cognito_token_verifier 0.5.0 → 0.6.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: b1cdcaef0b4d5ca7837dfedbaae4205e218675defa5318cbb9f99d9ed8eced3e
-  data.tar.gz: 195886dac29323c2f739333807ca256cc86576963bf8cfd0ff87d7ab7d858518
+  metadata.gz: 8edc16e14b8a1bf1f5a49c693cbb6cb9d5fcc98d8903a65fca45beef5643a7dc
+  data.tar.gz: 68e7af872f597559db0dc2e9839aecb201d0552e54594921c7fc0cbd9dc3fe4e
 SHA512:
-  metadata.gz: 8cd7ad61ad6e589a7d440a0ef2f395a6fded8f5c7d6656954231b851930dd332bb4aae2fad43a6affecda83c9374b469877678f10463520e79cb7de9905c4bfa
-  data.tar.gz: 5be66162f09998b41dc691cfbaf12af71a597cedfc91925c8d3def18c3bba92b09d62fe48ce8807d667a14c685f3aedec88aaad6c22ddd128f5840e19496544e
+  metadata.gz: 0d13e3aa8021496519106c84557211429266d6347503f196dbc13ecacb8475dd4e86ead1f152a4c769a84c626e90f18ec17f19ef99c8cd61f7b61d1be4e73615
+  data.tar.gz: 2675df562c303cd2d111a06f4d025cd9132129316fa7ed07d344fecd9c21f000bec86ee8fd630fcace7343e30d4d7f92c06e87f2129d25a14a13c1dd9bc1c74a

data/.github/workflows/codeql-analysis.yml

@@ -0,0 +1,70 @@
+# For most projects, this workflow file will not need changing; you simply need
+# to commit it to your repository.
+#
+# You may wish to alter this file to override the set of languages analyzed,
+# or to provide custom queries or build logic.
+#
+# ******** NOTE ********
+# We have attempted to detect the languages in your repository. Please check
+# the `language` matrix defined below to confirm you have the correct set of
+# supported CodeQL languages.
+#
+name: "CodeQL"
+
+on:
+  push:
+    branches: [ master ]
+  pull_request:
+    # The branches below must be a subset of the branches above
+    branches: [ master ]
+  schedule:
+    - cron: '35 20 * * 6'
+
+jobs:
+  analyze:
+    name: Analyze
+    runs-on: ubuntu-latest
+    permissions:
+      actions: read
+      contents: read
+      security-events: write
+
+    strategy:
+      fail-fast: false
+      matrix:
+        language: [ 'ruby' ]
+        # CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python', 'ruby' ]
+        # Learn more about CodeQL language support at https://git.io/codeql-language-support
+
+    steps:
+    - name: Checkout repository
+      uses: actions/checkout@v2
+
+    # Initializes the CodeQL tools for scanning.
+    - name: Initialize CodeQL
+      uses: github/codeql-action/init@v1
+      with:
+        languages: ${{ matrix.language }}
+        # If you wish to specify custom queries, you can do so here or in a config file.
+        # By default, queries listed here will override any specified in a config file.
+        # Prefix the list here with "+" to use these queries and those in the config file.
+        # queries: ./path/to/local/query, your-org/your-repo/queries@main
+
+    # Autobuild attempts to build any compiled languages  (C/C++, C#, or Java).
+    # If this step fails, then you should remove it and run the build manually (see below)
+    - name: Autobuild
+      uses: github/codeql-action/autobuild@v1
+
+    # ℹ️ Command-line programs to run using the OS shell.
+    # 📚 https://git.io/JvXDl
+
+    # ✏️ If the Autobuild fails above, remove it and uncomment the following three lines
+    #    and modify them (or add more) to build your code if your project
+    #    uses a compiled language
+
+    #- run: |
+    #   make bootstrap
+    #   make release
+
+    - name: Perform CodeQL Analysis
+      uses: github/codeql-action/analyze@v1

