signet 0.17.0 → 0.19.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 13bd869943add17b04e66089d5c1a5d34a8d6053c55fb4dc389bc9e3a83c36ae
4
- data.tar.gz: 17a0094e4ef483d07ea945155956d81a06423a8d57abc725d326b49c2cb62171
3
+ metadata.gz: 13fbdf2ef81b9b3fd51060e1a41624ad6bac62c6980eca00905cd88e8f053be8
4
+ data.tar.gz: 3b04aaebc576451c9de4e3661eb441cd6d0bd6d3a7bdf63493eeaecdd819ede4
5
5
  SHA512:
6
- metadata.gz: c6817470226e95dd4535bb7316b98c2b95d6ef70a8b9a1466656018fc9e642a02901390e0b40562e7ac7ea3a6acfefdb07d3317c6879453bb23ca07090bd9643
7
- data.tar.gz: d49ad82ef1cbf8fab14b74370f07e3567c3f2594045e3cf82ec5f72f69f93ebe47954bff340fe7c472fb31f6269bbe012fec8e24f369167e59a519bfc02ff13b
6
+ metadata.gz: 9c11f05eb845cd94228ab7e10b656bd9ea9c7d63ebc7dc4fb2413a12901d3803b2bd6de48dfa77fb68fb842effb42bf65c5ca1ce5ff90bdbd1a0ac6806630a15
7
+ data.tar.gz: 46097fea3a8a754b9b8e31476f50270fb8d6c48df3ff69f537546bfd6437de3ef58dff3f0d1ff355d378d54e82a05c6a4b6509dd647ba912705abe252b182d62
data/CHANGELOG.md CHANGED
@@ -1,5 +1,17 @@
1
1
  # Release History
2
2
 
3
+ ### 0.19.0 (2024-02-01)
4
+
5
+ #### Features
6
+
7
+ * Update minimum Ruby version to 2.7
8
+
9
+ ### 0.18.0 (2023-09-01)
10
+
11
+ #### Features
12
+
13
+ * Expose Granted Scopes while fetching credentials ([#230](https://github.com/googleapis/signet/issues/230))
14
+
3
15
  ### 0.17.0 (2022-06-23)
4
16
 
5
17
  * Updated minimum Ruby version to 2.6
data/README.md CHANGED
@@ -59,11 +59,11 @@ Be sure `https://rubygems.org` is in your gem sources.
59
59
 
60
60
  ## Supported Ruby Versions
61
61
 
62
- This library is supported on Ruby 2.5+.
62
+ This library is supported on Ruby 2.7+.
63
63
 
64
64
  Google provides official support for Ruby versions that are actively supported
65
- by Ruby Core—that is, Ruby versions that are either in normal maintenance or in
66
- security maintenance, and not end of life. Currently, this means Ruby 2.5 and
67
- later. Older versions of Ruby _may_ still work, but are unsupported and not
68
- recommended. See https://www.ruby-lang.org/en/downloads/branches/ for details
69
- about the Ruby support schedule.
65
+ by Ruby Core—that is, Ruby versions that are either in normal maintenance or
66
+ in security maintenance, and not end of life. Older versions of Ruby _may_
67
+ still work, but are unsupported and not recommended. See
68
+ https://www.ruby-lang.org/en/downloads/branches/ for details about the Ruby
69
+ support schedule.
@@ -75,7 +75,7 @@ module Signet # :nodoc:
75
75
  args = args.first.to_ary
76
76
  end
77
77
  if args.all? { |value| value.is_a? Array }
78
- parameters = args.each_with_object({}) { |(k, v), h| h[k] = v; }
78
+ parameters = args.each_with_object({}) { |(k, v), h| h[k] = v }
79
79
  @key = key_from_hash.call parameters
80
80
  @secret = secret_from_hash.call parameters
81
81
  elsif args.size == 2
@@ -350,7 +350,7 @@ module Signet # :nodoc:
350
350
  query_values = parsed_uri.query_values || {}
351
351
  if options[:additional_parameters]
352
352
  query_values = query_values.merge(
353
- options[:additional_parameters].each_with_object({}) { |(k, v), h| h[k] = v; }
353
+ options[:additional_parameters].each_with_object({}) { |(k, v), h| h[k] = v }
354
354
  )
355
355
  end
356
356
  query_values["oauth_token"] = temporary_credential_key if temporary_credential_key
@@ -32,52 +32,54 @@ module Signet
32
32
  #
33
33
  # @param [Hash] options
34
34
  # The configuration parameters for the client.
35
- # - <code>:authorization_uri</code> -
35
+ # - `:authorization_uri` -
36
36
  # The authorization server's HTTP endpoint capable of
37
37
  # authenticating the end-user and obtaining authorization.
38
- # - <code>:token_credential_uri</code> -
38
+ # - `:token_credential_uri` -
39
39
  # The authorization server's HTTP endpoint capable of issuing
40
40
  # tokens and refreshing expired tokens.
41
- # - <code>:client_id</code> -
41
+ # - `:client_id` -
42
42
  # A unique identifier issued to the client to identify itself to the
43
43
  # authorization server.
44
- # - <code>:client_secret</code> -
44
+ # - `:client_secret` -
45
45
  # A shared symmetric secret issued by the authorization server,
46
46
  # which is used to authenticate the client.
47
- # - <code>:scope</code> -
47
+ # - `:scope` -
48
48
  # The scope of the access request, expressed either as an Array
49
49
  # or as a space-delimited String.
50
- # - <code>:target_audience</code> -
50
+ # - `:target_audience` -
51
51
  # The final target audience for ID tokens fetched by this client,
52
52
  # as a String.
53
- # - <code>:state</code> -
53
+ # - `:state` -
54
54
  # An arbitrary string designed to allow the client to maintain state.
55
- # - <code>:code</code> -
55
+ # - `:code` -
56
56
  # The authorization code received from the authorization server.
57
- # - <code>:redirect_uri</code> -
57
+ # - `:redirect_uri` -
58
58
  # The redirection URI used in the initial request.
59
- # - <code>:username</code> -
59
+ # - `:username` -
60
60
  # The resource owner's username.
61
- # - <code>:password</code> -
61
+ # - `:password` -
62
62
  # The resource owner's password.
63
- # - <code>:issuer</code> -
63
+ # - `:issuer` -
64
64
  # Issuer ID when using assertion profile
65
- # - <code>:person</code> -
65
+ # - `:person` -
66
66
  # Target user for assertions
67
- # - <code>:expiry</code> -
67
+ # - `:expiry` -
68
68
  # Number of seconds assertions are valid for
69
- # - <code>:signing_key</code> -
69
+ # - `:signing_key` -
70
70
  # Signing key when using assertion profile
71
- # - <code>:refresh_token</code> -
71
+ # - `:refresh_token` -
72
72
  # The refresh token associated with the access token
73
73
  # to be refreshed.
74
- # - <code>:access_token</code> -
74
+ # - `:access_token` -
75
75
  # The current access token for this client.
76
- # - <code>:id_token</code> -
76
+ # - `:id_token` -
77
77
  # The current ID token for this client.
78
- # - <code>:extension_parameters</code> -
78
+ # - `:extension_parameters` -
79
79
  # When using an extension grant type, this the set of parameters used
80
80
  # by that extension.
81
+ # - `:granted_scopes` -
82
+ # All scopes granted by authorization server.
81
83
  #
82
84
  # @example
83
85
  # client = Signet::OAuth2::Client.new(
@@ -109,6 +111,7 @@ module Signet
109
111
  @state = nil
110
112
  @username = nil
111
113
  @access_type = nil
114
+ @granted_scopes = nil
112
115
  update! options
113
116
  end
114
117
 
@@ -117,56 +120,58 @@ module Signet
117
120
  #
118
121
  # @param [Hash] options
119
122
  # The configuration parameters for the client.
120
- # - <code>:authorization_uri</code> -
123
+ # - `:authorization_uri` -
121
124
  # The authorization server's HTTP endpoint capable of
122
125
  # authenticating the end-user and obtaining authorization.
123
- # - <code>:token_credential_uri</code> -
126
+ # - `:token_credential_uri` -
124
127
  # The authorization server's HTTP endpoint capable of issuing
125
128
  # tokens and refreshing expired tokens.
126
- # - <code>:client_id</code> -
129
+ # - `:client_id` -
127
130
  # A unique identifier issued to the client to identify itself to the
128
131
  # authorization server.
129
- # - <code>:client_secret</code> -
132
+ # - `:client_secret` -
130
133
  # A shared symmetric secret issued by the authorization server,
131
134
  # which is used to authenticate the client.
132
- # - <code>:scope</code> -
135
+ # - `:scope` -
133
136
  # The scope of the access request, expressed either as an Array
134
137
  # or as a space-delimited String.
135
- # - <code>:target_audience</code> -
138
+ # - `:target_audience` -
136
139
  # The final target audience for ID tokens fetched by this client,
137
140
  # as a String.
138
- # - <code>:state</code> -
141
+ # - `:state` -
139
142
  # An arbitrary string designed to allow the client to maintain state.
140
- # - <code>:code</code> -
143
+ # - `:code` -
141
144
  # The authorization code received from the authorization server.
142
- # - <code>:redirect_uri</code> -
145
+ # - `:redirect_uri` -
143
146
  # The redirection URI used in the initial request.
144
- # - <code>:username</code> -
147
+ # - `:username` -
145
148
  # The resource owner's username.
146
- # - <code>:password</code> -
149
+ # - `:password` -
147
150
  # The resource owner's password.
148
- # - <code>:issuer</code> -
151
+ # - `:issuer` -
149
152
  # Issuer ID when using assertion profile
150
- # - <code>:audience</code> -
153
+ # - `:audience` -
151
154
  # Target audience for assertions
152
- # - <code>:person</code> -
155
+ # - `:person` -
153
156
  # Target user for assertions
154
- # - <code>:expiry</code> -
157
+ # - `:expiry` -
155
158
  # Number of seconds assertions are valid for
156
- # - <code>:signing_key</code> -
159
+ # - `:signing_key` -
157
160
  # Signing key when using assertion profile
158
- # - <code>:refresh_token</code> -
161
+ # - `:refresh_token` -
159
162
  # The refresh token associated with the access token
160
163
  # to be refreshed.
161
- # - <code>:access_token</code> -
164
+ # - `:access_token` -
162
165
  # The current access token for this client.
163
- # - <code>:access_type</code> -
166
+ # - `:access_type` -
164
167
  # The current access type parameter for #authorization_uri.
165
- # - <code>:id_token</code> -
168
+ # - `:id_token` -
166
169
  # The current ID token for this client.
167
- # - <code>:extension_parameters</code> -
170
+ # - `:extension_parameters` -
168
171
  # When using an extension grant type, this is the set of parameters used
169
172
  # by that extension.
173
+ # - `:granted_scopes` -
174
+ # All scopes granted by authorization server.
170
175
  #
171
176
  # @example
172
177
  # client.update!(
@@ -253,7 +258,7 @@ module Signet
253
258
  self.access_token = options[:access_token] if options.key? :access_token
254
259
  self.refresh_token = options[:refresh_token] if options.key? :refresh_token
255
260
  self.id_token = options[:id_token] if options.key? :id_token
256
-
261
+ self.granted_scopes = options[:granted_scopes] if options.key? :granted_scopes
257
262
  self
258
263
  end
259
264
 
@@ -611,7 +616,7 @@ module Signet
611
616
  # @param [Integer, String] new_expiry
612
617
  # Assertion expiry, in seconds
613
618
  def expiry= new_expiry
614
- @expiry = new_expiry ? new_expiry.to_i : nil
619
+ @expiry = new_expiry&.to_i
615
620
  end
616
621
 
617
622
  ##
@@ -823,6 +828,33 @@ module Signet
823
828
  @expires_at = normalize_timestamp new_expires_at
824
829
  end
825
830
 
831
+ ##
832
+ # Returns the scopes granted by the authorization server.
833
+ #
834
+ # @return [Array, nil] The scope of access returned by the authorization server.
835
+ def granted_scopes
836
+ @granted_scopes
837
+ end
838
+
839
+ ##
840
+ # Sets the scopes returned by authorization server for this client.
841
+ #
842
+ # @param [String, Array, nil] new_granted_scopes
843
+ # The scope of access returned by authorization server. This will
844
+ # ideally be expressed as space-delimited String.
845
+ def granted_scopes= new_granted_scopes
846
+ case new_granted_scopes
847
+ when Array
848
+ @granted_scopes = new_granted_scopes
849
+ when String
850
+ @granted_scopes = new_granted_scopes.split
851
+ when nil
852
+ @granted_scopes = nil
853
+ else
854
+ raise TypeError, "Expected Array or String, got #{new_granted_scopes.class}"
855
+ end
856
+ end
857
+
826
858
  ##
827
859
  # Returns true if the access token has expired.
828
860
  # Returns false if the token has not expired or has an nil @expires_at.
@@ -857,6 +889,7 @@ module Signet
857
889
  @code = nil
858
890
  @issued_at = nil
859
891
  @expires_at = nil
892
+ @granted_scopes = nil
860
893
  end
861
894
 
862
895
  ##
@@ -916,27 +949,28 @@ module Signet
916
949
  # @return [String] A serialized JSON representation of the client.
917
950
  def to_json *_args
918
951
  MultiJson.dump(
919
- "authorization_uri" => authorization_uri ? authorization_uri.to_s : nil,
920
- "token_credential_uri" => token_credential_uri ? token_credential_uri.to_s : nil,
952
+ "authorization_uri" => authorization_uri&.to_s,
953
+ "token_credential_uri" => token_credential_uri&.to_s,
921
954
  "client_id" => client_id,
922
955
  "client_secret" => client_secret,
923
956
  "scope" => scope,
924
957
  "target_audience" => target_audience,
925
958
  "state" => state,
926
959
  "code" => code,
927
- "redirect_uri" => redirect_uri ? redirect_uri.to_s : nil,
960
+ "redirect_uri" => redirect_uri&.to_s,
928
961
  "username" => username,
929
962
  "password" => password,
930
963
  "issuer" => issuer,
931
964
  "audience" => audience,
932
965
  "person" => person,
933
966
  "expiry" => expiry,
934
- "expires_at" => expires_at ? expires_at.to_i : nil,
967
+ "expires_at" => expires_at&.to_i,
935
968
  "signing_key" => signing_key,
936
969
  "refresh_token" => refresh_token,
937
970
  "access_token" => access_token,
938
971
  "id_token" => id_token,
939
- "extension_parameters" => extension_parameters
972
+ "extension_parameters" => extension_parameters,
973
+ "granted_scopes" => granted_scopes
940
974
  )
941
975
  end
942
976
 
@@ -1020,19 +1054,22 @@ module Signet
1020
1054
  content_type = response.header[:content_type]
1021
1055
  end
1022
1056
 
1023
- return ::Signet::OAuth2.parse_credentials body, content_type if status == 200
1024
-
1025
1057
  message = " Server message:\n#{response.body.to_s.strip}" unless body.to_s.strip.empty?
1058
+
1026
1059
  if [400, 401, 403].include? status
1027
1060
  message = "Authorization failed.#{message}"
1028
1061
  raise ::Signet::AuthorizationError.new message, response: response
1029
1062
  elsif status.to_s[0] == "5"
1030
1063
  message = "Remote server error.#{message}"
1031
1064
  raise ::Signet::RemoteServerError, message
1032
- else
1065
+ elsif status != 200
1033
1066
  message = "Unexpected status code: #{response.status}.#{message}"
1034
1067
  raise ::Signet::UnexpectedStatusError, message
1035
1068
  end
1069
+ # status == 200
1070
+ parsed_response = ::Signet::OAuth2.parse_credentials body, content_type
1071
+ parsed_response["granted_scopes"] = parsed_response.delete("scope") if parsed_response
1072
+ parsed_response
1036
1073
  end
1037
1074
 
1038
1075
  def fetch_access_token! options = {}
@@ -13,5 +13,5 @@
13
13
  # limitations under the License.
14
14
 
15
15
  module Signet
16
- VERSION = "0.17.0".freeze
16
+ VERSION = "0.19.0".freeze
17
17
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: signet
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.17.0
4
+ version: 0.19.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Bob Aman
@@ -9,7 +9,7 @@ authors:
9
9
  autorequire:
10
10
  bindir: bin
11
11
  cert_chain: []
12
- date: 2022-06-23 00:00:00.000000000 Z
12
+ date: 2024-02-13 00:00:00.000000000 Z
13
13
  dependencies:
14
14
  - !ruby/object:Gem::Dependency
15
15
  name: addressable
@@ -85,14 +85,14 @@ dependencies:
85
85
  requirements:
86
86
  - - "~>"
87
87
  - !ruby/object:Gem::Version
88
- version: 1.26.0
88
+ version: 1.27.1
89
89
  type: :development
90
90
  prerelease: false
91
91
  version_requirements: !ruby/object:Gem::Requirement
92
92
  requirements:
93
93
  - - "~>"
94
94
  - !ruby/object:Gem::Version
95
- version: 1.26.0
95
+ version: 1.27.1
96
96
  - !ruby/object:Gem::Dependency
97
97
  name: kramdown
98
98
  requirement: !ruby/object:Gem::Requirement
@@ -227,14 +227,14 @@ required_ruby_version: !ruby/object:Gem::Requirement
227
227
  requirements:
228
228
  - - ">="
229
229
  - !ruby/object:Gem::Version
230
- version: '2.6'
230
+ version: '2.7'
231
231
  required_rubygems_version: !ruby/object:Gem::Requirement
232
232
  requirements:
233
233
  - - ">="
234
234
  - !ruby/object:Gem::Version
235
235
  version: 1.3.5
236
236
  requirements: []
237
- rubygems_version: 3.3.14
237
+ rubygems_version: 3.5.3
238
238
  signing_key:
239
239
  specification_version: 4
240
240
  summary: Signet is an OAuth 1.0 / OAuth 2.0 implementation.