clerk-sdk-ruby 2.7.0 → 2.9.0.beta1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.gitignore +2 -0
- data/CHANGELOG.md +13 -0
- data/Gemfile.lock +9 -6
- data/clerk-sdk-ruby.gemspec +2 -1
- data/lib/clerk/jwks_cache.rb +32 -0
- data/lib/clerk/rack_middleware_v2.rb +3 -2
- data/lib/clerk/resources/email_addresses.rb +17 -0
- data/lib/clerk/resources/phone_numbers.rb +17 -0
- data/lib/clerk/resources/users.rb +4 -0
- data/lib/clerk/resources.rb +2 -0
- data/lib/clerk/sdk.rb +21 -13
- data/lib/clerk/version.rb +1 -1
- metadata +23 -6
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 3bb75c4354d383821c456ef0e4a3da02d2dbb2404a89dddc6dab99190251c918
|
4
|
+
data.tar.gz: aea4736f0e1c16d94c2f081c32218280d84015282054cbd9a42b7518ab5590d0
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 0b9b95ab6ba5d002b1a78eff6ad5af4a4c930ea4ae6ef553eab5a7965854a64624340b17ac1ac84348516920fc1b3aba880b459f2e2eb0e112d98018fefce043
|
7
|
+
data.tar.gz: 0caf5c13e253ef08e89b998f68630d7e67574286effa2aa4e8a6490b550dfba0a6f8444e9171fb0b24e3d428d3b1d34c616840926bb0b29260088e7935834bf9
|
data/CHANGELOG.md
CHANGED
@@ -1,5 +1,18 @@
|
|
1
1
|
## unreleased
|
2
2
|
|
3
|
+
## 2.9.0.beta1 - 2022-12-23
|
4
|
+
|
5
|
+
- fix: Make JWKS cache work across different SDK instances [https://github.com/clerkinc/clerk-sdk-ruby/pull/27]
|
6
|
+
|
7
|
+
## 2.8.0 - 2022-11-29
|
8
|
+
|
9
|
+
- feat: Add support for the users.verify_totp endpoint
|
10
|
+
|
11
|
+
## 2.7.0 - 2022-11-02
|
12
|
+
|
13
|
+
- feat: Add `#clerk_organization` and `#clerk_organization_id` helpers to fetch the current user's active organization [https://github.com/clerkinc/clerk-sdk-ruby/pull/22]
|
14
|
+
- feat: Implement Organization Metadata update endpoint [https://github.com/clerkinc/clerk-sdk-ruby/pull/21]
|
15
|
+
|
3
16
|
## 2.6.0 - 2022-11-01
|
4
17
|
|
5
18
|
- feat: Implement Organization endpoints [https://github.com/clerkinc/clerk-sdk-ruby/pull/20]
|
data/Gemfile.lock
CHANGED
@@ -1,14 +1,16 @@
|
|
1
1
|
PATH
|
2
2
|
remote: .
|
3
3
|
specs:
|
4
|
-
clerk-sdk-ruby (2.
|
4
|
+
clerk-sdk-ruby (2.8.0)
|
5
|
+
concurrent-ruby (~> 1.1)
|
5
6
|
faraday (~> 1.4.1)
|
6
|
-
jwt (~> 2.
|
7
|
+
jwt (~> 2.5)
|
7
8
|
|
8
9
|
GEM
|
9
10
|
remote: https://rubygems.org/
|
10
11
|
specs:
|
11
12
|
byebug (11.1.3)
|
13
|
+
concurrent-ruby (1.1.10)
|
12
14
|
faraday (1.4.3)
|
13
15
|
faraday-em_http (~> 1.0)
|
14
16
|
faraday-em_synchrony (~> 1.0)
|
@@ -23,13 +25,14 @@ GEM
|
|
23
25
|
faraday-net_http (1.0.1)
|
24
26
|
faraday-net_http_persistent (1.2.0)
|
25
27
|
jwt (2.5.0)
|
26
|
-
minitest (5.
|
28
|
+
minitest (5.16.3)
|
27
29
|
multipart-post (2.2.3)
|
28
|
-
rake (13.0.
|
30
|
+
rake (13.0.6)
|
29
31
|
ruby2_keywords (0.0.5)
|
30
|
-
timecop (0.9.
|
32
|
+
timecop (0.9.6)
|
31
33
|
|
32
34
|
PLATFORMS
|
35
|
+
universal-darwin-21
|
33
36
|
x86_64-linux
|
34
37
|
|
35
38
|
DEPENDENCIES
|
@@ -40,4 +43,4 @@ DEPENDENCIES
|
|
40
43
|
timecop (~> 0.9.4)
|
41
44
|
|
42
45
|
BUNDLED WITH
|
43
|
-
2.
|
46
|
+
2.3.25
|
data/clerk-sdk-ruby.gemspec
CHANGED
@@ -28,7 +28,8 @@ Gem::Specification.new do |spec|
|
|
28
28
|
spec.require_paths = ["lib"]
|
29
29
|
|
30
30
|
spec.add_dependency "faraday", "~> 1.4.1"
|
31
|
-
spec.add_dependency "jwt", '~> 2.
|
31
|
+
spec.add_dependency "jwt", '~> 2.5'
|
32
|
+
spec.add_dependency "concurrent-ruby", "~> 1.1"
|
32
33
|
|
33
34
|
spec.add_development_dependency "byebug", "~> 11.1"
|
34
35
|
spec.add_development_dependency "timecop", "~> 0.9.4"
|
@@ -0,0 +1,32 @@
|
|
1
|
+
class JWKSCache
|
2
|
+
def initialize(lifetime)
|
3
|
+
@lifetime = lifetime
|
4
|
+
@jwks = nil
|
5
|
+
@last_update = nil
|
6
|
+
@lock = Concurrent::ReadWriteLock.new
|
7
|
+
end
|
8
|
+
|
9
|
+
def fetch(sdk, force_refresh: false, kid_not_found: false)
|
10
|
+
should_refresh = @lock.with_read_lock do
|
11
|
+
@jwks.nil? || @last_update.nil? || force_refresh ||
|
12
|
+
(Time.now.to_i-@last_update > @lifetime) ||
|
13
|
+
(kid_not_found && Time.now.to_i-@last_update > 300)
|
14
|
+
end
|
15
|
+
|
16
|
+
if should_refresh
|
17
|
+
@lock.with_write_lock do
|
18
|
+
@last_update = Time.now.to_i
|
19
|
+
|
20
|
+
@jwks = begin
|
21
|
+
sdk.jwks.all["keys"]
|
22
|
+
rescue Clerk::Errors::Base
|
23
|
+
nil
|
24
|
+
end
|
25
|
+
end
|
26
|
+
end
|
27
|
+
|
28
|
+
@lock.with_read_lock do
|
29
|
+
@jwks
|
30
|
+
end
|
31
|
+
end
|
32
|
+
end
|
@@ -194,7 +194,8 @@ module Clerk
|
|
194
194
|
end
|
195
195
|
|
196
196
|
def development_or_staging?
|
197
|
-
Clerk.configuration.api_key.start_with?("test_")
|
197
|
+
Clerk.configuration.api_key.start_with?("test_") ||
|
198
|
+
Clerk.configuration.api_key.start_with?("sk_test_")
|
198
199
|
end
|
199
200
|
|
200
201
|
def production?
|
@@ -202,7 +203,7 @@ module Clerk
|
|
202
203
|
end
|
203
204
|
|
204
205
|
def cross_origin_request?(req)
|
205
|
-
# origin contains scheme+host and optionally port (
|
206
|
+
# origin contains scheme+host and optionally port (omitted if 80 or 443)
|
206
207
|
# ref. https://www.rfc-editor.org/rfc/rfc6454#section-6.1
|
207
208
|
origin = req.env["HTTP_ORIGIN"]
|
208
209
|
return false if origin.nil?
|
@@ -0,0 +1,17 @@
|
|
1
|
+
require "forwardable"
|
2
|
+
require_relative "plural_resource"
|
3
|
+
|
4
|
+
module Clerk
|
5
|
+
module Resources
|
6
|
+
class EmailAddresses
|
7
|
+
extend Forwardable
|
8
|
+
|
9
|
+
def initialize(client)
|
10
|
+
@client = client
|
11
|
+
@resource = PluralResource.new(client, "email_addresses")
|
12
|
+
end
|
13
|
+
|
14
|
+
def_delegators :@resource, :find, :create, :update, :delete
|
15
|
+
end
|
16
|
+
end
|
17
|
+
end
|
@@ -0,0 +1,17 @@
|
|
1
|
+
require "forwardable"
|
2
|
+
require_relative "plural_resource"
|
3
|
+
|
4
|
+
module Clerk
|
5
|
+
module Resources
|
6
|
+
class PhoneNumbers
|
7
|
+
extend Forwardable
|
8
|
+
|
9
|
+
def initialize(client)
|
10
|
+
@client = client
|
11
|
+
@resource = PluralResource.new(client, "phone_numbers")
|
12
|
+
end
|
13
|
+
|
14
|
+
def_delegators :@resource, :find, :create, :update, :delete
|
15
|
+
end
|
16
|
+
end
|
17
|
+
end
|
@@ -21,6 +21,10 @@ module Clerk
|
|
21
21
|
@client.request(:post, "#{@resource.resource_path(user_id)}/verify_password", body: { password: password })
|
22
22
|
end
|
23
23
|
|
24
|
+
def verify_totp(user_id, totp_or_backup_code)
|
25
|
+
@client.request(:post, "#{@resource.resource_path(user_id)}/verify_totp", body: { code: totp_or_backup_code })
|
26
|
+
end
|
27
|
+
|
24
28
|
def disable_mfa(user_id)
|
25
29
|
@client.request(:delete, "#{@resource.resource_path(user_id)}/mfa")
|
26
30
|
end
|
data/lib/clerk/resources.rb
CHANGED
@@ -1,8 +1,10 @@
|
|
1
1
|
require_relative "resources/allowlist_identifiers"
|
2
2
|
require_relative "resources/allowlist"
|
3
3
|
require_relative "resources/clients"
|
4
|
+
require_relative "resources/email_addresses"
|
4
5
|
require_relative "resources/emails"
|
5
6
|
require_relative "resources/organizations"
|
7
|
+
require_relative "resources/phone_numbers"
|
6
8
|
require_relative "resources/sessions"
|
7
9
|
require_relative "resources/sms_messages"
|
8
10
|
require_relative "resources/users"
|
data/lib/clerk/sdk.rb
CHANGED
@@ -5,18 +5,22 @@ require "logger"
|
|
5
5
|
require "net/http"
|
6
6
|
require "json"
|
7
7
|
require "jwt"
|
8
|
+
require "concurrent-ruby"
|
8
9
|
|
9
10
|
require_relative "resources/allowlist_identifiers"
|
10
11
|
require_relative "resources/allowlist"
|
11
12
|
require_relative "resources/clients"
|
13
|
+
require_relative "resources/email_addresses"
|
12
14
|
require_relative "resources/emails"
|
13
15
|
require_relative "resources/organizations"
|
16
|
+
require_relative "resources/phone_numbers"
|
14
17
|
require_relative "resources/sessions"
|
15
18
|
require_relative "resources/sms_messages"
|
16
19
|
require_relative "resources/users"
|
17
20
|
require_relative "resources/users"
|
18
21
|
require_relative "resources/jwks"
|
19
22
|
require_relative "errors"
|
23
|
+
require_relative "jwks_cache"
|
20
24
|
|
21
25
|
module Clerk
|
22
26
|
class SDK
|
@@ -28,10 +32,14 @@ module Clerk
|
|
28
32
|
# How often (in seconds) should JWKs be refreshed
|
29
33
|
JWKS_CACHE_LIFETIME = 3600 # 1 hour
|
30
34
|
|
35
|
+
@@jwks_cache = JWKSCache.new(JWKS_CACHE_LIFETIME)
|
36
|
+
|
37
|
+
def self.jwks_cache
|
38
|
+
@@jwks_cache
|
39
|
+
end
|
40
|
+
|
31
41
|
def initialize(api_key: nil, base_url: nil, logger: nil, ssl_verify: true,
|
32
42
|
connection: nil)
|
33
|
-
@jwks_fetched_at = nil
|
34
|
-
|
35
43
|
if connection # Inject a Faraday::Connection for testing or full control over Faraday
|
36
44
|
@conn = connection
|
37
45
|
return
|
@@ -111,6 +119,10 @@ module Clerk
|
|
111
119
|
Resources::Clients.new(self)
|
112
120
|
end
|
113
121
|
|
122
|
+
def email_addresses
|
123
|
+
Resources::EmailAddresses.new(self)
|
124
|
+
end
|
125
|
+
|
114
126
|
def emails
|
115
127
|
Resources::Emails.new(self)
|
116
128
|
end
|
@@ -119,6 +131,10 @@ module Clerk
|
|
119
131
|
Resources::Organizations.new(self)
|
120
132
|
end
|
121
133
|
|
134
|
+
def phone_numbers
|
135
|
+
Resources::PhoneNumbers.new(self)
|
136
|
+
end
|
137
|
+
|
122
138
|
def sessions
|
123
139
|
Resources::Sessions.new(self)
