auth0_current_user 0.1.0.4 → 0.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/.gitignore +1 -0
- data/Gemfile.lock +0 -2
- data/README.md +21 -5
- data/auth0_current_user.gemspec +1 -2
- data/lib/auth0_current_user/api_secured.rb +65 -0
- data/lib/auth0_current_user/configuration.rb +2 -1
- data/lib/auth0_current_user/json_web_token.rb +5 -3
- data/lib/auth0_current_user/version.rb +1 -1
- data/lib/auth0_current_user/web_secured.rb +57 -0
- data/lib/auth0_current_user.rb +2 -1
- metadata +7 -26
- data/.idea/.gitignore +0 -8
- data/.idea/.rakeTasks +0 -7
- data/.idea/auth0_current_user.iml +0 -28
- data/.idea/misc.xml +0 -4
- data/.idea/modules.xml +0 -8
- data/.idea/vcs.xml +0 -6
- data/lib/auth0_current_user/secured.rb +0 -66
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: e328e498710b8747cd3b3e6fa46321c0421023a601b67baa4f73b5a6661a4547
|
4
|
+
data.tar.gz: 5a7d9ac31f4a0f1497f3cc03a9bf32d14fa055f8ed1db7789d6894c08db0250e
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 15852264e476b984ebf02119c91728cefff2e6c0e67c8c13b774acb70910a65a0875986fd6a54795434c695c56c62320d1b603a466fe0e25aab376836a5c78e2
|
7
|
+
data.tar.gz: 81dd34df56d368bdf5ff99fdaefe0d95594d63d623932c887314e50174451e1aa628ecc0bb3caaab160f4088222f80373222733327767a6b9d2f2cffa7bd9066
|
data/.gitignore
CHANGED
data/Gemfile.lock
CHANGED
data/README.md
CHANGED
@@ -1,8 +1,5 @@
|
|
1
1
|
# Auth0CurrentUser
|
2
|
-
|
3
|
-
Welcome to your new gem! In this directory, you'll find the files you need to be able to package up your Ruby library into a gem. Put your Ruby code in the file `lib/auth0_current_user`. To experiment with that code, run `bin/console` for an interactive prompt.
|
4
|
-
|
5
|
-
TODO: Delete this and the text above, and describe your gem
|
2
|
+
[](https://badge.fury.io/rb/auth0_current_user)
|
6
3
|
|
7
4
|
## Installation
|
8
5
|
|
@@ -22,7 +19,26 @@ Or install it yourself as:
|
|
22
19
|
|
23
20
|
## Usage
|
24
21
|
|
25
|
-
|
22
|
+
After including the gem in your Gemfile, run `rails g auth0_current_user:install` to install the initializer. This configuration of the gem is dependant on a couple of attributes:
|
23
|
+
* `auth0_domain`
|
24
|
+
* This is the domain from setting up your Auth0 application.
|
25
|
+
* `auth0_audience`
|
26
|
+
* This is the api identifier that you chose when creating your api(M2M) application
|
27
|
+
* `authenticated_klass`
|
28
|
+
* Defaults to `User`, but if you have a different model name for the class that will be logging in and being authenticate, be sure to change that in the initializeer.
|
29
|
+
* accepted values are symbols or strings
|
30
|
+
* :user, 'user', :User, 'User'
|
31
|
+
* :my_user, 'my_user', :MyUser, 'MyUser'
|
32
|
+
|
33
|
+
To take advantage of the Auth0 authentication there are two flows you can use by simply including the relevant module in which ever controller you wish to lockdown.
|
34
|
+
1. Web
|
35
|
+
|
36
|
+
a. `include Auth0CurrentUser::WebSecured`
|
37
|
+
3. Api
|
38
|
+
|
39
|
+
a. `include Auth0CurrentUser::ApiSecured`
|
40
|
+
|
41
|
+
In either case, you will have access to the `current_user` method. The `WebSecured` will check for `current_user` or `session['userinfo']` and the `ApiSecured` will check against the JsonWebToken being passed in.
