firebase_token_auth 1.3.0 → 1.5.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: d96a4c3041301e5af29e38a8a70454e2628c9edf5e7ad936d910790ca40613ce
4
- data.tar.gz: 18827a9a5f2ea0826dd9981b524e1836c2a3c244ce85b794722ad2b6a1b93a69
3
+ metadata.gz: 458419a9cc0f07b5c6d11037ef5a932cee6918b8f0d656dea8a16c57d42ff7bf
4
+ data.tar.gz: 5b8c715921349dfa20f5c5b8129c324edd75af04c4461360a01e1a918ba9a857
5
5
  SHA512:
6
- metadata.gz: c2a5bf310a1b9aad1c2aac7eb562bc4968ea69b1cdd80ee3a0682388b2dd1a2d57ea1f26f521e332789d6cf6df01504a45c64f9d1493dcb98a0ccf3da16f67eb
7
- data.tar.gz: ae028494a05b1979755e6f17e38edf1d51fbbe9dc03adac85ef6b5b3b3ac1adb540ac1694f0f6b9b6331318a0c85bb59a9f54027919a65162d6e0826a810cfa7
6
+ metadata.gz: 8dbc7ccb903400b3c5606ccbfdb0668e7efba7debe2b0320655d621d67cd45f5ddd941e429071bdc6f5df2d27e85ad1fbedbdcd3841e4dd5a67367c530580b2c
7
+ data.tar.gz: 0771c7af336de27b1559398d7cb356fd5922e8847524be8c6aef2b478b92b6c6d68419446127e4b856d7365cd785d7110e754a9d5ca4f135a9f68b80b9f67fe4
@@ -1,15 +1,17 @@
1
1
  name: rspec
2
2
 
3
- on: push
3
+ on:
4
+ workflow_dispatch:
5
+ push:
4
6
 
5
7
  jobs:
6
8
  rspec:
7
9
  runs-on: ubuntu-latest
8
10
  strategy:
9
11
  matrix:
10
- ruby: [ 2.4, 2.5, 2.6, 2.7, "3.0" ]
12
+ ruby: [ 2.6, 2.7, "3.0", 3.1, 3.2 ]
11
13
  steps:
12
- - uses: actions/checkout@v2
14
+ - uses: actions/checkout@v3
13
15
 
14
16
  - name: Set up Ruby
15
17
  uses: ruby/setup-ruby@v1
@@ -22,7 +24,7 @@ jobs:
22
24
  gem --version
23
25
  gem install -N bundler -v 2
24
26
 
25
- - uses: actions/cache@v1
27
+ - uses: actions/cache@v3
26
28
  with:
27
29
  path: vendor/bundle
28
30
  key: ${{ runner.os }}-gem-${{ hashFiles(format('{0}{1}', github.workspace, '/Gemfile.lock')) }}
@@ -46,11 +48,10 @@ jobs:
46
48
  GOOGLE_PRIVATE_KEY: ${{ secrets.GOOGLE_PRIVATE_KEY }}
47
49
 
48
50
  - name: slack notification
49
- uses: 8398a7/action-slack@v2
51
+ uses: 8398a7/action-slack@v3
50
52
  if: always()
51
53
  with:
52
54
  status: ${{ job.status }}
53
55
  author_name: 'github action firebase_token_auth build'
54
56
  env:
55
- GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
56
57
  SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK }}
data/README.md CHANGED
@@ -91,6 +91,26 @@ puts c_token
91
91
  # => "eyJhbGciOXXX.eyJpc3MiOiJmaXJlYmFzXXXX.v7y7LoBXXXXX" # dummy
92
92
  ```
93
93
 
94
+ ### verify custom token
95
+ ```ruby
96
+ require 'firebase_token_auth'
97
+
98
+ FirebaseTokenAuth.configure do |config|
99
+ config.project_id = 'your_project_id'
100
+ config.json_key_io = "#{Rails.root}/path/to/service_account_credentials.json"
101
+ end
102
+
103
+ client = FirebaseTokenAuth.build
104
+ result = client.verify_custom_token(custom_token)
105
+
106
+ puts result
107
+ # => {:expires_in=>3600,
108
+ # :id_token=>"<id_token>",
109
+ # :is_new_user=>"<true/false>",
110
+ # :kind=>"identitytoolkit#VerifyCustomTokenResponse",
111
+ # :refresh_token=>"<refresh_token>"}
112
+ ```
113
+
94
114
  ### fetch users info from firebase
95
115
  ```ruby
96
116
  require 'firebase_token_auth'
@@ -10,7 +10,7 @@ Gem::Specification.new do |spec|
10
10
  spec.description = 'Firebase Authentication API wrapper for serverside. It support custom token auth. Of course it has id_token verify feature.'
11
11
  spec.homepage = 'https://github.com/miyataka/firebase_token_auth'
12
12
  spec.license = 'MIT'
13
- spec.required_ruby_version = Gem::Requirement.new('>= 2.4.0')
13
+ spec.required_ruby_version = Gem::Requirement.new('>= 2.6.0')
14
14
 
15
15
  spec.metadata['homepage_uri'] = spec.homepage
16
16
  spec.metadata['source_code_uri'] = spec.homepage
@@ -20,6 +20,15 @@ module FirebaseTokenAuth
20
20
  service.set_account_info(request)
21
21
  end
22
22
 
23
+ def verify_custom_token(custom_token)
24
+ request = Google::Apis::IdentitytoolkitV3::VerifyCustomTokenRequest.new(
25
+ token: custom_token,
26
+ return_secure_token: true
27
+ )
28
+
29
+ service.verify_custom_token(request)
30
+ end
31
+
23
32
  private
24
33
 
25
34
  def permit_attributes(attr_hash)
@@ -47,10 +47,14 @@ module FirebaseTokenAuth
47
47
  iat: now_seconds,
48
48
  exp: now_seconds + (60 * 60),
49
49
  uid: uid }
50
- payload.merge!({ claim: additional_claims }) if additional_claims
50
+ payload.merge!({ claims: additional_claims }) if additional_claims
51
51
  JWT.encode(payload, configuration.private_key, ALGORITHM)
52
52
  end
53
53
 
54
+ def verify_custom_token(custom_token)
55
+ admin_client.verify_custom_token(custom_token).to_h
56
+ end
57
+
54
58
  def user_search_by_email(email)
55
59
  admin_client.get_account_info({ email: [email] })&.users&.map(&:to_h)
56
60
  end
@@ -29,7 +29,7 @@ module FirebaseTokenAuth
29
29
 
30
30
  @auth = if json_key_io
31
31
  io = json_key_io.respond_to?(:read) ? json_key_io : File.open(json_key_io)
32
- io.rewind if io.respond_to?(:read)
32
+ io.rewind if io.respond_to?(:read)
33
33
  Google::Auth::ServiceAccountCredentials.make_creds(
34
34
  json_key_io: io,
35
35
  scope: scope
@@ -41,7 +41,7 @@ module FirebaseTokenAuth
41
41
 
42
42
  if json_key_io
43
43
  json_io = json_key_io.respond_to?(:read) ? json_key_io : File.open(json_key_io)
44
- json_io.rewind if json_key_io.respond_to?(:read)
44
+ json_io.rewind if json_key_io.respond_to?(:read)
45
45
  parsed = JSON.parse(json_io.read)
46
46
  @private_key = OpenSSL::PKey::RSA.new(parsed['private_key'])
47
47
  @client_email = parsed['client_email']
@@ -14,11 +14,16 @@ module FirebaseTokenAuth
14
14
  raise ValidationError, 'Firebase ID token has no "sub" (subject) claim.' unless payload['sub'].is_a?(String)
15
15
  raise ValidationError, 'Firebase ID token has an empty string "sub" (subject) claim.' if payload['sub'].empty?
16
16
  raise ValidationError, 'Firebase ID token has "sub" (subject) claim longer than 128 characters.' if payload['sub'].size > 128
17
+ raise ValidationError, 'Firebase ID token has expired.' if expired?(payload['exp'])
17
18
  end
18
19
 
19
20
  def extract_kid(id_token)
20
21
  decoded = JWT.decode(id_token, nil, false, algorithm: ALGORITHM)
21
22
  [decoded[1]['kid'], decoded]
22
23
  end
24
+
25
+ def expired?(exp)
26
+ exp.to_i <= Time.now.to_i
27
+ end
23
28
  end
24
29
  end
@@ -1,3 +1,3 @@
1
1
  module FirebaseTokenAuth
2
- VERSION = '1.3.0'.freeze
2
+ VERSION = '1.5.0'.freeze
3
3
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: firebase_token_auth
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.3.0
4
+ version: 1.5.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - miyataka
8
8
  autorequire:
9
9
  bindir: exe
10
10
  cert_chain: []
11
- date: 2021-09-19 00:00:00.000000000 Z
11
+ date: 2023-08-19 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: google-apis-identitytoolkit_v3
@@ -50,7 +50,6 @@ files:
50
50
  - ".gitignore"
51
51
  - ".rspec"
52
52
  - ".rubocop.yml"
53
- - ".travis.yml"
54
53
  - Gemfile
55
54
  - LICENSE.txt
56
55
  - README.md
@@ -80,14 +79,14 @@ required_ruby_version: !ruby/object:Gem::Requirement
80
79
  requirements:
81
80
  - - ">="
82
81
  - !ruby/object:Gem::Version
83
- version: 2.4.0
82
+ version: 2.6.0
84
83
  required_rubygems_version: !ruby/object:Gem::Requirement
85
84
  requirements:
86
85
  - - ">="
87
86
  - !ruby/object:Gem::Version
88
87
  version: '0'
89
88
  requirements: []
90
- rubygems_version: 3.1.4
89
+ rubygems_version: 3.4.1
91
90
  signing_key:
92
91
  specification_version: 4
93
92
  summary: Firebase Authentication API wrapper for serverside. It support custom token
data/.travis.yml DELETED
@@ -1,6 +0,0 @@
1
- ---
2
- language: ruby
3
- cache: bundler
4
- rvm:
5
- - 2.7.0
6
- before_install: gem install bundler -v 2.1.4