Hello community,
here is the log from the commit of package rubygem-openid_connect for
openSUSE:Factory checked in at 2018-03-06 10:47:03
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/rubygem-openid_connect (Old)
and /work/SRC/openSUSE:Factory/.rubygem-openid_connect.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "rubygem-openid_connect"
Tue Mar 6 10:47:03 2018 rev:2 rq:581877 version:1.1.5
Changes:
--------
---
/work/SRC/openSUSE:Factory/rubygem-openid_connect/rubygem-openid_connect.changes
2018-01-10 23:30:56.795909244 +0100
+++
/work/SRC/openSUSE:Factory/.rubygem-openid_connect.new/rubygem-openid_connect.changes
2018-03-06 10:47:03.568779357 +0100
@@ -1,0 +2,12 @@
+Wed Feb 28 05:31:23 UTC 2018 - [email protected]
+
+- updated to version 1.1.5
+ no changelog found
+
+-------------------------------------------------------------------
+Wed Feb 14 05:30:50 UTC 2018 - [email protected]
+
+- updated to version 1.1.4
+ no changelog found
+
+-------------------------------------------------------------------
Old:
----
openid_connect-1.1.3.gem
New:
----
openid_connect-1.1.5.gem
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ rubygem-openid_connect.spec ++++++
--- /var/tmp/diff_new_pack.hRuuHe/_old 2018-03-06 10:47:04.344751326 +0100
+++ /var/tmp/diff_new_pack.hRuuHe/_new 2018-03-06 10:47:04.348751182 +0100
@@ -1,7 +1,7 @@
#
# spec file for package rubygem-openid_connect
#
-# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -24,14 +24,14 @@
#
Name: rubygem-openid_connect
-Version: 1.1.3
+Version: 1.1.5
Release: 0
%define mod_name openid_connect
%define mod_full_name %{mod_name}-%{version}
BuildRoot: %{_tmppath}/%{name}-%{version}-build
-BuildRequires: ruby-macros >= 5
-BuildRequires: %{ruby}
BuildRequires: %{rubygem gem2rpm}
+BuildRequires: %{ruby}
+BuildRequires: ruby-macros >= 5
Url: https://github.com/nov/openid_connect
Source: https://rubygems.org/gems/%{mod_full_name}.gem
Source1: gem2rpm.yml
++++++ openid_connect-1.1.3.gem -> openid_connect-1.1.5.gem ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/.travis.yml new/.travis.yml
--- old/.travis.yml 2017-07-24 06:25:09.000000000 +0200
+++ new/.travis.yml 2018-02-27 08:09:12.000000000 +0100
@@ -2,6 +2,6 @@
- gem install bundler
rvm:
- - 2.2.2
- - 2.2.5
- - 2.3.1
\ No newline at end of file
+ - 2.3.6
+ - 2.4.3
+ - 2.5.0
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/VERSION new/VERSION
--- old/VERSION 2017-07-24 06:25:09.000000000 +0200
+++ new/VERSION 2018-02-27 08:09:12.000000000 +0100
@@ -1 +1 @@
-1.1.3
+1.1.5
Binary files old/checksums.yaml.gz and new/checksums.yaml.gz differ
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/lib/openid_connect/client.rb
new/lib/openid_connect/client.rb
--- old/lib/openid_connect/client.rb 2017-07-24 06:25:09.000000000 +0200
+++ new/lib/openid_connect/client.rb 2018-02-27 08:09:12.000000000 +0100
@@ -27,7 +27,8 @@
def handle_success_response(response)
token_hash = JSON.parse(response.body).with_indifferent_access
- case token_type = token_hash[:token_type].try(:downcase)
+ token_type = (@forced_token_type ||
token_hash[:token_type]).try(:downcase)
+ case token_type
when 'bearer'
AccessToken.new token_hash.merge(client: self)
else
@@ -41,4 +42,4 @@
Dir[File.dirname(__FILE__) + '/client/*.rb'].each do |file|
require file
-end
\ No newline at end of file
+end
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/lib/openid_connect/discovery/provider/config/response.rb
new/lib/openid_connect/discovery/provider/config/response.rb
--- old/lib/openid_connect/discovery/provider/config/response.rb
2017-07-24 06:25:09.000000000 +0200
+++ new/lib/openid_connect/discovery/provider/config/response.rb
2018-02-27 08:09:12.000000000 +0100
@@ -76,7 +76,7 @@
end
end
- def validate!(expected_issuer = nil)
+ def validate!
valid? or raise ValidationFailed.new(self)
end
@@ -95,7 +95,11 @@
def validate_issuer_matching
if expected_issuer.present? && issuer != expected_issuer
- errors.add :issuer, 'mismatch'
+ if OpenIDConnect.validate_discovery_issuer
+ errors.add :issuer, 'mismatch'
+ else
+ OpenIDConnect.logger.warn 'ignoring issuer mismach.'
+ end
end
end
end
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/lib/openid_connect/response_object/id_token.rb
new/lib/openid_connect/response_object/id_token.rb
--- old/lib/openid_connect/response_object/id_token.rb 2017-07-24
06:25:09.000000000 +0200
+++ new/lib/openid_connect/response_object/id_token.rb 2018-02-27
08:09:12.000000000 +0100
@@ -10,7 +10,7 @@
class InvalidAudience < InvalidToken; end
attr_required :iss, :sub, :aud, :exp, :iat
- attr_optional :acr, :auth_time, :nonce, :sub_jwk, :at_hash, :c_hash
+ attr_optional :acr, :amr, :azp, :jti, :sid, :auth_time, :nonce,
:sub_jwk, :at_hash, :c_hash, :events
attr_accessor :access_token, :code
alias_method :subject, :sub
alias_method :subject=, :sub=
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/lib/openid_connect.rb new/lib/openid_connect.rb
--- old/lib/openid_connect.rb 2017-07-24 06:25:09.000000000 +0200
+++ new/lib/openid_connect.rb 2018-02-27 08:09:12.000000000 +0100
@@ -76,6 +76,16 @@
end
@@http_config ||= block
end
+
+ def self.validate_discovery_issuer=(boolean)
+ @@validate_discovery_issuer = boolean
+ end
+
+ def self.validate_discovery_issuer
+ @@validate_discovery_issuer
+ end
+
+ self.validate_discovery_issuer = true
end
require 'openid_connect/exception'
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/metadata new/metadata
--- old/metadata 2017-07-24 06:25:09.000000000 +0200
+++ new/metadata 2018-02-27 08:09:12.000000000 +0100
@@ -1,30 +1,16 @@
--- !ruby/object:Gem::Specification
name: openid_connect
version: !ruby/object:Gem::Version
- version: 1.1.3
+ version: 1.1.5
platform: ruby
authors:
- nov matake
autorequire:
bindir: bin
cert_chain: []
-date: 2017-07-24 00:00:00.000000000 Z
+date: 2018-02-27 00:00:00.000000000 Z
dependencies:
- !ruby/object:Gem::Dependency
- name: json
- requirement: !ruby/object:Gem::Requirement
- requirements:
- - - ">="
- - !ruby/object:Gem::Version
- version: 1.4.3
- type: :runtime
- prerelease: false
- version_requirements: !ruby/object:Gem::Requirement
- requirements:
- - - ">="
- - !ruby/object:Gem::Version
- version: 1.4.3
-- !ruby/object:Gem::Dependency
name: tzinfo
requirement: !ruby/object:Gem::Requirement
requirements:
@@ -272,6 +258,7 @@
- spec/mock_response/access_token/bearer_with_id_token.json
- spec/mock_response/access_token/invalid_json.json
- spec/mock_response/access_token/mac.json
+- spec/mock_response/access_token/without_token_type.json
- spec/mock_response/client/registered.json
- spec/mock_response/client/rotated.json
- spec/mock_response/client/updated.json
@@ -333,7 +320,7 @@
version: '0'
requirements: []
rubyforge_project:
-rubygems_version: 2.6.11
+rubygems_version: 2.6.13
signing_key:
specification_version: 4
summary: OpenID Connect Server & Client Library
@@ -344,6 +331,7 @@
- spec/mock_response/access_token/bearer_with_id_token.json
- spec/mock_response/access_token/invalid_json.json
- spec/mock_response/access_token/mac.json
+- spec/mock_response/access_token/without_token_type.json
- spec/mock_response/client/registered.json
- spec/mock_response/client/rotated.json
- spec/mock_response/client/updated.json
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/openid_connect.gemspec new/openid_connect.gemspec
--- old/openid_connect.gemspec 2017-07-24 06:25:09.000000000 +0200
+++ new/openid_connect.gemspec 2018-02-27 08:09:12.000000000 +0100
@@ -12,7 +12,6 @@
s.test_files = `git ls-files -- {test,spec,features}/*`.split("\n")
s.executables = `git ls-files -- bin/*`.split("\n").map{ |f|
File.basename(f) }
s.require_paths = ["lib"]
- s.add_runtime_dependency "json", ">= 1.4.3"
s.add_runtime_dependency "tzinfo"
s.add_runtime_dependency "attr_required", ">= 1.0.0"
s.add_runtime_dependency "activemodel"
@@ -27,4 +26,4 @@
