jwt_keeper 3.0.1 → 4.0.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
-SHA1:
-  metadata.gz: 3d622a17d010fc9b106c161c42b90a4b3f8f1c05
-  data.tar.gz: 45467b7f357ad75e985b1b74297b5948cb2964d2
+SHA256:
+  metadata.gz: 26a338e78f6af549348419350f802cb0eea3afead33d967eef694d2e45850faf
+  data.tar.gz: '081c9b805dd36d5a2650faa693ad73b54583a132827fdf490a349c970482f0f5'
 SHA512:
-  metadata.gz: c87fbde489f9aace5c0bf65ae997b65d80b984bcd860986ed04bac9cece93b955b66bfa3bbca70dea29f1fb08dfb099cfdb1061f573e74cd63e66bf065eeaf7b
-  data.tar.gz: c5c28a26779d3c539c8dc63f6e5ba4636b5d82c2016cd1c2d7aa81526a498fec23aac300d4157e7c79ff5da724fd548dfd731bf43739fd695d75e24c095d092f
+  metadata.gz: f7168ef5c0ad904a0cedf95da5b9a2e934e322af10327637bde820298ea21209f4c62104f05a2e6153d6a498aa715340a926d294e6d0d7302f67b559112e600c
+  data.tar.gz: d94f5e45932d679718e5ee5e6d810fa6c4ea3fe037f5bad3629a9719b7d748da7a62d54ed1782715f84e50a85e5bbc5f96ca20211ace602442bd124f1ca6f8d6

data/.travis.yml

@@ -1,21 +1,26 @@
 language: ruby
 cache: bundler
 rvm:
-  - 2.0
-  - 2.1
-  - 2.2
-  - 2.3.0
+  - 2.4.5
+  - 2.5.3
+  - 2.6.1
   - ruby-head
 matrix:
   allow_failures:
     - rvm: ruby-head
-addons:
-  code_climate:
-    repo_token: f69bb189f348c1d7992d8ed8690d0a2c9c885c1aac45e2f4d48732034592b37b
 services:
   - redis-server
 env:
   global:
     - REDIS_URL=redis://localhost:6379
+    - CC_TEST_REPORTER_ID=f69bb189f348c1d7992d8ed8690d0a2c9c885c1aac45e2f4d48732034592b37b
+before_script:
+  - curl -L https://codeclimate.com/downloads/test-reporter/test-reporter-latest-linux-amd64 > ./cc-test-reporter
+  - chmod +x ./cc-test-reporter
+  - ./cc-test-reporter before-build
+script:
+  - bundle exec rspec
+after_script:
+  - ./cc-test-reporter after-build --exit-code $TRAVIS_TEST_RESULT
 notifications:
   email: false

data/Gemfile

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 source 'https://rubygems.org'
 
