omniauth-roblox 0.0.3 → 0.0.4

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 2ec3d5c9661ea76aa87c1966cbcc91ec1de7aa28f8fb4cfbb8aa3d645c08b9b7
-  data.tar.gz: 5c171cd33bdd360051e49724418bed1eb431b0d56ff7994896176ae4b3122e90
+  metadata.gz: b23dc782e6a4fd1f557b1f3a8dbc8fd225fac1d5ee92d9ac3840c45e4beddc2c
+  data.tar.gz: 92a13f6586a2cfa7a2c9007161b667c8c2bd8ff23b9afc8e89e60637ae4d0a24
 SHA512:
-  metadata.gz: 85e4ff0f7547db4b04d96154b9e6430f47b5715a43a5e62008846d1ff5ff962cae1a491960213b181ccd02266a6bd44747b03634e6b8d0dfc760bf5df494b39e
-  data.tar.gz: b6e7f4e2a59447dd0bc14c5baaa489fb637fb6ffb25935ee816f9c77c445b2ad450d8d1b78d7cb49bb4158c141a4ef79c2abbc94ea91c877b9ba8a75cdb4ba95
+  metadata.gz: d44f56dc85f3fb1c53c00c5fcc4617450b4946492820480426fd925b45ed5c4424d5455079bb5776adca5c691e6fe7cf88beda950ee790a42610dc40bfceafd9
+  data.tar.gz: 6e733ed48328390676540e81429ae94066a8453f5aa0cf1ae1a45ea82cbf5992fdd60c69c73e62d90eb8f514e37a69a4d7c817d79c3a563e59883dda34f6c96d

data/Gemfile

@@ -1,8 +1,8 @@
-# frozen_string_literal: true
-
-source 'https://rubygems.org'
-
-gemspec
-
-gem 'rake', group: 'development'
-gem 'rubocop', '~> 1.36', group: 'development'
+# frozen_string_literal: true
+
+source 'https://rubygems.org'
+
+gemspec
+
+gem 'rake', group: 'development'
+gem 'rubocop', '~> 1.36', group: 'development'

