jwt_sessions 3.2.3 → 3.2.4
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +6 -0
- data/lib/jwt_sessions/authorization.rb +10 -2
- data/lib/jwt_sessions/version.rb +1 -1
- data/test/units/jwt_sessions/test_authorization.rb +102 -0
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 3d616f460afd8b13982064b340c2ea3f3e326bb99dff16ec2e159599ffa4aebd
|
|
4
|
+
data.tar.gz: baed64f2320056748d33c1f08c955e4b37cb958d6442f28ade5fa7c61656be56
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: d31922314b428ab7bb82d0817b5a357b8fec1f47361d11e194f9d8c8e9e3dc9cda791c095af43c12aa7f71b06c36e3d1912b83808644a9dcd55888d19679342b
|
|
7
|
+
data.tar.gz: 3ffb8fa65a4c9d5599be7cc7d387773d2fee8a3f10c70b5c4ed1a7b30912d33400a678d69c07d469b4ce4113e021f3035b0d2e62949472cd32b707d3efded94b
|
data/CHANGELOG.md
CHANGED
|
@@ -79,11 +79,11 @@ module JWTSessions
|
|
|
79
79
|
end
|
|
80
80
|
|
|
81
81
|
def valid_csrf_token?(csrf_token, token_type)
|
|
82
|
-
JWTSessions::Session.new.valid_csrf?(found_token, csrf_token, token_type)
|
|
82
|
+
JWTSessions::Session.new(session_claims).valid_csrf?(found_token, csrf_token, token_type)
|
|
83
83
|
end
|
|
84
84
|
|
|
85
85
|
def session_exists?(token_type)
|
|
86
|
-
JWTSessions::Session.new.session_exists?(found_token, token_type)
|
|
86
|
+
JWTSessions::Session.new(session_claims).session_exists?(found_token, token_type)
|
|
87
87
|
end
|
|
88
88
|
|
|
89
89
|
def cookieless_auth(token_type)
|
|
@@ -150,5 +150,13 @@ module JWTSessions
|
|
|
150
150
|
invalid_authorization unless session_exists?(token_type)
|
|
151
151
|
check_csrf(token_type)
|
|
152
152
|
end
|
|
153
|
+
|
|
154
|
+
def session_claims
|
|
155
|
+
claims = respond_to?(:token_claims) ? token_claims : {}
|
|
156
|
+
{
|
|
157
|
+
access_claims: claims,
|
|
158
|
+
refresh_claims: claims
|
|
159
|
+
}
|
|
160
|
+
end
|
|
153
161
|
end
|
|
154
162
|
end
|
data/lib/jwt_sessions/version.rb
CHANGED
|
@@ -6,10 +6,22 @@ require "jwt_sessions"
|
|
|
6
6
|
class TestAuthorization < Minitest::Test
|
|
7
7
|
include JWTSessions::Authorization
|
|
8
8
|
|
|
9
|
+
def token_claims
|
|
10
|
+
{
|
|
11
|
+
iss: "issuer",
|
|
12
|
+
aud: "audience",
|
|
13
|
+
}
|
|
14
|
+
end
|
|
15
|
+
|
|
9
16
|
def setup
|
|
10
17
|
JWTSessions.signing_key = "abcdefghijklmnopqrstuvwxyzABCDEF"
|
|
11
18
|
end
|
|
12
19
|
|
|
20
|
+
def teardown
|
|
21
|
+
JWTSessions.jwt_options[:verify_iss] = false
|
|
22
|
+
JWTSessions.jwt_options[:verify_aud] = false
|
|
23
|
+
end
|
|
24
|
+
|
|
13
25
|
def test_payload_when_token_is_nil
|
|
14
26
|
@_raw_token = nil
|
|
15
27
|
|
|
@@ -23,4 +35,94 @@ class TestAuthorization < Minitest::Test
|
|
|
23
35
|
assert_equal payload['user_id'], 1
|
|
24
36
|
assert_equal payload['secret'], 'mystery'
|
|
25
37
|
end
|
|
38
|
+
|
|
39
|
+
def test_verify_iss
|
|
40
|
+
JWTSessions.jwt_options[:verify_iss] = true
|
|
41
|
+
|
|
42
|
+
session = JWTSessions::Session.new(payload: { user_id: 1, iss: "issuer" })
|
|
43
|
+
tokens = session.login
|
|
44
|
+
|
|
45
|
+
# Extract uid from access token
|
|
46
|
+
uid = JWT.decode(tokens[:access], JWTSessions.public_key).first["uid"]
|
|
47
|
+
|
|
48
|
+
@_raw_token =
|
|
49
|
+
JWTSessions::Token.encode({ user_id: 1, uid: uid, iss: "issuer" })
|
|
50
|
+
|
|
51
|
+
assert session_exists?(:access)
|
|
52
|
+
end
|
|
53
|
+
|
|
54
|
+
def test_verify_iss_when_iss_is_not_correct
|
|
55
|
+
JWTSessions.jwt_options[:verify_iss] = true
|
|
56
|
+
|
|
57
|
+
session = JWTSessions::Session.new(payload: { user_id: 1, iss: "issuer" })
|
|
58
|
+
tokens = session.login
|
|
59
|
+
|
|
60
|
+
# Extract uid from access token
|
|
61
|
+
uid = JWT.decode(tokens[:access], JWTSessions.public_key).first["uid"]
|
|
62
|
+
|
|
63
|
+
@_raw_token =
|
|
64
|
+
JWTSessions::Token.encode({ user_id: 1, uid: uid, iss: "another_issuer" })
|
|
65
|
+
|
|
66
|
+
assert !session_exists?(:access)
|
|
67
|
+
end
|
|
68
|
+
|
|
69
|
+
def test_verify_iss_when_iss_is_not_present
|
|
70
|
+
JWTSessions.jwt_options[:verify_iss] = true
|
|
71
|
+
|
|
72
|
+
session = JWTSessions::Session.new(payload: { user_id: 1, iss: "issuer" })
|
|
73
|
+
tokens = session.login
|
|
74
|
+
|
|
75
|
+
# Extract uid from access token
|
|
76
|
+
uid = JWT.decode(tokens[:access], JWTSessions.public_key).first["uid"]
|
|
77
|
+
|
|
78
|
+
@_raw_token =
|
|
79
|
+
JWTSessions::Token.encode({ user_id: 1, uid: uid })
|
|
80
|
+
|
|
81
|
+
assert !session_exists?(:access)
|
|
82
|
+
end
|
|
83
|
+
|
|
84
|
+
def test_verify_aud
|
|
85
|
+
JWTSessions.jwt_options[:verify_aud] = true
|
|
86
|
+
|
|
87
|
+
session = JWTSessions::Session.new(payload: { user_id: 1, aud: "audience" })
|
|
88
|
+
tokens = session.login
|
|
89
|
+
|
|
90
|
+
# Extract uid from access token
|
|
91
|
+
uid = JWT.decode(tokens[:access], JWTSessions.public_key).first["uid"]
|
|
92
|
+
|
|
93
|
+
@_raw_token =
|
|
94
|
+
JWTSessions::Token.encode({ user_id: 1, uid: uid, aud: "audience" })
|
|
95
|
+
|
|
96
|
+
assert session_exists?(:access)
|
|
97
|
+
end
|
|
98
|
+
|
|
99
|
+
def test_verify_aud_when_aud_is_not_correct
|
|
100
|
+
JWTSessions.jwt_options[:verify_aud] = true
|
|
101
|
+
|
|
102
|
+
session = JWTSessions::Session.new(payload: { user_id: 1, aud: "audience" })
|
|
103
|
+
tokens = session.login
|
|
104
|
+
|
|
105
|
+
# Extract uid from access token
|
|
106
|
+
uid = JWT.decode(tokens[:access], JWTSessions.public_key).first["uid"]
|
|
107
|
+
|
|
108
|
+
@_raw_token =
|
|
109
|
+
JWTSessions::Token.encode({ user_id: 1, uid: uid, aud: "another_audience" })
|
|
110
|
+
|
|
111
|
+
assert !session_exists?(:access)
|
|
112
|
+
end
|
|
113
|
+
|
|
114
|
+
def test_verify_aud_when_aud_is_not_present
|
|
115
|
+
JWTSessions.jwt_options[:verify_aud] = true
|
|
116
|
+
|
|
117
|
+
session = JWTSessions::Session.new(payload: { user_id: 1, aud: "audience" })
|
|
118
|
+
tokens = session.login
|
|
119
|
+
|
|
120
|
+
# Extract uid from access token
|
|
121
|
+
uid = JWT.decode(tokens[:access], JWTSessions.public_key).first["uid"]
|
|
122
|
+
|
|
123
|
+
@_raw_token =
|
|
124
|
+
JWTSessions::Token.encode({ user_id: 1, uid: uid })
|
|
125
|
+
|
|
126
|
+
assert !session_exists?(:access)
|
|
127
|
+
end
|
|
26
128
|
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: jwt_sessions
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 3.2.
|
|
4
|
+
version: 3.2.4
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Julija Alieckaja
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2024-09-
|
|
11
|
+
date: 2024-09-21 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: jwt
|