|
124
140
|
end
|
@@ -160,17 +176,9 @@ module Clerk
|
|
160
176
|
# `timeout` argument.
|
161
177
|
def verify_token(token, force_refresh_jwks: false, algorithms: ['RS256'], timeout: 5)
|
162
178
|
jwk_loader = ->(options) do
|
163
|
-
|
164
|
-
|
165
|
-
|
166
|
-
@cached_jwks ||= begin
|
167
|
-
keys = jwks.all["keys"]
|
168
|
-
@jwks_fetched_at = Time.now.to_i
|
169
|
-
|
170
|
-
# JWT.decode requires that the 'keys' key in the Hash is a symbol (as
|
171
|
-
# opposed to a string which our SDK returns by default)
|
172
|
-
{ keys: keys }
|
173
|
-
end
|
179
|
+
# JWT.decode requires that the 'keys' key in the Hash is a symbol (as
|
180
|
+
# opposed to a string which our SDK returns by default)
|
181
|
+
{ keys: SDK.jwks_cache.fetch(self, kid_not_found: (options[:invalidate] || options[:kid_not_found]), force_refresh: force_refresh_jwks) }
|
174
182
|
end
|
175
183
|
|
176
184
|
JWT.decode(token, nil, true, algorithms: algorithms, jwks: jwk_loader).first
|
data/lib/clerk/version.rb
CHANGED
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: clerk-sdk-ruby
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 2.
|
4
|
+
version: 2.9.0.beta1
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Clerk
|
8
8
|
autorequire:
|
9
9
|
bindir: exe
|
10
10
|
cert_chain: []
|
11
|
-
date: 2022-
|
11
|
+
date: 2022-12-23 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: faraday
|
@@ -30,14 +30,28 @@ dependencies:
|
|
30
30
|
requirements:
|
31
31
|
- - "~>"
|
32
32
|
- !ruby/object:Gem::Version
|
33
|
-
version: '2.
|
33
|
+
version: '2.5'
|
34
34
|
type: :runtime
|
35
35
|
prerelease: false
|
36
36
|
version_requirements: !ruby/object:Gem::Requirement
|
37
37
|
requirements:
|
38
38
|
- - "~>"
|
39
39
|
- !ruby/object:Gem::Version
|
40
|
-
version: '2.
|
40
|
+
version: '2.5'
|
41
|
+
- !ruby/object:Gem::Dependency
|
42
|
+
name: concurrent-ruby
|
43
|
+
requirement: !ruby/object:Gem::Requirement
|
44
|
+
requirements:
|
45
|
+
- - "~>"
|
46
|
+
- !ruby/object:Gem::Version
|
47
|
+
version: '1.1'
|
48
|
+
type: :runtime
|
49
|
+
prerelease: false
|
50
|
+
version_requirements: !ruby/object:Gem::Requirement
|
51
|
+
requirements:
|
52
|
+
- - "~>"
|
53
|
+
- !ruby/object:Gem::Version
|
54
|
+
version: '1.1'
|
41
55
|
- !ruby/object:Gem::Dependency
|
42
56
|
name: byebug
|
43
57
|
requirement: !ruby/object:Gem::Requirement
|
@@ -89,6 +103,7 @@ files:
|
|
89
103
|
- lib/clerk.rb
|
90
104
|
- lib/clerk/authenticatable.rb
|
91
105
|
- lib/clerk/errors.rb
|
106
|
+
- lib/clerk/jwks_cache.rb
|
92
107
|
- lib/clerk/proxy.rb
|
93
108
|
- lib/clerk/rack_middleware.rb
|
94
109
|
- lib/clerk/rack_middleware_v2.rb
|
@@ -97,9 +112,11 @@ files:
|
|
97
112
|
- lib/clerk/resources/allowlist.rb
|
98
113
|
- lib/clerk/resources/allowlist_identifiers.rb
|
99
114
|
- lib/clerk/resources/clients.rb
|
115
|
+
- lib/clerk/resources/email_addresses.rb
|
100
116
|
- lib/clerk/resources/emails.rb
|
101
117
|
- lib/clerk/resources/jwks.rb
|
102
118
|
- lib/clerk/resources/organizations.rb
|
119
|
+
- lib/clerk/resources/phone_numbers.rb
|
103
120
|
- lib/clerk/resources/plural_resource.rb
|
104
121
|
- lib/clerk/resources/sessions.rb
|
105
122
|
- lib/clerk/resources/singular_resource.rb
|
@@ -126,9 +143,9 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
126
143
|
version: 2.4.0
|
127
144
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
128
145
|
requirements:
|
129
|
-
- - "
|
146
|
+
- - ">"
|
130
147
|
- !ruby/object:Gem::Version
|
131
|
-
version:
|
148
|
+
version: 1.3.1
|
132
149
|
requirements: []
|
133
150
|
rubygems_version: 3.2.5
|
134
151
|
signing_key:
|