openid_connect 2.0.0 → 2.2.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +7 -1
- data/VERSION +1 -1
- data/lib/openid_connect/access_token/mtls.rb +9 -0
- data/lib/openid_connect/access_token.rb +11 -2
- data/lib/openid_connect/client/registrar.rb +1 -1
- data/lib/openid_connect/client.rb +1 -3
- data/lib/openid_connect/discovery/provider/config/response.rb +1 -3
- data/lib/openid_connect.rb +1 -0
- data/openid_connect.gemspec +1 -1
- data/spec/mock_response/errors/unknown.json +3 -1
- data/spec/openid_connect/client_spec.rb +0 -10
- metadata +5 -4
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 2b5a083aca9fb04e50e7ff4fb18d26d221daac9bf22ec1cfcc136007160a03db
|
|
4
|
+
data.tar.gz: 1eb0f4f04691552f0b276d284bb91f47d393c0afdc8e7473c57446c4e89c6cc1
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 3469b7247c8337d0f3bc5adddc3ebc117676814fba726ba95d59fb50279ae7f8a91e3856962ab794e44bc3d8a0ccbb9adf07966bc4ff50139c74e08c783e5e1f
|
|
7
|
+
data.tar.gz: 5670dcd68a4b196ebb167c2eb313360d407ae30a77914da20f376f4cddef1b009642fc5aeee5eddbd971b03e7baee939076a7ed343a9e63906e309b261bda8be
|
data/CHANGELOG.md
CHANGED
data/VERSION
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
2.
|
|
1
|
+
2.2.0
|
|
@@ -0,0 +1,9 @@
|
|
|
1
|
+
module OpenIDConnect
|
|
2
|
+
class AccessToken::MTLS < AccessToken
|
|
3
|
+
def initialize(attributes = {})
|
|
4
|
+
super
|
|
5
|
+
http_client.ssl.client_key = attributes[:private_key] || client.private_key
|
|
6
|
+
http_client.ssl.client_cert = attributes[:certificate] || client.certificate
|
|
7
|
+
end
|
|
8
|
+
end
|
|
9
|
+
end
|
|
@@ -15,13 +15,20 @@ module OpenIDConnect
|
|
|
15
15
|
ResponseObject::UserInfo.new hash
|
|
16
16
|
end
|
|
17
17
|
|
|
18
|
+
def to_mtls(attributes = {})
|
|
19
|
+
(required_attributes + optional_attributes).each do |key|
|
|
20
|
+
attributes[key] = self.send(key)
|
|
21
|
+
end
|
|
22
|
+
MTLS.new attributes
|
|
23
|
+
end
|
|
24
|
+
|
|
18
25
|
private
|
|
19
26
|
|
|
20
27
|
def resource_request
|
|
21
28
|
res = yield
|
|
22
29
|
case res.status
|
|
23
30
|
when 200
|
|
24
|
-
|
|
31
|
+
res.body.with_indifferent_access
|
|
25
32
|
when 400
|
|
26
33
|
raise BadRequest.new('API Access Faild', res)
|
|
27
34
|
when 401
|
|
@@ -33,4 +40,6 @@ module OpenIDConnect
|
|
|
33
40
|
end
|
|
34
41
|
end
|
|
35
42
|
end
|
|
36
|
-
end
|
|
43
|
+
end
|
|
44
|
+
|
|
45
|
+
require 'openid_connect/access_token/mtls'
|
|
@@ -170,7 +170,7 @@ module OpenIDConnect
|
|
|
170
170
|
end
|
|
171
171
|
|
|
172
172
|
def handle_success_response(response)
|
|
173
|
-
credentials =
|
|
173
|
+
credentials = response.body.with_indifferent_access
|
|
174
174
|
Client.new(
|
|
175
175
|
identifier: credentials[:client_id],
|
|
176
176
|
secret: credentials[:client_secret],
|
|
@@ -26,7 +26,7 @@ module OpenIDConnect
|
|
|
26
26
|
end
|
|
27
27
|
|
|
28
28
|
def handle_success_response(response)
|
|
29
|
-
token_hash =
|
|
29
|
+
token_hash = response.body.with_indifferent_access
|
|
30
30
|
token_type = (@forced_token_type || token_hash[:token_type]).try(:downcase)
|
|
31
31
|
case token_type
|
|
32
32
|
when 'bearer'
|
|
@@ -34,8 +34,6 @@ module OpenIDConnect
|
|
|
34
34
|
else
|
|
35
35
|
raise Exception.new("Unexpected Token Type: #{token_type}")
|
|
36
36
|
end
|
|
37
|
-
rescue JSON::ParserError
|
|
38
|
-
raise Exception.new("Unknown Token Type")
|
|
39
37
|
end
|
|
40
38
|
end
|
|
41
39
|
end
|
|
@@ -81,9 +81,7 @@ module OpenIDConnect
|
|
|
81
81
|
end
|
|
82
82
|
|
|
83
83
|
def jwks
|
|
84
|
-
@jwks ||=
|
|
85
|
-
OpenIDConnect.http_client.get(jwks_uri).body
|
|
86
|
-
).with_indifferent_access
|
|
84
|
+
@jwks ||= OpenIDConnect.http_client.get(jwks_uri).body.with_indifferent_access
|
|
87
85
|
JSON::JWK::Set.new @jwks[:keys]
|
|
88
86
|
end
|
|
89
87
|
|
data/lib/openid_connect.rb
CHANGED
|
@@ -69,6 +69,7 @@ module OpenIDConnect
|
|
|
69
69
|
Faraday.new(headers: {user_agent: "OpenIDConnect (#{VERSION})"}) do |faraday|
|
|
70
70
|
faraday.request :url_encoded
|
|
71
71
|
faraday.request :json
|
|
72
|
+
faraday.response :json
|
|
72
73
|
faraday.response :logger, OpenIDConnect.logger, {bodies: true} if debugging?
|
|
73
74
|
faraday.adapter Faraday.default_adapter
|
|
74
75
|
http_config&.call(faraday)
|
data/openid_connect.gemspec
CHANGED
|
@@ -22,7 +22,7 @@ Gem::Specification.new do |s|
|
|
|
22
22
|
s.add_runtime_dependency "json-jwt", ">= 1.16"
|
|
23
23
|
s.add_runtime_dependency "swd", "~> 2.0"
|
|
24
24
|
s.add_runtime_dependency "webfinger", "~> 2.0"
|
|
25
|
-
s.add_runtime_dependency "rack-oauth2", "~> 2.
|
|
25
|
+
s.add_runtime_dependency "rack-oauth2", "~> 2.2"
|
|
26
26
|
if Gem.ruby_version >= Gem::Version.create(3.1)
|
|
27
27
|
# TODO:
|
|
28
28
|
# remove "net-smtp" dependency after mail gem 2.8+ (which supports ruby 3.1+) released.
|
|
@@ -162,16 +162,6 @@ describe OpenIDConnect::Client do
|
|
|
162
162
|
end
|
|
163
163
|
end
|
|
164
164
|
|
|
165
|
-
context 'when invalid JSON is returned' do
|
|
166
|
-
it 'should raise OpenIDConnect::Exception' do
|
|
167
|
-
mock_json :post, client.token_endpoint, 'access_token/invalid_json', request_header: header_params, params: protocol_params do
|
|
168
|
-
expect do
|
|
169
|
-
access_token
|
|
170
|
-
end.to raise_error OpenIDConnect::Exception, 'Unknown Token Type'
|
|
171
|
-
end
|
|
172
|
-
end
|
|
173
|
-
end
|
|
174
|
-
|
|
175
165
|
context 'otherwise' do
|
|
176
166
|
it 'should raise Unexpected Token Type exception' do
|
|
177
167
|
mock_json :post, client.token_endpoint, 'access_token/mac', request_header: header_params, params: protocol_params do
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: openid_connect
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 2.
|
|
4
|
+
version: 2.2.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- nov matake
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2022-10-
|
|
11
|
+
date: 2022-10-11 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: tzinfo
|
|
@@ -156,14 +156,14 @@ dependencies:
|
|
|
156
156
|
requirements:
|
|
157
157
|
- - "~>"
|
|
158
158
|
- !ruby/object:Gem::Version
|
|
159
|
-
version: '2.
|
|
159
|
+
version: '2.2'
|
|
160
160
|
type: :runtime
|
|
161
161
|
prerelease: false
|
|
162
162
|
version_requirements: !ruby/object:Gem::Requirement
|
|
163
163
|
requirements:
|
|
164
164
|
- - "~>"
|
|
165
165
|
- !ruby/object:Gem::Version
|
|
166
|
-
version: '2.
|
|
166
|
+
version: '2.2'
|
|
167
167
|
- !ruby/object:Gem::Dependency
|
|
168
168
|
name: net-smtp
|
|
169
169
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -282,6 +282,7 @@ files:
|
|
|
282
282
|
- VERSION
|
|
283
283
|
- lib/openid_connect.rb
|
|
284
284
|
- lib/openid_connect/access_token.rb
|
|
285
|
+
- lib/openid_connect/access_token/mtls.rb
|
|
285
286
|
- lib/openid_connect/client.rb
|
|
286
287
|
- lib/openid_connect/client/registrar.rb
|
|
287
288
|
- lib/openid_connect/connect_object.rb
|