inst_access 0.1.0 → 0.1.2
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/inst_access/token.rb +17 -10
- data/spec/inst_access/token_spec.rb +22 -1
- metadata +25 -11
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 12fea04283e0ab7de90ccba958ea4b9493609a13ee76348f82cd7ba3d7130c05
|
4
|
+
data.tar.gz: aa5acc71501312bd6e2a565e54f34165a52452834afe0f9839a2042468edac69
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 7ec774b0de8614005a076ebb1446276ddc207d58f709d74acefa9edbffb5bcf17454e4be6e13e41e8cc1f227bae5e5c646d30aec67ca20f89d936f6fdf2086c5
|
7
|
+
data.tar.gz: c50c9bf65142c3e72b10eefb55cd658ccfac651f64e98dbb8c4103f301a4edf3effdedfcac5cdb74009274e282186179b9be30d6e416a08978a670a7444d66db
|
data/lib/inst_access/token.rb
CHANGED
@@ -50,6 +50,10 @@ module InstAccess
|
|
50
50
|
jwt_payload[:masq_shard]
|
51
51
|
end
|
52
52
|
|
53
|
+
def region
|
54
|
+
jwt_payload[:region]
|
55
|
+
end
|
56
|
+
|
53
57
|
def to_token_string
|
54
58
|
jwe = to_jws.encrypt(InstAccess.config.encryption_key, ENCRYPTION_ALGO, ENCRYPTION_METHOD)
|
55
59
|
jwe.to_s
|
@@ -74,7 +78,7 @@ module InstAccess
|
|
74
78
|
class << self
|
75
79
|
private :new
|
76
80
|
|
77
|
-
# rubocop:disable Metrics/ParameterLists
|
81
|
+
# rubocop:disable Metrics/ParameterLists
|
78
82
|
def for_user(
|
79
83
|
user_uuid: nil,
|
80
84
|
account_uuid: nil,
|
@@ -82,27 +86,30 @@ module InstAccess
|
|
82
86
|
real_user_uuid: nil,
|
83
87
|
real_user_shard_id: nil,
|
84
88
|
user_global_id: nil,
|
85
|
-
real_user_global_id: nil
|
89
|
+
real_user_global_id: nil,
|
90
|
+
region: nil
|
86
91
|
)
|
87
92
|
raise ArgumentError, 'Must provide user uuid and account uuid' if user_uuid.blank? || account_uuid.blank?
|
88
93
|
|
89
94
|
now = Time.now.to_i
|
95
|
+
|
90
96
|
payload = {
|
91
97
|
iss: ISSUER,
|
92
98
|
iat: now,
|
93
99
|
exp: now + 1.hour.to_i,
|
94
100
|
sub: user_uuid,
|
95
|
-
acct: account_uuid
|
96
|
-
|
97
|
-
|
98
|
-
|
99
|
-
|
100
|
-
|
101
|
-
|
101
|
+
acct: account_uuid,
|
102
|
+
canvas_domain: canvas_domain,
|
103
|
+
masq_sub: real_user_uuid,
|
104
|
+
masq_shard: real_user_shard_id,
|
105
|
+
debug_user_global_id: user_global_id&.to_s,
|
106
|
+
debug_masq_global_id: real_user_global_id&.to_s,
|
107
|
+
region: region
|
108
|
+
}.compact
|
102
109
|
|
103
110
|
new(payload)
|
104
111
|
end
|
105
|
-
# rubocop:enable Metrics/ParameterLists
|
112
|
+
# rubocop:enable Metrics/ParameterLists
|
106
113
|
|
107
114
|
# Takes an unencrypted (but signed) token string
|
108
115
|
def from_token_string(jws)
|
@@ -74,6 +74,7 @@ describe InstAccess::Token do
|
|
74
74
|
it 'creates an instance for the given uuids' do
|
75
75
|
id = described_class.for_user(user_uuid: 'user-uuid', account_uuid: 'acct-uuid')
|
76
76
|
expect(id.user_uuid).to eq('user-uuid')
|
77
|
+
expect(id.account_uuid).to eq('acct-uuid')
|
77
78
|
expect(id.masquerading_user_uuid).to be_nil
|
78
79
|
end
|
79
80
|
|
@@ -83,11 +84,31 @@ describe InstAccess::Token do
|
|
83
84
|
account_uuid: 'acct-uuid',
|
84
85
|
canvas_domain: 'z.instructure.com',
|
85
86
|
real_user_uuid: 'masq-id',
|
86
|
-
real_user_shard_id: 5
|
87
|
+
real_user_shard_id: 5,
|
88
|
+
region: 'us-west-2'
|
87
89
|
)
|
88
90
|
expect(id.canvas_domain).to eq('z.instructure.com')
|
89
91
|
expect(id.masquerading_user_uuid).to eq('masq-id')
|
90
92
|
expect(id.masquerading_user_shard_id).to eq(5)
|
93
|
+
expect(id.region).to eq('us-west-2')
|
94
|
+
end
|
95
|
+
|
96
|
+
it 'includes global id debug info if given' do
|
97
|
+
id = described_class.for_user(
|
98
|
+
user_uuid: 'user-uuid',
|
99
|
+
account_uuid: 'acct-uuid',
|
100
|
+
user_global_id: 10_000_000_000_123,
|
101
|
+
real_user_global_id: 10_000_000_000_456
|
102
|
+
)
|
103
|
+
|
104
|
+
expect(id.jwt_payload[:debug_user_global_id]).to eq('10000000000123')
|
105
|
+
expect(id.jwt_payload[:debug_masq_global_id]).to eq('10000000000456')
|
106
|
+
end
|
107
|
+
|
108
|
+
it 'omits global id debug info if not given' do
|
109
|
+
id = described_class.for_user(user_uuid: 'user-uuid', account_uuid: 'acct-uuid')
|
110
|
+
expect(id.jwt_payload.keys).not_to include(:debug_user_global_id)
|
111
|
+
expect(id.jwt_payload.keys).not_to include(:debug_masq_global_id)
|
91
112
|
end
|
92
113
|
end
|
93
114
|
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: inst_access
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.1.
|
4
|
+
version: 0.1.2
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Michael Ziwisky
|
8
|
-
autorequire:
|
8
|
+
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date:
|
11
|
+
date: 2023-07-19 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: activesupport
|
@@ -28,16 +28,16 @@ dependencies:
|
|
28
28
|
name: json-jwt
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|
30
30
|
requirements:
|
31
|
-
- -
|
31
|
+
- - "~>"
|
32
32
|
- !ruby/object:Gem::Version
|
33
|
-
version: 1.13
|
33
|
+
version: '1.13'
|
34
34
|
type: :runtime
|
35
35
|
prerelease: false
|
36
36
|
version_requirements: !ruby/object:Gem::Requirement
|
37
37
|
requirements:
|
38
|
-
- -
|
38
|
+
- - "~>"
|
39
39
|
- !ruby/object:Gem::Version
|
40
|
-
version: 1.13
|
40
|
+
version: '1.13'
|
41
41
|
- !ruby/object:Gem::Dependency
|
42
42
|
name: bundler
|
43
43
|
requirement: !ruby/object:Gem::Requirement
|
@@ -94,6 +94,20 @@ dependencies:
|
|
94
94
|
- - "~>"
|
95
95
|
- !ruby/object:Gem::Version
|
96
96
|
version: 1.8.1
|
97
|
+
- !ruby/object:Gem::Dependency
|
98
|
+
name: rubocop-ast
|
99
|
+
requirement: !ruby/object:Gem::Requirement
|
100
|
+
requirements:
|
101
|
+
- - ">="
|
102
|
+
- !ruby/object:Gem::Version
|
103
|
+
version: '0'
|
104
|
+
type: :development
|
105
|
+
prerelease: false
|
106
|
+
version_requirements: !ruby/object:Gem::Requirement
|
107
|
+
requirements:
|
108
|
+
- - ">="
|
109
|
+
- !ruby/object:Gem::Version
|
110
|
+
version: '0'
|
97
111
|
- !ruby/object:Gem::Dependency
|
98
112
|
name: simplecov
|
99
113
|
requirement: !ruby/object:Gem::Requirement
|
@@ -136,7 +150,7 @@ dependencies:
|
|
136
150
|
- - ">="
|
137
151
|
- !ruby/object:Gem::Version
|
138
152
|
version: '0'
|
139
|
-
description:
|
153
|
+
description:
|
140
154
|
email:
|
141
155
|
- mziwisky@instructure.com
|
142
156
|
executables: []
|
@@ -155,7 +169,7 @@ files:
|
|
155
169
|
homepage: http://github.com/instructure/inst_access
|
156
170
|
licenses: []
|
157
171
|
metadata: {}
|
158
|
-
post_install_message:
|
172
|
+
post_install_message:
|
159
173
|
rdoc_options: []
|
160
174
|
require_paths:
|
161
175
|
- lib
|
@@ -170,8 +184,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
170
184
|
- !ruby/object:Gem::Version
|
171
185
|
version: '0'
|
172
186
|
requirements: []
|
173
|
-
rubygems_version: 3.
|
174
|
-
signing_key:
|
187
|
+
rubygems_version: 3.1.6
|
188
|
+
signing_key:
|
175
189
|
specification_version: 4
|
176
190
|
summary: Generation, parsing, and validation of Instructure access tokens
|
177
191
|
test_files:
|