RubyGems - openid_connect - Versions diffs - 0.6.1 → 2.3.0 - Mend

openid_connect 0.6.1 → 2.3.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (75) hide show

checksums.yaml +5 -5
data/.github/FUNDING.yml +3 -0
data/.github/workflows/spec.yml +31 -0
data/.gitignore +1 -0
data/CHANGELOG.md +23 -0
data/LICENSE +3 -1
data/README.rdoc +10 -3
data/Rakefile +6 -6
data/TODOs +12 -0
data/VERSION +1 -1
data/lib/openid_connect/access_token/mtls.rb +9 -0
data/lib/openid_connect/access_token.rb +14 -6
data/lib/openid_connect/client/registrar.rb +69 -130
data/lib/openid_connect/client.rb +7 -12
data/lib/openid_connect/discovery/provider/config/resource.rb +5 -3
data/lib/openid_connect/discovery/provider/config/response.rb +73 -78
data/lib/openid_connect/discovery/provider/config.rb +5 -2
data/lib/openid_connect/discovery/provider.rb +6 -2
data/lib/openid_connect/discovery.rb +0 -2
data/lib/openid_connect/jwtnizable.rb +6 -4
data/lib/openid_connect/request_object/claimable.rb +4 -6
data/lib/openid_connect/request_object.rb +6 -13
data/lib/openid_connect/response_object/id_token.rb +38 -37
data/lib/openid_connect/response_object/user_info/address.rb +10 -0
data/lib/openid_connect/response_object/user_info.rb +64 -2
data/lib/openid_connect.rb +26 -11
data/lib/rack/oauth2/server/authorize/extension/code_and_id_token.rb +5 -1
data/lib/rack/oauth2/server/authorize/extension/code_and_id_token_and_token.rb +1 -1
data/lib/rack/oauth2/server/authorize/extension/id_token.rb +1 -1
data/lib/rack/oauth2/server/authorize/extension/id_token_and_token.rb +1 -1
data/lib/rack/oauth2/server/authorize/request_with_connect_params.rb +17 -14
data/lib/rack/oauth2/server/id_token_response.rb +11 -13
data/openid_connect.gemspec +19 -13
data/spec/helpers/crypto_spec_helper.rb +2 -2
data/spec/helpers/webmock_helper.rb +14 -9
data/spec/mock_response/access_token/without_token_type.json +3 -0
data/spec/mock_response/discovery/config.json +3 -3
data/spec/mock_response/discovery/config_with_custom_port.json +13 -0
data/spec/mock_response/discovery/config_with_invalid_issuer.json +13 -0
data/spec/mock_response/discovery/config_with_path.json +13 -0
data/spec/mock_response/discovery/config_without_issuer.json +12 -0
data/spec/mock_response/errors/unknown.json +3 -1
data/spec/mock_response/public_keys/{jwk.json → jwks.json} +1 -1
data/spec/mock_response/public_keys/jwks_with_private_key.json +8 -0
data/spec/mock_response/public_keys/private_key.pem +27 -0
data/spec/openid_connect/access_token_spec.rb +11 -20
data/spec/openid_connect/client/registrar_spec.rb +93 -208
data/spec/openid_connect/client_spec.rb +79 -22
data/spec/openid_connect/connect_object_spec.rb +1 -1
data/spec/openid_connect/discovery/provider/config/response_spec.rb +76 -284
data/spec/openid_connect/discovery/provider/config_spec.rb +64 -27
data/spec/openid_connect/discovery/provider_spec.rb +2 -2
data/spec/openid_connect/request_object_spec.rb +4 -4
data/spec/openid_connect/response_object/id_token_spec.rb +94 -52
data/spec/openid_connect/response_object/user_info/{open_id/address_spec.rb → address_spec.rb} +3 -3
data/spec/openid_connect/response_object/{user_info/open_id_spec.rb → user_info_spec.rb} +13 -12
data/spec/openid_connect_spec.rb +19 -19
data/spec/rack/oauth2/server/authorize/extension/code_and_id_token_and_token_spec.rb +11 -0
data/spec/rack/oauth2/server/authorize/extension/code_and_id_token_spec.rb +11 -0
data/spec/rack/oauth2/server/authorize/extension/id_token_and_token_spec.rb +11 -0
data/spec/rack/oauth2/server/authorize/extension/id_token_spec.rb +1 -1
data/spec/rack/oauth2/server/authorize/request_with_connect_params_spec.rb +45 -0
data/spec/spec_helper.rb +12 -1
metadata +155 -90
data/.travis.yml +0 -3
data/Gemfile.lock +0 -102
data/lib/openid_connect/debugger/request_filter.rb +0 -28
data/lib/openid_connect/debugger.rb +0 -3
data/lib/openid_connect/response_object/user_info/open_id/address.rb +0 -12
data/lib/openid_connect/response_object/user_info/open_id.rb +0 -64
data/lib/rack/oauth2/server/resource/error_with_connect_ext.rb +0 -14
data/spec/mock_response/public_keys/x509.pem +0 -21
data/spec/openid_connect/debugger/request_filter_spec.rb +0 -33
data/spec/rack/oauth2/server/resource/error_with_connect_ext_spec.rb +0 -12
/data/spec/mock_response/{user_info → userinfo}/openid.json +0 -0

data/lib/openid_connect/response_object/user_info/open_id.rb DELETED Viewed

@@ -1,64 +0,0 @@
-module OpenIDConnect
-  class ResponseObject
-    module UserInfo
-      class OpenID < ConnectObject
-        attr_optional(
-          :sub,
-          :name,
-          :given_name,
-          :family_name,
-          :middle_name,
-          :nickname,
-          :preferred_username,
-          :profile,
-          :picture,
-          :website,
-          :email,
-          :email_verified,
-          :gender,
-          :birthdate,
-          :zoneinfo,
-          :locale,
-          :phone_number,
-          :address,
-          :updated_time
-        )
-        alias_method :subject, :sub
-        alias_method :subject=, :sub=
-        validates :email_verified, inclusion: {in: [true, false]},                             allow_nil: true
-        validates :gender,         inclusion: {in: ['male', 'female']},                        allow_nil: true
-        validates :zoneinfo,       inclusion: {in: TZInfo::TimezoneProxy.all.collect(&:name)}, allow_nil: true
-        validates :profile, :picture, :website, url: true, allow_nil: true
-        validates :email, email: true, allow_nil: true
-        validate :validate_address
-        validate :require_at_least_one_attributes
-        # TODO: validate locale
-        def initialize(attributes = {})
-          super
-          (all_attributes - [:email_verified, :address]).each do |key|
-            self.send "#{key}=", self.send(key).try(:to_s)
-          end
-        end
-        def validate_address
-          errors.add :address, address.errors.full_messages.join(', ') if address.present? && !address.valid?
-        end
-        def address=(hash_or_address)
-          @address = case hash_or_address
-          when Hash
-            Address.new hash_or_address
-          when Address
-            hash_or_address
-          end
-        end
-      end
-    end
-  end
-end
-Dir[File.dirname(__FILE__) + '/open_id/*.rb'].each do |file|
-  require file
-end

data/lib/rack/oauth2/server/resource/error_with_connect_ext.rb DELETED Viewed

@@ -1,14 +0,0 @@
-module Rack
-  module OAuth2
-    module Server
-      class Resource
-        module ErrorWithConnectExt
-          def invalid_schema!(description = 'The requested schema is invalid or unsupported', options = {})
-            bad_request! :invalid_schema, description, options
-          end
-        end
-        Request.send :include, ErrorWithConnectExt
-      end
-    end
-  end
-end

