standard_id 0.13.0 → 0.14.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 8d7f2bce088273acf1c2601b85b0c1fc5f72cd36d465fc7370c3b9e2f651166d
|
|
4
|
+
data.tar.gz: a45562de00f147d69627dc2a377e645c167d8814e34c824eee2a38893c6727df
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: ef7e0f56d1d5575727c4a18f4b13daae6afafd58a40a0871a511feaf4b212e2d9f631033f9034f82f16833ac5f022c656fb5addd7653719f66b4892fad78ea4f
|
|
7
|
+
data.tar.gz: 1a0d7b18b6d166deba7fa54cd14bc2ddc7d6fffec7583decd984d27bcf91844da0469ebc1f1760f22e5fe9ea8cced5bd67ffabb22ee663dcb667335d094ea530
|
|
@@ -147,7 +147,10 @@ module StandardId
|
|
|
147
147
|
supported_params = provider.try(:supported_authorization_params)
|
|
148
148
|
return {} if supported_params.blank?
|
|
149
149
|
|
|
150
|
-
params.
|
|
150
|
+
# Exclude :scope from OAuth params — the route-level scope default (e.g., :user, :admin)
|
|
151
|
+
# is a StandardId auth scope, not an OAuth scope. Providers define their own default
|
|
152
|
+
# OAuth scopes (e.g., Google uses "openid email profile").
|
|
153
|
+
params.except(:scope).permit(*supported_params).to_h.compact.symbolize_keys
|
|
151
154
|
end
|
|
152
155
|
|
|
153
156
|
def generate_oauth_token
|
|
@@ -71,6 +71,13 @@ StandardConfig.schema.draw do
|
|
|
71
71
|
field :retry_delay, type: :integer, default: 30 # 30 seconds
|
|
72
72
|
field :bypass_code, type: :string, default: nil # E2E testing only — NEVER set in production
|
|
73
73
|
|
|
74
|
+
# Custom username validator for passwordless flows.
|
|
75
|
+
# When set, called before OTP generation to validate the recipient address.
|
|
76
|
+
# Must be a callable (lambda/proc) that receives (username, connection_type)
|
|
77
|
+
# and returns nil/false to proceed, or an error message string to reject.
|
|
78
|
+
# Example: ->(username, connection_type) { "Invalid email" unless MyValidator.valid?(username) }
|
|
79
|
+
field :username_validator, type: :any, default: nil
|
|
80
|
+
|
|
74
81
|
# Custom account factory for passwordless registration.
|
|
75
82
|
# When set, replaces the default find_or_create_account! logic in strategies.
|
|
76
83
|
# Must be a callable (lambda/proc) that receives (identifier:, params:, request:)
|
|
@@ -16,6 +16,7 @@ module StandardId
|
|
|
16
16
|
def start!(attrs)
|
|
17
17
|
username = attrs[:username]
|
|
18
18
|
validate_username!(username)
|
|
19
|
+
run_username_validator!(username)
|
|
19
20
|
emit_code_requested(username)
|
|
20
21
|
challenge = create_challenge!(username)
|
|
21
22
|
emit_code_generated(challenge, username)
|
|
@@ -104,6 +105,14 @@ module StandardId
|
|
|
104
105
|
request.params
|
|
105
106
|
end
|
|
106
107
|
|
|
108
|
+
def run_username_validator!(username)
|
|
109
|
+
validator = StandardId.config.passwordless.username_validator
|
|
110
|
+
return unless validator.respond_to?(:call)
|
|
111
|
+
|
|
112
|
+
error = validator.call(username, connection_type)
|
|
113
|
+
raise StandardId::InvalidRequestError, error if error.present?
|
|
114
|
+
end
|
|
115
|
+
|
|
107
116
|
def emit_code_requested(username)
|
|
108
117
|
StandardId::Events.publish(
|
|
109
118
|
StandardId::Events::PASSWORDLESS_CODE_REQUESTED,
|
data/lib/standard_id/version.rb
CHANGED