matic-jwt 1.2.1 → 1.3.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 313363fcb79e523d8413f90f26cb68ef2d367fcd17064a922e2ae0c85fa7e341
-  data.tar.gz: 7fe456dc05a4dc4a0ec96775bcd4d0e16b93cb9aa2b0901d576976d6e94ff7ff
+  metadata.gz: bef43d5997312616f50b0e39f656703075265c86ac1164281a50546bec94b5eb
+  data.tar.gz: 6c08125febdd3c3dbc95af1c5e27fb61fa53bfca60074103341121ee3d7a2754
 SHA512:
-  metadata.gz: 04e19566ecaa807ee638e0440ee563dcc8650b51ca08c95e8eba9290d09c321f73bfb2a2b9c1efa405f1241bdd32b3be6b7f2f7ecaa0d4a3a410f471995fda8e
-  data.tar.gz: f8a7986ded92f383d5f196d5871afeae9aaa41f53e622d37a2817b2992c8ae8cd5267f707899cb73698f86e18709e07e30211fe37873e058a6c2396b6fa26616
+  metadata.gz: 63b515139bb3f8833ecd58b6362af50d94f391e9c534946309e92c894ed4173fedf6d6b647cccd40b79f341b9cd9dc9002cc3992658cb2c6001c2ea991777d73
+  data.tar.gz: f383d8a8238c747a33350ab00968213620e022510c5c56a4ef719e6a141688fcbf068e2e739dfb40c7ab86ecd50290041b6d41c84d28f765c69c9c8339fd78a0

data/.github/workflows/check.yml

@@ -0,0 +1,30 @@
+name: Check
+on:
+  push:
+    branches: [ "master" ]
+  pull_request:
+    branches: [ "master" ]
+
+jobs:
+  check:
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        ruby: [ '3.1', '3.4' ]
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      - name: Set up Ruby
+        uses: ruby/setup-ruby@v1
+        with:
+          ruby-version: ${{ matrix.ruby }}
+          bundler-cache: true
+
+      - name: Run Rubocop
+        run: bundle exec rubocop
+
+      - name: Run specs
+        env:
+          COVERAGE: true
+        run: bundle exec rspec

data/.github/workflows/release.yml

@@ -0,0 +1,35 @@
+name: Release to RubyGems
+on:
+  release:
+    types: [published]
+
+jobs:
+  release:
+    runs-on: ubuntu-latest
+    permissions:
+      id-token: write
+      contents: read
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+      - name: Set up Ruby
+        uses: ruby/setup-ruby@v1
+        with:
+          ruby-version: 3.1
+          bundler-cache: true
+      - name: Set version from release tag
+        run: |
+          VERSION="${{ github.event.release.tag_name }}"
+          if [[ ! $VERSION =~ ^[0-9]+\.[0-9]+\.[0-9]+$ ]]; then
+            echo "❌ ERROR: Version '$VERSION' is not in valid x.y.z format"
+            echo "Expected format: 1.2.3 (three numbers separated by dots)"
+            exit 1
+          fi
+          echo "Setting version to: $VERSION"
+          find . -name "version.rb" -exec sed -i "s|VERSION = ['\"][^'\"]*['\"]|VERSION = \"$VERSION\"|g" {} \;
+      - name: Configure RubyGems Credentials
+        uses: rubygems/configure-rubygems-credentials@main
+      - name: Build Gem
+        run: gem build *.gemspec
+      - name: Push gem
+        run: gem push *.gem

data/.rubocop.yml

@@ -0,0 +1,13 @@
+AllCops:
+  NewCops: enable
+
+Style/Documentation:
+  Enabled: false
+
+Metrics/BlockLength:
+  Exclude:
+    - 'spec/**/*_spec.rb'
+
+Naming/FileName:
+  Exclude:
+    - lib/matic-jwt.rb

data/Gemfile

@@ -1,6 +1,19 @@
+# frozen_string_literal: true
+
 source 'https://rubygems.org'
 
-git_source(:github) {|repo_name| "https://github.com/#{repo_name}" }
+git_source(:github) { |repo_name| "https://github.com/#{repo_name}" }
 
