atomic_tenant 1.2.0 → 1.2.1

Sign up to get free protection for your applications and to get access to all the features.
Files changed (5) hide show
  1. checksums.yaml +4 -4
  2. data/lib/atomic_tenant/current_application_instance_middleware.rb +4 -3
  3. data/lib/atomic_tenant/jwt_token.rb +6 -4
  4. data/lib/atomic_tenant/version.rb +1 -1
  5. metadata +3 -3
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 1fb823e9a69ae301f4c54a2fdd0212a1ab1a722d8a29693eb19ab368bfe20426
4
- data.tar.gz: 5dfc41443847da7d515de0aea9303d44cacac5ba424fbc9e2837335221c90a59
3
+ metadata.gz: 6e57d91be8f21aae13497dd47d5f8994255db2ed06c8ca4a56d5146f7e6c5f41
4
+ data.tar.gz: 50e61c38f180111756a40610dfa4b393c6338502cf6a44f6bb6d3990b8e5a003
5
5
  SHA512:
6
- metadata.gz: 178f0e154893bed333c5d1a308b6598c795b5516b9884083fc4303e57949cc623725a282bf7c7d6a01ae1bb334eb9d73bdc1e8fc5ad5986cb015f377eb0bfd11
7
- data.tar.gz: de989225aac86e31b254e23c514bf1714bae793f319e63f48bcb140b3eb1e233e591c481d7b03e4c20325ac66153c147df9243ec0ddfb87051a2b816f1cd6f2c
6
+ metadata.gz: d47e3b7877366c0d0c4ed86c077855cb782ab61dacc8cece23a64340bae92272b7dade2fb29d39870fe2efce38594b08e9e840011a762634f1c7240a2ddab58b
7
+ data.tar.gz: 83a990b687230361365f9708795bef710e88ef0c7651685459458531bd3e75aa60798e25ead2af5fe3f7f5b8d2f0d4ce066e4c222aadd71d1be4db3551ba4876
data/lib/atomic_tenant/current_application_instance_middleware.rb CHANGED
@@ -57,14 +57,15 @@ module AtomicTenant
57
57
  env['atomic.validated.application_instance_id'] = app_instance.id
58
58
  elsif encoded_token(request).present?
59
59
  token = encoded_token(request)
60
- # TODO: decoded token should be put on request
61
- decoded_token = AtomicTenant::JwtToken.decode(token)
60
+ # We don't validate the token here because this step is only designed to set
61
+ # the tenant for the request. If the token is invalid or expired the app must
62
+ # return 401 or take other action.
63
+ decoded_token = AtomicTenant::JwtToken.decode(token, validate: false)
62
64
  if decoded_token.present? && decoded_token.first.present?
63
65
  if app_instance_id = decoded_token.first['application_instance_id']
64
66
  env['atomic.validated.application_instance_id'] = app_instance_id
65
67
  end
66
68
  end
67
-
68
69
  end
69
70
 
70
71
  rescue StandardError => e
data/lib/atomic_tenant/jwt_token.rb CHANGED
@@ -1,17 +1,19 @@
1
1
  module AtomicTenant
2
2
  module JwtToken
3
3
  class InvalidTokenError < StandardError; end
4
-
4
+
5
5
  ALGORITHM = "HS512".freeze
6
6
 
7
- def self.decode(token, algorithm = ALGORITHM)
7
+ def self.decode(token, algorithm = ALGORITHM, validate: true)
8
8
  decoded_token = JWT.decode(
9
9
  token,
10
10
  AtomicTenant.jwt_secret,
11
- true,
11
+ validate,
12
12
  { algorithm: algorithm },
13
13
  )
14
- raise InvalidTokenError if AtomicTenant.jwt_aud != decoded_token[0]["aud"]
14
+ if AtomicTenant.jwt_aud != decoded_token[0]["aud"]
15
+ return nil
16
+ end
15
17
 
16
18
  decoded_token
17
19
  end
data/lib/atomic_tenant/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module AtomicTenant
2
- VERSION = '1.2.0'
2
+ VERSION = '1.2.1'
3
3
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: atomic_tenant
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.2.0
4
+ version: 1.2.1
5
5
  platform: ruby
6
6
  authors:
7
7
  - Nick Benoit
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2023-08-16 00:00:00.000000000 Z
11
+ date: 2023-09-20 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: atomic_lti
@@ -87,7 +87,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
87
87
  - !ruby/object:Gem::Version
88
88
  version: '0'
89
89
  requirements: []
90
- rubygems_version: 3.4.15
90
+ rubygems_version: 3.4.19
91
91
  signing_key:
92
92
  specification_version: 4
93
93
  summary: Summary of AtomicTenant.