openid_connect 0.0.6 → 0.0.7

Sign up to get free protection for your applications and to get access to all the features.
data/Gemfile.lock CHANGED
@@ -1,7 +1,7 @@
1
1
  PATH
2
2
  remote: .
3
3
  specs:
4
- openid_connect (0.0.5)
4
+ openid_connect (0.0.6)
5
5
  activemodel (>= 3)
6
6
  attr_required (>= 0.0.3)
7
7
  json (>= 1.4.3)
data/README.rdoc CHANGED
@@ -13,9 +13,16 @@ OpenID Connect Server & Client Library
13
13
 
14
14
  == Examples
15
15
 
16
+ === Provider
17
+
16
18
  * Running on Heroku (https://openid-connect.herokuapp.com)
17
19
  * Source on GitHub (https://github.com/nov/openid_connect_sample)
18
20
 
21
+ === Relying Party
22
+
23
+ * Running on Heroku (https://openid-connect-rp.herokuapp.com)
24
+ * Source on GitHub (https://github.com/nov/openid_connect_sample_rp)
25
+
19
26
  == Note on Patches/Pull Requests
20
27
 
21
28
  * Fork the project.
data/VERSION CHANGED
@@ -1 +1 @@
1
- 0.0.6
1
+ 0.0.7
@@ -1,7 +1,6 @@
1
1
  require 'json'
2
2
  require 'rack/oauth2'
3
- require 'rack/oauth2/server/authorize/extension/id_token'
4
- require 'rack/oauth2/server/authorize/extension/id_token_and_token'
3
+ require 'rack/oauth2/server/authorize/token_with_id_token'
5
4
 
6
5
  require 'openid_connect/exception'
7
6
  require 'openid_connect/client'
@@ -0,0 +1,10 @@
1
+ class Rack::OAuth2::Server::Authorize::Token::Response
2
+ attr_optional :id_token
3
+
4
+ def protocol_params_with_id_token
5
+ protocol_params_without_id_token.merge(
6
+ :id_token => id_token.try(:to_jwt)
7
+ )
8
+ end
9
+ alias_method_chain :protocol_params, :id_token
10
+ end
@@ -0,0 +1,47 @@
1
+ require 'spec_helper.rb'
2
+ require 'rack/oauth2/server/authorize/extension/code_and_token'
3
+
4
+ describe Rack::OAuth2::Server::Authorize::Extension::CodeAndToken do
5
+ let(:request) { Rack::MockRequest.new app }
6
+ let(:response) { request.get("/?response_type=code%20token&client_id=client") }
7
+ let(:redirect_uri) { 'http://client.example.com/callback' }
8
+ let(:bearer_token) { Rack::OAuth2::AccessToken::Bearer.new(:access_token => 'access_token') }
9
+ let :id_token do
10
+ OpenIDConnect::ResponseObject::IdToken.new(
11
+ :iss => 'https://server.example.com',
12
+ :user_id => 'user_id',
13
+ :aud => 'client_id',
14
+ :exp => 1313424327,
15
+ :secret => 'secret'
16
+ )
17
+ end
18
+
19
+ context "when id_token is given" do
20
+ subject { response }
21
+ let :app do
22
+ Rack::OAuth2::Server::Authorize.new do |request, response|
23
+ response.redirect_uri = redirect_uri
24
+ response.code = 'code'
25
+ response.access_token = bearer_token
26
+ response.id_token = id_token
27
+ response.approve!
28
+ end
29
+ end
30
+ its(:status) { should == 302 }
31
+ its(:location) { should == "#{redirect_uri}?code=code#access_token=access_token&id_token=#{id_token.to_jwt}&token_type=bearer" }
32
+ end
33
+
34
+ context "otherwise" do
35
+ subject { response }
36
+ let :app do
37
+ Rack::OAuth2::Server::Authorize.new do |request, response|
38
+ response.redirect_uri = redirect_uri
39
+ response.code = 'code'
40
+ response.access_token = bearer_token
41
+ response.approve!
42
+ end
43
+ end
44
+ its(:status) { should == 302 }
45
+ its(:location) { should == "#{redirect_uri}?code=code#access_token=access_token&token_type=bearer" }
46
+ end
47
+ end
@@ -0,0 +1,44 @@
1
+ require 'spec_helper.rb'
2
+
3
+ describe Rack::OAuth2::Server::Authorize::Token do
4
+ let(:request) { Rack::MockRequest.new app }
5
+ let(:response) { request.get("/?response_type=token&client_id=client") }
6
+ let(:redirect_uri) { 'http://client.example.com/callback' }
7
+ let(:bearer_token) { Rack::OAuth2::AccessToken::Bearer.new(:access_token => 'access_token') }
8
+ let :id_token do
9
+ OpenIDConnect::ResponseObject::IdToken.new(
10
+ :iss => 'https://server.example.com',
11
+ :user_id => 'user_id',
12
+ :aud => 'client_id',
13
+ :exp => 1313424327,
14
+ :secret => 'secret'
15
+ )
16
+ end
17
+
18
+ context "when id_token is given" do
19
+ subject { response }
20
+ let :app do
21
+ Rack::OAuth2::Server::Authorize.new do |request, response|
22
+ response.redirect_uri = redirect_uri
23
+ response.access_token = bearer_token
24
+ response.id_token = id_token
25
+ response.approve!
26
+ end
27
+ end
28
+ its(:status) { should == 302 }
29
+ its(:location) { should == "#{redirect_uri}#access_token=access_token&id_token=#{id_token.to_jwt}&token_type=bearer" }
30
+ end
31
+
32
+ context "otherwise" do
33
+ subject { response }
34
+ let :app do
35
+ Rack::OAuth2::Server::Authorize.new do |request, response|
36
+ response.redirect_uri = redirect_uri
37
+ response.access_token = bearer_token
38
+ response.approve!
39
+ end
40
+ end
41
+ its(:status) { should == 302 }
42
+ its(:location) { should == "#{redirect_uri}#access_token=access_token&token_type=bearer" }
43
+ end
44
+ end
metadata CHANGED
@@ -2,7 +2,7 @@
2
2
  name: openid_connect
3
3
  version: !ruby/object:Gem::Version
4
4
  prerelease:
5
- version: 0.0.6
5
+ version: 0.0.7
6
6
  platform: ruby
7
7
  authors:
8
8
  - nov matake
@@ -10,7 +10,7 @@ autorequire:
10
10
  bindir: bin
11
11
  cert_chain: []
12
12
 
