gcp_iap_warden 0.1.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (22) hide show
  1. checksums.yaml +7 -0
  2. data/.gitignore +12 -0
  3. data/.rspec +3 -0
  4. data/.rubocop.yml +8 -0
  5. data/Gemfile +8 -0
  6. data/Gemfile.lock +121 -0
  7. data/LICENSE +21 -0
  8. data/README.md +65 -0
  9. data/Rakefile +8 -0
  10. data/bin/console +8 -0
  11. data/bin/setup +8 -0
  12. data/docker-compose.yml +10 -0
  13. data/gcp_iap_warden.gemspec +38 -0
  14. data/lib/gcp_iap_warden.rb +11 -0
  15. data/lib/gcp_iap_warden/key_store.rb +36 -0
  16. data/lib/gcp_iap_warden/strategy.rb +9 -0
  17. data/lib/gcp_iap_warden/strategy/base.rb +32 -0
  18. data/lib/gcp_iap_warden/strategy/google_header.rb +30 -0
  19. data/lib/gcp_iap_warden/strategy/google_jwt_header.rb +68 -0
  20. data/lib/gcp_iap_warden/utils.rb +13 -0
  21. data/lib/gcp_iap_warden/version.rb +5 -0
  22. metadata +246 -0
checksums.yaml ADDED
@@ -0,0 +1,7 @@
1
+ ---
2
+ SHA256:
3
+ metadata.gz: 83f02c74294dd4ad8b16a61d661b374b9b5f0871ba811982c28e40a7ef431e8c
4
+ data.tar.gz: 686417b87b73fbb4668401cc26e70f5ae53fdfa10ecffcc63d20d37181f50167
5
+ SHA512:
6
+ metadata.gz: b8b845d6cbb4b4f222b9d5bab185ecc6ab88f976e198a4399b42e520ae5ba2339e26dec7b17fbd89f6df2fbf667b15994d71ced5c1c25844db6c7ea193b8c553
7
+ data.tar.gz: e09b14ef8bd976162da13035cca66f99de2b24eb5f74535b337086864732df1c1a0798aaf6d09ec72f8273a7de1b83d585cc6046748f3688c96444001b568dfb
data/.gitignore ADDED
@@ -0,0 +1,12 @@
1
+ /.bundle/
2
+ /.yardoc
3
+ /_yardoc/
4
+ /coverage/
5
+ /doc/
6
+ /pkg/
7
+ /spec/reports/
8
+ /tmp/
9
+
10
+ # rspec failure tracking
11
+ .rspec_status
12
+ .rubocop-https*
data/.rspec ADDED
@@ -0,0 +1,3 @@
1
+ --format documentation
2
+ --color
3
+ --require spec_helper
data/.rubocop.yml ADDED
@@ -0,0 +1,8 @@
1
+ inherit_from:
2
+ - https://raw.githubusercontent.com/bloomon/style-guide/v0.1.0/ruby/rubocop.yml
3
+
4
+ Rails:
5
+ Enabled: true
6
+
7
+ AllCops:
8
+ TargetRubyVersion: 2.4
data/Gemfile ADDED
@@ -0,0 +1,8 @@
1
+ # frozen_string_literal: true
2
+
3
+ source "https://rubygems.org"
4
+
5
+ git_source(:github) { |repo_name| "https://github.com/#{repo_name}" }
6
+
7
+ # Specify your gem's dependencies in gcp_iap_warden.gemspec
8
+ gemspec
data/Gemfile.lock ADDED
@@ -0,0 +1,121 @@
1
+ PATH
2
+ remote: .
3
+ specs:
4
+ gcp_iap_warden (0.1.0)
5
+ jwt (~> 2.1.0)
6
+ warden (~> 1.2.0)
7
+
8
+ GEM
9
+ remote: https://rubygems.org/
10
+ specs:
11
+ abstract_type (0.0.7)
12
+ adamantium (0.2.0)
13
+ ice_nine (~> 0.11.0)
14
+ memoizable (~> 0.4.0)
15
+ addressable (2.5.2)
16
+ public_suffix (>= 2.0.2, < 4.0)
17
+ ast (2.3.0)
18
+ binding_of_caller (0.8.0)
19
+ debug_inspector (>= 0.0.1)
20
+ coderay (1.1.2)
21
+ concord (0.1.5)
22
+ adamantium (~> 0.2.0)
23
+ equalizer (~> 0.0.9)
24
+ crack (0.4.3)
25
+ safe_yaml (~> 1.0.0)
26
+ debug_inspector (0.0.3)
27
+ diff-lcs (1.3)
28
+ equalizer (0.0.11)
29
+ hashdiff (0.3.7)
30
+ ice_nine (0.11.2)
31
+ jwt (2.1.0)
32
+ memoizable (0.4.2)
33
+ thread_safe (~> 0.3, >= 0.3.1)
34
+ method_source (0.9.0)
35
+ parallel (1.12.1)
36
+ parser (2.4.0.2)
37
+ ast (~> 2.3)
38
+ powerpack (0.1.1)
39
+ proc_to_ast (0.1.0)
40
+ coderay
41
+ parser
42
+ unparser
43
+ procto (0.0.3)
44
+ pry (0.11.3)
45
+ coderay (~> 1.1.0)
46
+ method_source (~> 0.9.0)
47
+ public_suffix (3.0.1)
48
+ rack (2.0.3)
49
+ rack-test (0.8.2)
50
+ rack (>= 1.0, < 3)
51
+ rainbow (3.0.0)
52
+ rake (10.5.0)
53
+ rspec (3.7.0)
54
+ rspec-core (~> 3.7.0)
55
+ rspec-expectations (~> 3.7.0)
56
+ rspec-mocks (~> 3.7.0)
57
+ rspec-core (3.7.1)
58
+ rspec-support (~> 3.7.0)
59
+ rspec-expectations (3.7.0)
60
+ diff-lcs (>= 1.2.0, < 2.0)
61
+ rspec-support (~> 3.7.0)
62
+ rspec-its (1.2.0)
63
+ rspec-core (>= 3.0.0)
64
+ rspec-expectations (>= 3.0.0)
65
+ rspec-mocks (3.7.0)
66
+ diff-lcs (>= 1.2.0, < 2.0)
67
+ rspec-support (~> 3.7.0)
68
+ rspec-parameterized (0.4.0)
69
+ binding_of_caller
70
+ parser
71
+ proc_to_ast
72
+ rspec (>= 2.13, < 4)
73
+ unparser
74
+ rspec-support (3.7.0)
75
+ rubocop (0.52.1)
76
+ parallel (~> 1.10)
77
+ parser (>= 2.4.0.2, < 3.0)
78
+ powerpack (~> 0.1)
79
+ rainbow (>= 2.2.2, < 4.0)
80
+ ruby-progressbar (~> 1.7)
81
+ unicode-display_width (~> 1.0, >= 1.0.1)
82
+ ruby-progressbar (1.9.0)
83
+ safe_yaml (1.0.4)
84
+ thread_safe (0.3.6)
85
+ timecop (0.9.1)
86
+ unicode-display_width (1.3.0)
87
+ unparser (0.2.6)
88
+ abstract_type (~> 0.0.7)
89
+ adamantium (~> 0.2.0)
90
+ concord (~> 0.1.5)
91
+ diff-lcs (~> 1.3)
92
+ equalizer (~> 0.0.9)
93
+ parser (>= 2.3.1.2, < 2.5)
94
+ procto (~> 0.0.2)
95
+ vcr (4.0.0)
96
+ warden (1.2.7)
97
+ rack (>= 1.0)
98
+ webmock (3.3.0)
99
+ addressable (>= 2.3.6)
100
+ crack (>= 0.3.2)
101
+ hashdiff
102
+
103
+ PLATFORMS
104
+ ruby
105
+
106
+ DEPENDENCIES
107
+ bundler (~> 1.16)
108
+ gcp_iap_warden!
109
+ pry (~> 0.11.3)
110
+ rack-test (~> 0.8.0)
111
+ rake (~> 10.0)
112
+ rspec (~> 3.0)
113
+ rspec-its (~> 1.2.0)
114
+ rspec-parameterized (~> 0.4.0)
115
+ rubocop (~> 0.52.0)
116
+ timecop (~> 0.9.0)
117
+ vcr (~> 4.0.0)
118
+ webmock (~> 3.3.0)
119
+
120
+ BUNDLED WITH
121
+ 1.16.1
data/LICENSE ADDED
@@ -0,0 +1,21 @@
1
+ MIT License
2
+
3
+ Copyright (c) 2018 Bloomon
4
+
5
+ Permission is hereby granted, free of charge, to any person obtaining a copy
6
+ of this software and associated documentation files (the "Software"), to deal
7
+ in the Software without restriction, including without limitation the rights
8
+ to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
9
+ copies of the Software, and to permit persons to whom the Software is
10
+ furnished to do so, subject to the following conditions:
11
+
12
+ The above copyright notice and this permission notice shall be included in all
13
+ copies or substantial portions of the Software.
14
+
15
+ THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
16
+ IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
17
+ FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
18
+ AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
19
+ LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
20
+ OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
21
+ SOFTWARE.
data/README.md ADDED
@@ -0,0 +1,65 @@
1
+ # GCP IAP Warden
2
+
3
+ Google Cloud [Cloud Identity-Aware Proxy](https://cloud.google.com/iap/)
4
+ strategies for [Warden](https://github.com/hassox/warden)
5
+
6
+ ## Usage
7
+
8
+ Below is just an example for ussage with rails.
9
+ But you can easily reuse the code for you rack based app.
10
+
11
+ Read more about Warden [here](https://github.com/hassox/warden/wiki)
12
+
13
+ You may have use different strategies:
14
+ `gcp_iap_google_jwt_header` or `gcp_iap_google_header`
15
+
16
+ Recommended is `gcp_iap_google_jwt_header` read more [here](https://cloud.google.com/iap/docs/signed-headers-howto)
17
+
18
+ Initialize the warden with something like
19
+
20
+ ```
21
+ # ./config/initializers/warden.rb
22
+
23
+ require "gcp_iap_warden"
24
+
25
+ GcpIapWarden::Strategy::GoogleJWTHeader.config(
26
+ project: ENV.fetch("GCP_PROJECT_ID"),
27
+ backend: ENV.fetch("GCP_BACKEND_ID")
28
+ )
29
+
30
+ Rails.application.config.middleware.insert_after(
31
+ ActionDispatch::Session::CookieStore, Warden::Manager
32
+ ) do |manager|
33
+ manager.default_strategies :gcp_iap_google_jwt_header
34
+ manager.failure_app = UnauthorizedController
35
+ end
36
+ ```
37
+
38
+ Your `UnauthorizedController` may look like
39
+
40
+ ```
41
+ # app/controllers/unauthorized_controller.rb
42
+
43
+ class UnauthorizedController < ActionController::Metal
44
+ def self.call(env)
45
+ env["warden"].errors.each do |message|
46
+ Rails.logger.warn("[unauthorized] reason: #{message}")
47
+ end
48
+ @respond ||= action(:respond)
49
+ @respond.call(env)
50
+ end
51
+
52
+ def respond
53
+ self.response_body = "Unauthorized Action"
54
+ self.status = :unauthorized
55
+ end
56
+ end
57
+ ```
58
+
59
+ ## Development
60
+
61
+ Setup and run tests
62
+
63
+ ```
64
+ docker-compose run --rm app ./bin/setup
65
+ ```
