jwt-authenticator 1.0.4 → 2.0.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: eaa8560f1c1d204b1cf8556ac75896308d0437314df557504b5bd23717baa920
-  data.tar.gz: 7c220c3fd1b755c7944bdd061c2e0abe3c32d67a4d969b88199aa22a02042a02
+  metadata.gz: 707fad532a2bd87b7ab6a9e7839cd61789d53024a18f7b4849d5fbb6e44eb16c
+  data.tar.gz: 8e020e5ca4feac5e69dd276d93d8bce8b17928a75e0e20f2d4743656e33072cd
 SHA512:
-  metadata.gz: ded7a7c6e21793017ab1a94ffff357580cfa3233076fca1c51b282065d8d5a09a398166571f1b54861580e5897f1163e3e4c6010fb1fd2baab0493a8ece0e127
-  data.tar.gz: 9215e3daada467a86df5b3012449293916eaa3d82d3425efb445c1e3826bbcbed1e76b003627c9df46a871dbe19da2d09c6fdfd7f31657550cd733d31eb4dcb3
+  metadata.gz: c4868783d0751eeeda6c5e4c7ecab2f5b9c36f4b61881d82332b3bdd20e10a683265a4f9e8c05bc671ab4951e2dd7f25a91441e4f6ce6f438f6209c1ce548b9c
+  data.tar.gz: c90110f5b22510a4ce50630dea91a6f2ebb7cf711098f5e6500c27255b31aa8bcb55f734f07fffce52348aeb038eebe43ef0c4358870fcca0c890848343c8e21

data/.ruby-version

@@ -1 +1 @@
-2.7.1
+2.7.3

data/Gemfile.lock

@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    jwt-authenticator (1.0.4)
+    jwt-authenticator (2.0.0)
       activesupport (>= 4.0, < 6.0)
       jwt (~> 2.1)
       method-not-implemented (~> 1.0)
@@ -9,23 +9,23 @@ PATH
 GEM
   remote: https://rubygems.org/
   specs:
-    activesupport (5.2.4.4)
+    activesupport (5.2.6)
       concurrent-ruby (~> 1.0, >= 1.0.2)
       i18n (>= 0.7, < 2)
       minitest (~> 5.1)
       tzinfo (~> 1.1)
-    concurrent-ruby (1.1.7)
-    i18n (1.8.5)
+    concurrent-ruby (1.1.9)
+    i18n (1.8.10)
       concurrent-ruby (~> 1.0)
-    jwt (2.2.2)
+    jwt (2.2.3)
     method-not-implemented (1.0.1)
-    minitest (5.14.2)
-    power_assert (1.2.0)
+    minitest (5.14.4)
+    power_assert (2.0.0)
     rake (12.3.3)
-    test-unit (3.3.6)
+    test-unit (3.4.4)
       power_assert
     thread_safe (0.3.6)
-    tzinfo (1.2.7)
+    tzinfo (1.2.9)
       thread_safe (~> 0.1)
 
 PLATFORMS

data/lib/jwt-authenticator.rb

@@ -18,15 +18,19 @@ class JWT::Authenticator
   end
 
   def call(token)
-    error! "Token is missing.", 101 if token.blank?
-    token_type, token_value = token.to_s.squish.split(" ")
-    error! "Token type is not provided or invalid.", 102 unless token_type == "Bearer"
-    returned = JWT.decode(token_value, nil, true, @verification_options) { |header| public_key(header.deep_symbolize_keys) }
+    error! type: :token_missing unless token.present?
+
+    returned = JWT.decode token, nil, true, @verification_options do |header|
+      public_key(header.deep_symbolize_keys)
+    end
+
     returned.map(&:deep_symbolize_keys)
+
   rescue JWT::ExpiredSignature => e
-    error!(e.inspect, 104)
+    error! message: e.inspect, type: :token_expired
+
   rescue JWT::DecodeError => e
-    error!(e.inspect, 103)
+    error! message: e.inspect, type: :token_invalid
   end
 
