rack-oauth2 1.3.0 → 1.3.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/VERSION +1 -1
- data/lib/rack/oauth2.rb +1 -0
- data/lib/rack/oauth2/client.rb +7 -0
- data/lib/rack/oauth2/client/grant.rb +2 -1
- data/lib/rack/oauth2/client/grant/jwt_bearer.rb +1 -1
- data/lib/rack/oauth2/client/grant/saml2_bearer.rb +1 -1
- data/lib/rack/oauth2/client/grant/token_exchange.rb +15 -0
- data/lib/rack/oauth2/server.rb +2 -1
- data/lib/rack/oauth2/server/authorize/error.rb +6 -1
- data/lib/rack/oauth2/server/rails.rb +14 -0
- data/lib/rack/oauth2/server/rails/authorize.rb +44 -0
- data/lib/rack/oauth2/server/rails/response_ext.rb +49 -0
- data/lib/rack/oauth2/server/token.rb +2 -2
- data/lib/rack/oauth2/server/token/jwt_bearer.rb +1 -1
- data/lib/rack/oauth2/server/token/saml2_bearer.rb +1 -1
- data/lib/rack/oauth2/urn.rb +22 -0
- data/rack-oauth2.gemspec +1 -1
- data/spec/rack/oauth2/util_spec.rb +1 -1
- metadata +11 -6
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 3c9ef17a769a22815156fa9a794447925496fe4c
|
4
|
+
data.tar.gz: d613d947f2a001b1c5b172919a7c118e678e4682
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: ec69d172bb0cfaa870990b0752c4488cd006328b5ccc8dddb282034a49b7915a6c0e3658340ff59c7fce17f2cab95ba61de25403682cc9704dc6587acaf312b2
|
7
|
+
data.tar.gz: 74a77e9be5eb7e8778e0c7b077eb22a2fc72555d2a076fdf9dde3c4c7f18f5c87e5594db54d7316de69f8b03770a5132b918f105b2eb3c323e022d1a6de9b774
|
data/VERSION
CHANGED
@@ -1 +1 @@
|
|
1
|
-
1.3.
|
1
|
+
1.3.1
|
data/lib/rack/oauth2.rb
CHANGED
data/lib/rack/oauth2/client.rb
CHANGED
@@ -57,6 +57,13 @@ module Rack
|
|
57
57
|
)
|
58
58
|
end
|
59
59
|
|
60
|
+
def subject_token=(subject_token, subject_token_type = URN::TokenType::JWT)
|
61
|
+
@grant = Grant::TokenExchange.new(
|
62
|
+
subject_token: subject_token,
|
63
|
+
subject_token_type: subject_token_type
|
64
|
+
)
|
65
|
+
end
|
66
|
+
|
60
67
|
def access_token!(*args)
|
61
68
|
headers, params = {}, @grant.as_json
|
62
69
|
|
@@ -32,4 +32,5 @@ require 'rack/oauth2/client/grant/password'
|
|
32
32
|
require 'rack/oauth2/client/grant/client_credentials'
|
33
33
|
require 'rack/oauth2/client/grant/refresh_token'
|
34
34
|
require 'rack/oauth2/client/grant/jwt_bearer'
|
35
|
-
require 'rack/oauth2/client/grant/saml2_bearer'
|
35
|
+
require 'rack/oauth2/client/grant/saml2_bearer'
|
36
|
+
require 'rack/oauth2/client/grant/token_exchange'
|
data/lib/rack/oauth2/server.rb
CHANGED
@@ -11,8 +11,13 @@ module Rack
|
|
11
11
|
super.merge(state: state)
|
12
12
|
end
|
13
13
|
|
14
|
+
def redirect?
|
15
|
+
redirect_uri.present? &&
|
16
|
+
protocol_params_location.present?
|
17
|
+
end
|
18
|
+
|
14
19
|
def finish
|
15
|
-
if
|
20
|
+
if redirect?
