devise-jwt-cookie 0.1.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA256:
+  metadata.gz: c651a98107436a37d4411225bda3f600539a4732c3db026afb97f36ea0f076c9
+  data.tar.gz: d2f98c4f2fffbac7c616f1d01df9b22d941ae2242ca5fbab095a440ea665c9db
+SHA512:
+  metadata.gz: 4662d4091164b5c24c41ab6c178733473d6b4557a9db394a8f9d35d0fa1ee6ba828b87a6202fdb26e1e6a106853fc3501a3358bc6258ea946b457db1bf330c3f
+  data.tar.gz: 0da03f68dabf6d4e26d0e94f699fa10ea30a0ced2cb37919e2eb10a341038431ed45ad67291698de8d372d15ba7f5dc37b3d1fc51aeea9ec53e3f8daf829922d

data/Gemfile

@@ -0,0 +1,3 @@
+source 'https://rubygems.org'
+
+gemspec

data/Gemfile.lock

@@ -0,0 +1,208 @@
+PATH
+  remote: .
+  specs:
+    devise-jwt-cookie (0.1.0)
+      devise-jwt (~> 0.6.0)
+      dry-auto_inject (~> 0.6)
+      dry-configurable (~> 0.9, < 0.11)
+
+GEM
+  remote: https://rubygems.org/
+  specs:
+    actioncable (5.2.4.2)
+      actionpack (= 5.2.4.2)
+      nio4r (~> 2.0)
+      websocket-driver (>= 0.6.1)
+    actionmailer (5.2.4.2)
+      actionpack (= 5.2.4.2)
+      actionview (= 5.2.4.2)
+      activejob (= 5.2.4.2)
+      mail (~> 2.5, >= 2.5.4)
+      rails-dom-testing (~> 2.0)
+    actionpack (5.2.4.2)
+      actionview (= 5.2.4.2)
+      activesupport (= 5.2.4.2)
+      rack (~> 2.0, >= 2.0.8)
+      rack-test (>= 0.6.3)
+      rails-dom-testing (~> 2.0)
+      rails-html-sanitizer (~> 1.0, >= 1.0.2)
+    actionview (5.2.4.2)
+      activesupport (= 5.2.4.2)
+      builder (~> 3.1)
+      erubi (~> 1.4)
+      rails-dom-testing (~> 2.0)
+      rails-html-sanitizer (~> 1.0, >= 1.0.3)
+    activejob (5.2.4.2)
+      activesupport (= 5.2.4.2)
+      globalid (>= 0.3.6)
+    activemodel (5.2.4.2)
+      activesupport (= 5.2.4.2)
+    activerecord (5.2.4.2)
+      activemodel (= 5.2.4.2)
+      activesupport (= 5.2.4.2)
+      arel (>= 9.0)
+    activestorage (5.2.4.2)
+      actionpack (= 5.2.4.2)
+      activerecord (= 5.2.4.2)
+      marcel (~> 0.3.1)
+    activesupport (5.2.4.2)
+      concurrent-ruby (~> 1.0, >= 1.0.2)
+      i18n (>= 0.7, < 2)
+      minitest (~> 5.1)
+      tzinfo (~> 1.1)
+    arel (9.0.0)
+    bcrypt (3.1.13)
+    builder (3.2.4)
+    byebug (11.0.1)
+    codeclimate-test-reporter (1.0.7)
+      simplecov
+    coderay (1.1.2)
+    concurrent-ruby (1.1.6)
+    crass (1.0.6)
+    devise (4.7.1)
+      bcrypt (~> 3.0)
+      orm_adapter (~> 0.1)
+      railties (>= 4.1.0)
+      responders
+      warden (~> 1.2.3)
+    devise-jwt (0.6.0)
+      devise (~> 4.0)
+      warden-jwt_auth (~> 0.4)
+    diff-lcs (1.3)
+    docile (1.3.2)
+    dry-auto_inject (0.7.0)
+      dry-container (>= 0.3.4)
+    dry-configurable (0.9.0)
+      concurrent-ruby (~> 1.0)
+      dry-core (~> 0.4, >= 0.4.7)
+    dry-container (0.7.2)
+      concurrent-ruby (~> 1.0)
+      dry-configurable (~> 0.1, >= 0.1.3)
+    dry-core (0.4.9)
+      concurrent-ruby (~> 1.0)
+    erubi (1.9.0)
+    globalid (0.4.2)
+      activesupport (>= 4.2.0)
+    i18n (1.8.2)
+      concurrent-ruby (~> 1.0)
+    json (2.3.0)
+    jwt (2.2.1)
+    loofah (2.4.0)
+      crass (~> 1.0.2)
+      nokogiri (>= 1.5.9)
+    mail (2.7.1)
+      mini_mime (>= 0.1.1)
+    marcel (0.3.3)
+      mimemagic (~> 0.3.2)
+    method_source (1.0.0)
+    mimemagic (0.3.4)
+    mini_mime (1.0.2)
+    mini_portile2 (2.4.0)
+    minitest (5.14.0)
+    nio4r (2.5.2)
+    nokogiri (1.10.9)
+      mini_portile2 (~> 2.4.0)
+    orm_adapter (0.5.0)
+    pry (0.13.0)
+      coderay (~> 1.1)
+      method_source (~> 1.0)
+    pry-byebug (3.7.0)
+      byebug (~> 11.0)
+      pry (~> 0.10)
+    rack (2.2.2)
+    rack-test (1.1.0)
+      rack (>= 1.0, < 3)
+    rails (5.2.4.2)
+      actioncable (= 5.2.4.2)
+      actionmailer (= 5.2.4.2)
+      actionpack (= 5.2.4.2)
+      actionview (= 5.2.4.2)
+      activejob (= 5.2.4.2)
+      activemodel (= 5.2.4.2)
+      activerecord (= 5.2.4.2)
+      activestorage (= 5.2.4.2)
+      activesupport (= 5.2.4.2)
+      bundler (>= 1.3.0)
+      railties (= 5.2.4.2)
+      sprockets-rails (>= 2.0.0)
+    rails-dom-testing (2.0.3)
+      activesupport (>= 4.2.0)
+      nokogiri (>= 1.6)
+    rails-html-sanitizer (1.3.0)
+      loofah (~> 2.3)
+    railties (5.2.4.2)
+      actionpack (= 5.2.4.2)
+      activesupport (= 5.2.4.2)
+      method_source
+      rake (>= 0.8.7)
+      thor (>= 0.19.0, < 2.0)
+    rake (12.3.3)
+    responders (3.0.0)
+      actionpack (>= 5.0)
+      railties (>= 5.0)
+    rspec (3.9.0)
+      rspec-core (~> 3.9.0)
+      rspec-expectations (~> 3.9.0)
+      rspec-mocks (~> 3.9.0)
+    rspec-core (3.9.1)
+      rspec-support (~> 3.9.1)
+    rspec-expectations (3.9.1)
+      diff-lcs (>= 1.2.0, < 2.0)
+      rspec-support (~> 3.9.0)
+    rspec-mocks (3.9.1)
+      diff-lcs (>= 1.2.0, < 2.0)
+      rspec-support (~> 3.9.0)
+    rspec-rails (3.9.1)
+      actionpack (>= 3.0)
+      activesupport (>= 3.0)
+      railties (>= 3.0)
+      rspec-core (~> 3.9.0)
+      rspec-expectations (~> 3.9.0)
+      rspec-mocks (~> 3.9.0)
+      rspec-support (~> 3.9.0)
+    rspec-support (3.9.2)
+    simplecov (0.17.0)
+      docile (~> 1.1)
+      json (>= 1.8, < 3)
+      simplecov-html (~> 0.10.0)
+    simplecov-html (0.10.2)
+    sprockets (3.7.2)
+      concurrent-ruby (~> 1.0)
+      rack (> 1, < 3)
+    sprockets-rails (3.2.1)
+      actionpack (>= 4.0)
+      activesupport (>= 4.0)
+      sprockets (>= 3.0.0)
+    sqlite3 (1.4.2)
+    thor (1.0.1)
+    thread_safe (0.3.6)
+    tzinfo (1.2.6)
+      thread_safe (~> 0.1)
+    warden (1.2.8)
+      rack (>= 2.0.6)
+    warden-jwt_auth (0.4.2)
+      dry-auto_inject (~> 0.6)
+      dry-configurable (~> 0.9, < 0.11)
+      jwt (~> 2.1)
+      warden (~> 1.2)
+    websocket-driver (0.7.1)
+      websocket-extensions (>= 0.1.0)
+    websocket-extensions (0.1.4)
+
+PLATFORMS
+  ruby
+
+DEPENDENCIES
+  bundler (> 1)
+  codeclimate-test-reporter (~> 1.0)
+  devise-jwt-cookie!
+  pry-byebug (~> 3.7)
+  rails (~> 5.0)
+  rake (~> 12.3)
+  rspec (~> 3.8)
+  rspec-rails (~> 3.5)
+  simplecov (= 0.17)
+  sqlite3 (~> 1.3)
+
+BUNDLED WITH
+   2.1.4

