gcp_iap_warden 0.2.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (22) hide show
  1. checksums.yaml +7 -0
  2. data/.gitignore +12 -0
  3. data/.rspec +3 -0
  4. data/.rubocop.yml +8 -0
  5. data/Gemfile +8 -0
  6. data/Gemfile.lock +121 -0
  7. data/LICENSE +21 -0
  8. data/README.md +86 -0
  9. data/Rakefile +8 -0
  10. data/bin/console +8 -0
  11. data/bin/setup +8 -0
  12. data/docker-compose.yml +10 -0
  13. data/gcp_iap_warden.gemspec +38 -0
  14. data/lib/gcp_iap_warden.rb +11 -0
  15. data/lib/gcp_iap_warden/key_store.rb +36 -0
  16. data/lib/gcp_iap_warden/strategy.rb +9 -0
  17. data/lib/gcp_iap_warden/strategy/base.rb +32 -0
  18. data/lib/gcp_iap_warden/strategy/google_header.rb +30 -0
  19. data/lib/gcp_iap_warden/strategy/google_jwt_header.rb +81 -0
  20. data/lib/gcp_iap_warden/utils.rb +13 -0
  21. data/lib/gcp_iap_warden/version.rb +5 -0
  22. metadata +245 -0
checksums.yaml ADDED
@@ -0,0 +1,7 @@
1
+ ---
2
+ SHA256:
3
+ metadata.gz: 32475e523581c80d45566e369813556bc3f6792784a6482bf9ab890168f86d7f
4
+ data.tar.gz: cc4ec86247409928a937bb0a191c5aa3bed953041e0acc73b7f029ea657b9ebf
5
+ SHA512:
6
+ metadata.gz: f207d3f6fc4941963b7bc2acd098aed1eeed0ad6b8a833cca5f298a5d4e4872d08baccdce8f77407188bc24d4c47b3a5b57c6518d92fb86884fd032f5ab92b0c
7
+ data.tar.gz: 3b93f5a6997406f24f6f851587c16c9faf4c6e9d2f965fa8661038a2027ba9596b8fe2ed18e728f4a0448040010a5085f7c190f543836729ccaf07165034427a
data/.gitignore ADDED
@@ -0,0 +1,12 @@
1
+ /.bundle/
2
+ /.yardoc
3
+ /_yardoc/
4
+ /coverage/
5
+ /doc/
6
+ /pkg/
7
+ /spec/reports/
8
+ /tmp/
9
+
10
+ # rspec failure tracking
11
+ .rspec_status
12
+ .rubocop-https*
data/.rspec ADDED
@@ -0,0 +1,3 @@
1
+ --format documentation
2
+ --color
3
+ --require spec_helper
data/.rubocop.yml ADDED
@@ -0,0 +1,8 @@
1
+ inherit_from:
2
+ - https://raw.githubusercontent.com/bloomon/style-guide/v0.1.0/ruby/rubocop.yml
3
+
4
+ Rails:
5
+ Enabled: true
6
+
7
+ AllCops:
8
+ TargetRubyVersion: 2.4
data/Gemfile ADDED
@@ -0,0 +1,8 @@
1
+ # frozen_string_literal: true
2
+
3
+ source "https://rubygems.org"
4
+
5
+ git_source(:github) { |repo_name| "https://github.com/#{repo_name}" }
6
+
7
+ # Specify your gem's dependencies in gcp_iap_warden.gemspec
8
+ gemspec
data/Gemfile.lock ADDED
@@ -0,0 +1,121 @@
1
+ PATH
2
+ remote: .
3
+ specs:
4
+ gcp_iap_warden (0.2.2)
5
+ jwt (~> 2.1.0)
6
+ warden (~> 1.2.0)
7
+
8
+ GEM
9
+ remote: https://rubygems.org/
10
+ specs:
11
+ abstract_type (0.0.7)
12
+ adamantium (0.2.0)
13
+ ice_nine (~> 0.11.0)
14
+ memoizable (~> 0.4.0)
15
+ addressable (2.5.2)
16
+ public_suffix (>= 2.0.2, < 4.0)
17
+ ast (2.4.1)
18
+ binding_of_caller (0.8.0)
19
+ debug_inspector (>= 0.0.1)
20
+ coderay (1.1.2)
21
+ concord (0.1.5)
22
+ adamantium (~> 0.2.0)
23
+ equalizer (~> 0.0.9)
24
+ crack (0.4.3)
25
+ safe_yaml (~> 1.0.0)
26
+ debug_inspector (0.0.3)
27
+ diff-lcs (1.3)
28
+ equalizer (0.0.11)
29
+ hashdiff (0.3.7)
30
+ ice_nine (0.11.2)
31
+ jwt (2.1.0)
32
+ memoizable (0.4.2)
33
+ thread_safe (~> 0.3, >= 0.3.1)
34
+ method_source (0.9.0)
35
+ parallel (1.19.2)
36
+ parser (2.4.0.2)
37
+ ast (~> 2.3)
38
+ powerpack (0.1.2)
39
+ proc_to_ast (0.1.0)
40
+ coderay
41
+ parser
42
+ unparser
43
+ procto (0.0.3)
44
+ pry (0.11.3)
45
+ coderay (~> 1.1.0)
46
+ method_source (~> 0.9.0)
47
+ public_suffix (3.0.1)
48
+ rack (2.0.8)
49
+ rack-test (0.8.2)
50
+ rack (>= 1.0, < 3)
51
+ rainbow (3.0.0)
52
+ rake (13.0.1)
53
+ rspec (3.7.0)
54
+ rspec-core (~> 3.7.0)
55
+ rspec-expectations (~> 3.7.0)
56
+ rspec-mocks (~> 3.7.0)
57
+ rspec-core (3.7.1)
58
+ rspec-support (~> 3.7.0)
59
+ rspec-expectations (3.7.0)
60
+ diff-lcs (>= 1.2.0, < 2.0)
61
+ rspec-support (~> 3.7.0)
62
+ rspec-its (1.2.0)
63
+ rspec-core (>= 3.0.0)
64
+ rspec-expectations (>= 3.0.0)
65
+ rspec-mocks (3.7.0)
66
+ diff-lcs (>= 1.2.0, < 2.0)
67
+ rspec-support (~> 3.7.0)
68
+ rspec-parameterized (0.4.0)
69
+ binding_of_caller
70
+ parser
71
+ proc_to_ast
72
+ rspec (>= 2.13, < 4)
73
+ unparser
74
+ rspec-support (3.7.0)
75
+ rubocop (0.52.1)
76
+ parallel (~> 1.10)
77
+ parser (>= 2.4.0.2, < 3.0)
78
+ powerpack (~> 0.1)
79
+ rainbow (>= 2.2.2, < 4.0)
80
+ ruby-progressbar (~> 1.7)
81
+ unicode-display_width (~> 1.0, >= 1.0.1)
82
+ ruby-progressbar (1.10.1)
83
+ safe_yaml (1.0.4)
84
+ thread_safe (0.3.6)
85
+ timecop (0.9.1)
86
+ unicode-display_width (1.7.0)
87
+ unparser (0.2.6)
88
+ abstract_type (~> 0.0.7)
89
+ adamantium (~> 0.2.0)
90
+ concord (~> 0.1.5)
91
+ diff-lcs (~> 1.3)
92
+ equalizer (~> 0.0.9)
93
+ parser (>= 2.3.1.2, < 2.5)
94
+ procto (~> 0.0.2)
95
+ vcr (4.0.0)
96
+ warden (1.2.7)
97
+ rack (>= 1.0)
98
+ webmock (3.3.0)
99
+ addressable (>= 2.3.6)
100
+ crack (>= 0.3.2)
101
+ hashdiff
102
+
103
+ PLATFORMS
104
+ ruby
105
+
106
+ DEPENDENCIES
107
+ bundler (~> 1.16)
108
+ gcp_iap_warden!
109
+ pry (~> 0.11.3)
110
+ rack-test (~> 0.8.0)
111
+ rake (~> 13.0)
112
+ rspec (~> 3.0)
113
+ rspec-its (~> 1.2.0)
114
+ rspec-parameterized (~> 0.4.0)
115
+ rubocop (~> 0.52.0)
116
+ timecop (~> 0.9.0)
117
+ vcr (~> 4.0.0)
118
+ webmock (~> 3.3.0)
119
+
120
+ BUNDLED WITH
121
+ 1.17.2
data/LICENSE ADDED
@@ -0,0 +1,21 @@
1
+ MIT License
2
+
3
+ Copyright (c) 2018 Bloomon
4
+
5
+ Permission is hereby granted, free of charge, to any person obtaining a copy
6
+ of this software and associated documentation files (the "Software"), to deal
7
+ in the Software without restriction, including without limitation the rights
8
+ to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
9
+ copies of the Software, and to permit persons to whom the Software is
10
+ furnished to do so, subject to the following conditions:
11
+
12
+ The above copyright notice and this permission notice shall be included in all
13
+ copies or substantial portions of the Software.
14
+
15
+ THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
16
+ IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
17
+ FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
18
+ AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
19
+ LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
20
+ OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
21
+ SOFTWARE.
data/README.md ADDED
@@ -0,0 +1,86 @@
1
+ # GCP IAP Warden
2
+
3
+ Google Cloud [Cloud Identity-Aware Proxy](https://cloud.google.com/iap/)
4
+ strategies for [Warden](https://github.com/hassox/warden)
5
+
6
+ ## Usage
7
+
8
+ Below is just an example for ussage with rails.
9
+ But you can easily reuse the code for you rack based app.
10
+
11
+ Read more about Warden [here](https://github.com/hassox/warden/wiki)
12
+
13
+ You may have use different strategies:
14
+ `gcp_iap_google_jwt_header` or `gcp_iap_google_header`
15
+
16
+ Recommended is `gcp_iap_google_jwt_header` read more [here](https://cloud.google.com/iap/docs/signed-headers-howto)
17
+
18
+ Initialize the warden with something like
19
+
20
+ ```
21
+ # ./config/initializers/warden.rb
22
+
23
+ require "gcp_iap_warden"
24
+
25
+ GcpIapWarden::Strategy::GoogleJWTHeader.config(
26
+ project: ENV.fetch("GCP_PROJECT_ID"),
27
+ backend: ENV.fetch("GCP_BACKEND_ID")
28
+ )
29
+
30
+ Rails.application.config.middleware.insert_after(
31
+ ActionDispatch::Session::CookieStore, Warden::Manager
32
+ ) do |manager|
33
+ manager.default_strategies :gcp_iap_google_jwt_header
34
+ manager.failure_app = UnauthorizedController
35
+ end
36
+ ```
37
+
38
+ Or for AppEngine like
39
+
40
+ ```
41
+ # ./config/initializers/warden.rb
42
+
43
+ require "gcp_iap_warden"
44
+
45
+ GcpIapWarden::Strategy::GoogleJWTHeader.config(
46
+ project: ENV.fetch("GCP_PROJECT_ID"),
47
+ backend: ENV.fetch("APP_ENGINE_PROJECT_ID")
48
+ platform: :app_engine
49
+ )
50
+
51
+ Rails.application.config.middleware.insert_after(
52
+ ActionDispatch::Session::CookieStore, Warden::Manager
53
+ ) do |manager|
54
+ manager.default_strategies :gcp_iap_google_jwt_header
55
+ manager.failure_app = UnauthorizedController
56
+ end
57
+ ```
58
+
59
+ Your `UnauthorizedController` may look like
60
+
61
+ ```
62
+ # app/controllers/unauthorized_controller.rb
63
+
64
+ class UnauthorizedController < ActionController::Metal
65
+ def self.call(env)
66
+ env["warden"].errors.each do |message|
67
+ Rails.logger.warn("[unauthorized] reason: #{message}")
68
+ end
69
+ @respond ||= action(:respond)
70
