omniauth-himari 0.2.0 → 0.3.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 230530b0b006d644e0c13080c2aa262453bfcf7fb60223a710aa322425bd46e3
-  data.tar.gz: f41f643510a1b1369da770466399677692cb8dd42a6a67b0d76ab21b45b67d1b
+  metadata.gz: ab98117f1451b0b99efcfa2b448295700d9c3ea50bb1ff7fce9857c887fb1884
+  data.tar.gz: 5a5f6efcdb3b9e325b266a962dd7aeae2a0986724cdd4b00cf3c9a18072a9892
 SHA512:
-  metadata.gz: a1ce14483998a5e6e77067b00923a6b6f1f105a64b8c8def0ec76ca9612126de6ebd086a9f1fb8a95a29dbd7c32c184bb7e22d308d341521e7e40b3a8e0ceb02
-  data.tar.gz: 16995e400808c1148001aab5637afbccfaa6b2020f791008c1688c702c248b1b69a7422200d9ba027a9dfbedeb7580d5e527fc4f61ef6a6803ba951579d45078
+  metadata.gz: 0c3660a3595d98d24c535ccf7a9c518c71830163d2d344ff8d7077cca0c7f409dd1dda2c28e84cbcabeee229e371186d2e020dac7c7ee94b98ef763be340a008
+  data.tar.gz: 48fdb5b0cd2ad8900fba76a848564e2bdb9cf80e952bbe3fe994bb5aaf63c57e8d54b22788f72f89c92cbfcf2aff19909a05beafbf67389220f6c5d334a529ed

data/CHANGELOG.md

@@ -1,4 +1,20 @@
-## [Unreleased]
+## [0.3.0] - 2026-06-03
+
+### Enhancements
+
+- Add `scope` option (default `openid`) to request scopes from Himari [#14](https://github.com/sorah/himari/pull/14)
+
+## [0.2.0] - 2023-03-26
+
+### Enhancements
+
+- Pass through the `prompt` parameter, supporting `prompt=login` reauthentication [#8](https://github.com/sorah/himari/pull/8)
+
+## [0.1.1] - 2023-03-26
+
+### Bug fixes
+
+- Declare a direct dependency on the `jwt` gem.
 
 ## [0.1.0] - 2023-03-24
 

data/lib/omniauth/strategies/himari.rb

@@ -20,6 +20,8 @@ module OmniAuth
       option :client_options, {}
       option :pkce, true
 
+      option :scope, 'openid'
+
       option :verify_options, {}
       option :verify_at_hash, true
 
@@ -46,6 +48,7 @@ module OmniAuth
 
         raise ConfigurationError, "client_id and client_secret is required" unless options.client_id && options.client_secret
         raise ConfigurationError, "site is required" unless options.client_options.site
+
         super
       end
 
@@ -59,6 +62,7 @@ module OmniAuth
           'id_token' => access_token.params && access_token.params['id_token'],
         }
         raise IdTokenMissing, 'id_token is missing' unless retval['id_token']
+
         retval
       end
 
@@ -85,15 +89,15 @@ module OmniAuth
         return unless options.verify_at_hash
 
         function = case id_token.header['alg'] # this is safe as we've verified
-        when 'ES256', 'RS256'; Digest::SHA256
-        when 'ES384'; Digest::SHA384
-        when 'ES512'; Digest::SHA512
+        when 'ES256', 'RS256' then Digest::SHA256
+        when 'ES384' then Digest::SHA384
+        when 'ES512' then Digest::SHA512
         else
-          raise VerificationError, "unknown hash function to verify at_hash for #{id_token.header['alg']}"
+          raise VerificationError, "unknown hash function to verify at_hash for #{id_token.header["alg"]}"
         end
 
         dgst = function.digest(access_token.token)
-        expected_at_hash = Base64.urlsafe_encode64(dgst[0, dgst.size/2], padding: false)
+        expected_at_hash = Base64.urlsafe_encode64(dgst[0, dgst.size / 2], padding: false)
 
         given_at_hash = id_token.claims['at_hash']
 
@@ -103,7 +107,7 @@ module OmniAuth
       end
 
       def raw_info
-        @raw_info ||= (!skip_info? && options.use_userinfo) ? access_token.get('/public/oidc/userinfo').parsed : id_token.claims
+        @raw_info ||= !skip_info? && options.use_userinfo ? access_token.get('/public/oidc/userinfo').parsed : id_token.claims
       end
 
       def faraday
@@ -123,7 +127,8 @@ module OmniAuth
 
       def authorize_params
         super.tap do |params|
-          params[:scope] = 'openid'
+          # super reads options.scope; default to 'openid' if the caller cleared it.
+          params[:scope] ||= options.scope || 'openid'
           params[:prompt] = request.GET['prompt'] if request.GET['prompt']
         end
       end
@@ -145,7 +150,7 @@ module OmniAuth
               verify_iss: true,
               iss: options.site,
               verify_expiration: true,
-            }.merge(options.verify_options)
+            }.merge(options.verify_options),
           ))
           verify_at_hash!(retval)
           retval
@@ -171,11 +176,9 @@ module OmniAuth
         end
 
         def inspect
-          "#<#{self.class.name}:0x#{self.__id__.to_s(16)}>"
+          "#<#{self.class.name}:0x#{__id__.to_s(16)}>"
         end
       end
     end
   end
 end
-
-

data/lib/omniauth-himari/version.rb

@@ -2,6 +2,6 @@
 
 module Omniauth
   module Himari
-    VERSION = "0.2.0"
+    VERSION = "0.3.0"
   end
 end

data/lib/omniauth-himari.rb

@@ -1,2 +1,4 @@
+# frozen_string_literal: true
+
 require 'omniauth-himari/version'
 require 'omniauth/strategies/himari'

data/omniauth-himari.gemspec

@@ -16,15 +16,15 @@ Gem::Specification.new do |spec|
 
   spec.metadata["homepage_uri"] = spec.homepage
   spec.metadata["source_code_uri"] = "https://github.com/sorah/himari"
-  #spec.metadata["changelog_uri"] = "TODO: Put your gem's CHANGELOG.md URL here."
+  # spec.metadata["changelog_uri"] = "TODO: Put your gem's CHANGELOG.md URL here."
 
   # Specify which files should be added to the gem when it is released.
   # The `git ls-files -z` loads the files in the RubyGem that have been added into git.
-  if ENV['HIMARI_LAMBDA_IMAGE']
-    spec.files = Dir.chdir(__dir__) { Dir["./**/*"] }.reject { |f|  (File.expand_path(f) == __FILE__) }
+  spec.files = if ENV['HIMARI_LAMBDA_IMAGE']
+    Dir.chdir(__dir__) { Dir["./**/*"] }.reject { |f| File.expand_path(f) == __FILE__ }
   else
-    spec.files = Dir.chdir(__dir__) do
-      `git ls-files -z`.split("\x0").reject do |f|
+    Dir.chdir(__dir__) do
+      %x(git ls-files -z).split("\x0").reject do |f|
         (f == __FILE__) || f.match(%r{\A(?:(?:bin|test|spec|features)/|\.(?:git|travis|circleci)|appveyor)})
       end
     end
@@ -33,11 +33,11 @@ Gem::Specification.new do |spec|
   spec.executables = spec.files.grep(%r{\Aexe/}) { |f| File.basename(f) }
   spec.require_paths = ["lib"]
 
-  spec.add_dependency 'omniauth'
-  spec.add_dependency 'omniauth-oauth2'
-  spec.add_dependency 'oauth2'
   spec.add_dependency 'faraday'
   spec.add_dependency 'jwt'
+  spec.add_dependency 'oauth2'
+  spec.add_dependency 'omniauth'
+  spec.add_dependency 'omniauth-oauth2'
 
   # Uncomment to register a new dependency of your gem
   # spec.add_dependency "example-gem", "~> 1.0"

metadata

@@ -1,17 +1,16 @@
 --- !ruby/object:Gem::Specification
 name: omniauth-himari
 version: !ruby/object:Gem::Version
-  version: 0.2.0
+  version: 0.3.0
 platform: ruby
 authors:
 - Sorah Fukumori
-autorequire:
 bindir: exe
 cert_chain: []
-date: 2023-03-26 00:00:00.000000000 Z
+date: 1980-01-02 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
-  name: omniauth
+  name: faraday
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
@@ -25,7 +24,7 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
-  name: omniauth-oauth2
+  name: jwt
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
@@ -53,7 +52,7 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
-  name: faraday
+  name: omniauth
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
@@ -67,7 +66,7 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
-  name: jwt
+  name: omniauth-oauth2
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
@@ -104,7 +103,6 @@ licenses:
 metadata:
   homepage_uri: https://github.com/sorah/himari
   source_code_uri: https://github.com/sorah/himari
-post_install_message:
 rdoc_options: []
 require_paths:
 - lib
@@ -119,8 +117,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.1.6
-signing_key:
+rubygems_version: 4.0.10
 specification_version: 4
 summary: OmniAuth strategy for Himari
 test_files: []