foobara-auth 0.0.12 → 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (8) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +8 -0
  3. data/src/login.rb +1 -1
  4. data/src/logout.rb +14 -14
  5. data/src/verify_password.rb +5 -9
  6. data/src/verify_secret.rb +3 -7
  7. data/src/verify_token.rb +7 -1
  8. metadata +13 -7
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 371e579335275b2c6d8d695aea7b14784f6ecf95d1df4742b38eb251ba941a6a
4
- data.tar.gz: 12354ce1c4b44cdb8ce1c398b7334ac6ce0f6a4a3ee619e698b5c94e114df528
3
+ metadata.gz: 868223dc8a31d7809c6171e29ad115f95c0ac94492a0c3c0bd796018c7bb7381
4
+ data.tar.gz: 7fe650602a7e14240beab2bdbb1a38f9d756947fd5e8c4fe77a665fc00abed8d
5
5
  SHA512:
6
- metadata.gz: 7d79b81bd382733037b66f464552e5401c69801355bc78c00354f22ca60b8db43d4066b012476a1b7bcdd854d03b39e854847b6cbf5bdc39543f7dc80e832cac
7
- data.tar.gz: 2cbd1f530b358e94eb0dd161640828e69473ede06f9d0d56204ece3ecc17efc974a3b283b902344709c2932077b777c9a400357b8c712d9b31e0df8e5bd79faa
6
+ metadata.gz: 1779710b7f67ab3982b4c06875bc60c91068efd1e1ad0a7393c0da3a881006b5a725ffdee15233d8e5cf6c1d376ec3fdacb5ad944c4cf5e99b61bc1878f65ae1
7
+ data.tar.gz: 124db35580d5409e11d59a418db86c5bd630601ef465f49ee9c21320ffb3a5c3230f8b71fe734efa341fa1439e58a15509cd0945e8ae38ed40a09a20dc18f62a
data/CHANGELOG.md CHANGED
@@ -1,3 +1,11 @@
1
+ ## [0.1.0] - 2025-08-22
2
+
3
+ - Mark as compatible with Foobara 0.1.0
4
+
5
+ ## [0.0.13] - 2025-05-13
6
+
7
+ - Allow logout to work even if refresh token is deleted/invalid
8
+
1
9
  ## [0.0.12] - 2025-05-05
2
10
 
3
11
  - Do not explode when refresh token doesn't exist
data/src/login.rb CHANGED
@@ -53,7 +53,7 @@ module Foobara
53
53
  rescue Halt
54
54
  # I'm a bit nervous about rescuing Halt and clearing the errors, but I'm more nervous bout
55
55
  # introducing a #run_subcommand method.
56
- if error_collection.size == 1 && error_collection.errors.first.is_a?(FindUser::UserNotFoundError) &&
56
+ if error_collection.size == 1 && error_collection.first.is_a?(FindUser::UserNotFoundError) &&
57
57
  username_or_email.include?("@")
58
58
  error_collection.clear
59
59
  self.user_to_login = run_subcommand!(FindUser, email: username_or_email)
data/src/logout.rb CHANGED
@@ -1,11 +1,6 @@
1
1
  module Foobara
2
2
  module Auth
3
3
  class Logout < Foobara::Command
4
- class InvalidRefreshTokenError < Foobara::RuntimeError
5
- context refresh_token_id: :string
6
- message "Invalid refresh token"
7
- end
8
-
9
4
  depends_on VerifyToken
10
5
  depends_on_entity Types::Token
11
6
  depends_on_entity Types::User
@@ -21,15 +16,18 @@ module Foobara
21
16
  if refresh_token?
22
17
  determine_refresh_token_id_and_secret
23
18
  load_refresh_token_record
24
- verify_refresh_token
25
- # Delete it instead maybe?
26
- mark_refresh_token_as_used
19
+
20
+ if refresh_token_record?
21
+ verify_refresh_token
22
+ # Delete it instead maybe?
23
+ mark_refresh_token_as_used
24
+ end
27
25
  end
28
26
 
29
27
  nil
30
28
  end
31
29
 
32
- attr_accessor :refresh_token_record, :refresh_token_id, :refresh_token_secret
30
+ attr_accessor :refresh_token_record, :refresh_token_id, :refresh_token_secret, :token_verified
33
31
 
34
32
  def refresh_token?
35
33
  !!refresh_token
@@ -41,16 +39,18 @@ module Foobara
41
39
 
42
40
  def load_refresh_token_record
43
41
  self.refresh_token_record = Types::Token.load(refresh_token_id)
42
+ rescue Foobara::Entity::NotFoundError
43
+ nil
44
+ end
45
+
46
+ def refresh_token_record?
47
+ refresh_token_record
44
48
  end
45
49
 
46
50
  def verify_refresh_token
47
51
  valid = run_subcommand!(VerifyToken, token_string: refresh_token)
48
52
 
49
- unless valid[:verified]
50
- # :nocov:
51
- add_runtime_error(InvalidRefreshTokenError.new(context: { refresh_token_id: }))
52
- # :nocov:
53
- end
53
+ self.token_verified = valid[:verified]
54
54
  end
55
55
 
56
56
  def mark_refresh_token_as_used
data/src/verify_password.rb CHANGED
@@ -16,21 +16,17 @@ module Foobara
16
16
  # TODO: result in error if no password set yet?
17
17
  check_for_valid_password
18
18
 
19
- valid_password?
19
+ is_valid_password
20
20
  end
21
21
 
22
- attr_accessor :valid_password
23
-
24
- def valid_password?
25
- !!valid_password
26
- end
22
+ attr_accessor :is_valid_password
27
23
 
28
24
  def check_for_valid_password
29
25
  hashed_secret = user.password_secret.hashed_secret
30
26
 
31
- self.valid_password = if hashed_secret
32
- run_subcommand!(VerifySecret, secret: plaintext_password, hashed_secret:)
33
- end
27
+ self.is_valid_password = if hashed_secret
28
+ run_subcommand!(VerifySecret, secret: plaintext_password, hashed_secret:)
29
+ end
34
30
  end
35
31
  end
36
32
  end
data/src/verify_secret.rb CHANGED
@@ -13,17 +13,13 @@ module Foobara
13
13
  def execute
14
14
  verify_secret_against_hashed_secret
15
15
 
16
- verified?
16
+ is_verified
17
17
  end
18
18
 
19
- attr_accessor :verified
20
-
21
- def verified?
22
- !!verified
23
- end
19
+ attr_accessor :is_verified
24
20
 
25
21
  def verify_secret_against_hashed_secret
26
- self.verified = Argon2::Password.verify_password(secret, hashed_secret)
22
+ self.is_verified = Argon2::Password.verify_password(secret, hashed_secret)
27
23
  end
28
24
  end
29
25
  end
data/src/verify_token.rb CHANGED
@@ -18,6 +18,11 @@ module Foobara
18
18
  message "Token is expired"
19
19
  end
20
20
 
21
+ class TokenDoesNotExistError < Foobara::RuntimeError
22
+ context({})
23
+ message "Token does not exist"
24
+ end
25
+
21
26
  inputs do
22
27
  # TODO: we should add a processor that flags an attribute as sensitive so we can scrub
23
28
  token_string :string, :required, :sensitive
@@ -62,7 +67,8 @@ module Foobara
62
67
 
63
68
  def load_token_record
64
69
  self.token_record_to_verify_against = Types::Token.load(token_id)
65
- # TODO: handle no record found...
70
+ rescue Entity::NotFoundError
71
+ add_runtime_error(TokenDoesNotExistError)
66
72
  end
67
73
 
68
74
  def verify_hashed_secret_against_token_record
metadata CHANGED
@@ -1,13 +1,13 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: foobara-auth
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.0.12
4
+ version: 0.1.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Miles Georgi
8
8
  bindir: bin
9
9
  cert_chain: []
10
- date: 2025-05-05 00:00:00.000000000 Z
10
+ date: 1980-01-02 00:00:00.000000000 Z
11
11
  dependencies:
12
12
  - !ruby/object:Gem::Dependency
13
13
  name: argon2
@@ -41,16 +41,22 @@ dependencies:
41
41
  name: foobara
42
42
  requirement: !ruby/object:Gem::Requirement
43
43
  requirements:
44
- - - "~>"
44
+ - - ">="
45
+ - !ruby/object:Gem::Version
46
+ version: 0.1.1
47
+ - - "<"
45
48
  - !ruby/object:Gem::Version
46
- version: 0.0.1
49
+ version: 2.0.0
47
50
  type: :runtime
48
51
  prerelease: false
49
52
  version_requirements: !ruby/object:Gem::Requirement
50
53
  requirements:
51
- - - "~>"
54
+ - - ">="
55
+ - !ruby/object:Gem::Version
56
+ version: 0.1.1
57
+ - - "<"
52
58
  - !ruby/object:Gem::Version
53
- version: 0.0.1
59
+ version: 2.0.0
54
60
  email:
55
61
  - azimux@gmail.com
56
62
  executables: []
@@ -112,7 +118,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
112
118
  - !ruby/object:Gem::Version
113
119
  version: '0'
114
120
  requirements: []
115
- rubygems_version: 3.6.2
121
+ rubygems_version: 3.6.9
116
122
  specification_version: 4
117
123
  summary: Provides various auth domain commands and models
118
124
  test_files: []