lp_token_auth 2.0.0 → 2.1.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (9) hide show
  1. checksums.yaml +4 -4
  2. data/Gemfile.lock +2 -2
  3. data/README.md +1 -1
  4. data/lib/generators/lp_token_auth/templates/initializer.rb.erb +10 -0
  5. data/lib/lp_token_auth/config.rb +16 -3
  6. data/lib/lp_token_auth/core.rb +7 -6
  7. data/lib/lp_token_auth/version.rb +1 -1
  8. data/migration-guide.md +11 -3
  9. metadata +5 -5
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: c9ad11f1250f5fe138d57dd234bd1be887dd681c180c9c845fa47e2e105bd523
4
- data.tar.gz: ca8ceee02fcb2a82bf8f8674aa2f512178ff8b4c1803dd436eaa295ea3b94e3b
3
+ metadata.gz: 2c5a44184f3818f726afe249a92143dba06368c7508cfc5222c5a059c8939e6a
4
+ data.tar.gz: e851130aae59a29bce8ca48eb06b51e125dfc25a5f8b6bc70b3bdc8da86febff
5
5
  SHA512:
6
- metadata.gz: ce31eea46cef645deeef72b92dce9b26844f407edc87190304bdd2eb39dfcbc39d0fc3b6fa69149df591c345c5aee06254facabd433aa63202a0e1435f4fa710
7
- data.tar.gz: 84f50dca0334a2fb83a9efa1a93145fffe5e544a83cde1d24bec7e8d3ecb2a6f5d307755d10e3d598c82a1a069bdc33e09ac3de764f1b10d43e264605d3d647e
6
+ metadata.gz: 2b1af69f83a7d68fde624f8a87758b9d121b2c495f4a822126c7282c8fe7aaac681d4aab490314a42438ce6df66c216440c68c0e9932f12e104b8c2bd605083f
7
+ data.tar.gz: b947a6fe791ea47faf708419eacb4fdadcd688f8c16c33b11a8bb9c25eab2296ae98f515bb624135092ed76f64eed9ff0de692c5f3c21a2c3cb7ba7cbb18ab2d
data/Gemfile.lock CHANGED
@@ -1,7 +1,7 @@
1
1
  PATH
2
2
  remote: .
3
3
  specs:
4
- lp_token_auth (2.0.0)
4
+ lp_token_auth (2.1.0)
5
5
  jwe (~> 0.4.0)
6
6
  jwt (>= 1.5.6)
7
7
 
@@ -13,7 +13,7 @@ GEM
13
13
  docile (1.1.5)
14
14
  json (2.5.1)
15
15
  jwe (0.4.0)
16
- jwt (2.2.3)
16
+ jwt (2.3.0)
17
17
  minitest (5.14.4)
18
18
  rake (12.3.3)
19
19
  simplecov (0.13.0)
data/README.md CHANGED
@@ -48,7 +48,7 @@ Or install it yourself as:
48
48
  3. All errors will return an instance of `LpTokenAuth::Error`
49
49
 
50
50
  ## Migration Guide
51
- [Migration Guide](https://github.com/LaunchPadLab/lp_token_auth/blob/master/migration-guide.md)
51
+ Version 2.0 contains breaking changes for LP Token Auth. This migration guide contains instructions for using v2.0. [Migration Guide](https://github.com/LaunchPadLab/lp_token_auth/blob/master/migration-guide.md)
52
52
 
53
53
  ## Examples
54
54
  ### Controller
data/lib/generators/lp_token_auth/templates/initializer.rb.erb CHANGED
@@ -19,4 +19,14 @@ LpTokenAuth.config do |config|
19
19
  # default: [:cookie]
20
20
  #
21
21
  config.token_transport = [:cookie]
22
+
23
+ # Where to find the required JWE_PRIVATE_KEY value
24
+ # default: ENV['JWE_PRIVATE_KEY']
25
+ #
26
+ config.jwe_private_key = ENV['JWE_PRIVATE_KEY']
27
+
28
+ # The JWE encryption algorithm to use
29
+ # default: 'A256GCM'
30
+ #
31
+ config.jwe_encryption = 'A256GCM'
22
32
  end
data/lib/lp_token_auth/config.rb CHANGED
@@ -9,13 +9,18 @@ module LpTokenAuth
9
9
  # * `expires` is an integer corresponding to the number of hours that the token is active
10
10
  # * `secret` is a string corresponding to the secret key used when encrypting the token
11
11
  # * `token_transport` is a string indicating where to include the token in the HTTP response
12
- attr_accessor :algorithm, :expires, :secret, :token_transport
12
+ attr_accessor :algorithm, :expires, :secret, :token_transport, :jwe_private_key, :jwe_encryption
13
13
 
14
14
  # Provides default values to token options
15
+ # ENV defaults defined as procs to ensure they return their
16
+ # latest value at call time (else they return nil,
17
+ # since ENV values may not be initialized before gem code)
15
18
  DEFAULT_VALUES = {
16
19
  algorithm: 'HS512',
17
20
  expires: (7 * 24),
18
21
  token_transport: [:cookie],
22
+ jwe_private_key: -> { ENV['JWE_PRIVATE_KEY'] },
23
+ jwe_encryption: -> { ENV['JWE_ENCRYPTION'] || 'A256GCM' }
19
24
  }
20
25
 
21
26
  # Retrieves value for token option, either as set by the application, or the default
@@ -23,9 +28,17 @@ module LpTokenAuth
23
28
  # @raise [LpTokenAuth::Error] if the option has not been set by the application and a default value does not exist
24
29
  # @return [String,Integer] the value of the token option
25
30
  def get_option(key)
26
- option = send(key) || DEFAULT_VALUES[key]
27
- raise LpTokenAuth::Error "Missing config option value: #{ key }" unless option
31
+ option = send(key) || get_default_value(key)
32
+ raise LpTokenAuth::Error, "Missing config option value: #{key}" unless option
28
33
  option
29
34
  end
35
+
36
+ # Retrieves default value for a token option
37
+ # @param [Symbol] key the token option name
38
+ # @return [String,Integer] the value of the token option
39
+ def get_default_value(key)
40
+ default = DEFAULT_VALUES[key]
41
+ default.is_a?(Proc) ? default.call : default
42
+ end
30
43
  end
31
44
  end
data/lib/lp_token_auth/core.rb CHANGED
@@ -28,7 +28,7 @@ module LpTokenAuth
28
28
  LpTokenAuth.config.get_option(:algorithm)
29
29
  )
30
30
 
31
- JWE.encrypt(jwt, private_key, enc: ENV['JWE_ENCRYPTION'] || 'A256GCM')
31
+ JWE.encrypt(jwt, private_key, enc: LpTokenAuth.config.get_option(:jwe_encryption))
32
32
  end
33
33
 
34
34
  # Decodes the JWT token
@@ -64,11 +64,12 @@ module LpTokenAuth
64
64
  private
65
65
 
66
66
  def private_key
67
- raise LpTokenAuth::Error, 'You do not have a private key.' if ENV['JWE_PRIVATE_KEY'].nil?
68
-
69
- OpenSSL::PKey::RSA.new(ENV['JWE_PRIVATE_KEY'].split("\\n").join("\n"))
70
- rescue OpenSSL::PKey::RSAError => msg
71
- raise LpTokenAuth::Error, 'Your private key is formatted incorrectly.'
67
+ key = LpTokenAuth.config.get_option(:jwe_private_key)
68
+ raise LpTokenAuth::Error, 'You do not have a private key.' if key.nil?
69
+
70
+ OpenSSL::PKey::RSA.new(key.split("\\n").join("\n"))
71
+ rescue OpenSSL::PKey::RSAError => msg
72
+ raise LpTokenAuth::Error, 'Your private key is formatted incorrectly.'
72
73
  end
73
74
  end
74
75
  end
data/lib/lp_token_auth/version.rb CHANGED
@@ -1,4 +1,4 @@
1
1
  module LpTokenAuth
2
2
  # Current version of LpTokenAuth
3
- VERSION = '2.0.0'.freeze
3
+ VERSION = '2.1.0'.freeze
4
4
  end
data/migration-guide.md CHANGED
@@ -13,8 +13,16 @@ This version contains the following breaking changes:
13
13
  `JWE_PRIVATE_KEY` contains an RSA key.
14
14
  `JWE_ENCRYPTION` is optional and specifies the encryption used. The default encryption is `A256GCM`.
15
15
 
16
- The RSA key is generated by running `bundle exec rails generate lp_token_auth:rsa`. This rake task will output a formatted RSA key to your console.
16
+ Values for the new settings can alternatively be configured within your LpTokenAuth initializer by setting `LpTokenAuth.config.jwe_private_key` and `LpTokenAuth.config.jwe_encryption`. For example, apps using Rails credentials can set the private key as follows (or point to an ENV variable with a name other than `JWE_PRIVATE_KEY`)
17
+ ```
18
+ LpTokenAuth.config.jwe_private_key = Rails.application.credentials[:jwe_private_key] || ENV['SOME_OTHER_ENV_VARIABLE']
19
+ ```
20
+ The RSA key is generated by running `rails generate lp_token_auth:rsa` in the terminal of your application. This generator will output a formatted RSA key to your console. Directly copy and paste this token as an environment variable with a key of `JWE_PRIVATE_KEY`.
17
21
 
18
22
  **Common Pitfalls in Copy and Pasting RSA Keys**
19
- The generated RSA key is formatted as a string on a single line with newline characters (\n) at the end of each line. Commonly, there are errors in copy and pasting a string without explicit newline characters. The single line string with newline characters included should avoid most of these errors.
20
- Please keep in mind this is for the most common use case of using the `JWE_PRIVATE_KEY` in the `.env.[environment]` file. If you are encountering an error during your migration, consider the format of your RSA string.
23
+
24
+ The generated RSA key is formatted as a string on a single line with newline characters (\n) at the end of each line. Commonly, there are errors in copy and pasting a string without explicit newline characters.
25
+
26
+ Please keep in mind this is for the most common use case of using the `JWE_PRIVATE_KEY` in the `.env.[environment]` file. If you are encountering an error during your migration, consider the format of your RSA string.
27
+
28
+ Be sure to include the `-----BEGIN RSA PRIVATE KEY-----` and `-----END RSA PRIVATE KEY-----` portions of the generated string.
metadata CHANGED
@@ -1,11 +1,11 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: lp_token_auth
3
3
  version: !ruby/object:Gem::Version
4
- version: 2.0.0
4
+ version: 2.1.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Dave Corwin
8
- autorequire:
8
+ autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
11
  date: 2017-02-03 00:00:00.000000000 Z
@@ -108,7 +108,7 @@ homepage: https://github.com/launchpadlab/lp_token_auth
108
108
  licenses:
109
109
  - MIT
110
110
  metadata: {}
111
- post_install_message:
111
+ post_install_message:
112
112
  rdoc_options: []
113
113
  require_paths:
114
114
  - lib
@@ -123,8 +123,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
123
123
  - !ruby/object:Gem::Version
124
124
  version: '0'
125
125
  requirements: []
126
- rubygems_version: 3.2.17
127
- signing_key:
126
+ rubygems_version: 3.3.26
127
+ signing_key:
128
128
  specification_version: 4
129
129
  summary: Auth!
130
130
  test_files: []