diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..b04a8c8 --- /dev/null +++ b/.gitignore @@ -0,0 +1,11 @@ +/.bundle/ +/.yardoc +/_yardoc/ +/coverage/ +/doc/ +/pkg/ +/spec/reports/ +/tmp/ + +# rspec failure tracking +.rspec_status diff --git a/.rspec b/.rspec new file mode 100644 index 0000000..34c5164 --- /dev/null +++ b/.rspec @@ -0,0 +1,3 @@ +--format documentation +--color +--require spec_helper diff --git a/.travis.yml b/.travis.yml new file mode 100644 index 0000000..12fe684 --- /dev/null +++ b/.travis.yml @@ -0,0 +1,7 @@ +--- +sudo: false +language: ruby +cache: bundler +rvm: + - 2.6.5 +before_install: gem install bundler -v 1.17.3 diff --git a/CODE_OF_CONDUCT.md b/CODE_OF_CONDUCT.md new file mode 100644 index 0000000..f146fa4 --- /dev/null +++ b/CODE_OF_CONDUCT.md @@ -0,0 +1,74 @@ +# Contributor Covenant Code of Conduct + +## Our Pledge + +In the interest of fostering an open and welcoming environment, we as +contributors and maintainers pledge to making participation in our project and +our community a harassment-free experience for everyone, regardless of age, body +size, disability, ethnicity, gender identity and expression, level of experience, +nationality, personal appearance, race, religion, or sexual identity and +orientation. + +## Our Standards + +Examples of behavior that contributes to creating a positive environment +include: + +* Using welcoming and inclusive language +* Being respectful of differing viewpoints and experiences +* Gracefully accepting constructive criticism +* Focusing on what is best for the community +* Showing empathy towards other community members + +Examples of unacceptable behavior by participants include: + +* The use of sexualized language or imagery and unwelcome sexual attention or +advances +* Trolling, insulting/derogatory comments, and personal or political attacks +* Public or private harassment +* Publishing others' private information, such as a physical or electronic + address, without explicit permission +* Other conduct which could reasonably be considered inappropriate in a + professional setting + +## Our Responsibilities + +Project maintainers are responsible for clarifying the standards of acceptable +behavior and are expected to take appropriate and fair corrective action in +response to any instances of unacceptable behavior. + +Project maintainers have the right and responsibility to remove, edit, or +reject comments, commits, code, wiki edits, issues, and other contributions +that are not aligned to this Code of Conduct, or to ban temporarily or +permanently any contributor for other behaviors that they deem inappropriate, +threatening, offensive, or harmful. + +## Scope + +This Code of Conduct applies both within project spaces and in public spaces +when an individual is representing the project or its community. Examples of +representing a project or community include using an official project e-mail +address, posting via an official social media account, or acting as an appointed +representative at an online or offline event. Representation of a project may be +further defined and clarified by project maintainers. + +## Enforcement + +Instances of abusive, harassing, or otherwise unacceptable behavior may be +reported by contacting the project team at stepaniuk@mlsdev.com. All +complaints will be reviewed and investigated and will result in a response that +is deemed necessary and appropriate to the circumstances. The project team is +obligated to maintain confidentiality with regard to the reporter of an incident. +Further details of specific enforcement policies may be posted separately. + +Project maintainers who do not follow or enforce the Code of Conduct in good +faith may face temporary or permanent repercussions as determined by other +members of the project's leadership. + +## Attribution + +This Code of Conduct is adapted from the [Contributor Covenant][homepage], version 1.4, +available at [http://contributor-covenant.org/version/1/4][version] + +[homepage]: http://contributor-covenant.org +[version]: http://contributor-covenant.org/version/1/4/ diff --git a/Gemfile b/Gemfile new file mode 100644 index 0000000..45436c0 --- /dev/null +++ b/Gemfile @@ -0,0 +1,6 @@ +source "https://rubygems.org" + +git_source(:github) {|repo_name| "https://github.com/#{repo_name}" } + +# Specify your gem's dependencies in oauth2_google_token_info_v3.gemspec +gemspec diff --git a/Gemfile.lock b/Gemfile.lock new file mode 100644 index 0000000..f57e6f2 --- /dev/null +++ b/Gemfile.lock @@ -0,0 +1,35 @@ +PATH + remote: . + specs: + oauth2_google_token_info_v3 (0.0.1) + +GEM + remote: https://rubygems.org/ + specs: + diff-lcs (1.3) + rake (13.0.1) + rspec (3.9.0) + rspec-core (~> 3.9.0) + rspec-expectations (~> 3.9.0) + rspec-mocks (~> 3.9.0) + rspec-core (3.9.1) + rspec-support (~> 3.9.1) + rspec-expectations (3.9.0) + diff-lcs (>= 1.2.0, < 2.0) + rspec-support (~> 3.9.0) + rspec-mocks (3.9.1) + diff-lcs (>= 1.2.0, < 2.0) + rspec-support (~> 3.9.0) + rspec-support (3.9.2) + +PLATFORMS + ruby + +DEPENDENCIES + bundler + oauth2_google_token_info_v3! + rake + rspec + +BUNDLED WITH + 1.17.3 diff --git a/LICENSE.txt b/LICENSE.txt new file mode 100644 index 0000000..8ba6965 --- /dev/null +++ b/LICENSE.txt @@ -0,0 +1,21 @@ +The MIT License (MIT) + +Copyright (c) 2020 Dmytro Stepaniuk + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is +furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in +all copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN +THE SOFTWARE. diff --git a/README.md b/README.md new file mode 100644 index 0000000..0a6d16f --- /dev/null +++ b/README.md @@ -0,0 +1,43 @@ +# Oauth2GoogleTokenInfoV3 + +Welcome to your new gem! In this directory, you'll find the files you need to be able to package up your Ruby library into a gem. Put your Ruby code in the file `lib/oauth2_google_token_info_v3`. To experiment with that code, run `bin/console` for an interactive prompt. + +TODO: Delete this and the text above, and describe your gem + +## Installation + +Add this line to your application's Gemfile: + +```ruby +gem 'oauth2_google_token_info_v3' +``` + +And then execute: + + $ bundle + +Or install it yourself as: + + $ gem install oauth2_google_token_info_v3 + +## Usage + +TODO: Write usage instructions here + +## Development + +After checking out the repo, run `bin/setup` to install dependencies. Then, run `rake spec` to run the tests. You can also run `bin/console` for an interactive prompt that will allow you to experiment. + +To install this gem onto your local machine, run `bundle exec rake install`. To release a new version, update the version number in `version.rb`, and then run `bundle exec rake release`, which will create a git tag for the version, push git commits and tags, and push the `.gem` file to [rubygems.org](https://rubygems.org). + +## Contributing + +Bug reports and pull requests are welcome on GitHub at https://github.com/[USERNAME]/oauth2_google_token_info_v3. This project is intended to be a safe, welcoming space for collaboration, and contributors are expected to adhere to the [Contributor Covenant](http://contributor-covenant.org) code of conduct. + +## License + +The gem is available as open source under the terms of the [MIT License](https://opensource.org/licenses/MIT). + +## Code of Conduct + +Everyone interacting in the Oauth2GoogleTokenInfoV3 project’s codebases, issue trackers, chat rooms and mailing lists is expected to follow the [code of conduct](https://github.com/[USERNAME]/oauth2_google_token_info_v3/blob/master/CODE_OF_CONDUCT.md). diff --git a/Rakefile b/Rakefile new file mode 100644 index 0000000..b7e9ed5 --- /dev/null +++ b/Rakefile @@ -0,0 +1,6 @@ +require "bundler/gem_tasks" +require "rspec/core/rake_task" + +RSpec::Core::RakeTask.new(:spec) + +task :default => :spec diff --git a/bin/console b/bin/console new file mode 100755 index 0000000..cb29a88 --- /dev/null +++ b/bin/console @@ -0,0 +1,14 @@ +#!/usr/bin/env ruby + +require "bundler/setup" +require "oauth2_google_token_info_v3" + +# You can add fixtures and/or initialization code here to make experimenting +# with your gem easier. You can also use a different console, if you like. + +# (If you use this, don't forget to add pry to your Gemfile!) +# require "pry" +# Pry.start + +require "irb" +IRB.start(__FILE__) diff --git a/bin/setup b/bin/setup new file mode 100755 index 0000000..dce67d8 --- /dev/null +++ b/bin/setup @@ -0,0 +1,8 @@ +#!/usr/bin/env bash +set -euo pipefail +IFS=$'\n\t' +set -vx + +bundle install + +# Do any other automated setup that you need to do here diff --git a/lib/oauth2_google_token_info_v3.rb b/lib/oauth2_google_token_info_v3.rb new file mode 100644 index 0000000..fd1729f --- /dev/null +++ b/lib/oauth2_google_token_info_v3.rb @@ -0,0 +1,5 @@ +require "oauth2_google_token_info_v3/version" +require "oauth2_google_token_info_v3/https_request" + +module Oauth2GoogleTokenInfoV3 +end diff --git a/lib/oauth2_google_token_info_v3/https_request.rb b/lib/oauth2_google_token_info_v3/https_request.rb new file mode 100644 index 0000000..dddf5b3 --- /dev/null +++ b/lib/oauth2_google_token_info_v3/https_request.rb @@ -0,0 +1,84 @@ +module Oauth2GoogleTokenInfoV3 + class HttpsRequest + attr_reader :jwt_id_token + + def initialize jwt_id_token + @jwt_id_token = jwt_id_token.presence + end + + # { + # "iss": "accounts.google.com", + # "azp": "XXX-XXX.apps.googleusercontent.com", + # "aud": "XXX-XXX.apps.googleusercontent.com", + # "sub": "XXX", + # "hd": "example.com", + # "email": "xxx@example.com", + # "email_verified": "true", + # "at_hash": "XXX", + # "name": "XXX XXX", + # "picture": "https://xxx.googleusercontent.com/a-/XXX", + # "given_name": "XXX", + # "family_name": "XXX", + # "locale": "uk", + # "iat": "123", + # "exp": "123", + # "jti": "123XXX", + # "alg": "RS256", + # "kid": "123XXX", + # "typ": "JWT" + # } + def response + @response ||= ::JSON.parse(::Net::HTTP.get(request_uri), symbolize_names: true) + rescue ::Net::OpenTimeout + retry + end + + def subject + response.fetch(:sub) + end + alias_method :google_id, :subject + + def email + response.fetch(:email) + end + + def hosted_domain + response.fetch(:hd) + end + + def given_name + response.fetch(:given_name) + end + alias_method :first_name, :given_name + + def family_name + response.fetch(:family_name) + end + alias_method :last_name, :family_name + + def email_verified? + response.fetch(:email_verified) == 'true' + end + + def locale + response.fetch(:locale) + end + + def expire_at + @expire_at ||= ::Time.at(response.fetch(:exp).to_i).to_datetime + end + + def not_expired? + expire_at.future? + end + + private + + # + # https://developers.google.com/identity/sign-in/web/backend-auth#calling-the-tokeninfo-endpoint + # + def request_uri + @request_uri ||= URI("https://www.googleapis.com/oauth2/v3/tokeninfo?id_token=#{ jwt_id_token }") + end + end +end diff --git a/lib/oauth2_google_token_info_v3/version.rb b/lib/oauth2_google_token_info_v3/version.rb new file mode 100644 index 0000000..38a4298 --- /dev/null +++ b/lib/oauth2_google_token_info_v3/version.rb @@ -0,0 +1,3 @@ +module Oauth2GoogleTokenInfoV3 + VERSION = "0.0.1" +end diff --git a/oauth2_google_token_info_v3.gemspec b/oauth2_google_token_info_v3.gemspec new file mode 100644 index 0000000..7c9f4b4 --- /dev/null +++ b/oauth2_google_token_info_v3.gemspec @@ -0,0 +1,38 @@ + +lib = File.expand_path("../lib", __FILE__) +$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib) +require "oauth2_google_token_info_v3/version" + +Gem::Specification.new do |spec| + spec.name = "oauth2_google_token_info_v3" + spec.version = Oauth2GoogleTokenInfoV3::VERSION + spec.authors = ["Dmytro Stepaniuk"] + spec.email = ["stepaniuk@mlsdev.com"] + + spec.summary = %q{OAuth tokeninfo} + spec.description = %q{google-api-ruby-client still dont have support for oauth_v3 - that's why this gem appeared} + spec.homepage = "https://mlsdev.com" + spec.license = "MIT" + + # Prevent pushing this gem to RubyGems.org. To allow pushes either set the 'allowed_push_host' + # to allow pushing to a single host or delete this section to allow pushing to any host. + if spec.respond_to?(:metadata) + spec.metadata["homepage_uri"] = spec.homepage + else + raise "RubyGems 2.0 or newer is required to protect against " \ + "public gem pushes." + end + + # Specify which files should be added to the gem when it is released. + # The `git ls-files -z` loads the files in the RubyGem that have been added into git. + spec.files = Dir.chdir(File.expand_path('..', __FILE__)) do + `git ls-files -z`.split("\x0").reject { |f| f.match(%r{^(test|spec|features)/}) } + end + spec.bindir = "exe" + spec.executables = spec.files.grep(%r{^exe/}) { |f| File.basename(f) } + spec.require_paths = ["lib"] + + spec.add_development_dependency "bundler" + spec.add_development_dependency "rake" + spec.add_development_dependency "rspec" +end diff --git a/spec/oauth2_google_token_info_v3_spec.rb b/spec/oauth2_google_token_info_v3_spec.rb new file mode 100644 index 0000000..087041f --- /dev/null +++ b/spec/oauth2_google_token_info_v3_spec.rb @@ -0,0 +1,9 @@ +RSpec.describe Oauth2GoogleTokenInfoV3 do + it "has a version number" do + expect(Oauth2GoogleTokenInfoV3::VERSION).not_to be nil + end + + it "does something useful" do + expect(false).to eq(true) + end +end diff --git a/spec/spec_helper.rb b/spec/spec_helper.rb new file mode 100644 index 0000000..2e0cba1 --- /dev/null +++ b/spec/spec_helper.rb @@ -0,0 +1,14 @@ +require "bundler/setup" +require "oauth2_google_token_info_v3" + +RSpec.configure do |config| + # Enable flags like --only-failures and --next-failure + config.example_status_persistence_file_path = ".rspec_status" + + # Disable RSpec exposing methods globally on `Module` and `main` + config.disable_monkey_patching! + + config.expect_with :rspec do |c| + c.syntax = :expect + end +end