matic-jwt 1.0.0 → 1.2.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
-SHA1:
-  metadata.gz: 90a373ebd61d2f005071650b619d104e380ee48a
-  data.tar.gz: cc006f8be62476c2469acbb9032eb1d1393fb334
+SHA256:
+  metadata.gz: 313363fcb79e523d8413f90f26cb68ef2d367fcd17064a922e2ae0c85fa7e341
+  data.tar.gz: 7fe456dc05a4dc4a0ec96775bcd4d0e16b93cb9aa2b0901d576976d6e94ff7ff
 SHA512:
-  metadata.gz: ffa0a34cbbd13c1cd46b47f2ff8253ef5010bb1190c5d37ef867cc5806b0b926ff89d20ba8bed830bb934d634697680e573527e7440a0be1bf47a792455ffff0
-  data.tar.gz: 0a95343848316a8b90d81619ed6f2a451deddc22cafc936b553386dea89c2aa334434e3497b6b5ca839c9dd1666d60ab61f22fed1e340d54d7d35b8af15c4369
+  metadata.gz: 04e19566ecaa807ee638e0440ee563dcc8650b51ca08c95e8eba9290d09c321f73bfb2a2b9c1efa405f1241bdd32b3be6b7f2f7ecaa0d4a3a410f471995fda8e
+  data.tar.gz: f8a7986ded92f383d5f196d5871afeae9aaa41f53e622d37a2817b2992c8ae8cd5267f707899cb73698f86e18709e07e30211fe37873e058a6c2396b6fa26616

data/.github/workflows/main.yml

@@ -0,0 +1,68 @@
+name: ci
+on:
+  push:
+    branches:
+      - master
+  pull_request:
+    branches:
+      - master
+  release:
+    types: [published]
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        ruby: [ '2.5.x', '2.6.x' ]
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v1
+      - name: Cache dependencies
+        uses: actions/cache@v1
+        with:
+          path: vendor/bundle
+          key: ${{ runner.OS }}-ruby-${{ matrix.ruby }}
+          restore-keys: ${{ runner.OS }}-
+
+      - name: Set up Ruby
+        uses: actions/setup-ruby@v1
+        with:
+          ruby-version: ${{ matrix.ruby }}
+      - name: Set up Bundler
+        run: gem install bundler:1.14.5
+      - name: Set up Dependencies
+        run: bundle install --path vendor/bundle
+      - name: Run specs
+        run: bundle exec rspec
+
+  release:
+    runs-on: ubuntu-latest
+    needs: build
+    if: github.event_name == 'release' && github.event.action == 'published'
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v1
+
+      - name: Set up Ruby
+        uses: actions/setup-ruby@v1
+        with:
+          ruby-version: 2.6.x
+      - name: Set up Bundler
+        run: gem install bundler:1.17.3
+      - name: Set up credentials
+        run: |
+          mkdir -p $HOME/.gem
+          touch $HOME/.gem/credentials
+          chmod 0600 $HOME/.gem/credentials
+          printf -- "---\n:rubygems_api_key: ${{secrets.RUBYGEMS_AUTH_TOKEN}}\n" > $HOME/.gem/credentials
+
+      - name: Get version
+        run: echo "${GITHUB_REF/refs\/tags\//}" > release.tag
+      - name: Set version
+        run: sed -i "s/0.0.0/$(<release.tag)/g" */**/version.rb
+
+      - name: Build gem
+        run: gem build *.gemspec
+      - name: Push gem
+        run: gem push *.gem

data/Gemfile.lock

@@ -1,25 +1,26 @@
 PATH
   remote: .
   specs:
-    matic-jwt (1.0.0)
+    matic-jwt (0.0.0)
       activesupport
       jwt
 
 GEM
   remote: https://rubygems.org/
   specs:
-    activesupport (5.1.4)
+    activesupport (6.0.3.1)
       concurrent-ruby (~> 1.0, >= 1.0.2)
-      i18n (~> 0.7)
+      i18n (>= 0.7, < 2)
       minitest (~> 5.1)
       tzinfo (~> 1.1)
-    concurrent-ruby (1.0.5)
+      zeitwerk (~> 2.2, >= 2.2.2)
+    concurrent-ruby (1.1.6)
     diff-lcs (1.3)
-    i18n (0.9.1)
+    i18n (1.8.2)
       concurrent-ruby (~> 1.0)
-    jwt (2.1.0)
-    minitest (5.10.3)
-    rake (10.5.0)
+    jwt (2.2.1)
+    minitest (5.14.1)
+    rake (13.0.1)
     rspec (3.7.0)
       rspec-core (~> 3.7.0)
       rspec-expectations (~> 3.7.0)
@@ -34,8 +35,9 @@ GEM
       rspec-support (~> 3.7.0)
     rspec-support (3.7.0)
     thread_safe (0.3.6)
-    tzinfo (1.2.4)
+    tzinfo (1.2.7)
       thread_safe (~> 0.1)
+    zeitwerk (2.3.0)
 
 PLATFORMS
   ruby
@@ -43,8 +45,8 @@ PLATFORMS
 DEPENDENCIES
   bundler (~> 1.16)
   matic-jwt!
-  rake (~> 10.0)
+  rake (~> 13.0)
   rspec (~> 3.0)
 
 BUNDLED WITH
-   1.16.0
+   1.17.3

data/README.md

@@ -1,8 +1,6 @@
 # Matic::Jwt
 
-Welcome to your new gem! In this directory, you'll find the files you need to be able to package up your Ruby library into a gem. Put your Ruby code in the file `lib/matic/jwt`. To experiment with that code, run `bin/console` for an interactive prompt.
-
-TODO: Delete this and the text above, and describe your gem
+Matic's implementation of JWT authentication.
 
 ## Installation
 
@@ -22,7 +20,39 @@ Or install it yourself as:
 
 ## Usage
 
-TODO: Write usage instructions here
+### Plain Ruby
+
+Use `MaticJWT::Generator` to create JWT tokens or headers:
+```ruby
+generator = MaticJWT::Generator.new
+token = generator.token_for('my_client', 'my_super_secret', additional_payload: 'test')
+header = generator.authentication_header_for('my_client', 'my_super_secret', user_id: 'test@localhost.com')
+```  
+
+### With Grape
+
+Use ```:jwt_auth``` strategy and provide secret.
+```ruby
+   auth :jwt_auth, {
+      secret: -> (client_name) { ::ApiClient.find_by!(name: client_name).secret }
+   }
+```
+If you need to get any data from authentication payload use ::MaticJWT::Grape::Helper.
+```ruby
+    module ApiHelper
+       include ::MaticJWT::Grape::Helper
+        
+        def current_client
+          @current_client ||= ::ApiClient.find_by!(name: client_name)
+        end
+    
+        private
+    
+        def client_name
+          auth_payload['client_name']
+        end
+    end 
+```
 
 ## Development
 

data/lib/matic-jwt/authenticator.rb

@@ -13,18 +13,18 @@ module MaticJWT
       JWT.decode(@token, secret, true, algorithm: ALGORITHM)
     end
 
+    def payload
+      JWT.decode(@token, nil, false)
+    end
+
     private
 
     def extract_token(header)
-      token = header.slice(@scheme.length + 1..-1)
+      token = header&.slice(@scheme.length + 1..-1)
       validate_header_presence!(token)
       token
     end
 
-    def payload
-      JWT.decode(@token, nil, false)
-    end
-
     def validate_header_presence!(token)
       raise(JWT::DecodeError, 'Authorization token is incorrect') unless token&.present?
     end

data/lib/matic-jwt/generator.rb

@@ -1,17 +1,18 @@
 module MaticJWT
   class Generator
-    def initialize(expiration: EXPIRATION)
+    def initialize(expiration: EXPIRATION, scheme: SCHEME)
       @expiration = expiration
+      @scheme = scheme
     end
 
-    def token_for(client_name, secret)
-      payload = {client_name: client_name, exp: @expiration.since.to_i}
-      JWT.encode(payload, secret, ALGORITHM)
+    def token_for(client_name, secret, payload = {})
+      jwt_payload = payload.merge(client_name: client_name, exp: @expiration.since.to_i)
+      JWT.encode(jwt_payload, secret, ALGORITHM)
     end
 
-    def authentication_header_for(client_name, secret, scheme: SCHEME)
-      token = token_for(client_name, secret)
-      "#{scheme} #{token}"
+    def authentication_header_for(client_name, secret, payload = {})
+      token = token_for(client_name, secret, payload)
+      "#{@scheme} #{token}"
     end
   end
 end

data/lib/matic-jwt/grape/helper.rb

@@ -0,0 +1,9 @@
+module MaticJWT
+  module Grape
+    module Helper
+      def auth_payload
+        env['auth_payload']
+      end
+    end
+  end
+end

