openid_connect 0.0.32 → 0.0.33
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
data/VERSION
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
0.0.
|
|
1
|
+
0.0.33
|
data/lib/openid_connect.rb
CHANGED
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: openid_connect
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.0.
|
|
4
|
+
version: 0.0.33
|
|
5
5
|
prerelease:
|
|
6
6
|
platform: ruby
|
|
7
7
|
authors:
|
|
@@ -13,7 +13,7 @@ date: 2012-02-01 00:00:00.000000000Z
|
|
|
13
13
|
dependencies:
|
|
14
14
|
- !ruby/object:Gem::Dependency
|
|
15
15
|
name: json
|
|
16
|
-
requirement: &
|
|
16
|
+
requirement: &70133003870780 !ruby/object:Gem::Requirement
|
|
17
17
|
none: false
|
|
18
18
|
requirements:
|
|
19
19
|
- - ! '>='
|
|
@@ -21,10 +21,10 @@ dependencies:
|
|
|
21
21
|
version: 1.4.3
|
|
22
22
|
type: :runtime
|
|
23
23
|
prerelease: false
|
|
24
|
-
version_requirements: *
|
|
24
|
+
version_requirements: *70133003870780
|
|
25
25
|
- !ruby/object:Gem::Dependency
|
|
26
26
|
name: tzinfo
|
|
27
|
-
requirement: &
|
|
27
|
+
requirement: &70133003869280 !ruby/object:Gem::Requirement
|
|
28
28
|
none: false
|
|
29
29
|
requirements:
|
|
30
30
|
- - ! '>='
|
|
@@ -32,10 +32,10 @@ dependencies:
|
|
|
32
32
|
version: '0'
|
|
33
33
|
type: :runtime
|
|
34
34
|
prerelease: false
|
|
35
|
-
version_requirements: *
|
|
35
|
+
version_requirements: *70133003869280
|
|
36
36
|
- !ruby/object:Gem::Dependency
|
|
37
37
|
name: attr_required
|
|
38
|
-
requirement: &
|
|
38
|
+
requirement: &70133003868260 !ruby/object:Gem::Requirement
|
|
39
39
|
none: false
|
|
40
40
|
requirements:
|
|
41
41
|
- - ! '>='
|
|
@@ -43,10 +43,10 @@ dependencies:
|
|
|
43
43
|
version: 0.0.3
|
|
44
44
|
type: :runtime
|
|
45
45
|
prerelease: false
|
|
46
|
-
version_requirements: *
|
|
46
|
+
version_requirements: *70133003868260
|
|
47
47
|
- !ruby/object:Gem::Dependency
|
|
48
48
|
name: activemodel
|
|
49
|
-
requirement: &
|
|
49
|
+
requirement: &70133003867720 !ruby/object:Gem::Requirement
|
|
50
50
|
none: false
|
|
51
51
|
requirements:
|
|
52
52
|
- - ! '>='
|
|
@@ -54,10 +54,10 @@ dependencies:
|
|
|
54
54
|
version: '3'
|
|
55
55
|
type: :runtime
|
|
56
56
|
prerelease: false
|
|
57
|
-
version_requirements: *
|
|
57
|
+
version_requirements: *70133003867720
|
|
58
58
|
- !ruby/object:Gem::Dependency
|
|
59
59
|
name: validate_url
|
|
60
|
-
requirement: &
|
|
60
|
+
requirement: &70133003867260 !ruby/object:Gem::Requirement
|
|
61
61
|
none: false
|
|
62
62
|
requirements:
|
|
63
63
|
- - ! '>='
|
|
@@ -65,10 +65,10 @@ dependencies:
|
|
|
65
65
|
version: '0'
|
|
66
66
|
type: :runtime
|
|
67
67
|
prerelease: false
|
|
68
|
-
version_requirements: *
|
|
68
|
+
version_requirements: *70133003867260
|
|
69
69
|
- !ruby/object:Gem::Dependency
|
|
70
70
|
name: validate_email
|
|
71
|
-
requirement: &
|
|
71
|
+
requirement: &70133003866700 !ruby/object:Gem::Requirement
|
|
72
72
|
none: false
|
|
73
73
|
requirements:
|
|
74
74
|
- - ! '>='
|
|
@@ -76,10 +76,10 @@ dependencies:
|
|
|
76
76
|
version: '0'
|
|
77
77
|
type: :runtime
|
|
78
78
|
prerelease: false
|
|
79
|
-
version_requirements: *
|
|
79
|
+
version_requirements: *70133003866700
|
|
80
80
|
- !ruby/object:Gem::Dependency
|
|
81
81
|
name: json-jwt
|
|
82
|
-
requirement: &
|
|
82
|
+
requirement: &70133003866120 !ruby/object:Gem::Requirement
|
|
83
83
|
none: false
|
|
84
84
|
requirements:
|
|
85
85
|
- - ! '>='
|
|
@@ -87,10 +87,10 @@ dependencies:
|
|
|
87
87
|
version: 0.0.3
|
|
88
88
|
type: :runtime
|
|
89
89
|
prerelease: false
|
|
90
|
-
version_requirements: *
|
|
90
|
+
version_requirements: *70133003866120
|
|
91
91
|
- !ruby/object:Gem::Dependency
|
|
92
92
|
name: swd
|
|
93
|
-
requirement: &
|
|
93
|
+
requirement: &70133003865600 !ruby/object:Gem::Requirement
|
|
94
94
|
none: false
|
|
95
95
|
requirements:
|
|
96
96
|
- - ! '>='
|
|
@@ -98,10 +98,10 @@ dependencies:
|
|
|
98
98
|
version: 0.0.6
|
|
99
99
|
type: :runtime
|
|
100
100
|
prerelease: false
|
|
101
|
-
version_requirements: *
|
|
101
|
+
version_requirements: *70133003865600
|
|
102
102
|
- !ruby/object:Gem::Dependency
|
|
103
103
|
name: rack-oauth2
|
|
104
|
-
requirement: &
|
|
104
|
+
requirement: &70133003865040 !ruby/object:Gem::Requirement
|
|
105
105
|
none: false
|
|
106
106
|
requirements:
|
|
107
107
|
- - ! '>='
|
|
@@ -109,10 +109,10 @@ dependencies:
|
|
|
109
109
|
version: 0.10.0
|
|
110
110
|
type: :runtime
|
|
111
111
|
prerelease: false
|
|
112
|
-
version_requirements: *
|
|
112
|
+
version_requirements: *70133003865040
|
|
113
113
|
- !ruby/object:Gem::Dependency
|
|
114
114
|
name: rake
|
|
115
|
-
requirement: &
|
|
115
|
+
requirement: &70133003864480 !ruby/object:Gem::Requirement
|
|
116
116
|
none: false
|
|
117
117
|
requirements:
|
|
118
118
|
- - ! '>='
|
|
@@ -120,10 +120,10 @@ dependencies:
|
|
|
120
120
|
version: '0.8'
|
|
121
121
|
type: :development
|
|
122
122
|
prerelease: false
|
|
123
|
-
version_requirements: *
|
|
123
|
+
version_requirements: *70133003864480
|
|
124
124
|
- !ruby/object:Gem::Dependency
|
|
125
125
|
name: cover_me
|
|
126
|
-
requirement: &
|
|
126
|
+
requirement: &70133003863680 !ruby/object:Gem::Requirement
|
|
127
127
|
none: false
|
|
128
128
|
requirements:
|
|
129
129
|
- - ! '>='
|
|
@@ -131,10 +131,10 @@ dependencies:
|
|
|
131
131
|
version: 1.2.0
|
|
132
132
|
type: :development
|
|
133
133
|
prerelease: false
|
|
134
|
-
version_requirements: *
|
|
134
|
+
version_requirements: *70133003863680
|
|
135
135
|
- !ruby/object:Gem::Dependency
|
|
136
136
|
name: rspec
|
|
137
|
-
requirement: &
|
|
137
|
+
requirement: &70133003862600 !ruby/object:Gem::Requirement
|
|
138
138
|
none: false
|
|
139
139
|
requirements:
|
|
140
140
|
- - ! '>='
|
|
@@ -142,10 +142,10 @@ dependencies:
|
|
|
142
142
|
version: '2'
|
|
143
143
|
type: :development
|
|
144
144
|
prerelease: false
|
|
145
|
-
version_requirements: *
|
|
145
|
+
version_requirements: *70133003862600
|
|
146
146
|
- !ruby/object:Gem::Dependency
|
|
147
147
|
name: webmock
|
|
148
|
-
requirement: &
|
|
148
|
+
requirement: &70133003861140 !ruby/object:Gem::Requirement
|
|
149
149
|
none: false
|
|
150
150
|
requirements:
|
|
151
151
|
- - ! '>='
|
|
@@ -153,7 +153,7 @@ dependencies:
|
|
|
153
153
|
version: 1.6.2
|
|
154
154
|
type: :development
|
|
155
155
|
prerelease: false
|
|
156
|
-
version_requirements: *
|
|
156
|
+
version_requirements: *70133003861140
|
|
157
157
|
description: OpenID Connect Server & Client Library
|
|
158
158
|
email:
|
|
159
159
|
- nov@matake.jp
|
|
@@ -191,9 +191,6 @@ files:
|
|
|
191
191
|
- lib/openid_connect/response_object/user_info.rb
|
|
192
192
|
- lib/openid_connect/response_object/user_info/open_id.rb
|
|
193
193
|
- lib/openid_connect/response_object/user_info/open_id/address.rb
|
|
194
|
-
- lib/openid_connect/server.rb
|
|
195
|
-
