RubyGems - openid_connect - Versions diffs - 0.0.6 → 0.0.7 - Mend

openid_connect 0.0.6 → 0.0.7

Files changed (12) hide show

data/Gemfile.lock +1 -1
data/README.rdoc +7 -0
data/VERSION +1 -1
data/lib/openid_connect.rb +1 -2
data/lib/rack/oauth2/server/authorize/token_with_id_token.rb +10 -0
data/spec/rack/oauth2/server/authorize/code_and_token_spec.rb +47 -0
data/spec/rack/oauth2/server/authorize/token_spec.rb +44 -0
metadata +7 -8
data/lib/rack/oauth2/server/authorize/extension/id_token.rb +0 -47
data/lib/rack/oauth2/server/authorize/extension/id_token_and_token.rb +0 -39
data/spec/rack/oauth2/server/authorize/extension/id_token_and_token_spec.rb +0 -61
data/spec/rack/oauth2/server/authorize/extension/id_token_spec.rb +0 -49

data/Gemfile.lock CHANGED Viewed

@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    openid_connect (0.0.5)
+    openid_connect (0.0.6)
       activemodel (>= 3)
       attr_required (>= 0.0.3)
       json (>= 1.4.3)

data/README.rdoc CHANGED Viewed

@@ -13,9 +13,16 @@ OpenID Connect Server & Client Library
 == Examples
+=== Provider
 * Running on Heroku (https://openid-connect.herokuapp.com)
 * Source on GitHub (https://github.com/nov/openid_connect_sample)
+=== Relying Party
+* Running on Heroku (https://openid-connect-rp.herokuapp.com)
+* Source on GitHub (https://github.com/nov/openid_connect_sample_rp)
 == Note on Patches/Pull Requests
 * Fork the project.

data/VERSION CHANGED Viewed

	@@ -1 +1 @@
1	- 0.0.6
1	+ 0.0.7

data/lib/openid_connect.rb CHANGED Viewed

@@ -1,7 +1,6 @@
 require 'json'
 require 'rack/oauth2'
-require 'rack/oauth2/server/authorize/extension/id_token'
-require 'rack/oauth2/server/authorize/extension/id_token_and_token'
+require 'rack/oauth2/server/authorize/token_with_id_token'
 require 'openid_connect/exception'
 require 'openid_connect/client'

data/lib/rack/oauth2/server/authorize/token_with_id_token.rb ADDED Viewed

@@ -0,0 +1,10 @@
+class Rack::OAuth2::Server::Authorize::Token::Response
+  attr_optional :id_token
+  def protocol_params_with_id_token
+    protocol_params_without_id_token.merge(
+      :id_token => id_token.try(:to_jwt)
+    )
+  end
+  alias_method_chain :protocol_params, :id_token
+end

data/spec/rack/oauth2/server/authorize/code_and_token_spec.rb ADDED Viewed

@@ -0,0 +1,47 @@
+require 'spec_helper.rb'
+require 'rack/oauth2/server/authorize/extension/code_and_token'
+describe Rack::OAuth2::Server::Authorize::Extension::CodeAndToken do
+  let(:request)      { Rack::MockRequest.new app }
+  let(:response)     { request.get("/?response_type=code%20token&client_id=client") }
+  let(:redirect_uri) { 'http://client.example.com/callback' }
+  let(:bearer_token) { Rack::OAuth2::AccessToken::Bearer.new(:access_token => 'access_token') }
+  let :id_token do
+    OpenIDConnect::ResponseObject::IdToken.new(
+      :iss => 'https://server.example.com',
+      :user_id => 'user_id',
+      :aud => 'client_id',
+      :exp => 1313424327,
+      :secret => 'secret'
+    )
+  end
+  context "when id_token is given" do
+    subject { response }
+    let :app do
+      Rack::OAuth2::Server::Authorize.new do |request, response|
+        response.redirect_uri = redirect_uri
+        response.code = 'code'
+        response.access_token = bearer_token
+        response.id_token = id_token
+        response.approve!
+      end
+    end
+    its(:status)   { should == 302 }
+    its(:location) { should == "#{redirect_uri}?code=code#access_token=access_token&id_token=#{id_token.to_jwt}&token_type=bearer" }
+  end
+  context "otherwise" do
+    subject { response }
+    let :app do
+      Rack::OAuth2::Server::Authorize.new do |request, response|
+        response.redirect_uri = redirect_uri
+        response.code = 'code'
+        response.access_token = bearer_token
+        response.approve!
+      end
+    end
+    its(:status)   { should == 302 }
+    its(:location) { should == "#{redirect_uri}?code=code#access_token=access_token&token_type=bearer" }
+  end
+end

