Packages
boruta
2.1.0
3.0.0-beta.4
3.0.0-beta.3
3.0.0-beta.2
3.0.0-beta.1
2.3.6
2.3.5
2.3.4
2.3.3
2.3.2
2.3.1
2.3.0
2.2.2
2.2.1
2.2.0
2.1.5
2.1.4
2.1.3
2.1.2
2.1.1
2.1.0
2.0.1
2.0.0
2.0.0-rc.1
2.0.0-rc.0
1.2.1
1.2.0
1.1.0
1.0.3
1.0.2
1.0.1
1.0.0
1.0.0-rc.3
1.0.0-rc.2
1.0.0-rc.1
1.0.0-rc.0
0.2.1
0.2.0
0.1.1
0.1.0
0.1.0-rc.5
0.1.0-rc.4
0.1.0-rc.3
0.1.0-rc.2
0.1.0-rc.1
Core of an OAuth/OpenID Connect provider enabling authorization in your applications.
Current section
44 Versions
Jump to
Current section
44 Versions
Compare versions
27
files changed
+479
additions
-37
deletions
| @@ -5,6 +5,17 @@ All notable changes to this project will be documented in this file. | |
| 5 5 | The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), |
| 6 6 | and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html). |
| 7 7 | |
| 8 | + ## [2.1.0] - 2022-04-29 |
| 9 | + |
| 10 | + ### Added |
| 11 | + |
| 12 | + - OpenID Connect jwks endpoint domain and application layer generation |
| 13 | + - OpenID Connect userinfo endpoint domain and application layer generation |
| 14 | + |
| 15 | + ### Fixed |
| 16 | + |
| 17 | + - OpenID Connect prompt=none login_required errors in domain |
| 18 | + |
| 8 19 | ## [2.0.1] - 2022-04-12 |
| 9 20 | |
| 10 21 | ### Added |
| @@ -10,8 +10,8 @@ | |
| 10 10 | <<"lib/boruta.ex">>,<<"lib/mix">>,<<"lib/mix/tasks">>, |
| 11 11 | <<"lib/mix/tasks/boruta.gen.migration.ex">>, |
| 12 12 | <<"lib/mix/tasks/boruta.gen.controllers.ex">>,<<"lib/boruta">>, |
| 13 | - <<"lib/boruta/application.ex">>,<<"lib/boruta/oauth">>, |
| 14 | - <<"lib/boruta/oauth/requests">>, |
| 13 | + <<"lib/boruta/openid.ex">>,<<"lib/boruta/application.ex">>, |
| 14 | + <<"lib/boruta/oauth">>,<<"lib/boruta/oauth/requests">>, |
| 15 15 | <<"lib/boruta/oauth/requests/token_request.ex">>, |
| 16 16 | <<"lib/boruta/oauth/requests/refresh_token_resquest.ex">>, |
| 17 17 | <<"lib/boruta/oauth/requests/authorization_code_request.ex">>, |
| @@ -31,7 +31,7 @@ | |
| 31 31 | <<"lib/boruta/oauth/responses/authorize.ex">>, |
| 32 32 | <<"lib/boruta/oauth/responses/token.ex">>, |
| 33 33 | <<"lib/boruta/oauth/responses/introspect.ex">>, |
| 34 | - <<"lib/boruta/oauth/authorization">>, |
| 34 | + <<"lib/boruta/oauth/bearer_token.ex">>,<<"lib/boruta/oauth/authorization">>, |
| 35 35 | <<"lib/boruta/oauth/authorization/nonce.ex">>, |
| 36 36 | <<"lib/boruta/oauth/authorization/scope.ex">>, |
| 37 37 | <<"lib/boruta/oauth/authorization/code.ex">>, |
| @@ -59,7 +59,11 @@ | |
| 59 59 | <<"lib/boruta/oauth/request/token.ex">>, |
| 60 60 | <<"lib/boruta/oauth/request/introspect.ex">>, |
| 61 61 | <<"lib/boruta/oauth/request/revoke.ex">>, |
| 62 | - <<"lib/boruta/oauth/authorization.ex">>,<<"lib/boruta/oauth.ex">>, |
| 62 | + <<"lib/boruta/oauth/authorization.ex">>,<<"lib/boruta/openid">>, |
| 63 | + <<"lib/boruta/openid/applications">>, |
| 64 | + <<"lib/boruta/openid/applications/userinfo_application.ex">>, |
| 65 | + <<"lib/boruta/openid/applications/jwks_application.ex">>, |
| 66 | + <<"lib/boruta/openid/application.ex">>,<<"lib/boruta/oauth.ex">>, |
| 63 67 | <<"lib/boruta/config.ex">>,<<"lib/boruta/repo.ex">>,<<"lib/boruta/utils">>, |
| 64 68 | <<"lib/boruta/utils/basic_auth.ex">>, |
| 65 69 | <<"lib/boruta/utils/token_generator.ex">>,<<"lib/boruta/adapters">>, |
| @@ -124,6 +128,8 @@ | |
| 124 128 | <<"priv/templates/boruta.gen.controllers/unit/openid">>, |
| 125 129 | <<"priv/templates/boruta.gen.controllers/unit/openid/controllers">>, |
| 126 130 | <<"priv/templates/boruta.gen.controllers/unit/openid/controllers/token_controller_test.exs.eex">>, |
| 131 | + <<"priv/templates/boruta.gen.controllers/unit/openid/controllers/jwks_controller_test.exs.eex">>, |
| 132 | + <<"priv/templates/boruta.gen.controllers/unit/openid/controllers/userinfo_controller_test.exs.eex">>, |
| 127 133 | <<"priv/templates/boruta.gen.controllers/unit/openid/controllers/authorize_controller_test.exs.eex">>, |
| 128 134 | <<"priv/templates/boruta.gen.controllers/controllers">>, |
| 129 135 | <<"priv/templates/boruta.gen.controllers/controllers/oauth">>, |