data/Rakefile ADDED
@@ -0,0 +1,8 @@
1
+ # frozen_string_literal: true
2
+
3
+ require "bundler/gem_tasks"
4
+ require "rspec/core/rake_task"
5
+
6
+ RSpec::Core::RakeTask.new(:spec)
7
+
8
+ task default: :spec
data/bin/console ADDED
@@ -0,0 +1,8 @@
1
+ #!/usr/bin/env ruby
2
+ # frozen_string_literal: true
3
+
4
+ require "bundler/setup"
5
+ require "gcp_iap_warden"
6
+
7
+ require "pry"
8
+ Pry.start
data/bin/setup ADDED
@@ -0,0 +1,8 @@
1
+ #!/usr/bin/env bash
2
+ set -euo pipefail
3
+ IFS=$'\n\t'
4
+ set -vx
5
+
6
+ bundle check || bundle install
7
+ bundle exec rspec
8
+ bundle exec rubocop
data/docker-compose.yml ADDED
@@ -0,0 +1,10 @@
1
+ version: '2'
2
+ services:
3
+ app:
4
+ image: ruby:2.4
5
+ working_dir: /workdir
6
+ environment:
7
+ BUNDLE_PATH: /workdir/.bundle
8
+ command: ./bin/setup
9
+ volumes:
10
+ - .:/workdir
data/gcp_iap_warden.gemspec ADDED
@@ -0,0 +1,38 @@
1
+ # frozen_string_literal: true
2
+
3
+ lib = File.expand_path("../lib", __FILE__)
4
+ $LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
5
+ require "gcp_iap_warden/version"
6
+
7
+ Gem::Specification.new do |spec| # rubocop:disable Metrics/BlockLength
8
+ spec.name = "gcp_iap_warden"
9
+ spec.version = GcpIapWarden::VERSION
10
+ spec.authors = ["Max Shytikov"]
11
+ spec.email = ["mshytikov@gmail.com"]
12
+ spec.homepage = "https://github.com/mshytikov/gcp_iap_warden"
13
+ spec.summary = "GCP Cloud IAP strategy for Warden"
14
+ spec.description = "GCP Cloud IAP strategy for Warden"
15
+ spec.license = "MIT"
16
+
17
+ spec.files = `git ls-files -z`.split("\x0").reject do |f|
18
+ f.match(%r{^(test|spec|features)/})
19
+ end
20
+ spec.bindir = "exe"
21
+ spec.executables = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
22
+ spec.require_paths = ["lib"]
23
+
24
+ spec.add_dependency "jwt", "~> 2.1.0"
25
+ spec.add_dependency "warden", "~> 1.2.0"
26
+
27
+ spec.add_development_dependency "bundler", "~> 1.16"
28
+ spec.add_development_dependency "pry", "~> 0.11.3"
29
+ spec.add_development_dependency "rack-test", "~> 0.8.0"
30
+ spec.add_development_dependency "rake", "~> 10.0"
31
+ spec.add_development_dependency "rspec", "~> 3.0"
32
+ spec.add_development_dependency "rspec-its", "~> 1.2.0"
33
+ spec.add_development_dependency "rspec-parameterized", "~> 0.4.0"
34
+ spec.add_development_dependency "rubocop", "~> 0.52.0"
35
+ spec.add_development_dependency "timecop", "~> 0.9.0"
36
+ spec.add_development_dependency "vcr", "~> 4.0.0"
37
+ spec.add_development_dependency "webmock", "~> 3.3.0"
38
+ end
data/lib/gcp_iap_warden.rb ADDED
@@ -0,0 +1,11 @@
1
+ # frozen_string_literal: true
2
+
3
+ require "warden"
4
+
5
+ require "gcp_iap_warden/version"
6
+
7
+ module GcpIapWarden
8
+ require_relative "gcp_iap_warden/utils"
9
+ require_relative "gcp_iap_warden/key_store"
10
+ require_relative "gcp_iap_warden/strategy"
11
+ end
data/lib/gcp_iap_warden/key_store.rb ADDED
@@ -0,0 +1,36 @@
1
+ # frozen_string_literal: true
2
+
3
+ require "open-uri"
4
+
5
+ module GcpIapWarden
6
+ class KeyStore
7
+ GOOGLE_PUBLIC_KEY_URL = "https://www.gstatic.com/iap/verify/public_key"
8
+
9
+ def initialize
10
+ @keys = {}
11
+ end
12
+
13
+ def fetch(key_id)
14
+ return if key_id.nil?
15
+ key = keys[key_id]
16
+ return key if key
17
+
18
+ update_keys!(key_id)
19
+ keys.fetch(key_id)
20
+ end
21
+
22
+ private
23
+
24
+ attr_accessor :keys
25
+
26
+ def update_keys!(key_id)
27
+ new_keys = load_keys
28
+ raise "Can't find key with id: #{key_id}" unless new_keys.key?(key_id)
29
+ self.keys = new_keys
30
+ end
31
+
32
+ def load_keys
33
+ ::JSON.parse(open(GOOGLE_PUBLIC_KEY_URL).read)
34
+ end
35
+ end
36
+ end
data/lib/gcp_iap_warden/strategy.rb ADDED
@@ -0,0 +1,9 @@
1
+ # frozen_string_literal: true
2
+
3
+ module GcpIapWarden
4
+ module Strategy
5
+ require_relative "strategy/base"
6
+ require_relative "strategy/google_header"
7
+ require_relative "strategy/google_jwt_header"
8
+ end
9
+ end
data/lib/gcp_iap_warden/strategy/base.rb ADDED
@@ -0,0 +1,32 @@
1
+ # frozen_string_literal: true
2
+
3
+ module GcpIapWarden::Strategy
4
+ class Base < ::Warden::Strategies::Base
5
+ class << self
6
+ attr_accessor :strategy_name
7
+ end
8
+
9
+ def store?
10
+ false
11
+ end
12
+
13
+ def valid?
14
+ gcp_iap_headers?
15
+ end
16
+
17
+ def authenticate!
18
+ success!(validate_payload(decode_payload))
19
+ rescue StandardError => e
20
+ errors.add(self.class.strategy_name, e.message)
21
+ self.fail # rubocop:disable Style/RedundantSelf
22
+ end
23
+
24
+ private
25
+
26
+ def validate_payload(payload)
27
+ raise "Invalid google email" if payload[:google_email].nil?
28
+ raise "Invalid google user id" if payload[:google_user_id].nil?
29
+ payload
30
+ end
31
+ end
32
+ end
data/lib/gcp_iap_warden/strategy/google_header.rb ADDED
@@ -0,0 +1,30 @@
1
+ # frozen_string_literal: true
2
+
3
+ module GcpIapWarden::Strategy
4
+ class GoogleHeader < Base
5
+ self.strategy_name = :gcp_iap_google_header
6
+
7
+ USER_EMAIL_HEADER = "HTTP_X_GOOG_AUTHENTICATED_USER_EMAIL"
8
+ USER_ID_HEADER = "HTTP_X_GOOG_AUTHENTICATED_USER_ID"
9
+
10
+ private
11
+
12
+ def gcp_iap_headers?
13
+ env.key?(USER_EMAIL_HEADER) && env.key?(USER_ID_HEADER)
14
+ end
15
+
16
+ def decode_payload
17
+ email_value = env.fetch(USER_EMAIL_HEADER)
18
+ user_id_value = env.fetch(USER_ID_HEADER)
19
+ {
20
+ google_email: GcpIapWarden::Utils.parse_google_value(email_value),
21
+ google_user_id: GcpIapWarden::Utils.parse_google_value(user_id_value),
22
+ }
23
+ end
24
+ end
25
+ end
26
+
27
+ ::Warden::Strategies.add(
28
+ GcpIapWarden::Strategy::GoogleHeader.strategy_name,
29
+ GcpIapWarden::Strategy::GoogleHeader
30
+ )
data/lib/gcp_iap_warden/strategy/google_jwt_header.rb ADDED
@@ -0,0 +1,68 @@
1
+ # frozen_string_literal: true
2
+
3
+ require "jwt"
4
+
5
+ module GcpIapWarden::Strategy
6
+ class GoogleJWTHeader < Base
7
+ self.strategy_name = :gcp_iap_google_jwt_header
8
+
9
+ JWT_ALG = "ES256"
10
+ JWT_ISS = "https://cloud.google.com/iap"
11
+ JWT_HEADER = "HTTP_X_GOOG_IAP_JWT_ASSERTION"
12
+
13
+ @key_store = GcpIapWarden::KeyStore.new
14
+
15
+ class << self
16
+ attr_accessor :jwt_options, :key_store
17
+
18
+ def config(project:, backend:)
19
+ raise "Invalid config for project" if project.nil?
20
+ raise "Invalid config for backend" if backend.nil?
21
+
22
+ @jwt_options = {
23
+ algorithm: JWT_ALG,
24
+ verify_iss: true,
25
+ verify_iat: true,
26
+ verify_aud: true,
27
+ iss: JWT_ISS,
28
+ aud: "/projects/#{project}/global/backendServices/#{backend}",
29
+ }
30
+ end
31
+
32
+ def config_reset!
33
+ @jwt_options = nil
34
+ end
35
+ end
36
+
37
+ private
38
+
39
+ def gcp_iap_headers?
40
+ env.key?(JWT_HEADER)
41
+ end
42
+
43
+ def decode_and_verify_jwt
44
+ options = self.class.jwt_options
45
+ raise("#{self.class} is not configured") if options.nil?
46
+ key = nil
47
+ token = env[JWT_HEADER]
48
+ payload = ::JWT.decode(token, key, true, options) do |header|
49
+ OpenSSL::PKey::EC.new(self.class.key_store.fetch(header["kid"]))
50
+ end
51
+ payload.first # take first part which has user info
52
+ end
53
+
54
+ def decode_payload
55
+ payload = decode_and_verify_jwt
56
+ raise "Invalid jwt payload" if payload.nil?
57
+ {
58
+ google_email: payload["email"],
59
+ google_user_id: GcpIapWarden::Utils.parse_google_value(payload["sub"]),
60
+ }
61
+ end
62
+ end
63
+ end
64
+
65
+ ::Warden::Strategies.add(
66
+ GcpIapWarden::Strategy::GoogleJWTHeader.strategy_name,
67
+ GcpIapWarden::Strategy::GoogleJWTHeader
68
+ )
data/lib/gcp_iap_warden/utils.rb ADDED
@@ -0,0 +1,13 @@
1
+ # frozen_string_literal: true
2
+
3
+ module GcpIapWarden::Utils
4
+ GOOGLE_VALUE_PREFIX = "accounts.google.com:"
5
+ # returns value of google headers prefixed with `accounts.google.com:`
6
+ # example:
7
+ # parse_google_value("accounts.google.com:example@gmail.com")
8
+ # => example@gmail.com
9
+ #
10
+ def self.parse_google_value(str)
11
+ str.sub(GOOGLE_VALUE_PREFIX, "") if str&.start_with?(GOOGLE_VALUE_PREFIX)
12
+ end
13
+ end
data/lib/gcp_iap_warden/version.rb ADDED
@@ -0,0 +1,5 @@
1
+ # frozen_string_literal: true
2
+
3
+ module GcpIapWarden
4
+ VERSION = "0.1.0"
5
+ end
metadata ADDED
@@ -0,0 +1,246 @@
1
+ --- !ruby/object:Gem::Specification
2
+ name: gcp_iap_warden
3
+ version: !ruby/object:Gem::Version
4
+ version: 0.1.0
5
+ platform: ruby
6
+ authors:
7
+ - Max Shytikov
8
+ autorequire:
9
+ bindir: exe
10
+ cert_chain: []
11
+ date: 2018-03-02 00:00:00.000000000 Z
12
+ dependencies:
13
+ - !ruby/object:Gem::Dependency
14
+ name: jwt
15
+ requirement: !ruby/object:Gem::Requirement
16
+ requirements:
17
+ - - "~>"
18
+ - !ruby/object:Gem::Version
19
+ version: 2.1.0
20
+ type: :runtime
21
+ prerelease: false
22
+ version_requirements: !ruby/object:Gem::Requirement
23
+ requirements:
24
+ - - "~>"
25
+ - !ruby/object:Gem::Version
26
+ version: 2.1.0
27
+ - !ruby/object:Gem::Dependency
28
+ name: warden
29
+ requirement: !ruby/object:Gem::Requirement
30
+ requirements:
31
+ - - "~>"
32
+ - !ruby/object:Gem::Version
33
+ version: 1.2.0
34
+ type: :runtime
35
+ prerelease: false
36
+ version_requirements: !ruby/object:Gem::Requirement
37
+ requirements:
38
+ - - "~>"
39
+ - !ruby/object:Gem::Version
40
+ version: 1.2.0
41
+ - !ruby/object:Gem::Dependency
42
+ name: bundler
43
+ requirement: !ruby/object:Gem::Requirement
44
+ requirements:
45
+ - - "~>"
46
+ - !ruby/object:Gem::Version
47
+ version: '1.16'
48
+ type: :development
49
+ prerelease: false
50
+ version_requirements: !ruby/object:Gem::Requirement
51
+ requirements:
52
+ - - "~>"
53
+ - !ruby/object:Gem::Version
54
+ version: '1.16'
55
+ - !ruby/object:Gem::Dependency
56
+ name: pry
57
+ requirement: !ruby/object:Gem::Requirement
58
+ requirements:
59
+ - - "~>"
60
+ - !ruby/object:Gem::Version
61
+ version: 0.11.3
62
+ type: :development
63
+ prerelease: false
64
+ version_requirements: !ruby/object:Gem::Requirement
65
+ requirements:
66
+ - - "~>"
67
+ - !ruby/object:Gem::Version
68
+ version: 0.11.3
69
+ - !ruby/object:Gem::Dependency
70
+ name: rack-test
71
+ requirement: !ruby/object:Gem::Requirement
72
+ requirements:
73
+ - - "~>"
74
+ - !ruby/object:Gem::Version
75
+ version: 0.8.0
76
+ type: :development
77
+ prerelease: false
78
+ version_requirements: !ruby/object:Gem::Requirement
79
+ requirements:
80
+ - - "~>"
81
+ - !ruby/object:Gem::Version
82
+ version: 0.8.0
83
+ - !ruby/object:Gem::Dependency
84
+ name: rake
85
+ requirement: !ruby/object:Gem::Requirement
86
+ requirements:
87
+ - - "~>"
88
+ - !ruby/object:Gem::Version
89
+ version: '10.0'
90
+ type: :development
91
+ prerelease: false
92
+ version_requirements: !ruby/object:Gem::Requirement
93
+ requirements:
94
+ - - "~>"
95
+ - !ruby/object:Gem::Version
96
+ version: '10.0'
97
+ - !ruby/object:Gem::Dependency
98
+ name: rspec
99
+ requirement: !ruby/object:Gem::Requirement
100
+ requirements:
101
+ - - "~>"
102
+ - !ruby/object:Gem::Version
103
+ version: '3.0'
104
+ type: :development
105
+ prerelease: false
106
+ version_requirements: !ruby/object:Gem::Requirement
107
+ requirements:
108
+ - - "~>"
109
+ - !ruby/object:Gem::Version
110
+ version: '3.0'
111
+ - !ruby/object:Gem::Dependency
112
+ name: rspec-its
113
+ requirement: !ruby/object:Gem::Requirement
114
+ requirements:
115
+ - - "~>"
116
+ - !ruby/object:Gem::Version
117
+ version: 1.2.0
118
+ type: :development
119
+ prerelease: false
120
+ version_requirements: !ruby/object:Gem::Requirement
121
+ requirements:
122
+ - - "~>"
123
+ - !ruby/object:Gem::Version
124
+ version: 1.2.0
125
+ - !ruby/object:Gem::Dependency
126
+ name: rspec-parameterized
127
+ requirement: !ruby/object:Gem::Requirement
128
+ requirements:
129
+ - - "~>"
130
+ - !ruby/object:Gem::Version
131
+ version: 0.4.0
132
+ type: :development
133
+ prerelease: false
134
+ version_requirements: !ruby/object:Gem::Requirement
135
+ requirements:
136
+ - - "~>"
137
+ - !ruby/object:Gem::Version
138
+ version: 0.4.0
139
+ - !ruby/object:Gem::Dependency
140
+ name: rubocop
141
+ requirement: !ruby/object:Gem::Requirement
142
+ requirements:
143
+ - - "~>"
144
+ - !ruby/object:Gem::Version
145
+ version: 0.52.0
146
+ type: :development
147
+ prerelease: false
148
+ version_requirements: !ruby/object:Gem::Requirement
149
+ requirements:
150
+ - - "~>"
151
+ - !ruby/object:Gem::Version
152
+ version: 0.52.0
153
+ - !ruby/object:Gem::Dependency
154
+ name: timecop
155
+ requirement: !ruby/object:Gem::Requirement
156
+ requirements:
157
+ - - "~>"
158
+ - !ruby/object:Gem::Version
159
+ version: 0.9.0
160
+ type: :development
161
+ prerelease: false
162
+ version_requirements: !ruby/object:Gem::Requirement
163
+ requirements:
164
+ - - "~>"
165
+ - !ruby/object:Gem::Version
166
+ version: 0.9.0
167
+ - !ruby/object:Gem::Dependency
168
+ name: vcr
169
+ requirement: !ruby/object:Gem::Requirement
170
+ requirements:
171
+ - - "~>"
172
+ - !ruby/object:Gem::Version
173
+ version: 4.0.0
174
+ type: :development
175
+ prerelease: false
176
+ version_requirements: !ruby/object:Gem::Requirement
177
+ requirements:
178
+ - - "~>"
179
+ - !ruby/object:Gem::Version
180
+ version: 4.0.0
181
+ - !ruby/object:Gem::Dependency
182
+ name: webmock
183
+ requirement: !ruby/object:Gem::Requirement
184
+ requirements:
185
+ - - "~>"
186
+ - !ruby/object:Gem::Version
187
+ version: 3.3.0
188
+ type: :development
189
+ prerelease: false
190
+ version_requirements: !ruby/object:Gem::Requirement
191
+ requirements:
192
+ - - "~>"
193
+ - !ruby/object:Gem::Version
194
+ version: 3.3.0
195
+ description: GCP Cloud IAP strategy for Warden
196
+ email:
197
+ - mshytikov@gmail.com
198
+ executables: []
199
+ extensions: []
200
+ extra_rdoc_files: []
201
+ files:
202
+ - ".gitignore"
203
+ - ".rspec"
204
+ - ".rubocop.yml"
205
+ - Gemfile
206
+ - Gemfile.lock
207
+ - LICENSE
208
+ - README.md
209
+ - Rakefile
210
+ - bin/console
211
+ - bin/setup
212
+ - docker-compose.yml
213
+ - gcp_iap_warden.gemspec
214
+ - lib/gcp_iap_warden.rb
215
+ - lib/gcp_iap_warden/key_store.rb
216
+ - lib/gcp_iap_warden/strategy.rb
217
+ - lib/gcp_iap_warden/strategy/base.rb
218
+ - lib/gcp_iap_warden/strategy/google_header.rb
219
+ - lib/gcp_iap_warden/strategy/google_jwt_header.rb
220
+ - lib/gcp_iap_warden/utils.rb
221
+ - lib/gcp_iap_warden/version.rb
222
+ homepage: https://github.com/mshytikov/gcp_iap_warden
223
+ licenses:
224
+ - MIT
225
+ metadata: {}
226
+ post_install_message:
227
+ rdoc_options: []
228
+ require_paths:
229
+ - lib
230
+ required_ruby_version: !ruby/object:Gem::Requirement
231
+ requirements:
232
+ - - ">="
233
+ - !ruby/object:Gem::Version
234
+ version: '0'
235
+ required_rubygems_version: !ruby/object:Gem::Requirement
236
+ requirements:
237
+ - - ">="
238
+ - !ruby/object:Gem::Version
239
+ version: '0'
240
+ requirements: []
241
+ rubyforge_project:
242
+ rubygems_version: 2.7.4
243
+ signing_key:
244
+ specification_version: 4
245
+ summary: GCP Cloud IAP strategy for Warden
246
+ test_files: []