+ @respond.call(env)
71
+ end
72
+
73
+ def respond
74
+ self.response_body = "Unauthorized Action"
75
+ self.status = :unauthorized
76
+ end
77
+ end
78
+ ```
79
+
80
+ ## Development
81
+
82
+ Setup and run tests
83
+
84
+ ```
85
+ docker-compose run --rm app ./bin/setup
86
+ ```
data/Rakefile ADDED
@@ -0,0 +1,8 @@
1
+ # frozen_string_literal: true
2
+
3
+ require "bundler/gem_tasks"
4
+ require "rspec/core/rake_task"
5
+
6
+ RSpec::Core::RakeTask.new(:spec)
7
+
8
+ task default: :spec
data/bin/console ADDED
@@ -0,0 +1,8 @@
1
+ #!/usr/bin/env ruby
2
+ # frozen_string_literal: true
3
+
4
+ require "bundler/setup"
5
+ require "gcp_iap_warden"
6
+
7
+ require "pry"
8
+ Pry.start
data/bin/setup ADDED
@@ -0,0 +1,8 @@
1
+ #!/usr/bin/env bash
2
+ set -euo pipefail
3
+ IFS=$'\n\t'
4
+ set -vx
5
+
6
+ bundle check || bundle install
7
+ bundle exec rspec
8
+ bundle exec rubocop
data/docker-compose.yml ADDED
@@ -0,0 +1,10 @@
1
+ version: '2'
2
+ services:
3
+ app:
4
+ image: ruby:2.4
5
+ working_dir: /workdir
6
+ environment:
7
+ BUNDLE_PATH: /workdir/.bundle
8
+ command: ./bin/setup
9
+ volumes:
10
+ - .:/workdir
data/gcp_iap_warden.gemspec ADDED
@@ -0,0 +1,38 @@
1
+ # frozen_string_literal: true
2
+
3
+ lib = File.expand_path("../lib", __FILE__)
4
+ $LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
5
+ require "gcp_iap_warden/version"
6
+
7
+ Gem::Specification.new do |spec| # rubocop:disable Metrics/BlockLength
8
+ spec.name = "gcp_iap_warden"
9
+ spec.version = GcpIapWarden::VERSION
10
+ spec.authors = ["Max Shytikov"]
11
+ spec.email = ["mshytikov@gmail.com"]
12
+ spec.homepage = "https://github.com/mshytikov/gcp_iap_warden"
13
+ spec.summary = "GCP Cloud IAP strategy for Warden"
14
+ spec.description = "GCP Cloud IAP strategy for Warden"
15
+ spec.license = "MIT"
16
+
17
+ spec.files = `git ls-files -z`.split("\x0").reject do |f|
18
+ f.match(%r{^(test|spec|features)/})
19
+ end
20
+ spec.bindir = "exe"
21
+ spec.executables = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
22
+ spec.require_paths = ["lib"]
23
+
24
+ spec.add_dependency "jwt", "~> 2.1.0"
25
+ spec.add_dependency "warden", "~> 1.2.0"
26
+
27
+ spec.add_development_dependency "bundler", "~> 1.16"
28
+ spec.add_development_dependency "pry", "~> 0.11.3"
29
+ spec.add_development_dependency "rack-test", "~> 0.8.0"
30
+ spec.add_development_dependency "rake", "~> 13.0"
31
+ spec.add_development_dependency "rspec", "~> 3.0"
32
+ spec.add_development_dependency "rspec-its", "~> 1.2.0"
33
+ spec.add_development_dependency "rspec-parameterized", "~> 0.4.0"
34
+ spec.add_development_dependency "rubocop", "~> 0.52.0"
35
+ spec.add_development_dependency "timecop", "~> 0.9.0"
36
+ spec.add_development_dependency "vcr", "~> 4.0.0"
37
+ spec.add_development_dependency "webmock", "~> 3.3.0"
38
+ end
data/lib/gcp_iap_warden.rb ADDED
@@ -0,0 +1,11 @@
1
+ # frozen_string_literal: true
2
+
3
+ require "warden"
4
+
5
+ require "gcp_iap_warden/version"
6
+
7
+ module GcpIapWarden
8
+ require_relative "gcp_iap_warden/utils"
9
+ require_relative "gcp_iap_warden/key_store"
10
+ require_relative "gcp_iap_warden/strategy"
11
+ end
data/lib/gcp_iap_warden/key_store.rb ADDED
@@ -0,0 +1,36 @@
1
+ # frozen_string_literal: true
2
+
3
+ require "open-uri"
4
+
5
+ module GcpIapWarden
6
+ class KeyStore
7
+ GOOGLE_PUBLIC_KEY_URL = "https://www.gstatic.com/iap/verify/public_key"
8
+
9
+ def initialize
10
+ @keys = {}
11
+ end
12
+
13
+ def fetch(key_id)
14
+ return if key_id.nil?
