omniauth_openid_connect 0.3.0 → 0.3.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 8916e5d71adfaa8dd6c64c168746671ba026fec61798ee85a9393c03b36c5bbd
-  data.tar.gz: adfa760da9122452dc6cc486fb721ef1ce32a79910b8c16a32b6b153430b3e28
+  metadata.gz: a57713d348ab1dcc7869b8d10ed8b616958019a0c7003a0b5e43e00e85650b0a
+  data.tar.gz: e6ff5320c65348937e7fa2cf140aff27f89957415ded839debcd645e01031353
 SHA512:
-  metadata.gz: 877b098cd0f6a167cd6486a91de34668a6a8c7329ab0fb0eddcbb5914e548895db64a5e9e2ecf20308a90685f3baf29327b0a1e163d007b76e992908b398ea96
-  data.tar.gz: 0ae557ebfc1319225171bba2fdae139a7c6a98338812bec2d3a5b50c58946f825511565c0a0d4c8d07a658a892ba2b652f78c12fd79a7fd1466c16925b85a3e5
+  metadata.gz: 5664e73c24e1521b4b29461eb3ee558dfb143d75322c83f2c3d3f3ee48cd24c8e99f1a348915de574abb1b907103de948cf0c16ebfebd11fa13a2e8206f13d78
+  data.tar.gz: 272a32b0b75f54ca1d861fe361c380d6ee2d9170b9862322f7e9b6edd12e7e2a9cfc37db95b2b549896f9ebc1d6e90272ec0a24cefc4ed195ccc90edff5476d5

data/.rubocop.yml

@@ -0,0 +1,58 @@
+LineLength:
+  Description: 'Limit lines to 130 characters.'
+  Max: 130
+
+Layout/SpaceInsideStringInterpolation:
+  Enabled: false
+
+Layout/MultilineOperationIndentation:
+  EnforcedStyle: indented
+
+StringLiterals:
+  EnforcedStyle: single_quotes
+
+Style/TrailingCommaInArrayLiteral:
+  EnforcedStyleForMultiline: comma
+Style/TrailingCommaInHashLiteral:
+  EnforcedStyleForMultiline: comma
+
+Style/SafeNavigation:
+  Enabled: false
+
+Style/EmptyMethod:
+  Description: 'Checks the formatting of empty method definitions.'
+  StyleGuide: '#no-single-line-methods'
+  Enabled: false
+
+HashSyntax:
+  Description: "Prefer Ruby 1.9 hash syntax { a: 1, b: 2 } over 1.8 syntax\n{ :a => 1, :b => 2 }"
+  EnforcedStyle: ruby19
+  Enabled: true
+
+RedundantBegin:
+  Enabled: true
+
+Documentation:
+  Enabled: false
+
+Metrics/AbcSize:
+  Max: 50
+
+Metrics/CyclomaticComplexity:
+  Max: 50
+
+Metrics/PerceivedComplexity:
+  Max: 15
+
+Metrics/BlockLength:
+  Max: 40
+
+Metrics/MethodLength:
+  Max: 45
+
+AllCops:
+  Exclude:
+    - bin/**/*
+    - Rakefile
+    - config/**/*
+    - test/**/*

data/.travis.yml

@@ -2,3 +2,4 @@ language: ruby
 rvm:
   - 2.4
   - 2.5
+  - 2.6

data/CHANGELOG.md

@@ -1,3 +1,7 @@
+# v0.3.1 (08.06.2019)
+
+- Set default OmniAuth name to openid_connect [#23](https://github.com/m0n9oose/omniauth_openid_connect/pull/23)
+
 # v0.3.0 (27.04.2019)
 
 - RP-Initiated Logout phase [#5](https://github.com/m0n9oose/omniauth_openid_connect/pull/5)

data/Gemfile

@@ -1,2 +1,4 @@
+# frozen_string_literal: true
+
 source 'https://rubygems.org'
 gemspec

data/Guardfile

@@ -1,11 +1,13 @@
+# frozen_string_literal: true
+
 # A sample Guardfile
 # More info at https://github.com/guard/guard#readme
 
 guard 'minitest' do
   # with Minitest::Unit
-  watch(%r|^test/(.*)\/(.*)_test\.rb|)
-  watch(%r|^lib/(.*)\.rb|)     { |m| "test/lib/#{m[1]}_test.rb" }
-  watch(%r|^test/test_helper\.rb|)    { "test" }
+  watch(%r{^test/(.*)\/(.*)_test\.rb})
+  watch(%r{^lib/(.*)\.rb}) { |m| "test/lib/#{m[1]}_test.rb" }
+  watch(%r{^test/test_helper\.rb}) { 'test' }
 end
 
 guard :bundler do

data/lib/omniauth/openid_connect.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'omniauth/openid_connect/errors'
 require 'omniauth/openid_connect/version'
 require 'omniauth/strategies/openid_connect'

data/lib/omniauth/openid_connect/errors.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 module OmniAuth
   module OpenIDConnect
     class Error < RuntimeError; end

data/lib/omniauth/openid_connect/version.rb

@@ -1,5 +1,7 @@
+# frozen_string_literal: true
+
 module OmniAuth
   module OpenIDConnect
-    VERSION = '0.3.0'
+    VERSION = '0.3.1'
   end
 end

data/lib/omniauth/strategies/openid_connect.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'addressable/uri'
 require 'timeout'
 require 'net/http'
@@ -14,30 +16,30 @@ module OmniAuth
 
       def_delegator :request, :params
 
-      option :client_options, {
-        identifier: nil,
-        secret: nil,
-        redirect_uri: nil,
-        scheme: 'https',
-        host: nil,
-        port: 443,
-        authorization_endpoint: '/authorize',
-        token_endpoint: '/token',
-        userinfo_endpoint: '/userinfo',
-        jwks_uri: '/jwk',
-        end_session_endpoint: nil
-      }
+      option :name, 'openid_connect'
+      option(:client_options, identifier: nil,
+                              secret: nil,
+                              redirect_uri: nil,
+                              scheme: 'https',
+                              host: nil,
+                              port: 443,
+                              authorization_endpoint: '/authorize',
+                              token_endpoint: '/token',
+                              userinfo_endpoint: '/userinfo',
+                              jwks_uri: '/jwk',
+                              end_session_endpoint: nil)
+
       option :issuer
       option :discovery, false
       option :client_signing_alg
       option :client_jwk_signing_key
       option :client_x509_signing_key
       option :scope, [:openid]
-      option :response_type, "code"
+      option :response_type, 'code'
       option :state
       option :response_mode
-      option :display, nil #, [:page, :popup, :touch, :wap]
-      option :prompt, nil #, [:none, :login, :consent, :select_account]
+      option :display, nil # [:page, :popup, :touch, :wap]
+      option :prompt, nil # [:none, :login, :consent, :select_account]
       option :hd, nil
       option :max_age
       option :ui_locales
@@ -66,7 +68,7 @@ module OmniAuth
           gender: user_info.gender,
           image: user_info.picture,
           phone: user_info.phone_number,
-          urls: { website: user_info.website }
+          urls: { website: user_info.website },
         }
       end
 
@@ -80,7 +82,7 @@ module OmniAuth
           token: access_token.access_token,
           refresh_token: access_token.refresh_token,
           expires_in: access_token.expires_in,
-          scope: access_token.scope
+          scope: access_token.scope,
         }
       end
 
@@ -93,27 +95,28 @@ module OmniAuth
       end
 
       def request_phase
-        options.issuer = issuer if options.issuer.nil? || options.issuer.empty?
+        options.issuer = issuer if options.issuer.to_s.empty?
         discover!
         redirect authorize_uri
       end
 
