RubyGems - DMAO-WardenJWT - Versions diffs - 0.2.0 → 0.3.0 - Mend

DMAO-WardenJWT 0.2.0 → 0.3.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (5) hide show

checksums.yaml +4 -4
data/README.md +31 -8
data/lib/DMAO/WardenJWT/strategy.rb +1 -1
data/lib/DMAO/WardenJWT/version.rb +2 -2
metadata +1 -1

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 9775a6a050d93f11776108149cca585c5c84ccdf
-  data.tar.gz: 172829a613241f61b7db2ee66b61aa226a4b8562
+  metadata.gz: 2a14436fd64a92c2d7974536611ef7d32f80c4e6
+  data.tar.gz: 2b70e9034bdce68159aae057aaf500b785886484
 SHA512:
-  metadata.gz: 7cb8db6251637ab18d38be8b82cdc3171556b9ffc0b212593197cdd75cf1cf9970f83fb1f379b3f72608ea69f3996f5ec395ebf4e5139fe10c48d2adfbf3cb1a
-  data.tar.gz: b3fa6c1a414c2f5da80caeac21f31270cdeb83c877fa07e0fd703927226eacc38de7b43af1447498db83f6ca37706bf5fb06e9364275961696a4868fac0e5755
+  metadata.gz: d7bb07942951266b14b81319f8a31f95456a1e2a138ea4868477268e9d14bc07b8b06c13ef1a06599a268525baaef1b4456ec5cfd9bd6dc24f32c00578cc99b2
+  data.tar.gz: 6c296c180c02e55f686f0e620e2860da4e433afd3f5c1aa351c87694a6f1c29f65ebd596043f837b7901fe343e15bcf53b1382d0c43e12df3db82eb3d894f5ee

data/README.md CHANGED Viewed

@@ -1,15 +1,15 @@
-# WardenJWT
+# DMAO-WardenJWT
-Welcome to your new gem! In this directory, you'll find the files you need to be able to package up your Ruby library into a gem. Put your Ruby code in the file `lib/WardenJWT`. To experiment with that code, run `bin/console` for an interactive prompt.
+Warden Strategy for DMA Online JWT Authentication. Checks for a JWT (JSON Web Token) in either the Authorization header as a Bearer token or the get parameters of the request.
-TODO: Delete this and the text above, and describe your gem
+On successful authentication it returns an instance of DMAO::WardenJWT::User which has attributes and methods for checking the users institution as well as authenticated roles.
 ## Installation
 Add this line to your application's Gemfile:
 ```ruby
-gem 'WardenJWT'
+gem 'DMAO-WardenJWT'
 ```
 And then execute:
@@ -18,11 +18,35 @@ And then execute:
 Or install it yourself as:
-    $ gem install WardenJWT
+    $ gem install Bundle-WardenJWT
 ## Usage
-TODO: Write usage instructions here
+DMAO-WardenJWT requires the following environment variables to be set, this can be done using the [dotenv gem](https://rubygems.org/gems/dotenv).
+| Environment Variable | Description |
+| --- | --- |
+| JWT_VERIFY_ISS | Boolean for whether to verify the token issuer (false allows for jwt_issuer to be nil) |
+| JWT_VERIFY_AUD | Boolean for whether to verify the token audience (false allows for jwt_audience to be nil) |
+| JWT_VERIFY_IAT | Boolean for whether to verify the issued at timestamp of the token |
+| JWT_SECRET | The secret used to verify the integrity of the JWT (required) |
+| JWT_ISSUER | The issuer of the JWT (required) |
+| JWT_AUDIENCE | The audience for the JWT (required) |
+| JWT_CUSTOM_CLAIMS_ATTRIBUTE | The name of the claim within the JWT to extract as the DMA Online custom claims (`dmao` is a sensible default) |
+### Failure App
+**DMAO-WardenJWT** does not define a failure app. Handling authentication failure should be handled within the service/application using this.
+### Rails Usage
+After including the gem add the following to `config/application.rb`. This is correct for using with Rails 5 when in API mode.
+```ruby
+config.middleware.insert_after Rack::ETag, Warden::Manager do |manager|
+  manager.default_strategies :jwt
+end
+```
 ## Development
@@ -32,10 +56,9 @@ To install this gem onto your local machine, run `bundle exec rake install`. To
 ## Contributing
-Bug reports and pull requests are welcome on GitHub at https://github.com/[USERNAME]/WardenJWT.
+Bug reports and pull requests are welcome on GitHub at https://github.com/lulibrary/DMAO-WardenJWT.
 ## License
 The gem is available as open source under the terms of the [MIT License](http://opensource.org/licenses/MIT).

data/lib/DMAO/WardenJWT/strategy.rb CHANGED Viewed

@@ -23,7 +23,7 @@ module DMAO
       def bearer_token
         pattern = /^Bearer /
-        header  = request.get_header('HTTP_AUTHORIZATION') # <= env
+        header  = request.env['HTTP_AUTHORIZATION'] # <= env
         header.gsub(pattern, '') if header && header.match(pattern)
       end

data/lib/DMAO/WardenJWT/version.rb CHANGED Viewed

@@ -1,5 +1,5 @@
 module DMAO
   module WardenJWT
-    VERSION = "0.2.0"
+    VERSION = "0.3.0"
   end
-end
+end

metadata CHANGED Viewed

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: DMAO-WardenJWT
 version: !ruby/object:Gem::Version
-  version: 0.2.0
+  version: 0.3.0
 platform: ruby
 authors:
 - Stephen Robinson