cognito_token_verifier 0.3.2 → 0.6.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: f4add4df0faee00b48160321257e94d72d9baa717311660c0d81399fa033750a
-  data.tar.gz: d6f223eab096dea2209abb728e005b0d54c2d9ec07535a00a0be64e60526fb67
+  metadata.gz: 8edc16e14b8a1bf1f5a49c693cbb6cb9d5fcc98d8903a65fca45beef5643a7dc
+  data.tar.gz: 68e7af872f597559db0dc2e9839aecb201d0552e54594921c7fc0cbd9dc3fe4e
 SHA512:
-  metadata.gz: 9717904c6e1e6e2f9af8bc421322c5c1dcd613cacead6867fb4d9a76c2f8c12d7319c53ca9a57195f7cd976551ab6de1e409c4abf9831e5e60000a849f12e206
-  data.tar.gz: 2bf652bfa68803e5c3e1a036bf6c42654665bd8d6bb6420a8ec65a385736ee29d18616b31698148253554cfaf7a5ec197236a1e4f0e5098c788622585182a538
+  metadata.gz: 0d13e3aa8021496519106c84557211429266d6347503f196dbc13ecacb8475dd4e86ead1f152a4c769a84c626e90f18ec17f19ef99c8cd61f7b61d1be4e73615
+  data.tar.gz: 2675df562c303cd2d111a06f4d025cd9132129316fa7ed07d344fecd9c21f000bec86ee8fd630fcace7343e30d4d7f92c06e87f2129d25a14a13c1dd9bc1c74a

data/.github/workflows/codeql-analysis.yml

@@ -0,0 +1,70 @@
+# For most projects, this workflow file will not need changing; you simply need
+# to commit it to your repository.
+#
+# You may wish to alter this file to override the set of languages analyzed,
+# or to provide custom queries or build logic.
+#
+# ******** NOTE ********
+# We have attempted to detect the languages in your repository. Please check
+# the `language` matrix defined below to confirm you have the correct set of
+# supported CodeQL languages.
+#
+name: "CodeQL"
+
+on:
+  push:
+    branches: [ master ]
+  pull_request:
+    # The branches below must be a subset of the branches above
+    branches: [ master ]
+  schedule:
+    - cron: '35 20 * * 6'
+
+jobs:
+  analyze:
+    name: Analyze
+    runs-on: ubuntu-latest
+    permissions:
+      actions: read
+      contents: read
+      security-events: write
+
+    strategy:
+      fail-fast: false
+      matrix:
+        language: [ 'ruby' ]
+        # CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python', 'ruby' ]
+        # Learn more about CodeQL language support at https://git.io/codeql-language-support
+
+    steps:
+    - name: Checkout repository
+      uses: actions/checkout@v2
+
+    # Initializes the CodeQL tools for scanning.
+    - name: Initialize CodeQL
+      uses: github/codeql-action/init@v1
+      with:
+        languages: ${{ matrix.language }}
+        # If you wish to specify custom queries, you can do so here or in a config file.
+        # By default, queries listed here will override any specified in a config file.
+        # Prefix the list here with "+" to use these queries and those in the config file.
+        # queries: ./path/to/local/query, your-org/your-repo/queries@main
+
+    # Autobuild attempts to build any compiled languages  (C/C++, C#, or Java).
+    # If this step fails, then you should remove it and run the build manually (see below)
+    - name: Autobuild
+      uses: github/codeql-action/autobuild@v1
+
+    # ℹ️ Command-line programs to run using the OS shell.
+    # 📚 https://git.io/JvXDl
+
+    # ✏️ If the Autobuild fails above, remove it and uncomment the following three lines
+    #    and modify them (or add more) to build your code if your project
+    #    uses a compiled language
+
+    #- run: |
+    #   make bootstrap
+    #   make release
+
+    - name: Perform CodeQL Analysis
+      uses: github/codeql-action/analyze@v1