data/spec/rack/oauth2/server/authorize/token_spec.rb ADDED Viewed

@@ -0,0 +1,44 @@
+require 'spec_helper.rb'
+describe Rack::OAuth2::Server::Authorize::Token do
+  let(:request)      { Rack::MockRequest.new app }
+  let(:response)     { request.get("/?response_type=token&client_id=client") }
+  let(:redirect_uri) { 'http://client.example.com/callback' }
+  let(:bearer_token) { Rack::OAuth2::AccessToken::Bearer.new(:access_token => 'access_token') }
+  let :id_token do
+    OpenIDConnect::ResponseObject::IdToken.new(
+      :iss => 'https://server.example.com',
+      :user_id => 'user_id',
+      :aud => 'client_id',
+      :exp => 1313424327,
+      :secret => 'secret'
+    )
+  end
+  context "when id_token is given" do
+    subject { response }
+    let :app do
+      Rack::OAuth2::Server::Authorize.new do |request, response|
+        response.redirect_uri = redirect_uri
+        response.access_token = bearer_token
+        response.id_token = id_token
+        response.approve!
+      end
+    end
+    its(:status)   { should == 302 }
+    its(:location) { should == "#{redirect_uri}#access_token=access_token&id_token=#{id_token.to_jwt}&token_type=bearer" }
+  end
+  context "otherwise" do
+    subject { response }
+    let :app do
+      Rack::OAuth2::Server::Authorize.new do |request, response|
+        response.redirect_uri = redirect_uri
+        response.access_token = bearer_token
+        response.approve!
+      end
+    end
+    its(:status)   { should == 302 }
+    its(:location) { should == "#{redirect_uri}#access_token=access_token&token_type=bearer" }
+  end
+end

metadata CHANGED Viewed

@@ -2,7 +2,7 @@
 name: openid_connect
 version: !ruby/object:Gem::Version
   prerelease:
-  version: 0.0.6
+  version: 0.0.7
 platform: ruby
 authors:
 - nov matake
@@ -10,7 +10,7 @@ autorequire:
 bindir: bin
 cert_chain: []
-date: 2011-08-16 00:00:00 Z
+date: 2011-08-17 00:00:00 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: activemodel
@@ -171,8 +171,7 @@ files:
 - lib/openid_connect/response_object/user_info.rb
 - lib/openid_connect/response_object/user_info/open_id.rb
 - lib/openid_connect/response_object/user_info/open_id/address.rb
-- lib/rack/oauth2/server/authorize/extension/id_token.rb
-- lib/rack/oauth2/server/authorize/extension/id_token_and_token.rb
+- lib/rack/oauth2/server/authorize/token_with_id_token.rb
 - openid_connect.gemspec
 - spec/helpers/webmock_helper.rb
 - spec/mock_response/access_token/bearer.json
@@ -190,8 +189,8 @@ files:
 - spec/openid_connect/response_object/user_info/open_id/address_spec.rb
 - spec/openid_connect/response_object/user_info/open_id_spec.rb
 - spec/openid_connect/response_object_spec.rb
-- spec/rack/oauth2/server/authorize/extension/id_token_and_token_spec.rb
-- spec/rack/oauth2/server/authorize/extension/id_token_spec.rb
+- spec/rack/oauth2/server/authorize/code_and_token_spec.rb
+- spec/rack/oauth2/server/authorize/token_spec.rb
 - spec/spec_helper.rb
 homepage: https://github.com/nov/openid_connect
 licenses: []
@@ -237,6 +236,6 @@ test_files:
 - spec/openid_connect/response_object/user_info/open_id/address_spec.rb
 - spec/openid_connect/response_object/user_info/open_id_spec.rb
 - spec/openid_connect/response_object_spec.rb
-- spec/rack/oauth2/server/authorize/extension/id_token_and_token_spec.rb
-- spec/rack/oauth2/server/authorize/extension/id_token_spec.rb
+- spec/rack/oauth2/server/authorize/code_and_token_spec.rb
+- spec/rack/oauth2/server/authorize/token_spec.rb
 - spec/spec_helper.rb

data/lib/rack/oauth2/server/authorize/extension/id_token.rb DELETED Viewed

@@ -1,47 +0,0 @@
-module Rack
-  module OAuth2
-    module Server
-      class Authorize
-        module Extension
-          class IdToken < Abstract::Handler
-            class << self
-              def response_type_for?(response_type)
-                response_type == 'id_token'
-              end
-            end
-            def call(env)
-              @request  = Request.new env
-              @response = Response.new request
-              super
-            end
-            class Request < Authorize::Request
-              def initialize(env)
-                super
-                @response_type = :id_token
-                attr_missing!
-              end
-              def error_params_location
-                :fragment
-              end
-            end
-            class Response < Authorize::Response
-              attr_required :id_token
-              def protocol_params
-                super.merge :id_token => id_token.to_jwt
-              end
-              def protocol_params_location
-                :fragment
-              end
-            end
-          end
-        end
-      end
-    end
-  end
-end

data/lib/rack/oauth2/server/authorize/extension/id_token_and_token.rb DELETED Viewed

