openid-token-proxy 0.1.2 → 0.1.3

Sign up to get free protection for your applications and to get access to all the features.
Files changed (6) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +5 -0
  3. data/lib/openid_token_proxy/token.rb +6 -1
  4. data/lib/openid_token_proxy/version.rb +1 -1
  5. data/spec/lib/openid_token_proxy/token_spec.rb +22 -1
  6. metadata +2 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: a6d5534b9ef67edc50b5003b4d7a70cf1fb4382e
4
- data.tar.gz: 67c985af3debaa56cd7cfa17e34fe15433b5ff0e
3
+ metadata.gz: b5e9d9ee84423e1b89c8f781e4a3d5f292414ce1
4
+ data.tar.gz: 1669816ca639b9fab8a357167b8fc6fc686ba73d
5
5
  SHA512:
6
- metadata.gz: 6bab4ffceb974e02ab030cadee28b0724fedf4efa2fe82bae676a629401e500dbc6334dad2ca8a70557f8f39a1fef799ec9cb2a51a5f9bdcf693c05e843def7b
7
- data.tar.gz: 55e5f7efe285331a331d47deebeed8d11843ca4b10d54bb2f631697fb3433b069dd5f05bd450d519414382900705c30ed3218747c8543370dd9e7603ae0d1137
6
+ metadata.gz: eb1cd7c27884e7b6d1530dd1f0a54889fbb7272c420d2efd3c06e2dc894698acb30b240ff9376021bf48ae5d3b89ec8cb01c4410d8e2fdf9c999c9730fd5145d
7
+ data.tar.gz: 2c548204b87e52f31cd038d5a33045534c5a5d1fb75fcae3c48cef6e709a88db6d61e8544d9c7562801ff36a0844f3fcae920796a3251b5701732f9dcf89a071
data/CHANGELOG.md CHANGED
@@ -1,5 +1,10 @@
1
1
  # Changelog
2
2
 
3
+ ### v0.1.3 - May 21, 2015
4
+
5
+ - Temporary workaround for OpenSSL error queue corruption.
6
+
7
+
3
8
  ### v0.1.2 - May 18, 2015
4
9
 
5
10
  - Allow overriding `CallbackController`.
data/lib/openid_token_proxy/token.rb CHANGED
@@ -72,7 +72,12 @@ module OpenIDTokenProxy
72
72
  raise Malformed.new(e.message)
73
73
  rescue JSON::JWT::VerificationFailed
74
74
  # Iterate through remaining public keys (if any)
75
- # Raises TokenInvalid if none applied (see below)
75
+ # Raises UnverifiableSignature if none applied (see below)
76
+
77
+ # A failure in Certificate#verify leaves messages on the error queue,
78
+ # which can lead to errors in SSL communication down the road.
79
+ # See: https://bugs.ruby-lang.org/issues/7215
80
+ OpenSSL.errors.clear
76
81
  else
77
82
  return Token.new(access_token, object.raw_attributes)
78
83
  end
data/lib/openid_token_proxy/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module OpenIDTokenProxy
2
- VERSION = '0.1.2'
2
+ VERSION = '0.1.3'
3
3
  end
data/spec/lib/openid_token_proxy/token_spec.rb CHANGED
@@ -119,7 +119,28 @@ RSpec.describe OpenIDTokenProxy::Token do
119
119
  end
120
120
 
121
121
  context 'when token is well-formed' do
122
- context 'with invalid signature or missing public keys' do
122
+ context 'with invalid signature' do
123
+ before do
124
+ allow(OpenIDConnect::RequestObject).to receive(:decode).and_raise JSON::JWT::VerificationFailed
125
+ end
126
+
127
+ it 'raises' do
128
+ expect do
129
+ described_class.decode! 'well-formed token', keys
130
+ end.to raise_error OpenIDTokenProxy::Token::UnverifiableSignature
131
+ end
132
+
133
+ it 'cleans up SSL error queue' do
134
+ errors = double(clear: true)
135
+ allow(OpenSSL).to receive(:errors).and_return errors
136
+ expect do
137
+ described_class.decode! 'well-formed token', keys
138
+ end.to raise_error OpenIDTokenProxy::Token::UnverifiableSignature
139
+ expect(errors).to have_received(:clear)
140
+ end
141
+ end
142
+
143
+ context 'with missing public keys' do
123
144
  it 'raises' do
124
145
  expect do
125
146
  described_class.decode! 'well-formed token', []
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: openid-token-proxy
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.1.2
4
+ version: 0.1.3
5
5
  platform: ruby
6
6
  authors:
7
7
  - Tim Kurvers
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2015-05-18 00:00:00.000000000 Z
11
+ date: 2015-05-21 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: openid_connect