RubyGems - omniauth-nitro-id - Versions diffs - 1.0.0 → 1.1.0 - Mend

omniauth-nitro-id 1.0.0 → 1.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (8) hide show

checksums.yaml +4 -4
data/docs/CHANGELOG.md +7 -0
data/lib/extensions/discovery.rb +24 -0
data/lib/omniauth/nitro_id/version.rb +1 -1
data/lib/omniauth/strategies/base_strategy.rb +55 -0
data/lib/omniauth/strategies/nitro_id.rb +5 -9
data/lib/omniauth/strategies/tempo_id.rb +5 -9
metadata +4 -2

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: b3b09237f96562c54df18acc4a2974ee10c321d587bd2c0878865c30aa57a0ed
-  data.tar.gz: 7bf933d671741411f8184693d372ccddadc64d74158b8177eb7d7cc68bccf7a1
+  metadata.gz: c3fcfd3453a65729b3e8f7a24c6741c14cacc74d88547e24cb120fdeda0f55c3
+  data.tar.gz: 2a6b81428854f8eb43b5be273aff890d9caf2cdf48cbb9154fd7d4eecab7d09b
 SHA512:
-  metadata.gz: ba8f9dcf267a4c63ba805f7fa7cca57e798534b070cd81fd40890a3b7f0b475a142a4f626bf8c93e78ce18ae54d227fc5187e98415bf1a516d16e58832813192
-  data.tar.gz: 43bf42fcd09e559514a7e16376d0f9b5c2686eb67119daeaaf7620094464acbdb891e0cad2cbd268749653d473bf7292f61b8e0bd39933d400a8dcdcf3f8ab0d
+  metadata.gz: 386e8ba55776a76e8905e58420dc897261011083adc935005c806944a48ec20ed772adef07d82571fbaa34903934ee4ed9d3d1063324b1047c072a56863f526f
+  data.tar.gz: 3e9aa553a7de06ccbb143da81061c87489b3412ccc8ac15e6aaa10edbdf046e2ab0c261aebb203e2e5fb4358de546b7e391925f1e3ea91975a7627b7f78c16a3

data/docs/CHANGELOG.md CHANGED Viewed

@@ -7,6 +7,12 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 ## [Unreleased]
+## [1.1.0] - 2022-12-14
+### Added
+* Add support for `id_token_hint`. PR [#8](https://github.com/powerhome/omniauth-nitro-id/pull/8)
 ## [1.0.0] - 2022-12-05
 ### Added
@@ -14,4 +20,5 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 * Initial release
 [Unreleased]: https://github.com/powerhome/omniauth-nitro-id/compare/v1.0.0...HEAD
+[1.1.0]: https://github.com/powerhome/omniauth-nitro-id/releases/tag/v1.1.0
 [1.0.0]: https://github.com/powerhome/omniauth-nitro-id/releases/tag/v1.0.0

data/lib/extensions/discovery.rb ADDED Viewed

@@ -0,0 +1,24 @@
+# frozen_string_literal: true
+module Extensions
+  module Discovery
+    Module.new do
+      # Monkey patch allow HTTP instead of forcing HTTPS for discovery.
+      attr_reader :scheme
+      def initialize(uri)
+        @scheme = uri.scheme
+        super
+      end
+      def endpoint
+        URI::Generic.build(scheme: scheme, host: host, port: port, path: path)
+      rescue URI::Error => e
+        raise SWD::Exception, e.message
+      end
+      prepend_features(::OpenIDConnect::Discovery::Provider::Config::Resource)
+    end
+  end
+end

data/lib/omniauth/nitro_id/version.rb CHANGED Viewed

@@ -2,6 +2,6 @@
 module OmniAuth
   module NitroId
-    VERSION = "1.0.0"
+    VERSION = "1.1.0"
   end
 end

