rack-oauth2 1.20.0 → 1.21.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: bdcd25b6561ff3da4a222efbf541e17ef6aa4a75d08f97cd978ce9d28e8b5dfa
-  data.tar.gz: 48aabb016042ebbe28e302f608e16a4d6f9526cc29977540a5feb255acfd931b
+  metadata.gz: ea660f2b5d5093f50fc789662f642f06ab591bf544250fea42d78a9849215384
+  data.tar.gz: 1e5ae55d569b7206ce78315439f249b8a4fbf9d0f6c64381de52d9d71f1441e7
 SHA512:
-  metadata.gz: 7ba0fcc8364bd006eab83c4fcfa62325d6146407e27d79cd8e6e35dddf83e1b2d0ffb0efeeaf14d7e53d109cec26f0b8a4f66e5bb44eec4d93d9118d02fed686
-  data.tar.gz: 3fe2d26a2368b3f9e8c2cf3efb13452c13ac0fbf4ab9f6f1a5ac9b9a8154845c7fe684cd9f4f52522d9e6f772c48f0d21f5c0c1a30f737591dd98129fca1782f
+  metadata.gz: dab28eaa8890caaecab687bf022e3ecef01388c06ba10af2afb78e61db87f16c8a5b84935fbac2c0b83be08a092ebf981c8efca19c3f5c322c5bb17926127b20
+  data.tar.gz: 231a74d20f2a5635255686c58451b1045fabbb072c6fb971d8a39149444d68a6e48a06fdf87146632fbcd815b988c6bff1a5802f8499b3f8e580756a95fecaf2

data/VERSION

@@ -1 +1 @@
-1.20.0
+1.21.0

data/lib/rack/oauth2/client.rb

@@ -69,7 +69,65 @@ module Rack
       end
 
       def access_token!(*args)
-        headers, params = {}, @grant.as_json
+        headers, params, http_client, options = authenticated_context_from(*args)
+        params[:scope] = Array(options.delete(:scope)).join(' ') if options[:scope].present?
+        params.merge! @grant.as_json
+        params.merge! options
+        handle_response do
+          http_client.post(
+            absolute_uri_for(token_endpoint),
+            Util.compact_hash(params),
+            headers
+          )
+        end
+      end
+
+      def revoke!(*args)
+        headers, params, http_client, options = authenticated_context_from(*args)
+
+        params.merge! case
+        when access_token = options.delete(:access_token)
+          {
+            token: access_token,
+            token_type_hint: :access_token
+          }
+        when refresh_token = options.delete(:refresh_token)
+          {
+            token: refresh_token,
+            token_type_hint: :refresh_token
+          }
+        when @grant.is_a?(Grant::RefreshToken)
+          {
+            token: @grant.refresh_token,
+            token_type_hint: :refresh_token
+          }
+        when options[:token].blank?
+          raise AttrRequired::AttrMissing, 'One of "token", "access_token" and "refresh_token" is required'
+        end
+        params.merge! options
+
+        handle_revocation_response do
+          http_client.post(
+            absolute_uri_for(revocation_endpoint),
+            Util.compact_hash(params),
+            headers
+          )
+        end
+      end
+
+      private
+
+      def absolute_uri_for(endpoint)
+        _endpoint_ = Util.parse_uri endpoint
+        _endpoint_.scheme ||= self.scheme || 'https'
+        _endpoint_.host ||= self.host
+        _endpoint_.port ||= self.port
+        raise 'No Host Info' unless _endpoint_.host
+        _endpoint_.to_s
+      end
+
+      def authenticated_context_from(*args)
+        headers, params = {}, {}
         http_client = Rack::OAuth2.http_client
 
         # NOTE:
@@ -78,9 +136,6 @@ module Rack
         options = args.extract_options!
         client_auth_method = args.first || options.delete(:client_auth_method).try(:to_sym) || :basic
 
-        params[:scope] = Array(options.delete(:scope)).join(' ') if options[:scope].present?
-        params.merge! options
-
         case client_auth_method
         when :basic
           cred = Base64.strict_encode64 [
@@ -100,9 +155,11 @@ module Rack
             client_assertion_type: URN::ClientAssertionType::JWT_BEARER
           )
           # NOTE: optionally auto-generate client_assertion.
-          if params[:client_assertion].blank?
+          params[:client_assertion] = if options[:client_assertion].present?
+            options.delete(:client_assertion)
+          else
             require 'json/jwt'
-            params[:client_assertion] = JSON::JWT.new(
+            JSON::JWT.new(
               iss: identifier,
               sub: identifier,
               aud: absolute_uri_for(token_endpoint),
@@ -127,24 +184,8 @@ module Rack
             client_secret: secret
           )
         end
-        handle_response do
-          http_client.post(
-            absolute_uri_for(token_endpoint),
-            Util.compact_hash(params),
-            headers
-          )
-        end
-      end
-
-      private
 
-      def absolute_uri_for(endpoint)
-        _endpoint_ = Util.parse_uri endpoint
-        _endpoint_.scheme ||= self.scheme || 'https'
-        _endpoint_.host ||= self.host
-        _endpoint_.port ||= self.port
-        raise 'No Host Info' unless _endpoint_.host
-        _endpoint_.to_s
+        [headers, params, http_client, options]
       end
 
       def handle_response
@@ -157,6 +198,16 @@ module Rack
         end
       end
 
+      def handle_revocation_response
+        response = yield
+        case response.status
+        when 200..201
+          :success
+        else
+          handle_error_response handle_error_response
+        end
+      end
+
       def handle_success_response(response)
         token_hash = JSON.parse(response.body).with_indifferent_access
         case (@forced_token_type || token_hash[:token_type]).try(:downcase)

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: rack-oauth2
 version: !ruby/object:Gem::Version
-  version: 1.20.0
+  version: 1.21.0
 platform: ruby
 authors:
 - nov matake
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2022-07-11 00:00:00.000000000 Z
+date: 2022-07-12 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rack