authrocket 3.4.1 → 3.5.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: cfb53b90a6986d8877e810f2e1dd2034fc45285201269f0264a870e1d8102155
-  data.tar.gz: d0e9abb7924da35f41046ce30ce114186a02a79722be53e1d49b2a2a8766bb7f
+  metadata.gz: '0091238e7b30cdeac87c32da2c3e6f9b302c98c14388cbe0eec5b82511afc66a'
+  data.tar.gz: 2a375445950752f9a32c685a79ac60e19944723f7e6120939cc3955f1cd80efa
 SHA512:
-  metadata.gz: 56e9f2aa33e943ecf0ebd0926e240246c3a52faf31b52a4339554d0089fdfb0c7cce7c1dd07cfcaf5f8c589943ad3cd0b3b9cf74150bc925b2191fc6b46bd823
-  data.tar.gz: fb4ac8faaefe75aa8c0e820738b4f12adebfbbb85922e4abaed7dea7f8b46497b1a883184e643becd32f9ef8a8136191ecef46da4e310dc2bc271e8711e1b527
+  metadata.gz: 775584612d24370160e79f06aadb4509138133285af8b74272e36b872574c1291348311131e9161573fdc05f798e2342017bb3b914c975b1d712dc3894a106d3
+  data.tar.gz: 4f4901b367c1cc29d277dd0952de589a8edbb540c540021d21f7e96257295ffe1c0deea9ccbc12580dd02aa38884eb8e9d6e99a71f6c60ad8ec502395a33c380

data/CHANGELOG.md

@@ -1,3 +1,7 @@
+#### 3.5.0
+
+- Update Domain, Hook, Invitation, JwtKey, Realm, User
+
 #### 3.4.1
 
 - Rails 7 compatibility

data/LICENSE

@@ -1,4 +1,4 @@
-Copyright (c) 2014-2022 Notioneer, Inc.
+Copyright (c) 2014-2023 Notioneer, Inc.
 
 MIT License
 

data/README.md

@@ -102,7 +102,7 @@ Your AuthRocket API key. Required to use the API (but not if only performing JWT
 Used to perform JWT signing verification of login tokens. Not required if validating all tokens using the API instead. Also not required if LOGINROCKET_URL is set and RS256 keys are being used, as public keys will be auto-retrieved. This is a realm-specific value, so like `AUTHROCKET_REALM`, set it on a per-use basis if using multiple realms.
 
 `AUTHROCKET_REALM = rl_SAMPLE`
-Sets an application-wide default realm ID. If you're using a single realm, this is definitely easiest. Certain multi-tenant apps might using multiple realms. In this case, don't set this globally, but include it as part of the `:credentials` set for each API method.
+Sets an application-wide default realm ID. If you're using a single realm, this is definitely easiest. Certain multi-tenant apps might use multiple realms. In this case, don't set this globally, but include it as part of the `:credentials` set for each API method.
 
 `AUTHROCKET_URL = https://api-e2.authrocket.com/v2`
 The URL of the AuthRocket API server. This may vary depending on which cluster your service is provisioned on.
@@ -130,7 +130,7 @@ The built-in Rails integration tries to handle as much for you as possible. Howe
 
 #### Logins
 
-The Rails integration handles logins on any path by detecting the presence of `?token=...`. It will process the login and then immediately redirect back to the same path without `?token=`; this helps prevent browsers and bookmarks from accidentally saving or caching the login token.
+The Rails integration handles logins on any path by detecting the presence of `?token=...`. It will process the login and then immediately redirect back to the same path without `?token=`. This helps prevent browsers and bookmarks from accidentally saving or caching the login token.
 
 Likewise, the built-in handler for `before_action :require_login` will automatically redirect to LoginRocket when the user is not currently logged in. `?redirect_uri=<current_path>` will be automatically included so that the user returns to the same place post-login. You can override this behavior by replacing `before_login`.
 
@@ -141,7 +141,7 @@ Likewise, the built-in handler for `before_action :require_login` will automatic
       end
     end
 
-AuthRocket will verify the domain + path to redirect to. You can configure this at Realm -> Settings -> Connected Apps -> (edit) -> Login URLs. The first URL listed will be the default, so it should generally be the default "just logged in" path.
+AuthRocket will verify the domain + path to redirect to. You can configure this at Realm -> Settings -> Connected Apps -> (edit) -> Login URLs. The first URL listed will be the default, so it should generally match your "just logged in" path.
 
