oxd-ruby 0.1.8 → 0.1.9

data/demosite/config/initializers/oxd_config.rb

@@ -2,18 +2,24 @@
 Oxd.configure do |config|
   	config.oxd_host_ip                			= '127.0.0.1'
 	config.oxd_host_port      		  			= 8099
-	config.op_host								= "https://ce-dev2.gluu.org"
-	config.authorization_redirect_uri 			= "https://oxd-rails.com/login"
-	config.logout_redirect_uri 		  			= "https://oxd-rails.com/logout"
-	config.post_logout_redirect_uri	  			= "https://oxd-rails.com/"
-	config.scope					  			= [ "openid", "profile","uma_protection","uma_authorization" ]
+	config.op_host					 			= "https://ce-dev2.gluu.org"
+	config.client_id 							= ""
+	config.client_secret 						= ""
+	config.client_name 							= "Gluu Oxd Sample Client"
+	config.authorization_redirect_uri 			= "https://oxd-rails-app.com/login"
+	config.logout_redirect_uri 		  			= "https://oxd-rails-app.com/logout"
+	config.post_logout_redirect_uri	  			= "https://oxd-rails-app.com/"
+	config.scope					  			= ["openid","profile", "email", "uma_protection","uma_authorization"]
+	config.grant_types							= []
 	config.application_type       	  			= "web"
+	config.response_types     		  			= ["code"]
+	config.acr_values 				  			= ["basic"]
 	config.client_jwks_uri			  			= ""
 	config.client_token_endpoint_auth_method	= ""
 	config.client_request_uris					= []
 	config.contacts								= ["example-email@gmail.com"]
-	config.grant_types							= []
-	config.response_types     		  			= ["code"]
-	config.acr_values 				  			= ["basic"]
-	config.client_logout_uris		  			= ['https://oxd-rails.com/logout']
+	config.client_logout_uris		  			= ['https://oxd-rails-app.com/logout']
+	config.oxd_host 							= "https://127.0.0.1:8443"
+	config.connection_type 						= "web"
+	config.dynamic_registration					= true
 end

data/demosite/config/routes.rb

@@ -1,17 +1,21 @@
 Rails.application.routes.draw do
 
   root 'home#index'
+  get '/setup_client' => 'home#setup_client'
+  get '/get_client_token' => 'home#get_client_token'
+  get '/update_registration' => 'home#update_registration'
   get '/register_site' => 'home#register_site'
   get '/login' => 'home#login'
   get '/logout' => 'home#logout'
+  get '/clear_data' => 'home#clear_data'
   
   resources :uma do
     collection do
       get 'protect_resources'
+      get 'get_client_token'
       get 'get_rpt'
       get 'check_access'
-      get 'authorize_rpt'
-      get 'get_gat'
+      get 'get_claims_gathering_url'
     end
   end
   

data/lib/generators/oxd/templates/oxd_config.rb

@@ -3,17 +3,23 @@ Oxd.configure do |config|
   	config.oxd_host_ip                			= '127.0.0.1'
 	config.oxd_host_port      		  			= 8099
 	config.op_host					 			= "https://your.openid.provider.com"
+	config.client_id 							= ""
+	config.client_secret 						= ""
+	config.client_name 							= "Gluu Oxd Sample Client"
 	config.authorization_redirect_uri 			= "https://domain.example.com/callback"
 	config.logout_redirect_uri 		  			= "https://domain.example.com/callback2"
 	config.post_logout_redirect_uri	  			= "https://domain.example.com/logout"
-	config.scope					  			= ["openid","profile","uma_protection","uma_authorization"]
+	config.scope					  			= ["openid","profile", "email", "uma_protection","uma_authorization"]
+	config.grant_types							= []
 	config.application_type       	  			= "web"
+	config.response_types     		  			= ["code"]
+	config.acr_values 				  			= ["basic"]
 	config.client_jwks_uri			  			= ""
 	config.client_token_endpoint_auth_method	= ""
 	config.client_request_uris					= []
 	config.contacts								= ["example-email@gmail.com"]
-	config.grant_types							= []
-	config.response_types     		  			= ["code"]
-	config.acr_values 				  			= ["basic"]
 	config.client_logout_uris		  			= ['https://domain.example.com/logout']
+	config.oxd_host 							= ""
+	config.connection_type 						= "local"
+	config.dynamic_registration					= true
 end

data/lib/oxd-ruby.rb

@@ -6,7 +6,7 @@ require 'oxd/uma_commands'
 
