From f6a38199d10264b70e0412f09d79ac7b9c677776 Mon Sep 17 00:00:00 2001 From: Katie Edgar Date: Wed, 18 Dec 2024 14:51:38 -0500 Subject: [PATCH 1/4] Use dynamic options for jwk discovery and token introspection --- lib/omniauth/strategies/base_strategy.rb | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/lib/omniauth/strategies/base_strategy.rb b/lib/omniauth/strategies/base_strategy.rb index 642b3f7..3b81f06 100644 --- a/lib/omniauth/strategies/base_strategy.rb +++ b/lib/omniauth/strategies/base_strategy.rb @@ -32,7 +32,7 @@ def self.decode_logout_token(token) end def self.fetch_jwks - key = ::OpenIDConnect.http_client.get("#{default_options[:issuer]}/.well-known/jwks.json").body + key = ::OpenIDConnect.http_client.get("#{options[:issuer]}/.well-known/jwks.json").body json = key.is_a?(String) ? JSON.parse(key) : key return JSON::JWK::Set.new(json["keys"]) if json.key?("keys") @@ -45,9 +45,9 @@ def self.introspect_token(token, api_key) body: { token: token }, } - response = ::OpenIDConnect.http_client.post("#{default_options[:issuer]}/api/tokens/introspect", **options) + response = ::OpenIDConnect.http_client.post("#{options[:issuer]}/api/tokens/introspect", **options) - raise APIError, "#{default_options[:name]} error: #{response.status}" if response.status.to_i >= 400 + raise APIError, "#{options[:name]} error: #{response.status}" if response.status.to_i >= 400 JSON.parse(response.body) end From 5645d00413c33a34de37c10d083d46b892ad280e Mon Sep 17 00:00:00 2001 From: Katie Edgar Date: Wed, 18 Dec 2024 14:58:43 -0500 Subject: [PATCH 2/4] Backfill and update changelog --- docs/CHANGELOG.md | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/docs/CHANGELOG.md b/docs/CHANGELOG.md index c5a932d..27dcbb9 100644 --- a/docs/CHANGELOG.md +++ b/docs/CHANGELOG.md @@ -7,6 +7,22 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0 ## [Unreleased] +### Changed + +* Use dynamic issuer for JWK discovery and token intropsection + +## [1.3.3] - 2024-07-01 + +### Fixed + +* Correct URLs for JWK discovery and token introspection. PR [#43](https://github.com/powerhome/omniauth-nitro-id/pull/43) + +## [1.3.2] - 2024-06-30 + +### Fixed + +* Correct default issuer value for nitro-id and tempo-id strategies. PR [#41](https://github.com/powerhome/omniauth-nitro-id/pull/41) + ## [1.3.1] - 2023-09-21 * Display better error message for missing credentials. PR [#27](https://github.com/powerhome/omniauth-nitro-id/pull/27) From dbf826dd152e1cb6211ea8fad24b3410da50ab14 Mon Sep 17 00:00:00 2001 From: Katie Edgar Date: Wed, 18 Dec 2024 15:15:12 -0500 Subject: [PATCH 3/4] Update changelog links --- docs/CHANGELOG.md | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/docs/CHANGELOG.md b/docs/CHANGELOG.md index 27dcbb9..8371784 100644 --- a/docs/CHANGELOG.md +++ b/docs/CHANGELOG.md @@ -63,7 +63,9 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0 * Initial release -[Unreleased]: https://github.com/powerhome/omniauth-nitro-id/compare/v1.3.1...HEAD +[Unreleased]: https://github.com/powerhome/omniauth-nitro-id/compare/v1.3.3...HEAD +[1.3.3]: https://github.com/powerhome/omniauth-nitro-id/releases/tag/v1.3.3 +[1.3.2]: https://github.com/powerhome/omniauth-nitro-id/releases/tag/v1.3.2 [1.3.1]: https://github.com/powerhome/omniauth-nitro-id/releases/tag/v1.3.1 [1.3.0]: https://github.com/powerhome/omniauth-nitro-id/releases/tag/v1.3.0 [1.2.1]: https://github.com/powerhome/omniauth-nitro-id/releases/tag/v1.2.1 From aa65bfd00e7364ebff4e31e53d4d047a6945615a Mon Sep 17 00:00:00 2001 From: Katie Edgar <38359249+web-kat@users.noreply.github.com> Date: Wed, 18 Dec 2024 15:23:47 -0500 Subject: [PATCH 4/4] Update docs/CHANGELOG.md Co-authored-by: Denis Zablotsky --- docs/CHANGELOG.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/CHANGELOG.md b/docs/CHANGELOG.md index 8371784..429fb07 100644 --- a/docs/CHANGELOG.md +++ b/docs/CHANGELOG.md @@ -9,7 +9,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0 ### Changed -* Use dynamic issuer for JWK discovery and token intropsection +* Use dynamic issuer for JWK discovery and token introspection ## [1.3.3] - 2024-07-01