jwtauth 0.2.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml ADDED
@@ -0,0 +1,7 @@
1
+ ---
2
+ SHA1:
3
+ metadata.gz: 5fc65225671b2d557630b80c4f2d576d446247ee
4
+ data.tar.gz: 76a714b5f6158b60a34c09b14b0bee6b3c5f6fa7
5
+ SHA512:
6
+ metadata.gz: f68598055d510df2381f0673cf256119a236e719d5f200ed3bd9ad85825753a63ae2c0e70c46b13fe04559cf115e0c7b615d8a56aca0b015a42dd2975b14f5d5
7
+ data.tar.gz: 1d3ab2b18156e18aae99b96669f383faf66f097b16ae7ae6d0dcacffd3ce94d6b903457c2147541cdee68f61dfd4803b437f994db3e3ce7eb3740f11b3b89634
data/bin/jwtauth ADDED
@@ -0,0 +1,4 @@
1
+ #!/usr/bin/env ruby
2
+
3
+ require 'jwtauth'
4
+ puts Jwtauth::Introduction.about(ARGV[0])
@@ -0,0 +1,18 @@
1
+ module Jwtauth
2
+ class Introduction
3
+ class << self
4
+ # Say hi to you & talk about gem!
5
+ #
6
+ # Example:
7
+ # >> Introduction.about("spanish")
8
+ # => hello spanish
9
+ #
10
+ # Arguments:
11
+ # yourname: (String)
12
+
13
+ def about yourname
14
+ "hello #{yourname}. This is a library for jwt auth"
15
+ end
16
+ end
17
+ end
18
+ end
@@ -0,0 +1,11 @@
1
+ module Jwtauth
2
+ class User
3
+ attr_reader :id, :uid, :role
4
+
5
+ def initialize attrs
6
+ @id = attrs['id']
7
+ @uid = attrs['uid']
8
+ @role = attrs['role']
9
+ end
10
+ end
11
+ end
data/lib/jwtauth.rb ADDED
@@ -0,0 +1,160 @@
1
+ require 'jwt'
2
+
3
+ module Jwtauth
4
+ autoload :Introduction, 'jwtauth/introduction'
5
+ autoload :User, 'jwtauth/user'
6
+
7
+ # Entity represent for current session
8
+ # mattr_accessor :session_entity
9
+ @@session_entity = Jwtauth::User
10
+
11
+ # Read file contain public key used when decoding jwt.
12
+ # mattr_accessor :jwt_rsa_pub
13
+ @@jwt_rsa_pub = nil
14
+
15
+ # Define authservice path for get session (jwt)
16
+ # mattr_accessor :session_path
17
+ @@session_path = nil
18
+
19
+ # Algorithm, JWT use to encode
20
+ # mattr_accessor :algorithm
21
+ @@algorithm = 'RS256'
22
+
23
+ # Default way to set up Jwtauth.
24
+ # a fresh initializer with all configuration values.
25
+ def self.setup
26
+ yield self
27
+ end
28
+
29
+ def self.session_entity
30
+ @@session_entity
31
+ end
32
+
33
+ def self.session_entity=(session_entity)
34
+ @@session_entity = session_entity
35
+ end
36
+
37
+ def self.jwt_rsa_pub
38
+ @@jwt_rsa_pub
39
+ end
40
+
41
+ def self.jwt_rsa_pub=(jwt_rsa_pub)
42
+ @@jwt_rsa_pub = jwt_rsa_pub
43
+ end
44
+
45
+ def self.session_path
46
+ @@session_path
47
+ end
48
+
49
+ def self.session_path=(session_path)
50
+ @@session_path = session_path
51
+ end
52
+
53
+ def self.algorithm
54
+ @@algorithm
55
+ end
56
+
57
+ def self.algorithm=(algorithm)
58
+ @@algorithm = algorithm
59
+ end
60
+
61
+ # Define abstract class error of when call authservice
62
+ class AuthorizedError < StandardError; end
63
+ class SocketError < AuthorizedError; end
64
+ class UnauthorizedError < AuthorizedError; end
65
+ class ExpiredError < AuthorizedError; end
66
+
67
+ class Session
68
+ class << self
69
+ def jwt_decode token
70
+ JWT.decode token, Jwtauth.jwt_rsa_pub, true, { algorithm: Jwtauth.algorithm }
71
+ end
72
+
73
+ # begin
74
+ # decoded_token = JWT.decode token, hmac_secret, true, { :algorithm => 'HS256' }
75
+ # rescue JWT::ExpiredSignature
76
+ # # Handle expired token, e.g. logout user or deny access
77
+ # end
78
+ def expjwt_decode token
79
+ JWT.decode token, Jwtauth.jwt_rsa_pub, true, { algorithm: Jwtauth.algorithm }
80
+ end
81
+
82
+ def getjwt origin_request
83
+ uri = URI(Jwtauth.session_path)
84
+
85
+ uri.query = CGI.unescape({
86
+ 'uid' => origin_request.headers['uid'],
87
+ 'client' => origin_request.headers['client'],
88
+ 'access-token' => origin_request.headers['access-token'],}.to_query)
89
+
90
+ Net::HTTP.start(uri.host, uri.port,
91
+ :use_ssl => uri.scheme == 'https') do |http|
92
+ request = Net::HTTP::Get.new uri
93
+
94
+ response = http.request request
95
+ end
96
+ end
97
+ end
98
+ end
99
+
100
+ module Controller
101
+ # Authorize user
102
+ def authorize_user!
