foobara-auth 0.0.3 → 0.0.5
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +8 -0
- data/src/login.rb +1 -1
- data/src/refresh_login.rb +16 -18
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 8974dadf886b62fb510f52275ee227a95d74e1fe57b3f8b1fff7242efa3b0949
|
|
4
|
+
data.tar.gz: 01df20b29400198bf1ffa231586a4f6472748d166598ab088a49b3c116ccb236
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: ebbbfd838051b025b66fd40cd324db2037de76a7ea86f72630269697e262071dc4551f0039d2646fffe7a774b38c798c38728d369790b208a7e61eab353566ca
|
|
7
|
+
data.tar.gz: 7c14f7e424f2ed8e803d94c402a74b971f4dd641cfabba5fc49b0a155d13f6ad6eb6b086582e4ac2f22dea8c76b7d81fb597a0c72ca0fc91f744f6564fb54d4f
|
data/CHANGELOG.md
CHANGED
data/src/login.rb
CHANGED
|
@@ -116,7 +116,7 @@ module Foobara
|
|
|
116
116
|
|
|
117
117
|
def save_new_refresh_token_on_user
|
|
118
118
|
# TODO: maybe override #<< on these objects to dirty the entity??
|
|
119
|
-
user_to_login.refresh_tokens
|
|
119
|
+
user_to_login.refresh_tokens = [new_refresh_token[:token_record], *user_to_login.refresh_tokens]
|
|
120
120
|
end
|
|
121
121
|
|
|
122
122
|
def tokens
|
data/src/refresh_login.rb
CHANGED
|
@@ -18,10 +18,10 @@ module Foobara
|
|
|
18
18
|
end
|
|
19
19
|
|
|
20
20
|
depends_on CreateToken, VerifyToken
|
|
21
|
+
depends_on_entities Types::Token
|
|
21
22
|
|
|
22
23
|
inputs do
|
|
23
|
-
|
|
24
|
-
refresh_token_text :string, :required, :sensitive
|
|
24
|
+
refresh_token :string, :required, :sensitive
|
|
25
25
|
# Can we get these TTLs off of the refresh token?
|
|
26
26
|
token_ttl :integer, default: 30 * 60
|
|
27
27
|
refresh_token_ttl :integer, default: 7 * 24 * 60 * 60
|
|
@@ -34,8 +34,7 @@ module Foobara
|
|
|
34
34
|
|
|
35
35
|
def execute
|
|
36
36
|
determine_refresh_token_id_and_secret
|
|
37
|
-
|
|
38
|
-
validate_refresh_token_belongs_to_user
|
|
37
|
+
load_refresh_token_record
|
|
39
38
|
verify_refresh_token
|
|
40
39
|
# Delete it instead maybe?
|
|
41
40
|
mark_refresh_token_as_used
|
|
@@ -49,25 +48,19 @@ module Foobara
|
|
|
49
48
|
tokens
|
|
50
49
|
end
|
|
51
50
|
|
|
52
|
-
attr_accessor :access_token, :new_refresh_token, :now, :expires_at, :
|
|
51
|
+
attr_accessor :access_token, :new_refresh_token, :now, :expires_at, :refresh_token_record,
|
|
53
52
|
:refresh_token_id, :refresh_token_secret, :token_group
|
|
54
53
|
|
|
55
54
|
def determine_refresh_token_id_and_secret
|
|
56
|
-
self.refresh_token_id, self.refresh_token_secret =
|
|
55
|
+
self.refresh_token_id, self.refresh_token_secret = refresh_token.split("_")
|
|
57
56
|
end
|
|
58
57
|
|
|
59
|
-
def
|
|
60
|
-
self.
|
|
61
|
-
end
|
|
62
|
-
|
|
63
|
-
def validate_refresh_token_belongs_to_user
|
|
64
|
-
unless user.refresh_tokens.any? { |token| token.id == refresh_token_id }
|
|
65
|
-
add_runtime_error(RefreshTokenNotOwnedByUser.new(context: { refresh_token_id: }))
|
|
66
|
-
end
|
|
58
|
+
def load_refresh_token_record
|
|
59
|
+
self.refresh_token_record = Types::Token.load(refresh_token_id)
|
|
67
60
|
end
|
|
68
61
|
|
|
69
62
|
def verify_refresh_token
|
|
70
|
-
valid = run_subcommand!(VerifyToken, token_string:
|
|
63
|
+
valid = run_subcommand!(VerifyToken, token_string: refresh_token)
|
|
71
64
|
|
|
72
65
|
unless valid[:verified]
|
|
73
66
|
add_runtime_error(InvalidRefreshTokenError.new(context: { refresh_token_id: }))
|
|
@@ -75,7 +68,7 @@ module Foobara
|
|
|
75
68
|
end
|
|
76
69
|
|
|
77
70
|
def mark_refresh_token_as_used
|
|
78
|
-
|
|
71
|
+
refresh_token_record.use_up!
|
|
79
72
|
end
|
|
80
73
|
|
|
81
74
|
def determine_timestamps
|
|
@@ -93,6 +86,10 @@ module Foobara
|
|
|
93
86
|
self.access_token = JWT.encode(payload, jwt_secret, "HS256")
|
|
94
87
|
end
|
|
95
88
|
|
|
89
|
+
def user
|
|
90
|
+
@user ||= Types::User.that_owns(refresh_token_record, "refresh_tokens")
|
|
91
|
+
end
|
|
92
|
+
|
|
96
93
|
def jwt_secret
|
|
97
94
|
jwt_secret_text = ENV.fetch("JWT_SECRET", nil)
|
|
98
95
|
|
|
@@ -106,7 +103,7 @@ module Foobara
|
|
|
106
103
|
end
|
|
107
104
|
|
|
108
105
|
def determine_token_group
|
|
109
|
-
self.token_group =
|
|
106
|
+
self.token_group = refresh_token_record&.token_group || SecureRandom.uuid
|
|
110
107
|
end
|
|
111
108
|
|
|
112
109
|
def generate_new_refresh_token
|
|
@@ -115,7 +112,8 @@ module Foobara
|
|
|
115
112
|
|
|
116
113
|
def save_new_refresh_token_on_user
|
|
117
114
|
# TODO: maybe override #<< on these objects to dirty the entity??
|
|
118
|
-
|
|
115
|
+
# TODO: DRY this up!!
|
|
116
|
+
user.refresh_tokens = [new_refresh_token[:token_record], *user.refresh_tokens]
|
|
119
117
|
end
|
|
120
118
|
|
|
121
119
|
def tokens
|
metadata
CHANGED
|
@@ -1,13 +1,13 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: foobara-auth
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.0.
|
|
4
|
+
version: 0.0.5
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Miles Georgi
|
|
8
8
|
bindir: bin
|
|
9
9
|
cert_chain: []
|
|
10
|
-
date: 2025-03-
|
|
10
|
+
date: 2025-03-30 00:00:00.000000000 Z
|
|
11
11
|
dependencies:
|
|
12
12
|
- !ruby/object:Gem::Dependency
|
|
13
13
|
name: argon2
|