data/Gemfile.lock

@@ -1,74 +1,74 @@
-PATH
-  remote: .
-  specs:
-    omniauth-roblox (0.0.1)
-      jwt (~> 2.5)
-      omniauth (~> 2.1)
-      omniauth-oauth2 (~> 1.8)
-
-GEM
-  remote: https://rubygems.org/
-  specs:
-    ast (2.4.2)
-    faraday (2.5.2)
-      faraday-net_http (>= 2.0, < 3.1)
-      ruby2_keywords (>= 0.0.4)
-    faraday-net_http (3.0.0)
-    hashie (5.0.0)
-    json (2.6.2)
-    jwt (2.5.0)
-    multi_xml (0.6.0)
-    oauth2 (2.0.8)
-      faraday (>= 0.17.3, < 3.0)
-      jwt (>= 1.0, < 3.0)
-      multi_xml (~> 0.5)
-      rack (>= 1.2, < 3)
-      snaky_hash (~> 2.0)
-      version_gem (~> 1.1)
-    omniauth (2.1.0)
-      hashie (>= 3.4.6)
-      rack (>= 2.2.3)
-      rack-protection
-    omniauth-oauth2 (1.8.0)
-      oauth2 (>= 1.4, < 3)
-      omniauth (~> 2.0)
-    parallel (1.22.1)
-    parser (3.1.2.1)
-      ast (~> 2.4.1)
-    rack (2.2.4)
-    rack-protection (2.2.2)
-      rack
-    rainbow (3.1.1)
-    rake (13.0.6)
-    regexp_parser (2.5.0)
-    rexml (3.2.5)
-    rubocop (1.36.0)
-      json (~> 2.3)
-      parallel (~> 1.10)
-      parser (>= 3.1.2.1)
-      rainbow (>= 2.2.2, < 4.0)
-      regexp_parser (>= 1.8, < 3.0)
-      rexml (>= 3.2.5, < 4.0)
-      rubocop-ast (>= 1.20.1, < 2.0)
-      ruby-progressbar (~> 1.7)
-      unicode-display_width (>= 1.4.0, < 3.0)
-    rubocop-ast (1.21.0)
-      parser (>= 3.1.1.0)
-    ruby-progressbar (1.11.0)
-    ruby2_keywords (0.0.5)
-    snaky_hash (2.0.0)
-      hashie
-      version_gem (~> 1.1)
-    unicode-display_width (2.2.0)
-    version_gem (1.1.0)
-
-PLATFORMS
-  x86_64-linux
-
-DEPENDENCIES
-  omniauth-roblox!
-  rake
-  rubocop (~> 1.36)
-
-BUNDLED WITH
-   2.3.21
+PATH
+  remote: .
+  specs:
+    omniauth-roblox (0.0.4)
+      omniauth (~> 2.1)
+      omniauth-oauth2 (~> 1.8)
+
+GEM
+  remote: https://rubygems.org/
+  specs:
+    ast (2.4.2)
+    faraday (2.7.4)
+      faraday-net_http (>= 2.0, < 3.1)
+      ruby2_keywords (>= 0.0.4)
+    faraday-net_http (3.0.2)
+    hashie (5.0.0)
+    json (2.6.3)
+    jwt (2.7.0)
+    multi_xml (0.6.0)
+    oauth2 (2.0.9)
+      faraday (>= 0.17.3, < 3.0)
+      jwt (>= 1.0, < 3.0)
+      multi_xml (~> 0.5)
+      rack (>= 1.2, < 4)
+      snaky_hash (~> 2.0)
+      version_gem (~> 1.1)
+    omniauth (2.1.1)
+      hashie (>= 3.4.6)
+      rack (>= 2.2.3)
+      rack-protection
+    omniauth-oauth2 (1.8.0)
+      oauth2 (>= 1.4, < 3)
+      omniauth (~> 2.0)
+    parallel (1.22.1)
+    parser (3.2.2.0)
+      ast (~> 2.4.1)
+    rack (3.0.7)
+    rack-protection (3.0.5)
+      rack
+    rainbow (3.1.1)
+    rake (13.0.6)
+    regexp_parser (2.7.0)
+    rexml (3.2.5)
+    rubocop (1.49.0)
+      json (~> 2.3)
+      parallel (~> 1.10)
+      parser (>= 3.2.0.0)
+      rainbow (>= 2.2.2, < 4.0)
+      regexp_parser (>= 1.8, < 3.0)
+      rexml (>= 3.2.5, < 4.0)
+      rubocop-ast (>= 1.28.0, < 2.0)
+      ruby-progressbar (~> 1.7)
+      unicode-display_width (>= 2.4.0, < 3.0)
+    rubocop-ast (1.28.0)
+      parser (>= 3.2.1.0)
+    ruby-progressbar (1.13.0)
+    ruby2_keywords (0.0.5)
+    snaky_hash (2.0.1)
+      hashie
+      version_gem (~> 1.1, >= 1.1.1)
+    unicode-display_width (2.4.2)
+    version_gem (1.1.2)
+
+PLATFORMS
+  arm64-darwin-22
+  x86_64-linux
+
+DEPENDENCIES
+  omniauth-roblox!
+  rake
+  rubocop (~> 1.36)
+
+BUNDLED WITH
+   2.4.10

data/LICENSE

@@ -1,21 +1,21 @@
-MIT License
-
-Copyright (c) 2022 Wolftallemo
-
-Permission is hereby granted, free of charge, to any person obtaining a copy
-of this software and associated documentation files (the "Software"), to deal
-in the Software without restriction, including without limitation the rights
-to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-copies of the Software, and to permit persons to whom the Software is
-furnished to do so, subject to the following conditions:
-
-The above copyright notice and this permission notice shall be included in all
-copies or substantial portions of the Software.
-
-THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+MIT License
+
+Copyright (c) 2022 Wolftallemo
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
 SOFTWARE.