15
+ key = keys[key_id]
16
+ return key if key
17
+
18
+ update_keys!(key_id)
19
+ keys.fetch(key_id)
20
+ end
21
+
22
+ private
23
+
24
+ attr_accessor :keys
25
+
26
+ def update_keys!(key_id)
27
+ new_keys = load_keys
28
+ raise "Can't find key with id: #{key_id}" unless new_keys.key?(key_id)
29
+ self.keys = new_keys
30
+ end
31
+
32
+ def load_keys
33
+ ::JSON.parse(open(GOOGLE_PUBLIC_KEY_URL).read)
34
+ end
35
+ end
36
+ end
data/lib/gcp_iap_warden/strategy.rb ADDED
@@ -0,0 +1,9 @@
1
+ # frozen_string_literal: true
2
+
3
+ module GcpIapWarden
4
+ module Strategy
5
+ require_relative "strategy/base"
6
+ require_relative "strategy/google_header"
7
+ require_relative "strategy/google_jwt_header"
8
+ end
9
+ end
data/lib/gcp_iap_warden/strategy/base.rb ADDED
@@ -0,0 +1,32 @@
1
+ # frozen_string_literal: true
2
+
3
+ module GcpIapWarden::Strategy
4
+ class Base < ::Warden::Strategies::Base
5
+ class << self
6
+ attr_accessor :strategy_name
7
+ end
8
+
9
+ def store?
10
+ false
11
+ end
12
+
13
+ def valid?
14
+ gcp_iap_headers?
15
+ end
16
+
17
+ def authenticate!
18
+ success!(validate_payload(decode_payload))
19
+ rescue StandardError => e
20
+ errors.add(self.class.strategy_name, e.message)
21
+ self.fail # rubocop:disable Style/RedundantSelf
22
+ end
23
+
24
+ private
25
+
26
+ def validate_payload(payload)
27
+ raise "Invalid google email" if payload[:google_email].nil?
28
+ raise "Invalid google user id" if payload[:google_user_id].nil?
29
+ payload
30
+ end
31
+ end
32
+ end
data/lib/gcp_iap_warden/strategy/google_header.rb ADDED
@@ -0,0 +1,30 @@
1
+ # frozen_string_literal: true
2
+
3
+ module GcpIapWarden::Strategy
4
+ class GoogleHeader < Base
5
+ self.strategy_name = :gcp_iap_google_header
6
+
7
+ USER_EMAIL_HEADER = "HTTP_X_GOOG_AUTHENTICATED_USER_EMAIL"
8
+ USER_ID_HEADER = "HTTP_X_GOOG_AUTHENTICATED_USER_ID"
9
+
10
+ private
11
+
12
+ def gcp_iap_headers?
13
+ env.key?(USER_EMAIL_HEADER) && env.key?(USER_ID_HEADER)
14
+ end
15
+
16
+ def decode_payload
17
+ email_value = env.fetch(USER_EMAIL_HEADER)
18
+ user_id_value = env.fetch(USER_ID_HEADER)
19
+ {
20
+ google_email: GcpIapWarden::Utils.parse_google_value(email_value),
21
+ google_user_id: GcpIapWarden::Utils.parse_google_value(user_id_value),
22
+ }
23
+ end
24
+ end
25
+ end
26
+
27
+ ::Warden::Strategies.add(
28
+ GcpIapWarden::Strategy::GoogleHeader.strategy_name,
29
+ GcpIapWarden::Strategy::GoogleHeader
30
+ )
data/lib/gcp_iap_warden/strategy/google_jwt_header.rb ADDED
@@ -0,0 +1,81 @@
1
+ # frozen_string_literal: true
2
+
3
+ require "jwt"
4
+
5
+ module GcpIapWarden::Strategy
6
+ class GoogleJWTHeader < Base
7
+ self.strategy_name = :gcp_iap_google_jwt_header
8
+
9
+ JWT_ALG = "ES256"
10
+ JWT_ISS = "https://cloud.google.com/iap"
11
+ JWT_HEADER = "HTTP_X_GOOG_IAP_JWT_ASSERTION"
12
+
13
+ PLATFORMS = {
14
+ app_engine: "apps",
15
+ gce: "global/backendServices",
16
+ gke: "global/backendServices",
17
+ }.freeze
18
+
19
+ @key_store = GcpIapWarden::KeyStore.new
20
+
21
+ class << self
22
+ attr_accessor :jwt_options, :key_store
23
+
24
+ def config(project:, backend:, platform: :gce)
25
+ @jwt_options = {
26
+ algorithm: JWT_ALG,
27
+ verify_iss: true,
28
+ verify_iat: true,
29
+ verify_aud: true,
30
+ iss: JWT_ISS,
31
+ aud: aud(project, platform, backend),
32
+ }
33
+ end
34
+
35
+ def config_reset!
