rack-oauth2 1.2.3 → 1.3.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 04480fc26f087eb6affd5525dde6cb972dbb8d20
-  data.tar.gz: db1d33ae632ff81ef1f36126406b9a79b01255f3
+  metadata.gz: 3156ef7d62d479a2dc6440483abe7b39c85e9821
+  data.tar.gz: 790fb2e44712d9f7ec357aa5a1b8046e3ef8e8d6
 SHA512:
-  metadata.gz: 498e1786e108f62639602d306c9135f8d04467fd50acd491b634ce9de927a7cd641044f5afda6a360c6510a10942758598dbd20b7d154fd496caff8ff2d141ba
-  data.tar.gz: cf33d50a7620e484ddccf1571a1e31a8b8af79bdad4f207ef0c00d09dfabb25807757146c1ec32bb788f243ceee06b89548a8c3b9bd430851d88d7dd914a2641
+  metadata.gz: 9e371dbbf23d56d48e72c2c6b185667a9b9b2db2cf1094551f05c1d6b655e25944a8fbcd08d64ec2b32d8e820665351687e3a878399cc90490c012f0b2dd8e58
+  data.tar.gz: 1d847249e2170350d1d303a16332a01cbe8fb902476dbd097e848d78094b82bbfa178e3d8475543de20024b2d7a1bb820b9bb086e85607366a781ff57c4ae611

data/VERSION

@@ -1 +1 @@
-1.2.3
+1.3.0

data/lib/rack/oauth2/client.rb

@@ -45,6 +45,18 @@ module Rack
         )
       end
 
+      def jwt_bearer=(assertion)
+        @grant = Grant::JWTBearer.new(
+          assertion: assertion
+        )
+      end
+
+      def saml2_bearer=(assertion)
+        @grant = Grant::SAML2Bearer.new(
+          assertion: assertion
+        )
+      end
+
       def access_token!(*args)
         headers, params = {}, @grant.as_json
 

data/lib/rack/oauth2/client/grant.rb

@@ -11,9 +11,13 @@ module Rack
           attr_missing!
         end
 
+        def grant_type
+          self.class.name.demodulize.underscore.to_sym
+        end
+
         def as_json(options = {})
           (required_attributes + optional_attributes).inject({
-            grant_type: self.class.name.demodulize.underscore.to_sym
+            grant_type: grant_type
           }) do |hash, key|
             hash.merge! key => self.send(key)
           end
@@ -27,3 +31,5 @@ require 'rack/oauth2/client/grant/authorization_code'
 require 'rack/oauth2/client/grant/password'
 require 'rack/oauth2/client/grant/client_credentials'
 require 'rack/oauth2/client/grant/refresh_token'
+require 'rack/oauth2/client/grant/jwt_bearer'
+require 'rack/oauth2/client/grant/saml2_bearer'

data/lib/rack/oauth2/client/grant/jwt_bearer.rb

@@ -0,0 +1,15 @@
+module Rack
+  module OAuth2
+    class Client
+      class Grant
+        class JWTBearer < Grant
+          attr_required :assertion
+
+          def grant_type
+            'urn:ietf:params:oauth:grant-type:jwt-bearer'
+          end
+        end
+      end
+    end
+  end
+end

data/lib/rack/oauth2/client/grant/saml2_bearer.rb

@@ -0,0 +1,15 @@
+module Rack
+  module OAuth2
+    class Client
+      class Grant
+        class SAML2Bearer < Grant
+          attr_required :assertion
+
+          def grant_type
+            'urn:ietf:params:oauth:grant-type:saml2-bearer'
+          end
+        end
+      end
+    end
+  end
+end

data/lib/rack/oauth2/server/token.rb

@@ -23,6 +23,10 @@ module Rack
             ClientCredentials
           when 'refresh_token'
             RefreshToken
+          when 'urn:ietf:params:oauth:grant-type:jwt-bearer'
+            JWTBearer
+          when 'urn:ietf:params:oauth:grant-type:saml2-bearer'
+            SAML2Bearer
           when ''
             request.attr_missing!
           else
@@ -80,5 +84,7 @@ require 'rack/oauth2/server/token/authorization_code'
 require 'rack/oauth2/server/token/password'
 require 'rack/oauth2/server/token/client_credentials'
 require 'rack/oauth2/server/token/refresh_token'
+require 'rack/oauth2/server/token/jwt_bearer'
+require 'rack/oauth2/server/token/saml2_bearer'
 require 'rack/oauth2/server/token/extension'
 require 'rack/oauth2/server/token/error'

data/lib/rack/oauth2/server/token/extension.rb

@@ -4,7 +4,7 @@ module Rack
       class Token
         module Extension
           # Define your extension in this namespace and load it explicitly.
-          # extension/assertion/jwt.rb would be good example for you.
+          # extension/assertion/example.rb would be good example for you.
         end
       end
     end

data/lib/rack/oauth2/server/token/extension/{jwt.rb → example.rb}

@@ -3,8 +3,8 @@ module Rack
     module Server
       class Token
         module Extension
-          class JWT < Abstract::Handler
-            GRANT_TYPE_URN = 'urn:ietf:params:oauth:grant-type:jwt-bearer'
+          class Example < Abstract::Handler
+            GRANT_TYPE_URN = 'urn:ietf:params:oauth:grant-type:example'
 
             class << self
               def grant_type_for?(grant_type)

data/lib/rack/oauth2/server/token/jwt_bearer.rb

@@ -0,0 +1,27 @@
+module Rack
+  module OAuth2
+    module Server
+      class Token
+        class JWTBearer < Abstract::Handler
+          def call(env)
+            @request  = Request.new env
+            @response = Response.new request
+            super
+          end
+
+          class Request < Token::Request
+            attr_required :assertion
+            attr_optional :client_id
+
+            def initialize(env)
+              super
+              @grant_type = 'urn:ietf:params:oauth:grant-type:jwt-bearer'
+              @assertion = params['assertion']
+              attr_missing!
+            end
+          end
+        end
+      end
+    end
+  end
+end

data/lib/rack/oauth2/server/token/saml2_bearer.rb

@@ -0,0 +1,27 @@
+module Rack
+  module OAuth2
+    module Server
+      class Token
+        class SAML2Bearer < Abstract::Handler
+          def call(env)
+            @request  = Request.new env
+            @response = Response.new request
+            super
+          end
+
+          class Request < Token::Request
+            attr_required :assertion
+            attr_optional :client_id
+
+            def initialize(env)
+              super
+              @grant_type = 'urn:ietf:params:oauth:grant-type:saml2-bearer'
+              @assertion = params['assertion']
+              attr_missing!
+            end
+          end
+        end
+      end
+    end
+  end
+end

data/spec/rack/oauth2/client/grant/jwt_bearer_spec.rb

@@ -0,0 +1,21 @@
+require 'spec_helper.rb'
+
+describe Rack::OAuth2::Client::Grant::JWTBearer do
+  let(:grant) { Rack::OAuth2::Client::Grant::JWTBearer }
+
+  context 'when JWT assertion is given' do
+    let :attributes do
+      {assertion: 'header.payload.signature'}
+    end
+    subject { grant.new attributes }
+    its(:as_json) do
+      should == {grant_type: 'urn:ietf:params:oauth:grant-type:jwt-bearer', assertion: 'header.payload.signature'}
+    end
+  end
+
+  context 'otherwise' do
+    it do
+      expect { grant.new }.to raise_error AttrRequired::AttrMissing
+    end
+  end
+end

data/spec/rack/oauth2/client/grant/saml2_bearer_spec.rb

@@ -0,0 +1,21 @@
+require 'spec_helper.rb'
+
+describe Rack::OAuth2::Client::Grant::SAML2Bearer do
+  let(:grant) { Rack::OAuth2::Client::Grant::SAML2Bearer }
+
+  context 'when JWT assertion is given' do
+    let :attributes do
+      {assertion: '<xml>...</xml>'}
+    end
+    subject { grant.new attributes }
+    its(:as_json) do
+      should == {grant_type: 'urn:ietf:params:oauth:grant-type:saml2-bearer', assertion: '<xml>...</xml>'}
+    end
+  end
+
+  context 'otherwise' do
+    it do
+      expect { grant.new }.to raise_error AttrRequired::AttrMissing
+    end
+  end
+end

data/spec/rack/oauth2/server/token/jwt_bearer_spec.rb

@@ -0,0 +1,34 @@
+require 'spec_helper.rb'
+
+describe Rack::OAuth2::Server::Token::JWTBearer do
+  let(:request) { Rack::MockRequest.new app }
+  let(:app) do
+    Rack::OAuth2::Server::Token.new do |request, response|
+      response.access_token = Rack::OAuth2::AccessToken::Bearer.new(access_token: 'access_token')
+    end
+  end
+  let(:params) do
+    {
+      grant_type: 'urn:ietf:params:oauth:grant-type:jwt-bearer',
+      client_id: 'client_id',
+      assertion: 'header.payload.signature'
+    }
+  end
+  subject { request.post('/', params: params) }
+
+  its(:status)       { should == 200 }
+  its(:content_type) { should == 'application/json' }
+  its(:body)         { should include '"access_token":"access_token"' }
+  its(:body)         { should include '"token_type":"bearer"' }
+
+  context 'when assertion is missing' do
+    before do
+      params.delete_if do |key, value|
+        key == :assertion
+      end
+    end
+    its(:status)       { should == 400 }
+    its(:content_type) { should == 'application/json' }
+    its(:body)         { should include '"error":"invalid_request"' }
+  end
+end

data/spec/rack/oauth2/server/token/saml2_bearer_spec.rb

@@ -0,0 +1,34 @@
+require 'spec_helper.rb'
+
+describe Rack::OAuth2::Server::Token::SAML2Bearer do
+  let(:request) { Rack::MockRequest.new app }
+  let(:app) do
+    Rack::OAuth2::Server::Token.new do |request, response|
+      response.access_token = Rack::OAuth2::AccessToken::Bearer.new(access_token: 'access_token')
+    end
+  end
+  let(:params) do
+    {
+      grant_type: 'urn:ietf:params:oauth:grant-type:saml2-bearer',
+      client_id: 'client_id',
+      assertion: '<xml>...</xml>'
+    }
+  end
+  subject { request.post('/', params: params) }
+
+  its(:status)       { should == 200 }
+  its(:content_type) { should == 'application/json' }
+  its(:body)         { should include '"access_token":"access_token"' }
+  its(:body)         { should include '"token_type":"bearer"' }
+
+  context 'when assertion is missing' do
+    before do
+      params.delete_if do |key, value|
+        key == :assertion
+      end
+    end
+    its(:status)       { should == 400 }
+    its(:content_type) { should == 'application/json' }
+    its(:body)         { should include '"error":"invalid_request"' }
+  end
+end

data/spec/rack/oauth2/server/token_spec.rb

@@ -103,7 +103,7 @@ describe Rack::OAuth2::Server::Token do
 
   describe 'extensibility' do
     before do
-      require 'rack/oauth2/server/token/extension/jwt'
+      require 'rack/oauth2/server/token/extension/example'
     end
 
     subject { app }
@@ -114,12 +114,12 @@ describe Rack::OAuth2::Server::Token do
       )
     end
     let(:request) { Rack::OAuth2::Server::Token::Request.new env }
-    its(:extensions) { should == [Rack::OAuth2::Server::Token::Extension::JWT] }
+    its(:extensions) { should == [Rack::OAuth2::Server::Token::Extension::Example] }
 
     describe 'JWT assertion' do
       let(:params) do
         {
-          grant_type: 'urn:ietf:params:oauth:grant-type:jwt-bearer',
+          grant_type: 'urn:ietf:params:oauth:grant-type:example',
           assertion: 'header.payload.signature'
         }
       end
@@ -127,7 +127,7 @@ describe Rack::OAuth2::Server::Token do
       it do
         app.send(
           :grant_type_for, request
-        ).should == Rack::OAuth2::Server::Token::Extension::JWT
+        ).should == Rack::OAuth2::Server::Token::Extension::Example
       end
     end
   end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: rack-oauth2
 version: !ruby/object:Gem::Version
-  version: 1.2.3
+  version: 1.3.0
 platform: ruby
 authors:
 - nov matake
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2016-02-04 00:00:00.000000000 Z
+date: 2016-02-16 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rack
@@ -182,8 +182,10 @@ files:
 - lib/rack/oauth2/client/grant.rb
 - lib/rack/oauth2/client/grant/authorization_code.rb
 - lib/rack/oauth2/client/grant/client_credentials.rb
+- lib/rack/oauth2/client/grant/jwt_bearer.rb
 - lib/rack/oauth2/client/grant/password.rb
 - lib/rack/oauth2/client/grant/refresh_token.rb
+- lib/rack/oauth2/client/grant/saml2_bearer.rb
 - lib/rack/oauth2/debugger.rb
 - lib/rack/oauth2/debugger/request_filter.rb
 - lib/rack/oauth2/server.rb
@@ -209,9 +211,11 @@ files:
 - lib/rack/oauth2/server/token/client_credentials.rb
 - lib/rack/oauth2/server/token/error.rb
 - lib/rack/oauth2/server/token/extension.rb
-- lib/rack/oauth2/server/token/extension/jwt.rb
+- lib/rack/oauth2/server/token/extension/example.rb
+- lib/rack/oauth2/server/token/jwt_bearer.rb
 - lib/rack/oauth2/server/token/password.rb
 - lib/rack/oauth2/server/token/refresh_token.rb
+- lib/rack/oauth2/server/token/saml2_bearer.rb
 - lib/rack/oauth2/util.rb
 - rack-oauth2.gemspec
 - spec/helpers/time.rb
@@ -237,8 +241,10 @@ files:
 - spec/rack/oauth2/client/error_spec.rb
 - spec/rack/oauth2/client/grant/authorization_code_spec.rb
 - spec/rack/oauth2/client/grant/client_credentials_spec.rb
+- spec/rack/oauth2/client/grant/jwt_bearer_spec.rb
 - spec/rack/oauth2/client/grant/password_spec.rb
 - spec/rack/oauth2/client/grant/refresh_token_spec.rb
+- spec/rack/oauth2/client/grant/saml2_bearer_spec.rb
 - spec/rack/oauth2/client_spec.rb
 - spec/rack/oauth2/debugger/request_filter_spec.rb
 - spec/rack/oauth2/oauth2_spec.rb
@@ -257,8 +263,10 @@ files:
 - spec/rack/oauth2/server/token/authorization_code_spec.rb
 - spec/rack/oauth2/server/token/client_credentials_spec.rb
 - spec/rack/oauth2/server/token/error_spec.rb
+- spec/rack/oauth2/server/token/jwt_bearer_spec.rb
 - spec/rack/oauth2/server/token/password_spec.rb
 - spec/rack/oauth2/server/token/refresh_token_spec.rb
+- spec/rack/oauth2/server/token/saml2_bearer_spec.rb
 - spec/rack/oauth2/server/token_spec.rb
 - spec/rack/oauth2/util_spec.rb
 - spec/spec_helper.rb
@@ -311,8 +319,10 @@ test_files:
 - spec/rack/oauth2/client/error_spec.rb
 - spec/rack/oauth2/client/grant/authorization_code_spec.rb
 - spec/rack/oauth2/client/grant/client_credentials_spec.rb
+- spec/rack/oauth2/client/grant/jwt_bearer_spec.rb
 - spec/rack/oauth2/client/grant/password_spec.rb
 - spec/rack/oauth2/client/grant/refresh_token_spec.rb
+- spec/rack/oauth2/client/grant/saml2_bearer_spec.rb
 - spec/rack/oauth2/client_spec.rb
 - spec/rack/oauth2/debugger/request_filter_spec.rb
 - spec/rack/oauth2/oauth2_spec.rb
@@ -331,8 +341,10 @@ test_files:
 - spec/rack/oauth2/server/token/authorization_code_spec.rb
 - spec/rack/oauth2/server/token/client_credentials_spec.rb
 - spec/rack/oauth2/server/token/error_spec.rb
+- spec/rack/oauth2/server/token/jwt_bearer_spec.rb
 - spec/rack/oauth2/server/token/password_spec.rb
 - spec/rack/oauth2/server/token/refresh_token_spec.rb
+- spec/rack/oauth2/server/token/saml2_bearer_spec.rb
 - spec/rack/oauth2/server/token_spec.rb
 - spec/rack/oauth2/util_spec.rb
 - spec/spec_helper.rb