firebase_token_auth 1.1.0 → 1.2.3
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.github/workflows/test.yml +56 -0
- data/README.md +1 -1
- data/firebase_token_auth.gemspec +2 -2
- data/lib/firebase_token_auth/admin_client.rb +3 -3
- data/lib/firebase_token_auth/client.rb +1 -0
- data/lib/firebase_token_auth/configuration.rb +9 -1
- data/lib/firebase_token_auth/version.rb +1 -1
- metadata +6 -5
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: e9f7a292a94cf420f5dec36b487a4799d6b7031ae638ba19579d352bdf0c05e6
|
|
4
|
+
data.tar.gz: c42077b8cf9abe2d55168dfc2d6af1819bb05a8ecc7eff381f3268c1ede3d343
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 2f3c13851e5724d4aa22eadcf747cc0559616f697a59781c8150d13e4b3813c8934dc633b31a75b4e214a5bed9e7c51435ab415148aefacfffad8ff9ec52c285
|
|
7
|
+
data.tar.gz: 391369962ace3e9f2b6c85f946fc8a54feddc0c1d503e984aee2452d7c5a0f3499c69adf3c1a8fd1f77aa42a1e50867cc0d622018af6be4fbcd66aa0815bb44b
|
|
@@ -0,0 +1,56 @@
|
|
|
1
|
+
name: rspec
|
|
2
|
+
|
|
3
|
+
on: push
|
|
4
|
+
|
|
5
|
+
jobs:
|
|
6
|
+
rspec:
|
|
7
|
+
runs-on: ubuntu-latest
|
|
8
|
+
strategy:
|
|
9
|
+
matrix:
|
|
10
|
+
ruby: [ 2.4, 2.5, 2.6, 2.7, "3.0" ]
|
|
11
|
+
steps:
|
|
12
|
+
- uses: actions/checkout@v2
|
|
13
|
+
|
|
14
|
+
- name: Set up Ruby
|
|
15
|
+
uses: ruby/setup-ruby@v1
|
|
16
|
+
with:
|
|
17
|
+
ruby-version: ${{ matrix.ruby }}
|
|
18
|
+
|
|
19
|
+
- name: Configure Bundler
|
|
20
|
+
run: |
|
|
21
|
+
gem update --system
|
|
22
|
+
gem --version
|
|
23
|
+
gem install -N bundler -v 2
|
|
24
|
+
|
|
25
|
+
- uses: actions/cache@v1
|
|
26
|
+
with:
|
|
27
|
+
path: vendor/bundle
|
|
28
|
+
key: ${{ runner.os }}-gem-${{ hashFiles(format('{0}{1}', github.workspace, '/Gemfile.lock')) }}
|
|
29
|
+
restore-keys: ${{ runner.os }}-gem-
|
|
30
|
+
|
|
31
|
+
- name: Install ruby dependencies
|
|
32
|
+
run: |
|
|
33
|
+
bundle check || bundle install --jobs 4 --retry 3 --path vendor/bundle
|
|
34
|
+
|
|
35
|
+
- name: rspec
|
|
36
|
+
run: |
|
|
37
|
+
bundle exec rspec
|
|
38
|
+
env:
|
|
39
|
+
TEST_UID: ${{ secrets.TEST_UID }}
|
|
40
|
+
TEST_PROJECT_ID: ${{ secrets.TEST_PROJECT_ID }}
|
|
41
|
+
TEST_WEB_API_KEY: ${{ secrets.TEST_WEB_API_KEY }}
|
|
42
|
+
TEST_USER_EMAIL: ${{ secrets.TEST_USER_EMAIL }}
|
|
43
|
+
GOOGLE_ACCOUNT_TYPE: ${{ secrets.GOOGLE_ACCOUNT_TYPE }}
|
|
44
|
+
GOOGLE_CLIENT_ID: ${{ secrets.GOOGLE_CLIENT_ID }}
|
|
45
|
+
GOOGLE_CLIENT_EMAIL: ${{ secrets.GOOGLE_CLIENT_EMAIL }}
|
|
46
|
+
GOOGLE_PRIVATE_KEY: ${{ secrets.GOOGLE_PRIVATE_KEY }}
|
|
47
|
+
|
|
48
|
+
- name: slack notification
|
|
49
|
+
uses: 8398a7/action-slack@v2
|
|
50
|
+
if: always()
|
|
51
|
+
with:
|
|
52
|
+
status: ${{ job.status }}
|
|
53
|
+
author_name: 'github action firebase_token_auth build'
|
|
54
|
+
env:
|
|
55
|
+
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
|
56
|
+
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK }}
|
data/README.md
CHANGED
data/firebase_token_auth.gemspec
CHANGED
|
@@ -10,7 +10,7 @@ Gem::Specification.new do |spec|
|
|
|
10
10
|
spec.description = 'Firebase Authentication API wrapper for serverside. It support custom token auth. Of course it has id_token verify feature.'
|
|
11
11
|
spec.homepage = 'https://github.com/miyataka/firebase_token_auth'
|
|
12
12
|
spec.license = 'MIT'
|
|
13
|
-
spec.required_ruby_version = Gem::Requirement.new('>= 2.
|
|
13
|
+
spec.required_ruby_version = Gem::Requirement.new('>= 2.4.0')
|
|
14
14
|
|
|
15
15
|
spec.metadata['homepage_uri'] = spec.homepage
|
|
16
16
|
spec.metadata['source_code_uri'] = spec.homepage
|
|
@@ -24,6 +24,6 @@ Gem::Specification.new do |spec|
|
|
|
24
24
|
spec.executables = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
|
|
25
25
|
spec.require_paths = ['lib']
|
|
26
26
|
|
|
27
|
-
spec.add_dependency 'google-
|
|
27
|
+
spec.add_dependency 'google-apis-identitytoolkit_v3'
|
|
28
28
|
spec.add_dependency 'jwt'
|
|
29
29
|
end
|
|
@@ -10,13 +10,13 @@ module FirebaseTokenAuth
|
|
|
10
10
|
end
|
|
11
11
|
|
|
12
12
|
def get_account_info(params)
|
|
13
|
-
request = Google::Apis::IdentitytoolkitV3::GetAccountInfoRequest.new(
|
|
13
|
+
request = Google::Apis::IdentitytoolkitV3::GetAccountInfoRequest.new(**params)
|
|
14
14
|
service.get_account_info(request)
|
|
15
15
|
end
|
|
16
16
|
|
|
17
17
|
def update_existing_account(uid, attributes)
|
|
18
18
|
update_params = { local_id: uid }.merge!(permit_attributes(attributes))
|
|
19
|
-
request = Google::Apis::IdentitytoolkitV3::SetAccountInfoRequest.new(update_params)
|
|
19
|
+
request = Google::Apis::IdentitytoolkitV3::SetAccountInfoRequest.new(**update_params)
|
|
20
20
|
service.set_account_info(request)
|
|
21
21
|
end
|
|
22
22
|
|
|
@@ -24,7 +24,7 @@ module FirebaseTokenAuth
|
|
|
24
24
|
|
|
25
25
|
def permit_attributes(attr_hash)
|
|
26
26
|
permit_keys = %i[disabled display_name email email_verified password phone_number photo_url multi_factor]
|
|
27
|
-
attr_hash.
|
|
27
|
+
attr_hash.select { |k, _v| permit_keys.include?(k) }
|
|
28
28
|
end
|
|
29
29
|
end
|
|
30
30
|
end
|
|
@@ -32,6 +32,7 @@ module FirebaseTokenAuth
|
|
|
32
32
|
public_key_manager.refresh_publickeys!
