jwt_keeper 6.0.0 → 6.1.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/jwt_keeper.gemspec +2 -1
- data/lib/generators/templates/jwt_keeper.rb +2 -4
- data/lib/jwt_keeper/datastore.rb +26 -13
- data/lib/jwt_keeper/version.rb +1 -1
- data/spec/lib/jwt_keeper/datastore_spec.rb +78 -41
- data/spec/spec_helper.rb +3 -1
- metadata +18 -4
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: d6ad212dc01831b9bae31adab98ba2edbe1fd803923e32eb9817e2b96515c706
|
4
|
+
data.tar.gz: c6ef8deb150ffeed569d4da108ac745a907c8bfc065c5564cd49b6aff978f00e
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 87f73d56ceb956a78337d4df685ac8fb86b6eda03046ba137f92f689eb10b5485103f9ea003ccdb7643149b4e74722d674571ec698e8eed40eb0a2d3b1b2feb2
|
7
|
+
data.tar.gz: 7695c3ce514f9e150d492766b90e7b76e04cb5c496e422aa265d6f255a311e72d986319f169fc0bb5919a42fbe4cb364da700bfeb42fb947bfdb9a6841c5c280
|
data/jwt_keeper.gemspec
CHANGED
@@ -28,8 +28,9 @@ Gem::Specification.new do |spec|
|
|
28
28
|
spec.add_development_dependency 'rspec', '~> 3.8'
|
29
29
|
spec.add_development_dependency 'fuubar'
|
30
30
|
spec.add_development_dependency 'simplecov'
|
31
|
+
spec.add_development_dependency 'redis-client'
|
32
|
+
spec.add_development_dependency 'redis'
|
31
33
|
|
32
|
-
spec.add_dependency 'redis'
|
33
34
|
spec.add_dependency 'rails'
|
34
35
|
spec.add_dependency 'activesupport'
|
35
36
|
spec.add_dependency 'jwt', '>= 1.5'
|
@@ -27,10 +27,8 @@ JWTKeeper.configure do |config|
|
|
27
27
|
# config.audience = 'example.com'
|
28
28
|
|
29
29
|
# the location of redis config file
|
30
|
-
# config.redis_connection =
|
31
|
-
# config.redis_connection =
|
32
|
-
# Redis.new(url: ENV['REDISCLOUD_URL'] || 'redis://localhost:6379/')
|
33
|
-
# end
|
30
|
+
# config.redis_connection = RedisClient.new(connection_options)
|
31
|
+
# config.redis_connection = RedisClient.config(connection_options).new_pool(size: ENV.fetch('RAILS_MAX_THREADS', 5))
|
34
32
|
|
35
33
|
# A unique idenfitier for the token version.
|
36
34
|
# config.version = 1
|
data/lib/jwt_keeper/datastore.rb
CHANGED
@@ -27,27 +27,40 @@ module JWTKeeper
|
|
27
27
|
|
28
28
|
# @!visibility private
|
29
29
|
def set_with_expiry(jti, seconds, type)
|
30
|
-
|
31
|
-
|
32
|
-
|
33
|
-
redis.setex
|
34
|
-
|
35
|
-
|
36
|
-
|
37
|
-
|
30
|
+
with_redis do |redis|
|
31
|
+
if redis.respond_to?(:call) # For RedisClient
|
32
|
+
redis.call('SETEX', jti, seconds, type)
|
33
|
+
elsif redis.respond_to?(:setex) # For Redis
|
34
|
+
redis.setex(jti, seconds, type)
|
35
|
+
else
|
36
|
+
throw 'Bad Redis Connection'
|
37
|
+
end
|
38
38
|
end
|
39
39
|
end
|
40
40
|
|
41
41
|
# @!visibility private
|
42
42
|
def get(jti)
|
43
|
+
with_redis do |redis|
|
44
|
+
if redis.respond_to?(:call) # For RedisClient
|
45
|
+
redis.call('GET', jti)
|
46
|
+
elsif redis.respond_to?(:get) # For Redis
|
47
|
+
redis.get(jti)
|
48
|
+
else
|
49
|
+
throw 'Bad Redis Connection'
|
50
|
+
end
|
51
|
+
end
|
52
|
+
end
|
53
|
+
|
54
|
+
# @!visibility private
|
55
|
+
def with_redis
|
43
56
|
redis = JWTKeeper.configuration.redis_connection
|
44
57
|
|
45
|
-
if redis.
|
46
|
-
redis.
|
47
|
-
|
48
|
-
|
58
|
+
if redis.respond_to?(:with)
|
59
|
+
redis.with do |conn|
|
60
|
+
yield conn
|
61
|
+
end
|
49
62
|
else
|
50
|
-
|
63
|
+
yield(redis)
|
51
64
|
end
|
52
65
|
end
|
53
66
|
end
|
data/lib/jwt_keeper/version.rb
CHANGED
@@ -1,70 +1,107 @@
|
|
1
1
|
RSpec.describe JWTKeeper::Datastore do
|
2
|
-
include_context 'initialize config'
|
3
2
|
let(:jti) { SecureRandom.uuid }
|
4
3
|
|
5
|
-
|
6
|
-
|
4
|
+
shared_examples 'Datastore Specs' do
|
5
|
+
describe '.rotate' do
|
6
|
+
before { described_class.rotate(jti, 30) }
|
7
7
|
|
8
|
-
|
9
|
-
|
8
|
+
it 'stores a token_id with a soft expiry' do
|
9
|
+
expect(described_class.send(:get, jti)).to eq 'soft'
|
10
|
+
end
|
10
11
|
end
|
11
|
-
end
|
12
12
|
|
13
|
-
|
14
|
-
|
15
|
-
|
16
|
-
|
13
|
+
describe '.pending?' do
|
14
|
+
context 'with a missing token' do
|
15
|
+
it 'returns false' do
|
16
|
+
expect(described_class.pending?(jti)).to be false
|
17
|
+
end
|
17
18
|
end
|
18
|
-
end
|
19
19
|
|
20
|
-
|
21
|
-
|
20
|
+
context 'with a revoked token' do
|
21
|
+
before { described_class.revoke(jti, 30) }
|
22
22
|
|
23
|
-
|
24
|
-
|
23
|
+
it 'returns false' do
|
24
|
+
expect(described_class.pending?(jti)).to be false
|
25
|
+
end
|
25
26
|
end
|
26
|
-
end
|
27
27
|
|
28
|
-
|
29
|
-
|
28
|
+
context 'with a pending token' do
|
29
|
+
before { described_class.rotate(jti, 30) }
|
30
30
|
|
31
|
-
|
32
|
-
|
31
|
+
it 'returns true' do
|
32
|
+
expect(described_class.pending?(jti)).to be true
|
33
|
+
end
|
33
34
|
end
|
34
35
|
end
|
35
|
-
end
|
36
36
|
|
37
|
-
|
38
|
-
|
39
|
-
|
40
|
-
|
37
|
+
describe '.revoke' do
|
38
|
+
before do
|
39
|
+
described_class.revoke(jti, 30)
|
40
|
+
end
|
41
41
|
|
42
|
-
|
43
|
-
|
42
|
+
it 'stores a token_id with a hard expiry' do
|
43
|
+
expect(described_class.send(:get, jti)).to eq 'hard'
|
44
|
+
end
|
44
45
|
end
|
45
|
-
end
|
46
46
|
|
47
|
-
|
48
|
-
|
49
|
-
|
50
|
-
|
47
|
+
describe '.revoked?' do
|
48
|
+
context 'with a missing token' do
|
49
|
+
it 'returns false' do
|
50
|
+
expect(described_class.revoked?(jti)).to be false
|
51
|
+
end
|
52
|
+
end
|
53
|
+
|
54
|
+
context 'with a revoked token' do
|
55
|
+
before { described_class.revoke(jti, 30) }
|
56
|
+
|
57
|
+
it 'returns true' do
|
58
|
+
expect(described_class.revoked?(jti)).to be true
|
59
|
+
end
|
51
60
|
end
|
52
|
-
end
|
53
61
|
|
54
|
-
|
55
|
-
|
62
|
+
context 'with a pending token' do
|
63
|
+
before { described_class.rotate(jti, 30) }
|
56
64
|
|
57
|
-
|
58
|
-
|
65
|
+
it 'returns false' do
|
66
|
+
expect(described_class.revoked?(jti)).to be false
|
67
|
+
end
|
59
68
|
end
|
60
69
|
end
|
70
|
+
end
|
61
71
|
|
62
|
-
|
63
|
-
|
72
|
+
context 'with Redis' do
|
73
|
+
include_context 'initialize config'
|
74
|
+
|
75
|
+
let(:redis_connection) { Redis.new(url: ENV['REDIS_URL']) }
|
76
|
+
|
77
|
+
include_examples 'Datastore Specs'
|
78
|
+
end
|
79
|
+
|
80
|
+
context 'with Redis Connection Pool' do
|
81
|
+
include_context 'initialize config'
|
64
82
|
|
65
|
-
|
66
|
-
|
83
|
+
let(:redis_connection) do
|
84
|
+
ConnectionPool.new(size: ENV.fetch('RAILS_MAX_THREADS', 5)) do
|
85
|
+
Redis.new(url: ENV['REDISCLOUD_URL'] || 'redis://localhost:6379/')
