authrocket 1.4.3 → 1.4.4

Sign up to get free protection for your applications and to get access to all the features.
Files changed (7) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +5 -0
  3. data/authrocket.gemspec +1 -1
  4. data/lib/authrocket/api/version.rb +1 -1
  5. data/lib/authrocket/auth_provider.rb +1 -1
  6. data/lib/authrocket/session.rb +2 -2
  7. metadata +4 -4
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 686d725c512d06a6743fda6af3560d297b81f40b
4
- data.tar.gz: 3d6403affcf16fd685c03f83cf085c9dda7536ec
3
+ metadata.gz: 1fa4ce2b3ff2db141f60cafe4b4b895a1e489e12
4
+ data.tar.gz: 0b796599b1c91983addb2c67f0df152eab987110
5
5
  SHA512:
6
- metadata.gz: 206d7f113f81dbd33c33d4bab3a64f773e1a8ea1ee51af6e082b37af653fa18899466a52b323edd1c4a386defcdec40bf26b77c6ea4fcdae2e17a40816b8b292
7
- data.tar.gz: 00fae12a56e5c9c1eed514c2ee9e9a0f1acb64d1feedda4e593f98d9ec9616bbda555a0c2e4e7f1af17c8bf96489ae3c2c1fe76a2c53a6235afd7fc5832bebed
6
+ metadata.gz: 58964c8728ca38ba00ad57431977e6490a9fc41a83e9a520c75d6c1632df4c705685b20ef6117a28c5af749ded4234f5cebad7d247a29d7d7598bb147d4c0500
7
+ data.tar.gz: e2e76576332df5782e2a02e12f3bc5f9ccdfc568e46afac48a2685cf895440cb39ff5e962c2039790d2c21914dd71644f0ef5f4c8cc0197d6a1be2a5ff28bbaa
data/CHANGELOG.md CHANGED
@@ -1,3 +1,8 @@
1
+ #### 1.4.4
2
+ - Bump to jwt 1.5
3
+ - Enforce hmac algorithm for jwt
4
+ - Add AuthProvider.min_complexity, .required_chars
5
+
1
6
  #### 1.4.3
2
7
  - Add AuthProvider.min_length
3
8
 
data/authrocket.gemspec CHANGED
@@ -19,7 +19,7 @@ Gem::Specification.new do |gem|
19
19
  gem.require_paths = ["lib"]
20
20
 
21
21
  gem.add_dependency 'ncore', '~> 1.2'
22
- gem.add_dependency 'jwt', '~> 1.4.0'
22
+ gem.add_dependency 'jwt', '~> 1.5.0'
23
23
 
24
24
  gem.add_development_dependency "bundler", "~> 1.3"
25
25
  gem.add_development_dependency "rake"
data/lib/authrocket/api/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module AuthRocket
2
- VERSION = '1.4.3'
2
+ VERSION = '1.4.4'
3
3
  end
data/lib/authrocket/auth_provider.rb CHANGED
@@ -6,7 +6,7 @@ module AuthRocket
6
6
 
7
7
  attr :provider_type, :state
8
8
  attr :login, :name_field, :signup
9
- attr :min_length
9
+ attr :min_complexity, :min_length, :required_chars
10
10
  attr :client_id, :client_secret, :scopes
11
11
 
12
12
 
data/lib/authrocket/session.rb CHANGED
@@ -14,7 +14,7 @@ module AuthRocket
14
14
  raise Error, "missing :jwt_secret (or AUTHROCKET_JWT_SECRET)" unless secret
15
15
  return unless token
16
16
 
17
- jwt, _ = JWT.decode token, secret
17
+ jwt, _ = JWT.decode token, secret, true, algorithm: 'HS256'
18
18
 
19
19
  if within = options.delete(:within)
20
20
  return if jwt['iat'] < Time.now.to_i - within
@@ -48,7 +48,7 @@ module AuthRocket
48
48
  }, api_creds)
49
49
 
50
50
  session
51
- rescue JWT::DecodeError, JWT::ExpiredSignature
51
+ rescue JWT::DecodeError
52
52
  nil
53
53
  end
54
54
 
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: authrocket
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.4.3
4
+ version: 1.4.4
5
5
  platform: ruby
6
6
  authors:
7
7
  - thomas morgan
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2015-06-03 00:00:00.000000000 Z
11
+ date: 2015-06-08 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: ncore
@@ -30,14 +30,14 @@ dependencies:
30
30
  requirements:
31
31
  - - "~>"
32
32
  - !ruby/object:Gem::Version
33
- version: 1.4.0
33
+ version: 1.5.0
34
34
  type: :runtime
35
35
  prerelease: false
36
36
  version_requirements: !ruby/object:Gem::Requirement
37
37
  requirements:
38
38
  - - "~>"
39
39
  - !ruby/object:Gem::Version
40
- version: 1.4.0
40
+ version: 1.5.0
41
41
  - !ruby/object:Gem::Dependency
42
42
  name: bundler
43
43
  requirement: !ruby/object:Gem::Requirement