RubyGems - omniauth-google-oauth2 - Versions diffs - 1.1.0 → 1.1.1 - Mend

omniauth-google-oauth2 1.1.0 → 1.1.1

Files changed (7) hide show

checksums.yaml +4 -4
data/CHANGELOG.md +14 -0
data/examples/Gemfile +1 -1
data/examples/config.ru +19 -9
data/lib/omniauth/google_oauth2/version.rb +1 -1
data/lib/omniauth/strategies/google_oauth2.rb +5 -4
metadata +2 -2

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: f1ed28b1b51bd66946f8a20796e451090685c868c6923e18e38fd2476f398989
-  data.tar.gz: ee9023b2fd1e74bea632aa12d50d411be6d5738bf91da56293470db5cc339720
+  metadata.gz: '0532842d8362fc36a8797376dc54e09b1d11fa178d462114225eecbe87274785'
+  data.tar.gz: 63b1d0a5a3a6249b77b58cbfa4e696ae18748b59280cb73f36cb98f88abd98c1
 SHA512:
-  metadata.gz: 0cf127deee1596814c94521433300e88f965ee762a93f085a07dcf38307a48bdb803f40b6f35bb3611b29aa3349ac0f209ac6da64facb6733620ad820f4f1911
-  data.tar.gz: 72ce107f30e80fc5564e0fcdea2de7a813f4962ea202aa5076b364cc561d9890e91f2dd1f25736df2238709910cefe800fba6854200e2320a149d596aaec8ef0
+  metadata.gz: 6d6f34a8629057f1f89d613155567d0bb50917648794e64527976ba7ca4c372ed8806fd57bbe5cec55d2d60545ef2e9bd038da80e1101b96642018f1d8226951
+  data.tar.gz: b00da9be3e3f97af0cdfe9a15be3d99126176a26bc21337febb893be88949da0573b4f6a843fbedac3dc982a4fda29ca532b63d3a1272fc8544468b3a42d32aa

data/CHANGELOG.md CHANGED Viewed

@@ -1,6 +1,20 @@
 # Changelog
 All notable changes to this project will be documented in this file.
+## 1.1.1 - 2022-09-05
+### Added
+- Nothing.
+### Deprecated
+- Nothing.
+### Removed
+- Nothing.
+### Fixed
+- Fixed JWT decoding issue. (Invalid segment encoding) [#431](https://github.com/zquestz/omniauth-google-oauth2/pull/431)
 ## 1.1.0 - 2022-09-03
 ### Added

data/examples/Gemfile CHANGED Viewed

@@ -2,7 +2,7 @@
 source 'https://rubygems.org'
-gem 'omniauth-google-oauth2', '~> 0.8.1'
+gem 'omniauth-google-oauth2', '~> 1.1.1'
 gem 'rubocop'
 gem 'sinatra', '~> 1.4'
 gem 'webrick'

data/examples/config.ru CHANGED Viewed

@@ -19,6 +19,19 @@ OpenSSL::SSL::VERIFY_PEER = OpenSSL::SSL::VERIFY_NONE
 # Main example app for omniauth-google-oauth2
 class App < Sinatra::Base
+  configure do
+    set :sessions, true
+    set :inline_templates, true
+  end
+  use Rack::Session::Cookie, secret: ENV['RACK_COOKIE_SECRET']
+  use OmniAuth::Builder do
+    # For additional provider examples please look at 'omni_auth.rb'
+    # The key provider_ignores_state is only for AJAX flows. It is not recommended for normal logins.
+    provider :google_oauth2, ENV['GOOGLE_KEY'], ENV['GOOGLE_SECRET'], access_type: 'offline', prompt: 'consent', provider_ignores_state: true, scope: 'email,profile,calendar'
+  end
   get '/' do
     <<-HTML
     <!DOCTYPE html>
@@ -73,7 +86,12 @@ class App < Sinatra::Base
       </head>
       <body>
       <ul>
-        <li><a href='/auth/google_oauth2'>Sign in with Google</a></li>
+        <li>
+          <form method='post' action='/auth/google_oauth2'>
+            <input type="hidden" name="authenticity_token" value="#{request.env['rack.session']['csrf']}">
+            <button type='submit'>Login with Google</button>
+          </form>
+        </li>
         <li><a href='#' class="googleplus-login">Sign in with Google via AJAX</a></li>
       </ul>
       </body>
@@ -109,12 +127,4 @@ class App < Sinatra::Base
   end
 end
-use Rack::Session::Cookie, secret: ENV['RACK_COOKIE_SECRET']
-use OmniAuth::Builder do
-  # For additional provider examples please look at 'omni_auth.rb'
-  # The key provider_ignores_state is only for AJAX flows. It is not recommended for normal logins.
-  provider :google_oauth2, ENV['GOOGLE_KEY'], ENV['GOOGLE_SECRET'], access_type: 'offline', prompt: 'consent', provider_ignores_state: true, scope: 'email,profile,calendar'
-end
 run App.new

data/lib/omniauth/google_oauth2/version.rb CHANGED Viewed

@@ -2,6 +2,6 @@
 module OmniAuth
   module GoogleOauth2
-    VERSION = '1.1.0'
+    VERSION = '1.1.1'
   end
 end

data/lib/omniauth/strategies/google_oauth2.rb CHANGED Viewed

@@ -69,9 +69,10 @@ module OmniAuth
       extra do
         hash = {}
-        hash[:id_token] = access_token.token
-        if !options[:skip_jwt] && !nil_or_empty(access_token.token)
-          decoded = ::JWT.decode(access_token.token, nil, false).first
+        token = nil_or_empty?(access_token['id_token']) ? access_token.token : access_token['id_token']
+        hash[:id_token] = token
+        if !options[:skip_jwt] && !nil_or_empty?(token)
+          decoded = ::JWT.decode(token, nil, false).first
           # We have to manually verify the claims because the third parameter to
           # JWT.decode is false since no verification key is provided.
@@ -108,7 +109,7 @@ module OmniAuth
       private
-      def nil_or_empty(obj)
+      def nil_or_empty?(obj)
         obj.is_a?(String) ? obj.empty? : obj.nil?
       end

metadata CHANGED Viewed

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: omniauth-google-oauth2
 version: !ruby/object:Gem::Version
-  version: 1.1.0
+  version: 1.1.1
 platform: ruby
 authors:
 - Josh Ellithorpe
@@ -9,7 +9,7 @@ authors:
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2022-09-04 00:00:00.000000000 Z
+date: 2022-09-05 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: jwt