rodauth-oauth 0.4.0 → 0.4.1

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: b09ecfc1d3a8ee0f5b890620baa14ca6d847362bf38dd158e02bd2c8ebfc204e
4
- data.tar.gz: 89f0e82d7721f7ee175b1c53b7b3e0cc534e6983fe37dfc02e433df77b58225d
3
+ metadata.gz: c7c9cc026f547d781b05599d177237498390c8347791aaf5960e7447d2640b0b
4
+ data.tar.gz: 290ec103b22d394fbae7f153430605fa032b8baf6b6083e31ad8af8cd3d422b8
5
5
  SHA512:
6
- metadata.gz: d00a178f561ddecacff0587e1120b68bb22cd10b76b106b00f41167ba9c8bd8b2b8958fd629588924e502be8c947a81d3722102038cd329c006f4b4daf6efada
7
- data.tar.gz: 328542ba8ce7ef8e8f605056a9a8cbf6599136232d93f7246b13fe037ebc07225e2051b3ee454eb90ec4ae480e2b493d662d1cbbcd0ae5cc7e57a0ff29b10696
6
+ metadata.gz: 64c22bd200ff9dcb5e8406ace5f4eb34625bcee5a381e52b6b7e960b614ec3941c0460997542d843ed4eaa843a85a7f2592a027c741d5380a7572edb974ca3a9
7
+ data.tar.gz: 0a6c93bc131d2fcb45e400173ced20096caa191e3ef73f4e67ab0fc12d5ead9b9f9e6867d163612299141b96b7691429cb5e5b263036887134396f244c3dd4f7
@@ -2,6 +2,16 @@
2
2
 
3
3
  ## master
4
4
 
5
+ ### 0.4.1
6
+
7
+ ### Improvements
8
+
9
+ When in "Resource Server" mode, calling `rodauth.authorization_token` will now return an hash of the JSON payload that the Authorization Server responds, and which was already previously used to authorize access to protected resources.
10
+
11
+ ### Bugfixes
12
+
13
+ * An error ocurred if the client passed an empty authorization header (`Authorization: ` or `Authorization: Bearer `), causing an unexpected error; It now responds with the proper `401 Unauthorized` status code.
14
+
5
15
  ### 0.4.0
6
16
 
7
17
  ### Features
@@ -489,13 +489,13 @@ module Rodauth
489
489
  def fetch_access_token
490
490
  value = request.env["HTTP_AUTHORIZATION"]
491
491
 
492
- return unless value
492
+ return unless value && !value.empty?
493
493
 
494
494
  scheme, token = value.split(" ", 2)
495
495
 
496
496
  return unless scheme.downcase == oauth_token_type
497
497
 
498
- return if token.empty?
498
+ return if token.nil? || token.empty?
499
499
 
500
500
  token
501
501
  end
@@ -508,31 +508,34 @@ module Rodauth
508
508
 
509
509
  return unless bearer_token
510
510
 
511
- # check if token has not expired
512
- # check if token has been revoked
513
- @authorization_token = oauth_token_by_token(bearer_token)
511
+ @authorization_token = if is_authorization_server?
512
+ # check if token has not expired
513
+ # check if token has been revoked
514
+ oauth_token_by_token(bearer_token)
515
+ else
516
+ # where in resource server, NOT the authorization server.
517
+ payload = introspection_request("access_token", bearer_token)
518
+
519
+ return unless payload["active"]
520
+
521
+ payload
522
+ end
514
523
  end
515
524
 
516
525
  def require_oauth_authorization(*scopes)
517
- token_scopes = if is_authorization_server?
518
- authorization_required unless authorization_token
526
+ authorization_required unless authorization_token
519
527
 
520
- scopes << oauth_application_default_scope if scopes.empty?
528
+ scopes << oauth_application_default_scope if scopes.empty?
521
529
 
530
+ token_scopes = if is_authorization_server?
522
531
  authorization_token[oauth_tokens_scopes_column].split(oauth_scope_separator)
523
532
  else
524
- bearer_token = fetch_access_token
525
-
526
- authorization_required unless bearer_token
527
-
528
- scopes << oauth_application_default_scope if scopes.empty?
529
-
530
- # where in resource server, NOT the authorization server.
531
- payload = introspection_request("access_token", bearer_token)
532
-
533
- authorization_required unless payload["active"]
534
-
535
- payload["scope"].split(oauth_scope_separator)
533
+ aux_scopes = authorization_token["scope"]
534
+ if aux_scopes
535
+ aux_scopes.split(oauth_scope_separator)
536
+ else
537
+ []
538
+ end
536
539
  end
537
540
 
538
541
  authorization_required unless scopes.any? { |scope| token_scopes.include?(scope) }
@@ -2,6 +2,6 @@
2
2
 
3
3
  module Rodauth
4
4
  module OAuth
5
- VERSION = "0.4.0"
5
+ VERSION = "0.4.1"
6
6
  end
7
7
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: rodauth-oauth
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.4.0
4
+ version: 0.4.1
5
5
  platform: ruby
6
6
  authors:
7
7
  - Tiago Cardoso
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2020-11-13 00:00:00.000000000 Z
11
+ date: 2020-11-24 00:00:00.000000000 Z
12
12
  dependencies: []
13
13
  description: Implementation of the OAuth 2.0 protocol on top of rodauth.
14
14
  email: