rack-oauth2 2.2.1 → 2.3.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (11) hide show
  1. checksums.yaml +4 -4
  2. data/.github/workflows/spec.yml +7 -8
  3. data/CHANGELOG.md +2 -0
  4. data/VERSION +1 -1
  5. data/lib/rack/oauth2/client.rb +10 -0
  6. data/lib/rack/oauth2/server/abstract/error.rb +2 -1
  7. data/lib/rack/oauth2/server/resource/error.rb +1 -0
  8. data/spec/rack/oauth2/server/authorize_spec.rb +6 -3
  9. data/spec/rack/oauth2/server/resource/error_spec.rb +11 -0
  10. data/spec/rack/oauth2/server/token_spec.rb +4 -1
  11. metadata +3 -6
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: f2c3515e2af90285deab9032fece3d0ef8c7445405cc1cce705160c19fb2052b
4
- data.tar.gz: e95c0fca744d8d12d97e1be23ff48cb00250d92a536de03382021e73e809c737
3
+ metadata.gz: 94653e24ca67ef301c4d5e9b2d5af0775feefe07c32e9fc5dba855f178a39e11
4
+ data.tar.gz: c25b475ef9941aaadaed62133f217425d325efc92d21ef3bf224ebcddd8e1045
5
5
  SHA512:
6
- metadata.gz: 6c2a9ddb2f9b4b9d18c337d678bf88d660f3597d09ec9d63195062cd1c5fc0a3c5105135f51aa1f4efef4e64b9e66c2a6f36dc6b4037b5c09cefbace858ce67e
7
- data.tar.gz: e0add9d0227669a3cfd6e11c208bc36f89c13ec8cda2ab2352bb9b0d29ee0ac59b266aee90732c4e756895fc8d66ebaefdd4defe5342392e67e08d9022514da9
6
+ metadata.gz: 8be19c6c289dae2df63c294a15fd9e63445ae623142b79769b4b5ee475bc3fe524e6bbb88a9ccea64ece7240c04b0c909eba87e8c03e7ff250c20e6d0b922431
7
+ data.tar.gz: e26e13a85c9d3da1d811500d1488100ae0b7bb358752d7df9cf45d062cf885b8537b5a6e691e76a9bbe8590355ba5383a1de39adcf150f50f0f4f172ef545d72
data/.github/workflows/spec.yml CHANGED
@@ -11,21 +11,20 @@ permissions:
11
11
 
12
12
  jobs:
13
13
  spec:
14
+ runs-on: ubuntu-latest
15
+ name: Ruby ${{ matrix.ruby }}
14
16
  strategy:
15
17
  matrix:
16
- os: ['ubuntu-20.04', 'ubuntu-22.04']
17
- ruby-version: ['3.1', '3.2', '3.3']
18
- include:
19
- - os: 'ubuntu-20.04'
20
- ruby-version: '3.0'
21
- runs-on: ${{ matrix.os }}
22
-
18
+ ruby:
19
+ - '3.2'
20
+ - '3.3'
21
+ - '3.4'
23
22
  steps:
24
23
  - uses: actions/checkout@v3
25
24
  - name: Set up Ruby
26
25
  uses: ruby/setup-ruby@v1
27
26
  with:
28
- ruby-version: ${{ matrix.ruby-version }}
27
+ ruby-version: ${{ matrix.ruby }}
29
28
  bundler-cache: true
30
29
  - name: Run Specs
31
30
  run: bundle exec rake spec
data/CHANGELOG.md CHANGED
@@ -1,5 +1,7 @@
1
1
  ## [Unreleased]
2
2
 
3
+ - add support for endpoints requiring mTLS with HTTP Basic Authentication
4
+
3
5
  ## [2.2.0] - 2022-10-11
4
6
 
5
7
  ### Changed
data/VERSION CHANGED
@@ -1 +1 @@
1
- 2.2.1
1
+ 2.3.0
data/lib/rack/oauth2/client.rb CHANGED
@@ -182,6 +182,16 @@ module Rack
182
182
  )
183
183
  http_client.ssl.client_key = private_key
184
184
  http_client.ssl.client_cert = certificate
185
+ when :mtls_basic
186
+ http_client.ssl.client_key = private_key
187
+ http_client.ssl.client_cert = certificate
188
+ cred = Base64.strict_encode64 [
189
+ Util.www_form_url_encode(identifier),
190
+ Util.www_form_url_encode(secret)
191
+ ].join(':')
192
+ headers.merge!(
193
+ 'Authorization' => "Basic #{cred}"
194
+ )
185
195
  else
186
196
  params.merge!(
187
197
  client_id: identifier,
data/lib/rack/oauth2/server/abstract/error.rb CHANGED
@@ -3,7 +3,7 @@ module Rack
3
3
  module Server
4
4
  module Abstract
5
5
  class Error < StandardError
6
- attr_accessor :status, :error, :description, :uri, :realm
6
+ attr_accessor :status, :error, :description, :uri, :realm, :resource_metadata
7
7
 
