RubyGems - rack-oauth2 - Versions diffs - 1.3.1 → 1.4.0 - Mend

rack-oauth2 1.3.1 → 1.4.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (11) hide show

checksums.yaml +4 -4
data/.travis.yml +3 -4
data/VERSION +1 -1
data/lib/rack/oauth2/server.rb +1 -0
data/lib/rack/oauth2/server/authorize/code.rb +2 -0
data/lib/rack/oauth2/server/authorize/extension/code_and_token.rb +2 -0
data/lib/rack/oauth2/server/extension.rb +1 -0
data/lib/rack/oauth2/server/extension/pkce.rb +47 -0
data/lib/rack/oauth2/server/token/authorization_code.rb +2 -0
data/lib/rack/oauth2/util.rb +5 -1
metadata +4 -2

checksums.yaml CHANGED

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 3c9ef17a769a22815156fa9a794447925496fe4c
-  data.tar.gz: d613d947f2a001b1c5b172919a7c118e678e4682
+  metadata.gz: 8a2df927b2cd7727df348e6e2c2d2822382bb207
+  data.tar.gz: 0cbd438ae8f7be634556bdf320721142e6ff497d
 SHA512:
-  metadata.gz: ec69d172bb0cfaa870990b0752c4488cd006328b5ccc8dddb282034a49b7915a6c0e3658340ff59c7fce17f2cab95ba61de25403682cc9704dc6587acaf312b2
-  data.tar.gz: 74a77e9be5eb7e8778e0c7b077eb22a2fc72555d2a076fdf9dde3c4c7f18f5c87e5594db54d7316de69f8b03770a5132b918f105b2eb3c323e022d1a6de9b774
+  metadata.gz: 6498b5c59d3bc2ccdbe0b651956872185c3e89023c59fb1f609c8d1cc2012d0a1df926146d5d3579431d6fd5ed95498214b34fa67d8bacf7911f5d327ddb26b4
+  data.tar.gz: 57fafb111c251219dc32f95abb3523448e8852868873eea00e72c7bd7ba63f90750ebb69abffca6676f1eaf978101e6a883c179a55c4ebda2ad4db86a4f23b85

data/.travis.yml CHANGED

@@ -2,7 +2,6 @@ before_install:
   - gem install bundler
 rvm:
-  - 2.0
-  - 2.1
-  - 2.2
-  - 2.3.0
+  - 2.2.2
+  - 2.2.5
+  - 2.3.1

data/VERSION CHANGED

	@@ -1 +1 @@
1	- 1.3.1
1	+ 1.4.0

data/lib/rack/oauth2/server.rb CHANGED

@@ -1,4 +1,5 @@
 require 'rack/oauth2/server/abstract'
+require 'rack/oauth2/server/extension'
 require 'rack/oauth2/server/authorize'
 require 'rack/oauth2/server/token'
 require 'rack/oauth2/server/resource'

data/lib/rack/oauth2/server/authorize/code.rb CHANGED

@@ -10,6 +10,8 @@ module Rack
           end
           class Request < Authorize::Request
+            include Server::Extension::PKCE::AuthorizationRequest
             def initialize(env)
               super
               @response_type = :code

data/lib/rack/oauth2/server/authorize/extension/code_and_token.rb CHANGED

@@ -17,6 +17,8 @@ module Rack
             end
             class Request < Authorize::Token::Request
+              include Server::Extension::PKCE::AuthorizationRequest
               def initialize(env)
                 super
                 @response_type = [:code, :token]

data/lib/rack/oauth2/server/extension.rb ADDED

	@@ -0,0 +1 @@
1	+ require 'rack/oauth2/server/extension/pkce'

data/lib/rack/oauth2/server/extension/pkce.rb ADDED

@@ -0,0 +1,47 @@
+module Rack
+  module OAuth2
+    module Server
+      module Extension
+        module PKCE
+          module AuthorizationRequest
+            def self.included(klass)
+              klass.send :attr_optional, :code_challenge, :code_challenge_method
+            end
+            def initialize(env)
+              super
+              @code_challenge = params['code_challenge']
+              @code_challenge_method = params['code_challenge_method']
+            end
+          end
+          module TokenRequest
+            def self.included(klass)
+              klass.send :attr_optional, :code_verifier
+            end
+            def initialize(env)
+              super
+              @code_verifier = params['code_verifier']
+            end
+            def verify_code_verifier!(code_challenge, code_challenge_method = :S256)
+              if code_verifier.present? || code_challenge.present?
+                case code_challenge_method.try(:to_sym)
+                when :S256
+                  code_challenge == Util.urlsafe_base64_encode(
+                    OpenSSL::Digest::SHA256.digest(code_verifier.to_s)
+                  ) or invalid_grant!
+                when :plain
+                  code_challenge == code_verifier or invalid_grant!
+                else
+                  invalid_grant!
+                end
+              end
+            end
+          end
+        end
+      end
+    end
+  end
+end

data/lib/rack/oauth2/server/token/authorization_code.rb CHANGED

@@ -10,6 +10,8 @@ module Rack
           end
           class Request < Token::Request
+            include Server::Extension::PKCE::TokenRequest
             attr_required :code
             attr_optional :redirect_uri

data/lib/rack/oauth2/util.rb CHANGED

@@ -9,7 +9,11 @@ module Rack
         end
         def base64_encode(text)
-          Base64.encode64(text).gsub(/\n/, '')
+          Base64.encode64(text).delete("\n")
+        end
+        def urlsafe_base64_encode(text)
+          Base64.urlsafe_encode64(text).delete('=')
         end
         def compact_hash(hash)

metadata CHANGED

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: rack-oauth2
 version: !ruby/object:Gem::Version
-  version: 1.3.1
+  version: 1.4.0
 platform: ruby
 authors:
 - nov matake
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2016-06-16 00:00:00.000000000 Z
+date: 2016-07-14 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rack
@@ -201,6 +201,8 @@ files:
 - lib/rack/oauth2/server/authorize/extension.rb
 - lib/rack/oauth2/server/authorize/extension/code_and_token.rb
 - lib/rack/oauth2/server/authorize/token.rb
+- lib/rack/oauth2/server/extension.rb
+- lib/rack/oauth2/server/extension/pkce.rb
 - lib/rack/oauth2/server/rails.rb
 - lib/rack/oauth2/server/rails/authorize.rb
 - lib/rack/oauth2/server/rails/response_ext.rb