omniauth-keycloak 1.5.1 → 1.5.3

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: abf0318ebff69089a3b27e84c5ef50575875cd21b525d62845d30e9dd86893aa
-  data.tar.gz: 9da9b321758ea6227e476cee096cc3bc53b6a18f9db7e5458284fe5ad4b0fa4c
+  metadata.gz: a0a49f1a0803162c109f3d8c46079ebe47f9930a7ba21346bf275c9e40ca5fae
+  data.tar.gz: f610e23846e61327d7680455b7121fed6e797f6fd2e413fe59202205bf6de28a
 SHA512:
-  metadata.gz: e8f45c365ccf4d823522da850cdc1dbde5f656d32aff2445fad157c579777615b2b508ce798aee23a0628ddfc6665d4ce53c603c0208047bdfbb098e2a97b626
-  data.tar.gz: 0431be28d8cbfb0f92d24b0c52090e4baf8a4a7206e3da87c10bd8ba497f5fee0b64dfdabaeb845d5bf032fdf6c3d1753fb0cbd34cc6c2d267217aa6bbef3413
+  metadata.gz: a532efb73bc332e34e43e41dbf807eaf5a96b917cd728d83d21af57f35e5e43f633b2ed70a226687dd5e79437dc2a991589bfc70594f1f5d77fce5f928891f10
+  data.tar.gz: 79e4fac6b445209809da12d0ea8585597fafa3de63ec4e29479ef37806806603712038316f0331988cc7cc2c3d859e41917bf0ca339a39090e8e4bca81327b1b

data/CHANGELOG.md

@@ -1,5 +1,43 @@
 # Changelog
 
+## [v1.5.3](https://github.com/ccrockett/omniauth-keycloak/tree/v1.5.3) (2025-04-12)
+
+[Full Changelog](https://github.com/ccrockett/omniauth-keycloak/compare/v1.5.2...v1.5.3)
+
+**Closed issues:**
+
+- Update json-jwt to 1.16.6 to resolve security vulnerability CVE-2024-27456/GHSA-785g-282q-pwvx [\#49](https://github.com/ccrockett/omniauth-keycloak/issues/49)
+- Can we update the dependency [\#45](https://github.com/ccrockett/omniauth-keycloak/issues/45)
+- Scope setting gets overwritten causing ID token not to be returned from Keycloak [\#39](https://github.com/ccrockett/omniauth-keycloak/issues/39)
+
+**Merged pull requests:**
+
+- Bump rexml from 3.2.6 to 3.2.8 [\#51](https://github.com/ccrockett/omniauth-keycloak/pull/51) ([dependabot[bot]](https://github.com/apps/dependabot))
+- Bump json-jwt from 1.16.3 to 1.16.6 [\#48](https://github.com/ccrockett/omniauth-keycloak/pull/48) ([dependabot[bot]](https://github.com/apps/dependabot))
+- Bump rack from 3.0.8 to 3.0.9.1 [\#47](https://github.com/ccrockett/omniauth-keycloak/pull/47) ([dependabot[bot]](https://github.com/apps/dependabot))
+- Conditionally set options from request.params if not set already [\#40](https://github.com/ccrockett/omniauth-keycloak/pull/40) ([Kazhuu](https://github.com/Kazhuu))
+
+## [v1.5.2](https://github.com/ccrockett/omniauth-keycloak/tree/v1.5.2) (2024-02-01)
+
+[Full Changelog](https://github.com/ccrockett/omniauth-keycloak/compare/v1.5.1...v1.5.2)
+
+**Closed issues:**
+
+- Dependency update - json-jwt [\#36](https://github.com/ccrockett/omniauth-keycloak/issues/36)
+-  Adding parameters and http headers to omniauth authorize path helper [\#12](https://github.com/ccrockett/omniauth-keycloak/issues/12)
+
+**Merged pull requests:**
+
+- Loosen omniauth-oauth2 dependency restriction [\#43](https://github.com/ccrockett/omniauth-keycloak/pull/43) ([mcelaney](https://github.com/mcelaney))
+
+## [v1.5.1](https://github.com/ccrockett/omniauth-keycloak/tree/v1.5.1) (2023-03-01)
+
+[Full Changelog](https://github.com/ccrockett/omniauth-keycloak/compare/v1.5.0...v1.5.1)
+
+**Merged pull requests:**
+
+- Add ability to get params from request and pass thru to keycloak url [\#24](https://github.com/ccrockett/omniauth-keycloak/pull/24) ([ccrockett](https://github.com/ccrockett))
+
 ## [v1.5.0](https://github.com/ccrockett/omniauth-keycloak/tree/v1.5.0) (2023-03-01)
 
