matic-jwt 1.0.0 → 1.2.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +5 -5
- data/.github/workflows/main.yml +68 -0
- data/Gemfile.lock +13 -11
- data/README.md +34 -4
- data/lib/matic-jwt/authenticator.rb +5 -5
- data/lib/matic-jwt/generator.rb +8 -7
- data/lib/matic-jwt/grape/helper.rb +9 -0
- data/lib/matic-jwt/grape/middleware/auth.rb +53 -0
- data/lib/matic-jwt/grape/middleware/request.rb +27 -0
- data/lib/matic-jwt/version.rb +1 -1
- data/lib/matic-jwt.rb +6 -0
- data/matic-jwt.gemspec +1 -1
- metadata +9 -7
- data/.travis.yml +0 -5
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
|
-
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
2
|
+
SHA256:
|
3
|
+
metadata.gz: 313363fcb79e523d8413f90f26cb68ef2d367fcd17064a922e2ae0c85fa7e341
|
4
|
+
data.tar.gz: 7fe456dc05a4dc4a0ec96775bcd4d0e16b93cb9aa2b0901d576976d6e94ff7ff
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 04e19566ecaa807ee638e0440ee563dcc8650b51ca08c95e8eba9290d09c321f73bfb2a2b9c1efa405f1241bdd32b3be6b7f2f7ecaa0d4a3a410f471995fda8e
|
7
|
+
data.tar.gz: f8a7986ded92f383d5f196d5871afeae9aaa41f53e622d37a2817b2992c8ae8cd5267f707899cb73698f86e18709e07e30211fe37873e058a6c2396b6fa26616
|
@@ -0,0 +1,68 @@
|
|
1
|
+
name: ci
|
2
|
+
on:
|
3
|
+
push:
|
4
|
+
branches:
|
5
|
+
- master
|
6
|
+
pull_request:
|
7
|
+
branches:
|
8
|
+
- master
|
9
|
+
release:
|
10
|
+
types: [published]
|
11
|
+
|
12
|
+
jobs:
|
13
|
+
build:
|
14
|
+
runs-on: ubuntu-latest
|
15
|
+
strategy:
|
16
|
+
matrix:
|
17
|
+
ruby: [ '2.5.x', '2.6.x' ]
|
18
|
+
steps:
|
19
|
+
- name: Checkout
|
20
|
+
uses: actions/checkout@v1
|
21
|
+
- name: Cache dependencies
|
22
|
+
uses: actions/cache@v1
|
23
|
+
with:
|
24
|
+
path: vendor/bundle
|
25
|
+
key: ${{ runner.OS }}-ruby-${{ matrix.ruby }}
|
26
|
+
restore-keys: ${{ runner.OS }}-
|
27
|
+
|
28
|
+
- name: Set up Ruby
|
29
|
+
uses: actions/setup-ruby@v1
|
30
|
+
with:
|
31
|
+
ruby-version: ${{ matrix.ruby }}
|
32
|
+
- name: Set up Bundler
|
33
|
+
run: gem install bundler:1.14.5
|
34
|
+
- name: Set up Dependencies
|
35
|
+
run: bundle install --path vendor/bundle
|
36
|
+
- name: Run specs
|
37
|
+
run: bundle exec rspec
|
38
|
+
|
39
|
+
release:
|
40
|
+
runs-on: ubuntu-latest
|
41
|
+
needs: build
|
42
|
+
if: github.event_name == 'release' && github.event.action == 'published'
|
43
|
+
steps:
|
44
|
+
- name: Checkout
|
45
|
+
uses: actions/checkout@v1
|
46
|
+
|
47
|
+
- name: Set up Ruby
|
48
|
+
uses: actions/setup-ruby@v1
|
49
|
+
with:
|
50
|
+
ruby-version: 2.6.x
|
51
|
+
- name: Set up Bundler
|
52
|
+
run: gem install bundler:1.17.3
|
53
|
+
- name: Set up credentials
|
54
|
+
run: |
|
55
|
+
mkdir -p $HOME/.gem
|
56
|
+
touch $HOME/.gem/credentials
|
57
|
+
chmod 0600 $HOME/.gem/credentials
|
58
|
+
printf -- "---\n:rubygems_api_key: ${{secrets.RUBYGEMS_AUTH_TOKEN}}\n" > $HOME/.gem/credentials
|
59
|
+
|
60
|
+
- name: Get version
|
61
|
+
run: echo "${GITHUB_REF/refs\/tags\//}" > release.tag
|
62
|
+
- name: Set version
|
63
|
+
run: sed -i "s/0.0.0/$(<release.tag)/g" */**/version.rb
|
64
|
+
|
65
|
+
- name: Build gem
|
66
|
+
run: gem build *.gemspec
|
67
|
+
- name: Push gem
|
68
|
+
run: gem push *.gem
|
data/Gemfile.lock
CHANGED
@@ -1,25 +1,26 @@
|
|
1
1
|
PATH
|
2
2
|
remote: .
