mumukit-auth 4.0.0 → 5.0.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: ff4b114d44e8e0f561db33664147f3284c7a174c
4
- data.tar.gz: 1e3eafff3f4e11a8282daf91c88e33a7ae66688f
3
+ metadata.gz: 429608e7c53050e6260290ecc2f5c893f59fdf76
4
+ data.tar.gz: 43d044cdb65f8cbc9080d6b0601207ee52c0be5e
5
5
  SHA512:
6
- metadata.gz: ebdd2c656a4d7d7854909bc34cc6042846a64fbf7394062c3c54b6d9f6342707435844cf945089a2475849353e671449761821f244de8a80e577b19ed92230d1
7
- data.tar.gz: 063b4d5d45e68f002efd0fe2eaae4c6d753c61268c35332ea845eba0d439230668d1e8f44c33be75186a4d713e0838f445d328b70a1e1b782d8ec7d0b47e19f8
6
+ metadata.gz: 3381520383b401aec9d8f881f3b82afd27d5c0274390993cce16d7a22720e1508696d84426bb2ae3bd1905569cdf0e6065d1889cc2805f7090ee5c41db75623e
7
+ data.tar.gz: a9896533ff781db016477515881f3ed01cf3fe86c34c0eac7767c6a96cc0645d7a1bea4c5d90944afea9111e98a1a9d41f8aed83eb750e1d3c76d0f61f1a5e18
data/lib/mumukit/auth.rb CHANGED
@@ -1,6 +1,7 @@
1
1
  require 'active_support/all'
2
2
  require 'mumukit/core'
3
3
  require 'daybreak'
4
+ require 'jwt'
4
5
 
5
6
  require_relative './auth/array'
6
7
  require_relative './auth/role'
@@ -9,6 +10,7 @@ require_relative './auth/slug'
9
10
  require_relative './auth/version'
10
11
  require_relative './auth/exceptions'
11
12
  require_relative './auth/grant'
13
+ require_relative './auth/client'
12
14
  require_relative './auth/token'
13
15
  require_relative './auth/scope'
14
16
  require_relative './auth/permissions'
@@ -20,10 +22,20 @@ require 'ostruct'
20
22
  module Mumukit
21
23
  module Auth
22
24
  def self.configure
23
- @config ||= OpenStruct.new
25
+ @config ||= defaults
24
26
  yield @config
25
27
  end
26
28
 
29
+ def self.defaults
30
+ struct.tap do |config|
31
+ config.clients = struct default: {
32
+ id: ENV['MUMUKI_AUTH_CLIENT_ID'],
33
+ secret: ENV['MUMUKI_AUTH_CLIENT_SECRET']
34
+ }
35
+ config.persistence_strategy = Mumukit::Auth::PermissionsPersistence::Daybreak.new
36
+ end
37
+ end
38
+
27
39
  def self.config
28
40
  @config
29
41
  end
@@ -0,0 +1,37 @@
1
+ module Mumukit::Auth
2
+ class Client
3
+ attr_reader :id, :secret
4
+
5
+ def initialize(options={})
6
+ with_config options do |config|
7
+ @id = config[:id]
8
+ @secret = config[:secret]
9
+ end
10
+ end
11
+
12
+ def decoded_secret
13
+ JWT.base64url_decode(secret)
14
+ end
15
+
16
+ def encode(jwt_hash)
17
+ JWT.encode(jwt_hash, decoded_secret)
18
+ end
19
+
20
+ def decode(encoded_jwt)
21
+ JWT.decode(encoded_jwt, decoded_secret)[0]
22
+ end
23
+
24
+ private
25
+
26
+ def with_config(options)
27
+ client = options[:client] || :default
28
+ config = Mumukit::Auth.config.clients[client]
29
+
30
+ raise "client config for #{client} is missing" if config.blank?
31
+ raise "client id for #{client} is missing" if config[:id].blank?
32
+ raise "client secret for #{client} is missing" if config[:secret].blank?
33
+
34
+ yield config
35
+ end
36
+ end
37
+ end
@@ -1,29 +1,28 @@
1
1
  module Mumukit::Auth
2
2
  module PermissionsPersistence
3
3
  class Daybreak
4
- def self.from_config
5
- new Mumukit::Auth.config.daybreak_name
4
+ def initialize(db_name = 'permissions')
5
+ @db_name = db_name
6
+ at_exit { @db.close if @db }
6
7
  end
7
8
 
8
- def initialize(db_name)
9
- @db = ::Daybreak::DB.new "#{db_name}.db", default: '{}'
9
+ def set!(key, value)
10
+ db.update! key.to_sym => value.to_json
11
+ db.flush
10
12
  end
11
13
 
12
- def close
13
- @db.close
14
+ def get(key)
15
+ Mumukit::Auth::Permissions.load db[key]
14
16
  end
15
17
 
16
- def set!(key, value)
17
- @db.update! key.to_sym => value.to_json
18
+ def clean!
19
+ db.clear
18
20
  end
19
21
 
20
- def get(key)
21
- Mumukit::Auth::Permissions.load @db[key]
22
- end
22
+ private
23
23
 
24
- def clean_env!
25
- close
26
- FileUtils.rm ["#{Mumukit::Auth.config.daybreak_name}.db"], force: true
24
+ def db
25
+ @db ||= ::Daybreak::DB.new "#{@db_name}.db", default: '{}'
27
26
  end
28
27
  end
29
28
  end
@@ -1,45 +1,19 @@
1
1
  module Mumukit::Auth
2
- class Store
3
- def initialize
4
- @db = Mumukit::Auth.config.persistence_strategy
2
+ module Store
3
+ def self.clean!
4
+ persistence_strategy.clean!
5
5
  end
6
6
 
7
- def set!(key, value)
8
- @db.set! key.to_sym, value
7
+ def self.set!(*args)
8
+ persistence_strategy.set!(*args)
9
9
  end
10
10
 
11
- def get(key)
12
- @db.get key
11
+ def self.get(key)
12
+ persistence_strategy.get(key)
13
13
  end
14
14
 
15
- def clean_env!
16
- @db.clean_env!
17
- end
18
-
19
- class << self
20
-
21
- def from_config
22
- Mumukit::Auth.config.persistence_strategy.class.from_config
23
- end
24
-
25
- def clean_env!
26
- from_config.clean_env!
27
- end
28
-
29
- def with(&block)
30
- store = from_config
31
- block.call store
32
- ensure
33
- store.close
34
- end
35
-
36
- def set!(*args)
37
- with { |store| store.set!(*args) }
38
- end
39
-
40
- def get(key)
41
- with { |store| store.get(key) }
42
- end
15
+ def self.persistence_strategy
16
+ Mumukit::Auth.config.persistence_strategy
43
17
  end
44
18
  end
45
19
  end
@@ -1,11 +1,10 @@
1
- require 'jwt'
2
-
3
1
  module Mumukit::Auth
4
2
  class Token
5
- attr_reader :jwt
3
+ attr_reader :jwt, :client
6
4
 
7
- def initialize(jwt)
5
+ def initialize(jwt, client)
8
6
  @jwt = jwt
7
+ @client = client
9
8
  end
10
9
 
11
10
  def metadata
@@ -24,33 +23,33 @@ module Mumukit::Auth
24
23
  permissions.protect! scope, resource_slug
25
24
  end
26
25
 
27
- def verify_client!(client = :auth0)
28
- raise Mumukit::Auth::InvalidTokenError.new('aud mismatch') if Mumukit::Auth.config.client_ids[client] != jwt['aud']
26
+ def verify_client!
27
+ raise Mumukit::Auth::InvalidTokenError.new('aud mismatch') if client.id != jwt['aud']
29
28
  end
30
29
 
31
- def encode(client = :auth0)
32
- JWT.encode(jwt, self.class.decoded_secret(client))
30
+ def encode
31
+ client.encode jwt
33
32
  end
34
33
 
35
34
  def self.from_rack_env(env)
36
35
  new(env.dig('omniauth.auth', 'extra', 'raw_info') || {})
37
36
  end
38
37
 
39
- def self.encode_dummy_auth_header(uid, metadata, client = :auth0)
40
- 'dummy token ' + encode(uid, metadata, client)
41
- end
42
-
43
- def self.encode(uid, metadata, client = :auth0)
44
- new(aud: Mumukit::Auth.config.client_ids[client], metadata: metadata, uid: uid).encode client
38
+ def self.encode(uid, metadata, client = Mumukit::Auth::Client.new)
39
+ new({aud: client.id, metadata: metadata, uid: uid}, client).encode
45
40
  end
46
41
 
47
- def self.decode(encoded, client = :auth0)
48
- Token.new JWT.decode(encoded, decoded_secret(client))[0]
42
+ def self.decode(encoded, client = Mumukit::Auth::Client.new)
43
+ new client.decode(encoded), client
49
44
  rescue JWT::DecodeError => e
50
45
  raise Mumukit::Auth::InvalidTokenError.new(e)
51
46
  end
52
47
 
53
- def self.decode_header(header, client = :auth0)
48
+ def self.encode_header(uid, metadata)
49
+ 'Bearer ' + encode(uid, metadata)
50
+ end
51
+
52
+ def self.decode_header(header, client = Mumukit::Auth::Client.new)
54
53
  decode extract_from_header(header), client
55
54
  end
56
55
 
@@ -59,10 +58,6 @@ module Mumukit::Auth
59
58
  header.split(' ').last
60
59
  end
61
60
 
62
- def self.decoded_secret(client = :auth0)
63
- client_secret = Mumukit::Auth.config.client_secrets[client]
64
- JWT.base64url_decode(client_secret)
65
- end
66
61
  end
67
62
  end
68
63
 
@@ -1,5 +1,5 @@
1
1
  module Mumukit
2
2
  module Auth
3
- VERSION = '4.0.0'
3
+ VERSION = '5.0.0'
4
4
  end
5
5
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: mumukit-auth
3
3
  version: !ruby/object:Gem::Version
4
- version: 4.0.0
4
+ version: 5.0.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Franco Leonardo Bulgarelli
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2017-01-07 00:00:00.000000000 Z
11
+ date: 2017-01-23 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: bundler
@@ -86,14 +86,14 @@ dependencies:
86
86
  requirements:
87
87
  - - "~>"
88
88
  - !ruby/object:Gem::Version
89
- version: '0.4'
89
+ version: '0.5'
90
90
  type: :runtime
91
91
  prerelease: false
92
92
  version_requirements: !ruby/object:Gem::Requirement
93
93
  requirements:
94
94
  - - "~>"
95
95
  - !ruby/object:Gem::Version
96
- version: '0.4'
96
+ version: '0.5'
97
97
  description:
98
98
  email:
99
99
  - franco@mumuki.org
@@ -103,6 +103,7 @@ extra_rdoc_files: []
103
103
  files:
104
104
  - lib/mumukit/auth.rb
105
105
  - lib/mumukit/auth/array.rb
106
+ - lib/mumukit/auth/client.rb
106
107
  - lib/mumukit/auth/exceptions.rb
107
108
  - lib/mumukit/auth/grant.rb
108
109
  - lib/mumukit/auth/permissions.rb