rack-oauth2 2.0.0 → 2.1.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (12) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +7 -6
  3. data/VERSION +1 -1
  4. data/lib/rack/oauth2/access_token/legacy.rb +1 -1
  5. data/lib/rack/oauth2/access_token/mtls.rb +2 -2
  6. data/lib/rack/oauth2/access_token.rb +3 -3
  7. data/lib/rack/oauth2/client.rb +15 -11
  8. data/lib/rack/oauth2/server/extension/pkce.rb +1 -1
  9. data/lib/rack/oauth2.rb +1 -1
  10. data/spec/helpers/webmock_helper.rb +1 -1
  11. data/spec/rack/oauth2/client_spec.rb +39 -0
  12. metadata +2 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 7ef29bbdc348bb5195d4482e65b58f450085c212d3f1b4ad0045f1196973bacd
4
- data.tar.gz: 51cadd3c2b971bf1399aeaba0957c7acd275c2d1d6409703c8006397b888e649
3
+ metadata.gz: cc2833ffc404397f87ef3649c867783f4492cefab8eaceccadf7c18b740cf018
4
+ data.tar.gz: 8bbf82e5725bbf685681cfa99ada0d6dd0652bbbf741077e240163611f2077f5
5
5
  SHA512:
6
- metadata.gz: a44b88e50ca6b93c4332fe87c2e9c2c35219b64c079218a28c33964f36bc0106788fb6dfaf2ec2e7028a18717c0bdbea86a6f142f94741fb8f4bcf4895a7717a
7
- data.tar.gz: 78509ce82118c157cd5ef8b7d7be261010947f07d0220d44afd34852b7cdeb2a93eacd310cbd36491dfe63d3d395d2af36f293cb313d11c42eadd532ed8d0903
6
+ metadata.gz: d11c97df887b9c0e784d6dc322d61d9e7c9dd20f2e89ae118b2863449bf8bc5658642eb52808facec041a3b6ad64e805e8ee3ac84032567bdf5e13335c8b6337
7
+ data.tar.gz: fdca45ec17029200d4d743e52614ef4b4ae5b15d5e3248805b69890644e7f2867f387bac50ebd27803bdbead21942efaf6e53de127a7093257c140156ae64327
data/CHANGELOG.md CHANGED
@@ -1,13 +1,12 @@
1
1
  ## [Unreleased]
2
2
 
3
- ## [2.0.0.rc3] - 2022-10-09
3
+ ## [2.0.1] - 2022-10-09
4
4
 
5
- ## Changed
5
+ ### Fixed
6
6
 
7
- - make url-encoded the default https://github.com/nov/rack-oauth2/commit/98faf139be4f5bf9ec6134d31f65a298259d8a8b
8
- - let faraday encode params https://github.com/nov/rack-oauth2/commit/f399b3afb8facb3635b8842baee8584bc4d3ce73
7
+ - changes for mTLS on faraday by @nov in https://github.com/nov/rack-oauth2/pull/92
9
8
 
10
- ## [2.0.0.rc2] - 2022-10-09
9
+ ## [2.0.0] - 2022-10-09
11
10
 
12
11
  ### Added
13
12
 
@@ -15,4 +14,6 @@
15
14
 
16
15
  ### Changed
17
16
 
18
- - Switch from httpclient to faraday v2 https://github.com/nov/rack-oauth2/pull/91
17
+ - Switch from httpclient to faraday v2 https://github.com/nov/rack-oauth2/pull/91
18
+ - make url-encoded the default https://github.com/nov/rack-oauth2/commit/98faf139be4f5bf9ec6134d31f65a298259d8a8b
19
+ - let faraday encode params https://github.com/nov/rack-oauth2/commit/f399b3afb8facb3635b8842baee8584bc4d3ce73
data/VERSION CHANGED
@@ -1 +1 @@
1
- 2.0.0
1
+ 2.1.0
data/lib/rack/oauth2/access_token/legacy.rb CHANGED
@@ -7,7 +7,7 @@ module Rack
7
7
  self.expires_in = (
8
8
  self.expires_in ||
9
9
  attributes[:expires]
10
- ).try(:to_i)
10
+ )&.to_i
11
11
  end
12
12
 
13
13
  def authenticate(request)
data/lib/rack/oauth2/access_token/mtls.rb CHANGED
@@ -7,8 +7,8 @@ module Rack
7
7
  def initialize(attributes = {})
8
8
  super
9
9
  self.token_type = :bearer
10
- httpclient.ssl_config.client_key = private_key
11
- httpclient.ssl_config.client_cert = certificate
10
+ http_client.ssl.client_key = private_key
11
+ http_client.ssl.client_cert = certificate
12
12
  end
13
13
  end
14
14
  end
data/lib/rack/oauth2/access_token.rb CHANGED
@@ -5,7 +5,7 @@ module Rack
5
5
  attr_required :access_token, :token_type
6
6
  attr_optional :refresh_token, :expires_in, :scope
7
7
  attr_accessor :raw_attributes
8
- delegate :get, :patch, :post, :put, :delete, to: :httpclient
8
+ delegate :get, :patch, :post, :put, :delete, to: :http_client
9
9
 
10
10
  alias_method :to_s, :access_token
11
11
 
@@ -18,8 +18,8 @@ module Rack
18
18
  attr_missing!
19
19
  end
20
20
 
21
- def httpclient
22
- @httpclient ||= Rack::OAuth2.http_client("#{self.class} (#{VERSION})") do |faraday|
21
+ def http_client
22
+ @http_client ||= Rack::OAuth2.http_client("#{self.class} (#{VERSION})") do |faraday|
23
23
  Authenticator.new(self).authenticate(faraday)
24
24
  end
25
25
  end
data/lib/rack/oauth2/client.rb CHANGED
@@ -68,18 +68,22 @@ module Rack
68
68
  @forced_token_type = token_type.to_s
69
69
  end
70
70
 
71
- def access_token!(*args)
72
- headers, params, http_client, options = authenticated_context_from(*args)
71
+ def access_token!(*args, &local_http_config)
72
+ headers, params, http_client, options = authenticated_context_from(*args, &local_http_config)
73
73
  params[:scope] = Array(options.delete(:scope)).join(' ') if options[:scope].present?
74
74
  params.merge! @grant.as_json
75
75
  params.merge! options
76
76
  handle_response do
77
- http_client.post(absolute_uri_for(token_endpoint), Util.compact_hash(params), headers)
77
+ http_client.post(
78
+ absolute_uri_for(token_endpoint),
79
+ Util.compact_hash(params),
80
+ headers
81
+ )
78
82
  end
79
83
  end
80
84
 
81
- def revoke!(*args)
82
- headers, params, http_client, options = authenticated_context_from(*args)
85
+ def revoke!(*args, &local_http_config)
86
+ headers, params, http_client, options = authenticated_context_from(*args, &local_http_config)
83
87
 
84
88
  params.merge! case
85
89
  when access_token = options.delete(:access_token)
@@ -122,15 +126,15 @@ module Rack
122
126
  _endpoint_.to_s
123
127
  end
124
128
 
125
- def authenticated_context_from(*args)
129
+ def authenticated_context_from(*args, &local_http_config)
126
130
  headers, params = {}, {}
127
- http_client = Rack::OAuth2.http_client
131
+ http_client = Rack::OAuth2.http_client(&local_http_config)
128
132
 
129
133
  # NOTE:
130
134
  # Using Array#extract_options! for backward compatibility.
131
135
  # Until v1.0.5, the first argument was 'client_auth_method' in scalar.
132
136
  options = args.extract_options!
133
- client_auth_method = args.first || options.delete(:client_auth_method).try(:to_sym) || :basic
137
+ client_auth_method = args.first || options.delete(:client_auth_method)&.to_sym || :basic
134
138
 
135
139
  case client_auth_method
136
140
  when :basic
@@ -172,8 +176,8 @@ module Rack
172
176
  params.merge!(
173
177
  client_id: identifier
174
178
  )
175
- http_client.ssl_config.client_key = private_key
176
- http_client.ssl_config.client_cert = certificate
179
+ http_client.ssl.client_key = private_key
180
+ http_client.ssl.client_cert = certificate
177
181
  else
178
182
  params.merge!(
179
183
  client_id: identifier,
@@ -206,7 +210,7 @@ module Rack
206
210
 
207
211
  def handle_success_response(response)
208
212
  token_hash = JSON.parse(response.body).with_indifferent_access
209
- case (@forced_token_type || token_hash[:token_type]).try(:downcase)
213
+ case (@forced_token_type || token_hash[:token_type])&.downcase
210
214
  when 'bearer'
211
215
  AccessToken::Bearer.new(token_hash)
212
216
  when nil
data/lib/rack/oauth2/server/extension/pkce.rb CHANGED
@@ -27,7 +27,7 @@ module Rack
27
27
 
28
28
  def verify_code_verifier!(code_challenge, code_challenge_method = :S256)
29
29
  if code_verifier.present? || code_challenge.present?
30
- case code_challenge_method.try(:to_sym)
30
+ case code_challenge_method&.to_sym
31
31
  when :S256
32
32
  code_challenge == Util.urlsafe_base64_encode(
33
33
  OpenSSL::Digest::SHA256.digest(code_verifier.to_s)
data/lib/rack/oauth2.rb CHANGED
@@ -44,7 +44,7 @@ module Rack
44
44
  Faraday.new(headers: {user_agent: agent_name}) do |faraday|
45
45
  faraday.request :url_encoded
46
46
  faraday.request :json
47
- faraday.response :logger, Rack::OAuth2.logger if debugging?
47
+ faraday.response :logger, Rack::OAuth2.logger, {bodies: true} if debugging?
48
48
  faraday.adapter Faraday.default_adapter
49
49
  local_http_config&.call(faraday)
50
50
  http_config&.call(faraday)
data/spec/helpers/webmock_helper.rb CHANGED
@@ -13,7 +13,7 @@ module WebMockHelper
13
13
 
14
14
  def request_for(method, options = {})
15
15
  request = {}
16
- params = options.try(:[], :params) || {}
16
+ params = options&.[](:params) || {}
17
17
  case method
18
18
  when :post, :put, :delete
19
19
  request[:body] = params
data/spec/rack/oauth2/client_spec.rb CHANGED
@@ -309,6 +309,23 @@ describe Rack::OAuth2::Client do
309
309
  end
310
310
  end
311
311
 
312
+ context 'local_http_config handling' do
313
+ it do
314
+ mock_response(
315
+ :post,
316
+ 'https://server.example.com/oauth2/token',
317
+ 'tokens/bearer.json',
318
+ request_header: {
319
+ 'Authorization' => 'Basic Y2xpZW50X2lkOmNsaWVudF9zZWNyZXQ=',
320
+ 'X-Foo' => 'bar'
321
+ }
322
+ )
323
+ client.access_token! do |request|
324
+ request.headers.merge! 'X-Foo' => 'bar'
325
+ end
326
+ end
327
+ end
328
+
312
329
  context 'when bearer token is given' do
313
330
  before do
314
331
  client.authorization_code = 'code'
@@ -433,6 +450,28 @@ describe Rack::OAuth2::Client do
433
450
  end
434
451
 
435
452
  describe '#revoke!' do
453
+ context 'local_http_config handling' do
454
+ it do
455
+ mock_response(
456
+ :post,
457
+ 'https://server.example.com/oauth2/revoke',
458
+ 'blank',
459
+ status: 200,
460
+ body: {
461
+ token: 'access_token',
462
+ token_type_hint: 'access_token'
463
+ },
464
+ request_header: {
465
+ 'Authorization' => 'Basic Y2xpZW50X2lkOmNsaWVudF9zZWNyZXQ=',
466
+ 'X-Foo' => 'bar'
467
+ }
468
+ )
469
+ client.revoke!(access_token: 'access_token') do |request|
470
+ request.headers.merge! 'X-Foo' => 'bar'
471
+ end
472
+ end
473
+ end
474
+
436
475
  context 'when access_token given' do
437
476
  before do
438
477
  mock_response(
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: rack-oauth2
3
3
  version: !ruby/object:Gem::Version
4
- version: 2.0.0
4
+ version: 2.1.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - nov matake
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2022-10-08 00:00:00.000000000 Z
11
+ date: 2022-10-09 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: rack