|
16
21
|
super do |response|
|
17
22
|
response.redirect Util.redirect_uri(redirect_uri, protocol_params_location, protocol_params)
|
18
23
|
end
|
@@ -0,0 +1,14 @@
|
|
1
|
+
module Rack
|
2
|
+
module OAuth2
|
3
|
+
module Server
|
4
|
+
module Rails
|
5
|
+
REQUEST = 'rack_oauth2.request'
|
6
|
+
RESPONSE = 'rack_oauth2.response'
|
7
|
+
ERROR = 'rack_oauth2.error'
|
8
|
+
end
|
9
|
+
end
|
10
|
+
end
|
11
|
+
end
|
12
|
+
|
13
|
+
require 'rack/oauth2/server/rails/response_ext'
|
14
|
+
require 'rack/oauth2/server/rails/authorize'
|
@@ -0,0 +1,44 @@
|
|
1
|
+
module Rack
|
2
|
+
module OAuth2
|
3
|
+
module Server
|
4
|
+
module Rails
|
5
|
+
class Authorize < Server::Authorize
|
6
|
+
def initialize(app)
|
7
|
+
super()
|
8
|
+
@app = app
|
9
|
+
end
|
10
|
+
|
11
|
+
def call(env)
|
12
|
+
prepare_oauth_env env
|
13
|
+
@app.call env
|
14
|
+
rescue Rack::OAuth2::Server::Abstract::Error => e
|
15
|
+
e.finish
|
16
|
+
end
|
17
|
+
|
18
|
+
private
|
19
|
+
|
20
|
+
def prepare_oauth_env(env)
|
21
|
+
response_type = response_type_for(
|
22
|
+
Server::Authorize::Request.new(env)
|
23
|
+
).new
|
24
|
+
response_type.call(env)
|
25
|
+
response_type.response.extend ResponseExt
|
26
|
+
env[REQUEST] = response_type.request
|
27
|
+
env[RESPONSE] = response_type.response
|
28
|
+
rescue Rack::OAuth2::Server::Abstract::Error => e
|
29
|
+
env[ERROR] = e
|
30
|
+
end
|
31
|
+
|
32
|
+
module ResponseExt
|
33
|
+
include Rails::ResponseExt
|
34
|
+
|
35
|
+
def approve!
|
36
|
+
super
|
37
|
+
finish
|
38
|
+
end
|
39
|
+
end
|
40
|
+
end
|
41
|
+
end
|
42
|
+
end
|
43
|
+
end
|
44
|
+
end
|
@@ -0,0 +1,49 @@
|
|
1
|
+
module Rack
|
2
|
+
module OAuth2
|
3
|
+
module Server
|
4
|
+
module Rails
|
5
|
+
module ResponseExt
|
6
|
+
def redirect?
|
7
|
+
ensure_finish do
|
8
|
+
@response.redirect?
|
9
|
+
end
|
10
|
+
end
|
11
|
+
|
12
|
+
def location
|
13
|
+
ensure_finish do
|
14
|
+
super
|
15
|
+
end
|
16
|
+
end
|
17
|
+
|
18
|
+
def json
|
19
|
+
ensure_finish do
|
20
|
+
@response.body
|
21
|
+
end
|
22
|
+
end
|
23
|
+
|
24
|
+
def header
|
25
|
+
ensure_finish do
|
26
|
+
@header
|
27
|
+
end
|
28
|
+
end
|
29
|
+
|
30
|
+
def finish
|
31
|
+
@finished = true
|
32
|
+
super
|
33
|
+
end
|
34
|
+
|
35
|
+
private
|
36
|
+
|
37
|
+
def finished?
|
38
|
+
!!@finished
|
39
|
+
end
|
40
|
+
|
41
|
+
def ensure_finish
|
42
|
+
@status, @header, @response = finish unless finished?
|
43
|
+
yield
|
44
|
+
end
|
45
|
+
end
|
46
|
+
end
|
47
|
+
end
|
48
|
+
end
|
49
|
+
end
|
@@ -23,9 +23,9 @@ module Rack
|
|
23
23
|
ClientCredentials
|
24
24
|
when 'refresh_token'
|
25
25
|
RefreshToken
|
26
|
-
when
|
26
|
+
when URN::GrantType::JWT_BEARER
|
27
27
|
JWTBearer
|
28
|
-
when
|
28
|
+
when URN::GrantType::SAML2_BEARER
|
29
29
|
SAML2Bearer
|
30
30
|
when ''
|
31
31
|
request.attr_missing!
