anycable-rails-jwt 0.1.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA256:
+  metadata.gz: 7e38b60305bc5b61376f47a37f89c09e1abb328e9c8df059cce318db9442f8e2
+  data.tar.gz: 077eadd6f914cfa06076dbf8b58ae7884ca24d760a4184b8433301ba7e453cc4
+SHA512:
+  metadata.gz: b12e6a72e8fa9564922875b30df8842a4d46d5609c19ebbe74d85ce95dac9d05f127c29ebdea32fd818c20b26b31b80de32b5c18384f4265dcd50a87ee6d893f
+  data.tar.gz: 2f2475a62ffd70990edd0e9936c39a883285a77582804f7a15a02fcb38add534320e4245ed894b62994b272f5db0fd77a3706ec1dcc502f31532632a96b25fe2

data/CHANGELOG.md

@@ -0,0 +1,9 @@
+# Change log
+
+## master
+
+## 0.1.0 (2020-09-23)
+
+- Initial version.
+
+[@palkan]: https://github.com/palkan

data/LICENSE.txt

@@ -0,0 +1,22 @@
+Copyright (c) 2021 Vladimir Dementyev
+
+MIT License
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.md

@@ -0,0 +1,82 @@
+[![Gem Version](https://badge.fury.io/rb/anycable-rails-jwt.svg)](https://rubygems.org/gems/anycable-rails-jwt)
+[![Build](https://github.com/anycable/anycable-rails-jwt/workflows/Build/badge.svg)](https://github.com/anycable/anycable-rails-jwt/actions)
+
+# Anycable Rails JWT
+
+AnyCable Rails helpers for [JWT-based identification](https://docs.anycable.io/anycable-go/jwt_identification) from [AnyCable PRO][pro].
+
+## Installation
+
+Add gem to your project:
+
+```ruby
+# Gemfile
+gem "anycable-rails-jwt"
+```
+
+## Usage
+
+### Configuration
+
+This gem extends AnyCable configuration and adds the following new parameters:
+
+- `jwt_id_key`: JWT encryption key used to sign tokens (required).
+- `jwt_id_param`: the name of the query string parameter to carry tokens (defaults to `jid`).
+- `jwt_id_ttl`: the number of seconds for a token to live (defaults to 3600, one hour).
+
+You can specify these parameters in `config/anycable.yml`, credentials, ENV or whatever source of configuration you use for AnyCable.
+
+### `action_cable_with_jwt_meta_tag`
+
+In order to generate a token and pass it to a client, you can use an HTML meta tag similar to the built-in `#action_cable_meta_tag`:
+
+```erb
+<%= action_cable_with_jwt_meta_tag(current_user: current_user) %> would render:
+# => <meta name="action-cable-url" content="ws://demo.anycable.io/cable?token=eyJhbGciOiJIUzI1NiJ9....EWCEzziOx3sKyMoNzBt20a3QvhEdxJXCXaZsA-f-UzU" />
+```
+
+You must pass all the required identifiers you have in your `ApplicationCable::Connection` class.
+
+### `AnyCable::Rails::JWT.encode`
+
+Alternatively, you can generate a token and deliver it to a client the way you prefer. For that, you can use `AnyCable::Rails::JWT.encode` method:
+
+```ruby
+AnyCable::Rails::JWT.encode(current_user: current_user) #=> <token>
+
+# you can also override the global TTL setting via expires_at option
+AnyCable::Rails::JWT.encode(current_user: current_user, expires_at: 10.minutes.from_now)
+```
+
+### Decoding tokens and using without AnyCable
+
+Although the main purpose of this library is to add AnyCable PRO identification support, it's possible to use JWT-based authentication without AnyCable at all. For that, you can do something like this in your `ApplicationCable::Connection` class:
+
+```ruby
+module ApplicationCable
+  class Connection < ActionCable::Connection::Base
+    identified_by :current_user
+
+    def connect
+      token = request.params[:token]
+
+      identifiers = AnyCable::Rails::JWT.decode(token)
+      identifiers.each do |k, v|
+        public_send("#{k}=", v)
+      end
+    rescue JWT::DecodeError
+      reject_unauthorized_connection
+    end
+  end
+end
+```
+
+## Contributing
+
+Bug reports and pull requests are welcome on GitHub at [https://github.com/anycable/anycable-rails-jwt](https://github.com/anycable/anycable-rails-jwt).
+
+## License
+
+The gem is available as open source under the terms of the [MIT License](http://opensource.org/licenses/MIT).
+
+[pro]: https://anycable.io/#pro

data/lib/anycable/rails/jwt/config.rb

@@ -0,0 +1,13 @@
+# frozen_string_literal: true
+
+require "anycable/config"
+# Make sure Rails extensions for Anyway Config are loaded
+# See https://github.com/anycable/anycable-rails/issues/63
+require "anyway/rails"
+
+# Extend AnyCable configuration with jwt_id_key, jwt_id_param, jwt_id_ttl.
+AnyCable::Config.attr_config(
+  :jwt_id_key,
+  jwt_id_param: "jid",
+  jwt_id_ttl: 3600
+)

