authrocket 3.4.0 → 3.5.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 1081c944badcc582e41e1b6a2c490b7b36797072ce37c4c0d4ff95cff70c9a37
4
- data.tar.gz: c3fb78aa005891773187d5dd3494b51746566b180c99358d41ec48fa9e46a6ee
3
+ metadata.gz: '0091238e7b30cdeac87c32da2c3e6f9b302c98c14388cbe0eec5b82511afc66a'
4
+ data.tar.gz: 2a375445950752f9a32c685a79ac60e19944723f7e6120939cc3955f1cd80efa
5
5
  SHA512:
6
- metadata.gz: 71ae02ef915333191bc493a141c6ef9fa452184028cfb528ade5b264aa7323adb1a3d13d457566766b628246b892e19a2fa7587edefe57938f884f0da972ed15
7
- data.tar.gz: 86634dae4a53d8dca492b409782c45a096db901adeee0ef5012ea7405782cf0ab6d9258a99c4ec6ba0514c405a8500b31991a9666e9e3a7aef55959982cfd4d3
6
+ metadata.gz: 775584612d24370160e79f06aadb4509138133285af8b74272e36b872574c1291348311131e9161573fdc05f798e2342017bb3b914c975b1d712dc3894a106d3
7
+ data.tar.gz: 4f4901b367c1cc29d277dd0952de589a8edbb540c540021d21f7e96257295ffe1c0deea9ccbc12580dd02aa38884eb8e9d6e99a71f6c60ad8ec502395a33c380
data/CHANGELOG.md CHANGED
@@ -1,3 +1,11 @@
1
+ #### 3.5.0
2
+
3
+ - Update Domain, Hook, Invitation, JwtKey, Realm, User
4
+
5
+ #### 3.4.1
6
+
7
+ - Rails 7 compatibility
8
+
1
9
  #### 3.4.0
2
10
 
3
11
  - Document how to change locales
data/LICENSE CHANGED
@@ -1,4 +1,4 @@
1
- Copyright (c) 2014-2021 Notioneer, Inc.
1
+ Copyright (c) 2014-2023 Notioneer, Inc.
2
2
 
3
3
  MIT License
4
4
 
data/README.md CHANGED
@@ -102,7 +102,7 @@ Your AuthRocket API key. Required to use the API (but not if only performing JWT
102
102
  Used to perform JWT signing verification of login tokens. Not required if validating all tokens using the API instead. Also not required if LOGINROCKET_URL is set and RS256 keys are being used, as public keys will be auto-retrieved. This is a realm-specific value, so like `AUTHROCKET_REALM`, set it on a per-use basis if using multiple realms.
103
103
 
104
104
  `AUTHROCKET_REALM = rl_SAMPLE`
105
- Sets an application-wide default realm ID. If you're using a single realm, this is definitely easiest. Certain multi-tenant apps might using multiple realms. In this case, don't set this globally, but include it as part of the `:credentials` set for each API method.
105
+ Sets an application-wide default realm ID. If you're using a single realm, this is definitely easiest. Certain multi-tenant apps might use multiple realms. In this case, don't set this globally, but include it as part of the `:credentials` set for each API method.
106
106
 
107
107
  `AUTHROCKET_URL = https://api-e2.authrocket.com/v2`
108
108
  The URL of the AuthRocket API server. This may vary depending on which cluster your service is provisioned on.
@@ -130,18 +130,18 @@ The built-in Rails integration tries to handle as much for you as possible. Howe
130
130
 
131
131
  #### Logins
132
132
 
133
- The Rails integration handles logins on any path by detecting the presence of `?token=...`. It will process the login and then immediately redirect back to the same path without `?token=`; this helps prevent browsers and bookmarks from accidentally saving or caching the login token.
133
+ The Rails integration handles logins on any path by detecting the presence of `?token=...`. It will process the login and then immediately redirect back to the same path without `?token=`. This helps prevent browsers and bookmarks from accidentally saving or caching the login token.
134
134
 
135
135
  Likewise, the built-in handler for `before_action :require_login` will automatically redirect to LoginRocket when the user is not currently logged in. `?redirect_uri=<current_path>` will be automatically included so that the user returns to the same place post-login. You can override this behavior by replacing `before_login`.
136
136
 
137
137
  # For example, to force the user to always return to "/manage":
138
138
  def require_login
139
139
  unless current_session
140
- redirect_to ar_login_url(redirect_uri: "/manage")
140
+ redirect_to ar_login_url(redirect_uri: "/manage"), allow_other_host: true
141
141
  end
142
142
  end
143
143
 
144
- AuthRocket will verify the domain + path to redirect to. You can configure this at Realm -> Settings -> Connected Apps -> (edit) -> Login URLs. The first URL listed will be the default, so it should generally be the default "just logged in" path.
144
+ AuthRocket will verify the domain + path to redirect to. You can configure this at Realm -> Settings -> Connected Apps -> (edit) -> Login URLs. The first URL listed will be the default, so it should generally match your "just logged in" path.
145
145
 
146
146
  Paths are validated as "equal or more specific". That is, if Login URLs contains "https://my.app/manage", then any path starting with "/manage" will be allowed, but "/other" will not be allowed. If you want to allow any path at your domain, add "https://my.app/" (since "/" will match any path).
147
147
 
@@ -163,7 +163,7 @@ The default route for logout is `/logout`. To override it, add an initializer fo
163
163
 
164
164
  AuthRocket::Api.use_default_routes = false
165
165
 
166
- Then add your own routes to `config/routes.rb`:
166
+ Then add your own route to `config/routes.rb`:
167
167
 
168
168
  get 'mylogout' => 'logins#logout'
169
169
 
@@ -172,7 +172,7 @@ Then add your own routes to `config/routes.rb`:
172
172
 
173
173
  AuthRocket's default login controller automatically sets a logout message using `flash`.
174
174
 
175
- You may customize this, or other logout behavior, by creating your own LoginsController and inherit from AuthRocket's controller:
175
+ You may customize this, or other logout behavior, by creating your own LoginsController and inheriting from AuthRocket's controller:
176
176
 
177
177
  class LoginsController < AuthRocket::ArController
178
178
  def logout
@@ -181,18 +181,18 @@ You may customize this, or other logout behavior, by creating your own LoginsCon
181
181
  end
182
182
  end
183
183
 
184
- If you wish to replace all of the login logic, create a new, different controller that doesn't inherit from `AuthRocket::ArController` (and also override the routes, as per above). You may wish to look at `ArController` as a reference.
184
+ If you wish to replace all of the login logic, create a new controller that doesn't inherit from `AuthRocket::ArController` (and also override the routes, as per above). You may wish to look at `ArController` as a reference.
185
185
 
186
186
 
187
187
 
188
188
  ## Verifying login tokens
189
189
 
190
- If you're not using the streamlined Rails integration, you'll need to verify the login tokens (unless you're using the API to authenticate directly).
190
+ If you're not using the streamlined Rails integration, you'll need to verify login tokens on your own (unless you're using the API to authenticate directly).
191
191
 
192
192
 
193
193
  #### JWT verification
194
194
 
195
- AuthRocket's login tokens use the JWT standard and are cryptographically signed. Verifying the signature is extremely fast. Here's are a couple examples of using this:
195
+ AuthRocket's login tokens use the JWT standard and are cryptographically signed. Verifying the signature is extremely fast. Here's an example:
196
196
 
197
197
  def current_user
198
198
  @_current_user ||= AuthRocket::Session.from_token(session[:ar_token])&.user
@@ -211,7 +211,7 @@ AuthRocket also supports Managed Sessions, which enables you to enforce logouts,
211
211
 
212
212
  For better performance (and to avoid API rate limits), you will want to cache the results of the API call for 3-15 minutes.
213
213
 
214
- If not using Rails/ActiveSupport, use seconds: `cache: {expires_in: 15*60}` and also configure the cache store, as explained in Caching below. If using Rails, make sure Rails.cache is configured.
214
+ If using Rails, `Rails.cache` is used by default. Otherwise, you must configure a cache store for AuthRocket. In either case, see Caching below.
215
215
 
216
216
 
217
217
  #### Initial login
@@ -226,7 +226,7 @@ Each of the above are designed for ongoing use. The initial login isn't going to
226
226
  return
227
227
  end
228
228
  end
229
- redirect_to AuthRocket::Api.credentials[:loginrocket_url]
229
+ redirect_to AuthRocket::Api.credentials[:loginrocket_url], allow_other_host: true
230
230
  end
231
231
 
