knock 1.4.1 → 1.4.2

checksums.yaml

@@ -1,15 +1,15 @@
 ---
 !binary "U0hBMQ==":
   metadata.gz: !binary |-
-    Y2JmMzAwNjRhMDNiZTQ4ZWQwYzRjNDlhNzhjMzA1YzZmY2QzMTY2Yw==
+    MmQ1NDdiNjFmNjkyNTEyMTIwYjlmNWNjZmU3ZDI3NjhkNTM4ZGNiNA==
   data.tar.gz: !binary |-
-    ZDMyNWRkNDA4NGI3NTk0MDBmNmI4ZGJlZmUzNDgyNTc0MmEyNGNhOQ==
+    YzlkOGFkZTZkNDRiMzFhNDA1YzQ4NGFiM2NkYTNjMzkxZTA3MjUwOQ==
 SHA512:
   metadata.gz: !binary |-
-    YmIwZjc3Njc5NzdjMmMyMGM1NzlhNmY5Y2EyNWNiNzFhZDA2MWJkOWNhNjQ4
-    NTZlNWQwOTdlM2ZiZmY5OGZhY2Y3YjVjNDIzYThlZjJkZDcxNThiYmNlMDEw
-    MTJiMTllMGVmOTE5MjhiYTlkNTgzYjI2YzIxZGQwZGM1M2ZiNGM=
+    ODgxOWJmMTQxNTkzMWYzN2QyMGU0ZGZkNDkyNTE0M2RkMzM4MGVhMTQ5NjA5
+    ZjcxOTdhNTlkNjFiNzlmZTMxYTExODg1OGI5ZjIwZmI4MjRkN2U0ZjhmODk1
+    Y2FjMmZjMjQxYzkxZThmYTFiOTY5NzMzMTI4MmVmMDVlNWY0N2U=
   data.tar.gz: !binary |-
-    YjNiMWJmODQwNWI4MThlODBjYzVjNjBjY2ZhODU2YmRiNDNkMGM4NjllM2Q2
-    MTQyYjlhYTMwOGM3MzYyMDM1YWQwY2M0NjUwYWUwMTEwNjc5YjkyODVlOTFh
-    NDk3ODJkZjU3OTQyZDU2MTY2MzEzOGE5NTA0YTBmMGQzYmU1OGQ=
+    ZWY5ZTczMGJmOTkwYThmZmIzMzgzMWUxZDNmZDU3YjJkY2RlODk0NDJmNWY4
+    ZDM4NTI1MDQ3ZjFlYjZlYmUyZjViMjllNDE4NWE4OWFiZGM3Y2NhNGM0ZGYx
+    NjFjZTZkNjU4ZTViNGUxNmNiNWM2NjJjOGU3NjRkMDU5NWYzMmM=

data/lib/knock/authenticable.rb

@@ -1,9 +1,7 @@
 module Knock::Authenticable
   def current_user
     @current_user ||= begin
-      token = params[:token] ||
-        request.headers['Authorization'].match(/^Bearer (.*)$/)[1]
-
+      token = params[:token] || request.headers['Authorization'].split.last
       Knock::AuthToken.new(token: token).current_user
     rescue
       nil

data/lib/knock/version.rb

@@ -1,3 +1,3 @@
 module Knock
-  VERSION = "1.4.1"
+  VERSION = "1.4.2"
 end

data/test/dummy/log/test.log

@@ -1,86 +1,74 @@
-   (3.7ms)  CREATE TABLE "users" ("id" INTEGER PRIMARY KEY AUTOINCREMENT NOT NULL, "email" varchar NOT NULL, "password_digest" varchar NOT NULL, "created_at" datetime NOT NULL, "updated_at" datetime NOT NULL) 
-   (1.4ms)  CREATE TABLE "schema_migrations" ("version" varchar NOT NULL) 
+   (1.9ms)  CREATE TABLE "users" ("id" INTEGER PRIMARY KEY AUTOINCREMENT NOT NULL, "email" varchar NOT NULL, "password_digest" varchar NOT NULL, "created_at" datetime NOT NULL, "updated_at" datetime NOT NULL) 
+   (1.7ms)  CREATE TABLE "schema_migrations" ("version" varchar NOT NULL) 
    (0.1ms)  select sqlite_version(*)
-   (1.2ms)  CREATE UNIQUE INDEX "unique_schema_migrations" ON "schema_migrations" ("version")
+   (1.7ms)  CREATE UNIQUE INDEX "unique_schema_migrations" ON "schema_migrations" ("version")
    (0.1ms)  SELECT version FROM "schema_migrations"
-   (1.1ms)  INSERT INTO "schema_migrations" (version) VALUES ('20150713101607')
-  ActiveRecord::SchemaMigration Load (0.1ms)  SELECT "schema_migrations".* FROM "schema_migrations"
-   (0.1ms)  begin transaction
-  Fixture Delete (0.2ms)  DELETE FROM "users"
-  Fixture Insert (0.2ms)  INSERT INTO "users" ("email", "password_digest", "created_at", "updated_at", "id") VALUES ('one@example.net', '$2a$04$p5uJvjODelWvUMamobUYm.l7v1cL4QMmQQsFmdlQpZWa4xyWD6Zsa', '2016-01-08 12:37:37', '2016-01-08 12:37:37', 980190962)
-  Fixture Insert (0.1ms)  INSERT INTO "users" ("email", "password_digest", "created_at", "updated_at", "id") VALUES ('two@example.net', '$2a$04$2hM6WVXy88h9vqb31eD4l.6jkUb6ppqstn5w.ixGo9hN3Sb76n5Ei', '2016-01-08 12:37:37', '2016-01-08 12:37:37', 298486374)
-   (1.4ms)  commit transaction
-   (0.0ms)  begin transaction
----------------------------------------
-KnockTest: test_setup_block_yields_self
----------------------------------------
-   (0.0ms)  rollback transaction
+   (1.8ms)  INSERT INTO "schema_migrations" (version) VALUES ('20150713101607')
+  ActiveRecord::SchemaMigration Load (0.2ms)  SELECT "schema_migrations".* FROM "schema_migrations"
+   (0.2ms)  begin transaction
+  Fixture Delete (0.3ms)  DELETE FROM "users"
+  Fixture Insert (0.1ms)  INSERT INTO "users" ("email", "password_digest", "created_at", "updated_at", "id") VALUES ('one@example.net', '$2a$04$Ftx/SLqnunNsiEOQGJB7SugvltRumkLLDUxzyJinlzeP2PmuuCd8O', '2016-01-28 23:20:53', '2016-01-28 23:20:53', 980190962)
+  Fixture Insert (0.1ms)  INSERT INTO "users" ("email", "password_digest", "created_at", "updated_at", "id") VALUES ('two@example.net', '$2a$04$0R8O7gQYRNgKRiJ/A4J63eCUKwK7iD9emys6U6L5LXs.TedzD6wEq', '2016-01-28 23:20:53', '2016-01-28 23:20:53', 298486374)
+   (2.1ms)  commit transaction
    (0.1ms)  begin transaction
---------------------------------------------------
-CurrentUsersControllerTest: test_responds_with_200
---------------------------------------------------
-  User Load (0.2ms)  SELECT  "users".* FROM "users" WHERE "users"."id" = ? LIMIT 1  [["id", 980190962]]
-Processing by CurrentUsersController#show as HTML
-  User Load (0.1ms)  SELECT  "users".* FROM "users" WHERE "users"."id" = ? LIMIT 1  [["id", 980190962]]
-Completed 200 OK in 2ms (ActiveRecord: 0.1ms)
-   (0.1ms)  rollback transaction
-   (0.0ms)  begin transaction
----------------------------------------------------------------------------
-CurrentUsersControllerTest: test_responds_with_404_if_user_is_not_logged_in
----------------------------------------------------------------------------
-  User Load (0.1ms)  SELECT  "users".* FROM "users" WHERE "users"."id" = ? LIMIT 1  [["id", 980190962]]
-Processing by CurrentUsersController#show as HTML
-Completed 404 Not Found in 0ms (ActiveRecord: 0.0ms)
+-----------------------------------------------------------------------------
+Knock::AuthTokenControllerTest: test_responds_with_404_if_user_does_not_exist
+-----------------------------------------------------------------------------
+Processing by Knock::AuthTokenController#create as HTML
+  Parameters: {"auth"=>{"email"=>"wrong@example.net", "password"=>"[FILTERED]"}}
+  User Load (0.3ms)  SELECT  "users".* FROM "users" WHERE "users"."email" = ? LIMIT 1  [["email", "wrong@example.net"]]
+Completed 404 Not Found in 7ms (ActiveRecord: 0.3ms)
+   (0.1ms)  rollback transaction
+   (0.1ms)  begin transaction
+-----------------------------------------------------------------------------
+Knock::AuthTokenControllerTest: test_responds_with_404_if_password_is_invalid
+-----------------------------------------------------------------------------
+  User Load (0.2ms)  SELECT  "users".* FROM "users" WHERE "users"."id" = ? LIMIT 1  [["id", 980190962]]
+Processing by Knock::AuthTokenController#create as HTML
+  Parameters: {"auth"=>{"email"=>"one@example.net", "password"=>"[FILTERED]"}}
+  User Load (0.2ms)  SELECT  "users".* FROM "users" WHERE "users"."email" = ? LIMIT 1  [["email", "one@example.net"]]
+Completed 404 Not Found in 3ms (ActiveRecord: 0.2ms)
