openid_connect 1.0.2 → 1.0.3

Sign up to get free protection for your applications and to get access to all the features.
Files changed (5) hide show
  1. checksums.yaml +4 -4
  2. data/VERSION +1 -1
  3. data/lib/openid_connect/discovery/provider/config.rb +2 -1
  4. data/lib/openid_connect/discovery/provider/config/response.rb +11 -3
  5. metadata +2 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 8deb0d1759eb949d6ed62b8373b3c1dd6aae5486
4
- data.tar.gz: 1ff841370e692dc3f954991e0c6e962d66693e91
3
+ metadata.gz: f0fbea732baa979b9d3914c5320be42299fa4331
4
+ data.tar.gz: e6ba849b29a5153f5bcd18787a42fac8d1043958
5
5
  SHA512:
6
- metadata.gz: b0d16c5ab0f0c35e8bf0ffb40948bf8b7bd86b7130841f39e0ee0b69436b5c183b0285663bc4423a5a882bdbfc180567b008757c6b58cfe7b4304c5ab0aa2772
7
- data.tar.gz: 5c9e70341db9dd1c3d8e92c52aa71f663777f66783c72ca7801558fd18da3c841d913a2905ff995c24aedbff68d50179aff24bf7cfd18d223a9cc61e9961af59
6
+ metadata.gz: 513a387a23c013b64e7348ad1efaacb8ba00119371bfbbab17e2f598ae6cff17ad26595ac944cacafd389a0184698f7803b3e08a97009b78e50c8f47514dc151
7
+ data.tar.gz: 27a73927771c8c7e746b0cbce564f858153e8bfdff183753dd268f38d7e9967cc646725c82c7327013ab6952e73de9350c84e2319bb665b52e98c749cf381305
data/VERSION CHANGED
@@ -1 +1 @@
1
- 1.0.2
1
+ 1.0.3
data/lib/openid_connect/discovery/provider/config.rb CHANGED
@@ -5,7 +5,8 @@ module OpenIDConnect
5
5
  def self.discover!(identifier, cache_options = {})
6
6
  uri = URI.parse(identifier)
7
7
  Resource.new(uri).discover!(cache_options).tap do |response|
8
- response.validate! identifier
8
+ response.expected_issuer = identifier
9
+ response.validate!
9
10
  end
10
11
  rescue SWD::Exception, ValidationFailed => e
11
12
  raise DiscoveryFailed.new(e.message)
data/lib/openid_connect/discovery/provider/config/response.rb CHANGED
@@ -7,6 +7,7 @@ module OpenIDConnect
7
7
 
8
8
  cattr_accessor :metadata_attributes
9
9
  attr_reader :raw
10
+ attr_accessor :expected_issuer
10
11
  uri_attributes = {
11
12
  required: [
12
13
  :issuer,
@@ -55,6 +56,7 @@ module OpenIDConnect
55
56
 
56
57
  validates *required_attributes, presence: true
57
58
  validates *uri_attributes.values.flatten, url: true, allow_nil: true
59
+ validates :issuer, with: :validate_issuer_matching
58
60
 
59
61
  def initialize(hash)
60
62
  (required_attributes + optional_attributes).each do |key|
@@ -73,9 +75,7 @@ module OpenIDConnect
73
75
  end
74
76
 
75
77
  def validate!(expected_issuer = nil)
76
- valid? && (
77
- expected_issuer.blank? || issuer == expected_issuer
78
- ) or raise ValidationFailed.new(self)
78
+ valid? or raise ValidationFailed.new(self)
79
79
  end
80
80
 
81
81
  def jwks
@@ -88,6 +88,14 @@ module OpenIDConnect
88
88
  def public_keys
89
89
  @public_keys ||= jwks.collect(&:to_key)
90
90
  end
91
+
92
+ private
93
+
94
+ def validate_issuer_matching
95
+ if expected_issuer.present? && issuer != expected_issuer
96
+ errors.add :issuer, 'mismatch'
97
+ end
98
+ end
91
99
  end
92
100
  end
93
101
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: openid_connect
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.0.2
4
+ version: 1.0.3
5
5
  platform: ruby
6
6
  authors:
7
7
  - nov matake
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2017-01-18 00:00:00.000000000 Z
11
+ date: 2017-01-19 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: json