data/lib/anycable/rails/jwt/helper.rb

@@ -0,0 +1,34 @@
+# frozen_string_literal: true
+
+require "uri"
+
+module AnyCable
+  module Rails
+    module JWT # :nodoc:
+      module Helper
+        def action_cable_with_jwt_meta_tag(**identifiers)
+          # From: https://github.com/rails/rails/blob/main/actioncable/lib/action_cable/helpers/action_cable_helper.rb
+          base_url = ActionCable.server.config.url ||
+            ActionCable.server.config.mount_path ||
+            raise("No Action Cable URL configured -- please configure this at config.action_cable.url")
+
+          token = JWT.encode(**identifiers)
+
+          parts = [base_url, "#{AnyCable.config.jwt_id_param}=#{token}"]
+
+          uri = URI.parse(base_url)
+
+          url = parts.join(uri.query ? "&" : "?")
+
+          tag "meta", name: "action-cable-url", content: url
+        end
+
+        def any_cable_jwt_meta_tag(**identifiers)
+          token = JWT.encode(**identifiers)
+
+          tag "meta", name: "any-cable-jwt", content: token
+        end
+      end
+    end
+  end
+end

data/lib/anycable/rails/jwt/railtie.rb

@@ -0,0 +1,17 @@
+# frozen_string_literal: true
+
+require "anycable/rails/jwt/helper"
+
+module AnyCable
+  module Rails
+    module JWT # :nodoc:
+      class Railtie < ::Rails::Railtie # :nodoc:
+        initializer "anycable_rails_jwt.helpers" do
+          ActiveSupport.on_load(:action_view) do
+            include AnyCable::Rails::JWT::Helper
+          end
+        end
+      end
+    end
+  end
+end

data/lib/anycable/rails/jwt/version.rb

@@ -0,0 +1,9 @@
+# frozen_string_literal: true
+
+module AnyCable
+  module Rails
+    module JWT # :nodoc:
+      VERSION = "0.1.0"
+    end
+  end
+end

data/lib/anycable-rails-jwt.rb

@@ -0,0 +1,45 @@
+# frozen_string_literal: true
+
+require "jwt"
+require "json"
+require "anycable-rails"
+
+require "anycable/rails/jwt/version"
+require "anycable/rails/jwt/config"
+
+module AnyCable
+  module Rails
+    module JWT
+      ALGORITHM = "HS256"
+
+      class << self
+        def encode(expires_at: nil, **identifiers)
+          key = AnyCable.config.jwt_id_key
+          raise ArgumentError, "JWT encryption key is not specified. Add it via `jwt_id_key` option" if key.blank?
+
+          expires_at ||= AnyCable.config.jwt_id_ttl.seconds.from_now
+
+          serialized_ids = identifiers.transform_values { |v| AnyCable::Rails.serialize(v) }
+
+          payload = {ext: serialized_ids.to_json, exp: expires_at.to_i}
+
+          ::JWT.encode(payload, key, ALGORITHM)
+        end
+
+        def decode(token)
+          key = AnyCable.config.jwt_id_key
+          raise ArgumentError, "JWT encryption key is not specified. Add it via `jwt_id_key` option" if key.blank?
+
+          ::JWT.decode(token, key, true, {algorithm: ALGORITHM}).then do |decoded|
+            JSON.parse(decoded.first.fetch("ext"))
+          end.then do |serialized_ids|
+            serialized_ids.transform_values! { |v| AnyCable::Rails.deserialize(v) }
+            serialized_ids
+          end
+        end
+      end
+    end
+  end
+end
+
+require "anycable/rails/jwt/railtie" if defined?(Rails::Railtie)

metadata

@@ -0,0 +1,140 @@
+--- !ruby/object:Gem::Specification
+name: anycable-rails-jwt
+version: !ruby/object:Gem::Version
+  version: 0.1.0
+platform: ruby
+authors:
+- Vladimir Dementyev
+autorequire:
+bindir: bin
+cert_chain: []
+date: 2021-09-23 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: anycable-rails
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.1'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.1'
+- !ruby/object:Gem::Dependency
+  name: jwt
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.2'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.2'
+- !ruby/object:Gem::Dependency
+  name: bundler
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '1.15'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '1.15'
+- !ruby/object:Gem::Dependency
+  name: combustion
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '1.1'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '1.1'
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '13.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '13.0'
+- !ruby/object:Gem::Dependency
+  name: rspec-rails
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '4.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '4.0'
+description: AnyCable Rails helpers for JWT-based authentication
+email:
+- dementiev.vm@gmail.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- CHANGELOG.md
+- LICENSE.txt
+- README.md
+- lib/anycable-rails-jwt.rb
+- lib/anycable/rails/jwt/config.rb
+- lib/anycable/rails/jwt/helper.rb
+- lib/anycable/rails/jwt/railtie.rb
+- lib/anycable/rails/jwt/version.rb
+homepage: http://github.com/anycable/anycable-rails-jwt
+licenses:
+- MIT
+metadata:
+  bug_tracker_uri: http://github.com/anycable/anycable-rails-jwt/issues
+  changelog_uri: https://github.com/anycable/anycable-rails-jwt/blob/master/CHANGELOG.md
+  documentation_uri: http://github.com/anycable/anycable-rails-jwt
+  homepage_uri: http://github.com/anycable/anycable-rails-jwt
+  source_code_uri: http://github.com/anycable/anycable-rails-jwt
+post_install_message:
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '2.6'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubygems_version: 3.2.15
+signing_key:
+specification_version: 4
+summary: AnyCable Rails helpers for JWT-based authentication
+test_files: []