keycard 0.3.3 → 0.4.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 5a73c4a3d99e36a4126bde8248bc3050037dc333a9a264b3169dff4a715d9a67
-  data.tar.gz: 320cec317aa2b0fdf3d85bf02506db09267954484898e1b351d4bd69de2d7253
+  metadata.gz: 977ad57d8c2f90bff10d401257afa4425e2024f9e5f9495070ffd69177c6ed64
+  data.tar.gz: ff159cd688e1ae9a10f971e14380a844dd7bf95c81a2d8911cdb0e851a251d61
 SHA512:
-  metadata.gz: fa1c61ee6513b56dd213229ee7df793076b095a54b52865f31b07d293a4bc235e72a563900f1fee5aff693de0136ad30b8be7b8345e47606d760ca5474d8ad5a
-  data.tar.gz: 86f727073283be6c122c3d4a0aaf7c5e738223306b08331779528087aecbe6bec1759b9fbaaa4819f033d1a3dc1fd0a4fd370d1107c4d5e068c9ec678fea9334
+  metadata.gz: 1f561da3e734d6bde76d74562f01ea66f270fea189f589f6f8849dda472860d33e2f0efabee88e752ea1ac0c50b2c724825f2a630e5a90c4d1d2e015f7db2deb
+  data.tar.gz: a4067ad2e10a4573effc4e42148889ddf8e3f380c748c43945732ae64a5409ba4cb9053d4ba68413e11f995f2312019509c5ec12d2451ca87af3fca0fb77d0a6

data/.github/dependabot.yml

@@ -0,0 +1,10 @@
+version: 2
+updates:
+  - package-ecosystem: "github-actions"
+    directory: "/"
+    schedule:
+      interval: "daily"
+  - package-ecosystem: "bundler"
+    directory: "/"
+    schedule:
+      interval: "daily"

data/.github/workflows/test.yml

@@ -0,0 +1,32 @@
+name: Tests
+
+on:
+  push:
+    branches: [ main ]
+  pull_request:
+    branches: [ main ]
+
+jobs:
+  test:
+    strategy:
+      matrix:
+        os: [ ubuntu-latest ]
+        ruby-version: [3.2, 3.3, 3.4, 4.0]
+
+    runs-on: ${{ matrix.os }}
+
+    steps:
+    - uses: actions/checkout@v6
+    - name: Set up Ruby ${{ matrix.ruby-version }}
+      uses: ruby/setup-ruby@v1
+      with:
+        ruby-version: ${{ matrix.ruby-version }}
+        bundler-cache: true
+    - name: Run linter for Ruby ${{ matrix.ruby-version }} on ${{ matrix.os }}
+      run: bin/standardrb
+    - name: Run tests for Ruby ${{ matrix.ruby-version }} on ${{ matrix.os }}
+      run: bin/rspec
+    - name: Report to Coveralls
+      uses: coverallsapp/github-action@v2.1.0
+      with:
+        github-token: ${{ secrets.github_token }}

data/.standard.yml

@@ -0,0 +1 @@
+ruby_version: 3.0.0

data/CHANGELOG.md

@@ -0,0 +1,9 @@
+# Change Log
+
+## v0.4.0
+
+### Changes
+
+In v0.4.0, there is a large jump in Ruby version support and requirements.
+The `sqlite3` gem is upgraded to 2.9, and the minimum Ruby version is **3.2**.
+However, there are no API changes.

data/README.md

@@ -1,5 +1,5 @@
-[![Build Status](https://travis-ci.org/mlibrary/keycard.svg?branch=master)](https://travis-ci.org/mlibrary/keycard?branch=master)
-[![Coverage Status](https://coveralls.io/repos/github/mlibrary/keycard/badge.svg?branch=master)](https://coveralls.io/github/mlibrary/keycard?branch=master)
+[![Tests](https://github.com/mlibrary/keycard/actions/workflows/test.yml/badge.svg)](https://github.com/mlibrary/keycard/actions/workflows/test.yml)
+[![Coverage Status](https://coveralls.io/repos/github/mlibrary/keycard/badge.svg?branch=main)](https://coveralls.io/github/mlibrary/keycard?branch=main)
 [![User Docs](https://img.shields.io/badge/user_docs-readthedocs-blue.svg)](https://keycard.readthedocs.io/en/latest)
 [![API Docs](https://img.shields.io/badge/API_docs-rubydoc.info-blue.svg)](https://www.rubydoc.info/gems/keycard)
 
@@ -47,7 +47,7 @@ associated with institutions), and the access mode (whether your application is
 served directly or behind a reverse proxy). These will be unified eventually,
 but for now, they are configured separately.
 
-## For the Database
+### For the Database
 
 For the database, there is a Railtie that, when running in a Rails app,
 attempts to use the same connection information as ActiveRecord. If you are
@@ -66,7 +66,7 @@ to pass to the Sequel connection or set `Keycard::DB.config.url` to use a
 connction string. The latter is equivalent to setting the `KEYCARD_DATABASE_URL`
 environment variable.
 
-## For the Access Mode
+### For the Access Mode
 
 To extract the username and client IP from each request, Keycard must be
 configured for an "access mode". This can be set in an initializer, under the
@@ -78,6 +78,20 @@ Under the hood, these modes amount to using either `REMOTE_USER` and
 `REMOTE_ADDR` in the environment set by the Ruby webserver for direct mode or
 the `X-Forwarded-User` and `X-Forwarded-For` headers set by a reverse proxy.
 
+## Compatibility
+
+Keycard is intended to be compatible with all community-supported Ruby branches (i.e., minor versions), currently:
+
+ - 3.2
+ - 3.3
+ - 3.4
+ - 4.0
+
+We prefer the newest syntax and linting rules that preserve compatibility with the oldest branch in normal maintenance.
+When the security maintenance for a branch expires, Keycard's compatibility should be considered unsupported.
+
+See also, [Ruby's branch maintenance policy](https://www.ruby-lang.org/en/downloads/branches/).
+
 ## License
 
 Keycard is licensed under the BSD-3-Clause license. See [LICENSE.md](LICENSE.md).

data/Rakefile

@@ -5,6 +5,6 @@ require "rspec/core/rake_task"
 
 RSpec::Core::RakeTask.new(:spec)
 
-load 'lib/tasks/migrate.rake'
+load "lib/tasks/migrate.rake"
 
 task default: :spec

data/bin/rspec

@@ -0,0 +1,29 @@
+#!/usr/bin/env ruby
+# frozen_string_literal: true
+
+#
+# This file was generated by Bundler.
+#
+# The application 'rspec' is installed as part of a gem, and
+# this file is here to facilitate running it.
+#
+
+require "pathname"
+ENV["BUNDLE_GEMFILE"] ||= File.expand_path("../../Gemfile",
+  Pathname.new(__FILE__).realpath)
+
+bundle_binstub = File.expand_path("../bundle", __FILE__)
+
+if File.file?(bundle_binstub)
+  if File.read(bundle_binstub, 300) =~ /This file was generated by Bundler/
+    load(bundle_binstub)
+  else
+    abort("Your `bin/bundle` was not generated by Bundler, so this binstub cannot run.
+Replace `bin/bundle` by running `bundle binstubs bundler --force`, then run this command again.")
+  end
+end
+
+require "rubygems"
+require "bundler/setup"
+
+load Gem.bin_path("rspec-core", "rspec")

data/bin/standardrb

@@ -0,0 +1,29 @@
+#!/usr/bin/env ruby
+# frozen_string_literal: true
+
+#
+# This file was generated by Bundler.
+#
+# The application 'standardrb' is installed as part of a gem, and
+# this file is here to facilitate running it.
+#
+
+require "pathname"
+ENV["BUNDLE_GEMFILE"] ||= File.expand_path("../../Gemfile",
+  Pathname.new(__FILE__).realpath)
+
+bundle_binstub = File.expand_path("../bundle", __FILE__)
+
+if File.file?(bundle_binstub)
+  if File.read(bundle_binstub, 300) =~ /This file was generated by Bundler/
+    load(bundle_binstub)
+  else
+    abort("Your `bin/bundle` was not generated by Bundler, so this binstub cannot run.
+Replace `bin/bundle` by running `bundle binstubs bundler --force`, then run this command again.")
+  end
+end
+
+require "rubygems"
+require "bundler/setup"
+
+load Gem.bin_path("standard", "standardrb")

data/db/migrations/1_create_tables.rb

@@ -1,7 +1,5 @@
 # frozen_string_literal: true
 
-# rubocop:disable Metrics/BlockLength
-
 Sequel.migration do
   change do
     create_table(:aa_inst) do

data/keycard.gemspec

@@ -1,14 +1,14 @@
 # frozen_string_literal: true
 
-lib = File.expand_path('lib', __dir__)
+lib = File.expand_path("lib", __dir__)
 $LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
 require "keycard/version"
 
 Gem::Specification.new do |spec|
-  spec.name    = "keycard"
+  spec.name = "keycard"
   spec.version = Keycard::VERSION
   spec.authors = ["Noah Botimer", "Aaron Elkiss"]
-  spec.email   = ["botimer@umich.edu", "aelkiss@umich.edu"]
+  spec.email = ["botimer@umich.edu", "aelkiss@umich.edu"]
   spec.license = "BSD-3-Clause"
 
   spec.summary = <<~SUMMARY
@@ -20,19 +20,23 @@ Gem::Specification.new do |spec|
   spec.files = `git ls-files -z`.split("\x0").reject do |f|
     f.match(%r{^(test|spec|features)/})
   end
-  spec.bindir        = "exe"
-  spec.executables   = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
+  spec.bindir = "exe"
+  spec.executables = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
   spec.require_paths = ["lib"]
 
+  spec.required_ruby_version = ">= 3.2.0"
+
   spec.add_dependency "sequel"
 
   spec.add_development_dependency "bundler"
-  spec.add_development_dependency "coveralls"
+  spec.add_development_dependency "logger"
+  spec.add_development_dependency "simplecov"
+  spec.add_development_dependency "simplecov-lcov"
+  spec.add_development_dependency "ostruct"
   spec.add_development_dependency "pry"
   spec.add_development_dependency "rake"
   spec.add_development_dependency "rspec"
-  spec.add_development_dependency "rubocop"
-  spec.add_development_dependency "rubocop-rspec"
-  spec.add_development_dependency "sqlite3", "~> 1.3.13"
+  spec.add_development_dependency "standard", "~> 1.53"
+  spec.add_development_dependency "sqlite3", "~> 2.9.0"
   spec.add_development_dependency "yard"
 end

data/lib/keycard/controller_methods.rb

@@ -34,13 +34,13 @@ module Keycard
     def validate_session
       csrf_token = session[:_csrf_token]
       elapsed = begin
-                  Time.now - (session[:timestamp] || Time.at(0))
-                rescue StandardError
-                  session_timeout
-                end
+        Time.now - Time.at(session[:timestamp] || 0)
+      rescue
+        session_timeout
+      end
       reset_session if elapsed >= session_timeout
       session[:_csrf_token] = csrf_token
-      session[:timestamp] = Time.now if session.key?(:timestamp)
+      session[:timestamp] = Time.now.to_i if session.key?(:timestamp)
     end
 
     # Require that some authentication method successfully identifies a user/account,
@@ -64,7 +64,7 @@ module Keycard
     #   passed to each authentication method
     # @return [Boolean] whether the login attempt was successful
     def login(**credentials)
-      authentication(credentials).authenticated?.tap do |success|
+      authentication(**credentials).authenticated?.tap do |success|
         setup_session if success
       end
     end
@@ -88,7 +88,7 @@ module Keycard
 
     def authentication(**credentials)
       request.env["keycard.authentication"] ||=
-        notary.authenticate(request, session, credentials)
+        notary.authenticate(request, session, **credentials)
     end
 
     # The session timeout, in seconds. Sessions will be cleared before any
@@ -105,7 +105,7 @@ module Keycard
       reset_session
       session[:return_to] = return_url
       session[:user_id] = current_user.id
-      session[:timestamp] = Time.now
+      session[:timestamp] = Time.now.to_i
     end
   end
 end

data/lib/keycard/db.rb

@@ -1,17 +1,17 @@
 # frozen_string_literal: true
 
-require 'ostruct'
-require 'logger'
-require 'yaml'
+require "ostruct"
+require "logger"
+require "yaml"
 
 # Module for database interactions for Keycard.
 module Keycard::DB
   # Any error with the database that Keycard itself detects but cannot handle.
   class DatabaseError < StandardError; end
 
-  CONNECTION_ERROR = 'The Keycard database is not initialized. Call initialize! first.'
+  CONNECTION_ERROR = "The Keycard database is not initialized. Call initialize! first."
 
-  ALREADY_CONNECTED = 'Already connected; refusing to connect to another database.'
+  ALREADY_CONNECTED = "Already connected; refusing to connect to another database."
 
   MISSING_CONFIG = <<~MSG
     KEYCARD_DATABASE_URL and DATABASE_URL are both missing and a connection
@@ -85,7 +85,7 @@ module Keycard::DB
       return if config.readonly
 
       Sequel.extension :migration
-      Sequel::Migrator.run(db, File.join(__dir__, '../../db/migrations'), table: schema_table)
+      Sequel::Migrator.run(db, File.join(__dir__, "../../db/migrations"), table: schema_table)
     end
 
     def schema_table
@@ -93,7 +93,7 @@ module Keycard::DB
     end
 
     def schema_file
-      'db/keycard.yml'
+      "db/keycard.yml"
     end
 
     def dump_schema!
@@ -115,13 +115,13 @@ module Keycard::DB
 
     # Merge url, opts, or db settings from a hash into our config
     def merge_config!(config = {})
-      self.config.url  = config[:url]  if config.key?(:url)
+      self.config.url = config[:url] if config.key?(:url)
       self.config.opts = config[:opts] if config.key?(:opts)
-      self.config.db   = config[:db]   if config.key?(:db)
+      self.config.db = config[:db] if config.key?(:db)
     end
 
     def conn_opts
-      log = { logger: Logger.new('db/keycard.log') }
+      log = {logger: Logger.new("db/keycard.log")}
       url = config.url
       opts = config.opts
       if url
@@ -135,7 +135,7 @@ module Keycard::DB
 
     def config
       @config ||= OpenStruct.new(
-        url: ENV['KEYCARD_DATABASE_URL'] || ENV['DATABASE_URL'],
+        url: ENV["KEYCARD_DATABASE_URL"] || ENV["DATABASE_URL"],
         readonly: false
       )
     end

data/lib/keycard/digest_key.rb

@@ -6,7 +6,7 @@ require "securerandom"
 # A typical digest or api key, ready to be encrypted.
 class Keycard::DigestKey
   class HiddenKeyError < StandardError; end
-  HIDDEN_KEY = "XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX".freeze
+  HIDDEN_KEY = "XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX"
 
   # To simply mint a new key, call #new without any parameters.
   # For wrapping existing, deserialized keys, pass the digest to the constructor.
@@ -33,11 +33,7 @@ class Keycard::DigestKey
   # @raise [HiddenKeyError] This exception is raised if the unhashed key is
   #   not available.
   def value
-    if @key
-      @key
-    else
-      raise HiddenKeyError, "Cannot display hashed/hidden keys"
-    end
+    @key || raise(HiddenKeyError, "Cannot display hashed/hidden keys")
   end
 
   # The result of hashing the key
@@ -48,12 +44,10 @@ class Keycard::DigestKey
 
   def eql?(other)
     digest == if other.is_a?(self.class)
-                other.digest
-              else
-                other.to_s
-              end
+      other.digest
+    else
+      other.to_s
+    end
   end
-  alias == eql?
-
+  alias_method :==, :eql?
 end
-

data/lib/keycard/institution_finder.rb

@@ -1,6 +1,6 @@
 # frozen_string_literal: true
 
-require 'ipaddr'
+require "ipaddr"
 
