rack-oauth2 1.2.3 → 1.3.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 04480fc26f087eb6affd5525dde6cb972dbb8d20
4
- data.tar.gz: db1d33ae632ff81ef1f36126406b9a79b01255f3
3
+ metadata.gz: 3156ef7d62d479a2dc6440483abe7b39c85e9821
4
+ data.tar.gz: 790fb2e44712d9f7ec357aa5a1b8046e3ef8e8d6
5
5
  SHA512:
6
- metadata.gz: 498e1786e108f62639602d306c9135f8d04467fd50acd491b634ce9de927a7cd641044f5afda6a360c6510a10942758598dbd20b7d154fd496caff8ff2d141ba
7
- data.tar.gz: cf33d50a7620e484ddccf1571a1e31a8b8af79bdad4f207ef0c00d09dfabb25807757146c1ec32bb788f243ceee06b89548a8c3b9bd430851d88d7dd914a2641
6
+ metadata.gz: 9e371dbbf23d56d48e72c2c6b185667a9b9b2db2cf1094551f05c1d6b655e25944a8fbcd08d64ec2b32d8e820665351687e3a878399cc90490c012f0b2dd8e58
7
+ data.tar.gz: 1d847249e2170350d1d303a16332a01cbe8fb902476dbd097e848d78094b82bbfa178e3d8475543de20024b2d7a1bb820b9bb086e85607366a781ff57c4ae611
data/VERSION CHANGED
@@ -1 +1 @@
1
- 1.2.3
1
+ 1.3.0
@@ -45,6 +45,18 @@ module Rack
45
45
  )
46
46
  end
47
47
 
48
+ def jwt_bearer=(assertion)
49
+ @grant = Grant::JWTBearer.new(
50
+ assertion: assertion
51
+ )
52
+ end
53
+
54
+ def saml2_bearer=(assertion)
55
+ @grant = Grant::SAML2Bearer.new(
56
+ assertion: assertion
57
+ )
58
+ end
59
+
48
60
  def access_token!(*args)
49
61
  headers, params = {}, @grant.as_json
50
62
 
@@ -11,9 +11,13 @@ module Rack
11
11
  attr_missing!
12
12
  end
13
13
 
14
+ def grant_type
15
+ self.class.name.demodulize.underscore.to_sym
16
+ end
17
+
14
18
  def as_json(options = {})
15
19
  (required_attributes + optional_attributes).inject({
16
- grant_type: self.class.name.demodulize.underscore.to_sym
20
+ grant_type: grant_type
17
21
  }) do |hash, key|
18
22
  hash.merge! key => self.send(key)
19
23
  end
@@ -27,3 +31,5 @@ require 'rack/oauth2/client/grant/authorization_code'
27
31
  require 'rack/oauth2/client/grant/password'
28
32
  require 'rack/oauth2/client/grant/client_credentials'
29
33
  require 'rack/oauth2/client/grant/refresh_token'
34
+ require 'rack/oauth2/client/grant/jwt_bearer'
35
+ require 'rack/oauth2/client/grant/saml2_bearer'
@@ -0,0 +1,15 @@
1
+ module Rack
2
+ module OAuth2
3
+ class Client
4
+ class Grant
5
+ class JWTBearer < Grant
6
+ attr_required :assertion
7
+
8
+ def grant_type
9
+ 'urn:ietf:params:oauth:grant-type:jwt-bearer'
10
+ end
11
+ end
12
+ end
13
+ end
14
+ end
15
+ end
@@ -0,0 +1,15 @@
1
+ module Rack
2
+ module OAuth2
3
+ class Client
4
+ class Grant
5
+ class SAML2Bearer < Grant
6
+ attr_required :assertion
7
+
8
+ def grant_type
9
+ 'urn:ietf:params:oauth:grant-type:saml2-bearer'
10
+ end
11
+ end
12
+ end
13
+ end
14
+ end
15
+ end
@@ -23,6 +23,10 @@ module Rack
23
23
  ClientCredentials
24
24
  when 'refresh_token'
25
25
  RefreshToken
26
+ when 'urn:ietf:params:oauth:grant-type:jwt-bearer'
27
+ JWTBearer
28
+ when 'urn:ietf:params:oauth:grant-type:saml2-bearer'
29
+ SAML2Bearer
26
30
  when ''
27
31
  request.attr_missing!
28
32
  else
@@ -80,5 +84,7 @@ require 'rack/oauth2/server/token/authorization_code'
80
84
  require 'rack/oauth2/server/token/password'
81
85
  require 'rack/oauth2/server/token/client_credentials'
82
86
  require 'rack/oauth2/server/token/refresh_token'
87
+ require 'rack/oauth2/server/token/jwt_bearer'
88
+ require 'rack/oauth2/server/token/saml2_bearer'
83
89
  require 'rack/oauth2/server/token/extension'
84
90
  require 'rack/oauth2/server/token/error'
@@ -4,7 +4,7 @@ module Rack
4
4
  class Token
5
5
  module Extension
6
6
  # Define your extension in this namespace and load it explicitly.
7
- # extension/assertion/jwt.rb would be good example for you.
7
+ # extension/assertion/example.rb would be good example for you.
8
8
  end
9
9
  end
10
10
  end
@@ -3,8 +3,8 @@ module Rack
3
3
  module Server
4
4
  class Token
5
5
  module Extension
6
- class JWT < Abstract::Handler
7
- GRANT_TYPE_URN = 'urn:ietf:params:oauth:grant-type:jwt-bearer'
6
+ class Example < Abstract::Handler
7
+ GRANT_TYPE_URN = 'urn:ietf:params:oauth:grant-type:example'
8
8
 
9
9
  class << self
10
10
  def grant_type_for?(grant_type)
@@ -0,0 +1,27 @@
1
+ module Rack
2
+ module OAuth2
3
+ module Server
4
+ class Token
5
+ class JWTBearer < Abstract::Handler
6
+ def call(env)
7
+ @request = Request.new env
8
+ @response = Response.new request
9
+ super
10
+ end
11
+
12
+ class Request < Token::Request
13
+ attr_required :assertion
14
+ attr_optional :client_id
15
+
16
+ def initialize(env)
17
+ super
18
+ @grant_type = 'urn:ietf:params:oauth:grant-type:jwt-bearer'
19
+ @assertion = params['assertion']
20
+ attr_missing!
21
+ end
22
+ end
23
+ end
24
+ end
25
+ end
26
+ end
27
+ end
@@ -0,0 +1,27 @@
1
+ module Rack
2
+ module OAuth2
3
+ module Server
4
+ class Token
5
+ class SAML2Bearer < Abstract::Handler
6
+ def call(env)
7
+ @request = Request.new env
8
+ @response = Response.new request
9
+ super
10
+ end
11
+
12
+ class Request < Token::Request
13
+ attr_required :assertion
14
+ attr_optional :client_id
15
+
16
+ def initialize(env)
17
+ super
18
+ @grant_type = 'urn:ietf:params:oauth:grant-type:saml2-bearer'
19
+ @assertion = params['assertion']
20
+ attr_missing!
21
+ end
22
+ end
23
+ end
24
+ end
25
+ end
26
+ end
27
+ end
@@ -0,0 +1,21 @@
1
+ require 'spec_helper.rb'
2
+
3
+ describe Rack::OAuth2::Client::Grant::JWTBearer do
4
+ let(:grant) { Rack::OAuth2::Client::Grant::JWTBearer }
5
+
6
+ context 'when JWT assertion is given' do
7
+ let :attributes do
8
+ {assertion: 'header.payload.signature'}
9
+ end
10
+ subject { grant.new attributes }
11
+ its(:as_json) do
12
+ should == {grant_type: 'urn:ietf:params:oauth:grant-type:jwt-bearer', assertion: 'header.payload.signature'}
13
+ end
14
+ end
15
+
16
+ context 'otherwise' do
17
+ it do
18
+ expect { grant.new }.to raise_error AttrRequired::AttrMissing
19
+ end
20
+ end
21
+ end
@@ -0,0 +1,21 @@
1
+ require 'spec_helper.rb'
2
+
3
+ describe Rack::OAuth2::Client::Grant::SAML2Bearer do
4
+ let(:grant) { Rack::OAuth2::Client::Grant::SAML2Bearer }
5
+
6
+ context 'when JWT assertion is given' do
7
+ let :attributes do
8
+ {assertion: '<xml>...</xml>'}
9
+ end
10
+ subject { grant.new attributes }
11
+ its(:as_json) do
12
+ should == {grant_type: 'urn:ietf:params:oauth:grant-type:saml2-bearer', assertion: '<xml>...</xml>'}
13
+ end
14
+ end
15
+
16
+ context 'otherwise' do
17
+ it do
18
+ expect { grant.new }.to raise_error AttrRequired::AttrMissing
19
+ end
20
+ end
21
+ end
@@ -0,0 +1,34 @@
1
+ require 'spec_helper.rb'
2
+
3
+ describe Rack::OAuth2::Server::Token::JWTBearer do
4
+ let(:request) { Rack::MockRequest.new app }
5
+ let(:app) do
6
+ Rack::OAuth2::Server::Token.new do |request, response|
7
+ response.access_token = Rack::OAuth2::AccessToken::Bearer.new(access_token: 'access_token')
8
+ end
9
+ end
10
+ let(:params) do
11
+ {
12
+ grant_type: 'urn:ietf:params:oauth:grant-type:jwt-bearer',
13
+ client_id: 'client_id',
14
+ assertion: 'header.payload.signature'
15
+ }
16
+ end
17
+ subject { request.post('/', params: params) }
18
+
19
+ its(:status) { should == 200 }
20
+ its(:content_type) { should == 'application/json' }
21
+ its(:body) { should include '"access_token":"access_token"' }
22
+ its(:body) { should include '"token_type":"bearer"' }
23
+
24
+ context 'when assertion is missing' do
25
+ before do
26
+ params.delete_if do |key, value|
27
+ key == :assertion
28
+ end
29
+ end
30
+ its(:status) { should == 400 }
31
+ its(:content_type) { should == 'application/json' }
32
+ its(:body) { should include '"error":"invalid_request"' }
33
+ end
34
+ end
@@ -0,0 +1,34 @@
1
+ require 'spec_helper.rb'
2
+
3
+ describe Rack::OAuth2::Server::Token::SAML2Bearer do
4
+ let(:request) { Rack::MockRequest.new app }
5
+ let(:app) do
6
+ Rack::OAuth2::Server::Token.new do |request, response|
7
+ response.access_token = Rack::OAuth2::AccessToken::Bearer.new(access_token: 'access_token')
8
+ end
9
+ end
10
+ let(:params) do
11
+ {
12
+ grant_type: 'urn:ietf:params:oauth:grant-type:saml2-bearer',
13
+ client_id: 'client_id',
14
+ assertion: '<xml>...</xml>'
15
+ }
16
+ end
17
+ subject { request.post('/', params: params) }
18
+
19
+ its(:status) { should == 200 }
20
+ its(:content_type) { should == 'application/json' }
21
+ its(:body) { should include '"access_token":"access_token"' }
22
+ its(:body) { should include '"token_type":"bearer"' }
23
+
24
+ context 'when assertion is missing' do
25
+ before do
26
+ params.delete_if do |key, value|
27
+ key == :assertion
28
+ end
29
+ end
30
+ its(:status) { should == 400 }
31
+ its(:content_type) { should == 'application/json' }
32
+ its(:body) { should include '"error":"invalid_request"' }
33
+ end
34
+ end
@@ -103,7 +103,7 @@ describe Rack::OAuth2::Server::Token do
103
103
 
104
104
  describe 'extensibility' do
105
105
  before do
106
- require 'rack/oauth2/server/token/extension/jwt'
106
+ require 'rack/oauth2/server/token/extension/example'
107
107
  end
108
108
 
109
109
  subject { app }
@@ -114,12 +114,12 @@ describe Rack::OAuth2::Server::Token do
114
114
  )
115
115
  end
116
116
  let(:request) { Rack::OAuth2::Server::Token::Request.new env }
117
- its(:extensions) { should == [Rack::OAuth2::Server::Token::Extension::JWT] }
117
+ its(:extensions) { should == [Rack::OAuth2::Server::Token::Extension::Example] }
118
118
 
119
119
  describe 'JWT assertion' do
120
120
  let(:params) do
121
121
  {
122
- grant_type: 'urn:ietf:params:oauth:grant-type:jwt-bearer',
122
+ grant_type: 'urn:ietf:params:oauth:grant-type:example',
123
123
  assertion: 'header.payload.signature'
124
124
  }
125
125
  end
@@ -127,7 +127,7 @@ describe Rack::OAuth2::Server::Token do
127
127
  it do
128
128
  app.send(
129
129
  :grant_type_for, request
130
- ).should == Rack::OAuth2::Server::Token::Extension::JWT
130
+ ).should == Rack::OAuth2::Server::Token::Extension::Example
131
131
  end
132
132
  end
133
133
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: rack-oauth2
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.2.3
4
+ version: 1.3.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - nov matake
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2016-02-04 00:00:00.000000000 Z
11
+ date: 2016-02-16 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: rack
@@ -182,8 +182,10 @@ files:
182
182
  - lib/rack/oauth2/client/grant.rb
183
183
  - lib/rack/oauth2/client/grant/authorization_code.rb
184
184
  - lib/rack/oauth2/client/grant/client_credentials.rb
185
+ - lib/rack/oauth2/client/grant/jwt_bearer.rb
185
186
  - lib/rack/oauth2/client/grant/password.rb
186
187
  - lib/rack/oauth2/client/grant/refresh_token.rb
188
+ - lib/rack/oauth2/client/grant/saml2_bearer.rb
187
189
  - lib/rack/oauth2/debugger.rb
188
190
  - lib/rack/oauth2/debugger/request_filter.rb
189
191
  - lib/rack/oauth2/server.rb
@@ -209,9 +211,11 @@ files:
209
211
  - lib/rack/oauth2/server/token/client_credentials.rb
210
212
  - lib/rack/oauth2/server/token/error.rb
211
213
  - lib/rack/oauth2/server/token/extension.rb
212
- - lib/rack/oauth2/server/token/extension/jwt.rb
214
+ - lib/rack/oauth2/server/token/extension/example.rb
215
+ - lib/rack/oauth2/server/token/jwt_bearer.rb
213
216
  - lib/rack/oauth2/server/token/password.rb
214
217
  - lib/rack/oauth2/server/token/refresh_token.rb
218
+ - lib/rack/oauth2/server/token/saml2_bearer.rb
215
219
  - lib/rack/oauth2/util.rb
216
220
  - rack-oauth2.gemspec
217
221
  - spec/helpers/time.rb
@@ -237,8 +241,10 @@ files:
237
241
  - spec/rack/oauth2/client/error_spec.rb
238
242
  - spec/rack/oauth2/client/grant/authorization_code_spec.rb
239
243
  - spec/rack/oauth2/client/grant/client_credentials_spec.rb
244
+ - spec/rack/oauth2/client/grant/jwt_bearer_spec.rb
240
245
  - spec/rack/oauth2/client/grant/password_spec.rb
241
246
  - spec/rack/oauth2/client/grant/refresh_token_spec.rb
247
+ - spec/rack/oauth2/client/grant/saml2_bearer_spec.rb
242
248
  - spec/rack/oauth2/client_spec.rb
243
249
  - spec/rack/oauth2/debugger/request_filter_spec.rb
244
250
  - spec/rack/oauth2/oauth2_spec.rb
@@ -257,8 +263,10 @@ files:
257
263
  - spec/rack/oauth2/server/token/authorization_code_spec.rb
258
264
  - spec/rack/oauth2/server/token/client_credentials_spec.rb
259
265
  - spec/rack/oauth2/server/token/error_spec.rb
266
+ - spec/rack/oauth2/server/token/jwt_bearer_spec.rb
260
267
  - spec/rack/oauth2/server/token/password_spec.rb
261
268
  - spec/rack/oauth2/server/token/refresh_token_spec.rb
269
+ - spec/rack/oauth2/server/token/saml2_bearer_spec.rb
262
270
  - spec/rack/oauth2/server/token_spec.rb
263
271
  - spec/rack/oauth2/util_spec.rb
264
272
  - spec/spec_helper.rb
@@ -311,8 +319,10 @@ test_files:
311
319
  - spec/rack/oauth2/client/error_spec.rb
312
320
  - spec/rack/oauth2/client/grant/authorization_code_spec.rb
313
321
  - spec/rack/oauth2/client/grant/client_credentials_spec.rb
322
+ - spec/rack/oauth2/client/grant/jwt_bearer_spec.rb
314
323
  - spec/rack/oauth2/client/grant/password_spec.rb
315
324
  - spec/rack/oauth2/client/grant/refresh_token_spec.rb
325
+ - spec/rack/oauth2/client/grant/saml2_bearer_spec.rb
316
326
  - spec/rack/oauth2/client_spec.rb
317
327
  - spec/rack/oauth2/debugger/request_filter_spec.rb
318
328
  - spec/rack/oauth2/oauth2_spec.rb
@@ -331,8 +341,10 @@ test_files:
331
341
  - spec/rack/oauth2/server/token/authorization_code_spec.rb
332
342
  - spec/rack/oauth2/server/token/client_credentials_spec.rb
333
343
  - spec/rack/oauth2/server/token/error_spec.rb
344
+ - spec/rack/oauth2/server/token/jwt_bearer_spec.rb
334
345
  - spec/rack/oauth2/server/token/password_spec.rb
335
346
  - spec/rack/oauth2/server/token/refresh_token_spec.rb
347
+ - spec/rack/oauth2/server/token/saml2_bearer_spec.rb
336
348
  - spec/rack/oauth2/server/token_spec.rb
337
349
  - spec/rack/oauth2/util_spec.rb
338
350
  - spec/spec_helper.rb