openid_connect 0.6.1 → 0.7.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.travis.yml +1 -1
- data/README.rdoc +3 -1
- data/VERSION +1 -1
- data/lib/openid_connect/access_token.rb +1 -2
- data/lib/openid_connect/client.rb +2 -6
- data/lib/openid_connect/client/registrar.rb +59 -123
- data/lib/openid_connect/discovery.rb +0 -2
- data/lib/openid_connect/discovery/provider.rb +3 -1
- data/lib/openid_connect/discovery/provider/config/response.rb +57 -78
- data/lib/openid_connect/request_object.rb +1 -8
- data/lib/openid_connect/request_object/{user_info.rb → userinfo.rb} +0 -0
- data/lib/openid_connect/response_object/id_token.rb +1 -1
- data/lib/openid_connect/response_object/userinfo.rb +3 -0
- data/lib/openid_connect/response_object/{user_info → userinfo}/open_id.rb +7 -6
- data/lib/openid_connect/response_object/{user_info → userinfo}/open_id/address.rb +0 -0
- data/openid_connect.gemspec +2 -2
- data/spec/helpers/webmock_helper.rb +2 -1
- data/spec/mock_response/discovery/config.json +3 -2
- data/spec/mock_response/public_keys/{jwk.json → jwks.json} +1 -1
- data/spec/mock_response/{user_info → userinfo}/openid.json +0 -0
- data/spec/openid_connect/access_token_spec.rb +7 -6
- data/spec/openid_connect/client/registrar_spec.rb +82 -207
- data/spec/openid_connect/client_spec.rb +2 -2
- data/spec/openid_connect/discovery/provider/config/response_spec.rb +53 -286
- data/spec/openid_connect/discovery/provider/config_spec.rb +11 -12
- data/spec/openid_connect/discovery/provider_spec.rb +1 -1
- data/spec/openid_connect/request_object_spec.rb +4 -4
- data/spec/openid_connect/response_object/id_token_spec.rb +4 -4
- data/spec/openid_connect/response_object/user_info/open_id_spec.rb +1 -0
- metadata +17 -20
- data/Gemfile.lock +0 -102
- data/lib/openid_connect/response_object/user_info.rb +0 -3
- data/spec/mock_response/public_keys/x509.pem +0 -21
|
@@ -225,7 +225,7 @@ describe OpenIDConnect::ResponseObject::IdToken do
|
|
|
225
225
|
context 'when self-issued' do
|
|
226
226
|
context 'when valid' do
|
|
227
227
|
let(:self_issued) do
|
|
228
|
-
'eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.
|
|
228
|
+
'eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL3NlbGYtaXNzdWVkLm1lIiwic3ViIjoiOWp1WGpObmFmbUhhdXF5TGNMRXZ2eGkweEZNMlZXZWtEQVhTUTZkMEFfYyIsImF1ZCI6ImNsaWVudC5leGFtcGxlLmNvbSIsImV4cCI6MTM3MzExNTU5OSwiaWF0IjoxMzcyNTEwNzk5LCJzdWJfandrIjp7Imt0eSI6IlJTQSIsImUiOiJBUUFCIiwibiI6InR1V1VKWUlEeTh3SVBnSnhicDNxbkVlaUVyWTk5bTY2N1lqc0JNelYzYUV1WlJobDJhVE81aFpGTXZ0eHljUi1jS3ZiV25Balg2bjgtRlFhb2Z4R1Qyb21NYTZjcTN6S2hjQ2N6dl81UElwVkJEQkpmMDN3YUIzU1h0R2ZtVDdBMklYUHdSSER4Tjllc0s1dWxzT0MtZl9IOXM4N3Z0U0RYVUhLZDVxS0JaNzhfc0I4eG10UFk0OGVmRVRXNnVDZHBnSy11U1hsYVJKbnN3YXRfdlIyRHJCWjZiOUJfQ0dYWHYxS1JRX1dDUmxoR2RNX294dFNMWHZGai00MlNFSnU5RHB3UzhjRUhKRTFHeU8xSmM2V1dfSTJZMXR5ZUs1Zm1RREpHZklpcUJvWkdBRFg1RUpjYm1aMmtWU2gxaXB0c2dZRUk0c2U0MW15LTdaUGZlZkQ4USJ9fQ.Gy31NnvCUSnS-cZuC4kQqR-DHcvZ0b8y7sNnp-2oCpXoHydGkVoVLsGXesUz6KB7RSB2cjoBySz0_k4eI_Trg7pR94zHCPf4U76mnCujGj7x09O3THlwiyYE3-V2ejhfAEhAXkzQNFu57HbWtvHVGP8SHnNs5NUY2YqJvchQ2uCrWYU4OyHdEnMQXbAdZcj2ltNIHREXtZTOxZhJ5fYUIbynBC27lxETI0LTHfHAzSwzKuFpM0zE99Uhrt7v17Us8gAGlUZIC-A3x2Och_8ryBCJaugROagSv3FoS-LvzaciEu5VLbi3EB9sFP4et_12ZSjFWNEAw5VeSBzF1l0kBQ'
|
|
229
229
|
end
|
|
230
230
|
|
|
231
231
|
context 'when key == :self_issued' do
|
|
@@ -247,7 +247,7 @@ describe OpenIDConnect::ResponseObject::IdToken do
|
|
|
247
247
|
|
|
248
248
|
context 'when invalid subject' do
|
|
249
249
|
let(:self_issued) do
|
|
250
|
-
'eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.
|
|
250
|
+
'eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL3NlbGYtaXNzdWVkLm1lIiwic3ViIjoiUFdFYXFfVnlUd1hTSFR4QVlSZHdWTjNMN2s0UnNxOVBwaTZ4WHZ6ZGZWTSIsImF1ZCI6InRhcGlkLnRhcGlkZW50aXR5LmNvbSIsImV4cCI6MTM2MjI3OTkwMCwiaWF0IjoxMzYyMjc2MzAwLCJzdWJfandrIjp7Imt0eSI6IlJTQSIsImUiOiJBUUFCIiwibiI6IjRGTWl5M08zbFlOd2RzeC15aXVjemRsek81eU11d1p4WFlzSDgydmM0RkM0QXgyMGpNVV94emJHSUhWVUtFQ0pndFp3clBlajhRSWUtZFZFYXQtaGxjNTB5TXluM0h3cmtJVjVZOTdET1E2Sks4azk2QTFqVWxPLW5sRjl4ZUx2VDlwYTJXRTZtYm1KOG5EQW5mR0d6bmRNd3VKNzVLZDI2YmZHY21wcm5qUUJLTkVrakdJbW9MMEhFODFUcjROeC1tN1lsYkRGaVFNRDVpYjhCY3N4S0tvMTZTeG5tSi1EeUY2c094Y2JtV1ZrdkZBa3FKWFBnVFVoNXVYT3YwYk9nN0I2d2RHdUMtWnpJUl8tdUx3YlcxN2V4NGx3ZTFPb0ppdFJ3SFczYlo3NEc3RkdoSmhfTUp4YzB3WXBkbW5uNVpjRFFOWl9sWVRvMHYzaU1PUWk3USJ9fQ.DZKaSne22DjKFSpSUphsTeCMkcMWDexQCm8BPb1nI1PzQYsEAOfwumDajt85UA0x28y2zuOevMj29VpwTzbpRDkduv2NWAI4MHw8DYEsIN__-QGANmdU1sKmthET2iFmeFySwWomLqFvYIaNmVYVLkD53Zqfct5qH3Wznd_hrK8T1d6Cxg-gyZlAeqEu2V8EL2yuz8Gdaeze4b78l5Ux-B_5FQhZ3UkXbL1B2gzKJQVKAQdFJb9zUfzmCeIiUmeM9mw_VU64tAvFDRiTKS1P6b62Gxuyx1DhMLFg2evDaTJERJOta9ywtPfdcLH3qcIiUBffP2-FnAz44bOlKzJorQ'
|
|
251
251
|
end
|
|
252
252
|
|
|
253
253
|
it do
|
|
@@ -286,9 +286,9 @@ describe OpenIDConnect::ResponseObject::IdToken do
|
|
|
286
286
|
[:iss, :sub, :aud, :exp, :iat, :sub_jwk].each do |attribute|
|
|
287
287
|
its(attribute) { should be_present }
|
|
288
288
|
end
|
|
289
|
-
its(:iss)
|
