jwt_sessions 2.7.3 → 2.7.4

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: ed69732617f15f4c07c0fb37d3ad938807224b729f136d24755a90f58b7b28ab
4
- data.tar.gz: 27bee3f1c2bd4b099b0dadea703143d70e6abf1aaa6e5556f67515dfbc6f2e5b
3
+ metadata.gz: 8d8719e8f8b113faf2af6b40f1912d2cf4819527634411ec946a909c67833d31
4
+ data.tar.gz: f4e46db88c68b110dc78034925fce8193deab286d5703ea81ccfd2740bca9225
5
5
  SHA512:
6
- metadata.gz: a0a81d8d8013a1393b441ddd15ec34fb57ceb0bd3198f9ee4a2554dff653efbe4379ad6992d1a8678895e0391f45626068a2f16b422ad8c658b7a086a08241d3
7
- data.tar.gz: 46e744a4512da3d90b54f6552c42f35c7b3b3d25a9d73292058ac5782102ed9d9c77ac6a734a865b40e2fcccd675257cc5c41d27be45bd5fde758e8d6c97537f
6
+ metadata.gz: 6edb6fb526941fda66abcf0cea4a69904e08f4ca0be03ff7514d8c73e9b9f94cb86cb74a948612d62f3a20a2f91c123bce8c5e342b2600c959f0da90f4e0a918
7
+ data.tar.gz: b49c7a27800f9b7621565c9e9206a30f547e837668fb0fd683073ff75b062479bb0d51630f28cd165a70ecd767fc44f736795d4d12b480183fe7395b239696ac
data/CHANGELOG.md CHANGED
@@ -1,11 +1,14 @@
1
- ## 2.7.3 (August 26, 2022)
1
+ ## 2.7.4 (August 31, 2022)
2
2
 
3
- Bugfixes:
3
+ Support:
4
4
 
5
- - compatibility with jwt 2.5
5
+ - compatibility with redis 5.0
6
+
7
+ ## 2.7.3 (August 26, 2022)
6
8
 
7
9
  Support:
8
10
 
11
+ - compatibility with jwt 2.5
9
12
  - add rspec to development deps
10
13
 
11
14
  ## 2.7.2 (January 24, 2022)
data/README.md CHANGED
@@ -409,11 +409,11 @@ jwt_sessions only uses `exp` claim by default when it decodes tokens and you can
409
409
  setting `jwt_options`. You can also specify leeway to account for clock skew.
410
410
 
411
411
  ```ruby
412
- JWTSessions.jwt_options.verify_iss = true
413
- JWTSessions.jwt_options.verify_sub = true
414
- JWTSessions.jwt_options.verify_iat = true
415
- JWTSessions.jwt_options.verify_aud = true
416
- JWTSessions.jwt_options.leeway = 30 # seconds
412
+ JWTSessions.jwt_options[:verify_iss] = true
413
+ JWTSessions.jwt_options[:verify_sub] = true
414
+ JWTSessions.jwt_options[:verify_iat] = true
415
+ JWTSessions.jwt_options[:verify_aud] = true
416
+ JWTSessions.jwt_options[:leeway] = 30 # seconds
417
417
  ```
418
418
 
419
419
  To pass options like `sub`, `aud`, `iss`, or leeways you should specify a method called `token_claims` in your controller.
@@ -89,7 +89,7 @@ module JWTSessions
89
89
  tokens.each do |token|
90
90
  AccessToken.destroy(token.access_uid, store)
91
91
  # unlink refresh token from the current access token
92
- token.update(nil, nil, token.csrf)
92
+ token.update(0, 0, token.csrf)
93
93
  end.count
94
94
  end
95
95
 
@@ -208,7 +208,7 @@ module JWTSessions
208
208
  def check_access_uid_within_refresh_token
209
209
  uid = retrieve_val_from(payload, :access, "uid", "access uid")
210
210
  access_uid = @_refresh.access_uid
211
- return if access_uid.size.zero?
211
+ return if access_uid == "0"
212
212
  yield @_refresh.uid, @_refresh.access_expiration if access_uid != uid
213
213
  end
214
214
 
@@ -37,9 +37,11 @@ module JWTSessions
37
37
 
38
38
  def fetch_refresh(uid, namespace, first_match = false)
39
39
  key = first_match ? first_refresh_key(uid) : full_refresh_key(uid, namespace)
40
- values = storage.hmget(key, *REFRESH_KEYS).compact
40
+ return {} if key.nil?
41
41
 
42
+ values = storage.hmget(key, *REFRESH_KEYS).compact
42
43
  return {} if values.length != REFRESH_KEYS.length
44
+
43
45
  REFRESH_KEYS
44
46
  .each_with_index
45
47
  .each_with_object({}) { |(key, index), acc| acc[key] = values[index] }
@@ -1,5 +1,5 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module JWTSessions
4
- VERSION = "2.7.3"
4
+ VERSION = "2.7.4"
5
5
  end
@@ -24,13 +24,11 @@ class TestRedisStoreAdapter < Minitest::Test
24
24
  adapter = JWTSessions::StoreAdapters::RedisStoreAdapter.new(
25
25
  redis_url: "redis://127.0.0.1:6379",
26
26
  ssl_params: { verify_mode: OpenSSL::SSL::VERIFY_NONE },
27
- reconnect_delay: 2,
28
27
  timeout: 8
29
28
  )
30
29
  options = adapter.storage.instance_variable_get(:@options)
31
30
 
32
31
  assert_equal 8, options[:timeout]
33
- assert_equal 2, options[:reconnect_delay]
34
32
  assert_equal 0, options[:ssl_params][:verify_mode]
35
33
  end
36
34
 
@@ -309,8 +309,8 @@ class TestSession < Minitest::Test
309
309
  session.flush_namespaced_access_tokens
310
310
  ruid = session.instance_variable_get(:"@_refresh").uid
311
311
  refresh_token = JWTSessions::RefreshToken.find(ruid, JWTSessions.token_store, namespace)
312
- assert_equal "", refresh_token.access_uid
313
- assert_equal "", refresh_token.access_expiration
312
+ assert_equal "0", refresh_token.access_uid
313
+ assert_equal "0", refresh_token.access_expiration
314
314
 
315
315
  # allows to refresh with un-expired but flushed access token payload
316
316
  session.refresh_by_access_payload do
@@ -320,8 +320,8 @@ class TestSession < Minitest::Test
320
320
  access_token = JWTSessions::AccessToken.find(auid, JWTSessions.token_store)
321
321
  refresh_token = JWTSessions::RefreshToken.find(ruid, JWTSessions.token_store, namespace)
322
322
 
323
- assert_equal false, access_token.uid.size.zero?
324
- assert_equal false, access_token.expiration.size.zero?
323
+ assert "0" != access_token.uid
324
+ assert "0" != access_token.expiration
325
325
  assert_equal access_token.uid.to_s, refresh_token.access_uid
326
326
  assert_equal access_token.expiration.to_s, refresh_token.access_expiration
327
327
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: jwt_sessions
3
3
  version: !ruby/object:Gem::Version
4
- version: 2.7.3
4
+ version: 2.7.4
5
5
  platform: ruby
6
6
  authors:
7
7
  - Yulia Oletskaya
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2022-08-26 00:00:00.000000000 Z
11
+ date: 2022-08-31 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: jwt