@@ -1,39 +0,0 @@
-module Rack
-  module OAuth2
-    module Server
-      class Authorize
-        module Extension
-          class IdTokenAndToken < Abstract::Handler
-            class << self
-              def response_type_for?(response_type)
-                response_type.split.sort == ['id_token', 'token']
-              end
-            end
-            def call(env)
-              @request  = Request.new env
-              @response = Response.new request
-              super
-            end
-            class Request < Authorize::Token::Request
-              def initialize(env)
-                super
-                @response_type = [:id_token, :token]
-                attr_missing!
-              end
-            end
-            class Response < Authorize::Token::Response
-              attr_required :id_token
-              def protocol_params
-                super.merge :id_token => id_token.to_jwt
-              end
-            end
-          end
-        end
-      end
-    end
-  end
-end

data/spec/rack/oauth2/server/authorize/extension/id_token_and_token_spec.rb DELETED Viewed

@@ -1,61 +0,0 @@
-require 'spec_helper'
-describe Rack::OAuth2::Server::Authorize::Extension::IdTokenAndToken do
-  let(:request)      { Rack::MockRequest.new app }
-  let(:redirect_uri) { 'http://client.example.com/callback' }
-  let(:access_token) { 'access_token' }
-  let(:response) do
-    request.get("/?response_type=id_token%20token&client_id=client&redirect_uri=#{redirect_uri}")
-  end
-  let(:id_token) do
-    OpenIDConnect::ResponseObject::IdToken.new(
-      :iss => 'iss',
-      :user_id => 'user_id',
-      :aud => 'aud',
-      :exp => 10.minutes.from_now,
-      :secret => 'secret'
-    )
-  end
-  context "when approved" do
-    subject { response }
-    let(:bearer_token) { Rack::OAuth2::AccessToken::Bearer.new(:access_token => access_token) }
-    let :app do
-      Rack::OAuth2::Server::Authorize.new do |request, response|
-        response.redirect_uri = redirect_uri
-        response.access_token = bearer_token
-        response.id_token = id_token
-        response.approve!
-      end
-    end
-    its(:status)   { should == 302 }
-    its(:location) { should == "#{redirect_uri}#access_token=#{access_token}&id_token=#{id_token.to_jwt}&token_type=bearer" }
-    context 'when refresh_token is given' do
-      let :bearer_token do
-        Rack::OAuth2::AccessToken::Bearer.new(
-          :access_token => access_token,
-          :refresh_token => 'refresh'
-        )
-      end
-      its(:location) { should == "#{redirect_uri}#access_token=#{access_token}&id_token=#{id_token.to_jwt}&token_type=bearer" }
-    end
-  end
-  context 'when denied' do
-    let :app do
-      Rack::OAuth2::Server::Authorize.new do |request, response|
-        request.verify_redirect_uri! redirect_uri
-        request.access_denied!
-      end
-    end
-    it 'should redirect with error in fragment' do
-      response.status.should == 302
-      error_message = {
-        :error => :access_denied,
-        :error_description => Rack::OAuth2::Server::Authorize::ErrorMethods::DEFAULT_DESCRIPTION[:access_denied]
-      }
-      response.location.should == "#{redirect_uri}##{error_message.to_query}"
-    end
-  end
-end

data/spec/rack/oauth2/server/authorize/extension/id_token_spec.rb DELETED Viewed

@@ -1,49 +0,0 @@
-require 'spec_helper'
-describe Rack::OAuth2::Server::Authorize::Extension::IdToken do
-  let(:request)      { Rack::MockRequest.new app }
-  let(:redirect_uri) { 'http://client.example.com/callback' }
-  let(:response) do
-    request.get("/?response_type=id_token&client_id=client&redirect_uri=#{redirect_uri}")
-  end
-  let(:id_token) do
-    OpenIDConnect::ResponseObject::IdToken.new(
-      :iss => 'iss',
-      :user_id => 'user_id',
-      :aud => 'aud',
-      :exp => 10.minutes.from_now,
-      :secret => 'secret'
-    )
-  end
-  context "when approved" do
-    subject { response }
-    let :app do
-      Rack::OAuth2::Server::Authorize.new do |request, response|
-        response.redirect_uri = redirect_uri
-        response.id_token = id_token
-        response.approve!
-      end
-    end
-    its(:status)   { should == 302 }
-    its(:location) { should == "#{redirect_uri}#id_token=#{id_token.to_jwt}" }
-  end
-  context 'when denied' do
-    let :app do
-      Rack::OAuth2::Server::Authorize.new do |request, response|
-        request.verify_redirect_uri! redirect_uri
-        request.access_denied!
-      end
-    end
-    it 'should redirect with error in fragment' do
-      response.status.should == 302
-      error_message = {
-        :error => :access_denied,
-        :error_description => Rack::OAuth2::Server::Authorize::ErrorMethods::DEFAULT_DESCRIPTION[:access_denied]
-      }
-      response.location.should == "#{redirect_uri}##{error_message.to_query}"
-    end
-  end
-end