jwt_keeper 3.0.1 → 3.1.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 3d622a17d010fc9b106c161c42b90a4b3f8f1c05
4
- data.tar.gz: 45467b7f357ad75e985b1b74297b5948cb2964d2
3
+ metadata.gz: 28d115e2b0772731d3b5fefce241da3f8be40c4a
4
+ data.tar.gz: 0507622c05cf4a5b93be4035b77a15424b89e4b1
5
5
  SHA512:
6
- metadata.gz: c87fbde489f9aace5c0bf65ae997b65d80b984bcd860986ed04bac9cece93b955b66bfa3bbca70dea29f1fb08dfb099cfdb1061f573e74cd63e66bf065eeaf7b
7
- data.tar.gz: c5c28a26779d3c539c8dc63f6e5ba4636b5d82c2016cd1c2d7aa81526a498fec23aac300d4157e7c79ff5da724fd548dfd731bf43739fd695d75e24c095d092f
6
+ metadata.gz: fd49463a7660666d28507b5b6ae9345cea21c7baec56fdc904d6f683ec8bbcafa354c29113b658798c1531129e34b12e419ff6b1324af9f83b60484341b30c9c
7
+ data.tar.gz: 61fcefd218432ca6e2de3e6b6bfde1a0bdda28a8414baefe63ce0ef6a03a1c20e444c9d79b3ad5e95d5e841530d2d1e701a33157d08c468e2dd6f94a6fce2caf
data/.travis.yml CHANGED
@@ -1,10 +1,8 @@
1
1
  language: ruby
2
2
  cache: bundler
3
3
  rvm:
4
- - 2.0
5
- - 2.1
6
- - 2.2
7
- - 2.3.0
4
+ - 2.2.5
5
+ - 2.3.1
8
6
  - ruby-head
9
7
  matrix:
10
8
  allow_failures:
data/README.md CHANGED
@@ -1,4 +1,5 @@
1
1
  # JWT Keeper
2
+ [![Gem Version](https://img.shields.io/gem/v/jwt_keeper.svg?maxAge=2592000)](https://rubygems.org/gems/jwt_keeper)
2
3
  [![Build Status](https://img.shields.io/travis/sirwolfgang/jwt_keeper/master.svg)](https://travis-ci.org/sirwolfgang/jwt_keeper)
3
4
  [![Dependency Status](https://img.shields.io/gemnasium/sirwolfgang/jwt_keeper.svg)](https://gemnasium.com/sirwolfgang/jwt_keeper)
4
5
  [![Code Climate](https://img.shields.io/codeclimate/github/sirwolfgang/jwt_keeper.svg)](https://codeclimate.com/github/sirwolfgang/jwt_keeper)
data/jwt_keeper.gemspec CHANGED
@@ -30,7 +30,7 @@ Gem::Specification.new do |spec|
30
30
  spec.add_development_dependency 'codeclimate-test-reporter'
31
31
 
32
32
  spec.add_dependency 'redis', '~> 3.3'
33
- spec.add_dependency 'rails', '~> 4.2'
34
- spec.add_dependency 'activesupport', '~> 4.2'
33
+ spec.add_dependency 'rails', '~> 5.0'
34
+ spec.add_dependency 'activesupport', '~> 5.0'
35
35
  spec.add_dependency 'jwt', '~> 1.5'
36
36
  end
@@ -2,11 +2,9 @@ module JWTKeeper
2
2
  module Controller
3
3
  extend ActiveSupport::Concern
4
4
 
5
- module ClassMethods
6
- end
7
-
8
5
  # Available to be used as a before_action by the application's controllers. This is
9
6
  # the main logical section for decoding, and automatically rotating tokens
7
+ # @return [void]
10
8
  def require_authentication
11
9
  token = read_authentication_token
12
10
 
@@ -25,6 +23,7 @@ module JWTKeeper
25
23
  end
26
24
 
27
25
  # Decodes and returns the token
26
+ # @return [Token] the token read from request
28
27
  def read_authentication_token
29
28
  return nil unless request.headers['Authorization']
30
29
  @authentication_token ||=
@@ -35,6 +34,8 @@ module JWTKeeper
35
34
  end
36
35
 
37
36
  # Encodes and writes the token
37
+ # @param token [Token] The token to be written
38
+ # @return [Token] the token written to response
38
39
  def write_authentication_token(token)
39
40
  return clear_authentication_token if token.nil?
40
41
  response.headers['Authorization'] = "Bearer #{token.to_jwt}"
@@ -43,6 +44,7 @@ module JWTKeeper
43
44
  end
44
45
 
45
46
  # delets the authentication token
47
+ # @return [void]
46
48
  def clear_authentication_token
47
49
  response.headers['Authorization'] = nil
48
50
  cookies.delete('jwt_keeper')
@@ -51,18 +53,21 @@ module JWTKeeper
51
53
 
52
54
  # The default action for denying non-authenticated connections.
53
55
  # You can override this method in your controllers
56
+ # @return [void]
54
57
  def not_authenticated
55
58
  redirect_to root_path
56
59
  end
57
60
 
58
61
  # The default action for accepting authenticated connections.
59
62
  # You can override this method in your controllers
63
+ # @return [void]
60
64
  def authenticated(token)
61
65
  end
62
66
 
63
67
  # Invoked by the require_authentication method as part of the automatic rotation
64
68
  # process. The application should override this method to include the necessary
65
69
  # claims.
70
+ # @return [void]
66
71
  def regenerate_claims(old_token)
67
72
  end
68
73
  end
@@ -2,8 +2,7 @@ require 'jwt_keeper'
2
2
  require 'rails'
3
3
 
4
4
  module JWTKeeper
5
- # The Sorcery engine takes care of extending ActiveRecord (if used) and ActionController,
6
- # With the plugin logic.
5
+ # Includes JWTKeeper into ActionController
7
6
  class Engine < ::Rails::Engine
8
7
  initializer 'extend Controller with jwt_keeper' do |_app|
9
8
  ActionController::Base.send(:include, JWTKeeper::Controller)
@@ -1,9 +1,13 @@
1
1
  module JWTKeeper
2
+ # This class acts as the main interface to wrap the concerns of JWTs. Handling everything from
3
+ # encoding to invalidation.
2
4
  class Token
3
5
  attr_accessor :claims, :cookie_secret
4
6
 
5
7
  # Initalizes a new web token
6
8
  # @param private_claims [Hash] the custom claims to encode
9
+ # @param cookie_secret [String] the cookie secret to use during encoding
10
+ # @return [void]
7
11
  def initialize(private_claims = {}, cookie_secret = nil)
8
12
  @cookie_secret = cookie_secret
9
13
  @claims = {
@@ -25,6 +29,7 @@ module JWTKeeper
25
29
 
26
30
  # Decodes and validates an existing token
27
31
  # @param raw_token [String] the raw token
32
+ # @param cookie_secret [String] the cookie secret
28
33
  # @return [Token] token object
29
34
  def self.find(raw_token, cookie_secret = nil)
30
35
  claims = decode(raw_token, cookie_secret)
@@ -39,12 +44,14 @@ module JWTKeeper
39
44
  # is inherently ignored by the token's exp check and then rewritten with the revokation on
40
45
  # rotate.
41
46
  # @param token_jti [String] the token unique id
47
+ # @return [void]
42
48
  def self.rotate(token_jti)
43
49
  Datastore.rotate(token_jti, JWTKeeper.configuration.expiry.from_now.to_i)
44
50
  end
45
51
 
46
52
  # Revokes a web token
47
53
  # @param token_jti [String] the token unique id
54
+ # @return [void]
48
55
  def self.revoke(token_jti)
49
56
  Datastore.revoke(token_jti, JWTKeeper.configuration.expiry.from_now.to_i)
50
57
  end
@@ -57,7 +64,7 @@ module JWTKeeper
57
64
 
58
65
  # Revokes and creates a new web token
59
66
  # @param new_claims [Hash] Used to override and update claims during rotation
60
- # @return [String] new token
67
+ # @return [Token]
61
68
  def rotate(new_claims = nil)
62
69
  revoke
63
70
 
