fridge 0.1.2 → 0.2.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: e218e44c99f35477998c66a5f0c78bc81d31a4eb
-  data.tar.gz: 884d82c5dfc0c5dfe1a2efb43a7a5accf3e0d2b5
+  metadata.gz: b49455bd0f488a16a7644a83d79f3c4cbb5d71b6
+  data.tar.gz: c778c54e88438ef63194d90304860710026bc403
 SHA512:
-  metadata.gz: c0fd5108ef1b8e9a80cf79f918d3091cc3e352ff3d279c90bd6d857e4aedc7a66065e2eee88558e066d871796090146e213b0eeb34f5c5b8262204ce5068d1b0
-  data.tar.gz: 5b6e2a02c965a70d653174ad65eb2e2c436a29071cd2abebcd718b08a435afa9a6a4a6200697debedf5db02e5b1105da33fcd970dbe081055666af25fc6f5da3
+  metadata.gz: 9cea20d8b86972656d086f046ddc8d0248215116200a3bbf2bb5b2b916919bd973b90bc8781325ffbb51e36079ad77396711508c44824ec252a76ae2223211c9
+  data.tar.gz: 7d12fc628282bc7fb2910b0148c55e0a98186ca423b6bf34c2bea4ae8f33e59b5ee89df0755ce7c1c46ba8869b3bee9e368de09f3e06117fd02befc38c130c8b

data/lib/fridge/access_token.rb

@@ -2,7 +2,8 @@ require 'jwt'
 
 module Fridge
   class AccessToken
-    attr_accessor :id, :issuer, :subject, :scope, :expires_at, :jwt
+    attr_accessor :id, :issuer, :subject, :scope, :expires_at,
+                  :jwt, :attributes
 
     # rubocop:disable MethodLength
     def initialize(jwt_or_options = nil)
@@ -14,9 +15,11 @@ module Fridge
                 when Hash then jwt_or_options
                 else {}
                 end
-      options.each do |key, value|
-        instance_variable_set("@#{key}", value)
+      [:id, :issuer, :subject, :scope, :expires_at].each do |key|
+        send "#{key}=", options.delete(key)
       end
+      self.attributes = options.reject { |k, v| v.nil? }
+      attributes.symbolize_keys!
     end
     # rubocop:enable MethodLength
 
@@ -38,23 +41,26 @@ module Fridge
         sub: subject,
         scope: scope,
         exp: expires_at.to_i
-      }, private_key, algorithm)
+      }.merge(attributes), private_key, algorithm)
     rescue
       raise SerializationError, 'Invalid private key or signing algorithm'
     end
 
+    # rubocop:disable MethodLength
     def decode_and_verify(jwt)
       hash = JWT.decode(jwt, public_key)
-      {
-        id: hash['id'],
-        issuer: hash['iss'],
-        subject: hash['sub'],
-        scope: hash['scope'],
-        expires_at: Time.at(hash['exp'])
+      base = {
+        id: hash.delete('id'),
+        issuer: hash.delete('iss'),
+        subject: hash.delete('sub'),
+        scope: hash.delete('scope'),
+        expires_at: Time.at(hash.delete('exp'))
       }
-      rescue JWT::DecodeError
-        raise InvalidToken, 'Invalid access token'
+      base.merge(hash)
+    rescue JWT::DecodeError
+      raise InvalidToken, 'Invalid access token'
     end
+    # rubocop:enable MethodLength
 
     def valid?
       !expired?
@@ -91,6 +97,14 @@ module Fridge
 
     protected
 
+    def method_missing(method, *args, &block)
+      if attributes.key?(method)
+        attributes[method]
+      else
+        super
+      end
+    end
+
     def validate_parameters!
       [:subject, :expires_at].each do |attribute|
         unless send(attribute)

data/lib/fridge/rails_helpers.rb

@@ -25,39 +25,64 @@ module Fridge
     end
 
     def session_token
-      return unless cookies[:session_token]
-      @session_token = AccessToken.new(cookies[:session_token]).tap do |token|
+      return unless session_cookie
+      @session_token ||= AccessToken.new(session_cookie).tap do |token|
         validate_token!(token)
       end
     rescue
-      clear_session_token
-      @session_token = nil
+      clear_session_cookie
     end
 
+    # Validates token, and returns the token, or nil
+    def validate_token(access_token)
+      validator = Fridge.configuration.validator
+      validator.call(access_token) && access_token
+    rescue
+      false
+    end
+
+    # Validates token, and raises an exception if invalid
     def validate_token!(access_token)
       validator = Fridge.configuration.validator
-      fail InvalidToken unless validator.call(access_token)
+      if validator.call(access_token)
+        access_token
+      else
+        fail InvalidToken
+      end
     end
 
-    def store_session_token(access_token)
+    def sessionize_token(access_token)
       # Ensure that any cookie-persisted tokens are read-only
       access_token.scope = 'read'
 
       jwt = access_token.serialize
-      cookies[:session_token] = cookie_options.merge(
+      self.session_cookie = {
         value: jwt,
-        expires_at: access_token.expires_at
-      )
+        expires: access_token.expires_at
+      }.merge(fridge_cookie_options)
     end
 
-    def clear_session_token
-      cookies.delete :session_token, domain: :all
+    def session_cookie
+      cookies[fridge_cookie_name]
+    end
+
+    def session_cookie=(cookie)
+      cookies[fridge_cookie_name] = cookie
+    end
+
+    def clear_session_cookie
+      cookies.delete fridge_cookie_name, domain: :all
       nil
     end
 
-    def cookie_options
+    def fridge_cookie_name
+      Fridge.configuration.cookie_name
+    end
+
+    def fridge_cookie_options
       secure = !Rails.env.development?
-      { domain: :all, secure: secure, httponly: true }
+      options = { domain: :all, secure: secure, httponly: true }
+      options.merge(Fridge.configuration.cookie_options)
     end
   end
 end

data/lib/fridge/version.rb

@@ -1,3 +1,3 @@
 module Fridge
-  VERSION = '0.1.2'
+  VERSION = '0.2.0'
 end

data/lib/fridge.rb

@@ -19,5 +19,8 @@ module Fridge
     # A validator must raise an exception or return a false value for an
     # invalid token
     has :validator, classes: [Proc], default: ->(token) { token.valid? }
+
+    has :cookie_name, classes: [String, Symbol], default: :fridge_session
+    has :cookie_options, classes: [Hash], default: {}
   end
 end

data/spec/fridge/access_token_spec.rb

@@ -32,7 +32,7 @@ describe Fridge::AccessToken do
     let(:options) do
       {
         id: SecureRandom.uuid,
-        iss: 'https://auth.aptible.com',
+        issuer: 'https://auth.aptible.com',
         subject: "https://auth.aptible.com/users/#{SecureRandom.uuid}",
         scope: 'read',
         expires_at: Time.now + 3600
@@ -86,6 +86,14 @@ describe Fridge::AccessToken do
       expect(copy.scope).to eq subject.scope
     end
 
+    it 'should include custom attributes' do
+      subject = described_class.new(options.merge(foo: 'bar'))
+      copy = described_class.new(subject.serialize)
+
+      expect(copy.attributes[:foo]).to eq 'bar'
+      expect(copy.foo).to eq 'bar'
+    end
+
     it 'should raise an error if required attributes are missing' do
       subject.subject = nil
       expect { subject.serialize }.to raise_error Fridge::SerializationError

data/spec/fridge/rails_helpers_spec.rb

@@ -99,27 +99,74 @@ describe Controller, type: :controller do
 
     describe '#session_token' do
       it 'should delete all cookies on error' do
-        cookies[:session_token] = 'foobar'
+        cookies[:fridge_session] = 'foobar'
         controller.session_token
-        expect(cookies.deleted?(:session_token, domain: :all)).to be_true
+        expect(cookies.deleted?(:fridge_session, domain: :all)).to be_true
       end
 
       it 'should return nil on error' do
-        cookies[:session_token] = 'foobar'
+        cookies[:fridge_session] = 'foobar'
         expect(controller.session_token).to be_nil
       end
 
-      it 'should return the token stored in :session_token' do
-        cookies[:session_token] = access_token.serialize
+      it 'should return the token stored in :fridge_session' do
+        cookies[:fridge_session] = access_token.serialize
         expect(controller.session_token.id).to eq access_token.id
       end
     end
 
-    describe '#store_session_token' do
+    describe '#validate_token' do
+      it 'should return false if the token is invalid' do
+        Fridge.configuration.validator = ->(token) { false }
+        expect(controller.validate_token(access_token)).to be_false
+      end
+
+      it 'should return false if the token validator fails' do
+        Fridge.configuration.validator = ->(token) { fail 'Foobar' }
+        expect(controller.validate_token(access_token)).to be_false
+      end
+
+      it 'should return the token if valid' do
+        Fridge.configuration.validator = ->(token) { true }
+        expect(controller.validate_token(access_token)).to eq access_token
+      end
+    end
+
+    describe '#validate_token' do
+      it 'should raise an exception if the token is invalid' do
+        Fridge.configuration.validator = ->(token) { false }
+        expect { controller.validate_token!(access_token) }.to raise_error
+      end
+
+      it 'should return the token if valid' do
+        Fridge.configuration.validator = ->(token) { true }
+        expect(controller.validate_token!(access_token)).to eq access_token
+      end
+    end
+
+    describe '#sessionize_token' do
       it 'should set a session cookie' do
         Rails.stub_chain(:env, :development?) { false }
-        controller.store_session_token(access_token)
-        expect(cookies[:session_token]).to eq access_token.serialize
+        controller.sessionize_token(access_token)
+        expect(cookies[:fridge_session]).to eq access_token.serialize
+      end
+    end
+
+    describe '#fridge_cookie_name' do
+      it 'is configurable' do
+        Fridge.configuration.cookie_name = 'foobar'
+        expect(controller.fridge_cookie_name).to eq 'foobar'
+      end
+    end
+
+    describe '#fridge_cookie_options' do
+      before { Rails.stub_chain(:env, :development?) { false } }
+
+      it 'are configurable' do
+        Fridge.configuration.cookie_options = { foobar: true }
+        options = controller.fridge_cookie_options
+        expect(options[:domain]).to eq :all
+        expect(options[:foobar]).to eq true
       end
     end
   end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: fridge
 version: !ruby/object:Gem::Version
-  version: 0.1.2
+  version: 0.2.0
 platform: ruby
 authors:
 - Frank Macreery
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2014-02-11 00:00:00.000000000 Z
+date: 2014-02-28 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: gem_config