 gemspec

data/README.md

@@ -1,4 +1,5 @@
 # JWT Keeper
+[![Gem Version](https://img.shields.io/gem/v/jwt_keeper.svg?maxAge=2592000)](https://rubygems.org/gems/jwt_keeper)
 [![Build Status](https://img.shields.io/travis/sirwolfgang/jwt_keeper/master.svg)](https://travis-ci.org/sirwolfgang/jwt_keeper)
 [![Dependency Status](https://img.shields.io/gemnasium/sirwolfgang/jwt_keeper.svg)](https://gemnasium.com/sirwolfgang/jwt_keeper)
 [![Code Climate](https://img.shields.io/codeclimate/github/sirwolfgang/jwt_keeper.svg)](https://codeclimate.com/github/sirwolfgang/jwt_keeper)
@@ -31,11 +32,13 @@ raw_token_string = token.to_jwt
 The designed rails token flow is to receive and respond to requests with the token being present in the `Authorization` part of the header. This is to allow us to seamlessly rotate the tokens on the fly without having to rebuff the request as part of the user flow. Automatic rotation happens as part of the `require_authentication` action, meaning that you will always get the latest token data as created by `generate_claims` in your controllers. This new token is added to the response with the `write_authentication_token` action.
 
 ```bash
-rake generate jwt_keeper:install
+rails generate jwt_keeper:install
 ```
 
 ```ruby
 class ApplicationController < ActionController::Base
+  include JWTKeeper::Controller
+
   before_action :require_authentication
 
   def not_authenticated

data/Rakefile

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'bundler/gem_tasks'
 require 'rspec/core/rake_task'
 

data/jwt_keeper.gemspec

@@ -23,14 +23,14 @@ Gem::Specification.new do |spec|
   spec.add_development_dependency 'yard'
   spec.add_development_dependency 'rubocop'
   spec.add_development_dependency 'dotenv'
+  spec.add_development_dependency 'pry'
 
-  spec.add_development_dependency 'rspec', '~> 3.4'
+  spec.add_development_dependency 'rspec', '~> 3.8'
   spec.add_development_dependency 'fuubar'
   spec.add_development_dependency 'simplecov'
-  spec.add_development_dependency 'codeclimate-test-reporter'
 
-  spec.add_dependency 'redis', '~> 3.3'
-  spec.add_dependency 'rails', '~> 4.2'
-  spec.add_dependency 'activesupport', '~> 4.2'
-  spec.add_dependency 'jwt', '~> 1.5'
+  spec.add_dependency 'redis'
+  spec.add_dependency 'rails'
+  spec.add_dependency 'activesupport'
+  spec.add_dependency 'jwt', '>= 1.5'
 end

data/lib/generators/templates/jwt_keeper.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 JWTKeeper.configure do |config|
   # The time to expire for the tokens
   # config.expiry           = 1.hour
@@ -26,6 +28,9 @@ JWTKeeper.configure do |config|
 
   # the location of redis config file
   # config.redis_connection = Redis.new(connection_options)
+  # config.redis_connection = ConnectionPool.new(size: ENV.fetch('RAILS_MAX_THREADS', 5)) do
+  #   Redis.new(url: ENV['REDISCLOUD_URL'] || 'redis://localhost:6379/')
+  # end
 
   # A unique idenfitier for the token version.
   # config.version          = 1

data/lib/jwt_keeper.rb

@@ -23,6 +23,4 @@ module JWTKeeper
 
     @configuration = new_configuration.freeze
   end
-
-  require 'jwt_keeper/engine' if defined?(Rails)
 end

data/lib/jwt_keeper/controller.rb

@@ -2,11 +2,9 @@ module JWTKeeper
   module Controller
     extend ActiveSupport::Concern
 
-    module ClassMethods
-    end
-
     # Available to be used as a before_action by the application's controllers. This is
     # the main logical section for decoding, and automatically rotating tokens
+    # @return [void]
     def require_authentication
       token = read_authentication_token
 
@@ -25,44 +23,51 @@ module JWTKeeper
     end
 
     # Decodes and returns the token
+    # @return [Token] the token read from request
     def read_authentication_token
       return nil unless request.headers['Authorization']
       @authentication_token ||=
         JWTKeeper::Token.find(
           request.headers['Authorization'].split.last,
-          cookies.signed['jwt_keeper']
+          defined?(cookies) && cookies.signed['jwt_keeper']
         )
     end
 
     # Encodes and writes the token
+    # @param token [Token] The token to be written
+    # @return [Token] the token written to response
     def write_authentication_token(token)
       return clear_authentication_token if token.nil?
       response.headers['Authorization'] = "Bearer #{token.to_jwt}"
-      cookies.signed['jwt_keeper'] = token.to_cookie
+      defined?(cookies) && cookies.signed['jwt_keeper'] = token.to_cookie
       @authentication_token = token
     end
 
     # delets the authentication token
+    # @return [void]
     def clear_authentication_token
       response.headers['Authorization'] = nil
-      cookies.delete('jwt_keeper')
+      defined?(cookies) && cookies.delete('jwt_keeper')
       @authentication_token = nil
     end
 
     # The default action for denying non-authenticated connections.
     # You can override this method in your controllers
+    # @return [void]
     def not_authenticated
       redirect_to root_path
     end
 
     # The default action for accepting authenticated connections.
     # You can override this method in your controllers
+    # @return [void]
     def authenticated(token)
     end
 
     # Invoked by the require_authentication method as part of the automatic rotation
     # process. The application should override this method to include the necessary
     # claims.
+    # @return [void]
     def regenerate_claims(old_token)
     end
   end

data/lib/jwt_keeper/datastore.rb

@@ -27,12 +27,28 @@ module JWTKeeper
 
       # @!visibility private
       def set_with_expiry(jti, seconds, type)
-        JWTKeeper.configuration.redis_connection.setex(jti, seconds, type)
+        redis = JWTKeeper.configuration.redis_connection
+
+        if redis.is_a?(Redis)
+          redis.setex(jti, seconds, type)
+        elsif defined?(ConnectionPool) && redis.is_a?(ConnectionPool)
+          redis.with { |conn| conn.setex(jti, seconds, type) }
+        else
+          throw 'Bad Redis Connection'
+        end
       end
 
       # @!visibility private
       def get(jti)
-        JWTKeeper.configuration.redis_connection.get(jti)
+        redis = JWTKeeper.configuration.redis_connection
+
+        if redis.is_a?(Redis)
+          redis.get(jti)
+        elsif defined?(ConnectionPool) && redis.is_a?(ConnectionPool)
+          redis.with { |conn| conn.get(jti) }
+        else
+          throw 'Bad Redis Connection'
+        end
       end
     end
   end

data/lib/jwt_keeper/engine.rb

@@ -2,8 +2,7 @@ require 'jwt_keeper'
 require 'rails'
 
 module JWTKeeper
-  # The Sorcery engine takes care of extending ActiveRecord (if used) and ActionController,
-  # With the plugin logic.
+  # Includes JWTKeeper into ActionController
   class Engine < ::Rails::Engine
     initializer 'extend Controller with jwt_keeper' do |_app|
       ActionController::Base.send(:include, JWTKeeper::Controller)

data/lib/jwt_keeper/token.rb

@@ -1,9 +1,13 @@
 module JWTKeeper
+  # This class acts as the main interface to wrap the concerns of JWTs. Handling everything from
+  # encoding to invalidation.
   class Token
     attr_accessor :claims, :cookie_secret
 
     # Initalizes a new web token
     # @param private_claims [Hash] the custom claims to encode
+    # @param cookie_secret [String] the cookie secret to use during encoding
+    # @return [void]
     def initialize(private_claims = {}, cookie_secret = nil)
       @cookie_secret = cookie_secret
       @claims = {
@@ -11,8 +15,10 @@ module JWTKeeper
         iat: DateTime.now.to_i, # issued at
         jti: SecureRandom.uuid  # JWT ID
       }
+
       @claims.merge!(JWTKeeper.configuration.base_claims)
       @claims.merge!(private_claims)
+      @claims[:exp] = @claims[:exp].to_i if @claims[:exp].is_a?(Time)
     end
 
     # Creates a new web token
@@ -25,12 +31,15 @@ module JWTKeeper
 
     # Decodes and validates an existing token
     # @param raw_token [String] the raw token
+    # @param cookie_secret [String] the cookie secret
     # @return [Token] token object
     def self.find(raw_token, cookie_secret = nil)
       claims = decode(raw_token, cookie_secret)
       return nil if claims.nil?
 
-      new_token = new(claims, cookie_secret)
+      new_token = new({}, cookie_secret)
+      new_token.claims = claims
+
       return nil if new_token.revoked?
       new_token
     end
@@ -39,12 +48,14 @@ module JWTKeeper
     # is inherently ignored by the token's exp check and then rewritten with the revokation on
     # rotate.
     # @param token_jti [String] the token unique id
+    # @return [void]
     def self.rotate(token_jti)
       Datastore.rotate(token_jti, JWTKeeper.configuration.expiry.from_now.to_i)
     end
 
     # Revokes a web token
     # @param token_jti [String] the token unique id
+    # @return [void]
     def self.revoke(token_jti)
       Datastore.revoke(token_jti, JWTKeeper.configuration.expiry.from_now.to_i)
     end
@@ -57,7 +68,7 @@ module JWTKeeper
 
     # Revokes and creates a new web token
     # @param new_claims [Hash] Used to override and update claims during rotation
-    # @return [String] new token
+    # @return [Token]
     def rotate(new_claims = nil)
       revoke
 
@@ -70,6 +81,7 @@ module JWTKeeper
     end
 
     # Revokes a web token
+    # @return [void]
     def revoke
       return if invalid?
       Datastore.revoke(id, claims[:exp] - DateTime.now.to_i)
@@ -106,14 +118,14 @@ module JWTKeeper
     end
 
     # Encodes the jwt
-    # @return [String]
+    # @return [String] the encoded jwt
     def to_jwt
       encode
     end
     alias to_s to_jwt
 
     # Encodes the cookie
-    # @return [Hash]
+    # @return [Hash] the cookie options
     def to_cookie
       {
         value: cookie_secret,
@@ -143,7 +155,7 @@ module JWTKeeper
 
     # @!visibility private
     def encode
-      JWT.encode(claims,
+      JWT.encode(claims.compact,
                  JWTKeeper.configuration.secret.to_s + cookie_secret.to_s,
                  JWTKeeper.configuration.algorithm
                 )

data/lib/jwt_keeper/version.rb

@@ -1,4 +1,4 @@
 # Gem Version
 module JWTKeeper
-  VERSION = '3.0.1'.freeze
+  VERSION = '4.0.1'.freeze
 end

data/spec/lib/jwt_keeper/controller_spec.rb

@@ -4,7 +4,7 @@ RSpec.describe JWTKeeper do
   describe 'Controller' do
     include_context 'initialize config'
 
-    let(:token) { JWTKeeper::Token.create(claim: "Jet fuel can't melt steel beams") }
+    let(:token) { JWTKeeper::Token.create(claim: "The Earth is Flat") }
     subject(:test_controller) do
       cookies_klass = Class.new(Hash) do
