Hello community,
here is the log from the commit of package rubygem-omniauth-oauth2 for
openSUSE:Factory checked in at 2020-10-05 19:32:33
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/rubygem-omniauth-oauth2 (Old)
and /work/SRC/openSUSE:Factory/.rubygem-omniauth-oauth2.new.4249 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "rubygem-omniauth-oauth2"
Mon Oct 5 19:32:33 2020 rev:3 rq:838060 version:1.7.0
Changes:
--------
---
/work/SRC/openSUSE:Factory/rubygem-omniauth-oauth2/rubygem-omniauth-oauth2.changes
2019-03-04 09:20:40.860597680 +0100
+++
/work/SRC/openSUSE:Factory/.rubygem-omniauth-oauth2.new.4249/rubygem-omniauth-oauth2.changes
2020-10-05 19:32:34.941064285 +0200
@@ -1,0 +2,6 @@
+Fri Sep 25 14:29:27 UTC 2020 - Stephan Kulow <[email protected]>
+
+updated to version 1.7.0
+ no changelog found
+
+-------------------------------------------------------------------
Old:
----
omniauth-oauth2-1.6.0.gem
New:
----
omniauth-oauth2-1.7.0.gem
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ rubygem-omniauth-oauth2.spec ++++++
--- /var/tmp/diff_new_pack.TJgSFN/_old 2020-10-05 19:32:35.625067170 +0200
+++ /var/tmp/diff_new_pack.TJgSFN/_new 2020-10-05 19:32:35.629067187 +0200
@@ -1,7 +1,7 @@
#
# spec file for package rubygem-omniauth-oauth2
#
-# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2020 SUSE LLC
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -24,7 +24,7 @@
#
Name: rubygem-omniauth-oauth2
-Version: 1.6.0
+Version: 1.7.0
Release: 0
%define mod_name omniauth-oauth2
%define mod_full_name %{mod_name}-%{version}
@@ -32,7 +32,7 @@
BuildRequires: %{rubygem gem2rpm}
BuildRequires: %{ruby}
BuildRequires: ruby-macros >= 5
-Url: https://github.com/omniauth/omniauth-oauth2
+URL: https://github.com/omniauth/omniauth-oauth2
Source: https://rubygems.org/gems/%{mod_full_name}.gem
Source1: gem2rpm.yml
Summary: An abstract OAuth2 strategy for OmniAuth
++++++ omniauth-oauth2-1.6.0.gem -> omniauth-oauth2-1.7.0.gem ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/.rubocop.yml new/.rubocop.yml
--- old/.rubocop.yml 2018-12-14 22:29:48.000000000 +0100
+++ new/.rubocop.yml 2020-08-11 17:42:09.000000000 +0200
@@ -1,15 +1,34 @@
+AllCops:
+ NewCops: enable
+
+Gemspec/RequiredRubyVersion:
+ Enabled: false
+
Layout/AccessModifierIndentation:
EnforcedStyle: outdent
+Layout/LineLength:
+ AllowURI: true
+ Enabled: false
+
Layout/SpaceInsideHashLiteralBraces:
EnforcedStyle: no_space
+Lint/MissingSuper:
+ Enabled: false
+
+Metrics/AbcSize:
+ Max: 18
+
+Metrics/BlockLength:
+ Exclude:
+ - spec/omniauth/strategies/oauth2_spec.rb
+
Metrics/BlockNesting:
Max: 2
-Metrics/LineLength:
- AllowURI: true
- Enabled: false
+Metrics/ClassLength:
+ Max: 110
Metrics/MethodLength:
CountComments: false
@@ -19,6 +38,10 @@
Max: 4
CountKeywordArgs: true
+Naming/FileName:
+ Exclude:
+ - lib/omniauth-oauth2.rb
+
Style/CollectionMethods:
PreferredMethods:
map: 'collect'
@@ -35,6 +58,9 @@
Style/ExpandPathArguments:
Enabled: false
+Style/FrozenStringLiteralComment:
+ Enabled: false
+
Style/HashSyntax:
EnforcedStyle: hash_rockets
@@ -52,4 +78,3 @@
Style/TrailingCommaInArrayLiteral:
EnforcedStyleForMultiline: comma
-
\ No newline at end of file
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/.travis.yml new/.travis.yml
--- old/.travis.yml 2018-12-14 22:29:48.000000000 +0100
+++ new/.travis.yml 2020-08-11 17:42:09.000000000 +0200
@@ -9,8 +9,6 @@
language: ruby
rvm:
- jruby-9000
- - 2.2.9
- - 2.3.5
- 2.4.4
- 2.5.3
- jruby-head
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/README.md new/README.md
--- old/README.md 2018-12-14 22:29:48.000000000 +0100
+++ new/README.md 2020-08-11 17:42:09.000000000 +0200
@@ -2,16 +2,14 @@
[][gem]
[][travis]
-[][gemnasium]
-[][codeclimate]
+[][codeclimate]
[][coveralls]
[](https://hakiri.io/github/omniauth/omniauth-oauth2/master)
[gem]: https://rubygems.org/gems/omniauth-oauth2
[travis]: http://travis-ci.org/omniauth/omniauth-oauth2
-[gemnasium]: https://gemnasium.com/github.com/omniauth/omniauth-oauth2
-[codeclimate]: https://codeclimate.com/github/omniauth/omniauth-oauth2
-[coveralls]: https://coveralls.io/r/omniauth/omniauth-oauth2
+[codeclimate]: https://codeclimate.com/github/intridea/omniauth-oauth2
+[coveralls]: https://coveralls.io/r/intridea/omniauth-oauth2
This gem contains a generic OAuth2 strategy for OmniAuth. It is meant to serve
as a building block strategy for other strategies and not to be used
@@ -34,6 +32,10 @@
# This is where you pass the options you would pass when
# initializing your consumer from the OAuth gem.
option :client_options, {:site => "https://api.somesite.com"}
+
+ # You may specify that your strategy should use PKCE by setting
+ # the pkce option to true: https://tools.ietf.org/html/rfc7636
+ option :pkce, true
# These are called after authentication has succeeded. If
# possible, you should try to set the UID without making
@@ -64,4 +66,3 @@
```
That's pretty much it!
-
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/Rakefile new/Rakefile
--- old/Rakefile 2018-12-14 22:29:48.000000000 +0100
+++ new/Rakefile 2020-08-11 17:42:09.000000000 +0200
@@ -1,4 +1,5 @@
#!/usr/bin/env rake
+
require "bundler/gem_tasks"
require "rspec/core/rake_task"
Binary files old/checksums.yaml.gz and new/checksums.yaml.gz differ
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/lib/omniauth/strategies/oauth2.rb
new/lib/omniauth/strategies/oauth2.rb
--- old/lib/omniauth/strategies/oauth2.rb 2018-12-14 22:29:48.000000000
+0100
+++ new/lib/omniauth/strategies/oauth2.rb 2020-08-11 17:42:09.000000000
+0200
@@ -24,11 +24,22 @@
option :client_secret, nil
option :client_options, {}
option :authorize_params, {}
- option :authorize_options, [:scope]
+ option :authorize_options, %i[scope state]
option :token_params, {}
option :token_options, []
option :auth_token_params, {}
option :provider_ignores_state, false
+ option :pkce, false
+ option :pkce_verifier, nil
+ option :pkce_options, {
+ :code_challenge => proc { |verifier|
+ Base64.urlsafe_encode64(
+ Digest::SHA2.digest(verifier),
+ :padding => false,
+ )
+ },
+ :code_challenge_method => "S256",
+ }
attr_accessor :access_token
@@ -48,22 +59,29 @@
redirect client.auth_code.authorize_url({:redirect_uri =>
callback_url}.merge(authorize_params))
end
- def authorize_params
+ def authorize_params # rubocop:disable Metrics/AbcSize,
Metrics/MethodLength
options.authorize_params[:state] = SecureRandom.hex(24)
- params = options.authorize_params.merge(options_for("authorize"))
+
if OmniAuth.config.test_mode
@env ||= {}
@env["rack.session"] ||= {}
end
+
+ params = options.authorize_params
+ .merge(options_for("authorize"))
+ .merge(pkce_authorize_params)
+
+ session["omniauth.pkce.verifier"] = options.pkce_verifier if
options.pkce
session["omniauth.state"] = params[:state]
+
params
end
def token_params
- options.token_params.merge(options_for("token"))
+
options.token_params.merge(options_for("token")).merge(pkce_token_params)
end
- def callback_phase # rubocop:disable AbcSize, CyclomaticComplexity,
MethodLength, PerceivedComplexity
+ def callback_phase # rubocop:disable Metrics/AbcSize,
Metrics/CyclomaticComplexity, Metrics/MethodLength, Metrics/PerceivedComplexity
error = request.params["error_reason"] || request.params["error"]
if error
fail!(error, CallbackError.new(request.params["error"],
request.params["error_description"] || request.params["error_reason"],
request.params["error_uri"]))
@@ -84,23 +102,44 @@
protected
+ def pkce_authorize_params
+ return {} unless options.pkce
+
+ options.pkce_verifier = SecureRandom.hex(64)
+
+ # NOTE: see https://tools.ietf.org/html/rfc7636#appendix-A
+ {
+ :code_challenge => options.pkce_options[:code_challenge]
+ .call(options.pkce_verifier),
+ :code_challenge_method =>
options.pkce_options[:code_challenge_method],
+ }
+ end
+
+ def pkce_token_params
+ return {} unless options.pkce
+
+ {:code_verifier => session.delete("omniauth.pkce.verifier")}
+ end
+
def build_access_token
verifier = request.params["code"]
client.auth_code.get_token(verifier, {:redirect_uri =>
callback_url}.merge(token_params.to_hash(:symbolize_keys => true)),
deep_symbolize(options.auth_token_params))
end
def deep_symbolize(options)
- hash = {}
- options.each do |key, value|
+ options.each_with_object({}) do |(key, value), hash|
hash[key.to_sym] = value.is_a?(Hash) ? deep_symbolize(value) : value
end
- hash
end
def options_for(option)
hash = {}
options.send(:"#{option}_options").select { |key| options[key] }.each
do |key|
- hash[key.to_sym] = options[key]
+ hash[key.to_sym] = if options[key].respond_to?(:call)
+ options[key].call(env)
+ else
+ options[key]
+ end
end
hash
end
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/lib/omniauth-oauth2/version.rb
new/lib/omniauth-oauth2/version.rb
--- old/lib/omniauth-oauth2/version.rb 2018-12-14 22:29:48.000000000 +0100
+++ new/lib/omniauth-oauth2/version.rb 2020-08-11 17:42:09.000000000 +0200
@@ -1,5 +1,5 @@
module OmniAuth
module OAuth2
- VERSION = "1.6.0".freeze
+ VERSION = "1.7.0".freeze
end
end
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/lib/omniauth-oauth2.rb new/lib/omniauth-oauth2.rb
--- old/lib/omniauth-oauth2.rb 2018-12-14 22:29:48.000000000 +0100
+++ new/lib/omniauth-oauth2.rb 2020-08-11 17:42:09.000000000 +0200
@@ -1,2 +1,2 @@
-require "omniauth-oauth2/version" # rubocop:disable FileName
+require "omniauth-oauth2/version"
require "omniauth/strategies/oauth2"
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/metadata new/metadata
--- old/metadata 2018-12-14 22:29:48.000000000 +0100
+++ new/metadata 2020-08-11 17:42:09.000000000 +0200
@@ -1,7 +1,7 @@
--- !ruby/object:Gem::Specification
name: omniauth-oauth2
version: !ruby/object:Gem::Version
- version: 1.6.0
+ version: 1.7.0
platform: ruby
authors:
- Michael Bleigh
@@ -10,7 +10,7 @@
autorequire:
bindir: bin
cert_chain: []
-date: 2018-12-14 00:00:00.000000000 Z
+date: 2020-08-11 00:00:00.000000000 Z
dependencies:
- !ruby/object:Gem::Dependency
name: oauth2
@@ -18,14 +18,14 @@
requirements:
- - "~>"
- !ruby/object:Gem::Version
- version: '1.1'
+ version: '1.4'
type: :runtime
prerelease: false
version_requirements: !ruby/object:Gem::Requirement
requirements:
- - "~>"
- !ruby/object:Gem::Version
- version: '1.1'
+ version: '1.4'
- !ruby/object:Gem::Dependency
name: omniauth
requirement: !ruby/object:Gem::Requirement
@@ -46,14 +46,14 @@
requirements:
- - "~>"
- !ruby/object:Gem::Version
- version: '1.0'
+ version: '2.0'
type: :development
prerelease: false
version_requirements: !ruby/object:Gem::Requirement
requirements:
- - "~>"
- !ruby/object:Gem::Version
- version: '1.0'
+ version: '2.0'
description: An abstract OAuth2 strategy for OmniAuth.
email:
- [email protected]
@@ -96,8 +96,7 @@
- !ruby/object:Gem::Version
version: '0'
requirements: []
-rubyforge_project:
-rubygems_version: 2.6.11
+rubygems_version: 3.0.0
signing_key:
specification_version: 4
summary: An abstract OAuth2 strategy for OmniAuth.
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/omniauth-oauth2.gemspec new/omniauth-oauth2.gemspec
--- old/omniauth-oauth2.gemspec 2018-12-14 22:29:48.000000000 +0100
+++ new/omniauth-oauth2.gemspec 2020-08-11 17:42:09.000000000 +0200
@@ -3,10 +3,10 @@
require "omniauth-oauth2/version"
Gem::Specification.new do |gem|
- gem.add_dependency "oauth2", "~> 1.1"
+ gem.add_dependency "oauth2", "~> 1.4"
gem.add_dependency "omniauth", "~> 1.9"
- gem.add_development_dependency "bundler", "~> 1.0"
+ gem.add_development_dependency "bundler", "~> 2.0"
gem.authors = ["Michael Bleigh", "Erik Michaels-Ober", "Tom Milewski"]
gem.email = ["[email protected]", "[email protected]",
"[email protected]"]
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/spec/omniauth/strategies/oauth2_spec.rb
new/spec/omniauth/strategies/oauth2_spec.rb
--- old/spec/omniauth/strategies/oauth2_spec.rb 2018-12-14 22:29:48.000000000
+0100
+++ new/spec/omniauth/strategies/oauth2_spec.rb 2020-08-11 17:42:09.000000000
+0200
@@ -1,6 +1,6 @@
require "helper"
-describe OmniAuth::Strategies::OAuth2 do # rubocop:disable Metrics/BlockLength
+describe OmniAuth::Strategies::OAuth2 do
def app
lambda do |_env|
[200, {}, ["Hello."]]
@@ -52,6 +52,7 @@
instance = subject.new("abc", "def", :authorize_options => %i[scope foo
state], :scope => "bar", :foo => "baz")
expect(instance.authorize_params["scope"]).to eq("bar")
expect(instance.authorize_params["foo"]).to eq("baz")
+ expect(instance.authorize_params["state"]).not_to be_empty
end
it "includes random state in the authorize params" do
@@ -59,6 +60,19 @@
expect(instance.authorize_params.keys).to eq(["state"])
expect(instance.session["omniauth.state"]).not_to be_empty
end
+
+ it "includes custom state in the authorize params" do
+ instance = subject.new("abc", "def", :state => proc { "qux" })
+ expect(instance.authorize_params.keys).to eq(["state"])
+ expect(instance.session["omniauth.state"]).to eq("qux")
+ end
+
+ it "includes PKCE parameters if enabled" do
+ instance = subject.new("abc", "def", :pkce => true)
+ expect(instance.authorize_params[:code_challenge]).to be_a(String)
+ expect(instance.authorize_params[:code_challenge_method]).to eq("S256")
+ expect(instance.session["omniauth.pkce.verifier"]).to be_a(String)
+ end
end
describe "#token_params" do
@@ -73,6 +87,13 @@
instance = subject.new("abc", "def", :token_options => %i[scope foo],
:scope => "bar", :foo => "baz")
expect(instance.token_params).to eq("scope" => "bar", "foo" => "baz")
end
+
+ it "includes the PKCE code_verifier if enabled" do
+ instance = subject.new("abc", "def", :pkce => true)
+ # setup session
+ instance.authorize_params
+ expect(instance.token_params[:code_verifier]).to be_a(String)
+ end
end
describe "#callback_phase" do
