chore: Update dependencies and fix test suite (#158)

Gemfile

@@ -2,24 +2,25 @@ source 'https://rubygems.org'
 
 gemspec
 
-gem 'gem-release'
-gem 'jwt'
-gem 'rake'
+gem 'gem-release', '~> 2'
+gem 'jwt', '~> 2'
+gem 'rake', '~> 13'
 
 group :development do
-  gem 'dotenv'
-  gem 'pry'
-  gem 'rubocop', require: false
-  gem 'shotgun'
-  gem 'sinatra'
-  gem 'thin'
+  gem 'dotenv', '~> 2'
+  gem 'pry', '~> 0'
+  gem 'rubocop', '~> 1', require: false
+  gem 'shotgun', '~> 0'
+  gem 'sinatra', '~> 2'
+  gem 'thin', '~> 1'
 end
 
 group :test do
-  gem 'guard-rspec', require: false
+  gem 'guard-rspec', '~> 4', require: false
   gem 'listen', '~> 3'
-  gem 'rack-test', '>= 2.0.0'
-  gem 'rspec', '~> 3.5'
-  gem 'simplecov-cobertura'
-  gem 'webmock', '>= 3.12.2'
+  gem 'rack-test', '~> 2'
+  gem 'rspec', '~> 3'
+  gem 'simplecov-cobertura', '~> 2'
+  gem 'webmock', '~> 3'
+  gem 'multi_json', '~> 1'
 end

Gemfile.lock

@@ -2,27 +2,27 @@ PATH
   remote: .
   specs:
     omniauth-auth0 (3.0.0)
-      omniauth (~> 2.0)
-      omniauth-oauth2 (~> 1.7)
+      omniauth (~> 2)
+      omniauth-oauth2 (~> 1)
 
 GEM
   remote: https://rubygems.org/
   specs:
-    addressable (2.8.0)
-      public_suffix (>= 2.0.2, < 5.0)
+    addressable (2.8.1)
+      public_suffix (>= 2.0.2, < 6.0)
     ast (2.4.2)
     coderay (1.1.3)
     crack (0.4.5)
       rexml
     daemons (1.4.1)
     diff-lcs (1.5.0)
     docile (1.4.0)
-    dotenv (2.7.6)
+    dotenv (2.8.1)
     eventmachine (1.2.7)
-    faraday (2.3.0)
-      faraday-net_http (~> 2.0)
+    faraday (2.7.1)
+      faraday-net_http (>= 2.0, < 3.1)
       ruby2_keywords (>= 0.0.4)
-    faraday-net_http (2.0.3)
+    faraday-net_http (3.0.2)
     ffi (1.15.5)
     formatador (1.1.0)
     gem-release (2.2.2)
@@ -42,75 +42,78 @@ GEM
       rspec (>= 2.99.0, < 4.0)
     hashdiff (1.0.1)
     hashie (5.0.0)
-    jwt (2.3.0)
+    json (2.6.3)
+    jwt (2.5.0)
     listen (3.7.1)
       rb-fsevent (~> 0.10, >= 0.10.3)
       rb-inotify (~> 0.9, >= 0.9.10)
     lumberjack (1.2.8)
     method_source (1.0.0)
     multi_json (1.15.0)
     multi_xml (0.6.0)
-    mustermann (1.1.1)
+    mustermann (2.0.2)
       ruby2_keywords (~> 0.0.1)
     nenv (0.3.0)
     notiffany (0.1.3)
       nenv (~> 0.1)
       shellany (~> 0.0)
-    oauth2 (1.4.9)
+    oauth2 (2.0.9)
       faraday (>= 0.17.3, < 3.0)
       jwt (>= 1.0, < 3.0)
-      multi_json (~> 1.3)
       multi_xml (~> 0.5)
-      rack (>= 1.2, < 3)
+      rack (>= 1.2, < 4)
+      snaky_hash (~> 2.0)
+      version_gem (~> 1.1)
     omniauth (2.1.0)
       hashie (>= 3.4.6)
       rack (>= 2.2.3)
       rack-protection
-    omniauth-oauth2 (1.7.2)
-      oauth2 (~> 1.4)
-      omniauth (>= 1.9, < 3)
+    omniauth-oauth2 (1.8.0)
+      oauth2 (>= 1.4, < 3)
+      omniauth (~> 2.0)
     parallel (1.22.1)
-    parser (3.1.2.0)
+    parser (3.1.3.0)
       ast (~> 2.4.1)
     pry (0.14.1)
       coderay (~> 1.1)
       method_source (~> 1.0)
-    public_suffix (4.0.7)
-    rack (2.2.3.1)
-    rack-protection (2.2.0)
+    public_suffix (5.0.0)
+    rack (2.2.4)
+    rack-protection (2.2.3)
       rack
-    rack-test (1.1.0)
-      rack (>= 1.0, < 3)
+    rack-test (2.0.2)
+      rack (>= 1.3)
     rainbow (3.1.1)
     rake (13.0.6)
-    rb-fsevent (0.11.1)
+    rb-fsevent (0.11.2)
     rb-inotify (0.10.1)
       ffi (~> 1.0)
-    regexp_parser (2.5.0)
+    regexp_parser (2.6.1)
     rexml (3.2.5)
-    rspec (3.11.0)
-      rspec-core (~> 3.11.0)
-      rspec-expectations (~> 3.11.0)
-      rspec-mocks (~> 3.11.0)
-    rspec-core (3.11.0)
-      rspec-support (~> 3.11.0)
-    rspec-expectations (3.11.0)
+    rspec (3.12.0)
+      rspec-core (~> 3.12.0)
+      rspec-expectations (~> 3.12.0)
+      rspec-mocks (~> 3.12.0)
+    rspec-core (3.12.0)
+      rspec-support (~> 3.12.0)
+    rspec-expectations (3.12.0)
       diff-lcs (>= 1.2.0, < 2.0)
-      rspec-support (~> 3.11.0)
-    rspec-mocks (3.11.1)
+      rspec-support (~> 3.12.0)
+    rspec-mocks (3.12.0)
       diff-lcs (>= 1.2.0, < 2.0)
-      rspec-support (~> 3.11.0)
-    rspec-support (3.11.0)
-    rubocop (1.30.0)
+      rspec-support (~> 3.12.0)
+    rspec-support (3.12.0)
+    rubocop (1.39.0)
+      json (~> 2.3)
       parallel (~> 1.10)
-      parser (>= 3.1.0.0)
+      parser (>= 3.1.2.1)
       rainbow (>= 2.2.2, < 4.0)
       regexp_parser (>= 1.8, < 3.0)
       rexml (>= 3.2.5, < 4.0)
-      rubocop-ast (>= 1.18.0, < 2.0)
+      rubocop-ast (>= 1.23.0, < 2.0)
       ruby-progressbar (~> 1.7)
       unicode-display_width (>= 1.4.0, < 3.0)
-    rubocop-ast (1.18.0)
+    rubocop-ast (1.24.0)
       parser (>= 3.1.1.0)
     ruby-progressbar (1.11.0)
     ruby2_keywords (0.0.5)
@@ -126,19 +129,23 @@ GEM
       simplecov (~> 0.19)
     simplecov-html (0.12.3)
     simplecov_json_formatter (0.1.4)
-    sinatra (2.2.0)
-      mustermann (~> 1.0)
+    sinatra (2.2.3)
+      mustermann (~> 2.0)
       rack (~> 2.2)
-      rack-protection (= 2.2.0)
+      rack-protection (= 2.2.3)
       tilt (~> 2.0)
+    snaky_hash (2.0.1)
+      hashie
+      version_gem (~> 1.1, >= 1.1.1)
     thin (1.8.1)
       daemons (~> 1.0, >= 1.0.9)
       eventmachine (~> 1.0, >= 1.0.4)
       rack (>= 1, < 3)
     thor (1.2.1)
-    tilt (2.0.10)
-    unicode-display_width (2.1.0)
-    webmock (3.14.0)
+    tilt (2.0.11)
+    unicode-display_width (2.3.0)
+    version_gem (1.1.1)
+    webmock (3.18.1)
       addressable (>= 2.8.0)
       crack (>= 0.3.2)
       hashdiff (>= 0.4.0, < 2.0.0)
@@ -151,22 +158,23 @@ PLATFORMS
 