 # @author Inderpal Singh
 # Oxd Module namespace
-# oxd_version 2.4.4	
+# oxd_version 3.1.1	
 module Oxd
 	
 end

data/lib/oxd/client_oxd_commands.rb

@@ -1,5 +1,5 @@
 # @author Inderpal Singh
-# @note supports oxd-version 2.4.4
+# @note supports oxd-version 3.1.1
 module Oxd
 
 	require 'json'
@@ -14,52 +14,128 @@ module Oxd
 			super
 		end
 
+		# @return [String] oxd_id of the registered website
+		# method to setup the client and generate a Client ID, Client Secret for the site
+		# works with oxd-to-https and oxd-server
+		def setup_client
+			@command = 'setup_client'
+			@params = {
+				"authorization_redirect_uri" => @configuration.authorization_redirect_uri,
+				"op_host" => @configuration.op_host,
+				"post_logout_redirect_uri" => @configuration.post_logout_redirect_uri,
+				"application_type" => @configuration.application_type,
+				"response_types"=> @configuration.response_types,
+	            "grant_types" => @configuration.grant_types,
+	            "scope" => @configuration.scope,
+	            "acr_values" => @configuration.acr_values,
+	            "client_jwks_uri" => @configuration.client_jwks_uri,
+				"client_name" => @configuration.client_name,
+				"client_token_endpoint_auth_method" => @configuration.client_token_endpoint_auth_method,
+				"client_request_uris" => @configuration.client_request_uris,
+				"client_logout_uris"=> @configuration.client_logout_uris,
+				"client_sector_identifier_uri" => @configuration.client_sector_identifier_uri,
+				"contacts" => @configuration.contacts,
+				"ui_locales" => @configuration.ui_locales,
+				"claims_locales" => @configuration.claims_locales,
+				"client_id" => @configuration.client_id,
+		        "client_secret" => @configuration.client_secret,
+		        "oxd_rp_programming_language" => 'ruby',
+				"protection_access_token" => @configuration.protection_access_token
+			}
+			request('setup-client')
+	        @configuration.client_id = getResponseData['client_id']
+	        @configuration.client_secret = getResponseData['client_secret']
+	        @configuration.oxd_id = getResponseData['oxd_id']
+
+		end
+
 		# @return [String] oxd_id of the registered website
 		# method to register the website and generate a unique ID for that website
-		# works with both oxd-to-http and oxd-server
-		def register_site			
+		# works with oxd-to-https and oxd-server
+		def register_site	
 			if(!@configuration.oxd_id.empty?) # Check if client is already registered
 				return @configuration.oxd_id
 			else
 				@command = 'register_site'
 				@params = {
-					"op_host" => @configuration.op_host,
 		        	"authorization_redirect_uri" => @configuration.authorization_redirect_uri,
+					"op_host" => @configuration.op_host,
 		            "post_logout_redirect_uri" => @configuration.post_logout_redirect_uri,
 		            "application_type" => @configuration.application_type,		            
-		            "acr_values" => @configuration.acr_values,
+		            "response_types"=> @configuration.response_types,
+		            "grant_types" => @configuration.grant_types,
 		            "scope" => @configuration.scope,
+		            "acr_values" => @configuration.acr_values,
 		            "client_jwks_uri" => @configuration.client_jwks_uri,
 		            "client_token_endpoint_auth_method" => @configuration.client_token_endpoint_auth_method,
 		            "client_request_uris" => @configuration.client_request_uris,
-		            "contacts" => @configuration.contacts,
-		            "grant_types" => @configuration.grant_types,
-		            "response_types"=> @configuration.response_types,
 		            "client_logout_uris"=> @configuration.client_logout_uris,
-		            "client_secret"=> @configuration.client_secret,
-		            "client_id"=> @configuration.client_id
+		            "contacts" => @configuration.contacts,
+		            "client_id" => @configuration.client_id,
+		            "client_secret" => @configuration.client_secret,
+					"client_name" => @configuration.client_name,
+					"client_sector_identifier_uri" => @configuration.client_sector_identifier_uri,
+					"ui_locales" => @configuration.ui_locales,
+					"claims_locales" => @configuration.claims_locales,
+					"protection_access_token" => @configuration.protection_access_token
 		        }
 		        request('register-site')
+		        logger(:log_msg => "OXD ID FROM setup_client : "+getResponseData['oxd_id'])
 		        @configuration.oxd_id = getResponseData['oxd_id']
 		    end	        
 		end
 
