jwt_sessions 2.7.4 → 3.0.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 8d8719e8f8b113faf2af6b40f1912d2cf4819527634411ec946a909c67833d31
-  data.tar.gz: f4e46db88c68b110dc78034925fce8193deab286d5703ea81ccfd2740bca9225
+  metadata.gz: 7d38f64697988a31f87a3e1b4e95910f821a24fc0c35cea614b9d4a72f16a0a5
+  data.tar.gz: 4b1aecccf844e0d7dc4de866c03b9af136b9b422e7e3caf4ffb4138517e6e771
 SHA512:
-  metadata.gz: 6edb6fb526941fda66abcf0cea4a69904e08f4ca0be03ff7514d8c73e9b9f94cb86cb74a948612d62f3a20a2f91c123bce8c5e342b2600c959f0da90f4e0a918
-  data.tar.gz: b49c7a27800f9b7621565c9e9206a30f547e837668fb0fd683073ff75b062479bb0d51630f28cd165a70ecd767fc44f736795d4d12b480183fe7395b239696ac
+  metadata.gz: 075e7f3b2dc0ebf798ab8696ad715badb95d0f485dbf6dc62d059055a65283d11e1250db541c7b90249055bc4424946a8bfcfc916d23c4afdb8d06958b1f52f3
+  data.tar.gz: cec03faa24c671b234022742a59689f07c4bd50105a286b03c3b7b1535134c8f95d69c0a29ee47d0d47385590071134d1c82844bdfa6bb2882108b88956f6a47

data/CHANGELOG.md

@@ -1,3 +1,20 @@
+## 3.0.1 (December 28, 2022)
+
+Support:
+
+- fix bug with expire/expireat
+
+## 3.0.0 (December 27, 2022)
+
+Features:
+
+- replace `redis` with `redis-client`
+- add `pool_size` setting to support concurrency within `redis-client`'s connection pool
+
+Support:
+
+- upgrade `jwt` to 2.6 in dependencies
+
 ## 2.7.4 (August 31, 2022)
 
 Support:

data/README.md

@@ -1,7 +1,7 @@
 # jwt_sessions
 [![Gem Version](https://badge.fury.io/rb/jwt_sessions.svg)](https://badge.fury.io/rb/jwt_sessions)
 [![Maintainability](https://api.codeclimate.com/v1/badges/53de11b8334933b1c0ef/maintainability)](https://codeclimate.com/github/tuwukee/jwt_sessions/maintainability)
-[![Codacy Badge](https://api.codacy.com/project/badge/Grade/c86efdfca81448919ec3e1c1e48fc152)](https://www.codacy.com/app/tuwukee/jwt_sessions?utm_source=github.com&utm_medium=referral&utm_content=tuwukee/jwt_sessions&utm_campaign=Badge_Grade)
+[![Codacy Badge](https://app.codacy.com/project/badge/Grade/6ba02043e42144a9af96c9675207a5c4)](https://www.codacy.com/gh/tuwukee/jwt_sessions/dashboard?utm_source=github.com&utm_medium=referral&utm_content=tuwukee/jwt_sessions&utm_campaign=Badge_Grade)
 [![Build Status](https://travis-ci.org/tuwukee/jwt_sessions.svg?branch=master)](https://travis-ci.org/tuwukee/jwt_sessions)
 
 XSS/CSRF safe JWT auth designed for SPA
@@ -348,7 +348,7 @@ List of configurable settings with their default values.
 
 ##### Token store
 
-In order to configure a token store you should set up a store adapter in a following way: `JWTSessions.token_store = :redis, { redis_url: 'redis://127.0.0.1:6379/0' }` (options can be omitted). Currently supported stores are `:redis` and `:memory`. Please note, that if you want to use Redis as a store then you should have `redis` gem listed in your Gemfile. If you do not configure the adapter explicitly, this gem will try to load `redis` and use it. Otherwise it will fall back to a `memory` adapter.
+In order to configure a token store you should set up a store adapter in a following way: `JWTSessions.token_store = :redis, { redis_url: 'redis://127.0.0.1:6379/0' }` (options can be omitted). Currently supported stores are `:redis` and `:memory`. Please note, that if you want to use Redis as a store then you should have `redis-client` gem listed in your Gemfile. If you do not configure the adapter explicitly, this gem will try to load `redis-client` and use it. Otherwise it will fall back to a `memory` adapter.
 
