RubyGems - sorcery - Versions diffs - 0.16.3 → 0.16.5 - Mend

sorcery 0.16.3 → 0.16.5

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (14) hide show

checksums.yaml +4 -4
data/.devcontainer/Dockerfile +10 -0
data/.devcontainer/devcontainer.json +29 -0
data/.devcontainer/postcreate.sh +4 -0
data/.gitignore +1 -0
data/CHANGELOG.md +11 -0
data/lib/sorcery/controller/submodules/external.rb +1 -1
data/lib/sorcery/controller.rb +1 -1
data/lib/sorcery/model/submodules/reset_password.rb +2 -0
data/lib/sorcery/protocols/oauth2.rb +1 -0
data/lib/sorcery/version.rb +1 -1
data/sorcery.gemspec +2 -2
data/spec/shared_examples/user_reset_password_shared_examples.rb +12 -0
metadata +10 -19

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: f2d091c4af06b65d0b8640aa1664cc03370f0859a0d37ccca2865813a41956ec
-  data.tar.gz: c60ee8af595868a99ddced5363716f6593f494bb82e97a82d35769b4a1c223e4
+  metadata.gz: e28e735926cc783f48b5f8708fcdba63b66d20c54acb46197a633c3a2c27ed9f
+  data.tar.gz: c48a71718894e02b6d556143d7019b64698d938faf3d82cc97362314e5d821eb
 SHA512:
-  metadata.gz: 24281e4ee0082665b792c467fbc9f7e70a6d3f26492a66de179248b6d3c97dcabf2aa3058e44239961ffa01645708883d22e097ac28dfc2b64e38ef2743a03c3
-  data.tar.gz: 55c173b3a0ea39d8067bb26b737e57548fb67357c0969d1eb08290c8876294157f2ca7c17888874d208d88fe893840b4046bf3463c1ead9fa16c15358a9d5668
+  metadata.gz: 94876b13d7838ab273e7cf01489914dfce2cdf9f27259f2f3dcb98d62dfe126b65daf3dde018c6423e4a6fbe9b526339c85dfa978dcdf61698ce77b42f722a4d
+  data.tar.gz: 4defd2381f95ab3b89c859430a68fe9c0bb5068d09276100c80996b196448c1289057b3f8059c2d1188199bd0ae3852c6bd5c33a0701c61cd27c1acd7b692ac1

data/.devcontainer/Dockerfile ADDED Viewed

@@ -0,0 +1,10 @@
+# Which Ruby version to use. You may need to use a more restrictive version,
+# e.g. `3.0`
+ARG VARIANT=3.0
+# Pull Microsoft's ruby devcontainer base image
+FROM mcr.microsoft.com/devcontainers/ruby:${VARIANT}
+# Ensure we're running the latest bundler, as what ships with the Ruby image may
+# not be current, and bundler will auto-downgrade to match the Gemfile.lock
+RUN gem install bundler

data/.devcontainer/devcontainer.json ADDED Viewed

@@ -0,0 +1,29 @@
+{
+  "name": "Ruby",
+  "build": {
+    "dockerfile": "Dockerfile"
+  },
+  // Configure tool-specific properties.
+  "customizations": {
+    // Configure properties specific to VS Code.
+    "vscode": {
+      // Add the IDs of extensions you want installed when the container is created.
+      "extensions": [
+        "rebornix.Ruby"
+      ]
+    }
+  },
+  // Set the environment variables
+  // "runArgs": ["--env-file",".env"],
+  // Use 'forwardPorts' to make a list of ports inside the container available locally.
+  //   "forwardPorts": [],
+  // Use 'postCreateCommand' to run commands after the container is created.
+  "postCreateCommand": "bash .devcontainer/postcreate.sh",
+  // Set `remoteUser` to `root` to connect as root instead. More info: https://aka.ms/vscode-remote/containers/non-root.
+  "remoteUser": "vscode"
+}

data/.devcontainer/postcreate.sh ADDED Viewed

@@ -0,0 +1,4 @@
+#!/bin/bash
+bundle config set path vendor/bundle
+bundle install --jobs=1

data/.gitignore CHANGED Viewed

@@ -10,6 +10,7 @@ doc
 # bundler
 .bundle
+vendor
 # jeweler generated
 pkg

data/CHANGELOG.md CHANGED Viewed

@@ -1,6 +1,17 @@
 # Changelog
 ## HEAD
+## 0.16.5
+* Raise ArgumentError when calling change_password! with blank password [#333](https://github.com/Sorcery/sorcery/pull/333)
+* Update auth_scheme to oauth2 v1 defaults per v2 breaking changes [#341](https://github.com/Sorcery/sorcery/pull/341)
+## 0.16.4
+* Adapt to open request protection strategy of rails 7.0 [#318](https://github.com/Sorcery/sorcery/pull/318)
+* Update OAuth2 gem to v2 per v1 deprecation [#323](https://github.com/Sorcery/sorcery/pull/323)
+* Fixed typo in error message [#310](https://github.com/Sorcery/sorcery/pull/310)
 ## 0.16.3
 * Fix provider instantiation for plural provider names (eg. okta) [#305](https://github.com/Sorcery/sorcery/pull/305)

data/lib/sorcery/controller/submodules/external.rb CHANGED Viewed

@@ -118,7 +118,7 @@ module Sorcery
           # sends user to authenticate at the provider's website.
           # after authentication the user is redirected to the callback defined in the provider config
           def login_at(provider_name, args = {})
-            redirect_to sorcery_login_url(provider_name, args)
+            redirect_to sorcery_login_url(provider_name, args), allow_other_host: true
           end
           # tries to login the user from provider's callback

data/lib/sorcery/controller.rb CHANGED Viewed

@@ -165,7 +165,7 @@ module Sorcery
       def user_class
         @user_class ||= Config.user_class.to_s.constantize
       rescue NameError
-        raise ArgumentError, 'You have incorrectly defined user_class or have forgotten to define it in intitializer file (config.user_class = \'User\').'
+        raise ArgumentError, 'You have incorrectly defined user_class or have forgotten to define it in the initializer file (config.user_class = \'User\').'
       end
     end
   end

data/lib/sorcery/model/submodules/reset_password.rb CHANGED Viewed

@@ -131,6 +131,8 @@ module Sorcery
           end
           def change_password!(new_password)
+            raise ArgumentError, 'Blank password passed to change_password!' if new_password.blank?
             change_password(new_password, raise_on_failure: true)
           end

data/lib/sorcery/protocols/oauth2.rb CHANGED Viewed

@@ -32,6 +32,7 @@ module Sorcery
       def build_client(options = {})
         defaults = {
           site: @site,
+          auth_scheme: :request_body,
           ssl: { ca_file: Sorcery::Controller::Config.ca_file }
         }
         ::OAuth2::Client.new(

data/lib/sorcery/version.rb CHANGED Viewed

@@ -1,3 +1,3 @@
 module Sorcery
-  VERSION = '0.16.3'.freeze
+  VERSION = '0.16.5'.freeze
 end

data/sorcery.gemspec CHANGED Viewed

@@ -34,8 +34,8 @@ Gem::Specification.new do |s|
   s.required_ruby_version = '>= 2.4.9'
   s.add_dependency 'bcrypt', '~> 3.1'
-  s.add_dependency 'oauth', '~> 0.5', '>= 0.5.5'
-  s.add_dependency 'oauth2', '~> 1.0', '>= 0.8.0'
+  s.add_dependency 'oauth', '>= 0.6'
+  s.add_dependency 'oauth2', '~> 2.0'
   s.add_development_dependency 'byebug', '~> 10.0.0'
   s.add_development_dependency 'rspec-rails', '~> 3.7.0'

data/spec/shared_examples/user_reset_password_shared_examples.rb CHANGED Viewed

@@ -328,6 +328,18 @@ shared_examples_for 'rails_3_reset_password_model' do
       expect(user.reset_password_token).to be_nil
     end
+    it 'when change_password! is called with empty argument, raise an exception' do
+      expect {
+        user.change_password!('')
+      }.to raise_error(ArgumentError, 'Blank password passed to change_password!')
+    end
+    it 'when change_password! is called with nil argument, raise an exception' do
+      expect {
+        user.change_password!(nil)
+      }.to raise_error(ArgumentError, 'Blank password passed to change_password!')
+    end
     it 'when change_password is called, deletes reset_password_token and calls #save' do
       new_password = 'blabulsdf'

metadata CHANGED Viewed

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: sorcery
 version: !ruby/object:Gem::Version
-  version: 0.16.3
+  version: 0.16.5
 platform: ruby
 authors:
 - Noam Ben Ari
@@ -12,7 +12,7 @@ authors:
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2022-02-23 00:00:00.000000000 Z
+date: 2023-04-11 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bcrypt
@@ -32,42 +32,30 @@ dependencies:
   name: oauth
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '0.5'
     - - ">="
       - !ruby/object:Gem::Version
-        version: 0.5.5
+        version: '0.6'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '0.5'
     - - ">="
       - !ruby/object:Gem::Version
-        version: 0.5.5
+        version: '0.6'
 - !ruby/object:Gem::Dependency
   name: oauth2
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.0'
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: 0.8.0
+        version: '2.0'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.0'
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: 0.8.0
+        version: '2.0'
 - !ruby/object:Gem::Dependency
   name: byebug
   requirement: !ruby/object:Gem::Requirement
@@ -194,6 +182,9 @@ executables: []
 extensions: []
 extra_rdoc_files: []
 files:
+- ".devcontainer/Dockerfile"
+- ".devcontainer/devcontainer.json"
+- ".devcontainer/postcreate.sh"
 - ".document"
 - ".github/FUNDING.yml"
 - ".github/ISSUE_TEMPLATE.md"
@@ -391,7 +382,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.2.3
+rubygems_version: 3.2.33
 signing_key:
 specification_version: 4
 summary: Magical authentication for Rails applications