Skip to content

Instantly share code, notes, and snippets.

Avatar

Nov Matake nov

View GitHub Profile
View yconnect_discovery.rb
require 'openid_connect'
# NOTE: Webfinger
OpenIDConnect::Discovery::Provider.discover! 'https://auth.login.yahoo.co.jp'
# => raise OpenIDConnect::Discovery::DiscoveryFailed exception saying "Not Found"
# NOTE: OIDC OP Config (v2)
OpenIDConnect::Discovery::Provider::Config.discover! 'https://auth.login.yahoo.co.jp/yconnect/v2'
# => success
View azure_ad_b2c.rb
require 'openid_connect'
require 'readline'
OpenIDConnect.debug!
def scopes_for(rs_alias)
['common', rs_alias].collect do |scope|
File.join 'https://sts4b2c.onmicrosoft.com/', rs_alias, scope
end
end
View azure_ad_b2c_without_credentials.rb
require 'openid_connect'
require 'readline'
OpenIDConnect.debug!
tenant_domain_prefix = '<YOUR-TENANT-DOMAIN-PREFIX>'
tenant_uuid = '<YOUR-TENANT-UUID>'
client_id = '<YOUR-CLIENT-ID>'
client_secret = '<YOUR-CLIENT-SECRET>'
redirect_uri = '<YOUR-REDIRECT-URI>'
View SalesForce_SCIM_Client.rb
require 'rack/oauth2'
Rack::OAuth2.debug!
client = Rack::OAuth2::Client.new(
identifier: '<YOUR-CLIENT-ID>',
secret: '<YOUR-CLIENT-SECRET>',
authorization_endpoint: 'https://login.salesforce.com/services/oauth2/authorize',
token_endpoint: 'https://login.salesforce.com/services/oauth2/token',
redirect_uri: '<YOUR-CALLBACK-URL>'
View SalesForce_OIDCRegHandler.cls
public class OIDCRegHandler implements Auth.RegistrationHandler{
public User createUser(Id portalId, Auth.UserData data){
List<User> users = [SELECT Id FROM User WHERE FederationIdentifier =:data.identifier];
if (users.size() == 1) {
return users[0];
} else {
return null;
}
}
View myna_saml_authn_req.xml
<?xml version="1.0" encoding="UTF-8"?>
<samlp2:AuthnRequest
AssertionConsumerServiceURL="https://idfed.myna.go.jp/idfedgw0001/assertion_artifact"
Destination="https://idfed.myna.go.jp/idfedsaml/sso_redirect"
ForceAuthn="false"
ID="..omitted.."
IsPassive="false"
IssueInstant="2017-01-25T02:53:28Z"
ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact"
ProviderName="SAML2.0 SP1"
View keybase.md

Keybase proof

I hereby claim:

  • I am nov on github.
  • I am nov (https://keybase.io/nov) on keybase.
  • I have a public key ASDyhGlF6mTKRzYh4ItyuCRw7PQIkGc2ofBR0nvRdhJUGQo

To claim this, I am signing this object:

View fake_ajax_request.rb
require 'rack/oauth2'
Rack::OAuth2.debug!
client = Rack::OAuth2.http_client
client.get 'http://example.com', nil, {
'X-Requested-With': 'XMLHttpRequest'
}
@nov
nov / rfc6749_for_js_clients.md
Last active Nov 21, 2016
How to read RFC6749 for JS clients?
View rfc6749_for_js_clients.md
View fido_metadata_service.rb
require 'rack/oauth2'
require 'json/jwt'
def get(endpoint, format = :jwt)
res = Rack::OAuth2.http_client.get endpoint
case format
when :jwt
JSON::JWT.decode res.body, :skip_verification
when :b64
JSON.parse Base64.decode64(res.body)
You can’t perform that action at this time.