jwt_signed_request 2.5.0 → 2.5.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
-SHA1:
-  metadata.gz: 6a4b6d9d7869c58d436404dc533c1918dc21a8fb
-  data.tar.gz: 4e87bacd334d5cafe414f6d350eb6b6c556fb2c1
+SHA256:
+  metadata.gz: 79cbd2415ebe2ccd5475a7dcce55816100def17b35e7e74b0f30e41062969f35
+  data.tar.gz: 8ca7449ac266884163f7cf73b9f89aebc463099ecc3193619b5199f5d1b185a4
 SHA512:
-  metadata.gz: ebea05eab2c08b118fa7fd01b329e8e48ad1385806a3d97ed7cb6c3642b4d58a7f19bbcf4234b5ad7c6aa87fd71abce1cec8f582144deaeff7f24edb8bcfa61e
-  data.tar.gz: 4b23e201723c6066820df703c7bdf4c8fa281c281beef379f3ffb4c13fa333f95d54c348fae53224ae44222258858c1431fb94a94d9f8925c2d36930ec2cfb03
+  metadata.gz: bd580744d0f274948091f1424e34289c01c95a66027434dbbdc2eccdf7bc7a4aa0905ad19dc2574b86640f7035040a790b6bfb36d0006ecda156664e0498e48a
+  data.tar.gz: e607c1345c5293afb153bbc173590a785b4472366ba383d984be39de0c2f8ca6c64a19ce9627b9df54865d6988e6ac2e7c1c33ef91a5911bf7189065e0ffb2a1

data/README.md

@@ -108,7 +108,8 @@ conn = Faraday.new(url: URI.parse('http://example.com')) do |faraday|
   faraday.use JWTSignedRequest::Middlewares::Faraday,
     key_id: 'my-key-id',
     issuer: 'my-issuer',                    # optional
-    additional_headers_to_sign: ['X-AUTH']  # optional
+    additional_headers_to_sign: ['X-AUTH'], # optional
+    bearer_schema: true                     # optional
 
   faraday.adapter Faraday.default_adapter
 end
@@ -119,6 +120,18 @@ conn.post do |req|
 end
 ```
 
+#### Additional options
+
+##### bearer_schema (boolean)
+
+Determines whether to use the [Bearer schema](https://auth0.com/docs/jwt#how-do-json-web-tokens-work-) when assigning the JWT token to the `Authorization` request header
+
+| bearer_schema value | Authorization header value|
+|---------------------|---------------------------|
+| false (default) | `<jwt_token>` |
+| true | `Bearer <jwt_token>` |
+
+
 ## Verifying Requests
 
 Please make sure you have added your verification keys to the key store. Doing so will allow the server to verify requests signed by different signing keys.

data/lib/jwt_signed_request/middlewares/faraday.rb

@@ -12,7 +12,7 @@ module JWTSignedRequest
       end
 
       def call(env)
-        jwt_token = ::JWTSignedRequest.sign(
+        @jwt_token = ::JWTSignedRequest.sign(
           method:     env[:method],
           path:       env[:url].request_uri,
           headers:    env[:request_headers],
@@ -20,13 +20,22 @@ module JWTSignedRequest
           **optional_settings
         )
 
-        env[:request_headers].store("Authorization", "Bearer #{jwt_token}")
+        env[:request_headers].store("Authorization", authorization_header)
+
         app.call(env)
       end
 
       private
 
-      attr_reader :app, :env, :options
+      attr_reader :app, :env, :options, :jwt_token
+
+      def authorization_header
+        bearer_schema? ? "Bearer #{jwt_token}" : jwt_token
+      end
+
+      def bearer_schema?
+        options[:bearer_schema] == true
+      end
 
       def optional_settings
         {

data/lib/jwt_signed_request/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module JWTSignedRequest
-  VERSION = '2.5.0'.freeze
+  VERSION = '2.5.1'.freeze
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: jwt_signed_request
 version: !ruby/object:Gem::Version
-  version: 2.5.0
+  version: 2.5.1
 platform: ruby
 authors:
 - Envato
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2019-01-22 00:00:00.000000000 Z
+date: 2019-01-30 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: jwt
@@ -154,7 +154,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubyforge_project: 
-rubygems_version: 2.6.13
+rubygems_version: 2.7.6
 signing_key: 
 specification_version: 4
 summary: JWT request signing and verification for Internal APIs