rack-oauth2 2.0.1 → 2.1.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 7574d464d319f64fc1cfd3913d6d773024b697bd55aadece79a0f085e237a5ba
-  data.tar.gz: 9efa49f33b0a29b2eeb54917c60092e5c9fb436e75b3f525cc117fcce1dce81a
+  metadata.gz: cc2833ffc404397f87ef3649c867783f4492cefab8eaceccadf7c18b740cf018
+  data.tar.gz: 8bbf82e5725bbf685681cfa99ada0d6dd0652bbbf741077e240163611f2077f5
 SHA512:
-  metadata.gz: c2b01fad3bbda97b24cd9520137c58aa4ad02e91535d02f5d5d5b1b4846d3ce067148a91f55f321a0cee789c6ec63516960b5550f96262cc2bd9e89a9cc33978
-  data.tar.gz: 53899a188b886011d5c3b96873d3bdab5070b74e09f6770996630335b3fe7cd0665a47dc3d623d4f8b571ef82365984e3329f59161407a5c7b2ca79bfdb3f2b8
+  metadata.gz: d11c97df887b9c0e784d6dc322d61d9e7c9dd20f2e89ae118b2863449bf8bc5658642eb52808facec041a3b6ad64e805e8ee3ac84032567bdf5e13335c8b6337
+  data.tar.gz: fdca45ec17029200d4d743e52614ef4b4ae5b15d5e3248805b69890644e7f2867f387bac50ebd27803bdbead21942efaf6e53de127a7093257c140156ae64327

data/CHANGELOG.md

@@ -1,5 +1,11 @@
 ## [Unreleased]
 
+## [2.0.1] - 2022-10-09
+
+### Fixed
+
+- changes for mTLS on faraday by @nov in https://github.com/nov/rack-oauth2/pull/92
+
 ## [2.0.0] - 2022-10-09
 
 ### Added

data/VERSION

@@ -1 +1 @@
-2.0.1
+2.1.0

data/lib/rack/oauth2/access_token/legacy.rb

@@ -7,7 +7,7 @@ module Rack
           self.expires_in = (
             self.expires_in ||
             attributes[:expires]
-          ).try(:to_i)
+          )&.to_i
         end
 
         def authenticate(request)

data/lib/rack/oauth2/access_token/mtls.rb

@@ -7,8 +7,8 @@ module Rack
         def initialize(attributes = {})
           super
           self.token_type = :bearer
-          httpclient.ssl.client_key = private_key
-          httpclient.ssl.client_cert = certificate
+          http_client.ssl.client_key = private_key
+          http_client.ssl.client_cert = certificate
         end
       end
     end

data/lib/rack/oauth2/access_token.rb

@@ -5,7 +5,7 @@ module Rack
       attr_required :access_token, :token_type
       attr_optional :refresh_token, :expires_in, :scope
       attr_accessor :raw_attributes
-      delegate :get, :patch, :post, :put, :delete, to: :httpclient
+      delegate :get, :patch, :post, :put, :delete, to: :http_client
 
       alias_method :to_s, :access_token
 
@@ -18,8 +18,8 @@ module Rack
         attr_missing!
       end
 
-      def httpclient
-        @httpclient ||= Rack::OAuth2.http_client("#{self.class} (#{VERSION})") do |faraday|
+      def http_client
+        @http_client ||= Rack::OAuth2.http_client("#{self.class} (#{VERSION})") do |faraday|
           Authenticator.new(self).authenticate(faraday)
         end
       end

data/lib/rack/oauth2/client.rb

@@ -68,18 +68,22 @@ module Rack
         @forced_token_type = token_type.to_s
       end
 
-      def access_token!(*args)
-        headers, params, http_client, options = authenticated_context_from(*args)
+      def access_token!(*args, &local_http_config)
+        headers, params, http_client, options = authenticated_context_from(*args, &local_http_config)
         params[:scope] = Array(options.delete(:scope)).join(' ') if options[:scope].present?
         params.merge! @grant.as_json
         params.merge! options
         handle_response do
-          http_client.post(absolute_uri_for(token_endpoint), Util.compact_hash(params), headers)
+          http_client.post(
+            absolute_uri_for(token_endpoint),
+            Util.compact_hash(params),
+            headers
+          )
         end
       end
 
