devise-fireauth 0.0.1.pre.alpha.1 → 0.1.0.rc1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: ca12b822901c77c6d973ab24876975f2983913ca7846b6139e7d115dba569ca7
-  data.tar.gz: 30129041c8c71063ddd5f91114edfd21e8f4bcb67d869c3c300d1e47eb29a710
+  metadata.gz: dd558dba905e43488164024dcae0048e789b03c07284ac81dbbcef754b45b156
+  data.tar.gz: 9837813df4f5a0dd72e7c4cdcdda99df489b6f35ed162a8e7c84460f0022ed8e
 SHA512:
-  metadata.gz: a06e509346ab2682a527e540423799cfc9e19043376800643af00884e5e6ad9f9b460d983d2a3e9ca4c4407debefeb4fbd15ea7c696c4085a8f6184a1000a464
-  data.tar.gz: 49d0aa5b51d09290651cf1ad25d146d386706d5566017207af93d0bf3c332e8ab0c254cfa51cdd0fc9170a35721bc9ff9773b21d1d71692260235ca25f119601
+  metadata.gz: f3d688da001109f4ad9c3834222155a2336dbe508d155e037409985bda0f64a40a4570765b4c8564e75e4f42347f51bc8a3b3561582cc7e8d0aff732f113ccc5
+  data.tar.gz: a9d26c321cc8170c795bdcc46cc9df7bb3d3b93f0153291b550222a91dc14440dbb86040921ad681f95fcdde0f2805dcb48397965ea1b41767187004cbc5057a

data/.rubocop.yml

@@ -0,0 +1,15 @@
+require: rubocop-rspec
+inherit_gem:
+  rubocop-github:
+    - config/default.yml
+    - config/rails.yml
+AllCops:
+  Exclude:
+    - gemfiles/**/*
+    - tmp/**/*
+    - vendor/**/*
+    - spec/dummy/**/*
+GitHub/RailsControllerRenderLiteral:
+  Enabled: false
+GitHub/RailsControllerRenderPathsExist:
+  Enabled: false

data/Gemfile

@@ -1,6 +1,6 @@
 source "https://rubygems.org"
 
-git_source(:github) {|repo_name| "https://github.com/#{repo_name}" }
+git_source(:github) { |repo_name| "https://github.com/#{repo_name}" }
 
 # Specify your gem's dependencies in devise-fireauth.gemspec
 gemspec

data/Gemfile.lock

@@ -1,11 +1,12 @@
 PATH
   remote: .
   specs:
-    devise-fireauth (0.0.1.pre.alpha.1)
+    devise-fireauth (0.1.0.rc1)
       activesupport (>= 4)
       devise (~> 4.0)
       dry-configurable
-      httparty
+      jwt (>= 1)
+      warden
 
 GEM
   remote: https://rubygems.org/
@@ -23,13 +24,17 @@ GEM
       erubi (~> 1.4)
       rails-dom-testing (~> 2.0)
       rails-html-sanitizer (~> 1.0, >= 1.0.3)
+    activemodel (5.2.1)
+      activesupport (= 5.2.1)
     activesupport (5.2.1)
       concurrent-ruby (~> 1.0, >= 1.0.2)
       i18n (>= 0.7, < 2)
       minitest (~> 5.1)
       tzinfo (~> 1.1)
+    ast (2.4.0)
     bcrypt (3.1.12)
     builder (3.2.3)
+    coderay (1.1.2)
     concurrent-ruby (1.0.5)
     crass (1.0.4)
     devise (4.5.0)
@@ -42,20 +47,28 @@ GEM
     dry-configurable (0.7.0)
       concurrent-ruby (~> 1.0)
     erubi (1.7.1)
-    httparty (0.16.2)
-      multi_xml (>= 0.5.2)
+    fakeweb (1.3.0)
     i18n (1.1.0)
       concurrent-ruby (~> 1.0)
+    jaro_winkler (1.5.1)
+    jwt (2.1.0)
     loofah (2.2.2)
       crass (~> 1.0.2)
       nokogiri (>= 1.5.9)
     method_source (0.9.0)
     mini_portile2 (2.3.0)
     minitest (5.11.3)
-    multi_xml (0.6.0)
     nokogiri (1.8.4)
       mini_portile2 (~> 2.3.0)
+    openssl (2.1.1)
     orm_adapter (0.5.0)
+    parallel (1.12.1)
+    parser (2.5.1.2)
+      ast (~> 2.4.0)
+    powerpack (0.1.2)
+    pry (0.11.3)
+      coderay (~> 1.1.0)
+      method_source (~> 0.9.0)
     rack (2.0.5)
     rack-test (1.1.0)
       rack (>= 1.0, < 3)
@@ -70,6 +83,7 @@ GEM
       method_source
       rake (>= 0.8.7)
       thor (>= 0.19.0, < 2.0)
+    rainbow (3.0.0)
     rake (10.5.0)
     responders (2.4.0)
       actionpack (>= 4.2.0, < 5.3)
@@ -87,10 +101,24 @@ GEM
       diff-lcs (>= 1.2.0, < 2.0)
       rspec-support (~> 3.8.0)
     rspec-support (3.8.0)
+    rubocop (0.59.1)
+      jaro_winkler (~> 1.5.1)
+      parallel (~> 1.10)
+      parser (>= 2.5, != 2.5.1.1)
+      powerpack (~> 0.1)
+      rainbow (>= 2.2.2, < 4.0)
+      ruby-progressbar (~> 1.7)
+      unicode-display_width (~> 1.0, >= 1.0.1)
+    rubocop-github (0.12.0)
+      rubocop (~> 0.59)
+    rubocop-rspec (1.29.1)
+      rubocop (>= 0.58.0)
+    ruby-progressbar (1.10.0)
     thor (0.20.0)
     thread_safe (0.3.6)
     tzinfo (1.2.5)
       thread_safe (~> 0.1)
+    unicode-display_width (1.4.0)
     warden (1.2.7)
       rack (>= 1.0)
 
