RubyGems - rack-oauth2 - Versions diffs - 1.16.0 → 1.17.0 - Diffend - OSS supply chain security and management platform

rack-oauth2 1.16.0 → 1.17.0

Files changed (8) hide show

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 656ec18e337c0382c0bc710623e267cfb073c629ba16541451754b72c22c7e43
-  data.tar.gz: 962b029b37278c0dfb59bdb402b8e5b2f0727f081763738afb5bceea2980b5c3
+  metadata.gz: 5ea33651fcefd142210b8b6c275eb6a3c6096274796ef3070a5fa87da18433a6
+  data.tar.gz: 284e253fbefbe51cc1d645ec348584160c6f4363251f908ea536d1796b3444e5
 SHA512:
-  metadata.gz: 2911133e3fcf04274a883cd56808b3c44cd42a8db963fe94f008139d74dcfc727e45304a5bd2dc071d111cf86b95fd5ea1b86d57f72ecbd15bbdb28655a1a000
-  data.tar.gz: 5007ba0f4de30144cf0aa3ac924e5ea8e30246f6ad2d70050992c8ac81a487ae5ce36df507f4aa00be5e1ef8a89685bf0dc965e6bb6e79c3f4baef903d70f45d
+  metadata.gz: ae2c8ced737f24a116a0b484d745477e8e4b03732e5a7147428e4d63fee61518ca43a705020817b09311ac030267e1b55ab072f421b26a90292482945c9b3bd3
+  data.tar.gz: 2e70af95a0040f956e3de8d918d50c3322107f68cb7a5af25a9987cac914c40d6453202e97e42395bf1707e78b65987f0b059b9c77bf3421070ee6f51a2dddd3

data/.travis.yml CHANGED Viewed

@@ -4,4 +4,5 @@ before_install:
 rvm:
   - 2.5.8
   - 2.6.6
-  - 2.7.1
+  - 2.7.2
+  - 3.0.0

data/VERSION CHANGED Viewed

data/lib/rack/oauth2/client.rb CHANGED Viewed

@@ -90,6 +90,11 @@ module Rack
           headers.merge!(
             'Authorization' => "Basic #{cred}"
           )
+        when :basic_without_www_form_urlencode
+          cred = ["#{identifier}:#{secret}"].pack('m').tr("\n", '')
+          headers.merge!(
+            'Authorization' => "Basic #{cred}"
+          )
         when :jwt_bearer
           params.merge!(
             client_assertion_type: URN::ClientAssertionType::JWT_BEARER

data/lib/rack/oauth2/util.rb CHANGED Viewed

@@ -4,10 +4,6 @@ module Rack
   module OAuth2
     module Util
       class << self
-        def rfc3986_encode(text)
-          URI.encode(text, Regexp.new("[^#{URI::PATTERN::UNRESERVED}]"))
-        end
         def www_form_url_encode(text)
           URI.encode_www_form_component(text)
         end

data/spec/rack/oauth2/client_spec.rb CHANGED Viewed

@@ -117,6 +117,24 @@ describe Rack::OAuth2::Client do
           end
         end
+        context 'when basic_without_www_form_urlencode method is used' do
+          context 'when client_id is a url' do
+             let(:client_id) { 'https://client.example.com'}
+             it 'should be encoded in "application/x-www-form-urlencoded"' do
+               mock_response(
+                 :post,
+                 'https://server.example.com/oauth2/token',
+                 'tokens/bearer.json',
+                 request_header: {
+                   'Authorization' => 'Basic aHR0cHM6Ly9jbGllbnQuZXhhbXBsZS5jb206Y2xpZW50X3NlY3JldA=='
+                 }
+               )
+               client.access_token! :basic_without_www_form_urlencode
+             end
+           end
+        end
         context 'when jwt_bearer auth method specified' do
           context 'when client_secret is given' do
             it 'should be JWT bearer client assertion w/ auto-generated HS256-signed JWT assertion' do

data/spec/rack/oauth2/util_spec.rb CHANGED Viewed

@@ -9,11 +9,6 @@ describe Rack::OAuth2::Util do
     'http://client.example.com/callback'
   end
-  describe '.rfc3986_encode' do
-    subject { util.rfc3986_encode '=+ .-/' }
-    it { should == '%3D%2B%20.-%2F' }
-  end
   describe '.www_form_url_encode' do
     subject { util.www_form_url_encode '=+ .-/' }
     it { should == '%3D%2B+.-%2F' }

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: rack-oauth2
 version: !ruby/object:Gem::Version
-  version: 1.16.0
+  version: 1.17.0
 platform: ruby
 authors:
 - nov matake
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2020-07-17 00:00:00.000000000 Z
+date: 2021-05-26 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rack