mumukit-auth 4.0.0 → 5.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (8) hide show
  1. checksums.yaml +4 -4
  2. data/lib/mumukit/auth.rb +13 -1
  3. data/lib/mumukit/auth/client.rb +37 -0
  4. data/lib/mumukit/auth/permissions_persistence/daybreak.rb +13 -14
  5. data/lib/mumukit/auth/store.rb +9 -35
  6. data/lib/mumukit/auth/token.rb +16 -21
  7. data/lib/mumukit/auth/version.rb +1 -1
  8. metadata +5 -4
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: ff4b114d44e8e0f561db33664147f3284c7a174c
4
- data.tar.gz: 1e3eafff3f4e11a8282daf91c88e33a7ae66688f
3
+ metadata.gz: 429608e7c53050e6260290ecc2f5c893f59fdf76
4
+ data.tar.gz: 43d044cdb65f8cbc9080d6b0601207ee52c0be5e
5
5
  SHA512:
6
- metadata.gz: ebdd2c656a4d7d7854909bc34cc6042846a64fbf7394062c3c54b6d9f6342707435844cf945089a2475849353e671449761821f244de8a80e577b19ed92230d1
7
- data.tar.gz: 063b4d5d45e68f002efd0fe2eaae4c6d753c61268c35332ea845eba0d439230668d1e8f44c33be75186a4d713e0838f445d328b70a1e1b782d8ec7d0b47e19f8
6
+ metadata.gz: 3381520383b401aec9d8f881f3b82afd27d5c0274390993cce16d7a22720e1508696d84426bb2ae3bd1905569cdf0e6065d1889cc2805f7090ee5c41db75623e
7
+ data.tar.gz: a9896533ff781db016477515881f3ed01cf3fe86c34c0eac7767c6a96cc0645d7a1bea4c5d90944afea9111e98a1a9d41f8aed83eb750e1d3c76d0f61f1a5e18
data/lib/mumukit/auth.rb CHANGED
@@ -1,6 +1,7 @@
1
1
  require 'active_support/all'
2
2
  require 'mumukit/core'
3
3
  require 'daybreak'
4
+ require 'jwt'
4
5
 
5
6
  require_relative './auth/array'
6
7
  require_relative './auth/role'
@@ -9,6 +10,7 @@ require_relative './auth/slug'
9
10
  require_relative './auth/version'
10
11
  require_relative './auth/exceptions'
11
12
  require_relative './auth/grant'
13
+ require_relative './auth/client'
12
14
  require_relative './auth/token'
13
15
  require_relative './auth/scope'
14
16
  require_relative './auth/permissions'
@@ -20,10 +22,20 @@ require 'ostruct'
20
22
  module Mumukit
21
23
  module Auth
22
24
  def self.configure
23
- @config ||= OpenStruct.new
25
+ @config ||= defaults
24
26
  yield @config
25
27
  end
26
28
 
29
+ def self.defaults
30
+ struct.tap do |config|
31
+ config.clients = struct default: {
32
+ id: ENV['MUMUKI_AUTH_CLIENT_ID'],
33
+ secret: ENV['MUMUKI_AUTH_CLIENT_SECRET']
34
+ }
35
+ config.persistence_strategy = Mumukit::Auth::PermissionsPersistence::Daybreak.new
36
+ end
37
+ end
38
+
27
39
  def self.config
28
40
  @config
29
41
  end
data/lib/mumukit/auth/client.rb ADDED
@@ -0,0 +1,37 @@
1
+ module Mumukit::Auth
2
+ class Client
3
+ attr_reader :id, :secret
4
+
5
+ def initialize(options={})
6
+ with_config options do |config|
7
+ @id = config[:id]
8
+ @secret = config[:secret]
9
+ end
10
+ end
11
+
12
+ def decoded_secret
13
+ JWT.base64url_decode(secret)
14
+ end
15
+
16
+ def encode(jwt_hash)
17
+ JWT.encode(jwt_hash, decoded_secret)
18
+ end
19
+
20
+ def decode(encoded_jwt)
21
+ JWT.decode(encoded_jwt, decoded_secret)[0]
22
+ end
23
+
24
+ private
25
+
26
+ def with_config(options)
27
+ client = options[:client] || :default
28
+ config = Mumukit::Auth.config.clients[client]
29
+
30
+ raise "client config for #{client} is missing" if config.blank?
31
+ raise "client id for #{client} is missing" if config[:id].blank?
32
+ raise "client secret for #{client} is missing" if config[:secret].blank?
33
+
34
+ yield config
35
+ end
36
+ end
37
+ end
data/lib/mumukit/auth/permissions_persistence/daybreak.rb CHANGED
@@ -1,29 +1,28 @@
1
1
  module Mumukit::Auth
2
2
  module PermissionsPersistence
3
3
  class Daybreak
4
- def self.from_config
5
- new Mumukit::Auth.config.daybreak_name
4
+ def initialize(db_name = 'permissions')
5
+ @db_name = db_name
6
+ at_exit { @db.close if @db }
6
7
  end
7
8
 