@@ -98,10 +126,17 @@ PLATFORMS
   ruby
 
 DEPENDENCIES
+  activemodel
   bundler (~> 1.16)
   devise-fireauth!
+  fakeweb
+  openssl
+  pry
+  railties (>= 4)
   rake (~> 10.0)
   rspec (~> 3.0)
+  rubocop-github
+  rubocop-rspec
 
 BUNDLED WITH
    1.16.4

data/README.md

@@ -32,6 +32,7 @@ Devise.setup do |config|
   ]
   config.fireauth do |f|
     f.api_key = "YoUR-weB-aPi-KEy"
+    f.project_id = "firebase-project-id"
     f.token_key = :id_token
   end
 end
@@ -54,8 +55,9 @@ end
 ```
 
 - Restart the server
-- From now on, you can authenticate with the API via firebase `idToken`
-- There is a full example of how to get firebase `idToken` and use it to authenticate with API lives in [spec/dummy/app/views/devise/sessions/new.html.haml](https://github.com/yeuem1vannam/devise-fireauth/blob/7bf5276b7b319fc6a5015cac597cd0aa708da3d7/spec/dummy/app/views/devise/sessions/new.html.haml#L32-L38)
+- From now on, you can authenticate with the API via firebase `idToken` by one of:
+  - Add params `id_token` to URL query
+  - Attach the header `Authorization: Bearer #{id_token}` to the request
 
 ## Development
 

data/Rakefile

@@ -3,4 +3,4 @@ require "rspec/core/rake_task"
 
 RSpec::Core::RakeTask.new(:spec)
 
-task :default => :spec
+task default: :spec

data/devise-fireauth.gemspec

@@ -15,19 +15,27 @@ Gem::Specification.new do |spec|
 
   # Specify which files should be added to the gem when it is released.
   # The `git ls-files -z` loads the files in the RubyGem that have been added into git.
-  spec.files         = Dir.chdir(File.expand_path('..', __FILE__)) do
+  spec.files         = Dir.chdir(File.expand_path("..", __FILE__)) do
     `git ls-files -z`.split("\x0").reject { |f| f.match(%r{^(test|spec|features)/}) }
   end
   spec.bindir        = "exe"
   spec.executables   = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
   spec.require_paths = ["lib"]
 
-  spec.add_dependency "devise", "~> 4.0"
-  spec.add_dependency "activesupport", ">= 4"
-  spec.add_dependency "dry-configurable"
-  spec.add_dependency "httparty"
+  spec.add_runtime_dependency "activesupport", ">= 4"
+  spec.add_runtime_dependency "devise", "~> 4.0"
+  spec.add_runtime_dependency "dry-configurable"
+  spec.add_runtime_dependency "jwt", ">= 1"
+  spec.add_runtime_dependency "warden"
 
+  spec.add_development_dependency "activemodel" # required by devise
   spec.add_development_dependency "bundler", "~> 1.16"
+  spec.add_development_dependency "fakeweb"
+  spec.add_development_dependency "openssl"
+  spec.add_development_dependency "pry"
   spec.add_development_dependency "rake", "~> 10.0"
+  spec.add_development_dependency "railties", ">= 4"
   spec.add_development_dependency "rspec", "~> 3.0"
+  spec.add_development_dependency "rubocop-github"
+  spec.add_development_dependency "rubocop-rspec"
 end

data/lib/devise/fireauth.rb

@@ -2,25 +2,23 @@
 require "devise"
 require "dry-configurable"
 require "devise/fireauth/version"
+require_relative "../firebase_id_token"
 
 module Devise
   def self.fireauth
     yield(Devise::Fireauth.config)
+    Devise::Fireauth.firebase_validator = FirebaseIDToken::Validator.new(aud: Devise::Fireauth.project_id)
   end
 
-  warden do |manager|
-    manager.strategies.add(:firebase_authenticatable, Devise::Strategies::FirebaseAuthenticatable)
-    manager.default_strategies(scope: :user).unshift :firebase_authenticatable
-  end
-  add_module :firebase_authenticatable, controller: :sessions, route: { session: :routes }
-
   module Fireauth
     extend Dry::Configurable
 
     setting :api_key, reader: true
     setting :token_key, :id_token, reader: true
-    # TODO
-    # - project_id: for verifying aud / iss
+    setting :project_id, reader: true
+
+    # Firebase Validator
+    mattr_accessor :firebase_validator
   end
 
   # Those modules must be loaded after Fireauth configuration done
@@ -34,9 +32,13 @@ module Devise
       "devise/fireauth/strategies/firebase_authenticatable"
   end
 
-  # TODO: verify the correct way to add strategies to warden
   warden do |manager|
-    manager.strategies.add(:firebase_authenticatable, Devise::Strategies::FirebaseAuthenticatable)
+    manager.strategies.add :firebase_authenticatable,
+      Devise::Strategies::FirebaseAuthenticatable
+    mappings.keys.each do |scope|
+      manager.default_strategies(scope: scope).unshift :firebase_authenticatable
+    end
   end
-  add_module :firebase_authenticatable, controller: :sessions, route: { session: :routes }
+  add_module :firebase_authenticatable,
+    controller: :sessions, route: { session: :routes }
 end

data/lib/devise/fireauth/models/firebase_authenticatable.rb

@@ -1,6 +1,5 @@
 # frozen_string_literal: true
 require "active_support/concern"
-require "httparty"
 
 module Devise
   module Models
@@ -12,7 +11,6 @@ module Devise
       end
 
       module ClassMethods
-        FIREBASE_USER_INFO_URL = "https://www.googleapis.com/identitytoolkit/v3/relyingparty/getAccountInfo?key=#{Fireauth.api_key}"
         ####################################
         # Overriden methods from Devise::Models::Authenticatable
         ####################################
@@ -42,6 +40,11 @@ module Devise
           [record.id]
         end
 
+        def from_firebase(auth_hash)
+          raise NotImplementedError,
+            "#{self.name} model must implement class method `from_firebase'"
+        end
+
         #
         # Here you do the request to the external webservice
         #
@@ -50,38 +53,20 @@ module Devise
         #
         # If the authentication fails you should return false
         #
-        def firebase_authentication(auth_params)
-          auth_hash = firebase_verification(auth_params[Fireauth.token_key])
+        def firebase_authentication(id_token)
+          auth_hash = firebase_verification(id_token)
           return nil if auth_hash.empty?
-          unless defined? self.from_firebase
-            raise NotImplementedError,
-              "#{self.name} model must implement class method `from_firebase'"
-          end
           # Create new user here and return user
           self.from_firebase(auth_hash)
         end
 
         private
 
-        # TODO:
-        # Verify the correct token
-        # https://firebase.google.com/docs/auth/admin/verify-id-tokens#retrieve_id_tokens_on_clients
         def firebase_verification(id_token)
-          firebase_verification_call = HTTParty.post(
-            FIREBASE_USER_INFO_URL,
-            headers: {
-              'Content-Type': 'application/json'
-            },
-            body: {
-              'idToken': id_token
-            }.to_json
-          )
-          if firebase_verification_call.response.code == "200"
-            firebase_infos = firebase_verification_call.parsed_response
-            firebase_infos["users"][0]
-          else
-            {}
-          end
+          Fireauth.firebase_validator.check id_token
+        rescue => e
+          puts e.message
+          {}
         end
       end
     end

data/lib/devise/fireauth/strategies/firebase_authenticatable.rb

@@ -3,23 +3,25 @@
 module Devise
   module Strategies
     class FirebaseAuthenticatable < Authenticatable
+      def valid?
+        !token.nil?
+      end
+
+      # Don't use Session
+      def store?
+        false
+      end
       #
       # For an example check : https://github.com/plataformatec/devise/blob/master/lib/devise/strategies/database_authenticatable.rb
       #
       # Method called by warden to authenticate a resource.
       #
       def authenticate!
-        #
-        # authentication_hash doesn't include the password
-        #
-        auth_params = authentication_hash
-        return fail! unless auth_params[Fireauth.token_key]
-
         #
         # mapping.to is a wrapper over the resource model
         #
         # Treat the password as idToken
-        resource = mapping.to.firebase_authentication(auth_params)
+        resource = mapping.to.firebase_authentication(token)
 
         return fail! unless resource
 
@@ -35,6 +37,29 @@ module Devise
           success!(resource)
         end
       end
+
+      def authenticate
+        resource = mapping.to.firebase_authentication(token)
+        # If authenticated, stop immediately - or continue
+        resource ? success!(resource) : fail(resource)
+      end
+
+      private
+
+      def token
+        token_from_headers || token_from_params
+      end
+
+      def token_from_headers
+        authorization_header = env["HTTP_AUTHORIZATION"]
+        return unless authorization_header
+        type, token = authorization_header.split
+        type =~ /Bearer/i ? token : nil
+      end
+
+      def token_from_params
+        params.dig Devise::Fireauth.token_key
+      end
     end
   end
 end

data/lib/devise/fireauth/version.rb

@@ -1,5 +1,5 @@
 module Devise
   module Fireauth
-    VERSION = "0.0.1-alpha.1"
+    VERSION = "0.1.0.rc1"
   end
 end

data/lib/firebase_id_token.rb

@@ -0,0 +1,138 @@
+# frozen_string_literal: true
+# Original idea from https://github.com/google/google-id-token
+require "json"
+require "jwt"
+require "monitor"
+require "net/http"
+require "openssl"
+
+module FirebaseIDToken
+  class CertificateError < StandardError; end
+  class ValidationError < StandardError; end
+  class ExpiredTokenError < ValidationError; end
+  class SignatureError < ValidationError; end
+  class InvalidIssuerError < ValidationError; end
+  class AudienceMismatchError < ValidationError; end
+  class ClientIDMismatchError < ValidationError; end
+
+  # Verify the correct token
+  # https://firebase.google.com/docs/auth/admin/verify-id-tokens#retrieve_id_tokens_on_clients
+  class Validator
+    include MonitorMixin
+
+    GOOGLE_CERTS_URI = "https://www.googleapis.com/robot/v1/metadata/x509/securetoken@system.gserviceaccount.com"
+    GOOGLE_ISSUER_PREFIX = "https://securetoken.google.com/" # Has a trailing `/'
+    GOOGLE_CERTS_EXPIRY = 3600 # 1 hour
+
+    def initialize(aud:, expiry: GOOGLE_CERTS_EXPIRY)
+      super()
+
+      @aud = aud.to_s
+      @iss = "#{GOOGLE_ISSUER_PREFIX}#{aud}"
+      @certs_expiry = expiry
+      @certs = {}
+    end
+
+    ##
+    # If it validates, returns a hash with the JWT payload from the ID Token.
+    #  You have to provide an "aud" value, which must match the
+    #  token"s field with that name, and will similarly check cid if provided.
+    #
+    # If something fails, raises an error
+    #
+    # @param [String] token
+    #   The string form of the token
+    #
+    # @return [Hash] The decoded ID token
+    def check(token)
+      synchronize do
+        payload = check_cached_certs(token)
+
+        unless payload
+          # no certs worked, might've expired, refresh
+          if refresh_certs
+            payload = check_cached_certs(token)
+
+            unless payload
+              raise SignatureError, "Token not verified as issued by Google"
+            end
+          else
+            raise CertificateError, "Unable to retrieve Google public keys"
+          end
+        end
+
+        payload
+      end
+    end
+
+    private
+
+    # tries to validate the token against each cached cert.
+    # Returns the token payload or raises a ValidationError or `nil',
+    # which means none of the certs validated.
+    def check_cached_certs(token)
+      payload = nil
+
+      # find first public key that validates this token
+      @certs.detect do |key, cert|
+        begin
+          public_key = cert.public_key
+          decoded_token = JWT.decode(
+            token,
+            public_key,
+            !!public_key,
+            { algorithm: "RS256", kid: key }
+          )
+          payload = decoded_token.first
+
+          payload
+        rescue JWT::ExpiredSignature
+          raise ExpiredTokenError, "Token signature is expired"
+        rescue JWT::DecodeError
+          nil # go on, try the next cert
+        end
+      end
+
+      if payload
+        if !(payload.has_key?("aud") && payload["aud"] == @aud)
+          raise AudienceMismatchError, "Token audience mismatch"
+        end
+        if payload["iss"] != @iss
+          raise InvalidIssuerError, "Token issuer mismatch"
+        end
+        payload
+      else
+        nil
+      end
+    end
+
+    def refresh_certs
+      return true unless certs_cache_expired?
+
+      uri = URI(GOOGLE_CERTS_URI)
+      get = Net::HTTP::Get.new uri.request_uri
+      http = Net::HTTP.new(uri.host, uri.port)
+      http.use_ssl = true
+      res = http.request(get)
+
+      if res.is_a?(Net::HTTPSuccess)
+        new_certs = Hash[JSON.load(res.body).map do |key, cert|
+          [key, OpenSSL::X509::Certificate.new(cert)]
+        end]
+        @certs.merge! new_certs
+        @certs_last_refresh = Time.now
+        true
+      else
+        false
+      end
+    end
+
+    def certs_cache_expired?
+      if defined? @certs_last_refresh
+        Time.now > @certs_last_refresh + @certs_expiry
+      else
+        true
+      end
+    end
+  end
+end

metadata

@@ -1,15 +1,29 @@
 --- !ruby/object:Gem::Specification
 name: devise-fireauth
 version: !ruby/object:Gem::Version
-  version: 0.0.1.pre.alpha.1
+  version: 0.1.0.rc1
 platform: ruby
 authors:
 - yeuem1vannam
 autorequire: 
 bindir: exe
 cert_chain: []
-date: 2018-09-15 00:00:00.000000000 Z
+date: 2018-09-25 00:00:00.000000000 Z
 dependencies:
+- !ruby/object:Gem::Dependency
+  name: activesupport
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '4'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '4'
 - !ruby/object:Gem::Dependency
   name: devise
   requirement: !ruby/object:Gem::Requirement
@@ -25,21 +39,35 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '4.0'
 - !ruby/object:Gem::Dependency
-  name: activesupport
+  name: dry-configurable
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '4'
+        version: '0'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '4'
+        version: '0'
 - !ruby/object:Gem::Dependency
-  name: dry-configurable
+  name: jwt
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '1'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '1'
+- !ruby/object:Gem::Dependency
+  name: warden
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
@@ -53,13 +81,13 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
-  name: httparty
+  name: activemodel
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
         version: '0'
-  type: :runtime
+  type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
@@ -80,6 +108,48 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: '1.16'
+- !ruby/object:Gem::Dependency
+  name: fakeweb
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: openssl
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: pry
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
 - !ruby/object:Gem::Dependency
   name: rake
   requirement: !ruby/object:Gem::Requirement
@@ -94,6 +164,20 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: '10.0'
+- !ruby/object:Gem::Dependency
+  name: railties
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '4'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '4'
 - !ruby/object:Gem::Dependency
   name: rspec
   requirement: !ruby/object:Gem::Requirement
@@ -108,6 +192,34 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: '3.0'
+- !ruby/object:Gem::Dependency
+  name: rubocop-github
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: rubocop-rspec
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
 description: Firebase as authentication service behind the devise
 email: 
 executables: []
@@ -116,6 +228,7 @@ extra_rdoc_files: []
 files:
 - ".gitignore"
 - ".rspec"
+- ".rubocop.yml"
 - ".travis.yml"
 - CODE_OF_CONDUCT.md
 - Gemfile
@@ -130,6 +243,7 @@ files:
 - lib/devise/fireauth/models/firebase_authenticatable.rb
 - lib/devise/fireauth/strategies/firebase_authenticatable.rb
 - lib/devise/fireauth/version.rb
+- lib/firebase_id_token.rb
 homepage: https://github.com/yeuem1vannam/devise-fireauth
 licenses:
 - MIT