    (0.1ms)  rollback transaction
    (0.1ms)  begin transaction
 ------------------------------------------------------
 Knock::AuthTokenControllerTest: test_responds_with_201
 ------------------------------------------------------
-  User Load (0.1ms)  SELECT  "users".* FROM "users" WHERE "users"."id" = ? LIMIT 1  [["id", 980190962]]
+  User Load (0.2ms)  SELECT  "users".* FROM "users" WHERE "users"."id" = ? LIMIT 1  [["id", 980190962]]
 Processing by Knock::AuthTokenController#create as HTML
   Parameters: {"auth"=>{"email"=>"one@example.net", "password"=>"[FILTERED]"}}
-  User Load (0.2ms)  SELECT  "users".* FROM "users" WHERE "users"."email" = ? LIMIT 1  [["email", "one@example.net"]]
+  User Load (0.1ms)  SELECT  "users".* FROM "users" WHERE "users"."email" = ? LIMIT 1  [["email", "one@example.net"]]
   User Load (0.1ms)  SELECT  "users".* FROM "users" WHERE "users"."email" = ? LIMIT 1  [["email", "one@example.net"]]
-Completed 201 Created in 3ms (Views: 0.2ms | ActiveRecord: 0.2ms)
+Completed 201 Created in 5ms (Views: 0.3ms | ActiveRecord: 0.2ms)
    (0.1ms)  rollback transaction
-   (0.0ms)  begin transaction
------------------------------------------------------------------------------
-Knock::AuthTokenControllerTest: test_responds_with_404_if_password_is_invalid
------------------------------------------------------------------------------
+   (0.1ms)  begin transaction
+-------------------------------------------------------------------------------------
+ProtectedResourcesControllerTest: test_accepts_any_prefix_in_the_authorization_header
+-------------------------------------------------------------------------------------
   User Load (0.1ms)  SELECT  "users".* FROM "users" WHERE "users"."id" = ? LIMIT 1  [["id", 980190962]]
-Processing by Knock::AuthTokenController#create as HTML
-  Parameters: {"auth"=>{"email"=>"one@example.net", "password"=>"[FILTERED]"}}
-  User Load (0.1ms)  SELECT  "users".* FROM "users" WHERE "users"."email" = ? LIMIT 1  [["email", "one@example.net"]]
-Completed 404 Not Found in 2ms (ActiveRecord: 0.1ms)
+Processing by ProtectedResourcesController#index as HTML
+  User Load (0.1ms)  SELECT  "users".* FROM "users" WHERE "users"."id" = ? LIMIT 1  [["id", 980190962]]
+Completed 200 OK in 1ms (ActiveRecord: 0.1ms)
    (0.1ms)  rollback transaction
    (0.1ms)  begin transaction
------------------------------------------------------------------------------
-Knock::AuthTokenControllerTest: test_responds_with_404_if_user_does_not_exist
------------------------------------------------------------------------------
-Processing by Knock::AuthTokenController#create as HTML
-  Parameters: {"auth"=>{"email"=>"wrong@example.net", "password"=>"[FILTERED]"}}
-  User Load (0.1ms)  SELECT  "users".* FROM "users" WHERE "users"."email" = ? LIMIT 1  [["email", "wrong@example.net"]]
-Completed 404 Not Found in 1ms (ActiveRecord: 0.1ms)
-   (0.1ms)  rollback transaction
-   (0.1ms)  begin transaction
------------------------------------------------------------------
-ProtectedResourcesControllerTest: test_responds_with_unauthorized
------------------------------------------------------------------
-  User Load (0.1ms)  SELECT  "users".* FROM "users" WHERE "users"."id" = ? LIMIT 1  [["id", 980190962]]
+------------------------------------------------------------------------------
