next-auth-session-token-decoder 0.1.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (12) hide show
  1. checksums.yaml +7 -0
  2. data/.rspec +3 -0
  3. data/Gemfile +4 -0
  4. data/Gemfile.lock +42 -0
  5. data/LICENSE.txt +21 -0
  6. data/README.md +53 -0
  7. data/lib/next_auth_decoder/token.rb +46 -0
  8. data/lib/next_auth_decoder/version.rb +3 -0
  9. data/lib/next_auth_decoder.rb +3 -0
  10. data/next_auth_decoder.gemspec +40 -0
  11. data/sig/foogem.rbs +4 -0
  12. metadata +112 -0
checksums.yaml ADDED
@@ -0,0 +1,7 @@
1
+ ---
2
+ SHA256:
3
+ metadata.gz: ab938117f205be3d4b0c16dbec47c46631eff0e54a44a04e341b0b746382d743
4
+ data.tar.gz: c5d0269bcbdbef793528dd091a45289a888a56fffdf590f31f1ec3280d85d0a1
5
+ SHA512:
6
+ metadata.gz: cdaa406032a808f88503be864ec17116d1820b2a53ab9017de7cf73d9db77134abff18c6df7dccd220e5ebb1b76847ed69bdbd0db2fb9cd7ee9e43d9dc971780
7
+ data.tar.gz: 80e424317d227be5db5d7cdb489c22045a63399be5fd342369f20653aac021f05e543bd5c9b9786607df31e2550ff2f89235f0f168a0021839bc3aa9f218234d
data/.rspec ADDED
@@ -0,0 +1,3 @@
1
+ --format documentation
2
+ --color
3
+ --require spec_helper
data/Gemfile ADDED
@@ -0,0 +1,4 @@
1
+ # frozen_string_literal: true
2
+
3
+ source 'https://rubygems.org'
4
+ gemspec
data/Gemfile.lock ADDED
@@ -0,0 +1,42 @@
1
+ PATH
2
+ remote: .
3
+ specs:
4
+ next-auth-session-token-decoder (0.1.0)
5
+ hkdf (~> 1.0.0)
6
+ jose (~> 1.1.3)
7
+
8
+ GEM
9
+ remote: https://rubygems.org/
10
+ specs:
11
+ concurrent-ruby (1.2.2)
12
+ diff-lcs (1.5.0)
13
+ hamster (3.0.0)
14
+ concurrent-ruby (~> 1.0)
15
+ hkdf (1.0.0)
16
+ jose (1.1.3)
17
+ hamster
18
+ rake (13.0.6)
19
+ rspec (3.12.0)
20
+ rspec-core (~> 3.12.0)
21
+ rspec-expectations (~> 3.12.0)
22
+ rspec-mocks (~> 3.12.0)
23
+ rspec-core (3.12.1)
24
+ rspec-support (~> 3.12.0)
25
+ rspec-expectations (3.12.2)
26
+ diff-lcs (>= 1.2.0, < 2.0)
27
+ rspec-support (~> 3.12.0)
28
+ rspec-mocks (3.12.4)
29
+ diff-lcs (>= 1.2.0, < 2.0)
30
+ rspec-support (~> 3.12.0)
31
+ rspec-support (3.12.0)
32
+
33
+ PLATFORMS
34
+ x86_64-darwin-20
35
+
36
+ DEPENDENCIES
37
+ next-auth-session-token-decoder!
38
+ rake (~> 13.0)
39
+ rspec (~> 3.12)
40
+
41
+ BUNDLED WITH
42
+ 2.4.8
data/LICENSE.txt ADDED
@@ -0,0 +1,21 @@
1
+ The MIT License (MIT)
2
+
3
+ Copyright (c) 2023 Andrey B.
4
+
5
+ Permission is hereby granted, free of charge, to any person obtaining a copy
6
+ of this software and associated documentation files (the "Software"), to deal
7
+ in the Software without restriction, including without limitation the rights
8
+ to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
9
+ copies of the Software, and to permit persons to whom the Software is
10
+ furnished to do so, subject to the following conditions:
11
+
12
+ The above copyright notice and this permission notice shall be included in
13
+ all copies or substantial portions of the Software.
14
+
15
+ THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
16
+ IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
17
+ FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
18
+ AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
19
+ LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
20
+ OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
21
+ THE SOFTWARE.
data/README.md ADDED
@@ -0,0 +1,53 @@
1
+ # NextAuth.js Session Token Decoder
2
+
3
+ If you ever find yourself in a situation where you need to decrypt the [NextAuth.js](https://next-auth.js.org/) session token on your Ruby backend, look no further than this gem. It’s specifically designed to make the decryption process easy and seamless. The source code for this library has been extracted from [Cooper Pet Care](https://cooperpetcare.com/)’s code base.
4
+
5
+ ## Installation
6
+
7
+ ```bash
8
+ gem install next-auth-session-token-decoder
9
+ ```
10
+
11
+ ## Usage
12
+
13
+ ```ruby
14
+ token = 'eyJhbGciOiJkaXIiLCJlbmMiOiJBMjU2R0NNIn0..VxVkx9tG5eLKexs-.GQ792tADkdL10q_EntQO6bu-QYgr2gIqx7RwfRzA7HkMMrQ8Bu5Bfgh5UjYnI6J9bnagd6C_eOoQTMypMkXynPX_ogEEwlxLZLTXgn2yFTIDZHFEyXlmV53_FRJ82BNoYLv76lVZuNJwYdID8R-2thjML2VE3AblcNn2KJNCreXMztPrN9-AwOlAHofK3Q.14-TZcu0Br4kS7IPWhlC8g'
15
+
16
+ options = {
17
+ info: 'NextAuth.js Generated Encryption Key',
18
+ secret: 'super-secret-key',
19
+ }
20
+
21
+ NextAuthDecoder::Token.new(token, options).decode
22
+ =>
23
+ {
24
+ "email"=>"test@email.com",
25
+ "username"=>"Test username",
26
+ "iat"=>1678818018,
27
+ "exp"=>1681410018,
28
+ "sub"=>"2",
29
+ "jti"=>"ef109254-6cc0-4939-8cd3-faf172cd790f"
30
+ }
31
+ ```
32
+
33
+ ## RSpec
34
+
35
+ First install dependencies:
36
+
37
+ ```bash
38
+ bundle install
39
+ ```
40
+
41
+ Now you're ready to test it:
42
+
43
+ ```bash
44
+ bundle exec rspec spec
45
+ ```
46
+
47
+ ## Contributing
48
+
49
+ Bug reports and pull requests are welcome on GitHub at https://github.com/cooperpetcare/next-auth-session-token-decoder.
50
+
51
+ ## License
52
+
53
+ The gem is available as open source under the terms of the [MIT License](https://opensource.org/licenses/MIT).
data/lib/next_auth_decoder/token.rb ADDED
@@ -0,0 +1,46 @@
1
+ require 'openssl'
2
+ require 'jose'
3
+ require 'hkdf'
4
+
5
+ module NextAuthDecoder
6
+ class InvalidDecryptionParams < StandardError; end
7
+ class Token
8
+ def initialize(token, info: '', secret: ENV['NEXT_AUTH_SECRET'], length: 32)
9
+ @token = token
10
+ @info = info
11
+ @length = length
12
+ @secret = secret
13
+ end
14
+
15
+ def decode
16
+ raise error if invalid?
17
+ JOSE::JWT
18
+ .decrypt(jwk_secret, @token)
19
+ .first
20
+ .fields
21
+ .to_h
22
+ rescue OpenSSL::Cipher::CipherError
23
+ puts 'Error: Decryption error.'
