RubyGems - openid_connect - Versions diffs - 1.1.3 → 1.1.4 - Mend

openid_connect 1.1.3 → 1.1.4

Files changed (10) hide show

checksums.yaml CHANGED

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: db75e487f02e311c6b10d45f6d94fb167799d8a3
-  data.tar.gz: 3d3b94d8ebde1a2148ada3f1a85bb9d82c511e8e
+  metadata.gz: 37cd15979ddc556edc06ece5242fc5a4cf351351
+  data.tar.gz: 3938aac7d54a50f82a4e030a107ec057f591cc79
 SHA512:
-  metadata.gz: a4dfe4ed94fe1a22a3cddf045e462865c1deebf84a5fe9b2892ea0f0a26053c71a431e95c8ff6a79acb8e03a51e2be199cca219e02b28a306bafd2e8f8b67ad6
-  data.tar.gz: 6875f5710d295b1d357ddae698b829459c323e792e969b7ea3c9126ed298c63f6b2f6a6a553397fcafc71cbc385415b44ec6f4b5a8753292d8d8cabd7cfc9b01
+  metadata.gz: c1de1552a703405e1846c9e150fe640e9d90a12fd4a4bc14f52e09a2a8ce0c7e61f0a89809983b8b5693865cfcb7d3a0f66b45b0e9e87952432526a0b814b7dc
+  data.tar.gz: 8d03ab7fc9d2473fc0f680455b301e143f72ef0b548ad65034eaabf7e6d7e85a514dd16a3ea720b3a05af731d00eb28e67fdc00a268cc49675a255d224f0b6b3

data/.travis.yml CHANGED

@@ -2,6 +2,5 @@ before_install:
   - gem install bundler
 rvm:
-  - 2.2.2
-  - 2.2.5
-  - 2.3.1
+  - 2.3.5
+  - 2.4.2

data/VERSION CHANGED

data/lib/openid_connect.rb CHANGED

@@ -76,6 +76,16 @@ module OpenIDConnect
     end
     @@http_config ||= block
   end
+  def self.validate_discovery_issuer=(boolean)
+    @@validate_discovery_issuer = boolean
+  end
+  def self.validate_discovery_issuer
+    @@validate_discovery_issuer
+  end
+  self.validate_discovery_issuer = true
 end
 require 'openid_connect/exception'

@@ -27,7 +27,8 @@ module OpenIDConnect
     def handle_success_response(response)
       token_hash = JSON.parse(response.body).with_indifferent_access
-      case token_type = token_hash[:token_type].try(:downcase)
+      token_type = (@forced_token_type || token_hash[:token_type]).try(:downcase)
+      case token_type
       when 'bearer'
         AccessToken.new token_hash.merge(client: self)
       else
@@ -41,4 +42,4 @@ end
 Dir[File.dirname(__FILE__) + '/client/*.rb'].each do |file|
   require file
-end
+end

@@ -76,7 +76,7 @@ module OpenIDConnect
             end
           end
-          def validate!(expected_issuer = nil)
+          def validate!
             valid? or raise ValidationFailed.new(self)
           end
@@ -95,7 +95,11 @@ module OpenIDConnect
           def validate_issuer_matching
             if expected_issuer.present? && issuer != expected_issuer
-              errors.add :issuer, 'mismatch'
+              if OpenIDConnect.validate_discovery_issuer
+                errors.add :issuer, 'mismatch'
+              else
+                OpenIDConnect.logger.warn 'ignoring issuer mismach.'
+              end
             end
           end
         end

@@ -0,0 +1,3 @@
+{
+  "access_token":"access_token"
+}

@@ -178,6 +178,15 @@ describe OpenIDConnect::Client do
           expect { access_token }.to raise_error OpenIDConnect::Exception, 'Unexpected Token Type: mac'
         end
       end
+      context 'when token_type is forced' do
+        before { client.force_token_type! :bearer }
+        it 'should use forced token_type' do
+          mock_json :post, client.token_endpoint, 'access_token/without_token_type', request_header: header_params, params: protocol_params do
+            access_token.should be_a OpenIDConnect::AccessToken
+          end
+        end
+      end
     end
   end
-end
+end

@@ -56,13 +56,33 @@ describe OpenIDConnect::Discovery::Provider::Config do
       end
     end
-    context 'when response include invalid issuer' do
-      it do
-        expect do
-          mock_json :get, endpoint, 'discovery/config_with_invalid_issuer' do
-            OpenIDConnect::Discovery::Provider::Config.discover! provider
-          end
-        end.to raise_error OpenIDConnect::Discovery::DiscoveryFailed
+    describe 'when response include invalid issuer' do
+      context 'with normal configuration' do
+        it do
+          expect do
+            mock_json :get, endpoint, 'discovery/config_with_invalid_issuer' do
+              OpenIDConnect::Discovery::Provider::Config.discover! provider
+            end
+          end.to raise_error OpenIDConnect::Discovery::DiscoveryFailed
+        end
+      end
+      context 'when issuer validation is disabled.' do
+        before :each do
+          OpenIDConnect.validate_discovery_issuer = false
+        end
+        after :each do
+          OpenIDConnect.validate_discovery_issuer = true
+        end
+        it do
+          expect do
+            mock_json :get, endpoint, 'discovery/config_with_invalid_issuer' do
+              OpenIDConnect::Discovery::Provider::Config.discover! provider
+            end
+          end.not_to raise_error
+        end
       end
     end
@@ -76,4 +96,4 @@ describe OpenIDConnect::Discovery::Provider::Config do
       end
     end
   end
-end
+end

metadata CHANGED

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: openid_connect
 version: !ruby/object:Gem::Version
-  version: 1.1.3
+  version: 1.1.4
 platform: ruby
 authors:
 - nov matake
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2017-07-24 00:00:00.000000000 Z
+date: 2018-02-14 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: json
@@ -272,6 +272,7 @@ files:
 - spec/mock_response/access_token/bearer_with_id_token.json
 - spec/mock_response/access_token/invalid_json.json
 - spec/mock_response/access_token/mac.json
+- spec/mock_response/access_token/without_token_type.json
 - spec/mock_response/client/registered.json
 - spec/mock_response/client/rotated.json
 - spec/mock_response/client/updated.json
@@ -344,6 +345,7 @@ test_files:
 - spec/mock_response/access_token/bearer_with_id_token.json
 - spec/mock_response/access_token/invalid_json.json
 - spec/mock_response/access_token/mac.json
+- spec/mock_response/access_token/without_token_type.json
 - spec/mock_response/client/registered.json
 - spec/mock_response/client/rotated.json
 - spec/mock_response/client/updated.json