cognito_token_verifier 0.1.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA256:
+  metadata.gz: b62edbc24a15d7e43934a4ffcb641370e503084caffbac662da565528b3621f4
+  data.tar.gz: 4d562bee7ee8130d082c3f24530a1e62f235c03e176733bdd7b17d7cf7deca09
+SHA512:
+  metadata.gz: 000d7d04865954163674f2970163cd411fae1a8bbd83cf7f2dd5feeac00f5674367fd07621e135a44c59a2687115092405834ae42a9d5cad5bbbf7353a62a5bf
+  data.tar.gz: e1c17ca0365937f4bad00d395283f9d8f74fc58342cda151a23597c34925d1f058ed2f23ecad157b26a028854225275b4dd5b3b7d4646facf5184a7f280ca972

data/.gitignore

@@ -0,0 +1,12 @@
+/.bundle/
+/.yardoc
+/_yardoc/
+/coverage/
+/doc/
+/pkg/
+/spec/reports/
+/tmp/
+
+# rspec failure tracking
+.rspec_status
+.byebug_history

data/.rspec

@@ -0,0 +1,3 @@
+--format documentation
+--color
+--require spec_helper

data/.travis.yml

@@ -0,0 +1,15 @@
+---
+sudo: false
+language: ruby
+cache: bundler
+rvm:
+  - 2.3.8
+  - 2.4.5
+  - 2.5.3
+  - 2.6.1
+before_install: gem install bundler -v 2.0.1
+gemfile:
+  - Gemfile
+  - gemfiles/rails42.gemfile
+  - gemfiles/rails51.gemfile
+  - gemfiles/rails52.gemfile

data/Gemfile

@@ -0,0 +1,4 @@
+source "https://rubygems.org"
+
+# Specify your gem's dependencies in cognito_token_verifier.gemspec
+gemspec

data/Gemfile.lock

@@ -0,0 +1,116 @@
+PATH
+  remote: .
+  specs:
+    cognito_token_verifier (0.1.0)
+      activesupport (>= 4.2, < 6.0)
+      json-jwt (~> 1.1)
+      rest-client (~> 2.0)
+
+GEM
+  remote: https://rubygems.org/
+  specs:
+    actionpack (5.2.2)
+      actionview (= 5.2.2)
+      activesupport (= 5.2.2)
+      rack (~> 2.0)
+      rack-test (>= 0.6.3)
+      rails-dom-testing (~> 2.0)
+      rails-html-sanitizer (~> 1.0, >= 1.0.2)
+    actionview (5.2.2)
+      activesupport (= 5.2.2)
+      builder (~> 3.1)
+      erubi (~> 1.4)
+      rails-dom-testing (~> 2.0)
+      rails-html-sanitizer (~> 1.0, >= 1.0.3)
+    activesupport (5.2.2)
+      concurrent-ruby (~> 1.0, >= 1.0.2)
+      i18n (>= 0.7, < 2)
+      minitest (~> 5.1)
+      tzinfo (~> 1.1)
+    aes_key_wrap (1.0.1)
+    bindata (2.4.4)
+    builder (3.2.3)
+    byebug (11.0.0)
+    concurrent-ruby (1.1.4)
+    crass (1.0.4)
+    diff-lcs (1.3)
+    domain_name (0.5.20180417)
+      unf (>= 0.0.5, < 1.0.0)
+    erubi (1.8.0)
+    http-cookie (1.0.3)
+      domain_name (~> 0.5)
+    i18n (1.5.3)
+      concurrent-ruby (~> 1.0)
+    json-jwt (1.10.0)
+      activesupport (>= 4.2)
+      aes_key_wrap
+      bindata
+    loofah (2.2.3)
+      crass (~> 1.0.2)
+      nokogiri (>= 1.5.9)
+    method_source (0.9.2)
+    mime-types (3.2.2)
+      mime-types-data (~> 3.2015)
+    mime-types-data (3.2018.0812)
+    mini_portile2 (2.4.0)
+    minitest (5.11.3)
+    netrc (0.11.0)
+    nokogiri (1.10.1)
+      mini_portile2 (~> 2.4.0)
+    rack (2.0.6)
+    rack-test (1.1.0)
+      rack (>= 1.0, < 3)
+    rails-dom-testing (2.0.3)
+      activesupport (>= 4.2.0)
+      nokogiri (>= 1.6)
+    rails-html-sanitizer (1.0.4)
+      loofah (~> 2.2, >= 2.2.2)
+    railties (5.2.2)
+      actionpack (= 5.2.2)
+      activesupport (= 5.2.2)
+      method_source
+      rake (>= 0.8.7)
+      thor (>= 0.19.0, < 2.0)
+    rake (12.3.2)
+    rest-client (2.0.2)
+      http-cookie (>= 1.0.2, < 2.0)
+      mime-types (>= 1.16, < 4.0)
+      netrc (~> 0.8)
+    rspec-core (3.8.0)
+      rspec-support (~> 3.8.0)
+    rspec-expectations (3.8.2)
+      diff-lcs (>= 1.2.0, < 2.0)
+      rspec-support (~> 3.8.0)
+    rspec-mocks (3.8.0)
+      diff-lcs (>= 1.2.0, < 2.0)
+      rspec-support (~> 3.8.0)
+    rspec-rails (3.8.2)
+      actionpack (>= 3.0)
+      activesupport (>= 3.0)
+      railties (>= 3.0)
+      rspec-core (~> 3.8.0)
+      rspec-expectations (~> 3.8.0)
+      rspec-mocks (~> 3.8.0)
+      rspec-support (~> 3.8.0)
+    rspec-support (3.8.0)
+    thor (0.20.3)
+    thread_safe (0.3.6)
+    tzinfo (1.2.5)
+      thread_safe (~> 0.1)
+    unf (0.1.4)
+      unf_ext
+    unf_ext (0.0.7.5)
+
+PLATFORMS
+  ruby
+
+DEPENDENCIES
+  actionpack (>= 4.2, < 6.0)
+  bundler (~> 2.0)
+  byebug
+  cognito_token_verifier!
+  rake (>= 10.0, < 13.0)
+  rspec-rails (~> 3.0)
+
+BUNDLED WITH
+   2.0.1