 protected
@@ -37,7 +41,8 @@ protected
 
   def token_verification_options_from_environment(namespace)
     namespace = namespace.gsub(/_+\z/, "")
-    { verify_expiration: ENV["#{namespace}_VERIFY_EXP"] != "false",
+    options = {
+      verify_expiration: ENV["#{namespace}_VERIFY_EXP"] != "false",
       verify_not_before: ENV["#{namespace}_VERIFY_NBF"] != "false",
       iss:               ENV["#{namespace}_ISS"].to_s.split(",").map(&:squish).reject(&:blank?).presence, # Comma-separated values.
       verify_iat:        ENV["#{namespace}_VERIFY_IAT"] != "false",
@@ -49,16 +54,16 @@ protected
       iat_leeway:        ENV["#{namespace}_IAT_LEEWAY"].to_s.squish.yield_self { |n| n.to_i if n.present? },
       exp_leeway:        ENV["#{namespace}_EXP_LEEWAY"].to_s.squish.yield_self { |n| n.to_i if n.present? },
       nbf_leeway:        ENV["#{namespace}_NBF_LEEWAY"].to_s.squish.yield_self { |n| n.to_i if n.present? }
-    }.tap { |options|
-      options.merge! \
-        verify_sub: options[:sub].present?,
-        verify_iss: options[:iss].present?,
-        verify_aud: options[:aud].present?
-    }.compact
+    }
+    options.merge! \
+      verify_sub: options[:sub].present?,
+      verify_iss: options[:iss].present?,
+      verify_aud: options[:aud].present?
+    options.compact
   end
 
-  def error!(message, code = nil)
-    raise Error.new(message, code)
+  def error!(**options)
+    raise Error.new(**options)
   end
 
   class << self
@@ -68,11 +73,11 @@ protected
   end
 
   class Error < StandardError
-    attr_reader :code
+    attr_reader :type
 
-    def initialize(message, code = nil)
-      super(message)
-      @code = code
+    def initialize(message: nil, type:)
+      super message.presence || type.to_s.humanize
+      @type = type
     end
   end
 end

data/lib/jwt-authenticator/version.rb

@@ -3,6 +3,6 @@
 
 module JWT
   class Authenticator
-    VERSION = "1.0.4"
+    VERSION = "2.0.0"
   end
 end

data/test/test-jwt-authenticator.rb

@@ -76,13 +76,7 @@ class JWTAuthenticatorTest < Test::Unit::TestCase
   test "blank token" do
     error = assert_raises(JWT::Authenticator::Error) { JWT::Authenticator.instance.call(" ") }
     assert_match(/\bmissing\b/i, error.message)
-    assert_equal(101, error.code)
-  end
-
-  test "token with invalid type" do
-    error = assert_raises(JWT::Authenticator::Error) { JWT::Authenticator.instance.call("Beer XXX.YYY.ZZZ") }
-    assert_match(/\binvalid\b/i, error.message)
-    assert_equal(102, error.code)
+    assert_equal(:token_missing, error.type)
   end
 
   test "token decoding and verification" do
@@ -96,63 +90,63 @@ class JWTAuthenticatorTest < Test::Unit::TestCase
     jwt = my_api_v2_jwt_encode(my_api_v2_jwt_payload.merge(iss: "qux"))
     error = assert_raises(JWT::Authenticator::Error) { my_api_v2_jwt_decode(jwt) }
     assert_match(/\binvalid issuer\b/i, error.message)
-    assert_equal(103, error.code)
+    assert_equal(:token_invalid, error.type)
   end
 
   test "missing iss" do
     jwt = my_api_v2_jwt_encode(my_api_v2_jwt_payload.tap { |p| p.delete(:iss) })
     error = assert_raises(JWT::Authenticator::Error) { my_api_v2_jwt_decode(jwt) }
     assert_match(/\binvalid issuer\b/i, error.message)
-    assert_equal(103, error.code)
+    assert_equal(:token_invalid, error.type)
   end
 
   test "missing aud" do
     jwt = my_api_v2_jwt_encode(my_api_v2_jwt_payload.tap { |p| p.delete(:aud) })
     error = assert_raises(JWT::Authenticator::Error) { my_api_v2_jwt_decode(jwt) }
     assert_match(/\binvalid audience\b/i, error.message)
-    assert_equal(103, error.code)
+    assert_equal(:token_invalid, error.type)
   end
 
   test "wrong aud" do
     jwt = my_api_v2_jwt_encode(my_api_v2_jwt_payload.merge(aud: "qux"))
     error = assert_raises(JWT::Authenticator::Error) { my_api_v2_jwt_decode(jwt) }
     assert_match(/\binvalid audience\b/i, error.message)
-    assert_equal(103, error.code)
+    assert_equal(:token_invalid, error.type)
   end
 
   test "missing sub" do
     jwt = my_api_v2_jwt_encode(my_api_v2_jwt_payload.tap { |p| p.delete(:sub) })
     error = assert_raises(JWT::Authenticator::Error) { my_api_v2_jwt_decode(jwt) }
     assert_match(/\binvalid subject\b/i, error.message)
-    assert_equal(103, error.code)
+    assert_equal(:token_invalid, error.type)
   end
 
   test "wrong sub" do
     jwt = my_api_v2_jwt_encode(my_api_v2_jwt_payload.merge(sub: "qux"))
     error = assert_raises(JWT::Authenticator::Error) { my_api_v2_jwt_decode(jwt) }
     assert_match(/\binvalid subject\b/i, error.message)
-    assert_equal(103, error.code)
+    assert_equal(:token_invalid, error.type)
   end
 
   test "token is expired" do
     jwt = my_api_v2_jwt_encode(my_api_v2_jwt_payload.merge(exp: Time.now.to_i - 5))
     error = assert_raises(JWT::Authenticator::Error) { my_api_v2_jwt_decode(jwt) }
     assert_match(/\bexpired\b/i, error.message)
-    assert_equal(104, error.code)
+    assert_equal(:token_expired, error.type)
   end
 
   test "missing jti" do
     jwt = my_api_v2_jwt_encode(my_api_v2_jwt_payload.tap { |p| p.delete(:jti) })
     error = assert_raises(JWT::Authenticator::Error) { my_api_v2_jwt_decode(jwt) }
     assert_match(/\bmissing jti\b/i, error.message)
-    assert_equal(103, error.code)
+    assert_equal(:token_invalid, error.type)
   end
 
   test "issued at in future" do
     jwt = my_api_v2_jwt_encode(my_api_v2_jwt_payload.merge(iat: Time.now.to_i + 30))
     error = assert_raises(JWT::Authenticator::Error) { my_api_v2_jwt_decode(jwt) }
     assert_match(/\binvalid iat\b/i, error.message)
-    assert_equal(103, error.code)
+    assert_equal(:token_invalid, error.type)
   end
 
   test "loading token verification options from environment (authenticator nested under multiple modules)" do
@@ -185,6 +179,6 @@ private
   end
 
   def my_api_v2_jwt_decode(jwt)
-    MyAPIv2::JWTAuthenticator.call("Bearer " + jwt)
+    MyAPIv2::JWTAuthenticator.call(jwt)
   end
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: jwt-authenticator
 version: !ruby/object:Gem::Version
-  version: 1.0.4
+  version: 2.0.0
 platform: ruby
 authors:
 - Yaroslav Konoplov
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2020-10-30 00:00:00.000000000 Z
+date: 2021-06-10 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: jwt
@@ -115,7 +115,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.1.2
+rubygems_version: 3.1.6
 signing_key: 
 specification_version: 4
 summary: JSON Web Token authentication Ruby service.