RubyGems - omniauth-google-oauth2 - Versions diffs - 0.7.0 → 0.8.0 - Mend

omniauth-google-oauth2 0.7.0 → 0.8.0

Files changed (9) hide show

checksums.yaml +4 -4
data/.travis.yml +0 -1
data/CHANGELOG.md +14 -0
data/README.md +1 -1
data/examples/Gemfile +1 -1
data/lib/omniauth/google_oauth2/version.rb +1 -1
data/lib/omniauth/strategies/google_oauth2.rb +17 -16
data/omniauth-google-oauth2.gemspec +2 -2
metadata +7 -6

checksums.yaml CHANGED

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 3e6a13824c53382f0ba9ef0738e26744d1881dc83726c57cf576ff208423a3a3
-  data.tar.gz: 5c0c037b8c85418901d4ce360d5f4efb125f5c825ffec83ab71e50cf1b413e81
+  metadata.gz: a035e3c9635a9e588b756e9b2dfe2004ea1b83c49f9860d68e8250e7d93e4459
+  data.tar.gz: 20e8ba4d7f4b9fb20b139c8d4b9c51d8d1d598de1cada5d989640f01eee0df3a
 SHA512:
-  metadata.gz: a62de5fa4553b5ae6c89811458cf8887017834a1790f4df4348ffae9c09a8172b407c04ea86f8c5030273b5586286580b0d2eae7d6857f62aee6729abf1549ff
-  data.tar.gz: d74ef22fa65b892268a779e3e426610bea245db91519964bf03eadc5a5b5951bc42b29dcc2ab2a11c228610ea7dcf5173a2cc07d83569dcce6178e21dc6a160d
+  metadata.gz: 5b06e6a3ffd03ff81fe6e04bbc94c9154e26c59dc17a7c834361bf2fdd80197661434679e8174196f4dd8ed13e4b2b81ff4b223fb366238f48648ea452fcf1ce
+  data.tar.gz: 4734f0d6f92b57cebfccbbd0b833a7da9674d04e9058b76ef43d96cd94520a48bd540f57c9f804f6b16f2bad76483aefb3ef7357a99186acfc4dcb1603fa3a28

data/.travis.yml CHANGED

@@ -1,6 +1,5 @@
 language: ruby
 rvm:
-  - '2.1.10'
   - '2.2.7'
   - '2.3.4'
   - '2.4.1'

data/CHANGELOG.md CHANGED

@@ -1,6 +1,20 @@
 # Changelog
 All notable changes to this project will be documented in this file.
+## 0.8.0 - 2019-08-21
+### Added
+- Updated omniauth-oauth2 to v1.6.0 for security fixes.
+### Deprecated
+- Nothing.
+### Removed
+- Ruby 2.1 support.
+### Fixed
+- Nothing.
 ## 0.7.0 - 2019-06-03
 ### Added

data/README.md CHANGED

@@ -73,7 +73,7 @@ You can configure several options, which you pass in to the `provider` method vi
 * `hd`: (Optional) Limit sign-in to a particular Google Apps hosted domain. This can be simply string `'domain.com'` or an array `%w(domain.com domain.co)`. More information at: https://developers.google.com/accounts/docs/OpenIDConnect#hd-param
-* `jwt_leeway`: Number of seconds passed to the JWT library as leeway. Defaults to 60 seconds.
+* `jwt_leeway`: Number of seconds passed to the JWT library as leeway. Defaults to 60 seconds. Note this only works if you use jwt 2.1, as the leeway option was removed in later versions.
 * `skip_jwt`: Skip JWT processing. This is for users who are seeing JWT decoding errors with the `iat` field. Always try adjusting the leeway before disabling JWT processing.

data/examples/Gemfile CHANGED

@@ -2,6 +2,6 @@
 source 'https://rubygems.org'
-gem 'omniauth-google-oauth2', '~> 0.6.1'
+gem 'omniauth-google-oauth2', '~> 0.8.0'
 gem 'rubocop'
 gem 'sinatra', '~> 1.4'

data/lib/omniauth/google_oauth2/version.rb CHANGED

@@ -2,6 +2,6 @@
 module OmniAuth
   module GoogleOauth2
-    VERSION = '0.7.0'
+    VERSION = '0.8.0'
   end
 end

data/lib/omniauth/strategies/google_oauth2.rb CHANGED

@@ -94,6 +94,7 @@ module OmniAuth
         verify_hd(access_token)
         access_token
       end
       alias build_access_token custom_build_access_token
       private
@@ -103,14 +104,12 @@ module OmniAuth
       end
       def get_access_token(request)
-        if request.xhr? && request.params['code']
-          verifier = request.params['code']
-          redirect_uri = request.params['redirect_uri'] || 'postmessage'
-          client.auth_code.get_token(verifier, get_token_options(redirect_uri), deep_symbolize(options.auth_token_params || {}))
-        elsif request.params['code'] && request.params['redirect_uri']
-          verifier = request.params['code']
-          redirect_uri = request.params['redirect_uri']
-          client.auth_code.get_token(verifier, get_token_options(redirect_uri), deep_symbolize(options.auth_token_params || {}))
+        verifier = request.params['code']
+        redirect_uri = request.params['redirect_uri']
+        if verifier && request.xhr?
+          client_get_token(verifier, redirect_uri || 'postmessage')
+        elsif verifier
+          client_get_token(verifier, redirect_uri || callback_url)
         elsif verify_token(request.params['access_token'])
           ::OAuth2::AccessToken.from_hash(client, request.params.dup)
         elsif request.content_type =~ /json/i
@@ -118,19 +117,21 @@ module OmniAuth
             body = JSON.parse(request.body.read)
             request.body.rewind # rewind request body for downstream middlewares
             verifier = body && body['code']
-            if verifier
-              redirect_uri = 'postmessage'
-              client.auth_code.get_token(verifier, get_token_options(redirect_uri), deep_symbolize(options.auth_token_params || {}))
-            end
+            client_get_token(verifier, 'postmessage') if verifier
           rescue JSON::ParserError => e
             warn "[omniauth google-oauth2] JSON parse error=#{e}"
           end
-        else
-          verifier = request.params['code']
-          client.auth_code.get_token(verifier, get_token_options(callback_url), deep_symbolize(options.auth_token_params))
         end
       end
+      def client_get_token(verifier, redirect_uri)
+        client.auth_code.get_token(verifier, get_token_options(redirect_uri), get_token_params)
+      end
+      def get_token_params
+        deep_symbolize(options.auth_token_params || {})
+      end
       def get_scope(params)
         raw_scope = params[:scope] || DEFAULT_SCOPE
         scope_list = raw_scope.split(' ').map { |item| item.split(',') }.flatten
@@ -142,7 +143,7 @@ module OmniAuth
         raw_info['email_verified'] ? raw_info['email'] : nil
       end
-      def get_token_options(redirect_uri)
+      def get_token_options(redirect_uri = '')
         { redirect_uri: redirect_uri }.merge(token_params.to_hash(symbolize_keys: true))
       end

data/omniauth-google-oauth2.gemspec CHANGED

@@ -18,11 +18,11 @@ Gem::Specification.new do |gem|
   gem.files         = `git ls-files`.split("\n")
   gem.require_paths = ['lib']
-  gem.required_ruby_version = '>= 2.1'
+  gem.required_ruby_version = '>= 2.2'
   gem.add_runtime_dependency 'jwt', '>= 2.0'
   gem.add_runtime_dependency 'omniauth', '>= 1.1.1'
-  gem.add_runtime_dependency 'omniauth-oauth2', '>= 1.5'
+  gem.add_runtime_dependency 'omniauth-oauth2', '>= 1.6'
   gem.add_development_dependency 'rake', '~> 12.0'
   gem.add_development_dependency 'rspec', '~> 3.6'

metadata CHANGED

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: omniauth-google-oauth2
 version: !ruby/object:Gem::Version
-  version: 0.7.0
+  version: 0.8.0
 platform: ruby
 authors:
 - Josh Ellithorpe
@@ -9,7 +9,7 @@ authors:
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2019-06-03 00:00:00.000000000 Z
+date: 2019-08-22 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: jwt
@@ -45,14 +45,14 @@ dependencies:
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '1.5'
+        version: '1.6'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '1.5'
+        version: '1.6'
 - !ruby/object:Gem::Dependency
   name: rake
   requirement: !ruby/object:Gem::Requirement
@@ -133,14 +133,15 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: '2.1'
+      version: '2.2'
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.0.3
+rubyforge_project:
+rubygems_version: 2.7.9
 signing_key:
 specification_version: 4
 summary: A Google OAuth2 strategy for OmniAuth 1.x