aserto 0.20.2 → 0.20.4

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: e916a9ac3365c314426fc9e8cc2ab563051b7577990e113d80f3770810d0af6d
4
- data.tar.gz: 69cf001c50f1e090fc108e10bf6342cefbc80bdb7f357d1b2541081347538ac5
3
+ metadata.gz: 96e9f934b980519a7f6f2a737ba3f3120a255fdcaff12a9adf4b343e4b74df27
4
+ data.tar.gz: 775bf4b1af000a1fed33d3dd1a86073cb8d021ca3220b941919d3ba58ce3903d
5
5
  SHA512:
6
- metadata.gz: 98378b09ed4fceb6ad3baef6b92418fc030e32e218007591adfa6ae6792a77d4be3de685b760831e5d6fcb3381990bf37182519ca4dd607f8b7294e67ea0292b
7
- data.tar.gz: b044a93082d419936600ef467388208d2721a8e0c731d2df926db73c3412371abef0cd4f45a68b29fef0649a743f02fc3b06cd2e0845427196c35f808790485e
6
+ metadata.gz: d25293714c54198bf6ecbfadde8fde7b99e329205a95bd56bd74691d1afafb359f086ee09a68f6c82560f45b4b5107d6405d8b24787a68b93210b1f3bbcd9fef
7
+ data.tar.gz: 833aa4f4416ca12352a857557c53433e129bf80768c9d3d4df5f7ad948c48c114295d929497f3e1eb64552ba2fd64cb7e20ea229259b6fec6c7cd523a9007da4
data/README.md CHANGED
@@ -1,16 +1,10 @@
1
- # Ruby Rack Middleware for Aserto
1
+ # Aserto Ruby SDK
2
2
 
3
3
  [![Gem Version](https://badge.fury.io/rb/aserto.svg)](https://badge.fury.io/rb/aserto)
4
4
  [![ci](https://github.com/aserto-dev/aserto-ruby/actions/workflows/ci.yaml/badge.svg)](https://github.com/aserto-dev/aserto-ruby/actions/workflows/ci.yaml)
5
5
  [![slack](https://img.shields.io/badge/slack-Aserto%20Community-brightgreen)](https://asertocommunity.slack.com
6
6
  )
7
7
 
8
- `Aserto::Authorization` is a middleware that allows Ruby applications to use Aserto as the Authorization provider.
9
-
10
- ## Prerequisites
11
- * [Ruby](https://www.ruby-lang.org/en/downloads/) 2.7 or newer.
12
- * An [Aserto](https://console.aserto.com) account.
13
-
14
8
  ## Installation
15
9
  Add to your application Gemfile:
16
10
 
@@ -27,7 +21,117 @@ Or install it yourself as:
27
21
  gem install aserto
28
22
  ```
29
23
 
30
- ## Configuration
24
+ ## Directory
25
+
26
+ The Directory APIs can be used to get or set object instances and relation instances. They can also be used to check whether a user has a permission or relation on an object instance.
27
+
28
+ ### Directory Client
29
+
30
+ You can initialize a directory client as follows:
31
+
32
+ ```ruby
33
+ require 'aserto/directory/client'
34
+
35
+ directory_client = Aserto::Directory::Client.new(
36
+ url: "directory.eng.aserto.com:8443",
37
+ tenant_id: "aserto-tenant-id",
38
+ api_key: "basic directory api key",
39
+ )
40
+ ```
41
+
42
+ - `url`: hostname:port of directory service (_required_)
43
+ - `api_key`: API key for directory service (_required_ if using hosted directory)
44
+ - `tenant_id`: Aserto tenant ID (_required_ if using hosted directory)
45
+ - `cert_path`: Path to the grpc service certificate when connecting to local topaz instance.
46
+
47
+ ### Getting objects and relations
48
+ Get an object instance with the type `type-name` and the key `object-key`. For example:
49
+
50
+ ```ruby
51
+ user = directory_client.object(type: 'user', key: 'euang@acmecorp.com')
52
+ ```
53
+
54
+ Get an array of relations of a certain type for an object instance. For example:
55
+
56
+ ```ruby
57
+ identity = 'euang@acmecorp.com';
58
+ relations = directory_client.relation(
59
+ {
60
+ subject: {
61
+ type: 'user',
62
+ },
63
+ object: {
64
+ type: 'identity',
65
+ key: identity
66
+ },
67
+ relation: {
68
+ name: 'identifier',
69
+ objectType: 'identity'
70
+ }
71
+ }
72
+ )
73
+ ```
74
+
75
+ ### Setting objects and relations
76
+
77
+ Create a new object
78
+ ```ruby
79
+ user = directory_client.set_object(object: { type: "user", key: "test-object", display_name: "test object" })
80
+ identity = directory_client.set_object(object: { type: "identity", key: "test-identity" })
81
+ ```
82
+
83
+ Update an existing object
84
+ ```ruby
85
+ user = directory_client.set_object(object: { type: "user", key: "test-object", display_name: "test object" })
86
+ user.display_name = 'test object edit'
87
+ updated_user = directory_client.set_object(object: user)
88
+ ```
89
+
90
+ Create a new relation
91
+ ```ruby
92
+ directory_client.set_relation(
93
+ subject: { type: "user", "test-object" },
94
+ relation: "identifier",
95
+ object: { type: "identity", key: "test-identity" }
96
+ )
97
+ ```
98
+
99
+ Delete a relation
100
+ ```ruby
101
+ pp client.delete_relation(
102
+ subject: { type: "user", key: "test-object" },
103
+ relation: { name: "identifier", object_type: "identity" },
104
+ object: { type: "identity", key: "test-identity" }
105
+ )
106
+ ```
107
+
108
+ ### Checking permissions and relations
109
+ Check permission
110
+ ```ruby
111
+ directory_client.check_permission(
112
+ subject: { type: "user", key: "011a88bc-7df9-4d92-ba1f-2ff319e101e1" },
113
+ permission: { name: "read" },
114
+ object: { type: "group", key: "executive" }
115
+ )
116
+ ```
117
+
118
+ Check relation
119
+ ```ruby
120
+ directory_client.check_relation(
121
+ subject: { type: "user", key: "dfdadc39-7335-404d-af66-c77cf13a15f8" },
122
+ relation: { name: "identifier", object_type: "identity" },
123
+ object: { type: "identity", key: "euang@acmecorp.com" }
124
+ )
125
+ ```
126
+
127
+ ## Authorizer
128
+ `Aserto::Authorization` is a middleware that allows Ruby applications to use Aserto as the Authorization provider.
129
+
130
+ ### Prerequisites
131
+ * [Ruby](https://www.ruby-lang.org/en/downloads/) 2.7 or newer.
132
+ * An [Aserto](https://console.aserto.com) account.
133
+
134
+ ### Configuration
31
135
  The following configuration settings are required for the authorization middleware:
32
136
  - policy_root
33
137
 
@@ -50,7 +154,7 @@ The middleware accepts the following optional parameters:
50
154
  | disabled_for | `[{}]` | Which path and actions to skip the authorization for. |
51
155
  | on_unauthorized | `-> { return [403, {}, ["Forbidden"]] }`| A lambda that is executed when the authorization fails. |
52
156
 
53
- ## Identity
157
+ ### Identity
54
158
  To determine the identity of the user, the middleware can be configured to use a JWT token or a claim using the `identity_mapping` config.
55
159
  ```ruby
56
160
  # configure the middleware to use a JWT token from the `my-auth-header` header.
@@ -82,7 +186,7 @@ Aserto.with_identity_mapper do |request|
82
186
  end
83
187
  ```
84
188
 
85
- ## URL path to policy mapping
189
+ ### URL path to policy mapping
86
190
  By default, when computing the policy path, the middleware:
87
191
  * converts all slashes to dots
88
192
  * converts any character that is not alpha, digit, dot or underscore to underscore
@@ -101,7 +205,7 @@ Aserto.with_policy_path_mapper do |policy_root, request|
101
205
  end
102
206
  ```
103
207
 
104
- ## Resource
208
+ ### Resource
105
209
  A resource can be any structured data that the authorization policy uses to evaluate decisions. By default, middleware does not include a resource in authorization calls.
106
210
 
107
211
  This behaviour can be overwritten by providing a custom function:
@@ -115,14 +219,14 @@ Aserto.with_resource_mapper do |request|
115
219
  end
116
220
  ```
117
221
 
118
- ## Disable authorization for specific paths
222
+ ### Disable authorization for specific paths
119
223
 
120
224
  The middleware exposes a `disable_for` configuration option that
121
225
  accepts an array of hashes with the following keys:
122
226
  - path - the path to disable authorization for
123
227
  - actions - an array of actions to disable authorization for
124
228
 
125
- ### Rails
229
+ #### Rails
126
230
  You can find the paths and actions using `bundle exec rails routes`
127
231
  ```bash
128
232
  bundle exec rails routes
@@ -142,9 +246,9 @@ config.disabled_for = [
142
246
  }
143
247
  ]
144
248
  ```
145
- ## Examples
249
+ ### Examples
146
250
 
147
- ### Rails
251
+ #### Rails
148
252
  ```ruby
149
253
  # config/initializers/aserto.rb
150
254
 
@@ -179,7 +283,7 @@ Rails.application.config.middleware.use Aserto::Authorization do |config|
179
283
  end
180
284
  ```
181
285
 
182
- ### Sinatra
286
+ #### Sinatra
183
287
  ```ruby
184
288
  # server.rb
185
289
 
data/VERSION CHANGED
@@ -1 +1 @@
1
- 0.20.2
1
+ 0.20.4
@@ -47,8 +47,9 @@ module Aserto
47
47
  private
48
48
 
49
49
  def load_creds
50
- if File.file?(config.cert_path)
51
- GRPC::Core::ChannelCredentials.new(File.read(config.cert_path))
50
+ cert_path = config.cert_path
51
+ if cert_path && File.file?(cert_path)
52
+ GRPC::Core::ChannelCredentials.new(File.read(cert_path))
52
53
  else
53
54
  GRPC::Core::ChannelCredentials.new
54
55
  end
@@ -0,0 +1,143 @@
1
+ # frozen_string_literal: true
2
+
3
+ require "aserto/directory"
4
+ require_relative "interceptors/headers"
5
+ require_relative "requests"
6
+
7
+ module Aserto
8
+ module Directory
9
+ class Client
10
+ include Requests
11
+
12
+ # Creates a new Directory Client
13
+ #
14
+ # @param url [String] the gRpc url of the directory server
15
+ # @param api_key [String] the api key of the directory server(for hosted directory)
16
+ # @param tenant_id [String] the tenant id of the directory server(for hosted directory)
17
+ # @param cert_path [String] the path to the certificates folder
18
+ #
19
+ # @return [Aserto::Directory::Client] the new Directory Client
20
+ def initialize(url: "directory.prod.aserto.com:8443", api_key: nil, tenant_id: nil, cert_path: nil)
21
+ @reader_client = ::Aserto::Directory::Reader::V2::Reader::Stub.new(
22
+ url,
23
+ load_creds(cert_path),
24
+ interceptors: [Interceptors::Headers.new(api_key, tenant_id)]
25
+ )
26
+ @writer_client = ::Aserto::Directory::Writer::V2::Writer::Stub.new(
27
+ url,
28
+ load_creds(cert_path),
29
+ interceptors: [Interceptors::Headers.new(api_key, tenant_id)]
30
+ )
31
+ end
32
+
33
+ # Check permissions
34
+ #
35
+ # @param subject [::Aserto::Directory::Common::V2::ObjectIdentifier]
36
+ # @param permission [String] permission name to be checked
37
+ # @param object [::Aserto::Directory::Common::V2::ObjectIdentifier]
38
+ # @param trace [Boolean] whether to enable tracing
39
+ #
40
+ # @return [Boolean]
41
+ def check_permission(subject:, permission:, object:, trace: false)
42
+ reader_client.check_permission(check_permission_request(subject, permission, object, trace))
43
+ end
44
+
45
+ # Check relation
46
+ #
47
+ # @param subject [::Aserto::Directory::Common::V2::ObjectIdentifier]
48
+ # @param relation [::Aserto::Directory::Common::V2::RelationTypeIdentifier] relation name to be checked
49
+ # @param object [::Aserto::Directory::Common::V2::ObjectIdentifier]
50
+ # @param trace [Boolean] whether to enable tracing
51
+ #
52
+ # @return [Boolean]
53
+ def check_relation(subject:, relation:, object:, trace: false)
54
+ reader_client.check_relation(check_relation_request(subject, relation, object, trace))
55
+ end
56
+
57
+ # Get an object by type and key
58
+ #
59
+ # @param type [String] the type of object
60
+ # @param key [String] the key of the object
61
+ #
62
+ # @return [::Aserto::Directory::Common::V2::Object]
63
+ def object(type:, key:)
64
+ reader_client.get_object(object_request(key, type)).result
65
+ end
66
+
67
+ # Set an object
68
+ #
69
+ # @param object [::Aserto::Directory::Common::V2::Object]
70
+ #
71
+ # @return [::Aserto::Directory::Common::V2::Object] the created/updated object
72
+ def set_object(object:)
73
+ writer_client.set_object(new_object_request(object)).result
74
+ end
75
+
76
+ # Get a list of objects by type
77
+ #
78
+ # @param type [String] the type of objects
79
+ # @param page [::Aserto::Directory::Common::V2::PaginationRequest]
80
+ #
81
+ # @return [Array<::Aserto::Directory::Common::V2::Object>]
82
+ def objects(type:, page: nil)
83
+ reader_client.get_objects(objects_request(type, page)).results
84
+ end
85
+
86
+ # Get a relation
87
+ #
88
+ # @param subject [::Aserto::Directory::Common::V2::ObjectIdentifier]
89
+ # @param relation [::Aserto::Directory::Common::V2::RelationTypeIdentifier]
90
+ # @param object [::Aserto::Directory::Common::V2::ObjectIdentifier]
91
+ #
92
+ # @return [::Aserto::Directory::Common::V2::Relation]
93
+ def relation(subject: nil, relation: nil, object: nil)
94
+ reader_client.get_relation(relation_request(subject, relation, object)).results
95
+ end
96
+
97
+ # Get a list of relations
98
+ #
99
+ # @param subject [::Aserto::Directory::Common::V2::ObjectIdentifier]
100
+ # @param relation [::Aserto::Directory::Common::V2::RelationTypeIdentifier]
101
+ # @param object [::Aserto::Directory::Common::V2::ObjectIdentifier]
102
+ #
103
+ # @return [Array<::Aserto::Directory::Common::V2::Relation>]
104
+ def relations(subject: nil, relation: nil, object: nil, page: nil)
105
+ reader_client.get_relations(relations_request(subject, relation, object, page)).results
106
+ end
107
+
108
+ # Set a relation
109
+ # @param subject [::Aserto::Directory::Common::V2::ObjectIdentifier]
110
+ # @param relation [String] name of the relation
111
+ # @param object [::Aserto::Directory::Common::V2::ObjectIdentifier]
112
+ # @param hash [String] hash of the relation(required for updating a relation)
113
+ #
114
+ # @return [::Aserto::Directory::Common::V2::Relation] the created/updated relation
115
+ def set_relation(subject:, relation:, object:, hash: nil)
116
+ writer_client.set_relation(new_relation_request(subject, relation, object, hash)).result
117
+ end
118
+
119
+ # Delete a relation
120
+ #
121
+ # @param subject [::Aserto::Directory::Common::V2::ObjectIdentifier]
122
+ # @param relation [::Aserto::Directory::Common::V2::RelationTypeIdentifier]
123
+ # @param object [::Aserto::Directory::Common::V2::ObjectIdentifier]
124
+ #
125
+ # @return nil
126
+ def delete_relation(subject:, relation:, object:)
127
+ writer_client.delete_relation(delete_relation_request(subject, relation, object))
128
+ end
129
+
130
+ private
131
+
132
+ attr_reader :reader_client, :writer_client
133
+
134
+ def load_creds(cert_path)
135
+ if cert_path && File.file?(cert_path)
136
+ GRPC::Core::ChannelCredentials.new(File.read(cert_path))
137
+ else
138
+ GRPC::Core::ChannelCredentials.new
139
+ end
140
+ end
141
+ end
142
+ end
143
+ end
@@ -0,0 +1,22 @@
1
+ # frozen_string_literal: true
2
+
3
+ module Aserto
4
+ module Directory
5
+ module Interceptors
6
+ class Headers < GRPC::ClientInterceptor
7
+ def initialize(api_key, tenant_id)
8
+ @api_key = api_key
9
+ @tenant_id = tenant_id
10
+ super()
11
+ end
12
+
13
+ def request_response(method:, request:, call:, metadata:)
14
+ metadata["aserto-tenant-id"] = @tenant_id
15
+ metadata["authorization"] = @api_key
16
+
17
+ yield(method, request, call, metadata)
18
+ end
19
+ end
20
+ end
21
+ end
22
+ end
@@ -0,0 +1,95 @@
1
+ # frozen_string_literal: true
2
+
3
+ module Aserto
4
+ module Directory
5
+ module Requests
6
+ private
7
+
8
+ def check_permission_request(subject, permission, object, trace)
9
+ subject_identifier = ::Aserto::Directory::Common::V2::ObjectIdentifier.new(subject)
10
+ permission_identifier = ::Aserto::Directory::Common::V2::PermissionIdentifier.new(permission)
11
+ object_identifier = ::Aserto::Directory::Common::V2::ObjectIdentifier.new(object)
12
+ ::Aserto::Directory::Reader::V2::CheckPermissionRequest.new(
13
+ {
14
+ object: object_identifier,
15
+ subject: subject_identifier,
16
+ permission: permission_identifier,
17
+ trace: trace
18
+ }
19
+ )
20
+ end
21
+
22
+ def check_relation_request(subject, relation, object, trace)
23
+ subject_identifier = ::Aserto::Directory::Common::V2::ObjectIdentifier.new(subject)
24
+ relation_identifier = ::Aserto::Directory::Common::V2::RelationTypeIdentifier.new(relation)
25
+ object_identifier = ::Aserto::Directory::Common::V2::ObjectIdentifier.new(object)
26
+ ::Aserto::Directory::Reader::V2::CheckRelationRequest.new(
27
+ {
28
+ object: object_identifier,
29
+ subject: subject_identifier,
30
+ relation: relation_identifier,
31
+ trace: trace
32
+ }
33
+ )
34
+ end
35
+
36
+ def object_request(key, type)
37
+ object_identifier = ::Aserto::Directory::Common::V2::ObjectIdentifier.new(type: type, key: key)
38
+ ::Aserto::Directory::Reader::V2::GetObjectRequest.new(param: object_identifier)
39
+ end
40
+
41
+ def new_object_request(object)
42
+ ::Aserto::Directory::Writer::V2::SetObjectRequest.new(object: object)
43
+ end
44
+
45
+ def objects_request(type, page)
46
+ object_type_identifier = ::Aserto::Directory::Common::V2::ObjectTypeIdentifier.new(
47
+ { name: type }
48
+ )
49
+ ::Aserto::Directory::Reader::V2::GetObjectsRequest.new(param: object_type_identifier, page: page)
50
+ end
51
+
52
+ def relation_request(subject, relation, object)
53
+ ::Aserto::Directory::Reader::V2::GetRelationRequest.new(
54
+ param: relation_identifier(subject, relation, object)
55
+ )
56
+ end
57
+
58
