Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package rubygem-openid_connect for
openSUSE:Factory checked in at 2022-10-13 15:44:35
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/rubygem-openid_connect (Old)
and /work/SRC/openSUSE:Factory/.rubygem-openid_connect.new.2275 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "rubygem-openid_connect"
Thu Oct 13 15:44:35 2022 rev:8 rq:1010029 version:2.1.0
Changes:
--------
---
/work/SRC/openSUSE:Factory/rubygem-openid_connect/rubygem-openid_connect.changes
2022-09-03 23:19:00.651804907 +0200
+++
/work/SRC/openSUSE:Factory/.rubygem-openid_connect.new.2275/rubygem-openid_connect.changes
2022-10-13 15:45:10.243092298 +0200
@@ -1,0 +2,6 @@
+Mon Oct 10 13:13:13 UTC 2022 - Stephan Kulow <[email protected]>
+
+updated to version 2.1.0
+ no changelog found
+
+-------------------------------------------------------------------
Old:
----
openid_connect-1.3.1.gem
New:
----
openid_connect-2.1.0.gem
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ rubygem-openid_connect.spec ++++++
--- /var/tmp/diff_new_pack.vRAmU4/_old 2022-10-13 15:45:10.819093422 +0200
+++ /var/tmp/diff_new_pack.vRAmU4/_new 2022-10-13 15:45:10.823093430 +0200
@@ -24,7 +24,7 @@
#
Name: rubygem-openid_connect
-Version: 1.3.1
+Version: 2.1.0
Release: 0
%define mod_name openid_connect
%define mod_full_name %{mod_name}-%{version}
@@ -48,7 +48,7 @@
%install
%gem_install \
- --doc-files="LICENSE README.rdoc" \
+ --doc-files="CHANGELOG.md LICENSE README.rdoc" \
-f
%gem_packages
++++++ openid_connect-1.3.1.gem -> openid_connect-2.1.0.gem ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/.github/workflows/spec.yml
new/.github/workflows/spec.yml
--- old/.github/workflows/spec.yml 1970-01-01 01:00:00.000000000 +0100
+++ new/.github/workflows/spec.yml 2022-10-10 04:34:15.000000000 +0200
@@ -0,0 +1,32 @@
+name: Spec
+
+on:
+ push:
+ branches:
+ - master
+ pull_request:
+
+permissions:
+ contents: read
+
+jobs:
+ spec:
+ strategy:
+ matrix:
+ os: ['ubuntu-20.04']
+ ruby-version: ['2.6', '2.7', '3.0', '3.1']
+ # ubuntu 22.04 only supports ssl 3 and thus only ruby 3.1
+ include:
+ - os: 'ubuntu-22.04'
+ ruby-version: '3.1'
+ runs-on: ${{ matrix.os }}
+
+ steps:
+ - uses: actions/checkout@v3
+ - name: Set up Ruby
+ uses: ruby/setup-ruby@v1
+ with:
+ ruby-version: ${{ matrix.ruby-version }}
+ bundler-cache: true
+ - name: Run Specs
+ run: bundle exec rake spec
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/.travis.yml new/.travis.yml
--- old/.travis.yml 2022-08-14 03:49:08.000000000 +0200
+++ new/.travis.yml 1970-01-01 01:00:00.000000000 +0100
@@ -1,8 +0,0 @@
-before_install:
- - gem install bundler
-
-rvm:
- - 2.6.10
- - 2.7.6
- - 3.0.4
- - 3.1.2
\ No newline at end of file
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/CHANGELOG.md new/CHANGELOG.md
--- old/CHANGELOG.md 1970-01-01 01:00:00.000000000 +0100
+++ new/CHANGELOG.md 2022-10-10 04:34:15.000000000 +0200
@@ -0,0 +1,11 @@
+## [Unreleased]
+
+## [2.0.0] - 2022-10-09
+
+### Added
+
+- start recording CHANGELOG
+
+### Changed
+
+- replace httpclient with faraday v2 by @nov in
https://github.com/nov/openid_connect/pull/75
\ No newline at end of file
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/README.rdoc new/README.rdoc
--- old/README.rdoc 2022-08-14 03:49:08.000000000 +0200
+++ new/README.rdoc 2022-10-10 04:34:15.000000000 +0200
@@ -2,8 +2,6 @@
OpenID Connect Server & Client Library
-{<img src="https://secure.travis-ci.org/nov/openid_connect.png";
/>}[https://travis-ci.org/nov/openid_connect]
-
== Installation
gem install openid_connect
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/VERSION new/VERSION
--- old/VERSION 2022-08-14 03:49:08.000000000 +0200
+++ new/VERSION 2022-10-10 04:34:15.000000000 +0200
@@ -1 +1 @@
-1.3.1
\ No newline at end of file
+2.1.0
\ No newline at end of file
Binary files old/checksums.yaml.gz and new/checksums.yaml.gz differ
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/lib/openid_connect/access_token/mtls.rb
new/lib/openid_connect/access_token/mtls.rb
--- old/lib/openid_connect/access_token/mtls.rb 1970-01-01 01:00:00.000000000
+0100
+++ new/lib/openid_connect/access_token/mtls.rb 2022-10-10 04:34:15.000000000
+0200
@@ -0,0 +1,9 @@
+module OpenIDConnect
+ class AccessToken::MTLS < AccessToken
+ def initialize(attributes = {})
+ super
+ http_client.ssl.client_key = attributes[:private_key] ||
client.private_key
+ http_client.ssl.client_cert = attributes[:certificate] ||
client.certificate
+ end
+ end
+end
\ No newline at end of file
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/lib/openid_connect/access_token.rb
new/lib/openid_connect/access_token.rb
--- old/lib/openid_connect/access_token.rb 2022-08-14 03:49:08.000000000
+0200
+++ new/lib/openid_connect/access_token.rb 2022-10-10 04:34:15.000000000
+0200
@@ -15,6 +15,13 @@
ResponseObject::UserInfo.new hash
end
+ def to_mtls(attributes = {})
+ (required_attributes + optional_attributes).each do |key|
+ attributes[key] = self.send(key)
+ end
+ MTLS.new attributes
+ end
+
private
def resource_request
@@ -33,4 +40,6 @@
end
end
end
-end
\ No newline at end of file
+end
+
+require 'openid_connect/access_token/mtls'
\ No newline at end of file
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/lib/openid_connect/debugger/request_filter.rb
new/lib/openid_connect/debugger/request_filter.rb
--- old/lib/openid_connect/debugger/request_filter.rb 2022-08-14
03:49:08.000000000 +0200
+++ new/lib/openid_connect/debugger/request_filter.rb 1970-01-01
01:00:00.000000000 +0100
@@ -1,28 +0,0 @@
-module OpenIDConnect
- module Debugger
- class RequestFilter
- # Callback called in HTTPClient (before sending a request)
- # request:: HTTP::Message
- def filter_request(request)
- started = "======= [OpenIDConnect] HTTP REQUEST STARTED ======="
- log started, request.dump
- end
-
- # Callback called in HTTPClient (after received a response)
- # request:: HTTP::Message
- # response:: HTTP::Message
- def filter_response(request, response)
- finished = "======= [OpenIDConnect] HTTP REQUEST FINISHED ======="
- log '-' * 50, response.dump, finished
- end
-
- private
-
- def log(*outputs)
- outputs.each do |output|
- OpenIDConnect.logger.info output
- end
- end
- end
- end
-end
\ No newline at end of file
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/lib/openid_connect/debugger.rb
new/lib/openid_connect/debugger.rb
--- old/lib/openid_connect/debugger.rb 2022-08-14 03:49:08.000000000 +0200
+++ new/lib/openid_connect/debugger.rb 1970-01-01 01:00:00.000000000 +0100
@@ -1,3 +0,0 @@
-Dir[File.dirname(__FILE__) + '/debugger/*.rb'].each do |file|
- require file
-end
\ No newline at end of file
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/lib/openid_connect/discovery/provider/config/response.rb
new/lib/openid_connect/discovery/provider/config/response.rb
--- old/lib/openid_connect/discovery/provider/config/response.rb
2022-08-14 03:49:08.000000000 +0200
+++ new/lib/openid_connect/discovery/provider/config/response.rb
2022-10-10 04:34:15.000000000 +0200
@@ -82,11 +82,16 @@
def jwks
@jwks ||= JSON.parse(
- OpenIDConnect.http_client.get_content(jwks_uri)
+ OpenIDConnect.http_client.get(jwks_uri).body
).with_indifferent_access
JSON::JWK::Set.new @jwks[:keys]
end
+ def jwk(kid)
+ @jwks ||= {}
+ @jwks[kid] ||= JSON::JWK::Set::Fetcher.fetch(jwks_uri, kid: kid)
+ end
+
def public_keys
@public_keys ||= jwks.collect(&:to_key)
end
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/lib/openid_connect/request_object.rb
new/lib/openid_connect/request_object.rb
--- old/lib/openid_connect/request_object.rb 2022-08-14 03:49:08.000000000
+0200
+++ new/lib/openid_connect/request_object.rb 2022-10-10 04:34:15.000000000
+0200
@@ -25,7 +25,7 @@
end
def fetch(request_uri, key = nil)
- jwt_string = OpenIDConnect.http_client.get_content(request_uri)
+ jwt_string = OpenIDConnect.http_client.get(request_uri).body
decode jwt_string, key
end
end
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/lib/openid_connect/response_object/id_token.rb
new/lib/openid_connect/response_object/id_token.rb
--- old/lib/openid_connect/response_object/id_token.rb 2022-08-14
03:49:08.000000000 +0200
+++ new/lib/openid_connect/response_object/id_token.rb 2022-10-10
04:34:15.000000000 +0200
@@ -63,11 +63,16 @@
end
class << self
- def decode(jwt_string, key)
- if key == :self_issued
+ def decode(jwt_string, key_or_config)
+ case key_or_config
+ when :self_issued
decode_self_issued jwt_string
+ when OpenIDConnect::Discovery::Provider::Config::Response
+ jwt = JSON::JWT.decode jwt_string, :skip_verification
+ jwt.verify! key_or_config.jwk(jwt.kid)
+ new jwt
else
- new JSON::JWT.decode jwt_string, key
+ new JSON::JWT.decode jwt_string, key_or_config
end
end
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/lib/openid_connect.rb new/lib/openid_connect.rb
--- old/lib/openid_connect.rb 2022-08-14 03:49:08.000000000 +0200
+++ new/lib/openid_connect.rb 2022-10-10 04:34:15.000000000 +0200
@@ -1,5 +1,7 @@
require 'json'
require 'logger'
+require 'faraday'
+require 'faraday/follow_redirects'
require 'swd'
require 'webfinger'
require 'active_model'
@@ -64,17 +66,13 @@
self.debugging = false
def self.http_client
- _http_client_ = HTTPClient.new(
- agent_name: "OpenIDConnect (#{VERSION})"
- )
-
- # NOTE: httpclient gem seems stopped maintaining root certtificate set,
use OS default.
- _http_client_.ssl_config.clear_cert_store
- _http_client_.ssl_config.cert_store.set_default_paths
-
- _http_client_.request_filter << Debugger::RequestFilter.new if debugging?
- http_config.try(:call, _http_client_)
- _http_client_
+ Faraday.new(headers: {user_agent: "OpenIDConnect (#{VERSION})"}) do
|faraday|
+ faraday.request :url_encoded
+ faraday.request :json
+ faraday.response :logger, OpenIDConnect.logger, {bodies: true} if
debugging?
+ faraday.adapter Faraday.default_adapter
+ http_config&.call(faraday)
+ end
end
def self.http_config(&block)
@sub_protocols.each do |klass|
@@ -100,4 +98,3 @@
require 'openid_connect/jwtnizable'
require 'openid_connect/connect_object'
require 'openid_connect/discovery'
-require 'openid_connect/debugger'
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/metadata new/metadata
--- old/metadata 2022-08-14 03:49:08.000000000 +0200
+++ new/metadata 2022-10-10 04:34:15.000000000 +0200
@@ -1,14 +1,14 @@
--- !ruby/object:Gem::Specification
name: openid_connect
version: !ruby/object:Gem::Version
- version: 1.3.1
+ version: 2.1.0
platform: ruby
authors:
- nov matake
autorequire:
bindir: bin
cert_chain: []
-date: 2022-08-14 00:00:00.000000000 Z
+date: 2022-10-10 00:00:00.000000000 Z
dependencies:
- !ruby/object:Gem::Dependency
name: tzinfo
@@ -81,61 +81,89 @@
- !ruby/object:Gem::Version
version: '0'
- !ruby/object:Gem::Dependency
- name: json-jwt
+ name: faraday
+ requirement: !ruby/object:Gem::Requirement
+ requirements:
+ - - "~>"
+ - !ruby/object:Gem::Version
+ version: '2.0'
+ type: :runtime
+ prerelease: false
+ version_requirements: !ruby/object:Gem::Requirement
+ requirements:
+ - - "~>"
+ - !ruby/object:Gem::Version
+ version: '2.0'
+- !ruby/object:Gem::Dependency
+ name: faraday-follow_redirects
requirement: !ruby/object:Gem::Requirement
requirements:
- - ">="
- !ruby/object:Gem::Version
- version: 1.5.0
+ version: '0'
type: :runtime
prerelease: false
version_requirements: !ruby/object:Gem::Requirement
requirements:
- - ">="
- !ruby/object:Gem::Version
- version: 1.5.0
+ version: '0'
- !ruby/object:Gem::Dependency
- name: swd
+ name: json-jwt
requirement: !ruby/object:Gem::Requirement
requirements:
- - ">="
- !ruby/object:Gem::Version
- version: 1.0.0
+ version: '1.16'
type: :runtime
prerelease: false
version_requirements: !ruby/object:Gem::Requirement
requirements:
- - ">="
- !ruby/object:Gem::Version
- version: 1.0.0
+ version: '1.16'
+- !ruby/object:Gem::Dependency
+ name: swd
+ requirement: !ruby/object:Gem::Requirement
+ requirements:
+ - - "~>"
+ - !ruby/object:Gem::Version
+ version: '2.0'
+ type: :runtime
+ prerelease: false
+ version_requirements: !ruby/object:Gem::Requirement
+ requirements:
+ - - "~>"
+ - !ruby/object:Gem::Version
+ version: '2.0'
- !ruby/object:Gem::Dependency
name: webfinger
requirement: !ruby/object:Gem::Requirement
requirements:
- - - ">="
+ - - "~>"
- !ruby/object:Gem::Version
- version: 1.0.1
+ version: '2.0'
type: :runtime
prerelease: false
version_requirements: !ruby/object:Gem::Requirement
requirements:
- - - ">="
+ - - "~>"
- !ruby/object:Gem::Version
- version: 1.0.1
+ version: '2.0'
- !ruby/object:Gem::Dependency
name: rack-oauth2
requirement: !ruby/object:Gem::Requirement
requirements:
- - - ">="
+ - - "~>"
- !ruby/object:Gem::Version
- version: 1.6.1
+ version: '2.0'
type: :runtime
prerelease: false
version_requirements: !ruby/object:Gem::Requirement
requirements:
- - - ">="
+ - - "~>"
- !ruby/object:Gem::Version
- version: 1.6.1
+ version: '2.0'
- !ruby/object:Gem::Dependency
name: net-smtp
requirement: !ruby/object:Gem::Requirement
@@ -242,9 +270,10 @@