       def callback_phase
         error = params['error_reason'] || params['error']
-        if error
-          raise CallbackError.new(params['error'], params['error_description'] || params['error_reason'], params['error_uri'])
-        elsif params['state'].to_s.empty? || params['state'] != stored_state
-          raise CallbackError, 'Invalid state parameter'
-        elsif !params['code']
-          return fail!(:missing_code, OmniAuth::OpenIDConnect::MissingCodeError.new(params['error']))
-        else
-          options.issuer = issuer if options.issuer.nil? || options.issuer.empty?
-          discover!
-          client.redirect_uri = redirect_uri
-          client.authorization_code = authorization_code
-          access_token
-          super
-        end
+        error_description = params['error_description'] || params['error_reason']
+        invalid_state = params['state'].to_s.empty? || params['state'] != stored_state
+
+        raise CallbackError.new(params['error'], error_description, params['error_uri']) if error
+
+        raise CallbackError, 'Invalid state parameter' if invalid_state
+
+        return fail!(:missing_code, OmniAuth::OpenIDConnect::MissingCodeError.new(params['error'])) unless params['code']
+
+        options.issuer = issuer if options.issuer.nil? || options.issuer.empty?
+        discover!
+        client.redirect_uri = redirect_uri
+        client.authorization_code = authorization_code
+        access_token
+        super
       rescue CallbackError, ::Rack::OAuth2::Client::Error => e
         fail!(:invalid_credentials, e)
       rescue ::Timeout::Error, ::Errno::ETIMEDOUT => e
@@ -124,7 +127,7 @@ module OmniAuth
 
       def other_phase
         if logout_path_pattern.match?(current_path)
-          options.issuer = issuer if options.issuer.nil? || options.issuer.empty?
+          options.issuer = issuer if options.issuer.to_s.empty?
           discover!
           return redirect(end_session_uri) if end_session_uri
         end
@@ -137,6 +140,7 @@ module OmniAuth
 
       def end_session_uri
         return unless end_session_endpoint_is_valid?
+
         end_session_uri = URI(client_options.end_session_endpoint)
         end_session_uri.query = encoded_post_logout_redirect_uri
         end_session_uri.to_s
@@ -155,11 +159,12 @@ module OmniAuth
           nonce: (new_nonce if options.send_nonce),
           hd: options.hd,
         }
-        client.authorization_uri(opts.reject { |k, v| v.nil? })
+        client.authorization_uri(opts.reject { |_k, v| v.nil? })
       end
 
       def public_key
         return config.jwks if options.discovery
+
         key_or_secret
       end
 
@@ -173,6 +178,7 @@ module OmniAuth
 
       def discover!
         return unless options.discovery
+
         client_options.authorization_endpoint = config.authorization_endpoint
         client_options.token_endpoint = config.token_endpoint
         client_options.userinfo_endpoint = config.userinfo_endpoint
@@ -185,19 +191,19 @@ module OmniAuth
       end
 
       def access_token
-        @access_token ||= begin
-          _access_token = client.access_token!(
-            scope: (options.scope if options.send_scope_to_token_endpoint),
-            client_auth_method: options.client_auth_method
-          )
-          _id_token = decode_id_token _access_token.id_token
-          _id_token.verify!(
-            issuer: options.issuer,
-            client_id: client_options.identifier,
-            nonce: stored_nonce
-          )
-          _access_token
-        end
+        return @access_token if @access_token
+
+        @access_token = client.access_token!(
+          scope: (options.scope if options.send_scope_to_token_endpoint),
+          client_auth_method: options.client_auth_method
+        )
+        id_token = decode_id_token(@access_token.id_token)
+        id_token.verify!(
+          issuer: options.issuer,
+          client_id: client_options.identifier,
+          nonce: stored_nonce
+        )
+        @access_token
       end
 
       def decode_id_token(id_token)
@@ -233,20 +239,20 @@ module OmniAuth
 
       def session
         return {} if @env.nil?
+
         super
       end
 
       def key_or_secret
         case options.client_signing_alg
         when :HS256, :HS384, :HS512
-          return client_options.secret
+          client_options.secret
         when :RS256, :RS384, :RS512
           if options.client_jwk_signing_key
-            return parse_jwk_key(options.client_jwk_signing_key)
+            parse_jwk_key(options.client_jwk_signing_key)
           elsif options.client_x509_signing_key
-            return parse_x509_key(options.client_x509_signing_key)
+            parse_x509_key(options.client_x509_signing_key)
           end
-        else
         end
       end
 