|
26
42
|
|
27
43
|
## Development
|
28
44
|
|
data/auth0_current_user.gemspec
CHANGED
@@ -0,0 +1,65 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
require 'jwt'
|
4
|
+
require 'request_store'
|
5
|
+
require 'auth0_current_user/json_web_token'
|
6
|
+
require 'auth0_current_user/configuration'
|
7
|
+
|
8
|
+
module ApiSecured
|
9
|
+
extend ActiveSupport::Concern
|
10
|
+
|
11
|
+
included do
|
12
|
+
before_action :authenticate_request!
|
13
|
+
end
|
14
|
+
|
15
|
+
private
|
16
|
+
|
17
|
+
def authenticate_request!
|
18
|
+
token = auth_token
|
19
|
+
set_current_user(token)
|
20
|
+
|
21
|
+
token
|
22
|
+
rescue JWT::VerificationError, JWT::DecodeError
|
23
|
+
render json: { errors: ['Not Authenticated'] }, status: :unauthorized
|
24
|
+
end
|
25
|
+
|
26
|
+
def http_token
|
27
|
+
if request.headers['Authorization'].present?
|
28
|
+
request.headers['Authorization'].split(' ').last
|
29
|
+
end
|
30
|
+
end
|
31
|
+
|
32
|
+
def auth_token
|
33
|
+
::JsonWebToken.verify(http_token)
|
34
|
+
end
|
35
|
+
|
36
|
+
def get_email(token)
|
37
|
+
::JsonWebToken.get_claim(token, 'email')
|
38
|
+
end
|
39
|
+
|
40
|
+
def set_current_user(token)
|
41
|
+
email = get_email(token)
|
42
|
+
RequestStore.store[:current_user] ||= Kernel.const_get(authenticated_klass).find_by(email: email)
|
43
|
+
end
|
44
|
+
|
45
|
+
def current_user
|
46
|
+
@current_user ||= RequestStore.store[:current_user]
|
47
|
+
end
|
48
|
+
|
49
|
+
def authenticated_klass
|
50
|
+
unless configuration.authenticated_klass
|
51
|
+
raise NotImplementedError, 'You must define the #authenitcated_klass in config/initializers/auth0_current_user'
|
52
|
+
return
|
53
|
+
end
|
54
|
+
|
55
|
+
@authenticated_klass ||= configuration.authenticated_klass.to_s.classify
|
56
|
+
rescue StandardError => e
|
57
|
+
Rails.logger.error(e.message)
|
58
|
+
end
|
59
|
+
|
60
|
+
def configuration
|
61
|
+
@configuration ||= Auth0CurrentUser.configuration
|
62
|
+
end
|
63
|
+
|
64
|
+
end
|
65
|
+
|
@@ -1,11 +1,12 @@
|
|
1
1
|
module Auth0CurrentUser
|
2
2
|
class Configuration
|
3
|
-
attr_accessor :auth0_domain, :auth0_audience, :authenticated_klass
|
3
|
+
attr_accessor :auth0_domain, :auth0_audience, :authenticated_klass, :client_id
|
4
4
|
|
5
5
|
def initialize
|
6
6
|
@auth0_domain = nil
|
7
7
|
@auth0_audience = nil
|
8
8
|
@authenticated_klass = :user
|
9
|
+
@client_id = nil
|
9
10
|
end
|
10
11
|
|
11
12
|
end
|
@@ -1,4 +1,5 @@
|
|
1
1
|
# frozen_string_literal: true
|
2
|
+
|
2
3
|
require 'net/http'
|
3
4
|
require 'uri'
|
4
5
|
require 'jwt'
|
@@ -13,8 +14,8 @@ class JsonWebToken
|
|
13
14
|
verify_iss: true,
|
14
15
|
aud: configuration.auth0_audience,
|
15
16
|
verify_aud: true) do |header|
|
16
|
-
|
17
|
-
|
17
|
+
jwks_hash[header['kid']]
|
18
|
+
end
|
18
19
|
end
|
19
20
|
|
20
21
|
def self.jwks_hash
|
@@ -22,7 +23,7 @@ class JsonWebToken
|
|
22
23
|
jwks_keys = Array(JSON.parse(jwks_raw)['keys'])
|
23
24
|
Hash[
|
24
25
|
jwks_keys
|
25
|
-
|
26
|
+
.map do |k|
|
26
27
|
[
|
27
28
|
k['kid'],
|
28
29
|
OpenSSL::X509::Certificate.new(
|
@@ -41,3 +42,4 @@ class JsonWebToken
|
|
41
42
|
@configuration ||= Auth0CurrentUser::Configuration.new
|
42
43
|
end
|
43
44
|
end
|
45
|
+
|
@@ -0,0 +1,57 @@
|
|
1
|
+
require 'auth0_current_user/configuration'
|
2
|
+
|
3
|
+
module Auth0CurrentUser
|
4
|
+
module WebSecured
|
5
|
+
extend ActiveSupport::Concern
|
6
|
+
|
7
|
+
included do
|
8
|
+
before_action :logged_in_using_omniauth?
