jwt_sessions 2.3.0 → 2.3.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -1,7 +1,7 @@
1
1
  # frozen_string_literal: true
2
2
 
3
- require 'minitest/autorun'
4
- require 'jwt_sessions'
3
+ require "minitest/autorun"
4
+ require "jwt_sessions"
5
5
 
6
6
  class TestMemoryStoreAdapter < Minitest::Test
7
7
  attr_reader :store
@@ -12,105 +12,105 @@ class TestMemoryStoreAdapter < Minitest::Test
12
12
 
13
13
  def test_error_on_unknown_option
14
14
  assert_raises ArgumentError do
15
- JWTSessions::StoreAdapters::MemoryStoreAdapter.new(something: 'something')
15
+ JWTSessions::StoreAdapters::MemoryStoreAdapter.new(something: "something")
16
16
  end
17
17
  end
18
18
 
19
19
  def test_persist_and_fetch_access
20
- store.persist_access('uid', 'csrf', Time.now.to_i + 3600)
21
- assert_equal({ csrf: 'csrf' }, store.fetch_access('uid'))
20
+ store.persist_access("uid", "csrf", Time.now.to_i + 3600)
21
+ assert_equal({ csrf: "csrf" }, store.fetch_access("uid"))
22
22
 
23
- store.persist_access('uid', 'csrf', Time.now.to_i - 3600)
24
- assert_equal({}, store.fetch_access('uid'))
23
+ store.persist_access("uid", "csrf", Time.now.to_i - 3600)
24
+ assert_equal({}, store.fetch_access("uid"))
25
25
  end
26
26
 
27
27
  def test_persist_and_fetch_refresh
28
28
  expiration = Time.now.to_i + 3600
29
29
  store.persist_refresh(
30
- uid: 'uid',
30
+ uid: "uid",
31
31
  access_expiration: expiration,
32
- access_uid: 'access_uid',
33
- csrf: 'csrf',
32
+ access_uid: "access_uid",
33
+ csrf: "csrf",
34
34
  expiration: expiration,
35
- namespace: ''
35
+ namespace: ""
36
36
  )
37
- refresh = store.fetch_refresh('uid', '')
38
- assert_equal 'csrf', refresh[:csrf]
37
+ refresh = store.fetch_refresh("uid", "")
38
+ assert_equal "csrf", refresh[:csrf]
39
39
 
40
40
  expiration = Time.now.to_i - 3600
41
41
  store.persist_refresh(
42
- uid: 'uid',
42
+ uid: "uid",
43
43
  access_expiration: expiration,
44
- access_uid: 'access_uid',
45
- csrf: 'csrf',
44
+ access_uid: "access_uid",
45
+ csrf: "csrf",
46
46
  expiration: expiration,
47
- namespace: ''
47
+ namespace: ""
48
48
  )
49
- refresh = store.fetch_refresh('uid', '')
49
+ refresh = store.fetch_refresh("uid", "")
50
50
  assert_nil refresh[:csrf]
51
51
  end
52
52
 
53
53
  def test_update_refresh
54
54
  expiration = Time.now.to_i + 3600
55
55
  store.persist_refresh(
56
- uid: 'uid',
56
+ uid: "uid",
57
57
  access_expiration: expiration,
58
- access_uid: 'access_uid',
59
- csrf: 'csrf',
58
+ access_uid: "access_uid",
59
+ csrf: "csrf",
60
60
  expiration: expiration,
61
- namespace: ''
61
+ namespace: ""
62
62
  )
63
63
  store.update_refresh(
64
- uid: 'uid',
64
+ uid: "uid",
65
65
  access_expiration: expiration,
66
- access_uid: 'access_uid',
67
- csrf: 'csrf2',
68
- namespace: ''
66
+ access_uid: "access_uid",
67
+ csrf: "csrf2",
68
+ namespace: ""
69
69
  )
70
- refresh = store.fetch_refresh('uid', '')
71
- assert_equal 'csrf2', refresh[:csrf]
70
+ refresh = store.fetch_refresh("uid", "")
71
+ assert_equal "csrf2", refresh[:csrf]
72
72
  end
73
73
 
74
74
  def test_all_refresh_tokens
75
75
  expiration = Time.now.to_i + 3600
76
76
  store.persist_refresh(
77
- uid: 'uid',
77
+ uid: "uid",
78
78
  access_expiration: expiration,
79
- access_uid: 'access_uid',
80
- csrf: 'csrf',
79
+ access_uid: "access_uid",
80
+ csrf: "csrf",
81
81
  expiration: expiration,
82
- namespace: 'ns'
82
+ namespace: "ns"
83
83
  )
84
84
  store.persist_refresh(
85
- uid: 'uid',
85
+ uid: "uid",
86
86
  access_expiration: expiration,
87
- access_uid: 'access_uid',
88
- csrf: 'csrf',
87
+ access_uid: "access_uid",
88
+ csrf: "csrf",
89
89
  expiration: expiration,
90
- namespace: 'ns2'
90
+ namespace: "ns2"
91
91
  )
92
- refresh_tokens = store.all_refresh_tokens('ns')
92
+ refresh_tokens = store.all_refresh_tokens("ns")
93
93
  assert_equal 1, refresh_tokens.count
94
94
  end
95
95
 
96
96
  def test_destroy_refresh
97
97
  expiration = Time.now.to_i + 3600
98
98
  store.persist_refresh(
99
- uid: 'uid',
99
+ uid: "uid",
100
100
  access_expiration: expiration,
101
- access_uid: 'access_uid',
102
- csrf: 'csrf',
101
+ access_uid: "access_uid",
102
+ csrf: "csrf",
103
103
  expiration: expiration,
104
- namespace: ''
104
+ namespace: ""
105
105
  )
106
- store.destroy_refresh('uid', '')
107
- refresh = store.fetch_refresh('uid', '')
106
+ store.destroy_refresh("uid", "")
107
+ refresh = store.fetch_refresh("uid", "")
108
108
  assert_equal({}, refresh)
109
109
  end
110
110
 
111
111
  def test_destroy_access
112
- store.persist_access('uid', 'csrf', Time.now.to_i + 3600)
113
- store.destroy_access('uid')
114
- assert_equal({}, store.fetch_access('uid'))
112
+ store.persist_access("uid", "csrf", Time.now.to_i + 3600)
113
+ store.destroy_access("uid")
114
+ assert_equal({}, store.fetch_access("uid"))
115
115
  end
116
116
  end
@@ -1,7 +1,7 @@
1
1
  # frozen_string_literal: true
2
2
 
3
- require 'minitest/autorun'
4
- require 'jwt_sessions'
3
+ require "minitest/autorun"
4
+ require "jwt_sessions"
5
5
 
6
6
  class TestRedisStoreAdapter < Minitest::Test
7
7
  def teardown
@@ -14,8 +14,8 @@ class TestRedisStoreAdapter < Minitest::Test
14
14
  def test_error_on_mixed_redis_options
15
15
  assert_raises ArgumentError do
16
16
  JWTSessions::StoreAdapters::RedisStoreAdapter.new(
17
- redis_url: 'redis://127.0.0.1:6379/0',
18
- redis_port: '8082'
17
+ redis_url: "redis://127.0.0.1:6379/0",
18
+ redis_port: "8082"
19
19
  )
20
20
  end
21
21
  end
@@ -23,53 +23,53 @@ class TestRedisStoreAdapter < Minitest::Test
23
23
  def test_error_on_unknown_option
24
24
  assert_raises ArgumentError do
25
25
  JWTSessions::StoreAdapters::RedisStoreAdapter.new(
26
- redis_url: 'redis://127.0.0.1:6379/0',
27
- something: 'something'
26
+ redis_url: "redis://127.0.0.1:6379/0",
27
+ something: "something"
28
28
  )
29
29
  end
30
30
  end
31
31
 
32
32
  def test_default_url
33
33
  adapter = JWTSessions::StoreAdapters::RedisStoreAdapter.new
34
- assert_equal 'redis://127.0.0.1:6379/0', adapter.storage.connection[:id]
34
+ assert_equal "redis://127.0.0.1:6379/0", adapter.storage.connection[:id]
35
35
  end
36
36
 
37
37
  def test_url_with_env_var
38
- ENV['REDIS_URL'] = 'redis://locallol:2018/'
38
+ ENV["REDIS_URL"] = "redis://locallol:2018/"
39
39
  adapter = JWTSessions::StoreAdapters::RedisStoreAdapter.new
40
- assert_equal 'redis://locallol:2018/0', adapter.storage.connection[:id]
40
+ assert_equal "redis://locallol:2018/0", adapter.storage.connection[:id]
41
41
 
42
- ENV.delete('REDIS_URL')
42
+ ENV.delete("REDIS_URL")
43
43
  adapter = JWTSessions::StoreAdapters::RedisStoreAdapter.new
44
- assert_equal 'redis://127.0.0.1:6379/0', adapter.storage.connection[:id]
44
+ assert_equal "redis://127.0.0.1:6379/0", adapter.storage.connection[:id]
45
45
  end
46
46
 