-      def revoke!(*args)
-        headers, params, http_client, options = authenticated_context_from(*args)
+      def revoke!(*args, &local_http_config)
+        headers, params, http_client, options = authenticated_context_from(*args, &local_http_config)
 
         params.merge! case
         when access_token = options.delete(:access_token)
@@ -122,15 +126,15 @@ module Rack
         _endpoint_.to_s
       end
 
-      def authenticated_context_from(*args)
+      def authenticated_context_from(*args, &local_http_config)
         headers, params = {}, {}
-        http_client = Rack::OAuth2.http_client
+        http_client = Rack::OAuth2.http_client(&local_http_config)
 
         # NOTE:
         #  Using Array#extract_options! for backward compatibility.
         #  Until v1.0.5, the first argument was 'client_auth_method' in scalar.
         options = args.extract_options!
-        client_auth_method = args.first || options.delete(:client_auth_method).try(:to_sym) || :basic
+        client_auth_method = args.first || options.delete(:client_auth_method)&.to_sym || :basic
 
         case client_auth_method
         when :basic
@@ -206,7 +210,7 @@ module Rack
 
       def handle_success_response(response)
         token_hash = JSON.parse(response.body).with_indifferent_access
-        case (@forced_token_type || token_hash[:token_type]).try(:downcase)
+        case (@forced_token_type || token_hash[:token_type])&.downcase
         when 'bearer'
           AccessToken::Bearer.new(token_hash)
         when nil

data/lib/rack/oauth2/server/extension/pkce.rb

@@ -27,7 +27,7 @@ module Rack
 
             def verify_code_verifier!(code_challenge, code_challenge_method = :S256)
               if code_verifier.present? || code_challenge.present?
-                case code_challenge_method.try(:to_sym)
+                case code_challenge_method&.to_sym
                 when :S256
                   code_challenge == Util.urlsafe_base64_encode(
                     OpenSSL::Digest::SHA256.digest(code_verifier.to_s)

data/spec/helpers/webmock_helper.rb

@@ -13,7 +13,7 @@ module WebMockHelper
 
   def request_for(method, options = {})
     request = {}
-    params = options.try(:[], :params) || {}
+    params = options&.[](:params) || {}
     case method
     when :post, :put, :delete
       request[:body] = params

data/spec/rack/oauth2/client_spec.rb

@@ -309,6 +309,23 @@ describe Rack::OAuth2::Client do
       end
     end
 
+    context 'local_http_config handling' do
+      it do
+        mock_response(
+          :post,
+          'https://server.example.com/oauth2/token',
+          'tokens/bearer.json',
+          request_header: {
+            'Authorization' => 'Basic Y2xpZW50X2lkOmNsaWVudF9zZWNyZXQ=',
+            'X-Foo' => 'bar'
+          }
+        )
+        client.access_token! do |request|
+          request.headers.merge! 'X-Foo' => 'bar'
+        end
+      end
+    end
+
     context 'when bearer token is given' do
       before do
         client.authorization_code = 'code'
@@ -433,6 +450,28 @@ describe Rack::OAuth2::Client do
   end
 
   describe '#revoke!' do
+    context 'local_http_config handling' do
+      it do
+        mock_response(
+          :post,
+          'https://server.example.com/oauth2/revoke',
+          'blank',
+          status: 200,
+          body: {
+            token: 'access_token',
+            token_type_hint: 'access_token'
+          },
+          request_header: {
+            'Authorization' => 'Basic Y2xpZW50X2lkOmNsaWVudF9zZWNyZXQ=',
+            'X-Foo' => 'bar'
+          }
+        )
+        client.revoke!(access_token: 'access_token') do |request|
+          request.headers.merge! 'X-Foo' => 'bar'
+        end
+      end
+    end
+
     context 'when access_token given' do
       before do
         mock_response(

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: rack-oauth2
 version: !ruby/object:Gem::Version
-  version: 2.0.1
+  version: 2.1.0
 platform: ruby
 authors:
 - nov matake
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2022-10-08 00:00:00.000000000 Z
+date: 2022-10-09 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rack