extra_rdoc_files: []
files:
- ".github/FUNDING.yml"
+- ".github/workflows/spec.yml"
- ".gitignore"
- ".rspec"
-- ".travis.yml"
+- CHANGELOG.md
- Gemfile
- LICENSE
- README.rdoc
@@ -253,11 +282,10 @@
- VERSION
- lib/openid_connect.rb
- lib/openid_connect/access_token.rb
+- lib/openid_connect/access_token/mtls.rb
- lib/openid_connect/client.rb
- lib/openid_connect/client/registrar.rb
- lib/openid_connect/connect_object.rb
-- lib/openid_connect/debugger.rb
-- lib/openid_connect/debugger/request_filter.rb
- lib/openid_connect/discovery.rb
- lib/openid_connect/discovery/provider.rb
- lib/openid_connect/discovery/provider/config.rb
@@ -304,13 +332,14 @@
- spec/mock_response/errors/unknown.json
- spec/mock_response/id_token.json
- spec/mock_response/public_keys/jwks.json
+- spec/mock_response/public_keys/jwks_with_private_key.json
+- spec/mock_response/public_keys/private_key.pem
- spec/mock_response/request_object/signed.jwt
- spec/mock_response/userinfo/openid.json
- spec/openid_connect/access_token_spec.rb
- spec/openid_connect/client/registrar_spec.rb
- spec/openid_connect/client_spec.rb
- spec/openid_connect/connect_object_spec.rb
-- spec/openid_connect/debugger/request_filter_spec.rb
- spec/openid_connect/discovery/provider/config/resource_spec.rb
- spec/openid_connect/discovery/provider/config/response_spec.rb
- spec/openid_connect/discovery/provider/config_spec.rb
@@ -376,13 +405,14 @@
- spec/mock_response/errors/unknown.json
- spec/mock_response/id_token.json
- spec/mock_response/public_keys/jwks.json
+- spec/mock_response/public_keys/jwks_with_private_key.json
+- spec/mock_response/public_keys/private_key.pem
- spec/mock_response/request_object/signed.jwt
- spec/mock_response/userinfo/openid.json
- spec/openid_connect/access_token_spec.rb
- spec/openid_connect/client/registrar_spec.rb
- spec/openid_connect/client_spec.rb
- spec/openid_connect/connect_object_spec.rb
-- spec/openid_connect/debugger/request_filter_spec.rb
- spec/openid_connect/discovery/provider/config/resource_spec.rb
- spec/openid_connect/discovery/provider/config/response_spec.rb
- spec/openid_connect/discovery/provider/config_spec.rb
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/openid_connect.gemspec new/openid_connect.gemspec
--- old/openid_connect.gemspec 2022-08-14 03:49:08.000000000 +0200
+++ new/openid_connect.gemspec 2022-10-10 04:34:15.000000000 +0200
@@ -17,14 +17,16 @@
s.add_runtime_dependency "activemodel"
s.add_runtime_dependency "validate_url"
s.add_runtime_dependency "validate_email"
- s.add_runtime_dependency "json-jwt", ">= 1.5.0"
- s.add_runtime_dependency "swd", ">= 1.0.0"
- s.add_runtime_dependency "webfinger", ">= 1.0.1"
- s.add_runtime_dependency "rack-oauth2", ">= 1.6.1"
+ s.add_runtime_dependency 'faraday', '~> 2.0'
+ s.add_runtime_dependency 'faraday-follow_redirects'
+ s.add_runtime_dependency "json-jwt", ">= 1.16"
+ s.add_runtime_dependency "swd", "~> 2.0"
+ s.add_runtime_dependency "webfinger", "~> 2.0"
+ s.add_runtime_dependency "rack-oauth2", "~> 2.0"
if Gem.ruby_version >= Gem::Version.create(3.1)
# TODO:
# remove "net-smtp" dependency after mail gem 2.8+ (which supports ruby
3.1+) released.
