openid_connect 0.1.5 → 0.2.0.alpha

data/Gemfile.lock

@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    openid_connect (0.1.4)
+    openid_connect (0.1.5)
       activemodel (>= 3)
       attr_required (>= 0.0.5)
       json (>= 1.4.3)
@@ -52,7 +52,7 @@ GEM
     multi_json (1.1.0)
     polyglot (0.3.3)
     rack (1.4.1)
-    rack-oauth2 (0.14.2)
+    rack-oauth2 (0.14.4)
       activesupport (>= 2.3)
       attr_required (>= 0.0.5)
       httpclient (>= 2.2.0.2)

data/VERSION

@@ -1 +1 @@
-0.1.5
+0.2.0.alpha

data/lib/openid_connect.rb

@@ -69,6 +69,7 @@ end
 require 'openid_connect/exception'
 require 'openid_connect/client'
 require 'openid_connect/access_token'
-require 'openid_connect/response_object'
+require 'openid_connect/jwtnizable'
+require 'openid_connect/connect_object'
 require 'openid_connect/discovery'
 require 'openid_connect/debugger'

data/lib/openid_connect/connect_object.rb

@@ -0,0 +1,46 @@
+module OpenIDConnect
+  class ConnectObject
+    include ActiveModel::Validations, AttrRequired, AttrOptional
+
+    def initialize(attributes = {})
+      all_attributes.each do |_attr_|
+        self.send :"#{_attr_}=", attributes[_attr_]
+      end
+      attr_missing!
+    end
+
+    def all_attributes
+      required_attributes + optional_attributes
+    end
+
+    def require_at_least_one_attributes
+      all_blank = all_attributes.all? do |key|
+        self.send(key).blank?
+      end
+      errors.add :base, 'At least one attribute is required' if all_blank
+    end
+
+    def as_json(options = {})
+      options ||= {} # options can be nil when to_json is called without options
+      validate! unless options[:skip_validation]
+      all_attributes.inject({}) do |hash, _attr_|
+        value = self.send(_attr_)
+        hash.merge! _attr_ => case value
+        when ConnectObject
+          value.as_json options
+        else
+          value
+        end
+      end.delete_if do |key, value|
+        value.nil?
+      end
+    end
+
+    def validate!
+      valid? or raise ValidationFailed.new(self)
+    end
+  end
+end
+
+require 'openid_connect/request_object'
+require 'openid_connect/response_object'

data/lib/openid_connect/jwtnizable.rb

@@ -0,0 +1,12 @@
+module OpenIDConnect
+  module JWTnizable
+    def to_jwt(key, algorithm = :RS256)
+      token = JSON::JWT.new as_json
+      yield token if block_given?
+      if algorithm != :none
+        token = token.sign key, algorithm
+      end
+      token.to_s
+    end
+  end
+end

data/lib/openid_connect/request_object.rb

@@ -0,0 +1,44 @@
+module OpenIDConnect
+  class RequestObject < ConnectObject
+    attr_optional :client_id, :response_type, :redirect_uri, :scope, :state, :nonce, :display, :prompt, :user_info, :id_token
+    validate :require_at_least_one_attributes
+
+    def initialize(attributes = {})
+      attributes[:user_info] ||= attributes[:userinfo]
+      super attributes
+    end
+
+    def id_token=(attributes = {})
+      @id_token = IdToken.new(attributes) if attributes.present?
+    end
+
+    def user_info=(attributes = {})
+      @user_info = UserInfo.new(attributes) if attributes.present?
+    end
+
+    def as_json_with_user_info(options = {})
+      hash = as_json_without_user_info options
+      if hash.include?(:user_info)
+        hash[:userinfo] = hash.delete(:user_info)
+      end
+      hash
+    end
+    alias_method_chain :as_json, :user_info
+
+    include JWTnizable
+    class << self
+      def decode(jwt_string, key)
+        new JSON::JWT.decode(jwt_string, key)
+      end
+
+      def fetch(request_uri, key)
+        jwt_string = OpenIDConnect.http_client.get_content(request_uri)
+        decode jwt_string, key
+      end
+    end
+  end
+end
+
+require 'openid_connect/request_object/claimable'
+require 'openid_connect/request_object/id_token'
+require 'openid_connect/request_object/user_info'

data/lib/openid_connect/request_object/claimable.rb

@@ -0,0 +1,48 @@
+module OpenIDConnect
+  class RequestObject
+    module Claimable
+      def self.included(klass)
+        klass.send :attr_optional, :claims
+        klass.send :alias_method_chain, :initialize, :claims
+        klass.send :alias_method_chain, :as_json, :keep_blank
+      end
+
+      def initialize_with_claims(attributes = {})
+        initialize_without_claims attributes
+        if claims.present?
+          claims.each do |key, value|
+            case value
+            when :optional
+              claims[key] = {
+                :optional => true
+              }
+            when :required
+              claims[key] = nil
+            end
+          end
+        end
+      end
+
+      def as_json_with_keep_blank(options = {})
+        keys = claims.try(:keys)
+        hash = as_json_without_keep_blank options
+        Array(keys).each do |key|
+          hash[:claims][key] ||= nil
+        end
+        hash
+      end
+
+      def required?(claim)
+        accessible?(claim) && !optional?(claim)
+      end
+
+      def optional?(claim)
+        accessible?(claim) && claims[claim].is_a?(Hash) && claims[claim][:optional]
+      end
+
+      def accessible?(claim)
+        claims.try(:[], claim)
+      end
+    end
+  end
+end

data/lib/openid_connect/request_object/id_token.rb

@@ -0,0 +1,8 @@
+module OpenIDConnect
+  class RequestObject
+    class IdToken < ConnectObject
+      include Claimable
+      attr_optional :max_age
+    end
+  end
+end

data/lib/openid_connect/request_object/user_info.rb

@@ -0,0 +1,7 @@
+module OpenIDConnect
+  class RequestObject
+    class UserInfo < ConnectObject
+      include Claimable
+    end
+  end
+end

data/lib/openid_connect/response_object.rb

@@ -1,44 +1,5 @@
 module OpenIDConnect
-  class ResponseObject
-    include ActiveModel::Validations, AttrRequired, AttrOptional
-
-    def initialize(attributes = {})
-      all_attributes.each do |_attr_|
-        self.send :"#{_attr_}=", attributes[_attr_]
-      end
-      attr_missing!
-    end
-
-    def all_attributes
-      required_attributes + optional_attributes
-    end
-
-    def require_at_least_one_attributes
-      all_blank = all_attributes.all? do |key|
-        self.send(key).blank?
-      end
-      errors.add :base, 'At least one attribute is required' if all_blank
-    end
-
-    def as_json(options = {})
-      options ||= {} # options can be nil when to_json is called without options
-      validate! unless options[:skip_validation]
-      all_attributes.inject({}) do |hash, _attr_|
-        value = self.send(_attr_)
-        hash.merge! _attr_ => case value
-        when ResponseObject
-          value.as_json
-        else
-          value
-        end
-      end.delete_if do |key, value|
-        value.nil?
-      end
-    end
-
-    def validate!
-      valid? or raise ValidationFailed.new(self)
-    end
+  class ResponseObject < ConnectObject
   end
 end
 

data/lib/openid_connect/response_object/id_token.rb

@@ -2,7 +2,7 @@ require 'json/jwt'
 
 module OpenIDConnect
   class ResponseObject
-    class IdToken < ResponseObject
+    class IdToken < ConnectObject
       class InvalidToken < Exception; end
 
       attr_required :iss, :user_id, :aud, :exp, :nonce
@@ -26,15 +26,7 @@ module OpenIDConnect
         raise InvalidToken.new('Invalid ID Token')
       end
 
-      def to_jwt(key, algorithm = :RS256)
-        token = JSON::JWT.new as_json
-        yield token if block_given?
-        if algorithm != :none
-          token = token.sign key, algorithm
-        end
-        token.to_s
-      end
-
+      include JWTnizable
       class << self
         def decode(jwt_string, key_or_client)
           case key_or_client

data/lib/openid_connect/response_object/user_info/open_id.rb

@@ -1,7 +1,7 @@
 module OpenIDConnect
   class ResponseObject
     module UserInfo
-      class OpenID < ResponseObject
+      class OpenID < ConnectObject
         attr_optional(
           :user_id,
           :name,

data/lib/openid_connect/response_object/user_info/open_id/address.rb

@@ -2,7 +2,7 @@ module OpenIDConnect
   class ResponseObject
     module UserInfo
       class OpenID
-        class Address < ResponseObject
+        class Address < ConnectObject
           attr_optional :formatted, :street_address, :locality, :region, :postal_code, :country
           validate :require_at_least_one_attributes
         end

data/spec/helpers/webmock_helper.rb

@@ -25,6 +25,9 @@ module WebMockHelper
         request[:query] = options[:params]
       end
     end
+    if options[:request_header]
+      request[:headers] = options[:request_header]
+    end
     request
   end
 

data/spec/openid_connect/client_spec.rb

@@ -74,12 +74,16 @@ describe OpenIDConnect::Client do
     end
     let :protocol_params do
       {
-        :client_id => 'client_id',
-        :client_secret => 'client_secret',
         :grant_type => 'authorization_code',
         :code => 'code'
       }
     end
+    let :header_params do
+      {
+        'Authorization' => 'Basic Y2xpZW50X2lkOmNsaWVudF9zZWNyZXQ=',
+        'Content-Type' => 'application/x-www-form-urlencoded'
+      }
+    end
     let :access_token do
       client.authorization_code = 'code'
       client.access_token!
@@ -87,14 +91,14 @@ describe OpenIDConnect::Client do
 
     context 'when bearer token is returned' do
       it 'should return OpenIDConnect::AccessToken' do
-        mock_json :post, client.token_endpoint, 'access_token/bearer', :params => protocol_params do
+        mock_json :post, client.token_endpoint, 'access_token/bearer', :request_header => header_params, :params => protocol_params do
           access_token.should be_a OpenIDConnect::AccessToken
         end
       end
 
       context 'when id_token is returned' do
         it 'should include id_token' do
-          mock_json :post, client.token_endpoint, 'access_token/bearer_with_id_token', :params => protocol_params do
+          mock_json :post, client.token_endpoint, 'access_token/bearer_with_id_token', :request_header => header_params, :params => protocol_params do
             access_token.id_token.should == 'id_token'
           end
         end
@@ -103,7 +107,7 @@ describe OpenIDConnect::Client do
 
     context 'when invalid JSON is returned' do
       it 'should raise OpenIDConnect::Exception' do
-        mock_json :post, client.token_endpoint, 'access_token/invalid_json', :params => protocol_params do
+        mock_json :post, client.token_endpoint, 'access_token/invalid_json', :request_header => header_params, :params => protocol_params do
           expect do
             access_token
           end.should raise_error OpenIDConnect::Exception, 'Unknown Token Type'
@@ -113,7 +117,7 @@ describe OpenIDConnect::Client do
 
     context 'otherwise' do
       it 'should raise Unexpected Token Type exception' do
-        mock_json :post, client.token_endpoint, 'access_token/mac', :params => protocol_params do
+        mock_json :post, client.token_endpoint, 'access_token/mac', :request_header => header_params, :params => protocol_params do
           expect { access_token }.should raise_error OpenIDConnect::Exception, 'Unexpected Token Type: mac'
         end
       end

data/spec/openid_connect/{response_object_spec.rb → connect_object_spec.rb}

@@ -1,14 +1,14 @@
 require 'spec_helper'
 
-describe OpenIDConnect::ResponseObject do
-  class OpenIDConnect::ResponseObject::SubClass < OpenIDConnect::ResponseObject
+describe OpenIDConnect::ConnectObject do
+  class OpenIDConnect::ConnectObject::SubClass < OpenIDConnect::ConnectObject
     attr_required :required
     attr_optional :optional
     validates :required, :inclusion => {:in => ['Required', 'required']}, :length => 1..10
   end
 
   subject        { instance }
-  let(:klass)    { OpenIDConnect::ResponseObject::SubClass }
+  let(:klass)    { OpenIDConnect::ConnectObject::SubClass }
   let(:instance) { klass.new attributes }
   let :attributes do
     {:required => 'Required', :optional => 'Optional'}

data/spec/openid_connect/request_object_spec.rb

@@ -0,0 +1,108 @@
+require 'spec_helper'
+
+describe OpenIDConnect::RequestObject do
+  subject { request_object }
+  let(:request_object) { OpenIDConnect::RequestObject.new attributes }
+
+  context 'with all attributes' do
+    let(:attributes) do
+      {
+        :client_id => 'client_id',
+        :response_type => 'token id_token',
+        :redirect_uri => 'https://client.example.com',
+        :scope => 'openid email',
+        :state => 'state1234',
+        :nonce => 'nonce1234',
+        :display => :touch,
+        :prompt => :none,
+        :userinfo => {
+          :claims => {
+            :name => :required,
+            :email => :optional
+          }
+        },
+        :id_token => {
+          :max_age => 10,
+          :claims => {
+            :acr => {
+              :values => [2, 3, 4]
+            }
+          }
+        }
+      }
+    end
+    let(:jwtnized) do
+      'eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJjbGllbnRfaWQiOiJjbGllbnRfaWQiLCJyZXNwb25zZV90eXBlIjoidG9rZW4gaWRfdG9rZW4iLCJyZWRpcmVjdF91cmkiOiJodHRwczovL2NsaWVudC5leGFtcGxlLmNvbSIsInNjb3BlIjoib3BlbmlkIGVtYWlsIiwic3RhdGUiOiJzdGF0ZTEyMzQiLCJub25jZSI6Im5vbmNlMTIzNCIsImRpc3BsYXkiOiJ0b3VjaCIsInByb21wdCI6Im5vbmUiLCJpZF90b2tlbiI6eyJjbGFpbXMiOnsiYWNyIjp7InZhbHVlcyI6WzIsMyw0XX19LCJtYXhfYWdlIjoxMH0sInVzZXJpbmZvIjp7ImNsYWltcyI6eyJuYW1lIjpudWxsLCJlbWFpbCI6eyJvcHRpb25hbCI6dHJ1ZX19fX0.fdwSNB3TSnxpRZR6QwXTDb7PtBiPkk6ozN6ABZcoGxc'
+    end
+    let(:jsonized) do
+      {
+        :client_id => "client_id",
+        :response_type => "token id_token",
+        :redirect_uri => "https://client.example.com",
+        :scope => "openid email",
+        :state => "state1234",
+        :nonce => "nonce1234",
+        :display => :touch,
+        :prompt => :none,
+        :id_token => {
+          :claims => {
+            :acr => {
+              :values => [2, 3, 4]
+            }
+          },
+          :max_age => 10
+        },
+        :userinfo => {
+          :claims => {
+            :name => nil,
+            :email => {
+              :optional => true
+            }
+          }
+        }
+      }
+    end
+    it { should be_valid }
+    its(:as_json) do
+      should == jsonized
+    end
+    
+    describe '#to_jwt' do
+      it do
+        request_object.to_jwt('secret', :HS256).should == jwtnized
+      end
+    end
+
+    describe '.decode' do
+      it do
+        OpenIDConnect::RequestObject.decode(jwtnized, 'secret').to_json.should == jsonized.to_json
+      end
+    end
+
+    describe '#required?' do
+      it do
+        request_object.user_info.required?(:name).should be_true
+        request_object.user_info.optional?(:name).should be_false
+      end
+    end
+
+    describe '#optional' do
+      it do
+        request_object.user_info.required?(:email).should be_false
+        request_object.user_info.optional?(:email).should be_true
+      end
+    end
+  end
+
+  context 'with no attributes' do
+    let(:attributes) do
+      {}
+    end
+    it { should_not be_valid }
+    it do
+      expect do
+        request_object.as_json
+      end.should raise_error OpenIDConnect::ValidationFailed
+    end
+  end
+end