 DEPENDENCIES
   bundler
-  dotenv
-  gem-release
-  guard-rspec
-  jwt
+  dotenv (~> 2)
+  gem-release (~> 2)
+  guard-rspec (~> 4)
+  jwt (~> 2)
   listen (~> 3)
+  multi_json (~> 1)
   omniauth-auth0!
-  pry
-  rack-test
-  rake
-  rspec (~> 3.5)
-  rubocop
-  shotgun
-  simplecov-cobertura
-  sinatra
-  thin
-  webmock (>= 3.12.2)
+  pry (~> 0)
+  rack-test (~> 2)
+  rake (~> 13)
+  rspec (~> 3)
+  rubocop (~> 1)
+  shotgun (~> 0)
+  simplecov-cobertura (~> 2)
+  sinatra (~> 2)
+  thin (~> 1)
+  webmock (~> 3)
 
 BUNDLED WITH
    2.3.7

omniauth-auth0.gemspec

@@ -21,10 +21,10 @@ omniauth-auth0 is the OmniAuth strategy for Auth0.
   s.executables   = `git ls-files -- bin/*`.split('\n').map{ |f| File.basename(f) }
   s.require_paths = ['lib']
 
-  s.add_runtime_dependency 'omniauth', '~> 2.0'
-  s.add_runtime_dependency 'omniauth-oauth2', '~> 1.7'
+  s.add_runtime_dependency 'omniauth', '~> 2'
+  s.add_runtime_dependency 'omniauth-oauth2', '~> 1'
 
   s.add_development_dependency 'bundler'
-  
+
   s.license = 'MIT'
 end

spec/omniauth/auth0/jwt_validator_spec.rb

@@ -357,7 +357,7 @@
         message: "Nonce (nonce) claim value mismatch in the ID token; expected (noncey), found (mismatch)"
       }))
     end
-    
+
     it 'should fail when “aud” is an array of strings and azp claim is not present' do
       aud = [
         client_id,
@@ -544,7 +544,7 @@
       expect do
         verified_token = make_jwt_validator(opt_domain: domain).verify(token)
       end.to raise_error(an_instance_of(JWT::VerificationError).and having_attributes({
-        message: "Signature verification raised"
+        message: "Signature verification failed"
       }))
     end
 

spec/omniauth/strategies/auth0_spec.rb

@@ -2,6 +2,7 @@
 
 require 'spec_helper'
 require 'jwt'
+require 'multi_json'
 
 OmniAuth.config.allowed_request_methods = [:get, :post]