epb-auth-tools 1.0.1 → 1.0.7

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 782e5a8d8575cc614987e76c1475c6e3bb21126a5f1d69d35534151d9812a861
-  data.tar.gz: 3cb5ed246374496bc8170503bc77c0557c80cb7b6d8f44e57c09548555b9ef6b
+  metadata.gz: f1b1fb574665a72ca0bdc7ee114645deac275e7ec17f4b41fa080ca4c8831fa3
+  data.tar.gz: 0d0baaf4cc5df70f8e762b2451a40dd6b016d1e45329c3afd6447b2ad8857cd4
 SHA512:
-  metadata.gz: dc06e83c6313dccbae073da2adbc20d694279b7a99ae7e4232b4dad54ca9fa07411e6bc78cfa9c23a3de78ec8285df89da31d7b3c585eafc5312bc44fe7ef85e
-  data.tar.gz: e9899d2035a1955efb170ad2379207d9b3fdd69126f8f7a2d5655719cdb712a163987756332c7172e84234f2cde1c59957b82f210659ebb3d741aea640e1718a
+  metadata.gz: e9765ef35a90762641b91bc6c80f1dc43c9928bec457ec5e7a678376b8277f909da2bcb002422ac87d55d1989cea2a0fac414a0ee94c14f44f9d438733be8ca0
+  data.tar.gz: 9ebc8a9003fb3db97592f929ab571633bbfa25d17ace369fbb3c6a5bee51956db63068da593dedff1d38eefe3c36e7547024538ff913bf9a7296d1aa6efa40f2

data/lib/errors.rb

@@ -2,35 +2,58 @@
 
 module Auth
   module Errors
-    class Error < RuntimeError; end
-
-    class Processor < Auth::Errors::Error; end
-    class ProcessorHasNoSecret < Auth::Errors::Error; end
-    class ProcessorHasNoIssuer < Auth::Errors::Error; end
-
-    class Token < Auth::Errors::Error; end
-
-    class TokenMissing < Auth::Errors::Token; end
-    class TokenPayloadError < Auth::Errors::Token; end
-    class TokenExpired < Auth::Errors::TokenPayloadError; end
-    class TokenNotYetValid < Auth::Errors::TokenPayloadError; end
-    class TokenHasNoIssuer < Auth::Errors::TokenPayloadError; end
-    class TokenHasNoSubject < Auth::Errors::TokenPayloadError; end
-    class TokenHasNoIssuedAt < Auth::Errors::TokenPayloadError; end
-    class TokenHasNoExpiry < Auth::Errors::TokenPayloadError; end
-    class TokenIssuerIncorrect < Auth::Errors::TokenPayloadError; end
-
-    class TokenDecodeError < Auth::Errors::Token; end
-    class TokenTamperDetected < Auth::Errors::TokenDecodeError; end
-
-    class Client < Auth::Errors::Error; end
-
-    class ClientHasNoAuthServer < Auth::Errors::Client; end
-    class ClientHasNoClientId < Auth::Errors::Client; end
-    class ClientHasNoClientSecret < Auth::Errors::Client; end
-    class ClientHasNoBaseUri < Auth::Errors::Client; end
-
-    class Network < Auth::Errors::Error; end
-    class NetworkConnectionFailed < Auth::Errors::Network; end
+    class Error < RuntimeError
+    end
+
+    class Processor < Auth::Errors::Error
+    end
+    class ProcessorHasNoSecret < Auth::Errors::Error
+    end
+    class ProcessorHasNoIssuer < Auth::Errors::Error
+    end
+
+    class Token < Auth::Errors::Error
+    end
+
+    class TokenMissing < Auth::Errors::Token
+    end
+    class TokenPayloadError < Auth::Errors::Token
+    end
+    class TokenExpired < Auth::Errors::TokenPayloadError
+    end
+    class TokenNotYetValid < Auth::Errors::TokenPayloadError
+    end
+    class TokenHasNoIssuer < Auth::Errors::TokenPayloadError
+    end
+    class TokenHasNoSubject < Auth::Errors::TokenPayloadError
+    end
+    class TokenHasNoIssuedAt < Auth::Errors::TokenPayloadError
+    end
+    class TokenHasNoExpiry < Auth::Errors::TokenPayloadError
+    end
+    class TokenIssuerIncorrect < Auth::Errors::TokenPayloadError
+    end
+
+    class TokenDecodeError < Auth::Errors::Token
+    end
+    class TokenTamperDetected < Auth::Errors::TokenDecodeError
+    end
+
+    class Client < Auth::Errors::Error
+    end
+
+    class ClientHasNoAuthServer < Auth::Errors::Client
+    end
+    class ClientHasNoClientId < Auth::Errors::Client
+    end
+    class ClientHasNoClientSecret < Auth::Errors::Client
+    end
+    class ClientHasNoBaseUri < Auth::Errors::Client
+    end
+
+    class Network < Auth::Errors::Error
+    end
+    class NetworkConnectionFailed < Auth::Errors::Network
+    end
   end
 end

data/lib/http_client.rb

@@ -25,7 +25,6 @@ module Auth
       authorisation_url = site_url.path + '/oauth/token'
       site_url = "#{site_url.scheme}://#{site_url.host}:#{site_url.port}"
 
-
       @base_uri = base_uri
       @client =
         auth_client.new client_id,

data/lib/token.rb

@@ -7,12 +7,16 @@ module Auth
       validate_payload
     end
 
+    def sub
+      @payload['sub']
+    end
+
     def scope?(scope)
-      @payload['scopes'].include? scope
+      @payload['scopes']&.include? scope
     end
 
     def scopes?(scopes)
-      scopes.all? { |scope| @payload['scopes'].include? scope }
+      scopes.all? { |scope| @payload['scopes']&.include? scope }
     end
 
     def supplemental(property = nil)

data/lib/token_processor.rb

@@ -17,6 +17,7 @@ module Auth
 
       payload, _header = jwt_process token
 
+      raise Auth::Errors::TokenExpired unless payload.key?('exp')
       raise Auth::Errors::TokenHasNoIssuer unless payload.key?('iss')
       unless payload['iss'] == @jwt_issuer
         raise Auth::Errors::TokenIssuerIncorrect

metadata

@@ -1,13 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: epb-auth-tools
 version: !ruby/object:Gem::Version
-  version: 1.0.1
+  version: 1.0.7
 platform: ruby
 authors:
 - Lawrence Goldstien <lawrence.goldstien@madetech.com>
 - Yusuf Sheikh <yusuf@madetech.com>
 - Jaseera <jaseera@madetech.com>
-autorequire: 
+- Kevin Keenoy <kevin.keenoy@communities.gov.uk>
+autorequire:
 bindir: bin
 cert_chain: []
 date: 2020-03-11 00:00:00.000000000 Z
@@ -40,13 +41,13 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: '1.4'
-description: 
-email: 
+description:
+email:
 executables: []
 extensions: []
 extra_rdoc_files: []
 files:
-- lib/epb_auth_tools.rb
+- lib/epb-auth-tools.rb
 - lib/errors.rb
 - lib/http_client.rb
 - lib/sinatra/conditional.rb
@@ -56,7 +57,7 @@ homepage: https://github.com/communitiesuk/epb-auth-tools
 licenses:
 - MIT
 metadata: {}
-post_install_message: 
+post_install_message:
 rdoc_options: []
 require_paths:
 - lib
@@ -71,8 +72,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.0.6
-signing_key: 
+rubygems_version: 3.0.3
+signing_key:
 specification_version: 4
 summary: Tools for authentication and authorisation with JWTs and OAuth
 test_files: []