 Paths are validated as "equal or more specific". That is, if Login URLs contains "https://my.app/manage", then any path starting with "/manage" will be allowed, but "/other" will not be allowed. If you want to allow any path at your domain, add "https://my.app/" (since "/" will match any path).
 
@@ -163,7 +163,7 @@ The default route for logout is `/logout`. To override it, add an initializer fo
 
     AuthRocket::Api.use_default_routes = false
 
-Then add your own routes to `config/routes.rb`:
+Then add your own route to `config/routes.rb`:
 
     get 'mylogout' => 'logins#logout'
 
@@ -172,7 +172,7 @@ Then add your own routes to `config/routes.rb`:
 
 AuthRocket's default login controller automatically sets a logout message using `flash`.
 
-You may customize this, or other logout behavior, by creating your own LoginsController and inherit from AuthRocket's controller:
+You may customize this, or other logout behavior, by creating your own LoginsController and inheriting from AuthRocket's controller:
 
     class LoginsController < AuthRocket::ArController
       def logout
@@ -181,18 +181,18 @@ You may customize this, or other logout behavior, by creating your own LoginsCon
       end
     end
 
-If you wish to replace all of the login logic, create a new, different controller that doesn't inherit from `AuthRocket::ArController` (and also override the routes, as per above). You may wish to look at `ArController` as a reference.
+If you wish to replace all of the login logic, create a new controller that doesn't inherit from `AuthRocket::ArController` (and also override the routes, as per above). You may wish to look at `ArController` as a reference.
 
 
 
 ## Verifying login tokens
 
-If you're not using the streamlined Rails integration, you'll need to verify the login tokens (unless you're using the API to authenticate directly).
+If you're not using the streamlined Rails integration, you'll need to verify login tokens on your own (unless you're using the API to authenticate directly).
 
 
 #### JWT verification
 
-AuthRocket's login tokens use the JWT standard and are cryptographically signed. Verifying the signature is extremely fast. Here's are a couple examples of using this:
+AuthRocket's login tokens use the JWT standard and are cryptographically signed. Verifying the signature is extremely fast. Here's an example:
 
     def current_user
       @_current_user ||= AuthRocket::Session.from_token(session[:ar_token])&.user
@@ -211,7 +211,7 @@ AuthRocket also supports Managed Sessions, which enables you to enforce logouts,
 
 For better performance (and to avoid API rate limits), you will want to cache the results of the API call for 3-15 minutes.
 
-If not using Rails/ActiveSupport, use seconds: `cache: {expires_in: 15*60}` and also configure the cache store, as explained in Caching below. If using Rails, make sure Rails.cache is configured.
+If using Rails, `Rails.cache` is used by default. Otherwise, you must configure a cache store for AuthRocket. In either case, see Caching below.
 
 
 #### Initial login
@@ -251,7 +251,7 @@ To set a global locale for your app, add this to your AuthRocket initializer:
 
 #### Per-request locale
 
-If your app supports multiple locales, then you'll likely want to set the locale on a per-request basis. Add a `headers: {accept_language: 'en'}` param to relevant API calls:
+If your app supports multiple locales, then you'll likely want to set the locale on a per-request basis. Add a `headers: {accept_language: 'en'}` argument to relevant API calls:
 
     AuthRocket::User.create(
       email: 'jdoe@example.com',
@@ -267,7 +267,7 @@ The AuthRocket gem is capable of caching the results of GET requests. Since auth
 
 To enable caching, a cache store must be configured. On Rails, `authrocket` automatically uses Rails.cache, so simply ensure that's setup appropriately.
 
-If not using Rails (or if you with to use a different cache store even when using Rails), add this to your AuthRocket initializer:
+If not using Rails (or if you wish to use a different cache store even when using Rails), add this to your AuthRocket initializer:
 
     cache_options = {} # app specific
     AuthRocket::Api.cache_store = RedisCacheStore.new(cache_options)
@@ -291,9 +291,14 @@ Next, enable the cache for specific API calls:
 
 
 
-## Reference
+## Usage
 
-For full details on the AuthRocket API, including examples for Ruby, see our [documentation](https://authrocket.com/docs).
+Documentation is provided on our site:
+
+* [Rails Integration Guide](https://authrocket.com/docs/integration/rails)
+* [Ruby Integration Guide](https://authrocket.com/docs/integration/ruby)
+* [Ruby SDK Docs](https://authrocket.com/docs/sdks/ruby) (Expands on this README)
+* [API Docs with Ruby examples](https://authrocket.com/docs/api#core-api)
 
 
 

data/lib/authrocket/api/railtie.rb

@@ -18,5 +18,9 @@ module AuthRocket
       end
     end
 
+    initializer "authrocket.logger" do |app|
+      AuthRocket::Api.logger = Rails.logger
+    end
+
   end
 end

data/lib/authrocket/api/version.rb

@@ -1,3 +1,3 @@
 module AuthRocket
-  VERSION = '3.4.1'
+  VERSION = '3.5.0'
 end

data/lib/authrocket/domain.rb

@@ -4,7 +4,7 @@ module AuthRocket
 
     belongs_to :realm
 
-    attr :cert_state, :dns_state, :domain_type, :flags, :fqdn, :state
+    attr :cert_state, :dns_state, :domain_type, :flags, :fqdn, :state, :uri
     attr :subdomain
     attr :domain
 

data/lib/authrocket/hook.rb

@@ -14,12 +14,13 @@ module AuthRocket
 
     def self.event_types
       %w( invitation.org.created  invitation.org.updated  invitation.org.invited  invitation.org.accepted  invitation.org.expired
+          invitation.preverify.created  invitation.preverify.updated  invitation.preverify.invited  invitation.preverify.accepted  invitation.preverify.expired
           invitation.referral.created  invitation.referral.updated  invitation.referral.invited  invitation.referral.accepted  invitation.referral.expired
           invitation.request.created  invitation.request.updated  invitation.request.invited  invitation.request.accepted  invitation.request.expired
           membership.created  membership.updated  membership.deleted
           org.created  org.updated  org.closed
           user.created  user.updated  user.deleted
-            user.email.verifying  user.email.verified
+            user.email.updating  user.email.verifying  user.email.verified
             user.login.succeeded  user.login.failed  user.login.initiated
             user.password.resetting  user.password.updated
             user.profile.updated
@@ -28,10 +29,11 @@ module AuthRocket
 
     def self.email_event_types
       %w( invitation.org.invited  invitation.org.accepted
+            invitation.preverify.invited
             invitation.referral.invited
             invitation.request.invited
           user.created
-            user.email.verifying  user.email.verified
+            user.email.updating  user.email.verifying  user.email.verified
             user.login.succeeded  user.login.failed
             user.password.resetting  user.password.updated
             user.profile.updated

data/lib/authrocket/invitation.rb

@@ -2,6 +2,7 @@ module AuthRocket
   class Invitation < Resource
     crud :all, :find, :create, :update, :delete
 
+    belongs_to :auth_provider
     belongs_to :inviting_user, class_name: 'AuthRocket::User'
     belongs_to :org
     belongs_to :realm

data/lib/authrocket/jwt_key.rb

@@ -5,7 +5,7 @@ module AuthRocket
     belongs_to :realm
 
     attr :algo, :key, :use
-    attr :expired # readonly
+    attr :flags, :short_key # readonly
 
   end
 end

data/lib/authrocket/realm.rb

@@ -19,6 +19,7 @@ module AuthRocket
     attr :available_locales, :default_locale
     attr :email_verification, :org_mode, :signup
     attr :name_field, :org_name_field, :password_field, :username_field
+    attr :allowed_origins, :lr_features
     attr :branding, :color_1, :logo, :logo_icon, :privacy_policy, :stylesheet, :terms_of_service
     attr :access_token_minutes, :jwt_algo, :jwt_minutes, :jwt_scopes, :session_minutes
     attr :jwt_key # readonly

data/lib/authrocket/user.rb

@@ -9,8 +9,8 @@ module AuthRocket
     has_many :memberships
     has_many :sessions
 
-    attr :custom, :email, :email_verification, :first_name, :last_name, :locale, :name
-    attr :reference, :state, :username
+    attr :custom, :email, :email_pending, :email_verification, :first_name, :last_name
+    attr :locale, :name, :reference, :state, :username
     attr :password, :password_confirmation # writeonly
     attr_datetime :created_at, :last_login_at
 

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: authrocket
 version: !ruby/object:Gem::Version
-  version: 3.4.1
+  version: 3.5.0
 platform: ruby
 authors:
 - AuthRocket Team
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2022-01-26 00:00:00.000000000 Z
+date: 2023-02-12 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: addressable
@@ -145,7 +145,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.2.22
+rubygems_version: 3.3.26
 signing_key:
 specification_version: 4
 summary: AuthRocket client for Ruby