RubyGems - openid_connect - Versions diffs - 0.3.1 → 0.3.2 - Mend

openid_connect 0.3.1 → 0.3.2

Files changed (19) hide show

data/Gemfile.lock CHANGED Viewed

@@ -1,11 +1,11 @@
 PATH
   remote: .
   specs:
-    openid_connect (0.3.0)
+    openid_connect (0.3.1)
       activemodel (>= 3)
       attr_required (>= 0.0.5)
       json (>= 1.4.3)
-      json-jwt (>= 0.0.3)
+      json-jwt (>= 0.3.0)
       rack-oauth2 (>= 0.14.2)
       swd (>= 0.1.2)
       tzinfo
@@ -15,16 +15,16 @@ PATH
 GEM
   remote: http://rubygems.org/
   specs:
-    activemodel (3.2.6)
-      activesupport (= 3.2.6)
+    activemodel (3.2.8)
+      activesupport (= 3.2.8)
       builder (~> 3.0.0)
-    activesupport (3.2.6)
+    activesupport (3.2.8)
       i18n (~> 0.6)
       multi_json (~> 1.0)
-    addressable (2.2.8)
+    addressable (2.3.2)
     attr_required (0.0.5)
     bouncy-castle-java (1.5.0146.1)
-    builder (3.0.0)
+    builder (3.0.3)
     configatron (2.9.1)
       yamler (>= 0.1.0)
     cover_me (1.2.0)
@@ -33,12 +33,13 @@ GEM
     crack (0.3.1)
     diff-lcs (1.1.3)
     hashie (1.2.0)
-    httpclient (2.2.5)
-    i18n (0.6.0)
+    httpclient (2.2.7)
+    i18n (0.6.1)
     jruby-openssl (0.7.7)
       bouncy-castle-java (>= 1.5.0146.1)
-    json (1.7.3)
-    json-jwt (0.1.0)
+    json (1.7.5)
+    json (1.7.5-java)
+    json-jwt (0.3.0)
       activesupport (>= 2.3)
       i18n
       json (>= 1.4.3)
@@ -51,22 +52,22 @@ GEM
     multi_json (1.3.6)
     polyglot (0.3.3)
     rack (1.4.1)
-    rack-oauth2 (0.14.4)
+    rack-oauth2 (0.14.9)
       activesupport (>= 2.3)
       attr_required (>= 0.0.5)
       httpclient (>= 2.2.0.2)
       i18n
-      json (>= 1.4.3)
+      multi_json (>= 1.3.6)
       rack (>= 1.1)
     rake (0.9.2.2)
-    rspec (2.10.0)
-      rspec-core (~> 2.10.0)
-      rspec-expectations (~> 2.10.0)
-      rspec-mocks (~> 2.10.0)
-    rspec-core (2.10.1)
-    rspec-expectations (2.10.0)
+    rspec (2.11.0)
+      rspec-core (~> 2.11.0)
+      rspec-expectations (~> 2.11.0)
+      rspec-mocks (~> 2.11.0)
+    rspec-core (2.11.1)
+    rspec-expectations (2.11.3)
       diff-lcs (~> 1.1.3)
-    rspec-mocks (2.10.1)
+    rspec-mocks (2.11.3)
     swd (0.1.2)
       activesupport (>= 3)
       attr_required (>= 0.0.5)
@@ -78,12 +79,12 @@ GEM
       polyglot (>= 0.3.1)
     tzinfo (0.3.33)
     url_safe_base64 (0.2.1)
-    validate_email (0.1.5)
+    validate_email (0.1.6)
       activemodel (>= 3.0)
       mail (>= 2.2.5)
     validate_url (0.2.0)
       activemodel (>= 3.0.0)
-    webmock (1.8.7)
+    webmock (1.8.11)
       addressable (>= 2.2.7)
       crack (>= 0.1.7)
     yamler (0.1.0)

data/VERSION CHANGED Viewed

	@@ -1 +1 @@
1	- 0.3.1
1	+ 0.3.2

data/lib/openid_connect/connect_object.rb CHANGED Viewed

@@ -2,10 +2,13 @@ module OpenIDConnect
   class ConnectObject
     include ActiveModel::Validations, AttrRequired, AttrOptional
+    attr_accessor :raw_attributes
     def initialize(attributes = {})
       all_attributes.each do |_attr_|
         self.send :"#{_attr_}=", attributes[_attr_]
       end
+      self.raw_attributes = attributes
       attr_missing!
     end

data/lib/openid_connect/response_object/id_token.rb CHANGED Viewed

@@ -6,11 +6,11 @@ module OpenIDConnect
       class InvalidToken < Exception; end
       attr_required :iss, :user_id, :aud, :exp, :iat
-      attr_optional :acr, :auth_time, :nonce, :at_hash, :c_hash
+      attr_optional :acr, :auth_time, :nonce, :user_jwk, :at_hash, :c_hash
       def initialize(attributes = {})
         super
-        (all_attributes - [:exp, :iat, :auth_time]).each do |key|
+        (all_attributes - [:exp, :iat, :auth_time, :user_jwk]).each do |key|
           self.send "#{key}=", self.send(key).try(:to_s)
         end
       end
@@ -26,7 +26,31 @@ module OpenIDConnect
       include JWTnizable
       class << self
         def decode(jwt_string, key)
-          new JSON::JWT.decode(jwt_string, key)
+          if key == :self_issued
+            decode_self_issued jwt_string
+          else
+            new JSON::JWT.decode jwt_string, key
+          end
+        end
+        def decode_self_issued(jwt_string)
+          jwt = JSON::JWT.decode jwt_string, :skip_verification
+          jwk = jwt[:user_jwk]
+          raise InvalidToken.new('Missing user_jwk') if jwk.blank?
+          public_key = JSON::JWK.decode jwk
+          user_id_base_string = case public_key
+          when OpenSSL::PKey::RSA
+            [jwk[:mod], jwk[:exp]].join
+          when OpenSSL::PKey::EC
+            raise NotImplementedError.new('Not Implemented Yet')
+          else
+            # Shouldn't reach here. All unknown algorithm error should occurs when decoding JWK
+            raise InvalidToken.new('Unknown Algorithm')
+          end
+          expected_user_id = UrlSafeBase64.encode64 OpenSSL::Digest::SHA256.digest(user_id_base_string)
+          raise InvalidToken.new('Invalid user_id') unless jwt[:user_id] == expected_user_id
+          jwt.verify public_key
+          new jwt
         end
       end
     end

data/openid_connect.gemspec CHANGED Viewed

@@ -16,7 +16,7 @@ Gem::Specification.new do |s|
   s.add_runtime_dependency "activemodel", ">= 3"
   s.add_runtime_dependency "validate_url"
   s.add_runtime_dependency "validate_email"
-  s.add_runtime_dependency "json-jwt", ">= 0.0.3"
+  s.add_runtime_dependency "json-jwt", ">= 0.3.0"
   s.add_runtime_dependency "swd", ">= 0.1.2"
   s.add_runtime_dependency "rack-oauth2", ">= 0.14.2"
   s.add_development_dependency "rake", ">= 0.8"

data/spec/openid_connect/access_token_spec.rb CHANGED Viewed

@@ -56,7 +56,7 @@ describe OpenIDConnect::AccessToken do
         mock_json :get, endpoint, 'errors/invalid_request', :HTTP_AUTHORIZATION => 'Bearer access_token', :status => 400, :params => {
           :schema => 'openid'
         } do
-          expect { request }.should raise_error OpenIDConnect::BadRequest
+          expect { request }.to raise_error OpenIDConnect::BadRequest
         end
       end
     end
@@ -66,7 +66,7 @@ describe OpenIDConnect::AccessToken do
         mock_json :get, endpoint, 'errors/invalid_access_token', :HTTP_AUTHORIZATION => 'Bearer access_token', :status => 401, :params => {
           :schema => 'openid'
         } do
-          expect { request }.should raise_error OpenIDConnect::Unauthorized
+          expect { request }.to raise_error OpenIDConnect::Unauthorized
         end
       end
     end
@@ -76,7 +76,7 @@ describe OpenIDConnect::AccessToken do
         mock_json :get, endpoint, 'errors/insufficient_scope', :HTTP_AUTHORIZATION => 'Bearer access_token', :status => 403, :params => {
           :schema => 'openid'
         } do
-          expect { request }.should raise_error OpenIDConnect::Forbidden
+          expect { request }.to raise_error OpenIDConnect::Forbidden
         end
       end
     end
@@ -86,7 +86,7 @@ describe OpenIDConnect::AccessToken do
         mock_json :get, endpoint, 'errors/unknown', :HTTP_AUTHORIZATION => 'Bearer access_token', :status => 500, :params => {
           :schema => 'openid'
         } do
-          expect { request }.should raise_error OpenIDConnect::HttpError
+          expect { request }.to raise_error OpenIDConnect::HttpError
         end
       end
     end