-		# @return [String] stored(in oxd_config) oxd_id of the registered website
-	    def getOxdId
-        	return @configuration.oxd_id
-	    end
-		
+		# @return [STRING] access_token
+		# method to generate the protection access token
+		# obtained access token is passed as protection_access_token to all further calls to oxd-https-extension
+		def get_client_token
+			@command = 'get_client_token'
+			@params = {
+	        	"oxd_id" => @configuration.oxd_id,
+				"authorization_redirect_uri" => @configuration.authorization_redirect_uri,
+				"op_host" => @configuration.op_host,
+				"post_logout_redirect_uri" => @configuration.post_logout_redirect_uri,
+				"application_type" => @configuration.application_type,		            
+				"response_types"=> @configuration.response_types,
+				"grant_types" => @configuration.grant_types,
+				"scope" => @configuration.scope,
+				"acr_values" => @configuration.acr_values,
+				"client_name" => @configuration.client_name,
+				"client_jwks_uri" => @configuration.client_jwks_uri,
+				"client_token_endpoint_auth_method" => @configuration.client_token_endpoint_auth_method,
+				"client_request_uris" => @configuration.client_request_uris,
+				"client_sector_identifier_uri" => @configuration.client_sector_identifier_uri,
+				"contacts" => @configuration.contacts,
+				"ui_locales" => @configuration.ui_locales,
+				"claims_locales" => @configuration.claims_locales,
+				"client_id" => @configuration.client_id,
+				"client_secret" => @configuration.client_secret,
+				"client_frontchannel_logout_uris"=> @configuration.client_logout_uris,
+				"oxd_rp_programming_language" => 'ruby'
+	        }
+	        request('get-client-token')
+	        @configuration.protection_access_token = getResponseData['access_token']
+		end
+
+		# @param scope [Array] OPTIONAL, scopes required, takes the scopes registered with register_site by defualt
 		# @param acr_values [Array] OPTIONAL, list of acr values in the order of priority
+		# @param custom_params [Hash] OPTIONAL, custom parameters		
 		# @return [String] authorization_url
 		# method to get authorization url that the user must be redirected to for authorization and authentication
-		# works with both oxd-to-http and oxd-server
-		def get_authorization_url(acr_values = [""])
-			@command = 'get_authorization_url'
+		# works with oxd-to-https and oxd-server
+		def get_authorization_url(scope = [], acr_values = [], custom_params = {})
+			logger(:log_msg => "@configuration object params #{@configuration.inspect}", :error => "")
+			
+			@command = 'get_authorization_url'			
 			@params = {
 	            "oxd_id" => @configuration.oxd_id,
 	            "prompt" => @configuration.prompt,
-	            "acr_values" => acr_values || @configuration.acr_values
+	            "scope" => (scope.blank?)? @configuration.scope : scope,	            
+	            "acr_values" => (acr_values.blank?)? @configuration.acr_values : acr_values,
+	            "custom_parameters" => custom_params,
+				"protection_access_token" => @configuration.protection_access_token
         	}
+        	logger(:log_msg => "get_authorization_url params #{@params.inspect}", :error => "")
 		    request('get-authorization-url')
 		    getResponseData['authorization_url']
 		end
@@ -68,8 +144,8 @@ module Oxd
 		# @param state [String] state obtained from the authorization url callback
 		# @return [Hash] {:access_token, :id_token}
 		# method to retrieve access token. It is called after the user authorizes by visiting the authorization url.
-		# works with both oxd-to-http and oxd-server
-		def get_tokens_by_code( code,state )
+		# works with oxd-to-https and oxd-server
+		def get_tokens_by_code( code, state )
             if (code.empty?)
             	logger(:log_msg => "Empty/Wrong value in place of code.")
         	end
@@ -77,17 +153,35 @@ module Oxd
 			@params = {
 	            "oxd_id" => @configuration.oxd_id,
 	            "code" => code,
-	            "state" => state
+	            "state" => state,
+	            "protection_access_token" => @configuration.protection_access_token
         	}        	
 			request('get-tokens-by-code')
 			@configuration.id_token = getResponseData['id_token']
+			@configuration.refresh_token = getResponseData['refresh_token']
+			getResponseData['access_token']
+		end
+
+		# @param scope [Array] OPTIONAL, scopes required, takes the scopes registered with register_site by defualt
+		# @return [String] access_token
+		# method to retrieve access token. It is called after getting the refresh_token by using the code and state.
+		# works with oxd-to-https and oxd-server		
+		def get_access_token_by_refresh_token(scope = nil)
+			@command = 'get_access_token_by_refresh_token'
+			@params = {
+	            "oxd_id" => @configuration.oxd_id,
+	            "refresh_token" => @configuration.refresh_token,
+	            "scope" => (scope.blank?)? @configuration.scope : scope,
+	            "protection_access_token" => @configuration.protection_access_token
+        	}        	
+			request('get-access-token-by-refresh-token')
 			getResponseData['access_token']
 		end
 