|
3
3
|
specs:
|
4
|
-
matic-jwt (
|
4
|
+
matic-jwt (0.0.0)
|
5
5
|
activesupport
|
6
6
|
jwt
|
7
7
|
|
8
8
|
GEM
|
9
9
|
remote: https://rubygems.org/
|
10
10
|
specs:
|
11
|
-
activesupport (
|
11
|
+
activesupport (6.0.3.1)
|
12
12
|
concurrent-ruby (~> 1.0, >= 1.0.2)
|
13
|
-
i18n (
|
13
|
+
i18n (>= 0.7, < 2)
|
14
14
|
minitest (~> 5.1)
|
15
15
|
tzinfo (~> 1.1)
|
16
|
-
|
16
|
+
zeitwerk (~> 2.2, >= 2.2.2)
|
17
|
+
concurrent-ruby (1.1.6)
|
17
18
|
diff-lcs (1.3)
|
18
|
-
i18n (
|
19
|
+
i18n (1.8.2)
|
19
20
|
concurrent-ruby (~> 1.0)
|
20
|
-
jwt (2.1
|
21
|
-
minitest (5.
|
22
|
-
rake (
|
21
|
+
jwt (2.2.1)
|
22
|
+
minitest (5.14.1)
|
23
|
+
rake (13.0.1)
|
23
24
|
rspec (3.7.0)
|
24
25
|
rspec-core (~> 3.7.0)
|
25
26
|
rspec-expectations (~> 3.7.0)
|
@@ -34,8 +35,9 @@ GEM
|
|
34
35
|
rspec-support (~> 3.7.0)
|
35
36
|
rspec-support (3.7.0)
|
36
37
|
thread_safe (0.3.6)
|
37
|
-
tzinfo (1.2.
|
38
|
+
tzinfo (1.2.7)
|
38
39
|
thread_safe (~> 0.1)
|
40
|
+
zeitwerk (2.3.0)
|
39
41
|
|
40
42
|
PLATFORMS
|
41
43
|
ruby
|
@@ -43,8 +45,8 @@ PLATFORMS
|
|
43
45
|
DEPENDENCIES
|
44
46
|
bundler (~> 1.16)
|
45
47
|
matic-jwt!
|
46
|
-
rake (~>
|
48
|
+
rake (~> 13.0)
|
47
49
|
rspec (~> 3.0)
|
48
50
|
|
49
51
|
BUNDLED WITH
|
50
|
-
1.
|
52
|
+
1.17.3
|
data/README.md
CHANGED
@@ -1,8 +1,6 @@
|
|
1
1
|
# Matic::Jwt
|
2
2
|
|
3
|
-
|
4
|
-
|
5
|
-
TODO: Delete this and the text above, and describe your gem
|
3
|
+
Matic's implementation of JWT authentication.
|
6
4
|
|
7
5
|
## Installation
|
8
6
|
|
@@ -22,7 +20,39 @@ Or install it yourself as:
|
|
22
20
|
|
23
21
|
## Usage
|
24
22
|
|
25
|
-
|
23
|
+
### Plain Ruby
|
24
|
+
|
25
|
+
Use `MaticJWT::Generator` to create JWT tokens or headers:
|
26
|
+
```ruby
|
27
|
+
generator = MaticJWT::Generator.new
|
28
|
+
token = generator.token_for('my_client', 'my_super_secret', additional_payload: 'test')
|
29
|
+
header = generator.authentication_header_for('my_client', 'my_super_secret', user_id: 'test@localhost.com')
|
30
|
+
```
|
31
|
+
|
32
|
+
### With Grape
|
33
|
+
|
34
|
+
Use ```:jwt_auth``` strategy and provide secret.
|
35
|
+
```ruby
|
36
|
+
auth :jwt_auth, {
|
37
|
+
secret: -> (client_name) { ::ApiClient.find_by!(name: client_name).secret }
|
38
|
+
}
|
39
|
+
```
|
40
|
+
If you need to get any data from authentication payload use ::MaticJWT::Grape::Helper.
|
41
|
+
```ruby
|
42
|
+
module ApiHelper
|
43
|
+
include ::MaticJWT::Grape::Helper
|
44
|
+
|
45
|
+
def current_client
|
46
|
+
@current_client ||= ::ApiClient.find_by!(name: client_name)
|
47
|
+
end
|
48
|
+
|
49
|
+
private
|
50
|
+
|
51
|
+
def client_name
|
52
|
+
auth_payload['client_name']
|
53
|
+
end
|
54
|
+
end
|
55
|
+
```
|
26
56
|
|
27
57
|
## Development
|
28
58
|
|
@@ -13,18 +13,18 @@ module MaticJWT
|
|
13
13
|
JWT.decode(@token, secret, true, algorithm: ALGORITHM)
|
14
14
|
end
|
15
15
|
|
16
|
+
def payload
|
17
|
+
JWT.decode(@token, nil, false)
|
18
|
+
end
|
19
|
+
|
16
20
|
private
|
17
21
|
|
18
22
|
def extract_token(header)
|
19
|
-
token = header
|
23
|
+
token = header&.slice(@scheme.length + 1..-1)
|
20
24
|
validate_header_presence!(token)
|
21
25
|
token
|
22
26
|
end
|
23
27
|
|
24
|
-
def payload
|
25
|
-
JWT.decode(@token, nil, false)
|
26
|
-
end
|
27
|
-
|
28
28
|
def validate_header_presence!(token)
|
29
29
|
raise(JWT::DecodeError, 'Authorization token is incorrect') unless token&.present?
|
30
30
|
end
|
data/lib/matic-jwt/generator.rb
CHANGED
@@ -1,17 +1,18 @@
|
|
1
1
|
module MaticJWT
|
2
2
|
class Generator
|
3
|
-
def initialize(expiration: EXPIRATION)
|
3
|
+
def initialize(expiration: EXPIRATION, scheme: SCHEME)
|
4
4
|
@expiration = expiration
|
5
|
+
@scheme = scheme
|
5
6
|
end
|
6
7
|
|
7
|
-
def token_for(client_name, secret)
|
8
|
-
|
9
|
-
JWT.encode(
|
8
|
+
def token_for(client_name, secret, payload = {})
|
9
|
+
jwt_payload = payload.merge(client_name: client_name, exp: @expiration.since.to_i)
|
10
|
+
JWT.encode(jwt_payload, secret, ALGORITHM)
|
10
11
|
end
|
11
12
|
|
12
|
-
def authentication_header_for(client_name, secret,
|
13
|
-
token = token_for(client_name, secret)
|
14
|
-
"#{scheme} #{token}"
|
13
|
+
def authentication_header_for(client_name, secret, payload = {})
|
14
|
+
token = token_for(client_name, secret, payload)
|
15
|
+
"#{@scheme} #{token}"
|
15
16
|
end
|
16
17
|
end
|
17
18
|
end
|
@@ -0,0 +1,53 @@
|
|
1
|
+
module MaticJWT
|
2
|
+
module Grape
|
3
|
+
module Middleware
|
4
|
+
class Auth
|
5
|
+
def initialize(app, options)
|
6
|
+
@app = app
|
7
|
+
@secret_reader = options[:secret]
|
8
|
+
end
|
9
|
+
|
10
|
+
def call(env)
|
11
|
+
@env = env
|
12
|
+
|
13
|
+
validate_request
|
14
|
+
decode_payload
|
15
|
+
authenticate!
|
16
|
+
continue!
|
17
|
+
end
|
18
|
+
|
19
|
+
private
|
20
|
+
|
21
|
+
def validate_request
|
22
|
+
raise JWT::VerificationError, 'Authorization token is invalid' unless request.valid?
|
23
|
+
end
|
24
|
+
|
25
|
+
def decode_payload
|
26
|
+
@env['auth_payload'] = jwt_authenticator.payload&.first
|
27
|
+
end
|
28
|
+
|
29
|
+
def authenticate!
|
30
|
+
jwt_authenticator.authenticate_with_secret!(secret)
|
31
|
+
end
|
32
|
+
|
33
|
+
def continue!
|
34
|
+
@app.call(@env)
|
35
|
+
end
|
36
|
+
|
37
|
+
def jwt_authenticator
|
38
|
+
::MaticJWT::Authenticator.new(request.auth_token)
|
39
|
+
end
|
40
|
+
|
41
|
+
def secret
|
42
|
+
@secret_reader.call(jwt_authenticator.client_name)
|
43
|
+
end
|
44
|
+
|
45
|
+
def request
|
46
|
+
@request ||= ::MaticJWT::Grape::Middleware::Request.new(@env)
|
47
|
+
end
|
48
|
+
end
|
49
|
+
end
|
50
|
+
end
|
51
|
+
end
|
52
|
+
|
53
|
+
Grape::Middleware::Auth::Strategies.add(:jwt_auth, ::MaticJWT::Grape::Middleware::Auth, ->(options) { [options] })
|
@@ -0,0 +1,27 @@
|
|
1
|
+
module MaticJWT
|
2
|
+
module Grape
|
3
|
+
module Middleware
|
4
|
+
class Request
|
5
|
+
AUTHORIZATION_KEYS = %w[HTTP_AUTHORIZATION X-HTTP_AUTHORIZATION X_HTTP_AUTHORIZATION].freeze
|
6
|
+
|
7
|
+
def initialize(env)
|
8
|
+
@env = env
|
9
|
+
end
|
10
|
+
|
11
|
+
def valid?
