RubyGems - omniauth-oauth_oidc - Versions diffs - 0.0.1 → 0.0.2 - Mend

omniauth-oauth_oidc 0.0.1 → 0.0.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (5) hide show

checksums.yaml +4 -4
data/lib/omniauth/openid_connect/version.rb +1 -1
data/lib/omniauth/strategies/openid_connect.rb +5 -0
data/test/lib/omniauth/strategies/openid_connect_test.rb +13 -0
metadata +1 -1

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 4e54afdf6d7654f496f5dbe08582d146a6ec5ae1ef23450802ddad6b3a522a26
-  data.tar.gz: fa4fc5ea5ba1b5c65809dc72a1934be9cade29d4cb4a2090680fc696875fc257
+  metadata.gz: 0fa89dcb282db4791409a5a30f6a116f8d099a261443444e2e820978050a1eaf
+  data.tar.gz: da9b63b81d17123989eaec89474ccf4335f1a6b55432c62b4c7f51a6c705ca32
 SHA512:
-  metadata.gz: 21163b952f6c9d570ff1b35895f258f62590e69314240a364cb098d552e95f82b6d4ca3db3beecd7096fb000d4db4c61380934457b2017959e18a5c72036ccd5
-  data.tar.gz: 01a50ef7e2e5524a5033903caa2838b03ed732884a86ae8b28b03954c226e3e22151abd7380662fbf292e933dbd133aa0ad150b40641b5e373079d6d57e3f53d
+  metadata.gz: 1beadd010d56b1b0a81a2d9693246e187c2e05f12b6f467f04e128561efb27e692702b3d509f3d102f73d6ade750180742229afbe4188c7d84717b74882bf11e
+  data.tar.gz: 7f1e441d69a1b06b2f94da8a68542748ecbcb6ee21c1a91a8b9ab13aac154546998ebd9997c3c0a53b71aac4857daa1558bbe20cfd164df19e11c4150f6a32bc

data/lib/omniauth/openid_connect/version.rb CHANGED Viewed

@@ -2,6 +2,6 @@
 module OmniAuth
   module OpenIDConnect
-    VERSION = '0.0.1'
+    VERSION = '0.0.2'
   end
 end

data/lib/omniauth/strategies/openid_connect.rb CHANGED Viewed

@@ -55,6 +55,7 @@ module OmniAuth
       option :client_auth_method
       option :post_logout_redirect_uri
       option :extra_authorize_params, {}
+      option :allow_authorize_params, []
       option :uid_field, 'sub'
       option :pkce, false
       option :pkce_verifier, nil
@@ -189,6 +190,10 @@ module OmniAuth
           session["omniauth.pkce.verifier"] = options.pkce_verifier
         end
+        options.allow_authorize_params.each do |key|
+          opts[key] = request.params[key.to_s] unless opts.key?(key)
+        end
         client.authorization_uri(opts.reject { |_k, v| v.nil? })
       end

data/test/lib/omniauth/strategies/openid_connect_test.rb CHANGED Viewed

@@ -150,6 +150,19 @@ module OmniAuth
         assert(strategy.authorize_uri =~ /resource=xyz/, 'URI must contain custom params')
       end
+      def test_request_phase_with_allowed_params
+        strategy.options.issuer = 'example.com'
+        strategy.options.allow_authorize_params = [:name, :logo, :resource]
+        strategy.options.extra_authorize_params = {resource: 'xyz'}
+        strategy.options.client_options.host = 'example.com'
+        request.stubs(:params).returns('name' => 'example', 'logo' => 'example_logo', 'resource' => 'abc', 'not_allowed' => 'filter_me')
+        assert(strategy.authorize_uri =~ /resource=xyz/, 'URI must contain fixed param resource')
+        assert(strategy.authorize_uri =~ /name=example/, 'URI must contain dynamic param name')
+        assert(strategy.authorize_uri =~ /logo=example_logo/, 'URI must contain dynamic param logo')
+        refute(strategy.authorize_uri =~ /not_allowed=filter_me/, 'URI must filter not allowed param')
+      end
       def test_uid
         assert_equal user_info.sub, strategy.uid

metadata CHANGED Viewed

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: omniauth-oauth_oidc
 version: !ruby/object:Gem::Version
-  version: 0.0.1
+  version: 0.0.2
 platform: ruby
 authors:
 - John Bohn