data/README.md

@@ -0,0 +1,55 @@
+# Devise::JWT::Cookie
+
+`devise-jwt-cookie` is a [devise](https://github.com/plataformatec/devise) extension based on [devise-jwt](https://github.com/waiting-for-dev/devise-jwt). It should be used alongside `devise-jwt`.
+
+## Installation
+
+Add this line to your application's Gemfile:
+
+```ruby
+gem 'devise-jwt', '~> 0.5.9'
+```
+
+And then execute:
+
+    $ bundle
+
+## Usage
+
+First you need to setup up and configure devise and devise-jwt. This gem hooks into devise-jwt to add an httpOnly cookie with the JWT.
+
+### Model configuration
+
+You have to update the user model to be able to use the cookie method. For example:
+
+```ruby
+class User < ApplicationRecord
+  devise :database_authenticatable,
+         :jwt_cookie_authenticatable,
+         :jwt_authenticatable, jwt_revocation_strategy: Blacklist
+end
+```
+
+### Configuration reference
+
+This library can be configured by calling `jwt_cookie` on the devise config object:
+
+```ruby
+Devise.setup do |config|
+  config.jwt do |jwt|
+    # config for devise-jwt goes here
+  end
+  config.jwt_cookie do |jwt_cookie|
+    # ...
+  end
+end
+```
+
+#### name
+
+The name of the cookie. Defaults to `access_token`.
+
+#### domain
+
+The domain the cookie should be issued to. Will be omitted if not set.
+

data/devise-jwt-cookie.gemspec

@@ -0,0 +1,38 @@
+lib = File.expand_path('../lib', __FILE__)
+$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
+require 'devise/jwt/cookie/version'
+
+Gem::Specification.new do |spec|
+  spec.name          = "devise-jwt-cookie"
+  spec.version       = Devise::JWT::Cookie::VERSION
+  spec.authors       = ["Niels van der Zanden"]
+  spec.email         = ["niels@pharynx.nl"]
+
+  spec.summary       = %q{Cookie-based JWT authentication for devise}
+  spec.description   = %q{Cookie-based JWT authentication for devise with configurable token revocation strategies}
+  spec.homepage      = "https://github.com/scarhand/devise-jwt-cookie"
+  spec.license       = "MIT"
+
+  spec.files         = `git ls-files -z`.split("\x0").reject do |f|
+    f.match(%r{^(test|spec|features)/})
+  end
+  spec.bindir        = "exe"
+  spec.executables   = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
+  spec.require_paths = ["lib"]
+
+  spec.add_dependency 'devise-jwt', '~> 0.6'
+  spec.add_dependency 'dry-auto_inject', '~> 0.6'
+  spec.add_dependency 'dry-configurable', '~> 0.9', '< 0.11'
+
+  spec.add_development_dependency "bundler", "> 1"
+  spec.add_development_dependency "rake", "~> 12.3"
+  spec.add_development_dependency "rspec", "~> 3.8"
+  spec.add_development_dependency "pry-byebug", "~> 3.7"
+  # Needed to test the rails fixture application
+  spec.add_development_dependency 'rails', '~> 5.0'
+  spec.add_development_dependency 'sqlite3', '~> 1.3'
+  spec.add_development_dependency 'rspec-rails', '~> 3.5'
+  # Test reporting
+  spec.add_development_dependency 'simplecov', '0.17'
+  spec.add_development_dependency 'codeclimate-test-reporter', '~> 1.0'
+end

data/lib/devise/jwt/cookie.rb

@@ -0,0 +1,29 @@
+require 'dry/configurable'
+require 'dry/auto_inject'
+require 'devise/jwt/cookie/strategy'
+
+# Authentication library
+module Devise
+  def self.jwt_cookie
+    yield(Devise::JWT::Cookie.config)
+  end
+
+  add_module(:jwt_cookie_authenticatable, strategy: :jwt_cookie)
+
+  module JWT
+    module Cookie
+      extend Dry::Configurable
+
+      setting :name, 'access_token'
+      setting :domain
+
+      Import = Dry::AutoInject(config)
+    end
+  end
+end
+
+require 'devise/jwt/cookie/version'
+require 'devise/jwt/cookie/railtie'
+require 'devise/jwt/cookie/cookie_helper'
+require 'devise/jwt/cookie/middleware'
+require 'devise/jwt/cookie/models'

data/lib/devise/jwt/cookie/cookie_helper.rb

@@ -0,0 +1,23 @@
+module Devise
+  module JWT
+    module Cookie
+      class CookieHelper
+        include Cookie::Import['name', 'domain']
+
+        def build(token)
+          res = {
+            value: token,
+            path: '/',
+            httponly: true
+          }
+          res[:domain] = domain if domain.present?
+          [name, res]
+        end
+
+        def read_from(cookies)
+          cookies[name]
+        end
+      end
+    end
+  end
+end

data/lib/devise/jwt/cookie/middleware.rb

@@ -0,0 +1,22 @@
+module Devise
+  module JWT
+    module Cookie
+      class Middleware
+        ENV_KEY = 'warden-jwt_auth.token'
+
+        def initialize(app)
+          @app = app
+        end
+
+        def call(env)
+          status, headers, response = @app.call(env)
+          if headers['Authorization'] && env[ENV_KEY]
+            name, cookie = CookieHelper.new.build(env[ENV_KEY])
+            Rack::Utils.set_cookie_header!(headers, name, cookie)
+          end
+          [status, headers, response]
+        end
+      end
+    end
+  end
+end

data/lib/devise/jwt/cookie/models.rb

@@ -0,0 +1,6 @@
+require 'devise/jwt/cookie/models/jwt_cookie_authenticatable'
+
+module Devise
+  module Models
+  end
+end

data/lib/devise/jwt/cookie/models/jwt_cookie_authenticatable.rb

@@ -0,0 +1,19 @@
+require 'active_support/concern'
+
+module Devise
+  module Models
+    module JwtCookieAuthenticatable
+      extend ActiveSupport::Concern
+
+      included do
+        def self.find_for_jwt_authentication(sub)
+          find_by(primary_key => sub)
+        end
+      end
+
+      def jwt_subject
+        id
+      end
+    end
+  end
+end

data/lib/devise/jwt/cookie/railtie.rb

@@ -0,0 +1,13 @@
+require 'rails/railtie'
+
+module Devise
+  module JWT
+    module Cookie
+      class Railtie < Rails::Railtie
+        initializer 'devise-jwt-cookie-middleware' do |app|
+          app.middleware.insert_before Warden::JWTAuth::Middleware, Devise::JWT::Cookie::Middleware
+        end
+      end
+    end
+  end
+end

data/lib/devise/jwt/cookie/strategy.rb

@@ -0,0 +1,36 @@
+require 'warden'
+
+module Devise
+  module JWT
+    module Cookie
+      # Warden strategy to authenticate an user through a JWT token in
+      # an http-only cookie
+      class Strategy < Warden::Strategies::Base
+        def valid?
+          !token.nil?
+        end
+
+        def store?
+          false
+        end
+
+        def authenticate!
+          # FIXME support aud
+          aud = nil
+          user = Warden::JWTAuth::UserDecoder.new.call(token, scope, aud)
+          success!(user)
+        rescue ::JWT::DecodeError => exception
+          fail!(exception.message)
+        end
+
+        private
+
+        def token
+          @token ||= CookieHelper.new.read_from(cookies)
+        end
+      end
+    end
+  end
+end
+
+Warden::Strategies.add(:jwt_cookie, Devise::JWT::Cookie::Strategy)

data/lib/devise/jwt/cookie/version.rb

@@ -0,0 +1,7 @@
+module Devise
+  module JWT
+    module Cookie
+      VERSION = '0.1.0'
+    end
+  end
+end

metadata

@@ -0,0 +1,231 @@
+--- !ruby/object:Gem::Specification
+name: devise-jwt-cookie
+version: !ruby/object:Gem::Version
+  version: 0.1.0
+platform: ruby
+authors:
+- Niels van der Zanden
+autorequire: 
+bindir: exe
+cert_chain: []
+date: 2020-04-01 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: devise-jwt
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.6'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.6'
+- !ruby/object:Gem::Dependency
+  name: dry-auto_inject
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.6'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.6'
+- !ruby/object:Gem::Dependency
+  name: dry-configurable
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.9'
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: '0.11'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.9'
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: '0.11'
+- !ruby/object:Gem::Dependency
+  name: bundler
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">"
+      - !ruby/object:Gem::Version
+        version: '1'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">"
+      - !ruby/object:Gem::Version
+        version: '1'
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '12.3'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '12.3'
+- !ruby/object:Gem::Dependency
+  name: rspec
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.8'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.8'
+- !ruby/object:Gem::Dependency
+  name: pry-byebug
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.7'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.7'
+- !ruby/object:Gem::Dependency
+  name: rails
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '5.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '5.0'
+- !ruby/object:Gem::Dependency
+  name: sqlite3
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.3'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.3'
+- !ruby/object:Gem::Dependency
+  name: rspec-rails
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.5'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.5'
+- !ruby/object:Gem::Dependency
+  name: simplecov
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - '='
+      - !ruby/object:Gem::Version
+        version: '0.17'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '='
+      - !ruby/object:Gem::Version
+        version: '0.17'
+- !ruby/object:Gem::Dependency
+  name: codeclimate-test-reporter
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.0'
+description: Cookie-based JWT authentication for devise with configurable token revocation
+  strategies
+email:
+- niels@pharynx.nl
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- Gemfile
+- Gemfile.lock
+- README.md
+- devise-jwt-cookie.gemspec
+- lib/devise/jwt/cookie.rb
+- lib/devise/jwt/cookie/cookie_helper.rb
+- lib/devise/jwt/cookie/middleware.rb
+- lib/devise/jwt/cookie/models.rb
+- lib/devise/jwt/cookie/models/jwt_cookie_authenticatable.rb
+- lib/devise/jwt/cookie/railtie.rb
+- lib/devise/jwt/cookie/strategy.rb
+- lib/devise/jwt/cookie/version.rb
+homepage: https://github.com/scarhand/devise-jwt-cookie
+licenses:
+- MIT
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 2.7.6.2
+signing_key: 
+specification_version: 4
+summary: Cookie-based JWT authentication for devise
+test_files: []