RubyGems - authrocket - Versions diffs - 1.5.0 → 2.0.0 - Mend

authrocket 1.5.0 → 2.0.0

Files changed (14) hide show

checksums.yaml +4 -4
data/CHANGELOG.md +37 -4
data/README.md +4 -8
data/authrocket.gemspec +4 -2
data/lib/authrocket/api/api_config.rb +4 -4
data/lib/authrocket/api/version.rb +1 -1
data/lib/authrocket/app_hook.rb +3 -1
data/lib/authrocket/auth_provider.rb +21 -9
data/lib/authrocket/event.rb +4 -8
data/lib/authrocket/login_policy.rb +1 -2
data/lib/authrocket/realm.rb +2 -1
data/lib/authrocket/session.rb +11 -5
data/lib/authrocket/user.rb +32 -16
metadata +7 -7

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 48a34e5c646665a7020363a9a8ade5fb317d8699
-  data.tar.gz: faad858997b34e9c776a1289be6213ab33f6a1a6
+  metadata.gz: 9b93720c4868bc866ad26340e6c88fd3b87f9aa9
+  data.tar.gz: f4b1767d3c7e684357231ed206130ea84778d3a7
 SHA512:
-  metadata.gz: b11966d0c17a23302c3cf9f4eefe409513e0bccc345dbe1f5894b17c674cb3c31def9c2ad54e3a7eacac0f120d12e31054a34b043a93d5e43526909414b91e87
-  data.tar.gz: ba4dbda5bb51a4a75555c380d2393e719223b0a69d96e2a07ea607f99f7b6983d96d67e5db56ed821669d00e093aa72d5553f82c00bd632bfa42c1b4c3719dfe
+  metadata.gz: cc756a62eadb6dc8ce8e8da0f51916f9532e609c1caa4fada2a4d04e3ad4de66fca5cab23e1c338d502d21ae83b949ff9c805515c7dcd7f76596910a5181ee00
+  data.tar.gz: 6a9f6617e7c98dad6ff441ddc25792f36e950fd7643943a21d34fe8c4dd9e3fa9c1d041504a171872a8f142ba3779b56ce72e66811b5497be5baa0d8c211f9ac

data/CHANGELOG.md CHANGED Viewed

@@ -1,30 +1,63 @@
+#### 2.0.0
+- NOTE: This version includes breaking changes.
+- Depends on ncore 2.0
+  - ncore update changes most method signatures to remove the final api_creds param - use a :credentials key instead:
+      Old: User.create(params, api_creds)
+      New: User.create(params.merge(credentials: api_creds))
+    - As api_creds is not generally needed, this should affect few people
+  - No longer depends on 'multi_json', but uses it if available. Defaults to stdlib 'json'.
+  - find(nil) now raises RecordNotFound instead of returning nil
+- User.reset_password_with_token signature change:
+  Old: reset_password_with_token(username, token, new_pw, new_pw_2, params={}, api_creds)
+  New: reset_password_with_token(username: '...', token: '...', password: '...', password_confirmation: '...', ...)
+- Remove previously deprecated Event.validate_token
+- Remove previously deprecated LoginPolicy#enable_logins, #enable_signups, #name_field
+- Remove previously deprecated User#api_key, #last_login_on
+- Add Event#request_data, Session#request_data
+- Remove Event#ip, Session#ip, and Session#client - use #request_data['ip'] or #request_data['client'] instead
+- Add AppHook#email_from_name
+- Add AuthProvider#authorize_token
+- Detect new ko_ API keys
+- Support email verification
+- Add LoginPolicy#redirect_uris
+- Fix issue with older rubies
 #### 1.5.0
 - Update Event and add Notification
 #### 1.4.4
 - Bump to jwt 1.5
 - Enforce hmac algorithm for jwt
-- Add AuthProvider.min_complexity, .required_chars
+- Add AuthProvider#min_complexity, #required_chars
 #### 1.4.3
-- Add AuthProvider.min_length
+- Add AuthProvider#min_length
 #### 1.4.2
-- Add AppHook.email_renderer
+- Add AppHook#email_renderer
 #### 1.4.1
 - Bump to jwt 1.4
-- Add AppHook.email_to
+- Add AppHook#email_to
 - Update AppHook.event_types
 #### 1.4.0
 - Support social auth in AuthProvider and Credential
 #### 1.3.1
 - Add Realm#api_key_minutes
 - Add Session#client
 #### 1.3.0
 - Add Session resource
 - Deprecate Event.validate_token - Replaced by Session.from_token and Session.find
 - Add missing auth_provider.* events

data/README.md CHANGED Viewed

@@ -2,7 +2,7 @@
 [AuthRocket](http://authrocket.com/) provides Auth as a Service, making it quick and easy to add signups, logins, a full user management UI, and much more to your app.
-This gem works with both Rails and plain Ruby. It will auto-detect Rails and enable a couple Rails-specific features as appropriate.
+This gem works with both Rails and plain Ruby. It will auto-detect Rails and enable Rails-specific features as appropriate.
 ## Usage
@@ -14,8 +14,7 @@ For installation, add `gem 'authrocket'` to your Gemfile. More details are below
 By default, AuthRocket automatically loads your credentials from environment variables. For such hosting environments, including Heroku, just configure these:
-    AUTHROCKET_ACCOUNT    = org_SAMPLE
-    AUTHROCKET_API_KEY    = key_SAMPLE
+    AUTHROCKET_API_KEY    = ko_SAMPLE
     AUTHROCKET_URL        = https://api-e1.authrocket.com/v1
     AUTHROCKET_REALM      = rl_SAMPLE   # optional
     AUTHROCKET_JWT_SECRET = jsk_SAMPLE  # optional
@@ -29,8 +28,7 @@ By default, AuthRocket automatically loads your credentials from environment var
 It's possible to configure AuthRocket using a Rails initializer (or other initializaiton code) too.
     AuthRocket::Api.credentials = {
-      account: 'org_SAMPLE',
-      api_key: 'key_SAMPLE',
+      api_key: 'ko_SAMPLE',
       url: 'https://api-e1.authrocket.com/v1',
       realm: 'rl_SAMPLE',
       jwt_secret: 'jsk_SAMPLE'
@@ -63,7 +61,6 @@ Let's add a couple methods to your Application Controller, substituting the corr
       def require_user
         unless current_user
-          flash.keep
           redirect_to LOGIN_URL
         end
       end
@@ -84,9 +81,8 @@ Then add login and logout methods:
       skip_before_filter :require_user
       def login
-        flash.keep
         if params[:token]
-          if AuthRocket::Session.from_token(params[:token], within: 60.seconds)
+          if AuthRocket::Session.from_token(params[:token])
             session[:ar_token] = params[:token]
             redirect_to root_path
             return

data/authrocket.gemspec CHANGED Viewed

@@ -6,7 +6,7 @@ require 'authrocket/api/version'
 Gem::Specification.new do |gem|
   gem.name          = "authrocket"
   gem.version       = AuthRocket::VERSION
-  gem.authors       = ["thomas morgan"]
+  gem.authors       = ["AuthRocket Team"]
   gem.email         = ["hello@authrocket.com"]
   gem.description   = %q{AuthRocket client for Ruby.}
   gem.summary       = %q{AuthRocket client for Ruby}
@@ -18,7 +18,9 @@ Gem::Specification.new do |gem|
   gem.test_files    = gem.files.grep(%r{^(test|spec|features)/})
   gem.require_paths = ["lib"]
-  gem.add_dependency 'ncore', '~> 1.2'
+  gem.required_ruby_version = '>= 1.9'
+  gem.add_dependency 'ncore', '~> 2.0'
   gem.add_dependency 'jwt', '~> 1.5.0'
   gem.add_development_dependency "bundler", "~> 1.3"

