Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Changes to OAuth2 authentication JSON output #48

Closed
wants to merge 3 commits into from
Closed

Changes to OAuth2 authentication JSON output #48

wants to merge 3 commits into from

Conversation

xelwarto
Copy link

@xelwarto xelwarto commented Jan 9, 2015

Example code located on the Google developers site for Ruby (https://developers.google.com/api-client-library/ruby/auth/web-app) utilizes the JSON output of the authentication information in a stored session for creating the OAuth2 client. While this works correctly for the first fetch of the access token, the JSON output does not provide adequate information regarding the expiration of the access token. With out the expiration information it is impossible to track and test for an expired access token in subsequent API executions. The changes in this PR add the expires_in and issued_at parameters to the JSON output which allows the client to properly track and verify if the access token has expired.

Additionally, while testing the creation of an OAuth2 client using the JSON output I came across an exception with how the authorization URI was being created. The following error was reported:

/usr/local/lib/ruby/gems/2.1.0/gems/addressable-2.3.6/lib/addressable/uri.rb:1579:in `sort!': comparison of Array with Array failed (ArgumentError)
    from /usr/local/lib/ruby/gems/2.1.0/gems/addressable-2.3.6/lib/addressable/uri.rb:1579:in `query_values='
    from /usr/local/lib/ruby/gems/2.1.0/gems/signet-0.6.0/lib/signet/oauth_2.rb:152:in `generate_authorization_uri'
    from /usr/local/lib/ruby/gems/2.1.0/gems/signet-0.6.0/lib/signet/oauth_2/client.rb:263:in `authorization_uri'
    from /usr/local/lib/ruby/gems/2.1.0/gems/signet-0.6.0/lib/signet/oauth_2/client.rb:853:in `to_json'

The issue was the result of mismatched hash key types ... the resulting merge of the query_values hash had a mix of both Symbol and String key types. This PR includes changes to normalize the query_values hash before the merge.

@xelwarto
Copy link
Author

The Signet library is failing to pass build due to changes to the JWT library. The following PR: jwt/ruby-jwt#45 implements claim expiration enforcement and since the Signet test specs include an expired token the build fails with an exception ...

Failure/Error: expect(@client.decoded_id_token).to eq ({
     JWT::ExpiredSignature:
       Signature has expired
     # ./lib/signet/oauth_2/client.rb:694:in `decoded_id_token'

@xelwarto xelwarto mentioned this pull request Jan 20, 2015
Closed
@TheRoyalTnetennba
Copy link
Contributor

Closing due to inactivity. Feel free to ping to-reopen

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@xelwarto @TheRoyalTnetennba