omniauth-line-v2_1 0.0.0 → 1.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (6) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +5 -0
  3. data/README.md +1 -2
  4. data/lib/omniauth/line_v2_1/version.rb +1 -1
  5. data/lib/omniauth/strategies/line_v2_1.rb +8 -4
  6. metadata +6 -6
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: cb969635fc2b09065bebf5373d123f43986a6730036a34329a2d53e6a64cae6e
4
- data.tar.gz: b78c3a7a5d50a89d6ed15c533467d40c3588be0cf4c05799e957a36994b85ac4
3
+ metadata.gz: 4daab37331c6e52d1d1ee084436b0e657c911d1aabaaeab22082c67d54fb02a7
4
+ data.tar.gz: 0e14607b895b14419ff4c805cf0f4669b7f0e1778a4b1c6b074a01de69bc1d39
5
5
  SHA512:
6
- metadata.gz: beb775ade24ca083c3732d52a9b3428731d929ce6726170d23813f85f264e841059ed9db1a81de6a0fb963224c5015a4c7595b761bba8d5f427a150f6ace83df
7
- data.tar.gz: e6d6e1548574c50864d9b49fc445222dda932c94933c9aa96f15803c7d067ce7e1ba7075daf12578c7bc84efb8b2cb5f150590ff730f31987317130d59727567
6
+ metadata.gz: 0dbb8a42057f34f02182d549ee477ea3125e53496a4849bb8549d335d40b3c38509c77addeab62fc382f564d8bd2667c967791455af52749e9160cd14379e551
7
+ data.tar.gz: a9d34cbeb50f3dc972fefadd63a5e3b683f7355c300c382663bd47dca4c7891f775a5f59f88718f6499c231907e6152fde2c9761450bd9fdb7803ae327432803
data/CHANGELOG.md CHANGED
@@ -1,5 +1,10 @@
1
1
  # Changelog
2
2
 
3
+ ## [1.0.0] - 2025-08-01
4
+
5
+ - New: Generate nonce parameter automatically for security
6
+ - New: Call fail! when ID token verification response contains error
7
+
3
8
  ## [0.0.0] - 2025-07-26
4
9
 
5
10
  - Initial release
data/README.md CHANGED
@@ -108,8 +108,7 @@ After successful authentication, the auth hash will be available in `request.env
108
108
  raw_info: {
109
109
  sub: 'U4af4980629...',
110
110
  name: 'Taro Line',
111
- picture: 'https://profile.line-scdn.net/...',
112
- email: 'taro.line@example.com'
111
+ picture: 'https://profile.line-scdn.net/...'
113
112
  },
114
113
  id_token: 'eyJhbGciOiJIUzI1NiJ9...',
115
114
  id_info: {
data/lib/omniauth/line_v2_1/version.rb CHANGED
@@ -2,6 +2,6 @@
2
2
 
3
3
  module OmniAuth
4
4
  module LineV21
5
- VERSION = '0.0.0'
5
+ VERSION = '1.0.0'
6
6
  end
7
7
  end
data/lib/omniauth/strategies/line_v2_1.rb CHANGED
@@ -62,6 +62,7 @@ module OmniAuth
62
62
  params[v.to_sym] = request.params[v] if request.params[v]
63
63
  end
64
64
  params[:scope] ||= DEFAULT_SCOPE
65
+ params[:nonce] ||= SecureRandom.hex(24)
65
66
  params[:response_type] = 'code'
66
67
  session['omniauth.state'] = params[:state] if params[:state]
67
68
  session['omniauth.nonce'] = params[:nonce] if params[:nonce]
@@ -93,9 +94,9 @@ module OmniAuth
93
94
  id_token: id_token,
94
95
  client_id: options.client_id
95
96
  }
96
- params[:nonce] = session['omniauth.nonce'] if session['omniauth.nonce']
97
+ params[:nonce] = session.delete('omniauth.nonce') if session['omniauth.nonce']
97
98
 
98
- client.request(
99
+ response = client.request(
99
100
  :post,
100
101
  ID_TOKEN_VERIFY_URL,
101
102
  headers: {
@@ -103,9 +104,12 @@ module OmniAuth
103
104
  },
104
105
  body: URI.encode_www_form(params)
105
106
  ).parsed
107
+
108
+ fail!(:id_token_verification_failed, CallbackError.new(:id_token_verification_failed, response['error_description'])) if response['error']
109
+
110
+ response
106
111
  rescue StandardError => e
107
- log :error, "ID token verification failed: #{e.message}"
108
- nil
112
+ fail!(:id_token_verification_failed, e)
109
113
  end
110
114
  end
111
115
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: omniauth-line-v2_1
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.0.0
4
+ version: 1.0.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Masahiro
@@ -52,15 +52,15 @@ files:
52
52
  - lib/omniauth-line-v2_1.rb
53
53
  - lib/omniauth/line_v2_1/version.rb
54
54
  - lib/omniauth/strategies/line_v2_1.rb
55
- homepage: https://github.com/cadenza-tech/omniauth-line-v2_1/tree/v0.0.0
55
+ homepage: https://github.com/cadenza-tech/omniauth-line-v2_1/tree/v1.0.0
56
56
  licenses:
57
57
  - MIT
58
58
  metadata:
59
- homepage_uri: https://github.com/cadenza-tech/omniauth-line-v2_1/tree/v0.0.0
60
- source_code_uri: https://github.com/cadenza-tech/omniauth-line-v2_1/tree/v0.0.0
61
- changelog_uri: https://github.com/cadenza-tech/omniauth-line-v2_1/blob/v0.0.0/CHANGELOG.md
59
+ homepage_uri: https://github.com/cadenza-tech/omniauth-line-v2_1/tree/v1.0.0
60
+ source_code_uri: https://github.com/cadenza-tech/omniauth-line-v2_1/tree/v1.0.0
61
+ changelog_uri: https://github.com/cadenza-tech/omniauth-line-v2_1/blob/v1.0.0/CHANGELOG.md
62
62
  bug_tracker_uri: https://github.com/cadenza-tech/omniauth-line-v2_1/issues
63
- documentation_uri: https://rubydoc.info/gems/omniauth-line-v2_1/0.0.0
63
+ documentation_uri: https://rubydoc.info/gems/omniauth-line-v2_1/1.0.0
64
64
  funding_uri: https://patreon.com/CadenzaTech
65
65
  rubygems_mfa_required: 'true'
66
66
  rdoc_options: []