rack-oauth2 1.12.0 → 2.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (61) hide show
  1. checksums.yaml +4 -4
  2. data/.github/FUNDING.yml +3 -0
  3. data/.github/workflows/spec.yml +32 -0
  4. data/CHANGELOG.md +25 -0
  5. data/README.rdoc +1 -26
  6. data/VERSION +1 -1
  7. data/lib/rack/oauth2/access_token/authenticator.rb +1 -10
  8. data/lib/rack/oauth2/access_token/bearer.rb +1 -1
  9. data/lib/rack/oauth2/access_token/mtls.rb +2 -2
  10. data/lib/rack/oauth2/access_token.rb +4 -6
  11. data/lib/rack/oauth2/client.rb +97 -41
  12. data/lib/rack/oauth2/server/abstract/error.rb +2 -1
  13. data/lib/rack/oauth2/server/extension/pkce.rb +1 -1
  14. data/lib/rack/oauth2/server/rails/response_ext.rb +5 -5
  15. data/lib/rack/oauth2/server/resource/error.rb +4 -4
  16. data/lib/rack/oauth2/server/resource.rb +0 -1
  17. data/lib/rack/oauth2/server/token/error.rb +3 -1
  18. data/lib/rack/oauth2/server/token.rb +16 -5
  19. data/lib/rack/oauth2/urn.rb +3 -3
  20. data/lib/rack/oauth2/util.rb +6 -2
  21. data/lib/rack/oauth2.rb +11 -10
  22. data/rack-oauth2.gemspec +7 -5
  23. data/spec/helpers/webmock_helper.rb +8 -2
  24. data/spec/rack/oauth2/access_token/authenticator_spec.rb +2 -22
  25. data/spec/rack/oauth2/access_token/bearer_spec.rb +2 -2
  26. data/spec/rack/oauth2/access_token_spec.rb +0 -17
  27. data/spec/rack/oauth2/client_spec.rb +173 -75
  28. data/spec/rack/oauth2/oauth2_spec.rb +0 -43
  29. data/spec/rack/oauth2/server/authorize/error_spec.rb +6 -6
  30. data/spec/rack/oauth2/server/resource/bearer/error_spec.rb +2 -2
  31. data/spec/rack/oauth2/server/resource/bearer_spec.rb +9 -9
  32. data/spec/rack/oauth2/server/resource/error_spec.rb +21 -21
  33. data/spec/rack/oauth2/server/token/authorization_code_spec.rb +2 -2
  34. data/spec/rack/oauth2/server/token/client_credentials_spec.rb +32 -2
  35. data/spec/rack/oauth2/server/token/error_spec.rb +8 -8
  36. data/spec/rack/oauth2/server/token_spec.rb +72 -3
  37. data/spec/rack/oauth2/util_spec.rb +8 -3
  38. metadata +47 -51
  39. data/.travis.yml +0 -7
  40. data/lib/rack/oauth2/access_token/legacy.rb +0 -19
  41. data/lib/rack/oauth2/access_token/mac/sha256_hex_verifier.rb +0 -17
  42. data/lib/rack/oauth2/access_token/mac/signature.rb +0 -34
  43. data/lib/rack/oauth2/access_token/mac/verifier.rb +0 -44
  44. data/lib/rack/oauth2/access_token/mac.rb +0 -103
  45. data/lib/rack/oauth2/debugger/request_filter.rb +0 -30
  46. data/lib/rack/oauth2/debugger.rb +0 -3
  47. data/lib/rack/oauth2/server/resource/mac/error.rb +0 -24
  48. data/lib/rack/oauth2/server/resource/mac.rb +0 -36
  49. data/spec/mock_response/tokens/legacy.json +0 -5
  50. data/spec/mock_response/tokens/legacy.txt +0 -1
  51. data/spec/mock_response/tokens/legacy_without_expires_in.txt +0 -1
  52. data/spec/mock_response/tokens/mac.json +0 -8
  53. data/spec/rack/oauth2/access_token/legacy_spec.rb +0 -23
  54. data/spec/rack/oauth2/access_token/mac/sha256_hex_verifier_spec.rb +0 -28
  55. data/spec/rack/oauth2/access_token/mac/signature_spec.rb +0 -59
  56. data/spec/rack/oauth2/access_token/mac/verifier_spec.rb +0 -25
  57. data/spec/rack/oauth2/access_token/mac_spec.rb +0 -141
  58. data/spec/rack/oauth2/debugger/request_filter_spec.rb +0 -33
  59. data/spec/rack/oauth2/server/resource/mac/error_spec.rb +0 -52
  60. data/spec/rack/oauth2/server/resource/mac_spec.rb +0 -119
  61. /data/spec/mock_response/{blank → blank.txt} +0 -0
@@ -22,29 +22,29 @@ describe Rack::OAuth2::Server::Resource::Bearer do
22
22
 
