RubyGems - epb-auth-tools - Versions diffs - 1.0.2 → 1.0.8 - Mend

epb-auth-tools 1.0.2 → 1.0.8

Files changed (6) hide show

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: ee915b778c4ed72ecbf7502d44115683ea8902ce70dead1c0a3b88d8d377d229
-  data.tar.gz: 2ec576eb86d3e917ec33a0e43f2543fb8073c2d2366d34cbc328212f1e39af15
+  metadata.gz: e5484b829fb09391cc9bd9fd4b2a2b0e8fe2e64e3cfdf640d400cecf33d533ea
+  data.tar.gz: 522b5c88d93b5fd00524eea152b443af016f33cbeb820f07d027eb02ed72689b
 SHA512:
-  metadata.gz: 712907f6fde4bc75ce9c15b8ffa072b1a0bf074c479ea7f5372d8928864c0d0cf80bc2d7cb77d39d65122e28529c1278cf82796afe42bb6cd983e4f5ab039418
-  data.tar.gz: 79eb755442cef9c38c326a1b468a6bbe800190a6d284215a09844d7edf70661776febacce35f2fd1bd7054a08be9ac196f0d86c728f421dc5a8d70c009bdaf88
+  metadata.gz: bdfaa165c58467113a6a82a6429cb577496b3ce7e817c0b341b5a2c0b6e3660efc957ad5450b03fe89082e56aeb99da10e04f2e5a62941b42e68ccb45d1dccac
+  data.tar.gz: a314604c7e518640d2492e9f8c5300d1bf47203dfb36903ec9ba80296a9ff79c7a683a975717a40e5b6c8488c3b5e3109f517f7ac6b2e6de4184beee16f8f541

data/lib/errors.rb CHANGED Viewed

@@ -2,35 +2,58 @@
 module Auth
   module Errors
-    class Error < RuntimeError; end
-    class Processor < Auth::Errors::Error; end
-    class ProcessorHasNoSecret < Auth::Errors::Error; end
-    class ProcessorHasNoIssuer < Auth::Errors::Error; end
-    class Token < Auth::Errors::Error; end
-    class TokenMissing < Auth::Errors::Token; end
-    class TokenPayloadError < Auth::Errors::Token; end
-    class TokenExpired < Auth::Errors::TokenPayloadError; end
-    class TokenNotYetValid < Auth::Errors::TokenPayloadError; end
-    class TokenHasNoIssuer < Auth::Errors::TokenPayloadError; end
-    class TokenHasNoSubject < Auth::Errors::TokenPayloadError; end
-    class TokenHasNoIssuedAt < Auth::Errors::TokenPayloadError; end
-    class TokenHasNoExpiry < Auth::Errors::TokenPayloadError; end
-    class TokenIssuerIncorrect < Auth::Errors::TokenPayloadError; end
-    class TokenDecodeError < Auth::Errors::Token; end
-    class TokenTamperDetected < Auth::Errors::TokenDecodeError; end
-    class Client < Auth::Errors::Error; end
-    class ClientHasNoAuthServer < Auth::Errors::Client; end
-    class ClientHasNoClientId < Auth::Errors::Client; end
-    class ClientHasNoClientSecret < Auth::Errors::Client; end
-    class ClientHasNoBaseUri < Auth::Errors::Client; end
-    class Network < Auth::Errors::Error; end
-    class NetworkConnectionFailed < Auth::Errors::Network; end
+    class Error < RuntimeError
+    end
+    class Processor < Auth::Errors::Error
+    end
+    class ProcessorHasNoSecret < Auth::Errors::Error
+    end
+    class ProcessorHasNoIssuer < Auth::Errors::Error
+    end
+    class Token < Auth::Errors::Error
+    end
+    class TokenMissing < Auth::Errors::Token
+    end
+    class TokenPayloadError < Auth::Errors::Token
+    end
+    class TokenExpired < Auth::Errors::TokenPayloadError
+    end
+    class TokenNotYetValid < Auth::Errors::TokenPayloadError
+    end
+    class TokenHasNoIssuer < Auth::Errors::TokenPayloadError
+    end
+    class TokenHasNoSubject < Auth::Errors::TokenPayloadError
+    end
+    class TokenHasNoIssuedAt < Auth::Errors::TokenPayloadError
+    end
+    class TokenHasNoExpiry < Auth::Errors::TokenPayloadError
+    end
+    class TokenIssuerIncorrect < Auth::Errors::TokenPayloadError
+    end
+    class TokenDecodeError < Auth::Errors::Token
+    end
+    class TokenTamperDetected < Auth::Errors::TokenDecodeError
+    end
+    class Client < Auth::Errors::Error
+    end
+    class ClientHasNoAuthServer < Auth::Errors::Client
+    end
+    class ClientHasNoClientId < Auth::Errors::Client
+    end
+    class ClientHasNoClientSecret < Auth::Errors::Client
+    end
+    class ClientHasNoBaseUri < Auth::Errors::Client
+    end
+    class Network < Auth::Errors::Error
+    end
+    class NetworkConnectionFailed < Auth::Errors::Network
+    end
   end
 end

data/lib/http_client.rb CHANGED Viewed

@@ -25,7 +25,6 @@ module Auth
       authorisation_url = site_url.path + '/oauth/token'
       site_url = "#{site_url.scheme}://#{site_url.host}:#{site_url.port}"
       @base_uri = base_uri
       @client =
         auth_client.new client_id,
@@ -61,8 +60,9 @@ module Auth
       if @authenticated_client.respond_to? method_name
         response = @authenticated_client.send method_name, *args, &block
-        if response.body.is_a?(::Hash) &&
-             response.body[:error] == 'Auth::Errors::TokenExpired'
+        if response.status == 401
+          # a 401 here is assumed to be due to an expired token
+          # otherwise, refreshing the token and calling again should make no difference to the ultimate response
           refresh
           response = @authenticated_client.send method_name, *args, &block
         end

data/lib/token.rb CHANGED Viewed

@@ -7,12 +7,16 @@ module Auth
       validate_payload
     end
+    def sub
+      @payload['sub']
+    end
     def scope?(scope)
-      @payload['scopes'].include? scope
+      @payload['scopes']&.include? scope
     end
     def scopes?(scopes)
-      scopes.all? { |scope| @payload['scopes'].include? scope }
+      scopes.all? { |scope| @payload['scopes']&.include? scope }
     end
     def supplemental(property = nil)

data/lib/token_processor.rb CHANGED Viewed

@@ -17,6 +17,7 @@ module Auth
       payload, _header = jwt_process token
+      raise Auth::Errors::TokenExpired unless payload.key?('exp')
       raise Auth::Errors::TokenHasNoIssuer unless payload.key?('iss')
       unless payload['iss'] == @jwt_issuer
         raise Auth::Errors::TokenIssuerIncorrect

metadata CHANGED Viewed

@@ -1,16 +1,18 @@
 --- !ruby/object:Gem::Specification
 name: epb-auth-tools
 version: !ruby/object:Gem::Version
-  version: 1.0.2
+  version: 1.0.8
 platform: ruby
 authors:
 - Lawrence Goldstien <lawrence.goldstien@madetech.com>
 - Yusuf Sheikh <yusuf@madetech.com>
 - Jaseera <jaseera@madetech.com>
-autorequire:
+- Kevin Keenoy <kevin.keenoy@communities.gov.uk>
+- Douglas Greenshields <douglas.greenshields@communities.gov.uk>
+autorequire:
 bindir: bin
 cert_chain: []
-date: 2020-03-11 00:00:00.000000000 Z
+date: 2021-06-23 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: jwt
@@ -40,8 +42,8 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: '1.4'
-description:
-email:
+description:
+email:
 executables: []
 extensions: []
 extra_rdoc_files: []
@@ -56,7 +58,7 @@ homepage: https://github.com/communitiesuk/epb-auth-tools
 licenses:
 - MIT
 metadata: {}
-post_install_message:
+post_install_message:
 rdoc_options: []
 require_paths:
 - lib
@@ -71,8 +73,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.0.6
-signing_key:
+rubygems_version: 3.0.3
+signing_key:
 specification_version: 4
 summary: Tools for authentication and authorisation with JWTs and OAuth
 test_files: []