103
+ begin
104
+ res = Jwtauth::Session.getjwt(request)
105
+ rescue Exception => e
106
+ raise Jwtauth::SocketError, "authservice not available"
107
+ end
108
+
109
+ case res
110
+ when Net::HTTPSuccess
111
+ begin
112
+ payload = Jwtauth::Session.expjwt_decode(JSON.parse(res.body)['jwt'])
113
+
114
+ if logger && payload[1] && payload[1]["alg"] != Jwtauth.algorithm
115
+ logger.warn "Algorithm #{Jwtauth.algorithm} is required (payload has #{payload[1]["alg"]})"
116
+ end
117
+
118
+ raise Jwtauth::ExpiredError, "session expired" if Time.now.to_i > payload[0]['exp']
119
+
120
+ # Assign current session of user request
121
+ @current_user = Jwtauth.session_entity.new(payload[0]['data'])
122
+ rescue Exception => e
123
+ raise Jwtauth::AuthorizedError, "payload authorized errors"
124
+ end
125
+ when Net::HTTPUnauthorized
126
+ raise Jwtauth::UnauthorizedError, "You need to sign in or sign up before continuing."
127
+ else
128
+ raise Jwtauth::AuthorizedError, "authorized errors"
129
+ end
130
+ end
131
+
132
+ # Handle for user not authorized
133
+ def user_not_authorized(exception)
134
+ status = :forbidden
135
+
136
+ case exception
137
+ when Jwtauth::UnauthorizedError
138
+ status = :unauthorized
139
+ when Jwtauth::ExpiredError
140
+ status = :request_timeout
141
+ when Jwtauth::SocketError
142
+ status = :internal_server_error
143
+ end
144
+
145
+ render json: {errors: [exception.message]}, status: status
146
+ end
147
+
148
+ def self.included(base)
149
+ base.extend ClassMethods
150
+
151
+ base.class_eval do
152
+ attr_reader :current_user
153
+ rescue_from Jwtauth::AuthorizedError, with: :user_not_authorized
154
+ end
155
+ end
156
+
157
+ module ClassMethods
158
+ end
159
+ end
160
+ end
metadata ADDED
@@ -0,0 +1,62 @@
1
+ --- !ruby/object:Gem::Specification
2
+ name: jwtauth
3
+ version: !ruby/object:Gem::Version
4
+ version: 0.2.0
5
+ platform: ruby
6
+ authors:
7
+ - Dieu Pham
8
+ autorequire:
9
+ bindir: bin
10
+ cert_chain: []
11
+ date: 2017-08-21 00:00:00.000000000 Z
12
+ dependencies:
13
+ - !ruby/object:Gem::Dependency
14
+ name: jwt
15
+ requirement: !ruby/object:Gem::Requirement
16
+ requirements:
17
+ - - ">="
18
+ - !ruby/object:Gem::Version
19
+ version: 1.5.6
20
+ type: :runtime
21
+ prerelease: false
22
+ version_requirements: !ruby/object:Gem::Requirement
23
+ requirements:
24
+ - - ">="
25
+ - !ruby/object:Gem::Version
26
+ version: 1.5.6
27
+ description: A simple concern in controller for jwt authorization
28
+ email: dieupv@topica.edu.vn
29
+ executables:
30
+ - jwtauth
31
+ extensions: []
32
+ extra_rdoc_files: []
33
+ files:
34
+ - bin/jwtauth
35
+ - lib/jwtauth.rb
36
+ - lib/jwtauth/introduction.rb
37
+ - lib/jwtauth/user.rb
38
+ homepage: http://rubygems.org/gems/jwtauth
39
+ licenses:
40
+ - MIT
41
+ metadata: {}
42
+ post_install_message:
43
+ rdoc_options: []
44
+ require_paths:
45
+ - lib
46
+ required_ruby_version: !ruby/object:Gem::Requirement
47
+ requirements:
48
+ - - ">="
49
+ - !ruby/object:Gem::Version
50
+ version: '0'
51
+ required_rubygems_version: !ruby/object:Gem::Requirement
52
+ requirements:
53
+ - - ">="
54
+ - !ruby/object:Gem::Version
55
+ version: '0'
56
+ requirements: []
57
+ rubyforge_project:
58
+ rubygems_version: 2.6.8
59
+ signing_key:
60
+ specification_version: 4
61
+ summary: Jwt Authorization Service
62
+ test_files: []