23
23
  shared_examples_for :authenticated_bearer_request do
24
24
  it 'should be authenticated' do
25
- status, header, response = request
25
+ status, headers, response = request
26
26
  status.should == 200
27
27
  access_token.should == bearer_token
28
28
  end
29
29
  end
30
30
  shared_examples_for :unauthorized_bearer_request do
31
31
  it 'should be unauthorized' do
32
- status, header, response = request
32
+ status, headers, response = request
33
33
  status.should == 401
34
- header['WWW-Authenticate'].should include 'Bearer'
34
+ headers['WWW-Authenticate'].should include 'Bearer'
35
35
  access_token.should be_nil
36
36
  end
37
37
  end
38
38
  shared_examples_for :bad_bearer_request do
39
39
  it 'should be bad_request' do
40
- status, header, response = request
40
+ status, headers, response = request
41
41
  status.should == 400
42
42
  access_token.should be_nil
43
43
  end
44
44
  end
45
45
  shared_examples_for :skipped_authentication_request do
46
46
  it 'should skip OAuth 2.0 authentication' do
47
- status, header, response = request
47
+ status, headers, response = request
48
48
  status.should == 200
49
49
  access_token.should be_nil
50
50
  end
@@ -94,15 +94,15 @@ describe Rack::OAuth2::Server::Resource::Bearer do
94
94
  end
95
95
  end
96
96
  it 'should use specified realm' do
97
- status, header, response = request
98
- header['WWW-Authenticate'].should include "Bearer realm=\"#{realm}\""
97
+ status, headers, response = request
98
+ headers['WWW-Authenticate'].should include "Bearer realm=\"#{realm}\""
99
99
  end
100
100
  end
101
101
 
102
102
  context 'otherwize' do
103
103
  it 'should use default realm' do
104
- status, header, response = request
105
- header['WWW-Authenticate'].should include "Bearer realm=\"#{Rack::OAuth2::Server::Resource::Bearer::DEFAULT_REALM}\""
104
+ status, headers, response = request
105
+ headers['WWW-Authenticate'].should include "Bearer realm=\"#{Rack::OAuth2::Server::Resource::Bearer::DEFAULT_REALM}\""
106
106
  end
107
107
  end
108
108
  end
@@ -7,10 +7,10 @@ describe Rack::OAuth2::Server::Resource::BadRequest do
7
7
 
8
8
  describe '#finish' do
9
9
  it 'should respond in JSON' do
10
- status, header, response = error.finish
10
+ status, headers, response = error.finish
11
11
  status.should == 400
12
- header['Content-Type'].should == 'application/json'
13
- response.body.should == ['{"error":"invalid_request"}']
12
+ headers['Content-Type'].should == 'application/json'
13
+ response.should == ['{"error":"invalid_request"}']
14
14
  end
15
15
  end
16
16
  end
@@ -40,20 +40,20 @@ describe Rack::OAuth2::Server::Resource::Unauthorized do
40
40
 
41
41
  describe '#finish' do
42
42
  it 'should respond in JSON' do
43
- status, header, response = error_with_scheme.finish
43
+ status, headers, response = error_with_scheme.finish
44
44
  status.should == 401
45
- header['Content-Type'].should == 'application/json'
46
- header['WWW-Authenticate'].should == "Scheme realm=\"#{realm}\", error=\"invalid_token\""
47
- response.body.should == ['{"error":"invalid_token"}']
45
+ headers['Content-Type'].should == 'application/json'
46
+ headers['WWW-Authenticate'].should == "Scheme realm=\"#{realm}\", error=\"invalid_token\""
47
+ response.should == ['{"error":"invalid_token"}']
48
48
  end
49
49
 
50
50
  context 'when error_code is not invalid_token' do
51
51
  let(:error) { Rack::OAuth2::Server::Resource::Unauthorized.new(:something) }
52
52
 
53
53
  it 'should have error_code in body but not in WWW-Authenticate header' do
54
- status, header, response = error_with_scheme.finish
55
- header['WWW-Authenticate'].should == "Scheme realm=\"#{realm}\""
56
- response.body.first.should include '"error":"something"'
54
+ status, headers, response = error_with_scheme.finish
55
+ headers['WWW-Authenticate'].should == "Scheme realm=\"#{realm}\""
56
+ response.first.should include '"error":"something"'
57
57
  end
58
58
  end
59
59
 
@@ -61,9 +61,9 @@ describe Rack::OAuth2::Server::Resource::Unauthorized do
61
61
  let(:error) { Rack::OAuth2::Server::Resource::Unauthorized.new }
62
62
 
63
63
  it 'should have error_code in body but not in WWW-Authenticate header' do
64
- status, header, response = error_with_scheme.finish
65
- header['WWW-Authenticate'].should == "Scheme realm=\"#{realm}\""
66
- response.body.first.should == '{"error":"unauthorized"}'
64
+ status, headers, response = error_with_scheme.finish
65
+ headers['WWW-Authenticate'].should == "Scheme realm=\"#{realm}\""
66
+ response.first.should == '{"error":"unauthorized"}'
67
67
  end
68
68
  end
69
69
 
@@ -72,9 +72,9 @@ describe Rack::OAuth2::Server::Resource::Unauthorized do
72
72
  let(:error) { Rack::OAuth2::Server::Resource::Bearer::Unauthorized.new(:something, nil, realm: realm) }
73
73
 
74
74
  it 'should use given realm' do
75
- status, header, response = error_with_scheme.finish
76
- header['WWW-Authenticate'].should == "Scheme realm=\"#{realm}\""
77
- response.body.first.should include '"error":"something"'
75
+ status, headers, response = error_with_scheme.finish
76
+ headers['WWW-Authenticate'].should == "Scheme realm=\"#{realm}\""
77
+ response.first.should include '"error":"something"'
78
78
  end
79
79
  end
80
80
  end
@@ -88,10 +88,10 @@ describe Rack::OAuth2::Server::Resource::Forbidden do
88
88
 
89
89
  describe '#finish' do
90
90
  it 'should respond in JSON' do
91
- status, header, response = error.finish
91
+ status, headers, response = error.finish
92
92
  status.should == 403
93
- header['Content-Type'].should == 'application/json'
94
- response.body.should == ['{"error":"insufficient_scope"}']
93
+ headers['Content-Type'].should == 'application/json'
94
+ response.should == ['{"error":"insufficient_scope"}']
95
95
  end
96
96
  end
97
97
 
@@ -99,8 +99,8 @@ describe Rack::OAuth2::Server::Resource::Forbidden do
99
99
  let(:error) { Rack::OAuth2::Server::Resource::Bearer::Forbidden.new(:insufficient_scope, 'Desc', scope: [:scope1, :scope2]) }
100
100
 
101
101
  it 'should have blank WWW-Authenticate header' do
102
- status, header, response = error.finish
103
- response.body.first.should include '"scope":"scope1 scope2"'
102
+ status, headers, response = error.finish
103
+ response.first.should include '"scope":"scope1 scope2"'
104
104
  end
105
105
  end
106
106
  end
@@ -24,8 +24,8 @@ describe Rack::OAuth2::Server::Token::AuthorizationCode do
24
24
  its(:body) { should include '"token_type":"bearer"' }
25
25
 
26
26
  it 'should prevent to be cached' do
27
- response.header['Cache-Control'].should == 'no-store'
28
- response.header['Pragma'].should == 'no-cache'
27
+ response.headers['Cache-Control'].should == 'no-store'
28
+ response.headers['Pragma'].should == 'no-cache'
29
29
  end
30
30
 
