okta-jwt 0.5.0 → 0.6.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (6) hide show
  1. checksums.yaml +4 -4
  2. data/Gemfile.lock +1 -1
  3. data/README.md +35 -10
  4. data/lib/okta/jwt.rb +13 -5
  5. data/lib/okta/jwt/version.rb +1 -1
  6. metadata +2 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: c95b336fb7297f4ebb61661e9be2f297120140df657acb290b04b7568313bb33
4
- data.tar.gz: 8d9397202b711994674e159f7b8e4c95cddefe06e47aacbd72feffd8d9782bdf
3
+ metadata.gz: 13e5d691d2e52857e02e2dba1a078dd9e2919b878f3426437c23c55b169d99ce
4
+ data.tar.gz: a7be07dee7976a82fb89cd181ca1f40d7f822bba7c16281dfc5c1010d8269ecf
5
5
  SHA512:
6
- metadata.gz: e86570f91963ca59a3e140069e4e7eb50885d31935d633651935593303deccb230abc7d1707b115ab4236b90603d6adaa312c1e15837a21f7edfe2276492de9b
7
- data.tar.gz: 2be63b2da3ec1632fb2337417c51f6d2a8531fda8e016be897ba2ed4557c13d9bd21c8accca341fed0c440d61bd5bd254ccab60fcfdae2e25ca25e57fe43bbb3
6
+ metadata.gz: 01553fbc8f947fdb6ef574d279a0b4f480c65e1a0cbe9a359b5eac042a87c6ceb56a04c7fbeb20c6aa34fbe147a49053a28e67b1082a92b981321b462b16b4de
7
+ data.tar.gz: 12234fb7cc1f169f392f5faf17c2abc491510fa4534c6e0ac22a5ee9eda6032cdfdfed56fd002a1d390f76b20777f60280c30d872234d712429e87acb180c7cf
data/Gemfile.lock CHANGED
@@ -1,7 +1,7 @@
1
1
  PATH
2
2
  remote: .
3
3
  specs:
4
- okta-jwt (0.5.0)
4
+ okta-jwt (0.6.0)
5
5
  faraday
6
6
  json-jwt
7
7
 
data/README.md CHANGED
@@ -19,34 +19,59 @@ Or install it yourself as:
19
19
  $ gem install okta-jwt
20
20
 
21
21
  ## Usage
22
+ Require the library:
22
23
 
23
- Configure the client to sign in user (optional):
24
+ ```ruby
25
+ require 'okta/jwt'
26
+ ```
27
+
28
+ ### Getting the tokens
29
+
30
+ Configuration:
24
31
 
25
32
  ```ruby
26
- # client for resource owner password flow
27
- Okta::Jwt.configure_client!(
28
- issuer: 'https://<org>.oktapreview.com/oauth2<auth_server_id>',
29
- client_id: 'client_id',
30
- client_secret: 'client_secret')
33
+ Okta::Jwt.configure!(
34
+ issuer: 'https://<org>.oktapreview.com/oauth2<auth_server_id>'
35
+ )
31
36
  ```
37
+ NOTE: this step is optional, you don't need it for token verification.
38
+
39
+ #### Resource owner password flow
32
40
 
33
41
  Sign in user to get access token (default scope is openid):
34
42
 
35
43
  ```ruby
36
- auth_response = Okta::Jwt.sign_in(
44
+ auth_response = Okta::Jwt.sign_in_user(
37
45
  username: 'user@example.org',
38
46
  password: 'password',
47
+ client_id: 'client_id',
48
+ client_secret: 'client_secret',
39
49
  scope: 'openid my_scope'
40
50
  )
41
- parsed_auth_response = JSON.parse(auth_response.body)
42
- access_token = parsed_auth_response['access_token']
51
+ access_token = JSON.parse(auth_response.body)['access_token']
52
+ ```
53
+
54
+ #### Client credentials flow
55
+
56
+ Sign in client to get access token (provide at least one custom scope):
57
+
58
+ ```ruby
59
+ auth_response = Okta::Jwt.sign_in_client(
60
+ client_id: 'client_id',
61
+ client_secret: 'client_secret',
62
+ scope: 'my_scope'
63
+ )
64
+ access_token = JSON.parse(auth_response.body)['access_token']
43
65
  ```
44
66
 
67
+ ### Verify the token
68
+
45
69
  Verify access token (signature + claims):
46
70
 
47
71
  ```ruby
48
72
  Okta::Jwt.logger = Logger.new(STDOUT) # set optional logger
49
- verified_access_token = Okta::Jwt.verify_token(access_token,
73
+ verified_access_token = Okta::Jwt.verify_token(
74
+ access_token,
50
75
  issuer: 'https://<org>.oktapreview.com/oauth2<auth_server_id>',
51
76
  audience: 'development',
52
77
  client_id: 'client_id'
data/lib/okta/jwt.rb CHANGED
@@ -14,19 +14,17 @@ module Okta
14
14
  JWKS_CACHE = {}
15
15
 
16
16
  class << self
17
- attr_accessor :issuer, :auth_server_id, :client_id, :client_secret, :logger
17
+ attr_accessor :issuer, :auth_server_id, :logger
18
18
  end
19
19
 
20
20
  # configure the client for signing in
21
- def configure_client!(issuer:, client_id:, client_secret:)
21
+ def configure!(issuer:, logger: nil)
22
22
  @issuer = issuer
23
- @client_id = client_id
24
- @client_secret = client_secret
25
23
  @auth_server_id = issuer.split('/').last
26
24
  end
27
25
 
28
26
  # sign in user to get tokens
29
- def sign_in(username:, password:, scope: 'openid')
27
+ def sign_in_user(username:, password:, client_id:, client_secret:, scope: 'openid')
30
28
  client(issuer).post do |req|
31
29
  req.url "/oauth2/#{auth_server_id}/v1/token"
32
30
  req.headers['Content-Type'] = 'application/x-www-form-urlencoded'
@@ -34,6 +32,16 @@ module Okta
34
32
  req.body = URI.encode_www_form username: username, password: password, scope: scope, grant_type: 'password'
35
33
  end
36
34
  end
35
+
36
+ # sign in client to get access_token
37
+ def sign_in_client(client_id:, client_secret:, scope:)
38
+ client(issuer).post do |req|
39
+ req.url "/oauth2/#{auth_server_id}/v1/token"
40
+ req.headers['Content-Type'] = 'application/x-www-form-urlencoded'
41
+ req.headers['Authorization'] = 'Basic: ' + Base64.strict_encode64("#{client_id}:#{client_secret}")
42
+ req.body = URI.encode_www_form scope: scope, grant_type: 'client_credentials'
43
+ end
44
+ end
37
45
 
38
46
  # validate the token
39
47
  def verify_token(token, issuer:, audience:, client_id:)
data/lib/okta/jwt/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  module Okta
2
2
  module Jwt
3
- VERSION = "0.5.0"
3
+ VERSION = "0.6.0"
4
4
  end
5
5
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: okta-jwt
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.5.0
4
+ version: 0.6.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Damir Roso
8
8
  autorequire:
9
9
  bindir: exe
10
10
  cert_chain: []
11
- date: 2018-12-12 00:00:00.000000000 Z
11
+ date: 2018-12-19 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: bundler