authentic-rb 1.6.0 → 1.7.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (4) hide show
  1. checksums.yaml +4 -4
  2. data/lib/authentic/error.rb +3 -0
  3. data/lib/authentic/validator.rb +2 -2
  4. metadata +2 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: bb1a72bbd0adfdc4e710bc9cb998eed816b68c2d478ee69d7e891028249a9b78
4
- data.tar.gz: a05603819fde73ff95e53a6c3feba89ddab1481bebf64a2fb2dffe6443231d62
3
+ metadata.gz: da8309740cedbfb47574f118cef97aa11a12df4b0e676224ad4fef77cc5c22b4
4
+ data.tar.gz: 46d7a401a4592ca7b1b300b6a1fb9d5f56c19768ec4912dc22b6176e8a697527
5
5
  SHA512:
6
- metadata.gz: ff375b3fa277837009eb7027a918d395a0aaebcd5eebc633b71070f02519407107112b6a1775143d0e3831441efe7e0188af0c3d1ae95de1866bf90e9b7a4660
7
- data.tar.gz: 8f48caceb8e1302b4a54d2a41bf42af3df2b8c66f609f5d5621368305c5efe0867945c311b2c52423840d63288520ad1fa2ea94f12f176a8f61a82bd7c56cc37
6
+ metadata.gz: cf58441c9eadd7ce25ad68c4b3ff630a0453c3c070bfc8090130a6ecf26fb811299d34e81f9ec7cc9579549883ea0bb4cf637898bd1d5bdcd304625e17b27ca8
7
+ data.tar.gz: 3248768b576342da140b068aa5d52afd8be6786e44eefb47763814ce4d4368492f655af880c9a980d9a38afda45ed71f43e34fbdd75073cc9ba345dde60622db
data/lib/authentic/error.rb CHANGED
@@ -22,4 +22,7 @@ module Authentic
22
22
 
23
23
  # Public: Represents an expired JWT.
24
24
  class ExpiredToken < StandardError; end
25
+
26
+ # Public: Represents an issuer that is not whitelisted. This should produce a 403 response.
27
+ class InvalidIssuer < StandardError; end
25
28
  end
data/lib/authentic/validator.rb CHANGED
@@ -25,7 +25,7 @@ module Authentic
25
25
  def valid?(token)
26
26
  ensure_valid(token)
27
27
  true
28
- rescue InvalidToken, ExpiredToken, InvalidKey, RequestError
28
+ rescue InvalidToken, ExpiredToken, InvalidKey, RequestError, InvalidIssuer
29
29
  false
30
30
  end
31
31
 
@@ -63,7 +63,7 @@ module Authentic
63
63
  raise InvalidToken, 'JWT was nil' unless token
64
64
 
65
65
  JSON::JWT.decode(token, :skip_verification).tap do |jwt|
66
- raise InvalidToken, 'JWT iss was not located in provided whitelist' unless iss_whitelist.include?(jwt[:iss])
66
+ raise InvalidIssuer, 'JWT iss was not located in provided whitelist' unless iss_whitelist.include?(jwt[:iss])
67
67
  end
68
68
  rescue JSON::JWT::InvalidFormat
69
69
  raise InvalidToken, 'JWT was in an invalid format'
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: authentic-rb
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.6.0
4
+ version: 1.7.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Articulate
@@ -9,7 +9,7 @@ authors:
9
9
  autorequire:
10
10
  bindir: bin
11
11
  cert_chain: []
12
- date: 2019-03-13 00:00:00.000000000 Z
12
+ date: 2019-03-18 00:00:00.000000000 Z
13
13
  dependencies:
14
14
  - !ruby/object:Gem::Dependency
15
15
  name: json-jwt