RubyGems - firebase_token_authentication - Versions diffs - 0.1.4 → 0.1.5 - Mend

firebase_token_authentication 0.1.4 → 0.1.5

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (6) hide show

checksums.yaml +4 -4
data/README.md +77 -7
data/lib/firebase_token_authentication/access_token.rb +2 -2
data/lib/firebase_token_authentication/version.rb +1 -1
metadata +5 -5
data/Gemfile.lock +0 -82

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 46b815bea1125de46657346311dcebb824599311002a855b01c1f547e3fa7ebc
-  data.tar.gz: cd5a9fb3d6cae10429b344426909f143706a1c9d607a8b9b69d4d9dcc066e439
+  metadata.gz: 5a55c30f4e1bca8c32eba0ef7d317e81e6ac99432d2f5f60f851e2a19514e629
+  data.tar.gz: eee31410315e81f0a4579684b6e6eabe12d6ec9d891b792752398dadb1456811
 SHA512:
-  metadata.gz: 3be745baa590030ed8de336a11879a3f99afbe7da023af3a8242c3a4370b814edd36f36c2e0aa060535100158aaadd20c1117a287b72682bd21fb837f6e96f37
-  data.tar.gz: b29b18965dfa204ba17f6f32e88254c1a8dee1b049723bf8836977367af32f10a5e65148f16bbf6250fe1b2f2b591c6e7b1d357ac0048d9cbea6e58ee2f271e4
+  metadata.gz: 9cb923b4c7e9a0444231e6a81f37ba854b1b08f14d23474aead6f8793eb2f77a24b0f2425c249242f6ef175c3532d73e7887e76fdc10958098c53438fd9cb474
+  data.tar.gz: 6625152e878d4c580e1fb05a319c7534b6d4b62736fd8ba64b255aca185833f541fe59edabed3bc7ef516eb979352cf2b90dd32677dd98e5b44509401cb07765