@@ -256,24 +262,24 @@ module OmniAuth
 
       def parse_jwk_key(key)
         json = JSON.parse(key)
-        if json.has_key?('keys')
-          JSON::JWK::Set.new json['keys']
-        else
-          JSON::JWK.new json
-        end
+        return JSON::JWK::Set.new(json['keys']) if json.key?('keys')
+
+        JSON::JWK.new(json)
       end
 
       def decode(str)
-        UrlSafeBase64.decode64(str).unpack('B*').first.to_i(2).to_s
+        UrlSafeBase64.decode64(str).unpack1('B*').to_i(2).to_s
       end
 
       def redirect_uri
         return client_options.redirect_uri unless params['redirect_uri']
+
         "#{ client_options.redirect_uri }?redirect_uri=#{ CGI.escape(params['redirect_uri']) }"
       end
 
       def encoded_post_logout_redirect_uri
         return unless options.post_logout_redirect_uri
+
         URI.encode_www_form(
           post_logout_redirect_uri: options.post_logout_redirect_uri
         )
@@ -291,7 +297,7 @@ module OmniAuth
       class CallbackError < StandardError
         attr_accessor :error, :error_reason, :error_uri
 
-        def initialize(error, error_reason=nil, error_uri=nil)
+        def initialize(error, error_reason = nil, error_uri = nil)
           self.error = error
           self.error_reason = error_reason
           self.error_uri = error_uri

data/lib/omniauth_openid_connect.rb

@@ -1 +1,3 @@
+# frozen_string_literal: true
+
 require 'omniauth/openid_connect'

data/omniauth_openid_connect.gemspec

@@ -1,5 +1,6 @@
-# coding: utf-8
-lib = File.expand_path('../lib', __FILE__)
+# frozen_string_literal: true
+
+lib = File.expand_path('lib', __dir__)
 $LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
 require 'omniauth/openid_connect/version'
 
@@ -14,21 +15,21 @@ Gem::Specification.new do |spec|
   spec.license       = 'MIT'
 
   spec.files         = `git ls-files -z`.split("\x0")
-  spec.executables   = spec.files.grep(%r(^bin/)) { |f| File.basename(f) }
-  spec.test_files    = spec.files.grep(%r(^(test|spec|features)/))
+  spec.executables   = spec.files.grep(%r{^bin/}) { |f| File.basename(f) }
+  spec.test_files    = spec.files.grep(%r{^(test|spec|features)/})
   spec.require_paths = ['lib']
 
+  spec.add_dependency 'addressable', '~> 2.5'
   spec.add_dependency 'omniauth', '~> 1.3'
   spec.add_dependency 'openid_connect', '~> 1.1'
-  spec.add_dependency 'addressable', '~> 2.5'
-  spec.add_development_dependency 'minitest', '~> 5.1'
-  spec.add_development_dependency 'mocha', '~> 1.7'
+  spec.add_development_dependency 'coveralls', '~> 0.8'
+  spec.add_development_dependency 'faker', '~> 1.6'
   spec.add_development_dependency 'guard', '~> 2.14'
+  spec.add_development_dependency 'guard-bundler', '~> 2.2'
   spec.add_development_dependency 'guard-minitest', '~> 2.4'
-  spec.add_development_dependency 'guard-bundler', '~> 2.1'
+  spec.add_development_dependency 'minitest', '~> 5.1'
+  spec.add_development_dependency 'mocha', '~> 1.7'
   spec.add_development_dependency 'rake', '~> 12.0'
+  spec.add_development_dependency 'rubocop', '~> 0.63'
   spec.add_development_dependency 'simplecov', '~> 0.12'
-  spec.add_development_dependency 'pry', '~> 0.9'
-  spec.add_development_dependency 'coveralls', '~> 0.8'
-  spec.add_development_dependency 'faker', '~> 1.6'
 end

data/test/lib/omniauth/strategies/openid_connect_test.rb

@@ -35,7 +35,7 @@ module OmniAuth
         config.stubs(:end_session_endpoint).returns('https://example.com/logout')
         ::OpenIDConnect::Discovery::Provider::Config.stubs(:discover!).with('https://example.com/').returns(config)
 