24
+ nil
25
+ end
26
+
27
+ private
28
+
29
+ def jwk_secret
30
+ @jwk_secret ||= JOSE::JWK.from_oct(encrypted_secret)
31
+ end
32
+
33
+ def encrypted_secret
34
+ @encrypted_secret ||=
35
+ HKDF.new(@secret, info: @info).read(@length)
36
+ end
37
+
38
+ def invalid?
39
+ @token.empty? || @info.nil? || @secret.nil?
40
+ end
41
+
42
+ def error
43
+ InvalidDecryptionParams.new('Error: Invalid decryption params')
44
+ end
45
+ end
46
+ end
data/lib/next_auth_decoder/version.rb ADDED
@@ -0,0 +1,3 @@
1
+ module NextAuthDecoder
2
+ VERSION = '0.1.0'
3
+ end
data/lib/next_auth_decoder.rb ADDED
@@ -0,0 +1,3 @@
1
+ module NextAuthDecoder
2
+ autoload :Token, 'next_auth_decoder/token'
3
+ end
data/next_auth_decoder.gemspec ADDED
@@ -0,0 +1,40 @@
1
+ # -*- encoding: utf-8 -*-
2
+
3
+ $:.push File.expand_path('../lib', __FILE__)
4
+ require 'next_auth_decoder/version'
5
+ require 'next_auth_decoder/token'
6
+
7
+ Gem::Specification.new do |spec|
8
+ spec.name = 'next-auth-session-token-decoder'
9
+ spec.version = NextAuthDecoder::VERSION
10
+ spec.platform = Gem::Platform::RUBY
11
+ spec.authors = ['Andrey Bayburin']
12
+ spec.email = ['hello@cooperpetcare.com']
13
+
14
+ spec.summary = 'NextAuth session token decoder'
15
+ spec.description = 'NextAuth session token decoder'
16
+ spec.homepage = 'https://cooperpetcare.com/engineering/next-auth-session-token-decoder/'
17
+ spec.license = 'MIT'
18
+
19
+ spec.metadata['allowed_push_host'] = 'https://rubygems.org/'
20
+ spec.metadata['homepage_uri'] = spec.homepage
21
+ spec.metadata['source_code_uri'] = 'https://github.com/cooperpetcare/next-auth-session-token-decoder'
22
+ # spec.metadata['changelog_uri'] = "TODO: Put your gem's CHANGELOG.md URL here."
23
+
24
+ # Specify which files should be added to the gem when it is released.
25
+ # The `git ls-files -z` loads the files in the RubyGem that have been added into git.
26
+ spec.files = Dir.chdir(__dir__) do
27
+ `git ls-files -z`.split("\x0").reject do |f|
28
+ (File.expand_path(f) == __FILE__) || f.start_with?(*%w[bin/ test/ spec/ features/ .git .github])
29
+ end
30
+ end
31
+ spec.bindir = 'bin'
32
+ spec.executables = spec.files.grep(%r{\Aexe/}) { |f| File.basename(f) }
33
+ spec.require_paths = ['lib']
34
+ spec.required_ruby_version = '>= 2.7.5'
35
+
36
+ spec.add_dependency('jose', '~> 1.1.3')
37
+ spec.add_dependency('hkdf', '~> 1.0.0')
38
+ spec.add_development_dependency('rake', '~> 13.0')
39
+ spec.add_development_dependency('rspec', '~> 3.12')
40
+ end
data/sig/foogem.rbs ADDED
@@ -0,0 +1,4 @@
1
+ module NextAuthDecoder
2
+ VERSION: String
3
+ # See the writing guide of rbs: https://github.com/ruby/rbs#guides
4
+ end
metadata ADDED
@@ -0,0 +1,112 @@
1
+ --- !ruby/object:Gem::Specification
2
+ name: next-auth-session-token-decoder
3
+ version: !ruby/object:Gem::Version
4
+ version: 0.1.0
5
+ platform: ruby
6
+ authors:
7
+ - Andrey Bayburin
8
+ autorequire:
9