data/README.md CHANGED Viewed

@@ -1,15 +1,17 @@
-# FirebaseAuth
+# Firebase Token Authentication
-Welcome to your new gem! In this directory, you'll find the files you need to be able to package up your Ruby library into a gem. Put your Ruby code in the file `lib/firebase_auth`. To experiment with that code, run `bin/console` for an interactive prompt.
+A light weight Firebase access token validator which utilizes HTTP caching to reduce network traffic when validating against Google's X509 Certificates.
-TODO: Delete this and the text above, and describe your gem
+The goal of this project was to create a reusable, light weight, non-rails dependent library to validate [Firebase Authentication](https://firebase.google.com/docs/auth) access tokens which could utilize an efficient cache without a required external dependency, like Redis. Moreover I wanted a solution flexible enough to host on Heroku which could safely survive dyno refreshes. After a dyno refreshes, on each dyno, the first call to fetch the Google X509 certs will go over the network, but from then on be cached.
+Underneath we are using the [ruby-jwt](https://github.com/jwt/ruby-jwt) gem to decode the access token. If the token does not decode properly it will raise an exception. We wrap the exception inside a `FirebaseTokenAuthentication::Error` to help differentiate between your application's own JWT implementation.
 ## Installation
 Add this line to your application's Gemfile:
 ```ruby
-gem 'firebase_auth'
+gem 'firebase_token_authentication'
 ```
 And then execute:
@@ -18,21 +20,89 @@ And then execute:
 Or install it yourself as:
-    $ gem install firebase_auth
+    $ gem install firebase_token_authentication
 ## Usage
-TODO: Write usage instructions here
+### Configuration
+```ruby
+# config/initializers/firebase_token_authentication.rb
+FirebaseTokenAuthentication.configure do |config|
+  # Your Firebase Project ID
+  config.firebase_project_id = ENV['firebase_project_id']
+  # An optional cache store to persist X509 Certificates
+  config.cache_store = CacheStore.new
+  # An optional logger hook to view cache status
+  config.logger = Logger.new(STDOUT)
+end
+```
+### Cache Store
+The gem uses [Faraday](https://github.com/lostisland/faraday) with the [faraday-http-cache](https://github.com/sourcelevel/faraday-http-cache) middleware gem to manage the cache.
+Any cache object that responds to `write(key, value)`, `read(key)`, and `delete(key)` is a valid cache store. To that extent you could roll your own cache store quite easily.
+A very rough, but easy to understand, example with a plain ol' ruby object:
+```ruby
+class CacheStore
+  def write(key, value)
+    store[key] = value
+  end
+  def read(key)
+    store[key]
+  end
+  def delete(key)
+    store.delete(key)
+    store
+  end
+  def store
+    @store ||= {}
+  end
+end
+```
+#### Rails Cache
+The [Rails.cache](https://guides.rubyonrails.org/caching_with_rails.html) is a valid cache store. As a reminder though it is disabled in Development and Test environments and has many different config options. I recommend you review [the docs](https://guides.rubyonrails.org/caching_with_rails.html).
+### Logger
+The `config.logger` allows you to view the status of the cache. An example of a log:
+`HTTP Cache: [GET /robot/v1/metadata/x509/securetoken@system.gserviceaccount.com] fresh`
+Pulled directly from the [faraday-http-cache](https://github.com/sourcelevel/faraday-http-cache) docs, the keys represent the following:
+- `:unacceptable` means that the request did not go through the cache at all.
+- `:miss` means that no cached response could be found.
+- `:invalid` means that the cached response could not be validated against the server.
+- `:valid` means that the cached response could be validated against the server.
+- `:fresh` means that the cached response was still fresh and could be returned without even calling the server.
 ## Development
+### TODOs
+- [ ] Complete the test suite
+- [ ] Class and method documentation
+- [ ] Add support for non shared cache [RFC 2616 Shared and Non-Shared Caches](https://datatracker.ietf.org/doc/html/rfc2616#section-13.7) which seems simple [with this config](https://github.com/sourcelevel/faraday-http-cache#shared-vs-non-shared-caches).
 After checking out the repo, run `bin/setup` to install dependencies. Then, run `rake spec` to run the tests. You can also run `bin/console` for an interactive prompt that will allow you to experiment.
 To install this gem onto your local machine, run `bundle exec rake install`. To release a new version, update the version number in `version.rb`, and then run `bundle exec rake release`, which will create a git tag for the version, push git commits and the created tag, and push the `.gem` file to [rubygems.org](https://rubygems.org).
 ## Contributing
-Bug reports and pull requests are welcome on GitHub at https://github.com/[USERNAME]/firebase_auth. This project is intended to be a safe, welcoming space for collaboration, and contributors are expected to adhere to the [code of conduct](https://github.com/[USERNAME]/firebase_auth/blob/main/CODE_OF_CONDUCT.md).
+Bug reports and pull requests are welcome on GitHub at https://github.com/alphabites/firebase_auth. This project is intended to be a safe, welcoming space for collaboration, and contributors are expected to adhere to the [code of conduct](https://github.com/alphabites/firebase_auth/blob/main/CODE_OF_CONDUCT.md).
 ## License

data/lib/firebase_token_authentication/access_token.rb CHANGED Viewed

@@ -21,14 +21,14 @@ module FirebaseTokenAuthentication
     def verify
       decode(key: certificate.find(key_id))
-    rescue StandardError => e
-      raise FirebaseTokenAuthentication::Error, e.message
     end
     private
     def decode(key: nil, verify_key: true)
       JWT.decode(firebase_token, key&.public_key, verify_key, decode_options)
+    rescue StandardError => e
+      raise FirebaseTokenAuthentication::Error, e.message
     end
     def decode_options

data/lib/firebase_token_authentication/version.rb CHANGED Viewed

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 module FirebaseTokenAuthentication
-  VERSION = "0.1.4"
+  VERSION = "0.1.5"
 end

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: firebase_token_authentication
 version: !ruby/object:Gem::Version
-  version: 0.1.4
+  version: 0.1.5
 platform: ruby
 authors:
 - Nick Fuller
 autorequire:
 bindir: exe
 cert_chain: []
-date: 2022-01-18 00:00:00.000000000 Z
+date: 2022-01-19 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: faraday
@@ -94,7 +94,8 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: '0'
-description:
+description: A light weight Firebase access token validator whichutilizes HTTP caching
+  to reduce network traffic whenvalidating against Google's X509 Certificates.
 email:
 - nfuller52@gmail.com
 executables: []
@@ -106,7 +107,6 @@ files:
 - CHANGELOG.md
 - CODE_OF_CONDUCT.md
 - Gemfile
-- Gemfile.lock
 - LICENSE.txt
 - README.md
 - Rakefile
@@ -142,5 +142,5 @@ requirements: []
 rubygems_version: 3.3.3
 signing_key:
 specification_version: 4
-summary: Simple tool for verifying Firebase Authentication JWT tokens.
+summary: Simple tool for verifying Firebase JWT access tokens.
 test_files: []

data/Gemfile.lock DELETED Viewed

@@ -1,82 +0,0 @@
-PATH
-  remote: .
-  specs:
-    firebase_token_authentication (0.1.1)
-      faraday
-      faraday-http-cache
-      jwt
-GEM
-  remote: https://rubygems.org/
-  specs:
-    ast (2.4.2)
-    debug (1.4.0)
-      irb (>= 1.3.6)
-      reline (>= 0.2.7)
-    diff-lcs (1.5.0)
-    faraday (2.1.0)
-      faraday-net_http (~> 2.0)
-      ruby2_keywords (>= 0.0.4)
-    faraday-http-cache (2.2.0)
-      faraday (>= 0.8)
-    faraday-net_http (2.0.1)
-    io-console (0.5.11)
-    irb (1.4.1)
-      reline (>= 0.3.0)
-    jwt (2.3.0)
-    parallel (1.21.0)
-    parser (3.1.0.0)
-      ast (~> 2.4.1)
-    rainbow (3.1.1)
-    rake (13.0.6)
-    regexp_parser (2.2.0)
-    reline (0.3.1)
-      io-console (~> 0.5)
-    rexml (3.2.5)
-    rspec (3.10.0)
-      rspec-core (~> 3.10.0)
-      rspec-expectations (~> 3.10.0)
-      rspec-mocks (~> 3.10.0)
-    rspec-core (3.10.1)
-      rspec-support (~> 3.10.0)
-    rspec-expectations (3.10.2)
-      diff-lcs (>= 1.2.0, < 2.0)
-      rspec-support (~> 3.10.0)
-    rspec-mocks (3.10.2)
-      diff-lcs (>= 1.2.0, < 2.0)
-      rspec-support (~> 3.10.0)
-    rspec-support (3.10.3)
-    rubocop (1.24.1)
-      parallel (~> 1.10)
-      parser (>= 3.0.0.0)
-      rainbow (>= 2.2.2, < 4.0)
-      regexp_parser (>= 1.8, < 3.0)
-      rexml
-      rubocop-ast (>= 1.15.1, < 2.0)
-      ruby-progressbar (~> 1.7)
-      unicode-display_width (>= 1.4.0, < 3.0)
-    rubocop-ast (1.15.1)
-      parser (>= 3.0.1.1)
-    rubocop-rake (0.6.0)
-      rubocop (~> 1.0)
-    rubocop-rspec (2.7.0)
-      rubocop (~> 1.19)
-    ruby-progressbar (1.11.0)
-    ruby2_keywords (0.0.5)
-    unicode-display_width (2.1.0)
-PLATFORMS
-  arm64-darwin-20
-  x86_64-linux
-DEPENDENCIES
-  debug
-  firebase_token_authentication!
-  rake (~> 13.0)
-  rspec (~> 3.0)
-  rubocop (~> 1.21)
-  rubocop-rake
-  rubocop-rspec
-BUNDLED WITH
-   2.3.5