data/.github/workflows/gem-push.yml

@@ -0,0 +1,41 @@
+name: Ruby Gem
+
+on:
+  push:
+    tags:
+      - v*
+
+jobs:
+  build:
+    name: Build + Publish
+    runs-on: ubuntu-latest
+
+    steps:
+    - uses: actions/checkout@v2
+    - name: Set up Ruby 2.7
+      uses: ruby/setup-ruby@v1
+      with:
+        ruby-version: 2.7
+
+    - name: Publish to GPR
+      run: |
+        mkdir -p $HOME/.gem
+        touch $HOME/.gem/credentials
+        chmod 0600 $HOME/.gem/credentials
+        printf -- "---\n:github: ${GEM_HOST_API_KEY}\n" > $HOME/.gem/credentials
+        gem build *.gemspec
+        gem push --KEY github --host https://rubygems.pkg.github.com/${OWNER} *.gem
+      env:
+        GEM_HOST_API_KEY: "Bearer ${{secrets.GITHUB_TOKEN}}"
+        OWNER: ${{ github.repository_owner }}
+
+    - name: Publish to RubyGems
+      run: |
+        mkdir -p $HOME/.gem
+        touch $HOME/.gem/credentials
+        chmod 0600 $HOME/.gem/credentials
+        printf -- "---\n:rubygems_api_key: ${GEM_HOST_API_KEY}\n" > $HOME/.gem/credentials
+        gem build *.gemspec
+        gem push *.gem
+      env:
+        GEM_HOST_API_KEY: "${{secrets.RUBYGEMS_AUTH_TOKEN}}"

data/.github/workflows/ruby-ci.yml

@@ -0,0 +1,30 @@
+name: Ruby CI
+
+on:
+  push:
+    branches: [ master ]
+  pull_request:
+    branches: [ master ]
+
+jobs:
+  test:
+    name: "Ruby ${{ matrix.ruby }}, Gemfile ${{ matrix.gemfile }}"
+    runs-on: ubuntu-latest
+
+    strategy:
+      fail-fast: true
+      matrix:
+        ruby: ['3.1', '3.0', '2.7']
+        gemfile: ['rails52', 'rails6', 'rails61', 'rails7']
+
+    env: # $BUNDLE_GEMFILE must be set at the job level, so it is set for all steps
+      BUNDLE_GEMFILE: ${{ github.workspace }}/gemfiles/${{ matrix.gemfile }}.gemfile
+    steps:
+      - uses: actions/checkout@v2
+      - name: Set up Ruby ${{ matrix.ruby }}
+        uses: ruby/setup-ruby@359bebbc29cbe6c87da6bc9ea3bc930432750108
+        with:
+          ruby-version: ${{ matrix.ruby }}
+          bundler-cache: true
+      - name: Run tests
+        run: bundle exec rspec

data/.tool-versions

@@ -0,0 +1 @@
+ruby 3.1.0

data/CHANGELOG.md

@@ -1,4 +1,29 @@
-# CHANGELOG.md
+# CHANGELOG
+
+## 0.6.0 (2022-02-24)
+
+  - Add Rails 7 support
+  - Test against Ruby 3.1
+
+## 0.5.0 (2021-01-27)
+
+  - Update `nokogiri` version to 1.11 for security patch in gem development
+  - Test against Ruby 3.0 and remove near-EOL Ruby 2.5 from test matrix
+  - Add Rails 6.1 support
+
+## 0.4.0 (2020-09-12)
+
+  - Update development version of Rails gems for `actionview` security patch
+  - Remove Rails < 5.2 support due to EOL by Rails team
+  - Remove EOL Ruby 2.4 from test matrix, and add Ruby 2.7
+
+## 0.3.2 (2020-03-31)
+
+  - Update development version of Rails gems for `actionview` security patch
+
+## 0.3.1 (2020-02-27)
+
+  - Update `nokogiri` version to 1.10.8 for security patches in gem development
 
 ## 0.3.0 (2019-11-14)
 

data/Gemfile.lock

@@ -1,93 +1,95 @@
 PATH
   remote: .
   specs:
-    cognito_token_verifier (0.3.2)
-      activesupport (>= 4.2, < 6.1)
+    cognito_token_verifier (0.5.0)
+      activesupport (>= 5.2)
       json-jwt (~> 1.11)
       rest-client (~> 2.0)
 
 GEM
   remote: https://rubygems.org/
   specs:
-    actionpack (6.0.2.2)
-      actionview (= 6.0.2.2)
-      activesupport (= 6.0.2.2)
-      rack (~> 2.0, >= 2.0.8)
+    actionpack (6.1.4.6)
+      actionview (= 6.1.4.6)
+      activesupport (= 6.1.4.6)
+      rack (~> 2.0, >= 2.0.9)
       rack-test (>= 0.6.3)
       rails-dom-testing (~> 2.0)
       rails-html-sanitizer (~> 1.0, >= 1.2.0)
-    actionview (6.0.2.2)
-      activesupport (= 6.0.2.2)
+    actionview (6.1.4.6)
+      activesupport (= 6.1.4.6)
       builder (~> 3.1)
       erubi (~> 1.4)
       rails-dom-testing (~> 2.0)
       rails-html-sanitizer (~> 1.1, >= 1.2.0)
-    activesupport (6.0.2.2)
+    activesupport (6.1.4.6)
       concurrent-ruby (~> 1.0, >= 1.0.2)
-      i18n (>= 0.7, < 2)
-      minitest (~> 5.1)
-      tzinfo (~> 1.1)
-      zeitwerk (~> 2.2)
-    aes_key_wrap (1.0.1)
-    bindata (2.4.4)
+      i18n (>= 1.6, < 2)
+      minitest (>= 5.1)
+      tzinfo (~> 2.0)
+      zeitwerk (~> 2.3)
+    aes_key_wrap (1.1.0)
+    bindata (2.4.10)
     builder (3.2.4)
-    byebug (11.0.1)
-    concurrent-ruby (1.1.6)
+    byebug (11.1.3)
+    concurrent-ruby (1.1.9)
     crass (1.0.6)
-    diff-lcs (1.3)
+    diff-lcs (1.4.4)
     domain_name (0.5.20190701)
       unf (>= 0.0.5, < 1.0.0)
-    erubi (1.9.0)
+    erubi (1.10.0)
     http-accept (1.7.0)
     http-cookie (1.0.3)
       domain_name (~> 0.5)
-    i18n (1.8.2)
+    i18n (1.9.1)
       concurrent-ruby (~> 1.0)
-    json-jwt (1.11.0)
+    json-jwt (1.13.0)
       activesupport (>= 4.2)
       aes_key_wrap
       bindata
-    loofah (2.4.0)
+    loofah (2.14.0)
       crass (~> 1.0.2)
       nokogiri (>= 1.5.9)
     method_source (1.0.0)
-    mime-types (3.3)
+    mime-types (3.3.1)
       mime-types-data (~> 3.2015)
-    mime-types-data (3.2019.1009)
-    mini_portile2 (2.4.0)
-    minitest (5.14.0)
+    mime-types-data (3.2020.0512)
+    mini_portile2 (2.7.1)
+    minitest (5.15.0)
     netrc (0.11.0)
-    nokogiri (1.10.9)
-      mini_portile2 (~> 2.4.0)
-    rack (2.2.2)
+    nokogiri (1.13.1)
+      mini_portile2 (~> 2.7.0)
+      racc (~> 1.4)
+    racc (1.6.0)
+    rack (2.2.3)
     rack-test (1.1.0)
       rack (>= 1.0, < 3)
     rails-dom-testing (2.0.3)
       activesupport (>= 4.2.0)
       nokogiri (>= 1.6)
-    rails-html-sanitizer (1.3.0)
+    rails-html-sanitizer (1.4.2)
       loofah (~> 2.3)
-    railties (6.0.2.2)
-      actionpack (= 6.0.2.2)
-      activesupport (= 6.0.2.2)
+    railties (6.1.4.6)
+      actionpack (= 6.1.4.6)
+      activesupport (= 6.1.4.6)
       method_source
-      rake (>= 0.8.7)
-      thor (>= 0.20.3, < 2.0)
-    rake (13.0.1)
+      rake (>= 0.13)
+      thor (~> 1.0)
+    rake (13.0.3)
     rest-client (2.1.0)
       http-accept (>= 1.7.0, < 2.0)
       http-cookie (>= 1.0.2, < 2.0)
       mime-types (>= 1.16, < 4.0)
       netrc (~> 0.8)
-    rspec-core (3.9.0)
-      rspec-support (~> 3.9.0)
-    rspec-expectations (3.9.0)
+    rspec-core (3.9.2)
+      rspec-support (~> 3.9.3)
+    rspec-expectations (3.9.2)
       diff-lcs (>= 1.2.0, < 2.0)
       rspec-support (~> 3.9.0)
-    rspec-mocks (3.9.0)
+    rspec-mocks (3.9.1)
       diff-lcs (>= 1.2.0, < 2.0)
       rspec-support (~> 3.9.0)
-    rspec-rails (3.9.0)
+    rspec-rails (3.9.1)
       actionpack (>= 3.0)
       activesupport (>= 3.0)
       railties (>= 3.0)
@@ -95,21 +97,20 @@ GEM
       rspec-expectations (~> 3.9.0)
       rspec-mocks (~> 3.9.0)
       rspec-support (~> 3.9.0)
-    rspec-support (3.9.0)
-    thor (1.0.1)
-    thread_safe (0.3.6)
-    tzinfo (1.2.6)
-      thread_safe (~> 0.1)
+    rspec-support (3.9.3)
+    thor (1.2.1)
+    tzinfo (2.0.4)
+      concurrent-ruby (~> 1.0)
     unf (0.1.4)
       unf_ext
-    unf_ext (0.0.7.6)
-    zeitwerk (2.3.0)
+    unf_ext (0.0.7.7)
+    zeitwerk (2.5.4)
 
