azure_jwt_auth 0.1.1 → 0.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (4) hide show
  1. checksums.yaml +4 -4
  2. data/lib/azure_jwt_auth/jwt_manager.rb +13 -10
  3. data/lib/azure_jwt_auth/version.rb +1 -1
  4. metadata +2 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: f26367508cac71e2138946eca9d96411ada1093c7ca9b6ce88366ca27799c108
4
- data.tar.gz: edd4ae435720cbc4d8d5438ce447fdbefd18071530afa84c60b21c7d799558fc
3
+ metadata.gz: 669372be8a4bd023f45dd4a365a67ad05617d6cc6f9a04602c991acd50ef00dc
4
+ data.tar.gz: b4c7376361a1bd94e70df695ea1495af847c927761c3b58fd44dc0970681f655
5
5
  SHA512:
6
- metadata.gz: dd67132ec694be2951a296f4bfdc3c7b393389e17cb188a0dc738ab2d1da2333346e770ac6c0164f68113ae10f506916236b05e5f1dc53da4f531a65f4b670a7
7
- data.tar.gz: e47ac0cbe7aaabacb6df6293dfbdc7d7beaf33b150ed3b9f5211dcc0624503541a407699a610b500530ecbea6480d26a6fb066bbe0c3472d91bc7c1ca080c5f5
6
+ metadata.gz: d05c977588d65da4411c95eb166c7789d5f1c9a39aaf8d949977d204b493fcf529daf8f896001d4fc4adffc25535985eb5688b37bf708973febc63033a2b6640
7
+ data.tar.gz: 1a82da154c632e9919dbadf9e5bf48a080f7ac3739e3f71f1e508dc547ed753c5ca499fdef8c5ed2c09ed94e4c218bb57f39bc5edba94df13c7f77f0d77ef6cc
data/lib/azure_jwt_auth/jwt_manager.rb CHANGED
@@ -22,16 +22,20 @@ module AzureJwtAuth
22
22
  raise ProviderNotFound unless (@provider = self.class.find_provider(provider_id))
23
23
 
24
24
  @jwt = request.env['HTTP_AUTHORIZATION'].split.last # remove Bearer
25
- @jwt_info = decode
25
+ @jwt_info = JWT.decode(@jwt, nil, false)
26
26
  end
27
27
 
28
28
  def payload
29
29
  @jwt_info ? @jwt_info.first : nil
30
30
  end
31
31
 
32
- # Validates the payload hash for expiration and meta claims
33
- def valid?
34
- payload && iss_valid? && custom_valid?
32
+ def header
33
+ @jwt_info ? @jwt_info.last : nil
34
+ end
35
+
36
+ # Validates issuer
37
+ def iss_valid?
38
+ payload['iss'] == @provider.config['issuer']
35
39
  end
36
40
 
37
41
  # Check custom validations defined into provider
@@ -43,17 +47,16 @@ module AzureJwtAuth
43
47
  true
44
48
  end
45
49
 
46
- # Validates issuer
47
- def iss_valid?
48
- payload['iss'] == @provider.config['issuer']
50
+ # Validates the payload hash for expiration and meta claims
51
+ def valid?
52
+ payload && iss_valid? && custom_valid? && rsa_decode
49
53
  end
50
54
 
51
55
  private
52
56
 
53
57
  # Decodes the JWT with the signed secret
54
- def decode
55
- dirty_token = JWT.decode(@jwt, nil, false)
56
- kid = dirty_token.last['kid']
58
+ def rsa_decode
59
+ kid = header['kid']
57
60
  try = false
58
61
 
59
62
  begin
data/lib/azure_jwt_auth/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module AzureJwtAuth
2
- VERSION = '0.1.1'
2
+ VERSION = '0.2.0'
3
3
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: azure_jwt_auth
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.1.1
4
+ version: 0.2.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - rjurado
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2018-04-04 00:00:00.000000000 Z
11
+ date: 2018-04-17 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: bcrypt