|
67
86
|
end
|
68
87
|
end
|
88
|
+
|
89
|
+
include_examples 'Datastore Specs'
|
90
|
+
end
|
91
|
+
|
92
|
+
context 'with RedisClient' do
|
93
|
+
include_context 'initialize config'
|
94
|
+
|
95
|
+
let(:redis_connection) { RedisClient.new(url: ENV['REDIS_URL']) }
|
96
|
+
|
97
|
+
include_examples 'Datastore Specs'
|
98
|
+
end
|
99
|
+
|
100
|
+
context 'with RedisClient Pool' do
|
101
|
+
include_context 'initialize config'
|
102
|
+
|
103
|
+
let(:redis_connection) { RedisClient.config(url: ENV['REDIS_URL']).new_pool(size: ENV.fetch('RAILS_MAX_THREADS', 5)) }
|
104
|
+
|
105
|
+
include_examples 'Datastore Specs'
|
69
106
|
end
|
70
107
|
end
|
data/spec/spec_helper.rb
CHANGED
@@ -39,6 +39,7 @@ RSpec.configure do |config|
|
|
39
39
|
end
|
40
40
|
|
41
41
|
RSpec.shared_context 'initialize config' do
|
42
|
+
let(:redis_connection) { RedisClient.new(url: ENV['REDIS_URL']) }
|
42
43
|
let(:config) do
|
43
44
|
{
|
44
45
|
algorithm: 'HS256',
|
@@ -46,12 +47,13 @@ RSpec.shared_context 'initialize config' do
|
|
46
47
|
expiry: 24.hours,
|
47
48
|
issuer: 'api.example.com',
|
48
49
|
audience: 'example.com',
|
49
|
-
redis_connection:
|
50
|
+
redis_connection: redis_connection,
|
50
51
|
version: nil,
|
51
52
|
cookie_lock: false
|
52
53
|
}
|
53
54
|
end
|
54
55
|
|
56
|
+
|
55
57
|
before(:each) do
|
56
58
|
JWTKeeper.configure(JWTKeeper::Configuration.new(config))
|
57
59
|
end
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: jwt_keeper
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 6.
|
4
|
+
version: 6.1.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- David Rivera
|
@@ -9,7 +9,7 @@ authors:
|
|
9
9
|
autorequire:
|
10
10
|
bindir: bin
|
11
11
|
cert_chain: []
|
12
|
-
date:
|
12
|
+
date: 2023-02-09 00:00:00.000000000 Z
|
13
13
|
dependencies:
|
14
14
|
- !ruby/object:Gem::Dependency
|
15
15
|
name: bundler
|
@@ -137,6 +137,20 @@ dependencies:
|
|
137
137
|
- - ">="
|
138
138
|
- !ruby/object:Gem::Version
|
139
139
|
version: '0'
|
140
|
+
- !ruby/object:Gem::Dependency
|
141
|
+
name: redis-client
|
142
|
+
requirement: !ruby/object:Gem::Requirement
|
143
|
+
requirements:
|
144
|
+
- - ">="
|
145
|
+
- !ruby/object:Gem::Version
|
146
|
+
version: '0'
|
147
|
+
type: :development
|
148
|
+
prerelease: false
|
149
|
+
version_requirements: !ruby/object:Gem::Requirement
|
150
|
+
requirements:
|
151
|
+
- - ">="
|
152
|
+
- !ruby/object:Gem::Version
|
153
|
+
version: '0'
|
140
154
|
- !ruby/object:Gem::Dependency
|
141
155
|
name: redis
|
142
156
|
requirement: !ruby/object:Gem::Requirement
|
@@ -144,7 +158,7 @@ dependencies:
|
|
144
158
|
- - ">="
|
145
159
|
- !ruby/object:Gem::Version
|
146
160
|
version: '0'
|
147
|
-
type: :
|
161
|
+
type: :development
|
148
162
|
prerelease: false
|
149
163
|
version_requirements: !ruby/object:Gem::Requirement
|
150
164
|
requirements:
|
@@ -249,7 +263,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
249
263
|
- !ruby/object:Gem::Version
|
250
264
|
version: '0'
|
251
265
|
requirements: []
|
252
|
-
rubygems_version: 3.
|
266
|
+
rubygems_version: 3.4.1
|
253
267
|
signing_key:
|
254
268
|
specification_version: 4
|
255
269
|
summary: JWT for Rails made easy
|