omniauth_openid_federation 1.2.2 → 1.3.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (24) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +7 -1
  3. data/README.md +210 -708
  4. data/app/controllers/omniauth_openid_federation/federation_controller.rb +13 -0
  5. data/examples/config/initializers/devise.rb.example +44 -55
  6. data/examples/config/initializers/federation_endpoint.rb.example +2 -2
  7. data/examples/config/open_id_connect_config.rb.example +12 -15
  8. data/examples/config/routes.rb.example +9 -5
  9. data/lib/omniauth_openid_federation/configuration.rb +8 -0
  10. data/lib/omniauth_openid_federation/constants.rb +5 -0
  11. data/lib/omniauth_openid_federation/federation_endpoint.rb +0 -22
  12. data/lib/omniauth_openid_federation/jwks/decode.rb +0 -15
  13. data/lib/omniauth_openid_federation/jws.rb +21 -19
  14. data/lib/omniauth_openid_federation/rack_endpoint.rb +13 -0
  15. data/lib/omniauth_openid_federation/strategy.rb +143 -194
  16. data/lib/omniauth_openid_federation/tasks_helper.rb +482 -1
  17. data/lib/omniauth_openid_federation/validators.rb +316 -6
  18. data/lib/omniauth_openid_federation/version.rb +1 -1
  19. data/lib/tasks/omniauth_openid_federation.rake +298 -0
  20. data/sig/federation.rbs +0 -8
  21. data/sig/jwks.rbs +0 -6
  22. data/sig/omniauth_openid_federation.rbs +0 -1
  23. data/sig/strategy.rbs +0 -2
  24. metadata +1 -1
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 9e8f49a0fa8dcdb16ab2eedc416b58ab370af6588d002ae78a2a1aa1a0a6ade1
4
- data.tar.gz: ce433267ab3093c00c267a8d57de12766f931ccc0eb3a2713bbe13413465af30
3
+ metadata.gz: bdb5dbe8832e2837c2970556b8498492c8e32489e8efad28eff176be94af1a1d
4
+ data.tar.gz: 7addf88091e26b0c603a5bd50fe8c701d8d8cb2c5a5854549a59795b7782a792
5
5
  SHA512:
6
- metadata.gz: 25d0cb7725bfbbde1b836813ae64c0321231ba5c205c5972f5f162a37a1f81edf18f138158895e12131e2d02b10425d17dc1d823e89a2a3c652d1e0a76d30e18
7
- data.tar.gz: 250ad8244fe94cb65ed702debf8dd1e121bfbfc8d386be4b4b901ef8ea372ab762ac02ea88e89f1967f4c5516083a26161abb8264c8475ba1a772926379c5587
6
+ metadata.gz: 31a2b0f6042da80bcb445c0d92e137b06da8d017e58e05835fb0983e35df4215797ccabef024378cc5faa78006037f0f338cb074bc8784c72eea02b349fbc248
7
+ data.tar.gz: cd47a106c42a20a80caa3db3212dbe4c1748af65a17f88b4a57273f35a01cbc79e814b998f793691b50b368592f5d31ac31ff87c1831880497047b02178569d1
data/CHANGELOG.md CHANGED
@@ -1,5 +1,11 @@
1
1
  # CHANGELOG
2
2
 
3
+ ## 1.3.0 (2025-11-28)
4
+
5
+ - Added `prepare_request_object_params` proc option to customize request parameters before signing
6
+ - Enhanced security validation for all user-provided parameters
7
+ - Improved `acr_values` handling per OpenID Connect Core 1.0 specification
8
+
3
9
  ## 1.2.2 (2025-11-27)
4
10
 
5
11
  - Fix gemfile to include app and config directories
@@ -38,7 +44,7 @@
38
44
  - Automatic provider key rotation handling for seamless key updates
39
45
  - Built-in security features: rate limiting, path traversal protection, and error sanitization
40
46
  - Production-ready with thread-safe configuration and intelligent retry logic
41
- - Works with any OpenID Federation provider, supporting provider-specific extensions
47
+ - Works with any OpenID Federation provider, supporting custom extension parameters
42
48
  - Framework-agnostic: compatible with Rails, Sinatra, Rack, and other Rack-compatible frameworks
43
49
  - Comprehensive management tools for entity statements and key management
44
50
  - Enhanced developer experience with type signatures for better IDE support