RubyGems - omniauth-nitro-id - Versions diffs - 0.1.1 → 1.1.0 - Mend

omniauth-nitro-id 0.1.1 → 1.1.0

Files changed (11) hide show

checksums.yaml +4 -4
data/docs/CHANGELOG.md +24 -0
data/lib/extensions/discovery.rb +24 -0
data/lib/omniauth/nitro_id/version.rb +1 -1
data/lib/omniauth/nitro_id.rb +1 -0
data/lib/omniauth/strategies/base_strategy.rb +55 -0
data/lib/omniauth/strategies/nitro_id.rb +5 -9
data/lib/omniauth/strategies/tempo_id.rb +14 -0
data/omniauth-nitro-id.gemspec +1 -1
data/spec/omniauth/strategies/tempo_id_spec.rb +55 -0
metadata +12 -9

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: d4d3e8c274665be7c83f34c25dbf04aa079f54192cbd30a59ef4b6243020d33d
-  data.tar.gz: 964db9c5a01dd33f16cc8491b9aeaac22dd980fd09d25ee737953824b2fbcc21
+  metadata.gz: c3fcfd3453a65729b3e8f7a24c6741c14cacc74d88547e24cb120fdeda0f55c3
+  data.tar.gz: 2a6b81428854f8eb43b5be273aff890d9caf2cdf48cbb9154fd7d4eecab7d09b
 SHA512:
-  metadata.gz: b16e8610dd2aeea20d1cdbe80088d7fd95898863987ccab37d2ffaa4efbdc59c21d9443e4e341b3c58a58d55bf19e33160b1c072e54f766250d114d5fda60794
-  data.tar.gz: 25a285b3e002a2dcbc096cc7c9c9ecfc45fdc6ef59c06acf923705676c06320f390dc8c82f0780b4b3b700bf23d3878fc866e9b610644901501f287f12783e2f
+  metadata.gz: 386e8ba55776a76e8905e58420dc897261011083adc935005c806944a48ec20ed772adef07d82571fbaa34903934ee4ed9d3d1063324b1047c072a56863f526f
+  data.tar.gz: 3e9aa553a7de06ccbb143da81061c87489b3412ccc8ac15e6aaa10edbdf046e2ab0c261aebb203e2e5fb4358de546b7e391925f1e3ea91975a7627b7f78c16a3

data/docs/CHANGELOG.md ADDED Viewed

@@ -0,0 +1,24 @@
+# Changelog
+All notable changes to this project will be documented in this file.
+The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
+and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
+## [Unreleased]
+## [1.1.0] - 2022-12-14
+### Added
+* Add support for `id_token_hint`. PR [#8](https://github.com/powerhome/omniauth-nitro-id/pull/8)
+## [1.0.0] - 2022-12-05
+### Added
+* Initial release
+[Unreleased]: https://github.com/powerhome/omniauth-nitro-id/compare/v1.0.0...HEAD
+[1.1.0]: https://github.com/powerhome/omniauth-nitro-id/releases/tag/v1.1.0
+[1.0.0]: https://github.com/powerhome/omniauth-nitro-id/releases/tag/v1.0.0

data/lib/extensions/discovery.rb ADDED Viewed

@@ -0,0 +1,24 @@
+# frozen_string_literal: true
+module Extensions
+  module Discovery
+    Module.new do
+      # Monkey patch allow HTTP instead of forcing HTTPS for discovery.
+      attr_reader :scheme
+      def initialize(uri)
+        @scheme = uri.scheme
+        super
+      end
+      def endpoint
+        URI::Generic.build(scheme: scheme, host: host, port: port, path: path)
+      rescue URI::Error => e
+        raise SWD::Exception, e.message
+      end
+      prepend_features(::OpenIDConnect::Discovery::Provider::Config::Resource)
+    end
+  end
+end

data/lib/omniauth/nitro_id/version.rb CHANGED Viewed

@@ -2,6 +2,6 @@
 module OmniAuth
   module NitroId
-    VERSION = "0.1.1"
+    VERSION = "1.1.0"
   end
 end

data/lib/omniauth/nitro_id.rb CHANGED Viewed

@@ -2,3 +2,4 @@
 require "omniauth/nitro_id/version"
 require "omniauth/strategies/nitro_id"
+require "omniauth/strategies/tempo_id"

data/lib/omniauth/strategies/base_strategy.rb ADDED Viewed

@@ -0,0 +1,55 @@
+# frozen_string_literal: true
+require "omniauth_openid_connect"
+require_relative "../../extensions/discovery"
+module OmniAuth
+  module Strategies
+    class BaseStrategy < OmniAuth::Strategies::OpenIDConnect
+      def public_key
+        @public_key ||= if options.discovery
+                          config.jwks
+                        elsif key_or_secret
+                          key_or_secret
+                        elsif client_options.jwks_uri
+                          fetch_key
+                        end
+      end
+    private
+      def fetch_key
+        @fetch_key ||= parse_jwk_key(::OpenIDConnect.http_client.get_content(client_options.jwks_uri))
+      end
+      def key_or_secret
+        @key_or_secret ||=
+          case options.client_signing_alg&.to_sym
+          when :HS256, :HS384, :HS512
+            client_options.secret
+          when :RS256, :RS384, :RS512
+            parse_key
+          end
+      end
+      def encoded_post_logout_redirect_uri
+        return unless options.post_logout_redirect_uri
+        query = {
+          post_logout_redirect_uri: options.post_logout_redirect_uri,
+        }
+        query = query.merge({ id_token_hint: params["id_token_hint"] }) if params["id_token_hint"]
+        URI.encode_www_form(query)
+      end
+      def parse_key
+        if options.client_jwk_signing_key
+          parse_jwk_key(options.client_jwk_signing_key)
+        elsif options.client_x509_signing_key
+          parse_x509_key(options.client_x509_signing_key)
+        end
+      end
+    end
+  end
+end

data/lib/omniauth/strategies/nitro_id.rb CHANGED Viewed

@@ -1,18 +1,14 @@
 # frozen_string_literal: true
-require "omniauth_openid_connect"
+require_relative "base_strategy"
 module OmniAuth
   module Strategies
-    class NitroId < OmniAuth::Strategies::OpenIDConnect
-      DEFAULT_STRATEGY_NAME = "nitro_id"
-      DEFAULT_ISSUER = "https://id.powerhrg.com/"
-      DEFAULT_HOST = "id.powerhrg.com"
-      option :name, DEFAULT_STRATEGY_NAME
+    class NitroId < BaseStrategy
+      option :name, "nitro_id"
       option :discovery, true
-      option :issuer, DEFAULT_ISSUER
-      option :client_options, host: DEFAULT_HOST
+      option :issuer, "https://id.powerhrg.com/"
+      option :client_options, host: "id.powerhrg.com"
     end
   end
 end

data/lib/omniauth/strategies/tempo_id.rb ADDED Viewed

@@ -0,0 +1,14 @@
+# frozen_string_literal: true
+require_relative "base_strategy"
+module OmniAuth
+  module Strategies
+    class TempoId < BaseStrategy
+      option :name, "tempo_id"
+      option :discovery, true
+      option :issuer, "https://id.streamfinancial.io/"
+      option :client_options, host: "id.streamfinancial.io"
+    end
+  end
+end

data/omniauth-nitro-id.gemspec CHANGED Viewed

@@ -14,7 +14,7 @@ Gem::Specification.new do |spec|
   spec.required_ruby_version = ">= 2.7.0"
   spec.files         = `git ls-files`.split("\n")
-  spec.executables   = spec.files.grep(%r{^bin/}) { |f| File.basename(f) }
+  spec.executables   = []
   spec.require_paths = ["lib"]
   spec.add_dependency "omniauth_openid_connect", "~> 0.4.0"

data/spec/omniauth/strategies/tempo_id_spec.rb ADDED Viewed

@@ -0,0 +1,55 @@
+# frozen_string_literal: true
+require "spec_helper"
+describe OmniAuth::Strategies::TempoId do
+  let(:access_token) { instance_double("AccessToken", :options => {}, :[] => "user") }
+  let(:custom_client) do
+    OmniAuth::Strategies::TempoId.new(:test_app,
+                                      issuer: "https://example-host.com/",
+                                      discovery: false,
+                                      client_options: {
+                                        host: "example-host.com",
+                                      })
+  end
+  subject do
+    OmniAuth::Strategies::TempoId.new({})
+  end
+  before(:each) do
+    allow(subject).to receive(:access_token).and_return(access_token)
+  end
+  context "options" do
+    it "should have correct name" do
+      expect(subject.options.name).to eq "tempo_id"
+    end
+    it "should have correct host" do
+      expect(subject.options.client_options.host).to eq "id.streamfinancial.io"
+    end
+    it "should have correct issuer" do
+      expect(subject.options.issuer).to eq "https://id.streamfinancial.io/"
+    end
+    it "should have the correct discovery setting" do
+      expect(subject.options.discovery).to eq true
+    end
+    describe "should be overrideable" do
+      it "for host" do
+        expect(custom_client.options.client_options.host).to eq "example-host.com"
+      end
+      it "for issuer" do
+        expect(custom_client.options.issuer).to eq "https://example-host.com/"
+      end
+      it "for discovery" do
+        expect(custom_client.options.discovery).to eq false
+      end
+    end
+  end
+end

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: omniauth-nitro-id
 version: !ruby/object:Gem::Version
-  version: 0.1.1
+  version: 1.1.0
 platform: ruby
 authors:
 - Stephen Greer
-autorequire:
+autorequire:
 bindir: bin
 cert_chain: []
-date: 2022-07-08 00:00:00.000000000 Z
+date: 2022-12-14 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: omniauth_openid_connect
@@ -139,9 +139,7 @@ dependencies:
 description: NitroID Strategy for OmniAuth.
 email:
 - stephen.greer@powerhrg.com
-executables:
-- console
-- setup
+executables: []
 extensions: []
 extra_rdoc_files: []
 files:
@@ -156,22 +154,27 @@ files:
 - Rakefile
 - bin/console
 - bin/setup
+- docs/CHANGELOG.md
 - docs/README.md
+- lib/extensions/discovery.rb
 - lib/omniauth-nitro-id.rb
 - lib/omniauth/nitro_id.rb
 - lib/omniauth/nitro_id/version.rb
+- lib/omniauth/strategies/base_strategy.rb
 - lib/omniauth/strategies/nitro_id.rb
+- lib/omniauth/strategies/tempo_id.rb
 - mkdocs.yml
 - omniauth-nitro-id.gemspec
 - portal.yml
 - renovate.json
 - spec/omniauth/strategies/nitro_id_spec.rb
+- spec/omniauth/strategies/tempo_id_spec.rb
 - spec/spec_helper.rb
 homepage: https://github.com/powerhome/omniauth-nitro-id
 licenses:
 - MIT
 metadata: {}
-post_install_message:
+post_install_message:
 rdoc_options: []
 require_paths:
 - lib
@@ -186,8 +189,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.3.7
-signing_key:
+rubygems_version: 3.1.6
+signing_key:
 specification_version: 4
 summary: NitroID Strategy for OmniAuth.
 test_files: []