RubyGems - twitter_oauth2 - Versions diffs - 0.3.0 → 0.4.0 - Mend

twitter_oauth2 0.3.0 → 0.4.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (5) hide show

checksums.yaml +4 -4
data/README.md +4 -4
data/VERSION +1 -1
data/lib/twitter_oauth2/client.rb +11 -5
metadata +2 -2

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: a3fd74a639d0b5217a59d0d8f1dd573f57458fac49ca9ec80eb41e061d061c0e
-  data.tar.gz: a688d0dc6bb2d8bf702d95149bfa5f184825de78cde6e9d2fa1c287343d529c1
+  metadata.gz: f122e87aaf15c361806ef0e5b433d4581e5917602ccb1ecdc3ffc143dccb8c9a
+  data.tar.gz: ab48249dd3d6ef1d43028bb9fd80896a3b6f9dd051dd3def027cc92d6f6da7a9
 SHA512:
-  metadata.gz: b29998b2bf147f510b8e82cdfa576d7f262da34f9717229cd8495bba0d473542a5275a86b1d30f7a2c6bbd4b4142fb8823c3030428e4273b636b3835f1acd251
-  data.tar.gz: 2433d26ad4187321ba4af6c0b3f8b059a95b3ffb616fcacd8becc7fa8dc2fab672c6628937eec7bc68a11f43181e3387ec6d24ee6ef55bcc7cfeb857497d5346
+  metadata.gz: 3e28f5eef3c5b78cc78ef8fe46afb019bed576d9ee45a7f6ae74a9618fda9d3e6e549bd189c702dcaafa85d4ee148745b034c2fb5cefac1bfe9c849683e7b035
+  data.tar.gz: bc2708b3af710699168313319fa51b47a63cd640a1998b65b5890143f450203e20f5e948040577420adf2f8d2871f718e219e16c1f7a697e8655bcf5097e3e97

data/README.md CHANGED Viewed

@@ -38,15 +38,15 @@ authorization_uri = client.authorization_uri(
     :'users.read',
     :'tweet.read',
     :'offline.access'
-  ],
-  state: SecureRandom.hex(16)
 )
 # NOTE:
-#  When 'TwitterOAuth2::Client#authorization_uri is called,
-#  PKCE `code_verifier` is automatically generated.
+#  When `TwitterOAuth2::Client#authorization_uri` is called,
+#  PKCE `code_verifier` and `state` are automatically generated.
 #  You can get it here.
 code_verifier = client.code_verifier
+state = client.state
 puts authorization_uri
 `open "#{authorization_uri}"`

data/VERSION CHANGED Viewed

	@@ -1 +1 @@
1	- 0.3.0
1	+ 0.4.0

data/lib/twitter_oauth2/client.rb CHANGED Viewed

@@ -1,6 +1,6 @@
 module TwitterOAuth2
   class Client < Rack::OAuth2::Client
-    attr_accessor :code_verifier
+    attr_accessor :code_verifier, :code_challenge, :code_challenge_method, :state
     def initialize(attributes)
       attributes_with_default = {
@@ -11,10 +11,11 @@ module TwitterOAuth2
     end
     def authorization_uri(params = {})
-      code_challenge = pkce_session!
+      authorization_session!
       authorization_uri = super({
         code_challenge: code_challenge,
-        code_challenge_method: :s256
+        code_challenge_method: code_challenge_method,
+        state: state
       }.merge(params))
     end
@@ -27,15 +28,20 @@ module TwitterOAuth2
     private
-    def pkce_session!
+    def authorization_session!
+      self.state = Base64.urlsafe_encode64(
+        SecureRandom.random_bytes(16),
+        padding: false
+      )
       self.code_verifier = Base64.urlsafe_encode64(
         SecureRandom.random_bytes(32),
         padding: false
       )
-      Base64.urlsafe_encode64(
+      self.code_challenge = Base64.urlsafe_encode64(
         OpenSSL::Digest::SHA256.digest(code_verifier),
         padding: false
       )
+      self.code_challenge_method = :s256
     end
   end
 end

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: twitter_oauth2
 version: !ruby/object:Gem::Version
-  version: 0.3.0
+  version: 0.4.0
 platform: ruby
 authors:
 - nov
 autorequire:
 bindir: exe
 cert_chain: []
-date: 2021-10-02 00:00:00.000000000 Z
+date: 2021-10-14 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rack-oauth2