8
- def initialize(db_name)
9
- @db = ::Daybreak::DB.new "#{db_name}.db", default: '{}'
9
+ def set!(key, value)
10
+ db.update! key.to_sym => value.to_json
11
+ db.flush
10
12
  end
11
13
 
12
- def close
13
- @db.close
14
+ def get(key)
15
+ Mumukit::Auth::Permissions.load db[key]
14
16
  end
15
17
 
16
- def set!(key, value)
17
- @db.update! key.to_sym => value.to_json
18
+ def clean!
19
+ db.clear
18
20
  end
19
21
 
20
- def get(key)
21
- Mumukit::Auth::Permissions.load @db[key]
22
- end
22
+ private
23
23
 
24
- def clean_env!
25
- close
26
- FileUtils.rm ["#{Mumukit::Auth.config.daybreak_name}.db"], force: true
24
+ def db
25
+ @db ||= ::Daybreak::DB.new "#{@db_name}.db", default: '{}'
27
26
  end
28
27
  end
29
28
  end
data/lib/mumukit/auth/store.rb CHANGED
@@ -1,45 +1,19 @@
1
1
  module Mumukit::Auth
2
- class Store
3
- def initialize
4
- @db = Mumukit::Auth.config.persistence_strategy
2
+ module Store
3
+ def self.clean!
4
+ persistence_strategy.clean!
5
5
  end
6
6
 
7
- def set!(key, value)
8
- @db.set! key.to_sym, value
7
+ def self.set!(*args)
8
+ persistence_strategy.set!(*args)
9
9
  end
10
10
 
11
- def get(key)
12
- @db.get key
11
+ def self.get(key)
12
+ persistence_strategy.get(key)
13
13
  end
14
14
 
15
- def clean_env!
16
- @db.clean_env!
17
- end
18
-
19
- class << self
20
-
21
- def from_config
22
- Mumukit::Auth.config.persistence_strategy.class.from_config
23
- end
24
-
25
- def clean_env!
26
- from_config.clean_env!
27
- end
28
-
29
- def with(&block)
30
- store = from_config
31
- block.call store
32
- ensure
33
- store.close
34
- end
35
-
36
- def set!(*args)
37
- with { |store| store.set!(*args) }
38
- end
39
-
40
- def get(key)
41
- with { |store| store.get(key) }
42
- end
15
+ def self.persistence_strategy
16
+ Mumukit::Auth.config.persistence_strategy
43
17
  end
44
18
  end
45
19
  end
data/lib/mumukit/auth/token.rb CHANGED
@@ -1,11 +1,10 @@
1
- require 'jwt'
2
-
3
1
  module Mumukit::Auth
4
2
  class Token
5
- attr_reader :jwt
3
+ attr_reader :jwt, :client
6
4
 
7
- def initialize(jwt)
5
+ def initialize(jwt, client)
8
6
  @jwt = jwt
7
+ @client = client
9
8
  end
10
9
 
