grape-jwt-authentication 1.0.1 → 1.1.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
-SHA1:
-  metadata.gz: 6a78c43fa11b24e40395c34bbc802f61c6e4646c
-  data.tar.gz: ca386d7ac9298045d93e38b0c6df2c3e8ab1dcae
+SHA256:
+  metadata.gz: ff7b66cbce6da2abf8a94f05de6e1193c28609ee3603c7373a7b189f1e9b67d4
+  data.tar.gz: 29f400c994e453466570810c10c1fcc6d674074a1edf5c2a3f8d282146c3e9fa
 SHA512:
-  metadata.gz: 1b234415911e6f3f2820d9511af016e290ed4723521374913d9cb5b5e05925722a9222f48016c7f4a75f88ee30aa901aaa702f8699e86792e4ed9d58fab439c6
-  data.tar.gz: 1557a1c9a4fc4acb8cf77be68fbaf4f5417753bc5e859917508bd334e36ca9449e9c483119b009158f9d0ac4202413a372ed2c4638d45444e0e9d6ce9594139a
+  metadata.gz: 4f7b6a29dbe8c3e6fe6e230efd52605b3729757b77ad47d2ead3d27f88f022d63d0f65a4eb11cbf99c5b23490331b1489d077e5ba49c7dd876b2843d05eeb269
+  data.tar.gz: d6235df2c6853433ed4a056eb2ddddeb84a2d64355fceac52181916afd6039a61c832f4a75b2283517f5abd2b3cdd40428ee007ba83babe0cc8f54692764a189

data/.editorconfig

@@ -0,0 +1,30 @@
+# http://editorconfig.org
+root = true
+
+[*]
+indent_style = space
+indent_size = 2
+end_of_line = lf
+charset = utf-8
+trim_trailing_whitespace = true
+insert_final_newline = true
+
+[*.md]
+trim_trailing_whitespace = true
+
+[*.json]
+indent_style = space
+indent_size = 2
+
+[*.yml]
+indent_style = space
+indent_size = 2
+
+[Makefile]
+trim_trailing_whitespace = true
+indent_style = tab
+indent_size = 4
+
+[*.sh]
+indent_style = space
+indent_size = 2

data/.simplecov

@@ -0,0 +1,3 @@
+SimpleCov.start 'test_frameworks' do
+  add_filter '/vendor/bundle/'
+end

data/.travis.yml

@@ -5,9 +5,10 @@ env:
 sudo: false
 language: ruby
 rvm:
-  - 2.2
-  - 2.3
+  - 2.5
   - 2.4
+  - 2.3
+  - 2.2
 
 before_install: gem install bundler
 
@@ -15,6 +16,6 @@ before_script:
   - curl -L https://codeclimate.com/downloads/test-reporter/test-reporter-latest-linux-amd64 > ./cc-test-reporter
   - chmod +x ./cc-test-reporter
   - ./cc-test-reporter before-build
-
+script: bundle exec rake
 after_script:
   - ./cc-test-reporter after-build --exit-code $TRAVIS_TEST_RESULT

data/CHANGELOG.md

@@ -1,3 +1,8 @@
+### 1.1.0
+
+* Added the parsed and original token to the Rack environment (#2)
+  * Two new helper methods are now available to access the JWT from an API spec
+
 ### 1.0.1
 
