jwt_sessions 2.7.3 → 2.7.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (9) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +6 -3
  3. data/README.md +5 -5
  4. data/lib/jwt_sessions/session.rb +2 -2
  5. data/lib/jwt_sessions/store_adapters/redis_store_adapter.rb +3 -1
  6. data/lib/jwt_sessions/version.rb +1 -1
  7. data/test/units/jwt_sessions/store_adapters/test_redis_store_adapter.rb +0 -2
  8. data/test/units/jwt_sessions/test_session.rb +4 -4
  9. metadata +2 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: ed69732617f15f4c07c0fb37d3ad938807224b729f136d24755a90f58b7b28ab
4
- data.tar.gz: 27bee3f1c2bd4b099b0dadea703143d70e6abf1aaa6e5556f67515dfbc6f2e5b
3
+ metadata.gz: 8d8719e8f8b113faf2af6b40f1912d2cf4819527634411ec946a909c67833d31
4
+ data.tar.gz: f4e46db88c68b110dc78034925fce8193deab286d5703ea81ccfd2740bca9225
5
5
  SHA512:
6
- metadata.gz: a0a81d8d8013a1393b441ddd15ec34fb57ceb0bd3198f9ee4a2554dff653efbe4379ad6992d1a8678895e0391f45626068a2f16b422ad8c658b7a086a08241d3
7
- data.tar.gz: 46e744a4512da3d90b54f6552c42f35c7b3b3d25a9d73292058ac5782102ed9d9c77ac6a734a865b40e2fcccd675257cc5c41d27be45bd5fde758e8d6c97537f
6
+ metadata.gz: 6edb6fb526941fda66abcf0cea4a69904e08f4ca0be03ff7514d8c73e9b9f94cb86cb74a948612d62f3a20a2f91c123bce8c5e342b2600c959f0da90f4e0a918
7
+ data.tar.gz: b49c7a27800f9b7621565c9e9206a30f547e837668fb0fd683073ff75b062479bb0d51630f28cd165a70ecd767fc44f736795d4d12b480183fe7395b239696ac
data/CHANGELOG.md CHANGED
@@ -1,11 +1,14 @@
1
- ## 2.7.3 (August 26, 2022)
1
+ ## 2.7.4 (August 31, 2022)
2
2
 
3
- Bugfixes:
3
+ Support:
4
4
 
5
- - compatibility with jwt 2.5
5
+ - compatibility with redis 5.0
6
+
7
+ ## 2.7.3 (August 26, 2022)
6
8
 
7
9
  Support:
8
10
 
11
+ - compatibility with jwt 2.5
9
12
  - add rspec to development deps
10
13
 
11
14
  ## 2.7.2 (January 24, 2022)
data/README.md CHANGED
@@ -409,11 +409,11 @@ jwt_sessions only uses `exp` claim by default when it decodes tokens and you can
409
409
  setting `jwt_options`. You can also specify leeway to account for clock skew.
410
410
 
411
411
  ```ruby
412
- JWTSessions.jwt_options.verify_iss = true
413
- JWTSessions.jwt_options.verify_sub = true
414
- JWTSessions.jwt_options.verify_iat = true
415
- JWTSessions.jwt_options.verify_aud = true
416
- JWTSessions.jwt_options.leeway = 30 # seconds
412
+ JWTSessions.jwt_options[:verify_iss] = true
413
+ JWTSessions.jwt_options[:verify_sub] = true
414
+ JWTSessions.jwt_options[:verify_iat] = true
415
+ JWTSessions.jwt_options[:verify_aud] = true
416
+ JWTSessions.jwt_options[:leeway] = 30 # seconds
417
417
  ```
418
418
 
419
419
  To pass options like `sub`, `aud`, `iss`, or leeways you should specify a method called `token_claims` in your controller.
data/lib/jwt_sessions/session.rb CHANGED
@@ -89,7 +89,7 @@ module JWTSessions
89
89
  tokens.each do |token|
90
90
  AccessToken.destroy(token.access_uid, store)
91
91
  # unlink refresh token from the current access token
92
- token.update(nil, nil, token.csrf)
92
+ token.update(0, 0, token.csrf)
93
93
  end.count
94
94
  end
95
95
 
@@ -208,7 +208,7 @@ module JWTSessions
208
208
  def check_access_uid_within_refresh_token
209
209
  uid = retrieve_val_from(payload, :access, "uid", "access uid")
210
210
  access_uid = @_refresh.access_uid
211
- return if access_uid.size.zero?
211
+ return if access_uid == "0"
212
212
  yield @_refresh.uid, @_refresh.access_expiration if access_uid != uid
213
213
  end
214
214
 
data/lib/jwt_sessions/store_adapters/redis_store_adapter.rb CHANGED
@@ -37,9 +37,11 @@ module JWTSessions
37
37
 
38
38
  def fetch_refresh(uid, namespace, first_match = false)
39
39
  key = first_match ? first_refresh_key(uid) : full_refresh_key(uid, namespace)
40
- values = storage.hmget(key, *REFRESH_KEYS).compact
40
+ return {} if key.nil?
41
41
 
42
+ values = storage.hmget(key, *REFRESH_KEYS).compact
42
43
  return {} if values.length != REFRESH_KEYS.length
44
+
43
45
  REFRESH_KEYS
44
46
  .each_with_index
45
47
  .each_with_object({}) { |(key, index), acc| acc[key] = values[index] }
data/lib/jwt_sessions/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module JWTSessions
4
- VERSION = "2.7.3"
4
+ VERSION = "2.7.4"
5
5
  end
data/test/units/jwt_sessions/store_adapters/test_redis_store_adapter.rb CHANGED
@@ -24,13 +24,11 @@ class TestRedisStoreAdapter < Minitest::Test
24
24
  adapter = JWTSessions::StoreAdapters::RedisStoreAdapter.new(
25
25
  redis_url: "redis://127.0.0.1:6379",
26
26
  ssl_params: { verify_mode: OpenSSL::SSL::VERIFY_NONE },
27
- reconnect_delay: 2,
28
27
  timeout: 8
29
28
  )
30
29
  options = adapter.storage.instance_variable_get(:@options)
31
30
 
32
31
  assert_equal 8, options[:timeout]
33
- assert_equal 2, options[:reconnect_delay]
34
32
  assert_equal 0, options[:ssl_params][:verify_mode]
35
33
  end
36
34
 
data/test/units/jwt_sessions/test_session.rb CHANGED
@@ -309,8 +309,8 @@ class TestSession < Minitest::Test
309
309
  session.flush_namespaced_access_tokens
310
310
  ruid = session.instance_variable_get(:"@_refresh").uid
311
311
  refresh_token = JWTSessions::RefreshToken.find(ruid, JWTSessions.token_store, namespace)
312
- assert_equal "", refresh_token.access_uid
313
- assert_equal "", refresh_token.access_expiration
312
+ assert_equal "0", refresh_token.access_uid
313
+ assert_equal "0", refresh_token.access_expiration
314
314
 
315
315
  # allows to refresh with un-expired but flushed access token payload
316
316
  session.refresh_by_access_payload do
@@ -320,8 +320,8 @@ class TestSession < Minitest::Test
320
320
  access_token = JWTSessions::AccessToken.find(auid, JWTSessions.token_store)
321
321
  refresh_token = JWTSessions::RefreshToken.find(ruid, JWTSessions.token_store, namespace)
322
322
 
323
- assert_equal false, access_token.uid.size.zero?
324
- assert_equal false, access_token.expiration.size.zero?
323
+ assert "0" != access_token.uid
324
+ assert "0" != access_token.expiration
325
325
  assert_equal access_token.uid.to_s, refresh_token.access_uid
326
326
  assert_equal access_token.expiration.to_s, refresh_token.access_expiration
327
327
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: jwt_sessions
3
3
  version: !ruby/object:Gem::Version
4
- version: 2.7.3
4
+ version: 2.7.4
5
5
  platform: ruby
6
6
  authors:
7
7
  - Yulia Oletskaya
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2022-08-26 00:00:00.000000000 Z
11
+ date: 2022-08-31 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: jwt