|
@@ -0,0 +1,22 @@
|
|
1
|
+
module Rack
|
2
|
+
module OAuth2
|
3
|
+
module URN
|
4
|
+
module TokenType
|
5
|
+
JWT = 'urn:ietf:params:oauth:token-type:jwt' # RFC7519
|
6
|
+
ACCESS_TOKEN = 'urn:ietf:params:oauth:token-type:access-token' # draft-ietf-oauth-token-exchange
|
7
|
+
REFRESH_TOKEN = 'urn:ietf:params:oauth:token-type:refresh-token' # draft-ietf-oauth-token-exchange
|
8
|
+
end
|
9
|
+
|
10
|
+
module GrantType
|
11
|
+
JWT_BEARER = 'urn:ietf:params:oauth:grant-type:jwt-bearer' # RFC7523
|
12
|
+
SAML2_BEARER = 'urn:ietf:params:oauth:grant-type:saml2-bearer' # RFC7522
|
13
|
+
TOKEN_EXCHANGE = 'urn:ietf:params:oauth:grant-type:token-exchange' # draft-ietf-oauth-token-exchange
|
14
|
+
end
|
15
|
+
|
16
|
+
module ClientAssertionType
|
17
|
+
JWT_BEARER = 'urn:ietf:params:oauth:client-assertion-type:jwt-bearer' # RFC7523
|
18
|
+
SAML2_BEARER = 'urn:ietf:params:oauth:client-assertion-type:saml2-bearer' # RFC7522
|
19
|
+
end
|
20
|
+
end
|
21
|
+
end
|
22
|
+
end
|
data/rack-oauth2.gemspec
CHANGED
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: rack-oauth2
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.3.
|
4
|
+
version: 1.3.1
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- nov matake
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2016-
|
11
|
+
date: 2016-06-16 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: rack
|
@@ -140,16 +140,16 @@ dependencies:
|
|
140
140
|
name: webmock
|
141
141
|
requirement: !ruby/object:Gem::Requirement
|
142
142
|
requirements:
|
143
|
-
- - "
|
143
|
+
- - "<"
|
144
144
|
- !ruby/object:Gem::Version
|
145
|
-
version: '
|
145
|
+
version: '1.24'
|
146
146
|
type: :development
|
147
147
|
prerelease: false
|
148
148
|
version_requirements: !ruby/object:Gem::Requirement
|
149
149
|
requirements:
|
150
|
-
- - "
|
150
|
+
- - "<"
|
151
151
|
- !ruby/object:Gem::Version
|
152
|
-
version: '
|
152
|
+
version: '1.24'
|
153
153
|
description: OAuth 2.0 Server & Client Library. Both Bearer and MAC token type are
|
154
154
|
supported.
|
155
155
|
email: nov@matake.jp
|
@@ -186,6 +186,7 @@ files:
|
|
186
186
|
- lib/rack/oauth2/client/grant/password.rb
|
187
187
|
- lib/rack/oauth2/client/grant/refresh_token.rb
|
188
188
|
- lib/rack/oauth2/client/grant/saml2_bearer.rb
|
189
|
+
- lib/rack/oauth2/client/grant/token_exchange.rb
|
189
190
|
- lib/rack/oauth2/debugger.rb
|
190
191
|
- lib/rack/oauth2/debugger/request_filter.rb
|
191
192
|
- lib/rack/oauth2/server.rb
|
@@ -200,6 +201,9 @@ files:
|
|
200
201
|
- lib/rack/oauth2/server/authorize/extension.rb
|
201
202
|
- lib/rack/oauth2/server/authorize/extension/code_and_token.rb
|
202
203
|
- lib/rack/oauth2/server/authorize/token.rb
|
204
|
+
- lib/rack/oauth2/server/rails.rb
|
205
|
+
- lib/rack/oauth2/server/rails/authorize.rb
|
206
|
+
- lib/rack/oauth2/server/rails/response_ext.rb
|
203
207
|
- lib/rack/oauth2/server/resource.rb
|
204
208
|
- lib/rack/oauth2/server/resource/bearer.rb
|
205
209
|
- lib/rack/oauth2/server/resource/bearer/error.rb
|
@@ -216,6 +220,7 @@ files:
|
|
216
220
|
- lib/rack/oauth2/server/token/password.rb
|
217
221
|
- lib/rack/oauth2/server/token/refresh_token.rb
|
218
222
|
- lib/rack/oauth2/server/token/saml2_bearer.rb
|
223
|
+
- lib/rack/oauth2/urn.rb
|
219
224
|
- lib/rack/oauth2/util.rb
|
220
225
|
- rack-oauth2.gemspec
|
221
226
|
- spec/helpers/time.rb
|