+ def relations_request(subject, relation, object, page)
59
+ ::Aserto::Directory::Reader::V2::GetRelationsRequest.new(
60
+ param: relation_identifier(subject, relation, object),
61
+ page: page
62
+ )
63
+ end
64
+
65
+ def new_relation_request(subject, relation, object, hash)
66
+ subject_identifier = ::Aserto::Directory::Common::V2::ObjectIdentifier.new(subject)
67
+ object_identifier = ::Aserto::Directory::Common::V2::ObjectIdentifier.new(object)
68
+ ::Aserto::Directory::Writer::V2::SetRelationRequest.new(
69
+ {
70
+ relation: {
71
+ subject: subject_identifier,
72
+ relation: relation,
73
+ object: object_identifier,
74
+ hash: hash
75
+ }
76
+ }
77
+ )
78
+ end
79
+
80
+ def delete_relation_request(subject, relation, object)
81
+ ::Aserto::Directory::Writer::V2::DeleteRelationRequest.new(
82
+ param: relation_identifier(subject, relation, object)
83
+ )
84
+ end
85
+
86
+ def relation_identifier(subject, relation, object)
87
+ relation_identifier = ::Aserto::Directory::Common::V2::RelationIdentifier.new
88
+ relation_identifier.subject = ::Aserto::Directory::Common::V2::ObjectIdentifier.new(subject) if subject
89
+ relation_identifier.relation = ::Aserto::Directory::Common::V2::RelationTypeIdentifier.new(relation) if relation
90
+ relation_identifier.object = ::Aserto::Directory::Common::V2::ObjectIdentifier.new(object) if object
91
+ relation_identifier
92
+ end
93
+ end
94
+ end
95
+ end
data/lib/aserto.rb CHANGED
@@ -11,6 +11,7 @@ require_relative "aserto/identity_mapper"
11
11
  require_relative "aserto/resource_mapper"
12
12
  require_relative "aserto/auth_client"
13
13
  require_relative "aserto/errors"
14
+ require_relative "aserto/directory/client"
14
15
 
15
16
  module Aserto
16
17
  class << self
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: aserto
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.20.2
4
+ version: 0.20.4
5
5
  platform: ruby
6
6
  authors:
7
7
  - Aserto
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2022-10-26 00:00:00.000000000 Z
11
+ date: 2023-05-29 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: aserto-authorizer
@@ -25,123 +25,47 @@ dependencies:
25
25
  - !ruby/object:Gem::Version
26
26
  version: 0.0.3
27
27
  - !ruby/object:Gem::Dependency
28
- name: jwt
29
- requirement: !ruby/object:Gem::Requirement
30
- requirements:
31
- - - "~>"
32
- - !ruby/object:Gem::Version
33
- version: '2.4'
34
- type: :runtime
35
- prerelease: false
36
- version_requirements: !ruby/object:Gem::Requirement
37
- requirements:
38
- - - "~>"
39
- - !ruby/object:Gem::Version
40
- version: '2.4'
41
- - !ruby/object:Gem::Dependency
42
- name: rack
43
- requirement: !ruby/object:Gem::Requirement
44
- requirements:
45
- - - "~>"
46
- - !ruby/object:Gem::Version
47
- version: '2.0'
48
- type: :runtime
49
- prerelease: false
50
- version_requirements: !ruby/object:Gem::Requirement
51
- requirements:
52
- - - "~>"
53
- - !ruby/object:Gem::Version
54
- version: '2.0'
55
- - !ruby/object:Gem::Dependency
56
- name: bundler
28
+ name: aserto-directory
57
29
  requirement: !ruby/object:Gem::Requirement
58
30
  requirements:
59
31
  - - ">="
60
32
  - !ruby/object:Gem::Version
61
- version: 1.15.0
62
- - - "<"
63
- - !ruby/object:Gem::Version
64
- version: '3.0'
65
- type: :development
33
+ version: 0.0.2
34
+ type: :runtime
66
35
  prerelease: false
67
36
  version_requirements: !ruby/object:Gem::Requirement
68
37
  requirements:
69
38
  - - ">="
70
39
  - !ruby/object:Gem::Version
71
- version: 1.15.0
72
- - - "<"
73
- - !ruby/object:Gem::Version
74
- version: '3.0'
40
+ version: 0.0.2
75
41
  - !ruby/object:Gem::Dependency
76
- name: codecov
77
- requirement: !ruby/object:Gem::Requirement
78
- requirements:
79
- - - "~>"
80
- - !ruby/object:Gem::Version
81
- version: '0.6'
82
- type: :development
83
- prerelease: false
84
- version_requirements: !ruby/object:Gem::Requirement
85
- requirements:
86
- - - "~>"
87
- - !ruby/object:Gem::Version
88
- version: '0.6'
89
- - !ruby/object:Gem::Dependency
90
- name: grpc_mock
91
- requirement: !ruby/object:Gem::Requirement
92
- requirements:
93
- - - "~>"
94
- - !ruby/object:Gem::Version
95
- version: '0.4'
96
- type: :development
97
- prerelease: false
98
- version_requirements: !ruby/object:Gem::Requirement
99
- requirements:
100
- - - "~>"
101
- - !ruby/object:Gem::Version
102
- version: '0.4'
103
- - !ruby/object:Gem::Dependency
104
- name: rspec
105
- requirement: !ruby/object:Gem::Requirement
106
- requirements:
107
- - - "~>"
108
- - !ruby/object:Gem::Version
109
- version: '3.0'
110
- type: :development
111
- prerelease: false
112
- version_requirements: !ruby/object:Gem::Requirement
113
- requirements:
114
- - - "~>"
115
- - !ruby/object:Gem::Version
116
- version: '3.0'
117
- - !ruby/object:Gem::Dependency
118
- name: rubocop-performance
42
+ name: jwt
119
43
  requirement: !ruby/object:Gem::Requirement
120
44
  requirements:
121
45
  - - "~>"
122
46
  - !ruby/object:Gem::Version
123
- version: '1.14'
124
- type: :development
47
+ version: '2.4'
48
+ type: :runtime
125
49
  prerelease: false
126
50
  version_requirements: !ruby/object:Gem::Requirement
127
51
  requirements:
128
52
  - - "~>"
129
53
  - !ruby/object:Gem::Version
130
- version: '1.14'
54
+ version: '2.4'
131
55
  - !ruby/object:Gem::Dependency
132
- name: rubocop-rspec
56
+ name: rack
133
57
  requirement: !ruby/object:Gem::Requirement
134
58
  requirements:
135
59
  - - "~>"
136
60
  - !ruby/object:Gem::Version
137
- version: '2.11'
138
- type: :development
61
+ version: '2.0'
62
+ type: :runtime
139
63
  prerelease: false
140
64
  version_requirements: !ruby/object:Gem::Requirement
141
65
  requirements:
142
66
  - - "~>"
143
67
  - !ruby/object:Gem::Version
144
- version: '2.11'
68
+ version: '2.0'
145
69
  description: Aserto Middleware
146
70
  email:
147
71
  - aserto@aserto.com
@@ -156,6 +80,9 @@ files:
156
80
  - lib/aserto/auth_client.rb
157
81
  - lib/aserto/authorization.rb
158
82
  - lib/aserto/config.rb
83
+ - lib/aserto/directory/client.rb
84
+ - lib/aserto/directory/interceptors/headers.rb
85
+ - lib/aserto/directory/requests.rb
159
86
  - lib/aserto/errors.rb
160
87
  - lib/aserto/identity_mapper.rb
161
88
  - lib/aserto/identity_mapper/base.rb
@@ -192,7 +119,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
192
119
  - !ruby/object:Gem::Version
193
120
  version: '0'
194
121
  requirements: []
195
- rubygems_version: 3.3.7
122
+ rubygems_version: 3.4.10
196
123
  signing_key:
197
124
  specification_version: 4
198
125
  summary: Aserto Middleware