knocknock 0.0.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +7 -0
- data/MIT-LICENSE +20 -0
- data/README.md +206 -0
- data/Rakefile +37 -0
- data/app/controllers/knocknock/auth_tokens_controller.rb +54 -0
- data/app/model/knocknock/auth_token.rb +69 -0
- data/config/routes.rb +2 -0
- data/lib/generators/knocknock/install_generator.rb +20 -0
- data/lib/generators/knocknock/token_controller_generator.rb +25 -0
- data/lib/generators/templates/access_token.rb.erb +17 -0
- data/lib/generators/templates/create_access_token.rb +9 -0
- data/lib/generators/templates/knocknock.rb +50 -0
- data/lib/generators/templates/resource_tokens_controller.rb.erb +2 -0
- data/lib/knocknock.rb +25 -0
- data/lib/knocknock/authenticatable.rb +47 -0
- data/lib/knocknock/engine.rb +6 -0
- data/lib/knocknock/version.rb +3 -0
- data/lib/tasks/knocknock_tasks.rake +4 -0
- data/test/dummy/README.rdoc +28 -0
- data/test/dummy/Rakefile +6 -0
- data/test/dummy/app/controllers/admin_protected_controller.rb +7 -0
- data/test/dummy/app/controllers/admin_tokens_controller.rb +2 -0
- data/test/dummy/app/controllers/application_controller.rb +3 -0
- data/test/dummy/app/controllers/user_protected_controller.rb +7 -0
- data/test/dummy/app/controllers/user_tokens_controller.rb +2 -0
- data/test/dummy/app/helpers/application_helper.rb +2 -0
- data/test/dummy/app/models/access_token.rb +3 -0
- data/test/dummy/app/models/admin.rb +5 -0
- data/test/dummy/app/models/user.rb +5 -0
- data/test/dummy/bin/bundle +3 -0
- data/test/dummy/bin/rails +4 -0
- data/test/dummy/bin/rake +4 -0
- data/test/dummy/bin/setup +29 -0
- data/test/dummy/config.ru +4 -0
- data/test/dummy/config/application.rb +23 -0
- data/test/dummy/config/boot.rb +5 -0
- data/test/dummy/config/database.yml +25 -0
- data/test/dummy/config/environment.rb +5 -0
- data/test/dummy/config/environments/development.rb +56 -0
- data/test/dummy/config/environments/production.rb +82 -0
- data/test/dummy/config/environments/test.rb +44 -0
- data/test/dummy/config/initializers/assets.rb +11 -0
- data/test/dummy/config/initializers/backtrace_silencers.rb +7 -0
- data/test/dummy/config/initializers/cookies_serializer.rb +3 -0
- data/test/dummy/config/initializers/filter_parameter_logging.rb +4 -0
- data/test/dummy/config/initializers/inflections.rb +16 -0
- data/test/dummy/config/initializers/mime_types.rb +4 -0
- data/test/dummy/config/initializers/session_store.rb +3 -0
- data/test/dummy/config/initializers/wrap_parameters.rb +14 -0
- data/test/dummy/config/locales/en.yml +23 -0
- data/test/dummy/config/routes.rb +6 -0
- data/test/dummy/config/secrets.yml +22 -0
- data/test/dummy/db/development.sqlite3 +0 -0
- data/test/dummy/db/migrate/20150713101607_create_users.rb +10 -0
- data/test/dummy/db/migrate/20150922015152_create_admins.rb +10 -0
- data/test/dummy/db/migrate/20160218200351_create_access_tokens.rb +11 -0
- data/test/dummy/db/schema.rb +40 -0
- data/test/dummy/db/test.sqlite3 +0 -0
- data/test/dummy/log/development.log +52 -0
- data/test/dummy/log/test.log +9320 -0
- data/test/dummy/public/404.html +67 -0
- data/test/dummy/public/422.html +67 -0
- data/test/dummy/public/500.html +66 -0
- data/test/dummy/public/favicon.ico +0 -0
- data/test/dummy/test/controllers/admin_protected_controller_test.rb +49 -0
