jwtf 0.0.0 → 0.1.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: ba24aa21119d42efd1228010164dd6a0e2e1d6f6
-  data.tar.gz: d42aebf3a9a250042174d81ff27f77c9299ee83a
+  metadata.gz: 8b60481b01b729d24507183085a31b87807a78f1
+  data.tar.gz: f2c6bff39d135f9cd49a63af4ef05b8e26f7a885
 SHA512:
-  metadata.gz: 7b40f0074f39d047cabf01f3e066e66aeb7547bfa46032d68a0c4ff0842ad2626c092fb8ca75c886abbd6c62deb5116c868bdb2280ccd2ef6290611207475a4c
-  data.tar.gz: ad1055e0a34dbf91691f7fe4a616972116876ce8da4796360a147a35ba6e8b629a3fdfd4a1cdd9de5a3cc56d59d0e24a74178a39d4607d07cde544c8f8d5623d
+  metadata.gz: 263b8a31ab9279f756733aa6919f83f91103ae02a84e0f5882227bb5d4aeb759c05d2e72eddcf622d39b5f782632142f80ba7f55c4a7c2b22208e5fb4ccd80c3
+  data.tar.gz: 11e423b62142b47d17146ec4372ec53172d82c398d3cb5fe3c1b6c4af96cf0f0ea4e145e74dc6d455e9513608917c419dcf4e8c78f662f4e5b49f940bf5e3452

data/.circleci/config.yml

@@ -0,0 +1,61 @@
+# Ruby CircleCI 2.0 configuration file
+#
+# Check https://circleci.com/docs/2.0/language-ruby/ for more details
+#
+version: 2
+jobs:
+  build:
+    environment:
+      CC_TEST_REPORTER_ID: f1eafbc4f66fbdb2235b2975e1669bd02c7c2e34a9dc7be6db9a1dd80d45d595
+    docker:
+      # specify the version you desire here
+       - image: circleci/ruby:2.4.2-node-browsers
+
+      # Specify service dependencies here if necessary
+      # CircleCI maintains a library of pre-built images
+      # documented at https://circleci.com/docs/2.0/circleci-images/
+      # - image: circleci/postgres:9.4
+
+    working_directory: ~/repo
+
+    steps:
+      - checkout
+
+      # Download and cache dependencies
+      - restore_cache:
+          keys:
+          - v1-dependencies-{{ checksum "Gemfile.lock" }}
+          # fallback to using the latest cache if no exact match is found
+          - v1-dependencies-
+
+      - run:
+          name: install dependencies
+          command: |
+            bundle install --jobs=4 --retry=3 --path vendor/bundle
+
+      - save_cache:
+          paths:
+            - ./vendor/bundle
+          key: v1-dependencies-{{ checksum "Gemfile.lock" }}
+
+      - run:
+          name: Setup Code Climate test-reporter
+          command: |
+            curl -L https://codeclimate.com/downloads/test-reporter/test-reporter-latest-linux-amd64 > ./cc-test-reporter
+            chmod +x ./cc-test-reporter
+
+      # run tests!
+      - run:
+          name: run tests
+          command: |
+            mkdir /tmp/test-results
+            ./cc-test-reporter before-build
+            bundle exec rake test
+            ./cc-test-reporter after-build --coverage-input-type simplecov --exit-code $?
+
+      # collect reports
+      - store_test_results:
+          path: /tmp/test-results
+      - store_artifacts:
+          path: /tmp/test-results
+          destination: test-results

data/.codeclimate.yml

@@ -0,0 +1,3 @@
+plugins:
+  rubocop:
+    enabled: true

data/.gitignore

@@ -0,0 +1,9 @@
+/.bundle/
+/.yardoc
+/_yardoc/
+/coverage/
+/doc/
+/pkg/
+/test/reports/
+/tmp/
+/.rvmrc

data/.travis.yml

@@ -0,0 +1,5 @@
+sudo: false
+language: ruby
+rvm:
+  - 2.4.2
+before_install: gem install bundler -v 1.16.0

data/Gemfile

@@ -0,0 +1,6 @@
+source "https://rubygems.org"
+
+git_source(:github) {|repo_name| "https://github.com/#{repo_name}" }
+
+# Specify your gem's dependencies in jwtf.gemspec
+gemspec