 Memory store only accepts a `prefix` (used for Redis db keys). Here is a default configuration for Redis:
 
@@ -357,9 +357,11 @@ JWTSessions.token_store = :redis, {
   redis_host: "127.0.0.1",
   redis_port: "6379",
   redis_db_name: "0",
-  token_prefix: "jwt_"
+  token_prefix: "jwt_",
+  pool_size: Integer(ENV.fetch("RAILS_MAX_THREADS", 5))
 }
 ```
+On default `pool_size` is set to 5. Override it with the value of max number of parallel redis connections in your app.
 
 You can also provide a Redis URL instead:
 
@@ -381,7 +383,7 @@ JWTSessions.token_store = :redis, {
 If you already have a configured Redis client, you can pass it among the options to reduce opened connections to a Redis server:
 
 ```ruby
-JWTSessions.token_store = :redis, {redis_client: Redis.current}
+JWTSessions.token_store = :redis, {redis_client: redis_pool}
 ```
 
 ##### JWT signature

data/lib/jwt_sessions/store_adapters/redis_store_adapter.rb

@@ -6,6 +6,7 @@ module JWTSessions
       attr_reader :prefix, :storage
 
       REFRESH_KEYS = %i[csrf access_uid access_expiration expiration].freeze
+      DEFAULT_POOL_SIZE = 5
 
       def initialize(token_prefix: JWTSessions.token_prefix, redis_client: nil, **options)
         @prefix = token_prefix
@@ -14,10 +15,10 @@ module JWTSessions
           @storage = redis_client
         else
           begin
-            require "redis"
+            require "redis-client"
             @storage = configure_redis_client(**options)
           rescue LoadError => e
-            msg = "Could not load the 'redis' gem, please add it to your gemfile or " \
+            msg = "Could not load the 'redis-client' gem, please add it to your gemfile or " \
                   "configure a different adapter (e.g. JWTSessions.store_adapter = :memory)"
             raise e.class, msg, e.backtrace
           end
@@ -25,21 +26,21 @@ module JWTSessions
       end
 
       def fetch_access(uid)
-        csrf = storage.get(access_key(uid))
+        csrf = storage.call("GET", access_key(uid))
         csrf.nil? ? {} : { csrf: csrf }
       end
 
       def persist_access(uid, csrf, expiration)
         key = access_key(uid)
-        storage.set(key, csrf)
-        storage.expireat(key, expiration)
+        storage.call("SET", key, csrf)
+        storage.call("EXPIREAT", key, expiration)
       end
 
       def fetch_refresh(uid, namespace, first_match = false)
         key    = first_match ? first_refresh_key(uid) : full_refresh_key(uid, namespace)
         return {} if key.nil?
 
-        values = storage.hmget(key, *REFRESH_KEYS).compact
+        values = storage.call("HMGET", key, *REFRESH_KEYS).compact
         return {} if values.length != REFRESH_KEYS.length
 
         REFRESH_KEYS
@@ -57,12 +58,12 @@ module JWTSessions
           csrf: csrf,
           namespace: namespace
         )
-        storage.hset(key, :expiration, expiration)
-        storage.expireat(key, expiration)
+        storage.call("HSET", key, :expiration, expiration)
+        storage.call("EXPIREAT", key, expiration)
       end
 
       def update_refresh(uid:, access_expiration:, access_uid:, csrf:, namespace: nil)
-        storage.hmset(
+        storage.call("HMSET",
           full_refresh_key(uid, namespace),
           :csrf, csrf,
           :access_expiration, access_expiration,
@@ -83,11 +84,11 @@ module JWTSessions
 
       def destroy_refresh(uid, namespace)
         key = full_refresh_key(uid, namespace)
-        storage.del(key)
+        storage.call("DEL", key)
       end
 
       def destroy_access(uid)
-        storage.del(access_key(uid))
+        storage.call("DEL", access_key(uid))
       end
 
       private
@@ -102,8 +103,10 @@ module JWTSessions
           redis_port: redis_port,
           redis_db_name: redis_db_name
         )
-
-        Redis.new(options.merge(url: redis_url))
+        pool_size = options.delete(:pool_size) || DEFAULT_POOL_SIZE
+        RedisClient.
+          config(**options.merge(url: redis_url)).