- # ref.) https://rubygems.org/gems/mailhttps://github.com/mikel/mail
+ # ref.) https://rubygems.org/gems/mail
s.add_runtime_dependency "net-smtp"
end
s.add_development_dependency "rake"
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/spec/helpers/webmock_helper.rb
new/spec/helpers/webmock_helper.rb
--- old/spec/helpers/webmock_helper.rb 2022-08-14 03:49:08.000000000 +0200
+++ new/spec/helpers/webmock_helper.rb 2022-10-10 04:34:15.000000000 +0200
@@ -32,7 +32,13 @@
def response_for(response_file, options = {})
response = {}
- response[:body] = File.new(File.join(File.dirname(__FILE__),
'../mock_response', "#{response_file}.#{options[:format] || :json}"))
+ format = options[:format] || :json
+ if format == :json
+ response[:headers] = {
+ 'Content-Type': 'application/json'
+ }
+ end
+ response[:body] = File.new(File.join(File.dirname(__FILE__),
'../mock_response', "#{response_file}.#{format}"))
if options[:status]
response[:status] = options[:status]
end
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/spec/mock_response/public_keys/jwks_with_private_key.json
new/spec/mock_response/public_keys/jwks_with_private_key.json
--- old/spec/mock_response/public_keys/jwks_with_private_key.json
1970-01-01 01:00:00.000000000 +0100
+++ new/spec/mock_response/public_keys/jwks_with_private_key.json
2022-10-10 04:34:15.000000000 +0200
@@ -0,0 +1,8 @@
+{
+ "keys": [{
+ "kty": "RSA",
+ "e": "AQAB",
+ "n":
"vWr1S4T0jBnYU9PIpUYxT48Ca8HK8aitbmqbTM3t3Zzl1GNpIlyePnwXSL6SgNcVbeRhTfvXZUzH4pP8HzPJdpUHnAeYyCzjz9UNykdFCp2YW676wpLDzMkaU7bYLJxGjZlpHU-UJVIm5KX9-NfMyGbFUOuw4AY-OWp8GxrqwAF4U6bJ86TpO24wMxmgm0Vl72aRMGVJkRz66YLYOPNVjXjOI4bUuxg_o3Px5QASxvDCawMeLR3pLCoQcLAZn6WZx7nX3Wu6QzcY0QCqhqUAeY49QRT83Jdg7WUsNa2Rbegi3jJGJf-t9hEcJPmrI6q9zl6WArUueQHS-XUQWq5ptw",
+ "kid": "DCmKamGtkGAWz-uujePOp-UeATAeT4fi3KouR78r44I"
+ }]
+}
\ No newline at end of file
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/spec/mock_response/public_keys/private_key.pem
new/spec/mock_response/public_keys/private_key.pem
--- old/spec/mock_response/public_keys/private_key.pem 1970-01-01
01:00:00.000000000 +0100
+++ new/spec/mock_response/public_keys/private_key.pem 2022-10-10
04:34:15.000000000 +0200
@@ -0,0 +1,27 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIEpAIBAAKCAQEAvWr1S4T0jBnYU9PIpUYxT48Ca8HK8aitbmqbTM3t3Zzl1GNp
+IlyePnwXSL6SgNcVbeRhTfvXZUzH4pP8HzPJdpUHnAeYyCzjz9UNykdFCp2YW676
+wpLDzMkaU7bYLJxGjZlpHU+UJVIm5KX9+NfMyGbFUOuw4AY+OWp8GxrqwAF4U6bJ
+86TpO24wMxmgm0Vl72aRMGVJkRz66YLYOPNVjXjOI4bUuxg/o3Px5QASxvDCawMe
+LR3pLCoQcLAZn6WZx7nX3Wu6QzcY0QCqhqUAeY49QRT83Jdg7WUsNa2Rbegi3jJG
+Jf+t9hEcJPmrI6q9zl6WArUueQHS+XUQWq5ptwIDAQABAoIBAHvDWBUJAVRNSsiy
+90XuECggk/9ed0Dg6rjblS9g2kvTyWO1tKsMAyVmpTwVsNnYLxtHfsCajcmVmoEU
+Gkc06iy+AWPUnuIkWpGgbss9OAJQqI03Toc1qBO1TqtmK+cyEPNSSpkpNu4PuHPr
+dX9TWW2ToNdXuJEX4y5WwlJfiwT6kPdK86IKpPCql1+X/N2nKbn+5OWHTDuW3jLF
+H4UoJlUU77VgPedQLF9xr9NXGZbgYdTtsg3GU3k7/xhcetNq22Dtr8vYnX8LcIsZ
+9VW+KBRGOwgXTMLuj25VxkFUsJejEoq5+WyHTsSsa4w8Fxyc50GPfZJKh8J2jHiG
+8weJUNECgYEA5CoQmUz+8saVg1IwnEgZBSMF1rthMgvuDPhD8PJNaugUCyo9tg0O
+AXo9EMOUHmr2vCN8h2MZZuuW0D5np/Z9T102N99mJU6tVMSabBPDUTfxThq4xY48
+VZvS6EOzSomeEbrIDciJghqJIvPxEoqLXY3Zg7kDef7YiqybhZFdlS8CgYEA1IbH
+MHKfcL+LAo88y4tgOe6Wn8FRG1K7MHvdR+KErgxBg63I9zmolPsyznjNVKpB9syt
+zqkDxBg/jTIctgeziMQNSODQoqRKcgEDePwcu+wBvuV+LJFJoIWFrvIPyZ5yKzeb
+Vm1lRMgQfoeAQE4nVYAJG+oTTsFTdEtrHkOW4fkCgYEAsNHcnUFrTvARDH1UiLjj
+EvUKYFhEwck3CbwYwxC0aIZEikaJHp3NXd3Cl0xKbKxOXI1Pw4hMNlObQ/Uo1aUT
+hb7h9rjda0omz8uxNNK4CihFjFbvHMLXBS1GbJOSzdAKvQi4Yt4nmrk/z+Omzsyp
+pq34hLmL9S5H2Ghd+kwmbycCgYBiC1N1PEvl3depdJ8dX80irLj8NljOfBozQdFR
+ymRfTvQiZVfjBcyJ/mDv87b2Kh2IV+CPCFXebzlSUB4CtAbVP2zJhD176sMVWPZb
+KCOxZi1f/ct5kAUhcre7f5xc7SXKXjrhYlJnqsxBMw2tnOB0hz6sjA4gNPvlGK3w
+JkpDMQKBgQCgPoqSjmbroWC9oq5iDwRtx6f6fJG7CE91ZFJulunQj6YWOC3zNHEa
+XvPPGM8fZpJS4e8LiPClkk8nsOoC50neEVGZeEuhdP6m6WNPN3SlP7bXozHOJTh0
+mHrk2bUHFlQn8f5KWfLQbdyKBzs7WqCRTOR/gIbfxBlUOs0BN37xhw==
+-----END RSA PRIVATE KEY-----
\ No newline at end of file
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/spec/openid_connect/client/registrar_spec.rb
new/spec/openid_connect/client/registrar_spec.rb
--- old/spec/openid_connect/client/registrar_spec.rb 2022-08-14
03:49:08.000000000 +0200
+++ new/spec/openid_connect/client/registrar_spec.rb 2022-10-10
04:34:15.000000000 +0200
@@ -253,7 +253,7 @@
end
context 'otherwise' do
- it { should be_instance_of HTTPClient }
+ it { should be_instance_of Faraday::Connection }
end
end
end
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/spec/openid_connect/debugger/request_filter_spec.rb
new/spec/openid_connect/debugger/request_filter_spec.rb
--- old/spec/openid_connect/debugger/request_filter_spec.rb 2022-08-14
03:49:08.000000000 +0200
+++ new/spec/openid_connect/debugger/request_filter_spec.rb 1970-01-01
01:00:00.000000000 +0100
@@ -1,33 +0,0 @@
-require 'spec_helper'
-
-describe OpenIDConnect::Debugger::RequestFilter do
- let(:resource_endpoint) { 'https://example.com/resources' }
- let(:request) { HTTP::Message.new_request(:get,
URI.parse(resource_endpoint)) }
- let(:response) { HTTP::Message.new_response({hello: 'world'}.to_json) }
- let(:request_filter) { OpenIDConnect::Debugger::RequestFilter.new }
-
- describe '#filter_request' do
- it 'should log request' do
- [
- "======= [OpenIDConnect] HTTP REQUEST STARTED =======",
- request.dump
- ].each do |output|
- expect(OpenIDConnect.logger).to receive(:info).with output
- end
- request_filter.filter_request(request)
- end
- end
-
- describe '#filter_response' do
- it 'should log response' do
- [
- "--------------------------------------------------",
- response.dump,
- "======= [OpenIDConnect] HTTP REQUEST FINISHED ======="
- ].each do |output|
- expect(OpenIDConnect.logger).to receive(:info).with output