data/.github/workflows/gem-push.yml

@@ -0,0 +1,41 @@
+name: Ruby Gem
+
+on:
+  push:
+    tags:
+      - v*
+
+jobs:
+  build:
+    name: Build + Publish
+    runs-on: ubuntu-latest
+
+    steps:
+    - uses: actions/checkout@v2
+    - name: Set up Ruby 2.7
+      uses: ruby/setup-ruby@v1
+      with:
+        ruby-version: 2.7
+
+    - name: Publish to GPR
+      run: |
+        mkdir -p $HOME/.gem
+        touch $HOME/.gem/credentials
+        chmod 0600 $HOME/.gem/credentials
+        printf -- "---\n:github: ${GEM_HOST_API_KEY}\n" > $HOME/.gem/credentials
+        gem build *.gemspec
+        gem push --KEY github --host https://rubygems.pkg.github.com/${OWNER} *.gem
+      env:
+        GEM_HOST_API_KEY: "Bearer ${{secrets.GITHUB_TOKEN}}"
+        OWNER: ${{ github.repository_owner }}
+
+    - name: Publish to RubyGems
+      run: |
+        mkdir -p $HOME/.gem
+        touch $HOME/.gem/credentials
+        chmod 0600 $HOME/.gem/credentials
+        printf -- "---\n:rubygems_api_key: ${GEM_HOST_API_KEY}\n" > $HOME/.gem/credentials
+        gem build *.gemspec
+        gem push *.gem
+      env:
+        GEM_HOST_API_KEY: "${{secrets.RUBYGEMS_AUTH_TOKEN}}"

data/.github/workflows/ruby-ci.yml

@@ -0,0 +1,30 @@
+name: Ruby CI
+
+on:
+  push:
+    branches: [ master ]
+  pull_request:
+    branches: [ master ]
+
+jobs:
+  test:
+    name: "Ruby ${{ matrix.ruby }}, Gemfile ${{ matrix.gemfile }}"
+    runs-on: ubuntu-latest
+
+    strategy:
+      fail-fast: true
+      matrix:
+        ruby: ['3.1', '3.0', '2.7']
+        gemfile: ['rails52', 'rails6', 'rails61', 'rails7']
+
+    env: # $BUNDLE_GEMFILE must be set at the job level, so it is set for all steps
+      BUNDLE_GEMFILE: ${{ github.workspace }}/gemfiles/${{ matrix.gemfile }}.gemfile
+    steps:
+      - uses: actions/checkout@v2
+      - name: Set up Ruby ${{ matrix.ruby }}
+        uses: ruby/setup-ruby@359bebbc29cbe6c87da6bc9ea3bc930432750108
+        with:
+          ruby-version: ${{ matrix.ruby }}
+          bundler-cache: true
+      - name: Run tests
+        run: bundle exec rspec

data/.tool-versions

@@ -0,0 +1 @@
+ruby 3.1.0

data/CHANGELOG.md

@@ -1,5 +1,10 @@
 # CHANGELOG
 
+## 0.6.0 (2022-02-24)
+
+  - Add Rails 7 support
+  - Test against Ruby 3.1
+
 ## 0.5.0 (2021-01-27)
 
   - Update `nokogiri` version to 1.11 for security patch in gem development

data/Gemfile.lock

@@ -2,37 +2,37 @@ PATH
   remote: .
   specs:
     cognito_token_verifier (0.5.0)
-      activesupport (>= 5.2, < 6.2)
+      activesupport (>= 5.2)
       json-jwt (~> 1.11)
       rest-client (~> 2.0)
 
 GEM
   remote: https://rubygems.org/
   specs:
-    actionpack (6.1.1)
-      actionview (= 6.1.1)
-      activesupport (= 6.1.1)
+    actionpack (6.1.4.6)
+      actionview (= 6.1.4.6)
+      activesupport (= 6.1.4.6)
       rack (~> 2.0, >= 2.0.9)
       rack-test (>= 0.6.3)
       rails-dom-testing (~> 2.0)
       rails-html-sanitizer (~> 1.0, >= 1.2.0)
-    actionview (6.1.1)
-      activesupport (= 6.1.1)
+    actionview (6.1.4.6)
+      activesupport (= 6.1.4.6)
       builder (~> 3.1)
       erubi (~> 1.4)
       rails-dom-testing (~> 2.0)
       rails-html-sanitizer (~> 1.1, >= 1.2.0)
-    activesupport (6.1.1)
+    activesupport (6.1.4.6)
       concurrent-ruby (~> 1.0, >= 1.0.2)
       i18n (>= 1.6, < 2)
       minitest (>= 5.1)
       tzinfo (~> 2.0)
       zeitwerk (~> 2.3)
     aes_key_wrap (1.1.0)
-    bindata (2.4.8)
+    bindata (2.4.10)
     builder (3.2.4)
     byebug (11.1.3)
-    concurrent-ruby (1.1.8)
+    concurrent-ruby (1.1.9)
     crass (1.0.6)
     diff-lcs (1.4.4)
     domain_name (0.5.20190701)
@@ -41,39 +41,39 @@ GEM
     http-accept (1.7.0)
     http-cookie (1.0.3)
       domain_name (~> 0.5)
-    i18n (1.8.7)
+    i18n (1.9.1)
       concurrent-ruby (~> 1.0)
     json-jwt (1.13.0)
       activesupport (>= 4.2)
       aes_key_wrap
       bindata
-    loofah (2.9.0)
+    loofah (2.14.0)
       crass (~> 1.0.2)
       nokogiri (>= 1.5.9)
     method_source (1.0.0)
     mime-types (3.3.1)
       mime-types-data (~> 3.2015)
     mime-types-data (3.2020.0512)
-    mini_portile2 (2.5.0)
-    minitest (5.14.3)
+    mini_portile2 (2.7.1)
+    minitest (5.15.0)
     netrc (0.11.0)
-    nokogiri (1.11.1)
-      mini_portile2 (~> 2.5.0)
+    nokogiri (1.13.1)
+      mini_portile2 (~> 2.7.0)
       racc (~> 1.4)
-    racc (1.5.2)
+    racc (1.6.0)
     rack (2.2.3)
     rack-test (1.1.0)
       rack (>= 1.0, < 3)
     rails-dom-testing (2.0.3)
       activesupport (>= 4.2.0)
       nokogiri (>= 1.6)
-    rails-html-sanitizer (1.3.0)
+    rails-html-sanitizer (1.4.2)
       loofah (~> 2.3)
-    railties (6.1.1)
-      actionpack (= 6.1.1)
-      activesupport (= 6.1.1)
+    railties (6.1.4.6)
+      actionpack (= 6.1.4.6)
+      activesupport (= 6.1.4.6)
       method_source
-      rake (>= 0.8.7)
+      rake (>= 0.13)
       thor (~> 1.0)
     rake (13.0.3)
     rest-client (2.1.0)
@@ -98,19 +98,19 @@ GEM
       rspec-mocks (~> 3.9.0)
       rspec-support (~> 3.9.0)
     rspec-support (3.9.3)
-    thor (1.1.0)
+    thor (1.2.1)
     tzinfo (2.0.4)
       concurrent-ruby (~> 1.0)
     unf (0.1.4)
       unf_ext
     unf_ext (0.0.7.7)
-    zeitwerk (2.4.2)
+    zeitwerk (2.5.4)
 
 PLATFORMS
   ruby
 
 DEPENDENCIES
-  actionpack (>= 5.2, < 6.2)
+  actionpack (>= 5.2)
   bundler (~> 2.0)
   byebug (~> 11.0)
   cognito_token_verifier!

data/README.md

@@ -1,4 +1,4 @@
-# CognitoTokenVerifier [![Build Status](https://travis-ci.com/CodingAnarchy/cognito_token_verifier.svg?branch=master)](https://travis-ci.com/CodingAnarchy/cognito_token_verifier)
+# CognitoTokenVerifier ![Build Status](https://github.com/CodingAnarchy/cognito_token_verifier/actions/workflows/ruby-ci.yml/badge.svg)
 
 Verify and decode AWS Cognito tokens for use in your Rails 5.2+ application. Rails versions <= 5.2 are incompatible with the required gemspec as of  0.4+, as they are no longer supported for security fixes by the Rails team.
 

data/cognito_token_verifier.gemspec

@@ -31,7 +31,7 @@ Gem::Specification.new do |spec|
   spec.executables   = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
   spec.require_paths = ["lib"]
 
-  spec.add_runtime_dependency "activesupport", [">= 5.2", "< 6.2"]
+  spec.add_runtime_dependency "activesupport", [">= 5.2"]
   spec.add_runtime_dependency "json-jwt", "~> 1.11"
   spec.add_runtime_dependency "rest-client", "~> 2.0"
 