data/lib/authrocket/api/api_config.rb CHANGED Viewed

@@ -1,7 +1,7 @@
 module AuthRocket
   include NCore::Builder
-  Resource.include AuthRocket::Client
-  SingletonResource.include AuthRocket::Client
+  Resource.send :include, AuthRocket::Client
+  SingletonResource.send :include, AuthRocket::Client
   configure do
     self.default_url = ENV['AUTHROCKET_URL']
@@ -34,7 +34,7 @@ module AuthRocket
     self.auth_header_prefix = 'X-Authrocket'
-    self.credentials_error_message = %Q{Missing API credentials or URL. Set default credentials using "AuthRocket::Api.credentials = {api_key: YOUR_API_KEY, account: YOUR_ACCOUNT_ID, url: AR_REGION_URL}"}
+    self.credentials_error_message = %Q{Missing API credentials or URL. Set default credentials using "AuthRocket::Api.credentials = {api_key: YOUR_API_KEY, url: AR_REGION_URL}"}
   end
@@ -57,7 +57,7 @@ module AuthRocket
             case part
             when /^jsk_/
               o[:jwt_secret] = part
-            when /^key_/
+            when /^k(ey|o)_/
               o[:api_key] = part
             when /^org_/
               o[:account] = part

data/lib/authrocket/api/version.rb CHANGED Viewed

@@ -1,3 +1,3 @@
 module AuthRocket
-  VERSION = '1.5.0'
+  VERSION = '2.0.0'
 end

data/lib/authrocket/app_hook.rb CHANGED Viewed

@@ -6,7 +6,8 @@ module AuthRocket
     has_many :events
     attr :event_type, :hook_type, :destination
-    attr :email_from, :email_renderer, :email_subject, :email_template, :email_to, :user_type
+    attr :email_from, :email_from_name, :email_renderer, :email_subject
+    attr :email_template, :email_to, :user_type
     def self.event_types
       %w( app_hook.created  app_hook.updated  app_hook.deleted
@@ -16,6 +17,7 @@ module AuthRocket
           org.created  org.updated  org.deleted
           realm.created  realm.updated  realm.deleted
           user.created  user.updated  user.deleted
+            user.email.verification_requested  user.email.verified
             user.login.succeeded  user.login.failed
             user.password_token.created  user.password_token.consumed  user.password_token.failed
         ).sort

data/lib/authrocket/auth_provider.rb CHANGED Viewed

@@ -4,16 +4,17 @@ module AuthRocket
     belongs_to :realm
-    attr :provider_type, :state
-    attr :login, :name_field, :signup
+    attr :name, :provider_type, :state
+    attr :email_verification, :login, :name_field, :password_field, :signup, :signup_mode, :verify
     attr :min_complexity, :min_length, :required_chars
     attr :client_id, :client_secret, :scopes
     # attribs - :redirect_uri - required
     #         - :nonce        - optional
-    def self.authorize_urls(attribs={}, api_creds=nil)
-      parsed, creds = request(:get, url+'/authorize', api_creds, attribs)
+    def self.authorize_urls(attribs={})
+      params = parse_request_params(attribs)
+      parsed, creds = request(:get, url+'/authorize', params)
       if parsed[:errors].any?
         raise Error, parsed[:errors].inspect
       end
@@ -27,8 +28,9 @@ module AuthRocket
     # attribs - :redirect_uri - required
     #         - :nonce        - optional
-    def self.authorize_url(auth_provider_id, attribs={}, api_creds=nil)
-      parsed, creds = request(:get, url+"/#{auth_provider_id}/authorize", api_creds, attribs)
+    def self.authorize_url(auth_provider_id, attribs={})
+      params = parse_request_params(attribs)
+      parsed, creds = request(:get, url+"/#{auth_provider_id}/authorize", params)
       if parsed[:errors].any?
         raise Error, parsed[:errors].inspect
       end
@@ -37,17 +39,27 @@ module AuthRocket
     # same as self.authorize_url(self.id, ...)
     def authorize_url(attribs={})
-      self.class.authorize_url(id, attribs, api_creds)
+      params = parse_request_params(attribs).merge credentials: api_creds
+      self.class.authorize_url(id, params)
     end
     # attribs - :code  - required
     #         - :nonce - optional
     #         - :state - required
     # always returns a new object; check .errors? or .valid? to see how it went
-    def self.authorize(attribs={}, api_creds=nil)
-      parsed, creds = request(:post, url+'/authorize', api_creds, attribs)
+    def self.authorize(attribs={})
+      params = parse_request_params(attribs)
+      parsed, creds = request(:post, url+'/authorize', params)
       User.new(parsed, creds)
     end
+    # attribs - :access_token - required
+    # always returns a new object; check .errors? or .valid? to see how it went
+    def authorize_token(attribs={})
+      params = parse_request_params(attribs)
+      parsed, creds = request(:post, url+'/authorize', params)
+      User.new parsed, creds
+    end
   end
 end

data/lib/authrocket/event.rb CHANGED Viewed

@@ -11,18 +11,14 @@ module AuthRocket
     belongs_to :user
     has_many :notifications
-    attr :event_type, :ip
+    attr :event_type
     attr_datetime :event_at
-    # deprecated - use Session.from_token() or Session.find()
-    def self.validate_token(token, params={}, api_creds=nil)
-      parsed, creds = request(:get, "#{url}/login/#{CGI.escape token}", api_creds, params)
-      new(parsed, creds)
-    rescue RecordNotFound
-      nil
+    def request_data
+      self[:request]
     end
     def notifications
       reload unless @attribs[:notifications]
       unless @stuffed_event

data/lib/authrocket/login_policy.rb CHANGED Viewed

@@ -7,8 +7,7 @@ module AuthRocket
     attr :custom_domains, :external_css
     attr :footer, :header, :login_handler, :name, :primary_domain
-    attr :signup_handler, :subdomain
-    attr :enable_logins, :enable_signups, :name_field # deprecated
+    attr :redirect_uris, :signup_handler, :subdomain
     attr :base_domain, :domains # readonly
   end

data/lib/authrocket/realm.rb CHANGED Viewed

@@ -16,7 +16,8 @@ module AuthRocket
     def reset!(params={})
-      parsed, _ = request(:post, "#{url}/reset", api_creds, params)
+      params = parse_request_params(params).merge credentials: api_creds
+      parsed, _ = request(:post, "#{url}/reset", params)
       load(parsed)
       errors.empty? ? self : false
     end

data/lib/authrocket/session.rb CHANGED Viewed

@@ -4,13 +4,17 @@ module AuthRocket
     belongs_to :user
-    attr :client, :ip
     attr :token # readonly
     attr_datetime :created_at, :expires_at # readonly
+    def request_data
+      self[:request]
+    end
     # options - :within - (in seconds) Maximum time since the token was originally issued
-    def self.from_token(token, options={}, api_creds=nil)
-      secret = (api_creds||credentials)[:jwt_secret]
+    def self.from_token(token, options={})
+      secret = (options[:credentials]||credentials)[:jwt_secret]
       raise Error, "missing :jwt_secret (or AUTHROCKET_JWT_SECRET)" unless secret
       return unless token
@@ -22,6 +26,7 @@ module AuthRocket
       user = User.new({
           id: jwt['uid'],
+          realm_id: jwt['aud'],
           username: jwt['un'],
           first_name: jwt['fn'],
           last_name: jwt['ln'],
@@ -33,11 +38,12 @@ module AuthRocket
               org_id: m['oid'],
               org: m['oid'] && Org.new({
                 id: m['oid'],
+                realm_id: jwt['aud'],
                 name: m['o'],
               }),
             })
           end,
-        }, api_creds)
+        }, options[:credentials])
       session = new({
           id: jwt['tk'],
           created_at: jwt['iat'],
@@ -45,7 +51,7 @@ module AuthRocket
           token: token,
           user_id: jwt['uid'],
           user: user
-        }, api_creds)
+        }, options[:credentials])
       session
     rescue JWT::DecodeError

data/lib/authrocket/user.rb CHANGED Viewed

@@ -8,12 +8,10 @@ module AuthRocket
     has_many :memberships
     has_many :sessions
-    attr :api_key # deprecated
-    attr :custom, :email, :first_name
+    attr :custom, :email, :email_verification, :first_name
     attr :last_name, :name, :password, :password_confirmation
     attr :reference, :state, :user_type, :username
     attr_datetime :created_at, :last_login_at
-    attr_datetime :last_login_on # deprecated
     def credentials
@@ -35,35 +33,38 @@ module AuthRocket
     class << self
-      def authenticate(username, password, params={}, api_creds=nil)
-        params = params.merge(password: password)
-        parsed, creds = request(:post, "#{url}/#{CGI.escape username}/authenticate", api_creds, params)
+      def authenticate(username, password, params={})
+        params = parse_request_params(params).merge password: password
+        parsed, creds = request(:post, "#{url}/#{CGI.escape username}/authenticate", params)
         if parsed[:errors].any?
           raise ValidationError, parsed[:errors]
         end
         new(parsed, creds)
       end
-      def authenticate_key(api_key, params={}, api_creds=nil)
-        params = params.merge(api_key: api_key)
-        parsed, creds = request(:post, "#{url}/authenticate_key", api_creds, params)
+      def authenticate_key(api_key, params={})
+        params = parse_request_params(params).merge api_key: api_key
+        parsed, creds = request(:post, "#{url}/authenticate_key", params)
         if parsed[:errors].any?
           raise ValidationError, parsed[:errors]
         end
         new(parsed, creds)
       end
-      def generate_password_token(username, params={}, api_creds=nil)
-        parsed, creds = request(:post, "#{url}/#{CGI.escape username}/generate_password_token", api_creds, params)
+      def generate_password_token(username, params={})
+        params = parse_request_params(params)
+        parsed, creds = request(:post, "#{url}/#{CGI.escape username}/generate_password_token", params)
         if parsed[:errors].any?
           raise ValidationError, parsed[:errors]
         end
         new(parsed, creds)
       end
-      def reset_password_with_token(username, token, new_pw, new_pw_2, params={}, api_creds=nil)
-        params = params.with_indifferent_access.merge(user: {token: token, password: new_pw, password_confirmation: new_pw_2})
-        parsed, creds = request(:post, "#{url}/#{CGI.escape username}/reset_password_with_token", api_creds, params)
+      # params - {username: '...', token: '...', password: '...', password_confirmation: '...'}
+      def reset_password_with_token(params)
+        params = parse_request_params(params, json_root: json_root)
+        username = params[json_root].delete(:username) || '--'
+        parsed, creds = request(:post, "#{url}/#{CGI.escape username}/reset_password_with_token", params)
         if parsed[:errors].any?
           raise ValidationError, parsed[:errors]
         end
@@ -74,8 +75,23 @@ module AuthRocket
     # params - {current_password: 'old', password: 'new', password_confirmation: 'new'}
     def update_password(params)
-      params = {user: params}
-      parsed, _ = request(:put, "#{url}/update_password", api_creds, params)
+      params = parse_request_params(params, json_root: json_root).merge credentials: api_creds
+      parsed, _ = request(:put, "#{url}/update_password", params)
+      load(parsed)
+      errors.empty? ? self : false
+    end
+    def request_email_verification(params={})
+      params = parse_request_params(params).merge credentials: api_creds
+      parsed, _ = request(:post, "#{url}/request_email_verification", params)
+      load(parsed)
+      errors.empty? ? self : false
+    end
+    # params - {token: '...'}
+    def verify_email(params)
+      params = parse_request_params(params, json_root: json_root).merge credentials: api_creds
+      parsed, _ = request(:post, "#{url}/verify_email", params)
       load(parsed)
       errors.empty? ? self : false
     end

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: authrocket
 version: !ruby/object:Gem::Version
-  version: 1.5.0
+  version: 2.0.0
 platform: ruby
 authors:
-- thomas morgan
+- AuthRocket Team
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2015-06-22 00:00:00.000000000 Z
+date: 2016-02-13 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: ncore
@@ -16,14 +16,14 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.2'
+        version: '2.0'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.2'
+        version: '2.0'
 - !ruby/object:Gem::Dependency
   name: jwt
   requirement: !ruby/object:Gem::Requirement
@@ -110,7 +110,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: '0'
+      version: '1.9'
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
@@ -118,7 +118,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubyforge_project:
-rubygems_version: 2.4.3
+rubygems_version: 2.4.8
 signing_key:
 specification_version: 4
 summary: AuthRocket client for Ruby