|
289
|
+
its(:iss) { should == 'https://self-issued.me' }
|
|
290
290
|
its(:sub_jwk) { should == sub_jwk}
|
|
291
|
-
its(:subject)
|
|
291
|
+
its(:subject) { should == OpenIDConnect::ResponseObject::IdToken.self_issued_subject(sub_jwk) }
|
|
292
292
|
end
|
|
293
293
|
|
|
294
294
|
describe '.self_issued_subject' do
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: openid_connect
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.7.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- nov matake
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2013-
|
|
11
|
+
date: 2013-06-29 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: json
|
|
@@ -56,16 +56,16 @@ dependencies:
|
|
|
56
56
|
name: activemodel
|
|
57
57
|
requirement: !ruby/object:Gem::Requirement
|
|
58
58
|
requirements:
|
|
59
|
-
- -
|
|
59
|
+
- - <
|
|
60
60
|
- !ruby/object:Gem::Version
|
|
61
|
-
version: '
|
|
61
|
+
version: '4'
|
|
62
62
|
type: :runtime
|
|
63
63
|
prerelease: false
|
|
64
64
|
version_requirements: !ruby/object:Gem::Requirement
|
|
65
65
|
requirements:
|
|
66
|
-
- -
|
|
66
|
+
- - <
|
|
67
67
|
- !ruby/object:Gem::Version
|
|
68
|
-
version: '
|
|
68
|
+
version: '4'
|
|
69
69
|
- !ruby/object:Gem::Dependency
|
|
70
70
|
name: validate_url
|
|
71
71
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -100,14 +100,14 @@ dependencies:
|
|
|
100
100
|
requirements:
|
|
101
101
|
- - '>='
|
|
102
102
|
- !ruby/object:Gem::Version
|
|
103
|
-
version: 0.
|
|
103
|
+
version: 0.5.5
|
|
104
104
|
type: :runtime
|
|
105
105
|
prerelease: false
|
|
106
106
|
version_requirements: !ruby/object:Gem::Requirement
|
|
107
107
|
requirements:
|
|
108
108
|
- - '>='
|
|
109
109
|
- !ruby/object:Gem::Version
|
|
110
|
-
version: 0.
|
|
110
|
+
version: 0.5.5
|
|
111
111
|
- !ruby/object:Gem::Dependency
|
|
112
112
|
name: swd
|
|
113
113
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -217,7 +217,6 @@ files:
|
|
|
217
217
|
- .rspec
|
|
218
218
|
- .travis.yml
|
|
219
219
|
- Gemfile
|
|
220
|
-
- Gemfile.lock
|
|
221
220
|
- LICENSE
|
|
222
221
|
- README.rdoc
|
|
223
222
|
- Rakefile
|
|
@@ -239,12 +238,12 @@ files:
|
|
|
239
238
|
- lib/openid_connect/request_object.rb
|
|
240
239
|
- lib/openid_connect/request_object/claimable.rb
|
|
241
240
|
- lib/openid_connect/request_object/id_token.rb
|
|
242
|
-
- lib/openid_connect/request_object/
|
|
241
|
+
- lib/openid_connect/request_object/userinfo.rb
|
|
243
242
|
- lib/openid_connect/response_object.rb
|
|
244
243
|
- lib/openid_connect/response_object/id_token.rb
|
|
245
|
-
- lib/openid_connect/response_object/
|
|
246
|
-
- lib/openid_connect/response_object/
|
|
247
|
-
- lib/openid_connect/response_object/
|
|
244
|
+
- lib/openid_connect/response_object/userinfo.rb
|
|
245
|
+
- lib/openid_connect/response_object/userinfo/open_id.rb
|
|
246
|
+
- lib/openid_connect/response_object/userinfo/open_id/address.rb
|
|
248
247
|
- lib/rack/oauth2/server/authorize/error_with_connect_ext.rb
|
|
249
248
|
- lib/rack/oauth2/server/authorize/extension/code_and_id_token.rb
|
|
250
249
|
- lib/rack/oauth2/server/authorize/extension/code_and_id_token_and_token.rb
|
|
@@ -271,10 +270,9 @@ files:
|
|
|
271
270
|
- spec/mock_response/errors/invalid_request.json
|
|
272
271
|
- spec/mock_response/errors/unknown.json
|
|
273
272
|
- spec/mock_response/id_token.json
|
|
274
|
-
- spec/mock_response/public_keys/
|
|
275
|
-
- spec/mock_response/public_keys/x509.pem
|
|
273
|
+
- spec/mock_response/public_keys/jwks.json
|
|
276
274
|
- spec/mock_response/request_object/signed.jwt
|
|
277
|
-
- spec/mock_response/
|
|
275
|
+
- spec/mock_response/userinfo/openid.json
|
|
278
276
|
- spec/openid_connect/access_token_spec.rb
|
|
279
277
|
- spec/openid_connect/client/registrar_spec.rb
|
|
280
278
|
- spec/openid_connect/client_spec.rb
|
|
@@ -317,7 +315,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
317
315
|
version: '0'
|
|
318
316
|
requirements: []
|
|
319
317
|
rubyforge_project:
|
|
320
|
-
rubygems_version: 2.0.
|
|
318
|
+
rubygems_version: 2.0.2
|
|
321
319
|
signing_key:
|
|
322
320
|
specification_version: 4
|
|
323
321
|
summary: OpenID Connect Server & Client Library
|
|
@@ -339,10 +337,9 @@ test_files:
|
|
|
339
337
|
- spec/mock_response/errors/invalid_request.json
|
|
340
338
|
- spec/mock_response/errors/unknown.json
|
|
341
339
|
- spec/mock_response/id_token.json
|
|
342
|
-
- spec/mock_response/public_keys/
|
|
343
|
-
- spec/mock_response/public_keys/x509.pem
|
|
340
|
+
- spec/mock_response/public_keys/jwks.json
|
|
344
341
|
- spec/mock_response/request_object/signed.jwt
|
|
345
|
-
- spec/mock_response/
|
|
342
|
+
- spec/mock_response/userinfo/openid.json
|
|
346
343
|
- spec/openid_connect/access_token_spec.rb
|
|
347
344
|
- spec/openid_connect/client/registrar_spec.rb
|
|
348
345
|
- spec/openid_connect/client_spec.rb
|
data/Gemfile.lock
DELETED
|
@@ -1,102 +0,0 @@
|
|
|
1
|
-
PATH
|
|
2
|
-
remote: .
|
|
3
|
-
specs:
|
|
4
|
-
openid_connect (0.6.1)
|
|
5
|
-
activemodel (>= 3)
|
|
6
|
-
attr_required (>= 0.0.5)
|
|
7
|
-
json (>= 1.4.3)
|
|
8
|
-
json-jwt (>= 0.3.3)
|
|
9
|
-
rack-oauth2 (>= 1.0.0)
|
|
10
|
-
swd (>= 0.1.2)
|
|
11
|
-
tzinfo
|
|
12
|
-
validate_email
|
|
13
|
-
validate_url
|
|
14
|
-
webfinger (>= 0.0.2)
|
|
15
|
-
|
|
16
|
-
GEM
|
|
17
|
-
remote: https://rubygems.org/
|
|
18
|
-
specs:
|
|
19
|
-
activemodel (3.2.12)
|
|
20
|
-
activesupport (= 3.2.12)
|
|
21
|
-
builder (~> 3.0.0)
|
|
22
|
-
activesupport (3.2.12)
|
|
23
|
-
i18n (~> 0.6)
|
|
24
|
-
multi_json (~> 1.0)
|
|
25
|
-
addressable (2.3.3)
|
|
26
|
-
attr_required (0.0.5)
|
|
27
|
-
builder (3.0.4)
|
|
28
|
-
configatron (2.10.0)
|
|
29
|
-
yamler (>= 0.1.0)
|
|
30
|
-
cover_me (1.2.0)
|
|
31
|
-
configatron
|
|
32
|
-
hashie
|
|
33
|
-
crack (0.3.2)
|
|
34
|
-
diff-lcs (1.2.1)
|
|
35
|
-
hashie (2.0.2)
|
|
36
|
-
httpclient (2.3.3)
|
|
37
|
-
i18n (0.6.4)
|
|
38
|
-
json (1.7.7)
|
|
39
|
-
json-jwt (0.4.3)
|
|
40
|
-
activesupport (>= 2.3)
|
|
41
|
-
i18n
|
|
42
|
-
multi_json (>= 1.3)
|
|
43
|
-
url_safe_base64
|
|
44
|
-
mail (2.5.3)
|
|
45
|
-
i18n (>= 0.4.0)
|
|
46
|
-
mime-types (~> 1.16)
|
|
47
|
-
treetop (~> 1.4.8)
|
|
48
|
-
mime-types (1.21)
|
|
49
|
-
multi_json (1.6.1)
|
|
50
|
-
polyglot (0.3.3)
|
|
51
|
-
rack (1.5.2)
|
|
52
|
-
rack-oauth2 (1.0.3)
|
|
53
|
-
activesupport (>= 2.3)
|
|
54
|
-
attr_required (>= 0.0.5)
|
|
55
|
-
httpclient (>= 2.2.0.2)
|
|
56
|
-
i18n
|
|
57
|
-
multi_json (>= 1.3.6)
|
|
58
|
-
rack (>= 1.1)
|
|
59
|
-
rake (10.0.3)
|
|
60
|
-
rspec (2.13.0)
|
|
61
|
-
rspec-core (~> 2.13.0)
|
|
62
|
-
rspec-expectations (~> 2.13.0)
|
|
63
|
-
rspec-mocks (~> 2.13.0)
|
|
64
|
-
rspec-core (2.13.0)
|
|
65
|
-
rspec-expectations (2.13.0)
|
|
66
|
-
diff-lcs (>= 1.1.3, < 2.0)
|
|
67
|
-
rspec-mocks (2.13.0)
|
|
68
|
-
swd (0.2.1)
|
|
69
|
-
activesupport (>= 3)
|
|
70
|
-
attr_required (>= 0.0.5)
|
|
71
|
-
httpclient (>= 2.2.1)
|
|
72
|
-
i18n
|
|
73
|
-
json (>= 1.4.3)
|
|
74
|
-
treetop (1.4.12)
|
|
75
|
-
polyglot
|
|
76
|
-
polyglot (>= 0.3.1)
|
|
77
|
-
tzinfo (0.3.35)
|
|
78
|
-
url_safe_base64 (0.2.1)
|
|
79
|
-
validate_email (0.1.6)
|
|
80
|
-
activemodel (>= 3.0)
|
|
81
|
-
mail (>= 2.2.5)
|
|
82
|
-
validate_url (0.2.0)
|
|
83
|
-
activemodel (>= 3.0.0)
|
|
84
|
-
webfinger (0.0.4)
|
|
85
|
-
activesupport (>= 3)
|
|
86
|
-
httpclient (>= 2.2.0.2)
|
|
87
|
-
multi_json
|
|
88
|
-
webmock (1.10.1)
|
|
89
|
-
addressable (>= 2.2.7)
|
|
90
|
-
crack (>= 0.3.2)
|
|
91
|
-
yamler (0.1.0)
|
|
92
|
-
|
|
93
|
-
PLATFORMS
|
|
94
|
-
java
|
|
95
|
-
ruby
|
|
96
|
-
|
|
97
|
-
DEPENDENCIES
|
|
98
|
-
cover_me (>= 1.2.0)
|
|
99
|
-
openid_connect!
