devise-auth0 0.0.3 → 0.1.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (8) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG +8 -0
  3. data/README.md +9 -2
  4. data/lib/devise/auth0/config.rb +13 -0
  5. data/lib/devise/auth0/version.rb +1 -1
  6. data/lib/devise/auth0.rb +7 -2
  7. data/lib/devise/strategies/auth0_authenticatable.rb +7 -2
  8. metadata +3 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: a9ebedfc7f681b212887f7eb792de3f95699b06f
4
- data.tar.gz: b3d048af9d4e2ef6040565e7f0c801eb40e309f4
3
+ metadata.gz: 3d4c2ff183e811e6ca8638b897c212dfda57bb62
4
+ data.tar.gz: 112312295075193d8d6a255f06fda5a29789df60
5
5
  SHA512:
6
- metadata.gz: b10717d8b1ce99f92d0cc5fbcffc57c8bf635cf9a913f4f469e94c5a6dacc2cb4fc57022b23680f4d02f4c6040c314eb84509e94739af54847bfecefe932712f
7
- data.tar.gz: 8714436aa44207a2744b8eef2115f6841ac186689be1d2a020ec7314ef15ec70f54e2f2d3077dcbd6d774d34fa0ee3c94f3290a227672709fb947d18a24fc5b1
6
+ metadata.gz: 7fa99c079ff1b5553df2fa28fba05fe8dcce45d492533e680de3ff706fb4a3e4c9529c188b96d79674cbddb8e4c950ecae729bebaa0e7b59a84f7e44f215fc8c
7
+ data.tar.gz: d02dc31f59da051643fe3c5efbff4ab01ae8393778a4cfb9148dcd4e06f5335ae4e63aa1ef62f8bc909f19c26a21b0659bbc3e01fcdddf4103a09edb33f5d6d3
data/CHANGELOG CHANGED
@@ -1,3 +1,11 @@
1
+ 0.1.0 / 2016-01-04
2
+
3
+ * Breaking changes
4
+
5
+ * Auth0 client ID and secret are no longer assumed to be in ENV vars at
6
+ startup time. Instead, configure them when adding the strategy to warden
7
+ (see README under Configuration).
8
+
1
9
  0.0.3 / 2016-09-07
2
10
 
3
11
  * Official user identifier is the `sub` field. Use it first before `user_id`
data/README.md CHANGED
@@ -1,6 +1,8 @@
1
1
  # Devise::Auth0
2
2
 
3
- Allow signed-in auth0 users to areas protected by devise.
3
+ A devise/warden strategy for authenticating users with an Auth0-issued JSON web
4
+ token (JWT). This token is assumed to be provided via the Authorization HTTP
5
+ header.
4
6
 
5
7
  ## Installation
6
8
 
@@ -34,7 +36,12 @@ Devise.setup do |config|
34
36
  config.skip_session_storage = [:auth0_authenticatable] unless Rails.env.test?
35
37
 
36
38
  config.warden do |manager|
37
- manager.strategies.add(:auth0_authenticatable, Devise::Strategies::Auth0Authenticatable)
39
+
40
+ manager.strategies.add(:auth0_authenticatable, Devise::Strategies::Auth0Authenticatable) do
41
+ config.client_id = "abc123"
42
+ config.secret = "shhhh"
43
+ end
44
+
38
45
  manager.default_strategies(scope: :user).unshift :auth0_authenticatable
39
46
  end
40
47
  end
data/lib/devise/auth0/config.rb ADDED
@@ -0,0 +1,13 @@
1
+ module Devise
2
+
3
+ module Auth0
4
+
5
+ class Config
6
+
7
+ attr_accessor :client_id, :secret
8
+
9
+ end
10
+
11
+ end
12
+
13
+ end
data/lib/devise/auth0/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  module Devise
2
2
  module Auth0
3
- VERSION = "0.0.3"
3
+ VERSION = "0.1.0"
4
4
  end
5
5
  end
data/lib/devise/auth0.rb CHANGED
@@ -4,7 +4,12 @@ require 'devise/strategies/auth0_authenticatable'
4
4
 
5
5
  module Devise
6
6
  module Auth0
7
- CLIENT_ID = ENV.fetch 'AUTH0_CLIENT_ID'
8
- SECRET = Base64.decode64 ENV.fetch('AUTH0_SECRET').gsub('-', '+').gsub('_','/')
7
+ def self.client_id
8
+ ENV.fetch 'AUTH0_CLIENT_ID'
9
+ end
10
+
11
+ def self.secret
12
+ Base64.decode64 ENV.fetch('AUTH0_SECRET').gsub('-', '+').gsub('_','/')
13
+ end
9
14
  end
10
15
  end
data/lib/devise/strategies/auth0_authenticatable.rb CHANGED
@@ -1,15 +1,20 @@
1
1
  require 'devise'
2
+ require 'devise/auth0/config'
2
3
 
3
4
  module Devise
4
5
  module Strategies
5
6
 
6
7
  class Auth0Authenticatable < Base
7
8
 
9
+ def self.config
10
+ @config ||= Devise::Auth0::Config.new
11
+ end
12
+
8
13
  def authenticate!
9
14
  token = env['HTTP_AUTHORIZATION'].to_s.gsub('Bearer ', '')
10
15
 
11
16
  begin
12
- decoded_token, header = JWT.decode(token, Devise::Auth0::SECRET)
17
+ decoded_token, header = JWT.decode(token, self.class.config.secret)
13
18
  rescue JWT::DecodeError
14
19
  Rails.logger.warn 'Unreadable Auth0 token'
15
20
  fail! 'Unreadable Auth0 token'
@@ -22,7 +27,7 @@ module Devise
22
27
  return
23
28
  end
24
29
 
25
- if decoded_token['aud'] == Auth0::CLIENT_ID
30
+ if decoded_token['aud'] == self.class.config.client_id
26
31
  user = mapping.to.find_or_sync_auth0(decoded_token)
27
32
  success! user
28
33
  return
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: devise-auth0
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.0.3
4
+ version: 0.1.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Derek Kastner
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2016-09-07 00:00:00.000000000 Z
11
+ date: 2017-01-04 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: bundler
@@ -53,6 +53,7 @@ files:
53
53
  - Rakefile
54
54
  - devise-auth0.gemspec
55
55
  - lib/devise/auth0.rb
56
+ - lib/devise/auth0/config.rb
56
57
  - lib/devise/auth0/failure_app.rb
57
58
  - lib/devise/auth0/version.rb
58
59
  - lib/devise/models/auth0_authenticatable.rb