RubyGems - firebase_id_token - Versions diffs - 2.2.0 → 2.3.0 - Mend

firebase_id_token 2.2.0 → 2.3.0

Files changed (5) hide show

checksums.yaml +4 -4
data/README.md +211 -211
data/firebase_id_token.gemspec +38 -38
data/lib/firebase_id_token/version.rb +3 -3
metadata +26 -14

checksums.yaml CHANGED

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 2208ffbacd22db6584031abb6c135e81c7351a33
-  data.tar.gz: 5b31009d9921ff7c1a09b127b22f295a95108e1e
+  metadata.gz: 7881ecf256206e396bfd54d8a2954feadaa162ce
+  data.tar.gz: 9f413ff8208a7318f5c28c59536390b300cf0044
 SHA512:
-  metadata.gz: 647fa8e8323b1933f98a01c3fd489f1717344389435d3243fb3c610face4c06b059714a8707edd6823aa23a6ead8d94e8be3462cdd23e5f3d61758337ec32d09
-  data.tar.gz: 188dadfcbf80dae844c4948c27ceeba955eb65d03c83a15429a4af6d4db796c49c4223d193bb8c2cfbf3666edd92d80529bea2f6273014468ae7bb67c4af8847
+  metadata.gz: f4b877b7597491df27b6c3fb09bbc01b04b1e613c0e594e1f7c12d8864183dfe8a64906514ffbfc6c8776992eef3434b1d0a1295772c3e0b24684f49dc29f31b
+  data.tar.gz: 512bb0b70ba34e7ac7a4fd86b0a56c60def064443705c49c4bd3abfc7c5cb952e08e580fb236b48d1cb3d7043ab69a61febcffe613146ba9becda35f5dc96963

data/README.md CHANGED

@@ -1,211 +1,211 @@
-# Ruby Firebase ID Token verifier (pre-release)
-![Alt text](https://api.travis-ci.org/fschuindt/firebase_id_token.svg?branch=master)
-[![Code Climate](https://codeclimate.com/github/fschuindt/firebase_id_token/badges/gpa.svg)](https://codeclimate.com/github/fschuindt/firebase_id_token)
-[![Issue Count](https://codeclimate.com/github/fschuindt/firebase_id_token/badges/issue_count.svg)](https://codeclimate.com/github/fschuindt/firebase_id_token)
-[![Test Coverage](https://codeclimate.com/github/fschuindt/firebase_id_token/badges/coverage.svg)](https://codeclimate.com/github/fschuindt/firebase_id_token/coverage)
-[![Inline docs](http://inch-ci.org/github/fschuindt/firebase_id_token.svg?branch=master)](http://inch-ci.org/github/fschuindt/firebase_id_token)
-A Ruby gem to verify the signature of Firebase ID Tokens. It uses Redis to store Google's x509 certificates and manage their expiration time, so you don't need to request Google's API in every execution and can access it as fast as reading from memory.
-It also checks the JWT payload parameters as recommended [here](https://firebase.google.com/docs/auth/admin/verify-id-tokens) by Firebase official documentation.
-Feel free to open any issue or to [contact me](https://fschuindt.github.io/blog/about/) directly.
-Any contribution is welcome.
-## Docs
- + http://www.rubydoc.info/gems/firebase_id_token
-## Requirements
-+ Redis
-## Installing
-```
-gem install firebase_id_token
-```
-or in your Gemfile
-```
-gem 'firebase_id_token', '~> 2.2.0'
-```
-then
-```
-bundle install
-```
-## Configuration
-It's needed to set up your Firebase Project ID.
-If you are using Rails, this should probably go into `config/initializers/firebase_id_token.rb`.
-```ruby
-FirebaseIdToken.configure do |config|
-  config.project_ids = ['your-firebase-project-id']
-end
-```
-`project_ids` must be a Array.
-*If you want to verify signatures from more than one Firebase project, just add more Project IDs to the list.*
-You can also pass a Redis instance to `config` if you are not using Redis defaults.
-In this case, you must have the gem `redis` in your `Gemfile`.
-```ruby
-FirebaseIdToken.configure do |config|
-  config.project_ids = ['your-firebase-project-id']
-  config.redis = Redis.new(host: '10.0.1.1', port: 6380, db: 15)
-end
-```
-Otherwise, it will use just `Redis.new` as the instance.
-## Usage
-You can get a glimpse of it by reading our RSpec output on your machine. It's
-really helpful. But here is a complete guide:
-### Downloading Certificates
-Before verifying tokens, you need to download Google's x509 certificates.
-To do it simply:
-```ruby
-FirebaseIdToken::Certificates.request
-```
-It will download the certificates and save it in Redis, but only if Redis certificates database is empty. To force download and override Redis database, use:
-```ruby
-FirebaseIdToken::Certificates.request!
-```
-Google give us information about the certificates expiration time, it's used to set a Redis TTL (Time-To-Live) when saving it. By doing so, the certificates will be automatically deleted after its expiration.
-#### Certificates Info
-Checks the presence of certificates in Redis database.
-```ruby
-FirebaseIdToken::Certificates.present?
-=> true
-```
-How many seconds until the certificate's expiration.
-```ruby
-FirebaseIdToken::Certificates.ttl
-=> 22352
-```
-Lists all certificates in a database.
-```ruby
-FirebaseIdToken::Certificates.all
-=> [{"ec8f292sd30224afac5c55540df66d1f999d" => <OpenSSL::X509::Certificate: [...]]
-```
-Finds the respective certificate of a given Key ID.
-```ruby
-FirebaseIdToken::Certificates.find('ec8f292sd30224afac5c55540df66d1f999d')
-=> <OpenSSL::X509::Certificate: subject=<OpenSSL::X509 [...]>
-```
-#### Downloading in Rails
-If you are using Rails, it's clever to download certificates in a cron task, you can use [whenever](https://github.com/javan/whenever).
-**Example**
-*Read whenever's guide on how to set it up.*
-Create your task in `lib/tasks/firebase.rake`:
-```ruby
-namespace :firebase do
-  namespace :certificates do
-    desc "Request Google's x509 certificates when Redis is empty"
-    task request: :environment do
-      FirebaseIdToken::Certificates.request
-    end
-    desc "Request Google's x509 certificates and override Redis"
-    task force_request: :environment do
-      FirebaseIdToken::Certificates.request!
-    end
-  end
-end
-```
-And in your `config/schedule.rb` you might have:
-```ruby
-every 1.hour do
-  rake 'firebase:certificates:force_request'
-end
-```
-Then:
-```
-$ whenever --update-crontab
-```
-I recommend running it once every hour or every 30 minutes, it's up to you. Normally the certificates expiration time is around 4 to 6 hours, but it's good to perform it in a small fraction of this time.
-When developing, you should just run the task:
-```
-$ rake firebase:certificates:request
-```
-*And remember, you need the Redis server to be running.*
-### Verifying Tokens
-Pass the Firebase ID Token to `FirebaseIdToken::Signature.verify` and it will return the token payload if everything is ok:
-```ruby
-FirebaseIdToken::Signature.verify(token)
-=> {"iss"=>"https://securetoken.google.com/firebase-id-token", "name"=>"Bob Test", [...]}
-```
-When either the signature is false or the token is invalid, it will return `nil`:
-```ruby
-FirebaseIdToken::Signature.verify(fake_token)
-=> nil
-FirebaseIdToken::Signature.verify('aaaaaa')
-=> nil
-```
-**WARNING:** If you try to verify a signature without any certificates in Redis database it will raise a `FirebaseIdToken::Exceptions::NoCertificatesError`.
-#### Payload Structure
-In case you need, here's a example of the payload structure from a Google login in JSON.
-```json
-{
-   "iss":"https://securetoken.google.com/firebase-id-token",
-   "name":"Ugly Bob",
-   "picture":"https://someurl.com/photo.jpg",
-   "aud":"firebase-id-token",
-   "auth_time":1492981192,
-   "user_id":"theUserID",
-   "sub":"theUserID",
-   "iat":1492981200,
-   "exp":33029000017,
-   "email":"uglybob@emailurl.com",
-   "email_verified":true,
-   "firebase":{
-      "identities":{
-         "google.com":[
-            "1010101010101010101"
-         ],
-         "email":[
-            "uglybob@emailurl.com"
-         ]
-      },
-      "sign_in_provider":"google.com"
-   }
-}
-```
-## License
-The gem is available as open source under the terms of the [MIT License](http://opensource.org/licenses/MIT).
+# Ruby Firebase ID Token verifier (pre-release)
+![Alt text](https://api.travis-ci.org/fschuindt/firebase_id_token.svg?branch=master)
+[![Code Climate](https://codeclimate.com/github/fschuindt/firebase_id_token/badges/gpa.svg)](https://codeclimate.com/github/fschuindt/firebase_id_token)
+[![Issue Count](https://codeclimate.com/github/fschuindt/firebase_id_token/badges/issue_count.svg)](https://codeclimate.com/github/fschuindt/firebase_id_token)
+[![Test Coverage](https://codeclimate.com/github/fschuindt/firebase_id_token/badges/coverage.svg)](https://codeclimate.com/github/fschuindt/firebase_id_token/coverage)
+[![Inline docs](http://inch-ci.org/github/fschuindt/firebase_id_token.svg?branch=master)](http://inch-ci.org/github/fschuindt/firebase_id_token)
+A Ruby gem to verify the signature of Firebase ID Tokens. It uses Redis to store Google's x509 certificates and manage their expiration time, so you don't need to request Google's API in every execution and can access it as fast as reading from memory.
+It also checks the JWT payload parameters as recommended [here](https://firebase.google.com/docs/auth/admin/verify-id-tokens) by Firebase official documentation.
+Feel free to open any issue or to [contact me](https://fschuindt.github.io/blog/about/) directly.
+Any contribution is welcome.
+## Docs
+ + http://www.rubydoc.info/gems/firebase_id_token
+## Requirements
++ Redis
+## Installing
+```
+gem install firebase_id_token
+```
+or in your Gemfile
+```
+gem 'firebase_id_token', '~> 2.3.0'
+```
+then
+```
+bundle install
+```
+## Configuration
+It's needed to set up your Firebase Project ID.
+If you are using Rails, this should probably go into `config/initializers/firebase_id_token.rb`.
+```ruby
+FirebaseIdToken.configure do |config|
+  config.project_ids = ['your-firebase-project-id']
+end
+```
+`project_ids` must be a Array.
+*If you want to verify signatures from more than one Firebase project, just add more Project IDs to the list.*
+You can also pass a Redis instance to `config` if you are not using Redis defaults.
+In this case, you must have the gem `redis` in your `Gemfile`.
+```ruby
+FirebaseIdToken.configure do |config|
+  config.project_ids = ['your-firebase-project-id']
+  config.redis = Redis.new(host: '10.0.1.1', port: 6380, db: 15)
+end
+```
+Otherwise, it will use just `Redis.new` as the instance.
+## Usage
+You can get a glimpse of it by reading our RSpec output on your machine. It's
+really helpful. But here is a complete guide:
+### Downloading Certificates
+Before verifying tokens, you need to download Google's x509 certificates.
+To do it simply:
+```ruby
+FirebaseIdToken::Certificates.request
+```
+It will download the certificates and save it in Redis, but only if Redis certificates database is empty. To force download and override Redis database, use:
+```ruby
+FirebaseIdToken::Certificates.request!
+```
+Google give us information about the certificates expiration time, it's used to set a Redis TTL (Time-To-Live) when saving it. By doing so, the certificates will be automatically deleted after its expiration.
+#### Certificates Info
+Checks the presence of certificates in Redis database.
+```ruby
+FirebaseIdToken::Certificates.present?
+=> true
+```
+How many seconds until the certificate's expiration.
+```ruby
+FirebaseIdToken::Certificates.ttl
+=> 22352
+```
+Lists all certificates in a database.
+```ruby
+FirebaseIdToken::Certificates.all
+=> [{"ec8f292sd30224afac5c55540df66d1f999d" => <OpenSSL::X509::Certificate: [...]]
+```
+Finds the respective certificate of a given Key ID.
+```ruby
+FirebaseIdToken::Certificates.find('ec8f292sd30224afac5c55540df66d1f999d')
+=> <OpenSSL::X509::Certificate: subject=<OpenSSL::X509 [...]>
+```
+#### Downloading in Rails
+If you are using Rails, it's clever to download certificates in a cron task, you can use [whenever](https://github.com/javan/whenever).
+**Example**
+*Read whenever's guide on how to set it up.*
+Create your task in `lib/tasks/firebase.rake`:
+```ruby
+namespace :firebase do
+  namespace :certificates do
+    desc "Request Google's x509 certificates when Redis is empty"
+    task request: :environment do
+      FirebaseIdToken::Certificates.request
+    end
+    desc "Request Google's x509 certificates and override Redis"
+    task force_request: :environment do
+      FirebaseIdToken::Certificates.request!
+    end
+  end
+end
+```
+And in your `config/schedule.rb` you might have:
+```ruby
+every 1.hour do
+  rake 'firebase:certificates:force_request'
+end
+```
+Then:
+```
+$ whenever --update-crontab
+```
+I recommend running it once every hour or every 30 minutes, it's up to you. Normally the certificates expiration time is around 4 to 6 hours, but it's good to perform it in a small fraction of this time.
+When developing, you should just run the task:
+```
+$ rake firebase:certificates:request
+```
+*And remember, you need the Redis server to be running.*
+### Verifying Tokens
+Pass the Firebase ID Token to `FirebaseIdToken::Signature.verify` and it will return the token payload if everything is ok:
+```ruby
+FirebaseIdToken::Signature.verify(token)
+=> {"iss"=>"https://securetoken.google.com/firebase-id-token", "name"=>"Bob Test", [...]}
+```
+When either the signature is false or the token is invalid, it will return `nil`:
+```ruby
+FirebaseIdToken::Signature.verify(fake_token)
+=> nil
+FirebaseIdToken::Signature.verify('aaaaaa')
+=> nil
+```
+**WARNING:** If you try to verify a signature without any certificates in Redis database it will raise a `FirebaseIdToken::Exceptions::NoCertificatesError`.
+#### Payload Structure
+In case you need, here's a example of the payload structure from a Google login in JSON.
+```json
+{
+   "iss":"https://securetoken.google.com/firebase-id-token",
+   "name":"Ugly Bob",
+   "picture":"https://someurl.com/photo.jpg",
+   "aud":"firebase-id-token",
+   "auth_time":1492981192,
+   "user_id":"theUserID",
+   "sub":"theUserID",
+   "iat":1492981200,
+   "exp":33029000017,
+   "email":"uglybob@emailurl.com",
+   "email_verified":true,
+   "firebase":{
+      "identities":{
+         "google.com":[
+            "1010101010101010101"
+         ],
+         "email":[
+            "uglybob@emailurl.com"
+         ]
+      },
+      "sign_in_provider":"google.com"
+   }
+}
+```
+## License
+The gem is available as open source under the terms of the [MIT License](http://opensource.org/licenses/MIT).

data/firebase_id_token.gemspec CHANGED

@@ -1,38 +1,38 @@
-# coding: utf-8
-lib = File.expand_path('../lib', __FILE__)
-$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
-require 'firebase_id_token/version'
-Gem::Specification.new do |spec|
-  spec.name          = 'firebase_id_token'
-  spec.version       = FirebaseIdToken::VERSION
-  spec.authors       = ['Fernando Schuindt']
-  spec.email         = ['f.schuindtcs@gmail.com']
-  spec.summary       = 'A Firebase ID Token verifier.'
-  spec.description   = "A Ruby gem to verify the signature of Firebase ID "\
-    "Tokens. It uses Redis to store Google's x509 certificates and manage "\
-    "their expiration time, so you don't need to request Google's API in "\
-    "every execution and can access it as fast as reading from memory."
-  spec.homepage      = 'https://github.com/fschuindt/firebase_id_token'
-  spec.license       = 'MIT'
-  spec.files         = `git ls-files -z`.split("\x0").reject do |f|
-    f.match(%r{^(test|spec|features)/})
-  end
-  spec.bindir        = 'exe'
-  spec.executables   = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
-  spec.require_paths = ['lib']
-  spec.add_development_dependency 'bundler', '~> 1.14'
-  spec.add_development_dependency 'rake', '~> 10.0'
-  spec.add_development_dependency 'rspec', '~> 3.0'
-  spec.add_development_dependency 'redcarpet', '~> 3.4', '>= 3.4.0'
-  spec.add_development_dependency 'simplecov', '~> 0.14.1'
-  spec.add_development_dependency 'codeclimate-test-reporter', '~> 1.0', '>= 1.0.0'
-  spec.add_runtime_dependency 'redis', '>= 3.3.3'
-  spec.add_runtime_dependency 'redis-namespace', '~> 1.5', '>= 1.5.3'
-  spec.add_dependency 'httparty', '~> 0.14.0'
-  spec.add_runtime_dependency 'jwt', '~> 1.5', '>= 1.5.6'
-end
+# coding: utf-8
+lib = File.expand_path('../lib', __FILE__)
+$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
+require 'firebase_id_token/version'
+Gem::Specification.new do |spec|
+  spec.name          = 'firebase_id_token'
+  spec.version       = FirebaseIdToken::VERSION
+  spec.authors       = ['Fernando Schuindt']
+  spec.email         = ['f.schuindtcs@gmail.com']
+  spec.summary       = 'A Firebase ID Token verifier.'
+  spec.description   = "A Ruby gem to verify the signature of Firebase ID "\
+    "Tokens. It uses Redis to store Google's x509 certificates and manage "\
+    "their expiration time, so you don't need to request Google's API in "\
+    "every execution and can access it as fast as reading from memory."
+  spec.homepage      = 'https://github.com/fschuindt/firebase_id_token'
+  spec.license       = 'MIT'
+  spec.files         = `git ls-files -z`.split("\x0").reject do |f|
+    f.match(%r{^(test|spec|features)/})
+  end
+  spec.bindir        = 'exe'
+  spec.executables   = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
+  spec.require_paths = ['lib']
+  spec.add_development_dependency 'bundler', '~> 1.14'
+  spec.add_development_dependency 'rake', '~> 10.0'
+  spec.add_development_dependency 'rspec', '~> 3.0'
+  spec.add_development_dependency 'redcarpet', '~> 3.4', '>= 3.4.0'
+  spec.add_development_dependency 'simplecov', '~> 0.14.1'
+  spec.add_development_dependency 'codeclimate-test-reporter', '~> 1.0', '>= 1.0.0'
+  spec.add_runtime_dependency 'redis', '~> 4.0', '>= 4.0.1'
+  spec.add_runtime_dependency 'redis-namespace', '~> 1.6', '>= 1.6.0'
+  spec.add_dependency 'httparty', '~> 0.16', '>= 0.16.2'
+  spec.add_runtime_dependency 'jwt', '~> 2.1', '>= 2.1.0'
+end

data/lib/firebase_id_token/version.rb CHANGED

@@ -1,3 +1,3 @@
-module FirebaseIdToken
-  VERSION = '2.2.0'
-end
+module FirebaseIdToken
+  VERSION = '2.3.0'
+end

metadata CHANGED

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: firebase_id_token
 version: !ruby/object:Gem::Version
-  version: 2.2.0
+  version: 2.3.0
 platform: ruby
 authors:
 - Fernando Schuindt
 autorequire:
 bindir: exe
 cert_chain: []
-date: 2018-05-21 00:00:00.000000000 Z
+date: 2018-06-18 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler
@@ -110,70 +110,82 @@ dependencies:
   name: redis
   requirement: !ruby/object:Gem::Requirement
     requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '4.0'
     - - ">="
       - !ruby/object:Gem::Version
-        version: 3.3.3
+        version: 4.0.1
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '4.0'
     - - ">="
       - !ruby/object:Gem::Version
-        version: 3.3.3
+        version: 4.0.1
 - !ruby/object:Gem::Dependency
   name: redis-namespace
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.5'
+        version: '1.6'
     - - ">="
       - !ruby/object:Gem::Version
-        version: 1.5.3
+        version: 1.6.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.5'
+        version: '1.6'
     - - ">="
       - !ruby/object:Gem::Version
-        version: 1.5.3
+        version: 1.6.0
 - !ruby/object:Gem::Dependency
   name: httparty
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.14.0
+        version: '0.16'
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 0.16.2
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.14.0
+        version: '0.16'
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 0.16.2
 - !ruby/object:Gem::Dependency
   name: jwt
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.5'
+        version: '2.1'
     - - ">="
       - !ruby/object:Gem::Version
-        version: 1.5.6
+        version: 2.1.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.5'
+        version: '2.1'
     - - ">="
       - !ruby/object:Gem::Version
-        version: 1.5.6
+        version: 2.1.0
 description: A Ruby gem to verify the signature of Firebase ID Tokens. It uses Redis
   to store Google's x509 certificates and manage their expiration time, so you don't
   need to request Google's API in every execution and can access it as fast as reading