|
9
|
+
helper_method :current_user
|
10
|
+
end
|
11
|
+
|
12
|
+
def current_user
|
13
|
+
@_current_user ||= Kernel.const_get(authenticated_klass).find_by(email: email)
|
14
|
+
end
|
15
|
+
|
16
|
+
private
|
17
|
+
|
18
|
+
def authenticated_klass
|
19
|
+
unless configuration.authenticated_klass
|
20
|
+
raise NotImplementedError, 'You must define the #authenitcated_klass in config/initializers/auth0_current_user'
|
21
|
+
return
|
22
|
+
end
|
23
|
+
|
24
|
+
@_authenticated_klass ||= configuration.authenticated_klass.to_s.classify
|
25
|
+
rescue NameError => e
|
26
|
+
Rails.logger.error("You must create a #{authenticated_klass} model/migration")
|
27
|
+
rescue StandardError => e
|
28
|
+
Rails.logger.error(e.message)
|
29
|
+
end
|
30
|
+
|
31
|
+
def configuration
|
32
|
+
@_configuration ||= Configuration.new
|
33
|
+
end
|
34
|
+
|
35
|
+
def email
|
36
|
+
@_email ||= userinfo['email'] || userinfo['name']
|
37
|
+
end
|
38
|
+
|
39
|
+
def logged_in_using_omniauth?
|
40
|
+
redirect_to authorization_endpoint unless session[:userinfo].present? && Time.zone.now < Time.zone.at(userinfo['exp'])
|
41
|
+
end
|
42
|
+
|
43
|
+
def authorization_endpoint
|
44
|
+
@_authorization_endpoint ||= "https://#{configuration.auth0_domain}/authorize?response_type=code&client_id=#{configuration.client_id}"
|
45
|
+
end
|
46
|
+
|
47
|
+
def userinfo
|
48
|
+
session['userinfo'] || {}
|
49
|
+
end
|
50
|
+
|
51
|
+
def configuration
|
52
|
+
@configuration ||= Auth0CurrentUser.configuration
|
53
|
+
end
|
54
|
+
|
55
|
+
end
|
56
|
+
end
|
57
|
+
|
data/lib/auth0_current_user.rb
CHANGED
@@ -1,6 +1,7 @@
|
|
1
1
|
require 'auth0_current_user/version'
|
2
2
|
require 'auth0_current_user/configuration'
|
3
|
-
require 'auth0_current_user/
|
3
|
+
require 'auth0_current_user/api_secured'
|
4
|
+
require 'auth0_current_user/web_secured'
|
4
5
|
|
5
6
|
module Auth0CurrentUser
|
6
7
|
class Error < StandardError; end
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: auth0_current_user
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: '0.3'
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Mike Heft
|
8
|
-
autorequire:
|
8
|
+
autorequire:
|
9
9
|
bindir: exe
|
10
10
|
cert_chain: []
|
11
|
-
date:
|
11
|
+
date: 2022-01-11 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: activesupport
|
@@ -52,20 +52,6 @@ dependencies:
|
|
52
52
|
- - ">="
|
53
53
|
- !ruby/object:Gem::Version
|
54
54
|
version: '0'
|
55
|
-
- !ruby/object:Gem::Dependency
|
56
|
-
name: uri
|
57
|
-
requirement: !ruby/object:Gem::Requirement
|
58
|
-
requirements:
|
59
|
-
- - ">="
|
60
|
-
- !ruby/object:Gem::Version
|
61
|
-
version: '0'
|
62
|
-
type: :runtime
|
63
|
-
prerelease: false
|
64
|
-
version_requirements: !ruby/object:Gem::Requirement
|
65
|
-
requirements:
|
66
|
-
- - ">="
|
67
|
-
- !ruby/object:Gem::Version
|
68
|
-
version: '0'
|
69
55
|
description: Implements Auth0's setup for authentication/authorization along with
|
70
56
|
setting a current_user method.
|
71
57
|
email:
|
@@ -75,12 +61,6 @@ extensions: []
|
|
75
61
|
extra_rdoc_files: []
|
76
62
|
files:
|
77
63
|
- ".gitignore"
|
78
|
-
- ".idea/.gitignore"
|
79
|
-
- ".idea/.rakeTasks"
|
80
|
-
- ".idea/auth0_current_user.iml"
|
81
|
-
- ".idea/misc.xml"
|
82
|
-
- ".idea/modules.xml"
|
83
|
-
- ".idea/vcs.xml"
|
84
64
|
- ".tool-versions"
|
85
65
|
- CODE_OF_CONDUCT.md
|
86
66
|
- Gemfile
|
@@ -92,10 +72,11 @@ files:
|
|
92
72
|
- bin/console
|
93
73
|
- bin/setup
|
94
74
|
- lib/auth0_current_user.rb
|
75
|
+
- lib/auth0_current_user/api_secured.rb
|
95
76
|
- lib/auth0_current_user/configuration.rb
|
96
77
|
- lib/auth0_current_user/json_web_token.rb
|
97
|
-
- lib/auth0_current_user/secured.rb
|
98
78
|
- lib/auth0_current_user/version.rb
|
79
|
+
- lib/auth0_current_user/web_secured.rb
|
99
80
|
- lib/generators/auth0_current_user/install_generator.rb
|
100
81
|
- lib/generators/templates/auth0_current_user.rb
|
101
82
|
homepage: https://github.com/mikeyduece/auth0_current_user
|
@@ -105,7 +86,7 @@ metadata:
|
|
105
86
|
homepage_uri: https://github.com/mikeyduece/auth0_current_user
|
106
87
|
source_code_uri: https://github.com/mikeyduece/auth0_current_user
|
107
88
|
changelog_uri: https://github.com/mikeyduece/auth0_current_user
|
108
|
-
post_install_message:
|
89
|
+
post_install_message:
|
109
90
|
rdoc_options: []
|
110
91
|
require_paths:
|
111
92
|
- lib
|
@@ -121,7 +102,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
121
102
|
version: '0'
|
122
103
|
requirements: []
|
123
104
|
rubygems_version: 3.1.2
|
124
|
-
signing_key:
|
105
|
+
signing_key:
|
125
106
|
specification_version: 4
|
126
107
|
summary: Implements Auth0's setup for authentication/authorization along with setting
|
127
108
|
a current_user method.
|
data/.idea/.gitignore
DELETED
data/.idea/.rakeTasks
DELETED
@@ -1,7 +0,0 @@
|
|
1
|
-
<?xml version="1.0" encoding="UTF-8"?>
|
2
|
-
<Settings><!--This file was automatically generated by Ruby plugin.
|
3
|
-
You are allowed to:
|
4
|
-
1. Remove rake task
|
5
|
-
2. Add existing rake tasks
|
6
|
-
To add existing rake tasks automatically delete this file and reload the project.
|
7
|
-
--><RakeGroup description="" fullCmd="" taksId="rake"><RakeTask description="Build auth0_current_user-0.1.0.gem into the pkg directory" fullCmd="build" taksId="build" /><RakeTask description="Remove any temporary products" fullCmd="clean" taksId="clean" /><RakeTask description="Remove any generated files" fullCmd="clobber" taksId="clobber" /><RakeTask description="Build and install auth0_current_user-0.1.0.gem into system gems" fullCmd="install" taksId="install" /><RakeGroup description="" fullCmd="" taksId="install"><RakeTask description="Build and install auth0_current_user-0.1.0.gem into system gems without network access" fullCmd="install:local" taksId="local" /></RakeGroup><RakeTask description="Create tag v0.1.0 and build and push auth0_current_user-0.1.0.gem to 'http://rubygems.com'" fullCmd="release[remote]" taksId="release[remote]" /><RakeTask description="" fullCmd="default" taksId="default" /><RakeTask description="" fullCmd="release" taksId="release" /><RakeGroup description="" fullCmd="" taksId="release"><RakeTask description="" fullCmd="release:guard_clean" taksId="guard_clean" /><RakeTask description="" fullCmd="release:rubygem_push" taksId="rubygem_push" /><RakeTask description="" fullCmd="release:source_control_push" taksId="source_control_push" /></RakeGroup></RakeGroup></Settings>
|
@@ -1,28 +0,0 @@
|
|
1
|
-
<?xml version="1.0" encoding="UTF-8"?>
|
2
|
-
<module type="RUBY_MODULE" version="4">
|
3
|
-
<component name="ModuleRunConfigurationManager">
|
4
|
-
<shared />
|
5
|
-
</component>
|
6
|
-
<component name="NewModuleRootManager">
|
7
|
-
<content url="file://$MODULE_DIR$">
|
8
|
-
<sourceFolder url="file://$MODULE_DIR$/features" isTestSource="true" />
|
9
|
-
<sourceFolder url="file://$MODULE_DIR$/spec" isTestSource="true" />
|
10
|
-
<sourceFolder url="file://$MODULE_DIR$/test" isTestSource="true" />
|
11
|
-
</content>
|
12
|
-
<orderEntry type="inheritedJdk" />
|
13
|
-
<orderEntry type="sourceFolder" forTests="false" />
|
14
|
-
<orderEntry type="library" scope="PROVIDED" name="activesupport (v6.0.3.3, asdf: 2.7.1) [gem]" level="application" />
|
15
|
-
<orderEntry type="library" scope="PROVIDED" name="bundler (v2.1.4, asdf: 2.7.1) [gem]" level="application" />
|
16
|
-
<orderEntry type="library" scope="PROVIDED" name="concurrent-ruby (v1.1.7, asdf: 2.7.1) [gem]" level="application" />
|
17
|
-
<orderEntry type="library" scope="PROVIDED" name="i18n (v1.8.5, asdf: 2.7.1) [gem]" level="application" />
|
18
|
-
<orderEntry type="library" scope="PROVIDED" name="jwt (v2.2.2, asdf: 2.7.1) [gem]" level="application" />
|
19
|
-
<orderEntry type="library" scope="PROVIDED" name="minitest (v5.14.2, asdf: 2.7.1) [gem]" level="application" />
|
20
|
-
<orderEntry type="library" scope="PROVIDED" name="rack (v2.2.3, asdf: 2.7.1) [gem]" level="application" />
|
21
|
-
<orderEntry type="library" scope="PROVIDED" name="rake (v12.3.3, asdf: 2.7.1) [gem]" level="application" />
|
22
|
-
<orderEntry type="library" scope="PROVIDED" name="request_store (v1.5.0, asdf: 2.7.1) [gem]" level="application" />
|
23
|
-
<orderEntry type="library" scope="PROVIDED" name="thread_safe (v0.3.6, asdf: 2.7.1) [gem]" level="application" />
|
24
|
-
<orderEntry type="library" scope="PROVIDED" name="tzinfo (v1.2.7, asdf: 2.7.1) [gem]" level="application" />
|
25
|
-
<orderEntry type="library" scope="PROVIDED" name="uri (v0.10.0, asdf: 2.7.1) [gem]" level="application" />
|
26
|
-
<orderEntry type="library" scope="PROVIDED" name="zeitwerk (v2.4.0, asdf: 2.7.1) [gem]" level="application" />
|
27
|
-
</component>
|
28
|
-
</module>
|
data/.idea/misc.xml
DELETED
data/.idea/modules.xml
DELETED
@@ -1,8 +0,0 @@
|
|
1
|
-
<?xml version="1.0" encoding="UTF-8"?>
|
2
|
-
<project version="4">
|
3
|
-
<component name="ProjectModuleManager">
|
4
|
-
<modules>
|
5
|
-
<module fileurl="file://$PROJECT_DIR$/.idea/auth0_current_user.iml" filepath="$PROJECT_DIR$/.idea/auth0_current_user.iml" />
|
6
|
-
</modules>
|
7
|
-
</component>
|
8
|
-
</project>
|
data/.idea/vcs.xml
DELETED
@@ -1,66 +0,0 @@
|
|
1
|
-
# frozen_string_literal: true
|
2
|
-
|
3
|
-
require 'jwt'
|
4
|
-
require 'request_store'
|
5
|
-
require 'auth0_current_user/json_web_token'
|
6
|
-
require 'auth0_current_user/configuration'
|
7
|
-
|
8
|
-
module Auth0CurrentUser
|
9
|
-
module Secured
|
10
|
-
extend ActiveSupport::Concern
|
11
|
-
|
12
|
-
included do
|
13
|
-
before_action :authenticate_request!
|
14
|
-
end
|
15
|
-
|
16
|
-
private
|
17
|
-
|
18
|
-
def authenticate_request!
|
19
|
-
token = auth_token
|
20
|
-
set_current_user(token)
|
21
|
-
|
22
|
-
token
|
23
|
-
rescue JWT::VerificationError, JWT::DecodeError
|
24
|
-
render json: { errors: ['Not Authenticated'] }, status: :unauthorized
|
25
|
-
end
|
26
|
-
|
27
|
-
def http_token
|
28
|
-
if request.headers['Authorization'].present?
|
29
|
-
request.headers['Authorization'].split(' ').last
|
30
|
-
end
|
31
|
-
end
|
32
|
-
|
33
|
-
def auth_token
|
34
|
-
JsonWebToken.verify(http_token)
|
35
|
-
end
|
36
|
-
|
37
|
-
def get_email(token)
|
38
|
-
JsonWebToken.get_claim(token, 'email')
|
39
|
-
end
|
40
|
-
|
41
|
-
def set_current_user(token)
|
42
|
-
email = get_email(token)
|
43
|
-
RequestStore.store[:current_user] ||= Kernel.const_get(authenticated_klass).find_by(email: email)
|
44
|
-
end
|
45
|
-
|
46
|
-
def current_user
|
47
|
-
@current_user ||= RequestStore.store[:current_user]
|
48
|
-
end
|
49
|
-
|
50
|
-
def authenticated_klass
|
51
|
-
unless configuration.authenticated_klass
|
52
|
-
raise NotImplementedError, 'You must define the #authenitcated_klass in config/initializers/auth0_current_user'
|
53
|
-
return
|
54
|
-
end
|
55
|
-
|
56
|
-
@authenticated_klass ||= configuration.authenticated_klass.to_s.classify
|
57
|
-
rescue StandardError => e
|
58
|
-
Rails.logger.error(e.message)
|
59
|
-
end
|
60
|
-
|
61
|
-
def configuration
|
62
|
-
@configuration ||= Configuration.new
|
63
|
-
end
|
64
|
-
|
65
|
-
end
|
66
|
-
end
|