dumplingmiku/ubicloud
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
make-some-api-calls-idempotent
ubicloud/Gemfile.lock
Jeremy Evans d83b56df57 Stop using omniauth_openid_connect 
It brings in way too many dependencies, including active_support.
If you consider all of the dependencies, there is a lot of complexity.
Our needs are simple:

* When user clicks button to login via OIDC
  * Redirect user to OIDC Provider authorize endpoint when login is attempted
  * No server-side HTTP requests
* When user clicks the authorize button on OIDC Provider webpage
  * Receive callback from OIDC Provider
  * Generally 1 server-side HTTP request to the token endpoint
  * If token endpoint does not provide email inside id_token, also request
    to userinfo endpoint

I forked omniauth_openid_connect, cut out about 2/3 of it and all of its
dependencies, and renamed it to omniauth_oidc. It still allows authentication
using the rodauth-oauth2 authorization server. The implementation is stored
under the vendor directory, because it is best thought of as a separate
library and not part of Ubicloud.  It's also not covered by tests, since the
only way to properly test it is to run an OIDC authorization server (maybe
integration tests for that can be added in the future). I added a coverage
filter so that code in the vendor directory is ignored.
2025-07-08 00:10:06 +09:00

523 lines
12 KiB
Plaintext
Raw Permalink Blame History

GIT
remote: https://github.com/janko/rodauth-omniauth.git
revision: 477810179ba0cab8d459be1a0d87dca5b57ec94b
ref: 477810179ba0cab8d459be1a0d87dca5b57ec94b
specs:
rodauth-omniauth (0.6.0)
omniauth (~> 2.0)
rodauth (~> 2.36)
GIT
remote: https://github.com/ubicloud/erb-formatter.git
revision: df3174476986706828f7baf3e5e6f5ec8ecd849b
ref: df3174476986706828f7baf3e5e6f5ec8ecd849b
specs:
erb-formatter (0.7.3)
GEM
remote: https://rubygems.org/
specs:
Ascii85 (2.0.1)
acme-client (2.0.21)
base64 (~> 0.2.0)
faraday (>= 1.0, < 3.0.0)
faraday-retry (>= 1.0, < 3.0.0)
actionview (8.0.2)
activesupport (= 8.0.2)
builder (~> 3.1)
erubi (~> 1.11)
rails-dom-testing (~> 2.2)
rails-html-sanitizer (~> 1.6)
activesupport (8.0.2)
base64
benchmark (>= 0.3)
bigdecimal
concurrent-ruby (~> 1.0, >= 1.3.1)
connection_pool (>= 2.2.5)
drb
i18n (>= 1.6, < 2)
logger (>= 1.4.2)
minitest (>= 5.1)
securerandom (>= 0.3)
tzinfo (~> 2.0, >= 2.0.5)
uri (>= 0.13.1)
addressable (2.8.7)
public_suffix (>= 2.0.2, < 7.0)
afm (0.2.2)
android_key_attestation (0.3.0)
argon2 (2.3.2)
ffi (~> 1.15)
ffi-compiler (~> 1.0)
argon2-kdf (0.3.1)
fiddle
ast (2.4.3)
awesome_print (1.9.2)
aws-eventstream (1.3.2)
aws-partitions (1.1067.0)
aws-sdk-core (3.225.0)
aws-eventstream (~> 1, >= 1.3.0)
aws-partitions (~> 1, >= 1.992.0)
aws-sigv4 (~> 1.9)
base64
jmespath (~> 1, >= 1.6.1)
logger
aws-sdk-ec2 (1.512.0)
aws-sdk-core (~> 3, >= 3.216.0)
aws-sigv4 (~> 1.5)
aws-sdk-iam (1.123.0)
aws-sdk-core (~> 3, >= 3.225.0)
aws-sigv4 (~> 1.5)
aws-sdk-kms (1.99.0)
aws-sdk-core (~> 3, >= 3.216.0)
aws-sigv4 (~> 1.5)
aws-sdk-s3 (1.182.0)
aws-sdk-core (~> 3, >= 3.216.0)
aws-sdk-kms (~> 1)
aws-sigv4 (~> 1.5)
aws-sigv4 (1.11.0)
aws-eventstream (~> 1, >= 1.0.2)
base64 (0.2.0)
bcrypt_pbkdf (1.1.1)
bcrypt_pbkdf (1.1.1-arm64-darwin)
bcrypt_pbkdf (1.1.1-x86_64-darwin)
benchmark (0.4.1)
better_html (2.1.1)
actionview (>= 6.0)
activesupport (>= 6.0)
ast (~> 2.0)
erubi (~> 1.4)
parser (>= 2.4)
smart_properties
bigdecimal (3.2.2)
bindata (2.5.1)
brakeman (7.0.2)
racc
builder (3.3.0)
by (1.1.0)
byebug (12.0.0)
capybara (3.40.0)
addressable
matrix
mini_mime (>= 0.1.3)
nokogiri (~> 1.11)
rack (>= 1.6.0)
rack-test (>= 0.6.3)
regexp_parser (>= 1.5, < 3.0)
xpath (~> 3.2)
capybara-validate_html5 (2.1.0)
capybara
rack-test (>= 0.6)
cbor (0.5.9.8)
chunky_png (1.4.0)
coderay (1.1.3)
committee (5.5.4)
json_schema (~> 0.14, >= 0.14.3)
openapi_parser (~> 2.0)
rack (>= 1.5, < 3.2)
concurrent-ruby (1.3.5)
connection_pool (2.5.3)
cose (1.3.1)
cbor (~> 0.5.9)
openssl-signature_algorithm (~> 1.0)
countries (7.0.0)
unaccent (~> 0.3)
crack (1.0.0)
bigdecimal
rexml
crass (1.0.6)
cuprite (0.17)
capybara (~> 3.0)
ferrum (~> 0.17.0)
date (3.4.1)
diff-lcs (1.6.2)
docile (1.4.1)
drb (2.2.3)
ed25519 (1.4.0)
erubi (1.13.1)
excon (1.2.3)
faraday (2.13.1)
faraday-net_http (>= 2.0, < 3.5)
json
logger
faraday-net_http (3.4.1)
net-http (>= 0.5.0)
faraday-retry (2.3.2)
faraday (~> 2.0)
ferrum (0.17.1)
addressable (~> 2.5)
base64 (~> 0.2)
concurrent-ruby (~> 1.1)
webrick (~> 1.7)
websocket-driver (~> 0.7)
ffi (1.17.2-aarch64-linux-gnu)
ffi (1.17.2-aarch64-linux-musl)
ffi (1.17.2-arm64-darwin)
ffi (1.17.2-x86_64-darwin)
ffi (1.17.2-x86_64-linux-gnu)
ffi (1.17.2-x86_64-linux-musl)
ffi-compiler (1.3.2)
ffi (>= 1.15.5)
rake
fiddle (1.1.8)
foreman (0.88.1)
hashdiff (1.2.0)
hashery (2.1.2)
hashie (5.0.0)
i18n (1.14.7)
concurrent-ruby (~> 1.0)
io-console (0.8.0)
jmespath (1.6.2)
json (2.12.2)
json_schema (0.21.0)
jwt (2.10.1)
base64
language_server-protocol (3.17.0.5)
lint_roller (1.1.0)
logger (1.7.0)
loofah (2.24.1)
crass (~> 1.0.2)
nokogiri (>= 1.12.0)
mail (2.8.1)
mini_mime (>= 0.1.1)
net-imap
net-pop
net-smtp
matrix (0.4.3)
method_source (1.1.0)
mini_mime (1.1.5)
minitest (5.25.5)
multi_xml (0.7.2)
bigdecimal (~> 3.1)
net-http (0.6.0)
uri
net-imap (0.5.9)
date
net-protocol
net-pop (0.1.2)
net-protocol
net-protocol (0.2.2)
timeout
net-smtp (0.5.1)
net-protocol
net-ssh (7.3.0)
netaddr (2.0.6)
nio4r (2.7.4)
nokogiri (1.18.8-aarch64-linux-gnu)
racc (~> 1.4)
nokogiri (1.18.8-aarch64-linux-musl)
racc (~> 1.4)
nokogiri (1.18.8-arm64-darwin)
racc (~> 1.4)
nokogiri (1.18.8-x86_64-darwin)
racc (~> 1.4)
nokogiri (1.18.8-x86_64-linux-gnu)
racc (~> 1.4)
nokogiri (1.18.8-x86_64-linux-musl)
racc (~> 1.4)
oauth2 (2.0.9)
faraday (>= 0.17.3, < 3.0)
