RubyGems - openid_connect - Versions diffs - 0.0.27 → 0.0.28 - Mend

openid_connect 0.0.27 → 0.0.28

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (14) hide show

data/Gemfile.lock CHANGED Viewed

@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    openid_connect (0.0.26)
+    openid_connect (0.0.27)
       activemodel (>= 3)
       attr_required (>= 0.0.3)
       json (>= 1.4.3)
@@ -25,7 +25,6 @@ GEM
     addressable (2.2.6)
     attr_required (0.0.3)
     bcrypt-ruby (3.0.1)
-    bcrypt-ruby (3.0.1-java)
     bouncy-castle-java (1.5.0146.1)
     builder (3.0.0)
     crack (0.1.8)
@@ -34,7 +33,7 @@ GEM
     i18n (0.6.0)
     jruby-openssl (0.7.4)
       bouncy-castle-java
-    json (1.6.0)
+    json (1.6.1)
     jwt (0.1.3)
       json (>= 1.2.4)
     mail (2.3.0)
@@ -45,7 +44,7 @@ GEM
     multi_json (1.0.3)
     polyglot (0.3.2)
     rack (1.3.2)
-    rack-oauth2 (0.10.0)
+    rack-oauth2 (0.11.0)
       activesupport (>= 2.3)
       attr_required (>= 0.0.3)
       httpclient (>= 2.2.0.2)
@@ -63,7 +62,7 @@ GEM
     rspec-expectations (2.6.0)
       diff-lcs (~> 1.1.2)
     rspec-mocks (2.6.0)
-    swd (0.0.6)
+    swd (0.0.7)
       activesupport (>= 3)
       attr_required (>= 0.0.3)
       httpclient (>= 2.2.1)

data/VERSION CHANGED Viewed

	@@ -1 +1 @@
1	- 0.0.27
1	+ 0.0.28

data/lib/rack/oauth2/server/authorize/extension/code_and_id_token.rb CHANGED Viewed

@@ -26,12 +26,7 @@ module Rack
             class Response < Authorize::Code::Response
               include IdTokenResponse
-              attr_required :id_token, :private_key
-              def protocol_params_location
-                :fragment
-              end
+              attr_required :id_token
             end
           end
         end

data/lib/rack/oauth2/server/authorize/extension/id_token.rb CHANGED Viewed

@@ -30,17 +30,7 @@ module Rack
             class Response < Authorize::Response
               include IdTokenResponse
-              attr_required :id_token, :private_key
-              def protocol_params_location
-                :fragment
-              end
-              def protocol_params
-                super.merge(
-                  :id_token => jwt_string
-                )
-              end
+              attr_required :id_token
             end
           end
         end

data/lib/rack/oauth2/server/authorize/extension/id_token_and_token.rb CHANGED Viewed

@@ -25,7 +25,8 @@ module Rack
             end
             class Response < Authorize::Token::Response
-              attr_required :id_token, :private_key
+              include IdTokenResponse
+              attr_required :id_token
             end
           end
         end

data/lib/rack/oauth2/server/id_token_response.rb CHANGED Viewed

@@ -1,20 +1,15 @@
 module Rack::OAuth2::Server
   module IdTokenResponse
     def self.included(klass)
-      klass.send :attr_optional, :id_token, :private_key
+      klass.send :attr_optional, :id_token
       klass.class_eval do
-        def jwt_string
-          if id_token.is_a? OpenIDConnect::ResponseObject::IdToken
-            raise AttrRequired::AttrMissing.new("'private_key' required.") unless private_key
-            id_token.to_jwt private_key
-          else
-            id_token
-          end
+        def protocol_params_location
+          :fragment
         end
         def protocol_params_with_id_token
           protocol_params_without_id_token.merge(
-            :id_token => jwt_string
+            :id_token => id_token
           )
         end
         alias_method_chain :protocol_params, :id_token
@@ -22,7 +17,6 @@ module Rack::OAuth2::Server
     end
   end
   Token::Response.send :include, IdTokenResponse
-  Authorize::Token::Response.send :include, IdTokenResponse
 end
 require 'rack/oauth2/server/authorize/extension/code_and_id_token'

data/spec/rack/oauth2/server/authorize/extension/code_and_id_token_spec.rb CHANGED Viewed

@@ -12,7 +12,7 @@ describe Rack::OAuth2::Server::Authorize::Extension::CodeAndIdToken do
       :user_id => 'user_id',
       :aud => 'client_id',
       :exp => 1313424327
-    )
+    ).to_jwt private_key
   end
   context "when id_token is given" do
@@ -21,33 +21,18 @@ describe Rack::OAuth2::Server::Authorize::Extension::CodeAndIdToken do
         response.redirect_uri = redirect_uri
         response.code = code
         response.id_token = id_token
-        response.private_key = private_key
         response.approve!
       end
     end
     its(:status)   { should == 302 }
     its(:location) { should include "#{redirect_uri}#" }
     its(:location) { should include "code=#{code}" }
-    its(:location) { should include "id_token=#{id_token.to_jwt(private_key)}" }
+    its(:location) { should include "id_token=#{id_token}" }
     context 'when id_token is String' do
       let(:id_token) { 'non_jwt_string' }
       its(:location) { should include "id_token=non_jwt_string" }
     end
-    context 'when private_key is missing' do
-      let :app do
-        Rack::OAuth2::Server::Authorize.new do |request, response|
-          response.redirect_uri = redirect_uri
-          response.code = code
-          response.id_token = id_token
-          response.approve!
-        end
-      end
-      it do
-        expect { response }.should raise_error AttrRequired::AttrMissing, "'private_key' required."
-      end
-    end
   end
   context "otherwise" do
@@ -59,7 +44,7 @@ describe Rack::OAuth2::Server::Authorize::Extension::CodeAndIdToken do
       end
     end
     it do
-      expect { response }.should raise_error AttrRequired::AttrMissing, "'id_token', 'private_key' required."
+      expect { response }.should raise_error AttrRequired::AttrMissing, "'id_token' required."
     end
   end
 end

data/spec/rack/oauth2/server/authorize/extension/id_token_and_token_spec.rb CHANGED Viewed

@@ -12,7 +12,7 @@ describe Rack::OAuth2::Server::Authorize::Extension::IdTokenAndToken do
       :user_id => 'user_id',
       :aud => 'client_id',
       :exp => 1313424327
-    )
+    ).to_jwt private_key
   end
   context "when id_token is given" do
@@ -21,31 +21,16 @@ describe Rack::OAuth2::Server::Authorize::Extension::IdTokenAndToken do
         response.redirect_uri = redirect_uri
         response.access_token = bearer_token
         response.id_token = id_token
-        response.private_key = private_key
         response.approve!
       end
     end
     its(:status)   { should == 302 }
-    its(:location) { should == "#{redirect_uri}#access_token=access_token&id_token=#{id_token.to_jwt(private_key)}&token_type=bearer" }
+    its(:location) { should == "#{redirect_uri}#access_token=access_token&id_token=#{id_token}&token_type=bearer" }
     context 'when id_token is String' do
       let(:id_token) { 'id_token' }
       its(:location) { should == "#{redirect_uri}#access_token=access_token&id_token=id_token&token_type=bearer" }
     end
-    context 'when private_key is missing' do
-      let :app do
-        Rack::OAuth2::Server::Authorize.new do |request, response|
-          response.redirect_uri = redirect_uri
-          response.access_token = bearer_token
-          response.id_token = id_token
-          response.approve!
-        end
-      end
-      it do
-        expect { response }.should raise_error AttrRequired::AttrMissing, "'private_key' required."
-      end
-    end
   end
   context "otherwise" do
@@ -57,7 +42,7 @@ describe Rack::OAuth2::Server::Authorize::Extension::IdTokenAndToken do
       end
     end
     it do
-      expect { response }.should raise_error AttrRequired::AttrMissing, "'id_token', 'private_key' required."
+      expect { response }.should raise_error AttrRequired::AttrMissing, "'id_token' required."
     end
   end
 end

data/spec/rack/oauth2/server/authorize/extension/id_token_spec.rb CHANGED Viewed

@@ -11,7 +11,7 @@ describe Rack::OAuth2::Server::Authorize::Extension::IdToken do
       :user_id => 'user_id',
       :aud => 'client_id',
       :exp => 1313424327
-    )
+    ).to_jwt private_key
   end
   context "when id_token is given" do
@@ -19,30 +19,16 @@ describe Rack::OAuth2::Server::Authorize::Extension::IdToken do
       Rack::OAuth2::Server::Authorize.new do |request, response|
         response.redirect_uri = redirect_uri
         response.id_token = id_token
-        response.private_key = private_key
         response.approve!
       end
     end
     its(:status)   { should == 302 }
-    its(:location) { should == "#{redirect_uri}#id_token=#{id_token.to_jwt(private_key)}" }
+    its(:location) { should == "#{redirect_uri}#id_token=#{id_token}" }
     context 'when id_token is String' do
       let(:id_token) { 'id_token' }
       its(:location) { should == "#{redirect_uri}#id_token=id_token" }
     end
-    context 'when private_key is missing' do
-      let :app do
-        Rack::OAuth2::Server::Authorize.new do |request, response|
-          response.redirect_uri = redirect_uri
-          response.id_token = id_token
-          response.approve!
-        end
-      end
-      it do
-        expect { response }.should raise_error AttrRequired::AttrMissing, "'private_key' required."
-      end
-    end
   end
   context "otherwise" do
@@ -53,7 +39,7 @@ describe Rack::OAuth2::Server::Authorize::Extension::IdToken do
       end
     end
     it do
-      expect { response }.should raise_error AttrRequired::AttrMissing, "'id_token', 'private_key' required."
+      expect { response }.should raise_error AttrRequired::AttrMissing, "'id_token' required."
     end
   end
 end

data/spec/rack/oauth2/server/token/authorization_code_spec.rb CHANGED Viewed

@@ -18,7 +18,7 @@ describe Rack::OAuth2::Server::Token::AuthorizationCode do
       :aud => 'client_id',
       :exp => 1313424327,
       :secret => 'secret'
-    )
+    ).to_jwt private_key
   end
   context "when id_token is given" do
@@ -26,28 +26,15 @@ describe Rack::OAuth2::Server::Token::AuthorizationCode do
       Rack::OAuth2::Server::Token.new do |request, response|
         response.access_token = Rack::OAuth2::AccessToken::Bearer.new(:access_token => 'access_token')
         response.id_token = id_token
-        response.private_key = private_key
       end
     end
     its(:status) { should == 200 }
-    its(:body)   { should include "\"id_token\":\"#{id_token.to_jwt(private_key)}\"" }
+    its(:body)   { should include "\"id_token\":\"#{id_token}\"" }
     context 'when id_token is String' do
       let(:id_token) { 'id_token' }
       its(:body)   { should include "\"id_token\":\"id_token\"" }
     end
-    context 'when private_key is missing' do
-      let :app do
-        Rack::OAuth2::Server::Token.new do |request, response|
-          response.access_token = Rack::OAuth2::AccessToken::Bearer.new(:access_token => 'access_token')
-          response.id_token = id_token
-        end
-      end
-      it do
-        expect { response }.should raise_error AttrRequired::AttrMissing, "'private_key' required."
-      end
-    end
   end
   context "otherwise" do

