RubyGems - rack-oauth2 - Versions diffs - 1.15.0 → 1.16.0 - Mend

rack-oauth2 1.15.0 → 1.16.0

Files changed (8) hide show

checksums.yaml +4 -4
data/VERSION +1 -1
data/lib/rack/oauth2/client.rb +2 -2
data/lib/rack/oauth2/server/token.rb +3 -1
data/lib/rack/oauth2/util.rb +5 -1
data/spec/rack/oauth2/server/token/client_credentials_spec.rb +32 -2
data/spec/rack/oauth2/util_spec.rb +7 -2
metadata +2 -2

checksums.yaml CHANGED

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 8ee0ff28062403c55b1eef050ab55150668cb592edd63785fa61d143529006a5
-  data.tar.gz: d0877d3edb8f91faca58e330db359bbb0a3a0a97ae41c4e6bd9c833114917ee4
+  metadata.gz: 656ec18e337c0382c0bc710623e267cfb073c629ba16541451754b72c22c7e43
+  data.tar.gz: 962b029b37278c0dfb59bdb402b8e5b2f0727f081763738afb5bceea2980b5c3
 SHA512:
-  metadata.gz: bd98e38d80d400e0555d25b4c6ab4df8b38ce7a0213a9daaeb1bdc3f100aaccf14bbd472c180668b7c9a9da7b43c7f9ed35f4837f9ca63ebb1632d390630faf5
-  data.tar.gz: 78bd0dce79bb462929425e5c76ca349c01ac53828b4922bc459c411f74bd9b3cf827889bbb25896936b028b5ddcf15e6ca556ae92eae746842c576b21522c4bd
+  metadata.gz: 2911133e3fcf04274a883cd56808b3c44cd42a8db963fe94f008139d74dcfc727e45304a5bd2dc071d111cf86b95fd5ea1b86d57f72ecbd15bbdb28655a1a000
+  data.tar.gz: 5007ba0f4de30144cf0aa3ac924e5ea8e30246f6ad2d70050992c8ac81a487ae5ce36df507f4aa00be5e1ef8a89685bf0dc965e6bb6e79c3f4baef903d70f45d

data/VERSION CHANGED

	@@ -1 +1 @@
1	- 1.15.0
1	+ 1.16.0

data/lib/rack/oauth2/client.rb CHANGED

@@ -84,8 +84,8 @@ module Rack
         case client_auth_method
         when :basic
           cred = Base64.strict_encode64 [
-            Util.www_form_urlencode(identifier),
-            Util.www_form_urlencode(secret)
+            Util.www_form_url_encode(identifier),
+            Util.www_form_url_encode(secret)
           ].join(':')
           headers.merge!(
             'Authorization' => "Basic #{cred}"

data/lib/rack/oauth2/server/token.rb CHANGED

@@ -49,7 +49,9 @@ module Rack
           def initialize(env)
             auth = Rack::Auth::Basic::Request.new(env)
             if auth.provided? && auth.basic?
-              @client_id, @client_secret = auth.credentials
+              @client_id, @client_secret = auth.credentials.map do |cred|
+                Util.www_form_url_decode cred
+              end
               super
             else
               super

data/lib/rack/oauth2/util.rb CHANGED

@@ -8,10 +8,14 @@ module Rack
           URI.encode(text, Regexp.new("[^#{URI::PATTERN::UNRESERVED}]"))
         end
-        def www_form_urlencode(text)
+        def www_form_url_encode(text)
           URI.encode_www_form_component(text)
         end
+        def www_form_url_decode(text)
+          URI.decode_www_form_component(text)
+        end
         def base64_encode(text)
           Base64.encode64(text).delete("\n")
         end

data/spec/rack/oauth2/server/token/client_credentials_spec.rb CHANGED

@@ -4,14 +4,19 @@ describe Rack::OAuth2::Server::Token::ClientCredentials do
   let(:request) { Rack::MockRequest.new app }
   let(:app) do
     Rack::OAuth2::Server::Token.new do |request, response|
+      unless request.client_id == client_id && request.client_secret == client_secret
+        request.invalid_client!
+      end
       response.access_token = Rack::OAuth2::AccessToken::Bearer.new(access_token: 'access_token')
     end
   end
+  let(:client_id) { 'client_id '}
+  let(:client_secret) { 'client_secret' }
   let(:params) do
     {
       grant_type: 'client_credentials',
-      client_id: 'client_id',
-      client_secret: 'client_secret'
+      client_id: client_id,
+      client_secret: client_secret
     }
   end
   subject { request.post('/', params: params) }
@@ -20,4 +25,29 @@ describe Rack::OAuth2::Server::Token::ClientCredentials do
   its(:content_type) { should == 'application/json' }
   its(:body)         { should include '"access_token":"access_token"' }
   its(:body)         { should include '"token_type":"bearer"' }
+  context 'basic auth' do
+    let(:params) do
+      { grant_type: 'client_credentials' }
+    end
+    let(:encoded_creds) do
+      Base64.strict_encode64([
+        Rack::OAuth2::Util.www_form_url_encode(client_id),
+        Rack::OAuth2::Util.www_form_url_encode(client_secret)
+      ].join(':'))
+    end
+    subject do
+      request.post('/',
+        {params: params, 'HTTP_AUTHORIZATION' => "Basic #{encoded_creds}"})
+    end
+    its(:status)       { should == 200 }
+    context 'compliance with RFC6749 sec 2.3.1' do
+      let(:client_id) { 'client: yes/please!' }
+      let(:client_secret) { 'terrible:secret:of:space' }
+      its(:status)       { should == 200 }
+    end
+  end
 end

data/spec/rack/oauth2/util_spec.rb CHANGED

@@ -14,11 +14,16 @@ describe Rack::OAuth2::Util do
     it { should == '%3D%2B%20.-%2F' }
   end
-  describe '.www_form_urlencode' do
-    subject { util.www_form_urlencode '=+ .-/' }
+  describe '.www_form_url_encode' do
+    subject { util.www_form_url_encode '=+ .-/' }
     it { should == '%3D%2B+.-%2F' }
   end
+  describe '.www_form_urldecode' do
+    subject { util.www_form_url_decode '%3D%2B+.-%2F' }
+    it { should == '=+ .-/' }
+  end
   describe '.base64_encode' do
     subject { util.base64_encode '=+ .-/' }
     it { should == 'PSsgLi0v' }

metadata CHANGED

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: rack-oauth2
 version: !ruby/object:Gem::Version
-  version: 1.15.0
+  version: 1.16.0
 platform: ruby
 authors:
 - nov matake
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2020-07-07 00:00:00.000000000 Z
+date: 2020-07-17 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rack