232
232
 
@@ -251,7 +251,7 @@ To set a global locale for your app, add this to your AuthRocket initializer:
251
251
 
252
252
  #### Per-request locale
253
253
 
254
- If your app supports multiple locales, then you'll likely want to set the locale on a per-request basis. Add a `headers: {accept_language: 'en'}` param to relevant API calls:
254
+ If your app supports multiple locales, then you'll likely want to set the locale on a per-request basis. Add a `headers: {accept_language: 'en'}` argument to relevant API calls:
255
255
 
256
256
  AuthRocket::User.create(
257
257
  email: 'jdoe@example.com',
@@ -267,7 +267,7 @@ The AuthRocket gem is capable of caching the results of GET requests. Since auth
267
267
 
268
268
  To enable caching, a cache store must be configured. On Rails, `authrocket` automatically uses Rails.cache, so simply ensure that's setup appropriately.
269
269
 
270
- If not using Rails (or if you with to use a different cache store even when using Rails), add this to your AuthRocket initializer:
270
+ If not using Rails (or if you wish to use a different cache store even when using Rails), add this to your AuthRocket initializer:
271
271
 
272
272
  cache_options = {} # app specific
273
273
  AuthRocket::Api.cache_store = RedisCacheStore.new(cache_options)
@@ -291,9 +291,14 @@ Next, enable the cache for specific API calls:
291
291
 
292
292
 
293
293
 
294
- ## Reference
294
+ ## Usage
295
295
 
296
- For full details on the AuthRocket API, including examples for Ruby, see our [documentation](https://authrocket.com/docs).
296
+ Documentation is provided on our site:
297
+
298
+ * [Rails Integration Guide](https://authrocket.com/docs/integration/rails)
299
+ * [Ruby Integration Guide](https://authrocket.com/docs/integration/ruby)
300
+ * [Ruby SDK Docs](https://authrocket.com/docs/sdks/ruby) (Expands on this README)
301
+ * [API Docs with Ruby examples](https://authrocket.com/docs/api#core-api)
297
302
 
298
303
 
299
304
 
@@ -10,9 +10,9 @@ class AuthRocket::ArController < ::ApplicationController
10
10
  if AuthRocket::Api.post_logout_path
11
11
  uri = Addressable::URI.parse full_url_for
12
12
  uri.path = AuthRocket::Api.post_logout_path
13
- redirect_to ar_logout_url(redirect_uri: uri.to_s)
13
+ redirect_to ar_logout_url(redirect_uri: uri.to_s), allow_other_host: true
14
14
  else
15
- redirect_to ar_logout_url
15
+ redirect_to ar_logout_url, allow_other_host: true
16
16
  end
17
17
  # set flash message in the child
18
18
 
@@ -18,5 +18,9 @@ module AuthRocket
18
18
  end
19
19
  end
20
20
 
21
+ initializer "authrocket.logger" do |app|
22
+ AuthRocket::Api.logger = Rails.logger
23
+ end
24
+
21
25
  end
22
26
  end
@@ -1,3 +1,3 @@
1
1
  module AuthRocket
2
- VERSION = '3.4.0'
2
+ VERSION = '3.5.0'
3
3
  end
@@ -40,7 +40,7 @@ module AuthRocket
40
40
  NCore::Collection.new.tap do |coll|
41
41
  coll.metadata = parsed[:metadata]
42
42
  parsed[:data].each do |hash|
43
- coll << factory(hash.merge(metadata: parsed[:metadata]), creds)
43
+ coll << factory({data: hash, metadata: parsed[:metadata]}, creds)
44
44
  end
45
45
  end
46
46
  end
@@ -4,7 +4,7 @@ module AuthRocket
4
4
 
5
5
  belongs_to :realm
6
6
 
7
- attr :cert_state, :dns_state, :domain_type, :flags, :fqdn, :state
7
+ attr :cert_state, :dns_state, :domain_type, :flags, :fqdn, :state, :uri
8
8
  attr :subdomain
9
9
  attr :domain
10
10
 
@@ -14,12 +14,13 @@ module AuthRocket
14
14
 
15
15
  def self.event_types
16
16
  %w( invitation.org.created invitation.org.updated invitation.org.invited invitation.org.accepted invitation.org.expired
17
+ invitation.preverify.created invitation.preverify.updated invitation.preverify.invited invitation.preverify.accepted invitation.preverify.expired
17
18
  invitation.referral.created invitation.referral.updated invitation.referral.invited invitation.referral.accepted invitation.referral.expired
18
19
  invitation.request.created invitation.request.updated invitation.request.invited invitation.request.accepted invitation.request.expired
19
20
  membership.created membership.updated membership.deleted
20
21
  org.created org.updated org.closed
21
22
  user.created user.updated user.deleted
22
- user.email.verifying user.email.verified
23
+ user.email.updating user.email.verifying user.email.verified
23
24
  user.login.succeeded user.login.failed user.login.initiated
24
25
  user.password.resetting user.password.updated
25
26
  user.profile.updated
@@ -28,10 +29,11 @@ module AuthRocket
28
29
 
29
30
  def self.email_event_types
30
31
  %w( invitation.org.invited invitation.org.accepted
32
+ invitation.preverify.invited
31
33
  invitation.referral.invited
32
34
  invitation.request.invited
33
35
  user.created
34
- user.email.verifying user.email.verified
36
+ user.email.updating user.email.verifying user.email.verified
35
37
  user.login.succeeded user.login.failed
36
38
  user.password.resetting user.password.updated
37
39
  user.profile.updated
@@ -2,6 +2,7 @@ module AuthRocket
2
2
  class Invitation < Resource
3
3
  crud :all, :find, :create, :update, :delete
4
4
 
5
+ belongs_to :auth_provider
5
6
  belongs_to :inviting_user, class_name: 'AuthRocket::User'
6
7
  belongs_to :org
7
8
  belongs_to :realm
@@ -5,7 +5,7 @@ module AuthRocket
5
5
  belongs_to :realm
6
6
 
7
7
  attr :algo, :key, :use
8
- attr :expired # readonly
8
+ attr :flags, :short_key # readonly
9
9
 
10
10
  end
11
11
  end
@@ -20,7 +20,7 @@ module AuthRocket::ControllerHelper
20
20
 
21
21
  def require_login
22
22
  unless current_session
23
- redirect_to ar_login_url(redirect_uri: safe_this_uri)
23
+ redirect_to ar_login_url(redirect_uri: safe_this_uri), allow_other_host: true
24
24
  end
25
25
  end
26
26
 
@@ -19,6 +19,7 @@ module AuthRocket
19
19
  attr :available_locales, :default_locale
20
20
  attr :email_verification, :org_mode, :signup
21
21
  attr :name_field, :org_name_field, :password_field, :username_field
22
+ attr :allowed_origins, :lr_features
22
23
  attr :branding, :color_1, :logo, :logo_icon, :privacy_policy, :stylesheet, :terms_of_service
23
24
  attr :access_token_minutes, :jwt_algo, :jwt_minutes, :jwt_scopes, :session_minutes
24
25
  attr :jwt_key # readonly
@@ -9,8 +9,8 @@ module AuthRocket
9
9
  has_many :memberships
10
10
  has_many :sessions
11
11
 
12
- attr :custom, :email, :email_verification, :first_name, :last_name, :locale, :name
13
- attr :reference, :state, :username
12
+ attr :custom, :email, :email_pending, :email_verification, :first_name, :last_name
13
+ attr :locale, :name, :reference, :state, :username
14
14
  attr :password, :password_confirmation # writeonly
15
15
  attr_datetime :created_at, :last_login_at
16
16
 
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: authrocket
3
3
  version: !ruby/object:Gem::Version
4
- version: 3.4.0
4
+ version: 3.5.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - AuthRocket Team
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2021-11-11 00:00:00.000000000 Z
11
+ date: 2023-02-12 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: addressable
@@ -145,7 +145,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
145
145
  - !ruby/object:Gem::Version
146
146
  version: '0'
147
147
  requirements: []
148
- rubygems_version: 3.2.22
148
+ rubygems_version: 3.3.26
149
149
  signing_key:
150
150
  specification_version: 4
151
151
  summary: AuthRocket client for Ruby