RubyGems - omniauth-nitro-id - Versions diffs - 1.0.0 → 1.1.0 - Mend

omniauth-nitro-id 1.0.0 → 1.1.0

Files changed (8) hide show

checksums.yaml +4 -4
data/docs/CHANGELOG.md +7 -0
data/lib/extensions/discovery.rb +24 -0
data/lib/omniauth/nitro_id/version.rb +1 -1
data/lib/omniauth/strategies/base_strategy.rb +55 -0
data/lib/omniauth/strategies/nitro_id.rb +5 -9
data/lib/omniauth/strategies/tempo_id.rb +5 -9
metadata +4 -2

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: b3b09237f96562c54df18acc4a2974ee10c321d587bd2c0878865c30aa57a0ed
-  data.tar.gz: 7bf933d671741411f8184693d372ccddadc64d74158b8177eb7d7cc68bccf7a1
+  metadata.gz: c3fcfd3453a65729b3e8f7a24c6741c14cacc74d88547e24cb120fdeda0f55c3
+  data.tar.gz: 2a6b81428854f8eb43b5be273aff890d9caf2cdf48cbb9154fd7d4eecab7d09b
 SHA512:
-  metadata.gz: ba8f9dcf267a4c63ba805f7fa7cca57e798534b070cd81fd40890a3b7f0b475a142a4f626bf8c93e78ce18ae54d227fc5187e98415bf1a516d16e58832813192
-  data.tar.gz: 43bf42fcd09e559514a7e16376d0f9b5c2686eb67119daeaaf7620094464acbdb891e0cad2cbd268749653d473bf7292f61b8e0bd39933d400a8dcdcf3f8ab0d
+  metadata.gz: 386e8ba55776a76e8905e58420dc897261011083adc935005c806944a48ec20ed772adef07d82571fbaa34903934ee4ed9d3d1063324b1047c072a56863f526f
+  data.tar.gz: 3e9aa553a7de06ccbb143da81061c87489b3412ccc8ac15e6aaa10edbdf046e2ab0c261aebb203e2e5fb4358de546b7e391925f1e3ea91975a7627b7f78c16a3

data/docs/CHANGELOG.md CHANGED Viewed

@@ -7,6 +7,12 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 ## [Unreleased]
+## [1.1.0] - 2022-12-14
+### Added
+* Add support for `id_token_hint`. PR [#8](https://github.com/powerhome/omniauth-nitro-id/pull/8)
 ## [1.0.0] - 2022-12-05
 ### Added
@@ -14,4 +20,5 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 * Initial release
 [Unreleased]: https://github.com/powerhome/omniauth-nitro-id/compare/v1.0.0...HEAD
+[1.1.0]: https://github.com/powerhome/omniauth-nitro-id/releases/tag/v1.1.0
 [1.0.0]: https://github.com/powerhome/omniauth-nitro-id/releases/tag/v1.0.0

data/lib/extensions/discovery.rb ADDED Viewed

@@ -0,0 +1,24 @@
+# frozen_string_literal: true
+module Extensions
+  module Discovery
+    Module.new do
+      # Monkey patch allow HTTP instead of forcing HTTPS for discovery.
+      attr_reader :scheme
+      def initialize(uri)
+        @scheme = uri.scheme
+        super
+      end
+      def endpoint
+        URI::Generic.build(scheme: scheme, host: host, port: port, path: path)
+      rescue URI::Error => e
+        raise SWD::Exception, e.message
+      end
+      prepend_features(::OpenIDConnect::Discovery::Provider::Config::Resource)
+    end
+  end
+end

data/lib/omniauth/nitro_id/version.rb CHANGED Viewed

@@ -2,6 +2,6 @@
 module OmniAuth
   module NitroId
-    VERSION = "1.0.0"
+    VERSION = "1.1.0"
   end
 end

