rack-oauth2 1.19.0 → 1.21.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (8) hide show
  1. checksums.yaml +4 -4
  2. data/.github/FUNDING.yml +3 -0
  3. data/.travis.yml +1 -1
  4. data/VERSION +1 -1
  5. data/lib/rack/oauth2/client.rb +75 -24
  6. data/rack-oauth2.gemspec +2 -1
  7. data/spec/rack/oauth2/client_spec.rb +3 -1
  8. metadata +19 -4
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: de77a3afabd5ae9ec958c5799970a99a5576cb727b27c80020d1199c986f25f1
4
- data.tar.gz: 6225a40427c3bb882890f5d6e54407b1a80bd56f5b74f4278122678a2206ae29
3
+ metadata.gz: ea660f2b5d5093f50fc789662f642f06ab591bf544250fea42d78a9849215384
4
+ data.tar.gz: 1e5ae55d569b7206ce78315439f249b8a4fbf9d0f6c64381de52d9d71f1441e7
5
5
  SHA512:
6
- metadata.gz: ce7ecffd6ee6aae2296c2d20a1353bfb96cdee665b1d06961859f2e3e1922822cb481e3791d7fefc6a53644ce6d150f7ec6eb63880b6112e66b0a9cd64f27fdf
7
- data.tar.gz: 80c3816f4a0e1649c2f7f268fbde3583eb435c2978e155de963f9354cf6e2330778c22b80e15757a592042b800a5cf1fca9466557735aef3d90a59b77db2fd2b
6
+ metadata.gz: dab28eaa8890caaecab687bf022e3ecef01388c06ba10af2afb78e61db87f16c8a5b84935fbac2c0b83be08a092ebf981c8efca19c3f5c322c5bb17926127b20
7
+ data.tar.gz: 231a74d20f2a5635255686c58451b1045fabbb072c6fb971d8a39149444d68a6e48a06fdf87146632fbcd815b988c6bff1a5802f8499b3f8e580756a95fecaf2
data/.github/FUNDING.yml ADDED
@@ -0,0 +1,3 @@
1
+ # These are supported funding model platforms
2
+
3
+ github: nov
data/.travis.yml CHANGED
@@ -5,4 +5,4 @@ rvm:
5
5
  - 2.5.8
6
6
  - 2.6.6
7
7
  - 2.7.2
8
- - 3.0.0
8
+ - 3.0.2
data/VERSION CHANGED
@@ -1 +1 @@
1
- 1.19.0
1
+ 1.21.0
data/lib/rack/oauth2/client.rb CHANGED
@@ -3,7 +3,7 @@ module Rack
3
3
  class Client
4
4
  include AttrRequired, AttrOptional
5
5
  attr_required :identifier
6
- attr_optional :secret, :private_key, :certificate, :redirect_uri, :scheme, :host, :port, :authorization_endpoint, :token_endpoint
6
+ attr_optional :secret, :private_key, :certificate, :redirect_uri, :scheme, :host, :port, :authorization_endpoint, :token_endpoint, :revocation_endpoint
7
7
 
8
8
  def initialize(attributes = {})
9
9
  (required_attributes + optional_attributes).each do |key|
@@ -69,7 +69,65 @@ module Rack
69
69
  end
70
70
 
71
71
  def access_token!(*args)
72
- headers, params = {}, @grant.as_json
72
+ headers, params, http_client, options = authenticated_context_from(*args)
73
+ params[:scope] = Array(options.delete(:scope)).join(' ') if options[:scope].present?
74
+ params.merge! @grant.as_json
75
+ params.merge! options
76
+ handle_response do
77
+ http_client.post(
78
+ absolute_uri_for(token_endpoint),
79
+ Util.compact_hash(params),
80
+ headers
81
+ )
82
+ end
83
+ end
84
+
85
+ def revoke!(*args)
86
+ headers, params, http_client, options = authenticated_context_from(*args)
87
+
88
+ params.merge! case
89
+ when access_token = options.delete(:access_token)
90
+ {
91
+ token: access_token,
92
+ token_type_hint: :access_token
93
+ }
94
+ when refresh_token = options.delete(:refresh_token)
95
+ {
96
+ token: refresh_token,
97
+ token_type_hint: :refresh_token
98
+ }
99
+ when @grant.is_a?(Grant::RefreshToken)
100
+ {
101
+ token: @grant.refresh_token,
102
+ token_type_hint: :refresh_token
103
+ }
104
+ when options[:token].blank?
105
+ raise AttrRequired::AttrMissing, 'One of "token", "access_token" and "refresh_token" is required'
106
+ end
107
+ params.merge! options
108
+
109
+ handle_revocation_response do
110
+ http_client.post(
111
+ absolute_uri_for(revocation_endpoint),
112
+ Util.compact_hash(params),
113
+ headers
114
+ )
115
+ end
116
+ end
117
+
118
+ private
119
+
120
+ def absolute_uri_for(endpoint)
121
+ _endpoint_ = Util.parse_uri endpoint
122
+ _endpoint_.scheme ||= self.scheme || 'https'
123
+ _endpoint_.host ||= self.host
124
+ _endpoint_.port ||= self.port
125
+ raise 'No Host Info' unless _endpoint_.host
126
+ _endpoint_.to_s
127
+ end
128
+
129
+ def authenticated_context_from(*args)
130
+ headers, params = {}, {}
73
131
  http_client = Rack::OAuth2.http_client
74
132
 
75
133
  # NOTE:
@@ -78,9 +136,6 @@ module Rack
78
136
  options = args.extract_options!
79
137
  client_auth_method = args.first || options.delete(:client_auth_method).try(:to_sym) || :basic
80
138
 
81
- params[:scope] = Array(options.delete(:scope)).join(' ') if options[:scope].present?
82
- params.merge! options
83
-
84
139
  case client_auth_method
85
140
  when :basic
86
141
  cred = Base64.strict_encode64 [
@@ -100,9 +155,11 @@ module Rack
100
155
  client_assertion_type: URN::ClientAssertionType::JWT_BEARER
101
156
  )
102
157
  # NOTE: optionally auto-generate client_assertion.
103
- if params[:client_assertion].blank?
158
+ params[:client_assertion] = if options[:client_assertion].present?
159
+ options.delete(:client_assertion)
160
+ else
104
161
  require 'json/jwt'
105
- params[:client_assertion] = JSON::JWT.new(
162
+ JSON::JWT.new(
106
163
  iss: identifier,
107
164
  sub: identifier,
108
165
  aud: absolute_uri_for(token_endpoint),
@@ -127,24 +184,8 @@ module Rack
127
184
  client_secret: secret
128
185
  )
129
186
  end
130
- handle_response do
131
- http_client.post(
132
- absolute_uri_for(token_endpoint),
133
- Util.compact_hash(params),
134
- headers
135
- )
136
- end
137
- end
138
-
139
- private
140
187
 
141
- def absolute_uri_for(endpoint)
142
- _endpoint_ = Util.parse_uri endpoint
143
- _endpoint_.scheme ||= self.scheme || 'https'
144
- _endpoint_.host ||= self.host
145
- _endpoint_.port ||= self.port
146
- raise 'No Host Info' unless _endpoint_.host
147
- _endpoint_.to_s
188
+ [headers, params, http_client, options]
148
189
  end
149
190
 
150
191
  def handle_response
@@ -157,6 +198,16 @@ module Rack
157
198
  end
158
199
  end
159
200
 
