RubyGems - authrocket - Versions diffs - 1.5.0 → 2.0.0 - Mend

authrocket 1.5.0 → 2.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (14) hide show

checksums.yaml +4 -4
data/CHANGELOG.md +37 -4
data/README.md +4 -8
data/authrocket.gemspec +4 -2
data/lib/authrocket/api/api_config.rb +4 -4
data/lib/authrocket/api/version.rb +1 -1
data/lib/authrocket/app_hook.rb +3 -1
data/lib/authrocket/auth_provider.rb +21 -9
data/lib/authrocket/event.rb +4 -8
data/lib/authrocket/login_policy.rb +1 -2
data/lib/authrocket/realm.rb +2 -1
data/lib/authrocket/session.rb +11 -5
data/lib/authrocket/user.rb +32 -16
metadata +7 -7

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 48a34e5c646665a7020363a9a8ade5fb317d8699
-  data.tar.gz: faad858997b34e9c776a1289be6213ab33f6a1a6
+  metadata.gz: 9b93720c4868bc866ad26340e6c88fd3b87f9aa9
+  data.tar.gz: f4b1767d3c7e684357231ed206130ea84778d3a7
 SHA512:
-  metadata.gz: b11966d0c17a23302c3cf9f4eefe409513e0bccc345dbe1f5894b17c674cb3c31def9c2ad54e3a7eacac0f120d12e31054a34b043a93d5e43526909414b91e87
-  data.tar.gz: ba4dbda5bb51a4a75555c380d2393e719223b0a69d96e2a07ea607f99f7b6983d96d67e5db56ed821669d00e093aa72d5553f82c00bd632bfa42c1b4c3719dfe
+  metadata.gz: cc756a62eadb6dc8ce8e8da0f51916f9532e609c1caa4fada2a4d04e3ad4de66fca5cab23e1c338d502d21ae83b949ff9c805515c7dcd7f76596910a5181ee00
+  data.tar.gz: 6a9f6617e7c98dad6ff441ddc25792f36e950fd7643943a21d34fe8c4dd9e3fa9c1d041504a171872a8f142ba3779b56ce72e66811b5497be5baa0d8c211f9ac

data/CHANGELOG.md CHANGED Viewed

@@ -1,30 +1,63 @@
+#### 2.0.0
+- NOTE: This version includes breaking changes.
+- Depends on ncore 2.0
+  - ncore update changes most method signatures to remove the final api_creds param - use a :credentials key instead:
+      Old: User.create(params, api_creds)
+      New: User.create(params.merge(credentials: api_creds))
+    - As api_creds is not generally needed, this should affect few people
+  - No longer depends on 'multi_json', but uses it if available. Defaults to stdlib 'json'.
+  - find(nil) now raises RecordNotFound instead of returning nil
+- User.reset_password_with_token signature change:
+  Old: reset_password_with_token(username, token, new_pw, new_pw_2, params={}, api_creds)
+  New: reset_password_with_token(username: '...', token: '...', password: '...', password_confirmation: '...', ...)
+- Remove previously deprecated Event.validate_token
+- Remove previously deprecated LoginPolicy#enable_logins, #enable_signups, #name_field
+- Remove previously deprecated User#api_key, #last_login_on
+- Add Event#request_data, Session#request_data
+- Remove Event#ip, Session#ip, and Session#client - use #request_data['ip'] or #request_data['client'] instead
+- Add AppHook#email_from_name
+- Add AuthProvider#authorize_token
+- Detect new ko_ API keys
+- Support email verification
+- Add LoginPolicy#redirect_uris
+- Fix issue with older rubies
 #### 1.5.0
 - Update Event and add Notification
 #### 1.4.4
 - Bump to jwt 1.5
 - Enforce hmac algorithm for jwt
-- Add AuthProvider.min_complexity, .required_chars
+- Add AuthProvider#min_complexity, #required_chars
 #### 1.4.3
-- Add AuthProvider.min_length
+- Add AuthProvider#min_length
 #### 1.4.2
-- Add AppHook.email_renderer
+- Add AppHook#email_renderer
 #### 1.4.1
 - Bump to jwt 1.4
-- Add AppHook.email_to
+- Add AppHook#email_to
 - Update AppHook.event_types
 #### 1.4.0
 - Support social auth in AuthProvider and Credential
 #### 1.3.1
 - Add Realm#api_key_minutes
 - Add Session#client
 #### 1.3.0
 - Add Session resource
 - Deprecate Event.validate_token - Replaced by Session.from_token and Session.find
 - Add missing auth_provider.* events

data/README.md CHANGED Viewed

@@ -2,7 +2,7 @@
 [AuthRocket](http://authrocket.com/) provides Auth as a Service, making it quick and easy to add signups, logins, a full user management UI, and much more to your app.
-This gem works with both Rails and plain Ruby. It will auto-detect Rails and enable a couple Rails-specific features as appropriate.
+This gem works with both Rails and plain Ruby. It will auto-detect Rails and enable Rails-specific features as appropriate.
 ## Usage
@@ -14,8 +14,7 @@ For installation, add `gem 'authrocket'` to your Gemfile. More details are below
 By default, AuthRocket automatically loads your credentials from environment variables. For such hosting environments, including Heroku, just configure these:
-    AUTHROCKET_ACCOUNT    = org_SAMPLE
-    AUTHROCKET_API_KEY    = key_SAMPLE
+    AUTHROCKET_API_KEY    = ko_SAMPLE
     AUTHROCKET_URL        = https://api-e1.authrocket.com/v1
     AUTHROCKET_REALM      = rl_SAMPLE   # optional
     AUTHROCKET_JWT_SECRET = jsk_SAMPLE  # optional
@@ -29,8 +28,7 @@ By default, AuthRocket automatically loads your credentials from environment var
 It's possible to configure AuthRocket using a Rails initializer (or other initializaiton code) too.
     AuthRocket::Api.credentials = {
-      account: 'org_SAMPLE',
-      api_key: 'key_SAMPLE',
+      api_key: 'ko_SAMPLE',
       url: 'https://api-e1.authrocket.com/v1',
       realm: 'rl_SAMPLE',
       jwt_secret: 'jsk_SAMPLE'
@@ -63,7 +61,6 @@ Let's add a couple methods to your Application Controller, substituting the corr
       def require_user
         unless current_user
-          flash.keep
           redirect_to LOGIN_URL
         end
       end
@@ -84,9 +81,8 @@ Then add login and logout methods:
       skip_before_filter :require_user
       def login
-        flash.keep
         if params[:token]
-          if AuthRocket::Session.from_token(params[:token], within: 60.seconds)
+          if AuthRocket::Session.from_token(params[:token])
             session[:ar_token] = params[:token]
             redirect_to root_path
             return

data/authrocket.gemspec CHANGED Viewed

@@ -6,7 +6,7 @@ require 'authrocket/api/version'
 Gem::Specification.new do |gem|
   gem.name          = "authrocket"
   gem.version       = AuthRocket::VERSION
-  gem.authors       = ["thomas morgan"]
+  gem.authors       = ["AuthRocket Team"]
   gem.email         = ["hello@authrocket.com"]
   gem.description   = %q{AuthRocket client for Ruby.}
   gem.summary       = %q{AuthRocket client for Ruby}
@@ -18,7 +18,9 @@ Gem::Specification.new do |gem|
   gem.test_files    = gem.files.grep(%r{^(test|spec|features)/})
   gem.require_paths = ["lib"]
-  gem.add_dependency 'ncore', '~> 1.2'
+  gem.required_ruby_version = '>= 1.9'
+  gem.add_dependency 'ncore', '~> 2.0'
   gem.add_dependency 'jwt', '~> 1.5.0'
   gem.add_development_dependency "bundler", "~> 1.3"

data/lib/authrocket/api/api_config.rb CHANGED Viewed

@@ -1,7 +1,7 @@
 module AuthRocket
   include NCore::Builder
-  Resource.include AuthRocket::Client
-  SingletonResource.include AuthRocket::Client
+  Resource.send :include, AuthRocket::Client
+  SingletonResource.send :include, AuthRocket::Client
   configure do
     self.default_url = ENV['AUTHROCKET_URL']
@@ -34,7 +34,7 @@ module AuthRocket
     self.auth_header_prefix = 'X-Authrocket'
-    self.credentials_error_message = %Q{Missing API credentials or URL. Set default credentials using "AuthRocket::Api.credentials = {api_key: YOUR_API_KEY, account: YOUR_ACCOUNT_ID, url: AR_REGION_URL}"}
+    self.credentials_error_message = %Q{Missing API credentials or URL. Set default credentials using "AuthRocket::Api.credentials = {api_key: YOUR_API_KEY, url: AR_REGION_URL}"}
   end
@@ -57,7 +57,7 @@ module AuthRocket
             case part
             when /^jsk_/
               o[:jwt_secret] = part
-            when /^key_/
+            when /^k(ey|o)_/
               o[:api_key] = part
             when /^org_/
               o[:account] = part

data/lib/authrocket/api/version.rb CHANGED Viewed

@@ -1,3 +1,3 @@
 module AuthRocket
-  VERSION = '1.5.0'
+  VERSION = '2.0.0'
 end

data/lib/authrocket/app_hook.rb CHANGED Viewed

@@ -6,7 +6,8 @@ module AuthRocket
     has_many :events
     attr :event_type, :hook_type, :destination
-    attr :email_from, :email_renderer, :email_subject, :email_template, :email_to, :user_type
+    attr :email_from, :email_from_name, :email_renderer, :email_subject
+    attr :email_template, :email_to, :user_type
     def self.event_types
       %w( app_hook.created  app_hook.updated  app_hook.deleted
@@ -16,6 +17,7 @@ module AuthRocket
           org.created  org.updated  org.deleted
           realm.created  realm.updated  realm.deleted
           user.created  user.updated  user.deleted
+            user.email.verification_requested  user.email.verified
             user.login.succeeded  user.login.failed
             user.password_token.created  user.password_token.consumed  user.password_token.failed
         ).sort

data/lib/authrocket/auth_provider.rb CHANGED Viewed

@@ -4,16 +4,17 @@ module AuthRocket
     belongs_to :realm
-    attr :provider_type, :state
-    attr :login, :name_field, :signup
+    attr :name, :provider_type, :state
+    attr :email_verification, :login, :name_field, :password_field, :signup, :signup_mode, :verify
     attr :min_complexity, :min_length, :required_chars
     attr :client_id, :client_secret, :scopes
     # attribs - :redirect_uri - required
     #         - :nonce        - optional
-    def self.authorize_urls(attribs={}, api_creds=nil)
-      parsed, creds = request(:get, url+'/authorize', api_creds, attribs)
+    def self.authorize_urls(attribs={})
+      params = parse_request_params(attribs)
+      parsed, creds = request(:get, url+'/authorize', params)
       if parsed[:errors].any?
         raise Error, parsed[:errors].inspect
       end
@@ -27,8 +28,9 @@ module AuthRocket
     # attribs - :redirect_uri - required
     #         - :nonce        - optional
-    def self.authorize_url(auth_provider_id, attribs={}, api_creds=nil)
-      parsed, creds = request(:get, url+"/#{auth_provider_id}/authorize", api_creds, attribs)
+    def self.authorize_url(auth_provider_id, attribs={})
+      params = parse_request_params(attribs)
+      parsed, creds = request(:get, url+"/#{auth_provider_id}/authorize", params)
       if parsed[:errors].any?
         raise Error, parsed[:errors].inspect
       end
@@ -37,17 +39,27 @@ module AuthRocket
     # same as self.authorize_url(self.id, ...)
     def authorize_url(attribs={})
-      self.class.authorize_url(id, attribs, api_creds)
+      params = parse_request_params(attribs).merge credentials: api_creds
+      self.class.authorize_url(id, params)
     end
     # attribs - :code  - required
     #         - :nonce - optional
     #         - :state - required
     # always returns a new object; check .errors? or .valid? to see how it went
-    def self.authorize(attribs={}, api_creds=nil)
-      parsed, creds = request(:post, url+'/authorize', api_creds, attribs)
+    def self.authorize(attribs={})
+      params = parse_request_params(attribs)
+      parsed, creds = request(:post, url+'/authorize', params)
       User.new(parsed, creds)
     end
+    # attribs - :access_token - required
+    # always returns a new object; check .errors? or .valid? to see how it went
+    def authorize_token(attribs={})
+      params = parse_request_params(attribs)
+      parsed, creds = request(:post, url+'/authorize', params)
+      User.new parsed, creds
+    end
   end
 end