 		# @param access_token [String] access token recieved from the get_tokens_by_code command
 		# @return [String] user data claims that are returned by the OP
 		# get the information about the user using the access token obtained from the OP
-		# works with both oxd-to-http and oxd-server
+		# works with oxd-to-https and oxd-server
 		def get_user_info(access_token)
 			if access_token.empty?
 	            logger(:log_msg => "Empty access code sent for get_user_info", :error => "Empty access code")
@@ -95,7 +189,8 @@ module Oxd
 			@command = 'get_user_info'
 	    	@params = {
 	            "oxd_id" => @configuration.oxd_id,
-	            "access_token" => access_token
+	            "access_token" => access_token,
+	            "protection_access_token" => @configuration.protection_access_token
         	}
         	request('get-user-info')
 			getResponseData['claims']
@@ -105,7 +200,7 @@ module Oxd
 		# @param session_state [String] OPTIONAL, session state obtained from the authorization url callback
 		# @return [String] uri
 		# method to retrieve logout url from OP. User must be redirected to this url to perform logout
-		# works with both oxd-to-http and oxd-server
+		# works with oxd-to-https and oxd-server
 		def get_logout_uri( state = nil, session_state = nil)
 			@command = 'get_logout_uri'
 			@params = {
@@ -113,36 +208,40 @@ module Oxd
 	            "id_token_hint" => @configuration.id_token,
 	            "post_logout_redirect_uri" => @configuration.post_logout_redirect_uri, 
 	            "state" => state,
-	            "session_state" => session_state
+	            "session_state" => session_state,
+	            "protection_access_token" => @configuration.protection_access_token
         	}
-        	request('logout')
+        	request('get-logout-uri')
         	getResponseData['uri']
-        	#@configuration.oxd_id = "" #unset oxd_id after logout
 		end
 
 		# @return [Boolean] status - if site registration was updated successfully or not
 		# method to update the website's information with OpenID Provider. 
 		# 	This should be called after changing the values in the oxd_config file.
-		# works with both oxd-to-http and oxd-server
+		# works with oxd-to-https and oxd-server
 		def update_site_registration
 	    	@command = 'update_site_registration'
         	@params = {
-	        	"authorization_redirect_uri" => @configuration.authorization_redirect_uri,
 	        	"oxd_id" => @configuration.oxd_id,
-	            "post_logout_redirect_uri" => @configuration.post_logout_redirect_uri,
-	            "application_type" => @configuration.application_type,
-	            "acr_values" => @configuration.acr_values,
-	            "scope" => @configuration.scope,
-	            "client_jwks_uri" => @configuration.client_jwks_uri,
-	            "client_token_endpoint_auth_method" => @configuration.client_token_endpoint_auth_method,
-	            "client_request_uris" => @configuration.client_request_uris,
-	            "contacts" => @configuration.contacts,
-	            "grant_types" => @configuration.grant_types,
-	            "response_types"=> @configuration.response_types,
-	            "client_secret_expires_at" => 3080736637943,
-	            "client_logout_uris"=> @configuration.client_logout_uris
+				"authorization_redirect_uri" => @configuration.authorization_redirect_uri,
+				"post_logout_redirect_uri" => @configuration.post_logout_redirect_uri,
+				"client_logout_uris"=> @configuration.client_logout_uris,
+				"response_types"=> @configuration.response_types,
+				"grant_types" => @configuration.grant_types,
+				"scope" => @configuration.scope,
+				"acr_values" => @configuration.acr_values,
+				"client_name" => @configuration.client_name,
+				"client_secret_expires_at" => 3080736637943,
+				"client_jwks_uri" => @configuration.client_jwks_uri,
+				"client_token_endpoint_auth_method" => @configuration.client_token_endpoint_auth_method,
+				"client_request_uris" => @configuration.client_request_uris,
+				"client_sector_identifier_uri" => @configuration.client_sector_identifier_uri,
+				"contacts" => @configuration.contacts,
+				"ui_locales" => @configuration.ui_locales,
+				"claims_locales" => @configuration.claims_locales,
+				"protection_access_token" => @configuration.protection_access_token
 	        }
-	        request('update-site-registration')
+	        request('update-site')
 	        if @response_object['status'] == "ok"
 	        	@configuration.oxd_id = getResponseData['oxd_id']
 	            return true
@@ -150,5 +249,10 @@ module Oxd
 	            return false
 	        end
 		end
+
+		# @return Oxd Configuraton object
+		def oxdConfig
+			return @configuration
+		end
 	end
 end

data/lib/oxd/config.rb

@@ -1,7 +1,7 @@
 require 'active_support/configurable'
 
 # @author Inderpal Singh
-# @note supports oxd-version 2.4.4
+# @note supports oxd-version 3.1.1
 module Oxd
 
   # Configures global settings for Oxd
@@ -26,28 +26,37 @@ module Oxd
   class Configuration
     include ActiveSupport::Configurable    
     config_accessor :oxd_host_ip
-    config_accessor :oxd_host_port
+    config_accessor :oxd_host_port    
     config_accessor :op_host
     config_accessor :client_id
     config_accessor :client_secret
-    config_accessor :application_type
-    config_accessor :prompt
+    config_accessor :client_name
     config_accessor :authorization_redirect_uri
-    config_accessor :post_logout_redirect_uri
-    config_accessor :client_logout_uris
     config_accessor :logout_redirect_uri
+    config_accessor :post_logout_redirect_uri
+    config_accessor :scope
     config_accessor :grant_types
+    config_accessor :application_type
+    config_accessor :response_types
     config_accessor :acr_values
     config_accessor :client_jwks_uri
     config_accessor :client_token_endpoint_auth_method
     config_accessor :client_request_uris
-    config_accessor :scope
-    config_accessor :id_token
     config_accessor :contacts
-    config_accessor :response_types
+    config_accessor :client_logout_uris
+    config_accessor :connection_type
+    config_accessor :oxd_host
+    config_accessor :dynamic_registration
+    config_accessor :prompt
+    config_accessor :id_token
+    config_accessor :refresh_token
     config_accessor :oxd_id
-    config_accessor :rpt
     config_accessor :ticket
+    config_accessor :rpt
+    config_accessor :client_sector_identifier_uri
+    config_accessor :ui_locales
+    config_accessor :claims_locales
+    config_accessor :protection_access_token
 
     # define param_name writer
     def param_name
@@ -92,10 +101,18 @@ module Oxd
   	config.client_jwks_uri = ""
   	config.client_token_endpoint_auth_method = ""
   	config.client_request_uris = []
-  	config.scope = ["openid", "profile","uma_protection","uma_authorization"]
+  	config.scope = ["openid", "profile", "email", "uma_protection","uma_authorization"]
   	config.contacts = ["example-email@gmail.com"]
   	config.response_types = ["code"]
     config.oxd_id = ""
     config.id_token = ""
+    config.client_name = ""
+    config.client_sector_identifier_uri = ""
+    config.ui_locales = []
+    config.claims_locales = []
+    config.protection_access_token = ""
+    config.oxd_host = ""
+    config.dynamic_registration = true
+    config.connection_type = 'local'
   end 
 end