fridge 0.3.1 → 0.4.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (12) hide show
  1. checksums.yaml +4 -4
  2. data/.travis.yml +3 -1
  3. data/Gemfile +3 -0
  4. data/fridge.gemspec +1 -1
  5. data/lib/fridge.rb +1 -0
  6. data/lib/fridge/access_token.rb +13 -11
  7. data/lib/fridge/expired_token.rb +4 -0
  8. data/lib/fridge/rails_helpers.rb +4 -4
  9. data/lib/fridge/version.rb +1 -1
  10. data/spec/fridge/access_token_spec.rb +17 -4
  11. data/spec/fridge/rails_helpers_spec.rb +1 -1
  12. metadata +5 -4
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 28164c99b4a71e24796559da6b1fc0663d0f42c9
4
- data.tar.gz: db5603732b2c608dd063cdf0b3c8e6cf33f8ead6
3
+ metadata.gz: f3fd8b4cdad9a0058286a10db5947702a8c62251
4
+ data.tar.gz: 2dca120560756b29fb9f91ed233f0fbcb972fc9d
5
5
  SHA512:
6
- metadata.gz: 44f92c7854c7d359fe5cf9596b165c9ff93815f9f1d0040782f2b230de38a47ea314aed24bc48ed531d4fffb880dacd0cbaa85c83261f8739f0b17b5727245e4
7
- data.tar.gz: 2fbf80cfddbade814f62fb21e9492f393d155a5df6e55e49ebf310ee5a4c5218382277d473c518f1b93b7978e592a7edaeac213fc7f0e5d57db3aa48309451c1
6
+ metadata.gz: 78aecaa8eaed3d901472b445b056901b234b188b65c91b59d3a0b910398d4234bf73dce6108f92e8e85bcacdda43764200b509d23bdfef06a8bf25d3a4ca976e
7
+ data.tar.gz: 7497a09cac625ab1f0184024de2cfd698f3e720c09dcfbac0725eb8ed28211142c0c72996f314c35b8041a4a4b7b5161ff344d36ed952025f1f8335da8f94905
data/.travis.yml CHANGED
@@ -1,4 +1,6 @@
1
1
  sudo: false
2
2
  rvm:
3
3
  - 2.0.0
4
- - jruby
4
+ - 2.1.0
5
+ - 2.2.0
6
+ - jruby-9.0.5.0
data/Gemfile CHANGED
@@ -1,4 +1,7 @@
1
1
  source 'https://rubygems.org'
2
2
 
3
+ gem 'activesupport', '~> 4.0'
4
+ gem 'nokogiri', '~> 1.6.0'
5
+
3
6
  # Specify your gem's dependencies in fridge.gemspec
4
7
  gemspec
data/fridge.gemspec CHANGED
@@ -20,7 +20,7 @@ Gem::Specification.new do |spec|
20
20
  spec.require_paths = ['lib']
21
21
 
22
22
  spec.add_dependency 'gem_config'
23
- spec.add_dependency 'jwt', '~> 0.1.13'
23
+ spec.add_dependency 'jwt', '~> 1.5.6'
24
24
 
25
25
  spec.add_development_dependency 'bundler', '~> 1.5'
26
26
  spec.add_development_dependency 'aptible-tasks'
data/lib/fridge.rb CHANGED
@@ -4,6 +4,7 @@ require 'fridge/version'
4
4
  require 'fridge/access_token'
5
5
  require 'fridge/serialization_error'
6
6
  require 'fridge/invalid_token'
7
+ require 'fridge/expired_token'
7
8
 
8
9
  require 'fridge/railtie' if defined?(Rails)
9
10
 
data/lib/fridge/access_token.rb CHANGED
@@ -5,7 +5,6 @@ module Fridge
5
5
  attr_accessor :id, :issuer, :subject, :scope, :expires_at, :actor,
6
6
  :jwt, :attributes
7
7
 
8
- # rubocop:disable MethodLength
9
8
  def initialize(jwt_or_options = nil)
10
9
  options = case jwt_or_options
11
10
  when String
@@ -21,7 +20,6 @@ module Fridge
21
20
  end
22
21
  self.attributes = options
23
22
  end
24
- # rubocop:enable MethodLength
25
23
 
26
24
  def to_s
27
25
  serialize
@@ -46,14 +44,14 @@ module Fridge
46
44
  raise SerializationError, 'Invalid private key or signing algorithm'
47
45
  end
48
46
 
49
- # rubocop:disable MethodLength
50
47
  def decode_and_verify(jwt)
51
- hash = JWT.decode(jwt, public_key)
52
- decode_from_jwt(hash)
53
- rescue JWT::DecodeError
54
- raise InvalidToken, 'Invalid access token'
48
+ payload, _header = JWT.decode(jwt, public_key, true, algorithm: algorithm)
49
+ decode_from_jwt(payload)
50
+ rescue JWT::ExpiredSignature => e
51
+ raise ExpiredToken, e.message
52
+ rescue JWT::DecodeError => e
53
+ raise InvalidToken, e.message
55
54
  end
56
- # rubocop:enable MethodLength
57
55
 
58
56
  def downgrade
59
57
  self.scope = 'read'
@@ -102,19 +100,23 @@ module Fridge
102
100
  end
103
101
  end
104
102
 
103
+ def respond_to_missing?(method, include_private = false)
104
+ attributes.key?(method) || super
105
+ end
106
+
105
107
  def validate_parameters!
106
108
  [:subject, :expires_at].each do |attribute|
107
109
  next if send(attribute)
108
- fail SerializationError, "Missing attribute: #{attribute}"
110
+ raise SerializationError, "Missing attribute: #{attribute}"
109
111
  end
110
112
  end
111
113
 
112
114
  def validate_private_key!
113
- fail SerializationError, 'No private key configured' unless private_key
115
+ raise SerializationError, 'No private key configured' unless private_key
114
116
  end
115
117
 
116
118
  def validate_public_key!
117
- fail SerializationError, 'No public key configured' unless public_key
119
+ raise SerializationError, 'No public key configured' unless public_key
118
120
  end
119
121
 
120
122
  # Internally, we use "subject" to refer to "sub", and so on. We also
data/lib/fridge/expired_token.rb ADDED
@@ -0,0 +1,4 @@
1
+ module Fridge
2
+ class ExpiredToken < InvalidToken
3
+ end
4
+ end
data/lib/fridge/rails_helpers.rb CHANGED
@@ -62,7 +62,7 @@ module Fridge
62
62
  if validator.call(access_token)
63
63
  access_token
64
64
  else
65
- fail InvalidToken
65
+ raise InvalidToken, 'Rejected by validator'
66
66
  end
67
67
  end
68
68
 
@@ -91,7 +91,7 @@ module Fridge
91
91
  end
92
92
 
93
93
  def write_shared_cookie(name, value, options = {})
94
- fail 'Can only write string cookie values' unless value.is_a?(String)
94
+ raise 'Can only write string cookie values' unless value.is_a?(String)
95
95
 
96
96
  cookies[name] = {
97
97
  value: value,
@@ -103,9 +103,9 @@ module Fridge
103
103
  cookies[name]
104
104
  end
105
105
 
106
- def fetch_shared_cookie(name, &block)
106
+ def fetch_shared_cookie(name)
107
107
  return read_shared_cookie(name) if read_shared_cookie(name)
108
- write_shared_cookie(block.call)
108
+ write_shared_cookie(yield)
109
109
  end
110
110
 
111
111
  def delete_shared_cookie(name)
data/lib/fridge/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module Fridge
2
- VERSION = '0.3.1'
2
+ VERSION = '0.4.0'.freeze
3
3
  end
data/spec/fridge/access_token_spec.rb CHANGED
@@ -14,7 +14,10 @@ describe Fridge::AccessToken do
14
14
  end
15
15
 
16
16
  it 'should accept a JWT' do
17
- jwt = JWT.encode({ id: 'foobar', exp: 0 }, private_key, 'RS512')
17
+ jwt = JWT.encode(
18
+ { id: 'foobar', exp: Time.now.to_i + 10 },
19
+ private_key, 'RS512'
20
+ )
18
21
  access_token = described_class.new(jwt)
19
22
  expect(access_token.id).to eq 'foobar'
20
23
  end
@@ -28,11 +31,19 @@ describe Fridge::AccessToken do
28
31
  expect { described_class.new(jwt) }.to raise_error Fridge::InvalidToken
29
32
  end
30
33
 
34
+ it 'should raise an error on an expired JWT' do
35
+ jwt = JWT.encode(
36
+ { id: 'foobar', exp: Time.now.to_i - 10 },
37
+ private_key, 'RS512'
38
+ )
39
+ expect { described_class.new(jwt) }.to raise_error(Fridge::ExpiredToken)
40
+ end
41
+
31
42
  # http://bit.ly/jwt-none-vulnerability
32
43
  it 'should raise an error with { "alg": "none" }' do
33
44
  jwt = "#{Base64.encode64({ typ: 'JWT', alg: 'none' }.to_json).chomp}." \
34
45
  "#{Base64.encode64({ id: 'foobar' }.to_json).chomp}"
35
- expect(JWT.decode(jwt, nil, false)).to eq('id' => 'foobar')
46
+ expect(JWT.decode(jwt, nil, false)[0]).to eq('id' => 'foobar')
36
47
  expect { described_class.new(jwt) }.to raise_error Fridge::InvalidToken
37
48
  end
38
49
  end
@@ -81,7 +92,7 @@ describe Fridge::AccessToken do
81
92
  end
82
93
 
83
94
  it 'should represent :exp in seconds since the epoch' do
84
- hash = JWT.decode(subject.serialize, public_key)
95
+ hash, = JWT.decode(subject.serialize, public_key)
85
96
  expect(hash['exp']).to be_a Fixnum
86
97
  end
87
98
 
@@ -102,6 +113,8 @@ describe Fridge::AccessToken do
102
113
 
103
114
  expect(copy.attributes[:foo]).to eq 'bar'
104
115
  expect(copy.foo).to eq 'bar'
116
+ expect(copy.respond_to?(:foo)).to be_truthy
117
+ expect(copy.respond_to?(:bar)).to be_falsey
105
118
  end
106
119
 
107
120
  it 'should raise an error if required attributes are missing' do
@@ -119,7 +132,7 @@ describe Fridge::AccessToken do
119
132
  # test that, although eventually we'll want to see symbols back.
120
133
  actor_s = { 'sub' => 'foo', 'username' => 'test',
121
134
  'act' => { 'sub' => 'bar' } }
122
- hash = JWT.decode(subject.serialize, public_key)
135
+ hash, = JWT.decode(subject.serialize, public_key)
123
136
  expect(hash['act']).to eq(actor_s)
124
137
 
125
138
  # Now, check that we properly get symbols back
data/spec/fridge/rails_helpers_spec.rb CHANGED
@@ -139,7 +139,7 @@ describe Controller, type: :controller do
139
139
  end
140
140
 
141
141
  it 'should return false if the token validator fails' do
142
- Fridge.configuration.validator = ->(_) { fail 'Foobar' }
142
+ Fridge.configuration.validator = ->(_) { raise 'Foobar' }
143
143
  expect(controller.validate_token(access_token)).to be false
144
144
  end
145
145
 
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: fridge
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.3.1
4
+ version: 0.4.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Frank Macreery
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2016-03-01 00:00:00.000000000 Z
11
+ date: 2017-04-11 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: gem_config
@@ -30,14 +30,14 @@ dependencies:
30
30
  requirements:
31
31
  - - "~>"
32
32
  - !ruby/object:Gem::Version
33
- version: 0.1.13
33
+ version: 1.5.6
34
34
  type: :runtime
35
35
  prerelease: false
36
36
  version_requirements: !ruby/object:Gem::Requirement
37
37
  requirements:
38
38
  - - "~>"
39
39
  - !ruby/object:Gem::Version
40
- version: 0.1.13
40
+ version: 1.5.6
41
41
  - !ruby/object:Gem::Dependency
42
42
  name: bundler
43
43
  requirement: !ruby/object:Gem::Requirement
@@ -153,6 +153,7 @@ files:
153
153
  - fridge.gemspec
154
154
  - lib/fridge.rb
155
155
  - lib/fridge/access_token.rb
156
+ - lib/fridge/expired_token.rb
156
157
  - lib/fridge/invalid_token.rb
157
158
  - lib/fridge/rails_helpers.rb
158
159
  - lib/fridge/railtie.rb