Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package rubygem-rack-oauth2 for
openSUSE:Factory checked in at 2022-08-09 15:26:48
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/rubygem-rack-oauth2 (Old)
and /work/SRC/openSUSE:Factory/.rubygem-rack-oauth2.new.1521 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "rubygem-rack-oauth2"
Tue Aug 9 15:26:48 2022 rev:14 rq:993512 version:1.21.2
Changes:
--------
--- /work/SRC/openSUSE:Factory/rubygem-rack-oauth2/rubygem-rack-oauth2.changes
2022-02-02 22:45:02.534056191 +0100
+++
/work/SRC/openSUSE:Factory/.rubygem-rack-oauth2.new.1521/rubygem-rack-oauth2.changes
2022-08-09 15:27:03.965404670 +0200
@@ -1,0 +2,6 @@
+Thu Aug 4 13:24:03 UTC 2022 - Stephan Kulow <[email protected]>
+
+updated to version 1.21.2
+ no changelog found
+
+-------------------------------------------------------------------
Old:
----
rack-oauth2-1.19.0.gem
New:
----
rack-oauth2-1.21.2.gem
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ rubygem-rack-oauth2.spec ++++++
--- /var/tmp/diff_new_pack.ds3Zgw/_old 2022-08-09 15:27:04.449406054 +0200
+++ /var/tmp/diff_new_pack.ds3Zgw/_new 2022-08-09 15:27:04.457406076 +0200
@@ -24,7 +24,7 @@
#
Name: rubygem-rack-oauth2
-Version: 1.19.0
+Version: 1.21.2
Release: 0
%define mod_name rack-oauth2
%define mod_full_name %{mod_name}-%{version}
@@ -33,7 +33,7 @@
BuildRequires: %{rubygem rdoc > 3.10}
BuildRequires: %{ruby}
BuildRequires: ruby-macros >= 5
-URL: http://github.com/nov/rack-oauth2
+URL: https://github.com/nov/rack-oauth2
Source: https://rubygems.org/gems/%{mod_full_name}.gem
Source1: gem2rpm.yml
Summary: OAuth 2.0 Server & Client Library - Both Bearer and MAC token
type
++++++ rack-oauth2-1.19.0.gem -> rack-oauth2-1.21.2.gem ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/.github/FUNDING.yml new/.github/FUNDING.yml
--- old/.github/FUNDING.yml 1970-01-01 01:00:00.000000000 +0100
+++ new/.github/FUNDING.yml 2022-07-12 15:54:03.000000000 +0200
@@ -0,0 +1,3 @@
+# These are supported funding model platforms
+
+github: nov
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/.travis.yml new/.travis.yml
--- old/.travis.yml 2021-10-01 04:26:30.000000000 +0200
+++ new/.travis.yml 2022-07-12 15:54:03.000000000 +0200
@@ -5,4 +5,4 @@
- 2.5.8
- 2.6.6
- 2.7.2
- - 3.0.0
+ - 3.0.2
\ No newline at end of file
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/VERSION new/VERSION
--- old/VERSION 2021-10-01 04:26:30.000000000 +0200
+++ new/VERSION 2022-07-12 15:54:03.000000000 +0200
@@ -1 +1 @@
-1.19.0
\ No newline at end of file
+1.21.2
\ No newline at end of file
Binary files old/checksums.yaml.gz and new/checksums.yaml.gz differ
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/lib/rack/oauth2/client.rb
new/lib/rack/oauth2/client.rb
--- old/lib/rack/oauth2/client.rb 2021-10-01 04:26:30.000000000 +0200
+++ new/lib/rack/oauth2/client.rb 2022-07-12 15:54:03.000000000 +0200
@@ -3,7 +3,7 @@
class Client
include AttrRequired, AttrOptional
attr_required :identifier
- attr_optional :secret, :private_key, :certificate, :redirect_uri,
:scheme, :host, :port, :authorization_endpoint, :token_endpoint
+ attr_optional :secret, :private_key, :certificate, :redirect_uri,
:scheme, :host, :port, :authorization_endpoint, :token_endpoint,
:revocation_endpoint
def initialize(attributes = {})
(required_attributes + optional_attributes).each do |key|
@@ -69,7 +69,65 @@
end
def access_token!(*args)
- headers, params = {}, @grant.as_json
+ headers, params, http_client, options =
authenticated_context_from(*args)
+ params[:scope] = Array(options.delete(:scope)).join(' ') if
options[:scope].present?
+ params.merge! @grant.as_json
+ params.merge! options
+ handle_response do
+ http_client.post(
+ absolute_uri_for(token_endpoint),
+ Util.compact_hash(params),
+ headers
+ )
+ end
+ end
+
+ def revoke!(*args)
+ headers, params, http_client, options =
authenticated_context_from(*args)
+
+ params.merge! case
+ when access_token = options.delete(:access_token)
+ {
+ token: access_token,
+ token_type_hint: :access_token
+ }
+ when refresh_token = options.delete(:refresh_token)
+ {
+ token: refresh_token,
+ token_type_hint: :refresh_token
+ }
+ when @grant.is_a?(Grant::RefreshToken)
+ {
+ token: @grant.refresh_token,
+ token_type_hint: :refresh_token
+ }
+ when options[:token].blank?
+ raise ArgumentError, 'One of "token", "access_token" and
"refresh_token" is required'
+ end
+ params.merge! options
+
+ handle_revocation_response do
+ http_client.post(
+ absolute_uri_for(revocation_endpoint),
+ Util.compact_hash(params),
+ headers
+ )
+ end
+ end
+
+ private
+
+ def absolute_uri_for(endpoint)
+ _endpoint_ = Util.parse_uri endpoint
+ _endpoint_.scheme ||= self.scheme || 'https'
+ _endpoint_.host ||= self.host
+ _endpoint_.port ||= self.port
+ raise 'No Host Info' unless _endpoint_.host
+ _endpoint_.to_s
+ end
+
+ def authenticated_context_from(*args)
+ headers, params = {}, {}
http_client = Rack::OAuth2.http_client
# NOTE:
@@ -78,9 +136,6 @@
options = args.extract_options!
client_auth_method = args.first ||
options.delete(:client_auth_method).try(:to_sym) || :basic
- params[:scope] = Array(options.delete(:scope)).join(' ') if
options[:scope].present?
- params.merge! options
-
case client_auth_method
when :basic
cred = Base64.strict_encode64 [
@@ -100,9 +155,11 @@
client_assertion_type: URN::ClientAssertionType::JWT_BEARER
)
# NOTE: optionally auto-generate client_assertion.
- if params[:client_assertion].blank?
+ params[:client_assertion] = if options[:client_assertion].present?
+ options.delete(:client_assertion)
+ else
require 'json/jwt'
- params[:client_assertion] = JSON::JWT.new(
+ JSON::JWT.new(
iss: identifier,
sub: identifier,
aud: absolute_uri_for(token_endpoint),
@@ -127,24 +184,8 @@
client_secret: secret
)
end
- handle_response do
- http_client.post(
- absolute_uri_for(token_endpoint),
- Util.compact_hash(params),
- headers
- )
- end
- end
-
- private
- def absolute_uri_for(endpoint)
- _endpoint_ = Util.parse_uri endpoint
- _endpoint_.scheme ||= self.scheme || 'https'
- _endpoint_.host ||= self.host
- _endpoint_.port ||= self.port
- raise 'No Host Info' unless _endpoint_.host
- _endpoint_.to_s
+ [headers, params, http_client, options]
end
def handle_response
@@ -155,6 +196,16 @@
else
handle_error_response response
end
+ end
+
+ def handle_revocation_response
+ response = yield
+ case response.status
+ when 200..201
+ :success
+ else
+ handle_error_response response
+ end
end
def handle_success_response(response)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/metadata new/metadata
--- old/metadata 2021-10-01 04:26:30.000000000 +0200
+++ new/metadata 2022-07-12 15:54:03.000000000 +0200
@@ -1,14 +1,14 @@
--- !ruby/object:Gem::Specification
name: rack-oauth2
version: !ruby/object:Gem::Version
- version: 1.19.0
+ version: 1.21.2
platform: ruby
authors:
- nov matake
autorequire:
bindir: bin
cert_chain: []
-date: 2021-10-01 00:00:00.000000000 Z
+date: 2022-07-12 00:00:00.000000000 Z
dependencies:
- !ruby/object:Gem::Dependency
name: rack
@@ -150,6 +150,20 @@
- - ">="
- !ruby/object:Gem::Version
version: '0'
+- !ruby/object:Gem::Dependency
+ name: rexml
+ requirement: !ruby/object:Gem::Requirement
+ requirements:
+ - - ">="
+ - !ruby/object:Gem::Version
+ version: '0'
+ type: :development
+ prerelease: false
+ version_requirements: !ruby/object:Gem::Requirement
+ requirements:
+ - - ">="
+ - !ruby/object:Gem::Version
+ version: '0'
description: OAuth 2.0 Server & Client Library. Both Bearer and MAC token type
are
supported.
email: [email protected]
@@ -160,6 +174,7 @@
- README.rdoc
files:
- ".document"
+- ".github/FUNDING.yml"
- ".gitignore"
- ".rspec"
- ".travis.yml"
@@ -281,7 +296,7 @@
- spec/rack/oauth2/server/token_spec.rb
- spec/rack/oauth2/util_spec.rb
- spec/spec_helper.rb
-homepage: http://github.com/nov/rack-oauth2
+homepage: https://github.com/nov/rack-oauth2
licenses:
- MIT
metadata: {}
@@ -301,7 +316,7 @@
- !ruby/object:Gem::Version
version: '0'
requirements: []
-rubygems_version: 3.1.4
+rubygems_version: 3.1.6
signing_key:
specification_version: 4
summary: OAuth 2.0 Server & Client Library - Both Bearer and MAC token type
are supported
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/rack-oauth2.gemspec new/rack-oauth2.gemspec
--- old/rack-oauth2.gemspec 2021-10-01 04:26:30.000000000 +0200
+++ new/rack-oauth2.gemspec 2022-07-12 15:54:03.000000000 +0200
@@ -7,7 +7,7 @@
s.email = '[email protected]'
s.extra_rdoc_files = ['LICENSE', 'README.rdoc']
s.rdoc_options = ['--charset=UTF-8']
- s.homepage = 'http://github.com/nov/rack-oauth2'
+ s.homepage = 'https://github.com/nov/rack-oauth2'
s.license = 'MIT'
s.require_paths = ['lib']
s.executables = `git ls-files -- bin/*`.split("\n").map{ |f|
File.basename(f) }
@@ -23,4 +23,5 @@
s.add_development_dependency 'rspec'
s.add_development_dependency 'rspec-its'
s.add_development_dependency 'webmock'
+ s.add_development_dependency 'rexml'
end
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/spec/rack/oauth2/client_spec.rb
new/spec/rack/oauth2/client_spec.rb
--- old/spec/rack/oauth2/client_spec.rb 2021-10-01 04:26:30.000000000 +0200
+++ new/spec/rack/oauth2/client_spec.rb 2022-07-12 15:54:03.000000000 +0200
@@ -8,7 +8,8 @@
identifier: client_id,
secret: client_secret,
host: 'server.example.com',
- redirect_uri: 'https://client.example.com/callback'
+ redirect_uri: 'https://client.example.com/callback',
+ revocation_endpoint: '/oauth2/revoke'
)
end
subject { client }
@@ -17,6 +18,7 @@
its(:secret) { should == 'client_secret' }
its(:authorization_endpoint) { should == '/oauth2/authorize' }
its(:token_endpoint) { should == '/oauth2/token' }
+ its(:revocation_endpoint) { should == '/oauth2/revoke' }
context 'when identifier is missing' do
it do
@@ -446,12 +448,86 @@
end
end
+ describe '#revoke!' do
+ context 'when access_token given' do
+ before do
+ mock_response(
+ :post,
+ 'https://server.example.com/oauth2/revoke',
+ 'blank',
+ status: 200,
+ body: {
+ token: 'access_token',
+ token_type_hint: 'access_token'
+ }
+ )
+ end
+ it do
+ client.revoke!(access_token: 'access_token').should == :success
+ end
+ end
+
+ context 'when refresh_token given' do
+ before do
+ mock_response(
+ :post,
+ 'https://server.example.com/oauth2/revoke',
+ 'blank',
+ status: 200,
+ body: {
+ token: 'refresh_token',
+ token_type_hint: 'refresh_token'
+ }
+ )
+ end
+
+ context 'as argument' do
+ it do
+ client.revoke!(refresh_token: 'refresh_token').should == :success
+ end
+ end
+
+ context 'as grant' do
+ it do
+ client.refresh_token = 'refresh_token'
+ client.revoke!
+ end
+ end
+ end
+
+ context 'when error response given' do
+ before do
+ mock_response(
+ :post,
+ 'https://server.example.com/oauth2/revoke',
+ 'errors/invalid_request.json',
+ status: 400
+ )
+ end
+
+ it do
+ expect do
+ client.revoke! access_token: 'access_token'
+ end.to raise_error Rack::OAuth2::Client::Error
+ end
+ end
+
+ context 'when no token given' do
+ it do
+ expect do
+ client.revoke!
+ end.to raise_error ArgumentError
+ end
+ end
+ end
+
context 'when no host info' do
let :client do
Rack::OAuth2::Client.new(
identifier: 'client_id',
secret: 'client_secret',
- redirect_uri: 'https://client.example.com/callback'
+ redirect_uri: 'https://client.example.com/callback',
+ revocation_endpoint: '/oauth2/revoke'
)
end
@@ -466,5 +542,11 @@
expect { client.access_token! }.to raise_error 'No Host Info'
end
end
+
+ describe '#revoke!' do
+ it do
+ expect { client.revoke! access_token: 'access_token' }.to raise_error
'No Host Info'
+ end
+ end
end
end