36
+ @jwt_options = nil
37
+ end
38
+
39
+ private
40
+
41
+ def aud(project, platform, backend)
42
+ platform = PLATFORMS[platform]
43
+ raise "Invalid config for project" if project.nil?
44
+ raise "Invalid config for backend" if backend.nil?
45
+ raise "Invalid config for platform" if platform.nil?
46
+ "/projects/#{project}/#{platform}/#{backend}"
47
+ end
48
+ end
49
+
50
+ private
51
+
52
+ def gcp_iap_headers?
53
+ env.key?(JWT_HEADER)
54
+ end
55
+
56
+ def decode_and_verify_jwt
57
+ options = self.class.jwt_options
58
+ raise("#{self.class} is not configured") if options.nil?
59
+ key = nil
60
+ token = env[JWT_HEADER]
61
+ payload = ::JWT.decode(token, key, true, options) do |header|
62
+ OpenSSL::PKey::EC.new(self.class.key_store.fetch(header["kid"]))
63
+ end
64
+ payload.first # take first part which has user info
65
+ end
66
+
67
+ def decode_payload
68
+ payload = decode_and_verify_jwt
69
+ raise "Invalid jwt payload" if payload.nil?
70
+ {
71
+ google_email: payload["email"],
72
+ google_user_id: GcpIapWarden::Utils.parse_google_value(payload["sub"]),
73
+ }
74
+ end
75
+ end
76
+ end
77
+
78
+ ::Warden::Strategies.add(
79
+ GcpIapWarden::Strategy::GoogleJWTHeader.strategy_name,
80
+ GcpIapWarden::Strategy::GoogleJWTHeader
81
+ )
data/lib/gcp_iap_warden/utils.rb ADDED
@@ -0,0 +1,13 @@
1
+ # frozen_string_literal: true
2
+
3
+ module GcpIapWarden::Utils
4
+ GOOGLE_VALUE_PREFIX = "accounts.google.com:"
5
+ # returns value of google headers prefixed with `accounts.google.com:`
6
+ # example:
7
+ # parse_google_value("accounts.google.com:example@gmail.com")
8
+ # => example@gmail.com
9
+ #
10
+ def self.parse_google_value(str)
11
+ str.sub(GOOGLE_VALUE_PREFIX, "") if str&.start_with?(GOOGLE_VALUE_PREFIX)
12
+ end
13
+ end
data/lib/gcp_iap_warden/version.rb ADDED
@@ -0,0 +1,5 @@
1
+ # frozen_string_literal: true
2
+
3
+ module GcpIapWarden
4
+ VERSION = "0.2.2"
5
+ end
metadata ADDED
@@ -0,0 +1,245 @@
1
+ --- !ruby/object:Gem::Specification
2
+ name: gcp_iap_warden
3
+ version: !ruby/object:Gem::Version
4
+ version: 0.2.2
5
+ platform: ruby
6
+ authors:
7
+ - Max Shytikov
8
+ autorequire:
9
+ bindir: exe
10
+ cert_chain: []
11
+ date: 2020-07-21 00:00:00.000000000 Z
12
+ dependencies:
13
+ - !ruby/object:Gem::Dependency
14
+ name: jwt
15
+ requirement: !ruby/object:Gem::Requirement
16
+ requirements:
17
+ - - "~>"
18
+ - !ruby/object:Gem::Version
19
+ version: 2.1.0
20
+ type: :runtime
21
+ prerelease: false
22
+ version_requirements: !ruby/object:Gem::Requirement
23
+ requirements:
24
+ - - "~>"
25
+ - !ruby/object:Gem::Version
26
+ version: 2.1.0
27
+ - !ruby/object:Gem::Dependency
28
+ name: warden
29
+ requirement: !ruby/object:Gem::Requirement
30
+ requirements:
31
+ - - "~>"
32
+ - !ruby/object:Gem::Version
33
+ version: 1.2.0
34
+ type: :runtime
35
+ prerelease: false
36
+ version_requirements: !ruby/object:Gem::Requirement
37
+ requirements:
38
+ - - "~>"
39
+ - !ruby/object:Gem::Version
40
+ version: 1.2.0
41
+ - !ruby/object:Gem::Dependency
42
+ name: bundler
43
+ requirement: !ruby/object:Gem::Requirement
44
+ requirements:
45
+ - - "~>"
46
+ - !ruby/object:Gem::Version
47
+ version: '1.16'
48
+ type: :development
49
+ prerelease: false
50
+ version_requirements: !ruby/object:Gem::Requirement
51
+ requirements:
52
+ - - "~>"
53
+ - !ruby/object:Gem::Version
54
+ version: '1.16'
55
+ - !ruby/object:Gem::Dependency
56
+ name: pry
57
+ requirement: !ruby/object:Gem::Requirement
58
+ requirements:
59
+ - - "~>"
60
+ - !ruby/object:Gem::Version
61
+ version: 0.11.3
62
+ type: :development
63
+ prerelease: false
64
+ version_requirements: !ruby/object:Gem::Requirement
65
+ requirements:
66
+ - - "~>"
67
+ - !ruby/object:Gem::Version
68
+ version: 0.11.3
69
+ - !ruby/object:Gem::Dependency
70
+ name: rack-test
71
+ requirement: !ruby/object:Gem::Requirement
72
+ requirements:
73
+ - - "~>"
74
+ - !ruby/object:Gem::Version
75
+ version: 0.8.0
76
+ type: :development
77
+ prerelease: false
78
+ version_requirements: !ruby/object:Gem::Requirement
79
+ requirements:
80
+ - - "~>"
81
+ - !ruby/object:Gem::Version
82
+ version: 0.8.0
83
+ - !ruby/object:Gem::Dependency
84
+ name: rake
85
+ requirement: !ruby/object:Gem::Requirement
86
+ requirements:
87
+ - - "~>"
88
+ - !ruby/object:Gem::Version
89
+ version: '13.0'
90
+ type: :development
91
+ prerelease: false
92
+ version_requirements: !ruby/object:Gem::Requirement
93
+ requirements:
94
+ - - "~>"
95
+ - !ruby/object:Gem::Version
96
+ version: '13.0'
97
+ - !ruby/object:Gem::Dependency
98
+ name: rspec
99
+ requirement: !ruby/object:Gem::Requirement
100
+ requirements:
101
+ - - "~>"
102
+ - !ruby/object:Gem::Version
103
+ version: '3.0'
104
+ type: :development
105
+ prerelease: false
106
+ version_requirements: !ruby/object:Gem::Requirement
107
+ requirements:
108
+ - - "~>"
109
+ - !ruby/object:Gem::Version
110
+ version: '3.0'
111
+ - !ruby/object:Gem::Dependency
112
+ name: rspec-its
113
+ requirement: !ruby/object:Gem::Requirement
114
+ requirements:
115
+ - - "~>"
116
+ - !ruby/object:Gem::Version
117
+ version: 1.2.0
118
+ type: :development
119
+ prerelease: false
120
+ version_requirements: !ruby/object:Gem::Requirement
121
+ requirements:
122
+ - - "~>"
123
+ - !ruby/object:Gem::Version
124
+ version: 1.2.0
125
+ - !ruby/object:Gem::Dependency
126
+ name: rspec-parameterized
127
+ requirement: !ruby/object:Gem::Requirement
128
+ requirements:
129
+ - - "~>"
130
+ - !ruby/object:Gem::Version
131
+ version: 0.4.0
132
+ type: :development
133
+ prerelease: false
134
+ version_requirements: !ruby/object:Gem::Requirement
135
+ requirements:
136
+ - - "~>"
137
+ - !ruby/object:Gem::Version
138
+ version: 0.4.0
139
+ - !ruby/object:Gem::Dependency
140
+ name: rubocop
141
+ requirement: !ruby/object:Gem::Requirement
