniauth-oauth2', '>= 1.3.1'
-  gem.add_runtime_dependency 'jwt', '~> 1.5'
-  gem.add_runtime_dependency 'multi_json', '~> 1.3'
+  gem.add_runtime_dependency 'omniauth-oauth2', '>= 1.5'
-  gem.add_development_dependency 'rspec', '~> 3.6'
   gem.add_development_dependency 'rake', '~> 12.0'
+  gem.add_development_dependency 'rspec', '~> 3.6'
   gem.add_development_dependency 'rubocop', '~> 0.49'
 end

data/spec/omniauth/strategies/google_oauth2_spec.rb CHANGED

@@ -1,6 +1,7 @@
 # frozen_string_literal: true
 require 'spec_helper'
+require 'json'
 require 'omniauth-google-oauth2'
 describe OmniAuth::Strategies::GoogleOauth2 do
@@ -123,6 +124,11 @@ describe OmniAuth::Strategies::GoogleOauth2 do
         @options = { hd: nil }
         expect(subject.authorize_params['hd']).to eq(nil)
       end
+      it 'should set the hd parameter to * if set (only allows G Suite emails)' do
+        @options = { hd: '*' }
+        expect(subject.authorize_params['hd']).to eq('*')
+      end
     end
     describe 'login_hint' do
@@ -600,7 +606,7 @@ describe OmniAuth::Strategies::GoogleOauth2 do
         builder.adapter :test do |stub|
           stub.get('/oauth2/v3/tokeninfo?access_token=invalid_iss_token') do
             [200, { 'Content-Type' => 'application/json; charset=UTF-8' },
-             MultiJson.encode(
+             JSON.dump(
                aud: '000000000000.apps.googleusercontent.com',
                sub: '123456789',
                email_verified: 'true',
@@ -630,7 +636,7 @@ describe OmniAuth::Strategies::GoogleOauth2 do
         builder.request :url_encoded
         builder.adapter :test do |stub|
           stub.get('/oauth2/v3/tokeninfo?access_token=valid_access_token') do
-            [200, { 'Content-Type' => 'application/json; charset=UTF-8' }, MultiJson.encode(
+            [200, { 'Content-Type' => 'application/json; charset=UTF-8' }, JSON.dump(
               aud: '000000000000.apps.googleusercontent.com',
               sub: '123456789',
               email_verified: 'true',
@@ -641,7 +647,7 @@ describe OmniAuth::Strategies::GoogleOauth2 do
             )]
           end
           stub.get('/oauth2/v3/tokeninfo?access_token=invalid_access_token') do
-            [400, { 'Content-Type' => 'application/json; charset=UTF-8' }, MultiJson.encode(error_description: 'Invalid Value')]
+            [400, { 'Content-Type' => 'application/json; charset=UTF-8' }, JSON.dump(error_description: 'Invalid Value')]
           end
         end
       end
@@ -674,7 +680,7 @@ describe OmniAuth::Strategies::GoogleOauth2 do
         builder.request :url_encoded
         builder.adapter :test do |stub|
           stub.get('/plus/v1/people/me/openIdConnect') do
-            [200, { 'Content-Type' => 'application/json; charset=UTF-8' }, MultiJson.encode(
+            [200, { 'Content-Type' => 'application/json; charset=UTF-8' }, JSON.dump(
               hd: 'example.com'
             )]
           end
@@ -689,7 +695,7 @@ describe OmniAuth::Strategies::GoogleOauth2 do
           builder.request :url_encoded
           builder.adapter :test do |stub|
             stub.get('/plus/v1/people/me/openIdConnect') do
-              [200, { 'Content-Type' => 'application/json; charset=UTF-8' }, MultiJson.encode({})]
+              [200, { 'Content-Type' => 'application/json; charset=UTF-8' }, JSON.dump({})]
             end
           end
         end

metadata CHANGED

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: omniauth-google-oauth2
 version: !ruby/object:Gem::Version
-  version: 0.5.2
+  version: 0.5.3
 platform: ruby
 authors:
 - Josh Ellithorpe
@@ -9,64 +9,64 @@ authors:
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2017-07-30 00:00:00.000000000 Z
+date: 2018-01-26 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
-  name: omniauth
+  name: jwt
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: 1.1.1
+        version: '1.5'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: 1.1.1
+        version: '1.5'
 - !ruby/object:Gem::Dependency
-  name: omniauth-oauth2
+  name: omniauth
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: 1.3.1
+        version: 1.1.1
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: 1.3.1
+        version: 1.1.1
 - !ruby/object:Gem::Dependency
-  name: jwt
+  name: omniauth-oauth2
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
         version: '1.5'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
         version: '1.5'
 - !ruby/object:Gem::Dependency
-  name: multi_json
+  name: rake
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.3'
-  type: :runtime
+        version: '12.0'
+  type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.3'
+        version: '12.0'
 - !ruby/object:Gem::Dependency
   name: rspec
   requirement: !ruby/object:Gem::Requirement
@@ -81,20 +81,6 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: '3.6'
-- !ruby/object:Gem::Dependency
-  name: rake
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '12.0'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '12.0'
 - !ruby/object:Gem::Dependency
   name: rubocop
   requirement: !ruby/object:Gem::Requirement
@@ -147,7 +133,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: '2.0'
+      version: '2.1'
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="