jwt (>= 1.0, < 3.0)
multi_xml (~> 0.5)
rack (>= 1.2, < 4)
snaky_hash (~> 2.0)
version_gem (~> 1.1)
octokit (9.2.0)
faraday (>= 1, < 3)
sawyer (~> 0.9)
omniauth (2.1.2)
hashie (>= 3.4.6)
rack (>= 2.2.3)
rack-protection
omniauth-github (2.0.1)
omniauth (~> 2.0)
omniauth-oauth2 (~> 1.8)
omniauth-google-oauth2 (1.2.0)
jwt (>= 2.9)
oauth2 (~> 2.0)
omniauth (~> 2.0)
omniauth-oauth2 (~> 1.8)
omniauth-oauth2 (1.8.0)
oauth2 (>= 1.4, < 3)
omniauth (~> 2.0)
openapi_parser (2.2.3)
openssl (3.3.0)
openssl-signature_algorithm (1.3.0)
openssl (> 2.0)
optparse (0.6.0)
pagerduty (4.0.1)
parallel (1.27.0)
parallel_tests (4.10.1)
parallel
parser (3.3.8.0)
ast (~> 2.4.1)
racc
pdf-core (0.10.0)
pdf-reader (2.14.1)
Ascii85 (>= 1.0, < 3.0, != 2.0.0)
afm (~> 0.2.1)
hashery (~> 2.0)
ruby-rc4
ttfunk
pg (1.5.9)
prawn (2.5.0)
matrix (~> 0.4)
pdf-core (~> 0.10.0)
ttfunk (~> 1.8)
prawn-table (0.2.2)
prawn (>= 1.3.0, < 3.0.0)
prism (1.4.0)
pry (0.15.2)
coderay (~> 1.1)
method_source (~> 1.0)
pry-byebug (3.11.0)
byebug (~> 12.0)
pry (>= 0.13, < 0.16)
public_suffix (6.0.2)
puma (6.5.0)
nio4r (~> 2.0)
racc (1.8.1)
rack (3.1.16)
rack-protection (4.1.1)
base64 (>= 0.1.0)
logger (>= 1.6.0)
rack (>= 3.0.0, < 4)
rack-test (2.2.0)
rack (>= 1.3)
rack-unreloader (2.1.0)
rackup (2.2.1)
rack (>= 3)
rails-dom-testing (2.3.0)
activesupport (>= 5.0.0)
minitest
nokogiri (>= 1.6)
rails-html-sanitizer (1.6.2)
loofah (~> 2.21)
nokogiri (>= 1.15.7, != 1.16.7, != 1.16.6, != 1.16.5, != 1.16.4, != 1.16.3, != 1.16.2, != 1.16.1, != 1.16.0.rc1, != 1.16.0)
rainbow (3.1.1)
rake (13.3.0)
refrigerator (1.8.0)
regexp_parser (2.10.0)
reline (0.6.1)
io-console (~> 0.5)
rexml (3.4.1)
roda (3.93.0)
rack
rodauth (2.39.0)
roda (>= 2.6.0)
sequel (>= 4)
rodish (2.0.1)
optparse
rotp (6.3.0)
rqrcode (3.1.0)
chunky_png (~> 1.0)
rqrcode_core (~> 2.0)
rqrcode_core (2.0.0)
rspec (3.13.1)
rspec-core (~> 3.13.0)
rspec-expectations (~> 3.13.0)
rspec-mocks (~> 3.13.0)
rspec-core (3.13.5)
rspec-support (~> 3.13.0)
rspec-expectations (3.13.5)
diff-lcs (>= 1.2.0, < 2.0)
rspec-support (~> 3.13.0)
rspec-mocks (3.13.5)
diff-lcs (>= 1.2.0, < 2.0)
rspec-support (~> 3.13.0)
rspec-support (3.13.4)
rubocop (1.75.8)
json (~> 2.3)
language_server-protocol (~> 3.17.0.2)
lint_roller (~> 1.1.0)
parallel (~> 1.10)
parser (>= 3.3.0.2)
rainbow (>= 2.2.2, < 4.0)
regexp_parser (>= 2.9.3, < 3.0)
rubocop-ast (>= 1.44.0, < 2.0)
ruby-progressbar (~> 1.7)
unicode-display_width (>= 2.4.0, < 4.0)
rubocop-ast (1.44.1)
parser (>= 3.3.7.2)
prism (~> 1.4)
rubocop-capybara (2.21.0)
rubocop (~> 1.41)
rubocop-erb (0.6.0)
better_html
lint_roller (~> 1.1)
rubocop (~> 1.72, >= 1.72.1)
rubocop-performance (1.25.0)
lint_roller (~> 1.1)
rubocop (>= 1.75.0, < 2.0)
rubocop-ast (>= 1.38.0, < 2.0)
rubocop-rake (0.7.1)
lint_roller (~> 1.1)
rubocop (>= 1.72.1)
rubocop-rspec (3.6.0)
lint_roller (~> 1.1)
rubocop (~> 1.72, >= 1.72.1)