         def signed

data/spec/lib/jwt_keeper/token_spec.rb

@@ -3,7 +3,7 @@ require 'spec_helper'
 module JWTKeeper
   RSpec.describe Token do
     include_context 'initialize config'
-    let(:private_claims) { { claim: "Jet fuel can't melt steel beams" } }
+    let(:private_claims) { { claim: "The Earth is Flat" } }
     let(:token)          { described_class.create(private_claims) }
     let(:raw_token)      { token.to_jwt }
 
@@ -17,6 +17,13 @@ module JWTKeeper
         before { JWTKeeper.configure(JWTKeeper::Configuration.new(config.merge(cookie_lock: true))) }
         it { expect(subject.cookie_secret).not_to be_empty }
       end
+
+      context 'when overiding default claims' do
+        let(:private_claims) { { exp: 1.minute.from_now.to_i } }
+
+        it { is_expected.to be_instance_of described_class }
+        it { expect(subject.claims[:exp]).to eql private_claims[:exp] }
+      end
     end
 
     describe '.find' do
@@ -35,16 +42,23 @@ module JWTKeeper
         it { is_expected.to be nil }
       end
 
-      context 'with bad cookie' do
-        subject { described_class.find(raw_token, 'BAD_COOKIE') }
-        it { is_expected.to be nil }
-      end
-
-      context 'with valid cookie' do
+      context 'describe with cookie locking' do
         before { JWTKeeper.configure(JWTKeeper::Configuration.new(config.merge(cookie_lock: true))) }
-        subject { described_class.find(raw_token, token.cookie_secret) }
 
-        it { is_expected.to be_instance_of described_class }
+        context 'with no cookie' do
+          subject { described_class.find(raw_token, nil) }
+          it { is_expected.to be nil }
+        end
+
+        context 'with bad cookie' do
+          subject { described_class.find(raw_token, 'BAD_COOKIE') }
+          it { is_expected.to be nil }
+        end
+
+        context 'with valid cookie' do
+          subject { described_class.find(raw_token, token.cookie_secret) }
+          it { is_expected.to be_instance_of described_class }
+        end
       end
     end
 

data/spec/spec_helper.rb

@@ -1,15 +1,13 @@
+require 'pry'
 require 'dotenv'
 Dotenv.load
 
 require 'simplecov'
-require 'codeclimate-test-reporter'
-
-SimpleCov.formatter =
-  SimpleCov::Formatter::MultiFormatter.new([
-                                             SimpleCov::Formatter::HTMLFormatter,
-                                             CodeClimate::TestReporter::Formatter
-                                           ])
-SimpleCov.start
+
+SimpleCov.formatter = SimpleCov::Formatter::HTMLFormatter
+SimpleCov.start do
+  add_filter '/spec/'
+end
 
 require 'rails'
 require 'jwt_keeper'

metadata

@@ -1,15 +1,15 @@
 --- !ruby/object:Gem::Specification
 name: jwt_keeper
 version: !ruby/object:Gem::Version
-  version: 3.0.1
+  version: 4.0.1
 platform: ruby
 authors:
 - David Rivera
 - Zane Wolfgang Pickett
-autorequire: 
+autorequire:
 bindir: bin
 cert_chain: []
-date: 2016-04-27 00:00:00.000000000 Z
+date: 2021-02-27 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler
@@ -82,35 +82,35 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
-  name: rspec
+  name: pry
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '3.4'
+        version: '0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '3.4'
+        version: '0'
 - !ruby/object:Gem::Dependency
-  name: fuubar
+  name: rspec
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: '0'
+        version: '3.8'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: '0'
+        version: '3.8'
 - !ruby/object:Gem::Dependency
-  name: simplecov
+  name: fuubar
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
@@ -124,7 +124,7 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
-  name: codeclimate-test-reporter
+  name: simplecov
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
@@ -141,56 +141,56 @@ dependencies:
   name: redis
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '3.3'
+        version: '0'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '3.3'
+        version: '0'
 - !ruby/object:Gem::Dependency
   name: rails
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '4.2'
+        version: '0'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '4.2'
+        version: '0'
 - !ruby/object:Gem::Dependency
   name: activesupport
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '4.2'
+        version: '0'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '4.2'
+        version: '0'
 - !ruby/object:Gem::Dependency
   name: jwt
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
         version: '1.5'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
         version: '1.5'
 description: A managing interface layer for handling the creation and validation of
@@ -234,7 +234,7 @@ homepage: https://github.com/sirwolfgang/jwt_keeper
 licenses:
 - MIT
 metadata: {}
-post_install_message: 
+post_install_message:
 rdoc_options: []
 require_paths:
 - lib
@@ -249,9 +249,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubyforge_project: 
-rubygems_version: 2.5.1
-signing_key: 
+rubygems_version: 3.2.3
+signing_key:
 specification_version: 4
 summary: JWT for Rails made easy
 test_files:
@@ -261,4 +260,3 @@ test_files:
 - spec/lib/jwt_keeper/token_spec.rb
 - spec/lib/jwt_keeper_spec.rb
 - spec/spec_helper.rb
-has_rdoc: