jwt_sessions 2.4.2 → 2.4.3
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/jwt_sessions/session.rb +7 -7
- data/lib/jwt_sessions/store_adapters/abstract_store_adapter.rb +2 -1
- data/lib/jwt_sessions/store_adapters/memory_store_adapter.rb +10 -2
- data/lib/jwt_sessions/version.rb +1 -1
- data/test/units/jwt_sessions/test_session.rb +12 -0
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: dfe0f1d0591603e0e98e783a50887e647460b880
|
|
4
|
+
data.tar.gz: 6ddf78aa6c589ec6f51a775d81d033dbd8d69d59
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 8bfeb3ae48e6d3689bfc34cf02ac92e4d16be9f1a0c56562f4a598432600e7e6ffd9281e8ba6a20053bb6737ca26017e2b9ad8b6b1250b0268850a310bdfe2eb
|
|
7
|
+
data.tar.gz: 1977d53805eba13b7da95dc1b8ff767ef8764c130be49d1a476e791ac95fa56a7de1dfa77eafd9646674835c995b593aaaa62a74d1e7e3f0143e4e81b8c21300
|
data/lib/jwt_sessions/session.rb
CHANGED
|
@@ -37,7 +37,7 @@ module JWTSessions
|
|
|
37
37
|
end
|
|
38
38
|
|
|
39
39
|
def session_exists?(token, token_type = :access)
|
|
40
|
-
send(:"#{token_type}_token_data", token)
|
|
40
|
+
send(:"#{token_type}_token_data", token, true)
|
|
41
41
|
true
|
|
42
42
|
rescue Errors::Unauthorized
|
|
43
43
|
false
|
|
@@ -142,20 +142,20 @@ module JWTSessions
|
|
|
142
142
|
end
|
|
143
143
|
|
|
144
144
|
def refresh_csrf(refresh_token)
|
|
145
|
-
refresh_token_instance = refresh_token_data(refresh_token)
|
|
145
|
+
refresh_token_instance = refresh_token_data(refresh_token, true)
|
|
146
146
|
CSRFToken.new(refresh_token_instance.csrf)
|
|
147
147
|
end
|
|
148
148
|
|
|
149
|
-
def access_token_data(token)
|
|
149
|
+
def access_token_data(token, _first_match = false)
|
|
150
150
|
uid = token_uid(token, :access, @access_claims)
|
|
151
151
|
data = store.fetch_access(uid)
|
|
152
152
|
raise Errors::Unauthorized, "Access token not found" if data.empty?
|
|
153
153
|
data
|
|
154
154
|
end
|
|
155
155
|
|
|
156
|
-
def refresh_token_data(token)
|
|
156
|
+
def refresh_token_data(token, first_match = false)
|
|
157
157
|
uid = token_uid(token, :refresh, @refresh_claims)
|
|
158
|
-
retrieve_refresh_token(uid)
|
|
158
|
+
retrieve_refresh_token(uid, first_match: first_match)
|
|
159
159
|
end
|
|
160
160
|
|
|
161
161
|
def token_uid(token, type, claims)
|
|
@@ -177,8 +177,8 @@ module JWTSessions
|
|
|
177
177
|
val
|
|
178
178
|
end
|
|
179
179
|
|
|
180
|
-
def retrieve_refresh_token(uid)
|
|
181
|
-
@_refresh = RefreshToken.find(uid, store, namespace)
|
|
180
|
+
def retrieve_refresh_token(uid, first_match: false)
|
|
181
|
+
@_refresh = RefreshToken.find(uid, store, namespace, first_match: first_match)
|
|
182
182
|
end
|
|
183
183
|
|
|
184
184
|
def tokens_hash
|
|
@@ -22,8 +22,16 @@ module JWTSessions
|
|
|
22
22
|
storage[""]["access"].store(uid, access_token)
|
|
23
23
|
end
|
|
24
24
|
|
|
25
|
-
def fetch_refresh(uid, namespace,
|
|
26
|
-
|
|
25
|
+
def fetch_refresh(uid, namespace, first_match = false)
|
|
26
|
+
if first_match
|
|
27
|
+
storage.keys.each do |namespace_key|
|
|
28
|
+
val = value_if_not_expired(uid, "refresh", namespace_key)
|
|
29
|
+
return val unless val.empty?
|
|
30
|
+
end
|
|
31
|
+
{}
|
|
32
|
+
else
|
|
33
|
+
value_if_not_expired(uid, "refresh", namespace.to_s)
|
|
34
|
+
end
|
|
27
35
|
end
|
|
28
36
|
|
|
29
37
|
def persist_refresh(uid:, access_expiration:, access_uid:, csrf:, expiration:, namespace: "")
|
data/lib/jwt_sessions/version.rb
CHANGED
|
@@ -69,6 +69,18 @@ class TestSession < Minitest::Test
|
|
|
69
69
|
end
|
|
70
70
|
end
|
|
71
71
|
|
|
72
|
+
def test_refresh_with_namespace
|
|
73
|
+
@new_session = JWTSessions::Session.new(
|
|
74
|
+
payload: payload,
|
|
75
|
+
namespace: "custom-namespace"
|
|
76
|
+
)
|
|
77
|
+
new_tokens = @new_session.login
|
|
78
|
+
refreshed_tokens = @new_session.refresh(new_tokens[:refresh])
|
|
79
|
+
decoded_access = JWTSessions::Token.decode(refreshed_tokens[:access]).first
|
|
80
|
+
assert_equal REFRESH_KEYS, refreshed_tokens.keys.sort
|
|
81
|
+
assert_equal payload[:test], decoded_access["test"]
|
|
82
|
+
end
|
|
83
|
+
|
|
72
84
|
def test_refresh_by_access_payload
|
|
73
85
|
session = JWTSessions::Session.new(payload: payload, refresh_by_access_allowed: true)
|
|
74
86
|
session.login
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: jwt_sessions
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 2.4.
|
|
4
|
+
version: 2.4.3
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Yulia Oletskaya
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2019-
|
|
11
|
+
date: 2019-09-13 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: jwt
|