rubocop-sequel (0.4.1)
lint_roller (~> 1.1)
rubocop (>= 1.72.1, < 2)
ruby-progressbar (1.13.0)
ruby-rc4 (0.1.5)
safety_net_attestation (0.4.0)
jwt (~> 2.0)
sawyer (0.9.2)
addressable (>= 2.3.5)
faraday (>= 0.17.3, < 3)
securerandom (0.4.1)
sequel (5.94.0)
bigdecimal
sequel-annotate (1.7.0)
sequel (>= 4)
sequel_pg (1.17.1)
pg (>= 0.18.0, != 1.2.0)
sequel (>= 4.38.0)
shellwords (0.2.2)
simplecov (0.22.0)
docile (~> 1.1)
simplecov-html (~> 0.11)
simplecov_json_formatter (~> 0.1)
simplecov-html (0.13.1)
simplecov_json_formatter (0.1.4)
smart_properties (1.17.0)
snaky_hash (2.0.1)
hashie
version_gem (~> 1.1, >= 1.1.1)
standard (1.50.0)
language_server-protocol (~> 3.17.0.2)
lint_roller (~> 1.0)
rubocop (~> 1.75.5)
standard-custom (~> 1.0.0)
standard-performance (~> 1.8)
standard-custom (1.0.2)
lint_roller (~> 1.0)
rubocop (~> 1.50)
standard-performance (1.8.0)
lint_roller (~> 1.1)
rubocop-performance (~> 1.25.0)
stripe (12.6.0)
tilt (2.6.0)
timeout (0.4.3)
tpm-key_attestation (0.12.1)
bindata (~> 2.4)
openssl (> 2.0)
openssl-signature_algorithm (~> 1.0)
ttfunk (1.8.0)
bigdecimal (~> 3.1)
turbo_tests (2.2.5)
parallel_tests (>= 3.3.0, < 5)
rspec (>= 3.10)
tzinfo (2.0.6)
concurrent-ruby (~> 1.0)
unaccent (0.4.0)
unicode-display_width (3.1.4)
unicode-emoji (~> 4.0, >= 4.0.4)
unicode-emoji (4.0.4)
uri (1.0.3)
version_gem (1.1.8)
warning (1.5.0)
webauthn (3.2.2)
android_key_attestation (~> 0.3.0)
bindata (~> 2.4)
cbor (~> 0.5.9)
cose (~> 1.1)
openssl (>= 2.2)
safety_net_attestation (~> 0.4.0)
tpm-key_attestation (~> 0.12.0)
webmock (3.25.1)
addressable (>= 2.8.0)
crack (>= 0.3.2)
hashdiff (>= 0.4.0, < 2.0.0)
webrick (1.9.1)
websocket-driver (0.8.0)
base64
websocket-extensions (>= 0.1.0)
websocket-extensions (0.1.5)
xpath (3.2.0)
nokogiri (~> 1.8)
PLATFORMS
aarch64-linux
aarch64-linux-musl
arm64-darwin-22
arm64-darwin-23
arm64-darwin-24
x86_64-darwin-20
x86_64-darwin-23
x86_64-linux
x86_64-linux-musl
DEPENDENCIES
acme-client
argon2
argon2-kdf
awesome_print
aws-sdk-ec2 (~> 1.512)
aws-sdk-iam
aws-sdk-s3
bcrypt_pbkdf
brakeman
by (>= 1.1.0)
capybara
capybara-validate_html5 (>= 2.1)
committee (>= 5.5.4)
countries
cuprite
ed25519
erb-formatter!
erubi (>= 1.5)
excon
foreman
jwt
mail
net-ssh
netaddr
nokogiri
octokit
omniauth-github
omniauth-google-oauth2
pagerduty (>= 4.0)
pdf-reader
prawn
prawn-table
pry
pry-byebug
puma (>= 6.2.2)
rack-unreloader (>= 1.8)
rackup
rake
refrigerator (>= 1)
reline
roda (>= 3.93)
rodauth (>= 2.39)
rodauth-omniauth!
rodish (>= 2.0.1)
rotp
rqrcode
rspec
rubocop-capybara (< 2.22)
rubocop-erb
rubocop-performance
rubocop-rake
rubocop-rspec
rubocop-sequel
sequel (>= 5.94)
sequel-annotate
sequel_pg (>= 1.8)
shellwords
simplecov
standard (>= 1.24.3)
stripe
tilt (>= 2.6)
turbo_tests
warning
webauthn
webmock
RUBY VERSION
ruby 3.4.4p34
BUNDLED WITH
2.6.8
Reference in New Issue View Git Blame Copy Permalink