From bdeeb0afc1184aaf018acc438ef07050c9ab17be Mon Sep 17 00:00:00 2001 From: Yuval Kalugny Date: Thu, 7 Feb 2019 09:57:36 +0200 Subject: [PATCH 1/2] Added: Support for additional claims in the JWT tokens, needed for Google's Identity-Aware Proxy --- R/oauth-server-side.R | 12 ++++++++---- R/oauth-token.r | 13 +++++-------- man/jwt_signature.Rd | 5 ++++- man/oauth_service_token.Rd | 4 +++- 4 files changed, 20 insertions(+), 14 deletions(-) diff --git a/R/oauth-server-side.R b/R/oauth-server-side.R index 20899be7..d3b1fb0f 100644 --- a/R/oauth-server-side.R +++ b/R/oauth-server-side.R @@ -1,10 +1,11 @@ -init_oauth_service_account <- function(secrets, scope = NULL, sub = NULL) { +init_oauth_service_account <- function(secrets, scope = NULL, sub = NULL, ...) { signature <- jwt_signature( secrets, aud = secrets$token_uri, scope = scope, - sub = sub + sub = sub, + ... ) res <- POST( @@ -42,6 +43,7 @@ init_oauth_service_account <- function(secrets, scope = NULL, sub = NULL) { #' 00:00:00 UTC, January 1, 1970. This value has a maximum of 1 hour from #' the issued time. #' @param duration Duration of token, in seconds. +#' @param ... any additional claims for the token. #' @keywords internal #' @examples #' \dontrun{ @@ -54,14 +56,16 @@ jwt_signature <- function(credentials, sub = NULL, iat = as.integer(Sys.time()), exp = iat + duration, - duration = 60L * 60L) { + duration = 60L * 60L, + ...) { cs <- compact(list( iss = credentials$client_email, scope = scope, aud = aud, sub = sub, iat = iat, - exp = exp + exp = exp, + ... )) jwt_sign(cs, credentials$private_key) diff --git a/R/oauth-token.r b/R/oauth-token.r index e7a6cbfd..7916f877 100644 --- a/R/oauth-token.r +++ b/R/oauth-token.r @@ -301,6 +301,7 @@ Token2.0 <- R6::R6Class("Token2.0", inherit = Token, list( #' @inheritParams oauth2.0_token #' @inheritParams jwt_signature #' @param secrets Secrets loaded from JSON file, downloaded from console. +#' @param ... any additional claims for the token #' @family OAuth #' @export #' @examples @@ -311,7 +312,7 @@ Token2.0 <- R6::R6Class("Token2.0", inherit = Token, list( #' #' token <- oauth_service_token(endpoint, secrets, scope) #' } -oauth_service_token <- function(endpoint, secrets, scope = NULL, sub = NULL) { +oauth_service_token <- function(endpoint, secrets, scope = NULL, sub = NULL, ...) { if (!is.oauth_endpoint(endpoint)) { stop("`endpoint` must be an OAuth endpoint", call. = FALSE) } @@ -324,7 +325,7 @@ oauth_service_token <- function(endpoint, secrets, scope = NULL, sub = NULL) { TokenServiceAccount$new( endpoint = endpoint, secrets = secrets, - params = list(scope = scope, sub = sub) + params = list(scope = scope, sub = sub, ...) ) } @@ -343,16 +344,12 @@ TokenServiceAccount <- R6::R6Class("TokenServiceAccount", inherit = Token2.0, li TRUE }, refresh = function() { - self$credentials <- init_oauth_service_account( - self$secrets, - scope = self$params$scope, - sub = self$params$sub - ) + self$credentials <- do.call(init_oauth_service_account, c(list(secrets = self$secrets), self$params)) self }, sign = function(method, url) { config <- add_headers( - Authorization = paste("Bearer", self$credentials$access_token) + Authorization = paste("Bearer", self$credentials$access_token %||% self$credentials$id_token) ) request_build(method = method, url = url, config) }, diff --git a/man/jwt_signature.Rd b/man/jwt_signature.Rd index 9006a337..58570b94 100644 --- a/man/jwt_signature.Rd +++ b/man/jwt_signature.Rd @@ -11,7 +11,8 @@ jwt_signature( sub = NULL, iat = as.integer(Sys.time()), exp = iat + duration, - duration = 60L * 60L + duration = 60L * 60L, + ... ) } \arguments{ @@ -35,6 +36,8 @@ the issued time.