metadata

@@ -1,19 +1,19 @@
 --- !ruby/object:Gem::Specification
 name: openid_connect
 version: !ruby/object:Gem::Version
-  version: 0.1.5
-  prerelease: 
+  version: 0.2.0.alpha
+  prerelease: 6
 platform: ruby
 authors:
 - nov matake
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2012-02-24 00:00:00.000000000Z
+date: 2012-02-29 00:00:00.000000000Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: json
-  requirement: &70349154665660 !ruby/object:Gem::Requirement
+  requirement: &70330917356120 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ! '>='
@@ -21,10 +21,10 @@ dependencies:
         version: 1.4.3
   type: :runtime
   prerelease: false
-  version_requirements: *70349154665660
+  version_requirements: *70330917356120
 - !ruby/object:Gem::Dependency
   name: tzinfo
-  requirement: &70349154665140 !ruby/object:Gem::Requirement
+  requirement: &70330917355700 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ! '>='
@@ -32,10 +32,10 @@ dependencies:
         version: '0'
   type: :runtime
   prerelease: false
-  version_requirements: *70349154665140
+  version_requirements: *70330917355700
 - !ruby/object:Gem::Dependency
   name: attr_required
-  requirement: &70349154663760 !ruby/object:Gem::Requirement
+  requirement: &70330912901500 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ! '>='
@@ -43,10 +43,10 @@ dependencies:
         version: 0.0.5
   type: :runtime
   prerelease: false
-  version_requirements: *70349154663760
+  version_requirements: *70330912901500
 - !ruby/object:Gem::Dependency
   name: activemodel
-  requirement: &70349154663140 !ruby/object:Gem::Requirement
+  requirement: &70330912901000 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ! '>='
@@ -54,10 +54,10 @@ dependencies:
         version: '3'
   type: :runtime
   prerelease: false
-  version_requirements: *70349154663140
+  version_requirements: *70330912901000
 - !ruby/object:Gem::Dependency
   name: validate_url
-  requirement: &70349154662680 !ruby/object:Gem::Requirement
+  requirement: &70330912900620 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ! '>='
@@ -65,10 +65,10 @@ dependencies:
         version: '0'
   type: :runtime
   prerelease: false
-  version_requirements: *70349154662680
+  version_requirements: *70330912900620
 - !ruby/object:Gem::Dependency
   name: validate_email
-  requirement: &70349154661720 !ruby/object:Gem::Requirement
+  requirement: &70330912900160 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ! '>='
@@ -76,10 +76,10 @@ dependencies:
         version: '0'
   type: :runtime
   prerelease: false
-  version_requirements: *70349154661720
+  version_requirements: *70330912900160
 - !ruby/object:Gem::Dependency
   name: json-jwt
-  requirement: &70349154660740 !ruby/object:Gem::Requirement
+  requirement: &70330912899660 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ! '>='
@@ -87,10 +87,10 @@ dependencies:
         version: 0.0.3
   type: :runtime
   prerelease: false
-  version_requirements: *70349154660740
+  version_requirements: *70330912899660
 - !ruby/object:Gem::Dependency
   name: swd
-  requirement: &70349154659460 !ruby/object:Gem::Requirement
+  requirement: &70330912899160 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ! '>='
@@ -98,10 +98,10 @@ dependencies:
         version: 0.1.2
   type: :runtime
   prerelease: false
-  version_requirements: *70349154659460
+  version_requirements: *70330912899160
 - !ruby/object:Gem::Dependency
   name: rack-oauth2
-  requirement: &70349154658820 !ruby/object:Gem::Requirement
+  requirement: &70330912898700 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ! '>='
@@ -109,10 +109,10 @@ dependencies:
         version: 0.14.2
   type: :runtime
   prerelease: false
-  version_requirements: *70349154658820
+  version_requirements: *70330912898700
 - !ruby/object:Gem::Dependency
   name: rake
-  requirement: &70349154657080 !ruby/object:Gem::Requirement
+  requirement: &70330912898240 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ! '>='
@@ -120,10 +120,10 @@ dependencies:
         version: '0.8'
   type: :development
   prerelease: false
-  version_requirements: *70349154657080
+  version_requirements: *70330912898240
 - !ruby/object:Gem::Dependency
   name: cover_me
-  requirement: &70349154656000 !ruby/object:Gem::Requirement
+  requirement: &70330912897760 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ! '>='
@@ -131,10 +131,10 @@ dependencies:
         version: 1.2.0
   type: :development
   prerelease: false
-  version_requirements: *70349154656000
+  version_requirements: *70330912897760
 - !ruby/object:Gem::Dependency
   name: rspec
-  requirement: &70349154654660 !ruby/object:Gem::Requirement
+  requirement: &70330912897300 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ! '>='
@@ -142,10 +142,10 @@ dependencies:
         version: '2'
   type: :development
   prerelease: false
-  version_requirements: *70349154654660
+  version_requirements: *70330912897300
 - !ruby/object:Gem::Dependency
   name: webmock
-  requirement: &70349154653880 !ruby/object:Gem::Requirement
+  requirement: &70330912896840 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ! '>='
@@ -153,7 +153,7 @@ dependencies:
         version: 1.6.2
   type: :development
   prerelease: false
-  version_requirements: *70349154653880
+  version_requirements: *70330912896840
 description: OpenID Connect Server & Client Library
 email:
 - nov@matake.jp
@@ -174,6 +174,7 @@ files:
 - lib/openid_connect/access_token.rb
 - lib/openid_connect/client.rb
 - lib/openid_connect/client/registrar.rb
+- lib/openid_connect/connect_object.rb
 - lib/openid_connect/debugger.rb
 - lib/openid_connect/debugger/request_filter.rb
 - lib/openid_connect/discovery.rb
@@ -186,6 +187,11 @@ files:
 - lib/openid_connect/discovery/provider/config/resource.rb
 - lib/openid_connect/discovery/provider/config/response.rb
 - lib/openid_connect/exception.rb
+- lib/openid_connect/jwtnizable.rb
+- lib/openid_connect/request_object.rb
+- lib/openid_connect/request_object/claimable.rb
+- lib/openid_connect/request_object/id_token.rb
+- lib/openid_connect/request_object/user_info.rb
 - lib/openid_connect/response_object.rb
 - lib/openid_connect/response_object/id_token.rb
 - lib/openid_connect/response_object/user_info.rb
@@ -216,6 +222,7 @@ files:
 - spec/openid_connect/access_token_spec.rb
 - spec/openid_connect/client/registrar_spec.rb
 - spec/openid_connect/client_spec.rb
+- spec/openid_connect/connect_object_spec.rb
 - spec/openid_connect/debugger/request_filter_spec.rb
 - spec/openid_connect/discovery/principal/email_spec.rb
 - spec/openid_connect/discovery/principal/uri_spec.rb
@@ -225,10 +232,10 @@ files:
 - spec/openid_connect/discovery/provider/config_spec.rb
 - spec/openid_connect/discovery/provider_spec.rb
 - spec/openid_connect/exception_spec.rb
+- spec/openid_connect/request_object_spec.rb
 - spec/openid_connect/response_object/id_token_spec.rb
 - spec/openid_connect/response_object/user_info/open_id/address_spec.rb
 - spec/openid_connect/response_object/user_info/open_id_spec.rb
-- spec/openid_connect/response_object_spec.rb
 - spec/openid_connect_spec.rb
 - spec/rack/oauth2/server/authorize/extension/code_and_id_token_and_token_spec.rb
 - spec/rack/oauth2/server/authorize/extension/code_and_id_token_spec.rb
@@ -252,9 +259,9 @@ required_ruby_version: !ruby/object:Gem::Requirement
 required_rubygems_version: !ruby/object:Gem::Requirement
   none: false
   requirements:
-  - - ! '>='
+  - - ! '>'
     - !ruby/object:Gem::Version
-      version: '0'
+      version: 1.3.1
 requirements: []
 rubyforge_project: 
 rubygems_version: 1.8.12
@@ -280,6 +287,7 @@ test_files:
 - spec/openid_connect/access_token_spec.rb
 - spec/openid_connect/client/registrar_spec.rb
 - spec/openid_connect/client_spec.rb
+- spec/openid_connect/connect_object_spec.rb
 - spec/openid_connect/debugger/request_filter_spec.rb
 - spec/openid_connect/discovery/principal/email_spec.rb
 - spec/openid_connect/discovery/principal/uri_spec.rb
@@ -289,10 +297,10 @@ test_files:
 - spec/openid_connect/discovery/provider/config_spec.rb
 - spec/openid_connect/discovery/provider_spec.rb
 - spec/openid_connect/exception_spec.rb
+- spec/openid_connect/request_object_spec.rb
 - spec/openid_connect/response_object/id_token_spec.rb
 - spec/openid_connect/response_object/user_info/open_id/address_spec.rb
 - spec/openid_connect/response_object/user_info/open_id_spec.rb
-- spec/openid_connect/response_object_spec.rb
 - spec/openid_connect_spec.rb
 - spec/rack/oauth2/server/authorize/extension/code_and_id_token_and_token_spec.rb
 - spec/rack/oauth2/server/authorize/extension/code_and_id_token_spec.rb