RubyGems - jwt_sessions - Versions diffs - 2.5.1 → 2.7.2 - Mend

jwt_sessions 2.5.1 → 2.7.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (11) hide show

checksums.yaml +4 -4
data/CHANGELOG.md +37 -0
data/README.md +24 -2
data/lib/jwt_sessions/refresh_token.rb +1 -1
data/lib/jwt_sessions/store_adapters/memory_store_adapter.rb +1 -1
data/lib/jwt_sessions/store_adapters/redis_store_adapter.rb +46 -14
data/lib/jwt_sessions/store_adapters.rb +1 -1
data/lib/jwt_sessions/version.rb +1 -1
data/lib/jwt_sessions.rb +2 -2
data/test/units/jwt_sessions/store_adapters/test_redis_store_adapter.rb +18 -7
metadata +8 -36

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 8fe59582c2a9d3d581ce7ab57a0356ef6ec9e016649a629b03d28154e4e0b375
-  data.tar.gz: 0f12ca584291b8570ce2191973542a4e7f114202940c0ed0562968a20362edca
+  metadata.gz: 1382a5dd59aa20018fddf7489d73318e5fc217c2c7344e87cd9bea8f61452152
+  data.tar.gz: 0165234c70b5b5a411c7eefbb2c59aef0903bbf73bc8c0de611ace157742a341
 SHA512:
-  metadata.gz: 26d4ad5a14429700ddab2f37324485543010e7658d18bdfa63dddbc8dff6e1911acf69823584c19b47ec0af4ac6dc043d37b638477fe33f003e957a14fa48f1c
-  data.tar.gz: 6d4faa18e5abe1ca845d9e4c36fdc2638143c0fc7da65d0c3d04d2570ca31da0477f545aa234d1b54c59378e511076ef40dfad23bfc5f994dc512049ea715c42
+  metadata.gz: 984be7f82567e3aebb090497c7dfbaee8900987fae0682fc89d98d23e5a1acaf07820a7a0133e360139bf007d16c2f4cde6c2e3e5192a25f0b42cec7ca85970a
+  data.tar.gz: 90a250db30b788624210a271c0c4778bd08c43ca71b00684a882dff631bcc6df31c49c5b1492f02ac20f5699cc86903c6e56713aef59cd2dad7016924bb74c19

data/CHANGELOG.md CHANGED Viewed

@@ -1,3 +1,40 @@
+## 2.7.2 (January 24, 2022)
+Bugfixes:
+- 2.7.1 version didn't include the correct patch
+## 2.7.1 (January 22, 2022)
+Bugfixes:
+- Correctly init namespaced refresh tokens when fetching all tokens from Redis
+## 2.7.0 (October 05, 2021)
+Features:
+- added redis_client setting to JWTSessions::StoreAdapters::RedisStoreAdapter
+## 2.6.0 (June 01, 2021)
+Features:
+- added support for all Redis settings
+Support:
+- updated jwt to '>= 2.2.3'
+- switched to redis scan when looking for keys
+- removed extra gems from gemspec deps
+- updated gems in dummy apps
+## 2.5.2 (July 06, 2020)
+Bugfixes:
+- fixed `Using the last argument as keyword parameters is deprecated;` warnings
 ## 2.5.1 (April 20, 2020)
 Features:

data/README.md CHANGED Viewed

@@ -153,11 +153,11 @@ end
 ```
 Specify an encryption key for JSON Web Tokens in `config/initializers/jwt_session.rb` \
-It is advisable to store the key itself within the app secrets.
+It is advisable to store the key itself in a secure way, f.e. within app credentials.
 ```ruby
 JWTSessions.algorithm = "HS256"
-JWTSessions.encryption_key = Rails.application.secrets.secret_jwt_encryption_key
+JWTSessions.encryption_key = Rails.application.credentials.secret_jwt_encryption_key
 ```
 Most of the encryption algorithms require private and public keys to sign a token. However, HMAC requires only a single key and you can use the `encryption_key` shortcut to sign the token. For other algorithms you must specify private and public keys separately.
@@ -369,6 +369,21 @@ JWTSessions.token_store = :redis, { redis_url: "redis://localhost:6397" }
 **NOTE:** if `REDIS_URL` environment variable is set it is used automatically.
+SSL, timeout, reconnect, etc. redis settings are supported:
+```ruby
+JWTSessions.token_store = :redis, {
+  read_timeout: 1.5,
+  reconnect_attempts: 10,
+  ssl_params: { verify_mode: OpenSSL::SSL::VERIFY_NONE }
+}
+```
+If you already have a configured Redis client, you can pass it among the options to reduce opened connections to a Redis server:
+```ruby
+JWTSessions.token_store = :redis, {redis_client: Redis.current}
+```
 ##### JWT signature
 ```ruby
@@ -592,6 +607,13 @@ session = JWTSessions::Session.new(namespace: "ie-sessions")
 session.flush_namespaced # will flush all sessions which belong to the same namespace
 ```
+Selectively flush one single session inside a namespace by its access token:
+```ruby
+session = JWTSessions::Session.new(namespace: "ie-sessions", payload: payload)
+session.flush_by_access_payload # will flush a specific session which belongs to an existing namespace
+```
 Flush access tokens only:
 ```ruby

data/lib/jwt_sessions/refresh_token.rb CHANGED Viewed

@@ -61,7 +61,7 @@ module JWTSessions
           token_attrs[:access_uid],
           token_attrs[:access_expiration],
           store,
-          namespace: namespace,
+          namespace: token_attrs[:namespace] || namespace,
           payload: {},
           uid: uid,
           expiration: token_attrs[:expiration]

data/lib/jwt_sessions/store_adapters/memory_store_adapter.rb CHANGED Viewed

@@ -5,7 +5,7 @@ module JWTSessions
     class MemoryStoreAdapter < AbstractStoreAdapter
       attr_reader :storage
-      def initialize(options)
+      def initialize(**options)
         raise ArgumentError, "Memory store doesn't support any options" if options.any?
         @storage = Hash.new do |h, k|
           h[k] = Hash.new { |hh, kk| hh[kk] = {} }

data/lib/jwt_sessions/store_adapters/redis_store_adapter.rb CHANGED Viewed

@@ -7,16 +7,20 @@ module JWTSessions
       REFRESH_KEYS = %i[csrf access_uid access_expiration expiration].freeze
-      def initialize(token_prefix: JWTSessions.token_prefix, **options)
+      def initialize(token_prefix: JWTSessions.token_prefix, redis_client: nil, **options)
         @prefix = token_prefix
-        begin
-          require "redis"
-          @storage = configure_redis_client(options)
-        rescue LoadError => e
-          msg = "Could not load the 'redis' gem, please add it to your gemfile or " \
-                "configure a different adapter (e.g. JWTSessions.store_adapter = :memory)"
-          raise e.class, msg, e.backtrace
+        if redis_client
+          @storage = redis_client
+        else
+          begin
+            require "redis"
+            @storage = configure_redis_client(**options)
+          rescue LoadError => e
+            msg = "Could not load the 'redis' gem, please add it to your gemfile or " \
+                  "configure a different adapter (e.g. JWTSessions.store_adapter = :memory)"
+            raise e.class, msg, e.backtrace
+          end
         end
       end
@@ -36,7 +40,10 @@ module JWTSessions
         values = storage.hmget(key, *REFRESH_KEYS).compact
         return {} if values.length != REFRESH_KEYS.length
-        REFRESH_KEYS.each_with_index.each_with_object({}) { |(key, index), acc| acc[key] = values[index] }
+        REFRESH_KEYS
+          .each_with_index
+          .each_with_object({}) { |(key, index), acc| acc[key] = values[index] }
+          .merge({ namespace: namespace })
       end
       def persist_refresh(uid:, access_expiration:, access_uid:, csrf:, expiration:, namespace: nil)
@@ -62,10 +69,13 @@ module JWTSessions
       end
       def all_refresh_tokens(namespace)
-        keys_in_namespace = storage.keys(refresh_key("*", namespace))
+        keys_in_namespace = scan_keys(refresh_key("*", namespace))
         (keys_in_namespace || []).each_with_object({}) do |key, acc|
           uid = uid_from_key(key)
-          acc[uid] = fetch_refresh(uid, namespace)
+          # to be able to properly initialize namespaced tokens extract their namespaces
+          # and pass down to fetch_refresh
+          token_namespace = namespace.to_s.empty? ? namespace_from_key(key) : namespace
+          acc[uid] = fetch_refresh(uid, token_namespace)
         end
       end
@@ -80,7 +90,7 @@ module JWTSessions
       private
-      def configure_redis_client(redis_url: nil, redis_host: nil, redis_port: nil, redis_db_name: nil)
+      def configure_redis_client(redis_url: nil, redis_host: nil, redis_port: nil, redis_db_name: nil, **options)
         if redis_url && (redis_host || redis_port || redis_db_name)
           raise ArgumentError, "redis_url cannot be passed along with redis_host, redis_port or redis_db_name options"
         end
@@ -91,7 +101,7 @@ module JWTSessions
           redis_db_name: redis_db_name
         )
-        Redis.new(url: redis_url)
+        Redis.new(options.merge(url: redis_url))
       end
       def build_redis_url(redis_host: nil, redis_port: nil, redis_db_name: nil)
@@ -111,7 +121,7 @@ module JWTSessions
       def first_refresh_key(uid)
         key = full_refresh_key(uid, "*")
-        (storage.keys(key) || []).first
+        (scan_keys(key) || []).first
       end
       def refresh_key(uid, namespace)
@@ -126,6 +136,28 @@ module JWTSessions
       def uid_from_key(key)
         key.split("_").last
       end
+      def namespace_from_key(key)
+        ns_regexp.match(key)&.[](:namespace)
+      end
+      def ns_regexp
+        @ns_regexp ||= Regexp.new("#{prefix}_(?<namespace>.+)_refresh")
+      end
+      def scan_keys(key_pattern)
+        cursor = 0
+        all_keys = []
+        loop do
+          cursor, keys = storage.scan(cursor, match: key_pattern, count: 1000)
+          all_keys |= keys
+          break if cursor == "0"
+        end
+        all_keys
+      end
     end
   end
 end

data/lib/jwt_sessions/store_adapters.rb CHANGED Viewed

@@ -9,7 +9,7 @@ module JWTSessions
     def self.build_by_name(adapter, options = nil)
       camelized_adapter = adapter.to_s.split('_').map(&:capitalize).join
       adapter_class_name = "#{camelized_adapter}StoreAdapter"
-      StoreAdapters.const_get(adapter_class_name).new(options || {})
+      StoreAdapters.const_get(adapter_class_name).new(**(options || {}))
     end
   end
 end

data/lib/jwt_sessions/version.rb CHANGED Viewed

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 module JWTSessions
-  VERSION = "2.5.1"
+  VERSION = "2.7.2"
 end

data/lib/jwt_sessions.rb CHANGED Viewed

@@ -155,7 +155,7 @@ module JWTSessions
   private
   def supported_algos
-    algos = JWT::Algos.constants - [:Unsupported]
-    algos.map { |algo| JWT::Algos.const_get(algo)::SUPPORTED }.flatten + [NONE]
+    algos = JWT::Algos::ALGOS - [JWT::Algos::Unsupported]
+    algos.map { |algo| algo::SUPPORTED }.flatten + [NONE]
   end
 end

data/test/units/jwt_sessions/store_adapters/test_redis_store_adapter.rb CHANGED Viewed

@@ -20,13 +20,18 @@ class TestRedisStoreAdapter < Minitest::Test
     end
   end
-  def test_error_on_unknown_option
-    assert_raises ArgumentError do
-      JWTSessions::StoreAdapters::RedisStoreAdapter.new(
-        redis_url: "redis://127.0.0.1:6379/0",
-        something: "something"
-      )
-    end
+  def test_support_of_extra_options
+    adapter = JWTSessions::StoreAdapters::RedisStoreAdapter.new(
+      redis_url: "redis://127.0.0.1:6379",
+      ssl_params: { verify_mode: OpenSSL::SSL::VERIFY_NONE },
+      reconnect_delay: 2,
+      timeout: 8
+    )
+    options = adapter.storage.instance_variable_get(:@options)
+    assert_equal 8, options[:timeout]
+    assert_equal 2, options[:reconnect_delay]
+    assert_equal 0, options[:ssl_params][:verify_mode]
   end
   def test_default_url
@@ -72,4 +77,10 @@ class TestRedisStoreAdapter < Minitest::Test
     adapter = JWTSessions::StoreAdapters::RedisStoreAdapter.new
     assert_equal "redis://127.0.0.2:6322/0", adapter.storage.connection[:id]
   end
+  def test_configuration_via_redis_client
+    client = Object.new
+    adapter = JWTSessions::StoreAdapters::RedisStoreAdapter.new(redis_client: client)
+    assert_equal client, adapter.storage
+  end
 end

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: jwt_sessions
 version: !ruby/object:Gem::Version
-  version: 2.5.1
+  version: 2.7.2
 platform: ruby
 authors:
 - Yulia Oletskaya
-autorequire:
+autorequire:
 bindir: bin
 cert_chain: []
-date: 2020-04-20 00:00:00.000000000 Z
+date: 2022-01-24 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: jwt
@@ -16,7 +16,7 @@ dependencies:
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: 2.1.1
+        version: 2.2.3
     - - "<"
       - !ruby/object:Gem::Version
         version: '3'
@@ -26,7 +26,7 @@ dependencies:
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: 2.1.1
+        version: 2.2.3
     - - "<"
       - !ruby/object:Gem::Version
         version: '3'
@@ -44,34 +44,6 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: '1.16'
-- !ruby/object:Gem::Dependency
-  name: minitest
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '5.11'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '5.11'
-- !ruby/object:Gem::Dependency
-  name: pry
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '0.11'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '0.11'
 - !ruby/object:Gem::Dependency
   name: rake
   requirement: !ruby/object:Gem::Requirement
@@ -126,7 +98,7 @@ metadata:
   changelog_uri: https://github.com/tuwukee/jwt_sessions/blob/master/CHANGELOG.md
   source_code_uri: https://github.com/tuwukee/jwt_sessions
   bug_tracker_uri: https://github.com/tuwukee/jwt_sessions/issues
-post_install_message:
+post_install_message:
 rdoc_options: []
 require_paths:
 - lib
@@ -141,8 +113,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.0.3
-signing_key:
+rubygems_version: 3.2.5
+signing_key:
 specification_version: 4
 summary: JWT Sessions
 test_files: