RubyGems - signet - Versions diffs - 0.15.0 → 0.16.0 - Mend

signet 0.15.0 → 0.16.0

Files changed (32) hide show

checksums.yaml +4 -4
data/.yardopts +11 -0
data/CHANGELOG.md +13 -0
data/CODE_OF_CONDUCT.md +43 -0
data/SECURITY.md +7 -0
data/lib/signet/oauth_1/credential.rb +1 -1
data/lib/signet/oauth_1/signature_methods/hmac_sha1.rb +1 -1
data/lib/signet/oauth_1/signature_methods/plaintext.rb +1 -1
data/lib/signet/oauth_1/signature_methods/rsa_sha1.rb +1 -1
data/lib/signet/oauth_1.rb +1 -1
data/lib/signet/oauth_2/client.rb +17 -12
data/lib/signet/oauth_2.rb +1 -1
data/lib/signet/version.rb +1 -1
data/lib/signet.rb +1 -1
metadata +24 -24
data/Gemfile +0 -8
data/Rakefile +0 -112
data/signet.gemspec +0 -45
data/spec/signet/oauth_1/client_spec.rb +0 -810
data/spec/signet/oauth_1/credential_spec.rb +0 -169
data/spec/signet/oauth_1/server_spec.rb +0 -839
data/spec/signet/oauth_1/signature_methods/hmac_sha1_spec.rb +0 -61
data/spec/signet/oauth_1/signature_methods/plaintext_spec.rb +0 -61
data/spec/signet/oauth_1/signature_methods/rsa_sha1_spec.rb +0 -126
data/spec/signet/oauth_1_spec.rb +0 -1036
data/spec/signet/oauth_2/client_spec.rb +0 -1254
data/spec/signet/oauth_2_spec.rb +0 -194
data/spec/signet_spec.rb +0 -78
data/spec/spec.opts +0 -2
data/spec/spec_helper.rb +0 -10
data/spec/spec_helper_spec.rb +0 -17
data/website/index.html +0 -95

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 9d6cce64f05742592f4945a2a394ab1fc239107e9c5d8145f38a4189689e46ea
-  data.tar.gz: a20b6a81fac21113e804c8cbac63db3464da5357aa7428bc17509212217e50a3
+  metadata.gz: 7bc1d85dc2f8c727e54436bb38a284576cb81ea5ee0b0af58860678cb069bde9
+  data.tar.gz: e0b149f3ee841fe5f30af08a2d0e6cebbfbc173d1370d4e4a8fc3b2109fa54a0
 SHA512:
-  metadata.gz: b1f2c4ab3031aa346f118bc152f129559436f92ae8b3d0008f3a2efa51fb82e0e45fec0f999c6984772be58661c90f6fbe1a1c973cf6ccdec8329696da4e1101
-  data.tar.gz: fc909052f1a89ec0f79d9b9a36ca7196cef5be879595e8c1e7699050ced959b3062881e1418fc9b8258985819f3c2bb64e7e9f60008f25e5ddccb6375934c2f5
+  metadata.gz: 2ef091d389b3ac52e87dba96f8647a072acf11a346244600bca551b23ead3c24bb73d75209af7c79c261769d5589053c84a3bb837fb57f2b063e19d3516d0ad4
+  data.tar.gz: d8a38134dd48453e0e976639b7ded1838ee363ab3b27917847f27e8de98adcb9f60f28359a90459a75537a03595417bd7275e4b3f291019cb13ea4eb09383495

data/.yardopts ADDED Viewed

@@ -0,0 +1,11 @@
+--no-private
+--title=Signet
+--markup markdown
+--markup-provider redcarpet
+./lib/**/*.rb
+-
+README.md
+CHANGELOG.md
+CODE_OF_CONDUCT.md
+LICENSE

data/CHANGELOG.md CHANGED Viewed

@@ -1,5 +1,18 @@
 # Release History
+## [0.16.0](https://www.github.com/googleapis/signet/compare/signet/v0.15.0...signet/v0.16.0) (2021-09-03)
+### Features
+* Support for fetching an access token with basic auth ([3c43e32](https://www.github.com/googleapis/signet/commit/3c43e3201d79b1e2303e672f3c07e060c5079423))
+### Bug Fixes
+* Remove extraneous files from the gem ([e515bb6](https://www.github.com/googleapis/signet/commit/e515bb627a64e32ec885412fed8b01eb73067ee0))
+* Require addressable 2.8 to remediate vulnerability ([9a2f899](https://www.github.com/googleapis/signet/commit/9a2f8996f522538c4bb7998535e2a50331d564fc))
 ## [0.15.0](https://www.github.com/googleapis/signet/compare/v0.14.1...v0.15.0) (2021-03-04)

data/CODE_OF_CONDUCT.md ADDED Viewed

@@ -0,0 +1,43 @@
+# Contributor Code of Conduct
+As contributors and maintainers of this project,
+and in the interest of fostering an open and welcoming community,
+we pledge to respect all people who contribute through reporting issues,
+posting feature requests, updating documentation,
+submitting pull requests or patches, and other activities.
+We are committed to making participation in this project
+a harassment-free experience for everyone,
+regardless of level of experience, gender, gender identity and expression,
+sexual orientation, disability, personal appearance,
+body size, race, ethnicity, age, religion, or nationality.
+Examples of unacceptable behavior by participants include:
+* The use of sexualized language or imagery
+* Personal attacks
+* Trolling or insulting/derogatory comments
+* Public or private harassment
+* Publishing other's private information,
+such as physical or electronic
+addresses, without explicit permission
+* Other unethical or unprofessional conduct.
+Project maintainers have the right and responsibility to remove, edit, or reject
+comments, commits, code, wiki edits, issues, and other contributions
+that are not aligned to this Code of Conduct.
+By adopting this Code of Conduct,
+project maintainers commit themselves to fairly and consistently
+applying these principles to every aspect of managing this project.
+Project maintainers who do not follow or enforce the Code of Conduct
+may be permanently removed from the project team.
+This code of conduct applies both within project spaces and in public spaces
+when an individual is representing the project or its community.
+Instances of abusive, harassing, or otherwise unacceptable behavior
+may be reported by opening an issue
+or contacting one or more of the project maintainers.
+This Code of Conduct is adapted from the [Contributor Covenant](http://contributor-covenant.org), version 1.2.0,
+available at [http://contributor-covenant.org/version/1/2/0/](http://contributor-covenant.org/version/1/2/0/)

data/SECURITY.md ADDED Viewed

@@ -0,0 +1,7 @@
+# Security Policy
+To report a security issue, please use [g.co/vulnz](https://g.co/vulnz).
+The Google Security Team will respond within 5 working days of your report on g.co/vulnz.
+We use g.co/vulnz for our intake, and do coordination and disclosure here using GitHub Security Advisory to privately discuss and fix the issue.

data/lib/signet/oauth_1/credential.rb CHANGED Viewed

@@ -12,7 +12,7 @@
 #    See the License for the specific language governing permissions and
 #    limitations under the License.
-module Signet #:nodoc:
+module Signet # :nodoc:
   module OAuth1
     class Credential
       ##

data/lib/signet/oauth_1/signature_methods/hmac_sha1.rb CHANGED Viewed

@@ -1,7 +1,7 @@
 require "openssl"
 require "signet"
-module Signet #:nodoc:
+module Signet # :nodoc:
   module OAuth1
     module HMACSHA1
       def self.generate_signature \

data/lib/signet/oauth_1/signature_methods/plaintext.rb CHANGED Viewed

@@ -1,6 +1,6 @@
 require "signet"
-module Signet #:nodoc:
+module Signet # :nodoc:
   module OAuth1
     module PLAINTEXT
       def self.generate_signature \

data/lib/signet/oauth_1/signature_methods/rsa_sha1.rb CHANGED Viewed

@@ -3,7 +3,7 @@ require "base64"
 require "openssl"
 require "signet"
-module Signet #:nodoc:
+module Signet # :nodoc:
   module OAuth1
     module RSASHA1
       def self.generate_signature \

data/lib/signet/oauth_1.rb CHANGED Viewed

@@ -3,7 +3,7 @@ require "signet"
 require "securerandom"
-module Signet #:nodoc:
+module Signet # :nodoc:
   module OAuth1
     OUT_OF_BAND = "oob".freeze

data/lib/signet/oauth_2/client.rb CHANGED Viewed

@@ -880,13 +880,13 @@ module Signet
       end
       def grant_type= new_grant_type
-        case new_grant_type
-        when "authorization_code", "refresh_token",
-            "password", "client_credentials"
-          @grant_type = new_grant_type
-        else
-          @grant_type = Addressable::URI.parse new_grant_type
-        end
+        @grant_type =
+          case new_grant_type
+          when "authorization_code", "refresh_token", "password", "client_credentials"
+            new_grant_type
+          else
+            Addressable::URI.parse new_grant_type
+          end
       end
       def to_jwt options = {}
@@ -972,8 +972,8 @@ module Signet
           end
           parameters.merge! extension_parameters
         end
-        parameters["client_id"] = client_id unless client_id.nil?
-        parameters["client_secret"] = client_secret unless client_secret.nil?
+        parameters["client_id"] = client_id if !options[:use_basic_auth] && !client_id.nil?
+        parameters["client_secret"] = client_secret if !options[:use_basic_auth] && !client_secret.nil?
         if options[:scope]
           parameters["scope"] = options[:scope]
         elsif options[:use_configured_scope] && !scope.nil?
@@ -990,10 +990,11 @@ module Signet
         options = deep_hash_normalize options
         client = options[:connection] ||= Faraday.default_connection
-        url = Addressable::URI.parse(token_credential_uri).normalize.to_s
+        url = Addressable::URI.parse token_credential_uri
         parameters = generate_access_token_request options
         if client.is_a? Faraday::Connection
-          response = client.post url,
+          client.basic_auth client_id, client_secret if options[:use_basic_auth]
+          response = client.post url.normalize.to_s,
                                  Addressable::URI.form_encode(parameters),
                                  "Content-Type" => "application/x-www-form-urlencoded"
           status = response.status.to_i
@@ -1001,7 +1002,11 @@ module Signet
           content_type = response.headers["Content-type"]
         else
           # Hurley
-          response = client.post url, parameters
+          if options[:use_basic_auth]
+            url.user = client_id
+            url.password = client_secret
+          end
+          response = client.post url.normalize.to_s, parameters
           status = response.status_code.to_i
           body = response.body
           content_type = response.header[:content_type]

data/lib/signet/oauth_2.rb CHANGED Viewed

@@ -16,7 +16,7 @@ require "base64"
 require "signet"
 require "multi_json"
-module Signet #:nodoc:
+module Signet # :nodoc:
   ##
   # An implementation of http://tools.ietf.org/html/draft-ietf-oauth-v2-10
   #

data/lib/signet/version.rb CHANGED Viewed

@@ -13,5 +13,5 @@
 #    limitations under the License.
 module Signet
-  VERSION = "0.15.0".freeze
+  VERSION = "0.16.0".freeze
 end

data/lib/signet.rb CHANGED Viewed

@@ -14,7 +14,7 @@
 require "signet/version"
-module Signet #:nodoc:
+module Signet # :nodoc:
   def self.parse_auth_param_list auth_param_string
     # Production rules from:
     # http://tools.ietf.org/html/draft-ietf-httpbis-p1-messaging-12

metadata CHANGED Viewed

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: signet
 version: !ruby/object:Gem::Version
-  version: 0.15.0
+  version: 0.16.0
 platform: ruby
 authors:
 - Bob Aman
@@ -9,7 +9,7 @@ authors:
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2021-03-04 00:00:00.000000000 Z
+date: 2021-09-03 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: addressable
@@ -17,14 +17,14 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '2.3'
+        version: '2.8'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '2.3'
+        version: '2.8'
 - !ruby/object:Gem::Dependency
   name: faraday
   requirement: !ruby/object:Gem::Requirement
@@ -127,14 +127,28 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '12.0'
+        version: '13.0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '12.0'
+        version: '13.0'
+- !ruby/object:Gem::Dependency
+  name: redcarpet
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.0'
 - !ruby/object:Gem::Dependency
   name: rspec
   requirement: !ruby/object:Gem::Requirement
@@ -192,11 +206,12 @@ extensions: []
 extra_rdoc_files:
 - README.md
 files:
+- ".yardopts"
 - CHANGELOG.md
-- Gemfile
+- CODE_OF_CONDUCT.md
 - LICENSE
 - README.md
-- Rakefile
+- SECURITY.md
 - lib/signet.rb
 - lib/signet/errors.rb
 - lib/signet/oauth_1.rb
@@ -209,21 +224,6 @@ files:
 - lib/signet/oauth_2.rb
 - lib/signet/oauth_2/client.rb
 - lib/signet/version.rb
-- signet.gemspec
-- spec/signet/oauth_1/client_spec.rb
-- spec/signet/oauth_1/credential_spec.rb
-- spec/signet/oauth_1/server_spec.rb
-- spec/signet/oauth_1/signature_methods/hmac_sha1_spec.rb
-- spec/signet/oauth_1/signature_methods/plaintext_spec.rb
-- spec/signet/oauth_1/signature_methods/rsa_sha1_spec.rb
-- spec/signet/oauth_1_spec.rb
-- spec/signet/oauth_2/client_spec.rb
-- spec/signet/oauth_2_spec.rb
-- spec/signet_spec.rb
-- spec/spec.opts
-- spec/spec_helper.rb
-- spec/spec_helper_spec.rb
-- website/index.html
 homepage: https://github.com/googleapis/signet
 licenses:
 - Apache-2.0
@@ -248,7 +248,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: 1.3.5
 requirements: []
-rubygems_version: 3.2.11
+rubygems_version: 3.2.17
 signing_key:
 specification_version: 4
 summary: Signet is an OAuth 1.0 / OAuth 2.0 implementation.

data/Gemfile DELETED Viewed

@@ -1,8 +0,0 @@
-source "https://rubygems.org"
-gemspec
-gem "bundler", ">= 1.15"
-gem "gems", "~> 1.2"
-gem "hurley"
-gem "jruby-openssl", platforms: :jruby

data/Rakefile DELETED Viewed

@@ -1,112 +0,0 @@
-require "rubygems"
-require "json"
-require "rake"
-require "bundler/gem_tasks"
-task :release_gem, :tag do |_t, args|
-  tag = args[:tag]
-  raise "You must provide a tag to release." if tag.nil?
-  # Verify the tag format "vVERSION"
-  m = tag.match /v(?<version>\S*)/
-  raise "Tag #{tag} does not match the expected format." if m.nil?
-  version = m[:version]
-  raise "You must provide a version." if version.nil?
-  api_token = ENV["RUBYGEMS_API_TOKEN"]
-  require "gems"
-  if api_token
-    ::Gems.configure do |config|
-      config.key = api_token
-    end
-  end
-  Bundler.with_clean_env do
-    sh "rm -rf pkg"
-    sh "bundle update"
-    sh "bundle exec rake build"
-  end
-  path_to_be_pushed = "pkg/signet-#{version}.gem"
-  gem_was_published = nil
-  if File.file? path_to_be_pushed
-    begin
-      response = ::Gems.push File.new(path_to_be_pushed)
-      puts response
-      raise unless response.include? "Successfully registered gem:"
-      gem_was_published = true
-      puts "Successfully built and pushed signet for version #{version}"
-    rescue StandardError => e
-      gem_was_published = false
-      puts "Error while releasing signet version #{version}: #{e.message}"
-    end
-  else
-    raise "Cannot build signet for version #{version}"
-  end
-  Rake::Task["kokoro:publish_docs"].invoke if gem_was_published
-end
-task :ci do
-  header "Using Ruby - #{RUBY_VERSION}"
-  sh "bundle exec rubocop"
-  sh "bundle exec rspec"
-end
-namespace :kokoro do
-  task :load_env_vars do
-    service_account = "#{ENV['KOKORO_GFILE_DIR']}/service-account.json"
-    ENV["GOOGLE_APPLICATION_CREDENTIALS"] = service_account
-    filename = "#{ENV['KOKORO_GFILE_DIR']}/env_vars.json"
-    env_vars = JSON.parse File.read(filename)
-    env_vars.each { |k, v| ENV[k] = v }
-  end
-  task :presubmit do
-    Rake::Task["ci"].invoke
-  end
-  task :continuous do
-    Rake::Task["ci"].invoke
-  end
-  task :nightly do
-    Rake::Task["ci"].invoke
-  end
-  task :release do
-    version = "0.1.0"
-    Bundler.with_clean_env do
-      version = `bundle exec gem list`
-                .split("\n").select { |line| line.include? "signet" }
-                .first.split("(").last.split(")").first || "0.1.0"
-    end
-    Rake::Task["kokoro:load_env_vars"].invoke
-    Rake::Task["release_gem"].invoke "v#{version}"
-  end
-  task :post do
-    require_relative "rakelib/link_checker.rb"
-    link_checker = LinkChecker.new
-    link_checker.run
-    exit link_checker.exit_status
-  end
-  task :publish_docs do
-    require_relative "rakelib/devsite_builder.rb"
-    DevsiteBuilder.new(__dir__).publish
-  end
-end
-def header str, token = "#"
-  line_length = str.length + 8
-  puts ""
-  puts token * line_length
-  puts "#{token * 3} #{str} #{token * 3}"
-  puts token * line_length
-  puts ""
-end