13
- date: 2011-08-16 00:00:00 Z
13
+ date: 2011-08-17 00:00:00 Z
14
14
  dependencies:
15
15
  - !ruby/object:Gem::Dependency
16
16
  name: activemodel
@@ -171,8 +171,7 @@ files:
171
171
  - lib/openid_connect/response_object/user_info.rb
172
172
  - lib/openid_connect/response_object/user_info/open_id.rb
173
173
  - lib/openid_connect/response_object/user_info/open_id/address.rb
174
- - lib/rack/oauth2/server/authorize/extension/id_token.rb
175
- - lib/rack/oauth2/server/authorize/extension/id_token_and_token.rb
174
+ - lib/rack/oauth2/server/authorize/token_with_id_token.rb
176
175
  - openid_connect.gemspec
177
176
  - spec/helpers/webmock_helper.rb
178
177
  - spec/mock_response/access_token/bearer.json
@@ -190,8 +189,8 @@ files:
190
189
  - spec/openid_connect/response_object/user_info/open_id/address_spec.rb
191
190
  - spec/openid_connect/response_object/user_info/open_id_spec.rb
192
191
  - spec/openid_connect/response_object_spec.rb
193
- - spec/rack/oauth2/server/authorize/extension/id_token_and_token_spec.rb
194
- - spec/rack/oauth2/server/authorize/extension/id_token_spec.rb
192
+ - spec/rack/oauth2/server/authorize/code_and_token_spec.rb
193
+ - spec/rack/oauth2/server/authorize/token_spec.rb
195
194
  - spec/spec_helper.rb
196
195
  homepage: https://github.com/nov/openid_connect
197
196
  licenses: []
@@ -237,6 +236,6 @@ test_files:
237
236
  - spec/openid_connect/response_object/user_info/open_id/address_spec.rb
238
237
  - spec/openid_connect/response_object/user_info/open_id_spec.rb
239
238
  - spec/openid_connect/response_object_spec.rb
240
- - spec/rack/oauth2/server/authorize/extension/id_token_and_token_spec.rb
241
- - spec/rack/oauth2/server/authorize/extension/id_token_spec.rb
239
+ - spec/rack/oauth2/server/authorize/code_and_token_spec.rb
240
+ - spec/rack/oauth2/server/authorize/token_spec.rb
242
241
  - spec/spec_helper.rb
@@ -1,47 +0,0 @@
1
- module Rack
2
- module OAuth2
3
- module Server
4
- class Authorize
5
- module Extension
6
- class IdToken < Abstract::Handler
7
- class << self
8
- def response_type_for?(response_type)
9
- response_type == 'id_token'
10
- end
11
- end
12
-
13
- def call(env)
14
- @request = Request.new env
15
- @response = Response.new request
16
- super
17
- end
18
-
19
- class Request < Authorize::Request
20
- def initialize(env)
21
- super
22
- @response_type = :id_token
23
- attr_missing!
24
- end
25
-
26
- def error_params_location
27
- :fragment
28
- end
29
- end
30
-
31
- class Response < Authorize::Response
32
- attr_required :id_token
33
-
34
- def protocol_params
35
- super.merge :id_token => id_token.to_jwt
36
- end
37
-
38
- def protocol_params_location
39
- :fragment
40
- end
41
- end
42
- end
43
- end
44
- end
45
- end
46
- end
47
- end
@@ -1,39 +0,0 @@
1
- module Rack
2
- module OAuth2
3
- module Server
4
- class Authorize
5
- module Extension
6
- class IdTokenAndToken < Abstract::Handler
7
- class << self
8
- def response_type_for?(response_type)
9
- response_type.split.sort == ['id_token', 'token']
10
- end
11
- end
12
-
13
- def call(env)
14
- @request = Request.new env
15
- @response = Response.new request
16
- super
17
- end
18
-
19
- class Request < Authorize::Token::Request
20
- def initialize(env)
21
- super
22
- @response_type = [:id_token, :token]
23
- attr_missing!
24
- end
25
- end
26
-
27
- class Response < Authorize::Token::Response
28
- attr_required :id_token
29
-
30
- def protocol_params
31
- super.merge :id_token => id_token.to_jwt
32
- end
33
- end
34
- end
35
- end
36
- end
37
- end
38
- end
39
- end
@@ -1,61 +0,0 @@
1
- require 'spec_helper'
2
-
3
- describe Rack::OAuth2::Server::Authorize::Extension::IdTokenAndToken do
4
- let(:request) { Rack::MockRequest.new app }
5
- let(:redirect_uri) { 'http://client.example.com/callback' }
6
- let(:access_token) { 'access_token' }
7
- let(:response) do
8
- request.get("/?response_type=id_token%20token&client_id=client&redirect_uri=#{redirect_uri}")
9
- end
10
- let(:id_token) do
11
- OpenIDConnect::ResponseObject::IdToken.new(
12
- :iss => 'iss',
13
- :user_id => 'user_id',
14
- :aud => 'aud',
15
- :exp => 10.minutes.from_now,
16
- :secret => 'secret'
17
- )
18
- end
19
-
20
- context "when approved" do
21
- subject { response }
22
- let(:bearer_token) { Rack::OAuth2::AccessToken::Bearer.new(:access_token => access_token) }
23
- let :app do
24
- Rack::OAuth2::Server::Authorize.new do |request, response|
25
- response.redirect_uri = redirect_uri
26
- response.access_token = bearer_token
27
- response.id_token = id_token
28
- response.approve!
29
- end
30
- end
31
- its(:status) { should == 302 }
32
- its(:location) { should == "#{redirect_uri}#access_token=#{access_token}&id_token=#{id_token.to_jwt}&token_type=bearer" }
33
-
34
- context 'when refresh_token is given' do
35
- let :bearer_token do
36
- Rack::OAuth2::AccessToken::Bearer.new(
37
- :access_token => access_token,
38
- :refresh_token => 'refresh'
39
- )
40
- end
41
- its(:location) { should == "#{redirect_uri}#access_token=#{access_token}&id_token=#{id_token.to_jwt}&token_type=bearer" }
42
- end
43
- end
44
-
45
- context 'when denied' do
46
- let :app do
47
- Rack::OAuth2::Server::Authorize.new do |request, response|
48
- request.verify_redirect_uri! redirect_uri
49
- request.access_denied!
50
- end
51
- end
52
- it 'should redirect with error in fragment' do
53
- response.status.should == 302
54
- error_message = {
55
- :error => :access_denied,
56
- :error_description => Rack::OAuth2::Server::Authorize::ErrorMethods::DEFAULT_DESCRIPTION[:access_denied]
57
- }
58
- response.location.should == "#{redirect_uri}##{error_message.to_query}"
59
- end
60
- end
61
- end
@@ -1,49 +0,0 @@
1
- require 'spec_helper'
2
-
3
- describe Rack::OAuth2::Server::Authorize::Extension::IdToken do
4
- let(:request) { Rack::MockRequest.new app }
5
- let(:redirect_uri) { 'http://client.example.com/callback' }
6
- let(:response) do
7
- request.get("/?response_type=id_token&client_id=client&redirect_uri=#{redirect_uri}")
8
- end
9
- let(:id_token) do
10
- OpenIDConnect::ResponseObject::IdToken.new(
11
- :iss => 'iss',
12
- :user_id => 'user_id',
13
- :aud => 'aud',
14
- :exp => 10.minutes.from_now,
15
- :secret => 'secret'
16
- )
17
- end
18
-
19
- context "when approved" do
20
- subject { response }
21
-
22
- let :app do
23
- Rack::OAuth2::Server::Authorize.new do |request, response|
24
- response.redirect_uri = redirect_uri
25
- response.id_token = id_token
26
- response.approve!
27
- end
28
- end
29
- its(:status) { should == 302 }
30
- its(:location) { should == "#{redirect_uri}#id_token=#{id_token.to_jwt}" }
31
- end
32
-
33
- context 'when denied' do
34
- let :app do
35
- Rack::OAuth2::Server::Authorize.new do |request, response|
36
- request.verify_redirect_uri! redirect_uri
37
- request.access_denied!
38
- end
39
- end
40
- it 'should redirect with error in fragment' do
41
- response.status.should == 302
42
- error_message = {
43
- :error => :access_denied,
44
- :error_description => Rack::OAuth2::Server::Authorize::ErrorMethods::DEFAULT_DESCRIPTION[:access_denied]
45
- }
46
- response.location.should == "#{redirect_uri}##{error_message.to_query}"
47
- end
48
- end
49
- end