@@ -70,6 +77,7 @@ module JWTKeeper
70
77
  end
71
78
 
72
79
  # Revokes a web token
80
+ # @return [void]
73
81
  def revoke
74
82
  return if invalid?
75
83
  Datastore.revoke(id, claims[:exp] - DateTime.now.to_i)
@@ -106,14 +114,14 @@ module JWTKeeper
106
114
  end
107
115
 
108
116
  # Encodes the jwt
109
- # @return [String]
117
+ # @return [String] the encoded jwt
110
118
  def to_jwt
111
119
  encode
112
120
  end
113
121
  alias to_s to_jwt
114
122
 
115
123
  # Encodes the cookie
116
- # @return [Hash]
124
+ # @return [Hash] the cookie options
117
125
  def to_cookie
118
126
  {
119
127
  value: cookie_secret,
@@ -1,4 +1,4 @@
1
1
  # Gem Version
2
2
  module JWTKeeper
3
- VERSION = '3.0.1'.freeze
3
+ VERSION = '3.1.0'.freeze
4
4
  end
@@ -17,6 +17,13 @@ module JWTKeeper
17
17
  before { JWTKeeper.configure(JWTKeeper::Configuration.new(config.merge(cookie_lock: true))) }
18
18
  it { expect(subject.cookie_secret).not_to be_empty }
19
19
  end
20
+
21
+ context 'when overiding default claims' do
22
+ let(:private_claims) { { exp: 1.minute.from_now.to_i } }
23
+
24
+ it { is_expected.to be_instance_of described_class }
25
+ it { expect(subject.claims[:exp]).to eql private_claims[:exp] }
26
+ end
20
27
  end
21
28
 
22
29
  describe '.find' do
data/spec/spec_helper.rb CHANGED
@@ -9,7 +9,9 @@ SimpleCov.formatter =
9
9
  SimpleCov::Formatter::HTMLFormatter,
10
10
  CodeClimate::TestReporter::Formatter
11
11
  ])
12
- SimpleCov.start
12
+ SimpleCov.start do
13
+ add_filter '/spec/'
14
+ end
13
15
 
14
16
  require 'rails'
15
17
  require 'jwt_keeper'
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: jwt_keeper
3
3
  version: !ruby/object:Gem::Version
4
- version: 3.0.1
4
+ version: 3.1.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - David Rivera
@@ -9,7 +9,7 @@ authors:
9
9
  autorequire:
10
10
  bindir: bin
11
11
  cert_chain: []
12
- date: 2016-04-27 00:00:00.000000000 Z
12
+ date: 2016-07-01 00:00:00.000000000 Z
13
13
  dependencies:
14
14
  - !ruby/object:Gem::Dependency
15
15
  name: bundler
@@ -157,28 +157,28 @@ dependencies:
157
157
  requirements:
158
158
  - - "~>"
159
159
  - !ruby/object:Gem::Version
160
- version: '4.2'
160
+ version: '5.0'
161
161
  type: :runtime
162
162
  prerelease: false
163
163
  version_requirements: !ruby/object:Gem::Requirement
164
164
  requirements:
165
165
  - - "~>"
166
166
  - !ruby/object:Gem::Version
167
- version: '4.2'
167
+ version: '5.0'
168
168
  - !ruby/object:Gem::Dependency
169
169
  name: activesupport
170
170
  requirement: !ruby/object:Gem::Requirement
171
171
  requirements:
172
172
  - - "~>"
173
173
  - !ruby/object:Gem::Version
174
- version: '4.2'
174
+ version: '5.0'
175
175
  type: :runtime
176
176
  prerelease: false
177
177
  version_requirements: !ruby/object:Gem::Requirement
178
178
  requirements:
179
179
  - - "~>"
180
180
  - !ruby/object:Gem::Version
181
- version: '4.2'
181
+ version: '5.0'
182
182
  - !ruby/object:Gem::Dependency
183
183
  name: jwt
184
184
  requirement: !ruby/object:Gem::Requirement