@@ -39,5 +39,5 @@ Gem::Specification.new do |spec|
   spec.add_development_dependency "bundler", "~> 2.0"
   spec.add_development_dependency "rake", [">= 10.0", "< 14.0"]
   spec.add_development_dependency "rspec-rails", "~> 3.0"
-  spec.add_development_dependency "actionpack", [">= 5.2", "< 6.2"]
+  spec.add_development_dependency "actionpack", [">= 5.2"]
 end

data/gemfiles/rails7.gemfile

@@ -0,0 +1,11 @@
+source "https://rubygems.org"
+
+gem "activesupport", "~> 7.0.0"
+gem "json-jwt", "~> 1.11"
+gem "rest-client", "~> 2.0"
+
+gem "byebug"
+gem "bundler", "~> 2.0"
+gem "rake", "~> 12.0"
+gem "rspec-rails", "~> 3.0"
+gem "actionpack", "~> 7.0.0"

data/lib/cognito_token_verifier/version.rb

@@ -1,3 +1,3 @@
 module CognitoTokenVerifier
-  VERSION = "0.5.0"
+  VERSION = "0.6.0"
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: cognito_token_verifier
 version: !ruby/object:Gem::Version
-  version: 0.5.0
+  version: 0.6.0
 platform: ruby
 authors:
 - Matt Tanous
-autorequire:
+autorequire: 
 bindir: exe
 cert_chain: []
-date: 2021-01-28 00:00:00.000000000 Z
+date: 2022-02-24 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: activesupport
@@ -17,9 +17,6 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: '5.2'
-    - - "<"
-      - !ruby/object:Gem::Version
-        version: '6.2'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
@@ -27,9 +24,6 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: '5.2'
-    - - "<"
-      - !ruby/object:Gem::Version
-        version: '6.2'
 - !ruby/object:Gem::Dependency
   name: json-jwt
   requirement: !ruby/object:Gem::Requirement
@@ -127,9 +121,6 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: '5.2'
-    - - "<"
-      - !ruby/object:Gem::Version
-        version: '6.2'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
@@ -137,19 +128,19 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: '5.2'
-    - - "<"
-      - !ruby/object:Gem::Version
-        version: '6.2'
-description:
+description: 
 email:
 - mtanous22@gmail.com
 executables: []
 extensions: []
 extra_rdoc_files: []
 files:
+- ".github/workflows/codeql-analysis.yml"
+- ".github/workflows/gem-push.yml"
+- ".github/workflows/ruby-ci.yml"
 - ".gitignore"
 - ".rspec"
-- ".travis.yml"
+- ".tool-versions"
 - CHANGELOG.md
 - Gemfile
 - Gemfile.lock
@@ -162,6 +153,7 @@ files:
 - gemfiles/rails52.gemfile
 - gemfiles/rails6.gemfile
 - gemfiles/rails61.gemfile
+- gemfiles/rails7.gemfile
 - lib/cognito_token_verifier.rb
 - lib/cognito_token_verifier/config.rb
 - lib/cognito_token_verifier/controller_macros.rb
@@ -175,7 +167,7 @@ metadata:
   homepage_uri: https://github.com/CodingAnarchy/cognito_token_verifier
   source_code_uri: https://github.com/CodingAnarchy/cognito_token_verifier
   changelog_uri: https://github.com/CodingAnarchy/cognito_token_verifier/blob/master/CHANGELOG.md
-post_install_message:
+post_install_message: 
 rdoc_options: []
 require_paths:
 - lib
@@ -190,8 +182,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.0.3
-signing_key:
+rubygems_version: 3.1.6
+signing_key: 
 specification_version: 4
 summary: Verify and parse AWS Cognito JWTs to authenticate endpoints
 test_files: []

data/.travis.yml

@@ -1,17 +0,0 @@
----
-sudo: false
-language: ruby
-cache: bundler
-rvm:
-  - 2.6.6
-  - 2.7.2
-  - 3.0.0
-before_install: gem install bundler
-gemfile:
-  - Gemfile
-  - gemfiles/rails52.gemfile
-  - gemfiles/rails6.gemfile
-  - gemfiles/rails61.gemfile
-
-# jobs:
-#   exclude: