rack-oauth2 2.0.1 → 2.1.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 7574d464d319f64fc1cfd3913d6d773024b697bd55aadece79a0f085e237a5ba
4
- data.tar.gz: 9efa49f33b0a29b2eeb54917c60092e5c9fb436e75b3f525cc117fcce1dce81a
3
+ metadata.gz: cc2833ffc404397f87ef3649c867783f4492cefab8eaceccadf7c18b740cf018
4
+ data.tar.gz: 8bbf82e5725bbf685681cfa99ada0d6dd0652bbbf741077e240163611f2077f5
5
5
  SHA512:
6
- metadata.gz: c2b01fad3bbda97b24cd9520137c58aa4ad02e91535d02f5d5d5b1b4846d3ce067148a91f55f321a0cee789c6ec63516960b5550f96262cc2bd9e89a9cc33978
7
- data.tar.gz: 53899a188b886011d5c3b96873d3bdab5070b74e09f6770996630335b3fe7cd0665a47dc3d623d4f8b571ef82365984e3329f59161407a5c7b2ca79bfdb3f2b8
6
+ metadata.gz: d11c97df887b9c0e784d6dc322d61d9e7c9dd20f2e89ae118b2863449bf8bc5658642eb52808facec041a3b6ad64e805e8ee3ac84032567bdf5e13335c8b6337
7
+ data.tar.gz: fdca45ec17029200d4d743e52614ef4b4ae5b15d5e3248805b69890644e7f2867f387bac50ebd27803bdbead21942efaf6e53de127a7093257c140156ae64327
data/CHANGELOG.md CHANGED
@@ -1,5 +1,11 @@
1
1
  ## [Unreleased]
2
2
 
3
+ ## [2.0.1] - 2022-10-09
4
+
5
+ ### Fixed
6
+
7
+ - changes for mTLS on faraday by @nov in https://github.com/nov/rack-oauth2/pull/92
8
+
3
9
  ## [2.0.0] - 2022-10-09
4
10
 
5
11
  ### Added
data/VERSION CHANGED
@@ -1 +1 @@
1
- 2.0.1
1
+ 2.1.0
@@ -7,7 +7,7 @@ module Rack
7
7
  self.expires_in = (
8
8
  self.expires_in ||
9
9
  attributes[:expires]
10
- ).try(:to_i)
10
+ )&.to_i
11
11
  end
12
12
 
13
13
  def authenticate(request)
@@ -7,8 +7,8 @@ module Rack
7
7
  def initialize(attributes = {})
8
8
  super
9
9
  self.token_type = :bearer
10
- httpclient.ssl.client_key = private_key
11
- httpclient.ssl.client_cert = certificate
10
+ http_client.ssl.client_key = private_key
11
+ http_client.ssl.client_cert = certificate
12
12
  end
13
13
  end
14
14
  end
@@ -5,7 +5,7 @@ module Rack
5
5
  attr_required :access_token, :token_type
6
6
  attr_optional :refresh_token, :expires_in, :scope
7
7
  attr_accessor :raw_attributes
8
- delegate :get, :patch, :post, :put, :delete, to: :httpclient
8
+ delegate :get, :patch, :post, :put, :delete, to: :http_client
9
9
 
10
10
  alias_method :to_s, :access_token
11
11
 
@@ -18,8 +18,8 @@ module Rack
18
18
  attr_missing!
19
19
  end
20
20
 
21
- def httpclient
22
- @httpclient ||= Rack::OAuth2.http_client("#{self.class} (#{VERSION})") do |faraday|
21
+ def http_client
22
+ @http_client ||= Rack::OAuth2.http_client("#{self.class} (#{VERSION})") do |faraday|
23
23
  Authenticator.new(self).authenticate(faraday)
24
24
  end
25
25
  end
@@ -68,18 +68,22 @@ module Rack
68
68
  @forced_token_type = token_type.to_s
69
69
  end
70
70
 
71
- def access_token!(*args)
72
- headers, params, http_client, options = authenticated_context_from(*args)
71
+ def access_token!(*args, &local_http_config)
72
+ headers, params, http_client, options = authenticated_context_from(*args, &local_http_config)
73
73
  params[:scope] = Array(options.delete(:scope)).join(' ') if options[:scope].present?
74
74
  params.merge! @grant.as_json
75
75
  params.merge! options
76
76
  handle_response do
77
- http_client.post(absolute_uri_for(token_endpoint), Util.compact_hash(params), headers)
77
+ http_client.post(
78
+ absolute_uri_for(token_endpoint),
79
+ Util.compact_hash(params),
80
+ headers
81
+ )
78
82
  end
79
83
  end
80
84
 