data/spec/openid_connect/client/registrar_spec.rb CHANGED Viewed

@@ -56,7 +56,7 @@ describe OpenIDConnect::Client::Registrar do
       it do
         expect do
           instance
-        end.should_not raise_error
+        end.not_to raise_error
       end
       it { should_not be_valid }
     end
@@ -69,7 +69,7 @@ describe OpenIDConnect::Client::Registrar do
     it do
       expect do
         instance
-      end.should raise_error AttrRequired::AttrMissing
+      end.to raise_error AttrRequired::AttrMissing
     end
   end
@@ -208,7 +208,7 @@ describe OpenIDConnect::Client::Registrar do
       it do
         expect do
           instance.as_json
-        end.should raise_error OpenIDConnect::ValidationFailed
+        end.to raise_error OpenIDConnect::ValidationFailed
       end
     end
   end
@@ -237,7 +237,7 @@ describe OpenIDConnect::Client::Registrar do
         }, :status => 400 do
           expect do
             instance.associate!
-          end.should raise_error OpenIDConnect::Client::Registrar::RegistrationFailed
+          end.to raise_error OpenIDConnect::Client::Registrar::RegistrationFailed
         end
       end
     end
@@ -274,7 +274,7 @@ describe OpenIDConnect::Client::Registrar do
         }, :status => 400 do
           expect do
             instance.update!
-          end.should raise_error OpenIDConnect::Client::Registrar::RegistrationFailed
+          end.to raise_error OpenIDConnect::Client::Registrar::RegistrationFailed
         end
       end
     end
@@ -308,7 +308,7 @@ describe OpenIDConnect::Client::Registrar do
       it do
         expect do
           instance.validate!
-        end.should_not raise_error OpenIDConnect::ValidationFailed
+        end.not_to raise_error OpenIDConnect::ValidationFailed
       end
     end
@@ -321,7 +321,7 @@ describe OpenIDConnect::Client::Registrar do
       it do
         expect do
           instance.validate!
-        end.should raise_error OpenIDConnect::ValidationFailed
+        end.to raise_error OpenIDConnect::ValidationFailed
       end
     end
   end

data/spec/openid_connect/client_spec.rb CHANGED Viewed

@@ -26,7 +26,7 @@ describe OpenIDConnect::Client do
       [:authorization_uri, :user_info_uri].each do |endpoint|
         describe endpoint do
           it do
-            expect { client.send endpoint }.should raise_error 'No Host Info'
+            expect { client.send endpoint }.to raise_error 'No Host Info'
           end
         end
       end
@@ -109,7 +109,7 @@ describe OpenIDConnect::Client do
         mock_json :post, client.token_endpoint, 'access_token/invalid_json', :request_header => header_params, :params => protocol_params do
           expect do
             access_token
-          end.should raise_error OpenIDConnect::Exception, 'Unknown Token Type'
+          end.to raise_error OpenIDConnect::Exception, 'Unknown Token Type'
         end
       end
     end
@@ -117,7 +117,7 @@ describe OpenIDConnect::Client do
     context 'otherwise' do
       it 'should raise Unexpected Token Type exception' do
         mock_json :post, client.token_endpoint, 'access_token/mac', :request_header => header_params, :params => protocol_params do
-          expect { access_token }.should raise_error OpenIDConnect::Exception, 'Unexpected Token Type: mac'
+          expect { access_token }.to raise_error OpenIDConnect::Exception, 'Unexpected Token Type: mac'
         end
       end
     end

data/spec/openid_connect/connect_object_spec.rb CHANGED Viewed

@@ -35,13 +35,13 @@ describe OpenIDConnect::ConnectObject do
         {:optional => 'Optional'}
       end
       it do
-        expect { klass.new attributes }.should raise_error AttrRequired::AttrMissing
+        expect { klass.new attributes }.to raise_error AttrRequired::AttrMissing
       end
     end
     context 'otherwise' do
       it do
-        expect { klass.new }.should raise_error AttrRequired::AttrMissing
+        expect { klass.new }.to raise_error AttrRequired::AttrMissing
       end
     end
   end
@@ -59,7 +59,7 @@ describe OpenIDConnect::ConnectObject do
       end
       it 'should raise OpenIDConnect::ValidationFailed with ActiveModel::Errors owner' do
-        expect { instance.as_json }.should raise_error(OpenIDConnect::ValidationFailed) { |e|
+        expect { instance.as_json }.to raise_error(OpenIDConnect::ValidationFailed) { |e|
           e.message.should include 'Required is not included in the list'
           e.message.should include 'Required is too long (maximum is 10 characters)'
           e.object.errors.should be_a ActiveModel::Errors
@@ -80,7 +80,7 @@ describe OpenIDConnect::ConnectObject do
       end
       it 'should raise OpenIDConnect::ValidationFailed with ActiveModel::Errors owner' do
-        expect { instance.validate! }.should raise_error(OpenIDConnect::ValidationFailed) { |e|
+        expect { instance.validate! }.to raise_error(OpenIDConnect::ValidationFailed) { |e|
           e.message.should include 'Required is not included in the list'
           e.message.should include 'Required is too long (maximum is 10 characters)'
           e.object.errors.should be_a ActiveModel::Errors

data/spec/openid_connect/discovery/principal/uri_spec.rb CHANGED Viewed

@@ -37,7 +37,7 @@ describe OpenIDConnect::Discovery::Principal::URI do
   describe 'error handling' do
     let(:identifier) { '**' }
     it do
-      expect { uri }.should raise_error OpenIDConnect::Discovery::InvalidIdentifier
+      expect { uri }.to raise_error OpenIDConnect::Discovery::InvalidIdentifier
     end
   end
 end

data/spec/openid_connect/discovery/principal_spec.rb CHANGED Viewed

@@ -26,7 +26,7 @@ describe OpenIDConnect::Discovery::Principal do
     context 'when discovery failed' do
       it do
         SWD.should_receive(:discover!).and_raise(SWD::Exception)
-        expect { request }.should raise_error OpenIDConnect::Discovery::DiscoveryFailed
+        expect { request }.to raise_error OpenIDConnect::Discovery::DiscoveryFailed
       end
     end
   end

data/spec/openid_connect/request_object_spec.rb CHANGED Viewed

@@ -104,7 +104,7 @@ describe OpenIDConnect::RequestObject do
     it do
       expect do
         request_object.as_json
-      end.should raise_error OpenIDConnect::ValidationFailed
+      end.to raise_error OpenIDConnect::ValidationFailed
     end
   end
 end