data/Gemfile.lock

@@ -0,0 +1,50 @@
+PATH
+  remote: .
+  specs:
+    jwtf (0.1.1)
+      jwt (~> 2.1.0, >= 2.1.0)
+
+GEM
+  remote: https://rubygems.org/
+  specs:
+    ansi (1.5.0)
+    builder (3.2.3)
+    coderay (1.1.2)
+    docile (1.1.5)
+    json (2.1.0)
+    jwt (2.1.0)
+    method_source (0.9.0)
+    minitest (5.10.3)
+    minitest-ci (3.4.0)
+      minitest (>= 5.0.6)
+    minitest-reporters (1.1.19)
+      ansi
+      builder
+      minitest (>= 5.0)
+      ruby-progressbar
+    pry (0.11.3)
+      coderay (~> 1.1.0)
+      method_source (~> 0.9.0)
+    rake (10.5.0)
+    ruby-progressbar (1.9.0)
+    simplecov (0.15.1)
+      docile (~> 1.1.0)
+      json (>= 1.8, < 3)
+      simplecov-html (~> 0.10.0)
+    simplecov-html (0.10.2)
+
+PLATFORMS
+  ruby
+
+DEPENDENCIES
+  bundler (~> 1.16)
+  jwtf!
+  minitest (~> 5.0)
+  minitest-ci (~> 3.4.0)
+  minitest-reporters (~> 1.1.19)
+  pry (~> 0.11.3)
+  rake (~> 10.0)
+  simplecov
+
+BUNDLED WITH
+   1.16.1

data/{LICENSE → LICENSE.txt}

@@ -1,4 +1,4 @@
-MIT License
+The MIT License (MIT)
 
 Copyright (c) 2017 Alexandre De Pablo
 
@@ -9,13 +9,13 @@ to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
 copies of the Software, and to permit persons to whom the Software is
 furnished to do so, subject to the following conditions:
 
-The above copyright notice and this permission notice shall be included in all
-copies or substantial portions of the Software.
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
 
 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
 IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
 AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
 LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
-SOFTWARE.
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE.

data/README.md

@@ -1,2 +1,161 @@
-# jwtf
-An easy and customizable way to generate JSON Web Token
+[![Maintainability](https://api.codeclimate.com/v1/badges/f4e05fbcc00e7b6458b1/maintainability)](https://codeclimate.com/github/brindu/jwtf/maintainability)
+[![Test Coverage](https://api.codeclimate.com/v1/badges/f4e05fbcc00e7b6458b1/test_coverage)](https://codeclimate.com/github/brindu/jwtf/test_coverage)
+
+# JWT Framer
+
+JWTF allows you to configure how your JSON Web Token are generated. With JWT you
+are free to choose from a few (a lot !) of options like the signing algorithm
+you crave for, the associated secret key and all the reserved claims you wish to
+use ! JWTF offers you a way to configure most of it for your application, so you
+can concentrate on the access and policy logic you want to put inside your token.
+
+Wow ! Jeez WTF this looks so cool ! See below for the documentation.
+
+## Dependencies
+
+The token generation itself is delegated to the [ruby JWT](https://github.com/jwt/ruby-jwt)
+gem from its version 2.1.0.
+
+## Installation
+
+Add this line to your application's Gemfile:
+
+```ruby
+gem 'jwtf'
+```
+
+And then execute:
+
+    $ bundle
+
+Or install it yourself as:
+
+    $ gem install jwtf
+
+## Usage
+
+### Configuration
+
+Everything take place in a classic ruby configuration block :
+
+```ruby
+JWTF.configure do |config|
+  # ...
+end
+```
+
+In a Rails application you will typicaly use an initializer for this.
+
+#### Token encryption algorithm
+
+All signing algorithms available within the `jwt` gem are supported.
+
+```ruby
+JWTF.configure do |config|
+  # Specify the algorithm name with an uppercased string as documented in the
+  # jwt gem : https://github.com/jwt/ruby-jwt
+  # Defaults to 'none'
+  config.algorithm = 'HS256'
+
+  # The secret key that will be used to encrypt the generated tokens
+  # Required for algorithms different than 'none'
+  config.secret = 'much secret'
+end
+```
+
+TODO Implement usage and tests for HMAC other than 256, RSASSA, ECDSA
+
+#### Dynamic payload
+
+To get a JWT you have to call `JWTF.generate`, that's the only public method
+available. Thanks to this JWTF is a convenient extension for authentication
+solution like [Doorkeeper](https://github.com/doorkeeper-gem/doorkeeper).
+
+The `JWTF.generate` method (which accepts arguments) dispatch the call to the
+block given to `config.token_payload`.
+
+For instance, if you want your JWT payload to be a two fields JSON object : the
+ID of the user and a boolean which acknowledge if he is an admin or not :
+
+```json
+{
+  "uid": 1234,
+  "admin": false
+}
+```
+
+Into the configuration file, implement the dynamic payload creation :
+
+```ruby
+JWTF.configure do |config|
+  config.token_payload do |params|
+    user = User.find(params[:user_id]
+
+    # return the hash that will be converted into the token JSON payload
+    {
+      uid: params[:user_id],
+      admin: user.is_admin?
+    }
+  end
+end
+```
+
+Then just make such a call to get a new JWT :
+
+```ruby
+JWTF.generate(user_id: 1234)
+```
+
+#### Reserved claims
+
+##### Issued At (iat)
+
+Ensuring the presence of `iat` claim into your JWT payload :
+
+```ruby
+JWTF.configure do |config|
+  # When this is true, the "iat" field will be added in the token payload on
+  # its creation. The value will be the JWT creation date (a UNIX timestamp)
+  # Default to false
+  config.use_iat_claim = true
+end
+```
+
+##### Expiration time (exp)
+
+You can give a validity time to your JWT :
+
+```ruby
+JWTF.configure do |config|
+  # When exp_period is set, the "exp" field will be added to the tokens'
+  # payload. The JWT will then be valid for the whole period of time specified in
+  # the exp_period hash.
+  config.exp_period = { weeks: 5, hours: 3, ... }
+end
+```
+
+Period symbols listed below can be used (all singular forms are also available) :
+
+```ruby
+:seconds
+:minutes
+:hours
+:days
+:weeks
+:months
+:years
+```
+
+## Development
+
+After checking out the repo, run `bin/setup` to install dependencies. Then, run `rake test` to run the tests. You can also run `bin/console` for an interactive prompt that will allow you to experiment.
+
+To install this gem onto your local machine, run `bundle exec rake install`. To release a new version, update the version number in `version.rb`, and then run `bundle exec rake release`, which will create a git tag for the version, push git commits and tags, and push the `.gem` file to [rubygems.org](https://rubygems.org).
+
+## Contributing
+
+Bug reports and pull requests are welcome on GitHub at https://github.com/brindu/jwtf. This project is intended to be a safe, welcoming space for collaboration, and contributors are expected to adhere to the [Contributor Covenant](http://contributor-covenant.org) code of conduct.
+
+## License
+
+The gem is available as open source under the terms of the [MIT License](https://opensource.org/licenses/MIT).

data/Rakefile

@@ -0,0 +1,10 @@
+require "bundler/gem_tasks"
+require "rake/testtask"
+
+Rake::TestTask.new(:test) do |t|
+  t.libs << "test"
+  t.libs << "lib"
+  t.test_files = FileList["test/**/*_test.rb"]
+end
+
+task :default => :test

data/bin/console

@@ -0,0 +1,14 @@
+#!/usr/bin/env ruby
+
+require "bundler/setup"
+require "jwtf"
+
+# You can add fixtures and/or initialization code here to make experimenting
+# with your gem easier. You can also use a different console, if you like.
+
+# (If you use this, don't forget to add pry to your Gemfile!)
+require "pry"
+Pry.start
+
+# require "irb"
+# IRB.start(__FILE__)

data/bin/setup

@@ -0,0 +1,8 @@
+#!/usr/bin/env bash
+set -euo pipefail
+IFS=$'\n\t'
+set -vx
+
+bundle install
+
+# Do any other automated setup that you need to do here

data/jwtf.gemspec

@@ -0,0 +1,50 @@
+# coding: utf-8
+lib = File.expand_path('../lib', __FILE__)
+$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
+require 'jwtf/version'
+
+Gem::Specification.new do |spec|
+  spec.name          = 'jwtf'
+  spec.version       = JWTF::VERSION
+  spec.authors       = ['Alexandre De Pablo']
+  spec.email         = ['alexandre.depablo@gmail.com']
+
+  spec.summary       = 'A gem to shape your JSON Web Token with ease.'
+
+  spec.description   = <<DESC
+JWTF allows you to configure how your JSON Web Token are generated. With JWT you
+are free to choose from a few (a lot !) of options like the signing algorithm
+you crave for, the associated secret key and all the reserved claims you wish to
+use ! JWTF offers you a way to configure most of it for your application, so you
+can concentrate on the access and policy logic you want to put inside your token.
+DESC
+
+  spec.homepage      = 'https://github.com/brindu/jwtf'
+  spec.license       = 'MIT'
+
+  # Prevent pushing this gem to RubyGems.org. To allow pushes either set the 'allowed_push_host'
+  # to allow pushing to a single host or delete this section to allow pushing to any host.
+  # if spec.respond_to?(:metadata)
+  #   spec.metadata["allowed_push_host"] = "TODO: Set to 'http://mygemserver.com'"
+  # else
+  #   raise "RubyGems 2.0 or newer is required to protect against " \
+  #     "public gem pushes."
+  # end
+
+  spec.files         = `git ls-files -z`.split("\x0").reject do |f|
+    f.match(%r{^(test|spec|features)/})
+  end
+  spec.bindir        = 'exe'
+  spec.executables   = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
+  spec.require_paths = ['lib']
+
+  spec.add_dependency 'jwt', '~> 2.1.0', '>= 2.1.0'
+
+  spec.add_development_dependency 'bundler', '~> 1.16'
+  spec.add_development_dependency 'rake', '~> 10.0'
+  spec.add_development_dependency 'pry', '~> 0.11.3'
+  spec.add_development_dependency 'minitest', '~> 5.0'
+  spec.add_development_dependency 'minitest-reporters', '~> 1.1.19'
+  spec.add_development_dependency 'minitest-ci', '~> 3.4.0'
+  spec.add_development_dependency 'simplecov'
+end

data/lib/jwtf.rb

@@ -1,5 +1,25 @@
+require 'jwtf/version'
+require 'jwtf/configuration'
+require 'jwtf/encode'
+
 module JWTF
-  def self.coucou_world
-    puts "coucou"
+  def self.configure
+    yield(config)
+  end
+
+  def self.generate(params = {})
+    encoder.call(params)
+  end
+
+  class << self
+    private
+
+    def config
+      @config ||= Configuration.new
+    end
+
+    def encoder
+      @encoder ||= Encode.new(config)
+    end
   end
 end

data/lib/jwtf/configuration.rb

@@ -0,0 +1,17 @@
+module JWTF
+  class Configuration
+    attr_accessor :algorithm, :secret, :use_iat_claim, :exp_period
+    attr_reader :payload
+
+    def initialize
+      @payload = Proc.new { {} }
+      @algorithm = 'none'
+      @use_iat_claim = false
+      @exp_period = nil
+    end
+
+    def token_payload(&block)
+      @payload = block
+    end
+  end
+end

data/lib/jwtf/encode.rb

@@ -0,0 +1,43 @@
+require 'jwt'
+require 'jwtf/period'
+
+module JWTF
+  class Encode
+    attr_reader :config
+
+    def initialize(config)
+      @config = config
+
+      if @config.exp_period
+        @exp_period = JWTF::Period.new(config.exp_period)
+      end
+    end
+
+    def call(params = {})
+      payload = config.payload.call(params)
+
+      add_iat_claim(payload) if use_iat_claim
+      add_exp_claim(payload) if expiration_date?
+      ::JWT.encode(payload, secret, algorithm)
+    end
+
+    private
+
+    extend Forwardable
+
+    def_delegators :@config, :algorithm, :secret, :use_iat_claim
+
+    def add_iat_claim(payload)
+      payload[:iat] = Time.now.to_i
+    end
+
+    def expiration_date?
+      @exp_period
+    end
+
+    def add_exp_claim(payload)
+      exp_in_seconds = @exp_period.in_seconds
+      payload['exp'] = Time.now.to_i + exp_in_seconds
+    end
+  end
+end

data/lib/jwtf/period.rb

@@ -0,0 +1,38 @@
+module JWTF
+  class Period
+    def initialize(period)
+      @period = period
+    end
+
+    # @period argument needs to be a hash of this kind :
+    # { months: 2, weeks: 3, ... }
+    def in_seconds
+      @period.reduce(0) do |total_seconds, (period, nb_period)|
+        total_seconds + (nb_period * self.send(period))
+      end
+    end
+
+    private
+
+    def seconds; 1; end
+    alias :second :seconds
+
+    def minutes; 60; end
+    alias :minute :minutes
+
+    def hours; 3600; end
+    alias :hour :hours
+
+    def days; 86_400; end
+    alias :day :days
+
+    def weeks; 604_800; end
+    alias :week :weeks
+
+    def months; 2_592_000; end # 30 days
+    alias :month :months
+
+    def years; 31_557_600; end # 365,25 days
+    alias :year :years
+  end
+end

data/lib/jwtf/version.rb

@@ -0,0 +1,3 @@
+module JWTF
+  VERSION = "0.1.1"
+end

metadata

@@ -1,29 +1,166 @@
 --- !ruby/object:Gem::Specification
 name: jwtf
 version: !ruby/object:Gem::Version
-  version: 0.0.0
+  version: 0.1.1
 platform: ruby
 authors:
 - Alexandre De Pablo
 autorequire: 
-bindir: bin
+bindir: exe
 cert_chain: []
-date: 2017-12-22 00:00:00.000000000 Z
-dependencies: []
-description: A configurable way to issue JSON Web Token
-email: alexandre.depablo@gmail.com
+date: 2018-01-22 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: jwt
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 2.1.0
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 2.1.0
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 2.1.0
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 2.1.0
+- !ruby/object:Gem::Dependency
+  name: bundler
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.16'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.16'
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '10.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '10.0'
+- !ruby/object:Gem::Dependency
+  name: pry
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 0.11.3
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 0.11.3
+- !ruby/object:Gem::Dependency
+  name: minitest
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '5.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '5.0'
+- !ruby/object:Gem::Dependency
+  name: minitest-reporters
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 1.1.19
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 1.1.19
+- !ruby/object:Gem::Dependency
+  name: minitest-ci
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 3.4.0
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 3.4.0
+- !ruby/object:Gem::Dependency
+  name: simplecov
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+description: |
+  JWTF allows you to configure how your JSON Web Token are generated. With JWT you
+  are free to choose from a few (a lot !) of options like the signing algorithm
+  you crave for, the associated secret key and all the reserved claims you wish to
+  use ! JWTF offers you a way to configure most of it for your application, so you
+  can concentrate on the access and policy logic you want to put inside your token.
+email:
+- alexandre.depablo@gmail.com
 executables: []
 extensions: []
 extra_rdoc_files: []
 files:
-- LICENSE
+- ".circleci/config.yml"
+- ".codeclimate.yml"
+- ".gitignore"
+- ".travis.yml"
+- Gemfile
+- Gemfile.lock
+- LICENSE.txt
 - README.md
+- Rakefile
+- bin/console
+- bin/setup
+- jwtf.gemspec
 - lib/jwtf.rb
-homepage: http://rubygems.org/gems/jwtf
+- lib/jwtf/configuration.rb
+- lib/jwtf/encode.rb
+- lib/jwtf/period.rb
+- lib/jwtf/version.rb
+homepage: https://github.com/brindu/jwtf
 licenses:
 - MIT
-metadata:
-  source_code_uri: https://github.com/brindu/jwtf
+metadata: {}
 post_install_message: 
 rdoc_options: []
 require_paths:
@@ -43,5 +180,5 @@ rubyforge_project:
 rubygems_version: 2.6.13
 signing_key: 
 specification_version: 4
-summary: JWT Framer
+summary: A gem to shape your JSON Web Token with ease.
 test_files: []