data/LICENSE.txt

@@ -0,0 +1,21 @@
+The MIT License (MIT)
+
+Copyright (c) 2019 Matt Tanous
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE.

data/README.md

@@ -0,0 +1,73 @@
+# CognitoTokenVerifier [![Build Status](https://travis-ci.org/CodingAnarchy/cognito_token_verifier.svg?branch=master)](https://travis-ci.org/CodingAnarchy/cognito_token_verifier)
+
+Verify and decode AWS Cognito tokens for use in your Ruby application.
+
+## Installation
+
+Add this line to your application's Gemfile:
+
+```ruby
+gem 'cognito_token_verifier'
+```
+
+And then execute:
+
+    $ bundle install
+
+Or install it yourself as:
+
+    $ gem install cognito_token_verifier
+
+## Usage
+
+This gem provides a `Token` class that will verify and decode a token, as well as controller macros to run verification on tokens automatically.  To use, first configure the gem with the appropriate AWS configuration, as below:
+
+```ruby
+CognitoTokenVerifier.configure do |config|
+  config.aws_region = 'us-west-2'
+  config.user_pool_id = 'your_user_pool_id'
+  config.token_use = 'id' # acceptable options are 'id' and 'access'; can be an array for both options - defaults to allowing either cognito token type
+end
+```
+
+You can then include the controller macros in your controller and override the methods to handle expired and invalid tokens (or you can skip this step and allow errors to be raised).
+
+```ruby
+class ExampleController < ActionController::Base
+  include CognitoTokenVerifier::ControllerMacros
+
+  ...
+
+  private
+
+  def handle_expired_token(exception)
+    # Do what you want here
+  end
+
+  def handle_invalid_token(exception)
+    # Do what you want here
+  end
+end
+```
+
+You can also access the Cognito token in the controller yourself for additional verification (such as custom attributes). For example:
+
+```ruby
+   def handle_custom_attribute
+     cognito_token.decoded_token['custom:attr'] == <some_value>
+  end
+```
+
+## Development
+
+After checking out the repo, run `bin/setup` to install dependencies. Then, run `rake spec` to run the tests. You can also run `bin/console` for an interactive prompt that will allow you to experiment.
+
+To install this gem onto your local machine, run `bundle exec rake install`. To release a new version, update the version number in `version.rb`, and then run `bundle exec rake release`, which will create a git tag for the version, push git commits and tags, and push the `.gem` file to [rubygems.org](https://rubygems.org).
+
+## Contributing
+
+Bug reports and pull requests are welcome on GitHub at https://github.com/CodingAnarchy/cognito_token_verifier.
+
+## License
+
+The gem is available as open source under the terms of the [MIT License](https://opensource.org/licenses/MIT).

data/Rakefile

@@ -0,0 +1,6 @@
+require "bundler/gem_tasks"
+require "rspec/core/rake_task"
+
+RSpec::Core::RakeTask.new(:spec)
+
+task :default => :spec

data/bin/console

@@ -0,0 +1,14 @@
+#!/usr/bin/env ruby
+
+require "bundler/setup"
+require "cognito_token_verifier"
+
+# You can add fixtures and/or initialization code here to make experimenting
+# with your gem easier. You can also use a different console, if you like.
+
+# (If you use this, don't forget to add pry to your Gemfile!)
+# require "pry"
+# Pry.start
+
+require "irb"
+IRB.start(__FILE__)

data/bin/setup

@@ -0,0 +1,8 @@
+#!/usr/bin/env bash
+set -euo pipefail
+IFS=$'\n\t'
+set -vx
+
+bundle install
+
+# Do any other automated setup that you need to do here

data/cognito_token_verifier.gemspec

@@ -0,0 +1,42 @@
+
+lib = File.expand_path("../lib", __FILE__)
+$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
+require "cognito_token_verifier/version"
+
+Gem::Specification.new do |spec|
+  spec.name          = "cognito_token_verifier"
+  spec.version       = CognitoTokenVerifier::VERSION
+  spec.authors       = ["Matt Tanous"]
+  spec.email         = ["mtanous22@gmail.com"]
+
+  spec.summary       = %q{Verify and parse AWS Cognito JWTs to authenticate endpoints}
+  spec.homepage      = "https://github.com/CodingAnarchy/cognito_token_verifier"
+  spec.license       = "MIT"
+
+  # Prevent pushing this gem to RubyGems.org. To allow pushes either set the 'allowed_push_host'
+  # to allow pushing to a single host or delete this section to allow pushing to any host.
+  if spec.respond_to?(:metadata)
+    spec.metadata["homepage_uri"] = spec.homepage
+    spec.metadata["source_code_uri"] = spec.homepage
+    spec.metadata["changelog_uri"] = "https://github.com/CodingAnarchy/cognito_token_verifier/blob/master/CHANGELOG.md"
+  end
+
+  # Specify which files should be added to the gem when it is released.
+  # The `git ls-files -z` loads the files in the RubyGem that have been added into git.
+  spec.files         = Dir.chdir(File.expand_path('..', __FILE__)) do
+    `git ls-files -z`.split("\x0").reject { |f| f.match(%r{^(test|spec|features)/}) }
+  end
+  spec.bindir        = "exe"
+  spec.executables   = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
+  spec.require_paths = ["lib"]
+
+  spec.add_runtime_dependency "activesupport", [">= 4.2", "< 6.0"]
+  spec.add_runtime_dependency "json-jwt", "~> 1.1"
+  spec.add_runtime_dependency "rest-client", "~> 2.0"
+
+  spec.add_development_dependency "byebug", "~> 11.0"
+  spec.add_development_dependency "bundler", "~> 2.0"
+  spec.add_development_dependency "rake", [">= 10.0", "< 13.0"]
+  spec.add_development_dependency "rspec-rails", "~> 3.0"
+  spec.add_development_dependency "actionpack", [">= 4.2", "< 6.0"]
+end

data/gemfiles/rails42.gemfile

@@ -0,0 +1,11 @@
+source "https://rubygems.org"
+
+gem "activesupport", "~> 4.2.0"
+gem "json-jwt", "~> 1.1"
+gem "rest-client", "~> 2.0"
+
+gem "byebug"
+gem "bundler", "~> 2.0"
+gem "rake", "~> 10.0"
+gem "rspec-rails", "~> 3.0"
+gem "actionpack", "~> 4.2.0"

data/gemfiles/rails51.gemfile

@@ -0,0 +1,11 @@
+source "https://rubygems.org"
+
+gem "activesupport", "~> 5.1.0"
+gem "json-jwt", "~> 1.1"
+gem "rest-client", "~> 2.0"
+
+gem "byebug"
+gem "bundler", "~> 2.0"
+gem "rake", "~> 11.0"
+gem "rspec-rails", "~> 3.0"
+gem "actionpack", "~> 5.1.0"

data/gemfiles/rails52.gemfile

@@ -0,0 +1,11 @@
+source "https://rubygems.org"
+
+gem "activesupport", "~> 5.2.0"
+gem "json-jwt", "~> 1.1"
+gem "rest-client", "~> 2.0"
+
+gem "byebug"
+gem "bundler", "~> 2.0"
+gem "rake", "~> 12.0"
+gem "rspec-rails", "~> 3.0"
+gem "actionpack", "~> 5.2.0"

data/lib/cognito_token_verifier.rb

@@ -0,0 +1,23 @@
+require "cognito_token_verifier/version"
+require "cognito_token_verifier/errors"
+require "cognito_token_verifier/config"
+require "cognito_token_verifier/token"
+require "cognito_token_verifier/controller_macros"
+
+module CognitoTokenVerifier
+  class << self
+    attr_accessor :config
+  end
+
+  def self.config
+    @config ||= Config.new
+  end
+
+  def self.reset
+    @config = Config.new
+  end
+
+  def self.configure
+    yield(config)
+  end
+end

data/lib/cognito_token_verifier/config.rb

@@ -0,0 +1,38 @@
+require 'rest-client'
+
+module CognitoTokenVerifier
+  class Config
+    attr_accessor :aws_region, :user_pool_id, :token_use, :allow_expired_tokens
+
+    def initialize
+      @aws_region = nil
+      @user_pool_id = nil
+      @token_use = 'all'
+      @allow_expired_tokens = false
+    end
+
+    def any_token_use?
+      ['all', 'any', ['id', 'access']].any?{|usage| usage == token_use }
+    end
+
+    def allow_expired_tokens?
+      allow_expired_tokens
+    end
+
+    def jwks
+      raise ConfigSetupError.new(self) unless aws_region.present? and user_pool_id.present?
+      @jwks ||= JSON.parse(RestClient.get(jwk_url))
+      # TODO: rescue RestClient and JSON errors here to present a more user-friendly error
+    end
+
+    def iss
+      "https://cognito-idp.#{aws_region}.amazonaws.com/#{user_pool_id}"
+    end
+
+    private
+
+    def jwk_url
+      "#{iss}/.well-known/jwks.json"
+    end
+  end
+end

data/lib/cognito_token_verifier/controller_macros.rb

@@ -0,0 +1,34 @@
+require 'active_support/concern'
+require "cognito_token_verifier/token"
+
+module CognitoTokenVerifier
+  module ControllerMacros
+    extend ActiveSupport::Concern
+
+    included do
+      before_action :verify_cognito_token
+      rescue_from CognitoTokenVerifier::TokenExpired, with: :handle_expired_token
+      rescue_from CognitoTokenVerifier::Error, with: :handle_invalid_token
+    end
+
+    def cognito_token
+      return @cognito_token if @cognito_token.present? # Caching here, so gem user can access token themselves for additional checks
+      raise TokenMissing unless request.headers['authorization'].present?
+      @cognito_token = CognitoTokenVerifier::Token.new(request.headers['authorization'])
+    end
+
+    def verify_cognito_token
+      raise TokenExpired if cognito_token.expired?
+      raise IncorrectTokenType.new(cognito_token) unless cognito_token.valid_token_use?
+      raise InvalidIss.new(cognito_token) unless cognito_token.valid_iss?
+    end
+
+    def handle_expired_token(exception)
+      raise exception # Just re-raise the exception: this is for the user to overwrite
+    end
+
+    def handle_invalid_token(exception)
+      raise exception # Just re-raise the exception: this is for the user to overwrite
+    end
+  end
+end

data/lib/cognito_token_verifier/errors.rb

@@ -0,0 +1,46 @@
+module CognitoTokenVerifier
+  class Error < StandardError; end
+
+  class ConfigSetupError < StandardError
+    def initialize(config)
+      @aws_region = config.aws_region
+      @user_pool_id = config.user_pool_id
+    end
+
+    def message
+      "Configuration of CognitoTokenVerifier is incomplete: please verify aws_region (#{@aws_region}) and Cognito user_pool_id (#{@user_pool_id})."
+    end
+  end
+
+  class TokenMissing < CognitoTokenVerifier::Error
+    def message
+      "Cognito token not provided.  Please retransmit request with Cognito token in authorization header."
+    end
+  end
+  
+  class TokenExpired < StandardError
+    def message
+      "Cognito token has expired.  Please reauthorize and try again."
+    end
+  end
+
+  class IncorrectTokenType < CognitoTokenVerifier::Error
+    def initialize(token)
+      @token_use = token.decoded_token['token_use']
+    end
+    
+    def message
+      "Incorrect token type. Received #{@token_use} while expecting one of #{[CognitoTokenVerifier.config.token_use].flatten}."
+    end
+  end
+
+  class InvalidIss < CognitoTokenVerifier::Error
+    def initialize(token)
+      @iss = token.decoded_token['iss']
+    end
+
+    def message
+      "Invalid token ISS reference. Received #{@iss} while expecting #{CognitoTokenVerifier.config.iss}."
+    end
+  end
+end

data/lib/cognito_token_verifier/token.rb

@@ -0,0 +1,26 @@
+require 'json/jwt'
+
+module CognitoTokenVerifier
+  class Token
+    attr_reader :header, :decoded_token
+
+    def initialize(jwt)
+      @header= JSON.parse(Base64.decode64(jwt.split('.')[0]))
+      @jwk = JSON::JWK.new(CognitoTokenVerifier.config.jwks["keys"].detect{|jwk| jwk['kid'] == header['kid']})
+      @decoded_token = JSON::JWT.decode(jwt, @jwk)
+      # TODO: rescue errors for JSON/JWK/JWT parsing/decoding to present user-friendly "token could not be decoded" error
+    end
+
+    def expired?
+      decoded_token['exp'] < Time.now.to_i and not CognitoTokenVerifier.config.allow_expired_tokens?
+    end
+
+    def valid_token_use?
+      CognitoTokenVerifier.config.any_token_use? || [CognitoTokenVerifier.config.token_use].flatten.include?(decoded_token['token_use'])
+    end
+
+    def valid_iss?
+      decoded_token['iss'] == CognitoTokenVerifier.config.iss
+    end
+  end
+end

data/lib/cognito_token_verifier/version.rb

@@ -0,0 +1,3 @@
+module CognitoTokenVerifier
+  VERSION = "0.1.0"
+end

metadata

@@ -0,0 +1,198 @@
+--- !ruby/object:Gem::Specification
+name: cognito_token_verifier
+version: !ruby/object:Gem::Version
+  version: 0.1.0
+platform: ruby
+authors:
+- Matt Tanous
+autorequire: 
+bindir: exe
+cert_chain: []
+date: 2019-02-20 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: activesupport
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '4.2'
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: '6.0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '4.2'
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: '6.0'
+- !ruby/object:Gem::Dependency
+  name: json-jwt
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.1'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.1'
+- !ruby/object:Gem::Dependency
+  name: rest-client
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.0'
+- !ruby/object:Gem::Dependency
+  name: byebug
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '11.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '11.0'
+- !ruby/object:Gem::Dependency
+  name: bundler
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.0'
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '10.0'
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: '13.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '10.0'
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: '13.0'
+- !ruby/object:Gem::Dependency
+  name: rspec-rails
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.0'
+- !ruby/object:Gem::Dependency
+  name: actionpack
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '4.2'
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: '6.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '4.2'
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: '6.0'
+description: 
+email:
+- mtanous22@gmail.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- ".gitignore"
+- ".rspec"
+- ".travis.yml"
+- CHANGELOG.md
+- Gemfile
+- Gemfile.lock
+- LICENSE.txt
+- README.md
+- Rakefile
+- bin/console
+- bin/setup
+- cognito_token_verifier.gemspec
+- gemfiles/rails42.gemfile
+- gemfiles/rails51.gemfile
+- gemfiles/rails52.gemfile
+- lib/cognito_token_verifier.rb
+- lib/cognito_token_verifier/config.rb
+- lib/cognito_token_verifier/controller_macros.rb
+- lib/cognito_token_verifier/errors.rb
+- lib/cognito_token_verifier/token.rb
+- lib/cognito_token_verifier/version.rb
+homepage: https://github.com/CodingAnarchy/cognito_token_verifier
+licenses:
+- MIT
+metadata:
+  homepage_uri: https://github.com/CodingAnarchy/cognito_token_verifier
+  source_code_uri: https://github.com/CodingAnarchy/cognito_token_verifier
+  changelog_uri: https://github.com/CodingAnarchy/cognito_token_verifier/blob/master/CHANGELOG.md
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 2.7.8
+signing_key: 
+specification_version: 4
+summary: Verify and parse AWS Cognito JWTs to authenticate endpoints
+test_files: []