+ bindir: bin
10
+ cert_chain: []
11
+ date: 2023-03-14 00:00:00.000000000 Z
12
+ dependencies:
13
+ - !ruby/object:Gem::Dependency
14
+ name: jose
15
+ requirement: !ruby/object:Gem::Requirement
16
+ requirements:
17
+ - - "~>"
18
+ - !ruby/object:Gem::Version
19
+ version: 1.1.3
20
+ type: :runtime
21
+ prerelease: false
22
+ version_requirements: !ruby/object:Gem::Requirement
23
+ requirements:
24
+ - - "~>"
25
+ - !ruby/object:Gem::Version
26
+ version: 1.1.3
27
+ - !ruby/object:Gem::Dependency
28
+ name: hkdf
29
+ requirement: !ruby/object:Gem::Requirement
30
+ requirements:
31
+ - - "~>"
32
+ - !ruby/object:Gem::Version
33
+ version: 1.0.0
34
+ type: :runtime
35
+ prerelease: false
36
+ version_requirements: !ruby/object:Gem::Requirement
37
+ requirements:
38
+ - - "~>"
39
+ - !ruby/object:Gem::Version
40
+ version: 1.0.0
41
+ - !ruby/object:Gem::Dependency
42
+ name: rake
43
+ requirement: !ruby/object:Gem::Requirement
44
+ requirements:
45
+ - - "~>"
46
+ - !ruby/object:Gem::Version
47
+ version: '13.0'
48
+ type: :development
49
+ prerelease: false
50
+ version_requirements: !ruby/object:Gem::Requirement
51
+ requirements:
52
+ - - "~>"
53
+ - !ruby/object:Gem::Version
54
+ version: '13.0'
55
+ - !ruby/object:Gem::Dependency
56
+ name: rspec
57
+ requirement: !ruby/object:Gem::Requirement
58
+ requirements:
59
+ - - "~>"
60
+ - !ruby/object:Gem::Version
61
+ version: '3.12'
62
+ type: :development
63
+ prerelease: false
64
+ version_requirements: !ruby/object:Gem::Requirement
65
+ requirements:
66
+ - - "~>"
67
+ - !ruby/object:Gem::Version
68
+ version: '3.12'
69
+ description: NextAuth session token decoder
70
+ email:
71
+ - hello@cooperpetcare.com
72
+ executables: []
73
+ extensions: []
74
+ extra_rdoc_files: []
75
+ files:
76
+ - ".rspec"
77
+ - Gemfile
78
+ - Gemfile.lock
79
+ - LICENSE.txt
80
+ - README.md
81
+ - lib/next_auth_decoder.rb
82
+ - lib/next_auth_decoder/token.rb
83
+ - lib/next_auth_decoder/version.rb
84
+ - next_auth_decoder.gemspec
85
+ - sig/foogem.rbs
86
+ homepage: https://cooperpetcare.com/engineering/next-auth-session-token-decoder/
87
+ licenses:
88
+ - MIT
89
+ metadata:
90
+ allowed_push_host: https://rubygems.org/
91
+ homepage_uri: https://cooperpetcare.com/engineering/next-auth-session-token-decoder/
92
+ source_code_uri: https://github.com/cooperpetcare/next-auth-session-token-decoder
93
+ post_install_message:
94
+ rdoc_options: []
95
+ require_paths:
96
+ - lib
97
+ required_ruby_version: !ruby/object:Gem::Requirement
98
+ requirements:
99
+ - - ">="
100
+ - !ruby/object:Gem::Version
101
+ version: 2.7.5
102
+ required_rubygems_version: !ruby/object:Gem::Requirement
103
+ requirements:
104
+ - - ">="
105
+ - !ruby/object:Gem::Version
106
+ version: '0'
107
+ requirements: []
108
+ rubygems_version: 3.4.8
109
+ signing_key:
110
+ specification_version: 4
111
+ summary: NextAuth session token decoder
112
+ test_files: []