 PLATFORMS
   ruby
 
 DEPENDENCIES
-  actionpack (>= 4.2, < 6.1)
+  actionpack (>= 5.2)
   bundler (~> 2.0)
   byebug (~> 11.0)
   cognito_token_verifier!
@@ -117,4 +118,4 @@ DEPENDENCIES
   rspec-rails (~> 3.0)
 
 BUNDLED WITH
-   2.0.2
+   2.1.4

data/README.md

@@ -1,6 +1,6 @@
-# CognitoTokenVerifier [![Build Status](https://travis-ci.org/CodingAnarchy/cognito_token_verifier.svg?branch=master)](https://travis-ci.org/CodingAnarchy/cognito_token_verifier)
+# CognitoTokenVerifier ![Build Status](https://github.com/CodingAnarchy/cognito_token_verifier/actions/workflows/ruby-ci.yml/badge.svg)
 
-Verify and decode AWS Cognito tokens for use in your Rails 5.2+ application. Rails 4.2 may work on 0.3+, but as it is no longer supported for security fixes by the Rails team, I make no guarantees of this and changes may result that break compatibility.
+Verify and decode AWS Cognito tokens for use in your Rails 5.2+ application. Rails versions <= 5.2 are incompatible with the required gemspec as of  0.4+, as they are no longer supported for security fixes by the Rails team.
 
 ## Installation
 

data/cognito_token_verifier.gemspec

@@ -12,7 +12,7 @@ Gem::Specification.new do |spec|
   spec.summary       = %q{Verify and parse AWS Cognito JWTs to authenticate endpoints}
   spec.homepage      = "https://github.com/CodingAnarchy/cognito_token_verifier"
   spec.license       = "MIT"
-  spec.required_ruby_version = ">= 2.3.8"
+  spec.required_ruby_version = ">= 2.6.0"
 
   # Prevent pushing this gem to RubyGems.org. To allow pushes either set the 'allowed_push_host'
   # to allow pushing to a single host or delete this section to allow pushing to any host.
@@ -31,7 +31,7 @@ Gem::Specification.new do |spec|
   spec.executables   = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
   spec.require_paths = ["lib"]
 
-  spec.add_runtime_dependency "activesupport", [">= 4.2", "< 6.1"]
+  spec.add_runtime_dependency "activesupport", [">= 5.2"]
   spec.add_runtime_dependency "json-jwt", "~> 1.11"
   spec.add_runtime_dependency "rest-client", "~> 2.0"
 
@@ -39,5 +39,5 @@ Gem::Specification.new do |spec|
   spec.add_development_dependency "bundler", "~> 2.0"
   spec.add_development_dependency "rake", [">= 10.0", "< 14.0"]
   spec.add_development_dependency "rspec-rails", "~> 3.0"
-  spec.add_development_dependency "actionpack", [">= 4.2", "< 6.1"]
+  spec.add_development_dependency "actionpack", [">= 5.2"]
 end

data/gemfiles/{rails51.gemfile → rails61.gemfile}

@@ -1,11 +1,11 @@
 source "https://rubygems.org"
 
-gem "activesupport", "~> 5.1.0"
+gem "activesupport", "~> 6.1.0"
 gem "json-jwt", "~> 1.11"
 gem "rest-client", "~> 2.0"
 
 gem "byebug"
 gem "bundler", "~> 2.0"
-gem "rake", "~> 11.0"
+gem "rake", "~> 12.0"
 gem "rspec-rails", "~> 3.0"
-gem "actionpack", "~> 5.1.0"
+gem "actionpack", "~> 6.1.0"

data/gemfiles/rails7.gemfile

@@ -0,0 +1,11 @@
+source "https://rubygems.org"
+
+gem "activesupport", "~> 7.0.0"
+gem "json-jwt", "~> 1.11"
+gem "rest-client", "~> 2.0"
+
+gem "byebug"
+gem "bundler", "~> 2.0"
+gem "rake", "~> 12.0"
+gem "rspec-rails", "~> 3.0"
+gem "actionpack", "~> 7.0.0"

data/lib/cognito_token_verifier/version.rb

@@ -1,3 +1,3 @@
 module CognitoTokenVerifier
-  VERSION = "0.3.2"
+  VERSION = "0.6.0"
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: cognito_token_verifier
 version: !ruby/object:Gem::Version
-  version: 0.3.2
+  version: 0.6.0
 platform: ruby
 authors:
 - Matt Tanous
 autorequire: 
 bindir: exe
 cert_chain: []
-date: 2020-03-31 00:00:00.000000000 Z
+date: 2022-02-24 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: activesupport
@@ -16,20 +16,14 @@ dependencies:
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '4.2'
-    - - "<"
-      - !ruby/object:Gem::Version
-        version: '6.1'
+        version: '5.2'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '4.2'
-    - - "<"
-      - !ruby/object:Gem::Version
-        version: '6.1'
+        version: '5.2'
 - !ruby/object:Gem::Dependency
   name: json-jwt
   requirement: !ruby/object:Gem::Requirement
@@ -126,20 +120,14 @@ dependencies:
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '4.2'
-    - - "<"
-      - !ruby/object:Gem::Version
-        version: '6.1'
+        version: '5.2'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '4.2'
-    - - "<"
-      - !ruby/object:Gem::Version
-        version: '6.1'
+        version: '5.2'
 description: 
 email:
 - mtanous22@gmail.com
@@ -147,9 +135,12 @@ executables: []
 extensions: []
 extra_rdoc_files: []
 files:
+- ".github/workflows/codeql-analysis.yml"
+- ".github/workflows/gem-push.yml"
+- ".github/workflows/ruby-ci.yml"
 - ".gitignore"
 - ".rspec"
-- ".travis.yml"
+- ".tool-versions"
 - CHANGELOG.md
 - Gemfile
 - Gemfile.lock
@@ -159,9 +150,10 @@ files:
 - bin/console
 - bin/setup
 - cognito_token_verifier.gemspec
-- gemfiles/rails51.gemfile
 - gemfiles/rails52.gemfile
 - gemfiles/rails6.gemfile
+- gemfiles/rails61.gemfile
+- gemfiles/rails7.gemfile
 - lib/cognito_token_verifier.rb
 - lib/cognito_token_verifier/config.rb
 - lib/cognito_token_verifier/controller_macros.rb
@@ -183,14 +175,14 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: 2.3.8
+      version: 2.6.0
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.0.6
+rubygems_version: 3.1.6
 signing_key: 
 specification_version: 4
 summary: Verify and parse AWS Cognito JWTs to authenticate endpoints

data/.travis.yml

@@ -1,21 +0,0 @@
----
-sudo: false
-language: ruby
-cache: bundler
-rvm:
-  - 2.4.9
-  - 2.5.7
-  - 2.6.5
-before_install: gem install bundler
-gemfile:
-  - Gemfile
-  - gemfiles/rails51.gemfile
-  - gemfiles/rails52.gemfile
-  - gemfiles/rails6.gemfile
-
-jobs:
-  exclude:
-    - rvm: 2.4.9
-      gemfile: Gemfile
-    - rvm: 2.4.9
-      gemfile: gemfiles/rails6.gemfile