RubyGems - inst_access - Versions diffs - 0.1.1 → 0.4.0 - Mend

inst_access 0.1.1 → 0.4.0

Files changed (6) hide show

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 5078ae05b8177aa22350be75c165e5b8f3c2e469693544d2d6cdc88cdd725bad
-  data.tar.gz: 886e682197965ff3cb4af0ef81063757701b2928fa64f6d9cf93b505f5b1d150
+  metadata.gz: f3f8f9627e9866878600ebfffa114229879693c401e03a07f024c9ecc7aa4567
+  data.tar.gz: 95a2ad12a7fbb4392c6828353734ad24a43cb10056c822b50d6234c4f8f2223d
 SHA512:
-  metadata.gz: 0f3da43796458852625c0cee8fa0197936780f91ae4bd3cb77463b21fb2435b6db3a6f8d56fafa33a1aac856847bda1d6871d1957a75c0860d3fca482e572b2c
-  data.tar.gz: a7d7b5ed84a25a81a237090e24844cff252b8ab2a14fef4973cbc58ee04de265014ce04790dc02ad193edb9ca6b6251a74828bc533ae70c8b0cf001a630c9cc5
+  metadata.gz: 1946b0ac1c71312c08d2e931f542e3e35119d3e26b4590c03f260bfec093d947cae388125e935ab03d1e63cbb2c06273ed9ed7da67bfba54406d523b78142988
+  data.tar.gz: 650914d4e10bc474b71146351956ce903b318efb32c453da9ea697c3aac5cf0f840d2e455982f1abc6fa3ebf893857fef3db1fc990a8febd278e1b768034bab9

data/lib/inst_access/token.rb CHANGED Viewed

@@ -54,6 +54,18 @@ module InstAccess
       jwt_payload[:region]
     end
+    def client_id
+      jwt_payload[:client_id]
+    end
+    def instructure_service?
+      jwt_payload[:instructure_service] == true
+    end
+    def jti
+      jwt_payload[:jti]
+    end
     def to_token_string
       jwe = to_jws.encrypt(InstAccess.config.encryption_key, ENCRYPTION_ALGO, ENCRYPTION_METHOD)
       jwe.to_s
@@ -87,7 +99,9 @@ module InstAccess
         real_user_shard_id: nil,
         user_global_id: nil,
         real_user_global_id: nil,
-        region: nil
+        region: nil,
+        client_id: nil,
+        instructure_service: nil
       )
         raise ArgumentError, 'Must provide user uuid and account uuid' if user_uuid.blank? || account_uuid.blank?
@@ -95,6 +109,7 @@ module InstAccess
         payload = {
           iss: ISSUER,
+          jti: SecureRandom.uuid,
           iat: now,
           exp: now + 1.hour.to_i,
           sub: user_uuid,
@@ -104,7 +119,9 @@ module InstAccess
           masq_shard: real_user_shard_id,
           debug_user_global_id: user_global_id&.to_s,
           debug_masq_global_id: real_user_global_id&.to_s,
-          region: region
+          region: region,
+          client_id: client_id,
+          instructure_service: instructure_service
         }.compact
         new(payload)

data/lib/inst_access/version.rb ADDED Viewed

@@ -0,0 +1,23 @@
+# frozen_string_literal: true
+#
+# Copyright (C) 2023 - present Instructure, Inc.
+#
+# This file is part of Canvas.
+#
+# Canvas is free software: you can redistribute it and/or modify it under
+# the terms of the GNU Affero General Public License as published by the Free
+# Software Foundation, version 3 of the License.
+#
+# Canvas is distributed in the hope that it will be useful, but WITHOUT ANY
+# WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
+# A PARTICULAR PURPOSE. See the GNU Affero General Public License for more
+# details.
+#
+# You should have received a copy of the GNU Affero General Public License along
+# with this program. If not, see <http://www.gnu.org/licenses/>.
+#
+module InstAccess
+  VERSION = '0.4.0'
+end

data/lib/inst_access.rb CHANGED Viewed

@@ -23,6 +23,7 @@ require 'json/jwt'
 require 'inst_access/errors'
 require 'inst_access/config'
 require 'inst_access/token'
+require 'inst_access/version'
 module InstAccess
   class << self

data/spec/inst_access/token_spec.rb CHANGED Viewed

@@ -85,12 +85,35 @@ describe InstAccess::Token do
         canvas_domain: 'z.instructure.com',
         real_user_uuid: 'masq-id',
         real_user_shard_id: 5,
-        region: 'us-west-2'
+        region: 'us-west-2',
+        client_id: 'client-id',
+        instructure_service: true
       )
       expect(id.canvas_domain).to eq('z.instructure.com')
       expect(id.masquerading_user_uuid).to eq('masq-id')
       expect(id.masquerading_user_shard_id).to eq(5)
       expect(id.region).to eq('us-west-2')
+      expect(id.client_id).to eq('client-id')
+      expect(id.instructure_service?).to eq true
+    end
+    it 'generates a unique jti' do
+      uuid = SecureRandom.uuid
+      allow(SecureRandom).to receive(:uuid).and_return uuid
+      id = described_class.for_user(
+        user_uuid: 'user-uuid',
+        account_uuid: 'acct-uuid',
+        canvas_domain: 'z.instructure.com',
+        real_user_uuid: 'masq-id',
+        real_user_shard_id: 5,
+        region: 'us-west-2',
+        client_id: 'client-id',
+        instructure_service: true
+      )
+      expect(id.jti).to eq uuid
     end
     it 'includes global id debug info if given' do

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: inst_access
 version: !ruby/object:Gem::Version
-  version: 0.1.1
+  version: 0.4.0
 platform: ruby
 authors:
 - Michael Ziwisky
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2021-11-18 00:00:00.000000000 Z
+date: 2023-09-05 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: activesupport
@@ -161,6 +161,7 @@ files:
 - lib/inst_access/config.rb
 - lib/inst_access/errors.rb
 - lib/inst_access/token.rb
+- lib/inst_access/version.rb
 - spec/initialize_coverage.rb
 - spec/inst_access/inst_access_spec.rb
 - spec/inst_access/token_spec.rb
@@ -184,7 +185,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.2.15
+rubygems_version: 3.2.6
 signing_key:
 specification_version: 4
 summary: Generation, parsing, and validation of Instructure access tokens