data/lib/omniauth/strategies/base_strategy.rb ADDED Viewed

@@ -0,0 +1,55 @@
+# frozen_string_literal: true
+require "omniauth_openid_connect"
+require_relative "../../extensions/discovery"
+module OmniAuth
+  module Strategies
+    class BaseStrategy < OmniAuth::Strategies::OpenIDConnect
+      def public_key
+        @public_key ||= if options.discovery
+                          config.jwks
+                        elsif key_or_secret
+                          key_or_secret
+                        elsif client_options.jwks_uri
+                          fetch_key
+                        end
+      end
+    private
+      def fetch_key
+        @fetch_key ||= parse_jwk_key(::OpenIDConnect.http_client.get_content(client_options.jwks_uri))
+      end
+      def key_or_secret
+        @key_or_secret ||=
+          case options.client_signing_alg&.to_sym
+          when :HS256, :HS384, :HS512
+            client_options.secret
+          when :RS256, :RS384, :RS512
+            parse_key
+          end
+      end
+      def encoded_post_logout_redirect_uri
+        return unless options.post_logout_redirect_uri
+        query = {
+          post_logout_redirect_uri: options.post_logout_redirect_uri,
+        }
+        query = query.merge({ id_token_hint: params["id_token_hint"] }) if params["id_token_hint"]
+        URI.encode_www_form(query)
+      end
+      def parse_key
+        if options.client_jwk_signing_key
+          parse_jwk_key(options.client_jwk_signing_key)
+        elsif options.client_x509_signing_key
+          parse_x509_key(options.client_x509_signing_key)
+        end
+      end
+    end
+  end
+end

data/lib/omniauth/strategies/nitro_id.rb CHANGED Viewed

@@ -1,18 +1,14 @@
 # frozen_string_literal: true
-require "omniauth_openid_connect"
+require_relative "base_strategy"
 module OmniAuth
   module Strategies
-    class NitroId < OmniAuth::Strategies::OpenIDConnect
-      DEFAULT_STRATEGY_NAME = "nitro_id"
-      DEFAULT_ISSUER = "https://id.powerhrg.com/"
-      DEFAULT_HOST = "id.powerhrg.com"
-      option :name, DEFAULT_STRATEGY_NAME
+    class NitroId < BaseStrategy
+      option :name, "nitro_id"
       option :discovery, true
-      option :issuer, DEFAULT_ISSUER
-      option :client_options, host: DEFAULT_HOST
+      option :issuer, "https://id.powerhrg.com/"
+      option :client_options, host: "id.powerhrg.com"
     end
   end
 end

data/lib/omniauth/strategies/tempo_id.rb CHANGED Viewed

@@ -1,18 +1,14 @@
 # frozen_string_literal: true
-require "omniauth_openid_connect"
+require_relative "base_strategy"
 module OmniAuth
   module Strategies
-    class TempoId < OmniAuth::Strategies::OpenIDConnect
-      DEFAULT_STRATEGY_NAME = "tempo_id"
-      DEFAULT_ISSUER = "https://id.streamfinancial.io/"
-      DEFAULT_HOST = "id.streamfinancial.io"
-      option :name, DEFAULT_STRATEGY_NAME
+    class TempoId < BaseStrategy
+      option :name, "tempo_id"
       option :discovery, true
-      option :issuer, DEFAULT_ISSUER
-      option :client_options, host: DEFAULT_HOST
+      option :issuer, "https://id.streamfinancial.io/"
+      option :client_options, host: "id.streamfinancial.io"
     end
   end
 end

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: omniauth-nitro-id
 version: !ruby/object:Gem::Version
-  version: 1.0.0
+  version: 1.1.0
 platform: ruby
 authors:
 - Stephen Greer
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2022-12-05 00:00:00.000000000 Z
+date: 2022-12-14 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: omniauth_openid_connect
@@ -156,9 +156,11 @@ files:
 - bin/setup
 - docs/CHANGELOG.md
 - docs/README.md
+- lib/extensions/discovery.rb
 - lib/omniauth-nitro-id.rb
 - lib/omniauth/nitro_id.rb
 - lib/omniauth/nitro_id/version.rb
+- lib/omniauth/strategies/base_strategy.rb
 - lib/omniauth/strategies/nitro_id.rb
 - lib/omniauth/strategies/tempo_id.rb
 - mkdocs.yml