rodauth-oauth 0.7.3 → 0.9.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +1 -418
- data/README.md +30 -390
- data/doc/release_notes/0_0_1.md +3 -0
- data/doc/release_notes/0_0_2.md +15 -0
- data/doc/release_notes/0_0_3.md +31 -0
- data/doc/release_notes/0_0_4.md +36 -0
- data/doc/release_notes/0_0_5.md +36 -0
- data/doc/release_notes/0_0_6.md +21 -0
- data/doc/release_notes/0_1_0.md +44 -0
- data/doc/release_notes/0_2_0.md +43 -0
- data/doc/release_notes/0_3_0.md +28 -0
- data/doc/release_notes/0_4_0.md +18 -0
- data/doc/release_notes/0_4_1.md +9 -0
- data/doc/release_notes/0_4_2.md +5 -0
- data/doc/release_notes/0_4_3.md +3 -0
- data/doc/release_notes/0_5_0.md +11 -0
- data/doc/release_notes/0_5_1.md +13 -0
- data/doc/release_notes/0_6_0.md +9 -0
- data/doc/release_notes/0_6_1.md +6 -0
- data/doc/release_notes/0_7_0.md +20 -0
- data/doc/release_notes/0_7_1.md +10 -0
- data/doc/release_notes/0_7_2.md +21 -0
- data/doc/release_notes/0_7_3.md +10 -0
- data/doc/release_notes/0_7_4.md +5 -0
- data/doc/release_notes/0_8_0.md +37 -0
- data/doc/release_notes/0_9_0.md +56 -0
- data/lib/generators/rodauth/oauth/templates/app/views/rodauth/authorize.html.erb +50 -0
- data/lib/generators/rodauth/oauth/templates/app/views/rodauth/device_search.html.erb +11 -0
- data/lib/generators/rodauth/oauth/templates/app/views/rodauth/device_verification.html.erb +20 -0
- data/lib/generators/rodauth/oauth/templates/app/views/rodauth/new_oauth_application.html.erb +55 -0
- data/lib/generators/rodauth/oauth/templates/app/views/rodauth/oauth_application.html.erb +29 -0
- data/lib/generators/rodauth/oauth/templates/app/views/rodauth/oauth_application_oauth_tokens.html.erb +39 -0
- data/lib/generators/rodauth/oauth/templates/app/views/rodauth/oauth_applications.html.erb +30 -0
- data/lib/generators/rodauth/oauth/templates/app/views/rodauth/oauth_tokens.html.erb +35 -0
- data/lib/generators/rodauth/oauth/templates/db/migrate/create_rodauth_oauth.rb +21 -1
- data/lib/rodauth/features/oauth.rb +3 -1418
- data/lib/rodauth/features/oauth_application_management.rb +225 -0
- data/lib/rodauth/features/oauth_assertion_base.rb +96 -0
- data/lib/rodauth/features/oauth_authorization_code_grant.rb +252 -0
- data/lib/rodauth/features/oauth_authorization_server.rb +0 -0
- data/lib/rodauth/features/oauth_base.rb +771 -0
- data/lib/rodauth/features/oauth_client_credentials_grant.rb +33 -0
- data/lib/rodauth/features/oauth_device_grant.rb +220 -0
- data/lib/rodauth/features/oauth_dynamic_client_registration.rb +252 -0
- data/lib/rodauth/features/oauth_http_mac.rb +3 -21
- data/lib/rodauth/features/oauth_implicit_grant.rb +59 -0
- data/lib/rodauth/features/oauth_jwt.rb +276 -100
- data/lib/rodauth/features/oauth_jwt_bearer_grant.rb +59 -0
- data/lib/rodauth/features/oauth_management_base.rb +68 -0
- data/lib/rodauth/features/oauth_pkce.rb +98 -0
- data/lib/rodauth/features/oauth_resource_server.rb +21 -0
- data/lib/rodauth/features/oauth_saml_bearer_grant.rb +102 -0
- data/lib/rodauth/features/oauth_token_introspection.rb +108 -0
- data/lib/rodauth/features/oauth_token_management.rb +79 -0
- data/lib/rodauth/features/oauth_token_revocation.rb +109 -0
- data/lib/rodauth/features/oidc.rb +36 -6
- data/lib/rodauth/features/oidc_dynamic_client_registration.rb +147 -0
- data/lib/rodauth/oauth/database_extensions.rb +15 -2
- data/lib/rodauth/oauth/jwe_extensions.rb +64 -0
- data/lib/rodauth/oauth/refinements.rb +48 -0
- data/lib/rodauth/oauth/ttl_store.rb +9 -3
- data/lib/rodauth/oauth/version.rb +1 -1
- data/locales/en.yml +33 -12
- data/templates/authorize.str +57 -8
- data/templates/client_secret_field.str +2 -2
- data/templates/description_field.str +1 -1
- data/templates/device_search.str +11 -0
- data/templates/device_verification.str +24 -0
- data/templates/homepage_url_field.str +2 -2
- data/templates/jwks_field.str +4 -0
- data/templates/jwt_public_key_field.str +4 -0
- data/templates/name_field.str +1 -1
- data/templates/new_oauth_application.str +9 -0
- data/templates/oauth_application.str +7 -3
- data/templates/oauth_application_oauth_tokens.str +52 -0
- data/templates/oauth_applications.str +3 -2
- data/templates/oauth_tokens.str +10 -11
- data/templates/redirect_uri_field.str +2 -2
- metadata +84 -4
- data/lib/rodauth/features/oauth_saml.rb +0 -104
@@ -0,0 +1,35 @@
|
|
1
|
+
<% oauth_tokens = rodauth.scope.instance_variable_get(:@oauth_tokens) %>
|
2
|
+
<% tokens_count = oauth_tokens.count %>
|
3
|
+
<% if tokens_count.zero? %>
|
4
|
+
<p>No oauth tokens yet!</p>
|
5
|
+
<% else %>
|
6
|
+
<table class="table">
|
7
|
+
<thead>
|
8
|
+
<tr>
|
9
|
+
<th scope="col"><=% rodauth.oauth_applications_name_label %></th>
|
10
|
+
<th scope="col"><=% rodauth.oauth_tokens_token_label %></th>
|
11
|
+
<th scope="col"><=% rodauth.oauth_tokens_refresh_token_label %></th>
|
12
|
+
<th scope="col"><=% rodauth.oauth_tokens_expires_in_label %></th>
|
13
|
+
<th scope="col"><=% rodauth.oauth_tokens_scopes_label %></th>
|
14
|
+
<th scope="col"><span class="badge badge-pill badge-dark"><%= tokens_count %></span>
|
15
|
+
</tr>
|
16
|
+
</thead>
|
17
|
+
<tbody>
|
18
|
+
<% oauth_tokens.each do |oauth_token| %>
|
19
|
+
<tr>
|
20
|
+
<td><%= oauth_token[rodauth.oauth_applications_name_column] %></td>
|
21
|
+
<td><code class="token"><%= oauth_token[rodauth.oauth_tokens_token_column] %></code></td>
|
22
|
+
<td><code class="token"><%= oauth_token[rodauth.oauth_tokens_refresh_token_column] %></code></td>
|
23
|
+
<td><%= oauth_token[rodauth.oauth_tokens_expires_in_column] %></td>
|
24
|
+
<td><%= oauth_token[rodauth.oauth_tokens_scopes_column] %></td>
|
25
|
+
<td>
|
26
|
+
<%= form_tag rodauth.oauth_token_path(oauth_token[rodauth.oauth_tokens_id_column]), method: :post do %>
|
27
|
+
<%= submit_tag rodauth.oauth_token_revoke_button, class: "btn btn-danger" %>
|
28
|
+
<% end %>
|
29
|
+
</td>
|
30
|
+
</tr>
|
31
|
+
<% end %>
|
32
|
+
</tbody>
|
33
|
+
</table>
|
34
|
+
<%= rodauth.oauth_management_pagination_links(oauth_tokens) %>
|
35
|
+
<% end %>
|
@@ -11,6 +11,23 @@ class CreateRodauthOauth < ActiveRecord::Migration<%= migration_version %>
|
|
11
11
|
t.string :client_secret, null: false, index: { unique: true }
|
12
12
|
t.string :scopes, null: false
|
13
13
|
t.datetime :created_at, null: false, default: -> { "CURRENT_TIMESTAMP" }
|
14
|
+
# extra params
|
15
|
+
# t.string :token_endpoint_auth_method, null: true
|
16
|
+
# t.string :grant_types, null: true
|
17
|
+
# t.string :response_types, null: true
|
18
|
+
# t.string :client_uri, null: true
|
19
|
+
# t.string :logo_uri, null: true
|
20
|
+
# t.string :tos_uri, null: true
|
21
|
+
# t.string :policy_uri, null: true
|
22
|
+
# t.string :jwks_uri, null: true
|
23
|
+
# t.string :jwks, null: true
|
24
|
+
# t.string :contacts, null: true
|
25
|
+
# t.string :software_id, null: true
|
26
|
+
# t.string :software_version, null: true
|
27
|
+
# JWT/OIDC per application signing verification
|
28
|
+
# t.text :jwt_public_key, null: true
|
29
|
+
# RP-initiated logout
|
30
|
+
# t.string :post_logout_redirect_uri, null: false
|
14
31
|
end
|
15
32
|
|
16
33
|
create_table :oauth_grants do |t|
|
@@ -19,6 +36,7 @@ class CreateRodauthOauth < ActiveRecord::Migration<%= migration_version %>
|
|
19
36
|
t.integer :oauth_application_id
|
20
37
|
t.foreign_key :oauth_applications, column: :oauth_application_id
|
21
38
|
t.string :code, null: false
|
39
|
+
t.index(%i[oauth_application_id code], unique: true)
|
22
40
|
t.datetime :expires_in, null: false
|
23
41
|
t.string :redirect_uri
|
24
42
|
t.datetime :revoked_at
|
@@ -31,7 +49,9 @@ class CreateRodauthOauth < ActiveRecord::Migration<%= migration_version %>
|
|
31
49
|
# t.string :code_challenge_method
|
32
50
|
# uncomment to use OIDC nonce
|
33
51
|
# t.string :nonce
|
34
|
-
|
52
|
+
# device code grant
|
53
|
+
# t.string :user_code, null: true, unique: true
|
54
|
+
# t.datetime :last_polled_at, null: true
|
35
55
|
end
|
36
56
|
|
37
57
|
create_table :oauth_tokens do |t|
|