fridge 0.3.1 → 0.4.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (12) hide show
  1. checksums.yaml +4 -4
  2. data/.travis.yml +3 -1
  3. data/Gemfile +3 -0
  4. data/fridge.gemspec +1 -1
  5. data/lib/fridge.rb +1 -0
  6. data/lib/fridge/access_token.rb +13 -11
  7. data/lib/fridge/expired_token.rb +4 -0
  8. data/lib/fridge/rails_helpers.rb +4 -4
  9. data/lib/fridge/version.rb +1 -1
  10. data/spec/fridge/access_token_spec.rb +17 -4
  11. data/spec/fridge/rails_helpers_spec.rb +1 -1
  12. metadata +5 -4
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 28164c99b4a71e24796559da6b1fc0663d0f42c9
4
- data.tar.gz: db5603732b2c608dd063cdf0b3c8e6cf33f8ead6
3
+ metadata.gz: f3fd8b4cdad9a0058286a10db5947702a8c62251
4
+ data.tar.gz: 2dca120560756b29fb9f91ed233f0fbcb972fc9d
5
5
  SHA512:
6
- metadata.gz: 44f92c7854c7d359fe5cf9596b165c9ff93815f9f1d0040782f2b230de38a47ea314aed24bc48ed531d4fffb880dacd0cbaa85c83261f8739f0b17b5727245e4
7
- data.tar.gz: 2fbf80cfddbade814f62fb21e9492f393d155a5df6e55e49ebf310ee5a4c5218382277d473c518f1b93b7978e592a7edaeac213fc7f0e5d57db3aa48309451c1
6
+ metadata.gz: 78aecaa8eaed3d901472b445b056901b234b188b65c91b59d3a0b910398d4234bf73dce6108f92e8e85bcacdda43764200b509d23bdfef06a8bf25d3a4ca976e
7
+ data.tar.gz: 7497a09cac625ab1f0184024de2cfd698f3e720c09dcfbac0725eb8ed28211142c0c72996f314c35b8041a4a4b7b5161ff344d36ed952025f1f8335da8f94905
data/.travis.yml CHANGED
@@ -1,4 +1,6 @@
1
1
  sudo: false
2
2
  rvm:
3
3
  - 2.0.0
4
- - jruby
4
+ - 2.1.0
5
+ - 2.2.0
6
+ - jruby-9.0.5.0
data/Gemfile CHANGED
@@ -1,4 +1,7 @@
1
1
  source 'https://rubygems.org'
2
2
 
3
+ gem 'activesupport', '~> 4.0'
4
+ gem 'nokogiri', '~> 1.6.0'
5
+
3
6
  # Specify your gem's dependencies in fridge.gemspec
4
7
  gemspec
data/fridge.gemspec CHANGED
@@ -20,7 +20,7 @@ Gem::Specification.new do |spec|
20
20
  spec.require_paths = ['lib']
21
21
 
22
22
  spec.add_dependency 'gem_config'
23
- spec.add_dependency 'jwt', '~> 0.1.13'
23
+ spec.add_dependency 'jwt', '~> 1.5.6'
24
24
 
25
25
  spec.add_development_dependency 'bundler', '~> 1.5'
26
26
  spec.add_development_dependency 'aptible-tasks'
data/lib/fridge.rb CHANGED
@@ -4,6 +4,7 @@ require 'fridge/version'
4
4
  require 'fridge/access_token'
5
5
  require 'fridge/serialization_error'
6
6
  require 'fridge/invalid_token'
7
+ require 'fridge/expired_token'
7
8
 
8
9
  require 'fridge/railtie' if defined?(Rails)
9
10
 
data/lib/fridge/access_token.rb CHANGED
@@ -5,7 +5,6 @@ module Fridge
5
5
  attr_accessor :id, :issuer, :subject, :scope, :expires_at, :actor,
6
6
  :jwt, :attributes
7
7
 
8
- # rubocop:disable MethodLength
9
8
  def initialize(jwt_or_options = nil)
10
9
  options = case jwt_or_options
11
10
  when String
@@ -21,7 +20,6 @@ module Fridge
21
20
  end
22
21
  self.attributes = options
23
22
  end
24
- # rubocop:enable MethodLength
25
23
 
