rack-oauth2 1.8.2 → 1.9.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/VERSION +1 -1
- data/rack-oauth2.gemspec +1 -1
- data/spec/rack/oauth2/client_spec.rb +103 -2
- metadata +4 -4
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 6d6e275e1557d74bfbd90cdb64eedebb92969adb
|
|
4
|
+
data.tar.gz: 77da3f0c6b3eadab5de312561ec1f248c407668b
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 84bb75f21c6a1b69dc8cf8c9f03c9868e33b8e58973e4d8181c85ee2097e4153c6a135de43db3dcd7abbb8c88de4c8a6ec8a2a983c12018eabcf358cd1b1cd27
|
|
7
|
+
data.tar.gz: 6bbafc182dc0f894d04f6ad5746c5a3c1a5e746d51facb2cbd919c1a65212c49f52846ce804717d735c8c3207b9b39c580e4a8f115c4cd7cf6110bde008b4601
|
data/VERSION
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
1.
|
|
1
|
+
1.9.0
|
data/rack-oauth2.gemspec
CHANGED
|
@@ -17,7 +17,7 @@ Gem::Specification.new do |s|
|
|
|
17
17
|
s.add_runtime_dependency 'httpclient'
|
|
18
18
|
s.add_runtime_dependency 'activesupport'
|
|
19
19
|
s.add_runtime_dependency 'attr_required'
|
|
20
|
-
s.add_runtime_dependency 'json-jwt'
|
|
20
|
+
s.add_runtime_dependency 'json-jwt', '>= 1.9.0'
|
|
21
21
|
s.add_development_dependency 'rake'
|
|
22
22
|
s.add_development_dependency 'simplecov'
|
|
23
23
|
s.add_development_dependency 'rspec'
|
|
@@ -79,8 +79,7 @@ describe Rack::OAuth2::Client do
|
|
|
79
79
|
describe '#access_token!' do
|
|
80
80
|
subject { client.access_token! }
|
|
81
81
|
|
|
82
|
-
context '
|
|
83
|
-
|
|
82
|
+
context '*args handling' do
|
|
84
83
|
describe 'client authentication method' do
|
|
85
84
|
before do
|
|
86
85
|
client.authorization_code = 'code'
|
|
@@ -98,6 +97,108 @@ describe Rack::OAuth2::Client do
|
|
|
98
97
|
client.access_token!
|
|
99
98
|
end
|
|
100
99
|
|
|
100
|
+
context 'when jwt_bearer auth method specified' do
|
|
101
|
+
context 'when client_secret is given' do
|
|
102
|
+
it 'should be JWT bearer client assertion w/ auto-generated HS256-signed JWT assertion' do
|
|
103
|
+
mock_response(
|
|
104
|
+
:post,
|
|
105
|
+
'https://server.example.com/oauth2/token',
|
|
106
|
+
'tokens/bearer.json',
|
|
107
|
+
params: {
|
|
108
|
+
client_assertion: /^eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9\..+/, # NOTE: HS256
|
|
109
|
+
client_assertion_type: Rack::OAuth2::URN::ClientAssertionType::JWT_BEARER,
|
|
110
|
+
code: 'code',
|
|
111
|
+
grant_type: 'authorization_code',
|
|
112
|
+
redirect_uri: 'https://client.example.com/callback'
|
|
113
|
+
}
|
|
114
|
+
)
|
|
115
|
+
client.access_token! :jwt_bearer
|
|
116
|
+
end
|
|
117
|
+
end
|
|
118
|
+
|
|
119
|
+
context 'when private_key is given' do
|
|
120
|
+
context 'when RSA key' do
|
|
121
|
+
let :client do
|
|
122
|
+
Rack::OAuth2::Client.new(
|
|
123
|
+
identifier: 'client_id',
|
|
124
|
+
private_key: OpenSSL::PKey::RSA.generate(2048),
|
|
125
|
+
host: 'server.example.com',
|
|
126
|
+
redirect_uri: 'https://client.example.com/callback'
|
|
127
|
+
)
|
|
128
|
+
end
|
|
129
|
+
|
|
130
|
+
it 'should be JWT bearer client assertion w/ auto-generated RS256-signed JWT assertion' do
|
|
131
|
+
mock_response(
|
|
132
|
+
:post,
|
|
133
|
+
'https://server.example.com/oauth2/token',
|
|
134
|
+
'tokens/bearer.json',
|
|
135
|
+
params: {
|
|
136
|
+
client_assertion: /^eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9\..+/, # NOTE: RS256
|
|
137
|
+
client_assertion_type: Rack::OAuth2::URN::ClientAssertionType::JWT_BEARER,
|
|
138
|
+
code: 'code',
|
|
139
|
+
grant_type: 'authorization_code',
|
|
140
|
+
redirect_uri: 'https://client.example.com/callback'
|
|
141
|
+
}
|
|
142
|
+
)
|
|
143
|
+
client.access_token! :jwt_bearer
|
|
144
|
+
end
|
|
145
|
+
end
|
|
146
|
+
|
|
147
|
+
context 'when EC key' do
|
|
148
|
+
let :client do
|
|
149
|
+
Rack::OAuth2::Client.new(
|
|
150
|
+
identifier: 'client_id',
|
|
151
|
+
private_key: OpenSSL::PKey::EC.new('prime256v1').generate_key,
|
|
152
|
+
host: 'server.example.com',
|
|
153
|
+
redirect_uri: 'https://client.example.com/callback'
|
|
154
|
+
)
|
|
155
|
+
end
|
|
156
|
+
|
|
157
|
+
it 'should be JWT bearer client assertion w/ auto-generated ES256-signed JWT assertion' do
|
|
158
|
+
mock_response(
|
|
159
|
+
:post,
|
|
160
|
+
'https://server.example.com/oauth2/token',
|
|
161
|
+
'tokens/bearer.json',
|
|
162
|
+
params: {
|
|
163
|
+
client_assertion: /^eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiJ9\..+/, # NOTE: ES256
|
|
164
|
+
client_assertion_type: Rack::OAuth2::URN::ClientAssertionType::JWT_BEARER,
|
|
165
|
+
code: 'code',
|
|
166
|
+
grant_type: 'authorization_code',
|
|
167
|
+
redirect_uri: 'https://client.example.com/callback'
|
|
168
|
+
}
|
|
169
|
+
)
|
|
170
|
+
client.access_token! :jwt_bearer
|
|
171
|
+
end
|
|
172
|
+
end
|
|
173
|
+
end
|
|
174
|
+
|
|
175
|
+
context 'when client_assertion is explicitly given' do
|
|
176
|
+
let :client do
|
|
177
|
+
Rack::OAuth2::Client.new(
|
|
178
|
+
identifier: 'client_id',
|
|
179
|
+
host: 'server.example.com',
|
|
180
|
+
redirect_uri: 'https://client.example.com/callback'
|
|
181
|
+
)
|
|
182
|
+
end
|
|
183
|
+
|
|
184
|
+
it 'should be JWT bearer client assertion w/ specified assertion' do
|
|
185
|
+
mock_response(
|
|
186
|
+
:post,
|
|
187
|
+
'https://server.example.com/oauth2/token',
|
|
188
|
+
'tokens/bearer.json',
|
|
189
|
+
params: {
|
|
190
|
+
client_assertion: 'any.jwt.assertion',
|
|
191
|
+
client_assertion_type: Rack::OAuth2::URN::ClientAssertionType::JWT_BEARER,
|
|
192
|
+
code: 'code',
|
|
193
|
+
grant_type: 'authorization_code',
|
|
194
|
+
redirect_uri: 'https://client.example.com/callback'
|
|
195
|
+
}
|
|
196
|
+
)
|
|
197
|
+
client.access_token! :jwt_bearer, client_assertion: 'any.jwt.assertion'
|
|
198
|
+
end
|
|
199
|
+
end
|
|
200
|
+
end
|
|
201
|
+
|
|
101
202
|
context 'when other auth method specified' do
|
|
102
203
|
it 'should be body params' do
|
|
103
204
|
mock_response(
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: rack-oauth2
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.
|
|
4
|
+
version: 1.9.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- nov matake
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2018-02-
|
|
11
|
+
date: 2018-02-23 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: rack
|
|
@@ -72,14 +72,14 @@ dependencies:
|
|
|
72
72
|
requirements:
|
|
73
73
|
- - ">="
|
|
74
74
|
- !ruby/object:Gem::Version
|
|
75
|
-
version:
|
|
75
|
+
version: 1.9.0
|
|
76
76
|
type: :runtime
|
|
77
77
|
prerelease: false
|
|
78
78
|
version_requirements: !ruby/object:Gem::Requirement
|
|
79
79
|
requirements:
|
|
80
80
|
- - ">="
|
|
81
81
|
- !ruby/object:Gem::Version
|
|
82
|
-
version:
|
|
82
|
+
version: 1.9.0
|
|
83
83
|
- !ruby/object:Gem::Dependency
|
|
84
84
|
name: rake
|
|
85
85
|
requirement: !ruby/object:Gem::Requirement
|