| @@ -132,11 +138,14 @@ | |
| 132 138 | <<"priv/templates/boruta.gen.controllers/controllers/oauth/authorize_controller.ex.eex">>, |
| 133 139 | <<"priv/templates/boruta.gen.controllers/controllers/oauth/revoke_controller.ex.eex">>, |
| 134 140 | <<"priv/templates/boruta.gen.controllers/controllers/openid">>, |
| 141 | + <<"priv/templates/boruta.gen.controllers/controllers/openid/jwks_controller.ex.eex">>, |
| 142 | + <<"priv/templates/boruta.gen.controllers/controllers/openid/userinfo_controller.ex.eex">>, |
| 135 143 | <<"priv/templates/boruta.gen.controllers/controllers/openid/authorize_controller.ex.eex">>, |
| 136 144 | <<"priv/templates/boruta.gen.controllers/templates">>, |
| 137 145 | <<"priv/templates/boruta.gen.controllers/templates/oauth">>, |
| 138 146 | <<"priv/templates/boruta.gen.controllers/templates/oauth/error.html.eex">>, |
| 139 147 | <<"priv/templates/boruta.gen.controllers/views">>, |
| 148 | + <<"priv/templates/boruta.gen.controllers/views/openid_view.ex.eex">>, |
| 140 149 | <<"priv/templates/boruta.gen.controllers/views/oauth_view.ex.eex">>, |
| 141 150 | <<".formatter.exs">>,<<"mix.exs">>,<<"README.md">>,<<"LICENSE">>, |
| 142 151 | <<"CHANGELOG.md">>]}. |
| @@ -199,4 +208,4 @@ | |
| 199 208 | {<<"optional">>,false}, |
| 200 209 | {<<"repository">>,<<"hexpm">>}, |
| 201 210 | {<<"requirement">>,<<"~> 1.0">>}]]}. |
| 202 | - {<<"version">>,<<"2.0.1">>}. |
| 211 | + {<<"version">>,<<"2.1.0">>}. |
| @@ -9,4 +9,5 @@ defmodule Boruta.ClientsAdapter do | |
| 9 9 | |
| 10 10 | def get_client(id), do: clients().get_client(id) |
| 11 11 | def authorized_scopes(params), do: clients().authorized_scopes(params) |
| 12 | + def list_clients_jwk, do: clients().list_clients_jwk() |
| 12 13 | end |
| @@ -39,6 +39,17 @@ defmodule Boruta.Ecto.Clients do | |
| 39 39 | end |
| 40 40 | end |
| 41 41 | |
| 42 | + @impl Boruta.Oauth.Clients |
| 43 | + def list_clients_jwk do |
| 44 | + clients = repo().all(Ecto.Client) |
| 45 | + |
| 46 | + Enum.map(clients, fn %Ecto.Client{id: client_id, public_key: public_key} -> |
| 47 | + {_type, jwk} = public_key |> :jose_jwk.from_pem() |> :jose_jwk.to_map() |
| 48 | + |
| 49 | + Map.put(jwk, "kid", client_id) |
| 50 | + end) |
| 51 | + end |
| 52 | + |
| 42 53 | defp authorized_scopes(:from_database, %Oauth.Client{id: id}) do |
| 43 54 | case repo().get_by(Ecto.Client, id: id) do |
| 44 55 | %Ecto.Client{} = client -> |
| @@ -62,7 +62,7 @@ defmodule Boruta.Oauth do | |
| 62 62 | end |
| 63 63 | |
| 64 64 | @doc """ |
| 65 | - Process an authorize request as stated in [RFC 6749 - The OAuth 2.0 Authorization Framework](https://tools.ietf.org/html/rfc6749). |
| 65 | + Check success of an authorize request as stated in [RFC 6749 - The OAuth 2.0 Authorization Framework](https://tools.ietf.org/html/rfc6749) and [OpenID Connect Core 1.0 incorporating errata set 1](https://openid.net/specs/openid-connect-core-1_0.html#HybridFlowAuth). |
| 66 66 | |
| 67 67 | Triggers `preauthorize_success` in case of success and `preauthorize_error` in case of failure from the given `module`. Those functions are described in `Boruta.Oauth.Application` behaviour. |
| 68 68 | """ |
| @@ -88,7 +88,7 @@ defmodule Boruta.Oauth do | |
| 88 88 | end |
| 89 89 | |
| 90 90 | @doc """ |
| 91 | - Process an authorize and hybrid requests as respectively stated in [RFC 6749 - The OAuth 2.0 Authorization Framework](https://tools.ietf.org/html/rfc6749) and [OpenID Connect Core 1.0 incorporating errata set 1](https://openid.net/specs/openid-connect-core-1_0.html#HybridFlowAuth). |
| 91 | + Process an authorize request as stated in [RFC 6749 - The OAuth 2.0 Authorization Framework](https://tools.ietf.org/html/rfc6749) and [OpenID Connect Core 1.0 incorporating errata set 1](https://openid.net/specs/openid-connect-core-1_0.html#HybridFlowAuth). |
| 92 92 | |
| 93 93 | Triggers `authorize_success` in case of success and `authorize_error` in case of failure from the given `module`. Those functions are described in `Boruta.Oauth.Application` behaviour. |
| 94 94 | """ |
Loading more files…