diff --git a/lib/omniauth/google_oauth2/version.rb b/lib/omniauth/google_oauth2/version.rb index c921db2..4afea47 100644 --- a/lib/omniauth/google_oauth2/version.rb +++ b/lib/omniauth/google_oauth2/version.rb @@ -2,6 +2,6 @@ module OmniAuth module GoogleOauth2 - VERSION = '1.1.3' + VERSION = '1.2.0' end end diff --git a/lib/omniauth/strategies/google_oauth2.rb b/lib/omniauth/strategies/google_oauth2.rb index 9acda88..7d7f4c2 100644 --- a/lib/omniauth/strategies/google_oauth2.rb +++ b/lib/omniauth/strategies/google_oauth2.rb @@ -76,17 +76,17 @@ def authorize_params # We have to manually verify the claims because the third parameter to # JWT.decode is false since no verification key is provided. - ::JWT::Verify.verify_claims(decoded, - verify_iss: true, - iss: ALLOWED_ISSUERS, - verify_aud: true, - aud: options.client_id, - verify_sub: false, - verify_expiration: true, - verify_not_before: true, - verify_iat: false, - verify_jti: false, - leeway: options[:jwt_leeway]) + ::JWT::Claims.verify!(decoded, + verify_iss: true, + iss: ALLOWED_ISSUERS, + verify_aud: true, + aud: options.client_id, + verify_sub: false, + verify_expiration: true, + verify_not_before: true, + verify_iat: false, + verify_jti: false, + leeway: options[:jwt_leeway]) hash[:id_info] = decoded end diff --git a/omniauth-google-oauth2.gemspec b/omniauth-google-oauth2.gemspec index 77a0105..67ca428 100644 --- a/omniauth-google-oauth2.gemspec +++ b/omniauth-google-oauth2.gemspec @@ -18,9 +18,9 @@ Gem::Specification.new do |gem| gem.files = `git ls-files`.split("\n") gem.require_paths = ['lib'] - gem.required_ruby_version = '>= 2.2' + gem.required_ruby_version = '>= 2.5' - gem.add_runtime_dependency 'jwt', '>= 2.0' + gem.add_runtime_dependency 'jwt', '>= 2.9' gem.add_runtime_dependency 'oauth2', '~> 2.0' gem.add_runtime_dependency 'omniauth', '~> 2.0' gem.add_runtime_dependency 'omniauth-oauth2', '~> 1.8'