jwt_keeper 3.0.1 → 3.1.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/.travis.yml +2 -4
- data/README.md +1 -0
- data/jwt_keeper.gemspec +2 -2
- data/lib/jwt_keeper/controller.rb +8 -3
- data/lib/jwt_keeper/engine.rb +1 -2
- data/lib/jwt_keeper/token.rb +11 -3
- data/lib/jwt_keeper/version.rb +1 -1
- data/spec/lib/jwt_keeper/token_spec.rb +7 -0
- data/spec/spec_helper.rb +3 -1
- metadata +6 -6
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 28d115e2b0772731d3b5fefce241da3f8be40c4a
|
|
4
|
+
data.tar.gz: 0507622c05cf4a5b93be4035b77a15424b89e4b1
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: fd49463a7660666d28507b5b6ae9345cea21c7baec56fdc904d6f683ec8bbcafa354c29113b658798c1531129e34b12e419ff6b1324af9f83b60484341b30c9c
|
|
7
|
+
data.tar.gz: 61fcefd218432ca6e2de3e6b6bfde1a0bdda28a8414baefe63ce0ef6a03a1c20e444c9d79b3ad5e95d5e841530d2d1e701a33157d08c468e2dd6f94a6fce2caf
|
data/.travis.yml
CHANGED
data/README.md
CHANGED
|
@@ -1,4 +1,5 @@
|
|
|
1
1
|
# JWT Keeper
|
|
2
|
+
[](https://rubygems.org/gems/jwt_keeper)
|
|
2
3
|
[](https://travis-ci.org/sirwolfgang/jwt_keeper)
|
|
3
4
|
[](https://gemnasium.com/sirwolfgang/jwt_keeper)
|
|
4
5
|
[](https://codeclimate.com/github/sirwolfgang/jwt_keeper)
|
data/jwt_keeper.gemspec
CHANGED
|
@@ -30,7 +30,7 @@ Gem::Specification.new do |spec|
|
|
|
30
30
|
spec.add_development_dependency 'codeclimate-test-reporter'
|
|
31
31
|
|
|
32
32
|
spec.add_dependency 'redis', '~> 3.3'
|
|
33
|
-
spec.add_dependency 'rails', '~>
|
|
34
|
-
spec.add_dependency 'activesupport', '~>
|
|
33
|
+
spec.add_dependency 'rails', '~> 5.0'
|
|
34
|
+
spec.add_dependency 'activesupport', '~> 5.0'
|
|
35
35
|
spec.add_dependency 'jwt', '~> 1.5'
|
|
36
36
|
end
|
|
@@ -2,11 +2,9 @@ module JWTKeeper
|
|
|
2
2
|
module Controller
|
|
3
3
|
extend ActiveSupport::Concern
|
|
4
4
|
|
|
5
|
-
module ClassMethods
|
|
6
|
-
end
|
|
7
|
-
|
|
8
5
|
# Available to be used as a before_action by the application's controllers. This is
|
|
9
6
|
# the main logical section for decoding, and automatically rotating tokens
|
|
7
|
+
# @return [void]
|
|
10
8
|
def require_authentication
|
|
11
9
|
token = read_authentication_token
|
|
12
10
|
|
|
@@ -25,6 +23,7 @@ module JWTKeeper
|
|
|
25
23
|
end
|
|
26
24
|
|
|
27
25
|
# Decodes and returns the token
|
|
26
|
+
# @return [Token] the token read from request
|
|
28
27
|
def read_authentication_token
|
|
29
28
|
return nil unless request.headers['Authorization']
|
|
30
29
|
@authentication_token ||=
|
|
@@ -35,6 +34,8 @@ module JWTKeeper
|
|
|
35
34
|
end
|
|
36
35
|
|
|
37
36
|
# Encodes and writes the token
|
|
37
|
+
# @param token [Token] The token to be written
|
|
38
|
+
# @return [Token] the token written to response
|
|
38
39
|
def write_authentication_token(token)
|
|
39
40
|
return clear_authentication_token if token.nil?
|
|
40
41
|
response.headers['Authorization'] = "Bearer #{token.to_jwt}"
|
|
@@ -43,6 +44,7 @@ module JWTKeeper
|
|
|
43
44
|
end
|
|
44
45
|
|
|
45
46
|
# delets the authentication token
|
|
47
|
+
# @return [void]
|
|
46
48
|
def clear_authentication_token
|
|
47
49
|
response.headers['Authorization'] = nil
|
|
48
50
|
cookies.delete('jwt_keeper')
|
|
@@ -51,18 +53,21 @@ module JWTKeeper
|
|
|
51
53
|
|
|
52
54
|
# The default action for denying non-authenticated connections.
|
|
53
55
|
# You can override this method in your controllers
|
|
56
|
+
# @return [void]
|
|
54
57
|
def not_authenticated
|
|
55
58
|
redirect_to root_path
|
|
56
59
|
end
|
|
57
60
|
|
|
58
61
|
# The default action for accepting authenticated connections.
|
|
59
62
|
# You can override this method in your controllers
|
|
63
|
+
# @return [void]
|
|
60
64
|
def authenticated(token)
|
|
61
65
|
end
|
|
62
66
|
|
|
63
67
|
# Invoked by the require_authentication method as part of the automatic rotation
|
|
64
68
|
# process. The application should override this method to include the necessary
|
|
65
69
|
# claims.
|
|
70
|
+
# @return [void]
|
|
66
71
|
def regenerate_claims(old_token)
|
|
67
72
|
end
|
|
68
73
|
end
|
data/lib/jwt_keeper/engine.rb
CHANGED
|
@@ -2,8 +2,7 @@ require 'jwt_keeper'
|
|
|
2
2
|
require 'rails'
|
|
3
3
|
|
|
4
4
|
module JWTKeeper
|
|
5
|
-
#
|
|
6
|
-
# With the plugin logic.
|
|
5
|
+
# Includes JWTKeeper into ActionController
|
|
7
6
|
class Engine < ::Rails::Engine
|
|
8
7
|
initializer 'extend Controller with jwt_keeper' do |_app|
|
|
9
8
|
ActionController::Base.send(:include, JWTKeeper::Controller)
|
data/lib/jwt_keeper/token.rb
CHANGED
|
@@ -1,9 +1,13 @@
|
|
|
1
1
|
module JWTKeeper
|
|
2
|
+
# This class acts as the main interface to wrap the concerns of JWTs. Handling everything from
|
|
3
|
+
# encoding to invalidation.
|
|
2
4
|
class Token
|
|
3
5
|
attr_accessor :claims, :cookie_secret
|
|
4
6
|
|
|
5
7
|
# Initalizes a new web token
|
|
6
8
|
# @param private_claims [Hash] the custom claims to encode
|
|
9
|
+
# @param cookie_secret [String] the cookie secret to use during encoding
|
|
10
|
+
# @return [void]
|
|
7
11
|
def initialize(private_claims = {}, cookie_secret = nil)
|
|
8
12
|
@cookie_secret = cookie_secret
|
|
9
13
|
@claims = {
|
|
@@ -25,6 +29,7 @@ module JWTKeeper
|
|
|
25
29
|
|
|
26
30
|
# Decodes and validates an existing token
|
|
27
31
|
# @param raw_token [String] the raw token
|
|
32
|
+
# @param cookie_secret [String] the cookie secret
|
|
28
33
|
# @return [Token] token object
|
|
29
34
|
def self.find(raw_token, cookie_secret = nil)
|
|
30
35
|
claims = decode(raw_token, cookie_secret)
|
|
@@ -39,12 +44,14 @@ module JWTKeeper
|
|
|
39
44
|
# is inherently ignored by the token's exp check and then rewritten with the revokation on
|
|
40
45
|
# rotate.
|
|
41
46
|
# @param token_jti [String] the token unique id
|
|
47
|
+
# @return [void]
|
|
42
48
|
def self.rotate(token_jti)
|
|
43
49
|
Datastore.rotate(token_jti, JWTKeeper.configuration.expiry.from_now.to_i)
|
|
44
50
|
end
|
|
45
51
|
|
|
46
52
|
# Revokes a web token
|
|
47
53
|
# @param token_jti [String] the token unique id
|
|
54
|
+
# @return [void]
|
|
48
55
|
def self.revoke(token_jti)
|
|
49
56
|
Datastore.revoke(token_jti, JWTKeeper.configuration.expiry.from_now.to_i)
|
|
50
57
|
end
|
|
@@ -57,7 +64,7 @@ module JWTKeeper
|
|
|
57
64
|
|
|
58
65
|
# Revokes and creates a new web token
|
|
59
66
|
# @param new_claims [Hash] Used to override and update claims during rotation
|
|
60
|
-
# @return [
|
|
67
|
+
# @return [Token]
|
|
61
68
|
def rotate(new_claims = nil)
|
|
62
69
|
revoke
|
|
63
70
|
|
|
@@ -70,6 +77,7 @@ module JWTKeeper
|
|
|
70
77
|
end
|
|
71
78
|
|
|
72
79
|
# Revokes a web token
|
|
80
|
+
# @return [void]
|
|
73
81
|
def revoke
|
|
74
82
|
return if invalid?
|
|
75
83
|
Datastore.revoke(id, claims[:exp] - DateTime.now.to_i)
|
|
@@ -106,14 +114,14 @@ module JWTKeeper
|
|
|
106
114
|
end
|
|
107
115
|
|
|
108
116
|
# Encodes the jwt
|
|
109
|
-
# @return [String]
|
|
117
|
+
# @return [String] the encoded jwt
|
|
110
118
|
def to_jwt
|
|
111
119
|
encode
|
|
112
120
|
end
|
|
113
121
|
alias to_s to_jwt
|
|
114
122
|
|
|
115
123
|
# Encodes the cookie
|
|
116
|
-
# @return [Hash]
|
|
124
|
+
# @return [Hash] the cookie options
|
|
117
125
|
def to_cookie
|
|
118
126
|
{
|
|
119
127
|
value: cookie_secret,
|
data/lib/jwt_keeper/version.rb
CHANGED
|
@@ -17,6 +17,13 @@ module JWTKeeper
|
|
|
17
17
|
before { JWTKeeper.configure(JWTKeeper::Configuration.new(config.merge(cookie_lock: true))) }
|
|
18
18
|
it { expect(subject.cookie_secret).not_to be_empty }
|
|
19
19
|
end
|
|
20
|
+
|
|
21
|
+
context 'when overiding default claims' do
|
|
22
|
+
let(:private_claims) { { exp: 1.minute.from_now.to_i } }
|
|
23
|
+
|
|
24
|
+
it { is_expected.to be_instance_of described_class }
|
|
25
|
+
it { expect(subject.claims[:exp]).to eql private_claims[:exp] }
|
|
26
|
+
end
|
|
20
27
|
end
|
|
21
28
|
|
|
22
29
|
describe '.find' do
|
data/spec/spec_helper.rb
CHANGED
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: jwt_keeper
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 3.0
|
|
4
|
+
version: 3.1.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- David Rivera
|
|
@@ -9,7 +9,7 @@ authors:
|
|
|
9
9
|
autorequire:
|
|
10
10
|
bindir: bin
|
|
11
11
|
cert_chain: []
|
|
12
|
-
date: 2016-
|
|
12
|
+
date: 2016-07-01 00:00:00.000000000 Z
|
|
13
13
|
dependencies:
|
|
14
14
|
- !ruby/object:Gem::Dependency
|
|
15
15
|
name: bundler
|
|
@@ -157,28 +157,28 @@ dependencies:
|
|
|
157
157
|
requirements:
|
|
158
158
|
- - "~>"
|
|
159
159
|
- !ruby/object:Gem::Version
|
|
160
|
-
version: '
|
|
160
|
+
version: '5.0'
|
|
161
161
|
type: :runtime
|
|
162
162
|
prerelease: false
|
|
163
163
|
version_requirements: !ruby/object:Gem::Requirement
|
|
164
164
|
requirements:
|
|
165
165
|
- - "~>"
|
|
166
166
|
- !ruby/object:Gem::Version
|
|
167
|
-
version: '
|
|
167
|
+
version: '5.0'
|
|
168
168
|
- !ruby/object:Gem::Dependency
|
|
169
169
|
name: activesupport
|
|
170
170
|
requirement: !ruby/object:Gem::Requirement
|
|
171
171
|
requirements:
|
|
172
172
|
- - "~>"
|
|
173
173
|
- !ruby/object:Gem::Version
|
|
174
|
-
version: '
|
|
174
|
+
version: '5.0'
|
|
175
175
|
type: :runtime
|
|
176
176
|
prerelease: false
|
|
177
177
|
version_requirements: !ruby/object:Gem::Requirement
|
|
178
178
|
requirements:
|
|
179
179
|
- - "~>"
|
|
180
180
|
- !ruby/object:Gem::Version
|
|
181
|
-
version: '
|
|
181
|
+
version: '5.0'
|
|
182
182
|
- !ruby/object:Gem::Dependency
|
|
183
183
|
name: jwt
|
|
184
184
|
requirement: !ruby/object:Gem::Requirement
|