signet 0.12.0 → 0.15.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: c80485d96774a5d31447471f38ed3f976ed3cbc751f26d9758798adee4e3fced
-  data.tar.gz: 70a563487e412a15c01799c09ec1fed027152e024053272c15858743cf4a58ca
+  metadata.gz: 9d6cce64f05742592f4945a2a394ab1fc239107e9c5d8145f38a4189689e46ea
+  data.tar.gz: a20b6a81fac21113e804c8cbac63db3464da5357aa7428bc17509212217e50a3
 SHA512:
-  metadata.gz: e004219f1e71c272772bb4892574d8bcc2725fc8f3fb0b474612839661f0a272400ffff50149499b27f91d6287aaeb41fe1065d7bd2652a0f58cdd9f2f12e1da
-  data.tar.gz: 046c9e719091f1f8d17fc324762558b2e6cb00d9b74c0ad66ec4da5bda5d8ba2a2ba6f2e070baacd6af2853d2ca30c1ea198c8ec59bb6fcdf9f63ac11929df9c
+  metadata.gz: b1f2c4ab3031aa346f118bc152f129559436f92ae8b3d0008f3a2efa51fb82e0e45fec0f999c6984772be58661c90f6fbe1a1c973cf6ccdec8329696da4e1101
+  data.tar.gz: fc909052f1a89ec0f79d9b9a36ca7196cef5be879595e8c1e7699050ced959b3062881e1418fc9b8258985819f3c2bb64e7e9f60008f25e5ddccb6375934c2f5

data/CHANGELOG.md

@@ -1,38 +1,67 @@
-### 0.12.0 / 2019-10-08
+# Release History
+
+## [0.15.0](https://www.github.com/googleapis/signet/compare/v0.14.1...v0.15.0) (2021-03-04)
+
+
+### Features
+
+* Drop support for Ruby 2.4 and add support for Ruby 3.0 ([bd6fe87](https://www.github.com/googleapis/signet/commit/bd6fe87948f8fc7702720dae651e82f4fd348b5d))
+
+## 0.14.1 / 2021-01-27
+
+* Fix OAuth1 signature with duplicate query param names
+
+## 0.14.0 / 2020-03-31
+
+* Support for fetching ID tokens from google oauth2 endpoint.
+
+## 0.13.2 / 2020-03-25
+
+Rerelease of 0.13.1.
+
+## 0.13.1 / 2020-03-24
+
+* Update github url
+
+## 0.13.0 / 2020-02-24
+
+* Support Faraday 1.x
+
+## 0.12.0 / 2019-10-08
 
 * This version now requires Ruby 2.4.
 * Support array values of the "aud" field.
 * Normalize the version constant to match related gems.
 
-### 0.11.0 / 2018-10-08
+## 0.11.0 / 2018-10-08
 
 * Add constant time comparison for oauth signatures.
 
-### 0.10.0 / 2018-09-21
+## 0.10.0 / 2018-09-21
 
 * Add UnexpectedStatusError class for http status errors that are not handled.
 
-### 0.9.2 / 2018-09-12
+## 0.9.2 / 2018-09-12
 
 * Update issued_at correctly when it is set simultaneously with expires_in.
 
-### 0.9.1 / 2018-08-29
+## 0.9.1 / 2018-08-29
 
 * Warn on EOL ruby versions.
 * Fix DateTime normalization.
 
-### 0.9.0 / 2018-08-20
+## 0.9.0 / 2018-08-20
 
 * Add RemoteServerError class for 5xx level errors.
 * Allow to_json to be called with arguments
 * Expires_in now sets and reflects current expires_at value
 * Expires_within(0) now returns false when expires_at is nil.
 
-### 0.8.1 / 2017-10-13
+## 0.8.1 / 2017-10-13
 
 * Restore support for Ruby 1.9.3
 
-### 0.8.0 / 2017-10-12
+## 0.8.0 / 2017-10-12
 
 * Ensure the "expires_at" attribute is recalculated on refresh (chutzimir)
 * Fix warnings on Ruby 2.4 (koic)
@@ -40,20 +69,20 @@
 * Provide signature verification algorithm for compatibility with ruby-jwt 2.0 (jurriaan)
 * Signet::OAuth2::Client#decoded_id_token can take a keyfinder block (mvastola)
 
-### 0.7.3 / 2016-06-20
+## 0.7.3 / 2016-06-20
 
 * Fix timestamp parsing on 32-bit systems
 * Fix expiration check when issue/expiry times are nil
 
-### 0.7.2 / 2015-12-21
+## 0.7.2 / 2015-12-21
 
 * Don't assume Faraday form encoding middleware is present
 
-### 0.7.1 / 2015-12-17
+## 0.7.1 / 2015-12-17
 
 * Fix an issue with date parsing
 
-### 0.7 / 2015-12-06
+## 0.7 / 2015-12-06
 
 * No longer overwrite SSL environment variables.
 * Tighten up date & URL (de)serialization for OAuth2 client
@@ -62,7 +91,7 @@
 * Add expires_within(sec) method to oauth2 client to facilitate proactive
   refreshes
 
-### 0.6.1 / 2015-06-08
+## 0.6.1 / 2015-06-08
 
 * Fix language warnings for unused & shadowed variables ((@blowmage)[])
 * Update SSL cert path for OSX ((@gambaroff)[])
@@ -70,14 +99,14 @@
 * Fix incorrect parameter name in OAuth2 client docs ((@samuelreh)[])
 * Fix symbolization of URL parameter keys ((@swifthand)[])
 
-### 0.6.0 / 2014-12-05
+## 0.6.0 / 2014-12-05
 
 * Drop support for ruby versions < 1.9.3
 * Update gem dependencies and lock down versions tighter
 * Allow form encoded responses when exchanging OAuth 2 authorization codes
 * Normalize options keys for indifferent access
 
-### 0.5.1 / 2014-06-08
+## 0.5.1 / 2014-06-08
 
 * Allow Hash objects to be used to initialize authorization URI
 * Added PLAINTEXT and RSA-SHA1 signature methods to OAuth 1 support
@@ -85,53 +114,53 @@
 * The `approval_prompt` option no longer defaults to `:force`
 * The `approval_prompt` and `prompt` are now mutually exclusive.
 
-### 0.5.0 / 2013-05-31
+## 0.5.0 / 2013-05-31
 
 * Switched to faraday 0.9.0
 * Added `expires_at` option
 
-### 0.4.5
+## 0.4.5
 
 * Minor documentation fixes
 * Allow postmessage as a valid redirect_uri in OAuth 2
 
-### 0.4.4
+## 0.4.4
 
 * Add support for assertion profile
 
-### 0.4.3
+## 0.4.3
 
 * Added method to clear credentials
 
-### 0.4.2
+## 0.4.2
 
 * Backwards compatibility for MultiJson
 
-### 0.4.1
+## 0.4.1
 
 * Updated Launchy dependency
 
-### 0.4.0
+## 0.4.0
 
 * Added OAuth 1 server implementation
 * Updated Faraday dependency
 
-### 0.3.4
+## 0.3.4
 
 * Attempts to auto-detect CA cert location
 
-### 0.3.3
+## 0.3.3
 
 * Request objects no longer recreated during processing
 * Faraday middleware now supported
 * Streamed requests now supported
 * Fixed assertion profiles; client ID/secret omission no longer an error
 
-### 0.3.2
+## 0.3.2
 
 * Added audience security check for ID tokens
 
-### 0.3.1
+## 0.3.1
 
 * Fixed a warning while determining grant type
 * Removed requirement that a connection be supplied when authorizing requests
@@ -139,52 +168,52 @@
 * Fixed some documentation stuff around markdown formatting
 * Added support for Google Code wiki format output when generating docs
 
-### 0.3.0
+## 0.3.0
 
 * Replaced httpadapter gem dependency with faraday
 * Replaced json gem dependency with multi_json
 * Updated to OAuth 2.0 draft 22
 * Complete test coverage
 
-### 0.2.4
+## 0.2.4
 
 * Updated to incorporate changes to the Google OAuth endpoints
 
-### 0.2.3
+## 0.2.3
 
 * Added support for JWT-formatted ID tokens.
 * Added :issued_at option to #update_token! method.
 