201
+ def handle_revocation_response
202
+ response = yield
203
+ case response.status
204
+ when 200..201
205
+ :success
206
+ else
207
+ handle_error_response handle_error_response
208
+ end
209
+ end
210
+
160
211
  def handle_success_response(response)
161
212
  token_hash = JSON.parse(response.body).with_indifferent_access
162
213
  case (@forced_token_type || token_hash[:token_type]).try(:downcase)
data/rack-oauth2.gemspec CHANGED
@@ -7,7 +7,7 @@ Gem::Specification.new do |s|
7
7
  s.email = 'nov@matake.jp'
8
8
  s.extra_rdoc_files = ['LICENSE', 'README.rdoc']
9
9
  s.rdoc_options = ['--charset=UTF-8']
10
- s.homepage = 'http://github.com/nov/rack-oauth2'
10
+ s.homepage = 'https://github.com/nov/rack-oauth2'
11
11
  s.license = 'MIT'
12
12
  s.require_paths = ['lib']
13
13
  s.executables = `git ls-files -- bin/*`.split("\n").map{ |f| File.basename(f) }
@@ -23,4 +23,5 @@ Gem::Specification.new do |s|
23
23
  s.add_development_dependency 'rspec'
24
24
  s.add_development_dependency 'rspec-its'
25
25
  s.add_development_dependency 'webmock'
26
+ s.add_development_dependency 'rexml'
26
27
  end
data/spec/rack/oauth2/client_spec.rb CHANGED
@@ -8,7 +8,8 @@ describe Rack::OAuth2::Client do
8
8
  identifier: client_id,
9
9
  secret: client_secret,
10
10
  host: 'server.example.com',
11
- redirect_uri: 'https://client.example.com/callback'
11
+ redirect_uri: 'https://client.example.com/callback',
12
+ revocation_endpoint: '/oauth2/revoke'
12
13
  )
13
14
  end
14
15
  subject { client }
@@ -17,6 +18,7 @@ describe Rack::OAuth2::Client do
17
18
  its(:secret) { should == 'client_secret' }
18
19
  its(:authorization_endpoint) { should == '/oauth2/authorize' }
19
20
  its(:token_endpoint) { should == '/oauth2/token' }
21
+ its(:revocation_endpoint) { should == '/oauth2/revoke' }
20
22
 
21
23
  context 'when identifier is missing' do
22
24
  it do
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: rack-oauth2
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.19.0
4
+ version: 1.21.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - nov matake
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2021-10-01 00:00:00.000000000 Z
11
+ date: 2022-07-12 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: rack
@@ -150,6 +150,20 @@ dependencies:
150
150
  - - ">="
151
151
  - !ruby/object:Gem::Version
152
152
  version: '0'
153
+ - !ruby/object:Gem::Dependency
154
+ name: rexml
155
+ requirement: !ruby/object:Gem::Requirement
156
+ requirements:
157
+ - - ">="
158
+ - !ruby/object:Gem::Version
159
+ version: '0'
160
+ type: :development
161
+ prerelease: false
162
+ version_requirements: !ruby/object:Gem::Requirement
163
+ requirements:
164
+ - - ">="
165
+ - !ruby/object:Gem::Version
166
+ version: '0'
153
167
  description: OAuth 2.0 Server & Client Library. Both Bearer and MAC token type are
154
168
  supported.
155
169
  email: nov@matake.jp
@@ -160,6 +174,7 @@ extra_rdoc_files:
160
174
  - README.rdoc
161
175
  files:
162
176
  - ".document"
177
+ - ".github/FUNDING.yml"
163
178
  - ".gitignore"
164
179
  - ".rspec"
165
180
  - ".travis.yml"
@@ -281,7 +296,7 @@ files:
281
296
  - spec/rack/oauth2/server/token_spec.rb
282
297
  - spec/rack/oauth2/util_spec.rb
283
298
  - spec/spec_helper.rb
284
- homepage: http://github.com/nov/rack-oauth2
299
+ homepage: https://github.com/nov/rack-oauth2
285
300
  licenses:
286
301
  - MIT
287
302
  metadata: {}
@@ -301,7 +316,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
301
316
  - !ruby/object:Gem::Version
302
317
  version: '0'
303
318
  requirements: []
304
- rubygems_version: 3.1.4
319
+ rubygems_version: 3.1.6
305
320
  signing_key:
306
321
  specification_version: 4
307
322
  summary: OAuth 2.0 Server & Client Library - Both Bearer and MAC token type are supported