epb-auth-tools 1.0.1 → 1.0.7

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (7) hide show
  1. checksums.yaml +4 -4
  2. data/lib/{epb_auth_tools.rb → epb-auth-tools.rb} +0 -0
  3. data/lib/errors.rb +53 -30
  4. data/lib/http_client.rb +0 -1
  5. data/lib/token.rb +6 -2
  6. data/lib/token_processor.rb +1 -0
  7. metadata +9 -8
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 782e5a8d8575cc614987e76c1475c6e3bb21126a5f1d69d35534151d9812a861
4
- data.tar.gz: 3cb5ed246374496bc8170503bc77c0557c80cb7b6d8f44e57c09548555b9ef6b
3
+ metadata.gz: f1b1fb574665a72ca0bdc7ee114645deac275e7ec17f4b41fa080ca4c8831fa3
4
+ data.tar.gz: 0d0baaf4cc5df70f8e762b2451a40dd6b016d1e45329c3afd6447b2ad8857cd4
5
5
  SHA512:
6
- metadata.gz: dc06e83c6313dccbae073da2adbc20d694279b7a99ae7e4232b4dad54ca9fa07411e6bc78cfa9c23a3de78ec8285df89da31d7b3c585eafc5312bc44fe7ef85e
7
- data.tar.gz: e9899d2035a1955efb170ad2379207d9b3fdd69126f8f7a2d5655719cdb712a163987756332c7172e84234f2cde1c59957b82f210659ebb3d741aea640e1718a
6
+ metadata.gz: e9765ef35a90762641b91bc6c80f1dc43c9928bec457ec5e7a678376b8277f909da2bcb002422ac87d55d1989cea2a0fac414a0ee94c14f44f9d438733be8ca0
7
+ data.tar.gz: 9ebc8a9003fb3db97592f929ab571633bbfa25d17ace369fbb3c6a5bee51956db63068da593dedff1d38eefe3c36e7547024538ff913bf9a7296d1aa6efa40f2
data/lib/{epb_auth_tools.rb → epb-auth-tools.rb} RENAMED
File without changes
data/lib/errors.rb CHANGED
@@ -2,35 +2,58 @@
2
2
 
3
3
  module Auth
4
4
  module Errors
5
- class Error < RuntimeError; end
6
-
7
- class Processor < Auth::Errors::Error; end
8
- class ProcessorHasNoSecret < Auth::Errors::Error; end
9
- class ProcessorHasNoIssuer < Auth::Errors::Error; end
10
-
11
- class Token < Auth::Errors::Error; end
12
-
13
- class TokenMissing < Auth::Errors::Token; end
14
- class TokenPayloadError < Auth::Errors::Token; end
15
- class TokenExpired < Auth::Errors::TokenPayloadError; end
16
- class TokenNotYetValid < Auth::Errors::TokenPayloadError; end
17
- class TokenHasNoIssuer < Auth::Errors::TokenPayloadError; end
18
- class TokenHasNoSubject < Auth::Errors::TokenPayloadError; end
19
- class TokenHasNoIssuedAt < Auth::Errors::TokenPayloadError; end
20
- class TokenHasNoExpiry < Auth::Errors::TokenPayloadError; end
21
- class TokenIssuerIncorrect < Auth::Errors::TokenPayloadError; end
22
-
23
- class TokenDecodeError < Auth::Errors::Token; end
24
- class TokenTamperDetected < Auth::Errors::TokenDecodeError; end
25
-
26
- class Client < Auth::Errors::Error; end
27
-
28
- class ClientHasNoAuthServer < Auth::Errors::Client; end
29
- class ClientHasNoClientId < Auth::Errors::Client; end
30
- class ClientHasNoClientSecret < Auth::Errors::Client; end
31
- class ClientHasNoBaseUri < Auth::Errors::Client; end
32
-
33
- class Network < Auth::Errors::Error; end
34
- class NetworkConnectionFailed < Auth::Errors::Network; end
5
+ class Error < RuntimeError
6
+ end
7
+
8
+ class Processor < Auth::Errors::Error
9
+ end
10
+ class ProcessorHasNoSecret < Auth::Errors::Error
11
+ end
12
+ class ProcessorHasNoIssuer < Auth::Errors::Error
13
+ end
14
+
15
+ class Token < Auth::Errors::Error
16
+ end
17
+
18
+ class TokenMissing < Auth::Errors::Token
19
+ end
20
+ class TokenPayloadError < Auth::Errors::Token
21
+ end
22
+ class TokenExpired < Auth::Errors::TokenPayloadError
23
+ end
24
+ class TokenNotYetValid < Auth::Errors::TokenPayloadError
25
+ end
26
+ class TokenHasNoIssuer < Auth::Errors::TokenPayloadError
27
+ end
28
+ class TokenHasNoSubject < Auth::Errors::TokenPayloadError
29
+ end
30
+ class TokenHasNoIssuedAt < Auth::Errors::TokenPayloadError
31
+ end
32
+ class TokenHasNoExpiry < Auth::Errors::TokenPayloadError
33
+ end
34
+ class TokenIssuerIncorrect < Auth::Errors::TokenPayloadError
35
+ end
36
+
37
+ class TokenDecodeError < Auth::Errors::Token
38
+ end
39
+ class TokenTamperDetected < Auth::Errors::TokenDecodeError
40
+ end
41
+
42
+ class Client < Auth::Errors::Error
43
+ end
44
+
45
+ class ClientHasNoAuthServer < Auth::Errors::Client
46
+ end
47
+ class ClientHasNoClientId < Auth::Errors::Client
48
+ end
49
+ class ClientHasNoClientSecret < Auth::Errors::Client
50
+ end
51
+ class ClientHasNoBaseUri < Auth::Errors::Client
52
+ end
53
+
54
+ class Network < Auth::Errors::Error
55
+ end
56
+ class NetworkConnectionFailed < Auth::Errors::Network
57
+ end
35
58
  end
36
59
  end
data/lib/http_client.rb CHANGED
@@ -25,7 +25,6 @@ module Auth
25
25
  authorisation_url = site_url.path + '/oauth/token'
26
26
  site_url = "#{site_url.scheme}://#{site_url.host}:#{site_url.port}"
27
27
 
28
-
29
28
  @base_uri = base_uri
30
29
  @client =
31
30
  auth_client.new client_id,
data/lib/token.rb CHANGED
@@ -7,12 +7,16 @@ module Auth
7
7
  validate_payload
8
8
  end
9
9
 
10
+ def sub
11
+ @payload['sub']
12
+ end
13
+
10
14
  def scope?(scope)
11
- @payload['scopes'].include? scope
15
+ @payload['scopes']&.include? scope
12
16
  end
13
17
 
14
18
  def scopes?(scopes)
15
- scopes.all? { |scope| @payload['scopes'].include? scope }
19
+ scopes.all? { |scope| @payload['scopes']&.include? scope }
16
20
  end
17
21
 
18
22
  def supplemental(property = nil)
data/lib/token_processor.rb CHANGED
@@ -17,6 +17,7 @@ module Auth
17
17
 
18
18
  payload, _header = jwt_process token
19
19
 
20
+ raise Auth::Errors::TokenExpired unless payload.key?('exp')
20
21
  raise Auth::Errors::TokenHasNoIssuer unless payload.key?('iss')
21
22
  unless payload['iss'] == @jwt_issuer
22
23
  raise Auth::Errors::TokenIssuerIncorrect
metadata CHANGED
@@ -1,13 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: epb-auth-tools
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.0.1
4
+ version: 1.0.7
5
5
  platform: ruby
6
6
  authors:
7
7
  - Lawrence Goldstien <lawrence.goldstien@madetech.com>
8
8
  - Yusuf Sheikh <yusuf@madetech.com>
9
9
  - Jaseera <jaseera@madetech.com>
10
- autorequire:
10
+ - Kevin Keenoy <kevin.keenoy@communities.gov.uk>
11
+ autorequire:
11
12
  bindir: bin
12
13
  cert_chain: []
13
14
  date: 2020-03-11 00:00:00.000000000 Z
@@ -40,13 +41,13 @@ dependencies:
40
41
  - - "~>"
41
42
  - !ruby/object:Gem::Version
42
43
  version: '1.4'
43
- description:
44
- email:
44
+ description:
45
+ email:
45
46
  executables: []
46
47
  extensions: []
47
48
  extra_rdoc_files: []
48
49
  files:
49
- - lib/epb_auth_tools.rb
50
+ - lib/epb-auth-tools.rb
50
51
  - lib/errors.rb
51
52
  - lib/http_client.rb
52
53
  - lib/sinatra/conditional.rb
@@ -56,7 +57,7 @@ homepage: https://github.com/communitiesuk/epb-auth-tools
56
57
  licenses:
57
58
  - MIT
58
59
  metadata: {}
59
- post_install_message:
60
+ post_install_message:
60
61
  rdoc_options: []
61
62
  require_paths:
62
63
  - lib
@@ -71,8 +72,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
71
72
  - !ruby/object:Gem::Version
72
73
  version: '0'
73
74
  requirements: []
74
- rubygems_version: 3.0.6
75
- signing_key:
75
+ rubygems_version: 3.0.3
76
+ signing_key:
76
77
  specification_version: 4
77
78
  summary: Tools for authentication and authorisation with JWTs and OAuth
78
79
  test_files: []