omniauth-google-oauth2 1.2.0 → 1.2.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/.github/FUNDING.yml +1 -0
- data/.gitignore +1 -0
- data/CHANGELOG.md +14 -0
- data/README.md +2 -1
- data/examples/Gemfile +2 -2
- data/lib/omniauth/google_oauth2/version.rb +1 -1
- data/lib/omniauth/strategies/google_oauth2.rb +5 -11
- data/omniauth-google-oauth2.gemspec +1 -1
- metadata +5 -4
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: fb04de5f033f4c247c0cd004619d2e8cbb9f54b29a1861c5810d539608c278c0
|
4
|
+
data.tar.gz: a0a71c285455501e4904ea4c184db32298907be93f1def96d3a180ca60df9684
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 3cd913d3979e3c3e9dd93f76ed40aeff42bc95a8841db4b4287e92d28a00fe85a4bbc14483b25478fbdde0552877617d4b32c57eb03c67472e43fd857c1e9180
|
7
|
+
data.tar.gz: '0078d9d52c2661b12895509ce17320818360aa968904742d45665158334af0a219064999cabe71e1af9ce93cddd45481b7aee263d729d582f99d088b68242905'
|
data/.github/FUNDING.yml
ADDED
@@ -0,0 +1 @@
|
|
1
|
+
github: [zquestz]
|
data/.gitignore
CHANGED
data/CHANGELOG.md
CHANGED
@@ -1,6 +1,20 @@
|
|
1
1
|
# Changelog
|
2
2
|
All notable changes to this project will be documented in this file.
|
3
3
|
|
4
|
+
## 1.2.1 - 2025-01-18
|
5
|
+
|
6
|
+
### Added
|
7
|
+
- Use jwt v2.9.2's public claims verification API - https://github.com/zquestz/omniauth-google-oauth2/pull/465
|
8
|
+
|
9
|
+
### Deprecated
|
10
|
+
- Nothing.
|
11
|
+
|
12
|
+
### Removed
|
13
|
+
- Support for jwt < 2.9.2.
|
14
|
+
|
15
|
+
### Fixed
|
16
|
+
- Nothing.
|
17
|
+
|
4
18
|
## 1.2.0 - 2024-09-15
|
5
19
|
|
6
20
|
### Added
|
data/README.md
CHANGED
@@ -196,7 +196,8 @@ class Users::OmniauthCallbacksController < Devise::OmniauthCallbacksController
|
|
196
196
|
flash[:notice] = I18n.t 'devise.omniauth_callbacks.success', kind: 'Google'
|
197
197
|
sign_in_and_redirect @user, event: :authentication
|
198
198
|
else
|
199
|
-
|
199
|
+
# Useful for debugging login failures. Uncomment for development.
|
200
|
+
# session['devise.google_data'] = request.env['omniauth.auth'].except('extra') # Removing extra as it can overflow some session stores
|
200
201
|
redirect_to new_user_registration_url, alert: @user.errors.full_messages.join("\n")
|
201
202
|
end
|
202
203
|
end
|
data/examples/Gemfile
CHANGED
@@ -76,17 +76,11 @@ module OmniAuth
|
|
76
76
|
|
77
77
|
# We have to manually verify the claims because the third parameter to
|
78
78
|
# JWT.decode is false since no verification key is provided.
|
79
|
-
::JWT::Claims.
|
80
|
-
|
81
|
-
|
82
|
-
|
83
|
-
|
84
|
-
verify_sub: false,
|
85
|
-
verify_expiration: true,
|
86
|
-
verify_not_before: true,
|
87
|
-
verify_iat: false,
|
88
|
-
verify_jti: false,
|
89
|
-
leeway: options[:jwt_leeway])
|
79
|
+
::JWT::Claims.verify_payload!(decoded,
|
80
|
+
iss: ALLOWED_ISSUERS,
|
81
|
+
aud: options.client_id,
|
82
|
+
exp: { leeway: options.jwt_leeway },
|
83
|
+
nbf: { leeway: options.jwt_leeway })
|
90
84
|
|
91
85
|
hash[:id_info] = decoded
|
92
86
|
end
|
@@ -20,7 +20,7 @@ Gem::Specification.new do |gem|
|
|
20
20
|
|
21
21
|
gem.required_ruby_version = '>= 2.5'
|
22
22
|
|
23
|
-
gem.add_runtime_dependency 'jwt', '>= 2.9'
|
23
|
+
gem.add_runtime_dependency 'jwt', '>= 2.9.2'
|
24
24
|
gem.add_runtime_dependency 'oauth2', '~> 2.0'
|
25
25
|
gem.add_runtime_dependency 'omniauth', '~> 2.0'
|
26
26
|
gem.add_runtime_dependency 'omniauth-oauth2', '~> 1.8'
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: omniauth-google-oauth2
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.2.
|
4
|
+
version: 1.2.1
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Josh Ellithorpe
|
@@ -9,7 +9,7 @@ authors:
|
|
9
9
|
autorequire:
|
10
10
|
bindir: bin
|
11
11
|
cert_chain: []
|
12
|
-
date:
|
12
|
+
date: 2025-01-19 00:00:00.000000000 Z
|
13
13
|
dependencies:
|
14
14
|
- !ruby/object:Gem::Dependency
|
15
15
|
name: jwt
|
@@ -17,14 +17,14 @@ dependencies:
|
|
17
17
|
requirements:
|
18
18
|
- - ">="
|
19
19
|
- !ruby/object:Gem::Version
|
20
|
-
version:
|
20
|
+
version: 2.9.2
|
21
21
|
type: :runtime
|
22
22
|
prerelease: false
|
23
23
|
version_requirements: !ruby/object:Gem::Requirement
|
24
24
|
requirements:
|
25
25
|
- - ">="
|
26
26
|
- !ruby/object:Gem::Version
|
27
|
-
version:
|
27
|
+
version: 2.9.2
|
28
28
|
- !ruby/object:Gem::Dependency
|
29
29
|
name: oauth2
|
30
30
|
requirement: !ruby/object:Gem::Requirement
|
@@ -117,6 +117,7 @@ executables: []
|
|
117
117
|
extensions: []
|
118
118
|
extra_rdoc_files: []
|
119
119
|
files:
|
120
|
+
- ".github/FUNDING.yml"
|
120
121
|
- ".github/workflows/ci.yml"
|
121
122
|
- ".gitignore"
|
122
123
|
- ".rubocop.yml"
|