inst_access 0.1.0 → 0.1.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/inst_access/token.rb +17 -10
- data/spec/inst_access/token_spec.rb +22 -1
- metadata +17 -3
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 5078ae05b8177aa22350be75c165e5b8f3c2e469693544d2d6cdc88cdd725bad
|
4
|
+
data.tar.gz: 886e682197965ff3cb4af0ef81063757701b2928fa64f6d9cf93b505f5b1d150
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 0f3da43796458852625c0cee8fa0197936780f91ae4bd3cb77463b21fb2435b6db3a6f8d56fafa33a1aac856847bda1d6871d1957a75c0860d3fca482e572b2c
|
7
|
+
data.tar.gz: a7d7b5ed84a25a81a237090e24844cff252b8ab2a14fef4973cbc58ee04de265014ce04790dc02ad193edb9ca6b6251a74828bc533ae70c8b0cf001a630c9cc5
|
data/lib/inst_access/token.rb
CHANGED
@@ -50,6 +50,10 @@ module InstAccess
|
|
50
50
|
jwt_payload[:masq_shard]
|
51
51
|
end
|
52
52
|
|
53
|
+
def region
|
54
|
+
jwt_payload[:region]
|
55
|
+
end
|
56
|
+
|
53
57
|
def to_token_string
|
54
58
|
jwe = to_jws.encrypt(InstAccess.config.encryption_key, ENCRYPTION_ALGO, ENCRYPTION_METHOD)
|
55
59
|
jwe.to_s
|
@@ -74,7 +78,7 @@ module InstAccess
|
|
74
78
|
class << self
|
75
79
|
private :new
|
76
80
|
|
77
|
-
# rubocop:disable Metrics/ParameterLists
|
81
|
+
# rubocop:disable Metrics/ParameterLists
|
78
82
|
def for_user(
|
79
83
|
user_uuid: nil,
|
80
84
|
account_uuid: nil,
|
@@ -82,27 +86,30 @@ module InstAccess
|
|
82
86
|
real_user_uuid: nil,
|
83
87
|
real_user_shard_id: nil,
|
84
88
|
user_global_id: nil,
|
85
|
-
real_user_global_id: nil
|
89
|
+
real_user_global_id: nil,
|
90
|
+
region: nil
|
86
91
|
)
|
87
92
|
raise ArgumentError, 'Must provide user uuid and account uuid' if user_uuid.blank? || account_uuid.blank?
|
88
93
|
|
89
94
|
now = Time.now.to_i
|
95
|
+
|
90
96
|
payload = {
|
91
97
|
iss: ISSUER,
|
92
98
|
iat: now,
|
93
99
|
exp: now + 1.hour.to_i,
|
94
100
|
sub: user_uuid,
|
95
|
-
acct: account_uuid
|
96
|
-
|
97
|
-
|
98
|
-
|
99
|
-
|
100
|
-
|
101
|
-
|
101
|
+
acct: account_uuid,
|
102
|
+
canvas_domain: canvas_domain,
|
103
|
+
masq_sub: real_user_uuid,
|
104
|
+
masq_shard: real_user_shard_id,
|
105
|
+
debug_user_global_id: user_global_id&.to_s,
|
106
|
+
debug_masq_global_id: real_user_global_id&.to_s,
|
107
|
+
region: region
|
108
|
+
}.compact
|
102
109
|
|
103
110
|
new(payload)
|
104
111
|
end
|
105
|
-
# rubocop:enable Metrics/ParameterLists
|
112
|
+
# rubocop:enable Metrics/ParameterLists
|
106
113
|
|
107
114
|
# Takes an unencrypted (but signed) token string
|
108
115
|
def from_token_string(jws)
|
@@ -74,6 +74,7 @@ describe InstAccess::Token do
|
|
74
74
|
it 'creates an instance for the given uuids' do
|
75
75
|
id = described_class.for_user(user_uuid: 'user-uuid', account_uuid: 'acct-uuid')
|
76
76
|
expect(id.user_uuid).to eq('user-uuid')
|
77
|
+
expect(id.account_uuid).to eq('acct-uuid')
|
77
78
|
expect(id.masquerading_user_uuid).to be_nil
|
78
79
|
end
|
79
80
|
|
@@ -83,11 +84,31 @@ describe InstAccess::Token do
|
|
83
84
|
account_uuid: 'acct-uuid',
|
84
85
|
canvas_domain: 'z.instructure.com',
|
85
86
|
real_user_uuid: 'masq-id',
|
86
|
-
real_user_shard_id: 5
|
87
|
+
real_user_shard_id: 5,
|
88
|
+
region: 'us-west-2'
|
87
89
|
)
|
88
90
|
expect(id.canvas_domain).to eq('z.instructure.com')
|
89
91
|
expect(id.masquerading_user_uuid).to eq('masq-id')
|
90
92
|
expect(id.masquerading_user_shard_id).to eq(5)
|
93
|
+
expect(id.region).to eq('us-west-2')
|
94
|
+
end
|
95
|
+
|
96
|
+
it 'includes global id debug info if given' do
|
97
|
+
id = described_class.for_user(
|
98
|
+
user_uuid: 'user-uuid',
|
99
|
+
account_uuid: 'acct-uuid',
|
100
|
+
user_global_id: 10_000_000_000_123,
|
101
|
+
real_user_global_id: 10_000_000_000_456
|
102
|
+
)
|
103
|
+
|
104
|
+
expect(id.jwt_payload[:debug_user_global_id]).to eq('10000000000123')
|
105
|
+
expect(id.jwt_payload[:debug_masq_global_id]).to eq('10000000000456')
|
106
|
+
end
|
107
|
+
|
108
|
+
it 'omits global id debug info if not given' do
|
109
|
+
id = described_class.for_user(user_uuid: 'user-uuid', account_uuid: 'acct-uuid')
|
110
|
+
expect(id.jwt_payload.keys).not_to include(:debug_user_global_id)
|
111
|
+
expect(id.jwt_payload.keys).not_to include(:debug_masq_global_id)
|
91
112
|
end
|
92
113
|
end
|
93
114
|
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: inst_access
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.1.
|
4
|
+
version: 0.1.1
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Michael Ziwisky
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2021-11-
|
11
|
+
date: 2021-11-18 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: activesupport
|
@@ -94,6 +94,20 @@ dependencies:
|
|
94
94
|
- - "~>"
|
95
95
|
- !ruby/object:Gem::Version
|
96
96
|
version: 1.8.1
|
97
|
+
- !ruby/object:Gem::Dependency
|
98
|
+
name: rubocop-ast
|
99
|
+
requirement: !ruby/object:Gem::Requirement
|
100
|
+
requirements:
|
101
|
+
- - ">="
|
102
|
+
- !ruby/object:Gem::Version
|
103
|
+
version: '0'
|
104
|
+
type: :development
|
105
|
+
prerelease: false
|
106
|
+
version_requirements: !ruby/object:Gem::Requirement
|
107
|
+
requirements:
|
108
|
+
- - ">="
|
109
|
+
- !ruby/object:Gem::Version
|
110
|
+
version: '0'
|
97
111
|
- !ruby/object:Gem::Dependency
|
98
112
|
name: simplecov
|
99
113
|
requirement: !ruby/object:Gem::Requirement
|
@@ -170,7 +184,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
170
184
|
- !ruby/object:Gem::Version
|
171
185
|
version: '0'
|
172
186
|
requirements: []
|
173
|
-
rubygems_version: 3.
|
187
|
+
rubygems_version: 3.2.15
|
174
188
|
signing_key:
|
175
189
|
specification_version: 4
|
176
190
|
summary: Generation, parsing, and validation of Instructure access tokens
|