|
12
|
+
!@env[auth_key].nil?
|
13
|
+
end
|
14
|
+
|
15
|
+
def auth_token
|
16
|
+
@env[auth_key]
|
17
|
+
end
|
18
|
+
|
19
|
+
private
|
20
|
+
|
21
|
+
def auth_key
|
22
|
+
@authorization_key ||= AUTHORIZATION_KEYS.detect { |key| @env.key?(key) }
|
23
|
+
end
|
24
|
+
end
|
25
|
+
end
|
26
|
+
end
|
27
|
+
end
|
data/lib/matic-jwt/version.rb
CHANGED
data/lib/matic-jwt.rb
CHANGED
@@ -5,6 +5,12 @@ require 'matic-jwt/authenticator'
|
|
5
5
|
require 'matic-jwt/generator'
|
6
6
|
require 'matic-jwt/version'
|
7
7
|
|
8
|
+
if Gem.loaded_specs.has_key?('grape')
|
9
|
+
require 'matic-jwt/grape/helper'
|
10
|
+
require 'matic-jwt/grape/middleware/request'
|
11
|
+
require 'matic-jwt/grape/middleware/auth'
|
12
|
+
end
|
13
|
+
|
8
14
|
module MaticJWT
|
9
15
|
ALGORITHM = 'HS256'.freeze
|
10
16
|
EXPIRATION = 1.minute
|
data/matic-jwt.gemspec
CHANGED
@@ -32,6 +32,6 @@ Gem::Specification.new do |spec|
|
|
32
32
|
spec.add_dependency 'activesupport'
|
33
33
|
|
34
34
|
spec.add_development_dependency 'bundler', '~> 1.16'
|
35
|
-
spec.add_development_dependency 'rake', '~>
|
35
|
+
spec.add_development_dependency 'rake', '~> 13.0'
|
36
36
|
spec.add_development_dependency 'rspec', '~> 3.0'
|
37
37
|
end
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: matic-jwt
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.
|
4
|
+
version: 1.2.1
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Yurii Danyliak
|
8
8
|
autorequire:
|
9
9
|
bindir: exe
|
10
10
|
cert_chain: []
|
11
|
-
date:
|
11
|
+
date: 2021-09-29 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: jwt
|
@@ -58,14 +58,14 @@ dependencies:
|
|
58
58
|
requirements:
|
59
59
|
- - "~>"
|
60
60
|
- !ruby/object:Gem::Version
|
61
|
-
version: '
|
61
|
+
version: '13.0'
|
62
62
|
type: :development
|
63
63
|
prerelease: false
|
64
64
|
version_requirements: !ruby/object:Gem::Requirement
|
65
65
|
requirements:
|
66
66
|
- - "~>"
|
67
67
|
- !ruby/object:Gem::Version
|
68
|
-
version: '
|
68
|
+
version: '13.0'
|
69
69
|
- !ruby/object:Gem::Dependency
|
70
70
|
name: rspec
|
71
71
|
requirement: !ruby/object:Gem::Requirement
|
@@ -88,8 +88,8 @@ executables: []
|
|
88
88
|
extensions: []
|
89
89
|
extra_rdoc_files: []
|
90
90
|
files:
|
91
|
+
- ".github/workflows/main.yml"
|
91
92
|
- ".gitignore"
|
92
|
-
- ".travis.yml"
|
93
93
|
- Gemfile
|
94
94
|
- Gemfile.lock
|
95
95
|
- LICENSE
|
@@ -100,6 +100,9 @@ files:
|
|
100
100
|
- lib/matic-jwt.rb
|
101
101
|
- lib/matic-jwt/authenticator.rb
|
102
102
|
- lib/matic-jwt/generator.rb
|
103
|
+
- lib/matic-jwt/grape/helper.rb
|
104
|
+
- lib/matic-jwt/grape/middleware/auth.rb
|
105
|
+
- lib/matic-jwt/grape/middleware/request.rb
|
103
106
|
- lib/matic-jwt/version.rb
|
104
107
|
- matic-jwt.gemspec
|
105
108
|
homepage: https://github.com/matic-insurance/matic-jwt-wrapper
|
@@ -121,8 +124,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
121
124
|
- !ruby/object:Gem::Version
|
122
125
|
version: '0'
|
123
126
|
requirements: []
|
124
|
-
|
125
|
-
rubygems_version: 2.5.2
|
127
|
+
rubygems_version: 3.0.3.1
|
126
128
|
signing_key:
|
127
129
|
specification_version: 4
|
128
130
|
summary: Matic's JWT implementation
|