rack-oauth2 1.15.0 → 1.16.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/VERSION +1 -1
- data/lib/rack/oauth2/client.rb +2 -2
- data/lib/rack/oauth2/server/token.rb +3 -1
- data/lib/rack/oauth2/util.rb +5 -1
- data/spec/rack/oauth2/server/token/client_credentials_spec.rb +32 -2
- data/spec/rack/oauth2/util_spec.rb +7 -2
- metadata +2 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 656ec18e337c0382c0bc710623e267cfb073c629ba16541451754b72c22c7e43
|
4
|
+
data.tar.gz: 962b029b37278c0dfb59bdb402b8e5b2f0727f081763738afb5bceea2980b5c3
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 2911133e3fcf04274a883cd56808b3c44cd42a8db963fe94f008139d74dcfc727e45304a5bd2dc071d111cf86b95fd5ea1b86d57f72ecbd15bbdb28655a1a000
|
7
|
+
data.tar.gz: 5007ba0f4de30144cf0aa3ac924e5ea8e30246f6ad2d70050992c8ac81a487ae5ce36df507f4aa00be5e1ef8a89685bf0dc965e6bb6e79c3f4baef903d70f45d
|
data/VERSION
CHANGED
@@ -1 +1 @@
|
|
1
|
-
1.
|
1
|
+
1.16.0
|
data/lib/rack/oauth2/client.rb
CHANGED
@@ -84,8 +84,8 @@ module Rack
|
|
84
84
|
case client_auth_method
|
85
85
|
when :basic
|
86
86
|
cred = Base64.strict_encode64 [
|
87
|
-
Util.
|
88
|
-
Util.
|
87
|
+
Util.www_form_url_encode(identifier),
|
88
|
+
Util.www_form_url_encode(secret)
|
89
89
|
].join(':')
|
90
90
|
headers.merge!(
|
91
91
|
'Authorization' => "Basic #{cred}"
|
@@ -49,7 +49,9 @@ module Rack
|
|
49
49
|
def initialize(env)
|
50
50
|
auth = Rack::Auth::Basic::Request.new(env)
|
51
51
|
if auth.provided? && auth.basic?
|
52
|
-
@client_id, @client_secret = auth.credentials
|
52
|
+
@client_id, @client_secret = auth.credentials.map do |cred|
|
53
|
+
Util.www_form_url_decode cred
|
54
|
+
end
|
53
55
|
super
|
54
56
|
else
|
55
57
|
super
|
data/lib/rack/oauth2/util.rb
CHANGED
@@ -8,10 +8,14 @@ module Rack
|
|
8
8
|
URI.encode(text, Regexp.new("[^#{URI::PATTERN::UNRESERVED}]"))
|
9
9
|
end
|
10
10
|
|
11
|
-
def
|
11
|
+
def www_form_url_encode(text)
|
12
12
|
URI.encode_www_form_component(text)
|
13
13
|
end
|
14
14
|
|
15
|
+
def www_form_url_decode(text)
|
16
|
+
URI.decode_www_form_component(text)
|
17
|
+
end
|
18
|
+
|
15
19
|
def base64_encode(text)
|
16
20
|
Base64.encode64(text).delete("\n")
|
17
21
|
end
|
@@ -4,14 +4,19 @@ describe Rack::OAuth2::Server::Token::ClientCredentials do
|
|
4
4
|
let(:request) { Rack::MockRequest.new app }
|
5
5
|
let(:app) do
|
6
6
|
Rack::OAuth2::Server::Token.new do |request, response|
|
7
|
+
unless request.client_id == client_id && request.client_secret == client_secret
|
8
|
+
request.invalid_client!
|
9
|
+
end
|
7
10
|
response.access_token = Rack::OAuth2::AccessToken::Bearer.new(access_token: 'access_token')
|
8
11
|
end
|
9
12
|
end
|
13
|
+
let(:client_id) { 'client_id '}
|
14
|
+
let(:client_secret) { 'client_secret' }
|
10
15
|
let(:params) do
|
11
16
|
{
|
12
17
|
grant_type: 'client_credentials',
|
13
|
-
client_id:
|
14
|
-
client_secret:
|
18
|
+
client_id: client_id,
|
19
|
+
client_secret: client_secret
|
15
20
|
}
|
16
21
|
end
|
17
22
|
subject { request.post('/', params: params) }
|
@@ -20,4 +25,29 @@ describe Rack::OAuth2::Server::Token::ClientCredentials do
|
|
20
25
|
its(:content_type) { should == 'application/json' }
|
21
26
|
its(:body) { should include '"access_token":"access_token"' }
|
22
27
|
its(:body) { should include '"token_type":"bearer"' }
|
28
|
+
|
29
|
+
context 'basic auth' do
|
30
|
+
let(:params) do
|
31
|
+
{ grant_type: 'client_credentials' }
|
32
|
+
end
|
33
|
+
let(:encoded_creds) do
|
34
|
+
Base64.strict_encode64([
|
35
|
+
Rack::OAuth2::Util.www_form_url_encode(client_id),
|
36
|
+
Rack::OAuth2::Util.www_form_url_encode(client_secret)
|
37
|
+
].join(':'))
|
38
|
+
end
|
39
|
+
subject do
|
40
|
+
request.post('/',
|
41
|
+
{params: params, 'HTTP_AUTHORIZATION' => "Basic #{encoded_creds}"})
|
42
|
+
end
|
43
|
+
|
44
|
+
its(:status) { should == 200 }
|
45
|
+
|
46
|
+
context 'compliance with RFC6749 sec 2.3.1' do
|
47
|
+
let(:client_id) { 'client: yes/please!' }
|
48
|
+
let(:client_secret) { 'terrible:secret:of:space' }
|
49
|
+
|
50
|
+
its(:status) { should == 200 }
|
51
|
+
end
|
52
|
+
end
|
23
53
|
end
|
@@ -14,11 +14,16 @@ describe Rack::OAuth2::Util do
|
|
14
14
|
it { should == '%3D%2B%20.-%2F' }
|
15
15
|
end
|
16
16
|
|
17
|
-
describe '.
|
18
|
-
subject { util.
|
17
|
+
describe '.www_form_url_encode' do
|
18
|
+
subject { util.www_form_url_encode '=+ .-/' }
|
19
19
|
it { should == '%3D%2B+.-%2F' }
|
20
20
|
end
|
21
21
|
|
22
|
+
describe '.www_form_urldecode' do
|
23
|
+
subject { util.www_form_url_decode '%3D%2B+.-%2F' }
|
24
|
+
it { should == '=+ .-/' }
|
25
|
+
end
|
26
|
+
|
22
27
|
describe '.base64_encode' do
|
23
28
|
subject { util.base64_encode '=+ .-/' }
|
24
29
|
it { should == 'PSsgLi0v' }
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: rack-oauth2
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.
|
4
|
+
version: 1.16.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- nov matake
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2020-07-
|
11
|
+
date: 2020-07-17 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: rack
|