ruby-openid 2.5.0 → 2.6.0

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.

This version of ruby-openid might be problematic. Click here for more details.

Files changed (11) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +8 -0
  3. data/lib/openid/consumer.rb +4 -2
  4. data/lib/openid/consumer/discovery.rb +18 -0
  5. data/lib/openid/consumer/discovery_manager.rb +28 -1
  6. data/lib/openid/consumer/session.rb +36 -0
  7. data/lib/openid/store/filesystem.rb +5 -9
  8. data/lib/openid/util.rb +8 -1
  9. data/lib/openid/version.rb +1 -1
  10. data/test/test_discovery_manager.rb +8 -5
  11. metadata +26 -25
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 3d186800e0c39656fbed4cbd52caa3e3f0bb9fc5
4
- data.tar.gz: 8a971700503c5c287aa46f5c4c1804300f52a921
3
+ metadata.gz: bd3bd50f7d5012fb0ca2dbac47882264537e2d0c
4
+ data.tar.gz: 71049966e5a9e4994a8876ad89486d15c4afa495
5
5
  SHA512:
6
- metadata.gz: aee76e05216b0b0954496c11d70b5df2c4a3cfe7c9f55aad74f1f1563f18891a6f7526859b695ace038556bb77ce33e152671547592a78591a8b4b1ff50d9fb2
7
- data.tar.gz: 4eefe5dcdcbe9fcce8f3846c06e3e1841bd7b703bee34c2d46193eb6d32d17ef87bfe47fda605fa73090401317e5c7390de21f7206c09a288373c4ebf8f5948f
6
+ metadata.gz: dc63fe46a5f925792ba2c4f94c701363743cb590d3cf74f63eaa204f01bb364f5baf2a44e140eae7c26bf50175cbfb2a39848f49f9c8054658107b15315c4404
7
+ data.tar.gz: 70fccef825665d1046c4f338ed735ff1b5fe841edadffdea955414381e1859a7bc74516a4938ef4cf60d64dff9a679f6301d11c76fe36059adf0d89296be7488
data/CHANGELOG.md CHANGED
@@ -1,5 +1,13 @@
1
1
  # Changelog
2
2
 
3
+ ## 2.6.0
4
+
5
+ * More safely build filenames - 1c4a90630b183e7572b8ab5f2e3a3e0c0fecd2c7
6
+ See https://github.com/openid/ruby-openid/pull/80
7
+ * The session serializer of Rails4.1 is json - b44a1eb511dec3be25a07930121bc80cacec0f1c
8
+ * Handle boolean value to fix signature issue - d65076269b77754da7db6e4b189edeeb9201600d
9
+ See https://github.com/openid/ruby-openid/pull/76
10
+
3
11
  ## 2.5.0
4
12
 
5
13
  * Revert json serialization - 8dc60e553369df2300ebb4b83a29618aff643c2c
data/lib/openid/consumer.rb CHANGED
@@ -2,6 +2,7 @@ require "openid/consumer/idres.rb"
2
2
  require "openid/consumer/checkid_request.rb"
3
3
  require "openid/consumer/associationmanager.rb"
4
4
  require "openid/consumer/responses.rb"
5
+ require "openid/consumer/session"
5
6
  require "openid/consumer/discovery_manager"
6
7
  require "openid/consumer/discovery"
7
8
  require "openid/message"
@@ -189,7 +190,8 @@ module OpenID
189
190
  #
190
191
  # store: an object that implements the interface in Store.
191
192
  def initialize(session, store)
192
- @session = session
193
+ @origin_session = session
194
+ @session = Session.new(session, OpenID::OpenIDServiceEndpoint)
193
195
  @store = store
194
196
  @session_key_prefix = 'OpenID::Consumer::'
195
197
  end
@@ -321,7 +323,7 @@ module OpenID
321
323
  end
322
324
 
323
325
  def discovery_manager(openid_identifier)
324
- DiscoveryManager.new(@session, openid_identifier, @session_key_prefix)
326
+ DiscoveryManager.new(@origin_session, openid_identifier, @session_key_prefix)
325
327
  end
326
328
 
327
329
  def cleanup_session
data/lib/openid/consumer/discovery.rb CHANGED
@@ -136,6 +136,24 @@ module OpenID
136
136
  end
137
137
  end
138
138
 
139
+ def to_session_value
140
+ Hash[*(instance_variables.map{|name| [name, instance_variable_get(name)] }.flatten(1))]
141
+ end
142
+
143
+ def ==(other)
144
+ to_session_value == other.to_session_value
145
+ end
146
+
147
+ def self.from_session_value(value)
148
+ return value unless value.is_a?(Hash)
149
+
150
+ self.new.tap do |endpoint|
151
+ value.each do |name, val|
152
+ endpoint.instance_variable_set(name, val)
153
+ end
154
+ end
155
+ end
156
+
139
157
  def self.from_basic_service_endpoint(endpoint)
140
158
  # Create a new instance of this class from the endpoint object
141
159
  # passed in.
data/lib/openid/consumer/discovery_manager.rb CHANGED
@@ -28,6 +28,33 @@ module OpenID
28
28
  def empty?
29
29
  @services.empty?
30
30
  end
31
+
32
+ def to_session_value
33
+ services = @services.map{|s| s.respond_to?(:to_session_value) ? s.to_session_value : s }
34
+ current_val = @current.respond_to?(:to_session_value) ? @current.to_session_value : @current
35
+
36
+ {
37
+ 'starting_url' => @starting_url,
38
+ 'yadis_url' => @yadis_url,
39
+ 'services' => services,
40
+ 'current' => current_val
41
+ }
42
+ end
43
+
44
+ def ==(other)
45
+ to_session_value == other.to_session_value
46
+ end
47
+
48
+ def self.from_session_value(value)
49
+ return value unless value.is_a?(Hash)
50
+
51
+ services = value['services'].map{|s| OpenID::OpenIDServiceEndpoint.from_session_value(s) }
52
+ current = OpenID::OpenIDServiceEndpoint.from_session_value(value['current'])
53
+
54
+ obj = self.new(value['starting_url'], value['yadis_url'], services)
55
+ obj.instance_variable_set("@current", current)
56
+ obj
57
+ end
31
58
  end
32
59
 
33
60
  # Manages calling discovery and tracking which endpoints have
@@ -36,7 +63,7 @@ module OpenID
36
63
  def initialize(session, url, session_key_suffix=nil)
37
64
  @url = url
38
65
 
39
- @session = session
66
+ @session = OpenID::Consumer::Session.new(session, DiscoveredServices)
40
67
  @session_key_suffix = session_key_suffix || 'auth'
41
68
  end
42
69
 
data/lib/openid/consumer/session.rb ADDED
@@ -0,0 +1,36 @@
1
+ module OpenID
2
+ class Consumer
3
+ class Session
4
+ def initialize(session, decode_klass = nil)
5
+ @session = session
6
+ @decode_klass = decode_klass
7
+ end
8
+
9
+ def [](key)
10
+ val = @session[key]
11
+ @decode_klass ? @decode_klass.from_session_value(val) : val
12
+ end
13
+
14
+ def []=(key, val)
15
+ @session[key] = to_session_value(val)
16
+ end
17
+
18
+ def keys
19
+ @session.keys
20
+ end
21
+
22
+ private
23
+
24
+ def to_session_value(val)
25
+ case val
26
+ when Array
27
+ val.map{|ele| to_session_value(ele) }
28
+ when Hash
29
+ Hash[*(val.map{|k,v| [k, to_session_value(v)] }.flatten(1))]
30
+ else
31
+ val.respond_to?(:to_session_value) ? val.to_session_value : val
32
+ end
33
+ end
34
+ end
35
+ end
36
+ end
data/lib/openid/store/filesystem.rb CHANGED
@@ -230,15 +230,11 @@ module OpenID
230
230
  # create a safe filename from a url
231
231
  def filename_escape(s)
232
232
  s = '' if s.nil?
233
- filename_chunks = []
234
- s.split('').each do |c|
235
- if @@FILENAME_ALLOWED.index(c)
236
- filename_chunks << c
237
- else
238
- filename_chunks << sprintf("_%02X", c.bytes.first)
239
- end
240
- end
241
- filename_chunks.join("")
233
+ filename_chunks = s.each_char.flat_map {|c|
234
+ @@FILENAME_ALLOWED.include?(c) ? c : c.bytes.map {|b|
235
+ "_%02X" % b
236
+ }
237
+ }.join
242
238
  end
243
239
 
244
240
  def safe64(s)
data/lib/openid/util.rb CHANGED
@@ -47,7 +47,14 @@ module OpenID
47
47
  def Util.urlencode(args)
48
48
  a = []
49
49
  args.each do |key, val|
50
- val = '' unless val
50
+ if val.nil?
51
+ val = ''
52
+ elsif !!val == val
53
+ #it's boolean let's convert it to string representation
54
+ # or else CGI::escape won't like it
55
+ val = val.to_s
56
+ end
57
+
51
58
  a << (CGI::escape(key) + "=" + CGI::escape(val))
52
59
  end
53
60
  a.join("&")
data/lib/openid/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module OpenID
2
- VERSION = "2.5.0"
2
+ VERSION = "2.6.0"
3
3
  end
data/test/test_discovery_manager.rb CHANGED
@@ -66,11 +66,12 @@ module OpenID
66
66
 
67
67
  class TestDiscoveryManager < Test::Unit::TestCase
68
68
  def setup
69
- @session = {}
69
+ session = {}
70
+ @session = OpenID::Consumer::Session.new(session, OpenID::Consumer::DiscoveredServices)
70
71
  @url = "http://unittest.com/"
71
72
  @key_suffix = "testing"
72
73
  @yadis_url = "http://unittest.com/xrds"
73
- @manager = PassthroughDiscoveryManager.new(@session, @url, @key_suffix)
74
+ @manager = PassthroughDiscoveryManager.new(session, @url, @key_suffix)
74
75
  @key = @manager.session_key
75
76
  end
76
77
 
@@ -100,7 +101,8 @@ module OpenID
100
101
  # services in @disco.
101
102
  assert_equal(@manager.get_next_service, "two")
102
103
  assert_equal(@manager.get_next_service, "three")
103
- assert_equal(@session[@key], disco)
104
+ disco = @session[@key]
105
+ assert_equal(disco.current, "three")
104
106
 
105
107
  # The manager is exhausted and should be deleted and a new one
106
108
  # should be created.
@@ -136,8 +138,8 @@ module OpenID
136
138
  assert_equal(@manager.cleanup, nil)
137
139
  assert_equal(@session[@key], nil)
138
140
 
139
- @session[@key] = disco
140
141
  disco.next
142
+ @session[@key] = disco
141
143
  assert_equal(@manager.cleanup, "one")
142
144
  assert_equal(@session[@key], nil)
143
145
 
@@ -188,10 +190,11 @@ module OpenID
188
190
  returned_disco = @manager.create_manager(@yadis_url, services)
189
191
 
190
192
  stored_disco = @session[@key]
193
+ assert_equal(stored_disco, returned_disco)
194
+
191
195
  assert(stored_disco.for_url?(@yadis_url))
192
196
  assert_equal(stored_disco.next, "created")
193
197
 
194
- assert_equal(stored_disco, returned_disco)
195
198
 
196
199
  # Calling create_manager with a preexisting manager should
197
200
  # result in StandardError.
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: ruby-openid
3
3
  version: !ruby/object:Gem::Version
4
- version: 2.5.0
4
+ version: 2.6.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - JanRain, Inc
8
8
  autorequire: openid
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2014-01-29 00:00:00.000000000 Z
11
+ date: 2014-10-27 00:00:00.000000000 Z
12
12
  dependencies: []
13
13
  description:
14
14
  email: openid@janrain.com
@@ -20,16 +20,27 @@ extra_rdoc_files:
20
20
  - LICENSE
21
21
  - UPGRADE.md
22
22
  files:
23
+ - CHANGELOG.md
24
+ - INSTALL.md
25
+ - LICENSE
26
+ - NOTICE
27
+ - README.md
28
+ - UPGRADE.md
29
+ - examples/README
30
+ - examples/active_record_openid_store/README
31
+ - examples/active_record_openid_store/XXX_add_open_id_store_to_db.rb
32
+ - examples/active_record_openid_store/XXX_upgrade_open_id_store.rb
23
33
  - examples/active_record_openid_store/init.rb
24
34
  - examples/active_record_openid_store/lib/association.rb
25
35
  - examples/active_record_openid_store/lib/nonce.rb
26
36
  - examples/active_record_openid_store/lib/open_id_setting.rb
27
37
  - examples/active_record_openid_store/lib/openid_ar_store.rb
28
- - examples/active_record_openid_store/README
29
38
  - examples/active_record_openid_store/test/store_test.rb
30
- - examples/active_record_openid_store/XXX_add_open_id_store_to_db.rb
31
- - examples/active_record_openid_store/XXX_upgrade_open_id_store.rb
32
39
  - examples/discover
40
+ - examples/rails_openid/Gemfile
41
+ - examples/rails_openid/README
42
+ - examples/rails_openid/README.rdoc
43
+ - examples/rails_openid/Rakefile
33
44
  - examples/rails_openid/app/assets/images/rails.png
34
45
  - examples/rails_openid/app/assets/javascripts/application.js
35
46
  - examples/rails_openid/app/assets/stylesheets/application.css
@@ -44,6 +55,7 @@ files:
44
55
  - examples/rails_openid/app/views/layouts/server.html.erb
45
56
  - examples/rails_openid/app/views/login/index.html.erb
46
57
  - examples/rails_openid/app/views/server/decide.html.erb
58
+ - examples/rails_openid/config.ru
47
59
  - examples/rails_openid/config/application.rb
48
60
  - examples/rails_openid/config/boot.rb
49
61
  - examples/rails_openid/config/database.yml
@@ -60,11 +72,9 @@ files:
60
72
  - examples/rails_openid/config/initializers/wrap_parameters.rb
61
73
  - examples/rails_openid/config/locales/en.yml
62
74
  - examples/rails_openid/config/routes.rb
63
- - examples/rails_openid/config.ru
64
75
  - examples/rails_openid/db/development.sqlite3
65
76
  - examples/rails_openid/db/seeds.rb
66
77
  - examples/rails_openid/doc/README_FOR_APP
67
- - examples/rails_openid/Gemfile
68
78
  - examples/rails_openid/log/development.log
69
79
  - examples/rails_openid/public/404.html
70
80
  - examples/rails_openid/public/422.html
@@ -80,19 +90,17 @@ files:
80
90
  - examples/rails_openid/public/javascripts/effects.js
81
91
  - examples/rails_openid/public/javascripts/prototype.js
82
92
  - examples/rails_openid/public/robots.txt
83
- - examples/rails_openid/Rakefile
84
- - examples/rails_openid/README
85
- - examples/rails_openid/README.rdoc
86
93
  - examples/rails_openid/script/rails
87
94
  - examples/rails_openid/test/functional/login_controller_test.rb
88
95
  - examples/rails_openid/test/functional/server_controller_test.rb
89
96
  - examples/rails_openid/test/performance/browsing_test.rb
90
97