data/lib/matic-jwt/grape/middleware/auth.rb

@@ -0,0 +1,53 @@
+module MaticJWT
+  module Grape
+    module Middleware
+      class Auth
+        def initialize(app, options)
+          @app = app
+          @secret_reader = options[:secret]
+        end
+
+        def call(env)
+          @env = env
+
+          validate_request
+          decode_payload
+          authenticate!
+          continue!
+        end
+
+        private
+
+        def validate_request
+          raise JWT::VerificationError, 'Authorization token is invalid' unless request.valid?
+        end
+
+        def decode_payload
+          @env['auth_payload'] = jwt_authenticator.payload&.first
+        end
+
+        def authenticate!
+          jwt_authenticator.authenticate_with_secret!(secret)
+        end
+
+        def continue!
+          @app.call(@env)
+        end
+
+        def jwt_authenticator
+          ::MaticJWT::Authenticator.new(request.auth_token)
+        end
+
+        def secret
+          @secret_reader.call(jwt_authenticator.client_name)
+        end
+
+        def request
+          @request ||= ::MaticJWT::Grape::Middleware::Request.new(@env)
+        end
+      end
+    end
+  end
+end
+
+Grape::Middleware::Auth::Strategies.add(:jwt_auth, ::MaticJWT::Grape::Middleware::Auth, ->(options) { [options] })

data/lib/matic-jwt/grape/middleware/request.rb

@@ -0,0 +1,27 @@
+module MaticJWT
+  module Grape
+    module Middleware
+      class Request
+        AUTHORIZATION_KEYS = %w[HTTP_AUTHORIZATION X-HTTP_AUTHORIZATION X_HTTP_AUTHORIZATION].freeze
+
+        def initialize(env)
+          @env = env
+        end
+
+        def valid?
+          !@env[auth_key].nil?
+        end
+
+        def auth_token
+          @env[auth_key]
+        end
+
+        private
+
+        def auth_key
+          @authorization_key ||= AUTHORIZATION_KEYS.detect { |key| @env.key?(key) }
+        end
+      end
+    end
+  end
+end

data/lib/matic-jwt/version.rb

@@ -1,3 +1,3 @@
 module MaticJWT
-  VERSION = '1.0.0'
+  VERSION = '1.2.1'.freeze
 end

data/lib/matic-jwt.rb

@@ -5,6 +5,12 @@ require 'matic-jwt/authenticator'
 require 'matic-jwt/generator'
 require 'matic-jwt/version'
 
+if Gem.loaded_specs.has_key?('grape')
+  require 'matic-jwt/grape/helper'
+  require 'matic-jwt/grape/middleware/request'
+  require 'matic-jwt/grape/middleware/auth'
+end
+
 module MaticJWT
   ALGORITHM = 'HS256'.freeze
   EXPIRATION = 1.minute

data/matic-jwt.gemspec

@@ -32,6 +32,6 @@ Gem::Specification.new do |spec|
   spec.add_dependency 'activesupport'
 
   spec.add_development_dependency 'bundler', '~> 1.16'
-  spec.add_development_dependency 'rake', '~> 10.0'
+  spec.add_development_dependency 'rake', '~> 13.0'
   spec.add_development_dependency 'rspec', '~> 3.0'
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: matic-jwt
 version: !ruby/object:Gem::Version
-  version: 1.0.0
+  version: 1.2.1
 platform: ruby
 authors:
 - Yurii Danyliak
 autorequire: 
 bindir: exe
 cert_chain: []
-date: 2017-12-08 00:00:00.000000000 Z
+date: 2021-09-29 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: jwt
@@ -58,14 +58,14 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '10.0'
+        version: '13.0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '10.0'
+        version: '13.0'
 - !ruby/object:Gem::Dependency
   name: rspec
   requirement: !ruby/object:Gem::Requirement
@@ -88,8 +88,8 @@ executables: []
 extensions: []
 extra_rdoc_files: []
 files:
+- ".github/workflows/main.yml"
 - ".gitignore"
-- ".travis.yml"
 - Gemfile
 - Gemfile.lock
 - LICENSE
@@ -100,6 +100,9 @@ files:
 - lib/matic-jwt.rb
 - lib/matic-jwt/authenticator.rb
 - lib/matic-jwt/generator.rb
+- lib/matic-jwt/grape/helper.rb
+- lib/matic-jwt/grape/middleware/auth.rb
+- lib/matic-jwt/grape/middleware/request.rb
 - lib/matic-jwt/version.rb
 - matic-jwt.gemspec
 homepage: https://github.com/matic-insurance/matic-jwt-wrapper
@@ -121,8 +124,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubyforge_project: 
-rubygems_version: 2.5.2
+rubygems_version: 3.0.3.1
 signing_key: 
 specification_version: 4
 summary: Matic's JWT implementation

data/.travis.yml

@@ -1,5 +0,0 @@
-language: ruby
-rvm:
-  - 2.3.4
-script:
-  - bundle exec rspec