omniauth 1.9.0 → 1.9.1
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of omniauth might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/.travis.yml +4 -2
- data/Gemfile +2 -2
- data/README.md +2 -2
- data/lib/omniauth.rb +1 -1
- data/lib/omniauth/builder.rb +1 -20
- data/lib/omniauth/version.rb +1 -1
- data/omniauth.gemspec +1 -1
- metadata +3 -9
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: a60cc2e4ba6c8135e9707ee25a4075b2948c5ca7
|
4
|
+
data.tar.gz: 8e240213e8aa84d5f37e7f1de2fae934dbc5bb70
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: cab0699b737d95347ef012062ef88a1e4c73d961a7154345157b77be0e32212d5a4a32ccc645714024a1e645926d82d3b8e7a7644e159ac9f5015d9f195e249a
|
7
|
+
data.tar.gz: c68c617b16b9c9bba273c150604a9bc4ab832a1f18dbe0e09e88d39c07be772718ff681c293a25515d2fdf9701f7eb50cec88810188e3fc156842503cc623551
|
data/.travis.yml
CHANGED
@@ -1,7 +1,9 @@
|
|
1
1
|
bundler_args: --without development
|
2
2
|
before_install:
|
3
|
-
- gem
|
4
|
-
- gem
|
3
|
+
- gem uninstall -v '>= 2' -i $(rvm gemdir)@global -ax bundler || true
|
4
|
+
- gem install bundler -v '1.17.3'
|
5
|
+
install:
|
6
|
+
- bundle _1.17.3_ install --jobs=3 --retry=3
|
5
7
|
cache: bundler
|
6
8
|
env:
|
7
9
|
global:
|
data/Gemfile
CHANGED
@@ -13,14 +13,14 @@ end
|
|
13
13
|
|
14
14
|
group :test do
|
15
15
|
gem 'coveralls', :require => false
|
16
|
-
gem 'hashie', '>= 3.4.6', '
|
16
|
+
gem 'hashie', '>= 3.4.6', '~> 4.0.0', :platforms => [:jruby_18]
|
17
17
|
gem 'json', '~> 2.0.3', :platforms => %i[jruby_18 jruby_19 ruby_19]
|
18
18
|
gem 'mime-types', '~> 3.1', :platforms => [:jruby_18]
|
19
19
|
gem 'rack', '>= 2.0.6', :platforms => %i[jruby_18 jruby_19 ruby_19 ruby_20 ruby_21]
|
20
20
|
gem 'rack-test'
|
21
21
|
gem 'rest-client', '~> 2.0.0', :platforms => [:jruby_18]
|
22
22
|
gem 'rspec', '~> 3.5.0'
|
23
|
-
gem 'rubocop', '>= 0.58.2', :platforms => %i[ruby_20 ruby_21 ruby_22 ruby_23 ruby_24]
|
23
|
+
gem 'rubocop', '>= 0.58.2', '< 0.69.0', :platforms => %i[ruby_20 ruby_21 ruby_22 ruby_23 ruby_24]
|
24
24
|
gem 'tins', '~> 1.13.0', :platforms => %i[jruby_18 jruby_19 ruby_19]
|
25
25
|
end
|
26
26
|
|
data/README.md
CHANGED
@@ -2,14 +2,12 @@
|
|
2
2
|
|
3
3
|
[![Gem Version](http://img.shields.io/gem/v/omniauth.svg)][gem]
|
4
4
|
[![Build Status](http://img.shields.io/travis/omniauth/omniauth.svg)][travis]
|
5
|
-
[![Dependency Status](http://img.shields.io/gemnasium/omniauth/omniauth.svg)][gemnasium]
|
6
5
|
[![Code Climate](http://img.shields.io/codeclimate/github/omniauth/omniauth.svg)][codeclimate]
|
7
6
|
[![Coverage Status](http://img.shields.io/coveralls/omniauth/omniauth.svg)][coveralls]
|
8
7
|
[![Security](https://hakiri.io/github/omniauth/omniauth/master.svg)](https://hakiri.io/github/omniauth/omniauth/master)
|
9
8
|
|
10
9
|
[gem]: https://rubygems.org/gems/omniauth
|
11
10
|
[travis]: http://travis-ci.org/omniauth/omniauth
|
12
|
-
[gemnasium]: https://gemnasium.com/omniauth/omniauth
|
13
11
|
[codeclimate]: https://codeclimate.com/github/omniauth/omniauth
|
14
12
|
[coveralls]: https://coveralls.io/r/omniauth/omniauth
|
15
13
|
|
@@ -122,6 +120,8 @@ environment information on the callback request. It is entirely up to
|
|
122
120
|
you how you want to implement the particulars of your application's
|
123
121
|
authentication flow.
|
124
122
|
|
123
|
+
**Please note:** there is currently a CSRF vulnerability which affects OmniAuth (designated [CVE-2015-9284](https://nvd.nist.gov/vuln/detail/CVE-2015-9284)) that requires mitigation at the application level. More details on how to do this can be found on the [Wiki](https://github.com/omniauth/omniauth/wiki/Resolving-CVE-2015-9284).
|
124
|
+
|
125
125
|
## Configuring The `origin` Param
|
126
126
|
The `origin` url parameter is typically used to inform where a user came from and where, should you choose to use it, they'd want to return to.
|
127
127
|
|
data/lib/omniauth.rb
CHANGED
data/lib/omniauth/builder.rb
CHANGED
@@ -1,24 +1,5 @@
|
|
1
1
|
module OmniAuth
|
2
2
|
class Builder < ::Rack::Builder
|
3
|
-
def initialize(app, &block)
|
4
|
-
@options = nil
|
5
|
-
if rack14? || rack2?
|
6
|
-
super
|
7
|
-
else
|
8
|
-
@app = app
|
9
|
-
super(&block)
|
10
|
-
@ins << @app
|
11
|
-
end
|
12
|
-
end
|
13
|
-
|
14
|
-
def rack14?
|
15
|
-
Rack.release.start_with?('1.') && (Rack.release.split('.')[1].to_i >= 4)
|
16
|
-
end
|
17
|
-
|
18
|
-
def rack2?
|
19
|
-
Rack.release.start_with? '2.'
|
20
|
-
end
|
21
|
-
|
22
3
|
def on_failure(&block)
|
23
4
|
OmniAuth.config.on_failure = block
|
24
5
|
end
|
@@ -40,7 +21,7 @@ module OmniAuth
|
|
40
21
|
end
|
41
22
|
|
42
23
|
def options(options = false)
|
43
|
-
return @options
|
24
|
+
return @options ||= {} if options == false
|
44
25
|
|
45
26
|
@options = options
|
46
27
|
end
|
data/lib/omniauth/version.rb
CHANGED
data/omniauth.gemspec
CHANGED
@@ -5,7 +5,7 @@ $LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
|
|
5
5
|
require 'omniauth/version'
|
6
6
|
|
7
7
|
Gem::Specification.new do |spec|
|
8
|
-
spec.add_dependency 'hashie', ['>= 3.4.6'
|
8
|
+
spec.add_dependency 'hashie', ['>= 3.4.6']
|
9
9
|
spec.add_dependency 'rack', ['>= 1.6.2', '< 3']
|
10
10
|
spec.add_development_dependency 'bundler', '~> 1.14'
|
11
11
|
spec.add_development_dependency 'rake', '~> 12.0'
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: omniauth
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.9.
|
4
|
+
version: 1.9.1
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Michael Bleigh
|
@@ -10,7 +10,7 @@ authors:
|
|
10
10
|
autorequire:
|
11
11
|
bindir: bin
|
12
12
|
cert_chain: []
|
13
|
-
date:
|
13
|
+
date: 2020-03-02 00:00:00.000000000 Z
|
14
14
|
dependencies:
|
15
15
|
- !ruby/object:Gem::Dependency
|
16
16
|
name: hashie
|
@@ -19,9 +19,6 @@ dependencies:
|
|
19
19
|
- - ">="
|
20
20
|
- !ruby/object:Gem::Version
|
21
21
|
version: 3.4.6
|
22
|
-
- - "<"
|
23
|
-
- !ruby/object:Gem::Version
|
24
|
-
version: 3.7.0
|
25
22
|
type: :runtime
|
26
23
|
prerelease: false
|
27
24
|
version_requirements: !ruby/object:Gem::Requirement
|
@@ -29,9 +26,6 @@ dependencies:
|
|
29
26
|
- - ">="
|
30
27
|
- !ruby/object:Gem::Version
|
31
28
|
version: 3.4.6
|
32
|
-
- - "<"
|
33
|
-
- !ruby/object:Gem::Version
|
34
|
-
version: 3.7.0
|
35
29
|
- !ruby/object:Gem::Dependency
|
36
30
|
name: rack
|
37
31
|
requirement: !ruby/object:Gem::Requirement
|
@@ -134,7 +128,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
134
128
|
version: 1.3.5
|
135
129
|
requirements: []
|
136
130
|
rubyforge_project:
|
137
|
-
rubygems_version: 2.6.
|
131
|
+
rubygems_version: 2.6.14.4
|
138
132
|
signing_key:
|
139
133
|
specification_version: 4
|
140
134
|
summary: A generalized Rack framework for multiple-provider authentication.
|