- data/test/dummy/test/controllers/admin_tokens_controller_test.rb +22 -0
- data/test/dummy/test/controllers/user_protected_controller_test.rb +49 -0
- data/test/dummy/test/controllers/user_tokens_controller_test.rb +23 -0
- data/test/dummy/test/fixtures/access_tokens.yml +11 -0
- data/test/dummy/test/models/access_token_test.rb +7 -0
- data/test/dummy/test/models/admin_test.rb +4 -0
- data/test/dummy/test/models/user_test.rb +4 -0
- data/test/fixtures/admins.yml +5 -0
- data/test/fixtures/users.yml +9 -0
- data/test/generators/install_generator_test.rb +15 -0
- data/test/generators/token_controller_generator_test.rb +19 -0
- data/test/knocknock_test.rb +9 -0
- data/test/model/knocknock/auth_token_test.rb +50 -0
- data/test/support/generators_test_helper.rb +9 -0
- data/test/test_helper.rb +38 -0
- data/test/tmp/app/controllers/admin_tokens_controller.rb +2 -0
- data/test/tmp/app/controllers/user_tokens_controller.rb +2 -0
- data/test/tmp/config/routes.rb +8 -0
- metadata +253 -0
@@ -0,0 +1,50 @@
|
|
1
|
+
require 'test_helper'
|
2
|
+
require 'jwt'
|
3
|
+
|
4
|
+
module Knocknock
|
5
|
+
class AuthTokenTest < ActiveSupport::TestCase
|
6
|
+
test "verify algorithm" do
|
7
|
+
Knocknock.token_signature_algorithm = 'RS256'
|
8
|
+
key = Knocknock.token_secret_signature_key.call
|
9
|
+
|
10
|
+
token = JWT.encode({sub: '1'}, key, 'HS256')
|
11
|
+
|
12
|
+
assert_raises(JWT::IncorrectAlgorithm) {
|
13
|
+
AuthToken.new(token: token)
|
14
|
+
}
|
15
|
+
end
|
16
|
+
|
17
|
+
test "decode RSA encoded tokens" do
|
18
|
+
rsa_private = OpenSSL::PKey::RSA.generate 2048
|
19
|
+
Knocknock.token_public_key = rsa_private.public_key
|
20
|
+
Knocknock.token_signature_algorithm = 'RS256'
|
21
|
+
|
22
|
+
token = JWT.encode({sub: '1'}, rsa_private, 'RS256')
|
23
|
+
|
24
|
+
assert_nothing_raised { AuthToken.new(token: token) }
|
25
|
+
end
|
26
|
+
|
27
|
+
test "encode tokens with RSA" do
|
28
|
+
rsa_private = OpenSSL::PKey::RSA.generate 2048
|
29
|
+
Knocknock.token_secret_signature_key = -> { rsa_private }
|
30
|
+
Knocknock.token_signature_algorithm = 'RS256'
|
31
|
+
|
32
|
+
token = AuthToken.new(payload: {sub: '1'}).token
|
33
|
+
|
34
|
+
payload, header = JWT.decode token, rsa_private.public_key, true
|
35
|
+
assert_equal payload['sub'], '1'
|
36
|
+
assert_equal header['alg'], 'RS256'
|
37
|
+
end
|
38
|
+
|
39
|
+
test "verify audience when token_audience is present" do
|
40
|
+
Knocknock.token_audience = -> { 'bar' }
|
41
|
+
key = Knocknock.token_secret_signature_key.call
|
42
|
+
|
43
|
+
token = JWT.encode({sub: 'foo'}, key, 'HS256')
|
44
|
+
|
45
|
+
assert_raises(JWT::InvalidAudError) {
|
46
|
+
AuthToken.new token: token
|
47
|
+
}
|
48
|
+
end
|
49
|
+
end
|
50
|
+
end
|
data/test/test_helper.rb
ADDED
@@ -0,0 +1,38 @@
|
|
1
|
+
require "codeclimate-test-reporter"
|
2
|
+
CodeClimate::TestReporter.start
|
3
|
+
|
4
|
+
# Configure Rails Environment
|
5
|
+
ENV["RAILS_ENV"] = "test"
|
6
|
+
|
7
|
+
require File.expand_path("../../test/dummy/config/environment.rb", __FILE__)
|
8
|
+
ActiveRecord::Migrator.migrations_paths = [File.expand_path("../../test/dummy/db/migrate", __FILE__)]
|
9
|
+
ActiveRecord::Migrator.migrations_paths << File.expand_path('../../db/migrate', __FILE__)
|
10
|
+
require "rails/test_help"
|
11
|
+
|
12
|
+
# Filter out Minitest backtrace while allowing backtrace from other libraries
|
13
|
+
# to be shown.
|
14
|
+
Minitest.backtrace_filter = Minitest::BacktraceFilter.new
|
15
|
+
|
16
|
+
# Load support files
|
17
|
+
Dir["#{File.dirname(__FILE__)}/support/**/*.rb"].each { |f| require f }
|
18
|
+
|
19
|
+
# Load fixtures from the engine
|
20
|
+
if ActiveSupport::TestCase.respond_to?(:fixture_path=)
|
21
|
+
ActiveSupport::TestCase.fixture_path = File.expand_path("../fixtures", __FILE__)
|
22
|
+
ActiveSupport::TestCase.fixtures :all
|
23
|
+
end
|
24
|
+
|
25
|
+
# Make sure knock global configuration is reset before every tests
|
26
|
+
# to avoid order dependent failures.
|
27
|
+
class ActiveSupport::TestCase
|
28
|
+
setup :reset_knocknock_configuration
|
29
|
+
|
30
|
+
private
|
31
|
+
|
32
|
+
def reset_knocknock_configuration
|
33
|
+
Knocknock.token_signature_algorithm = 'HS256'
|
34
|
+
Knocknock.token_secret_signature_key = -> { Rails.application.secrets.secret_key_base }
|
35
|
+
Knocknock.token_public_key = nil
|
36
|
+
Knocknock.token_audience = nil
|
37
|
+
end
|
38
|
+
end
|
@@ -0,0 +1,8 @@
|
|
1
|
+
Rails.application.routes.draw do
|
2
|
+
resource :admin_tokens, only: [:create, :destroy]
|
3
|
+
resource :user_tokens, only: [:create, :destroy]
|
4
|
+
post 'user_tokens' => 'user_tokens#create'
|
5
|
+
post 'admin_tokens' => 'admin_tokens#create'
|
6
|
+
resources :user_protected
|
7
|
+
resources :admin_protected
|
8
|
+
end
|
metadata
ADDED
@@ -0,0 +1,253 @@
|
|
1
|
+
--- !ruby/object:Gem::Specification
|
2
|
+
name: knocknock
|
3
|
+
version: !ruby/object:Gem::Version
|
4
|
+
version: 0.0.0
|
5
|
+
platform: ruby
|
6
|
+
authors:
|
7
|
+
- Zaki Khan
|
8
|
+
autorequire:
|
9
|
+
bindir: bin
|
10
|
+
cert_chain: []
|
11
|
+
date: 2016-02-18 00:00:00.000000000 Z
|
12
|
+
dependencies:
|
13
|
+
- !ruby/object:Gem::Dependency
|
14
|
+
name: rails
|
15
|
+
requirement: !ruby/object:Gem::Requirement
|
16
|
+
requirements:
|
17
|
+
- - ">="
|
18
|
+
- !ruby/object:Gem::Version
|
19
|
+
version: 5.0.0.beta1
|
20
|
+
- - "<"
|
21
|
+
- !ruby/object:Gem::Version
|
22
|
+
version: '5.1'
|
23
|
+
type: :runtime
|
24
|
+
prerelease: false
|
25
|
+
version_requirements: !ruby/object:Gem::Requirement
|
26
|
+
requirements:
|
27
|
+
- - ">="
|
28
|
+
- !ruby/object:Gem::Version
|
29
|
+
version: 5.0.0.beta1
|
30
|
+
- - "<"
|
31
|
+
- !ruby/object:Gem::Version
|
32
|
+
version: '5.1'
|
33
|
+
- !ruby/object:Gem::Dependency
|
34
|
+
name: jwt
|
35
|
+
requirement: !ruby/object:Gem::Requirement
|
36
|
+
requirements:
|
37
|
+
- - "~>"
|
38
|
+
- !ruby/object:Gem::Version
|
39
|
+
version: '1.5'
|
40
|
+
type: :runtime
|
41
|
+
prerelease: false
|
42
|
+
version_requirements: !ruby/object:Gem::Requirement
|
43
|
+
requirements:
|
44
|
+
- - "~>"
|
45
|
+
- !ruby/object:Gem::Version
|
46
|
+
version: '1.5'
|
47
|
+
- !ruby/object:Gem::Dependency
|
48
|
+
name: bcrypt
|
49
|
+
requirement: !ruby/object:Gem::Requirement
|
50
|
+
requirements:
|
51
|
+
- - "~>"
|
52
|
+
- !ruby/object:Gem::Version
|
53
|
+
version: '3.1'
|
54
|
+
type: :runtime
|
55
|
+
prerelease: false
|
56
|
+
version_requirements: !ruby/object:Gem::Requirement
|
57
|
+
requirements:
|
58
|
+
- - "~>"
|
59
|
+
- !ruby/object:Gem::Version
|
60
|
+
version: '3.1'
|
61
|
+
- !ruby/object:Gem::Dependency
|
62
|
+
name: sqlite3
|
63
|
+
requirement: !ruby/object:Gem::Requirement
|
64
|
+
requirements:
|
65
|
+
- - "~>"
|
66
|
+
- !ruby/object:Gem::Version
|
67
|
+
version: '1.3'
|
68
|
+
type: :development
|
69
|
+
prerelease: false
|
70
|
+
version_requirements: !ruby/object:Gem::Requirement
|
71
|
+
requirements:
|
72
|
+
- - "~>"
|
73
|
+
- !ruby/object:Gem::Version
|
74
|
+
version: '1.3'
|
75
|
+
description: Authentication solution for Rails based on JWT
|
76
|
+
email:
|
77
|
+
- zakmysta@gmail.com
|
78
|
+
executables: []
|
79
|
+
extensions: []
|
80
|
+
extra_rdoc_files: []
|
81
|
+
files:
|
82
|
+
- MIT-LICENSE
|
83
|
+
- README.md
|
84
|
+
- Rakefile
|
85
|
+
- app/controllers/knocknock/auth_tokens_controller.rb
|
86
|
+
- app/model/knocknock/auth_token.rb
|
87
|
+
- config/routes.rb
|
88
|
+
- lib/generators/knocknock/install_generator.rb
|
89
|
+
- lib/generators/knocknock/token_controller_generator.rb
|
90
|
+
- lib/generators/templates/access_token.rb.erb
|
91
|
+
- lib/generators/templates/create_access_token.rb
|
92
|
+
- lib/generators/templates/knocknock.rb
|
93
|
+
- lib/generators/templates/resource_tokens_controller.rb.erb
|
94
|
+
- lib/knocknock.rb
|
95
|
+
- lib/knocknock/authenticatable.rb
|
96
|
+
- lib/knocknock/engine.rb
|
97
|
+
- lib/knocknock/version.rb
|
98
|
+
- lib/tasks/knocknock_tasks.rake
|
99
|
+
- test/dummy/README.rdoc
|
100
|
+
- test/dummy/Rakefile
|
101
|
+
- test/dummy/app/controllers/admin_protected_controller.rb
|
102
|
+
- test/dummy/app/controllers/admin_tokens_controller.rb
|
103
|
+
- test/dummy/app/controllers/application_controller.rb
|
104
|
+
- test/dummy/app/controllers/user_protected_controller.rb
|
105
|
+
- test/dummy/app/controllers/user_tokens_controller.rb
|
106
|
+
- test/dummy/app/helpers/application_helper.rb
|
107
|
+
- test/dummy/app/models/access_token.rb
|
108
|
+
- test/dummy/app/models/admin.rb
|
109
|
+
- test/dummy/app/models/user.rb
|
110
|
+
- test/dummy/bin/bundle
|
111
|
+
- test/dummy/bin/rails
|
112
|
+
- test/dummy/bin/rake
|
113
|
+
- test/dummy/bin/setup
|
114
|
+
- test/dummy/config.ru
|
115
|
+
- test/dummy/config/application.rb
|
116
|
+
- test/dummy/config/boot.rb
|
117
|
+
- test/dummy/config/database.yml
|
118
|
+
- test/dummy/config/environment.rb
|
119
|
+
- test/dummy/config/environments/development.rb
|
120
|
+
- test/dummy/config/environments/production.rb
|
121
|
+
- test/dummy/config/environments/test.rb
|
122
|
+
- test/dummy/config/initializers/assets.rb
|
123
|
+
- test/dummy/config/initializers/backtrace_silencers.rb
|
124
|
+
- test/dummy/config/initializers/cookies_serializer.rb
|
125
|
+
- test/dummy/config/initializers/filter_parameter_logging.rb
|
126
|
+
- test/dummy/config/initializers/inflections.rb
|
127
|
+
- test/dummy/config/initializers/mime_types.rb
|
128
|
+
- test/dummy/config/initializers/session_store.rb
|
129
|
+
- test/dummy/config/initializers/wrap_parameters.rb
|
130
|
+
- test/dummy/config/locales/en.yml
|
131
|
+
- test/dummy/config/routes.rb
|
132
|
+
- test/dummy/config/secrets.yml
|
133
|
+
- test/dummy/db/development.sqlite3
|
134
|
+
- test/dummy/db/migrate/20150713101607_create_users.rb
|
135
|
+
- test/dummy/db/migrate/20150922015152_create_admins.rb
|
136
|
+
- test/dummy/db/migrate/20160218200351_create_access_tokens.rb
|
137
|
+
- test/dummy/db/schema.rb
|
138
|
+
- test/dummy/db/test.sqlite3
|
139
|
+
- test/dummy/log/development.log
|
140
|
+
- test/dummy/log/test.log
|
141
|
+
- test/dummy/public/404.html
|
142
|
+
- test/dummy/public/422.html
|
143
|
+
- test/dummy/public/500.html
|
144
|
+
- test/dummy/public/favicon.ico
|
145
|
+
- test/dummy/test/controllers/admin_protected_controller_test.rb
|
146
|
+
- test/dummy/test/controllers/admin_tokens_controller_test.rb
|
147
|
+
- test/dummy/test/controllers/user_protected_controller_test.rb
|
148
|
+
- test/dummy/test/controllers/user_tokens_controller_test.rb
|
149
|
+
- test/dummy/test/fixtures/access_tokens.yml
|
150
|
+
- test/dummy/test/models/access_token_test.rb
|
151
|
+
- test/dummy/test/models/admin_test.rb
|
152
|
+
- test/dummy/test/models/user_test.rb
|
153
|
+
- test/fixtures/admins.yml
|
154
|
+
- test/fixtures/users.yml
|
155
|
+
- test/generators/install_generator_test.rb
|
156
|
+
- test/generators/token_controller_generator_test.rb
|
157
|
+
- test/knocknock_test.rb
|
158
|
+
- test/model/knocknock/auth_token_test.rb
|
159
|
+
- test/support/generators_test_helper.rb
|
160
|
+
- test/test_helper.rb
|
161
|
+
- test/tmp/app/controllers/admin_tokens_controller.rb
|
162
|
+
- test/tmp/app/controllers/user_tokens_controller.rb
|
163
|
+
- test/tmp/config/routes.rb
|
164
|
+
homepage: https://github.com/zakmysta/knocknock
|
165
|
+
licenses:
|
166
|
+
- MIT
|
167
|
+
metadata: {}
|
168
|
+
post_install_message:
|
169
|
+
rdoc_options: []
|
170
|
+
require_paths:
|
171
|
+
- lib
|
172
|
+
required_ruby_version: !ruby/object:Gem::Requirement
|
173
|
+
requirements:
|
174
|
+
- - ">="
|
175
|
+
- !ruby/object:Gem::Version
|
176
|
+
version: '0'
|
177
|
+
required_rubygems_version: !ruby/object:Gem::Requirement
|
178
|
+
requirements:
|
179
|
+
- - ">="
|
180
|
+
- !ruby/object:Gem::Version
|
181
|
+
version: '0'
|
182
|
+
requirements: []
|
183
|
+
rubyforge_project:
|
184
|
+
rubygems_version: 2.5.1
|
185
|
+
signing_key:
|
186
|
+
specification_version: 4
|
187
|
+
summary: Seamless JWT authentication for Rails API.
|
188
|
+
test_files:
|
189
|
+
- test/dummy/app/controllers/admin_protected_controller.rb
|
190
|
+
- test/dummy/app/controllers/admin_tokens_controller.rb
|
191
|
+
- test/dummy/app/controllers/application_controller.rb
|
192
|
+
- test/dummy/app/controllers/user_protected_controller.rb
|
193
|
+
- test/dummy/app/controllers/user_tokens_controller.rb
|
194
|
+
- test/dummy/app/helpers/application_helper.rb
|
195
|
+
- test/dummy/app/models/access_token.rb
|
196
|
+
- test/dummy/app/models/admin.rb
|
197
|
+
- test/dummy/app/models/user.rb
|
198
|
+
- test/dummy/bin/bundle
|
199
|
+
- test/dummy/bin/rails
|
200
|
+
- test/dummy/bin/rake
|
201
|
+
- test/dummy/bin/setup
|
202
|
+
- test/dummy/config/application.rb
|
203
|
+
- test/dummy/config/boot.rb
|
204
|
+
- test/dummy/config/database.yml
|
205
|
+
- test/dummy/config/environment.rb
|
206
|
+
- test/dummy/config/environments/development.rb
|
207
|
+
- test/dummy/config/environments/production.rb
|
208
|
+
- test/dummy/config/environments/test.rb
|
209
|
+
- test/dummy/config/initializers/assets.rb
|
210
|
+
- test/dummy/config/initializers/backtrace_silencers.rb
|
211
|
+
- test/dummy/config/initializers/cookies_serializer.rb
|
212
|
+
- test/dummy/config/initializers/filter_parameter_logging.rb
|
213
|
+
- test/dummy/config/initializers/inflections.rb
|
214
|
+
- test/dummy/config/initializers/mime_types.rb
|
215
|
+
- test/dummy/config/initializers/session_store.rb
|
216
|
+
- test/dummy/config/initializers/wrap_parameters.rb
|
217
|
+
- test/dummy/config/locales/en.yml
|
218
|
+
- test/dummy/config/routes.rb
|
219
|
+
- test/dummy/config/secrets.yml
|
220
|
+
- test/dummy/config.ru
|
221
|
+
- test/dummy/db/development.sqlite3
|
222
|
+
- test/dummy/db/migrate/20150713101607_create_users.rb
|
223
|
+
- test/dummy/db/migrate/20150922015152_create_admins.rb
|
224
|
+
- test/dummy/db/migrate/20160218200351_create_access_tokens.rb
|
225
|
+
- test/dummy/db/schema.rb
|
226
|
+
- test/dummy/db/test.sqlite3
|
227
|
+
- test/dummy/log/development.log
|
228
|
+
- test/dummy/log/test.log
|
229
|
+
- test/dummy/public/404.html
|
230
|
+
- test/dummy/public/422.html
|
231
|
+
- test/dummy/public/500.html
|
232
|
+
- test/dummy/public/favicon.ico
|
233
|
+
- test/dummy/Rakefile
|
234
|
+
- test/dummy/README.rdoc
|
235
|
+
- test/dummy/test/controllers/admin_protected_controller_test.rb
|
236
|
+
- test/dummy/test/controllers/admin_tokens_controller_test.rb
|
237
|
+
- test/dummy/test/controllers/user_protected_controller_test.rb
|
238
|
+
- test/dummy/test/controllers/user_tokens_controller_test.rb
|
239
|
+
- test/dummy/test/fixtures/access_tokens.yml
|
240
|
+
- test/dummy/test/models/access_token_test.rb
|
241
|
+
- test/dummy/test/models/admin_test.rb
|
242
|
+
- test/dummy/test/models/user_test.rb
|
243
|
+
- test/fixtures/admins.yml
|
244
|
+
- test/fixtures/users.yml
|
245
|
+
- test/generators/install_generator_test.rb
|
246
|
+
- test/generators/token_controller_generator_test.rb
|
247
|
+
- test/knocknock_test.rb
|
248
|
+
- test/model/knocknock/auth_token_test.rb
|
249
|
+
- test/support/generators_test_helper.rb
|
250
|
+
- test/test_helper.rb
|
251
|
+
- test/tmp/app/controllers/admin_tokens_controller.rb
|
252
|
+
- test/tmp/app/controllers/user_tokens_controller.rb
|
253
|
+
- test/tmp/config/routes.rb
|