-        request.stubs(:path_info).returns('/auth/openidconnect/logout')
+        request.stubs(:path_info).returns('/auth/openid_connect/logout')
 
         strategy.expects(:redirect).with(regexp_matches(expected_redirect))
         strategy.other_phase
@@ -59,7 +59,7 @@ module OmniAuth
         config.stubs(:end_session_endpoint).returns('https://example.com/logout')
         ::OpenIDConnect::Discovery::Provider::Config.stubs(:discover!).with('https://example.com/').returns(config)
 
-        request.stubs(:path_info).returns('/auth/openidconnect/logout')
+        request.stubs(:path_info).returns('/auth/openid_connect/logout')
 
         strategy.expects(:redirect).with(expected_redirect)
         strategy.other_phase
@@ -69,7 +69,7 @@ module OmniAuth
         strategy.options.issuer = 'example.com'
         strategy.options.client_options.host = 'example.com'
 
-        request.stubs(:path_info).returns('/auth/openidconnect/logout')
+        request.stubs(:path_info).returns('/auth/openid_connect/logout')
 
         strategy.expects(:call_app!)
         strategy.other_phase

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: omniauth_openid_connect
 version: !ruby/object:Gem::Version
-  version: 0.3.0
+  version: 0.3.1
 platform: ruby
 authors:
 - John Bohn
@@ -9,78 +9,78 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2019-04-27 00:00:00.000000000 Z
+date: 2019-06-08 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
-  name: omniauth
+  name: addressable
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.3'
+        version: '2.5'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.3'
+        version: '2.5'
 - !ruby/object:Gem::Dependency
-  name: openid_connect
+  name: omniauth
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.1'
+        version: '1.3'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.1'
+        version: '1.3'
 - !ruby/object:Gem::Dependency
-  name: addressable
+  name: openid_connect
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '2.5'
+        version: '1.1'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '2.5'
+        version: '1.1'
 - !ruby/object:Gem::Dependency
-  name: minitest
+  name: coveralls
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '5.1'
+        version: '0.8'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '5.1'
+        version: '0.8'
 - !ruby/object:Gem::Dependency
-  name: mocha
+  name: faker
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.7'
+        version: '1.6'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.7'
+        version: '1.6'
 - !ruby/object:Gem::Dependency
   name: guard
   requirement: !ruby/object:Gem::Requirement
@@ -96,103 +96,103 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '2.14'
 - !ruby/object:Gem::Dependency
-  name: guard-minitest
+  name: guard-bundler
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '2.4'
+        version: '2.2'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '2.4'
+        version: '2.2'
 - !ruby/object:Gem::Dependency
-  name: guard-bundler
+  name: guard-minitest
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '2.1'
+        version: '2.4'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '2.1'
+        version: '2.4'
 - !ruby/object:Gem::Dependency
-  name: rake
+  name: minitest
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '12.0'
+        version: '5.1'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '12.0'
+        version: '5.1'
 - !ruby/object:Gem::Dependency
-  name: simplecov
+  name: mocha
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '0.12'
+        version: '1.7'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '0.12'
+        version: '1.7'
 - !ruby/object:Gem::Dependency
-  name: pry
+  name: rake
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '0.9'
+        version: '12.0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '0.9'
+        version: '12.0'
 - !ruby/object:Gem::Dependency
-  name: coveralls
+  name: rubocop
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '0.8'
+        version: '0.63'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '0.8'
+        version: '0.63'
 - !ruby/object:Gem::Dependency
-  name: faker
+  name: simplecov
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.6'
+        version: '0.12'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.6'
+        version: '0.12'
 description: OpenID Connect Strategy for OmniAuth.
 email:
 - jjbohn@gmail.com
@@ -202,6 +202,7 @@ extensions: []
 extra_rdoc_files: []
 files:
 - ".gitignore"
+- ".rubocop.yml"
 - ".travis.yml"
 - CHANGELOG.md
 - Gemfile