KnockRails3 2.1.1

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: e9f0af023a92177f1547e7aab56b1a72a49a8aa4
+  data.tar.gz: 5ee385e7811b37f4d0cfb9a69db494f50600383b
+SHA512:
+  metadata.gz: '0739ec58775ca1e7e8930266029600ede81f86ea59a614aa6a8914ad485decec68ac9574f3178a3a6ffa4d9c069353c97d0b4cffea47c22b6cdf84ae74b73fb4'
+  data.tar.gz: aca684c4d0b825404052d246991a6d3e6c45e740624a18e5f7b1ec4aafb1c351c6a6d4c670e0e80ebe2ef1dd1aede41155416d86c99c3fbf8985993bb9efbcdc

data/MIT-LICENSE

@@ -0,0 +1,20 @@
+Copyright 2015 Arnaud MESUREUR
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/Rakefile

@@ -0,0 +1,39 @@
+require "rubygems"
+
+begin
+  require 'bundler/setup'
+rescue LoadError
+  puts 'You must `gem install bundler` and `bundle install` to run rake tasks'
+end
+
+require 'rdoc/task'
+
+RDoc::Task.new(:rdoc) do |rdoc|
+  rdoc.rdoc_dir = 'rdoc'
+  rdoc.title    = 'KnockRails3'
+  rdoc.options << '--line-numbers'
+  rdoc.rdoc_files.include('README.rdoc')
+  rdoc.rdoc_files.include('lib/**/*.rb')
+end
+
+APP_RAKEFILE = File.expand_path("../test/dummy/Rakefile", __FILE__)
+load 'rails/tasks/engine.rake'
+
+
+load 'rails/tasks/statistics.rake'
+
+
+
+Bundler::GemHelper.install_tasks
+
+require 'rake/testtask'
+
+Rake::TestTask.new(:test) do |t|
+  t.libs << 'lib'
+  t.libs << 'test'
+  t.pattern = 'test/**/*_test.rb'
+  t.verbose = false
+end
+
+
+task default: :test

data/app/controllers/knock_rails3/application_controller.rb

@@ -0,0 +1,11 @@
+module KnockRails3
+  class ApplicationController < ActionController::Base
+    rescue_from KnockRails3.not_found_exception_class_name, with: :not_found
+
+  private
+
+    def not_found
+      head :not_found
+    end
+  end
+end

data/app/controllers/knock_rails3/auth_token_controller.rb

@@ -0,0 +1,47 @@
+require_dependency "knock_rails3/application_controller"
+
+module KnockRails3
+  class AuthTokenController < ApplicationController
+    before_filter :authenticate
+
+    def create
+      render json: auth_token, status: :created
+    end
+
+  private
+    def authenticate
+      unless entity.present? && entity.authenticate(auth_params[:password])
+        raise KnockRails3.not_found_exception_class
+      end
+    end
+
+    def auth_token
+      if entity.respond_to? :to_token_payload
+        AuthToken.new payload: entity.to_token_payload
+      else
+        AuthToken.new payload: { sub: entity.id }
+      end
+    end
+
+    def entity
+      @entity ||=
+        if entity_class.respond_to? :from_token_request
+          entity_class.from_token_request request
+        else
+          entity_class.find_by_email(auth_params[:email])
+        end
+    end
+
+    def entity_class
+      entity_name.constantize
+    end
+
+    def entity_name
+      self.class.name.scan(/\w+/).last.split('TokenController').first
+    end
+
+    def auth_params
+      params[:auth]
+    end
+  end
+end