|
|
33
33
|
validator.validate(configuration.project_id, decoded_jwt)
|
|
34
34
|
default_options = { algorithm: ALGORITHM, verify_iat: true, verify_expiration: true, exp_leeway: configuration.exp_leeway }
|
|
35
|
+
raise ValidationError, 'Public key may have expired.' unless public_key_manager.public_keys.include?(public_key_id)
|
|
35
36
|
jwt = JWT.decode(id_token, public_key_manager.public_keys[public_key_id].public_key, true, default_options.merge!(options))
|
|
36
37
|
IdTokenResult.new(jwt[0]['sub'], IdToken.new(jwt[0], jwt[1]))
|
|
37
38
|
end
|
|
@@ -29,6 +29,7 @@ module FirebaseTokenAuth
|
|
|
29
29
|
|
|
30
30
|
@auth = if json_key_io
|
|
31
31
|
io = json_key_io.respond_to?(:read) ? json_key_io : File.open(json_key_io)
|
|
32
|
+
io.rewind if io.respond_to?(:read)
|
|
32
33
|
Google::Auth::ServiceAccountCredentials.make_creds(
|
|
33
34
|
json_key_io: io,
|
|
34
35
|
scope: scope
|
|
@@ -40,11 +41,12 @@ module FirebaseTokenAuth
|
|
|
40
41
|
|
|
41
42
|
if json_key_io
|
|
42
43
|
json_io = json_key_io.respond_to?(:read) ? json_key_io : File.open(json_key_io)
|
|
44
|
+
json_io.rewind if json_key_io.respond_to?(:read)
|
|
43
45
|
parsed = JSON.parse(json_io.read)
|
|
44
46
|
@private_key = OpenSSL::PKey::RSA.new(parsed['private_key'])
|
|
45
47
|
@client_email = parsed['client_email']
|
|
46
48
|
else
|
|
47
|
-
@private_key = OpenSSL::PKey::RSA.new(ENV['GOOGLE_PRIVATE_KEY'])
|
|
49
|
+
@private_key = OpenSSL::PKey::RSA.new(unescape(ENV['GOOGLE_PRIVATE_KEY']))
|
|
48
50
|
@client_email = ENV['GOOGLE_CLIENT_EMAIL']
|
|
49
51
|
end
|
|
50
52
|
end
|
|
@@ -52,5 +54,11 @@ module FirebaseTokenAuth
|
|
|
52
54
|
def configured_for_custom_token?
|
|
53
55
|
json_key_io || (ENV['GOOGLE_PRIVATE_KEY'] && ENV['GOOGLE_CLIENT_EMAIL'])
|
|
54
56
|
end
|
|
57
|
+
|
|
58
|
+
def unescape(str)
|
|
59
|
+
str = str.gsub('\n', "\n")
|
|
60
|
+
str = str[1..-2] if str.start_with?('"') && str.end_with?('"')
|
|
61
|
+
str
|
|
62
|
+
end
|
|
55
63
|
end
|
|
56
64
|
end
|
metadata
CHANGED
|
@@ -1,17 +1,17 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: firebase_token_auth
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.
|
|
4
|
+
version: 1.2.3
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- miyataka
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: exe
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date:
|
|
11
|
+
date: 2021-08-06 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
|
-
name: google-
|
|
14
|
+
name: google-apis-identitytoolkit_v3
|
|
15
15
|
requirement: !ruby/object:Gem::Requirement
|
|
16
16
|
requirements:
|
|
17
17
|
- - ">="
|
|
@@ -46,6 +46,7 @@ executables: []
|
|
|
46
46
|
extensions: []
|
|
47
47
|
extra_rdoc_files: []
|
|
48
48
|
files:
|
|
49
|
+
- ".github/workflows/test.yml"
|
|
49
50
|
- ".gitignore"
|
|
50
51
|
- ".rspec"
|
|
51
52
|
- ".rubocop.yml"
|
|
@@ -79,14 +80,14 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
|
79
80
|
requirements:
|
|
80
81
|
- - ">="
|
|
81
82
|
- !ruby/object:Gem::Version
|
|
82
|
-
version: 2.
|
|
83
|
+
version: 2.4.0
|
|
83
84
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
|
84
85
|
requirements:
|
|
85
86
|
- - ">="
|
|
86
87
|
- !ruby/object:Gem::Version
|
|
87
88
|
version: '0'
|
|
88
89
|
requirements: []
|
|
89
|
-
rubygems_version: 3.
|
|
90
|
+
rubygems_version: 3.1.4
|
|
90
91
|
signing_key:
|
|
91
92
|
specification_version: 4
|
|
92
93
|
summary: Firebase Authentication API wrapper for serverside. It support custom token
|