31
31
  [:code].each do |required|
@@ -4,14 +4,19 @@ describe Rack::OAuth2::Server::Token::ClientCredentials do
4
4
  let(:request) { Rack::MockRequest.new app }
5
5
  let(:app) do
6
6
  Rack::OAuth2::Server::Token.new do |request, response|
7
+ unless request.client_id == client_id && request.client_secret == client_secret
8
+ request.invalid_client!
9
+ end
7
10
  response.access_token = Rack::OAuth2::AccessToken::Bearer.new(access_token: 'access_token')
8
11
  end
9
12
  end
13
+ let(:client_id) { 'client_id '}
14
+ let(:client_secret) { 'client_secret' }
10
15
  let(:params) do
11
16
  {
12
17
  grant_type: 'client_credentials',
13
- client_id: 'client_id',
14
- client_secret: 'client_secret'
18
+ client_id: client_id,
19
+ client_secret: client_secret
15
20
  }
16
21
  end
17
22
  subject { request.post('/', params: params) }
@@ -20,4 +25,29 @@ describe Rack::OAuth2::Server::Token::ClientCredentials do
20
25
  its(:content_type) { should == 'application/json' }
21
26
  its(:body) { should include '"access_token":"access_token"' }
22
27
  its(:body) { should include '"token_type":"bearer"' }
28
+
29
+ context 'basic auth' do
30
+ let(:params) do
31
+ { grant_type: 'client_credentials' }
32
+ end
33
+ let(:encoded_creds) do
34
+ Base64.strict_encode64([
35
+ Rack::OAuth2::Util.www_form_url_encode(client_id),
36
+ Rack::OAuth2::Util.www_form_url_encode(client_secret)
37
+ ].join(':'))
38
+ end
39
+ subject do
40
+ request.post('/',
41
+ {params: params, 'HTTP_AUTHORIZATION' => "Basic #{encoded_creds}"})
42
+ end
43
+
44
+ its(:status) { should == 200 }
45
+
46
+ context 'compliance with RFC6749 sec 2.3.1' do
47
+ let(:client_id) { 'client: yes/please!' }
48
+ let(:client_secret) { 'terrible:secret:of:space' }
49
+
50
+ its(:status) { should == 200 }
51
+ end
52
+ end
23
53
  end
@@ -7,10 +7,10 @@ describe Rack::OAuth2::Server::Token::BadRequest do
7
7
 
8
8
  describe '#finish' do
9
9
  it 'should respond in JSON' do
10
- status, header, response = error.finish
10
+ status, headers, response = error.finish
11
11
  status.should == 400
12
- header['Content-Type'].should == 'application/json'
13
- response.body.should == ['{"error":"invalid_request"}']
12
+ headers['Content-Type'].should == 'application/json'
13
+ response.should == ['{"error":"invalid_request"}']
14
14
  end
15
15
  end
16
16
  end
@@ -22,11 +22,11 @@ describe Rack::OAuth2::Server::Token::Unauthorized do
22
22
 
23
23
  describe '#finish' do
24
24
  it 'should respond in JSON' do
25
- status, header, response = error.finish
25
+ status, headers, response = error.finish
26
26
  status.should == 401
27
- header['Content-Type'].should == 'application/json'
28
- header['WWW-Authenticate'].should == 'Basic realm="OAuth2 Token Endpoint"'
29
- response.body.should == ['{"error":"invalid_request"}']
27
+ headers['Content-Type'].should == 'application/json'
28
+ headers['WWW-Authenticate'].should == 'Basic realm="OAuth2 Token Endpoint"'
29
+ response.should == ['{"error":"invalid_request"}']
30
30
  end
31
31
  end
32
32
  end
@@ -74,4 +74,4 @@ describe Rack::OAuth2::Server::Token::ErrorMethods do
74
74
  end
75
75
  end
76
76
  end
77
- end
77
+ end
@@ -28,9 +28,9 @@ describe Rack::OAuth2::Server::Token do
28
28
  )
29
29
  end
30
30
  it 'should fail with unsupported_grant_type' do
31
- status, header, response = app.call(env)
31
+ status, headers, response = app.call(env)
32
32
  status.should == 400
33
- response.body.first.should include '"error":"invalid_request"'
33
+ response.first.should include '"error":"invalid_request"'
34
34
  end
35
35
  end
36
36
 
@@ -43,7 +43,7 @@ describe Rack::OAuth2::Server::Token do
43
43
  )
44
44
  end
45
45
  it 'should ignore duplicates' do
46
- status, header, response = app.call(env)
46
+ status, headers, response = app.call(env)
47
47
  status.should == 200
48
48
  end
49
49
  end
@@ -71,6 +71,60 @@ describe Rack::OAuth2::Server::Token do
71
71
  end
72
72
  end
73
73
 
74
+ context 'when client_id is given via JWT client assertion' do
75
+ before do
76
+ require 'json/jwt'
77
+ params[:client_assertion] = JSON::JWT.new(
78
+ sub: params[:client_id]
79
+ # NOTE: actual client_assertion should have more claims.
80
+ ).sign('client_secret').to_s
81
+ params[:client_assertion_type] = Rack::OAuth2::URN::ClientAssertionType::JWT_BEARER
82
+ params.delete(:client_id)
83
+ end
84
+
85
+ context 'when client_assertion is invalid JWT' do
86
+ before do
87
+ params[:client_assertion] = 'invalid-jwt'
88
+ end
89
+ its(:status) { should == 400 }
90
+ its(:content_type) { should == 'application/json' }
91
+ its(:body) { should include '"error":"invalid_request"' }
92
+ end
93
+
94
+ context 'when client_assertion_type is missing' do
95
+ before do
96
+ params.delete(:client_assertion_type)
97
+ end
98
+ its(:status) { should == 400 }
99
+ its(:content_type) { should == 'application/json' }
100
+ its(:body) { should include '"error":"invalid_request"' }
101
+ end
102
+
103
+ context 'when client_assertion_type is unknown' do
104
+ before do
105
+ params[:client_assertion_type] = 'unknown'
106
+ end
107
+ its(:status) { should == 400 }
108
+ its(:content_type) { should == 'application/json' }
109
+ its(:body) { should include '"error":"invalid_request"' }
110
+ end
111
+
112
+ context 'when client_assertion issuer is different from client_id' do
113
+ before do
114
+ params[:client_id] = 'another_client_id'
115
+ end
116
+ its(:status) { should == 400 }
117
+ its(:content_type) { should == 'application/json' }
118
+ its(:body) { should include '"error":"invalid_request"' }
119
+ end
120
+
121
+ context 'otherwise' do
122
+ its(:status) { should == 200 }
123
+ its(:content_type) { should == 'application/json' }
124
+ its(:body) { should include '"access_token":"access_token"' }
125
+ end
126
+ end
127
+
74
128
  Rack::OAuth2::Server::Token::ErrorMethods::DEFAULT_DESCRIPTION.each do |error, default_message|
75
129
  status = if error == :invalid_client
76
130
  401
@@ -87,7 +141,22 @@ describe Rack::OAuth2::Server::Token do
87
141
  its(:content_type) { should == 'application/json' }
88
142
  its(:body) { should include "\"error\":\"#{error}\"" }
89
143
  its(:body) { should include "\"error_description\":\"#{default_message}\"" }
144
+ if error == :invalid_client
145
+ its(:headers) { should include 'WWW-Authenticate' }
146
+ end
147
+ end
148
+ end
149
+
150
+ context 'when skip_www_authenticate option is specified on invalid_client' do
151
+ let(:app) do
152
+ Rack::OAuth2::Server::Token.new do |request, response|
153
+ request.invalid_client!(
154
+ Rack::OAuth2::Server::Token::ErrorMethods::DEFAULT_DESCRIPTION[:invalid_client],
155
+ skip_www_authenticate: true
156
+ )
157
+ end
90
158
  end
159
+ its(:headers) { should_not include 'WWW-Authenticate' }
91
160
  end
92
161
 
93
162
  context 'when responding' do
@@ -9,9 +9,14 @@ describe Rack::OAuth2::Util do
9
9
  'http://client.example.com/callback'
10
10
  end
11
11
 
12
- describe '.rfc3986_encode' do
13
- subject { util.rfc3986_encode '=+ .-/' }
14
- it { should == '%3D%2B%20.-%2F' }
12
+ describe '.www_form_url_encode' do
13
+ subject { util.www_form_url_encode '=+ .-/' }
14
+ it { should == '%3D%2B+.-%2F' }
15
+ end
16
+
17
+ describe '.www_form_urldecode' do
18
+ subject { util.www_form_url_decode '%3D%2B+.-%2F' }
19
+ it { should == '=+ .-/' }
15
20
  end
16
21
 
17
22
  describe '.base64_encode' do
metadata CHANGED
@@ -1,31 +1,45 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: rack-oauth2
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.12.0
4
+ version: 2.2.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - nov matake
8
- autorequire:
8
+ autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2020-03-25 00:00:00.000000000 Z
11
+ date: 2022-10-11 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: rack
15
15
  requirement: !ruby/object:Gem::Requirement
16
16
  requirements:
17
- - - "<"
17
+ - - ">="
18
+ - !ruby/object:Gem::Version
19
+ version: 2.1.0
20
+ type: :runtime
21
+ prerelease: false
22
+ version_requirements: !ruby/object:Gem::Requirement
23
+ requirements:
24
+ - - ">="
25
+ - !ruby/object:Gem::Version
26
+ version: 2.1.0
27
+ - !ruby/object:Gem::Dependency
28
+ name: faraday
29
+ requirement: !ruby/object:Gem::Requirement
30
+ requirements:
31
+ - - "~>"
18
32
  - !ruby/object:Gem::Version
19
- version: '2.1'
33
+ version: '2.0'
20
34
  type: :runtime
21
35
  prerelease: false
22
36
  version_requirements: !ruby/object:Gem::Requirement
23
37
  requirements:
24
- - - "<"
38
+ - - "~>"
25
39
  - !ruby/object:Gem::Version
26
- version: '2.1'
40
+ version: '2.0'
27
41
  - !ruby/object:Gem::Dependency
28
- name: httpclient
42
+ name: faraday-follow_redirects
29
43
  requirement: !ruby/object:Gem::Requirement
30
44
  requirements:
31
45
  - - ">="
@@ -150,8 +164,21 @@ dependencies:
150
164
  - - ">="
151
165
  - !ruby/object:Gem::Version
152
166
  version: '0'
153
- description: OAuth 2.0 Server & Client Library. Both Bearer and MAC token type are
154
- supported.
167
+ - !ruby/object:Gem::Dependency
168
+ name: rexml
169
+ requirement: !ruby/object:Gem::Requirement
170
+ requirements:
171
+ - - ">="
172
+ - !ruby/object:Gem::Version
173
+ version: '0'
174
+ type: :development
175
+ prerelease: false
176
+ version_requirements: !ruby/object:Gem::Requirement
177
+ requirements:
178
+ - - ">="
179
+ - !ruby/object:Gem::Version
180
+ version: '0'
181
+ description: OAuth 2.0 Server & Client Library. Both Bearer token type are supported.
155
182
  email: nov@matake.jp
156
183
  executables: []
157
184
  extensions: []
@@ -160,9 +187,11 @@ extra_rdoc_files:
160
187
  - README.rdoc
161
188
  files:
162
189
  - ".document"
190
+ - ".github/FUNDING.yml"
191
+ - ".github/workflows/spec.yml"
163
192
  - ".gitignore"
164
193
  - ".rspec"
165
- - ".travis.yml"
194
+ - CHANGELOG.md
166
195
  - Gemfile
167
196
  - LICENSE
168
197
  - README.rdoc
@@ -172,11 +201,6 @@ files:
172
201
  - lib/rack/oauth2/access_token.rb
173
202
  - lib/rack/oauth2/access_token/authenticator.rb
174
203
  - lib/rack/oauth2/access_token/bearer.rb
175
- - lib/rack/oauth2/access_token/legacy.rb
176
- - lib/rack/oauth2/access_token/mac.rb
177
- - lib/rack/oauth2/access_token/mac/sha256_hex_verifier.rb
178
- - lib/rack/oauth2/access_token/mac/signature.rb
179
- - lib/rack/oauth2/access_token/mac/verifier.rb
180
204
  - lib/rack/oauth2/access_token/mtls.rb
181
205
  - lib/rack/oauth2/client.rb
182
206
  - lib/rack/oauth2/client/error.rb
@@ -188,8 +212,6 @@ files:
188
212
  - lib/rack/oauth2/client/grant/refresh_token.rb
189
213
  - lib/rack/oauth2/client/grant/saml2_bearer.rb
190
214
  - lib/rack/oauth2/client/grant/token_exchange.rb
191
- - lib/rack/oauth2/debugger.rb
192