} \item{duration}{Duration of token, in seconds.} +\item{...}{any additional claims for the token.} + \item{iss}{Email address of the client_id of the application making the access token request.} } diff --git a/man/oauth_service_token.Rd b/man/oauth_service_token.Rd index 65c38b24..137192fa 100644 --- a/man/oauth_service_token.Rd +++ b/man/oauth_service_token.Rd @@ -4,7 +4,7 @@ \alias{oauth_service_token} \title{Generate OAuth token for service accounts.} \usage{ -oauth_service_token(endpoint, secrets, scope = NULL, sub = NULL) +oauth_service_token(endpoint, secrets, scope = NULL, sub = NULL, ...) } \arguments{ \item{endpoint}{An OAuth endpoint, created by \code{\link[=oauth_endpoint]{oauth_endpoint()}}} @@ -15,6 +15,8 @@ oauth_service_token(endpoint, secrets, scope = NULL, sub = NULL) \item{sub}{The email address of the user for which the application is requesting delegated access.} + +\item{...}{any additional claims for the token} } \description{ Service accounts provide a way of using OAuth2 without user intervention. From 51667dcd9a314a57d3c0fd5cffdc4e512e4e71c8 Mon Sep 17 00:00:00 2001 From: Renaud Date: Wed, 24 Mar 2021 18:48:29 +0000 Subject: [PATCH 2/2] Remove .github directory (prevents from pushing) --- .github/.gitignore | 1 - .github/CODE_OF_CONDUCT.md | 25 ------ .github/CONTRIBUTING.md | 47 ------------ .github/ISSUE_TEMPLATE/issue_template.md | 14 ---- .github/SUPPORT.md | 35 --------- .github/workflows/R-CMD-check.yaml | 98 ------------------------ .github/workflows/pkgdown.yaml | 46 ----------- .github/workflows/pr-commands.yaml | 51 ------------ .github/workflows/test-coverage.yaml | 46 ----------- 9 files changed, 363 deletions(-) delete mode 100644 .github/.gitignore delete mode 100644 .github/CODE_OF_CONDUCT.md delete mode 100644 .github/CONTRIBUTING.md delete mode 100644 .github/ISSUE_TEMPLATE/issue_template.md delete mode 100644 .github/SUPPORT.md delete mode 100644 .github/workflows/R-CMD-check.yaml delete mode 100644 .github/workflows/pkgdown.yaml delete mode 100644 .github/workflows/pr-commands.yaml delete mode 100644 .github/workflows/test-coverage.yaml diff --git a/.github/.gitignore b/.github/.gitignore deleted file mode 100644 index 2d19fc76..00000000 --- a/.github/.gitignore +++ /dev/null @@ -1 +0,0 @@ -*.html diff --git a/.github/CODE_OF_CONDUCT.md b/.github/CODE_OF_CONDUCT.md deleted file mode 100644 index 03435279..00000000 --- a/.github/CODE_OF_CONDUCT.md +++ /dev/null @@ -1,25 +0,0 @@ -# Contributor Code of Conduct - -As contributors and maintainers of this project, we pledge to respect all people who -contribute through reporting issues, posting feature requests, updating documentation, -submitting pull requests or patches, and other activities. - -We are committed to making participation in this project a harassment-free experience for -everyone, regardless of level of experience, gender, gender identity and expression, -sexual orientation, disability, personal appearance, body size, race, ethnicity, age, or religion. - -Examples of unacceptable behavior by participants include the use of sexual language or -imagery, derogatory comments or personal attacks, trolling, public or private harassment, -insults, or other unprofessional conduct. - -Project maintainers have the right and responsibility to remove, edit, or reject comments, -commits, code, wiki edits, issues, and other contributions that are not aligned to