authentic-jwt 0.0.2 → 0.0.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: c9553910f0f78a9ff6cd893059e887bf5455a3b3
4
- data.tar.gz: d6b336cabdb1df56705a9f879838938313ba1e4a
3
+ metadata.gz: 2d47cc96f2011f46a63cc6602fbfae477240a1dc
4
+ data.tar.gz: 63eeff8a50676a80103712872d970d75741e47a3
5
5
  SHA512:
6
- metadata.gz: 5cc805a9829594ea77750b7a1b97cfa8e3bc3a4479ad5dc7c83ff63d38c19ccde34c22be37dcc5943e53418db397f63ec17faa08e9fa71e8dd5986b53da20a9f
7
- data.tar.gz: 6c5eb72edca91f1adfe558f9cef58eec3e9293af0a4035ed9ffb9473259028364a6029a3b2be38bc04faa0721a23e49703055cab9e12b3f9cc1904d2b8bf87fd
6
+ metadata.gz: 03502527e816c6bb758f5107b2d966bd8dd0f14a3b244677cb4b72a20aa495d37c558eb63e9c56299b6b7546e38c6576fd632efa28e8722ce3be6a9c813e0eb2
7
+ data.tar.gz: 85798e18d003ac3fb6e64b82c6df6f0b9ed22dffc52c8fa4a208985b3ade832b02f1a32d06bd59a44cf01759dce77f16266f0101e5f8c4dc17f0057b3e0c1b93
data/Gemfile CHANGED
@@ -1,3 +1,5 @@
1
1
  source "https://rubygems.org"
2
2
 
3
3
  gemspec
4
+
5
+ gem "google-protobuf", "3.2.0.rc2"
@@ -18,6 +18,7 @@ Gem::Specification.new do |spec|
18
18
  spec.executables = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
19
19
  spec.require_paths = ["lib"]
20
20
 
21
+ spec.add_dependency "google-protobuf"
21
22
  spec.add_dependency "jwt"
22
23
  spec.add_dependency "multi_json"
23
24
 
@@ -0,0 +1,72 @@
1
+ syntax = "proto3";
2
+
3
+ package AuthenticJwt;
4
+
5
+ message Payload {
6
+ enum Role {
7
+ UNSUBSCRIBED = 0;
8
+ SUBSCRIBER = 10;
9
+ CONTRIBUTOR = 20;
10
+ AUTHOR = 30;
11
+ EDITOR = 40;
12
+ PARTNER = 70;
13
+ ADMIN = 80;
14
+ INTERNAL = 90;
15
+ }
16
+
17
+ message Partner {
18
+ // string iss = 1;
19
+ // string sub = 2;
20
+ reserved 1 to 2;
21
+ string aud = 3;
22
+ // int32 exp = 4;
23
+ // int32 nbf = 5;
24
+ // int32 iat = 6;
25
+ // string jti = 7;
26
+ reserved 4 to 9;
27
+ repeated Role roles = 10;
28
+ }
29
+
30
+ message Account {
31
+ // string iss = 1;
32
+ // string sub = 2;
33
+ reserved 1 to 2;
34
+ string aud = 3;
35
+ // int32 exp = 4;
36
+ // int32 nbf = 5;
37
+ // int32 iat = 6;
38
+ // string jti = 7;
39
+ reserved 4 to 9;
40
+ repeated Role roles = 10;
41
+ }
42
+
43
+ message External {
44
+ string iss = 1;
45
+ // string sub = 2;
46
+ // string aud = 3;
47
+ // int32 exp = 4;
48
+ // int32 nbf = 5;
49
+ // int32 iat = 6;
50
+ // string jti = 7;
51
+ // repeated Role roles = 10;
52
+ reserved 2 to 10;
53
+ string access_token = 11;
54
+ string refresh_token = 12;
55
+ }
56
+
57
+ // string iss = 1;
58
+ reserved 1;
59
+ string sub = 2;
60
+ // string aud = 3;
61
+ // int32 exp = 4;
62
+ // int32 nbf = 5;
63
+ // int32 iat = 6;
64
+ // string jti = 7;
65
+ reserved 3 to 9;
66
+ repeated Role roles = 10;
67
+ string name = 11;
68
+ string email = 12;
69
+ repeated Partner partners = 13;
70
+ repeated Account accounts = 14;
71
+ repeated External external = 15;
72
+ }
data/lib/authentic-jwt.rb CHANGED
@@ -1,3 +1,4 @@
1
1
  require "authentic_jwt/version"
2
2
  require "authentic_jwt/errors"
3
+ require "authentic_jwt/payload_pb"
3
4
  require "authentic_jwt/role"
@@ -3,10 +3,9 @@ module AuthenticJwt
3
3
  module AuthMethods
4
4
  attr_accessor :jwt_payload
5
5
 
6
- def jwt_user_id
6
+ def jwt_sub
7
7
  return unless jwt_payload
8
- return unless jwt_payload["id"]
9
- jwt_payload["id"].to_i
8
+ jwt_payload["sub"]
10
9
  end
11
10
  end
12
11
  end
@@ -22,9 +22,9 @@ module AuthenticJwt
22
22
 
23
23
  return unless account_id
24
24
 
25
- raise Forbidden, "Account has no role" unless account_role
25
+ raise Forbidden, "Account has no role" unless account_roles.any?
26
26
 
27
- raise Forbidden, "Account role is too low" unless acceptable_roles.include?(account_role)
27
+ raise Forbidden, "Account role is too low" unless (acceptable_roles & account_roles).any?
28
28
  end
29
29
 
30
30
  protected
@@ -77,17 +77,17 @@ module AuthenticJwt
77
77
  def account_id
78
78
  result = ENV[ACCOUNT_ID_ENV_VAR].to_s
79
79
  return if result.empty?
80
- result.to_i
80
+ result
81
81
  end
82
82
 
83
83
  def account_payload
84
84
  return unless jwt_payload
85
- jwt_payload["accounts"].detect { |account| account["id"] == account_id }
85
+ jwt_payload["accounts"].detect { |account| account["aud"] == account_id }
86
86
  end
87
87
 
88
- def account_role
88
+ def account_roles
89
89
  return unless account_payload
90
- account_payload["role"]
90
+ account_payload["roles"].collect(&:downcase)
91
91
  end
92
92
 
93
93
  def acceptable_roles
@@ -0,0 +1,47 @@
1
+ # Generated by the protocol buffer compiler. DO NOT EDIT!
2
+ # source: payload.proto
3
+
4
+ require 'google/protobuf'
5
+
6
+ Google::Protobuf::DescriptorPool.generated_pool.build do
7
+ add_message "AuthenticJwt.Payload" do
8
+ optional :sub, :string, 2
9
+ repeated :roles, :enum, 10, "AuthenticJwt.Payload.Role"
10
+ optional :name, :string, 11
11
+ optional :email, :string, 12
12
+ repeated :partners, :message, 13, "AuthenticJwt.Payload.Partner"
13
+ repeated :accounts, :message, 14, "AuthenticJwt.Payload.Account"
14
+ repeated :external, :message, 15, "AuthenticJwt.Payload.External"
15
+ end
16
+ add_message "AuthenticJwt.Payload.Partner" do
17
+ optional :aud, :string, 3
18
+ repeated :roles, :enum, 10, "AuthenticJwt.Payload.Role"
19
+ end
20
+ add_message "AuthenticJwt.Payload.Account" do
21
+ optional :aud, :string, 3
22
+ repeated :roles, :enum, 10, "AuthenticJwt.Payload.Role"
23
+ end
24
+ add_message "AuthenticJwt.Payload.External" do
25
+ optional :iss, :string, 1
26
+ optional :access_token, :string, 11
27
+ optional :refresh_token, :string, 12
28
+ end
29
+ add_enum "AuthenticJwt.Payload.Role" do
30
+ value :UNSUBSCRIBED, 0
31
+ value :SUBSCRIBER, 10
32
+ value :CONTRIBUTOR, 20
33
+ value :AUTHOR, 30
34
+ value :EDITOR, 40
35
+ value :PARTNER, 70
36
+ value :ADMIN, 80
37
+ value :INTERNAL, 90
38
+ end
39
+ end
40
+
41
+ module AuthenticJwt
42
+ Payload = Google::Protobuf::DescriptorPool.generated_pool.lookup("AuthenticJwt.Payload").msgclass
43
+ Payload::Partner = Google::Protobuf::DescriptorPool.generated_pool.lookup("AuthenticJwt.Payload.Partner").msgclass
44
+ Payload::Account = Google::Protobuf::DescriptorPool.generated_pool.lookup("AuthenticJwt.Payload.Account").msgclass
45
+ Payload::External = Google::Protobuf::DescriptorPool.generated_pool.lookup("AuthenticJwt.Payload.External").msgclass
46
+ Payload::Role = Google::Protobuf::DescriptorPool.generated_pool.lookup("AuthenticJwt.Payload.Role").enummodule
47
+ end
@@ -21,14 +21,9 @@ module AuthenticJwt
21
21
  READ = ["subscriber"].freeze
22
22
  WRITE = ["contributor", "author", "editor", "partner", "admin", "internal"].freeze
23
23
 
24
- MAPPING = {
25
- "subscriber" => 10,
26
- "contributor" => 20,
27
- "author" => 30,
28
- "editor" => 40,
29
- "partner" => 70,
30
- "admin" => 80,
31
- "internal" => 90
32
- }.freeze
24
+ MAPPING = AuthenticJwt::Payload::Role.constants.inject({}) do |memo, const|
25
+ memo[const.to_s.downcase] = AuthenticJwt::Payload::Role.const_get(const)
26
+ memo
27
+ end.freeze
33
28
  end
34
29
  end
@@ -1,3 +1,3 @@
1
1
  module AuthenticJwt
2
- VERSION = "0.0.2".freeze
2
+ VERSION = "0.0.3".freeze
3
3
  end
metadata CHANGED
@@ -1,15 +1,29 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: authentic-jwt
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.0.2
4
+ version: 0.0.3
5
5
  platform: ruby
6
6
  authors:
7
7
  - Authentic Limited
8
8
  autorequire:
9
9
  bindir: exe
10
10
  cert_chain: []
11
- date: 2017-01-22 00:00:00.000000000 Z
11
+ date: 2017-02-06 00:00:00.000000000 Z
12
12
  dependencies:
13
+ - !ruby/object:Gem::Dependency
14
+ name: google-protobuf
15
+ requirement: !ruby/object:Gem::Requirement
16
+ requirements:
17
+ - - ">="
18
+ - !ruby/object:Gem::Version
19
+ version: '0'
20
+ type: :runtime
21
+ prerelease: false
22
+ version_requirements: !ruby/object:Gem::Requirement
23
+ requirements:
24
+ - - ">="
25
+ - !ruby/object:Gem::Version
26
+ version: '0'
13
27
  - !ruby/object:Gem::Dependency
14
28
  name: jwt
15
29
  requirement: !ruby/object:Gem::Requirement
@@ -126,11 +140,13 @@ files:
126
140
  - authentic-jwt.gemspec
127
141
  - bin/console
128
142
  - bin/setup
143
+ - definitions/payload.proto
129
144
  - lib/authentic-jwt.rb
130
145
  - lib/authentic_jwt/errors.rb
131
146
  - lib/authentic_jwt/grape/auth_methods.rb
132
147
  - lib/authentic_jwt/grape/extension.rb
133
148
  - lib/authentic_jwt/grape/middleware.rb
149
+ - lib/authentic_jwt/payload_pb.rb
134
150
  - lib/authentic_jwt/role.rb
135
151
  - lib/authentic_jwt/version.rb
136
152
  homepage: https://github.com/mytours/authentic-jwt