grape_simple_auth 0.3.0 → 0.5.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (12) hide show
  1. checksums.yaml +4 -4
  2. data/Gemfile.lock +42 -41
  3. data/README.md +8 -2
  4. data/grape_simple_auth.gemspec +4 -4
  5. data/lib/grape_simple_auth/auth_methods/auth_methods.rb +1 -1
  6. data/lib/grape_simple_auth/auth_strategies/swagger.rb +8 -0
  7. data/lib/grape_simple_auth/errors/invalid_scope_matcher.rb +9 -0
  8. data/lib/grape_simple_auth/extension.rb +4 -3
  9. data/lib/grape_simple_auth/oauth2.rb +19 -3
  10. data/lib/grape_simple_auth/version.rb +1 -1
  11. data/lib/grape_simple_auth.rb +1 -0
  12. metadata +15 -15
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: b68d123a84af65f59b0b60725fdbd3dfc7b9929a39d61d4b44a128690e0122ec
4
- data.tar.gz: e0d237a3775a09b5a40206ee42f9c84baa61cf98209a54eb5e8c39bae464a4cf
3
+ metadata.gz: f284706ebd22652e4d0fd2afe39321cb558bf8cd3c13e040b245f30837b93ac2
4
+ data.tar.gz: 563e0dd5b540a4e8aa86615a1ed9ab3ad92bd1c9312396c7e90c38dc0386a28b
5
5
  SHA512:
6
- metadata.gz: 909788b220f755a20544bbc7d3c2a84056c17b7b9cb3282bb88ca5ae1cffa4547bc35d746d56a36ba2bfd45e6f771c856d018958d466e71662a8281588592f53
7
- data.tar.gz: 745d15bdcb80b2f3db01c62d71081ff778d4087abfd4aacc914f18aa43f677a00160fb2184ca20c80709c508bb40019a8ba42a3dcf9bed53eba3933e52fed610
6
+ metadata.gz: 6c124c991f8105fd19ef3ff8642322fe4abcddcb819c938973cd9414e656d5af20ce8c67da639ea8f649a198daec880e94f9a69870957e39162296220829026a
7
+ data.tar.gz: 23392e6693e89484c3d87d60d64add602e3cd3ecfbde0980d1df5340e9c35d9cdf791eb422c26f55e40a10a2f267dd6e54632740355ced1870787c3c426079d2
data/Gemfile.lock CHANGED
@@ -1,52 +1,57 @@
1
1
  PATH
2
2
  remote: .
3
3
  specs:
4
- grape_simple_auth (0.1.2)
5
- grape (~> 1.1.0)
6
- httparty (~> 0.16.3)
4
+ grape_simple_auth (0.5.0)
5
+ grape (~> 1.6)
6
+ httparty (~> 0.20)
7
7
 
8
8
  GEM
9
9
  remote: https://rubygems.org/
10
10
  specs:
11
- activesupport (5.2.2)
11
+ activesupport (7.0.4)
12
12
  concurrent-ruby (~> 1.0, >= 1.0.2)
13
- i18n (>= 0.7, < 2)
14
- minitest (~> 5.1)
15
- tzinfo (~> 1.1)
16
- axiom-types (0.1.1)
17
- descendants_tracker (~> 0.0.4)
18
- ice_nine (~> 0.11.0)
19
- thread_safe (~> 0.3, >= 0.3.1)
20
- builder (3.2.3)
21
- coercible (1.0.0)
22
- descendants_tracker (~> 0.0.1)
23
- concurrent-ruby (1.1.4)
24
- descendants_tracker (0.0.4)
25
- thread_safe (~> 0.3, >= 0.3.1)
13
+ i18n (>= 1.6, < 2)
14
+ minitest (>= 5.1)
15
+ tzinfo (~> 2.0)
16
+ builder (3.2.4)
17
+ concurrent-ruby (1.1.10)
26
18
  diff-lcs (1.3)
27
- equalizer (0.0.11)
28
- grape (1.1.0)
19
+ dry-core (1.0.0)
20
+ concurrent-ruby (~> 1.0)
21
+ zeitwerk (~> 2.6)
22
+ dry-inflector (1.0.0)
23
+ dry-logic (1.4.0)
24
+ concurrent-ruby (~> 1.0)
25
+ dry-core (~> 1.0, < 2)
26
+ zeitwerk (~> 2.6)
27
+ dry-types (1.7.0)
28
+ concurrent-ruby (~> 1.0)
29
+ dry-core (~> 1.0, < 2)
30
+ dry-inflector (~> 1.0, < 2)
31
+ dry-logic (>= 1.4, < 2)
32
+ zeitwerk (~> 2.6)
33
+ grape (1.6.2)
29
34
  activesupport
30
35
  builder
36
+ dry-types (>= 1.1)
31
37
  mustermann-grape (~> 1.0.0)
32
38
  rack (>= 1.3.0)
33
39
  rack-accept
34
- virtus (>= 1.0.0)
35
- httparty (0.16.3)
40
+ httparty (0.20.0)
36
41
  mime-types (~> 3.0)
37
42
  multi_xml (>= 0.5.2)
38
- i18n (1.3.0)
43
+ i18n (1.12.0)
39
44
  concurrent-ruby (~> 1.0)
40
- ice_nine (0.11.2)
41
- mime-types (3.2.2)
45
+ mime-types (3.4.1)
42
46
  mime-types-data (~> 3.2015)
43
- mime-types-data (3.2018.0812)
44
- minitest (5.11.3)
47
+ mime-types-data (3.2022.0105)
48
+ minitest (5.16.3)
45
49
  multi_xml (0.6.0)
46
- mustermann (1.0.3)
47
- mustermann-grape (1.0.0)
48
- mustermann (~> 1.0.0)
49
- rack (2.0.6)
50
+ mustermann (3.0.0)
51
+ ruby2_keywords (~> 0.0.1)
52
+ mustermann-grape (1.0.2)
53
+ mustermann (>= 1.0.0)
54
+ rack (3.0.1)
50
55
  rack-accept (0.4.5)
51
56
  rack (>= 0.4)
52
57
  rake (10.5.0)
@@ -63,23 +68,19 @@ GEM
63
68
  diff-lcs (>= 1.2.0, < 2.0)
64
69
  rspec-support (~> 3.7.0)
65
70
  rspec-support (3.7.0)
66
- thread_safe (0.3.6)
67
- tzinfo (1.2.5)
68
- thread_safe (~> 0.1)
69
- virtus (1.0.5)
70
- axiom-types (~> 0.1)
71
- coercible (~> 1.0)
72
- descendants_tracker (~> 0.0, >= 0.0.3)
73
- equalizer (~> 0.0, >= 0.0.9)
71
+ ruby2_keywords (0.0.5)
72
+ tzinfo (2.0.5)
73
+ concurrent-ruby (~> 1.0)
74
+ zeitwerk (2.6.6)
74
75
 
75
76
  PLATFORMS
76
77
  ruby
77
78
 
78
79
  DEPENDENCIES
79
- bundler (~> 1.16)
80
+ bundler (~> 2.3)
80
81
  grape_simple_auth!
81
82
  rake (~> 10.0)
82
- rspec (~> 3.0)
83
+ rspec (~> 3.7)
83
84
 
84
85
  BUNDLED WITH
85
- 1.16.4
86
+ 2.3.26
data/README.md CHANGED
@@ -62,14 +62,20 @@ end
62
62
  rescue_from GrapeSimpleAuth::Errors::InvalidScope do |e|
63
63
  error!(e, 401)
64
64
  end
65
+ rescue_from GrapeSimpleAuth::Errors::InvalidScopeMatcher do |e|
66
+ error!(e, 401)
67
+ end
65
68
  ```
66
69
 
67
70
  ### Protecting your endpoint
68
71
 
69
72
  In your endpoint you need to define which protected endpoint by adding this DSL :
70
73
 
71
- 1. `oauth2`
72
- 2. `oauth2 "email"`
74
+ 1. `oauth2` => Any scopes as long as the token is valid
75
+ 2. `oauth2 "email"` => Scope can be "email"
76
+ 3. `oauth2 "email", match: "all"` => Scope must be "email"
77
+ 4. `oauth2 "email", "phone"` Scopes can match "email" or "phone"
78
+ 5. `oauth2 "email", "phone", match: "all"` Scopes must match "email" and "phone"
73
79
 
74
80
  Example :
75
81
 
data/grape_simple_auth.gemspec CHANGED
@@ -32,9 +32,9 @@ Gem::Specification.new do |spec|
32
32
  spec.executables = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
33
33
  spec.require_paths = ["lib"]
34
34
 
35
- spec.add_development_dependency "bundler", "~> 1.16"
35
+ spec.add_development_dependency "bundler", "~> 2.3"
36
36
  spec.add_development_dependency "rake", "~> 10.0"
37
- spec.add_development_dependency "rspec", "~> 3.0"
38
- spec.add_dependency "httparty", "~> 0.16.3"
39
- spec.add_dependency "grape", "~> 1.1.0"
37
+ spec.add_development_dependency "rspec", "~> 3.7"
38
+ spec.add_dependency "httparty", "~> 0.20"
39
+ spec.add_dependency "grape", "~> 1.6"
40
40
  end
data/lib/grape_simple_auth/auth_methods/auth_methods.rb CHANGED
@@ -33,7 +33,7 @@ module GrapeSimpleAuth
33
33
  def current_user
34
34
  @_current_user
35
35
  end
36
-
36
+
37
37
  def credentials=(data)
38
38
  @credentials = JSON.parse(data.to_json, object_class: DataStruct)
39
39
  end
data/lib/grape_simple_auth/auth_strategies/swagger.rb CHANGED
@@ -22,6 +22,10 @@ module GrapeSimpleAuth
22
22
  end
23
23
  end
24
24
 
25
+ def auth_scope_match
26
+ authorization_type_oauth2_scope_match
27
+ end
28
+
25
29
  private
26
30
 
27
31
  def has_authorizations?
@@ -36,6 +40,10 @@ module GrapeSimpleAuth
36
40
  endpoint_authorizations[:oauth2]
37
41
  end
38
42
 
43
+ def authorization_type_oauth2_scope_match
44
+ endpoint_authorizations[:scope_match]
45
+ end
46
+
39
47
  def optional_oauth2
40
48
  endpoint_authorizations[:optional_oauth2]
41
49
  end
data/lib/grape_simple_auth/errors/invalid_scope_matcher.rb ADDED
@@ -0,0 +1,9 @@
1
+ module GrapeSimpleAuth
2
+ module Errors
3
+ class InvalidScopeMatcher < StandardError
4
+ def initialize msg = "match must be one of all or any"
5
+ super
6
+ end
7
+ end
8
+ end
9
+ end
data/lib/grape_simple_auth/extension.rb CHANGED
@@ -1,7 +1,7 @@
1
1
  module GrapeSimpleAuth
2
2
  module Extension
3
3
 
4
- def oauth2(*scopes)
4
+ def oauth2(*scopes, match: 'any')
5
5
  description = if respond_to?(:route_setting) # >= grape-0.10.0
6
6
  route_setting(:description) || route_setting(:description, {})
7
7
  else
@@ -9,7 +9,7 @@ module GrapeSimpleAuth
9
9
  end
10
10
 
11
11
  description[:auth] = { scopes: scopes }
12
- description[:authorizations] = { oauth2: scopes.map { |x| { scope: x } } }
12
+ description[:authorizations] = { oauth2: scopes.map { |x| { scope: x } }, scope_match: match }
13
13
  end
14
14
 
15
15
  def optional_oauth2(*scopes)
@@ -22,6 +22,7 @@ module GrapeSimpleAuth
22
22
  description[:authorizations] = { optional_oauth2: scopes.map { |x| { scope: x } } }
23
23
  end
24
24
 
25
- Grape::API.extend self
25
+ grape_api = defined?(Grape::API::Instance) ? Grape::API::Instance : Grape::API
26
+ grape_api.extend self
26
27
  end
27
28
  end
data/lib/grape_simple_auth/oauth2.rb CHANGED
@@ -51,9 +51,25 @@ module GrapeSimpleAuth
51
51
  def authorize!(*scopes)
52
52
  response = HTTParty.get(GrapeSimpleAuth.verify_url, {query: {access_token: token}})
53
53
  if response.code == 200
54
- scopes = response.parsed_response["data"]["credential"]["scopes"]
55
- unless auth_strategy.auth_scopes & scopes == auth_strategy.auth_scopes
56
- raise GrapeSimpleAuth::Errors::InvalidScope
54
+ begin
55
+ scopes = response.parsed_response["data"]["credential"]["scopes"]
56
+ rescue NoMethodError
57
+ raise GrapeSimpleAuth::Errors::InvalidToken
58
+ end
59
+ if auth_strategy.auth_scope_match == 'all'
60
+ unless auth_strategy.auth_scopes.sort && scopes.map(&:to_sym).sort == auth_strategy.auth_scopes.sort
61
+ raise GrapeSimpleAuth::Errors::InvalidScope
62
+ end
63
+ elsif auth_strategy.auth_scope_match == 'any'
64
+ if auth_strategy.auth_scopes.any?
65
+ match_any = false
66
+ scopes.map(&:to_sym).each do |scope|
67
+ match_any = true if scope.in?(auth_strategy.auth_scopes)
68
+ end
69
+ raise GrapeSimpleAuth::Errors::InvalidScope unless match_any
70
+ end
71
+ elsif auth_strategy.auth_scope_match.nil?
72
+ raise GrapeSimpleAuth::Errors::InvalidScopeMatcher
57
73
  end
58
74
  return response
59
75
  end
data/lib/grape_simple_auth/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module GrapeSimpleAuth
2
- VERSION = "0.3.0"
2
+ VERSION = "0.5.0"
3
3
  end
data/lib/grape_simple_auth.rb CHANGED
@@ -15,6 +15,7 @@ require 'grape_simple_auth/auth_methods/auth_methods'
15
15
 
16
16
  require 'grape_simple_auth/errors/invalid_token'
17
17
  require 'grape_simple_auth/errors/invalid_scope'
18
+ require 'grape_simple_auth/errors/invalid_scope_matcher'
18
19
 
19
20
  module GrapeSimpleAuth
20
21
  extend GrapeSimpleAuth::Configuration
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: grape_simple_auth
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.3.0
4
+ version: 0.5.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Yunan Helmy
8
- autorequire:
8
+ autorequire:
9
9
  bindir: exe
10
10
  cert_chain: []
11
- date: 2018-12-31 00:00:00.000000000 Z
11
+ date: 2022-11-21 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: bundler
@@ -16,14 +16,14 @@ dependencies:
16
16
  requirements:
17
17
  - - "~>"
18
18
  - !ruby/object:Gem::Version
19
- version: '1.16'
19
+ version: '2.3'
20
20
  type: :development
21
21
  prerelease: false
22
22
  version_requirements: !ruby/object:Gem::Requirement
23
23
  requirements:
24
24
  - - "~>"
25
25
  - !ruby/object:Gem::Version
26
- version: '1.16'
26
+ version: '2.3'
27
27
  - !ruby/object:Gem::Dependency
28
28
  name: rake
29
29
  requirement: !ruby/object:Gem::Requirement
@@ -44,42 +44,42 @@ dependencies:
44
44
  requirements:
45
45
  - - "~>"
46
46
  - !ruby/object:Gem::Version
47
- version: '3.0'
47
+ version: '3.7'
48
48
  type: :development
49
49
  prerelease: false
50
50
  version_requirements: !ruby/object:Gem::Requirement
51
51
  requirements:
52
52
  - - "~>"
53
53
  - !ruby/object:Gem::Version
54
- version: '3.0'
54
+ version: '3.7'
55
55
  - !ruby/object:Gem::Dependency
56
56
  name: httparty
57
57
  requirement: !ruby/object:Gem::Requirement
58
58
  requirements:
59
59
  - - "~>"
60
60
  - !ruby/object:Gem::Version
61
- version: 0.16.3
61
+ version: '0.20'
62
62
  type: :runtime
63
63
  prerelease: false
64
64
  version_requirements: !ruby/object:Gem::Requirement
65
65
  requirements:
66
66
  - - "~>"
67
67
  - !ruby/object:Gem::Version
68
- version: 0.16.3
68
+ version: '0.20'
69
69
  - !ruby/object:Gem::Dependency
70
70
  name: grape
71
71
  requirement: !ruby/object:Gem::Requirement
72
72
  requirements:
73
73
  - - "~>"
74
74
  - !ruby/object:Gem::Version
75
- version: 1.1.0
75
+ version: '1.6'
76
76
  type: :runtime
77
77
  prerelease: false
78
78
  version_requirements: !ruby/object:Gem::Requirement
79
79
  requirements:
80
80
  - - "~>"
81
81
  - !ruby/object:Gem::Version
82
- version: 1.1.0
82
+ version: '1.6'
83
83
  description: Grape Simple Auth is a Grape middleware to connect your API resources
84
84
  with your API authenticator.
85
85
  email:
@@ -108,6 +108,7 @@ files:
108
108
  - lib/grape_simple_auth/base_strategy.rb
109
109
  - lib/grape_simple_auth/configuration.rb
110
110
  - lib/grape_simple_auth/errors/invalid_scope.rb
111
+ - lib/grape_simple_auth/errors/invalid_scope_matcher.rb
111
112
  - lib/grape_simple_auth/errors/invalid_token.rb
112
113
  - lib/grape_simple_auth/extension.rb
113
114
  - lib/grape_simple_auth/helpers.rb
@@ -118,7 +119,7 @@ licenses:
118
119
  - MIT
119
120
  metadata:
120
121
  allowed_push_host: https://rubygems.org/
121
- post_install_message:
122
+ post_install_message:
122
123
  rdoc_options: []
123
124
  require_paths:
124
125
  - lib
@@ -133,9 +134,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
133
134
  - !ruby/object:Gem::Version
134
135
  version: '0'
135
136
  requirements: []
136
- rubyforge_project:
137
- rubygems_version: 2.7.7
138
- signing_key:
137
+ rubygems_version: 3.3.7
138
+ signing_key:
139
139
  specification_version: 4
140
140
  summary: Grape Simple Auth is a Grape middleware to connect your API resources with
141
141
  your API authenticator.