47
47
  def test_configuration_via_host_port_and_db
48
48
  adapter = JWTSessions::StoreAdapters::RedisStoreAdapter.new(
49
- redis_host: '127.0.0.2',
50
- redis_port: '6372',
51
- redis_db_name: '2'
49
+ redis_host: "127.0.0.2",
50
+ redis_port: "6372",
51
+ redis_db_name: "2"
52
52
  )
53
- assert_equal 'redis://127.0.0.2:6372/2', adapter.storage.connection[:id]
53
+ assert_equal "redis://127.0.0.2:6372/2", adapter.storage.connection[:id]
54
54
  end
55
55
 
56
56
  def test_configuration_via_host_port_and_db_in_module
57
- JWTSessions.redis_host = '127.0.0.2'
58
- JWTSessions.redis_port = '6372'
59
- JWTSessions.redis_db_name = '2'
57
+ JWTSessions.redis_host = "127.0.0.2"
58
+ JWTSessions.redis_port = "6372"
59
+ JWTSessions.redis_db_name = "2"
60
60
 
61
61
  adapter = JWTSessions::StoreAdapters::RedisStoreAdapter.new
62
- assert_equal 'redis://127.0.0.2:6372/2', adapter.storage.connection[:id]
62
+ assert_equal "redis://127.0.0.2:6372/2", adapter.storage.connection[:id]
63
63
  end
64
64
 
65
65
  def test_configuration_via_redis_url
66
- adapter = JWTSessions::StoreAdapters::RedisStoreAdapter.new(redis_url: 'redis://127.0.0.2:6322')
67
- assert_equal 'redis://127.0.0.2:6322/0', adapter.storage.connection[:id]
66
+ adapter = JWTSessions::StoreAdapters::RedisStoreAdapter.new(redis_url: "redis://127.0.0.2:6322")
67
+ assert_equal "redis://127.0.0.2:6322/0", adapter.storage.connection[:id]
68
68
  end
69
69
 
70
70
  def test_configuration_via_redis_url_in_module
71
- JWTSessions.redis_url = 'redis://127.0.0.2:6322'
71
+ JWTSessions.redis_url = "redis://127.0.0.2:6322"
72
72
  adapter = JWTSessions::StoreAdapters::RedisStoreAdapter.new
73
- assert_equal 'redis://127.0.0.2:6322/0', adapter.storage.connection[:id]
73
+ assert_equal "redis://127.0.0.2:6322/0", adapter.storage.connection[:id]
74
74
  end
75
75
  end
@@ -1,13 +1,13 @@
1
1
  # frozen_string_literal: true
2
2
 
3
- require 'minitest/autorun'
4
- require 'jwt_sessions'
3
+ require "minitest/autorun"
4
+ require "jwt_sessions"
5
5
 
6
6
  class TestAccessToken < Minitest::Test
7
7
  attr_reader :access_token, :uid
8
8
 
9
9
  def setup
10
- JWTSessions.encryption_key = 'secret key'
10
+ JWTSessions.encryption_key = "secret key"
11
11
  @payload = { user_id: 1 }
12
12
  @csrf = JWTSessions::CSRFToken.new
13
13
  @uid = SecureRandom.uuid
@@ -1,13 +1,13 @@
1
1
  # frozen_string_literal: true
2
2
 
3
- require 'minitest/autorun'
4
- require 'jwt_sessions'
3
+ require "minitest/autorun"
4
+ require "jwt_sessions"
5
5
 
6
6
  class TestCSRFToken < Minitest::Test
7
7
  attr_reader :csrf_token
8
8
 
9
9
  def setup
10
- JWTSessions.encryption_key = '65994c7b523a3232e7aba54d8cbf'
10
+ JWTSessions.encryption_key = "65994c7b523a3232e7aba54d8cbf"
11
11
  @csrf_token = JWTSessions::CSRFToken.new
12
12
  end
13
13
 
@@ -15,6 +15,6 @@ class TestCSRFToken < Minitest::Test
15
15
  assert_equal true, @csrf_token.valid_authenticity_token?(@csrf_token.encoded)
16
16
  assert_equal false, @csrf_token.valid_authenticity_token?(nil)
17
17
  assert_equal false, @csrf_token.valid_authenticity_token?(123)
18
- assert_equal false, @csrf_token.valid_authenticity_token?('123abc')
18
+ assert_equal false, @csrf_token.valid_authenticity_token?("123abc")
19
19
  end
20
20
  end
@@ -1,13 +1,13 @@
1
1
  # frozen_string_literal: true
2
2
 
3
- require 'minitest/autorun'
4
- require 'jwt_sessions'
3
+ require "minitest/autorun"
4
+ require "jwt_sessions"
5
5
 
6
6
  class TestRefreshToken < Minitest::Test
7
7
  attr_reader :csrf, :token, :access_uid
8
8
 
9
9
  def setup
10
- JWTSessions.encryption_key = 'secure encryption'
10
+ JWTSessions.encryption_key = "secure encryption"
11
11
  @access_uid = SecureRandom.uuid
12
12
  @csrf = JWTSessions::CSRFToken.new
13
13
  @token = JWTSessions::RefreshToken.create(@csrf.encoded,
@@ -1,7 +1,7 @@
1
1
  # frozen_string_literal: true
2
2
 
3
- require 'minitest/autorun'
4
- require 'jwt_sessions'
3
+ require "minitest/autorun"
4
+ require "jwt_sessions"
5
5
 
6
6
  class TestSession < Minitest::Test
7
7
  attr_reader :session, :payload, :tokens
@@ -9,42 +9,53 @@ class TestSession < Minitest::Test
9
9
  REFRESH_KEYS = %i[access access_expires_at csrf].freeze
10
10
 
11
11
  def setup
12
- JWTSessions.encryption_key = 'encrypted'
13
- @payload = { test: 'secret' }
12
+ JWTSessions.encryption_key = "encrypted"
13
+ @payload = { test: "secret" }
14
14
  @session = JWTSessions::Session.new(payload: payload)
15
15
  @tokens = session.login
16
16
  end
17
17
 
18
18
  def teardown
19
19
  redis = Redis.new
20
- keys = redis.keys('jwt_*')
20
+ keys = redis.keys("jwt_*")
21
21
  keys.each { |k| redis.del(k) }
22
22
  end
23
23
 
24
24
  def test_login
25
25
  decoded_access = JWTSessions::Token.decode(tokens[:access]).first
26
26
  assert_equal LOGIN_KEYS, tokens.keys.sort
27
- assert_equal payload[:test], decoded_access['test']
27
+ assert_equal payload[:test], decoded_access["test"]
28
28
  end
29
29
 
30
30
  def test_refresh
31
31
  refreshed_tokens = session.refresh(tokens[:refresh])
32
32
  decoded_access = JWTSessions::Token.decode(refreshed_tokens[:access]).first
33
33
  assert_equal REFRESH_KEYS, refreshed_tokens.keys.sort
34
- assert_equal payload[:test], decoded_access['test']
34
+ assert_equal payload[:test], decoded_access["test"]
35
+ end
36
+
37
+ def test_refresh_expired
38
+ JWTSessions.refresh_exp_time = 0
39
+ session = JWTSessions::Session.new(payload: payload)
40
+ tokens = session.login
41
+ JWTSessions.refresh_exp_time = 604800
42
+
43
+ assert_raises JWTSessions::Errors::ClaimsVerification do
44
+ session.refresh(tokens[:refresh])
45
+ end
35
46
  end
36
47
 
37
48
  def test_refresh_by_access_payload
38
49
  session = JWTSessions::Session.new(payload: payload, refresh_by_access_allowed: true)
39
50
  session.login
40
- access1 = session.instance_variable_get('@_access')
51
+ access1 = session.instance_variable_get("@_access")
41
52
  sleep(1)
42
53
  refreshed_tokens = session.refresh_by_access_payload
43
- access2 = session.instance_variable_get('@_access')
54
+ access2 = session.instance_variable_get("@_access")
44
55
  decoded_access = JWTSessions::Token.decode(refreshed_tokens[:access]).first
45
56
  assert_equal REFRESH_KEYS, refreshed_tokens.keys.sort
46
- assert_equal payload[:test], decoded_access['test']
47
- assert_equal session.instance_variable_get('@_refresh').uid, decoded_access['ruid']
57
+ assert_equal payload[:test], decoded_access["test"]
58
+ assert_equal session.instance_variable_get("@_refresh").uid, decoded_access["ruid"]
48
59
  assert_equal access2.expiration > access1.expiration, true
49
60
  end
50
61
 
@@ -56,8 +67,8 @@ class TestSession < Minitest::Test
56
67
  decoded_access = JWTSessions::Token.decode!(refreshed_tokens[:access]).first
57
68
  JWTSessions.access_exp_time = 3600
58
69
  assert_equal REFRESH_KEYS, refreshed_tokens.keys.sort
59
- assert_equal payload[:test], decoded_access['test']
60
- assert_equal session.instance_variable_get('@_refresh').uid, decoded_access['ruid']
70
+ assert_equal payload[:test], decoded_access["test"]
71
+ assert_equal session.instance_variable_get("@_refresh").uid, decoded_access["ruid"]
61
72
  end
62
73
 
63
74
  def test_refresh_by_access_payload_with_block_expired
@@ -70,8 +81,8 @@ class TestSession < Minitest::Test
70
81
  decoded_access = JWTSessions::Token.decode!(refreshed_tokens[:access]).first
71
82
  JWTSessions.access_exp_time = 3600
72
83
  assert_equal REFRESH_KEYS, refreshed_tokens.keys.sort
73
- assert_equal payload[:test], decoded_access['test']
74
- assert_equal session.instance_variable_get('@_refresh').uid, decoded_access['ruid']
84
+ assert_equal payload[:test], decoded_access["test"]
85
+ assert_equal session.instance_variable_get("@_refresh").uid, decoded_access["ruid"]
75
86
  end
76
87
 
77
88
  def test_refresh_by_access_payload_with_block_not_expired
@@ -87,7 +98,7 @@ class TestSession < Minitest::Test
87
98
  def test_refresh_by_access_payload_invalid_uid
88
99
  session = JWTSessions::Session.new(payload: payload, refresh_by_access_allowed: true)
89
100
  session.login
90
- access1 = session.instance_variable_get('@_access')
101
+ access1 = session.instance_variable_get("@_access")
91
102
  # should execute the code block for the cases when access UID within the refresh token
92
103
  # does not match access UID from the session payload
93
104
  session2 = JWTSessions::Session.new(payload: access1.payload, refresh_by_access_allowed: true)
@@ -148,8 +159,8 @@ class TestSession < Minitest::Test
148
159
  end
149
160
 
150
161
  assert_equal REFRESH_KEYS, refreshed_tokens.keys.sort
151
- assert_equal payload[:test], decoded_access['test']
152
- assert_equal session.instance_variable_get('@_refresh').uid, decoded_access['ruid']
162
+ assert_equal payload[:test], decoded_access["test"]
163
+ assert_equal session.instance_variable_get("@_refresh").uid, decoded_access["ruid"]
153
164
  end
154
165
 
155
166
  def test_refresh_with_block_not_expired
@@ -170,7 +181,7 @@ class TestSession < Minitest::Test
170
181
  end
171
182
  decoded_access = JWTSessions::Token.decode(refreshed_tokens[:access]).first
172
183
  assert_equal REFRESH_KEYS, refreshed_tokens.keys.sort
173
- assert_equal payload[:test], decoded_access['test']
184
+ assert_equal payload[:test], decoded_access["test"]
174
185
  end
175
186
 
176
187
  def test_flush_by_token
@@ -210,7 +221,7 @@ class TestSession < Minitest::Test
210
221
  end
211
222
 
212
223
  def test_flush_namespaced
213
- namespace = 'test_namespace'
224
+ namespace = "test_namespace"
214
225
  @session1 = JWTSessions::Session.new(payload: payload, namespace: namespace)
215
226
  @session2 = JWTSessions::Session.new(payload: payload, namespace: namespace)
216
227
  @session1.login
@@ -236,7 +247,7 @@ class TestSession < Minitest::Test
236
247
  end
237
248
 
238
249
  def test_flush_namespaced_access_tokens
239
- namespace = 'test_namespace'
250
+ namespace = "test_namespace"
240
251
  @session1 = JWTSessions::Session.new(payload: payload, namespace: namespace)
241
252
  @session1.login
242
253
  refresh_token = @session1.instance_variable_get(:"@_refresh")
@@ -255,15 +266,15 @@ class TestSession < Minitest::Test
255
266
  end
256
267
 
257
268
  def test_refresh_after_flush_namespaced_access_tokens
258
- namespace = 'test_namespace'
269
+ namespace = "test_namespace"
259
270
  session = JWTSessions::Session.new(payload: payload, namespace: namespace, refresh_by_access_allowed: true)
260
271
  session.login
261
272
 
262
273
  session.flush_namespaced_access_tokens
263
274
  ruid = session.instance_variable_get(:"@_refresh").uid
264
275
  refresh_token = JWTSessions::RefreshToken.find(ruid, JWTSessions.token_store, nil)
265
- assert_equal '', refresh_token.access_uid
266
- assert_equal '', refresh_token.access_expiration
276
+ assert_equal "", refresh_token.access_uid
277
+ assert_equal "", refresh_token.access_expiration
267
278
 
268
279
  # allows to refresh with un-expired but flushed access token payload
269
280
  session.refresh_by_access_payload do