firebase_token_auth 1.1.0 → 1.2.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/.github/workflows/test.yml +56 -0
- data/README.md +1 -1
- data/firebase_token_auth.gemspec +2 -2
- data/lib/firebase_token_auth/admin_client.rb +3 -3
- data/lib/firebase_token_auth/client.rb +1 -0
- data/lib/firebase_token_auth/configuration.rb +9 -1
- data/lib/firebase_token_auth/version.rb +1 -1
- metadata +6 -5
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: e9f7a292a94cf420f5dec36b487a4799d6b7031ae638ba19579d352bdf0c05e6
|
|
4
|
+
data.tar.gz: c42077b8cf9abe2d55168dfc2d6af1819bb05a8ecc7eff381f3268c1ede3d343
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 2f3c13851e5724d4aa22eadcf747cc0559616f697a59781c8150d13e4b3813c8934dc633b31a75b4e214a5bed9e7c51435ab415148aefacfffad8ff9ec52c285
|
|
7
|
+
data.tar.gz: 391369962ace3e9f2b6c85f946fc8a54feddc0c1d503e984aee2452d7c5a0f3499c69adf3c1a8fd1f77aa42a1e50867cc0d622018af6be4fbcd66aa0815bb44b
|
|
@@ -0,0 +1,56 @@
|
|
|
1
|
+
name: rspec
|
|
2
|
+
|
|
3
|
+
on: push
|
|
4
|
+
|
|
5
|
+
jobs:
|
|
6
|
+
rspec:
|
|
7
|
+
runs-on: ubuntu-latest
|
|
8
|
+
strategy:
|
|
9
|
+
matrix:
|
|
10
|
+
ruby: [ 2.4, 2.5, 2.6, 2.7, "3.0" ]
|
|
11
|
+
steps:
|
|
12
|
+
- uses: actions/checkout@v2
|
|
13
|
+
|
|
14
|
+
- name: Set up Ruby
|
|
15
|
+
uses: ruby/setup-ruby@v1
|
|
16
|
+
with:
|
|
17
|
+
ruby-version: ${{ matrix.ruby }}
|
|
18
|
+
|
|
19
|
+
- name: Configure Bundler
|
|
20
|
+
run: |
|
|
21
|
+
gem update --system
|
|
22
|
+
gem --version
|
|
23
|
+
gem install -N bundler -v 2
|
|
24
|
+
|
|
25
|
+
- uses: actions/cache@v1
|
|
26
|
+
with:
|
|
27
|
+
path: vendor/bundle
|
|
28
|
+
key: ${{ runner.os }}-gem-${{ hashFiles(format('{0}{1}', github.workspace, '/Gemfile.lock')) }}
|
|
29
|
+
restore-keys: ${{ runner.os }}-gem-
|
|
30
|
+
|
|
31
|
+
- name: Install ruby dependencies
|
|
32
|
+
run: |
|
|
33
|
+
bundle check || bundle install --jobs 4 --retry 3 --path vendor/bundle
|
|
34
|
+
|
|
35
|
+
- name: rspec
|
|
36
|
+
run: |
|
|
37
|
+
bundle exec rspec
|
|
38
|
+
env:
|
|
39
|
+
TEST_UID: ${{ secrets.TEST_UID }}
|
|
40
|
+
TEST_PROJECT_ID: ${{ secrets.TEST_PROJECT_ID }}
|
|
41
|
+
TEST_WEB_API_KEY: ${{ secrets.TEST_WEB_API_KEY }}
|
|
42
|
+
TEST_USER_EMAIL: ${{ secrets.TEST_USER_EMAIL }}
|
|
43
|
+
GOOGLE_ACCOUNT_TYPE: ${{ secrets.GOOGLE_ACCOUNT_TYPE }}
|
|
44
|
+
GOOGLE_CLIENT_ID: ${{ secrets.GOOGLE_CLIENT_ID }}
|
|
45
|
+
GOOGLE_CLIENT_EMAIL: ${{ secrets.GOOGLE_CLIENT_EMAIL }}
|
|
46
|
+
GOOGLE_PRIVATE_KEY: ${{ secrets.GOOGLE_PRIVATE_KEY }}
|
|
47
|
+
|
|
48
|
+
- name: slack notification
|
|
49
|
+
uses: 8398a7/action-slack@v2
|
|
50
|
+
if: always()
|
|
51
|
+
with:
|
|
52
|
+
status: ${{ job.status }}
|
|
53
|
+
author_name: 'github action firebase_token_auth build'
|
|
54
|
+
env:
|
|
55
|
+
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
|
56
|
+
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK }}
|
data/README.md
CHANGED
data/firebase_token_auth.gemspec
CHANGED
|
@@ -10,7 +10,7 @@ Gem::Specification.new do |spec|
|
|
|
10
10
|
spec.description = 'Firebase Authentication API wrapper for serverside. It support custom token auth. Of course it has id_token verify feature.'
|
|
11
11
|
spec.homepage = 'https://github.com/miyataka/firebase_token_auth'
|
|
12
12
|
spec.license = 'MIT'
|
|
13
|
-
spec.required_ruby_version = Gem::Requirement.new('>= 2.
|
|
13
|
+
spec.required_ruby_version = Gem::Requirement.new('>= 2.4.0')
|
|
14
14
|
|
|
15
15
|
spec.metadata['homepage_uri'] = spec.homepage
|
|
16
16
|
spec.metadata['source_code_uri'] = spec.homepage
|
|
@@ -24,6 +24,6 @@ Gem::Specification.new do |spec|
|
|
|
24
24
|
spec.executables = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
|
|
25
25
|
spec.require_paths = ['lib']
|
|
26
26
|
|
|
27
|
-
spec.add_dependency 'google-
|
|
27
|
+
spec.add_dependency 'google-apis-identitytoolkit_v3'
|
|
28
28
|
spec.add_dependency 'jwt'
|
|
29
29
|
end
|
|
@@ -10,13 +10,13 @@ module FirebaseTokenAuth
|
|
|
10
10
|
end
|
|
11
11
|
|
|
12
12
|
def get_account_info(params)
|
|
13
|
-
request = Google::Apis::IdentitytoolkitV3::GetAccountInfoRequest.new(
|
|
13
|
+
request = Google::Apis::IdentitytoolkitV3::GetAccountInfoRequest.new(**params)
|
|
14
14
|
service.get_account_info(request)
|
|
15
15
|
end
|
|
16
16
|
|
|
17
17
|
def update_existing_account(uid, attributes)
|
|
18
18
|
update_params = { local_id: uid }.merge!(permit_attributes(attributes))
|
|
19
|
-
request = Google::Apis::IdentitytoolkitV3::SetAccountInfoRequest.new(update_params)
|
|
19
|
+
request = Google::Apis::IdentitytoolkitV3::SetAccountInfoRequest.new(**update_params)
|
|
20
20
|
service.set_account_info(request)
|
|
21
21
|
end
|
|
22
22
|
|
|
@@ -24,7 +24,7 @@ module FirebaseTokenAuth
|
|
|
24
24
|
|
|
25
25
|
def permit_attributes(attr_hash)
|
|
26
26
|
permit_keys = %i[disabled display_name email email_verified password phone_number photo_url multi_factor]
|
|
27
|
-
attr_hash.
|
|
27
|
+
attr_hash.select { |k, _v| permit_keys.include?(k) }
|
|
28
28
|
end
|
|
29
29
|
end
|
|
30
30
|
end
|
|
@@ -32,6 +32,7 @@ module FirebaseTokenAuth
|
|
|
32
32
|
public_key_manager.refresh_publickeys!
|
|
33
33
|
validator.validate(configuration.project_id, decoded_jwt)
|
|
34
34
|
default_options = { algorithm: ALGORITHM, verify_iat: true, verify_expiration: true, exp_leeway: configuration.exp_leeway }
|
|
35
|
+
raise ValidationError, 'Public key may have expired.' unless public_key_manager.public_keys.include?(public_key_id)
|
|
35
36
|
jwt = JWT.decode(id_token, public_key_manager.public_keys[public_key_id].public_key, true, default_options.merge!(options))
|
|
36
37
|
IdTokenResult.new(jwt[0]['sub'], IdToken.new(jwt[0], jwt[1]))
|
|
37
38
|
end
|
|
@@ -29,6 +29,7 @@ module FirebaseTokenAuth
|
|
|
29
29
|
|
|
30
30
|
@auth = if json_key_io
|
|
31
31
|
io = json_key_io.respond_to?(:read) ? json_key_io : File.open(json_key_io)
|
|
32
|
+
io.rewind if io.respond_to?(:read)
|
|
32
33
|
Google::Auth::ServiceAccountCredentials.make_creds(
|
|
33
34
|
json_key_io: io,
|
|
34
35
|
scope: scope
|
|
@@ -40,11 +41,12 @@ module FirebaseTokenAuth
|
|
|
40
41
|
|
|
41
42
|
if json_key_io
|
|
42
43
|
json_io = json_key_io.respond_to?(:read) ? json_key_io : File.open(json_key_io)
|
|
44
|
+
json_io.rewind if json_key_io.respond_to?(:read)
|
|
43
45
|
parsed = JSON.parse(json_io.read)
|
|
44
46
|
@private_key = OpenSSL::PKey::RSA.new(parsed['private_key'])
|
|
45
47
|
@client_email = parsed['client_email']
|
|
46
48
|
else
|
|
47
|
-
@private_key = OpenSSL::PKey::RSA.new(ENV['GOOGLE_PRIVATE_KEY'])
|
|
49
|
+
@private_key = OpenSSL::PKey::RSA.new(unescape(ENV['GOOGLE_PRIVATE_KEY']))
|
|
48
50
|
@client_email = ENV['GOOGLE_CLIENT_EMAIL']
|
|
49
51
|
end
|
|
50
52
|
end
|
|
@@ -52,5 +54,11 @@ module FirebaseTokenAuth
|
|
|
52
54
|
def configured_for_custom_token?
|
|
53
55
|
json_key_io || (ENV['GOOGLE_PRIVATE_KEY'] && ENV['GOOGLE_CLIENT_EMAIL'])
|
|
54
56
|
end
|
|
57
|
+
|
|
58
|
+
def unescape(str)
|
|
59
|
+
str = str.gsub('\n', "\n")
|
|
60
|
+
str = str[1..-2] if str.start_with?('"') && str.end_with?('"')
|
|
61
|
+
str
|
|
62
|
+
end
|
|
55
63
|
end
|
|
56
64
|
end
|
metadata
CHANGED
|
@@ -1,17 +1,17 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: firebase_token_auth
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.
|
|
4
|
+
version: 1.2.3
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- miyataka
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: exe
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date:
|
|
11
|
+
date: 2021-08-06 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
|
-
name: google-
|
|
14
|
+
name: google-apis-identitytoolkit_v3
|
|
15
15
|
requirement: !ruby/object:Gem::Requirement
|
|
16
16
|
requirements:
|
|
17
17
|
- - ">="
|
|
@@ -46,6 +46,7 @@ executables: []
|
|
|
46
46
|
extensions: []
|
|
47
47
|
extra_rdoc_files: []
|
|
48
48
|
files:
|
|
49
|
+
- ".github/workflows/test.yml"
|
|
49
50
|
- ".gitignore"
|
|
50
51
|
- ".rspec"
|
|
51
52
|
- ".rubocop.yml"
|
|
@@ -79,14 +80,14 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
|
79
80
|
requirements:
|
|
80
81
|
- - ">="
|
|
81
82
|
- !ruby/object:Gem::Version
|
|
82
|
-
version: 2.
|
|
83
|
+
version: 2.4.0
|
|
83
84
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
|
84
85
|
requirements:
|
|
85
86
|
- - ">="
|
|
86
87
|
- !ruby/object:Gem::Version
|
|
87
88
|
version: '0'
|
|
88
89
|
requirements: []
|
|
89
|
-
rubygems_version: 3.
|
|
90
|
+
rubygems_version: 3.1.4
|
|
90
91
|
signing_key:
|
|
91
92
|
specification_version: 4
|
|
92
93
|
summary: Firebase Authentication API wrapper for serverside. It support custom token
|