this -Code of Conduct. Project maintainers who do not follow the Code of Conduct may be removed -from the project team. - -Instances of abusive, harassing, or otherwise unacceptable behavior may be reported by -opening an issue or contacting one or more of the project maintainers. - -This Code of Conduct is adapted from the Contributor Covenant -(https://www.contributor-covenant.org), version 1.0.0, available at -https://contributor-covenant.org/version/1/0/0/. diff --git a/.github/CONTRIBUTING.md b/.github/CONTRIBUTING.md deleted file mode 100644 index e0f08c00..00000000 --- a/.github/CONTRIBUTING.md +++ /dev/null @@ -1,47 +0,0 @@ -# Contributing to httr - -This outlines how to propose a change to httr. -For more detailed info about contributing to this, and other tidyverse packages, please see the -[**development contributing guide**](https://rstd.io/tidy-contrib). - -## Fixing typos - -You can fix typos, spelling mistakes, or grammatical errors in the documentation directly using the GitHub web interface, as long as the changes are made in the _source_ file. -This generally means you'll need to edit [roxygen2 comments](https://roxygen2.r-lib.org/articles/roxygen2.html) in an `.R`, not a `.Rd` file. -You can find the `.R` file that generates the `.Rd` by reading the comment in the first line. - -## Bigger changes - -If you want to make a bigger change, it's a good idea to first file an issue and make sure someone from the team agrees that it’s needed. -If you’ve found a bug, please file an issue that illustrates the bug with a minimal -[reprex](https://www.tidyverse.org/help/#reprex) (this will also help you write a unit test, if needed). - -### Pull request process - -* Fork the package and clone onto your computer. If you haven't done this before, we recommend using `usethis::create_from_github("r-lib/httr", fork = TRUE)`. - -* Install all development dependences with `devtools::install_dev_deps()`, and then make sure the package passes R CMD check by running `devtools::check()`. - If R CMD check doesn't pass cleanly, it's a good idea to ask for help before continuing. -* Create a Git branch for your pull request (PR). We recommend using `usethis::pr_init("brief-description-of-change")`. - -* Make your changes, commit to git, and then create a PR by running `usethis::pr_push()`, and following the prompts in your browser. - The title of your PR should briefly describe the change. - The body of your PR should contain `Fixes #issue-number`. - -* For user-facing changes, add a bullet to the top of `NEWS.md` (i.e. just below the first header). Follow the style described in . - -### Code style - -* New code should follow the tidyverse [style guide](https://style.tidyverse.org). - You can use the [styler](https://CRAN.R-project.org/package=styler) package to apply these styles, but please don't restyle code that has nothing to do with your PR. - -* We use [roxygen2](https://cran.r-project.org/package=roxygen2), with [Markdown syntax](https://roxygen2.r-lib.org/articles/rd-formatting.html), for documentation. - -* We use [testthat](https://cran.r-project.org/package=testthat) for unit tests. - Contributions with test cases included are easier to accept. - -## Code of Conduct - -Please note that the httr project is released with a -[Contributor Code of Conduct](CODE_OF_CONDUCT.md). By contributing to this -project you agree to abide by its terms. diff --git a/.github/ISSUE_TEMPLATE/issue_template.md b/.github/ISSUE_TEMPLATE/issue_template.md deleted file mode 100644 index 898687a4..00000000 --- a/.github/ISSUE_TEMPLATE/issue_template.md +++ /dev/null @@ -1,14 +0,0 @@ ---- -name: Bug report or feature request -about: Describe a bug you've seen or make a case for a new feature ---- - -Please briefly describe your problem and what output you expect. If you have a question, please don't use this form. Instead, ask on or . - -Please include a minimal reproducible example (AKA a reprex). If you've never heard of a [reprex](http://reprex.tidyverse.org/) before, start by reading . - -Brief description of the problem - -```r -# insert reprex here -``` diff --git a/.github/SUPPORT.md b/.github/SUPPORT.md deleted file mode 100644 index 150602e8..00000000 --- a/.github/SUPPORT.md +++ /dev/null @@ -1,35 +0,0 @@ -# Getting help with httr - -Thanks for using httr! -Before filing an issue, there are a few places to explore and pieces to put together to make the process as smooth as possible. - -## Make a reprex - -Start by making a minimal **repr**oducible **ex**ample using the [reprex](https://reprex.tidyverse.org/) package. -If you haven't heard of or used reprex before, you're in for a treat! -Seriously, reprex will make all of your R-question-asking endeavors easier (which is a pretty insane ROI for the five to ten minutes it'll take you to learn what it's all about). -For additional reprex pointers, check out the [Get help!](https://www.tidyverse.org/help/) section of the tidyverse site. - -## Where to ask? - -Armed with your reprex, the next step is to figure out [where to ask](https://www.tidyverse.org/help/#where-to-ask). - -* If it's a question: start with [community.rstudio.com](https://community.rstudio.com/), and/or StackOverflow. There are more people there to answer questions. - -* If it's a bug: you're in the right place, [file an issue](https://github.com/r-lib/httr/issues/new). - -* If you're not sure: let the community help you figure it out! - If your problem _is_ a bug or a feature request, you can easily return here and report it. - -Before opening a new issue, be sure to [search issues and pull requests](https://github.com/r-lib/httr/issues) to make sure the bug hasn't been reported and/or already fixed in the development version. -By default, the search will be pre-populated with `is:issue is:open`. -You can [edit the qualifiers](https://help.github.com/articles/searching-issues-and-pull-requests/) (e.g. `is:pr`, `is:closed`) as needed. -For example, you'd simply remove `is:open` to search _all_ issues in the repo, open or closed. - -## What happens next? - -To be as efficient as possible, development of tidyverse packages tends to be very bursty, so you shouldn't worry if you don't get an immediate response. -Typically we don't look at a repo until a sufficient quantity of issues accumulates, then there’s a burst of intense activity as we focus our efforts. -That makes development more efficient because it avoids expensive context switching between problems, at the cost of taking longer to get back to you. -This process makes a good reprex particularly important because it might be multiple months between your initial report and when we start working on it. -If we can’t reproduce the bug, we can’t fix it! diff --git a/.github/workflows/R-CMD-check.yaml b/.github/workflows/R-CMD-check.yaml deleted file mode 100644 index 0929ded8..00000000 --- a/.github/workflows/R-CMD-check.yaml +++ /dev/null @@ -1,98 +0,0 @@ -on: - push: - branches: - - master - pull_request: - branches: - - master - -name: R-CMD-check - -jobs: - R-CMD-check: - runs-on: ${{ matrix.config.os }} - - name: ${{ matrix.config.os }} (${{ matrix.config.r }}) - - strategy: - fail-fast: false - matrix: - config: - - {os: macOS-latest, r: 'devel'} - - {os: macOS-latest, r: 'release'} - - {os: windows-latest, r: 'release'} - - {os: windows-latest, r: '3.6'} - - {os: ubuntu-16.04, r: 'release', rspm: "https://packagemanager.rstudio.com/cran/__linux__/xenial/latest"} - - {os: ubuntu-16.04, r: 'oldrel', rspm: "https://packagemanager.rstudio.com/cran/__linux__/xenial/latest"} - - {os: ubuntu-16.04, r: '3.5', rspm: "https://packagemanager.rstudio.com/cran/__linux__/xenial/latest"} - - {os: ubuntu-16.04, r: '3.4', rspm: "https://packagemanager.rstudio.com/cran/__linux__/xenial/latest"} - - {os: ubuntu-16.04, r: '3.3', rspm: "https://packagemanager.rstudio.com/cran/__linux__/xenial/latest"} - - env: - R_REMOTES_NO_ERRORS_FROM_WARNINGS: true - RSPM: ${{ matrix.config.rspm }} - GITHUB_PAT: ${{ secrets.GITHUB_TOKEN }} - - steps: - - uses: actions/checkout@v2 - - - uses: r-lib/actions/setup-r@master - with: - r-version: ${{ matrix.config.r }} - - - uses: r-lib/actions/setup-pandoc@master - - - name: Query dependencies - run: | - install.packages('remotes') - saveRDS(remotes::dev_package_deps(dependencies = TRUE), ".github/depends.Rds", version = 2) - writeLines(sprintf("R-%i.%i", getRversion()$major, getRversion()$minor), ".github/R-version") - shell: Rscript {0} - - - name: Cache R packages - if: runner.os != 'Windows' - uses: actions/cache@v1 - with: - path: ${{ env.R_LIBS_USER }} - key: ${{ runner.os }}-${{ hashFiles('.github/R-version') }}-1-${{ hashFiles('.github/depends.Rds') }} - restore-keys: ${{ runner.os }}-${{ hashFiles('.github/R-version') }}-1- - - - name: Install system dependencies - if: runner.os == 'Linux' - env: - RHUB_PLATFORM: linux-x86_64-ubuntu-gcc - run: | - Rscript -e "remotes::install_github('r-hub/sysreqs')" - sysreqs=$(Rscript -e "cat(sysreqs::sysreq_commands('DESCRIPTION'))") - sudo -s eval "$sysreqs" - - - name: Install dependencies - run: | - remotes::install_deps(dependencies = TRUE) - remotes::install_cran("rcmdcheck") - shell: Rscript {0} - - - name: Session info - run: | - options(width = 100) - pkgs <- installed.packages()[, "Package"] - sessioninfo::session_info(pkgs, include_base = TRUE) - shell: Rscript {0} - - - name: Check - env: - _R_CHECK_CRAN_INCOMING_: false - run: rcmdcheck::rcmdcheck(args = c("--no-manual", "--as-cran"), error_on = "warning", check_dir = "check") - shell: Rscript {0} - - - name: Show testthat output - if: always() - run: find check -name 'testthat.Rout*' -exec cat '{}' \; || true - shell: bash - - - name: Upload check results - if: failure() - uses: actions/upload-artifact@master - with: - name: ${{ runner.os }}-r${{ matrix.config.r }}-results - path: check diff --git a/.github/workflows/pkgdown.yaml b/.github/workflows/pkgdown.yaml deleted file mode 100644 index 8bc92105..00000000 --- a/.github/workflows/pkgdown.yaml +++ /dev/null @@ -1,46 +0,0 @@ -on: - push: - branches: master - -name: pkgdown - -jobs: - pkgdown: - runs-on: macOS-latest - env: - GITHUB_PAT: ${{ secrets.GITHUB_TOKEN }} - steps: - - uses: actions/checkout@v2 - - - uses: r-lib/actions/setup-r@master - - - uses: r-lib/actions/setup-pandoc@master - - - name: Query dependencies - run: | - install.packages('remotes') - saveRDS(remotes::dev_package_deps(dependencies = TRUE), ".github/depends.Rds", version = 2) - writeLines(sprintf("R-%i.