OMGeeky/yup-oauth2
1
0
Fork 0
mirror of https://github.com/OMGeeky/yup-oauth2.git synced 2026-01-02 09:26:16 +01:00
Code Issues Packages Projects Releases Wiki Activity
615 Commits 2 Branches 0 Tags
3cd4d30faf7b865ef4e79e82d981533e1deba46a
Commit Graph

615 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Lewin Bormann
3cd4d30faf Remove codecov badge (project deactivated there) 2023-04-01 07:58:31 +02:00
Lewin Bormann
54d8c3f2aa Update build status badge 2023-04-01 07:57:30 +02:00
Lewin Bormann
194f6a3b1d Remove misleading old examples 2023-04-01 07:54:37 +02:00
Lewin Bormann
1ebce0716d Merge pull request #196 from williamho/default-expiry-for-id-token 
Set default expires_at if only ID token is returned
 2023-02-27 10:17:07 +01:00
William Ho
24d1d8c429 Set default expires_at if only ID token is returned 
Was running into an issue where ID tokens were being used by the
authenticator even after the 1-hour validity period, and weren't being
refreshed.

After enabling debug logs, I found out that this was happening because
ID-token-only responses don't contain the `expires_in` field, so the
authenticator assumes it doesn't expire.

Interestingly, this doesn't happen when using the service account
impersonation flow, because it's explicitly handled there by defaulting
the expiration to 1 hour.

The ID token is a JWT so it's possible to decode it to get the
expiration date, but to avoid introducing a JWT decoding dependency,
I've gone for the same approach of defaulting to 1 hour, as indicated in
the GCP docs.
 2023-02-17 14:25:38 -05:00
Lewin Bormann
0a7e695971 Improve clarity on redirect URLs for #191 2023-02-10 20:59:01 +01:00
Lewin Bormann
1c6f9a7d56 Release v8.1.0 
Includes #188, #190. Updates some dependencies - API is stable, thus no
major release.
 2022-12-02 21:20:26 +01:00
Lewin Bormann
63d60e76a6 Merge pull request #188 from jneem/impersonation-id 
Add support for generating impersonated ids.
 2022-12-02 21:14:37 +01:00
Lewin Bormann
e2048ec57f Merge pull request #190 from djc/update-deps 
Update dependencies
 2022-11-25 17:14:30 +01:00
Dirkjan Ochtman
c51c7e636f Update dependencies 2022-11-25 07:56:08 -08:00
Joe Neeman
9e31f1912f Expand example. 2022-11-23 14:46:36 -06:00
Joe Neeman
923a149e99 Add support for generating impersonated ids. 
The previous service account impersonation feature only allowed requesting
impersonated access tokens. This one adds id tokens.
 2022-11-23 14:43:40 -06:00
Lewin Bormann
78b79cf92c Remove very outdated service_account example 2022-10-27 20:49:28 +02:00
Lewin Bormann
7c9c92163c Remove very outdated drive_example 2022-10-27 20:47:17 +02:00
Lewin Bormann
10daabf66c Release v8.0.0 
Includes new features from #186 #185 #184 #183 - thus a new release

Thanks to @blogle @chrisderock @luketpeterson @jneem
 2022-10-27 20:22:44 +02:00
Lewin Bormann
a76d89c92f Merge pull request #186 from luketpeterson/master 
Implementing InstalledFlowReturnMethod::HTTPPortRedirect()
 2022-10-27 18:21:13 +00:00
luketpeterson
3ecb212d68 Merge branch 'dermesser:master' into master 2022-10-24 15:39:52 +09:00
Lewin Bormann
45631f157d Merge pull request #185 from jneem/master 
Implement service account impersonation.
 2022-10-21 16:37:45 +00:00
Luke Peterson
0899b51ca9 Implementing mechanism to specify server port in InstalledFlowReturnMethod. Issue #160 2022-10-18 21:57:54 +09:00
Joe Neeman
acf898f10c Account for the fact that access tokens are optional now. 2022-10-17 16:35:10 -05:00
Joe Neeman
e907226c3c Implement service account impersonation. 2022-10-17 16:23:19 -05:00
Lewin Bormann
00bee07e43 Merge pull request #184 from blogle/master 
Fix ID token support
 2022-10-16 10:46:29 +00:00
Brandon Ogle
db8dd7d68d Fix tests and examples to use token() method on AccessToken 2022-10-10 12:46:45 -07:00
Brandon Ogle
818d1c2eea Remove redundant id_token field from struct initialization 2022-10-10 12:45:51 -07:00
Brandon Ogle
95df191358 Revert Token back to AccessToken, as TokenInfo can be used to retrieve id_token 2022-09-21 19:00:37 -07:00
Brandon Ogle
2d805cf19e Merge branch 'nagisa/id_token' of github.com:nagisa/yup-oauth2 into nagisa-nagisa/id_token 2022-09-21 18:51:59 -07:00
Lewin Bormann
a311cfc3e0 Merge pull request #183 from chrisderock/master 
added access token authenticator
 2022-09-07 10:32:42 +02:00
toepp
f35eb186d6 removed commented imports and added a better description 2022-08-31 11:03:31 +02:00
toepp
7c557a5d03 forgot to add the file itself 2022-08-29 10:20:18 +02:00
chritoep
110c65ab07 added access token authenticator 2022-08-26 08:50:28 +02:00
Lewin Bormann
dcc35ac2e0 Release v7.0.1 2022-06-19 17:49:03 -07:00
Lewin Bormann
c69fffac28 for #180: allow HTTP requests in default hyper client. 
If an attacker could manipulate URLs for token retrieval etc., they
could wreak considerably more havoc than a downgrade attack.
 2022-06-09 20:14:44 -07:00
Lewin Bormann
24f91d697c Release v7.0.0 
for #177 including #178: Update Authenticator to accept clients with custom connectors
 2022-05-27 11:16:31 -07:00
Lewin Bormann
1ace664651 Merge pull request #178 from kylegentle/master 
feat(Authenticator client): Support custom connectors
 2022-05-27 20:10:24 +02:00
Kyle Gentle
c76ae18224 feat(Authenticator client): Accept custom connectors 
Update Authenticator to accept clients with custom connectors, rather
than depending on the sealed hyper::client::connect::Connect trait, as recommended by hyper: https://docs.rs/hyper/0.13.8/src/hyper/client/connect/mod.rs.html#256-258

Closes #177.
 2022-05-22 16:29:02 -04:00
Lewin Bormann
253528a1fe Bump version to 6.7 
Includes #176 and #174
 2022-05-21 12:27:53 -07:00
Lewin Bormann
1a32e1af6f Document ServiceAccountAuthenticator inline 2022-05-21 09:18:00 -07:00
Lewin Bormann
33bc9b98e5 Merge pull request #176 from rnarubin/service_account_panic 
Remove file IO panic in ApplicationDefaultCreds flow
 2022-05-21 09:08:56 -07:00
Renar Narubin
aacb97d76c Remove file IO panic in ApplicationDefaultCreds flow 
The `from_environment` function in
`ApplicationDefaultCredentialsAuthenticator` had an `unwrap` call on an
io::Result after reading the service account key from file. File
operations are inherently fallible, and panicking on such a failure is
generally a bad convention compared to propagating the IO error.

Propagating that error from the `from_environment` function is not
practical however, because the returned Result type does not include IO
errors, and changing the function signature would be semver
incompatible.

This change instead defers reading the key file to a later function
call. Now `from_environment` only reads the value of the
`GOOGLE_APPLICATION_CREDENTIALS` into a PathBuf, and a later call to
`ServiceAccountFlow::new` will actually read the file. That constructor
already returns an io::Result, so folding the read error into it is
possible, and none of the changes impact public items so it's all
semver-compatible.
 2022-05-18 21:05:37 -07:00
Lewin Bormann
29a72447f6 Merge pull request #174 from DavidS/patch-2 
docs: minor typo in docstring
 2022-05-07 19:21:26 -07:00
David Schmitt
69e3a0289b docs: minor typo in docstring 2022-05-07 16:39:44 +01:00
Lewin Bormann
b46a307481 Release v6.6.0 
Includes:
	#173 - upgrade rustls.

Breaks:
	Application default's `with_client()` method has its argument
	order changed to match all other methods (client last).
 2022-04-18 18:53:43 -07:00
Lewin Bormann
fb658f6d10 Merge pull request #173 from djc/rustls-0.20 
Upgrade rustls and related dependencies
 2022-04-18 18:44:18 -07:00
Lewin Bormann
378dca1148 rustls upgrade: supply correct client in test cases 2022-04-18 18:39:57 -07:00
Dirkjan Ochtman
32b6d8fa63 Allow testing without https 2022-04-11 11:38:25 +02:00
Lewin Bormann
bfe622eaaf clean-up: fix most clippy warnings 2022-04-08 23:35:15 -07:00
Lewin Bormann
986bda2465 Merge branch 'pr165' 
for #165
 2022-04-08 23:27:45 -07:00
Lewin Bormann
23c8053d4a for #165: update refresh flow test 2022-04-08 23:27:22 -07:00
Lewin Bormann
4a0c527d48 Release v6.5.1: Fix visibility of authorized_user module 2022-04-07 17:48:36 -07:00
Dirkjan Ochtman
f9c59bb743 Upgrade rustls and related dependencies 2022-04-06 11:22:05 +02:00