data/lib/authrocket/event.rb CHANGED Viewed

@@ -11,18 +11,14 @@ module AuthRocket
     belongs_to :user
     has_many :notifications
-    attr :event_type, :ip
+    attr :event_type
     attr_datetime :event_at
-    # deprecated - use Session.from_token() or Session.find()
-    def self.validate_token(token, params={}, api_creds=nil)
-      parsed, creds = request(:get, "#{url}/login/#{CGI.escape token}", api_creds, params)
-      new(parsed, creds)
-    rescue RecordNotFound
-      nil
+    def request_data
+      self[:request]
     end
     def notifications
       reload unless @attribs[:notifications]
       unless @stuffed_event

data/lib/authrocket/login_policy.rb CHANGED Viewed

@@ -7,8 +7,7 @@ module AuthRocket
     attr :custom_domains, :external_css
     attr :footer, :header, :login_handler, :name, :primary_domain
-    attr :signup_handler, :subdomain
-    attr :enable_logins, :enable_signups, :name_field # deprecated
+    attr :redirect_uris, :signup_handler, :subdomain
     attr :base_domain, :domains # readonly
   end

data/lib/authrocket/realm.rb CHANGED Viewed

@@ -16,7 +16,8 @@ module AuthRocket
     def reset!(params={})
-      parsed, _ = request(:post, "#{url}/reset", api_creds, params)
+      params = parse_request_params(params).merge credentials: api_creds
+      parsed, _ = request(:post, "#{url}/reset", params)
       load(parsed)
       errors.empty? ? self : false
     end

data/lib/authrocket/session.rb CHANGED Viewed

@@ -4,13 +4,17 @@ module AuthRocket
     belongs_to :user
-    attr :client, :ip
     attr :token # readonly
     attr_datetime :created_at, :expires_at # readonly
+    def request_data
+      self[:request]
+    end
     # options - :within - (in seconds) Maximum time since the token was originally issued
-    def self.from_token(token, options={}, api_creds=nil)
-      secret = (api_creds||credentials)[:jwt_secret]
+    def self.from_token(token, options={})
+      secret = (options[:credentials]||credentials)[:jwt_secret]
       raise Error, "missing :jwt_secret (or AUTHROCKET_JWT_SECRET)" unless secret
       return unless token
@@ -22,6 +26,7 @@ module AuthRocket
       user = User.new({
           id: jwt['uid'],
+          realm_id: jwt['aud'],
           username: jwt['un'],
           first_name: jwt['fn'],
           last_name: jwt['ln'],
@@ -33,11 +38,12 @@ module AuthRocket
               org_id: m['oid'],
               org: m['oid'] && Org.new({
                 id: m['oid'],
+                realm_id: jwt['aud'],
                 name: m['o'],
               }),
             })
           end,
-        }, api_creds)
+        }, options[:credentials])
       session = new({
           id: jwt['tk'],
           created_at: jwt['iat'],
@@ -45,7 +51,7 @@ module AuthRocket
           token: token,
           user_id: jwt['uid'],
           user: user
-        }, api_creds)
+        }, options[:credentials])
       session
     rescue JWT::DecodeError

data/lib/authrocket/user.rb CHANGED Viewed

@@ -8,12 +8,10 @@ module AuthRocket
     has_many :memberships
     has_many :sessions
-    attr :api_key # deprecated
-    attr :custom, :email, :first_name
+    attr :custom, :email, :email_verification, :first_name
     attr :last_name, :name, :password, :password_confirmation
     attr :reference, :state, :user_type, :username
     attr_datetime :created_at, :last_login_at
-    attr_datetime :last_login_on # deprecated
     def credentials
@@ -35,35 +33,38 @@ module AuthRocket
     class << self
-      def authenticate(username, password, params={}, api_creds=nil)
-        params = params.merge(password: password)
-        parsed, creds = request(:post, "#{url}/#{CGI.escape username}/authenticate", api_creds, params)
+      def authenticate(username, password, params={})
+        params = parse_request_params(params).merge password: password
+        parsed, creds = request(:post, "#{url}/#{CGI.escape username}/authenticate", params)
         if parsed[:errors].any?
           raise ValidationError, parsed[:errors]
         end
         new(parsed, creds)
       end
-      def authenticate_key(api_key, params={}, api_creds=nil)
-        params = params.merge(api_key: api_key)
-        parsed, creds = request(:post, "#{url}/authenticate_key", api_creds, params)
+      def authenticate_key(api_key, params={})
+        params = parse_request_params(params).merge api_key: api_key
+        parsed, creds = request(:post, "#{url}/authenticate_key", params)
         if parsed[:errors].any?
           raise ValidationError, parsed[:errors]
         end
         new(parsed, creds)
       end
-      def generate_password_token(username, params={}, api_creds=nil)
-        parsed, creds = request(:post, "#{url}/#{CGI.escape username}/generate_password_token", api_creds, params)
+      def generate_password_token(username, params={})
+        params = parse_request_params(params)
+        parsed, creds = request(:post, "#{url}/#{CGI.escape username}/generate_password_token", params)
         if parsed[:errors].any?
           raise ValidationError, parsed[:errors]
         end
         new(parsed, creds)
       end
-      def reset_password_with_token(username, token, new_pw, new_pw_2, params={}, api_creds=nil)
-        params = params.with_indifferent_access.merge(user: {token: token, password: new_pw, password_confirmation: new_pw_2})
-        parsed, creds = request(:post, "#{url}/#{CGI.escape username}/reset_password_with_token", api_creds, params)
+      # params - {username: '...', token: '...', password: '...', password_confirmation: '...'}
+      def reset_password_with_token(params)
+        params = parse_request_params(params, json_root: json_root)
+        username = params[json_root].delete(:username) || '--'
+        parsed, creds = request(:post, "#{url}/#{CGI.escape username}/reset_password_with_token", params)
         if parsed[:errors].any?
           raise ValidationError, parsed[:errors]
         end
@@ -74,8 +75,23 @@ module AuthRocket
     # params - {current_password: 'old', password: 'new', password_confirmation: 'new'}
     def update_password(params)
-      params = {user: params}
-      parsed, _ = request(:put, "#{url}/update_password", api_creds, params)
+      params = parse_request_params(params, json_root: json_root).merge credentials: api_creds
+      parsed, _ = request(:put, "#{url}/update_password", params)
+      load(parsed)
+      errors.empty? ? self : false
+    end
+    def request_email_verification(params={})
+      params = parse_request_params(params).merge credentials: api_creds
+      parsed, _ = request(:post, "#{url}/request_email_verification", params)
+      load(parsed)
+      errors.empty? ? self : false
+    end
+    # params - {token: '...'}
+    def verify_email(params)
+      params = parse_request_params(params, json_root: json_root).merge credentials: api_creds
+      parsed, _ = request(:post, "#{url}/verify_email", params)
       load(parsed)
       errors.empty? ? self : false
     end

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: authrocket
 version: !ruby/object:Gem::Version
-  version: 1.5.0
+  version: 2.0.0
 platform: ruby
 authors:
-- thomas morgan
+- AuthRocket Team
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2015-06-22 00:00:00.000000000 Z
+date: 2016-02-13 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: ncore
@@ -16,14 +16,14 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.2'
+        version: '2.0'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.2'
+        version: '2.0'
 - !ruby/object:Gem::Dependency
   name: jwt
   requirement: !ruby/object:Gem::Requirement
@@ -110,7 +110,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: '0'
+      version: '1.9'
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
@@ -118,7 +118,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubyforge_project:
-rubygems_version: 2.4.3
+rubygems_version: 2.4.8
 signing_key:
 specification_version: 4
 summary: AuthRocket client for Ruby