iap-verifier 0.1.1 → 1.0.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +5 -5
- data/lib/rack/iap_verifier.rb +18 -9
- metadata +14 -14
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
|
-
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
2
|
+
SHA256:
|
3
|
+
metadata.gz: fceb7ebeab21bcdc0a3524d264cabbf9cdf08cb24722578579f955f0479a30c6
|
4
|
+
data.tar.gz: c4d109dbb1148f5eac052d5efb5786f2e2e688974bd03a26644c1ba1e3891089
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: ff56babfe74a9b96452f8a09250d9e3d42aabaf73386fd4f5a7069c90a7375d6f97261a3174bbb1867a8eee656be3bd522ee66b294a0ef4a990307ec54248171
|
7
|
+
data.tar.gz: c36b35f0a8cf8cd46960616b9353f5ababfcb22a504e07771dc406bfd2d27748d4b71601624ae4f154b5726a00b19b5a4512e42fc3d351aff2c84f8513abaca0
|
data/lib/rack/iap_verifier.rb
CHANGED
@@ -9,14 +9,16 @@ module Rack
|
|
9
9
|
PUBLIC_KEYS_ENDPOINT = 'https://www.gstatic.com/iap/verify/public_key'.freeze
|
10
10
|
ISSUER = 'https://cloud.google.com/iap'.freeze
|
11
11
|
|
12
|
-
def initialize(app, audience
|
12
|
+
def initialize(app, audience, skip_localhost = false, skip_paths = [])
|
13
13
|
@app = app
|
14
14
|
@audience = audience
|
15
|
+
@skip_localhost = skip_localhost
|
16
|
+
@skip_paths = skip_paths
|
15
17
|
@public_keys = {}
|
16
18
|
end
|
17
19
|
|
18
20
|
def call(env)
|
19
|
-
if valid_jwt?(env[HEADER_NAME])
|
21
|
+
if skip_localhost?(env) || skip_path?(env) || valid_jwt?(env[HEADER_NAME])
|
20
22
|
app.call(env)
|
21
23
|
else
|
22
24
|
[403, {}, []]
|
@@ -25,7 +27,15 @@ module Rack
|
|
25
27
|
|
26
28
|
private
|
27
29
|
|
28
|
-
attr_reader :app, :public_keys, :audience
|
30
|
+
attr_reader :app, :public_keys, :audience, :skip_localhost, :skip_paths
|
31
|
+
|
32
|
+
def skip_localhost?(env)
|
33
|
+
skip_localhost && env['REMOTE_ADDR'] == '127.0.0.1'
|
34
|
+
end
|
35
|
+
|
36
|
+
def skip_path?(env)
|
37
|
+
skip_paths.include?(env['PATH_INFO'])
|
38
|
+
end
|
29
39
|
|
30
40
|
def valid_jwt?(token)
|
31
41
|
return false unless token
|
@@ -34,12 +44,11 @@ module Rack
|
|
34
44
|
return false unless key
|
35
45
|
|
36
46
|
!!JWT.decode(token, key, true,
|
37
|
-
|
38
|
-
|
39
|
-
|
40
|
-
|
41
|
-
|
42
|
-
)
|
47
|
+
aud: @audience,
|
48
|
+
verify_aud: true,
|
49
|
+
iss: ISSUER,
|
50
|
+
verify_iss: true,
|
51
|
+
algorithm: ALGORITHM)
|
43
52
|
rescue JWT::DecodeError
|
44
53
|
false
|
45
54
|
end
|
metadata
CHANGED
@@ -1,15 +1,16 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: iap-verifier
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 1.0.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- dawid.janczak@yourgolftravel.com
|
8
8
|
- kwasi.appiah@yourgolftravel.com
|
9
|
-
|
9
|
+
- tom.omara@yourgolftravel.com
|
10
|
+
autorequire:
|
10
11
|
bindir: bin
|
11
12
|
cert_chain: []
|
12
|
-
date:
|
13
|
+
date: 2022-02-15 00:00:00.000000000 Z
|
13
14
|
dependencies:
|
14
15
|
- !ruby/object:Gem::Dependency
|
15
16
|
name: rack
|
@@ -71,28 +72,28 @@ dependencies:
|
|
71
72
|
name: jwt
|
72
73
|
requirement: !ruby/object:Gem::Requirement
|
73
74
|
requirements:
|
74
|
-
- - "
|
75
|
+
- - "~>"
|
75
76
|
- !ruby/object:Gem::Version
|
76
|
-
version:
|
77
|
+
version: '2.0'
|
77
78
|
type: :runtime
|
78
79
|
prerelease: false
|
79
80
|
version_requirements: !ruby/object:Gem::Requirement
|
80
81
|
requirements:
|
81
|
-
- - "
|
82
|
+
- - "~>"
|
82
83
|
- !ruby/object:Gem::Version
|
83
|
-
version:
|
84
|
-
description:
|
85
|
-
email:
|
84
|
+
version: '2.0'
|
85
|
+
description:
|
86
|
+
email:
|
86
87
|
executables: []
|
87
88
|
extensions: []
|
88
89
|
extra_rdoc_files: []
|
89
90
|
files:
|
90
91
|
- lib/iap-verifier.rb
|
91
92
|
- lib/rack/iap_verifier.rb
|
92
|
-
homepage:
|
93
|
+
homepage:
|
93
94
|
licenses: []
|
94
95
|
metadata: {}
|
95
|
-
post_install_message:
|
96
|
+
post_install_message:
|
96
97
|
rdoc_options: []
|
97
98
|
require_paths:
|
98
99
|
- lib
|
@@ -107,9 +108,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
107
108
|
- !ruby/object:Gem::Version
|
108
109
|
version: '0'
|
109
110
|
requirements: []
|
110
|
-
|
111
|
-
|
112
|
-
signing_key:
|
111
|
+
rubygems_version: 3.1.2
|
112
|
+
signing_key:
|
113
113
|
specification_version: 4
|
114
114
|
summary: IAP Verifier middleware
|
115
115
|
test_files: []
|