|
|
100
|
-
rake (>= 0.8)
|
|
101
|
-
rspec (>= 2)
|
|
102
|
-
webmock (>= 1.6.2)
|
|
@@ -1,21 +0,0 @@
|
|
|
1
|
-
-----BEGIN CERTIFICATE-----
|
|
2
|
-
MIIDeDCCAmACCQDFeFSXWEnHxDANBgkqhkiG9w0BAQsFADB+MQswCQYDVQQGEwJK
|
|
3
|
-
UDEOMAwGA1UECAwFVG9reW8xEDAOBgNVBAcMB1NoaWJ1eWExITAfBgNVBAoMGElu
|
|
4
|
-
dGVybmV0IFdpZGdpdHMgUHR5IEx0ZDEMMAoGA1UEAwwDTm92MRwwGgYJKoZIhvcN
|
|
5
|
-
AQkBFg1ub3ZAbWF0YWtlLmpwMB4XDTExMDkxMzEzMjIzNFoXDTEyMDkxMjEzMjIz
|
|
6
|
-
NFowfjELMAkGA1UEBhMCSlAxDjAMBgNVBAgMBVRva3lvMRAwDgYDVQQHDAdTaGli
|
|
7
|
-
dXlhMSEwHwYDVQQKDBhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQxDDAKBgNVBAMM
|
|
8
|
-
A05vdjEcMBoGCSqGSIb3DQEJARYNbm92QG1hdGFrZS5qcDCCASIwDQYJKoZIhvcN
|
|
9
|
-
AQEBBQADggEPADCCAQoCggEBAKSsm7NFmh1P8uHB8Vm5vFs4+uh7XMhZ+xYd5/vf
|
|
10
|
-
ak17ucjWt9DEWCGH0g8HvSVXNSVKBsONcqtkrXRgSeNB8YnIYxPmKKX7twefEJYC
|
|
11
|
-
b06FG1g+IJkwxoDBsUMbb9RJ9snnWsp0O97A6SCvtdiSQ2Oeab3/jwokkPTo8WS4
|
|
12
|
-
lRipQpQ7rOOP7r9t+9G/SDdiYhDhfmuyQamkxGCz6V2qClg0pyTaJ6+/bS9E+4ri
|
|
13
|
-
ZjtZe9OaDt2NE0PiDS2Oo5yhv0abL8rxjZ8D/aTL3D9aYSrFmddKH7roSRkafCMU
|
|
14
|
-
C/UX80/OzrxdEQUjtVO94dPWD/nKK1g7JyiIuk280aTeWA8CAwEAATANBgkqhkiG
|
|
15
|
-
9w0BAQsFAAOCAQEAdiNDw9z6U8lIF0NWVObeGqoxn/MSp/W5S56ts3agw0meqc1J
|
|
16
|
-
gUPkncXbpjZ/wX0Y3pupmGBIO0XAHPhjyCu3HhplhaVxSNqKEg9wB3huYaMZ2Kbi
|
|
17
|
-
+Wy77hLO2hOYk8vI/ok5oW0lhhpA0o4GzbyV4SA3nZgT0u8YXC7cqAHqI9KsBU5z
|
|
18
|
-
62mjlptCR/b10xTlC13AtbdDM6s1hWP9XpDrm6Kxgfu7nKQ1Q31ag1Ukm9Gw8qcl
|
|
19
|
-
ILxZxqbqGy/q1C+6ObTmGtiVbJTs+W8u5BPg9S49O6qIhVN5wWCT4lRrlpXpYA3a
|
|
20
|
-
TTVBULB1g7Iod2g+kF0qAXnwqGvZ5LOgwFfmcw==
|
|
21
|
-
-----END CERTIFICATE-----
|