matic-jwt 1.0.1 → 1.1.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +5 -5
- data/.github/workflows/main.yml +68 -0
- data/Gemfile.lock +9 -9
- data/README.md +25 -4
- data/lib/matic-jwt.rb +6 -0
- data/lib/matic-jwt/authenticator.rb +4 -4
- data/lib/matic-jwt/grape/helper.rb +9 -0
- data/lib/matic-jwt/grape/middleware/auth.rb +53 -0
- data/lib/matic-jwt/grape/middleware/request.rb +27 -0
- data/lib/matic-jwt/version.rb +1 -1
- metadata +7 -5
- data/.travis.yml +0 -5
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
|
-
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
2
|
+
SHA256:
|
3
|
+
metadata.gz: 820d5ea52ea13265f15f8edae701cbec3a838798dbba576c4275d0330beaf4c1
|
4
|
+
data.tar.gz: 795cfc00feafc232d476237f236ea3e27667139a2174b667b946d2b37d610ce8
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 3e00adc27b5821276bf43776e172b81fa994055ddeba1f2e1125ef79f484dbfbabfbf892de83b93f1cd35a6df44dacef312a1244afea1c26b8ed3d6fcd2850c5
|
7
|
+
data.tar.gz: 3ba9b91334a883353f1ea82e5d8e2d7b505a95d16aa0630d418703922ae8d7812d2593cda326f28cfd44cebd1077596ee8e60e3f31446af496164a7c6b0af955
|
@@ -0,0 +1,68 @@
|
|
1
|
+
name: ci
|
2
|
+
on:
|
3
|
+
push:
|
4
|
+
branches:
|
5
|
+
- master
|
6
|
+
pull_request:
|
7
|
+
branches:
|
8
|
+
- master
|
9
|
+
release:
|
10
|
+
types: [published]
|
11
|
+
|
12
|
+
jobs:
|
13
|
+
build:
|
14
|
+
runs-on: ubuntu-latest
|
15
|
+
strategy:
|
16
|
+
matrix:
|
17
|
+
ruby: [ '2.5.x', '2.6.x' ]
|
18
|
+
steps:
|
19
|
+
- name: Checkout
|
20
|
+
uses: actions/checkout@v1
|
21
|
+
- name: Cache dependencies
|
22
|
+
uses: actions/cache@v1
|
23
|
+
with:
|
24
|
+
path: vendor/bundle
|
25
|
+
key: ${{ runner.OS }}-ruby-${{ matrix.ruby }}
|
26
|
+
restore-keys: ${{ runner.OS }}-
|
27
|
+
|
28
|
+
- name: Set up Ruby
|
29
|
+
uses: actions/setup-ruby@v1
|
30
|
+
with:
|
31
|
+
ruby-version: ${{ matrix.ruby }}
|
32
|
+
- name: Set up Bundler
|
33
|
+
run: gem install bundler:1.14.5
|
34
|
+
- name: Set up Dependencies
|
35
|
+
run: bundle install --path vendor/bundle
|
36
|
+
- name: Run specs
|
37
|
+
run: bundle exec rspec
|
38
|
+
|
39
|
+
release:
|
40
|
+
runs-on: ubuntu-latest
|
41
|
+
needs: build
|
42
|
+
if: github.event_name == 'release' && github.event.action == 'published'
|
43
|
+
steps:
|
44
|
+
- name: Checkout
|
45
|
+
uses: actions/checkout@v1
|
46
|
+
|
47
|
+
- name: Set up Ruby
|
48
|
+
uses: actions/setup-ruby@v1
|
49
|
+
with:
|
50
|
+
ruby-version: 2.6.x
|
51
|
+
- name: Set up Bundler
|
52
|
+
run: gem install bundler:1.17.3
|
53
|
+
- name: Set up credentials
|
54
|
+
run: |
|
55
|
+
mkdir -p $HOME/.gem
|
56
|
+
touch $HOME/.gem/credentials
|
57
|
+
chmod 0600 $HOME/.gem/credentials
|
58
|
+
printf -- "---\n:rubygems_api_key: ${{secrets.RUBYGEMS_AUTH_TOKEN}}\n" > $HOME/.gem/credentials
|
59
|
+
|
60
|
+
- name: Get version
|
61
|
+
run: echo "${GITHUB_REF/refs\/tags\//}" > release.tag
|
62
|
+
- name: Set version
|
63
|
+
run: sed -i "s/0.0.0/$(<release.tag)/g" */**/version.rb
|
64
|
+
|
65
|
+
- name: Build gem
|
66
|
+
run: gem build *.gemspec
|
67
|
+
- name: Push gem
|
68
|
+
run: gem push *.gem
|
data/Gemfile.lock
CHANGED
@@ -1,24 +1,24 @@
|
|
1
1
|
PATH
|
2
2
|
remote: .
|
3
3
|
specs:
|
4
|
-
matic-jwt (
|
4
|
+
matic-jwt (0.0.0)
|
5
5
|
activesupport
|
6
6
|
jwt
|
7
7
|
|
8
8
|
GEM
|
9
9
|
remote: https://rubygems.org/
|
10
10
|
specs:
|
11
|
-
activesupport (5.
|
11
|
+
activesupport (5.2.4.1)
|
12
12
|
concurrent-ruby (~> 1.0, >= 1.0.2)
|
13
|
-
i18n (
|
13
|
+
i18n (>= 0.7, < 2)
|
14
14
|
minitest (~> 5.1)
|
15
15
|
tzinfo (~> 1.1)
|
16
|
-
concurrent-ruby (1.
|
16
|
+
concurrent-ruby (1.1.5)
|
17
17
|
diff-lcs (1.3)
|
18
|
-
i18n (
|
18
|
+
i18n (1.8.2)
|
19
19
|
concurrent-ruby (~> 1.0)
|
20
|
-
jwt (2.1
|
21
|
-
minitest (5.
|
20
|
+
jwt (2.2.1)
|
21
|
+
minitest (5.14.0)
|
22
22
|
rake (10.5.0)
|
23
23
|
rspec (3.7.0)
|
24
24
|
rspec-core (~> 3.7.0)
|
@@ -34,7 +34,7 @@ GEM
|
|
34
34
|
rspec-support (~> 3.7.0)
|
35
35
|
rspec-support (3.7.0)
|
36
36
|
thread_safe (0.3.6)
|
37
|
-
tzinfo (1.2.
|
37
|
+
tzinfo (1.2.6)
|
38
38
|
thread_safe (~> 0.1)
|
39
39
|
|
40
40
|
PLATFORMS
|
@@ -47,4 +47,4 @@ DEPENDENCIES
|
|
47
47
|
rspec (~> 3.0)
|
48
48
|
|
49
49
|
BUNDLED WITH
|
50
|
-
1.
|
50
|
+
1.17.3
|
data/README.md
CHANGED
@@ -1,8 +1,6 @@
|
|
1
1
|
# Matic::Jwt
|
2
2
|
|
3
|
-
|
4
|
-
|
5
|
-
TODO: Delete this and the text above, and describe your gem
|
3
|
+
Matic's implementation of JWT authentication.
|
6
4
|
|
7
5
|
## Installation
|
8
6
|
|
@@ -22,7 +20,30 @@ Or install it yourself as:
|
|
22
20
|
|
23
21
|
## Usage
|
24
22
|
|
25
|
-
|
23
|
+
####With Grape
|
24
|
+
|
25
|
+
Use ```:jwt_auth``` strategy and provide secret.
|
26
|
+
```ruby
|
27
|
+
auth :jwt_auth, {
|
28
|
+
secret: -> (client_name) { ::ApiClient.find_by!(name: client_name).secret }
|
29
|
+
}
|
30
|
+
```
|
31
|
+
If you need to get any data from authentication payload use ::MaticJWT::Grape::Helper.
|
32
|
+
```ruby
|
33
|
+
module ApiHelper
|
34
|
+
include ::MaticJWT::Grape::Helper
|
35
|
+
|
36
|
+
def current_client
|
37
|
+
@current_client ||= ::ApiClient.find_by!(name: client_name)
|
38
|
+
end
|
39
|
+
|
40
|
+
private
|
41
|
+
|
42
|
+
def client_name
|
43
|
+
auth_payload['client_name']
|
44
|
+
end
|
45
|
+
end
|
46
|
+
```
|
26
47
|
|
27
48
|
## Development
|
28
49
|
|
data/lib/matic-jwt.rb
CHANGED
@@ -5,6 +5,12 @@ require 'matic-jwt/authenticator'
|
|
5
5
|
require 'matic-jwt/generator'
|
6
6
|
require 'matic-jwt/version'
|
7
7
|
|
8
|
+
if Gem::Specification.find_all_by_name('grape').present?
|
9
|
+
require 'matic-jwt/grape/helper'
|
10
|
+
require 'matic-jwt/grape/middleware/request'
|
11
|
+
require 'matic-jwt/grape/middleware/auth'
|
12
|
+
end
|
13
|
+
|
8
14
|
module MaticJWT
|
9
15
|
ALGORITHM = 'HS256'.freeze
|
10
16
|
EXPIRATION = 1.minute
|
@@ -13,6 +13,10 @@ module MaticJWT
|
|
13
13
|
JWT.decode(@token, secret, true, algorithm: ALGORITHM)
|
14
14
|
end
|
15
15
|
|
16
|
+
def payload
|
17
|
+
JWT.decode(@token, nil, false)
|
18
|
+
end
|
19
|
+
|
16
20
|
private
|
17
21
|
|
18
22
|
def extract_token(header)
|
@@ -21,10 +25,6 @@ module MaticJWT
|
|
21
25
|
token
|
22
26
|
end
|
23
27
|
|
24
|
-
def payload
|
25
|
-
JWT.decode(@token, nil, false)
|
26
|
-
end
|
27
|
-
|
28
28
|
def validate_header_presence!(token)
|
29
29
|
raise(JWT::DecodeError, 'Authorization token is incorrect') unless token&.present?