 # looks up institution ID(s) by IP address
 class Keycard::InstitutionFinder
@@ -36,7 +36,7 @@ class Keycard::InstitutionFinder
     insts = insts_for_ip(numeric_ip)
 
     if !insts.empty?
-      { dlpsInstitutionId: insts }
+      {dlpsInstitutionId: insts}
     else
       {}
     end

data/lib/keycard/notary.rb

@@ -61,7 +61,7 @@ module Keycard
       attributes = attributes_factory.for(request)
       Authentication::Result.new.tap do |result|
         methods.find do |factory|
-          factory.call(attributes, session, result, credentials).apply
+          factory.call(attributes, session, result, **credentials).apply
         end
       end
     end

data/lib/keycard/railtie.rb

@@ -67,9 +67,9 @@ class Keycard::Railtie < Rails::Railtie
     unless config.url
       case Rails.env
       when "development"
-        config[:opts] = { adapter: 'sqlite', database: "db/keycard_development.sqlite3" }
+        config[:opts] = {adapter: "sqlite", database: "db/keycard_development.sqlite3"}
       when "test"
-        config[:opts] = { adapter: 'sqlite' }
+        config[:opts] = {adapter: "sqlite"}
       end
     end
 
@@ -94,8 +94,8 @@ class Keycard::Railtie < Rails::Railtie
   end
 
   def rake_files
-    base = Pathname(__dir__) + '../tasks/'
-    [base + 'migrate.rake']
+    base = Pathname(__dir__) + "../tasks/"
+    [base + "migrate.rake"]
   end
 
   rake_tasks do

data/lib/keycard/request/attributes.rb

@@ -55,7 +55,7 @@ module Keycard::Request
     # The token supplied by the user via auth_param according to RFC 7235. Typically,
     # this is the API token.
     def auth_token
-      Keycard::Token.rfc7235(safe('HTTP_AUTHORIZATION'))
+      Keycard::Token.rfc7235(safe("HTTP_AUTHORIZATION"))
     end
 
     # The set of base attributes for this request.
@@ -76,12 +76,12 @@ module Keycard::Request
     end
 
     def all
-      base.merge!(external).delete_if { |_k, v| v.nil? || v == '' }
+      base.merge!(external).delete_if { |_k, v| v.nil? || v == "" }
     end
 
     def external
       finders
-        .map        { |finder| finder.attributes_for(self) }
+        .map { |finder| finder.attributes_for(self) }
         .reduce({}) { |hash, attrs| hash.merge!(attrs) }
     end
 
@@ -116,15 +116,15 @@ module Keycard::Request
     # missing values to an empty string, convenient if you need to do string
     # operations like splitting the value.
     def safe(key)
-      get(key) || ''
+      get(key) || ""
     end
 
     # Scrub a value to remove whitespace, filter the special '(null)' value,
     # and translate resulting empty strings to nil.
     def scrub(value)
-      str = (value || '').strip
+      str = (value || "").strip
       case str
-      when nil, '(null)', ''
+      when nil, "(null)", ""
         nil
       else
         str

data/lib/keycard/request/attributes_factory.rb

@@ -7,9 +7,9 @@ module Keycard::Request
   # use .for instead of naming concrete classes when processing requests.
   class AttributesFactory
     MODE_MAP = {
-      direct:     DirectAttributes,
-      proxy:      ProxiedAttributes,
-      cosign:     CosignAttributes,
+      direct: DirectAttributes,
+      proxy: ProxiedAttributes,
+      cosign: CosignAttributes,
       shibboleth: ShibbolethAttributes
     }.freeze
 

data/lib/keycard/request/cosign_attributes.rb

@@ -7,7 +7,7 @@ module Keycard::Request
   # attributes extracted.
   class CosignAttributes < Attributes
     def user_pid
-      get 'HTTP_X_REMOTE_USER'
+      get "HTTP_X_REMOTE_USER"
     end
 
     def user_eid
@@ -15,7 +15,7 @@ module Keycard::Request
     end
 
     def client_ip
-      safe('HTTP_X_FORWARDED_FOR').split(',').first
+      safe("HTTP_X_FORWARDED_FOR").split(",").first
     end
   end
 end

data/lib/keycard/request/direct_attributes.rb

@@ -6,7 +6,7 @@ module Keycard::Request
   # values into the application environment to be accessed as usual.
   class DirectAttributes < Attributes
     def user_pid
-      get 'REMOTE_USER'
+      get "REMOTE_USER"
     end
 
     def user_eid
@@ -14,7 +14,7 @@ module Keycard::Request
     end
 
     def client_ip
-      safe('REMOTE_ADDR').split(',').first
+      safe("REMOTE_ADDR").split(",").first
     end
   end
 end

data/lib/keycard/request/proxied_attributes.rb

@@ -10,7 +10,7 @@ module Keycard::Request
   # HTTP_X_FORWARDED_FOR once the Rack request is assembled.
   class ProxiedAttributes < Attributes
     def user_pid
-      get 'HTTP_X_REMOTE_USER'
+      get "HTTP_X_REMOTE_USER"
     end
 
     def user_eid
@@ -18,7 +18,7 @@ module Keycard::Request
     end
 
     def client_ip
-      safe('HTTP_X_FORWARDED_FOR').split(',').first
+      safe("HTTP_X_FORWARDED_FOR").split(",").first
     end
   end
 end

data/lib/keycard/request/shibboleth_attributes.rb

@@ -9,17 +9,17 @@ module Keycard::Request
   # attributes guaranteed to have usable values are the client_ip, for all
   # requests, and the user_pid, for requests from authenticated users.
   class ShibbolethAttributes < Attributes
-    def base # rubocop:disable Metrics/MethodLength
+    def base
       super.merge(
         {
-          persistentNameID:           persistent_id,
-          eduPersonPrincipalName:     principal_name,
+          persistentNameID: persistent_id,
+          eduPersonPrincipalName: principal_name,
           eduPersonScopedAffiliation: affiliation,
-          displayName:                display_name,
-          mail:                       email,
-          authnContextClassRef:       authn_context,
-          authenticationMethod:       authn_method,
-          identity_provider:          identity_provider
+          displayName: display_name,
+          mail: email,
+          authnContextClassRef: authn_context,
+          authenticationMethod: authn_method,
+          identity_provider: identity_provider
         }
       )
     end
@@ -33,39 +33,39 @@ module Keycard::Request
     end
 
     def client_ip
-      safe('HTTP_X_FORWARDED_FOR').split(',').first
+      safe("HTTP_X_FORWARDED_FOR").split(",").first
     end
 
     def persistent_id
-      get 'HTTP_X_SHIB_PERSISTENT_ID'
+      get "HTTP_X_SHIB_PERSISTENT_ID"
     end
 
     def principal_name
-      get 'HTTP_X_SHIB_EDUPERSONPRINCIPALNAME'
+      get "HTTP_X_SHIB_EDUPERSONPRINCIPALNAME"
     end
 
     def display_name
-      get 'HTTP_X_SHIB_DISPLAYNAME'
+      get "HTTP_X_SHIB_DISPLAYNAME"
     end
 
     def email
-      get 'HTTP_X_SHIB_MAIL'
+      get "HTTP_X_SHIB_MAIL"
     end
 
     def affiliation
-      safe('HTTP_X_SHIB_EDUPERSONSCOPEDAFFILIATION').split(';')
+      safe("HTTP_X_SHIB_EDUPERSONSCOPEDAFFILIATION").split(";")
     end
 
     def authn_method
-      get 'HTTP_X_SHIB_AUTHENTICATION_METHOD'
+      get "HTTP_X_SHIB_AUTHENTICATION_METHOD"
     end
 
     def authn_context
-      get 'HTTP_X_SHIB_AUTHNCONTEXT_CLASS'
+      get "HTTP_X_SHIB_AUTHNCONTEXT_CLASS"
     end
 
     def identity_provider
-      get 'HTTP_X_SHIB_IDENTITY_PROVIDER'
+      get "HTTP_X_SHIB_IDENTITY_PROVIDER"
     end
 
     def identity_keys

data/lib/keycard/request.rb

@@ -4,9 +4,9 @@
 module Keycard::Request
 end
 
-require_relative 'request/attributes'
-require_relative 'request/cosign_attributes'
-require_relative 'request/direct_attributes'
-require_relative 'request/proxied_attributes'
-require_relative 'request/shibboleth_attributes'
-require_relative 'request/attributes_factory'
+require_relative "request/attributes"
+require_relative "request/cosign_attributes"
+require_relative "request/direct_attributes"
+require_relative "request/proxied_attributes"
+require_relative "request/shibboleth_attributes"
+require_relative "request/attributes_factory"

