devise-auth0 0.0.3 → 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (8) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG +8 -0
  3. data/README.md +9 -2
  4. data/lib/devise/auth0/config.rb +13 -0
  5. data/lib/devise/auth0/version.rb +1 -1
  6. data/lib/devise/auth0.rb +7 -2
  7. data/lib/devise/strategies/auth0_authenticatable.rb +7 -2
  8. metadata +3 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: a9ebedfc7f681b212887f7eb792de3f95699b06f
4
- data.tar.gz: b3d048af9d4e2ef6040565e7f0c801eb40e309f4
3
+ metadata.gz: 3d4c2ff183e811e6ca8638b897c212dfda57bb62
4
+ data.tar.gz: 112312295075193d8d6a255f06fda5a29789df60
5
5
  SHA512:
6
- metadata.gz: b10717d8b1ce99f92d0cc5fbcffc57c8bf635cf9a913f4f469e94c5a6dacc2cb4fc57022b23680f4d02f4c6040c314eb84509e94739af54847bfecefe932712f
7
- data.tar.gz: 8714436aa44207a2744b8eef2115f6841ac186689be1d2a020ec7314ef15ec70f54e2f2d3077dcbd6d774d34fa0ee3c94f3290a227672709fb947d18a24fc5b1
6
+ metadata.gz: 7fa99c079ff1b5553df2fa28fba05fe8dcce45d492533e680de3ff706fb4a3e4c9529c188b96d79674cbddb8e4c950ecae729bebaa0e7b59a84f7e44f215fc8c
7
+ data.tar.gz: d02dc31f59da051643fe3c5efbff4ab01ae8393778a4cfb9148dcd4e06f5335ae4e63aa1ef62f8bc909f19c26a21b0659bbc3e01fcdddf4103a09edb33f5d6d3
data/CHANGELOG CHANGED
@@ -1,3 +1,11 @@
1
+ 0.1.0 / 2016-01-04
2
+
3
+ * Breaking changes
4
+
5
+ * Auth0 client ID and secret are no longer assumed to be in ENV vars at
6
+ startup time. Instead, configure them when adding the strategy to warden
7
+ (see README under Configuration).
8
+
1
9
  0.0.3 / 2016-09-07
2
10
 
3
11
  * Official user identifier is the `sub` field. Use it first before `user_id`
data/README.md CHANGED
@@ -1,6 +1,8 @@
1
1
  # Devise::Auth0
2
2
 
3
- Allow signed-in auth0 users to areas protected by devise.
3
+ A devise/warden strategy for authenticating users with an Auth0-issued JSON web
4
+ token (JWT). This token is assumed to be provided via the Authorization HTTP
5
+ header.
4
6
 
5
7
  ## Installation
6
8
 
@@ -34,7 +36,12 @@ Devise.setup do |config|
34
36
  config.skip_session_storage = [:auth0_authenticatable] unless Rails.env.test?
35
37
 
36
38
  config.warden do |manager|
37
- manager.strategies.add(:auth0_authenticatable, Devise::Strategies::Auth0Authenticatable)
39
+
40
+ manager.strategies.add(:auth0_authenticatable, Devise::Strategies::Auth0Authenticatable) do
41
+ config.client_id = "abc123"
42
+ config.secret = "shhhh"
43
+ end
44
+
38
45
  manager.default_strategies(scope: :user).unshift :auth0_authenticatable
39
46
  end
40
47
  end
data/lib/devise/auth0/config.rb ADDED
@@ -0,0 +1,13 @@
1
+ module Devise
2
+
3
+ module Auth0
4
+
5
+ class Config
6
+
7
+ attr_accessor :client_id, :secret
8
+
9
+ end
10
+
11
+ end
12
+
13
+ end
data/lib/devise/auth0/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  module Devise
2
2
  module Auth0
3
- VERSION = "0.0.3"
3
+ VERSION = "0.1.0"
4
4
  end
5
5
  end
data/lib/devise/auth0.rb CHANGED
@@ -4,7 +4,12 @@ require 'devise/strategies/auth0_authenticatable'
4
4
 
5
5
  module Devise
6
6
  module Auth0
7
- CLIENT_ID = ENV.fetch 'AUTH0_CLIENT_ID'
8
- SECRET = Base64.decode64 ENV.fetch('AUTH0_SECRET').gsub('-', '+').gsub('_','/')
7
+ def self.client_id
8
+ ENV.fetch 'AUTH0_CLIENT_ID'
9
+ end
10
+
11
+ def self.secret
12
+ Base64.decode64 ENV.fetch('AUTH0_SECRET').gsub('-', '+').gsub('_','/')
13
+ end
9
14
  end
10
15
  end
data/lib/devise/strategies/auth0_authenticatable.rb CHANGED
@@ -1,15 +1,20 @@
1
1
  require 'devise'
2
+ require 'devise/auth0/config'
2
3
 
3
4
  module Devise
4
5
  module Strategies
5
6
 
6
7
  class Auth0Authenticatable < Base
7
8
 
9
+ def self.config
10
+ @config ||= Devise::Auth0::Config.new
11
+ end
12
+
8
13
  def authenticate!
9
14
  token = env['HTTP_AUTHORIZATION'].to_s.gsub('Bearer ', '')
10
15
 
11
16
  begin
12
- decoded_token, header = JWT.decode(token, Devise::Auth0::SECRET)
17
+ decoded_token, header = JWT.decode(token, self.class.config.secret)
13
18
  rescue JWT::DecodeError
14
19
  Rails.logger.warn 'Unreadable Auth0 token'
15
20
  fail! 'Unreadable Auth0 token'
@@ -22,7 +27,7 @@ module Devise
22
27
  return
23
28
  end
24
29
 
25
- if decoded_token['aud'] == Auth0::CLIENT_ID
30
+ if decoded_token['aud'] == self.class.config.client_id
26
31
  user = mapping.to.find_or_sync_auth0(decoded_token)
27
32
  success! user
28
33
  return
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: devise-auth0
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.0.3
4
+ version: 0.1.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Derek Kastner
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2016-09-07 00:00:00.000000000 Z
11
+ date: 2017-01-04 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: bundler
@@ -53,6 +53,7 @@ files:
53
53
  - Rakefile
54
54
  - devise-auth0.gemspec
55
55
  - lib/devise/auth0.rb
56
+ - lib/devise/auth0/config.rb
56
57
  - lib/devise/auth0/failure_app.rb
57
58
  - lib/devise/auth0/version.rb
58
59
  - lib/devise/models/auth0_authenticatable.rb