11
10
  def metadata
@@ -24,33 +23,33 @@ module Mumukit::Auth
24
23
  permissions.protect! scope, resource_slug
25
24
  end
26
25
 
27
- def verify_client!(client = :auth0)
28
- raise Mumukit::Auth::InvalidTokenError.new('aud mismatch') if Mumukit::Auth.config.client_ids[client] != jwt['aud']
26
+ def verify_client!
27
+ raise Mumukit::Auth::InvalidTokenError.new('aud mismatch') if client.id != jwt['aud']
29
28
  end
30
29
 
31
- def encode(client = :auth0)
32
- JWT.encode(jwt, self.class.decoded_secret(client))
30
+ def encode
31
+ client.encode jwt
33
32
  end
34
33
 
35
34
  def self.from_rack_env(env)
36
35
  new(env.dig('omniauth.auth', 'extra', 'raw_info') || {})
37
36
  end
38
37
 
39
- def self.encode_dummy_auth_header(uid, metadata, client = :auth0)
40
- 'dummy token ' + encode(uid, metadata, client)
41
- end
42
-
43
- def self.encode(uid, metadata, client = :auth0)
44
- new(aud: Mumukit::Auth.config.client_ids[client], metadata: metadata, uid: uid).encode client
38
+ def self.encode(uid, metadata, client = Mumukit::Auth::Client.new)
39
+ new({aud: client.id, metadata: metadata, uid: uid}, client).encode
45
40
  end
46
41
 
47
- def self.decode(encoded, client = :auth0)
48
- Token.new JWT.decode(encoded, decoded_secret(client))[0]
42
+ def self.decode(encoded, client = Mumukit::Auth::Client.new)
43
+ new client.decode(encoded), client
49
44
  rescue JWT::DecodeError => e
50
45
  raise Mumukit::Auth::InvalidTokenError.new(e)
51
46
  end
52
47
 
53
- def self.decode_header(header, client = :auth0)
48
+ def self.encode_header(uid, metadata)
49
+ 'Bearer ' + encode(uid, metadata)
50
+ end
51
+
52
+ def self.decode_header(header, client = Mumukit::Auth::Client.new)
54
53
  decode extract_from_header(header), client
55
54
  end
56
55
 
@@ -59,10 +58,6 @@ module Mumukit::Auth
59
58
  header.split(' ').last
60
59
  end
61
60
 
62
- def self.decoded_secret(client = :auth0)
63
- client_secret = Mumukit::Auth.config.client_secrets[client]
64
- JWT.base64url_decode(client_secret)
65
- end
66
61
  end
67
62
  end
68
63
 
data/lib/mumukit/auth/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  module Mumukit
2
2
  module Auth
3
- VERSION = '4.0.0'
3
+ VERSION = '5.0.0'
4
4
  end
5
5
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: mumukit-auth
3
3
  version: !ruby/object:Gem::Version
4
- version: 4.0.0
4
+ version: 5.0.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Franco Leonardo Bulgarelli
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2017-01-07 00:00:00.000000000 Z
11
+ date: 2017-01-23 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: bundler
@@ -86,14 +86,14 @@ dependencies:
86
86
  requirements:
87
87
  - - "~>"
88
88
  - !ruby/object:Gem::Version
89
- version: '0.4'
89
+ version: '0.5'
90
90
  type: :runtime
91
91
  prerelease: false
92
92
  version_requirements: !ruby/object:Gem::Requirement
93
93
  requirements:
94
94
  - - "~>"
95
95
  - !ruby/object:Gem::Version
96
- version: '0.4'
96
+ version: '0.5'
97
97
  description:
98
98
  email:
99
99
  - franco@mumuki.org
@@ -103,6 +103,7 @@ extra_rdoc_files: []
103
103
  files:
104
104
  - lib/mumukit/auth.rb
105
105
  - lib/mumukit/auth/array.rb
106
+ - lib/mumukit/auth/client.rb
106
107
  - lib/mumukit/auth/exceptions.rb
107
108
  - lib/mumukit/auth/grant.rb
108
109
  - lib/mumukit/auth/permissions.rb