s.add_development_dependency "rspec-its"
s.add_development_dependency "webmock"
s.add_development_dependency "simplecov"
-end
\ No newline at end of file
+end
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/spec/mock_response/access_token/without_token_type.json
new/spec/mock_response/access_token/without_token_type.json
--- old/spec/mock_response/access_token/without_token_type.json 1970-01-01
01:00:00.000000000 +0100
+++ new/spec/mock_response/access_token/without_token_type.json 2018-02-27
08:09:12.000000000 +0100
@@ -0,0 +1,3 @@
+{
+ "access_token":"access_token"
+}
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/spec/openid_connect/client_spec.rb
new/spec/openid_connect/client_spec.rb
--- old/spec/openid_connect/client_spec.rb 2017-07-24 06:25:09.000000000
+0200
+++ new/spec/openid_connect/client_spec.rb 2018-02-27 08:09:12.000000000
+0100
@@ -178,6 +178,15 @@
expect { access_token }.to raise_error OpenIDConnect::Exception,
'Unexpected Token Type: mac'
end
end
+
+ context 'when token_type is forced' do
+ before { client.force_token_type! :bearer }
+ it 'should use forced token_type' do
+ mock_json :post, client.token_endpoint,
'access_token/without_token_type', request_header: header_params, params:
protocol_params do
+ access_token.should be_a OpenIDConnect::AccessToken
+ end
+ end
+ end
end
end
-end
\ No newline at end of file
+end
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/spec/openid_connect/discovery/provider/config_spec.rb
new/spec/openid_connect/discovery/provider/config_spec.rb
--- old/spec/openid_connect/discovery/provider/config_spec.rb 2017-07-24
06:25:09.000000000 +0200
+++ new/spec/openid_connect/discovery/provider/config_spec.rb 2018-02-27
08:09:12.000000000 +0100
@@ -56,13 +56,33 @@
end
end
- context 'when response include invalid issuer' do
- it do
- expect do
- mock_json :get, endpoint, 'discovery/config_with_invalid_issuer' do
- OpenIDConnect::Discovery::Provider::Config.discover! provider
- end
- end.to raise_error OpenIDConnect::Discovery::DiscoveryFailed
+ describe 'when response include invalid issuer' do
+ context 'with normal configuration' do
+ it do
+ expect do
+ mock_json :get, endpoint, 'discovery/config_with_invalid_issuer' do
+ OpenIDConnect::Discovery::Provider::Config.discover! provider
+ end
+ end.to raise_error OpenIDConnect::Discovery::DiscoveryFailed
+ end
+ end
+
+ context 'when issuer validation is disabled.' do
+ before :each do
+ OpenIDConnect.validate_discovery_issuer = false
+ end
+
+ after :each do
+ OpenIDConnect.validate_discovery_issuer = true
+ end
+
+ it do
+ expect do
+ mock_json :get, endpoint, 'discovery/config_with_invalid_issuer' do
+ OpenIDConnect::Discovery::Provider::Config.discover! provider
+ end
+ end.not_to raise_error
+ end
end
end
@@ -76,4 +96,4 @@
end
end
end
-end
\ No newline at end of file
+end
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/spec/openid_connect/response_object/id_token_spec.rb
new/spec/openid_connect/response_object/id_token_spec.rb
--- old/spec/openid_connect/response_object/id_token_spec.rb 2017-07-24
06:25:09.000000000 +0200
+++ new/spec/openid_connect/response_object/id_token_spec.rb 2018-02-27
08:09:12.000000000 +0100
@@ -19,7 +19,7 @@
describe 'attributes' do
subject { klass }
its(:required_attributes) { should == [:iss, :sub, :aud, :exp, :iat] }
- its(:optional_attributes) { should == [:acr, :auth_time, :nonce, :sub_jwk,
:at_hash, :c_hash] }
+ its(:optional_attributes) { should == [:acr, :amr, :azp, :jti, :sid,
:auth_time, :nonce, :sub_jwk, :at_hash, :c_hash, :events] }
describe 'auth_time' do
subject { id_token.auth_time }
@@ -315,4 +315,4 @@
its(:sub_jwk) { should == sub_jwk}
its(:subject) { should == sub_jwk.thumbprint }
end
-end
\ No newline at end of file
+end