- - lib/rack/oauth2/debugger/request_filter.rb
193
215
  - lib/rack/oauth2/server.rb
194
216
  - lib/rack/oauth2/server/abstract.rb
195
217
  - lib/rack/oauth2/server/abstract/error.rb
@@ -212,8 +234,6 @@ files:
212
234
  - lib/rack/oauth2/server/resource/bearer.rb
213
235
  - lib/rack/oauth2/server/resource/bearer/error.rb
214
236
  - lib/rack/oauth2/server/resource/error.rb
215
- - lib/rack/oauth2/server/resource/mac.rb
216
- - lib/rack/oauth2/server/resource/mac/error.rb
217
237
  - lib/rack/oauth2/server/token.rb
218
238
  - lib/rack/oauth2/server/token/authorization_code.rb
219
239
  - lib/rack/oauth2/server/token/client_credentials.rb
@@ -229,23 +249,14 @@ files:
229
249
  - rack-oauth2.gemspec
230
250
  - spec/helpers/time.rb
231
251
  - spec/helpers/webmock_helper.rb
232
- - spec/mock_response/blank
252
+ - spec/mock_response/blank.txt
233
253
  - spec/mock_response/errors/invalid_request.json
234
254
  - spec/mock_response/resources/fake.txt
235
255
  - spec/mock_response/tokens/_Bearer.json
236
256
  - spec/mock_response/tokens/bearer.json
237
- - spec/mock_response/tokens/legacy.json
238
- - spec/mock_response/tokens/legacy.txt
239
- - spec/mock_response/tokens/legacy_without_expires_in.txt
240
- - spec/mock_response/tokens/mac.json
241
257
  - spec/mock_response/tokens/unknown.json
242
258
  - spec/rack/oauth2/access_token/authenticator_spec.rb
243
259
  - spec/rack/oauth2/access_token/bearer_spec.rb
244
- - spec/rack/oauth2/access_token/legacy_spec.rb
245
- - spec/rack/oauth2/access_token/mac/sha256_hex_verifier_spec.rb
246
- - spec/rack/oauth2/access_token/mac/signature_spec.rb
247
- - spec/rack/oauth2/access_token/mac/verifier_spec.rb
248
- - spec/rack/oauth2/access_token/mac_spec.rb
249
260
  - spec/rack/oauth2/access_token_spec.rb
250
261
  - spec/rack/oauth2/client/error_spec.rb
251
262
  - spec/rack/oauth2/client/grant/authorization_code_spec.rb
@@ -255,7 +266,6 @@ files:
255
266
  - spec/rack/oauth2/client/grant/refresh_token_spec.rb
256
267
  - spec/rack/oauth2/client/grant/saml2_bearer_spec.rb
257
268
  - spec/rack/oauth2/client_spec.rb
258
- - spec/rack/oauth2/debugger/request_filter_spec.rb
259
269
  - spec/rack/oauth2/oauth2_spec.rb
260
270
  - spec/rack/oauth2/server/abstract/error_spec.rb
261
271
  - spec/rack/oauth2/server/authorize/code_spec.rb
@@ -268,8 +278,6 @@ files:
268
278
  - spec/rack/oauth2/server/resource/bearer/error_spec.rb
269
279
  - spec/rack/oauth2/server/resource/bearer_spec.rb
270
280
  - spec/rack/oauth2/server/resource/error_spec.rb
271
- - spec/rack/oauth2/server/resource/mac/error_spec.rb
272
- - spec/rack/oauth2/server/resource/mac_spec.rb
273
281
  - spec/rack/oauth2/server/resource_spec.rb
274
282
  - spec/rack/oauth2/server/token/authorization_code_spec.rb
275
283
  - spec/rack/oauth2/server/token/client_credentials_spec.rb
@@ -281,11 +289,11 @@ files:
281
289
  - spec/rack/oauth2/server/token_spec.rb
282
290
  - spec/rack/oauth2/util_spec.rb
283
291
  - spec/spec_helper.rb
284
- homepage: http://github.com/nov/rack-oauth2
292
+ homepage: https://github.com/nov/rack-oauth2
285
293
  licenses:
286
294
  - MIT
287
295
  metadata: {}
288
- post_install_message:
296
+ post_install_message:
289
297
  rdoc_options:
290
298
  - "--charset=UTF-8"
291
299
  require_paths:
@@ -301,30 +309,21 @@ required_rubygems_version: !ruby/object:Gem::Requirement
301
309
  - !ruby/object:Gem::Version
302
310
  version: '0'
303
311
  requirements: []
304
- rubygems_version: 3.0.3
305
- signing_key:
312
+ rubygems_version: 3.3.7
313
+ signing_key:
306
314
  specification_version: 4
307
- summary: OAuth 2.0 Server & Client Library - Both Bearer and MAC token type are supported
315
+ summary: OAuth 2.0 Server & Client Library - Both Bearer token type are supported
308
316
  test_files:
309
317
  - spec/helpers/time.rb
310
318
  - spec/helpers/webmock_helper.rb
311
- - spec/mock_response/blank
319
+ - spec/mock_response/blank.txt
312
320
  - spec/mock_response/errors/invalid_request.json
313
321
  - spec/mock_response/resources/fake.txt
314
322
  - spec/mock_response/tokens/_Bearer.json
315
323
  - spec/mock_response/tokens/bearer.json
316
- - spec/mock_response/tokens/legacy.json
317
- - spec/mock_response/tokens/legacy.txt
318
- - spec/mock_response/tokens/legacy_without_expires_in.txt
319
- - spec/mock_response/tokens/mac.json
320
324
  - spec/mock_response/tokens/unknown.json
321
325
  - spec/rack/oauth2/access_token/authenticator_spec.rb
322
326
  - spec/rack/oauth2/access_token/bearer_spec.rb
323
- - spec/rack/oauth2/access_token/legacy_spec.rb
324
- - spec/rack/oauth2/access_token/mac/sha256_hex_verifier_spec.rb
325
- - spec/rack/oauth2/access_token/mac/signature_spec.rb
326
- - spec/rack/oauth2/access_token/mac/verifier_spec.rb
327
- - spec/rack/oauth2/access_token/mac_spec.rb
328
327
  - spec/rack/oauth2/access_token_spec.rb
329
328
  - spec/rack/oauth2/client/error_spec.rb
330
329
  - spec/rack/oauth2/client/grant/authorization_code_spec.rb
@@ -334,7 +333,6 @@ test_files:
334
333
  - spec/rack/oauth2/client/grant/refresh_token_spec.rb
335
334
  - spec/rack/oauth2/client/grant/saml2_bearer_spec.rb
336
335
  - spec/rack/oauth2/client_spec.rb
337
- - spec/rack/oauth2/debugger/request_filter_spec.rb
338
336
  - spec/rack/oauth2/oauth2_spec.rb
339
337
  - spec/rack/oauth2/server/abstract/error_spec.rb
340
338
  - spec/rack/oauth2/server/authorize/code_spec.rb
@@ -347,8 +345,6 @@ test_files:
347
345
  - spec/rack/oauth2/server/resource/bearer/error_spec.rb
348
346
  - spec/rack/oauth2/server/resource/bearer_spec.rb
349
347
  - spec/rack/oauth2/server/resource/error_spec.rb
350
- - spec/rack/oauth2/server/resource/mac/error_spec.rb
351
- - spec/rack/oauth2/server/resource/mac_spec.rb
352
348
  - spec/rack/oauth2/server/resource_spec.rb
353
349
  - spec/rack/oauth2/server/token/authorization_code_spec.rb
354
350
  - spec/rack/oauth2/server/token/client_credentials_spec.rb
data/.travis.yml DELETED
@@ -1,7 +0,0 @@
1
- before_install:
2
- - gem install bundler
3
-
4
- rvm:
5
- - 2.3.6
6
- - 2.4.3
7
- - 2.5.0
@@ -1,19 +0,0 @@
1
- module Rack
2
- module OAuth2
3
- class AccessToken
4
- class Legacy < AccessToken
5
- def initialize(attributes = {})
6
- super
7
- self.expires_in = (
8
- self.expires_in ||
9
- attributes[:expires]
10
- ).try(:to_i)
11
- end
12
-
13
- def authenticate(request)
14
- request.header["Authorization"] = "OAuth #{access_token}"
15
- end
16
- end
17
- end
18
- end
19
- end
@@ -1,17 +0,0 @@
1
- module Rack
2
- module OAuth2
3
- class AccessToken
4
- class MAC
5
- class Sha256HexVerifier < Verifier
6
- attr_optional :raw_body
7
-
8
- def calculate
9
- return nil unless raw_body.present?
10
-
11
- OpenSSL::Digest::SHA256.new.digest(raw_body).unpack('H*').first
12
- end
13
- end
14
- end
15
- end
16
- end
17
- end