data/app/model/knock_rails3/auth_token.rb

@@ -0,0 +1,78 @@
+require 'jwt'
+
+module KnockRails3
+  class AuthToken
+    attr_reader :token
+    attr_reader :payload
+
+    def initialize payload: {}, token: nil, verify_options: {}
+      if token.present?
+        @payload, _ = JWT.decode token.to_s, decode_key, true, options.merge(verify_options)
+        @token = token
+      else
+        @payload = claims.merge(payload)
+        @token = JWT.encode @payload,
+          secret_key,
+          KnockRails3.token_signature_algorithm
+      end
+    end
+
+    def entity_for entity_class
+      if entity_class.respond_to? :from_token_payload
+        entity_class.from_token_payload @payload
+      else
+        entity_class.find @payload['sub']
+      end
+    end
+
+    def to_json options = {}
+      {jwt: @token}.to_json
+    end
+
+  private
+    def secret_key
+      KnockRails3.token_secret_signature_key.call
+    end
+
+    def decode_key
+      KnockRails3.token_public_key || secret_key
+    end
+
+    def options
+      verify_claims.merge({
+        algorithm: KnockRails3.token_signature_algorithm
+      })
+    end
+
+    def claims
+      _claims = {}
+      _claims[:exp] = token_lifetime if verify_lifetime?
+      _claims[:aud] = token_audience if verify_audience?
+      _claims
+    end
+
+    def token_lifetime
+      KnockRails3.token_lifetime.from_now.to_i if verify_lifetime?
+    end
+
+    def verify_lifetime?
+      !KnockRails3.token_lifetime.nil?
+    end
+
+    def verify_claims
+      {
+        aud: token_audience,
+        verify_aud: verify_audience?,
+        verify_expiration: verify_lifetime?
+      }
+    end
+
+    def token_audience
+      verify_audience? && KnockRails3.token_audience.call
+    end
+
+    def verify_audience?
+      KnockRails3.token_audience.present?
+    end
+  end
+end

data/config/routes.rb

@@ -0,0 +1,3 @@
+KnockRails3::Engine.routes.draw do
+  post 'auth_token' => 'auth_token#create'
+end

data/lib/KnockRails3.rb

@@ -0,0 +1,31 @@
+require "knock_rails3/engine"
+
+module KnockRails3
+  mattr_accessor :token_lifetime
+  self.token_lifetime = 1.day
+
+  mattr_accessor :token_audience
+  self.token_audience = nil
+
+  mattr_accessor :token_signature_algorithm
+  self.token_signature_algorithm = 'HS256'
+
+  mattr_accessor :token_secret_signature_key
+  self.token_secret_signature_key = -> { Rails.application.secrets.secret_key_base }
+
+  mattr_accessor :token_public_key
+  self.token_public_key = nil
+
+  mattr_accessor :not_found_exception_class_name
+  self.not_found_exception_class_name = 'ActiveRecord::RecordNotFound'
+
+  def self.not_found_exception_class
+    not_found_exception_class_name.to_s.constantize
+  end
+
+  # Default way to setup KnockRails3. Run `rails generate KnockRails3:install` to create
+  # a fresh initializer with all configuration values.
+  def self.setup
+    yield self
+  end
+end

data/lib/generators/knock_rails3/install_generator.rb

@@ -0,0 +1,13 @@
+require 'rails/generators'
+
+module KnockRails3
+  class InstallGenerator < Rails::Generators::Base
+    source_root File.expand_path("../../templates", __FILE__)
+
+    desc "Creates a KnockRails3 initializer."
+
+    def copy_initializer
+      template 'knock_rails3.rb', 'config/initializers/knock_rails3.rb'
+    end
+  end
+end

data/lib/generators/knock_rails3/token_controller_generator.rb

@@ -0,0 +1,27 @@
+require 'rails/generators'
+
+module KnockRails3
+  class TokenControllerGenerator < Rails::Generators::Base
+    source_root File.expand_path("../../templates", __FILE__)
+    argument :name, type: :string
+
+    desc <<-DESC
+      Creates a KnockRails3 token controller for the given entity
+      and add the corresponding routes.
+    DESC
+
+    def copy_controller_file
+      template 'entity_token_controller.rb.erb', "app/controllers/#{name.underscore}_token_controller.rb"
+    end
+
+    def add_route
+      route "post '#{name.underscore}_token' => '#{name.underscore}_token#create'"
+    end
+
+    private
+
+    def entity_name
+      name
+    end
+  end
+end

data/lib/generators/templates/entity_token_controller.rb.erb

@@ -0,0 +1,2 @@
+class <%= entity_name.camelize %>TokenController < KnockRails3::AuthTokenController
+end

data/lib/generators/templates/knock_rails3.rb

@@ -0,0 +1,59 @@
+KnockRails3.setup do |config|
+
+  ## Expiration claim
+  ## ----------------
+  ##
+  ## How long before a token is expired. If nil is provided, token will
+  ## last forever.
+  ##
+  ## Default:
+  # config.token_lifetime = 1.day
+
+
+  ## Audience claim
+  ## --------------
+  ##
+  ## Configure the audience claim to identify the recipients that the token
+  ## is intended for.
+  ##
+  ## Default:
+  # config.token_audience = nil
+
+  ## If using Auth0, uncomment the line below
+  # config.token_audience = -> { Rails.application.secrets.auth0_client_id }
+
+  ## Signature algorithm
+  ## -------------------
+  ##
+  ## Configure the algorithm used to encode the token
+  ##
+  ## Default:
+  # config.token_signature_algorithm = 'HS256'
+
+  ## Signature key
+  ## -------------
+  ##
+  ## Configure the key used to sign tokens.
+  ##
+  ## Default:
+  # config.token_secret_signature_key = -> { Rails.application.secrets.secret_key_base }
+
+  ## If using Auth0, uncomment the line below
+  # config.token_secret_signature_key = -> { JWT.base64url_decode Rails.application.secrets.auth0_client_secret }
+
+  ## Public key
+  ## ----------
+  ##
+  ## Configure the public key used to decode tokens, if required.
+  ##
+  ## Default:
+  # config.token_public_key = nil
+
+  ## Exception Class
+  ## ---------------
+  ##
+  ## Configure the exception to be used when user cannot be found.
+  ##
+  ## Default:
+  # config.not_found_exception_class_name = 'ActiveRecord::RecordNotFound'
+end

data/lib/knock_rails3/authenticable.rb

@@ -0,0 +1,60 @@
+module KnockRails3::Authenticable
+  def authenticate_for entity_class
+    getter_name = "current_api_#{entity_class.to_s.parameterize.underscore}"
+    define_current_entity_getter(entity_class, getter_name)
+    public_send(getter_name)
+  end
+
+  private
+
+  def token
+    params[:token] || token_from_request_headers
+  end
+
+  def method_missing(method, *args)
+    prefix, api_prefix, entity_name = method.to_s.split('_', 3)
+    case prefix
+    when 'authenticate'
+      unauthorized_entity(entity_name) unless authenticate_entity(entity_name)
+    when 'current'
+      authenticate_entity(entity_name)
+    else
+      super
+    end
+  end
+
+  def authenticate_entity(entity_name)
+    if token
+      entity_class = entity_name.camelize.constantize
+      send(:authenticate_for, entity_class)
+    end
+  end
+
+  def unauthorized_entity(entity_name)
+    head(:unauthorized)
+  end
+
+  def token_from_request_headers
+    unless request.headers['Authorization'].nil?
+      request.headers['Authorization'].split.last
+    end
+  end
+
+  def define_current_entity_getter entity_class, getter_name
+    unless self.respond_to?(getter_name)
+      memoization_var_name = "@_#{getter_name}"
+      self.class.send(:define_method, getter_name) do
+        unless instance_variable_defined?(memoization_var_name)
+          current =
+            begin
+              KnockRails3::AuthToken.new(token: token).entity_for(entity_class)
+          rescue KnockRails3.not_found_exception_class, JWT::DecodeError
+              nil
+            end
+          instance_variable_set(memoization_var_name, current)
+        end
+        instance_variable_get(memoization_var_name)
+      end
+    end
+  end
+end

data/lib/knock_rails3/engine.rb

@@ -0,0 +1,6 @@
+module KnockRails3
+  class Engine < ::Rails::Engine
+    config.eager_load_paths += Dir["#{config.root}/lib/**/"]
+    isolate_namespace KnockRails3
+  end
+end

data/lib/knock_rails3/version.rb

@@ -0,0 +1,3 @@
+module KnockRails3
+  VERSION = "2.1.1"
+end

data/lib/tasks/KnockRails3_tasks.rake

@@ -0,0 +1,4 @@
+# desc "Explaining what the task does"
+# task :KnockRails3 do
+#   # Task goes here
+# end

data/test/dummy/README.rdoc

@@ -0,0 +1,28 @@
+== README
+
+This README would normally document whatever steps are necessary to get the
+application up and running.
+
+Things you may want to cover:
+
+* Ruby version
+
+* System dependencies
+
+* Configuration
+
+* Database creation
+
+* Database initialization
+
+* How to run the test suite
+
+* Services (job queues, cache servers, search engines, etc.)
+
+* Deployment instructions
+
+* ...
+
+
+Please feel free to use a different markup language if you do not plan to run
+<tt>rake doc:app</tt>.