data/spec/openid_connect/response_object/id_token_spec.rb CHANGED Viewed

@@ -19,7 +19,7 @@ describe OpenIDConnect::ResponseObject::IdToken do
   describe 'attributes' do
     subject { klass }
     its(:required_attributes) { should == [:iss, :user_id, :aud, :exp, :iat] }
-    its(:optional_attributes) { should == [:acr, :auth_time, :nonce, :at_hash, :c_hash] }
+    its(:optional_attributes) { should == [:acr, :auth_time, :nonce, :user_jwk, :at_hash, :c_hash] }
   end
   describe '#verify!' do
@@ -39,7 +39,7 @@ describe OpenIDConnect::ResponseObject::IdToken do
               :issuer => attributes[:iss],
               :client_id => attributes[:aud]
             )
-          end.should raise_error OpenIDConnect::ResponseObject::IdToken::InvalidToken
+          end.to raise_error OpenIDConnect::ResponseObject::IdToken::InvalidToken
         end
       end
     end
@@ -51,7 +51,7 @@ describe OpenIDConnect::ResponseObject::IdToken do
             :issuer => 'invalid_issuer',
             :client_id => attributes[:aud]
           )
-        end.should raise_error OpenIDConnect::ResponseObject::IdToken::InvalidToken
+        end.to raise_error OpenIDConnect::ResponseObject::IdToken::InvalidToken
       end
     end
@@ -61,7 +61,7 @@ describe OpenIDConnect::ResponseObject::IdToken do
           id_token.verify!(
             :client_id => attributes[:aud]
           )
-        end.should raise_error OpenIDConnect::ResponseObject::IdToken::InvalidToken
+        end.to raise_error OpenIDConnect::ResponseObject::IdToken::InvalidToken
       end
     end
@@ -72,7 +72,7 @@ describe OpenIDConnect::ResponseObject::IdToken do
             :issuer => attributes[:iss],
             :client_id => 'invalid_client'
           )
-        end.should raise_error OpenIDConnect::ResponseObject::IdToken::InvalidToken
+        end.to raise_error OpenIDConnect::ResponseObject::IdToken::InvalidToken
       end
     end
@@ -82,7 +82,7 @@ describe OpenIDConnect::ResponseObject::IdToken do
           id_token.verify!(
             :issuer => attributes[:iss]
           )
-        end.should raise_error OpenIDConnect::ResponseObject::IdToken::InvalidToken
+        end.to raise_error OpenIDConnect::ResponseObject::IdToken::InvalidToken
       end
     end
@@ -107,7 +107,7 @@ describe OpenIDConnect::ResponseObject::IdToken do
               :client_id => attributes[:aud],
               :nonce => 'invalid_nonce'
             )
-          end.should raise_error OpenIDConnect::ResponseObject::IdToken::InvalidToken
+          end.to raise_error OpenIDConnect::ResponseObject::IdToken::InvalidToken
         end
       end
@@ -118,7 +118,7 @@ describe OpenIDConnect::ResponseObject::IdToken do
               :issuer => attributes[:iss],
               :client_id => attributes[:aud]
             )
-          end.should raise_error OpenIDConnect::ResponseObject::IdToken::InvalidToken
+          end.to raise_error OpenIDConnect::ResponseObject::IdToken::InvalidToken
         end
       end
     end
@@ -157,5 +157,53 @@ describe OpenIDConnect::ResponseObject::IdToken do
       its(key) { should == attributes[key] }
     end
     its(:exp) { should == attributes[:exp].to_i }
+    context 'when self-issued' do
+      context 'when valid' do
+        let(:self_issued) do
+          'eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL3NlbGYtaXNzdWVkLm1lIiwidXNlcl9pZCI6IkN5amplQ0trLU9xSS1YcW5GYzduX1pSOG4xaXlLNFlIcXNzNkp1SHlnNkUiLCJhdWQiOiJ0YXBpZC50YXBpZGVudGl0eS5jb20iLCJleHAiOjEzNDkyNDc3ODAsImlhdCI6MTM0OTI0NDE4MCwidXNlcl9qd2siOnsiYWxnIjoiUlNBIiwibW9kIjoibWtra29uTXZuQkxiWkRCZE9lNkM3Ukk3T2xLbjVZazl0eTBSQ0NFa2E5TkVDVVhWRmJqaHdrVjlNeFpSekQ2Q3ZIZDQzUmU5ak5iRFFVQVloNm1peHZtdFFSODlDUFlMeWNvOXIzTlEySXpEZmVPZjlUbFpMUXhpOG9FSVBOeURyN1FoSHlpUTlBRkd6YUhNLW1DU1hCcTRnM0Z4Nko4U1d0MFBRSERoZV9MN3FURTJHbzA4NGRyZUtXMFZSazhBRkxrM2V3cVlvV0RQRXhjcFlNYWNNSUhnaFd1N0pRSG9xX0xId2hmdnk3cnN2MFh1QTR0ai1oNnhvaDhubUR6MjBfdUc5Wm9MZHJ0cE44ZHF1MTdOTDgwTmQ1cVotaHRwVUpSemUzVzdyN3F4Y0dwNEtzQnRhc0NqWlcyWGlyQlZ1eXU2bDNqc3JnTlB2S1NaZ2NpUGdRIiwiZXhwIjoiQVFBQiJ9fQ.gp7Yr3mT3oneZusYMOKB3_777QwJNrQlqiK4x7HpYreuPNbBYHOKo8Jsmqe8gCnrWcOtGHe2Flt1NvN_Yy-7TgVP9L8XyaM9KnWrVEPVCDlf2tIqIAd6MSOfWtiDsA--a7AHfg7o2HcxH3-V3JXS3LQJnzpKBHuaJJIYwj1_8W9sUXwljqNCmnCytrqkmIWocQazoAy5mvmUcpcTWGnSsiibQGk_eQTRjZaiouDDbHWi87IneVQ7UeuurPIYoVK6PWhj0894zcJEyJFWkf2UshgP1grGVO8FC6dvlF5dayt6aUYeGMrTEV8KL6FNYAB9dZKR7xDC4uOjumHTjvQFfA'
+        end
+        context 'when key == :self_issued' do
+          it do
+            expect do
+              klass.decode self_issued, :self_issued
+            end.not_to raise_error
+          end
+        end
+        context 'when key == public_key' do
+          it do
+            expect do
+              klass.decode self_issued, public_key
+            end.to raise_error JSON::JWS::VerificationFailed
+          end
+        end
+      end
+      context 'when invalid user_id' do
+        let(:self_issued) do
+          'eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL3NlbGYtaXNzdWVkLm1lIiwidXNlcl9pZCI6ImludmFsaWRfdXNlcl9pZCIsImF1ZCI6InRhcGlkLnRhcGlkZW50aXR5LmNvbSIsImV4cCI6MTM0OTI0ODgxOCwiaWF0IjoxMzQ5MjQ1MjE4LCJ1c2VyX2p3ayI6eyJhbGciOiJSU0EiLCJtb2QiOiJta2trb25Ndm5CTGJaREJkT2U2QzdSSTdPbEtuNVlrOXR5MFJDQ0VrYTlORUNVWFZGYmpod2tWOU14WlJ6RDZDdkhkNDNSZTlqTmJEUVVBWWg2bWl4dm10UVI4OUNQWUx5Y285cjNOUTJJekRmZU9mOVRsWkxReGk4b0VJUE55RHI3UWhIeWlROUFGR3phSE0tbUNTWEJxNGczRng2SjhTV3QwUFFIRGhlX0w3cVRFMkdvMDg0ZHJlS1cwVlJrOEFGTGszZXdxWW9XRFBFeGNwWU1hY01JSGdoV3U3SlFIb3FfTEh3aGZ2eTdyc3YwWHVBNHRqLWg2eG9oOG5tRHoyMF91Rzlab0xkcnRwTjhkcXUxN05MODBOZDVxWi1odHBVSlJ6ZTNXN3I3cXhjR3A0S3NCdGFzQ2paVzJYaXJCVnV5dTZsM2pzcmdOUHZLU1pnY2lQZ1EiLCJleHAiOiJBUUFCIn19.JTIAhIrjbI5s4-1QelTveJYqFjHz2vMQrkRo---TLtSkSDL4IaBXxXabQm_hgXR_Rh80GV2nAD9BR7PSdH2v4BK-xBzHnVzOIfWGzbB-fySvwEF3AO0cQpy8v95no6R8cbVF6exzVmuC5kLesS3BCjoHjywl-fS1H9fUMhUwDS6OatVg4AC3guz0_9l-cM1JE4Ryko-zLAzAkE8cfvVYyH0UCHAQUcTd2T45JmW4_hzN37ziuTs-xKkQ4fZ6TLURS_Q0sxX2vNIhdP1QQWzBwHwxObFK1O_Zb00KVe7MCB7Uxfisz1FDlFgq0Z0QCrQHuVyFqHqcJQjvPh3ORv0_6g'
+        end
+        it do
+          expect do
+            klass.decode self_issued, :self_issued
+          end.to raise_error OpenIDConnect::ResponseObject::IdToken::InvalidToken, 'Invalid user_id'
+        end
+      end
+      context 'when no user_jwk' do
+        let(:self_issued) do
+          'eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL3NlbGYtaXNzdWVkLm1lIiwidXNlcl9pZCI6IkN5amplQ0trLU9xSS1YcW5GYzduX1pSOG4xaXlLNFlIcXNzNkp1SHlnNkUiLCJhdWQiOiJ0YXBpZC50YXBpZGVudGl0eS5jb20iLCJleHAiOjEzNDkyNDg5NjAsImlhdCI6MTM0OTI0NTM2MH0.SyXFCTAAB0l29qxnfUxj5G217cQqVhCiPlQDCq_ZZmtZyGqM4eLI-5D2MPZTc905i10sbwKHTeKqwjhYki2pVOuU5n-N9duTlO64kimg8hAnwEJKsil9jvRPb5hCnc-5vRyXaRV3N1zYFurCEZFmVvXCg4ccKbA_viyuhIYtiMQPHOGY-ELFokfwsbEv11hi9d0kt89pfBMlDyEIZiEDYT0fEl-w7e8tPEk99rCzD_jkitTtdXv18_UsgeM2pDaO9G7_8wQYAX4ldHZjXSihKp2DuTY7edZpP4arYIFHPibtPVcKEnpmK-25mk9Ujo6k7N5kqz9SX6isktbE9-3W4Q'
+        end
+        it do
+          expect do
+            klass.decode self_issued, :self_issued
+          end.to raise_error OpenIDConnect::ResponseObject::IdToken::InvalidToken, 'Missing user_jwk'
+        end
+      end
+    end
   end
 end

data/spec/rack/oauth2/server/authorize/extension/code_and_id_token_and_token_spec.rb CHANGED Viewed

@@ -50,7 +50,7 @@ describe Rack::OAuth2::Server::Authorize::Extension::CodeAndIdTokenAndToken do
       end
     end
     it do
-      expect { response }.should raise_error AttrRequired::AttrMissing, "'access_token', 'code', 'id_token' required."
+      expect { response }.to raise_error AttrRequired::AttrMissing, "'access_token', 'code', 'id_token' required."
     end
   end
 end

data/spec/rack/oauth2/server/authorize/extension/code_and_id_token_spec.rb CHANGED Viewed

@@ -47,7 +47,7 @@ describe Rack::OAuth2::Server::Authorize::Extension::CodeAndIdToken do
       end
     end
     it do
-      expect { response }.should raise_error AttrRequired::AttrMissing, "'id_token' required."
+      expect { response }.to raise_error AttrRequired::AttrMissing, "'id_token' required."
     end
   end
 end

data/spec/rack/oauth2/server/authorize/extension/id_token_and_token_spec.rb CHANGED Viewed

@@ -48,7 +48,7 @@ describe Rack::OAuth2::Server::Authorize::Extension::IdTokenAndToken do
       end
     end
     it do
-      expect { response }.should raise_error AttrRequired::AttrMissing, "'id_token' required."
+      expect { response }.to raise_error AttrRequired::AttrMissing, "'id_token' required."
     end
   end
 end

data/spec/rack/oauth2/server/authorize/extension/id_token_spec.rb CHANGED Viewed

@@ -43,7 +43,7 @@ describe Rack::OAuth2::Server::Authorize::Extension::IdToken do
       end
     end
     it do
-      expect { response }.should raise_error AttrRequired::AttrMissing, "'id_token' required."
+      expect { response }.to raise_error AttrRequired::AttrMissing, "'id_token' required."
     end
   end
 end

data/spec/rack/oauth2/server/resource/error_with_connect_ext_spec.rb CHANGED Viewed

@@ -6,7 +6,7 @@ describe Rack::OAuth2::Server::Resource::ErrorWithConnectExt do
   describe 'invalid_schema!' do
     it do
-      expect { request.invalid_schema! }.should raise_error Rack::OAuth2::Server::Resource::BadRequest
+      expect { request.invalid_schema! }.to raise_error Rack::OAuth2::Server::Resource::BadRequest
     end
   end
 end

metadata CHANGED Viewed

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: openid_connect
 version: !ruby/object:Gem::Version
-  version: 0.3.1
+  version: 0.3.2
   prerelease:
 platform: ruby
 authors:
@@ -9,7 +9,7 @@ authors:
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2012-07-06 00:00:00.000000000 Z
+date: 2012-10-03 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: json
@@ -114,7 +114,7 @@ dependencies:
     requirements:
     - - ! '>='
       - !ruby/object:Gem::Version
-        version: 0.0.3
+        version: 0.3.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
@@ -122,7 +122,7 @@ dependencies:
     requirements:
     - - ! '>='
       - !ruby/object:Gem::Version
-        version: 0.0.3
+        version: 0.3.0
 - !ruby/object:Gem::Dependency
   name: swd
   requirement: !ruby/object:Gem::Requirement