+          new_pool(size: pool_size)
       end
 
       def build_redis_url(redis_host: nil, redis_port: nil, redis_db_name: nil)
@@ -152,7 +155,7 @@ module JWTSessions
         all_keys = []
 
         loop do
-          cursor, keys = storage.scan(cursor, match: key_pattern, count: 1000)
+          cursor, keys = storage.call("SCAN", cursor, match: key_pattern, count: 1000)
           all_keys |= keys
 
           break if cursor == "0"

data/lib/jwt_sessions/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module JWTSessions
-  VERSION = "2.7.4"
+  VERSION = "3.0.1"
 end

data/test/units/jwt_sessions/store_adapters/test_redis_store_adapter.rb

@@ -26,25 +26,26 @@ class TestRedisStoreAdapter < Minitest::Test
       ssl_params: { verify_mode: OpenSSL::SSL::VERIFY_NONE },
       timeout: 8
     )
-    options = adapter.storage.instance_variable_get(:@options)
+    config = adapter.storage.config
 
-    assert_equal 8, options[:timeout]
-    assert_equal 0, options[:ssl_params][:verify_mode]
+    assert_equal 8, config.instance_variable_get(:@connect_timeout)
+    assert_equal 0, config.instance_variable_get(:@ssl_params)[:verify_mode]
   end
 
   def test_default_url
     adapter = JWTSessions::StoreAdapters::RedisStoreAdapter.new
-    assert_equal "redis://127.0.0.1:6379/0", adapter.storage.connection[:id]
+
+    assert_equal "redis://127.0.0.1:6379/0", adapter.storage.config.server_url
   end
 
   def test_url_with_env_var
     ENV["REDIS_URL"] = "redis://locallol:2018/"
     adapter = JWTSessions::StoreAdapters::RedisStoreAdapter.new
-    assert_equal "redis://locallol:2018/0", adapter.storage.connection[:id]
+    assert_equal "redis://locallol:2018/0", adapter.storage.config.server_url
 
     ENV.delete("REDIS_URL")
     adapter = JWTSessions::StoreAdapters::RedisStoreAdapter.new
-    assert_equal "redis://127.0.0.1:6379/0", adapter.storage.connection[:id]
+    assert_equal "redis://127.0.0.1:6379/0", adapter.storage.config.server_url
   end
 
   def test_configuration_via_host_port_and_db
@@ -53,7 +54,7 @@ class TestRedisStoreAdapter < Minitest::Test
       redis_port: "6372",
       redis_db_name: "2"
     )
-    assert_equal "redis://127.0.0.2:6372/2", adapter.storage.connection[:id]
+    assert_equal "redis://127.0.0.2:6372/2", adapter.storage.config.server_url
   end
 
   def test_configuration_via_host_port_and_db_in_module
@@ -62,18 +63,18 @@ class TestRedisStoreAdapter < Minitest::Test
     JWTSessions.redis_db_name = "2"
 
     adapter = JWTSessions::StoreAdapters::RedisStoreAdapter.new
-    assert_equal "redis://127.0.0.2:6372/2", adapter.storage.connection[:id]
+    assert_equal "redis://127.0.0.2:6372/2", adapter.storage.config.server_url
   end
 
   def test_configuration_via_redis_url
     adapter = JWTSessions::StoreAdapters::RedisStoreAdapter.new(redis_url: "redis://127.0.0.2:6322")
-    assert_equal "redis://127.0.0.2:6322/0", adapter.storage.connection[:id]
+    assert_equal "redis://127.0.0.2:6322/0", adapter.storage.config.server_url
   end
 
   def test_configuration_via_redis_url_in_module
     JWTSessions.redis_url = "redis://127.0.0.2:6322"
     adapter = JWTSessions::StoreAdapters::RedisStoreAdapter.new
-    assert_equal "redis://127.0.0.2:6322/0", adapter.storage.connection[:id]
+    assert_equal "redis://127.0.0.2:6322/0", adapter.storage.config.server_url
   end
 
   def test_configuration_via_redis_client
@@ -81,4 +82,21 @@ class TestRedisStoreAdapter < Minitest::Test
     adapter = JWTSessions::StoreAdapters::RedisStoreAdapter.new(redis_client: client)
     assert_equal client, adapter.storage
   end
+
+  def test_redis_pool_size
+    default_adapter = JWTSessions::StoreAdapters::RedisStoreAdapter.new
+    assert_equal 5, default_adapter.storage.instance_variable_get(:@pool).size
+
+    adapter = JWTSessions::StoreAdapters::RedisStoreAdapter.new(pool_size: 10)
+    assert_equal 10, adapter.storage.instance_variable_get(:@pool).size
+  end
+
+  def test_persist_access
+    adapter = JWTSessions::StoreAdapters::RedisStoreAdapter.new
+    expire_at = Time.now.to_i + 10
+    adapter.persist_access("test_access_token_exp", "test_csrf", expire_at)
+    ttl = adapter.storage.call("TTL", "jwt__access_test_access_token_exp")
+    assert_operator ttl, :<=, 10
+    adapter.storage.call("DEL", "jwt__access_test_access_token_exp")
+  end
 end

data/test/units/jwt_sessions/test_session.rb

@@ -16,9 +16,9 @@ class TestSession < Minitest::Test
   end
 
   def teardown
-    redis = Redis.new
-    keys = redis.keys("jwt_*")
-    keys.each { |k| redis.del(k) }
+    redis = RedisClient.new
+    keys = redis.call("KEYS", "jwt_*")
+    keys.each { |k| redis.call("DEL", k) }
   end
 
   def test_login

data/test/units/jwt_sessions/test_token.rb

@@ -51,14 +51,20 @@ class TestToken < Minitest::Test
   end
 
   def test_ecdsa_token_decode
+    # temp: the test is failling for ruby 3 because of openssl-3 issue
+    # https://github.com/ruby/openssl/issues/369
+    skip if RUBY_VERSION.to_i > 2
+
     JWTSessions.algorithm   = "ES256"
     JWTSessions.private_key = OpenSSL::PKey::EC.new "prime256v1"
     JWTSessions.private_key.generate_key
-    JWTSessions.public_key             = OpenSSL::PKey::EC.new JWTSessions.private_key
-    JWTSessions.public_key.private_key = nil
+
+    JWTSessions.public_key = OpenSSL::PKey::EC.new JWTSessions.private_key
+    JWTSessions.public_key.private_key = nil 
 
     token   = JWTSessions::Token.encode(payload)
     decoded = JWTSessions::Token.decode(token).first
+
     assert_equal payload["user_id"], decoded["user_id"]
     assert_equal payload["secret"], decoded["secret"]
   end

data/test/units/test_token_store.rb

@@ -30,7 +30,7 @@ class TestTokenStore < Minitest::Test
     JWTSessions.redis_port = 6378
     JWTSessions.token_store = :redis
 
-    assert_equal "redis://127.0.0.1:6378/0", JWTSessions.token_store.storage.connection[:id]
+    assert_equal "redis://127.0.0.1:6378/0", JWTSessions.token_store.storage.config.server_url
   end
 
   def test_setting_redis_token_store_without_options

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: jwt_sessions
 version: !ruby/object:Gem::Version
-  version: 2.7.4
+  version: 3.0.1
 platform: ruby
 authors:
 - Yulia Oletskaya
-autorequire: 
+autorequire:
 bindir: bin
 cert_chain: []
-date: 2022-08-31 00:00:00.000000000 Z
+date: 2022-12-28 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: jwt
@@ -16,7 +16,7 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '2.5'
+        version: '2.6'
     - - "<"
       - !ruby/object:Gem::Version
         version: '3'
@@ -26,7 +26,7 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '2.5'
+        version: '2.6'
     - - "<"
       - !ruby/object:Gem::Version
         version: '3'
@@ -112,7 +112,7 @@ metadata:
   changelog_uri: https://github.com/tuwukee/jwt_sessions/blob/master/CHANGELOG.md
   source_code_uri: https://github.com/tuwukee/jwt_sessions
   bug_tracker_uri: https://github.com/tuwukee/jwt_sessions/issues
-post_install_message: 
+post_install_message:
 rdoc_options: []
 require_paths:
 - lib
@@ -127,17 +127,17 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.0.3.1
-signing_key: 
+rubygems_version: 3.3.7
+signing_key:
 specification_version: 4
 summary: JWT Sessions
 test_files:
 - test/units/test_jwt_sessions.rb
 - test/units/test_token_store.rb
-- test/units/jwt_sessions/test_csrf_token.rb
-- test/units/jwt_sessions/test_access_token.rb
-- test/units/jwt_sessions/store_adapters/test_redis_store_adapter.rb
 - test/units/jwt_sessions/store_adapters/test_memory_store_adapter.rb
-- test/units/jwt_sessions/test_token.rb
+- test/units/jwt_sessions/store_adapters/test_redis_store_adapter.rb
+- test/units/jwt_sessions/test_access_token.rb
+- test/units/jwt_sessions/test_csrf_token.rb
 - test/units/jwt_sessions/test_refresh_token.rb
 - test/units/jwt_sessions/test_session.rb
+- test/units/jwt_sessions/test_token.rb