RubyGems - firebase-token-verify - Versions diffs - 0.0.6 - Mend

firebase-token-verify 0.0.6

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (4) hide show

checksums.yaml ADDED Viewed

@@ -0,0 +1,7 @@
+---
+SHA256:
+  metadata.gz: 38541700233e3031c7d3b0e18e47c1d32202679acdeb2e3e1acaeeb7ddc1b2b8
+  data.tar.gz: e1bbe26f384f855f53583b78d92a18d19f8c6fb9f4ce3f94a3624b9df4c5b15c
+SHA512:
+  metadata.gz: a232625dd721a574fe3f0348f2e8ca9984aa09651529a229e9f6ba0ddd4e95085bfef9d058eed84e4dccc92e38bb8d6718a559240b775eab64a8d3324166e1ae
+  data.tar.gz: f2f67a0f7844ea46682f7661304f7080e8bb3c618d90bb55361655ea8a392a8f74b18f59ae02ae4c0916410f3ebcd078344e3c44d8ffb06dd956508740e594f7

data/lib/firebase_ruby_auth.rb ADDED Viewed

@@ -0,0 +1,52 @@
+# frozen_string_literal: true
+# https://github.com/jwt/ruby-jwt
+require 'jwt'
+require 'google_public_cert'
+# Interacts with data from Firebase
+class FirebaseRubyAuth
+  def initialize(firebase_project_id)
+    @firebase_project_id = firebase_project_id
+    @public_cert = GooglePublicCert.new
+  end
+  # token would be a user's ID token
+  # https://firebase.google.com/docs/auth/admin/verify-id-tokens
+  # This will either return a hash with user data, or an empty hash
+  def decode_token(token)
+    return {} if @public_cert.keys.empty?
+    token_values = begin
+                     JWT.decode(token, nil, true, options).first
+                   rescue JWT::JWKError
+                     {}
+                   rescue JWT::DecodeError
+                     {}
+                   end
+    valid?(token_values) ? token_values : {}
+  end
+  private def options
+    {
+      algorithms: ['RS256'],
+      aud: @firebase_project_id,
+      verify_aud: true,
+      verify_iat: true,
+      iss: "https://securetoken.google.com/#{@firebase_project_id}",
+      verify_iss: true,
+      jwks: @public_cert.keys
+    }
+  end
+  private def valid?(token_values)
+    token_values['sub'].present? &&
+    token_values['auth_time'].present? &&
+    token_values['auth_time'].to_i < Time.now.utc.to_i
+  end
+end

data/lib/google_public_cert.rb ADDED Viewed

@@ -0,0 +1,50 @@
+# frozen_string_literal: true
+# https://github.com/jwt/ruby-jwt
+require 'jwt'
+require 'net/http'
+# Fetches and decodes public certificates from google
+class GooglePublicCert
+  # This url is from the Google instructions,
+  # https://firebase.google.com/docs/auth/admin/verify-id-tokens
+  CERT_URL = 'https://www.googleapis.com/robot/v1/metadata/x509/securetoken@system.gserviceaccount.com'
+  def initialize
+    fetch_google_public_key
+  end
+  def keys
+    fetch_google_public_key if @expires < Time.now.utc
+    @keys
+  end
+  private def fetch_google_public_key
+    request = Net::HTTP.get_response(URI(CERT_URL))
+    generate_keys(request)
+    generate_key_expiry(request)
+  end
+  private def generate_keys(request)
+    @keys = {
+      keys: (JSON.parse request.body).map do |key, value|
+        JWT::JWK
+          .new(OpenSSL::X509::Certificate.new(value).public_key)
+          .export
+          .merge(kid: key)
+      end
+    }
+  rescue JSON::ParserError
+    @keys = {}
+  end
+  private def generate_key_expiry(request)
+    headers = /max-age=\d+/.match(request.header['cache-control'].to_s).to_s
+    @expires = if headers.present?
+                 Time.new(headers.split('max-age=')[1].to_i).utc
+               else
+                 Time.now.utc
+               end
+  end
+end

metadata ADDED Viewed

@@ -0,0 +1,156 @@
+--- !ruby/object:Gem::Specification
+name: firebase-token-verify
+version: !ruby/object:Gem::Version
+  version: 0.0.6
+platform: ruby
+authors:
+- Emily Ring
+autorequire:
+bindir: bin
+cert_chain: []
+date: 2019-05-30 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: jwt
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 2.2.1
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 2.2.1
+- !ruby/object:Gem::Dependency
+  name: activesupport
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 5.2.3
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 5.2.3
+- !ruby/object:Gem::Dependency
+  name: rspec-core
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 3.8.0
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 3.8.0
+- !ruby/object:Gem::Dependency
+  name: rspec-expectations
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 3.8.0
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 3.8.0
+- !ruby/object:Gem::Dependency
+  name: rspec-mocks
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 3.8.0
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 3.8.0
+- !ruby/object:Gem::Dependency
+  name: rubocop
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 0.71.0
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 0.71.0
+- !ruby/object:Gem::Dependency
+  name: simplecov
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 0.16.1
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 0.16.1
+- !ruby/object:Gem::Dependency
+  name: webmock
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 3.5.1
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 3.5.1
+description: Firebase Ruby Auth
+email: railsclt@gmail.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- lib/firebase_ruby_auth.rb
+- lib/google_public_cert.rb
+homepage: https://github.com/railscltgroup/firebase_auth
+licenses:
+- MIT
+metadata: {}
+post_install_message:
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubygems_version: 3.0.3
+signing_key:
+specification_version: 4
+summary: Authenticate Firebase User Tokens in Ruby
+test_files: []