+ProtectedResourcesControllerTest: test_responds_with_success_with_token_in_url
+------------------------------------------------------------------------------
+  User Load (0.1ms)  SELECT  "users".* FROM "users" WHERE "users"."id" = ? LIMIT 1  [["id", 980190962]]
 Processing by ProtectedResourcesController#index as HTML
-Filter chain halted as :authenticate rendered or redirected
-Completed 401 Unauthorized in 0ms (ActiveRecord: 0.0ms)
+  Parameters: {"token"=>"eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJleHAiOjE0NTQxMDk2NTMsImF1ZCI6ZmFsc2UsInN1YiI6OTgwMTkwOTYyfQ.d4fLV6Mmra4gxopgyHq0c_vz9GVe8Jzku38Waw3jOgM"}
+  User Load (0.1ms)  SELECT  "users".* FROM "users" WHERE "users"."id" = ? LIMIT 1  [["id", 980190962]]
+Completed 200 OK in 1ms (ActiveRecord: 0.1ms)
    (0.1ms)  rollback transaction
-   (0.0ms)  begin transaction
----------------------------------------------------------------------------------------
-ProtectedResourcesControllerTest: test_responds_with_success_with_valid_token_in_header
----------------------------------------------------------------------------------------
+   (0.1ms)  begin transaction
+------------------------------------------------------------------------------
+ProtectedResourcesControllerTest: test_has_a_current_user_after_authentication
+------------------------------------------------------------------------------
   User Load (0.1ms)  SELECT  "users".* FROM "users" WHERE "users"."id" = ? LIMIT 1  [["id", 980190962]]
 Processing by ProtectedResourcesController#index as HTML
-  User Load (0.0ms)  SELECT  "users".* FROM "users" WHERE "users"."id" = ? LIMIT 1  [["id", 980190962]]
-Completed 200 OK in 1ms (ActiveRecord: 0.0ms)
+  User Load (0.1ms)  SELECT  "users".* FROM "users" WHERE "users"."id" = ? LIMIT 1  [["id", 980190962]]
+Completed 200 OK in 1ms (ActiveRecord: 0.1ms)
    (0.1ms)  rollback transaction
-   (0.0ms)  begin transaction
+   (0.1ms)  begin transaction
 -------------------------------------------------------------------------------------------
 ProtectedResourcesControllerTest: test_responds_with_unauthorized_with_invalid_token_in_url
 -------------------------------------------------------------------------------------------
@@ -90,16 +78,16 @@ Processing by ProtectedResourcesController#index as HTML
 Filter chain halted as :authenticate rendered or redirected
 Completed 401 Unauthorized in 0ms (ActiveRecord: 0.0ms)
    (0.1ms)  rollback transaction
-   (0.0ms)  begin transaction
-------------------------------------------------------------------------------
-ProtectedResourcesControllerTest: test_has_a_current_user_after_authentication
-------------------------------------------------------------------------------
+   (0.1ms)  begin transaction
+----------------------------------------------------------------------------------
+ProtectedResourcesControllerTest: test_accepts_authorization_header_without_prefix
+----------------------------------------------------------------------------------
   User Load (0.1ms)  SELECT  "users".* FROM "users" WHERE "users"."id" = ? LIMIT 1  [["id", 980190962]]
 Processing by ProtectedResourcesController#index as HTML
-  User Load (0.0ms)  SELECT  "users".* FROM "users" WHERE "users"."id" = ? LIMIT 1  [["id", 980190962]]
-Completed 200 OK in 1ms (ActiveRecord: 0.0ms)
+  User Load (0.1ms)  SELECT  "users".* FROM "users" WHERE "users"."id" = ? LIMIT 1  [["id", 980190962]]
+Completed 200 OK in 1ms (ActiveRecord: 0.1ms)
    (0.1ms)  rollback transaction
-   (0.0ms)  begin transaction
+   (0.1ms)  begin transaction
 ----------------------------------------------------------------------------------------------
 ProtectedResourcesControllerTest: test_responds_with_unauthorized_with_invalid_token_in_header
 ----------------------------------------------------------------------------------------------
@@ -108,39 +96,69 @@ Processing by ProtectedResourcesController#index as HTML
 Filter chain halted as :authenticate rendered or redirected
 Completed 401 Unauthorized in 0ms (ActiveRecord: 0.0ms)
    (0.1ms)  rollback transaction
-   (0.0ms)  begin transaction
-------------------------------------------------------------------------------
-ProtectedResourcesControllerTest: test_responds_with_success_with_token_in_url
-------------------------------------------------------------------------------
+   (0.1ms)  begin transaction
+-----------------------------------------------------------------
+ProtectedResourcesControllerTest: test_responds_with_unauthorized
+-----------------------------------------------------------------
   User Load (0.1ms)  SELECT  "users".* FROM "users" WHERE "users"."id" = ? LIMIT 1  [["id", 980190962]]
 Processing by ProtectedResourcesController#index as HTML
-  Parameters: {"token"=>"eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJleHAiOjE0NTIzNDMwNTcsImF1ZCI6ZmFsc2UsInN1YiI6OTgwMTkwOTYyfQ._LmEq4p__HN1QJJugtREjx2fhFHfDM64ZZ3DYp8E17k"}
-  User Load (0.0ms)  SELECT  "users".* FROM "users" WHERE "users"."id" = ? LIMIT 1  [["id", 980190962]]
-Completed 200 OK in 1ms (ActiveRecord: 0.0ms)
-   (0.1ms)  rollback transaction
-   (0.1ms)  begin transaction
+Filter chain halted as :authenticate rendered or redirected
+Completed 401 Unauthorized in 0ms (ActiveRecord: 0.0ms)
+   (0.1ms)  rollback transaction
+   (0.1ms)  begin transaction
+---------------------------------------------------------------------------------------
+ProtectedResourcesControllerTest: test_responds_with_success_with_valid_token_in_header
+---------------------------------------------------------------------------------------
+  User Load (0.1ms)  SELECT  "users".* FROM "users" WHERE "users"."id" = ? LIMIT 1  [["id", 980190962]]
+Processing by ProtectedResourcesController#index as HTML
+  User Load (0.1ms)  SELECT  "users".* FROM "users" WHERE "users"."id" = ? LIMIT 1  [["id", 980190962]]
+Completed 200 OK in 1ms (ActiveRecord: 0.1ms)
+   (0.1ms)  rollback transaction
+   (0.1ms)  begin transaction
 ----------------------------------------------------------------
 InstallGeneratorTest: test_Assert_all_files_are_properly_created
 ----------------------------------------------------------------
-   (0.1ms)  rollback transaction
-   (0.1ms)  begin transaction
-----------------------------------------------------
-Knock::AuthTokenTest: test_decode_RSA_encoded_tokens
-----------------------------------------------------
-  User Load (0.1ms)  SELECT  "users".* FROM "users" WHERE "users"."id" = ? LIMIT 1  [["id", 980190962]]
    (0.1ms)  rollback transaction
    (0.1ms)  begin transaction
--------------------------------------------------
-Knock::AuthTokenTest: test_encode_tokens_with_RSA
--------------------------------------------------
+--------------------------------------------------
+CurrentUsersControllerTest: test_responds_with_200
+--------------------------------------------------
+  User Load (0.1ms)  SELECT  "users".* FROM "users" WHERE "users"."id" = ? LIMIT 1  [["id", 980190962]]
+Processing by CurrentUsersController#show as HTML
+  User Load (0.1ms)  SELECT  "users".* FROM "users" WHERE "users"."id" = ? LIMIT 1  [["id", 980190962]]
+Completed 200 OK in 1ms (ActiveRecord: 0.1ms)
    (0.1ms)  rollback transaction
    (0.1ms)  begin transaction
+---------------------------------------------------------------------------
+CurrentUsersControllerTest: test_responds_with_404_if_user_is_not_logged_in
+---------------------------------------------------------------------------
+  User Load (0.1ms)  SELECT  "users".* FROM "users" WHERE "users"."id" = ? LIMIT 1  [["id", 980190962]]
+Processing by CurrentUsersController#show as HTML
+Completed 404 Not Found in 0ms (ActiveRecord: 0.0ms)
+   (0.1ms)  rollback transaction
+   (0.1ms)  begin transaction
 -------------------------------------------------------------------------
 Knock::AuthTokenTest: test_verify_audience_when_token_audience_is_present
 -------------------------------------------------------------------------
-   (0.1ms)  rollback transaction
-   (0.0ms)  begin transaction
+   (0.1ms)  rollback transaction
+   (0.1ms)  begin transaction
+-------------------------------------------------
+Knock::AuthTokenTest: test_encode_tokens_with_RSA
+-------------------------------------------------
+   (0.1ms)  rollback transaction
+   (0.1ms)  begin transaction
 -------------------------------------------
 Knock::AuthTokenTest: test_verify_algorithm
 -------------------------------------------
+   (0.1ms)  rollback transaction
+   (0.1ms)  begin transaction
+----------------------------------------------------
+Knock::AuthTokenTest: test_decode_RSA_encoded_tokens
+----------------------------------------------------
+  User Load (0.1ms)  SELECT  "users".* FROM "users" WHERE "users"."id" = ? LIMIT 1  [["id", 980190962]]
+   (0.1ms)  rollback transaction
+   (0.1ms)  begin transaction
+---------------------------------------
+KnockTest: test_setup_block_yields_self
+---------------------------------------
    (0.1ms)  rollback transaction

data/test/dummy/test/controllers/protected_resources_controller_test.rb

@@ -43,4 +43,20 @@ class ProtectedResourcesControllerTest < ActionController::TestCase
     assert_response :success
     assert @controller.current_user.id == @user.id
   end
+
+  test "accepts any prefix in the authorization header" do
+    @request.env['HTTP_AUTHORIZATION'] = "Other #{@token}"
+
+    get :index
+
+    assert_response :success
+  end
+
+  test "accepts authorization header without prefix" do
+    @request.env['HTTP_AUTHORIZATION'] = "#{@token}"
+
+    get :index
+
+    assert_response :success
+  end
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: knock
 version: !ruby/object:Gem::Version
-  version: 1.4.1
+  version: 1.4.2
 platform: ruby
 authors:
 - Arnaud MESUREUR
@@ -9,7 +9,7 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2016-01-08 00:00:00.000000000 Z
+date: 2016-01-28 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rails