data/spec/mock_response/public_keys/x509.pem DELETED Viewed

@@ -1,21 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIDeDCCAmACCQDFeFSXWEnHxDANBgkqhkiG9w0BAQsFADB+MQswCQYDVQQGEwJK
-UDEOMAwGA1UECAwFVG9reW8xEDAOBgNVBAcMB1NoaWJ1eWExITAfBgNVBAoMGElu
-dGVybmV0IFdpZGdpdHMgUHR5IEx0ZDEMMAoGA1UEAwwDTm92MRwwGgYJKoZIhvcN
-AQkBFg1ub3ZAbWF0YWtlLmpwMB4XDTExMDkxMzEzMjIzNFoXDTEyMDkxMjEzMjIz
-NFowfjELMAkGA1UEBhMCSlAxDjAMBgNVBAgMBVRva3lvMRAwDgYDVQQHDAdTaGli
-dXlhMSEwHwYDVQQKDBhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQxDDAKBgNVBAMM
-A05vdjEcMBoGCSqGSIb3DQEJARYNbm92QG1hdGFrZS5qcDCCASIwDQYJKoZIhvcN
-AQEBBQADggEPADCCAQoCggEBAKSsm7NFmh1P8uHB8Vm5vFs4+uh7XMhZ+xYd5/vf
-ak17ucjWt9DEWCGH0g8HvSVXNSVKBsONcqtkrXRgSeNB8YnIYxPmKKX7twefEJYC
-b06FG1g+IJkwxoDBsUMbb9RJ9snnWsp0O97A6SCvtdiSQ2Oeab3/jwokkPTo8WS4
-lRipQpQ7rOOP7r9t+9G/SDdiYhDhfmuyQamkxGCz6V2qClg0pyTaJ6+/bS9E+4ri
-ZjtZe9OaDt2NE0PiDS2Oo5yhv0abL8rxjZ8D/aTL3D9aYSrFmddKH7roSRkafCMU
-C/UX80/OzrxdEQUjtVO94dPWD/nKK1g7JyiIuk280aTeWA8CAwEAATANBgkqhkiG
-9w0BAQsFAAOCAQEAdiNDw9z6U8lIF0NWVObeGqoxn/MSp/W5S56ts3agw0meqc1J
-gUPkncXbpjZ/wX0Y3pupmGBIO0XAHPhjyCu3HhplhaVxSNqKEg9wB3huYaMZ2Kbi
-+Wy77hLO2hOYk8vI/ok5oW0lhhpA0o4GzbyV4SA3nZgT0u8YXC7cqAHqI9KsBU5z
-62mjlptCR/b10xTlC13AtbdDM6s1hWP9XpDrm6Kxgfu7nKQ1Q31ag1Ukm9Gw8qcl
-ILxZxqbqGy/q1C+6ObTmGtiVbJTs+W8u5BPg9S49O6qIhVN5wWCT4lRrlpXpYA3a
-TTVBULB1g7Iod2g+kF0qAXnwqGvZ5LOgwFfmcw==
------END CERTIFICATE-----

data/spec/openid_connect/debugger/request_filter_spec.rb DELETED Viewed

@@ -1,33 +0,0 @@
-require 'spec_helper'
-describe OpenIDConnect::Debugger::RequestFilter do
-  let(:resource_endpoint) { 'https://example.com/resources' }
-  let(:request) { HTTP::Message.new_request(:get, URI.parse(resource_endpoint)) }
-  let(:response) { HTTP::Message.new_response({hello: 'world'}.to_json) }
-  let(:request_filter) { OpenIDConnect::Debugger::RequestFilter.new }
-  describe '#filter_request' do
-    it 'should log request' do
-      [
-        "======= [OpenIDConnect] HTTP REQUEST STARTED =======",
-        request.dump
-      ].each do |output|
-        OpenIDConnect.logger.should_receive(:info).with output
-      end
-      request_filter.filter_request(request)
-    end
-  end
-  describe '#filter_response' do
-    it 'should log response' do
-      [
-        "--------------------------------------------------",
-        response.dump,
-        "======= [OpenIDConnect] HTTP REQUEST FINISHED ======="
-      ].each do |output|
-        OpenIDConnect.logger.should_receive(:info).with output
-      end
-      request_filter.filter_response(request, response)
-    end
-  end
-end

data/spec/rack/oauth2/server/resource/error_with_connect_ext_spec.rb DELETED Viewed

@@ -1,12 +0,0 @@
-require 'spec_helper.rb'
-describe Rack::OAuth2::Server::Resource::ErrorWithConnectExt do
-  let(:env)     { Rack::MockRequest.env_for("/authorize?client_id=client_id") }
-  let(:request) { Rack::OAuth2::Server::Resource::Request.new env }
-  describe 'invalid_schema!' do
-    it do
-      expect { request.invalid_schema! }.to raise_error Rack::OAuth2::Server::Resource::BadRequest
-    end
-  end
-end

/data/spec/mock_response/{user_info → userinfo}/openid.json RENAMED Viewed

File without changes