26
24
  def to_s
27
25
  serialize
@@ -46,14 +44,14 @@ module Fridge
46
44
  raise SerializationError, 'Invalid private key or signing algorithm'
47
45
  end
48
46
 
49
- # rubocop:disable MethodLength
50
47
  def decode_and_verify(jwt)
51
- hash = JWT.decode(jwt, public_key)
52
- decode_from_jwt(hash)
53
- rescue JWT::DecodeError
54
- raise InvalidToken, 'Invalid access token'
48
+ payload, _header = JWT.decode(jwt, public_key, true, algorithm: algorithm)
49
+ decode_from_jwt(payload)
50
+ rescue JWT::ExpiredSignature => e
51
+ raise ExpiredToken, e.message
52
+ rescue JWT::DecodeError => e
53
+ raise InvalidToken, e.message
55
54
  end
56
- # rubocop:enable MethodLength
57
55
 
58
56
  def downgrade
59
57
  self.scope = 'read'
@@ -102,19 +100,23 @@ module Fridge
102
100
  end
103
101
  end
104
102
 
103
+ def respond_to_missing?(method, include_private = false)
104
+ attributes.key?(method) || super
105
+ end
106
+
105
107
  def validate_parameters!
106
108
  [:subject, :expires_at].each do |attribute|
107
109
  next if send(attribute)
108
- fail SerializationError, "Missing attribute: #{attribute}"
110
+ raise SerializationError, "Missing attribute: #{attribute}"
109
111
  end
110
112
  end
111
113
 
112
114
  def validate_private_key!
113
- fail SerializationError, 'No private key configured' unless private_key
115
+ raise SerializationError, 'No private key configured' unless private_key
114
116
  end
115
117
 
116
118
  def validate_public_key!
117
- fail SerializationError, 'No public key configured' unless public_key
119
+ raise SerializationError, 'No public key configured' unless public_key
118
120
  end
119
121
 
120
122
  # Internally, we use "subject" to refer to "sub", and so on. We also
data/lib/fridge/expired_token.rb ADDED
@@ -0,0 +1,4 @@
1
+ module Fridge
2
+ class ExpiredToken < InvalidToken
3
+ end
4
+ end
data/lib/fridge/rails_helpers.rb CHANGED
@@ -62,7 +62,7 @@ module Fridge
62
62
  if validator.call(access_token)
63
63
  access_token
64
64
  else
65
- fail InvalidToken
65
+ raise InvalidToken, 'Rejected by validator'
66
66
  end
67
67
  end
68
68
 
@@ -91,7 +91,7 @@ module Fridge
91
91
  end
92
92
 
93
93
  def write_shared_cookie(name, value, options = {})
94
- fail 'Can only write string cookie values' unless value.is_a?(String)
94
+ raise 'Can only write string cookie values' unless value.is_a?(String)
95
95
 
96
96
  cookies[name] = {
97
97
  value: value,
@@ -103,9 +103,9 @@ module Fridge
103
103
  cookies[name]
104
104
  end
105
105
 
106
- def fetch_shared_cookie(name, &block)
106
+ def fetch_shared_cookie(name)
107
107
  return read_shared_cookie(name) if read_shared_cookie(name)
108
- write_shared_cookie(block.call)
108
+ write_shared_cookie(yield)
109
109
  end
110
110
 
111
111
  def delete_shared_cookie(name)
data/lib/fridge/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module Fridge
2
- VERSION = '0.3.1'
2
+ VERSION = '0.4.0'.freeze
3
3
  end
data/spec/fridge/access_token_spec.rb CHANGED
@@ -14,7 +14,10 @@ describe Fridge::AccessToken do
14
14
  end
15
15
 
16
16
  it 'should accept a JWT' do
17
- jwt = JWT.encode({ id: 'foobar', exp: 0 }, private_key, 'RS512')
17
+ jwt = JWT.encode(
18
+ { id: 'foobar', exp: Time.now.to_i + 10 },
19
+ private_key, 'RS512'
20
+ )
18
21
  access_token = described_class.new(jwt)
19
22
  expect(access_token.id).to eq 'foobar'
20
23
  end
@@ -28,11 +31,19 @@ describe Fridge::AccessToken do
28
31
  expect { described_class.new(jwt) }.to raise_error Fridge::InvalidToken
29
32
  end
30
33
 
34
+ it 'should raise an error on an expired JWT' do
35
+ jwt = JWT.encode(
36
+ { id: 'foobar', exp: Time.now.to_i - 10 },
37
+ private_key, 'RS512'
38
+ )
39
+ expect { described_class.new(jwt) }.to raise_error(Fridge::ExpiredToken)
40
+ end
41
+
31
42
  # http://bit.ly/jwt-none-vulnerability
32
43
  it 'should raise an error with { "alg": "none" }' do
33
44
  jwt = "#{Base64.encode64({ typ: 'JWT', alg: 'none' }.to_json).chomp}." \
34
45
  "#{Base64.encode64({ id: 'foobar' }.to_json).chomp}"
35
- expect(JWT.decode(jwt, nil, false)).to eq('id' => 'foobar')
46
+ expect(JWT.decode(jwt, nil, false)[0]).to eq('id' => 'foobar')
36
47
  expect { described_class.new(jwt) }.to raise_error Fridge::InvalidToken
37
48
  end
38
49
  end
@@ -81,7 +92,7 @@ describe Fridge::AccessToken do
81
92
  end
82
93
 
83
94
  it 'should represent :exp in seconds since the epoch' do
84
- hash = JWT.decode(subject.serialize, public_key)
95
+ hash, = JWT.decode(subject.serialize, public_key)
85
96
  expect(hash['exp']).to be_a Fixnum
86
97
  end
87
98
 
@@ -102,6 +113,8 @@ describe Fridge::AccessToken do
102
113
 
103
114
  expect(copy.attributes[:foo]).to eq 'bar'
104
115
  expect(copy.foo).to eq 'bar'
116
+ expect(copy.respond_to?(:foo)).to be_truthy
117
+ expect(copy.respond_to?(:bar)).to be_falsey
105
118
  end
106
119
 
107
120
  it 'should raise an error if required attributes are missing' do
@@ -119,7 +132,7 @@ describe Fridge::AccessToken do
119
132
  # test that, although eventually we'll want to see symbols back.
120
133
  actor_s = { 'sub' => 'foo', 'username' => 'test',
121
134
  'act' => { 'sub' => 'bar' } }
122
- hash = JWT.decode(subject.serialize, public_key)
135
+ hash, = JWT.decode(subject.serialize, public_key)
123
136
  expect(hash['act']).to eq(actor_s)
124
137
 
125
138
  # Now, check that we properly get symbols back
data/spec/fridge/rails_helpers_spec.rb CHANGED
@@ -139,7 +139,7 @@ describe Controller, type: :controller do
139
139
  end
140
140
 
141
141
  it 'should return false if the token validator fails' do
142
- Fridge.configuration.validator = ->(_) { fail 'Foobar' }
142
+ Fridge.configuration.validator = ->(_) { raise 'Foobar' }
143
143
  expect(controller.validate_token(access_token)).to be false
144
144
  end
145
145
 
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: fridge
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.3.1
4
+ version: 0.4.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Frank Macreery
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2016-03-01 00:00:00.000000000 Z
11
+ date: 2017-04-11 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: gem_config
@@ -30,14 +30,14 @@ dependencies:
30
30
  requirements:
31
31
  - - "~>"
32
32
  - !ruby/object:Gem::Version
33
- version: 0.1.13
33
+ version: 1.5.6
34
34
  type: :runtime
35
35
  prerelease: false
36
36
  version_requirements: !ruby/object:Gem::Requirement
37
37
  requirements:
38
38
  - - "~>"
39
39
  - !ruby/object:Gem::Version
40
- version: 0.1.13
40
+ version: 1.5.6
41
41
  - !ruby/object:Gem::Dependency
42
42
  name: bundler
43
43
  requirement: !ruby/object:Gem::Requirement
@@ -153,6 +153,7 @@ files:
153
153
  - fridge.gemspec
154
154
  - lib/fridge.rb
155
155
  - lib/fridge/access_token.rb
156
+ - lib/fridge/expired_token.rb
156
157
  - lib/fridge/invalid_token.rb
157
158
  - lib/fridge/rails_helpers.rb
158
159
  - lib/fridge/railtie.rb