data/lib/keycard/token.rb

@@ -2,12 +2,12 @@
 
 # Holds utility methods for parsing tokens from header values
 class Keycard::Token
-  TOKEN_DELIMS = /\s*[:,;\t]\s*/.freeze
+  TOKEN_DELIMS = /\s*[:,;\t]\s*/
 
   class << self
     def rfc7235(string)
       string
-        .sub(/^(Bearer|Token):?/, '')
+        .sub(/^(Bearer|Token):?/, "")
         .split(TOKEN_DELIMS)
         .map { |assignment| split_assignment(assignment) }
         .to_h["token"]
@@ -19,8 +19,8 @@ class Keycard::Token
     # @return An array of pairs of key:value, both strings
     def split_assignment(string_assignment)
       clean_assignment(string_assignment)
-        .split('=')
-        .push('')
+        .split("=")
+        .push("")
         .slice(0, 2)
     end
 

data/lib/keycard/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module Keycard
-  VERSION = "0.3.3"
+  VERSION = "0.4.0"
 end

data/lib/keycard.rb

@@ -7,6 +7,7 @@ require "ostruct"
 # All of the Keycard components are contained within this top-level module.
 module Keycard
   class AuthenticationRequired < StandardError; end
+
   class AuthenticationFailed < StandardError; end
 
   def self.config

data/lib/tasks/migrate.rake

@@ -1,15 +1,15 @@
 # frozen_string_literal: true
 
-require 'bundler/setup'
-require 'keycard'
+require "bundler/setup"
+require "keycard"
 
 if defined?(Rails)
   # When db:schema:dump is called directly, we can tack this on.
   # If we do it unconditionally, db:migrate will try to dump before we have
   # been able to migrate the Keycard tables.
-  if Rake.application.top_level_tasks.include?('db:schema:dump')
-    Rake::Task['db:schema:dump'].enhance do
-      Rake::Task['keycard:schema:dump'].invoke
+  if Rake.application.top_level_tasks.include?("db:schema:dump")
+    Rake::Task["db:schema:dump"].enhance do
+      Rake::Task["keycard:schema:dump"].invoke
     end
   end
 
@@ -17,13 +17,13 @@ if defined?(Rails)
   # schema_info, so migrations don't try to double-run. The actual table
   # structure is handled by the Rails schema:dump and schema:load.
   # A db:setup will trigger this, so we don't have to handle it separately.
-  Rake::Task['db:schema:load'].enhance do
-    Rake::Task['keycard:schema:load'].invoke
+  Rake::Task["db:schema:load"].enhance do
+    Rake::Task["keycard:schema:load"].invoke
   end
 
   # We hook into db:migrate for convenience.
-  Rake::Task['db:migrate'].enhance do
-    Rake::Task['keycard:migrate'].invoke
+  Rake::Task["db:migrate"].enhance do
+    Rake::Task["keycard:migrate"].invoke
   end
 
 end
@@ -36,7 +36,7 @@ namespace :keycard do
       # The Railtie is smart enough to know whether we are in a Rake task,
       # so it can avoid initializing and we can migrate safely before the
       # models are loaded.
-      Rake::Task['environment'].invoke
+      Rake::Task["environment"].invoke
     end
 
     # After migrating, we initialize here, even though it isn't strictly
@@ -54,21 +54,21 @@ namespace :keycard do
     namespace :schema do
       desc "Dump the Keycard version to db/keycard.yml"
       task :dump do
-        Rake::Task['environment'].invoke
+        Rake::Task["environment"].invoke
         Keycard::DB.dump_schema!
       end
 
       desc "Load the Keycard version from db/keycard.yml"
       task :load do
-        Rake::Task['environment'].invoke
+        Rake::Task["environment"].invoke
         Keycard::DB.load_schema!
       end
 
       # When running under Rails, we dump the schema after migrating so
       # everything stays synced up for db:setup against a new database.
       # Rake::Task['keycard:schema:dump'].invoke
-      Rake::Task['keycard:migrate'].enhance do
-        Rake::Task['keycard:schema:dump'].invoke
+      Rake::Task["keycard:migrate"].enhance do
+        Rake::Task["keycard:schema:dump"].invoke
       end
     end
   end

metadata

@@ -1,15 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: keycard
 version: !ruby/object:Gem::Version
-  version: 0.3.3
+  version: 0.4.0
 platform: ruby
 authors:
 - Noah Botimer
 - Aaron Elkiss
-autorequire: 
 bindir: exe
 cert_chain: []
-date: 2019-07-12 00:00:00.000000000 Z
+date: 1980-01-02 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: sequel
@@ -40,7 +39,7 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
-  name: coveralls
+  name: logger
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
@@ -54,7 +53,7 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
-  name: pry
+  name: simplecov
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
@@ -68,7 +67,7 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
-  name: rake
+  name: simplecov-lcov
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
@@ -82,7 +81,7 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
-  name: rspec
+  name: ostruct
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
@@ -96,7 +95,7 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
-  name: rubocop
+  name: pry
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
@@ -110,7 +109,7 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
-  name: rubocop-rspec
+  name: rake
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
@@ -123,20 +122,48 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: '0'
+- !ruby/object:Gem::Dependency
+  name: rspec
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: standard
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.53'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.53'
 - !ruby/object:Gem::Dependency
   name: sqlite3
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 1.3.13
+        version: 2.9.0
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 1.3.13
+        version: 2.9.0
 - !ruby/object:Gem::Dependency
   name: yard
   requirement: !ruby/object:Gem::Requirement
@@ -151,7 +178,6 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: '0'
-description: 
 email:
 - botimer@umich.edu
 - aelkiss@umich.edu
@@ -160,17 +186,21 @@ extensions: []
 extra_rdoc_files: []
 files:
 - ".envrc"
+- ".github/dependabot.yml"
+- ".github/workflows/test.yml"
 - ".gitignore"
 - ".rspec"
-- ".rubocop.yml"
-- ".travis.yml"
+- ".standard.yml"
+- CHANGELOG.md
 - Gemfile
 - LICENSE.md
 - README.md
 - Rakefile
 - bin/console
 - bin/rake
+- bin/rspec
 - bin/setup
+- bin/standardrb
 - db/migrations/1_create_tables.rb
 - docs/Makefile
 - docs/_static/.gitkeep
@@ -208,7 +238,6 @@ homepage: https://github.com/mlibrary/keycard
 licenses:
 - BSD-3-Clause
 metadata: {}
-post_install_message: 
 rdoc_options: []
 require_paths:
 - lib
@@ -216,16 +245,14 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: '0'
+      version: 3.2.0
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubyforge_project: 
-rubygems_version: 2.7.6.2
-signing_key: 
+rubygems_version: 4.0.3
 specification_version: 4
 summary: Keycard provides authentication support and user/request information, especially
   in Rails applications.

data/.rubocop.yml

@@ -1,36 +0,0 @@
-Rails:
-  Enabled: true
-
-Rails/Delegate:
-  Enabled: false
-
-# inherit_gem:
-#   rubocop-rails:
-#     - config/rails.yml
-
-AllCops:
-  DisplayCopNames: true
-  TargetRubyVersion: 2.4
-  Exclude:
-    - 'bin/**/*'
-    - 'vendor/**/*'
-
-Layout/MultilineMethodDefinitionBraceLayout:
-  EnforcedStyle: same_line
-
-Metrics/LineLength:
-  Max: 110
-
-Metrics/BlockLength:
-  Exclude:
-    - '*.gemspec'
-  ExcludedMethods: ['describe', 'context']
-
-Naming/UncommunicativeMethodParamName:
-  AllowedNames: ['db']
-
-Style/StringLiterals:
-  Enabled: false
-
-Style/ClassAndModuleChildren:
-  EnforcedStyle: compact

data/.travis.yml

@@ -1,5 +0,0 @@
-sudo: false
-language: ruby
-rvm:
-  - 2.4.2
-before_install: gem install bundler -v 1.16.0