data/lib/omniauth/strategies/base_strategy.rb ADDED Viewed

@@ -0,0 +1,55 @@
+# frozen_string_literal: true
+require "omniauth_openid_connect"
+require_relative "../../extensions/discovery"
+module OmniAuth
+  module Strategies
+    class BaseStrategy < OmniAuth::Strategies::OpenIDConnect
+      def public_key
+        @public_key ||= if options.discovery
+                          config.jwks
+                        elsif key_or_secret
+                          key_or_secret
+                        elsif client_options.jwks_uri
+                          fetch_key
+                        end
+      end
+    private
+      def fetch_key
+        @fetch_key ||= parse_jwk_key(::OpenIDConnect.http_client.get_content(client_options.jwks_uri))
+      end
+      def key_or_secret
+        @key_or_secret ||=
+          case options.client_signing_alg&.to_sym
+          when :HS256, :HS384, :HS512
+            client_options.secret
+          when :RS256, :RS384, :RS512
+            parse_key
+          end
+      end
+      def encoded_post_logout_redirect_uri
+        return unless options.post_logout_redirect_uri
+        query = {
+          post_logout_redirect_uri: options.post_logout_redirect_uri,
+        }
+        query = query.merge({ id_token_hint: params["id_token_hint"] }) if params["id_token_hint"]
+        URI.encode_www_form(query)
+      end
+      def parse_key
+        if options.client_jwk_signing_key
+          parse_jwk_key(options.client_jwk_signing_key)
+        elsif options.client_x509_signing_key
+          parse_x509_key(options.client_x509_signing_key)
+        end
+      end
+    end
+  end
+end

data/lib/omniauth/strategies/nitro_id.rb CHANGED Viewed

@@ -1,18 +1,14 @@
 # frozen_string_literal: true
-require "omniauth_openid_connect"
+require_relative "base_strategy"
 module OmniAuth
   module Strategies
-    class NitroId < OmniAuth::Strategies::OpenIDConnect
-      DEFAULT_STRATEGY_NAME = "nitro_id"
-      DEFAULT_ISSUER = "https://id.powerhrg.com/"
-      DEFAULT_HOST = "id.powerhrg.com"
-      option :name, DEFAULT_STRATEGY_NAME
+    class NitroId < BaseStrategy
+      option :name, "nitro_id"
       option :discovery, true
-      option :issuer, DEFAULT_ISSUER
-      option :client_options, host: DEFAULT_HOST
+      option :issuer, "https://id.powerhrg.com/"
+      option :client_options, host: "id.powerhrg.com"
     end
   end
 end

data/lib/omniauth/strategies/tempo_id.rb CHANGED Viewed

@@ -1,18 +1,14 @@
 # frozen_string_literal: true
-require "omniauth_openid_connect"
+require_relative "base_strategy"
 module OmniAuth
   module Strategies
-    class TempoId < OmniAuth::Strategies::OpenIDConnect
-      DEFAULT_STRATEGY_NAME = "tempo_id"
-      DEFAULT_ISSUER = "https://id.streamfinancial.io/"
-      DEFAULT_HOST = "id.streamfinancial.io"
-      option :name, DEFAULT_STRATEGY_NAME
+    class TempoId < BaseStrategy
+      option :name, "tempo_id"
       option :discovery, true
-      option :issuer, DEFAULT_ISSUER
-      option :client_options, host: DEFAULT_HOST
+      option :issuer, "https://id.streamfinancial.io/"
+      option :client_options, host: "id.streamfinancial.io"
     end
   end
 end

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: omniauth-nitro-id
 version: !ruby/object:Gem::Version
-  version: 1.0.0
+  version: 1.1.0
 platform: ruby
 authors:
 - Stephen Greer
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2022-12-05 00:00:00.000000000 Z
+date: 2022-12-14 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: omniauth_openid_connect
@@ -156,9 +156,11 @@ files:
 - bin/setup
 - docs/CHANGELOG.md
 - docs/README.md
+- lib/extensions/discovery.rb
 - lib/omniauth-nitro-id.rb
 - lib/omniauth/nitro_id.rb
 - lib/omniauth/nitro_id/version.rb
+- lib/omniauth/strategies/base_strategy.rb
 - lib/omniauth/strategies/nitro_id.rb
 - lib/omniauth/strategies/tempo_id.rb
 - mkdocs.yml