- lib/openid_connect/server/id_token.rb
|
|
196
|
-
- lib/openid_connect/server/id_token/error.rb
|
|
197
194
|
- lib/rack/oauth2/server/authorize/extension/code_and_id_token.rb
|
|
198
195
|
- lib/rack/oauth2/server/authorize/extension/id_token.rb
|
|
199
196
|
- lib/rack/oauth2/server/authorize/extension/id_token_and_token.rb
|
|
@@ -227,7 +224,6 @@ files:
|
|
|
227
224
|
- spec/openid_connect/response_object/user_info/open_id/address_spec.rb
|
|
228
225
|
- spec/openid_connect/response_object/user_info/open_id_spec.rb
|
|
229
226
|
- spec/openid_connect/response_object_spec.rb
|
|
230
|
-
- spec/openid_connect/server/id_token_spec.rb
|
|
231
227
|
- spec/openid_connect_spec.rb
|
|
232
228
|
- spec/rack/oauth2/server/authorize/extension/code_and_id_token_spec.rb
|
|
233
229
|
- spec/rack/oauth2/server/authorize/extension/id_token_and_token_spec.rb
|
|
@@ -288,7 +284,6 @@ test_files:
|
|
|
288
284
|
- spec/openid_connect/response_object/user_info/open_id/address_spec.rb
|
|
289
285
|
- spec/openid_connect/response_object/user_info/open_id_spec.rb
|
|
290
286
|
- spec/openid_connect/response_object_spec.rb
|
|
291
|
-
- spec/openid_connect/server/id_token_spec.rb
|
|
292
287
|
- spec/openid_connect_spec.rb
|
|
293
288
|
- spec/rack/oauth2/server/authorize/extension/code_and_id_token_spec.rb
|
|
294
289
|
- spec/rack/oauth2/server/authorize/extension/id_token_and_token_spec.rb
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
require 'openid_connect/server/id_token'
|
|
@@ -1,46 +0,0 @@
|
|
|
1
|
-
module OpenIDConnect
|
|
2
|
-
module Server
|
|
3
|
-
class IdToken < Rack::OAuth2::Server::Abstract::Handler
|
|
4
|
-
def call(env)
|
|
5
|
-
@request = Request.new(env)
|
|
6
|
-
@response = Response.new(request)
|
|
7
|
-
super.finish
|
|
8
|
-
rescue Rack::OAuth2::Server::Abstract::Error => e
|
|
9
|
-
e.finish
|
|
10
|
-
end
|
|
11
|
-
|
|
12
|
-
class Request < Rack::OAuth2::Server::Abstract::Request
|
|
13
|
-
attr_required :id_token
|
|
14
|
-
|
|
15
|
-
# NOTE: client_id is required in Rack::OAuth2 and should not exist here.
|
|
16
|
-
undef_method :client_id, :client_id=
|
|
17
|
-
@required_attributes.delete :client_id
|
|
18
|
-
|
|
19
|
-
def initialize(env)
|
|
20
|
-
super
|
|
21
|
-
@id_token = params['id_token']
|
|
22
|
-
attr_missing!
|
|
23
|
-
end
|
|
24
|
-
end
|
|
25
|
-
|
|
26
|
-
class Response < Rack::OAuth2::Server::Abstract::Response
|
|
27
|
-
attr_required :id_token
|
|
28
|
-
|
|
29
|
-
def protocol_params
|
|
30
|
-
id_token.as_json
|
|
31
|
-
end
|
|
32
|
-
|
|
33
|
-
def finish
|
|
34
|
-
attr_missing!
|
|
35
|
-
write Rack::OAuth2::Util.compact_hash(protocol_params).to_json
|
|
36
|
-
header['Content-Type'] = 'application/json'
|
|
37
|
-
header['Cache-Control'] = 'no-store'
|
|
38
|
-
header['Pragma'] = 'no-cache'
|
|
39
|
-
super
|
|
40
|
-
end
|
|
41
|
-
end
|
|
42
|
-
end
|
|
43
|
-
end
|
|
44
|
-
end
|
|
45
|
-
|
|
46
|
-
require 'openid_connect/server/id_token/error'
|
|
@@ -1,30 +0,0 @@
|
|
|
1
|
-
module OpenIDConnect
|
|
2
|
-
module Server
|
|
3
|
-
class IdToken
|
|
4
|
-
class BadRequest < Rack::OAuth2::Server::Abstract::BadRequest; end
|
|
5
|
-
|
|
6
|
-
module ErrorMethods
|
|
7
|
-
DEFAULT_DESCRIPTION = {
|
|
8
|
-
:invalid_request => "The request is missing a required parameter.",
|
|
9
|
-
:invalid_id_token => "The ID Token is not valid for the requested resource, is malformed, is in an incorrect format, or is expired."
|
|
10
|
-
}
|
|
11
|
-
|
|
12
|
-
def self.included(klass)
|
|
13
|
-
DEFAULT_DESCRIPTION.each do |error, default_description|
|
|
14
|
-
klass.class_eval <<-ERROR
|
|
15
|
-
def #{error}!(description = "#{default_description}", options = {})
|
|
16
|
-
bad_request! :#{error}, description, options
|
|
17
|
-
end
|
|
18
|
-
ERROR
|
|
19
|
-
end
|
|
20
|
-
end
|
|
21
|
-
|
|
22
|
-
def bad_request!(error, description = nil, options = {})
|
|
23
|
-
raise BadRequest.new(error, description, options)
|
|
24
|
-
end
|
|
25
|
-
end
|
|
26
|
-
|
|
27
|
-
Request.send :include, ErrorMethods
|
|
28
|
-
end
|
|
29
|
-
end
|
|
30
|
-
end
|
|
@@ -1,67 +0,0 @@
|
|
|
1
|
-
require 'spec_helper.rb'
|
|
2
|
-
|
|
3
|
-
describe OpenIDConnect::Server::IdToken do
|
|
4
|
-
let(:request) { Rack::MockRequest.new app }
|
|
5
|
-
let :app do
|
|
6
|
-
OpenIDConnect::Server::IdToken.new do |req, res|
|
|
7
|
-
res.id_token = id_token
|
|
8
|
-
end
|
|
9
|
-
end
|
|
10
|
-
let :env do
|
|
11
|
-
Rack::MockRequest.env_for(
|
|
12
|
-
'/id_token',
|
|
13
|
-
:params => params
|
|
14
|
-
)
|
|
15
|
-
end
|
|
16
|
-
let :params do
|
|
17
|
-
{:id_token => id_token.to_jwt(private_key) }
|
|
18
|
-
end
|
|
19
|
-
let :id_token do
|
|
20
|
-
OpenIDConnect::ResponseObject::IdToken.new(
|
|
21
|
-
:iss => 'https://server.example.com',
|
|
22
|
-
:user_id => 'user_id',
|
|
23
|
-
:aud => 'client_id',
|
|
24
|
-
:exp => 1313424327,
|
|
25
|
-
:secret => 'secret'
|
|
26
|
-
)
|
|
27
|
-
end
|
|
28
|
-
subject { request.post('/id_token', :params => params) }
|
|
29
|
-
|
|
30
|
-
context 'when valid id_token is given' do
|
|
31
|
-
it 'should extract it' do
|
|
32
|
-
status, header, response = app.call(env)
|
|
33
|
-
status.should == 200
|
|
34
|
-
json = response.body.first
|
|
35
|
-
json.should include '"aud":"client_id"'
|
|
36
|
-
json.should include '"user_id":"user_id"'
|
|
37
|
-
json.should include '"exp":1313424327'
|
|
38
|
-
json.should include '"iss":"https://server.example.com"'
|
|
39
|
-
end
|
|
40
|
-
end
|
|
41
|
-
|
|
42
|
-
context 'otherwise' do
|
|
43
|
-
context 'when missing' do
|
|
44
|
-
let :params do
|
|
45
|
-
{}
|
|
46
|
-
end
|
|
47
|
-
it do
|
|
48
|
-
status, header, response = app.call(env)
|
|
49
|
-
status.should == 400
|
|
50
|
-
response.body.first.should include '"error":"invalid_request"'
|
|
51
|
-
end
|
|
52
|
-
end
|
|
53
|
-
|
|
54
|
-
context 'when rejected by authenticator' do
|
|
55
|
-
let :app do
|
|
56
|
-
OpenIDConnect::Server::IdToken.new do |req, res|
|
|
57
|
-
req.invalid_id_token! 'Expired or Invalid Format'
|
|
58
|
-
end
|
|
59
|
-
end
|
|
60
|
-
it do
|
|
61
|
-
status, header, response = app.call(env)
|
|
62
|
-
status.should == 400
|
|
63
|
-
response.body.first.should include '"error":"invalid_id_token"'
|
|
64
|
-
end
|
|
65
|
-
end
|
|
66
|
-
end
|
|
67
|
-
end
|