81
- def revoke!(*args)
82
- headers, params, http_client, options = authenticated_context_from(*args)
85
+ def revoke!(*args, &local_http_config)
86
+ headers, params, http_client, options = authenticated_context_from(*args, &local_http_config)
83
87
 
84
88
  params.merge! case
85
89
  when access_token = options.delete(:access_token)
@@ -122,15 +126,15 @@ module Rack
122
126
  _endpoint_.to_s
123
127
  end
124
128
 
125
- def authenticated_context_from(*args)
129
+ def authenticated_context_from(*args, &local_http_config)
126
130
  headers, params = {}, {}
127
- http_client = Rack::OAuth2.http_client
131
+ http_client = Rack::OAuth2.http_client(&local_http_config)
128
132
 
129
133
  # NOTE:
130
134
  # Using Array#extract_options! for backward compatibility.
131
135
  # Until v1.0.5, the first argument was 'client_auth_method' in scalar.
132
136
  options = args.extract_options!
133
- client_auth_method = args.first || options.delete(:client_auth_method).try(:to_sym) || :basic
137
+ client_auth_method = args.first || options.delete(:client_auth_method)&.to_sym || :basic
134
138
 
135
139
  case client_auth_method
136
140
  when :basic
@@ -206,7 +210,7 @@ module Rack
206
210
 
207
211
  def handle_success_response(response)
208
212
  token_hash = JSON.parse(response.body).with_indifferent_access
209
- case (@forced_token_type || token_hash[:token_type]).try(:downcase)
213
+ case (@forced_token_type || token_hash[:token_type])&.downcase
210
214
  when 'bearer'
211
215
  AccessToken::Bearer.new(token_hash)
212
216
  when nil
@@ -27,7 +27,7 @@ module Rack
27
27
 
28
28
  def verify_code_verifier!(code_challenge, code_challenge_method = :S256)
29
29
  if code_verifier.present? || code_challenge.present?
30
- case code_challenge_method.try(:to_sym)
30
+ case code_challenge_method&.to_sym
31
31
  when :S256
32
32
  code_challenge == Util.urlsafe_base64_encode(
33
33
  OpenSSL::Digest::SHA256.digest(code_verifier.to_s)
@@ -13,7 +13,7 @@ module WebMockHelper
13
13
 
14
14
  def request_for(method, options = {})
15
15
  request = {}
16
- params = options.try(:[], :params) || {}
16
+ params = options&.[](:params) || {}
17
17
  case method
18
18
  when :post, :put, :delete
19
19
  request[:body] = params
@@ -309,6 +309,23 @@ describe Rack::OAuth2::Client do
309
309
  end
310
310
  end
311
311
 
312
+ context 'local_http_config handling' do
313
+ it do
314
+ mock_response(
315
+ :post,
316
+ 'https://server.example.com/oauth2/token',
317
+ 'tokens/bearer.json',
318
+ request_header: {
319
+ 'Authorization' => 'Basic Y2xpZW50X2lkOmNsaWVudF9zZWNyZXQ=',
320
+ 'X-Foo' => 'bar'
321
+ }
322
+ )
323
+ client.access_token! do |request|
324
+ request.headers.merge! 'X-Foo' => 'bar'
325
+ end
326
+ end
327
+ end
328
+
312
329
  context 'when bearer token is given' do
313
330
  before do
314
331
  client.authorization_code = 'code'
@@ -433,6 +450,28 @@ describe Rack::OAuth2::Client do
433
450
  end
434
451
 
435
452
  describe '#revoke!' do
453
+ context 'local_http_config handling' do
454
+ it do
455
+ mock_response(
456
+ :post,
457
+ 'https://server.example.com/oauth2/revoke',
458
+ 'blank',
459
+ status: 200,
460
+ body: {
461
+ token: 'access_token',
462
+ token_type_hint: 'access_token'
463
+ },
464
+ request_header: {
465
+ 'Authorization' => 'Basic Y2xpZW50X2lkOmNsaWVudF9zZWNyZXQ=',
466
+ 'X-Foo' => 'bar'
467
+ }
468
+ )
469
+ client.revoke!(access_token: 'access_token') do |request|
470
+ request.headers.merge! 'X-Foo' => 'bar'
471
+ end
472
+ end
473
+ end
474
+
436
475
  context 'when access_token given' do
437
476
  before do
438
477
  mock_response(
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: rack-oauth2
3
3
  version: !ruby/object:Gem::Version
4
- version: 2.0.1
4
+ version: 2.1.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - nov matake
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2022-10-08 00:00:00.000000000 Z
11
+ date: 2022-10-09 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: rack