RubyGems - machina-auth - Versions diffs - 0.1.7 → 0.1.8 - Mend

machina-auth 0.1.7 → 0.1.8

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (5) hide show

checksums.yaml +4 -4
data/lib/machina/middleware/authentication.rb +7 -1
data/lib/machina/version.rb +1 -1
data/spec/machina/middleware/authentication_spec.rb +20 -0
metadata +1 -1

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 376d280c6510f8afa38049e22a0c73df81355c57571b83ef571d547e340ee7c3
-  data.tar.gz: 13ce052358975310f67e3b3a65daee423fb48ddc9e2490632b548c66aa0f32d9
+  metadata.gz: a6d8d740d4e6998400a56db8fe506ce1155221bb7ff216fedda0c48ced30aa06
+  data.tar.gz: bbaf611e06b06f3f8fdf767203ec2106504ba97d8cc4e548881ca5f6909df611
 SHA512:
-  metadata.gz: 271245b4d9c4e3a28d4feafe688d9c3e1985d28566f5f86037ab68ef76fa246f266c67b5dad94ad0d23b111844f9c9e9224e656f97bdeaf9ef76efaf4f18311b
-  data.tar.gz: f719e7340acaab6a85ea6b96408c639e0608c797dcbd64f57fa9f5fa76921c5a6ccaac3d0c2751932d77de0ca1019fd4f127479f9b461686b6b0b36c99206c95
+  metadata.gz: 3ca99f12ea236b7a17a84cadc439aa713344c37b2ba2d9a4f59c9d6938b3a7a92f9994f6e79ace9a52203ef64d8dbf3733978f53d70502e14b164efb2bd013f3
+  data.tar.gz: 0c01bf88a2ae86779fcbb2e73ddf94e3269169cade8ced2c50a308e10bd2f54d099c00d1c07fadcabaa2fe4a2ec258683e1b4285e227ad7b7d869f7ba9b80b31

data/lib/machina/middleware/authentication.rb CHANGED Viewed

@@ -66,12 +66,18 @@ module Machina
       end
       def extract_token(request)
-        request.params['token']
+        extract_param_token(request)
           || request.cookies['machina_session']
           || extract_bearer(request)
           || request.headers['X-Api-Key']
       end
+      def extract_param_token(request)
+        request.params['token']
+      rescue ActionDispatch::Http::Parameters::ParseError
+        nil
+      end
       def extract_bearer(request)
         auth_header = request.headers['Authorization'].to_s
         match = auth_header.match(/\ABearer\s+(.+)\z/)

data/lib/machina/version.rb CHANGED Viewed

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 module Machina
-  VERSION = '0.1.7'
+  VERSION = '0.1.8'
 end

data/spec/machina/middleware/authentication_spec.rb CHANGED Viewed

@@ -160,6 +160,26 @@ RSpec.describe Machina::Middleware::Authentication do
     expect(headers['set-cookie']).to be_nil
   end
+  it 'falls through to bearer token when request body is malformed JSON' do
+    mock = MockResponses.session_resolution
+    allow(identity_client).to receive(:resolve_session).with('ps_bearer').and_return(
+      Machina::IdentityClient::Response.new(status: 200, body: mock),
+    )
+    env = Rack::MockRequest.env_for(
+      '/resource',
+      method: 'POST',
+      input: 'not valid json',
+      'CONTENT_TYPE' => 'application/json',
+      'HTTP_AUTHORIZATION' => 'Bearer ps_bearer',
+    )
+    status, _headers, body = middleware.call(env)
+    expect(status).to eq(200)
+    expect(JSON.parse(body.first)['user_id']).to eq(mock['data']['user']['id'])
+  end
   it 'uses the cache on subsequent requests' do
     response = Machina::IdentityClient::Response.new(
       status: 200,

metadata CHANGED Viewed

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: machina-auth
 version: !ruby/object:Gem::Version
-  version: 0.1.7
+  version: 0.1.8
 platform: ruby
 authors:
 - ZAR