-### 0.2.2
+## 0.2.2
 
 * Lowered requirements for json gem
 
-### 0.2.1
+## 0.2.1
 
 * Updated to keep in sync with the new httpadapter changes
 
-### 0.2.0
+## 0.2.0
 
 * Added support for OAuth 2.0 draft 10
 
-### 0.1.4
+## 0.1.4
 
 * Added support for a two-legged authorization flow
 
-### 0.1.3
+## 0.1.3
 
 * Fixed issue with headers passed in as a Hash
 * Fixed incompatibilities with Ruby 1.8.6
 
-### 0.1.2
+## 0.1.2
 
 * Fixed bug with overzealous normalization
 
-### 0.1.1
+## 0.1.1
 
 * Fixed bug with missing StringIO require
 * Fixed issue with dependency on unreleased features of addressable
 
-### 0.1.0
+## 0.1.0
 
 * Initial release

data/README.md

@@ -8,7 +8,6 @@
 </dl>
 
 [![Gem Version](https://badge.fury.io/rb/signet.svg)](https://badge.fury.io/rb/signet)
-[![Build Status](https://secure.travis-ci.org/google/signet.png)](http://travis-ci.org/google/signet)
 
 ## Description
 
@@ -32,8 +31,8 @@ require 'signet/oauth_2/client'
 client = Signet::OAuth2::Client.new(
   :authorization_uri => 'https://accounts.google.com/o/oauth2/auth',
   :token_credential_uri =>  'https://oauth2.googleapis.com/token',
-  :client_id => '44410190108-74nkm6jc5e3vvjqis803frkvmu88cu3a.apps.googleusercontent.com',
-  :client_secret => 'X1NUhvO-rQr9sm8uUSMY8i7v',
+  :client_id => "#{YOUR_CLIENT_ID}.apps.googleusercontent.com",
+  :client_secret => YOUR_CLIENT_SECRET,
   :scope => 'email profile',
   :redirect_uri => 'https://example.client.com/oauth'
 )
@@ -60,8 +59,11 @@ Be sure `https://rubygems.org` is in your gem sources.
 
 ## Supported Ruby Versions
 
-This library requires Ruby 2.4 or later.
-In general, this library supports Ruby versions that are considered current and
-supported by Ruby Core (that is, Ruby versions that are either in normal
-maintenance or in security maintenance).
-See https://www.ruby-lang.org/en/downloads/branches/ for further details.
+This library is supported on Ruby 2.5+.
+
+Google provides official support for Ruby versions that are actively supported
+by Ruby Core—that is, Ruby versions that are either in normal maintenance or in
+security maintenance, and not end of life. Currently, this means Ruby 2.5 and
+later. Older versions of Ruby _may_ still work, but are unsupported and not
+recommended. See https://www.ruby-lang.org/en/downloads/branches/ for details
+about the Ruby support schedule.

data/Rakefile

@@ -8,7 +8,7 @@ task :release_gem, :tag do |_t, args|
   raise "You must provide a tag to release." if tag.nil?
 
   # Verify the tag format "vVERSION"
-  m = tag.match(/signet\/v(?<version>\S*)/)
+  m = tag.match /v(?<version>\S*)/
   raise "Tag #{tag} does not match the expected format." if m.nil?
 
   version = m[:version]
@@ -30,16 +30,23 @@ task :release_gem, :tag do |_t, args|
   end
 
   path_to_be_pushed = "pkg/signet-#{version}.gem"
+  gem_was_published = nil
   if File.file? path_to_be_pushed
     begin
-      ::Gems.push File.new(path_to_be_pushed)
+      response = ::Gems.push File.new(path_to_be_pushed)
+      puts response
+      raise unless response.include? "Successfully registered gem:"
+      gem_was_published = true
       puts "Successfully built and pushed signet for version #{version}"
     rescue StandardError => e
+      gem_was_published = false
       puts "Error while releasing signet version #{version}: #{e.message}"
     end
   else
     raise "Cannot build signet for version #{version}"
   end
+
+  Rake::Task["kokoro:publish_docs"].invoke if gem_was_published
 end
 
 task :ci do
@@ -77,7 +84,21 @@ namespace :kokoro do
                 .first.split("(").last.split(")").first || "0.1.0"
     end
     Rake::Task["kokoro:load_env_vars"].invoke
-    Rake::Task["release_gem"].invoke "signet/v#{version}"
+    Rake::Task["release_gem"].invoke "v#{version}"
+  end
+
+  task :post do
+    require_relative "rakelib/link_checker.rb"
+
+    link_checker = LinkChecker.new
+    link_checker.run
+    exit link_checker.exit_status
+  end
+
+  task :publish_docs do
+    require_relative "rakelib/devsite_builder.rb"
+
+    DevsiteBuilder.new(__dir__).publish
   end
 end
 

data/lib/signet.rb

@@ -15,8 +15,6 @@
 require "signet/version"
 
 module Signet #:nodoc:
-  # rubocop:disable Metrics/AbcSize
-  # rubocop:disable Metrics/MethodLength
   def self.parse_auth_param_list auth_param_string
     # Production rules from:
     # http://tools.ietf.org/html/draft-ietf-httpbis-p1-messaging-12
@@ -54,11 +52,12 @@ module Signet #:nodoc:
     # Now parse the auth-param pair strings & turn them into key-value pairs.
     (auth_param_pairs.each_with_object [] do |pair, accu|
       name, value = pair.split "=", 2
-      if value =~ /^".*"$/
+      case value
+      when /^".*"$/
         value = value.gsub(/^"(.*)"$/, '\1').gsub(/\\(.)/, '\1')
-      elsif value =~ /^'.*'$/
+      when /^'.*'$/
         value = value.gsub(/^'(.*)'$/, '\1').gsub(/\\(.)/, '\1')
-      elsif value =~ %r{[\(\)<>@,;:\\\"/\[\]?={}]}
+      when %r{[()<>@,;:\\"/\[\]?={}]}
         # Certain special characters are not allowed
         raise ParseError,
               "Unexpected characters in auth param " \
@@ -68,6 +67,4 @@ module Signet #:nodoc:
       accu << [name, value]
     end)
   end
-  # rubocop:enable Metrics/AbcSize
-  # rubocop:enable Metrics/MethodLength
 end

data/lib/signet/oauth_1.rb

@@ -49,9 +49,8 @@ module Signet #:nodoc:
     #
     # @return [String] A random nonce.
     def self.generate_nonce
-      SecureRandom.random_bytes(16).unpack("H*").join ""
+      SecureRandom.random_bytes(16).unpack("H*").join
     end
-    # rubocop:disable Metrics/MethodLength
 
     ##
     # Processes an options <code>Hash</code> to find a credential key value.
@@ -65,7 +64,7 @@ module Signet #:nodoc:
     # @return [String] The credential key value.
     def self.extract_credential_key_option credential_type, options
       # Normalize key to String to allow indifferent access.
-      options = options.each_with_object({}) { |(k, v), accu| accu[k.to_s] = v; }
+      options = options.to_h.transform_keys(&:to_s)
       credential_key = "#{credential_type}_credential_key"
       credential = "#{credential_type}_credential"
       if options[credential_key]
@@ -107,7 +106,7 @@ module Signet #:nodoc:
     # @return [String] The credential secret value.
     def self.extract_credential_secret_option credential_type, options
       # Normalize key to String to allow indifferent access.
-      options = options.each_with_object({}) { |(k, v), accu| accu[k.to_s] = v; }
+      options = options.to_h.transform_keys(&:to_s)
       credential_secret = "#{credential_type}_credential_secret"
       credential = "#{credential_type}_credential"
       if options[credential_secret]
@@ -136,7 +135,6 @@ module Signet #:nodoc:
       end
       credential_secret
     end
-    # rubocop:enable Metrics/MethodLength
 
     ##
     # Normalizes a set of OAuth parameters according to the algorithm given
@@ -178,7 +176,7 @@ module Signet #:nodoc:
         query:     parsed_uri.query,
         fragment:  parsed_uri.fragment
       )
-      uri_parameters = uri.query_values.to_a
+      uri_parameters = uri.query_values(Array) || []
       uri = uri.omit(:query, :fragment).to_s
       merged_parameters =
         uri_parameters.concat(parameters.map { |k, v| [k, v] })
@@ -214,7 +212,7 @@ module Signet #:nodoc:
         realm = realm.gsub '"', '\"'
         parameter_list.unshift "realm=\"#{realm}\""
       end
-      "OAuth " + parameter_list.join(", ")
+      "OAuth #{parameter_list.join ', '}"
     end
 
     ##
@@ -228,7 +226,7 @@ module Signet #:nodoc:
       when /^OAuth$/i
         # Other token types may be supported eventually
         pairs = Signet.parse_auth_param_list(field_value[/^OAuth\s+(.*)$/i, 1])
-        return (pairs.each_with_object [] do |(k, v), accu|
+        (pairs.each_with_object [] do |(k, v), accu|
           if k != "realm"
             k = unencode k
             v = unencode v
@@ -274,24 +272,18 @@ module Signet #:nodoc:
       # be a temporary credential secret when obtaining a token credential
       # for the first time
       base_string = generate_base_string method, uri, parameters
-      parameters = parameters.each_with_object({}) { |(k, v), h| h[k.to_s] = v; }
+      parameters = parameters.to_h.transform_keys(&:to_s)
       signature_method = parameters["oauth_signature_method"]
       case signature_method
       when "HMAC-SHA1"
         require "signet/oauth_1/signature_methods/hmac_sha1"
-        return Signet::OAuth1::HMACSHA1.generate_signature(
-          base_string, client_credential_secret, token_credential_secret
-        )
+        Signet::OAuth1::HMACSHA1.generate_signature base_string, client_credential_secret, token_credential_secret
       when "RSA-SHA1"
         require "signet/oauth_1/signature_methods/rsa_sha1"
-        return Signet::OAuth1::RSASHA1.generate_signature(
-          base_string, client_credential_secret, token_credential_secret
-        )
+        Signet::OAuth1::RSASHA1.generate_signature base_string, client_credential_secret, token_credential_secret
       when "PLAINTEXT"
         require "signet/oauth_1/signature_methods/plaintext"
-        return Signet::OAuth1::PLAINTEXT.generate_signature(
-          base_string, client_credential_secret, token_credential_secret
-        )
+        Signet::OAuth1::PLAINTEXT.generate_signature base_string, client_credential_secret, token_credential_secret
       else
         raise NotImplementedError,
               "Unsupported signature method: #{signature_method}"
@@ -396,7 +388,7 @@ module Signet #:nodoc:
       raise ArgumentError, "Missing :client_credential_key parameter." if client_credential_key.nil?
       raise ArgumentError, "Missing :temporary_credential_key parameter." if temporary_credential_key.nil?
       raise ArgumentError, "Missing :verifier parameter." if options[:verifier].nil?
-      parameters = [
+      [
         ["oauth_consumer_key", client_credential_key],
         ["oauth_token", temporary_credential_key],
         ["oauth_signature_method", options[:signature_method]],
@@ -405,8 +397,6 @@ module Signet #:nodoc:
         ["oauth_verifier", options[:verifier]],
         ["oauth_version", "1.0"]
       ]
-      # No additional parameters allowed here
-      parameters
     end
 
     ##