jwt_keeper 3.0.1 → 3.1.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.travis.yml +2 -4
- data/README.md +1 -0
- data/jwt_keeper.gemspec +2 -2
- data/lib/jwt_keeper/controller.rb +8 -3
- data/lib/jwt_keeper/engine.rb +1 -2
- data/lib/jwt_keeper/token.rb +11 -3
- data/lib/jwt_keeper/version.rb +1 -1
- data/spec/lib/jwt_keeper/token_spec.rb +7 -0
- data/spec/spec_helper.rb +3 -1
- metadata +6 -6
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 28d115e2b0772731d3b5fefce241da3f8be40c4a
|
|
4
|
+
data.tar.gz: 0507622c05cf4a5b93be4035b77a15424b89e4b1
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: fd49463a7660666d28507b5b6ae9345cea21c7baec56fdc904d6f683ec8bbcafa354c29113b658798c1531129e34b12e419ff6b1324af9f83b60484341b30c9c
|
|
7
|
+
data.tar.gz: 61fcefd218432ca6e2de3e6b6bfde1a0bdda28a8414baefe63ce0ef6a03a1c20e444c9d79b3ad5e95d5e841530d2d1e701a33157d08c468e2dd6f94a6fce2caf
|
data/.travis.yml
CHANGED
data/README.md
CHANGED
|
@@ -1,4 +1,5 @@
|
|
|
1
1
|
# JWT Keeper
|
|
2
|
+
[](https://rubygems.org/gems/jwt_keeper)
|
|
2
3
|
[](https://travis-ci.org/sirwolfgang/jwt_keeper)
|
|
3
4
|
[](https://gemnasium.com/sirwolfgang/jwt_keeper)
|
|
4
5
|
[](https://codeclimate.com/github/sirwolfgang/jwt_keeper)
|
data/jwt_keeper.gemspec
CHANGED
|
@@ -30,7 +30,7 @@ Gem::Specification.new do |spec|
|
|
|
30
30
|
spec.add_development_dependency 'codeclimate-test-reporter'
|
|
31
31
|
|
|
32
32
|
spec.add_dependency 'redis', '~> 3.3'
|
|
33
|
-
spec.add_dependency 'rails', '~>
|
|
34
|
-
spec.add_dependency 'activesupport', '~>
|
|
33
|
+
spec.add_dependency 'rails', '~> 5.0'
|
|
34
|
+
spec.add_dependency 'activesupport', '~> 5.0'
|
|
35
35
|
spec.add_dependency 'jwt', '~> 1.5'
|
|
36
36
|
end
|
|
@@ -2,11 +2,9 @@ module JWTKeeper
|
|
|
2
2
|
module Controller
|
|
3
3
|
extend ActiveSupport::Concern
|
|
4
4
|
|
|
5
|
-
module ClassMethods
|
|
6
|
-
end
|
|
7
|
-
|
|
8
5
|
# Available to be used as a before_action by the application's controllers. This is
|
|
9
6
|
# the main logical section for decoding, and automatically rotating tokens
|
|
7
|
+
# @return [void]
|
|
10
8
|
def require_authentication
|
|
11
9
|
token = read_authentication_token
|
|
12
10
|
|
|
@@ -25,6 +23,7 @@ module JWTKeeper
|
|
|
25
23
|
end
|
|
26
24
|
|
|
27
25
|
# Decodes and returns the token
|
|
26
|
+
# @return [Token] the token read from request
|
|
28
27
|
def read_authentication_token
|
|
29
28
|
return nil unless request.headers['Authorization']
|
|
30
29
|
@authentication_token ||=
|
|
@@ -35,6 +34,8 @@ module JWTKeeper
|
|
|
35
34
|
end
|
|
36
35
|
|
|
37
36
|
# Encodes and writes the token
|
|
37
|
+
# @param token [Token] The token to be written
|
|
38
|
+
# @return [Token] the token written to response
|
|
38
39
|
def write_authentication_token(token)
|
|
39
40
|
return clear_authentication_token if token.nil?
|
|
40
41
|
response.headers['Authorization'] = "Bearer #{token.to_jwt}"
|
|
@@ -43,6 +44,7 @@ module JWTKeeper
|
|
|
43
44
|
end
|
|
44
45
|
|
|
45
46
|
# delets the authentication token
|
|
47
|
+
# @return [void]
|
|
46
48
|
def clear_authentication_token
|
|
47
49
|
response.headers['Authorization'] = nil
|
|
48
50
|
cookies.delete('jwt_keeper')
|
|
@@ -51,18 +53,21 @@ module JWTKeeper
|
|
|
51
53
|
|
|
52
54
|
# The default action for denying non-authenticated connections.
|
|
53
55
|
# You can override this method in your controllers
|
|
56
|
+
# @return [void]
|
|
54
57
|
def not_authenticated
|
|
55
58
|
redirect_to root_path
|
|
56
59
|
end
|
|
57
60
|
|
|
58
61
|
# The default action for accepting authenticated connections.
|
|
59
62
|
# You can override this method in your controllers
|
|
63
|
+
# @return [void]
|
|
60
64
|
def authenticated(token)
|
|
61
65
|
end
|
|
62
66
|
|
|
63
67
|
# Invoked by the require_authentication method as part of the automatic rotation
|
|
64
68
|
# process. The application should override this method to include the necessary
|
|
65
69
|
# claims.
|
|
70
|
+
# @return [void]
|
|
66
71
|
def regenerate_claims(old_token)
|
|
67
72
|
end
|
|
68
73
|
end
|
data/lib/jwt_keeper/engine.rb
CHANGED
|
@@ -2,8 +2,7 @@ require 'jwt_keeper'
|
|
|
2
2
|
require 'rails'
|
|
3
3
|
|
|
4
4
|
module JWTKeeper
|
|
5
|
-
#
|
|
6
|
-
# With the plugin logic.
|
|
5
|
+
# Includes JWTKeeper into ActionController
|
|
7
6
|
class Engine < ::Rails::Engine
|
|
8
7
|
initializer 'extend Controller with jwt_keeper' do |_app|
|
|
9
8
|
ActionController::Base.send(:include, JWTKeeper::Controller)
|
data/lib/jwt_keeper/token.rb
CHANGED
|
@@ -1,9 +1,13 @@
|
|
|
1
1
|
module JWTKeeper
|
|
2
|
+
# This class acts as the main interface to wrap the concerns of JWTs. Handling everything from
|
|
3
|
+
# encoding to invalidation.
|
|
2
4
|
class Token
|
|
3
5
|
attr_accessor :claims, :cookie_secret
|
|
4
6
|
|
|
5
7
|
# Initalizes a new web token
|
|
6
8
|
# @param private_claims [Hash] the custom claims to encode
|
|
9
|
+
# @param cookie_secret [String] the cookie secret to use during encoding
|
|
10
|
+
# @return [void]
|
|
7
11
|
def initialize(private_claims = {}, cookie_secret = nil)
|
|
8
12
|
@cookie_secret = cookie_secret
|
|
9
13
|
@claims = {
|
|
@@ -25,6 +29,7 @@ module JWTKeeper
|
|
|
25
29
|
|
|
26
30
|
# Decodes and validates an existing token
|
|
27
31
|
# @param raw_token [String] the raw token
|
|
32
|
+
# @param cookie_secret [String] the cookie secret
|
|
28
33
|
# @return [Token] token object
|
|
29
34
|
def self.find(raw_token, cookie_secret = nil)
|
|
30
35
|
claims = decode(raw_token, cookie_secret)
|
|
@@ -39,12 +44,14 @@ module JWTKeeper
|
|
|
39
44
|
# is inherently ignored by the token's exp check and then rewritten with the revokation on
|
|
40
45
|
# rotate.
|
|
41
46
|
# @param token_jti [String] the token unique id
|
|
47
|
+
# @return [void]
|
|
42
48
|
def self.rotate(token_jti)
|
|
43
49
|
Datastore.rotate(token_jti, JWTKeeper.configuration.expiry.from_now.to_i)
|
|
44
50
|
end
|
|
45
51
|
|
|
46
52
|
# Revokes a web token
|
|
47
53
|
# @param token_jti [String] the token unique id
|
|
54
|
+
# @return [void]
|
|
48
55
|
def self.revoke(token_jti)
|
|
49
56
|
Datastore.revoke(token_jti, JWTKeeper.configuration.expiry.from_now.to_i)
|
|
50
57
|
end
|
|
@@ -57,7 +64,7 @@ module JWTKeeper
|
|
|
57
64
|
|
|
58
65
|
# Revokes and creates a new web token
|
|
59
66
|
# @param new_claims [Hash] Used to override and update claims during rotation
|
|
60
|
-
# @return [
|
|
67
|
+
# @return [Token]
|
|
61
68
|
def rotate(new_claims = nil)
|
|
62
69
|
revoke
|
|
63
70
|
|
|
@@ -70,6 +77,7 @@ module JWTKeeper
|
|
|
70
77
|
end
|
|
71
78
|
|
|
72
79
|
# Revokes a web token
|
|
80
|
+
# @return [void]
|
|
73
81
|
def revoke
|
|
74
82
|
return if invalid?
|
|
75
83
|
Datastore.revoke(id, claims[:exp] - DateTime.now.to_i)
|
|
@@ -106,14 +114,14 @@ module JWTKeeper
|
|
|
106
114
|
end
|
|
107
115
|
|
|
108
116
|
# Encodes the jwt
|
|
109
|
-
# @return [String]
|
|
117
|
+
# @return [String] the encoded jwt
|
|
110
118
|
def to_jwt
|
|
111
119
|
encode
|
|
112
120
|
end
|
|
113
121
|
alias to_s to_jwt
|
|
114
122
|
|
|
115
123
|
# Encodes the cookie
|
|
116
|
-
# @return [Hash]
|
|
124
|
+
# @return [Hash] the cookie options
|
|
117
125
|
def to_cookie
|
|
118
126
|
{
|
|
119
127
|
value: cookie_secret,
|
data/lib/jwt_keeper/version.rb
CHANGED
|
@@ -17,6 +17,13 @@ module JWTKeeper
|
|
|
17
17
|
before { JWTKeeper.configure(JWTKeeper::Configuration.new(config.merge(cookie_lock: true))) }
|
|
18
18
|
it { expect(subject.cookie_secret).not_to be_empty }
|
|
19
19
|
end
|
|
20
|
+
|
|
21
|
+
context 'when overiding default claims' do
|
|
22
|
+
let(:private_claims) { { exp: 1.minute.from_now.to_i } }
|
|
23
|
+
|
|
24
|
+
it { is_expected.to be_instance_of described_class }
|
|
25
|
+
it { expect(subject.claims[:exp]).to eql private_claims[:exp] }
|
|
26
|
+
end
|
|
20
27
|
end
|
|
21
28
|
|
|
22
29
|
describe '.find' do
|
data/spec/spec_helper.rb
CHANGED
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: jwt_keeper
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 3.0
|
|
4
|
+
version: 3.1.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- David Rivera
|
|
@@ -9,7 +9,7 @@ authors:
|
|
|
9
9
|
autorequire:
|
|
10
10
|
bindir: bin
|
|
11
11
|
cert_chain: []
|
|
12
|
-
date: 2016-
|
|
12
|
+
date: 2016-07-01 00:00:00.000000000 Z
|
|
13
13
|
dependencies:
|
|
14
14
|
- !ruby/object:Gem::Dependency
|
|
15
15
|
name: bundler
|
|
@@ -157,28 +157,28 @@ dependencies:
|
|
|
157
157
|
requirements:
|
|
158
158
|
- - "~>"
|
|
159
159
|
- !ruby/object:Gem::Version
|
|
160
|
-
version: '
|
|
160
|
+
version: '5.0'
|
|
161
161
|
type: :runtime
|
|
162
162
|
prerelease: false
|
|
163
163
|
version_requirements: !ruby/object:Gem::Requirement
|
|
164
164
|
requirements:
|
|
165
165
|
- - "~>"
|
|
166
166
|
- !ruby/object:Gem::Version
|
|
167
|
-
version: '
|
|
167
|
+
version: '5.0'
|
|
168
168
|
- !ruby/object:Gem::Dependency
|
|
169
169
|
name: activesupport
|
|
170
170
|
requirement: !ruby/object:Gem::Requirement
|
|
171
171
|
requirements:
|
|
172
172
|
- - "~>"
|
|
173
173
|
- !ruby/object:Gem::Version
|
|
174
|
-
version: '
|
|
174
|
+
version: '5.0'
|
|
175
175
|
type: :runtime
|
|
176
176
|
prerelease: false
|
|
177
177
|
version_requirements: !ruby/object:Gem::Requirement
|
|
178
178
|
requirements:
|
|
179
179
|
- - "~>"
|
|
180
180
|
- !ruby/object:Gem::Version
|
|
181
|
-
version: '
|
|
181
|
+
version: '5.0'
|
|
182
182
|
- !ruby/object:Gem::Dependency
|
|
183
183
|
name: jwt
|
|
184
184
|
requirement: !ruby/object:Gem::Requirement
|