standard_id 0.4.0 → 0.5.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 6f6c0f3655d0ae20c828fa745d3c600bcf9b0b11521c1c498eb601d35e24e3e2
-  data.tar.gz: 1f3cca500ec2bf46a4e92b9d8d4a14c7c5fff2d898567a616094b47fd7af5312
+  metadata.gz: 956fc621df693ec184f7d65482d96c4f25d99ae55274b68681c9c6b892bde095
+  data.tar.gz: 0d5c39a196c8c9e8c99adb24fa61552698672f3df4a5bcf3d06d03b2b61e6a46
 SHA512:
-  metadata.gz: d9cb2f2cafa4ddfb0af5839168db2566769b968689a3386c5519b0dc0e06bf0a5cd1a1434df57885549000c85e5eabb2b2608b276338f969625833d09de0c118
-  data.tar.gz: 4a382d6268709dfe42bac61e60f969153e5054831345250ada9c08436f0681fe5a4b58454ffbf3c00f506ec40308f031e28ac65acd52c8484f7c1adbd0c88738
+  metadata.gz: 584c37aa6aa46abe4a576297d6d754e5632c4b710c59dd1bd2b6f8d7c5c17ac86a8aef109df15fe3de720a7d1be405af31441f833a914b3bc8bfea264b296da5
+  data.tar.gz: 1733a94c80aba6290cc5eabbe7df67f4ff145c5af18e8cb9202cd3d598b5e5569039fc729cdfed3eacfee55908fe36bf4801e706da7c0e8b544666383b7b6863

data/app/controllers/standard_id/api/base_controller.rb

@@ -5,6 +5,7 @@ module StandardId
       include StandardId::ApiAuthentication
       include StandardId::SetCurrentRequestDetails
 
+      before_action -> { Current.scope = :api if defined?(::Current) }
       before_action :validate_content_type!
 
       after_action :set_no_store_headers

data/app/controllers/standard_id/web/base_controller.rb

@@ -10,6 +10,7 @@ module StandardId
 
       layout -> { StandardId.config.web_layout.presence || "application" }
 
+      before_action -> { Current.scope = :web if defined?(::Current) }
       before_action :require_browser_session!
     end
   end

data/app/models/standard_id/authorization_code.rb

@@ -16,7 +16,7 @@ module StandardId
 
     before_validation :set_issued_and_expiry, on: :create
 
-    def self.issue!(plaintext_code:, client_id:, redirect_uri:, scope: nil, audience: nil, account: nil, code_challenge: nil, code_challenge_method: nil, metadata: {})
+    def self.issue!(plaintext_code:, client_id:, redirect_uri:, scope: nil, audience: nil, account: nil, code_challenge: nil, code_challenge_method: nil, nonce: nil, metadata: {})
       create!(
         account: account,
         code_hash: hash_for(plaintext_code),
@@ -26,6 +26,7 @@ module StandardId
         audience: audience,
         code_challenge: code_challenge,
         code_challenge_method: code_challenge_method,
+        nonce: nonce,
         issued_at: Time.current,
         expires_at: Time.current + default_ttl,
         metadata: metadata || {}

data/lib/standard_id/current_attributes.rb

@@ -3,7 +3,7 @@ module StandardId
     extend ActiveSupport::Concern
 
     included do
-      attribute :session, :account, :request_id, :ip_address, :user_agent
+      attribute :session, :account, :request_id, :ip_address, :user_agent, :scope
     end
   end
 end

data/lib/standard_id/events.rb

@@ -129,6 +129,7 @@ module StandardId
           enriched[:ip_address] ||= ::Current.ip_address if ::Current.respond_to?(:ip_address) && ::Current.ip_address.present?
           enriched[:user_agent] ||= ::Current.user_agent if ::Current.respond_to?(:user_agent) && ::Current.user_agent.present?
           enriched[:current_account] ||= ::Current.account if ::Current.respond_to?(:account) && ::Current.account.present?
+          enriched[:scope] ||= ::Current.scope if ::Current.respond_to?(:scope) && ::Current.scope.present?
         end
 
         enriched.merge(payload)

data/lib/standard_id/oauth/authorization_code_authorization_flow.rb

@@ -2,7 +2,7 @@ module StandardId
   module Oauth
     class AuthorizationCodeAuthorizationFlow < AuthorizationFlow
       expect_params :client_id, :audience
-      permit_params :scope, :redirect_uri, :state, :connection, :prompt, :organization, :invitation, :code_challenge, :code_challenge_method
+      permit_params :scope, :redirect_uri, :state, :connection, :prompt, :organization, :invitation, :code_challenge, :code_challenge_method, :nonce
 
       private
 
@@ -39,7 +39,8 @@ module StandardId
           audience: audience,
           state: state,
           code_challenge: flow_params[:code_challenge],
-          code_challenge_method: flow_params[:code_challenge_method]
+          code_challenge_method: flow_params[:code_challenge_method],
+          nonce: flow_params[:nonce]
         }
       end
     end

data/lib/standard_id/oauth/authorization_code_flow.rb

@@ -70,6 +70,10 @@ module StandardId
       def audience
         @authorization_code&.audience
       end
+
+      def nonce
+        @authorization_code&.nonce
+      end
     end
   end
 end

data/lib/standard_id/oauth/subflows/social_login_grant.rb

@@ -31,7 +31,8 @@ module StandardId
             audience: params[:audience],
             state: params[:state],
             code_challenge: params[:code_challenge],
-            code_challenge_method: params[:code_challenge_method]
+            code_challenge_method: params[:code_challenge_method],
+            nonce: params[:nonce]
           }.compact
 
           # Remove code_challenge_method if code_challenge is not present

data/lib/standard_id/oauth/subflows/traditional_code_grant.rb

@@ -31,6 +31,7 @@ module StandardId
             account: params[:current_account],
             code_challenge: params[:code_challenge],
             code_challenge_method: params[:code_challenge_method],
+            nonce: params[:nonce],
             metadata: { state: params[:state] }.compact
           )
         end

data/lib/standard_id/version.rb

@@ -1,3 +1,3 @@
 module StandardId
-  VERSION = "0.4.0"
+  VERSION = "0.5.0"
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: standard_id
 version: !ruby/object:Gem::Version
-  version: 0.4.0
+  version: 0.5.0
 platform: ruby
 authors:
 - Jaryl Sim