 * First public release of the gem

data/Gemfile.lock

@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    grape-jwt-authentication (1.0.1)
+    grape-jwt-authentication (1.1.0)
       activesupport (>= 3.2.0)
       grape (~> 1.0)
       httparty
@@ -11,9 +11,9 @@ PATH
 GEM
   remote: https://rubygems.org/
   specs:
-    activesupport (5.1.4)
+    activesupport (5.2.1)
       concurrent-ruby (~> 1.0, >= 1.0.2)
-      i18n (~> 0.7)
+      i18n (>= 0.7, < 2)
       minitest (~> 5.1)
       tzinfo (~> 1.1)
     addressable (2.5.2)
@@ -33,7 +33,7 @@ GEM
     diff-lcs (1.3)
     docile (1.1.5)
     equalizer (0.0.11)
-    grape (1.0.1)
+    grape (1.1.0)
       activesupport
       builder
       mustermann-grape (~> 1.0.0)
@@ -41,16 +41,16 @@ GEM
       rack-accept
       virtus (>= 1.0.0)
     hashdiff (0.3.7)
-    httparty (0.15.6)
+    httparty (0.16.2)
       multi_xml (>= 0.5.2)
-    i18n (0.9.1)
+    i18n (1.1.1)
       concurrent-ruby (~> 1.0)
     ice_nine (0.11.2)
     json (2.1.0)
     jwt (2.1.0)
-    minitest (5.10.3)
+    minitest (5.11.3)
     multi_xml (0.6.0)
-    mustermann (1.0.1)
+    mustermann (1.0.3)
     mustermann-grape (1.0.0)
       mustermann (~> 1.0.0)
     public_suffix (3.0.1)
@@ -60,7 +60,7 @@ GEM
     rack-test (0.8.2)
       rack (>= 1.0, < 3)
     rake (10.5.0)
-    recursive-open-struct (1.0.5)
+    recursive-open-struct (1.1.0)
     rspec (3.7.0)
       rspec-core (~> 3.7.0)
       rspec-expectations (~> 3.7.0)
@@ -82,7 +82,7 @@ GEM
     simplecov-html (0.10.2)
     thread_safe (0.3.6)
     timecop (0.9.1)
-    tzinfo (1.2.4)
+    tzinfo (1.2.5)
       thread_safe (~> 0.1)
     vcr (3.0.3)
     virtus (1.0.5)
@@ -111,4 +111,4 @@ DEPENDENCIES
   webmock (~> 3.1)
 
 BUNDLED WITH
-   1.16.0
+   1.16.5

data/README.md

@@ -1,9 +1,10 @@
 ![grape-jwt-authentication](doc/assets/project.png)
 
-[![Build Status](https://api.travis-ci.org/hausgold/grape-jwt-authentication.svg)](https://travis-ci.org/hausgold/grape-jwt-authentication)
+[![Build Status](https://travis-ci.org/hausgold/grape-jwt-authentication.svg?branch=master)](https://travis-ci.org/hausgold/grape-jwt-authentication)
 [![Gem Version](https://badge.fury.io/rb/grape-jwt-authentication.svg)](https://badge.fury.io/rb/grape-jwt-authentication)
 [![Maintainability](https://api.codeclimate.com/v1/badges/446f3eff18bebff9c174/maintainability)](https://codeclimate.com/github/hausgold/grape-jwt-authentication/maintainability)
-[![Test Coverage](https://codeclimate.com/github/hausgold/grape-jwt-authentication/badges/coverage.svg)](https://codeclimate.com/github/hausgold/grape-jwt-authentication/coverage)
+[![Test Coverage](https://api.codeclimate.com/v1/badges/446f3eff18bebff9c174/test_coverage)](https://codeclimate.com/github/hausgold/grape-jwt-authentication/test_coverage)
+[![API docs](https://img.shields.io/badge/docs-API-blue.svg)](https://www.rubydoc.info/gems/grape-jwt-authentication)
 
 This gem is dedicated to easily integrate a JWT authentication to your
 [Grape](https://github.com/ruby-grape/grape) API. The real authentication
@@ -13,6 +14,7 @@ flexible on the JWT verification level.
 - [Installation](#installation)
 - [Usage](#usage)
   - [Grape API](#grape-api)
+    - [Helpers](#helpers)
   - [Configuration](#configuration)
     - [Authenticator](#authenticator)
     - [Malformed token handling](#malformed-token-handling)
@@ -72,6 +74,42 @@ module UserApi
 end
 ```
 
+#### Helpers
+
+The inclusion of the `Grape::Jwt::Authentication` inserts some helpers to
+access the parsed and original JWT. This can be handy when you need to work
+with the JWT payload or perform some extra calculations with the expiration
+date of it.  The following example demonstrated the usage of the helpers.
+
+```ruby
+module UserApi
+  class ApiV1 < Grape::API
+    # All your fancy Grape API stuff [..]
+    version 'v1', using: :path
+
+    resource :payload do
+      desc 'A JWT payload echo service.'
+      get do
+        # The parsed JWT which has an accessible payload (RecursiveOpenStruct)
+        { payload: request_jwt.payload.to_h }
+      end
+    end
+
+    resource :token do
+      desc 'A JWT echo service.'
+      get do
+        # The original JWT parsed from the HTTP authorization header
+        { token: original_request_jwt }
+      end
+    end
+
+    # Enable JWT authentication on this API
+    include Grape::Jwt::Authentication
+    auth :jwt
+  end
+end
+```
+
 ### Configuration
 
 This gem is quite customizable and flexible to fulfill your needs. You can make
@@ -376,8 +414,8 @@ end
 ## Development
 
 After checking out the repo, run `bin/setup` to install dependencies. Then, run
-`rake spec` to run the tests. You can also run `bin/console` for an interactive
-prompt that will allow you to experiment.
+`bundle exec rake spec` to run the tests. You can also run `bin/console` for an
+interactive prompt that will allow you to experiment.
 
 To install this gem onto your local machine, run `bundle exec rake install`. To
 release a new version, update the version number in `version.rb`, and then run

data/grape-jwt-authentication.gemspec

@@ -1,6 +1,6 @@
 # frozen_string_literal: true
 
-lib = File.expand_path('../lib', __FILE__)
+lib = File.expand_path('lib', __dir__)
 $LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
 require 'grape/jwt/authentication/version'
 
@@ -22,14 +22,14 @@ Gem::Specification.new do |spec|
   spec.require_paths = ['lib']
 
   spec.add_development_dependency 'bundler', '~> 1.16'
+  spec.add_development_dependency 'rack', '~> 2.0'
+  spec.add_development_dependency 'rack-test', '~> 0.8.2'
   spec.add_development_dependency 'rake', '~> 10.0'
   spec.add_development_dependency 'rspec', '~> 3.0'
   spec.add_development_dependency 'simplecov', '~> 0.15'
+  spec.add_development_dependency 'timecop', '~> 0.9.1'
   spec.add_development_dependency 'vcr', '~> 3.0'
   spec.add_development_dependency 'webmock', '~> 3.1'
-  spec.add_development_dependency 'timecop', '~> 0.9.1'
-  spec.add_development_dependency 'rack', '~> 2.0'
-  spec.add_development_dependency 'rack-test', '~> 0.8.2'
 
   spec.add_runtime_dependency 'activesupport', '>= 3.2.0'
   spec.add_runtime_dependency 'grape', '~> 1.0'

data/lib/grape/jwt/authentication.rb

@@ -58,6 +58,27 @@ module Grape
         Grape::Middleware::Auth::Strategies.add(:jwt,
                                                 JwtHandler,
                                                 ->(opts) { [opts] })
+
+        helpers do
+          # Get the parsed JWT from the authorization header of the current
+          # request. You could use it to access the payload or the expiration
+          # date, etc inside your API definition. When the authenticator stated
+          # that the validation failed, then the parsed token is +nil+.
+          #
+          # @return [Grape::Jwt::Authentication::Jwt, nil] the parsed token
+          def request_jwt
+            env['grape_jwt_auth.parsed_token']
+          end
+
+          # Get the original JWT from the authorization header of the current
+          # request, without further changes. You could use it to display a
+          # custom error or to parse it differently.
+          #
+          # @return [String] the JWT from the authorization header
+          def original_request_jwt
+            env['grape_jwt_auth.original_token']
+          end
+        end
       end
     end
   end

data/lib/grape/jwt/authentication/jwt.rb

@@ -63,6 +63,7 @@ module Grape
         def expires_at
           exp = payload.exp
           return nil unless exp
+
           Time.zone.at(exp)
         end
 

data/lib/grape/jwt/authentication/jwt_handler.rb

@@ -15,8 +15,12 @@ module Grape
         # A internal exception handling for malformed headers.
         class MalformedHeaderError < StandardError; end
 
+        # A generic JWT part, the full token contains three parts
+        # separated by a period.
+        JWT_PART_REGEX = /([a-zA-Z0-9\-_]+)?/.freeze
+
         # A common JWT validation regex which meets the RFC specs.
-        JWT_REGEX = /^[a-zA-Z0-9\-_]+?\.[a-zA-Z0-9\-_]+?\.([a-zA-Z0-9\-_]+)?$/
+        JWT_REGEX = Regexp.new("^#{([JWT_PART_REGEX] * 3).join('\.')}$").freeze
 
         # Initialize a new Rack middleware for Bearer token
         # processing.
@@ -76,12 +80,30 @@ module Grape
         def parse_token(header)
           token = header.to_s.scan(/^Bearer (.*)/).flatten.first
           raise MalformedHeaderError unless JWT_REGEX =~ token
+
           token
         end
 
+        # Inject the token to the environment as a parsed version. This allows
+        # further usage like extracting the subject from the payload when the
+        # verification was valid.
+        #
+        # @param env [Hash{String => Mixed}] the Rack environment
+        # @param token [String] the token parsed from the HTTP header
+        def inject_token_into_env(env, token)
+          env['grape_jwt_auth.parsed_token'] = Jwt.new(token)
+        rescue *Jwt::RESCUE_JWT_EXCEPTIONS
+          env['grape_jwt_auth.parsed_token'] = nil
+        ensure
+          env['grape_jwt_auth.original_token'] = token
+        end
+
         # Perform the authentication logic on the Rack compatible
         # interface.
         #
+        # @param env [Hash{String => Mixed}] the Rack environment
+        #
+        # rubocop:disable Metrics/AbcSize because thats the auth handling core
         # :reek:TooManyStatements because reek counts exception
         #                         handling as statements
         def call(env)
@@ -94,11 +116,16 @@ module Grape
           # errors, that why we invoke the formatter middleware here.
           Grape::Middleware::Formatter.new(->(_) {}).call(env)
 
-          # Parse the JWT token and give it to the user defined block
+          # Parse the JWT token from the request headers.
+          token = parse_token(env['HTTP_AUTHORIZATION'])
+
+          # Inject the parsed token to the Rack environment.
+          inject_token_into_env(env, token)
+
+          # Give the parsed token to the user defined block
           # for futher verification. The user given block MUST return
           # a positive result to allow the request to be further
           # processed, or a negative result to stop processing.
-          token = parse_token(env['HTTP_AUTHORIZATION'])
           raise AuthenticationError unless authenticator.call(token)
 
           # Looks like we are on a good path and the given token was
@@ -112,6 +139,7 @@ module Grape
           # Call the user defined failed authentication handler.
           failed_handler.call(token, @app)
         end
+        # rubocop:enable Metrics/AbcSize
       end
     end
   end

data/lib/grape/jwt/authentication/rsa_public_key.rb

@@ -61,6 +61,7 @@ module Grape
         # @return [String] The encoded public key
         def fetch_encoded_key
           raise ArgumentError, 'No URL for RsaPublicKey configured' unless url
+
           if remote?
             HTTParty.get(url).body
           else

data/lib/grape/jwt/authentication/version.rb

@@ -3,7 +3,7 @@
 module Grape
   module Jwt
     module Authentication
-      VERSION = '1.0.1'
+      VERSION = '1.1.0'.freeze
     end
   end
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: grape-jwt-authentication
 version: !ruby/object:Gem::Version
-  version: 1.0.1
+  version: 1.1.0
 platform: ruby
 authors:
 - Hermann Mayer
 autorequire: 
 bindir: exe
 cert_chain: []
-date: 2017-11-23 00:00:00.000000000 Z
+date: 2018-11-01 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler
@@ -25,49 +25,49 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '1.16'
 - !ruby/object:Gem::Dependency
-  name: rake
+  name: rack
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '10.0'
+        version: '2.0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '10.0'
+        version: '2.0'
 - !ruby/object:Gem::Dependency
-  name: rspec
+  name: rack-test
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '3.0'
+        version: 0.8.2
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '3.0'
+        version: 0.8.2
 - !ruby/object:Gem::Dependency
-  name: simplecov
+  name: rake
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '0.15'
+        version: '10.0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '0.15'
+        version: '10.0'
 - !ruby/object:Gem::Dependency
-  name: vcr
+  name: rspec
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
@@ -81,19 +81,19 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '3.0'
 - !ruby/object:Gem::Dependency
-  name: webmock
+  name: simplecov
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '3.1'
+        version: '0.15'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '3.1'
+        version: '0.15'
 - !ruby/object:Gem::Dependency
   name: timecop
   requirement: !ruby/object:Gem::Requirement
@@ -109,33 +109,33 @@ dependencies:
       - !ruby/object:Gem::Version
         version: 0.9.1
 - !ruby/object:Gem::Dependency
-  name: rack
+  name: vcr
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '2.0'
+        version: '3.0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '2.0'
+        version: '3.0'
 - !ruby/object:Gem::Dependency
-  name: rack-test
+  name: webmock
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.8.2
+        version: '3.1'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.8.2
+        version: '3.1'
 - !ruby/object:Gem::Dependency
   name: activesupport
   requirement: !ruby/object:Gem::Requirement
@@ -213,9 +213,11 @@ executables: []
 extensions: []
 extra_rdoc_files: []
 files:
+- ".editorconfig"
 - ".gitignore"
 - ".rspec"
 - ".rubocop.yml"
+- ".simplecov"
 - ".travis.yml"
 - CHANGELOG.md
 - Gemfile
@@ -254,7 +256,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubyforge_project: 
-rubygems_version: 2.6.13
+rubygems_version: 2.7.7
 signing_key: 
 specification_version: 4
 summary: A reusable Grape JWT authentication concern