nm-gigya 0.0.15 → 0.0.17
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/gigya/controller_utils.rb +84 -2
- metadata +1 -1
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: e3a133ba6c948f3ca251515d6fa71d21c64765db
|
|
4
|
+
data.tar.gz: c51095aaae1956c66bb741e143ac74ddb0a8ca51
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: e083301c31dede115f3ac5825dd84a133a0d7b2e7bcc449410b947bcf418ebb89b889c346370db21b1a8af98ae2fff93e8f90a8e4fc17957bb00c1676f8dbea4
|
|
7
|
+
data.tar.gz: eae457842ed84c528190780d6165abaf6d32926658beff230bff8a92a556edb8a5330fcea5b25a9e12bb599e0124ae218566ed882dabeee45e86cc6875de90db
|
|
@@ -5,6 +5,24 @@ module Gigya
|
|
|
5
5
|
GIGYA_QUERY_PARAM = :gigya_token
|
|
6
6
|
GIGYA_COOKIE_PARAM = :gigya_token
|
|
7
7
|
|
|
8
|
+
@@gigya_jwt_refresh_time = nil
|
|
9
|
+
def self.gigya_jwt_refresh_time=(val)
|
|
10
|
+
@@gigya_jwt_refresh_time = val
|
|
11
|
+
end
|
|
12
|
+
|
|
13
|
+
@@gigya_refresh_time_decay = true
|
|
14
|
+
def self.gigya_jwt_refresh_time
|
|
15
|
+
@@gigya_jwt_refresh_time
|
|
16
|
+
end
|
|
17
|
+
|
|
18
|
+
def self.gigya_refresh_time_decay=(val)
|
|
19
|
+
@@gigya_refresh_time_decay = val
|
|
20
|
+
end
|
|
21
|
+
|
|
22
|
+
def self.gigya_refresh_time_decay
|
|
23
|
+
@@gigya_refresh_time_decay
|
|
24
|
+
end
|
|
25
|
+
|
|
8
26
|
def gigya_user_required
|
|
9
27
|
begin
|
|
10
28
|
render(:json => {:error => "Invalid login"}, :status => 401) if gigya_user_identifier.blank?
|
|
@@ -17,10 +35,12 @@ module Gigya
|
|
|
17
35
|
def gigya_jwt_token
|
|
18
36
|
@gigya_jwt_token ||= begin
|
|
19
37
|
tmp_token = nil
|
|
38
|
+
token_location = nil
|
|
20
39
|
|
|
21
40
|
begin
|
|
22
41
|
authenticate_with_http_token do |token, options|
|
|
23
42
|
tmp_token = token
|
|
43
|
+
token_location = :header
|
|
24
44
|
end
|
|
25
45
|
rescue
|
|
26
46
|
# If this is being called from a helper instead of a controller, then the authenticate_with_http_token is not available.
|
|
@@ -29,8 +49,10 @@ module Gigya
|
|
|
29
49
|
|
|
30
50
|
begin
|
|
31
51
|
tmp_token = params[GIGYA_QUERY_PARAM] unless params[GIGYA_QUERY_PARAM].blank?
|
|
52
|
+
token_location = :param
|
|
32
53
|
if tmp_token.blank?
|
|
33
54
|
tmp_token = cookies[GIGYA_COOKIE_PARAM]
|
|
55
|
+
token_location = :cookie
|
|
34
56
|
end
|
|
35
57
|
rescue
|
|
36
58
|
# Some lightweight controllers don't do cookies
|
|
@@ -39,17 +61,65 @@ module Gigya
|
|
|
39
61
|
begin
|
|
40
62
|
if tmp_token.blank?
|
|
41
63
|
tmp_token = session[GIGYA_SESSION_PARAM]
|
|
64
|
+
token_location = :session
|
|
42
65
|
end
|
|
43
66
|
rescue
|
|
44
67
|
# Some lightweight controllers don't do sessions
|
|
45
68
|
end
|
|
46
69
|
|
|
70
|
+
token_location = nil if tmp_token.blank?
