keratin-authn 0.4.1 → 0.5.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 26792097cc800060345fe082b39cb723fe81545f
-  data.tar.gz: 58f5ecd4e08a125fb65c338beecbd28cf3665d19
+  metadata.gz: ad2249f2cb34275c7f28c5f0bb163f62a2c7140e
+  data.tar.gz: 74d562ac45f801426514cff133ca41ec5cb33a35
 SHA512:
-  metadata.gz: 2187cd129222281b93945b2a02518cb972bdc76636c436dc3fe64bebcd6e747540e2afe4b4f4bee0dfef57014e75207750fa3420d3e1712d6ddd9ef27e5eef54
-  data.tar.gz: 1e6dfbb0044a45dc438d84b6dae4fa7fdacaca4ca67ca87b3da78b37b7571c7892bfab48baf2bb063193fe41f9168f22f30ae3fcd767d68251111f8806f455b5
+  metadata.gz: 01476b8e1ce1b963665aae57c308fe2035a87ce51b681f2eb5f7143f874965efcd349bb60000692749769fc9884f819670a270f4cac1d9349706810f86f9541c
+  data.tar.gz: 0532c690abb32c73675a60ab6418d831d7360378ecb690c585bbe0e373d03f3ca53ce75160beea130130b69347e387d2197ffdba9d62639ff63fb656bd6485bf

data/README.md

@@ -109,6 +109,25 @@ class SessionsController
 end
 ```
 
+### Example: Multiple Domains
+
+When working with multiple frontend domains it may be beneficial to use a referrer header as your audience instead of a static configuration. You can do this by providing an additional parameter to the `subject_from` method.
+
+```ruby
+class ApplicationController
+  private
+
+  def current_user
+    return @current_user if defined? @current_user
+    @current_user = User.find_by_account_id(current_account_id)
+  end
+
+  def current_account_id
+    Keratin::AuthN.subject_from(cookies[:authn], audience: URI.parse(request.referer).host)
+  end
+end
+```
+
 ## Testing Your App
 
 AuthN provides helpers for working with tokens in your application's controller and integration tests.
@@ -138,4 +157,3 @@ To install this gem onto your local machine, run `bundle exec rake install`. To
 ## Contributing
 
 Bug reports and pull requests are welcome on GitHub at https://github.com/keratin/authn-rb. This project is intended to be a safe, welcoming space for collaboration, and contributors are expected to adhere to the [Contributor Covenant](http://contributor-covenant.org) code of conduct.
-

data/lib/keratin/authn.rb

@@ -73,8 +73,8 @@ module Keratin
     class << self
       # safely fetches a subject from the id token after checking relevant claims and
       # verifying the signature.
-      def subject_from(id_token)
-        verifier = IDTokenVerifier.new(id_token, signature_verifier)
+      def subject_from(id_token, audience: Keratin::AuthN.config.audience)
+        verifier = IDTokenVerifier.new(id_token, signature_verifier, audience)
         verifier.subject if verifier.verified?
       end
 

data/lib/keratin/authn/id_token_verifier.rb

@@ -2,9 +2,10 @@ require 'uri'
 
 module Keratin::AuthN
   class IDTokenVerifier
-    def initialize(str, signature_verifier)
+    def initialize(str, signature_verifier, audience)
       @id_token = str
       @signature_verifier = signature_verifier
+      @audience = audience
       @time = Time.now.to_i
     end
 
@@ -42,7 +43,7 @@ module Keratin::AuthN
     end
 
     def token_for_us?
-      jwt[:aud] == Keratin::AuthN.config.audience
+      jwt[:aud] == @audience
     end
 
     def token_fresh?

data/lib/keratin/authn/version.rb

@@ -1,5 +1,5 @@
 module Keratin # rubocop:disable Style/ClassAndModuleChildren
   module AuthN
-    VERSION = '0.4.1'
+    VERSION = '0.5.0'
   end
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: keratin-authn
 version: !ruby/object:Gem::Version
-  version: 0.4.1
+  version: 0.5.0
 platform: ruby
 authors:
 - Lance Ivy
 autorequire: 
 bindir: exe
 cert_chain: []
-date: 2017-03-18 00:00:00.000000000 Z
+date: 2017-06-22 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: json-jwt