 [Full Changelog](https://github.com/ccrockett/omniauth-keycloak/compare/v1.4.4...v1.5.0)
@@ -7,7 +45,6 @@
 **Closed issues:**
 
 - When in test mode, setup phase tries to fetch Keycloak configuration [\#32](https://github.com/ccrockett/omniauth-keycloak/issues/32)
-- Dependency update - json-jwt [\#36](https://github.com/ccrockett/omniauth-keycloak/issues/36)
 
 **Merged pull requests:**
 

data/Gemfile.lock

@@ -1,30 +1,33 @@
 PATH
   remote: .
   specs:
-    omniauth-keycloak (1.4.4)
+    omniauth-keycloak (1.5.1)
       faraday
       json-jwt (> 1.13.0)
       omniauth (>= 2.0)
-      omniauth-oauth2 (~> 1.7.1)
+      omniauth-oauth2 (>= 1.7, < 1.9)
 
 GEM
   remote: https://rubygems.org/
   specs:
-    activesupport (7.0.4.2)
+    activesupport (6.1.7.7)
       concurrent-ruby (~> 1.0, >= 1.0.2)
       i18n (>= 1.6, < 2)
       minitest (>= 5.1)
       tzinfo (~> 2.0)
-    addressable (2.8.0)
-      public_suffix (>= 2.0.2, < 5.0)
+      zeitwerk (~> 2.3)
+    addressable (2.8.5)
+      public_suffix (>= 2.0.2, < 6.0)
     aes_key_wrap (1.1.0)
-    bindata (2.4.15)
-    concurrent-ruby (1.2.2)
+    base64 (0.2.0)
+    bindata (2.5.0)
+    concurrent-ruby (1.2.3)
     crack (0.4.5)
       rexml
-    diff-lcs (1.4.4)
+    diff-lcs (1.5.0)
     docile (1.4.0)
-    faraday (2.7.4)
+    faraday (2.8.1)
+      base64
       faraday-net_http (>= 2.0, < 3.1)
       ruby2_keywords (>= 0.0.4)
     faraday-follow_redirects (0.3.0)
@@ -32,16 +35,17 @@ GEM
     faraday-net_http (3.0.2)
     hashdiff (1.0.1)
     hashie (5.0.0)
-    i18n (1.12.0)
+    i18n (1.14.1)
       concurrent-ruby (~> 1.0)
-    json-jwt (1.16.3)
+    json-jwt (1.16.6)
       activesupport (>= 4.2)
       aes_key_wrap
+      base64
       bindata
       faraday (~> 2.0)
       faraday-follow_redirects
-    jwt (2.7.0)
-    minitest (5.17.0)
+    jwt (2.7.1)
+    minitest (5.22.2)
     multi_xml (0.6.0)
     oauth2 (2.0.9)
       faraday (>= 0.17.3, < 3.0)
@@ -54,45 +58,48 @@ GEM
       hashie (>= 3.4.6)
       rack (>= 2.2.3)
       rack-protection
-    omniauth-oauth2 (1.7.3)
+    omniauth-oauth2 (1.8.0)
       oauth2 (>= 1.4, < 3)
-      omniauth (>= 1.9, < 3)
-    public_suffix (4.0.6)
-    rack (3.0.4.1)
-    rack-protection (3.0.5)
+      omniauth (~> 2.0)
+    public_suffix (5.0.3)
+    rack (3.0.9.1)
+    rack-protection (3.0.6)
       rack
-    rake (13.0.1)
-    rexml (3.2.5)
-    rspec (3.10.0)
-      rspec-core (~> 3.10.0)
-      rspec-expectations (~> 3.10.0)
-      rspec-mocks (~> 3.10.0)
-    rspec-core (3.10.1)
-      rspec-support (~> 3.10.0)
-    rspec-expectations (3.10.1)
+    rake (13.0.6)
+    rexml (3.2.8)
+      strscan (>= 3.0.9)
+    rspec (3.12.0)
+      rspec-core (~> 3.12.0)
+      rspec-expectations (~> 3.12.0)
+      rspec-mocks (~> 3.12.0)
+    rspec-core (3.12.2)
+      rspec-support (~> 3.12.0)
+    rspec-expectations (3.12.3)
       diff-lcs (>= 1.2.0, < 2.0)
-      rspec-support (~> 3.10.0)
-    rspec-mocks (3.10.2)
+      rspec-support (~> 3.12.0)
+    rspec-mocks (3.12.6)
       diff-lcs (>= 1.2.0, < 2.0)
-      rspec-support (~> 3.10.0)
-    rspec-support (3.10.3)
+      rspec-support (~> 3.12.0)
+    rspec-support (3.12.1)
     ruby2_keywords (0.0.5)
-    simplecov (0.21.2)
+    simplecov (0.22.0)
       docile (~> 1.1)
       simplecov-html (~> 0.11)
       simplecov_json_formatter (~> 0.1)
     simplecov-html (0.12.3)
-    simplecov_json_formatter (0.1.3)
+    simplecov_json_formatter (0.1.4)
     snaky_hash (2.0.1)
       hashie
       version_gem (~> 1.1, >= 1.1.1)
+    strscan (3.1.0)
     tzinfo (2.0.6)
       concurrent-ruby (~> 1.0)
-    version_gem (1.1.1)
-    webmock (3.14.0)
+    version_gem (1.1.3)
+    webmock (3.19.1)
       addressable (>= 2.8.0)
       crack (>= 0.3.2)
       hashdiff (>= 0.4.0, < 2.0.0)
+    zeitwerk (2.6.13)
 
 PLATFORMS
   ruby

data/README.md

@@ -112,6 +112,8 @@ end
         name: 'keycloak'
     end
     ```
+  * __Pass params from request thru to Keycloak__  
+  See [PR #24](https://github.com/ccrockett/omniauth-keycloak/pull/24) for details on how to configure this.
 
 ## Contributing
 

data/lib/keycloak/version.rb

@@ -1,5 +1,5 @@
 module Omniauth
   module Keycloak
-    VERSION = "1.5.1"
+    VERSION = '1.5.3'
   end
 end

data/lib/omniauth/strategies/keycloak-openid.rb

@@ -99,7 +99,9 @@ module OmniAuth
             end
 
             def request_phase
-                options.authorize_options.each {|key| options[key] = request.params[key.to_s] }
+                options.authorize_options.each do |key|
+                  options[key] = request.params[key.to_s] if options[key].nil?
+                end
                 super
             end
 

data/omniauth-keycloak.gemspec

@@ -24,7 +24,7 @@ Gem::Specification.new do |spec|
 
 
   spec.add_dependency "omniauth", ">= 2.0"
-  spec.add_dependency "omniauth-oauth2", "~> 1.7.1"
+  spec.add_dependency "omniauth-oauth2", ">= 1.7", "< 1.9"
   spec.add_dependency "json-jwt", "> 1.13.0"
   spec.add_dependency "faraday"
 

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: omniauth-keycloak
 version: !ruby/object:Gem::Version
-  version: 1.5.1
+  version: 1.5.3
 platform: ruby
 authors:
 - Cameron Crockett
-autorequire:
+autorequire: 
 bindir: exe
 cert_chain: []
-date: 2023-03-01 00:00:00.000000000 Z
+date: 2025-04-12 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: omniauth
@@ -28,16 +28,22 @@ dependencies:
   name: omniauth-oauth2
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '1.7'
+    - - "<"
       - !ruby/object:Gem::Version
-        version: 1.7.1
+        version: '1.9'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '1.7'
+    - - "<"
       - !ruby/object:Gem::Version
-        version: 1.7.1
+        version: '1.9'
 - !ruby/object:Gem::Dependency
   name: json-jwt
   requirement: !ruby/object:Gem::Requirement
@@ -166,7 +172,7 @@ homepage: https://github.com/ccrockett/omniauth-keycloak
 licenses:
 - MIT
 metadata: {}
-post_install_message:
+post_install_message: 
 rdoc_options: []
 require_paths:
 - lib
@@ -181,8 +187,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: 3.1.2
 requirements: []
-rubygems_version: 3.3.7
-signing_key:
+rubygems_version: 3.5.22
+signing_key: 
 specification_version: 4
 summary: Omniauth strategy for Keycloak
 test_files: []