lp_token_auth 2.0.0 → 2.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (9) hide show
  1. checksums.yaml +4 -4
  2. data/Gemfile.lock +2 -2
  3. data/README.md +1 -1
  4. data/lib/generators/lp_token_auth/templates/initializer.rb.erb +10 -0
  5. data/lib/lp_token_auth/config.rb +16 -3
  6. data/lib/lp_token_auth/core.rb +7 -6
  7. data/lib/lp_token_auth/version.rb +1 -1
  8. data/migration-guide.md +11 -3
  9. metadata +5 -5
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: c9ad11f1250f5fe138d57dd234bd1be887dd681c180c9c845fa47e2e105bd523
4
- data.tar.gz: ca8ceee02fcb2a82bf8f8674aa2f512178ff8b4c1803dd436eaa295ea3b94e3b
3
+ metadata.gz: 2c5a44184f3818f726afe249a92143dba06368c7508cfc5222c5a059c8939e6a
4
+ data.tar.gz: e851130aae59a29bce8ca48eb06b51e125dfc25a5f8b6bc70b3bdc8da86febff
5
5
  SHA512:
6
- metadata.gz: ce31eea46cef645deeef72b92dce9b26844f407edc87190304bdd2eb39dfcbc39d0fc3b6fa69149df591c345c5aee06254facabd433aa63202a0e1435f4fa710
7
- data.tar.gz: 84f50dca0334a2fb83a9efa1a93145fffe5e544a83cde1d24bec7e8d3ecb2a6f5d307755d10e3d598c82a1a069bdc33e09ac3de764f1b10d43e264605d3d647e
6
+ metadata.gz: 2b1af69f83a7d68fde624f8a87758b9d121b2c495f4a822126c7282c8fe7aaac681d4aab490314a42438ce6df66c216440c68c0e9932f12e104b8c2bd605083f
7
+ data.tar.gz: b947a6fe791ea47faf708419eacb4fdadcd688f8c16c33b11a8bb9c25eab2296ae98f515bb624135092ed76f64eed9ff0de692c5f3c21a2c3cb7ba7cbb18ab2d
data/Gemfile.lock CHANGED
@@ -1,7 +1,7 @@
1
1
  PATH
2
2
  remote: .
3
3
  specs:
4
- lp_token_auth (2.0.0)
4
+ lp_token_auth (2.1.0)
5
5
  jwe (~> 0.4.0)
6
6
  jwt (>= 1.5.6)
7
7
 
@@ -13,7 +13,7 @@ GEM
13
13
  docile (1.1.5)
14
14
  json (2.5.1)
15
15
  jwe (0.4.0)
16
- jwt (2.2.3)
16
+ jwt (2.3.0)
17
17
  minitest (5.14.4)
18
18
  rake (12.3.3)
19
19
  simplecov (0.13.0)
data/README.md CHANGED
@@ -48,7 +48,7 @@ Or install it yourself as:
48
48
  3. All errors will return an instance of `LpTokenAuth::Error`
49
49
 
50
50
  ## Migration Guide
51
- [Migration Guide](https://github.com/LaunchPadLab/lp_token_auth/blob/master/migration-guide.md)
51
+ Version 2.0 contains breaking changes for LP Token Auth. This migration guide contains instructions for using v2.0. [Migration Guide](https://github.com/LaunchPadLab/lp_token_auth/blob/master/migration-guide.md)
52
52
 
53
53
  ## Examples
54
54
  ### Controller
data/lib/generators/lp_token_auth/templates/initializer.rb.erb CHANGED
@@ -19,4 +19,14 @@ LpTokenAuth.config do |config|
19
19
  # default: [:cookie]
20
20
  #
21
21
  config.token_transport = [:cookie]
22
+
23
+ # Where to find the required JWE_PRIVATE_KEY value
24
+ # default: ENV['JWE_PRIVATE_KEY']
25
+ #
26
+ config.jwe_private_key = ENV['JWE_PRIVATE_KEY']
27
+
28
+ # The JWE encryption algorithm to use
29
+ # default: 'A256GCM'
30
+ #
31
+ config.jwe_encryption = 'A256GCM'
22
32
  end
data/lib/lp_token_auth/config.rb CHANGED
@@ -9,13 +9,18 @@ module LpTokenAuth
9
9
  # * `expires` is an integer corresponding to the number of hours that the token is active
10
10
  # * `secret` is a string corresponding to the secret key used when encrypting the token
11
11
  # * `token_transport` is a string indicating where to include the token in the HTTP response
12
- attr_accessor :algorithm, :expires, :secret, :token_transport
12
+ attr_accessor :algorithm, :expires, :secret, :token_transport, :jwe_private_key, :jwe_encryption
13
13
 
14
14
  # Provides default values to token options
15
+ # ENV defaults defined as procs to ensure they return their
16
+ # latest value at call time (else they return nil,
17
+ # since ENV values may not be initialized before gem code)
15
18
  DEFAULT_VALUES = {
16
19
  algorithm: 'HS512',
17
20
  expires: (7 * 24),
18
21
  token_transport: [:cookie],
22
+ jwe_private_key: -> { ENV['JWE_PRIVATE_KEY'] },
23
+ jwe_encryption: -> { ENV['JWE_ENCRYPTION'] || 'A256GCM' }
19
24
  }
20
25
 
21
26
  # Retrieves value for token option, either as set by the application, or the default
@@ -23,9 +28,17 @@ module LpTokenAuth
23
28
  # @raise [LpTokenAuth::Error] if the option has not been set by the application and a default value does not exist
24
29
  # @return [String,Integer] the value of the token option
25
30
  def get_option(key)
26
- option = send(key) || DEFAULT_VALUES[key]
27
- raise LpTokenAuth::Error "Missing config option value: #{ key }" unless option
31
+ option = send(key) || get_default_value(key)
32
+ raise LpTokenAuth::Error, "Missing config option value: #{key}" unless option
28
33
  option
29
34
  end
35
+
36
+ # Retrieves default value for a token option
37
+ # @param [Symbol] key the token option name
38
+ # @return [String,Integer] the value of the token option
39
+ def get_default_value(key)
40
+ default = DEFAULT_VALUES[key]
41
+ default.is_a?(Proc) ? default.call : default
42
+ end
30
43
  end
31
44
  end
data/lib/lp_token_auth/core.rb CHANGED
@@ -28,7 +28,7 @@ module LpTokenAuth
28
28
  LpTokenAuth.config.get_option(:algorithm)
29
29
  )
30
30
 
31
- JWE.encrypt(jwt, private_key, enc: ENV['JWE_ENCRYPTION'] || 'A256GCM')
31
+ JWE.encrypt(jwt, private_key, enc: LpTokenAuth.config.get_option(:jwe_encryption))
32
32
  end
33
33
 
34
34
  # Decodes the JWT token
@@ -64,11 +64,12 @@ module LpTokenAuth
64
64
  private
65
65
 
66
66
  def private_key
67
- raise LpTokenAuth::Error, 'You do not have a private key.' if ENV['JWE_PRIVATE_KEY'].nil?
68
-
69
- OpenSSL::PKey::RSA.new(ENV['JWE_PRIVATE_KEY'].split("\\n").join("\n"))
70
- rescue OpenSSL::PKey::RSAError => msg
71
- raise LpTokenAuth::Error, 'Your private key is formatted incorrectly.'
67
+ key = LpTokenAuth.config.get_option(:jwe_private_key)
68
+ raise LpTokenAuth::Error, 'You do not have a private key.' if key.nil?
69
+
70
+ OpenSSL::PKey::RSA.new(key.split("\\n").join("\n"))
71
+ rescue OpenSSL::PKey::RSAError => msg
72
+ raise LpTokenAuth::Error, 'Your private key is formatted incorrectly.'
72
73
  end
73
74
  end
74
75
  end
data/lib/lp_token_auth/version.rb CHANGED
@@ -1,4 +1,4 @@
1
1
  module LpTokenAuth
2
2
  # Current version of LpTokenAuth
3
- VERSION = '2.0.0'.freeze
3
+ VERSION = '2.1.0'.freeze
4
4
  end
data/migration-guide.md CHANGED
@@ -13,8 +13,16 @@ This version contains the following breaking changes:
13
13
  `JWE_PRIVATE_KEY` contains an RSA key.
14
14
  `JWE_ENCRYPTION` is optional and specifies the encryption used. The default encryption is `A256GCM`.
15
15
 
16
- The RSA key is generated by running `bundle exec rails generate lp_token_auth:rsa`. This rake task will output a formatted RSA key to your console.
16
+ Values for the new settings can alternatively be configured within your LpTokenAuth initializer by setting `LpTokenAuth.config.jwe_private_key` and `LpTokenAuth.config.jwe_encryption`. For example, apps using Rails credentials can set the private key as follows (or point to an ENV variable with a name other than `JWE_PRIVATE_KEY`)
17
+ ```
18
+ LpTokenAuth.config.jwe_private_key = Rails.application.credentials[:jwe_private_key] || ENV['SOME_OTHER_ENV_VARIABLE']
19
+ ```
20
+ The RSA key is generated by running `rails generate lp_token_auth:rsa` in the terminal of your application. This generator will output a formatted RSA key to your console. Directly copy and paste this token as an environment variable with a key of `JWE_PRIVATE_KEY`.
17
21
 
18
22
  **Common Pitfalls in Copy and Pasting RSA Keys**
19
- The generated RSA key is formatted as a string on a single line with newline characters (\n) at the end of each line. Commonly, there are errors in copy and pasting a string without explicit newline characters. The single line string with newline characters included should avoid most of these errors.
20
- Please keep in mind this is for the most common use case of using the `JWE_PRIVATE_KEY` in the `.env.[environment]` file. If you are encountering an error during your migration, consider the format of your RSA string.
23
+
24
+ The generated RSA key is formatted as a string on a single line with newline characters (\n) at the end of each line. Commonly, there are errors in copy and pasting a string without explicit newline characters.
25
+
26
+ Please keep in mind this is for the most common use case of using the `JWE_PRIVATE_KEY` in the `.env.[environment]` file. If you are encountering an error during your migration, consider the format of your RSA string.
27
+
28
+ Be sure to include the `-----BEGIN RSA PRIVATE KEY-----` and `-----END RSA PRIVATE KEY-----` portions of the generated string.
metadata CHANGED
@@ -1,11 +1,11 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: lp_token_auth
3
3
  version: !ruby/object:Gem::Version
4
- version: 2.0.0
4
+ version: 2.1.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Dave Corwin
8
- autorequire:
8
+ autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
11
  date: 2017-02-03 00:00:00.000000000 Z
@@ -108,7 +108,7 @@ homepage: https://github.com/launchpadlab/lp_token_auth
108
108
  licenses:
109
109
  - MIT
110
110
  metadata: {}
111
- post_install_message:
111
+ post_install_message:
112
112
  rdoc_options: []
113
113
  require_paths:
114
114
  - lib
@@ -123,8 +123,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
123
123
  - !ruby/object:Gem::Version
124
124
  version: '0'
125
125
  requirements: []
126
- rubygems_version: 3.2.17
127
- signing_key:
126
+ rubygems_version: 3.3.26
127
+ signing_key:
128
128
  specification_version: 4
129
129
  summary: Auth!
130
130
  test_files: []