model_driven_api 2.3.12 → 2.3.13

Sign up to get free protection for your applications and to get access to all the features.
Files changed (4) hide show
  1. checksums.yaml +4 -4
  2. data/app/controllers/api/v2/application_controller.rb +0 -5
  3. data/lib/json_web_token.rb +2 -2
  4. metadata +1 -1
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 96a404941f09e02fd096c7b7f62cd9ba80ee3a61058652e5b74961167d7d123c
4
- data.tar.gz: 821c7372263973d516017ce7704a51a851cbb87a2259b9540c548b18aa506f30
3
+ metadata.gz: a5497bdb2727e103fa3727595ca62bbaf065b9135dd9bfbc8674f21506929dd0
4
+ data.tar.gz: ad09cdae9730b0f5c7983eb478c660ef8cc1c13d1d2c1cb13cd9a143b67f4029
5
5
  SHA512:
6
- metadata.gz: e9ce5471c94e2de11172bafcd047ce527840eb950eaef9281d9030542bcdc3ac7149edd81b366f38e6b8c7abe2214b4169f89c1412134d4f89e68a8f977db93c
7
- data.tar.gz: 68756bc2801c58b653e12cbd6b02a0cb5379b5c6471246f371d56f8cae0c40eb41172b1c410819c2562507d80d2e8a76c03b56e7e8dc0f7d8f519bebd329fced
6
+ metadata.gz: 719fcf3175dced8eaea5e238551d7d143edc185e9131c44ae9bf5358509de252da07491c27c16f485644c782f73c8f351379744c60f20bc803b074f024ecdbb8
7
+ data.tar.gz: ad157de69fbd575e5a9197594901b811a0cb1e74f25eb49146c011fbec9d32ebd6874e8712f2ef8edff4799d9e46cd04e2040c5cbe7c48b3a04e7f428917ab5a
data/app/controllers/api/v2/application_controller.rb CHANGED
@@ -128,20 +128,15 @@ class Api::V2::ApplicationController < ActionController::API
128
128
  end
129
129
 
130
130
  def authenticate_request
131
- Rails.logger.info request.headers.inspect
132
131
  @current_user = nil
133
- Rails.logger.info "Are there webhooks headers to check for? #{Settings.ns(:security).allowed_authorization_headers}"
134
132
  Settings.ns(:security).allowed_authorization_headers.split(",").each do |header|
135
133
  # puts "Found header #{header}: #{request.headers[header.underscore.dasherize]}"
136
134
  check_authorization("Authorize#{header}".constantize.call(request.headers, request.raw_post)) if request.headers[header.underscore.dasherize]
137
135
  end
138
136
 
139
- Rails.logger.info "This is the default one, if the header doesn't have a valid form for one of the other Auth methods, then use this Auth Class"
140
137
  check_authorization AuthorizeApiRequest.call(request.headers) unless @current_user
141
- Rails.logger.info "Inspect @current_user: #{@current_user} if nil, then returns unauthenticated"
142
138
  return unauthenticated!(OpenStruct.new({message: @auth_errors})) unless @current_user
143
139
 
144
- Rails.logger.info "We are here, so the user authenticated"
145
140
  current_user = @current_user
146
141
  params[:current_user_id] = @current_user.id
147
142
  # Now every time the user fires off a successful GET request,
data/lib/json_web_token.rb CHANGED
@@ -1,11 +1,11 @@
1
1
  class JsonWebToken
2
2
  class << self
3
3
  def encode(payload, expiry = 15.minutes.from_now.to_i)
4
- ::JWT.encode(payload.merge(exp: expiry), ::Rails.application.credentials.dig(:secret_key_base))
4
+ ::JWT.encode(payload.merge(exp: expiry), ::Rails.application.credentials.dig(:secret_key_base).presence||ENV["SECRET_KEY_BASE"])
5
5
  end
6
6
 
7
7
  def decode(token)
8
- body = ::JWT.decode(token, ::Rails.application.credentials.dig(:secret_key_base))[0]
8
+ body = ::JWT.decode(token, ::Rails.application.credentials.dig(:secret_key_base).presence||ENV["SECRET_KEY_BASE"])[0]
9
9
  ::HashWithIndifferentAccess.new body
10
10
  rescue
11
11
  nil
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: model_driven_api
3
3
  version: !ruby/object:Gem::Version
4
- version: 2.3.12
4
+ version: 2.3.13
5
5
  platform: ruby
6
6
  authors:
7
7
  - Gabriele Tassoni