test_openid_connect 0.1.3 → 0.1.7
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/Gemfile.lock +1 -1
- data/lib/omniauth/strategies/test_openid_connect.rb +18 -19
- data/test_openid_connect.gemspec +1 -1
- metadata +1 -1
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: a9411261ba29e4fcbf9f47bd7f38c7a66cbb3089496837d7b3686d1d1ab1ea2d
|
|
4
|
+
data.tar.gz: 49ee1c3f569623cb7ea231899e0d23d15854370dbccf690f6d55a07f3e6ecfef
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: a3ad45715e4aabf3241f8068a6b3850e10b223917a2dcb2ca36cbb404c5dad340af35b274b9d355d01188fa199c71a183e7768e2a35fddc2cd2356ef84c77313
|
|
7
|
+
data.tar.gz: 3cb9fb4b65ab2e07b8e1554ad7429925e1493a2dc26f4a9bcd70dcdb0962370f77dac82b231b5863bd80f10c26ee7bf8b316bc21f1f75530f43262b29b0c01a1
|
data/Gemfile.lock
CHANGED
|
@@ -2,19 +2,20 @@
|
|
|
2
2
|
|
|
3
3
|
require 'omniauth-oauth2'
|
|
4
4
|
|
|
5
|
-
module OmniAuth
|
|
5
|
+
module ::OmniAuth
|
|
6
6
|
module OpenIDConnect
|
|
7
7
|
class DiscoveryError < Error; end
|
|
8
8
|
end
|
|
9
9
|
|
|
10
10
|
module Strategies
|
|
11
11
|
class OpenIDConnect < OmniAuth::Strategies::OAuth2
|
|
12
|
+
puts "*/*/*/*/*/*/*/*/*/*/*/*/*/*/"
|
|
12
13
|
option :scope, "openid"
|
|
13
14
|
option :discovery, true
|
|
14
15
|
option :use_userinfo, true
|
|
15
|
-
option :cache, lambda { |key, &blk| blk.call } # Default no-op cache
|
|
16
|
-
option :error_handler, lambda { |error, message| nil } # Default no-op handler
|
|
17
|
-
option :verbose_logger, lambda { |message| nil } # Default no-op handler
|
|
16
|
+
# option :cache, lambda { |key, &blk| blk.call } # Default no-op cache
|
|
17
|
+
# option :error_handler, lambda { |error, message| nil } # Default no-op handler
|
|
18
|
+
# option :verbose_logger, lambda { |message| nil } # Default no-op handler
|
|
18
19
|
option :passthrough_authorize_options, [:p]
|
|
19
20
|
option :passthrough_token_options, [:p]
|
|
20
21
|
|
|
@@ -26,16 +27,14 @@ module OmniAuth
|
|
|
26
27
|
userinfo_endpoint: nil,
|
|
27
28
|
auth_scheme: :basic_auth
|
|
28
29
|
|
|
29
|
-
def verbose_log(message)
|
|
30
|
-
|
|
31
|
-
end
|
|
30
|
+
# def verbose_log(message)
|
|
31
|
+
# options.verbose_logger.call(message)
|
|
32
|
+
# end
|
|
32
33
|
|
|
33
34
|
def discover!
|
|
34
|
-
verbose_log("Fetching discovery document from #{options[:client_options][:discovery_document]}")
|
|
35
|
-
discovery_document =
|
|
36
|
-
|
|
37
|
-
end
|
|
38
|
-
verbose_log("Discovery document loaded\n\n#{discovery_document.to_yaml}")
|
|
35
|
+
# verbose_log("Fetching discovery document from #{options[:client_options][:discovery_document]}")
|
|
36
|
+
discovery_document = client.request(:get, options[:client_options][:discovery_document], parse: :json).parsed
|
|
37
|
+
# verbose_log("Discovery document loaded\n\n#{discovery_document.to_yaml}")
|
|
39
38
|
|
|
40
39
|
discovery_params = {
|
|
41
40
|
authorize_url: "authorization_endpoint",
|
|
@@ -88,8 +87,8 @@ module OmniAuth
|
|
|
88
87
|
end
|
|
89
88
|
|
|
90
89
|
def callback_phase
|
|
91
|
-
if request.params["error"] && request.params["error_description"]
|
|
92
|
-
verbose_log("Error handled, redirecting\n\n#{response.to_yaml}")
|
|
90
|
+
if request.params["error"] && request.params["error_description"]
|
|
91
|
+
# verbose_log("Error handled, redirecting\n\n#{response.to_yaml}")
|
|
93
92
|
return redirect(response)
|
|
94
93
|
end
|
|
95
94
|
|
|
@@ -116,7 +115,7 @@ module OmniAuth
|
|
|
116
115
|
# token was acquired via a direct server-server connection to the issuer
|
|
117
116
|
@id_token_info ||= begin
|
|
118
117
|
decoded = JWT.decode(access_token['id_token'], nil, false).first
|
|
119
|
-
verbose_log("Loaded JWT\n\n#{decoded.to_yaml}")
|
|
118
|
+
# verbose_log("Loaded JWT\n\n#{decoded.to_yaml}")
|
|
120
119
|
JWT::Verify.verify_claims(decoded,
|
|
121
120
|
verify_iss: true,
|
|
122
121
|
iss: options[:client_options][:site],
|
|
@@ -128,7 +127,7 @@ module OmniAuth
|
|
|
128
127
|
verify_iat: false,
|
|
129
128
|
verify_jti: false
|
|
130
129
|
)
|
|
131
|
-
verbose_log("Verified JWT\n\n#{decoded.to_yaml}")
|
|
130
|
+
# verbose_log("Verified JWT\n\n#{decoded.to_yaml}")
|
|
132
131
|
|
|
133
132
|
decoded
|
|
134
133
|
end
|
|
@@ -137,7 +136,7 @@ module OmniAuth
|
|
|
137
136
|
def userinfo_response
|
|
138
137
|
@raw_info ||= begin
|
|
139
138
|
info = access_token.get(options[:client_options][:userinfo_endpoint]).parsed
|
|
140
|
-
verbose_log("Fetched userinfo response\n\n#{info.to_yaml}")
|
|
139
|
+
# verbose_log("Fetched userinfo response\n\n#{info.to_yaml}")
|
|
141
140
|
info
|
|
142
141
|
end
|
|
143
142
|
|
|
@@ -199,9 +198,9 @@ module OmniAuth
|
|
|
199
198
|
end
|
|
200
199
|
end
|
|
201
200
|
|
|
202
|
-
OmniAuth.config.add_camelization '
|
|
201
|
+
OmniAuth.config.add_camelization 'oauth2', 'OpenIDConnect'
|
|
203
202
|
|
|
204
|
-
module OmniAuth
|
|
203
|
+
module ::OmniAuth
|
|
205
204
|
module Strategies
|
|
206
205
|
autoload :OpenIDConnect, "lib/omniauth/test_openid_connect.rb"
|
|
207
206
|
end
|
data/test_openid_connect.gemspec
CHANGED