branca-ruby 1.0.1 → 1.0.2

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 22cc1fffd0d86f0f04a164da3d0df44e79c1313a7469cd460a6f7c1da571be11
-  data.tar.gz: 5e65160787f9928edc64d5d339c04cce7ab1326fd7b7c7b33d3a473728505364
+  metadata.gz: b6008ca4fddab057ac61a6182d54fe929ffef0f1007cd85cb2ca783f848487e7
+  data.tar.gz: 2d9e5726a85bf9f3c942420c1e0c03abbff3c703c2a931db2a0b617ef2199efe
 SHA512:
-  metadata.gz: a04a6f68d9f135afb7c1701edf1ddf8d0503f26e378ac9243e8f96a8dc8c39b5416c3cc2a9046bacbb1fff228dd76183000c15e946cdb8e942d06de140613410
-  data.tar.gz: c070da07296c597cf1570c3e5e7aa6d273952cb0f75330dd2a119eaf8cf8af799d5d88d2e75c281a75a4eaae9cb53eafd22c5517eed1794f3a60707ce0430169
+  metadata.gz: 7dc856d37376efd217e5ef37acb3ddada82f6fcf0a0140ed59b6b57dc77094fd43c40d85ee6ce5bddd8766944e91278eb15deb92624424d3e91b38dffa2693ed
+  data.tar.gz: 356d90d5e2203ad66b86260d28e7808874e43386e69fc87315dd9d23c4c92be53d9c7158f0c9ca7d46dcb848031b0fefaa40e729174c8cf1fe79345559342cb2

data/.github/workflows/ruby.yml

@@ -0,0 +1,28 @@
+name: ci
+
+on: [push]
+
+permissions:
+  contents: read
+
+jobs:
+  rspec:
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        ruby-version: ['2.5', '2.6', '2.7', '3.0']
+
+    steps:
+    - uses: actions/checkout@v3
+      
+    - name: Set up Ruby
+    # To automatically get bug fixes and new Ruby versions for ruby/setup-ruby,
+    # change this to (see https://github.com/ruby/setup-ruby#versioning):
+    # uses: ruby/setup-ruby@v1
+      uses: ruby/setup-ruby@2b019609e2b0f1ea1a2bc8ca11cb82ab46ada124
+      with:
+        ruby-version: ${{ matrix.ruby-version }}
+        bundler-cache: true # runs 'bundle install' and caches installed gems automatically
+        
+    - name: Run RSpec
+      run: bundle exec rspec --color

data/.gitignore

@@ -12,7 +12,6 @@
 .rspec_status
 
 /.idea/
-.ruby-version
 .byebug_history
 .DS_store
 *.gem

data/.travis.yml

@@ -2,7 +2,7 @@ sudo: true
 language: ruby
 
 rvm:
-  - 2.5
+  - 2.5.8
 
 cache: 
   directories:

data/Gemfile

@@ -5,4 +5,6 @@ source 'https://rubygems.org'
 # Specify your gem's dependencies in branca.gemspec
 gemspec
 
+ruby '>= 2.5.8'
+
 gem "byebug", "~> 10.0", :group => :test

data/README.md

@@ -3,7 +3,7 @@
 Authenticated and encrypted API tokens using modern crypto.
 
 [![Gem Version](https://badge.fury.io/rb/branca-ruby.svg)](https://badge.fury.io/rb/branca-ruby)
-[![Build Status](https://travis-ci.com/thadeu/branca-ruby.svg?branch=main)](https://travis-ci.com/thadeu/branca-ruby)
+[![ci](https://github.com/thadeu/branca-ruby/actions/workflows/ruby.yml/badge.svg?branch=main)](https://github.com/thadeu/branca-ruby/actions/workflows/ruby.yml)
 [![Software License](https://img.shields.io/badge/license-MIT-brightgreen.svg?style=flat-square)](LICENSE)
 
 ## What?
@@ -17,7 +17,7 @@ It is possible to use [Branca as an alternative to JWT](https://appelsiini.net/2
 Add this line to your application's Gemfile, Note that you also must have [libsodium](https://download.libsodium.org/doc/) installed.
 
 ```ruby
-gem 'branca-ruby', '~> 1.0.0'
+gem 'branca-ruby', '~> 1.0.2'
 ```
 
 ## Configure
@@ -25,6 +25,8 @@ gem 'branca-ruby', '~> 1.0.0'
 You must be configure `secret_key` and `ttl` using this.
 
 ```ruby
+require 'branca'
+
 Branca.configure do |config|
   config.secret_key = 'supersecretkeyyoushouldnotcommit'.b
   config.ttl = 86_400 # in seconds
@@ -51,7 +53,17 @@ Branca.encode(JSON.generate({ permissions: [] }))
 # ATkzLjriA1ijbBcuZOJ1zMR0z5oVXDGDVjUWwrqJWszynAM4GLGiTwZnC6nUvtVIuavAVCMbwcsYqlYKejOI4
 ```
 
-You can also pass `timestamp` to encode
+You can also pass `secret_key` in runtime
+
+```ruby
+specific_secret_key = SecureRandom.bytes(32)
+payload = "sensitive data"
+token = Branca.encode(payload, secret_key: specific_secret_key)
+```
+
+Will generate a token using `secret_key` in runtime instead global `secret_key`.
+
+So, you can also pass `timestamp` to encode.
 
 ```ruby
 Branca.encode('with string', Time.now.utc)
@@ -72,8 +84,24 @@ decode.message
 # "with string"
 ```
 
+You can also pass `secret_key` or `ttl` in runtime. For example:
+
+```ruby
+specific_secret_key = SecureRandom.bytes(32)
+tmp_token = "1y48BiV0jaalTYiARPdbm52IKgGEhfwq8DlP9ulKBx8LMLFrjNKe88vIGIUxsWzybIwBhmVvIam5"
+token = Branca.decode(tmp_token, secret_key: specific_secret_key, ttl: 30)
+```
+
+Will decode token OR throw exception `DecodeError`
+
 ## Exceptions
 
-Token is expired, will receive exception `Branca::ExpiredTokenError`
+Token is expired, you will receive exception `Branca::ExpiredTokenError`
+
+Invalid Version, you will receive exception `Branca::VersionError`
+
+When handle error, you will receive exception `Branca::DecodeError`
+
+## Contributing
 
-Invalid Version, will receive exception `Branca::VersionError`
+We have a long list of valued contributors. Check them all at: https://github.com/thadeu/branca-ruby.

data/branca-ruby.gemspec

@@ -20,9 +20,6 @@ Gem::Specification.new do |spec|
   end
 
   spec.required_ruby_version = '>= 2.3.0'
-
-  spec.bindir        = 'exe'
-  spec.executables   = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
   spec.require_paths = ['lib']
 
   spec.add_dependency 'base_x', '~> 0.8.1'

data/lib/branca/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module Branca
-  VERSION = '1.0.1'
+  VERSION = '1.0.2'
 end

data/lib/branca.rb

@@ -13,7 +13,8 @@ module Branca
 
     attr_accessor :secret_key, :ttl
 
-    def encode(message, timestamp = Time.now.utc)
+    def encode(message, timestamp = Time.now.utc, secret_key: self.secret_key)
+      cipher = create_cipher(secret_key)
       nonce = RbNaCl::Random.random_bytes(cipher.nonce_bytes)
 
       header = [VERSION, timestamp.to_i].pack('C N') + nonce
@@ -23,14 +24,18 @@ module Branca
       BaseX::Base62.encode(raw_token)
     end
 
-    def decode(token)
+    def decode(token, ttl: self.ttl, secret_key: self.secret_key)
       header, bytes = token_explode(token)
       version, timestamp, nonce = header_explode(header)
 
       raise VersionError unless version == VERSION
-      raise ExpiredTokenError if (timestamp + Branca.ttl) < Time.now.utc.to_i
+      raise ExpiredTokenError if (timestamp + ttl) < Time.now.utc.to_i
 
+      cipher = create_cipher(secret_key)
       message = cipher.decrypt(nonce, bytes.pack('C*'), header.pack('C*'))
+    rescue RbNaCl::CryptoError
+      raise DecodeError
+    else
       Decoder.new(message, Time.at(timestamp).utc)
     end
 
@@ -48,8 +53,8 @@ module Branca
 
     private
 
-    def cipher
-      @cipher ||= RbNaCl::AEAD::XChaCha20Poly1305IETF.new(secret_key)
+    def create_cipher(key)
+      RbNaCl::AEAD::XChaCha20Poly1305IETF.new(key)
     end
 
     def token_explode(token)

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: branca-ruby
 version: !ruby/object:Gem::Version
-  version: 1.0.1
+  version: 1.0.2
 platform: ruby
 authors:
 - Thadeu Esteves
-autorequire:
-bindir: exe
+autorequire: 
+bindir: bin
 cert_chain: []
-date: 2020-10-27 00:00:00.000000000 Z
+date: 2022-05-26 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: base_x
@@ -101,6 +101,7 @@ executables: []
 extensions: []
 extra_rdoc_files: []
 files:
+- ".github/workflows/ruby.yml"
 - ".gitignore"
 - ".rspec"
 - ".rubocop.yml"
@@ -121,7 +122,7 @@ homepage: https://github.com/thadeu/branca-ruby
 licenses:
 - MIT
 metadata: {}
-post_install_message:
+post_install_message: 
 rdoc_options: []
 require_paths:
 - lib
@@ -136,8 +137,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.0.3
-signing_key:
+rubygems_version: 3.1.2
+signing_key: 
 specification_version: 4
 summary: Authenticated and encrypted API tokens using modern crypto
 test_files: []