fridge 0.2.4 → 0.3.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: baa2d0014ae145e09c68dc53c816938ad272aa3d
-  data.tar.gz: 7f34e028cb347f9da11e1d52d6f7443dc7f470bb
+  metadata.gz: f4a824a32d9980601cfa696083b4a7c2765f26e0
+  data.tar.gz: 27f1e343ab6fdd60a947254f3c9eb428370cb11e
 SHA512:
-  metadata.gz: 586f9c3edb3356d64068ca3b9c43741411238423b6cdb0d6a63041fed790b13e47c3d1d43c7ea6ef1c4e290b04f03cf253e4a6da40a2d0d9a89b01d72cb866fa
-  data.tar.gz: 7d3dff29fffe39c8f656180e091639f4b2139a513fa024e2d0d189f5436cb4d39f2dacab4867987e57e781380359a3281e3d61fee5db8fe5a8fff723bc68ed91
+  metadata.gz: b7f135652cd8d9702f9fd3f5ed32f9b6b31ba702ef107a18f32b73303200b89302659991a666c98f432cb9cb5bc2109444b88f9239e3781dd9378c738cc05567
+  data.tar.gz: 446fb0d2f82514a9d978159f699fc1f031948ad48c0364b46bae54d285c700fc84f86b6c6d2b6a126fef340f51dd97fdb07a36b250df0018c7f3350b390552fc

data/README.md

@@ -80,4 +80,6 @@ store_session_cookie(access_token)
 
 MIT License, see [LICENSE](LICENSE.md) for details.
 
-Copyright (c) 2014 [Aptible](https://www.aptible.com), Frank Macreery, and contributors.
+Copyright (c) 2014 [Aptible](https://www.aptible.com) and contributors.
+
+[<img src="https://s.gravatar.com/avatar/f7790b867ae619ae0496460aa28c5861?s=60" style="border-radius: 50%;" alt="@fancyremarker" />](https://github.com/fancyremarker)

data/lib/fridge/access_token.rb

@@ -62,6 +62,10 @@ module Fridge
     end
     # rubocop:enable MethodLength
 
+    def downgrade
+      self.scope = 'read'
+    end
+
     def valid?
       !expired?
     end

data/lib/fridge/rails_helpers.rb

@@ -34,7 +34,7 @@ module Fridge
     def session_token
       return unless session_cookie
       @session_token ||= AccessToken.new(session_cookie).tap do |token|
-        validate_token!(token)
+        validate_token!(token).downgrade
       end
     rescue
       clear_session_cookie

data/lib/fridge/version.rb

@@ -1,3 +1,3 @@
 module Fridge
-  VERSION = '0.2.4'
+  VERSION = '0.3.0'
 end

data/spec/fridge/access_token_spec.rb

@@ -117,4 +117,10 @@ describe Fridge::AccessToken do
       expect(subject).not_to be_expired
     end
   end
+
+  describe '#downgrade' do
+    it 'sets the token scope to :read' do
+      expect { subject.downgrade }.to change(subject, :scope).to('read')
+    end
+  end
 end

data/spec/fridge/rails_helpers_spec.rb

@@ -116,6 +116,20 @@ describe Controller, type: :controller do
         cookies[:fridge_session] = access_token.serialize
         expect(controller.session_token.id).to eq access_token.id
       end
+
+      context 'with a non-:read scope' do
+        before { options.merge!(scope: 'manage') }
+
+        it 'should downgrade the token' do
+          cookies[:fridge_session] = access_token.serialize
+          expect(controller.session_token.scope).to eq 'read'
+        end
+
+        it 'should not change the validity of a token' do
+          cookies[:fridge_session] = access_token.serialize
+          expect(controller.session_token).to be_valid
+        end
+      end
     end
 
     describe '#validate_token' do

metadata

@@ -1,139 +1,139 @@
 --- !ruby/object:Gem::Specification
 name: fridge
 version: !ruby/object:Gem::Version
-  version: 0.2.4
+  version: 0.3.0
 platform: ruby
 authors:
 - Frank Macreery
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2014-09-30 00:00:00.000000000 Z
+date: 2015-04-01 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: gem_config
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - '>='
+    - - ">="
       - !ruby/object:Gem::Version
         version: '0'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - '>='
+    - - ">="
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
   name: jwt
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
         version: 0.1.13
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
         version: 0.1.13
 - !ruby/object:Gem::Dependency
   name: bundler
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
         version: '1.5'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
         version: '1.5'
 - !ruby/object:Gem::Dependency
   name: aptible-tasks
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - '>='
+    - - ">="
       - !ruby/object:Gem::Version
         version: '0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - '>='
+    - - ">="
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
   name: rake
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - '>='
+    - - ">="
       - !ruby/object:Gem::Version
         version: '0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - '>='
+    - - ">="
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
   name: rails
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - '>='
+    - - ">="
       - !ruby/object:Gem::Version
         version: '0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - '>='
+    - - ">="
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
   name: rspec
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
         version: '2.0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
         version: '2.0'
 - !ruby/object:Gem::Dependency
   name: rspec-rails
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - '>='
+    - - ">="
       - !ruby/object:Gem::Version
         version: '0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - '>='
+    - - ">="
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
   name: pry
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - '>='
+    - - ">="
       - !ruby/object:Gem::Version
         version: '0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - '>='
+    - - ">="
       - !ruby/object:Gem::Version
         version: '0'
 description: Token validation for distributed resource servers
@@ -143,9 +143,9 @@ executables: []
 extensions: []
 extra_rdoc_files: []
 files:
-- .gitignore
-- .rspec
-- .travis.yml
+- ".gitignore"
+- ".rspec"
+- ".travis.yml"
 - Gemfile
 - LICENSE.md
 - README.md
@@ -173,12 +173,12 @@ require_paths:
 - lib
 required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
-  - - '>='
+  - - ">="
     - !ruby/object:Gem::Version
       version: '0'
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
-  - - '>='
+  - - ">="
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []