RubyGems - rack-oauth2 - Versions diffs - 1.15.0 → 1.16.0 - Mend

rack-oauth2 1.15.0 → 1.16.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (8) hide show

checksums.yaml +4 -4
data/VERSION +1 -1
data/lib/rack/oauth2/client.rb +2 -2
data/lib/rack/oauth2/server/token.rb +3 -1
data/lib/rack/oauth2/util.rb +5 -1
data/spec/rack/oauth2/server/token/client_credentials_spec.rb +32 -2
data/spec/rack/oauth2/util_spec.rb +7 -2
metadata +2 -2

checksums.yaml CHANGED

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 8ee0ff28062403c55b1eef050ab55150668cb592edd63785fa61d143529006a5
-  data.tar.gz: d0877d3edb8f91faca58e330db359bbb0a3a0a97ae41c4e6bd9c833114917ee4
+  metadata.gz: 656ec18e337c0382c0bc710623e267cfb073c629ba16541451754b72c22c7e43
+  data.tar.gz: 962b029b37278c0dfb59bdb402b8e5b2f0727f081763738afb5bceea2980b5c3
 SHA512:
-  metadata.gz: bd98e38d80d400e0555d25b4c6ab4df8b38ce7a0213a9daaeb1bdc3f100aaccf14bbd472c180668b7c9a9da7b43c7f9ed35f4837f9ca63ebb1632d390630faf5
-  data.tar.gz: 78bd0dce79bb462929425e5c76ca349c01ac53828b4922bc459c411f74bd9b3cf827889bbb25896936b028b5ddcf15e6ca556ae92eae746842c576b21522c4bd
+  metadata.gz: 2911133e3fcf04274a883cd56808b3c44cd42a8db963fe94f008139d74dcfc727e45304a5bd2dc071d111cf86b95fd5ea1b86d57f72ecbd15bbdb28655a1a000
+  data.tar.gz: 5007ba0f4de30144cf0aa3ac924e5ea8e30246f6ad2d70050992c8ac81a487ae5ce36df507f4aa00be5e1ef8a89685bf0dc965e6bb6e79c3f4baef903d70f45d

data/VERSION CHANGED

	@@ -1 +1 @@
1	- 1.15.0
1	+ 1.16.0

data/lib/rack/oauth2/client.rb CHANGED

@@ -84,8 +84,8 @@ module Rack
         case client_auth_method
         when :basic
           cred = Base64.strict_encode64 [
-            Util.www_form_urlencode(identifier),
-            Util.www_form_urlencode(secret)
+            Util.www_form_url_encode(identifier),
+            Util.www_form_url_encode(secret)
           ].join(':')
           headers.merge!(
             'Authorization' => "Basic #{cred}"

data/lib/rack/oauth2/server/token.rb CHANGED

@@ -49,7 +49,9 @@ module Rack
           def initialize(env)
             auth = Rack::Auth::Basic::Request.new(env)
             if auth.provided? && auth.basic?
-              @client_id, @client_secret = auth.credentials
+              @client_id, @client_secret = auth.credentials.map do |cred|
+                Util.www_form_url_decode cred
+              end
               super
             else
               super

data/lib/rack/oauth2/util.rb CHANGED

@@ -8,10 +8,14 @@ module Rack
           URI.encode(text, Regexp.new("[^#{URI::PATTERN::UNRESERVED}]"))
         end
-        def www_form_urlencode(text)
+        def www_form_url_encode(text)
           URI.encode_www_form_component(text)
         end
+        def www_form_url_decode(text)
+          URI.decode_www_form_component(text)
+        end
         def base64_encode(text)
           Base64.encode64(text).delete("\n")
         end

data/spec/rack/oauth2/server/token/client_credentials_spec.rb CHANGED

@@ -4,14 +4,19 @@ describe Rack::OAuth2::Server::Token::ClientCredentials do
   let(:request) { Rack::MockRequest.new app }
   let(:app) do
     Rack::OAuth2::Server::Token.new do |request, response|
+      unless request.client_id == client_id && request.client_secret == client_secret
+        request.invalid_client!
+      end
       response.access_token = Rack::OAuth2::AccessToken::Bearer.new(access_token: 'access_token')
     end
   end
+  let(:client_id) { 'client_id '}
+  let(:client_secret) { 'client_secret' }
   let(:params) do
     {
       grant_type: 'client_credentials',
-      client_id: 'client_id',
-      client_secret: 'client_secret'
+      client_id: client_id,
+      client_secret: client_secret
     }
   end
   subject { request.post('/', params: params) }
@@ -20,4 +25,29 @@ describe Rack::OAuth2::Server::Token::ClientCredentials do
   its(:content_type) { should == 'application/json' }
   its(:body)         { should include '"access_token":"access_token"' }
   its(:body)         { should include '"token_type":"bearer"' }
+  context 'basic auth' do
+    let(:params) do
+      { grant_type: 'client_credentials' }
+    end
+    let(:encoded_creds) do
+      Base64.strict_encode64([
+        Rack::OAuth2::Util.www_form_url_encode(client_id),
+        Rack::OAuth2::Util.www_form_url_encode(client_secret)
+      ].join(':'))
+    end
+    subject do
+      request.post('/',
+        {params: params, 'HTTP_AUTHORIZATION' => "Basic #{encoded_creds}"})
+    end
+    its(:status)       { should == 200 }
+    context 'compliance with RFC6749 sec 2.3.1' do
+      let(:client_id) { 'client: yes/please!' }
+      let(:client_secret) { 'terrible:secret:of:space' }
+      its(:status)       { should == 200 }
+    end
+  end
 end

data/spec/rack/oauth2/util_spec.rb CHANGED

@@ -14,11 +14,16 @@ describe Rack::OAuth2::Util do
     it { should == '%3D%2B%20.-%2F' }
   end
-  describe '.www_form_urlencode' do
-    subject { util.www_form_urlencode '=+ .-/' }
+  describe '.www_form_url_encode' do
+    subject { util.www_form_url_encode '=+ .-/' }
     it { should == '%3D%2B+.-%2F' }
   end
+  describe '.www_form_urldecode' do
+    subject { util.www_form_url_decode '%3D%2B+.-%2F' }
+    it { should == '=+ .-/' }
+  end
   describe '.base64_encode' do
     subject { util.base64_encode '=+ .-/' }
     it { should == 'PSsgLi0v' }

metadata CHANGED

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: rack-oauth2
 version: !ruby/object:Gem::Version
-  version: 1.15.0
+  version: 1.16.0
 platform: ruby
 authors:
 - nov matake
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2020-07-07 00:00:00.000000000 Z
+date: 2020-07-17 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rack