foobara-auth-http 0.1.0 → 0.1.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 62b67f4f6ae5108b39697d7c792e33854f1a9f79d2bd9a00cdd28999a15330be
-  data.tar.gz: 99efd48356f66e58aeb1c387cf54f5b08a3de61bfb7ab68c58a8d88f34e244c7
+  metadata.gz: b560d7ee6971787591dc89f1633fbf2e7a94342201e8a9dcf0e64590decc28bb
+  data.tar.gz: 4c7ea4a062a2e58e332fba9a83d300cbb47000db2f3e0566704a8bd5329c9895
 SHA512:
-  metadata.gz: d9973773609190f3b369a29dbaba12e67d17b048baf4bd44091a00b3d1491d60328c8af38f42c922bac6187b2d30abc12b8799fe9c8fdf866d2fb62453dfb78e
-  data.tar.gz: db20a0f1870d0048d0cb59f628707470b36af8403c1dd04a718a4459f54fb918f29ab242bfe2962e5c9dc5b8a0e3cab3572a9103a8af415f11edf2a627000a45
+  metadata.gz: 909ad7cbc1048851904c69aec412fec01980fbfb8eb5978ef699c8820b266c38dbd6110ab188de206baf934258b551131ec64d48de7d03434c59f3db846ec777
+  data.tar.gz: 3f6944615986d90e65f5baa943d8f73f016b264b259f729ff0881652ca5fcce7860dc7eac12ac148423c92ebcca2f4ce30c451cdaaef0cb90deb944254490925

data/CHANGELOG.md

@@ -1,3 +1,7 @@
+## [0.1.1] - 2026-01-27
+
+- Use lower-case header keys to appease Rack::Lint
+
 ## [0.1.0] - 2025-08-22
 
 - Mark as compatible with Foobara 0.1.0

data/README.md

@@ -75,13 +75,13 @@ A rundown of everything happening here:
 * We are declaring that we want to authenticate using bearer tokens. These are JWT tokens in an
   `Authorization: Bearer <token>` header.
 * We are declaring that when we login or refresh our login, we would like to move the new access token
-  from the result to an X-Access-Token header, and we would like
+  from the result to an x-access-token header, and we would like
   to move the new refresh token from the result to a secure http only cookie.
 * We are declaring that when we want to refresh our login, we want to move the refresh token from the
   headers to an input to RefreshLogin.
 * Logout could technically be handled by the client but for convenience/added safety, we expose
   Logout and move the refresh token to its inputs so that it can invalidate the refresh token.
-* When we respond from Logout, we set the X-Access-Token header to nil. This is something the client
+* When we respond from Logout, we set the x-access-token header to nil. This is something the client
   could do but gives an easy way to clobber the client's access token without effort on their end.
 
 We also expose a few app commands using our authenticator. This is configured as part of command connectors not

data/src/foobara/auth_http/clear_access_token_header.rb

@@ -8,7 +8,7 @@ module Foobara
         end
       end
 
-      def initialize(header_name = "X-Access-Token", header_value = nil)
+      def initialize(header_name = "x-access-token", header_value = nil)
         super()
 
         self.header_name = header_name.to_s

data/src/foobara/auth_http/move_access_token_to_header.rb

@@ -8,7 +8,7 @@ module Foobara
         end
       end
 
-      def initialize(attribute_name = :access_token, header_name = "X-Access-Token")
+      def initialize(attribute_name = :access_token, header_name = "x-access-token")
         super()
 
         self.attribute_name = attribute_name.to_sym

data/src/foobara/auth_http/set_user_to_authenticated_user.rb

@@ -1,5 +1,6 @@
 module Foobara
   module AuthHttp
+    # Is this genuinely a generic enough concept to be a class in this project?
     class SetUserToAuthenticatedUser < Foobara::CommandConnectors::Http::SetInputToProcResult
       # TODO: move this into base class as default?
       class << self

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: foobara-auth-http
 version: !ruby/object:Gem::Version
-  version: 0.1.0
+  version: 0.1.1
 platform: ruby
 authors:
 - Miles Georgi