data/spec/rack/oauth2/server/token/refresh_token_spec.rb CHANGED Viewed

@@ -17,7 +17,7 @@ describe Rack::OAuth2::Server::Token::RefreshToken do
       :aud => 'client_id',
       :exp => 1313424327,
       :secret => 'secret'
-    )
+    ).to_jwt private_key
   end
   context "when id_token is given" do
@@ -25,28 +25,15 @@ describe Rack::OAuth2::Server::Token::RefreshToken do
       Rack::OAuth2::Server::Token.new do |request, response|
         response.access_token = Rack::OAuth2::AccessToken::Bearer.new(:access_token => 'access_token')
         response.id_token = id_token
-        response.private_key = private_key
       end
     end
     its(:status) { should == 200 }
-    its(:body)   { should include "\"id_token\":\"#{id_token.to_jwt(private_key)}\"" }
+    its(:body)   { should include "\"id_token\":\"#{id_token}\"" }
     context 'when id_token is String' do
       let(:id_token) { 'id_token' }
       its(:body)     { should include "\"id_token\":\"id_token\"" }
     end
-    context 'when private_key is missing' do
-      let :app do
-        Rack::OAuth2::Server::Token.new do |request, response|
-          response.access_token = Rack::OAuth2::AccessToken::Bearer.new(:access_token => 'access_token')
-          response.id_token = id_token
-        end
-      end
-      it do
-        expect { response }.should raise_error AttrRequired::AttrMissing, "'private_key' required."
-      end
-    end
   end
   context "otherwise" do

metadata CHANGED Viewed

@@ -2,7 +2,7 @@
 name: openid_connect
 version: !ruby/object:Gem::Version
   prerelease:
-  version: 0.0.27
+  version: 0.0.28
 platform: ruby
 authors:
 - nov matake
@@ -228,11 +228,9 @@ files:
 - spec/openid_connect/response_object_spec.rb
 - spec/openid_connect/server/id_token_spec.rb
 - spec/openid_connect_spec.rb
-- spec/rack/oauth2/server/authorize/code_and_token_spec.rb
 - spec/rack/oauth2/server/authorize/extension/code_and_id_token_spec.rb
 - spec/rack/oauth2/server/authorize/extension/id_token_and_token_spec.rb
 - spec/rack/oauth2/server/authorize/extension/id_token_spec.rb
-- spec/rack/oauth2/server/authorize/token_spec.rb
 - spec/rack/oauth2/server/token/authorization_code_spec.rb
 - spec/rack/oauth2/server/token/refresh_token_spec.rb
 - spec/spec_helper.rb
@@ -290,11 +288,9 @@ test_files:
 - spec/openid_connect/response_object_spec.rb
 - spec/openid_connect/server/id_token_spec.rb
 - spec/openid_connect_spec.rb
-- spec/rack/oauth2/server/authorize/code_and_token_spec.rb
 - spec/rack/oauth2/server/authorize/extension/code_and_id_token_spec.rb
 - spec/rack/oauth2/server/authorize/extension/id_token_and_token_spec.rb
 - spec/rack/oauth2/server/authorize/extension/id_token_spec.rb
-- spec/rack/oauth2/server/authorize/token_spec.rb
 - spec/rack/oauth2/server/token/authorization_code_spec.rb
 - spec/rack/oauth2/server/token/refresh_token_spec.rb
 - spec/spec_helper.rb