8
8
  def initialize(status, error, description = nil, options = {})
9
9
  @status = status
@@ -11,6 +11,7 @@ module Rack
11
11
  @description = description
12
12
  @uri = options[:uri]
13
13
  @realm = options[:realm]
14
+ @resource_metadata = options[:resource_metadata]
14
15
  super [error, description].compact.join(' :: ')
15
16
  end
16
17
 
data/lib/rack/oauth2/server/resource/error.rb CHANGED
@@ -19,6 +19,7 @@ module Rack
19
19
  headers << ", error_description=\"#{description}\"" if description.present?
20
20
  headers << ", error_uri=\"#{uri}\"" if uri.present?
21
21
  end
22
+ headers << ", resource_metadata=\"#{resource_metadata}\"" if resource_metadata.present?
22
23
  end
23
24
  end
24
25
  end
data/spec/rack/oauth2/server/authorize_spec.rb CHANGED
@@ -158,7 +158,10 @@ describe Rack::OAuth2::Server::Authorize do
158
158
  Rack::MockRequest.env_for("/authorize?response_type=#{response_type}&client_id=client")
159
159
  end
160
160
  let(:request) { Rack::OAuth2::Server::Authorize::Request.new env }
161
- its(:extensions) { should == [Rack::OAuth2::Server::Authorize::Extension::CodeAndToken] }
161
+
162
+ it do
163
+ subject.send(:extensions).should == [Rack::OAuth2::Server::Authorize::Extension::CodeAndToken]
164
+ end
162
165
 
163
166
  describe 'code token' do
164
167
  let(:response_type) { 'code%20token' }
@@ -196,8 +199,8 @@ describe Rack::OAuth2::Server::Authorize do
196
199
  end
197
200
  end
198
201
 
199
- its(:extensions) do
200
- should == [
202
+ it do
203
+ subject.send(:extensions).should == [
201
204
  Rack::OAuth2::Server::Authorize::Extension::CodeAndToken,
202
205
  Rack::OAuth2::Server::Authorize::Extension::IdToken
203
206
  ]
data/spec/rack/oauth2/server/resource/error_spec.rb CHANGED
@@ -77,6 +77,17 @@ describe Rack::OAuth2::Server::Resource::Unauthorized do
77
77
  response.first.should include '"error":"something"'
78
78
  end
79
79
  end
80
+
81
+ context 'when resource_metadata is specified' do
82
+ let(:resource_metadata) { "https://resource.example.com/.well-known/oauth-protected-resource" }
83
+ let(:error) { Rack::OAuth2::Server::Resource::Bearer::Unauthorized.new(:something, nil, resource_metadata: resource_metadata) }
84
+
85
+ it 'should include resource_metadata in WWW-Authenticate header' do
86
+ _, headers, response = error_with_scheme.finish
87
+ headers['WWW-Authenticate'].should include %(resource_metadata="#{resource_metadata}")
88
+ response.first.should include '"error":"something"'
89
+ end
90
+ end
80
91
  end
81
92
  end
82
93
  end
data/spec/rack/oauth2/server/token_spec.rb CHANGED
@@ -183,7 +183,10 @@ describe Rack::OAuth2::Server::Token do
183
183
  )
184
184
  end
185
185
  let(:request) { Rack::OAuth2::Server::Token::Request.new env }
186
- its(:extensions) { should == [Rack::OAuth2::Server::Token::Extension::Example] }
186
+
187
+ it do
188
+ subject.send(:extensions).should == [Rack::OAuth2::Server::Token::Extension::Example]
189
+ end
187
190
 
188
191
  describe 'JWT assertion' do
189
192
  let(:params) do
metadata CHANGED
@@ -1,14 +1,13 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: rack-oauth2
3
3
  version: !ruby/object:Gem::Version
4
- version: 2.2.1
4
+ version: 2.3.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - nov matake
8
- autorequire:
9
8
  bindir: bin
10
9
  cert_chain: []
11
- date: 2023-12-27 00:00:00.000000000 Z
10
+ date: 1980-01-02 00:00:00.000000000 Z
12
11
  dependencies:
13
12
  - !ruby/object:Gem::Dependency
14
13
  name: rack
@@ -293,7 +292,6 @@ homepage: https://github.com/nov/rack-oauth2
293
292
  licenses:
294
293
  - MIT
295
294
  metadata: {}
296
- post_install_message:
297
295
  rdoc_options:
298
296
  - "--charset=UTF-8"
299
297
  require_paths:
@@ -309,8 +307,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
309
307
  - !ruby/object:Gem::Version
310
308
  version: '0'
311
309
  requirements: []
312
- rubygems_version: 3.4.10
313
- signing_key:
310
+ rubygems_version: 3.6.9
314
311
  specification_version: 4
315
312
  summary: OAuth 2.0 Server & Client Library - Both Bearer token type are supported
316
313
  test_files: