rodauth-oauth 0.9.1 → 0.9.2

Sign up to get free protection for your applications and to get access to all the features.
Files changed (15) hide show
  1. checksums.yaml +4 -4
  2. data/README.md +1 -1
  3. data/doc/release_notes/0_9_2.md +10 -0
  4. data/lib/rodauth/features/oauth_application_management.rb +1 -1
  5. data/lib/rodauth/features/oauth_jwt.rb +4 -0
  6. data/lib/rodauth/features/oauth_jwt_bearer_grant.rb +1 -0
  7. data/lib/rodauth/features/oauth_management_base.rb +4 -0
  8. data/lib/rodauth/features/oidc.rb +5 -3
  9. data/lib/rodauth/oauth/version.rb +1 -1
  10. data/locales/en.yml +1 -1
  11. data/templates/jwks_field.str +1 -1
  12. data/templates/jwt_public_key_field.str +1 -1
  13. data/templates/new_oauth_application.str +1 -1
  14. data/templates/scope_field.str +3 -2
  15. metadata +4 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 8d0412f0fc70f27a32d2517afbc688eae79304a52fd074298ecac3176edf2ee8
4
- data.tar.gz: 2bed00e6896786192f3a4b93b145e8b75b0813741b323213586d736745323617
3
+ metadata.gz: 2514b45f82f9e8dda98f15dc2c1ccc0eeba306c9d1ee40e6fa47e4999d766c1c
4
+ data.tar.gz: d68579829772121a157b7bd654fb40999921af46673910caa21892462655ed0e
5
5
  SHA512:
6
- metadata.gz: d04277337c21a48a9b0504eaadac11342bd69a0892e1ee7bd7114880b35fe1cdf4e086044d8fa6198c82da3b8f49b6e12be58b98316f592ed980733d2c2cdaa7
7
- data.tar.gz: f3b8ebe3574ff7559c827a42b76ad698b3a33ba93593fe09695a833af92709ca39b33a9e3be0d1c57c6300666de97850810f37e629a29e59bddd0b8746f63f10
6
+ metadata.gz: 8121458a789119610c920c835fc99cde76d4eca41fb7bb48acbe9c1e2f4be89f68c9370235335d7dc8c6b3b715b6825a4d77bafbda37551464ebf35a516f55de
7
+ data.tar.gz: bdd2c1d2bee336459186606b2bfb293cd690333a58c421798155e6bc53e418b71bbd142ac19e48ddcff701f28eaaa6c65c8d045c715a7f84690fb5dd6865ddbe
data/README.md CHANGED
@@ -73,7 +73,7 @@ Or install it yourself as:
73
73
 
74
74
  ## Usage
75
75
 
76
- This tutorial assumes you already read the documentation and know how to set up `rodauth`. After that, integrating `roda-auth` will look like:
76
+ This tutorial assumes you already read the documentation and know how to set up `rodauth`. After that, integrating `rodauth-oauth` will look like:
77
77
 
78
78
  ```ruby
79
79
  plugin :rodauth do
data/doc/release_notes/0_9_2.md ADDED
@@ -0,0 +1,10 @@
1
+ ### 0.9.2 (11/05/2022)
2
+
3
+ #### Bugfixes
4
+
5
+ * Fixed remaining namespacing fix issues requiring usage of `require "rodauth-oauth"`.
6
+ * Fixed wrong expectation of database for resource-server mode when `:oauth_management_base` plugin was used.
7
+ * oidc: fixed incorrect grant creation flow whenn using `nonce` param.
8
+ * oidc: fixed jwt encoding regression when not setting encryption method/algorithmm for client applications.
9
+ * templates: added missing jwks field to the "New oauth application" form.
10
+ * Several fixes on the example OIDC applications, mostly around CSRF breakage when using latest version of `omniauth`.
data/lib/rodauth/features/oauth_application_management.rb CHANGED
@@ -33,7 +33,7 @@ module Rodauth
33
33
 
34
34
  translatable_method :oauth_applications_name_label, "Name"
35
35
  translatable_method :oauth_applications_description_label, "Description"
36
- translatable_method :oauth_applications_scopes_label, "Scopes"
36
+ translatable_method :oauth_applications_scopes_label, "Default scopes"
37
37
  translatable_method :oauth_applications_contacts_label, "Contacts"
38
38
  translatable_method :oauth_applications_tos_uri_label, "Terms of service"
39
39
  translatable_method :oauth_applications_policy_uri_label, "Policy"
data/lib/rodauth/features/oauth_jwt.rb CHANGED
@@ -1,5 +1,6 @@
1
1
  # frozen-string-literal: true
2
2
 
3
+ require "rodauth/oauth/version"
3
4
  require "rodauth/oauth/ttl_store"
4
5
 
5
6
  module Rodauth
@@ -38,6 +39,9 @@ module Rodauth
38
39
 
39
40
  translatable_method :oauth_applications_jwt_public_key_label, "Public key"
40
41
 
42
+ auth_value_method :oauth_application_jwt_public_key_param, "jwt_public_key"
43
+ auth_value_method :oauth_application_jwks_param, "jwks"
44
+
41
45
  auth_value_method :oauth_jwt_keys, {}
42
46
  auth_value_method :oauth_jwt_key, nil
43
47
  auth_value_method :oauth_jwt_public_key, nil
data/lib/rodauth/features/oauth_jwt_bearer_grant.rb CHANGED
@@ -1,5 +1,6 @@
1
1
  # frozen-string-literal: true
2
2
 
3
+ require "rodauth/oauth/version"
3
4
  require "rodauth/oauth/ttl_store"
4
5
 
5
6
  module Rodauth
data/lib/rodauth/features/oauth_management_base.rb CHANGED
@@ -48,6 +48,10 @@ module Rodauth
48
48
 
49
49
  def post_configure
50
50
  super
51
+
52
+ # TODO: remove this in v1, when resource-server mode does not load all of the provider features.
53
+ return unless db
54
+
51
55
  db.extension :pagination
52
56
  end
53
57
 
data/lib/rodauth/features/oidc.rb CHANGED
@@ -120,7 +120,8 @@ module Rodauth
120
120
  jwks: oauth_application_jwks,
121
121
  encryption_algorithm: @oauth_application[oauth_applications_userinfo_encrypted_response_alg_column],
122
122
  encryption_method: @oauth_application[oauth_applications_userinfo_encrypted_response_enc_column]
123
- }
123
+ }.compact
124
+
124
125
  jwt = jwt_encode(
125
126
  oidc_claims,
126
127
  signing_algorithm: algo,
@@ -315,7 +316,7 @@ module Rodauth
315
316
  def create_oauth_grant(create_params = {})
316
317
  return super unless (nonce = param_or_nil("nonce"))
317
318
 
318
- super(oauth_grants_nonce_column => nonce)
319
+ super(create_params.merge(oauth_grants_nonce_column => nonce))
319
320
  end
320
321
 
321
322
  def create_oauth_token_from_authorization_code(oauth_grant, create_params)
@@ -357,7 +358,8 @@ module Rodauth
357
358
  signing_algorithm: oauth_application[oauth_applications_id_token_signed_response_alg_column] || oauth_jwt_algorithm,
358
359
  encryption_algorithm: oauth_application[oauth_applications_id_token_encrypted_response_alg_column],
359
360
  encryption_method: oauth_application[oauth_applications_id_token_encrypted_response_enc_column]
360
- }
361
+ }.compact
362
+
361
363
  oauth_token[:id_token] = jwt_encode(id_token_claims, **params)
362
364
  end
363
365
 
data/lib/rodauth/oauth/version.rb CHANGED
@@ -2,6 +2,6 @@
2
2
 
3
3
  module Rodauth
4
4
  module OAuth
5
- VERSION = "0.9.1"
5
+ VERSION = "0.9.2"
6
6
  end
7
7
  end
data/locales/en.yml CHANGED
@@ -19,7 +19,7 @@ en:
19
19
  oauth_management_pagination_next_button: "Next"
20
20
  oauth_applications_name_label: "Name"
21
21
  oauth_applications_description_label: "Description"
22
- oauth_applications_scopes_label: "Scopes"
22
+ oauth_applications_scopes_label: "Default scopes"
23
23
  oauth_applications_contacts_label: "Contacts"
24
24
  oauth_applications_homepage_url_label: "Homepage URL"
25
25
  oauth_applications_tos_uri_label: "Terms of Service URL"
data/templates/jwks_field.str CHANGED
@@ -1,4 +1,4 @@
1
1
  <div class="form-group">
2
2
  <label for="name">#{rodauth.oauth_applications_jwks_label}#{rodauth.input_field_label_suffix}</label>
3
- #{rodauth.input_field_string(rodauth.oauth_application_jwks_param, "jwks", :type=>"text")}
3
+ <textarea id="jwks" class="form-control" name="#{rodauth.oauth_application_jwks_param}" rows="3"></textarea>
4
4
  </div>
data/templates/jwt_public_key_field.str CHANGED
@@ -1,4 +1,4 @@
1
1
  <div class="form-group">
2
2
  <label for="name">#{rodauth.oauth_applications_jwt_public_key_label}#{rodauth.input_field_label_suffix}</label>
3
- #{rodauth.input_field_string(rodauth.oauth_application_jwt_public_key_param, "jwt_public_key", :type=>"text")}
3
+ #{rodauth.input_field_string(rodauth.oauth_application_jwt_public_key_param, "jwt_public_key", :type=>"text", :required=>false)}
4
4
  </div>
data/templates/new_oauth_application.str CHANGED
@@ -11,7 +11,7 @@
11
11
  if rodauth.features.include?(:oauth_jwt)
12
12
  <<-HTML
13
13
  #{rodauth.render('jwt_public_key_field')}
14
- #{rodauth.render('jws_jwk_field')}
14
+ #{rodauth.render('jwks_field')}
15
15
  HTML
16
16
  end
17
17
  }
data/templates/scope_field.str CHANGED
@@ -1,8 +1,9 @@
1
1
  <fieldset class="form-group">
2
+ <legend>#{rodauth.oauth_applications_scopes_label}</legend>
2
3
  #{
3
4
  rodauth.oauth_application_scopes.map do |scope|
4
- "<div class=\"form-check checkbox\">" +
5
- "<input id=\"#{scope}\" type=\"checkbox\" name=\"#{rodauth.oauth_application_scopes_param}[]\" value=\"#{scope}\">" +
5
+ "<div class=\"form-group form-check\">" +
6
+ "<input id=\"#{scope}\" type=\"checkbox\" class=\"form-check-input\" name=\"#{rodauth.oauth_application_scopes_param}[]\" value=\"#{scope}\">" +
6
7
  "<label for=\"#{scope}\">#{scope}</label>" +
7
8
  "</div>"
8
9
  end.join
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: rodauth-oauth
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.9.1
4
+ version: 0.9.2
5
5
  platform: ruby
6
6
  authors:
7
7
  - Tiago Cardoso
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2022-05-08 00:00:00.000000000 Z
11
+ date: 2022-05-11 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: rodauth
@@ -58,6 +58,7 @@ extra_rdoc_files:
58
58
  - doc/release_notes/0_8_0.md
59
59
  - doc/release_notes/0_9_0.md
60
60
  - doc/release_notes/0_9_1.md
61
+ - doc/release_notes/0_9_2.md
61
62
  files:
62
63
  - CHANGELOG.md
63
64
  - LICENSE.txt
@@ -87,6 +88,7 @@ files:
87
88
  - doc/release_notes/0_8_0.md
88
89
  - doc/release_notes/0_9_0.md
89
90
  - doc/release_notes/0_9_1.md
91
+ - doc/release_notes/0_9_2.md
90
92
  - lib/generators/rodauth/oauth/install_generator.rb
91
93
  - lib/generators/rodauth/oauth/templates/app/models/oauth_application.rb
92
94
  - lib/generators/rodauth/oauth/templates/app/models/oauth_grant.rb