- end
- request_filter.filter_response(request, response)
- end
- end
-end
\ No newline at end of file
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/spec/openid_connect/response_object/id_token_spec.rb
new/spec/openid_connect/response_object/id_token_spec.rb
--- old/spec/openid_connect/response_object/id_token_spec.rb 2022-08-14
03:49:08.000000000 +0200
+++ new/spec/openid_connect/response_object/id_token_spec.rb 2022-10-10
04:34:15.000000000 +0200
@@ -251,6 +251,54 @@
its(:exp) { should == attributes[:exp].to_i }
its(:raw_attributes) { should be_instance_of JSON::JWS }
+ context 'when IdP config is given' do
+ subject { klass.decode id_token.to_jwt(private_key), idp_config }
+ let(:jwks) do
+ jwk_str = File.read(File.join(__dir__,
'../../mock_response/public_keys/jwks_with_private_key.json'))
+ jwk = JSON::JWK::Set.new JSON.parse(jwk_str)
+ end
+ let(:idp_config) do
+ OpenIDConnect::Discovery::Provider::Config::Response.new(
+ issuer: attributes[:issuer],
+ authorization_endpoint: File.join(attributes[:iss], 'authorize'),
+ jwks_uri: File.join(attributes[:iss], 'jwks'),
+ response_types_supported: ['code'],
+ subject_types_supported: ['public'],
+ id_token_signing_alg_values_supported: ['RS256']
+ )
+ end
+
+ context 'when id_token has kid' do
+ let(:private_key) do
+ OpenSSL::PKey::RSA.new(
+ File.read(File.join(__dir__,
'../../mock_response/public_keys/private_key.pem'))
+ ).to_jwk
+ end
+
+ it do
+ mock_json :get, idp_config.jwks_uri,
'public_keys/jwks_with_private_key' do
+ should be_a klass
+ end
+ end
+ end
+
+ context 'otherwise' do
+ let(:private_key) do
+ OpenSSL::PKey::RSA.new(
+ File.read(File.join(__dir__,
'../../mock_response/public_keys/private_key.pem'))
+ )
+ end
+
+ it do
+ mock_json :get, idp_config.jwks_uri,
'public_keys/jwks_with_private_key' do
+ expect do
+ should
+ end.to raise_error JSON::JWK::Set::KidNotFound
+ end
+ end
+ end
+ end
+
context 'when self-issued' do
context 'when valid' do
let(:self_issued) do
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/spec/openid_connect_spec.rb
new/spec/openid_connect_spec.rb
--- old/spec/openid_connect_spec.rb 2022-08-14 03:49:08.000000000 +0200
+++ new/spec/openid_connect_spec.rb 2022-10-10 04:34:15.000000000 +0200
@@ -46,12 +46,12 @@
context 'with http_config' do
before do
OpenIDConnect.http_config do |config|
- config.ssl_config.verify_mode = OpenSSL::SSL::VERIFY_NONE
+ config.ssl.verify = false
end
end
it 'should configure OpenIDConnect, SWD and Rack::OAuth2\'s http_client'
do
[OpenIDConnect, SWD, WebFinger, Rack::OAuth2].each do |klass|
- klass.http_client.ssl_config.verify_mode.should ==
OpenSSL::SSL::VERIFY_NONE
+ klass.http_client.ssl.verify.should be_falsy
end
end
end
![https://secure.travis-ci.org/nov/openid_connect.png"](https://secure.travis-ci.org/nov/openid_connect.png"){kind=link}