data/README.md

@@ -1,29 +1,28 @@
-# OmniAuth Roblox
-OmniAuth strategy for Roblox
-
-## Installation
-Add to your `Gemfile`
-```
-gem 'omniauth-roblox'
-```
-Run `bundle install`
-
-## Setup
-⚠️ Roblox's OAuth API is currently private access only ⚠️
-
-- Go to https://create.roblox.com/credentials
-- Fill out the fields and select your scopes
-
-## Usage
-An example of adding this middleware to your Rails app in `config/initializers/omniauth.rb`
-```rb
-Rails.application.config.middleware.use OmniAuth::Builder do
-  provider :roblox, ENV['RBX_CLIENT_ID'], ENV['RBX_CLIENT_SECRET']
-end
-```
-
-## Configuration Options
-- `scope`: No scopes are currently set by default, Roblox requires the `openid` scope at the minimum.
-- `image_type`: The type of image that should be returned by roblox, defaults to `headshot`. Allowed values: `[empty string]` (full body), `bust`, and `headshot`.
-- `jwt_leeway`: Amount of leeway in seconds passed to the JWT library, only works with version 2.1 or earlier.
-- `skip_image`: If this is set to `true`, no image url will be returned.
+# OmniAuth Roblox
+OmniAuth strategy for Roblox
+
+## Installation
+Add to your `Gemfile`
+```
+gem 'omniauth-roblox'
+```
+Run `bundle install`
+
+## Setup
+⚠️ Roblox's OAuth API is currently private access only ⚠️
+
+- Go to https://create.roblox.com/credentials
+- Fill out the fields and select your scopes
+
+## Usage
+An example of adding this middleware to your Rails app in `config/initializers/omniauth.rb`
+```rb
+Rails.application.config.middleware.use OmniAuth::Builder do
+  provider :roblox, ENV['RBX_CLIENT_ID'], ENV['RBX_CLIENT_SECRET']
+end
+```
+
+## Configuration Options
+- `scope`: No scopes are currently set by default, Roblox requires the `openid` scope at the minimum.
+- `image_type`: The type of image that should be returned by roblox, defaults to `headshot`. Allowed values: `[empty string]` (full body), `bust`, and `headshot`.
+- `skip_image`: If this is set to `true`, no image url will be returned.

data/lib/omniauth-roblox/omniauth/strategies/roblox.rb

@@ -1,98 +1,101 @@
-# frozen_string_literal: true
-
-require 'json'
-require 'jwt'
-require 'net/http'
-require 'omniauth/strategies/oauth2'
-require 'uri'
-
-module OmniAuth
-  module Strategies
-    # This is the Roblox OAuth/OIDC strategy
-    # Currently their API is in private beta
-    # If you are enrolled, you may register
-    # at https://create.roblox.com/credentials
-    class Roblox < OmniAuth::Strategies::OAuth2
-      option :name, 'roblox'
-
-      option :client_options,
-             authorize_url: 'v1/authorize',
-             site: 'https://apis.roblox.com/oauth',
-             token_url: 'v1/token'
-
-      option :jwt_leeway, 60
-      option :authorize_options, %i[consent login selectAccount]
-      option :image_type, 'headshot'
-      option :skip_image, false
-
-      def authorize_params # rubocop:disable Metrics/AbcSize
-        super.tap do |params|
-          options[:authorize_options].each do |k|
-            params[k] = request.params[k.to_s] unless [nil, ''].include?(request.params[k.to_s])
-          end
-
-          session['omniauth.state'] = params[:state] if params[:state]
-        end
-      end
-
-      uid { raw_info['sub'] }
-
-      info do
-        {
-          name: raw_info['name'],
-          nickname: user_info['nickname'],
-          image: image_url,
-          # This is provided in the `profile` claim, but is not included if the `profile` scope is not set
-          urls: { website: "https://www.roblox.com/users/#{uid}/profile" }
-        }
-      end
-
-      extra do
-        { raw_info: raw_info }
-      end
-
-      def raw_info
-        @raw_info ||= ::JWT.decode(access_token['id_token'], nil, false).first
-
-        return if @raw_info['name']
-
-        user_api_res = Net::HTTP.get_response(URI("https://users.roblox.com/v1/users/#{uid}"))
-
-        # The Roblox Users API returns usernames under the `name` property
-        # Unlike the id_token where it is the display name
-        return unless user_api_res.is_a?(Net::HTTPSuccess)
-
-        api_data = JSON.parse(user_api_res.body)
-        @raw_info['nickname'] = api_data['name']
-        @raw_info['name'] = api_data['displayName']
-      end
-
-      # Roblox currently does not allow third parties to access user emails, this is only added for completeness
-      def verified_email
-        raw_info['email_verified'] ? raw_info['email'] : nil
-      end
-
-      def image_url # rubocop:disable Metrics
-        return nil if options[:skip_image]
-
-        url = 'https://thumbnails.roblox.com/v1/users/avatar'
-        url_additions = {
-          bust: '-bust',
-          headshot: '-headshot'
-        }
-        uri = URI(url + url_additions[options[:image_type]])
-        uri.query = URI.encode_www_form({
-                                          userIds: raw_info['sub'],
-                                          size: '720x720',
-                                          format: 'Png',
-                                          isCircular: 'false'
-                                        })
-
-        res = Net::HTTP.get_response(uri)
-        data = JSON.parse(res.body).data.first
-
-        res.is_a?(Net::HTTPSuccess) ? data.imageUrl : nil
-      end
-    end
-  end
-end
+# frozen_string_literal: true
+
+require 'base64'
+require 'json'
+require 'net/http'
+require 'omniauth/strategies/oauth2'
+require 'uri'
+
+module OmniAuth
+  module Strategies
+    # This is the Roblox OAuth/OIDC strategy
+    # Currently their API is in private beta
+    # If you are enrolled, you may register
+    # at https://create.roblox.com/credentials
+    class Roblox < OmniAuth::Strategies::OAuth2
+      option :name, 'roblox'
+
+      option :client_options,
+             authorize_url: 'v1/authorize',
+             site: 'https://apis.roblox.com/oauth',
+             token_url: 'v1/token'
+
+      option :authorize_options, %i[consent login selectAccount]
+      option :image_type, 'headshot'
+      option :skip_image, false
+
+      def authorize_params # rubocop:disable Metrics/AbcSize
+        super.tap do |params|
+          options[:authorize_options].each do |k|
+            params[k] = request.params[k.to_s] unless [nil, ''].include?(request.params[k.to_s])
+          end
+
+          session['omniauth.state'] = params[:state] if params[:state]
+        end
+      end
+
+      uid { raw_info['sub'] }
+
+      info do
+        {
+          name: raw_info['name'],
+          nickname: user_info['nickname'],
+          image: image_url,
+          # This is provided in the `profile` claim, but is not included if the `profile` scope is not set
+          urls: { website: "https://www.roblox.com/users/#{uid}/profile" }
+        }
+      end
+
+      extra do
+        { raw_info: raw_info }
+      end
+
+      def raw_info
+        @raw_info ||= JSON.parse(
+          Base64.urlsafe_decode(
+            access_token['id_token'].split('.')[1]
+          )
+        )
+
+        return if @raw_info['name']
+
+        user_api_res = Net::HTTP.get_response(URI("https://users.roblox.com/v1/users/#{uid}"))
+
+        # The Roblox Users API returns usernames under the `name` property
+        # Unlike the id_token where it is the display name
+        return unless user_api_res.is_a?(Net::HTTPSuccess)
+
+        api_data = JSON.parse(user_api_res.body)
+        @raw_info['nickname'] = api_data['name']
+        @raw_info['name'] = api_data['displayName']
+      end
+
+      # Roblox currently does not allow third parties to access user emails, this is only added for completeness
+      def verified_email
+        raw_info['email_verified'] ? raw_info['email'] : nil
+      end
+
+      def image_url # rubocop:disable Metrics
+        return nil if options[:skip_image]
+
+        url = 'https://thumbnails.roblox.com/v1/users/avatar'
+        url_additions = {
+          bust: '-bust',
+          headshot: '-headshot'
+        }
+        uri = URI(url + url_additions[options[:image_type]])
+        uri.query = URI.encode_www_form({
+                                          userIds: raw_info['sub'],
+                                          size: '720x720',
+                                          format: 'Png',
+                                          isCircular: 'false'
+                                        })
+
+        res = Net::HTTP.get_response(uri)
+        data = JSON.parse(res.body).data.first
+
+        res.is_a?(Net::HTTPSuccess) ? data.imageUrl : nil
+      end
+    end
+  end
+end

data/lib/omniauth-roblox/version.rb

@@ -1,5 +1,5 @@
-module OmniAuth
-  module Roblox
-    VERSION = '0.0.3'
-  end
-end
+module OmniAuth
+  module Roblox
+    VERSION = '0.0.4'
+  end
+end

data/lib/omniauth-roblox.rb

@@ -1,4 +1,4 @@
-# frozen_string_literal: true
-
-require 'omniauth-roblox/version'
+# frozen_string_literal: true
+
+require 'omniauth-roblox/version'
 require 'omniauth/strategies/roblox'

data/omniauth-roblox.gemspec

@@ -1,18 +1,17 @@
-# frozen_string_literal: true
-
-require File.expand_path('lib/omniauth-roblox/version', __dir__)
-
-Gem::Specification.new do |gem|
-  gem.authors = ['Wolftallemo']
-  gem.files = `git ls-files`.split("\n")
-  gem.homepage = 'https://github.com/Wolftallemo/omniauth-roblox'
-  gem.license = 'MIT'
-  gem.name = 'omniauth-roblox'
-  gem.required_ruby_version = '>= 2.7.2'
-  gem.summary = 'OmniAuth strategy for Roblox'
-  gem.version = OmniAuth::Roblox::VERSION
-
-  gem.add_dependency 'jwt', '~> 2.5'
-  gem.add_dependency 'omniauth', '~> 2.1'
-  gem.add_dependency 'omniauth-oauth2', '~> 1.8'
-end
+# frozen_string_literal: true
+
+require File.expand_path('lib/omniauth-roblox/version', __dir__)
+
+Gem::Specification.new do |gem|
+  gem.authors = ['Wolftallemo']
+  gem.files = `git ls-files`.split("\n")
+  gem.homepage = 'https://github.com/Wolftallemo/omniauth-roblox'
+  gem.license = 'MIT'
+  gem.name = 'omniauth-roblox'
+  gem.required_ruby_version = '>= 2.7.2'
+  gem.summary = 'OmniAuth strategy for Roblox'
+  gem.version = OmniAuth::Roblox::VERSION
+
+  gem.add_dependency 'omniauth', '~> 2.1'
+  gem.add_dependency 'omniauth-oauth2', '~> 1.8'
+end

metadata

@@ -1,29 +1,15 @@
 --- !ruby/object:Gem::Specification
 name: omniauth-roblox
 version: !ruby/object:Gem::Version
-  version: 0.0.3
+  version: 0.0.4
 platform: ruby
 authors:
 - Wolftallemo
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2022-11-07 00:00:00.000000000 Z
+date: 2023-04-04 00:00:00.000000000 Z
 dependencies:
-- !ruby/object:Gem::Dependency
-  name: jwt
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '2.5'
-  type: :runtime
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '2.5'
 - !ruby/object:Gem::Dependency
   name: omniauth
   requirement: !ruby/object:Gem::Requirement
@@ -86,7 +72,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.3.7
+rubygems_version: 3.4.10
 signing_key:
 specification_version: 4
 summary: OmniAuth strategy for Roblox