okta-jwt 0.5.0 → 0.6.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (6) hide show
  1. checksums.yaml +4 -4
  2. data/Gemfile.lock +1 -1
  3. data/README.md +35 -10
  4. data/lib/okta/jwt.rb +13 -5
  5. data/lib/okta/jwt/version.rb +1 -1
  6. metadata +2 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: c95b336fb7297f4ebb61661e9be2f297120140df657acb290b04b7568313bb33
4
- data.tar.gz: 8d9397202b711994674e159f7b8e4c95cddefe06e47aacbd72feffd8d9782bdf
3
+ metadata.gz: 13e5d691d2e52857e02e2dba1a078dd9e2919b878f3426437c23c55b169d99ce
4
+ data.tar.gz: a7be07dee7976a82fb89cd181ca1f40d7f822bba7c16281dfc5c1010d8269ecf
5
5
  SHA512:
6
- metadata.gz: e86570f91963ca59a3e140069e4e7eb50885d31935d633651935593303deccb230abc7d1707b115ab4236b90603d6adaa312c1e15837a21f7edfe2276492de9b
7
- data.tar.gz: 2be63b2da3ec1632fb2337417c51f6d2a8531fda8e016be897ba2ed4557c13d9bd21c8accca341fed0c440d61bd5bd254ccab60fcfdae2e25ca25e57fe43bbb3
6
+ metadata.gz: 01553fbc8f947fdb6ef574d279a0b4f480c65e1a0cbe9a359b5eac042a87c6ceb56a04c7fbeb20c6aa34fbe147a49053a28e67b1082a92b981321b462b16b4de
7
+ data.tar.gz: 12234fb7cc1f169f392f5faf17c2abc491510fa4534c6e0ac22a5ee9eda6032cdfdfed56fd002a1d390f76b20777f60280c30d872234d712429e87acb180c7cf
data/Gemfile.lock CHANGED
@@ -1,7 +1,7 @@
1
1
  PATH
2
2
  remote: .
3
3
  specs:
4
- okta-jwt (0.5.0)
4
+ okta-jwt (0.6.0)
5
5
  faraday
6
6
  json-jwt
7
7
 
data/README.md CHANGED
@@ -19,34 +19,59 @@ Or install it yourself as:
19
19
  $ gem install okta-jwt
20
20
 
21
21
  ## Usage
22
+ Require the library:
22
23
 
23
- Configure the client to sign in user (optional):
24
+ ```ruby
25
+ require 'okta/jwt'
26
+ ```
27
+
28
+ ### Getting the tokens
29
+
30
+ Configuration:
24
31
 
25
32
  ```ruby
26
- # client for resource owner password flow
27
- Okta::Jwt.configure_client!(
28
- issuer: 'https://<org>.oktapreview.com/oauth2<auth_server_id>',
29
- client_id: 'client_id',
30
- client_secret: 'client_secret')
33
+ Okta::Jwt.configure!(
34
+ issuer: 'https://<org>.oktapreview.com/oauth2<auth_server_id>'
35
+ )
31
36
  ```
37
+ NOTE: this step is optional, you don't need it for token verification.
38
+
39
+ #### Resource owner password flow
32
40
 
33
41
  Sign in user to get access token (default scope is openid):
34
42
 
35
43
  ```ruby
36
- auth_response = Okta::Jwt.sign_in(
44
+ auth_response = Okta::Jwt.sign_in_user(
37
45
  username: 'user@example.org',
38
46
  password: 'password',
47
+ client_id: 'client_id',
48
+ client_secret: 'client_secret',
39
49
  scope: 'openid my_scope'
40
50
  )
41
- parsed_auth_response = JSON.parse(auth_response.body)
42
- access_token = parsed_auth_response['access_token']
51
+ access_token = JSON.parse(auth_response.body)['access_token']
52
+ ```
53
+
54
+ #### Client credentials flow
55
+
56
+ Sign in client to get access token (provide at least one custom scope):
57
+
58
+ ```ruby
59
+ auth_response = Okta::Jwt.sign_in_client(
60
+ client_id: 'client_id',
61
+ client_secret: 'client_secret',
62
+ scope: 'my_scope'
63
+ )
64
+ access_token = JSON.parse(auth_response.body)['access_token']
43
65
  ```
44
66
 
67
+ ### Verify the token
68
+
45
69
  Verify access token (signature + claims):
46
70
 
47
71
  ```ruby
48
72
  Okta::Jwt.logger = Logger.new(STDOUT) # set optional logger
49
- verified_access_token = Okta::Jwt.verify_token(access_token,
73
+ verified_access_token = Okta::Jwt.verify_token(
74
+ access_token,
50
75
  issuer: 'https://<org>.oktapreview.com/oauth2<auth_server_id>',
51
76
  audience: 'development',
52
77
  client_id: 'client_id'
data/lib/okta/jwt.rb CHANGED
@@ -14,19 +14,17 @@ module Okta
14
14
  JWKS_CACHE = {}
15
15
 
16
16
  class << self
17
- attr_accessor :issuer, :auth_server_id, :client_id, :client_secret, :logger
17
+ attr_accessor :issuer, :auth_server_id, :logger
18
18
  end
19
19
 
20
20
  # configure the client for signing in
21
- def configure_client!(issuer:, client_id:, client_secret:)
21
+ def configure!(issuer:, logger: nil)
22
22
  @issuer = issuer
23
- @client_id = client_id
24
- @client_secret = client_secret
25
23
  @auth_server_id = issuer.split('/').last
26
24
  end
27
25
 
28
26
  # sign in user to get tokens
29
- def sign_in(username:, password:, scope: 'openid')
27
+ def sign_in_user(username:, password:, client_id:, client_secret:, scope: 'openid')
30
28
  client(issuer).post do |req|
31
29
  req.url "/oauth2/#{auth_server_id}/v1/token"
32
30
  req.headers['Content-Type'] = 'application/x-www-form-urlencoded'
@@ -34,6 +32,16 @@ module Okta
34
32
  req.body = URI.encode_www_form username: username, password: password, scope: scope, grant_type: 'password'
35
33
  end
36
34
  end
35
+
36
+ # sign in client to get access_token
37
+ def sign_in_client(client_id:, client_secret:, scope:)
38
+ client(issuer).post do |req|
39
+ req.url "/oauth2/#{auth_server_id}/v1/token"
40
+ req.headers['Content-Type'] = 'application/x-www-form-urlencoded'
41
+ req.headers['Authorization'] = 'Basic: ' + Base64.strict_encode64("#{client_id}:#{client_secret}")
42
+ req.body = URI.encode_www_form scope: scope, grant_type: 'client_credentials'
43
+ end
44
+ end
37
45
 
38
46
  # validate the token
39
47
  def verify_token(token, issuer:, audience:, client_id:)
data/lib/okta/jwt/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  module Okta
2
2
  module Jwt
3
- VERSION = "0.5.0"
3
+ VERSION = "0.6.0"
4
4
  end
5
5
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: okta-jwt
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.5.0
4
+ version: 0.6.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Damir Roso
8
8
  autorequire:
9
9
  bindir: exe
10
10
  cert_chain: []
11
- date: 2018-12-12 00:00:00.000000000 Z
11
+ date: 2018-12-19 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: bundler