firebase_id_token 1.3.0 → 2.0.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +6 -11
- data/lib/firebase_id_token/version.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 1e5b2468c3db9ec6664df7b3513b3a79d8c246f0
|
|
4
|
+
data.tar.gz: 885685d227198e9e0e2c01996a42ed895b539b85
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 890f5b46721bff50af9333edc91922f074d23371aa8a1361e21bf0cf34111fbd03b7b58f98cbd4d8c8146a45798c65784adfc39448664b4d03a3a95390ed13f7
|
|
7
|
+
data.tar.gz: 651bc1ec53dc1f6b129850d1b3165cfb1ff85c5c39e3a8fd9f89b9b0d9ac72b7092611bc2a1436936f8c40fd644fb2542f067f68be1db7539579361e64c9431c
|
data/README.md
CHANGED
|
@@ -10,13 +10,8 @@ A Ruby gem to verify the signature of Firebase ID Tokens. It uses Redis to store
|
|
|
10
10
|
|
|
11
11
|
It also checks the JWT payload parameters as recommended [here](https://firebase.google.com/docs/auth/admin/verify-id-tokens) by Firebase official documentation.
|
|
12
12
|
|
|
13
|
-
|
|
14
|
-
|
|
15
|
-
**This gem was developed recently and needs real world feedback.**
|
|
16
|
-
|
|
17
|
-
If you are going to use it in a production environment, please note that I am still testing it. It has realistic RSpec examples that use real X509 certificates and signed JWT to perform tests and I can say it's working great. But using it implies in security risks, you should be aware.
|
|
18
|
-
|
|
19
|
-
Feel free to open any issue or to [contact me](https://fschuindt.github.io/blog/about/) regarding its performance.
|
|
13
|
+
Feel free to open any issue or to [contact me](https://fschuindt.github.io/blog/about/) directly.
|
|
14
|
+
Any contribution is welcome.
|
|
20
15
|
|
|
21
16
|
## Docs
|
|
22
17
|
|
|
@@ -34,7 +29,7 @@ gem install firebase_id_token
|
|
|
34
29
|
|
|
35
30
|
or in your Gemfile
|
|
36
31
|
```
|
|
37
|
-
gem 'firebase_id_token', '~>
|
|
32
|
+
gem 'firebase_id_token', '~> 2.0.0'
|
|
38
33
|
```
|
|
39
34
|
then
|
|
40
35
|
```
|
|
@@ -132,7 +127,7 @@ namespace :firebase do
|
|
|
132
127
|
end
|
|
133
128
|
|
|
134
129
|
desc "Request Google's x509 certificates and override Redis"
|
|
135
|
-
task
|
|
130
|
+
task force_request: :environment do
|
|
136
131
|
FirebaseIdToken::Certificates.request!
|
|
137
132
|
end
|
|
138
133
|
end
|
|
@@ -142,7 +137,7 @@ end
|
|
|
142
137
|
And in your `config/schedule.rb` you might have:
|
|
143
138
|
```ruby
|
|
144
139
|
every 1.hour do
|
|
145
|
-
rake 'firebase:certificates:
|
|
140
|
+
rake 'firebase:certificates:force_request'
|
|
146
141
|
end
|
|
147
142
|
```
|
|
148
143
|
|
|
@@ -153,7 +148,7 @@ $ whenever --update-crontab
|
|
|
153
148
|
|
|
154
149
|
I recommend running it once every hour or every 30 minutes, it's up to you. Normally the certificates expiration time is around 4 to 6 hours, but it's good to perform it in a small fraction of this time.
|
|
155
150
|
|
|
156
|
-
When developing
|
|
151
|
+
When developing, you should just run the task:
|
|
157
152
|
```
|
|
158
153
|
$ rake firebase:certificates:request
|
|
159
154
|
```
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: firebase_id_token
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version:
|
|
4
|
+
version: 2.0.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Fernando Schuindt
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: exe
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2017-09
|
|
11
|
+
date: 2017-12-09 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: bundler
|