RubyGems - epb-auth-tools - Versions diffs - 1.0.2 → 1.0.8 - Mend

epb-auth-tools 1.0.2 → 1.0.8

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (6) hide show

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: ee915b778c4ed72ecbf7502d44115683ea8902ce70dead1c0a3b88d8d377d229
-  data.tar.gz: 2ec576eb86d3e917ec33a0e43f2543fb8073c2d2366d34cbc328212f1e39af15
+  metadata.gz: e5484b829fb09391cc9bd9fd4b2a2b0e8fe2e64e3cfdf640d400cecf33d533ea
+  data.tar.gz: 522b5c88d93b5fd00524eea152b443af016f33cbeb820f07d027eb02ed72689b
 SHA512:
-  metadata.gz: 712907f6fde4bc75ce9c15b8ffa072b1a0bf074c479ea7f5372d8928864c0d0cf80bc2d7cb77d39d65122e28529c1278cf82796afe42bb6cd983e4f5ab039418
-  data.tar.gz: 79eb755442cef9c38c326a1b468a6bbe800190a6d284215a09844d7edf70661776febacce35f2fd1bd7054a08be9ac196f0d86c728f421dc5a8d70c009bdaf88
+  metadata.gz: bdfaa165c58467113a6a82a6429cb577496b3ce7e817c0b341b5a2c0b6e3660efc957ad5450b03fe89082e56aeb99da10e04f2e5a62941b42e68ccb45d1dccac
+  data.tar.gz: a314604c7e518640d2492e9f8c5300d1bf47203dfb36903ec9ba80296a9ff79c7a683a975717a40e5b6c8488c3b5e3109f517f7ac6b2e6de4184beee16f8f541

data/lib/errors.rb CHANGED Viewed

@@ -2,35 +2,58 @@
 module Auth
   module Errors
-    class Error < RuntimeError; end
-    class Processor < Auth::Errors::Error; end
-    class ProcessorHasNoSecret < Auth::Errors::Error; end
-    class ProcessorHasNoIssuer < Auth::Errors::Error; end
-    class Token < Auth::Errors::Error; end
-    class TokenMissing < Auth::Errors::Token; end
-    class TokenPayloadError < Auth::Errors::Token; end
-    class TokenExpired < Auth::Errors::TokenPayloadError; end
-    class TokenNotYetValid < Auth::Errors::TokenPayloadError; end
-    class TokenHasNoIssuer < Auth::Errors::TokenPayloadError; end
-    class TokenHasNoSubject < Auth::Errors::TokenPayloadError; end
-    class TokenHasNoIssuedAt < Auth::Errors::TokenPayloadError; end
-    class TokenHasNoExpiry < Auth::Errors::TokenPayloadError; end
-    class TokenIssuerIncorrect < Auth::Errors::TokenPayloadError; end
-    class TokenDecodeError < Auth::Errors::Token; end
-    class TokenTamperDetected < Auth::Errors::TokenDecodeError; end
-    class Client < Auth::Errors::Error; end
-    class ClientHasNoAuthServer < Auth::Errors::Client; end
-    class ClientHasNoClientId < Auth::Errors::Client; end
-    class ClientHasNoClientSecret < Auth::Errors::Client; end
-    class ClientHasNoBaseUri < Auth::Errors::Client; end
-    class Network < Auth::Errors::Error; end
-    class NetworkConnectionFailed < Auth::Errors::Network; end
+    class Error < RuntimeError
+    end
+    class Processor < Auth::Errors::Error
+    end
+    class ProcessorHasNoSecret < Auth::Errors::Error
+    end
+    class ProcessorHasNoIssuer < Auth::Errors::Error
+    end
+    class Token < Auth::Errors::Error
+    end
+    class TokenMissing < Auth::Errors::Token
+    end
+    class TokenPayloadError < Auth::Errors::Token
+    end
+    class TokenExpired < Auth::Errors::TokenPayloadError
+    end
+    class TokenNotYetValid < Auth::Errors::TokenPayloadError
+    end
+    class TokenHasNoIssuer < Auth::Errors::TokenPayloadError
+    end
+    class TokenHasNoSubject < Auth::Errors::TokenPayloadError
+    end
+    class TokenHasNoIssuedAt < Auth::Errors::TokenPayloadError
+    end
+    class TokenHasNoExpiry < Auth::Errors::TokenPayloadError
+    end
+    class TokenIssuerIncorrect < Auth::Errors::TokenPayloadError
+    end
+    class TokenDecodeError < Auth::Errors::Token
+    end
+    class TokenTamperDetected < Auth::Errors::TokenDecodeError
+    end
+    class Client < Auth::Errors::Error
+    end
+    class ClientHasNoAuthServer < Auth::Errors::Client
+    end
+    class ClientHasNoClientId < Auth::Errors::Client
+    end
+    class ClientHasNoClientSecret < Auth::Errors::Client
+    end
+    class ClientHasNoBaseUri < Auth::Errors::Client
+    end
+    class Network < Auth::Errors::Error
+    end
+    class NetworkConnectionFailed < Auth::Errors::Network
+    end
   end
 end

data/lib/http_client.rb CHANGED Viewed

@@ -25,7 +25,6 @@ module Auth
       authorisation_url = site_url.path + '/oauth/token'
       site_url = "#{site_url.scheme}://#{site_url.host}:#{site_url.port}"
       @base_uri = base_uri
       @client =
         auth_client.new client_id,
@@ -61,8 +60,9 @@ module Auth
       if @authenticated_client.respond_to? method_name
         response = @authenticated_client.send method_name, *args, &block
-        if response.body.is_a?(::Hash) &&
-             response.body[:error] == 'Auth::Errors::TokenExpired'
+        if response.status == 401
+          # a 401 here is assumed to be due to an expired token
+          # otherwise, refreshing the token and calling again should make no difference to the ultimate response
           refresh
           response = @authenticated_client.send method_name, *args, &block
         end

data/lib/token.rb CHANGED Viewed

@@ -7,12 +7,16 @@ module Auth
       validate_payload
     end
+    def sub
+      @payload['sub']
+    end
     def scope?(scope)
-      @payload['scopes'].include? scope
+      @payload['scopes']&.include? scope
     end
     def scopes?(scopes)
-      scopes.all? { |scope| @payload['scopes'].include? scope }
+      scopes.all? { |scope| @payload['scopes']&.include? scope }
     end
     def supplemental(property = nil)

data/lib/token_processor.rb CHANGED Viewed

@@ -17,6 +17,7 @@ module Auth
       payload, _header = jwt_process token
+      raise Auth::Errors::TokenExpired unless payload.key?('exp')
       raise Auth::Errors::TokenHasNoIssuer unless payload.key?('iss')
       unless payload['iss'] == @jwt_issuer
         raise Auth::Errors::TokenIssuerIncorrect

metadata CHANGED Viewed

@@ -1,16 +1,18 @@
 --- !ruby/object:Gem::Specification
 name: epb-auth-tools
 version: !ruby/object:Gem::Version
-  version: 1.0.2
+  version: 1.0.8
 platform: ruby
 authors:
 - Lawrence Goldstien <lawrence.goldstien@madetech.com>
 - Yusuf Sheikh <yusuf@madetech.com>
 - Jaseera <jaseera@madetech.com>
-autorequire:
+- Kevin Keenoy <kevin.keenoy@communities.gov.uk>
+- Douglas Greenshields <douglas.greenshields@communities.gov.uk>
+autorequire:
 bindir: bin
 cert_chain: []
-date: 2020-03-11 00:00:00.000000000 Z
+date: 2021-06-23 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: jwt
@@ -40,8 +42,8 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: '1.4'
-description:
-email:
+description:
+email:
 executables: []
 extensions: []
 extra_rdoc_files: []
@@ -56,7 +58,7 @@ homepage: https://github.com/communitiesuk/epb-auth-tools
 licenses:
 - MIT
 metadata: {}
-post_install_message:
+post_install_message:
 rdoc_options: []
 require_paths:
 - lib
@@ -71,8 +73,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.0.6
-signing_key:
+rubygems_version: 3.0.3
+signing_key:
 specification_version: 4
 summary: Tools for authentication and authorisation with JWTs and OAuth
 test_files: []