-# Specify your gem's dependencies in matic-jwt.gemspec
 gemspec
+
+group :development, :test do
+  gem 'bundler'
+  gem 'rake'
+  gem 'rspec'
+end
+
+group :test do
+  gem 'rubocop'
+  gem 'rubocop-performance', require: false
+  gem 'rubocop-rspec', require: false
+end

data/Gemfile.lock

@@ -8,45 +8,100 @@ PATH
 GEM
   remote: https://rubygems.org/
   specs:
-    activesupport (6.0.3.1)
+    activesupport (7.1.5.1)
+      base64
+      benchmark (>= 0.3)
+      bigdecimal
       concurrent-ruby (~> 1.0, >= 1.0.2)
-      i18n (>= 0.7, < 2)
-      minitest (~> 5.1)
-      tzinfo (~> 1.1)
-      zeitwerk (~> 2.2, >= 2.2.2)
-    concurrent-ruby (1.1.6)
-    diff-lcs (1.3)
-    i18n (1.8.2)
+      connection_pool (>= 2.2.5)
+      drb
+      i18n (>= 1.6, < 2)
+      logger (>= 1.4.2)
+      minitest (>= 5.1)
+      mutex_m
+      securerandom (>= 0.3)
+      tzinfo (~> 2.0)
+    ast (2.4.3)
+    base64 (0.3.0)
+    benchmark (0.4.1)
+    bigdecimal (3.2.0)
+    concurrent-ruby (1.3.5)
+    connection_pool (2.5.3)
+    diff-lcs (1.6.2)
+    drb (2.2.3)
+    i18n (1.14.7)
       concurrent-ruby (~> 1.0)
+    json (2.13.2)
     jwt (2.2.1)
-    minitest (5.14.1)
-    rake (13.0.1)
-    rspec (3.7.0)
-      rspec-core (~> 3.7.0)
-      rspec-expectations (~> 3.7.0)
-      rspec-mocks (~> 3.7.0)
-    rspec-core (3.7.0)
-      rspec-support (~> 3.7.0)
-    rspec-expectations (3.7.0)
+    language_server-protocol (3.17.0.5)
+    lint_roller (1.1.0)
+    logger (1.7.0)
+    minitest (5.25.5)
+    mutex_m (0.3.0)
+    parallel (1.27.0)
+    parser (3.3.9.0)
+      ast (~> 2.4.1)
+      racc
+    prism (1.4.0)
+    racc (1.8.1)
+    rainbow (3.1.1)
+    rake (13.3.0)
+    regexp_parser (2.10.0)
+    rspec (3.13.1)
+      rspec-core (~> 3.13.0)
+      rspec-expectations (~> 3.13.0)
+      rspec-mocks (~> 3.13.0)
+    rspec-core (3.13.5)
+      rspec-support (~> 3.13.0)
+    rspec-expectations (3.13.5)
       diff-lcs (>= 1.2.0, < 2.0)
-      rspec-support (~> 3.7.0)
-    rspec-mocks (3.7.0)
+      rspec-support (~> 3.13.0)
+    rspec-mocks (3.13.5)
       diff-lcs (>= 1.2.0, < 2.0)
-      rspec-support (~> 3.7.0)
-    rspec-support (3.7.0)
-    thread_safe (0.3.6)
-    tzinfo (1.2.7)
-      thread_safe (~> 0.1)
-    zeitwerk (2.3.0)
+      rspec-support (~> 3.13.0)
+    rspec-support (3.13.4)
+    rubocop (1.79.0)
+      json (~> 2.3)
+      language_server-protocol (~> 3.17.0.2)
+      lint_roller (~> 1.1.0)
+      parallel (~> 1.10)
+      parser (>= 3.3.0.2)
+      rainbow (>= 2.2.2, < 4.0)
+      regexp_parser (>= 2.9.3, < 3.0)
+      rubocop-ast (>= 1.46.0, < 2.0)
+      ruby-progressbar (~> 1.7)
+      tsort (>= 0.2.0)
+      unicode-display_width (>= 2.4.0, < 4.0)
+    rubocop-ast (1.46.0)
+      parser (>= 3.3.7.2)
+      prism (~> 1.4)
+    rubocop-performance (1.25.0)
+      lint_roller (~> 1.1)
+      rubocop (>= 1.75.0, < 2.0)
+      rubocop-ast (>= 1.38.0, < 2.0)
+    rubocop-rspec (3.6.0)
+      lint_roller (~> 1.1)
+      rubocop (~> 1.72, >= 1.72.1)
+    ruby-progressbar (1.13.0)
+    securerandom (0.4.1)
+    tsort (0.2.0)
+    tzinfo (2.0.6)
+      concurrent-ruby (~> 1.0)
+    unicode-display_width (3.1.4)
+      unicode-emoji (~> 4.0, >= 4.0.4)
+    unicode-emoji (4.0.4)
 
 PLATFORMS
   ruby
 
 DEPENDENCIES
-  bundler (~> 1.16)
+  bundler
   matic-jwt!
-  rake (~> 13.0)
-  rspec (~> 3.0)
+  rake
+  rspec
+  rubocop
+  rubocop-performance
+  rubocop-rspec
 
 BUNDLED WITH
-   1.17.3
+   2.5.4

data/README.md

@@ -27,31 +27,39 @@ Use `MaticJWT::Generator` to create JWT tokens or headers:
 generator = MaticJWT::Generator.new
 token = generator.token_for('my_client', 'my_super_secret', additional_payload: 'test')
 header = generator.authentication_header_for('my_client', 'my_super_secret', user_id: 'test@localhost.com')
-```  
+```
 
 ### With Grape
+Register `jwt_auth` strategy
+```ruby
+  Grape::Middleware::Auth::Strategies.add(
+    :jwt_auth,
+    MaticJWT::Grape::Middleware::Auth,
+    ->(options) { [options] }
+  )
+```
 
-Use ```:jwt_auth``` strategy and provide secret.
+Use ```:jwt_auth``` strategy and define lambda to obtain secret for by client name.
 ```ruby
-   auth :jwt_auth, {
-      secret: -> (client_name) { ::ApiClient.find_by!(name: client_name).secret }
-   }
+   auth :jwt_auth,
+        secret: -> (client_name) { ::ApiClient.find_by!(name: client_name).secret }
 ```
+
 If you need to get any data from authentication payload use ::MaticJWT::Grape::Helper.
 ```ruby
     module ApiHelper
        include ::MaticJWT::Grape::Helper
-        
+
         def current_client
           @current_client ||= ::ApiClient.find_by!(name: client_name)
         end
-    
+
         private
-    
+
         def client_name
           auth_payload['client_name']
         end
-    end 
+    end
 ```
 
 ## Development

data/Rakefile

@@ -1,2 +1,4 @@
+# frozen_string_literal: true
+
 require 'bundler/gem_tasks'
-task :default => :spec
+task default: :spec

data/bin/console

@@ -1,7 +1,8 @@
 #!/usr/bin/env ruby
+# frozen_string_literal: true
 
-require "bundler/setup"
-require "matic/jwt"
+require 'bundler/setup'
+require 'matic/jwt'
 
 # You can add fixtures and/or initialization code here to make experimenting
 # with your gem easier. You can also use a different console, if you like.
@@ -10,5 +11,5 @@ require "matic/jwt"
 # require "pry"
 # Pry.start
 
-require "irb"
+require 'irb'
 IRB.start(__FILE__)

data/lib/matic-jwt/authenticator.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 module MaticJWT
   class Authenticator
     def initialize(header, scheme: SCHEME)
@@ -20,7 +22,7 @@ module MaticJWT
     private
 
     def extract_token(header)
-      token = header&.slice(@scheme.length + 1..-1)
+      token = header&.slice((@scheme.length + 1)..-1)
       validate_header_presence!(token)
       token
     end

data/lib/matic-jwt/generator.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 module MaticJWT
   class Generator
     def initialize(expiration: EXPIRATION, scheme: SCHEME)

data/lib/matic-jwt/grape/helper.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 module MaticJWT
   module Grape
     module Helper

data/lib/matic-jwt/grape/middleware/auth.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 module MaticJWT
   module Grape
     module Middleware
@@ -50,4 +52,4 @@ module MaticJWT
   end
 end
 
-Grape::Middleware::Auth::Strategies.add(:jwt_auth, ::MaticJWT::Grape::Middleware::Auth, ->(options) { [options] })
+Grape::Middleware::Auth::Strategies.add(:jwt_auth, MaticJWT::Grape::Middleware::Auth, ->(options) { [options] })

data/lib/matic-jwt/grape/middleware/request.rb

@@ -1,8 +1,15 @@
+# frozen_string_literal: true
+
 module MaticJWT
   module Grape
     module Middleware
       class Request
-        AUTHORIZATION_KEYS = %w[HTTP_AUTHORIZATION X-HTTP_AUTHORIZATION X_HTTP_AUTHORIZATION].freeze
+        AUTHORIZATION_KEYS = %w[
+          Authorization
+          HTTP_AUTHORIZATION
+          X-HTTP_AUTHORIZATION
+          X_HTTP_AUTHORIZATION
+        ].freeze
 
         def initialize(env)
           @env = env
@@ -19,7 +26,7 @@ module MaticJWT
         private
 
         def auth_key
-          @authorization_key ||= AUTHORIZATION_KEYS.detect { |key| @env.key?(key) }
+          @auth_key ||= AUTHORIZATION_KEYS.detect { |key| @env.key?(key) }
         end
       end
     end

data/lib/matic-jwt/version.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 module MaticJWT
-  VERSION = '1.2.1'.freeze
+  VERSION = "1.3.1"
 end

data/lib/matic-jwt.rb

@@ -1,18 +1,21 @@
-require 'active_support/time'
+# frozen_string_literal: true
+
+require 'active_support'
+require 'active_support/core_ext'
 require 'jwt'
 
 require 'matic-jwt/authenticator'
 require 'matic-jwt/generator'
 require 'matic-jwt/version'
 
-if Gem.loaded_specs.has_key?('grape')
+if Gem.loaded_specs.key?('grape')
   require 'matic-jwt/grape/helper'
   require 'matic-jwt/grape/middleware/request'
   require 'matic-jwt/grape/middleware/auth'
 end
 
 module MaticJWT
-  ALGORITHM = 'HS256'.freeze
+  ALGORITHM = 'HS256'
   EXPIRATION = 1.minute
-  SCHEME = 'Bearer'.freeze
+  SCHEME = 'Bearer'
 end

data/matic-jwt.gemspec

@@ -1,5 +1,6 @@
+# frozen_string_literal: true
 
-lib = File.expand_path('../lib', __FILE__)
+lib = File.expand_path('lib', __dir__)
 $LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
 require 'matic-jwt/version'
 
@@ -10,28 +11,25 @@ Gem::Specification.new do |spec|
   spec.email         = ['ydanyliak@getmatic.com']
 
   spec.summary       = "Matic's JWT implementation"
-  spec.description   = 'This gem contains specific implementation of JWT authentication to be used inside of Matic products.'
+  spec.description   = 'This gem contains specific implementation of JWT authentication ' \
+                       'to be used inside of Matic products.'
   spec.homepage      = 'https://github.com/matic-insurance/matic-jwt-wrapper'
 
   # Prevent pushing this gem to RubyGems.org. To allow pushes either set the 'allowed_push_host'
   # to allow pushing to a single host or delete this section to allow pushing to any host.
-  if spec.respond_to?(:metadata)
-    spec.metadata['allowed_push_host'] = 'https://rubygems.org'
-  else
-    raise 'RubyGems 2.0 or newer is required to protect against public gem pushes.'
-  end
+  raise 'RubyGems 2.0 or newer is required to protect against public gem pushes.' unless spec.respond_to?(:metadata)
+
+  spec.metadata['allowed_push_host'] = 'https://rubygems.org'
+  spec.metadata['rubygems_mfa_required'] = 'true'
 
-  spec.files         = `git ls-files -z`.split("\x0").reject do |f|
+  spec.files = `git ls-files -z`.split("\x0").reject do |f|
     f.match(%r{^(test|spec|features)/})
   end
   spec.bindir        = 'exe'
   spec.executables   = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
   spec.require_paths = ['lib']
+  spec.required_ruby_version = '>= 3.0'
 
-  spec.add_dependency 'jwt'
   spec.add_dependency 'activesupport'
-
-  spec.add_development_dependency 'bundler', '~> 1.16'
-  spec.add_development_dependency 'rake', '~> 13.0'
-  spec.add_development_dependency 'rspec', '~> 3.0'
+  spec.add_dependency 'jwt'
 end

metadata

@@ -1,17 +1,17 @@
 --- !ruby/object:Gem::Specification
 name: matic-jwt
 version: !ruby/object:Gem::Version
-  version: 1.2.1
+  version: 1.3.1
 platform: ruby
 authors:
 - Yurii Danyliak
-autorequire: 
+autorequire:
 bindir: exe
 cert_chain: []
-date: 2021-09-29 00:00:00.000000000 Z
+date: 2025-07-30 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
-  name: jwt
+  name: activesupport
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
@@ -25,7 +25,7 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
-  name: activesupport
+  name: jwt
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
@@ -38,48 +38,6 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: '0'
-- !ruby/object:Gem::Dependency
-  name: bundler
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '1.16'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '1.16'
-- !ruby/object:Gem::Dependency
-  name: rake
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '13.0'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '13.0'
-- !ruby/object:Gem::Dependency
-  name: rspec
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '3.0'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '3.0'
 description: This gem contains specific implementation of JWT authentication to be
   used inside of Matic products.
 email:
@@ -88,8 +46,10 @@ executables: []
 extensions: []
 extra_rdoc_files: []
 files:
-- ".github/workflows/main.yml"
+- ".github/workflows/check.yml"
+- ".github/workflows/release.yml"
 - ".gitignore"
+- ".rubocop.yml"
 - Gemfile
 - Gemfile.lock
 - LICENSE
@@ -109,7 +69,8 @@ homepage: https://github.com/matic-insurance/matic-jwt-wrapper
 licenses: []
 metadata:
   allowed_push_host: https://rubygems.org
-post_install_message: 
+  rubygems_mfa_required: 'true'
+post_install_message:
 rdoc_options: []
 require_paths:
 - lib
@@ -117,15 +78,15 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: '0'
+      version: '3.0'
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.0.3.1
-signing_key: 
+rubygems_version: 3.3.27
+signing_key:
 specification_version: 4
 summary: Matic's JWT implementation
 test_files: []

data/.github/workflows/main.yml

@@ -1,68 +0,0 @@
-name: ci
-on:
-  push:
-    branches:
-      - master
-  pull_request:
-    branches:
-      - master
-  release:
-    types: [published]
-
-jobs:
-  build:
-    runs-on: ubuntu-latest
-    strategy:
-      matrix:
-        ruby: [ '2.5.x', '2.6.x' ]
-    steps:
-      - name: Checkout
-        uses: actions/checkout@v1
-      - name: Cache dependencies
-        uses: actions/cache@v1
-        with:
-          path: vendor/bundle
-          key: ${{ runner.OS }}-ruby-${{ matrix.ruby }}
-          restore-keys: ${{ runner.OS }}-
-
-      - name: Set up Ruby
-        uses: actions/setup-ruby@v1
-        with:
-          ruby-version: ${{ matrix.ruby }}
-      - name: Set up Bundler
-        run: gem install bundler:1.14.5
-      - name: Set up Dependencies
-        run: bundle install --path vendor/bundle
-      - name: Run specs
-        run: bundle exec rspec
-
-  release:
-    runs-on: ubuntu-latest
-    needs: build
-    if: github.event_name == 'release' && github.event.action == 'published'
-    steps:
-      - name: Checkout
-        uses: actions/checkout@v1
-
-      - name: Set up Ruby
-        uses: actions/setup-ruby@v1
-        with:
-          ruby-version: 2.6.x
-      - name: Set up Bundler
-        run: gem install bundler:1.17.3
-      - name: Set up credentials
-        run: |
-          mkdir -p $HOME/.gem
-          touch $HOME/.gem/credentials
-          chmod 0600 $HOME/.gem/credentials
-          printf -- "---\n:rubygems_api_key: ${{secrets.RUBYGEMS_AUTH_TOKEN}}\n" > $HOME/.gem/credentials
-
-      - name: Get version
-        run: echo "${GITHUB_REF/refs\/tags\//}" > release.tag
-      - name: Set version
-        run: sed -i "s/0.0.0/$(<release.tag)/g" */**/version.rb
-
-      - name: Build gem
-        run: gem build *.gemspec
-      - name: Push gem
-        run: gem push *.gem