RubyGems - keyless - Versions diffs - 2.2.0 → 2.3.0 - Mend

keyless 2.2.0 → 2.3.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (8) hide show

checksums.yaml +4 -4
data/CHANGELOG.md +5 -0
data/keyless.gemspec +2 -1
data/lib/keyless/configuration.rb +4 -0
data/lib/keyless/rsa_public_key.rb +13 -6
data/lib/keyless/version.rb +1 -1
data/lib/keyless.rb +2 -1
metadata +20 -6

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 974bd00d2393477067c07dfb2f8a6ee59745df9ef4de0ccaa6e7388f1a0f24a8
-  data.tar.gz: 6f96ec9de89c6939b07094c127db3a7f2250c981be9c0b5f0e1bdf0b9dbf524b
+  metadata.gz: d12f8064aeb243a8080877c6435e950495041bde541bf333b716548c9ff7d61b
+  data.tar.gz: 674b825647e89d2079e5fb7a1eabe670e91151a47ea577275e52c5fd9d91cace
 SHA512:
-  metadata.gz: e6faeb0a6f8e53dc18ec6f2dc87ec2109cb674ff35c3b681dde304cf1c84f7d82bb4f3d84951ac9f41b6711eaa22d196ed65f268eecea2b0f4e0027411e56b70
-  data.tar.gz: 893a2cb74c8db289a35b80861d1885ef4d37a6b662a3cf493aea6ad45bb56811b2b7c03be0ea1cc1eb5d774db48805ab194ec1d81de14667142bd7cb94850d8f
+  metadata.gz: faa90d0c79630233da270b0304feda76d5089d19428bc8229a5e2869fc6a405756a5b9fe009fbd7b8ffcf7e52c3cee69a3d6036eae2d9a53addcb49d3978235f
+  data.tar.gz: 45cd81e55400160dea5ddc98b10b629436f395b5463c1b37aa9f15cccc1ea647821dd1811f19aaab643205d012cbf3abe07eef17bfd94952a32d45ddfe46674f

data/CHANGELOG.md CHANGED Viewed

@@ -2,6 +2,11 @@
 * TODO: Replace this bullet point with an actual description of a change.
+### 2.3.0 (16 December 2025)
+* Switched from `httparty` to the `http` gem and added support for retries on
+  the RSA remote fetching (5 times by default) ([#18](https://github.com/hausgold/keyless/pull/18))
 ### 2.2.0 (2 December 2025)
 * Loosend up the version requirement for the `jwt` gem to `>= 2.6`, so people

data/keyless.gemspec CHANGED Viewed

@@ -36,9 +36,10 @@ Gem::Specification.new do |spec|
   spec.required_ruby_version = '>= 3.2'
   spec.add_dependency 'activesupport', '>= 7.1'
-  spec.add_dependency 'httparty', '>= 0.21'
+  spec.add_dependency 'http', '~> 5.3'
   spec.add_dependency 'jwt', '>= 2.6'
   spec.add_dependency 'mutex_m', '>= 0.3'
   spec.add_dependency 'recursive-open-struct', '~> 2.0'
+  spec.add_dependency 'retries', '>= 0.0.5'
   spec.add_dependency 'zeitwerk', '~> 2.6'
 end

data/lib/keyless/configuration.rb CHANGED Viewed

@@ -64,6 +64,10 @@ module Keyless
     # here.
     config_accessor(:rsa_public_key_url) { nil }
+    # When the remote (HTTP/HTTPS) fetching failed, how many times to retry the
+    # operation.
+    config_accessor(:rsa_public_key_fetch_retries) { 5 }
     # You can preconfigure the {RsaPublickey} class to enable/disable
     # caching. For a remote public key location it is handy to cache the
     # result for some time to keep the traffic low to this resource server.

data/lib/keyless/rsa_public_key.rb CHANGED Viewed

@@ -59,13 +59,20 @@ module Keyless
     def fetch_encoded_key
       raise ArgumentError, 'No URL for RsaPublicKey configured' unless url
-      if remote?
-        res = HTTParty.get(url)
-        raise FetchError, res.inspect unless (200..299).cover? res.code
+      remote? ? fetch_encoded_key_via_http : File.read(url)
+    end
+    # Fetch the encoded (DER, or PEM) public key from a remote location via
+    # HTTP/HTTPS.
+    #
+    # @return [String] The encoded public key
+    def fetch_encoded_key_via_http
+      conf = ::Keyless.configuration
+      with_retries(max_tries: conf.rsa_public_key_fetch_retries) do
+        res = HTTP.get(url)
+        raise FetchError, res.inspect unless res.status.success?
-        res.body
-      else
-        File.read(url)
+        res.to_s
       end
     end

data/lib/keyless/version.rb CHANGED Viewed

@@ -3,7 +3,7 @@
 # The gem version details.
 module Keyless
   # The version of the +keyless+ gem
-  VERSION = '2.2.0'
+  VERSION = '2.3.0'
   class << self
     # Returns the version of gem as a string.

data/lib/keyless.rb CHANGED Viewed

@@ -14,7 +14,8 @@ require 'jwt'
 require 'recursive-open-struct'
 require 'singleton'
 require 'openssl'
-require 'httparty'
+require 'http'
+require 'retries'
 # The JWT authentication concern.
 module Keyless

metadata CHANGED Viewed

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: keyless
 version: !ruby/object:Gem::Version
-  version: 2.2.0
+  version: 2.3.0
 platform: ruby
 authors:
 - Hermann Mayer
@@ -26,19 +26,19 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '7.1'
 - !ruby/object:Gem::Dependency
-  name: httparty
+  name: http
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: '0.21'
+        version: '5.3'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: '0.21'
+        version: '5.3'
 - !ruby/object:Gem::Dependency
   name: jwt
   requirement: !ruby/object:Gem::Requirement
@@ -81,6 +81,20 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: '2.0'
+- !ruby/object:Gem::Dependency
+  name: retries
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 0.0.5
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 0.0.5
 - !ruby/object:Gem::Dependency
   name: zeitwerk
   requirement: !ruby/object:Gem::Requirement