data/spec/rack/oauth2/server/authorize/code_and_token_spec.rb DELETED Viewed

@@ -1,67 +0,0 @@
-require 'spec_helper.rb'
-require 'rack/oauth2/server/authorize/extension/code_and_token'
-describe Rack::OAuth2::Server::Authorize::Extension::CodeAndToken do
-  subject { response }
-  let(:request)      { Rack::MockRequest.new app }
-  let(:response)     { request.get("/?response_type=code%20token&client_id=client") }
-  let(:redirect_uri) { 'http://client.example.com/callback' }
-  let(:bearer_token) { Rack::OAuth2::AccessToken::Bearer.new(:access_token => 'access_token') }
-  let :id_token do
-    OpenIDConnect::ResponseObject::IdToken.new(
-      :iss => 'https://server.example.com',
-      :user_id => 'user_id',
-      :aud => 'client_id',
-      :exp => 1313424327,
-      :secret => 'secret'
-    )
-  end
-  context "when id_token is given" do
-    let :app do
-      Rack::OAuth2::Server::Authorize.new do |request, response|
-        response.redirect_uri = redirect_uri
-        response.code = 'code'
-        response.access_token = bearer_token
-        response.id_token = id_token
-        response.private_key = private_key
-        response.approve!
-      end
-    end
-    its(:status)   { should == 302 }
-    its(:location) { should == "#{redirect_uri}?code=code#access_token=access_token&id_token=#{id_token.to_jwt(private_key)}&token_type=bearer" }
-    context 'when id_token is String' do
-      let(:id_token) { 'id_token' }
-      its(:location) { should == "#{redirect_uri}?code=code#access_token=access_token&id_token=id_token&token_type=bearer" }
-    end
-    context 'when private_key is missing' do
-      let :app do
-        Rack::OAuth2::Server::Authorize.new do |request, response|
-          response.redirect_uri = redirect_uri
-          response.code = 'code'
-          response.access_token = bearer_token
-          response.id_token = id_token
-          response.approve!
-        end
-      end
-      it do
-        expect { response }.should raise_error AttrRequired::AttrMissing, "'private_key' required."
-      end
-    end
-  end
-  context "otherwise" do
-    let :app do
-      Rack::OAuth2::Server::Authorize.new do |request, response|
-        response.redirect_uri = redirect_uri
-        response.code = 'code'
-        response.access_token = bearer_token
-        response.approve!
-      end
-    end
-    its(:status)   { should == 302 }
-    its(:location) { should == "#{redirect_uri}?code=code#access_token=access_token&token_type=bearer" }
-  end
-end

data/spec/rack/oauth2/server/authorize/token_spec.rb DELETED Viewed

@@ -1,62 +0,0 @@
-require 'spec_helper.rb'
-describe Rack::OAuth2::Server::Authorize::Token do
-  subject { response }
-  let(:request)      { Rack::MockRequest.new app }
-  let(:response)     { request.get("/?response_type=token&client_id=client") }
-  let(:redirect_uri) { 'http://client.example.com/callback' }
-  let(:bearer_token) { Rack::OAuth2::AccessToken::Bearer.new(:access_token => 'access_token') }
-  let :id_token do
-    OpenIDConnect::ResponseObject::IdToken.new(
-      :iss => 'https://server.example.com',
-      :user_id => 'user_id',
-      :aud => 'client_id',
-      :exp => 1313424327
-    )
-  end
-  context "when id_token is given" do
-    let :app do
-      Rack::OAuth2::Server::Authorize.new do |request, response|
-        response.redirect_uri = redirect_uri
-        response.access_token = bearer_token
-        response.id_token = id_token
-        response.private_key = private_key
-        response.approve!
-      end
-    end
-    its(:status)   { should == 302 }
-    its(:location) { should == "#{redirect_uri}#access_token=access_token&id_token=#{id_token.to_jwt(private_key)}&token_type=bearer" }
-    context 'when id_token is String' do
-      let(:id_token) { 'id_token' }
-      its(:location) { should == "#{redirect_uri}#access_token=access_token&id_token=id_token&token_type=bearer" }
-    end
-    context 'when private_key is missing' do
-      let :app do
-        Rack::OAuth2::Server::Authorize.new do |request, response|
-          response.redirect_uri = redirect_uri
-          response.access_token = bearer_token
-          response.id_token = id_token
-          response.approve!
-        end
-      end
-      it do
-        expect { response }.should raise_error AttrRequired::AttrMissing, "'private_key' required."
-      end
-    end
-  end
-  context "otherwise" do
-    let :app do
-      Rack::OAuth2::Server::Authorize.new do |request, response|
-        response.redirect_uri = redirect_uri
-        response.access_token = bearer_token
-        response.approve!
-      end
-    end
-    its(:status)   { should == 302 }
-    its(:location) { should == "#{redirect_uri}#access_token=access_token&token_type=bearer" }
-  end
-end