|
|
71
|
+
|
|
72
|
+
@gigya_token_location = token_location
|
|
73
|
+
|
|
47
74
|
tmp_token
|
|
48
75
|
end
|
|
49
76
|
end
|
|
50
77
|
|
|
51
|
-
def interpret_jwt_token
|
|
52
|
-
@gigya_jwt_info
|
|
78
|
+
def interpret_jwt_token(force = false)
|
|
79
|
+
if @gigya_jwt_info.nil?
|
|
80
|
+
@gigya_jwt_info = Gigya::Connection.shared_connection.validate_jwt(gigya_jwt_token)
|
|
81
|
+
|
|
82
|
+
perform_token_refresh if needs_token_refresh?
|
|
83
|
+
elsif force
|
|
84
|
+
@gigya_jwt_info = Gigya::Connection.shared_connection.validate_jwt(gigya_jwt_token)
|
|
85
|
+
end
|
|
86
|
+
|
|
87
|
+
@gigya_jwt_info
|
|
88
|
+
end
|
|
89
|
+
|
|
90
|
+
def perform_token_refresh
|
|
91
|
+
gigya_perform_token_refresh
|
|
92
|
+
end
|
|
93
|
+
|
|
94
|
+
def gigya_perform_token_refresh
|
|
95
|
+
info = gigya_user_information
|
|
96
|
+
|
|
97
|
+
fields = info.keys - ["iss", "apiKey", "iat", "exp", "sub"]
|
|
98
|
+
if @@gigya_refresh_time_decay
|
|
99
|
+
# Refresh only until the original token expires
|
|
100
|
+
# Note that this is slightly leaky
|
|
101
|
+
expiration = (Time.at(info["exp"]) - Time.now).to_i
|
|
102
|
+
else
|
|
103
|
+
# Keep refreshing with the same time period
|
|
104
|
+
expiration = info["exp"] - info["iat"]
|
|
105
|
+
end
|
|
106
|
+
result = Gigya::Connection.shared_connection.api_get("accounts", "getJWT", {:UID => gigya_user_identifier, :fields => fields.join(","), :expiration => expiration})
|
|
107
|
+
token = result["id_token"]
|
|
108
|
+
|
|
109
|
+
raise "Unable to refresh token" if token.blank?
|
|
110
|
+
|
|
111
|
+
case @gigya_token_location
|
|
112
|
+
when :header
|
|
113
|
+
headers["X-Set-Authorization-Token"] = token
|
|
114
|
+
when :cookie
|
|
115
|
+
cookies[GIGYA_COOKIE_PARAM] = token
|
|
116
|
+
when :session
|
|
117
|
+
session[GIGYA_SESSION_PARAM] = token
|
|
118
|
+
when :param
|
|
119
|
+
# FIXME - don't know what to do here.
|
|
120
|
+
end
|
|
121
|
+
@gigya_jwt_token = token
|
|
122
|
+
interpret_jwt_token(true) # Force reinterpretation of token
|
|
53
123
|
end
|
|
54
124
|
|
|
55
125
|
def gigya_save_jwt(destination = :cookie)
|
|
@@ -63,6 +133,18 @@ module Gigya
|
|
|
63
133
|
end
|
|
64
134
|
end
|
|
65
135
|
|
|
136
|
+
def needs_token_refresh?
|
|
137
|
+
needs_token_refresh_for_time?
|
|
138
|
+
end
|
|
139
|
+
|
|
140
|
+
def needs_token_refresh_for_time?
|
|
141
|
+
return false if @@gigya_jwt_refresh_time.nil?
|
|
142
|
+
|
|
143
|
+
issue_time = Time.at(@gigya_jwt_info["iat"])
|
|
144
|
+
|
|
145
|
+
return issue_time + @@gigya_jwt_refresh_time < Time.now
|
|
146
|
+
end
|
|
147
|
+
|
|
66
148
|
def gigya_user_information
|
|
67
149
|
interpret_jwt_token
|
|
68
150
|
@gigya_jwt_info
|