|
30
30
|
end
|
@@ -0,0 +1,53 @@
|
|
1
|
+
module MaticJWT
|
2
|
+
module Grape
|
3
|
+
module Middleware
|
4
|
+
class Auth
|
5
|
+
def initialize(app, options)
|
6
|
+
@app = app
|
7
|
+
@secret_reader = options[:secret]
|
8
|
+
end
|
9
|
+
|
10
|
+
def call(env)
|
11
|
+
@env = env
|
12
|
+
|
13
|
+
validate_request
|
14
|
+
decode_payload
|
15
|
+
authenticate!
|
16
|
+
continue!
|
17
|
+
end
|
18
|
+
|
19
|
+
private
|
20
|
+
|
21
|
+
def validate_request
|
22
|
+
raise JWT::VerificationError, 'Authorization token is invalid' unless request.valid?
|
23
|
+
end
|
24
|
+
|
25
|
+
def decode_payload
|
26
|
+
@env['auth_payload'] = jwt_authenticator.payload&.first
|
27
|
+
end
|
28
|
+
|
29
|
+
def authenticate!
|
30
|
+
jwt_authenticator.authenticate_with_secret!(secret)
|
31
|
+
end
|
32
|
+
|
33
|
+
def continue!
|
34
|
+
@app.call(@env)
|
35
|
+
end
|
36
|
+
|
37
|
+
def jwt_authenticator
|
38
|
+
::MaticJWT::Authenticator.new(request.auth_token)
|
39
|
+
end
|
40
|
+
|
41
|
+
def secret
|
42
|
+
@secret_reader.call(jwt_authenticator.client_name)
|
43
|
+
end
|
44
|
+
|
45
|
+
def request
|
46
|
+
@request ||= ::MaticJWT::Grape::Middleware::Request.new(@env)
|
47
|
+
end
|
48
|
+
end
|
49
|
+
end
|
50
|
+
end
|
51
|
+
end
|
52
|
+
|
53
|
+
Grape::Middleware::Auth::Strategies.add(:jwt_auth, ::MaticJWT::Grape::Middleware::Auth, ->(options) { [options] })
|
@@ -0,0 +1,27 @@
|
|
1
|
+
module MaticJWT
|
2
|
+
module Grape
|
3
|
+
module Middleware
|
4
|
+
class Request
|
5
|
+
AUTHORIZATION_KEYS = %w[HTTP_AUTHORIZATION X-HTTP_AUTHORIZATION X_HTTP_AUTHORIZATION].freeze
|
6
|
+
|
7
|
+
def initialize(env)
|
8
|
+
@env = env
|
9
|
+
end
|
10
|
+
|
11
|
+
def valid?
|
12
|
+
!@env[auth_key].nil?
|
13
|
+
end
|
14
|
+
|
15
|
+
def auth_token
|
16
|
+
@env[auth_key]
|
17
|
+
end
|
18
|
+
|
19
|
+
private
|
20
|
+
|
21
|
+
def auth_key
|
22
|
+
@authorization_key ||= AUTHORIZATION_KEYS.detect { |key| @env.key?(key) }
|
23
|
+
end
|
24
|
+
end
|
25
|
+
end
|
26
|
+
end
|
27
|
+
end
|
data/lib/matic-jwt/version.rb
CHANGED
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: matic-jwt
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.0
|
4
|
+
version: 1.1.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Yurii Danyliak
|
8
8
|
autorequire:
|
9
9
|
bindir: exe
|
10
10
|
cert_chain: []
|
11
|
-
date:
|
11
|
+
date: 2020-02-03 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: jwt
|
@@ -88,8 +88,8 @@ executables: []
|
|
88
88
|
extensions: []
|
89
89
|
extra_rdoc_files: []
|
90
90
|
files:
|
91
|
+
- ".github/workflows/main.yml"
|
91
92
|
- ".gitignore"
|
92
|
-
- ".travis.yml"
|
93
93
|
- Gemfile
|
94
94
|
- Gemfile.lock
|
95
95
|
- LICENSE
|
@@ -100,6 +100,9 @@ files:
|
|
100
100
|
- lib/matic-jwt.rb
|
101
101
|
- lib/matic-jwt/authenticator.rb
|
102
102
|
- lib/matic-jwt/generator.rb
|
103
|
+
- lib/matic-jwt/grape/helper.rb
|
104
|
+
- lib/matic-jwt/grape/middleware/auth.rb
|
105
|
+
- lib/matic-jwt/grape/middleware/request.rb
|
103
106
|
- lib/matic-jwt/version.rb
|
104
107
|
- matic-jwt.gemspec
|
105
108
|
homepage: https://github.com/matic-insurance/matic-jwt-wrapper
|
@@ -121,8 +124,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
121
124
|
- !ruby/object:Gem::Version
|
122
125
|
version: '0'
|
123
126
|
requirements: []
|
124
|
-
|
125
|
-
rubygems_version: 2.5.2
|
127
|
+
rubygems_version: 3.0.3
|
126
128
|
signing_key:
|
127
129
|
specification_version: 4
|
128
130
|
summary: Matic's JWT implementation
|