  - examples/rails_openid/test/test_helper.rb
91
- - examples/README
92
98
  - lib/hmac/hmac.rb
93
99
  - lib/hmac/sha1.rb
94
100
  - lib/hmac/sha2.rb
101
+ - lib/openid.rb
95
102
  - lib/openid/association.rb
103
+ - lib/openid/consumer.rb
96
104
  - lib/openid/consumer/associationmanager.rb
97
105
  - lib/openid/consumer/checkid_request.rb
98
106
  - lib/openid/consumer/discovery.rb
@@ -100,7 +108,7 @@ files:
100
108
  - lib/openid/consumer/html_parse.rb
101
109
  - lib/openid/consumer/idres.rb
102
110
  - lib/openid/consumer/responses.rb
103
- - lib/openid/consumer.rb
111
+ - lib/openid/consumer/session.rb
104
112
  - lib/openid/cryptutil.rb
105
113
  - lib/openid/dh.rb
106
114
  - lib/openid/extension.rb
@@ -135,7 +143,6 @@ files:
135
143
  - lib/openid/yadis/xrds.rb
136
144
  - lib/openid/yadis/xri.rb
137
145
  - lib/openid/yadis/xrires.rb
138
- - lib/openid.rb
139
146
  - test/data/accept.txt
140
147
  - test/data/dh.txt
141
148
  - test/data/example-xrds.xml
@@ -163,13 +170,13 @@ files:
163
170
  - test/data/test_discover/yadis_idp_delegate.xml
164
171
  - test/data/test_discover/yadis_no_delegate.xml
165
172
  - test/data/test_xrds/=j3h.2007.11.14.xrds
173
+ - test/data/test_xrds/README
166
174
  - test/data/test_xrds/delegated-20060809-r1.xrds
167
175
  - test/data/test_xrds/delegated-20060809-r2.xrds
168
176
  - test/data/test_xrds/delegated-20060809.xrds
169
177
  - test/data/test_xrds/no-xrd.xml
170
178
  - test/data/test_xrds/not-xrds.xml
171
179
  - test/data/test_xrds/prefixsometimes.xrds
172
- - test/data/test_xrds/README
173
180
  - test/data/test_xrds/ref.xrds
174
181
  - test/data/test_xrds/sometimesprefix.xrds
175
182
  - test/data/test_xrds/spoof1.xrds
@@ -219,12 +226,6 @@ files:
219
226
  - test/test_yadis_discovery.rb
220
227
  - test/testutil.rb
221
228
  - test/util.rb
222
- - NOTICE
223
- - CHANGELOG.md
224
- - README.md
225
- - INSTALL.md
226
- - LICENSE
227
- - UPGRADE.md
228
229
  homepage: https://github.com/openid/ruby-openid
229
230
  licenses:
230
231
  - Ruby
@@ -232,23 +233,23 @@ licenses:
232
233
  metadata: {}
233
234
  post_install_message:
234
235
  rdoc_options:
235
- - --main
236
+ - "--main"
236
237
  - README.md
237
238
  require_paths:
238
239
  - lib
239
240
  required_ruby_version: !ruby/object:Gem::Requirement
240
241
  requirements:
241
- - - '>='
242
+ - - ">="
242
243
  - !ruby/object:Gem::Version
243
244
  version: '0'
244
245
  required_rubygems_version: !ruby/object:Gem::Requirement
245
246
  requirements:
246
- - - '>='
247
+ - - ">="
247
248
  - !ruby/object:Gem::Version
248
249
  version: '0'
249
250
  requirements: []
250
251
  rubyforge_project:
251
- rubygems_version: 2.0.3
252
+ rubygems_version: 2.2.2
252
253
  signing_key:
253
254
  specification_version: 4
254
255
  summary: A library for consuming and serving OpenID identities.
@@ -280,13 +281,13 @@ test_files:
280
281
  - test/data/test_discover/yadis_idp_delegate.xml
281
282
  - test/data/test_discover/yadis_no_delegate.xml
282
283
  - test/data/test_xrds/=j3h.2007.11.14.xrds
284
+ - test/data/test_xrds/README
283
285
  - test/data/test_xrds/delegated-20060809-r1.xrds
284
286
  - test/data/test_xrds/delegated-20060809-r2.xrds
285
287
  - test/data/test_xrds/delegated-20060809.xrds
286
288
  - test/data/test_xrds/no-xrd.xml
287
289
  - test/data/test_xrds/not-xrds.xml
288
290
  - test/data/test_xrds/prefixsometimes.xrds
289
- - test/data/test_xrds/README
290
291
  - test/data/test_xrds/ref.xrds
291
292
  - test/data/test_xrds/sometimesprefix.xrds
292
293
  - test/data/test_xrds/spoof1.xrds