rodauth-oauth 0.7.4 → 0.9.1

Sign up to get free protection for your applications and to get access to all the features.
Files changed (82) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +1 -424
  3. data/README.md +30 -390
  4. data/doc/release_notes/0_0_1.md +3 -0
  5. data/doc/release_notes/0_0_2.md +15 -0
  6. data/doc/release_notes/0_0_3.md +31 -0
  7. data/doc/release_notes/0_0_4.md +36 -0
  8. data/doc/release_notes/0_0_5.md +36 -0
  9. data/doc/release_notes/0_0_6.md +21 -0
  10. data/doc/release_notes/0_1_0.md +44 -0
  11. data/doc/release_notes/0_2_0.md +43 -0
  12. data/doc/release_notes/0_3_0.md +28 -0
  13. data/doc/release_notes/0_4_0.md +18 -0
  14. data/doc/release_notes/0_4_1.md +9 -0
  15. data/doc/release_notes/0_4_2.md +5 -0
  16. data/doc/release_notes/0_4_3.md +3 -0
  17. data/doc/release_notes/0_5_0.md +11 -0
  18. data/doc/release_notes/0_5_1.md +13 -0
  19. data/doc/release_notes/0_6_0.md +9 -0
  20. data/doc/release_notes/0_6_1.md +6 -0
  21. data/doc/release_notes/0_7_0.md +20 -0
  22. data/doc/release_notes/0_7_1.md +10 -0
  23. data/doc/release_notes/0_7_2.md +21 -0
  24. data/doc/release_notes/0_7_3.md +10 -0
  25. data/doc/release_notes/0_7_4.md +5 -0
  26. data/doc/release_notes/0_8_0.md +37 -0
  27. data/doc/release_notes/0_9_0.md +56 -0
  28. data/doc/release_notes/0_9_1.md +9 -0
  29. data/lib/generators/rodauth/oauth/templates/app/views/rodauth/authorize.html.erb +25 -4
  30. data/lib/generators/rodauth/oauth/templates/app/views/rodauth/device_search.html.erb +11 -0
  31. data/lib/generators/rodauth/oauth/templates/app/views/rodauth/device_verification.html.erb +20 -0
  32. data/lib/generators/rodauth/oauth/templates/app/views/rodauth/new_oauth_application.html.erb +27 -10
  33. data/lib/generators/rodauth/oauth/templates/app/views/rodauth/oauth_application.html.erb +17 -5
  34. data/lib/generators/rodauth/oauth/templates/app/views/rodauth/oauth_application_oauth_tokens.html.erb +39 -0
  35. data/lib/generators/rodauth/oauth/templates/app/views/rodauth/oauth_applications.html.erb +6 -5
  36. data/lib/generators/rodauth/oauth/templates/app/views/rodauth/oauth_tokens.html.erb +12 -15
  37. data/lib/generators/rodauth/oauth/templates/db/migrate/create_rodauth_oauth.rb +21 -1
  38. data/lib/rodauth/features/oauth.rb +3 -1418
  39. data/lib/rodauth/features/oauth_application_management.rb +225 -0
  40. data/lib/rodauth/features/oauth_assertion_base.rb +96 -0
  41. data/lib/rodauth/features/oauth_authorization_code_grant.rb +252 -0
  42. data/lib/rodauth/features/oauth_authorization_server.rb +0 -0
  43. data/lib/rodauth/features/oauth_base.rb +778 -0
  44. data/lib/rodauth/features/oauth_client_credentials_grant.rb +33 -0
  45. data/lib/rodauth/features/oauth_device_grant.rb +220 -0
  46. data/lib/rodauth/features/oauth_dynamic_client_registration.rb +252 -0
  47. data/lib/rodauth/features/oauth_http_mac.rb +3 -21
  48. data/lib/rodauth/features/oauth_implicit_grant.rb +59 -0
  49. data/lib/rodauth/features/oauth_jwt.rb +275 -100
  50. data/lib/rodauth/features/oauth_jwt_bearer_grant.rb +59 -0
  51. data/lib/rodauth/features/oauth_management_base.rb +68 -0
  52. data/lib/rodauth/features/oauth_pkce.rb +98 -0
  53. data/lib/rodauth/features/oauth_resource_server.rb +21 -0
  54. data/lib/rodauth/features/oauth_saml_bearer_grant.rb +102 -0
  55. data/lib/rodauth/features/oauth_token_introspection.rb +108 -0
  56. data/lib/rodauth/features/oauth_token_management.rb +79 -0
  57. data/lib/rodauth/features/oauth_token_revocation.rb +109 -0
  58. data/lib/rodauth/features/oidc.rb +38 -9
  59. data/lib/rodauth/features/oidc_dynamic_client_registration.rb +147 -0
  60. data/lib/rodauth/oauth/database_extensions.rb +15 -2
  61. data/lib/rodauth/oauth/jwe_extensions.rb +64 -0
  62. data/lib/rodauth/oauth/refinements.rb +48 -0
  63. data/lib/rodauth/oauth/ttl_store.rb +9 -3
  64. data/lib/rodauth/oauth/version.rb +1 -1
  65. data/locales/en.yml +33 -12
  66. data/templates/authorize.str +57 -8
  67. data/templates/client_secret_field.str +2 -2
  68. data/templates/description_field.str +1 -1
  69. data/templates/device_search.str +11 -0
  70. data/templates/device_verification.str +24 -0
  71. data/templates/homepage_url_field.str +2 -2
  72. data/templates/jwks_field.str +4 -0
  73. data/templates/jwt_public_key_field.str +4 -0
  74. data/templates/name_field.str +1 -1
  75. data/templates/new_oauth_application.str +9 -0
  76. data/templates/oauth_application.str +7 -3
  77. data/templates/oauth_application_oauth_tokens.str +52 -0
  78. data/templates/oauth_applications.str +3 -2
  79. data/templates/oauth_tokens.str +10 -11
  80. data/templates/redirect_uri_field.str +2 -2
  81. metadata +80 -3
  82. data/lib/rodauth/features/oauth_saml.rb +0 -104
data/lib/generators/rodauth/oauth/templates/app/views/rodauth/oauth_applications.html.erb CHANGED
@@ -1,7 +1,7 @@
1
1
  <% oauth_applications_ds = rodauth.scope.instance_variable_get(:@oauth_applications) %>
2
2
  <% apps_count = oauth_applications_ds.count %>
3
3
  <div class="btn-group" role="group" aria-label="Buttons">
4
- <%= link_to "New Oauth Application", "#{rodauth.oauth_applications_path}/new", class: "btn btn-secondary" %>
4
+ <%= link_to rodauth.new_oauth_application_page_title, "#{rodauth.oauth_applications_path}/new", class: "btn btn-secondary" %>
5
5
  </div>
6
6
  <% if apps_count.zero? %>
7
7
  <p>No oauth applications yet!</p>
@@ -9,9 +9,9 @@
9
9
  <table class="table">
10
10
  <thead>
11
11
  <tr>
12
- <th scope="col">Client ID (<%= apps_count %>)</th>
13
- <th scope="col">Name</th>
14
- <th scope="col">Homepage</th>
12
+ <th scope="col"><%= rodauth.oauth_application_client_id_label %> (<%= apps_count %>)</th>
13
+ <th scope="col"><%= rodauth.oauth_application_name_label %></th>
14
+ <th scope="col"><%= rodauth.oauth_application_homepage_url_label %></th>
15
15
  <th scope="col"></th>
16
16
  </tr>
17
17
  </thead>
@@ -21,9 +21,10 @@
21
21
  <td><%= application[rodauth.oauth_applications_client_id_column] %></td>
22
22
  <td><%= application[rodauth.oauth_applications_name_column] %></td>
23
23
  <td><%= application[rodauth.oauth_applications_homepage_url_column] %></td>
24
- <td><%= link_to "Show", rodauth.oauth_application_path(application[rodauth.oauth_applications_id_column]) %></td>
24
+ <td><%= link_to "Show", rodauth.oauth_application_path(application[rodauth.oauth_applications_id_column]) %></td>
25
25
  </tr>
26
26
  <% end %>
27
27
  </tbody>
28
28
  </table>
29
+ <%= rodauth.oauth_management_pagination_links(oauth_applications_ds) %>
29
30
  <% end %>
data/lib/generators/rodauth/oauth/templates/app/views/rodauth/oauth_tokens.html.erb CHANGED
@@ -1,38 +1,35 @@
1
- <% oauth_tokens_ds = rodauth.scope.instance_variable_get(:@oauth_tokens) %>
2
- <% tokens_count = oauth_tokens_ds.count %>
1
+ <% oauth_tokens = rodauth.scope.instance_variable_get(:@oauth_tokens) %>
2
+ <% tokens_count = oauth_tokens.count %>
3
3
  <% if tokens_count.zero? %>
4
4
  <p>No oauth tokens yet!</p>
5
5
  <% else %>
6
6
  <table class="table">
7
7
  <thead>
8
8
  <tr>
9
- <th scope="col">Token</th>
10
- <th scope="col">Refresh Token</th>
11
- <th scope="col">Expires in</th>
12
- <th scope="col">Revoked at</th>
13
- <th scope="col">Scopes</th>
9
+ <th scope="col"><=% rodauth.oauth_applications_name_label %></th>
10
+ <th scope="col"><=% rodauth.oauth_tokens_token_label %></th>
11
+ <th scope="col"><=% rodauth.oauth_tokens_refresh_token_label %></th>
12
+ <th scope="col"><=% rodauth.oauth_tokens_expires_in_label %></th>
13
+ <th scope="col"><=% rodauth.oauth_tokens_scopes_label %></th>
14
14
  <th scope="col"><span class="badge badge-pill badge-dark"><%= tokens_count %></span>
15
15
  </tr>
16
16
  </thead>
17
17
  <tbody>
18
- <% oauth_tokens_ds.each do |application| %>
18
+ <% oauth_tokens.each do |oauth_token| %>
19
19
  <tr>
20
+ <td><%= oauth_token[rodauth.oauth_applications_name_column] %></td>
20
21
  <td><code class="token"><%= oauth_token[rodauth.oauth_tokens_token_column] %></code></td>
21
22
  <td><code class="token"><%= oauth_token[rodauth.oauth_tokens_refresh_token_column] %></code></td>
22
23
  <td><%= oauth_token[rodauth.oauth_tokens_expires_in_column] %></td>
23
- <td><%= oauth_token[rodauth.oauth_tokens_revoked_at_column] %></td>
24
24
  <td><%= oauth_token[rodauth.oauth_tokens_scopes_column] %></td>
25
25
  <td>
26
- <% if !oauth_token[rodauth.oauth_tokens_revoked_at_column] %>
27
- <%= form_tag rodauth.revoke_path, method: :post do %>
28
- <%= hidden_field_tag :token_type_hint, "access_token" %>
29
- <%= hidden_field_tag :token, oauth_token[rodauth.oauth_tokens_token_column] %>
30
- <%= submit_tag "Revoke", class: "btn btn-danger" %>
31
- <% end %>
26
+ <%= form_tag rodauth.oauth_token_path(oauth_token[rodauth.oauth_tokens_id_column]), method: :post do %>
27
+ <%= submit_tag rodauth.oauth_token_revoke_button, class: "btn btn-danger" %>
32
28
  <% end %>
33
29
  </td>
34
30
  </tr>
35
31
  <% end %>
36
32
  </tbody>
37
33
  </table>
34
+ <%= rodauth.oauth_management_pagination_links(oauth_tokens) %>
38
35
  <% end %>
data/lib/generators/rodauth/oauth/templates/db/migrate/create_rodauth_oauth.rb CHANGED
@@ -11,6 +11,23 @@ class CreateRodauthOauth < ActiveRecord::Migration<%= migration_version %>
11
11
  t.string :client_secret, null: false, index: { unique: true }
12
12
  t.string :scopes, null: false
13
13
  t.datetime :created_at, null: false, default: -> { "CURRENT_TIMESTAMP" }
14
+ # extra params
15
+ # t.string :token_endpoint_auth_method, null: true
16
+ # t.string :grant_types, null: true
17
+ # t.string :response_types, null: true
18
+ # t.string :client_uri, null: true
19
+ # t.string :logo_uri, null: true
20
+ # t.string :tos_uri, null: true
21
+ # t.string :policy_uri, null: true
22
+ # t.string :jwks_uri, null: true
23
+ # t.string :jwks, null: true
24
+ # t.string :contacts, null: true
25
+ # t.string :software_id, null: true
26
+ # t.string :software_version, null: true
27
+ # JWT/OIDC per application signing verification
28
+ # t.text :jwt_public_key, null: true
29
+ # RP-initiated logout
30
+ # t.string :post_logout_redirect_uri, null: false
14
31
  end
15
32
 
16
33
  create_table :oauth_grants do |t|
@@ -19,6 +36,7 @@ class CreateRodauthOauth < ActiveRecord::Migration<%= migration_version %>
19
36
  t.integer :oauth_application_id
20
37
  t.foreign_key :oauth_applications, column: :oauth_application_id
21
38
  t.string :code, null: false
39
+ t.index(%i[oauth_application_id code], unique: true)
22
40
  t.datetime :expires_in, null: false
23
41
  t.string :redirect_uri
24
42
  t.datetime :revoked_at
@@ -31,7 +49,9 @@ class CreateRodauthOauth < ActiveRecord::Migration<%= migration_version %>
31
49
  # t.string :code_challenge_method
32
50
  # uncomment to use OIDC nonce
33
51
  # t.string :nonce
34
- t.index(%i[oauth_application_id code], unique: true)
52
+ # device code grant
53
+ # t.string :user_code, null: true, unique: true
54
+ # t.datetime :last_polled_at, null: true
35
55
  end
36
56
 
37
57
  create_table :oauth_tokens do |t|