142
+ requirements:
143
+ - - "~>"
144
+ - !ruby/object:Gem::Version
145
+ version: 0.52.0
146
+ type: :development
147
+ prerelease: false
148
+ version_requirements: !ruby/object:Gem::Requirement
149
+ requirements:
150
+ - - "~>"
151
+ - !ruby/object:Gem::Version
152
+ version: 0.52.0
153
+ - !ruby/object:Gem::Dependency
154
+ name: timecop
155
+ requirement: !ruby/object:Gem::Requirement
156
+ requirements:
157
+ - - "~>"
158
+ - !ruby/object:Gem::Version
159
+ version: 0.9.0
160
+ type: :development
161
+ prerelease: false
162
+ version_requirements: !ruby/object:Gem::Requirement
163
+ requirements:
164
+ - - "~>"
165
+ - !ruby/object:Gem::Version
166
+ version: 0.9.0
167
+ - !ruby/object:Gem::Dependency
168
+ name: vcr
169
+ requirement: !ruby/object:Gem::Requirement
170
+ requirements:
171
+ - - "~>"
172
+ - !ruby/object:Gem::Version
173
+ version: 4.0.0
174
+ type: :development
175
+ prerelease: false
176
+ version_requirements: !ruby/object:Gem::Requirement
177
+ requirements:
178
+ - - "~>"
179
+ - !ruby/object:Gem::Version
180
+ version: 4.0.0
181
+ - !ruby/object:Gem::Dependency
182
+ name: webmock
183
+ requirement: !ruby/object:Gem::Requirement
184
+ requirements:
185
+ - - "~>"
186
+ - !ruby/object:Gem::Version
187
+ version: 3.3.0
188
+ type: :development
189
+ prerelease: false
190
+ version_requirements: !ruby/object:Gem::Requirement
191
+ requirements:
192
+ - - "~>"
193
+ - !ruby/object:Gem::Version
194
+ version: 3.3.0
195
+ description: GCP Cloud IAP strategy for Warden
196
+ email:
197
+ - mshytikov@gmail.com
198
+ executables: []
199
+ extensions: []
200
+ extra_rdoc_files: []
201
+ files:
202
+ - ".gitignore"
203
+ - ".rspec"
204
+ - ".rubocop.yml"
205
+ - Gemfile
206
+ - Gemfile.lock
207
+ - LICENSE
208
+ - README.md
209
+ - Rakefile
210
+ - bin/console
211
+ - bin/setup
212
+ - docker-compose.yml
213
+ - gcp_iap_warden.gemspec
214
+ - lib/gcp_iap_warden.rb
215
+ - lib/gcp_iap_warden/key_store.rb
216
+ - lib/gcp_iap_warden/strategy.rb
217
+ - lib/gcp_iap_warden/strategy/base.rb
218
+ - lib/gcp_iap_warden/strategy/google_header.rb
219
+ - lib/gcp_iap_warden/strategy/google_jwt_header.rb
220
+ - lib/gcp_iap_warden/utils.rb
221
+ - lib/gcp_iap_warden/version.rb
222
+ homepage: https://github.com/mshytikov/gcp_iap_warden
223
+ licenses:
224
+ - MIT
225
+ metadata: {}
226
+ post_install_message:
227
+ rdoc_options: []
228
+ require_paths:
229
+ - lib
230
+ required_ruby_version: !ruby/object:Gem::Requirement
231
+ requirements:
232
+ - - ">="
233
+ - !ruby/object:Gem::Version
234
+ version: '0'
235
+ required_rubygems_version: !ruby/object:Gem::Requirement
236
+ requirements:
237
+ - - ">="
238
+ - !ruby/object:Gem::Version
239
+ version: '0'
240
+ requirements: []
241
+ rubygems_version: 3.0.1
242
+ signing_key:
243
+ specification_version: 4
244
+ summary: GCP Cloud IAP strategy for Warden
245
+ test_files: []