%i", getRversion()$major, getRversion()$minor), ".github/R-version") - shell: Rscript {0} - - - name: Cache R packages - uses: actions/cache@v1 - with: - path: ${{ env.R_LIBS_USER }} - key: ${{ runner.os }}-${{ hashFiles('.github/R-version') }}-1-${{ hashFiles('.github/depends.Rds') }} - restore-keys: ${{ runner.os }}-${{ hashFiles('.github/R-version') }}-1- - - - name: Install dependencies - run: | - remotes::install_deps(dependencies = TRUE) - install.packages("pkgdown") - shell: Rscript {0} - - - name: Install package - run: R CMD INSTALL . - - - name: Deploy package - run: | - git config --local user.email "actions@github.com" - git config --local user.name "GitHub Actions" - Rscript -e 'pkgdown::deploy_to_branch(new_process = FALSE)' diff --git a/.github/workflows/pr-commands.yaml b/.github/workflows/pr-commands.yaml deleted file mode 100644 index 0d3cb716..00000000 --- a/.github/workflows/pr-commands.yaml +++ /dev/null @@ -1,51 +0,0 @@ -on: - issue_comment: - types: [created] -name: Commands -jobs: - document: - if: startsWith(github.event.comment.body, '/document') - name: document - runs-on: macOS-latest - env: - GITHUB_PAT: ${{ secrets.GITHUB_TOKEN }} - steps: - - uses: actions/checkout@v2 - - uses: r-lib/actions/pr-fetch@master - with: - repo-token: ${{ secrets.GITHUB_TOKEN }} - - uses: r-lib/actions/setup-r@master - - name: Install dependencies - run: Rscript -e 'install.packages(c("remotes", "roxygen2"))' -e 'remotes::install_deps(dependencies = TRUE)' - - name: Document - run: Rscript -e 'roxygen2::roxygenise()' - - name: commit - run: | - git add man/\* NAMESPACE - git commit -m 'Document' - - uses: r-lib/actions/pr-push@master - with: - repo-token: ${{ secrets.GITHUB_TOKEN }} - style: - if: startsWith(github.event.comment.body, '/style') - name: style - runs-on: macOS-latest - env: - GITHUB_PAT: ${{ secrets.GITHUB_TOKEN }} - steps: - - uses: actions/checkout@v2 - - uses: r-lib/actions/pr-fetch@master - with: - repo-token: ${{ secrets.GITHUB_TOKEN }} - - uses: r-lib/actions/setup-r@master - - name: Install dependencies - run: Rscript -e 'install.packages("styler")' - - name: Style - run: Rscript -e 'styler::style_pkg()' - - name: commit - run: | - git add \*.R - git commit -m 'Style' - - uses: r-lib/actions/pr-push@master - with: - repo-token: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/test-coverage.yaml b/.github/workflows/test-coverage.yaml deleted file mode 100644 index 3058d037..00000000 --- a/.github/workflows/test-coverage.yaml +++ /dev/null @@ -1,46 +0,0 @@ -on: - push: - branches: - - master - pull_request: - branches: - - master - -name: test-coverage - -jobs: - test-coverage: - runs-on: macOS-latest - env: - GITHUB_PAT: ${{ secrets.GITHUB_TOKEN }} - steps: - - uses: actions/checkout@v2 - - - uses: r-lib/actions/setup-r@master - - - uses: r-lib/actions/setup-pandoc@master - - - name: Query dependencies - run: | - install.packages('remotes') - saveRDS(remotes::dev_package_deps(dependencies = TRUE), ".github/depends.Rds", version = 2) - writeLines(sprintf("R-%i.%i", getRversion()$major, getRversion()$minor), ".github/R-version") - shell: Rscript {0} - - - name: Cache R packages - uses: actions/cache@v1 - with: - path: ${{ env.R_LIBS_USER }} - key: ${{ runner.os }}-${{ hashFiles('.github/R-version') }}-1-${{ hashFiles('.github/depends.Rds') }} - restore-keys: ${{ runner.os }}-${{ hashFiles('.github/R-version') }}-1- - - - name: Install dependencies - run: | - install.packages(c("remotes")) - remotes::install_deps(dependencies = TRUE) - remotes::install_cran("covr") - shell: Rscript {0} - - - name: Test coverage - run: covr::codecov() - shell: Rscript {0}