rodauth-oauth 0.4.2 → 0.4.3

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 38ad6d8c4d03dac86f78e9c883f11426d805f77f82248098192ed4696a9f20e8
4
- data.tar.gz: 07d4a10bae7e031033f0660347022e42139adb7be8834daaba307f1530838ce0
3
+ metadata.gz: 96756ac8a30c904c5b832b64c47a00af9524810561d58c909b6f322da7348e8c
4
+ data.tar.gz: 965f6ff260bd86c2fcb7bbd2ba2bd131b453f04a39b73f99ef0860d2bc95b0e0
5
5
  SHA512:
6
- metadata.gz: 6331ba7a98a83f27d5ab3accb21dcf0676d43b21b76b98bf2349b688eeec5eaa1842e3c7e340cbc8a4109f40186ddabfc9d6daf679860b6438f1bb0520c6b383
7
- data.tar.gz: 3b3b5f1c512a55fbcd6308cebf1e638bc9fe0a1e720f2acbde3b2cf52ca76431e668f74ae7070bb1f031c9e5b63fa307deab4b525c033caa00aa898d8505bb34
6
+ metadata.gz: e7e257a12204599a27d0917f2b31c32906f0d4c566d51ee6d4fde146e2340e36afb9a932cff8bf37872d59259f4d43d423d1c1266f3066063c70aa334f83e119
7
+ data.tar.gz: 07c0e564e7636893f736f6e05f634684cd7bc28e9d0acfb53ba518357fab198bc878792a68bde6b988b8c8ddf2d3e2bb4d4ecebcd9c4bf68d85f75178cdd0fdf
@@ -2,13 +2,17 @@
2
2
 
3
3
  ## master
4
4
 
5
- ### 0.4.2
5
+ ### 0.4.3 (09/12/2020)
6
+
7
+ * Introspection requests made to an Authorization Server in "resource server" mode are not correctly encoding the body using the "application/x-www-form-urlencoded" format.
8
+
9
+ ### 0.4.2 (24/11/2020)
6
10
 
7
11
  ### Bugfixes
8
12
 
9
- * database entensions were being run in resource server mode, when it's not expected that the oauth db tables are around.
13
+ * database extensions were being run in resource server mode, when it's not expected that the oauth db tables are around.
10
14
 
11
- ### 0.4.1
15
+ ### 0.4.1 (24/11/2020)
12
16
 
13
17
  ### Improvements
14
18
 
@@ -16,9 +20,9 @@ When in "Resource Server" mode, calling `rodauth.authorization_token` will now r
16
20
 
17
21
  ### Bugfixes
18
22
 
19
- * An error ocurred if the client passed an empty authorization header (`Authorization: ` or `Authorization: Bearer `), causing an unexpected error; It now responds with the proper `401 Unauthorized` status code.
23
+ * An error occurred if the client passed an empty authorization header (`Authorization: ` or `Authorization: Bearer `), causing an unexpected error; It now responds with the proper `401 Unauthorized` status code.
20
24
 
21
- ### 0.4.0
25
+ ### 0.4.0 (13/11/2020)
22
26
 
23
27
  ### Features
24
28
 
@@ -37,7 +41,7 @@ When in "Resource Server" mode, calling `rodauth.authorization_token` will now r
37
41
  * rails tests were silently not running in CI;
38
42
  * The CI suite was revamped, so that all Oauth tests would be run under rails as well. All versions from rails equal or above 5.0 are now targeted;
39
43
 
40
- ### 0.3.0
44
+ ### 0.3.0 (8/10/2020)
41
45
 
42
46
  #### Features
43
47
 
@@ -66,7 +70,7 @@ Use `rodauth.convert_timestamp` in the templates, whenever dates are displayed.
66
70
 
67
71
  Set HTTP Cache headers for metadata responses, such as `/.well-known/oauth-authorization-server` and `/.well-known/openid-configuration`, so they can be stored at the edge. The cache will be valid for 1 day (this value isn't set by an option yet).
68
72
 
69
- ### 0.2.0
73
+ ### 0.2.0 (9/9/2020)
70
74
 
71
75
  #### Features
72
76
 
@@ -110,9 +114,7 @@ Fixed some mishandling of HTTP headers when in in resource-server mode.
110
114
  * 97.7% test coverage;
111
115
  * `rodauth-oauth` CI tests run against sqlite, postgresql and mysql.
112
116
 
113
- ### 0.1.0
114
-
115
- (31/7/2020)
117
+ ### 0.1.0 (31/7/2020)
116
118
 
117
119
  #### Features
118
120
 
@@ -158,9 +160,7 @@ URI schemes for client applications redirect URIs have to be `https`. In order t
158
160
  * fixed trailing "/" in the "issuer" value in server metadata (`https://server.com/` -> `https://server.com`).
159
161
 
160
162
 
161
- ### 0.0.6
162
-
163
- (6/7/2020)
163
+ ### 0.0.6 (6/7/2020)
164
164
 
165
165
  #### Features
166
166
 
@@ -183,9 +183,7 @@ The `oauth_jwt` feature now supports JWT Secured Authorization Request (JAR) (se
183
183
  Removed React Javascript from example applications.
184
184
 
185
185
 
186
- ### 0.0.5
187
-
188
- (26/6/2020)
186
+ ### 0.0.5 (26/6/2020)
189
187
 
190
188
  #### Features
191
189
 
@@ -222,9 +220,7 @@ It **requires** the authorization to implement the server metadata endpoint (`/.
222
220
  * option `scopes_param` renamed to `scope_param`;
223
221
  *
224
222
 
225
- ## 0.0.4
226
-
227
- (13/6/2020)
223
+ ## 0.0.4 (13/6/2020)
228
224
 
229
225
  ### Features
230
226
 
@@ -261,9 +257,7 @@ The `oauth_jwt` feature now allows the usage of access tokens to authorize the g
261
257
 
262
258
  * Fixed scope claim of JWT ("scopes" -> "scope");
263
259
 
264
- ## 0.0.3
265
-
266
- (5/6/2020)
260
+ ## 0.0.3 (5/6/2020)
267
261
 
268
262
  ### Features
269
263
 
@@ -295,9 +289,7 @@ end
295
289
  * renamed the existing `use_oauth_implicit_grant_type` to `use_oauth_implicit_grant_type?`;
296
290
  * It's now usable as JSON API (small caveat: POST authorize will still redirect on success...);
297
291
 
298
- ## 0.0.2
299
-
300
- (29/5/2020)
292
+ ## 0.0.2 (29/5/2020)
301
293
 
302
294
  ### Features
303
295
 
@@ -313,8 +305,6 @@ end
313
305
 
314
306
  * usage of client secret for authorizing the generation of tokens, as the spec mandates (and refraining from them when doing PKCE).
315
307
 
316
- ## 0.0.1
317
-
318
- (14/5/2020)
308
+ ## 0.0.1 (14/5/2020)
319
309
 
320
310
  Initial implementation of the Oauth 2.0 framework, with an example app done using roda.
@@ -624,9 +624,9 @@ module Rodauth
624
624
  http.use_ssl = auth_url.scheme == "https"
625
625
 
626
626
  request = Net::HTTP::Post.new(introspect_path)
627
- request["content-type"] = json_response_content_type
627
+ request["content-type"] = "application/x-www-form-urlencoded"
628
628
  request["accept"] = json_response_content_type
629
- request.body = JSON.dump({ "token_type_hint" => token_type_hint, "token" => token })
629
+ request.set_form_data({ "token_type_hint" => token_type_hint, "token" => token })
630
630
 
631
631
  before_introspection_request(request)
632
632
  response = http.request(request)
@@ -2,6 +2,6 @@
2
2
 
3
3
  module Rodauth
4
4
  module OAuth
5
- VERSION = "0.4.2"
5
+ VERSION = "0.4.3"
6
6
  end
7
7
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: rodauth-oauth
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.4.2
4
+ version: 0.4.3
5
5
  platform: ruby
6
6
  authors:
7
7
  - Tiago Cardoso
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2020-11-24 00:00:00.000000000 Z
11
+ date: 2020-12-10 00:00:00.000000000 Z
12
12
  dependencies: []
13
13
  description: Implementation of the OAuth 2.0 protocol on top of rodauth.
14
14
  email: