otp-jwt 0.2.1 → 0.2.6

checksums.yaml

@@ -1,7 +1,7 @@
 ---
-SHA1:
-  metadata.gz: c2ab72bba26dccf6e9997c1d308817a5b83bff50
-  data.tar.gz: 2eaad486102257081e36effb3a8952497a2fe6fa
+SHA256:
+  metadata.gz: bf8f83dacec78e2f6b12891bea71b4a45672ac967fa84fea749eb1acfe47c42c
+  data.tar.gz: b8c3fb4e6b0f9824a42661ea2b650135bcb2281c2c5951a24ee0d8abe527ca01
 SHA512:
-  metadata.gz: e5799a46574afae040a12d024f3dec337d231cc2f517dfb29619d8ff5b6d3006018f009d15683d1ef089dc0744a8901bb752b63ddff74bbaa3e1207c2da3b9ef
-  data.tar.gz: 88e4c2d697960bceb4c3617545461698fb0f474b48e3266120708038f5bc318fce98482f0ac056ce8f936e0e53e496cec4869187c1773acbf9ec68fd42115f8e
+  metadata.gz: 7b2806094446c6c929b5cc0023630fe3291f8736a845a92a55ce157bdcb21cabe18fba13aa80483c8408990213fc0a5ac363f23bd7f306b3eebfdc9fbc4e2b64
+  data.tar.gz: 0cdbaa9318e9e52095b57ca486f4b75210644e956d17bcc64267e23c739e7b0ed839f2863f480275e081a162b594e164ed8ebd60521e2271329f76f72bf498c6

data/LICENSE.txt

@@ -0,0 +1,21 @@
+The MIT License (MIT)
+
+Copyright (c) 2021 Stas Suscov
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE.

data/README.md

@@ -10,6 +10,8 @@ One time password (email, SMS) authentication support for HTTP APIs.
 This project provides a couple of mixins to help you build
 applications/HTTP APIs without asking your users to provide passwords.
 
+[Your browser probably can work seamlessly with OTPs](https://web.dev/web-otp/)!!! :heart_eyes: 
+
 ## About
 
 The goal of this project is to provide support for one time passwords
@@ -103,6 +105,12 @@ A migration to add these two looks like this:
 $ rails g migration add_otp_to_users otp_secret:string otp_counter:integer
 ```
 
+Generate `opt_secret` by running the following in rails console if you have preexisting user data:
+```
+User.all.each do |u|
+  u.save()
+end
+```
 #### Mailer support
 
 You can use the built-in mailer to deliver the OTP, just require it and

data/lib/otp/active_record.rb

@@ -20,6 +20,7 @@ module OTP
     # @return [String] or nil if no OTP is set
     def otp
       return nil if !valid? || !persisted? || otp_secret.blank?
+
       otp_digits = self.class.const_get(:OTP_DIGITS)
       hotp = ROTP::HOTP.new(otp_secret, digits: otp_digits)
 
@@ -33,6 +34,8 @@ module OTP
     #
     # @return true on success, false on failure
     def verify_otp(otp)
+      return nil if !valid? || !persisted? || otp_secret.blank?
+
       hotp = ROTP::HOTP.new(otp_secret, digits: OTP_DIGITS)
       transaction do
         otp_status = hotp.verify(otp.to_s, otp_counter)
@@ -69,7 +72,6 @@ module OTP
     end
 
     private
-
     # Provides a default value for the OTP secret attribute
     #
     # @return [String]

data/lib/otp/jwt/action_controller.rb

@@ -3,7 +3,6 @@ module OTP
     # [ActionController] concern.
     module ActionController
       private
-
       # Authenticates a model and responds with a [JWT] token
       #
       # @return [String] with authentication token and country shop ID.

data/lib/otp/jwt/active_record.rb

@@ -10,19 +10,38 @@ module OTP
         # Returns a record based on the [JWT] token subject
         #
         # @param token [String] representing a [JWT] token
+        # @param claim_name [String] the claim name to be used, default is `sub`
         # @return [ActiveRecord::Base] model
-        def from_jwt(token)
+        def from_jwt(token, claim_name = 'sub')
           OTP::JWT::Token.decode(token) do |payload|
-            self.find_by(id: payload['sub'])
+            val = payload[claim_name]
+            pk_col = self.column_for_attribute(self.primary_key)
+
+            # Arel casts the values to the primary key type,
+            # which means that an UUID becomes an integer by default...
+            if self.connection.respond_to?(:lookup_cast_type_from_column)
+              pk_type = self.connection.lookup_cast_type_from_column(pk_col)
+              casted_val = pk_type.serialize(val)
+            else
+              casted_val = self.connection.type_cast(val, pk_col)
+            end
+
+            return if casted_val.to_s != val.to_s.strip
+
+            self.find_by(self.primary_key => val)
           end
         end
       end
 
       # Returns a [JWT] token for this record
       #
+      # @param claims [Hash] extra claims to be included
       # @return [ActiveRecord::Base] model
-      def to_jwt
-        OTP::JWT::Token.sign(sub: self.id)
+      def to_jwt(claims = nil)
+        OTP::JWT::Token.sign(
+          sub: self.send(self.class.primary_key),
+          **(claims || {})
+        )
       end
     end
   end

data/lib/otp/jwt/test_helpers.rb

@@ -4,16 +4,23 @@ module OTP
   module JWT
     # Helpers to help you test the [JWT] requests.
     module TestHelpers
+      # Helper provides JSON content type headers
+      #
+      # @return [Hash] the relevant content type &co
+      def json_headers
+        { 'Content-Type': Mime[:json].to_s }
+      end
+
       # Helper to handle authentication requests easier
       #
       # @return [Hash] the authorization headers
       def jwt_auth_header(entity_or_subject)
-        return {} unless entity_or_subject.present?
+        return json_headers if entity_or_subject.blank?
 
         token = entity_or_subject.try(:to_jwt)
         token ||= OTP::JWT::Token.sign(sub: entity_or_subject)
 
-        { 'Authorization': "Bearer #{token}" }
+        { 'Authorization': "Bearer #{token}" }.merge(json_headers)
       end
 
       # Parses and returns a deserialized JSON

data/lib/otp/jwt/version.rb

@@ -1,5 +1,5 @@
 module OTP
   module JWT
-    VERSION = '0.2.1'
+    VERSION = '0.2.6'
   end
 end

data/spec/dummy.rb

@@ -0,0 +1,82 @@
+require 'active_record/railtie'
+require 'action_controller/railtie'
+require 'global_id/railtie'
+require 'otp/mailer'
+
+class Dummy < Rails::Application
+  secrets.secret_key_base = '_'
+
+  config.hosts << 'www.example.com' if config.respond_to?(:hosts)
+
+  config.logger = Logger.new($stdout)
+  config.logger.level = ENV['LOG_LEVEL'] || Logger::WARN
+
+  routes.draw do
+    resources :users, only: [:index]
+    resources :tokens, only: [:create]
+  end
+end
+
+GlobalID.app = Dummy
+Rails.logger = Dummy.config.logger
+ActiveRecord::Base.logger = Dummy.config.logger
+ActiveRecord::Base.establish_connection(
+  ENV['DATABASE_URL'] || 'sqlite3::memory:'
+)
+
+ActiveRecord::Schema.define do
+  create_table :users, force: true do |t|
+    t.string :email
+    t.string :full_name
+    t.string :phone_number
+    t.string :otp_secret
+    t.integer :otp_counter
+    t.timestamp :last_login_at
+    t.timestamps
+  end
+end
+
+class User < ActiveRecord::Base
+  include GlobalID::Identification
+  include OTP::ActiveRecord
+  include OTP::JWT::ActiveRecord
+
+  def email_otp
+    OTP::Mailer.otp(email, otp, self).deliver_later
+  end
+end
+
+class ApplicationController < ActionController::Base
+  include OTP::JWT::ActionController
+
+  private
+  def current_user
+    @jwt_user ||= User.from_jwt(request_authorization_header)
+  end
+
+  def current_user!
+    current_user || raise('User authentication failed')
+  rescue
+    head(:unauthorized)
+  end
+end
+
+class UsersController < ApplicationController
+  before_action :current_user!
+
+  def index
+    render json: current_user
+  end
+end
+
+class TokensController < ApplicationController
+  def create
+    user = User.find_by(email: params[:email])
+
+    jwt_from_otp(user, params[:otp]) do |auth_user|
+      auth_user.update_column(:last_login_at, DateTime.current)
+
+      render json: { token: auth_user.to_jwt }, status: :created
+    end
+  end
+end

data/spec/otp/jwt/token_spec.rb

@@ -0,0 +1,54 @@
+require 'spec_helper'
+
+RSpec.describe OTP::JWT::Token, type: :model do
+  let(:payload) { { 'sub' => FFaker::Internet.password } }
+  let(:token) do
+    JWT.encode(
+      payload.dup.merge(exp: Time.now.to_i + described_class.jwt_lifetime),
+      described_class.jwt_signature_key,
+      described_class.jwt_algorithm
+    )
+  end
+
+  describe '#sign' do
+    it { expect(described_class.sign(payload)).to eq(token) }
+  end
+
+  describe '#verify' do
+    it do
+      expect(described_class.verify(token).first).to include(payload)
+    end
+
+    it 'with a bad token' do
+      expect { described_class.verify(FFaker::Internet.password) }
+        .to raise_error(JWT::DecodeError)
+    end
+
+    it 'with an expired token' do
+      token = OTP::JWT::Token.sign(
+        sub: FFaker::Internet.password, exp: DateTime.now.to_i
+      )
+      expect { described_class.verify(token) }
+        .to raise_error(JWT::ExpiredSignature)
+    end
+  end
+
+  describe '#decode' do
+    let(:user) { create_user }
+    let(:payload) { { 'sub' => user.id } }
+
+    it do
+      expect(
+        described_class.decode(token) { |p| User.find(p['sub']) }
+      ).to eq(user)
+    end
+
+    context 'with a bad token' do
+      let(:token) { FFaker::Internet.password }
+
+      it do
+        expect(described_class.decode(token)).to eq(nil)
+      end
+    end
+  end
+end

data/spec/spec_helper.rb

@@ -0,0 +1,70 @@
+require 'bundler/setup'
+require 'simplecov'
+
+SimpleCov.start do
+  add_group 'Lib', 'lib'
+  add_group 'Tests', 'spec'
+end
+SimpleCov.minimum_coverage 90
+
+require 'otp'
+require 'otp/jwt'
+require 'otp/jwt/test_helpers'
+require_relative 'dummy'
+require 'ffaker'
+require 'rspec/rails'
+
+OTP::JWT::Token.jwt_signature_key = '_'
+OTP::Mailer.default from: '_'
+ActiveJob::Base.queue_adapter = :test
+ActionMailer::Base.delivery_method = :test
+
+module OTP::JWT::FactoryHelpers
+  # Creates an user
+  #
+  # @return [User]
+  def create_user
+    User.create!(
+      full_name: FFaker::Name.name,
+      email: FFaker::Internet.email,
+      phone_number: FFaker::PhoneNumber.phone_number
+    )
+  end
+end
+
+module Rails4RequestMethods
+  [:get, :post, :put, :delete].each do |method_name|
+    define_method(method_name) do |path, named_args|
+      super(
+        path,
+        named_args.delete(:params),
+        named_args.delete(:headers)
+      )
+    end
+  end
+end
+
+RSpec.configure do |config|
+  config.use_transactional_fixtures = true
+  config.mock_with :rspec
+  config.filter_run_when_matching :focus
+  config.disable_monkey_patching!
+
+  config.expect_with :rspec do |c|
+    c.syntax = :expect
+  end
+
+  config.include OTP::JWT::TestHelpers, type: :model
+  config.include OTP::JWT::FactoryHelpers, type: :model
+  config.include ActiveJob::TestHelper, type: :model
+
+  config.include OTP::JWT::TestHelpers, type: :request
+  config.include OTP::JWT::FactoryHelpers, type: :request
+  config.include ActiveJob::TestHelper, type: :request
+  config.include Dummy.routes.url_helpers, type: :request
+
+  if ::Rails::VERSION::MAJOR == 4
+    config.include Rails4RequestMethods, type: :request
+    config.include Rails4RequestMethods, type: :controller
+  end
+end

data/spec/tokens_controller_spec.rb

@@ -0,0 +1,50 @@
+require 'spec_helper'
+
+RSpec.describe TokensController, type: :request do
+  let(:user) { create_user }
+  let(:params) { }
+
+  around do |examp|
+    perform_enqueued_jobs(&examp)
+  end
+
+  before do
+    ActionMailer::Base.deliveries.clear
+    ActiveJob::Base.queue_adapter.performed_jobs.clear
+    post(tokens_path, params: params.to_json, headers: json_headers)
+  end
+
+  it { expect(response).to have_http_status(:forbidden) }
+
+  context 'with good email and no otp' do
+    let(:params) { { email: user.email } }
+
+    it do
+      expect(response).to have_http_status(:bad_request)
+
+      mail = ActionMailer::Base.deliveries.last
+      expect(mail.subject).to eq(OTP::Mailer.default[:subject])
+    end
+  end
+
+  context 'with good email and bad otp' do
+    let(:params) { { email: user.email, otp: FFaker::Internet.password } }
+
+    it do
+      expect(response).to have_http_status(:forbidden)
+      expect(ActionMailer::Base.deliveries.size).to eq(0)
+    end
+  end
+
+  context 'with good email and good otp' do
+    let(:params) { { email: user.email, otp: user.otp } }
+
+    it do
+      expect(response).to have_http_status(:created)
+      expect(User.from_jwt(response_json['token'])).to eq(user)
+      expect(ActionMailer::Base.deliveries.size).to eq(0)
+
+      expect(user.reload.last_login_at).not_to be_blank
+    end
+  end
+end

data/spec/user_spec.rb

@@ -0,0 +1,63 @@
+require 'spec_helper'
+
+RSpec.describe User, type: :model do
+  let(:user) { create_user }
+
+  it { expect(User.new.otp_secret).not_to be_blank }
+  it { expect(User.new.deliver_otp).to be_blank }
+  it { expect(User.new.otp).to be_blank }
+
+  describe '#from_jwt' do
+    let(:token) { user.to_jwt }
+
+    it do
+      expect(User.from_jwt(token)).to eq(user)
+    end
+
+    context 'with a cast-able subject value' do
+      let(:token) { OTP::JWT::Token.sign(sub: user.id.to_s + '_text') }
+
+      it do
+        expect(User.from_jwt(token)).to be_nil
+      end
+    end
+
+    context 'with a custom claim name' do
+      let(:claim_value) { FFaker::Internet.password }
+      let(:token) { user.to_jwt(my_claim_name: claim_value) }
+
+      it do
+        expect(OTP::JWT::Token.decode(token)['my_claim_name'])
+          .to eq(claim_value)
+        expect(User.from_jwt(token, 'my_claim_name')).to be_nil
+      end
+    end
+  end
+
+  describe '#otp' do
+    it do
+      expect { user.otp }.to change(user, :otp_counter).by(1)
+    end
+
+    context 'without a secret' do
+      it do
+        user.update_column(:otp_secret, nil)
+        expect(user.otp).to be_nil
+      end
+    end
+  end
+
+  describe '#verify_otp' do
+    it 'increments the otp counter after verification' do
+      expect(user.verify_otp(user.otp)).to be_truthy
+      expect { user.verify_otp(user.otp) }.to change(user, :otp_counter).by(2)
+    end
+
+    context 'without a secret' do
+      it do
+        user.update_column(:otp_secret, nil)
+        expect(user.verify_otp(rand(1000..2000).to_s)).to be_nil
+      end
+    end
+  end
+end

data/spec/users_controller_spec.rb

@@ -0,0 +1,23 @@
+require 'spec_helper'
+
+RSpec.describe UsersController, type: :request do
+  let(:user) { nil }
+
+  before do
+    get(users_path, headers: jwt_auth_header(user))
+  end
+
+  it { expect(response).to have_http_status(:unauthorized) }
+
+  context 'with known subject token' do
+    let(:user) { create_user }
+
+    it { expect(response).to have_http_status(:ok) }
+  end
+
+  context 'with bad subject' do
+    let(:user) { FFaker::Internet.password }
+
+    it { expect(response).to have_http_status(:unauthorized) }
+  end
+end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: otp-jwt
 version: !ruby/object:Gem::Version
-  version: 0.2.1
+  version: 0.2.6
 platform: ruby
 authors:
 - Stas Suscov
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2019-04-18 00:00:00.000000000 Z
+date: 2021-01-09 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: activesupport
@@ -30,28 +30,28 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 2.2.0.pre.beta.0
+        version: '2'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 2.2.0.pre.beta.0
+        version: '2'
 - !ruby/object:Gem::Dependency
   name: rotp
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '4.1'
+        version: '6'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '4.1'
+        version: '6'
 - !ruby/object:Gem::Dependency
   name: bundler
   requirement: !ruby/object:Gem::Requirement
@@ -108,6 +108,20 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: '0'
+- !ruby/object:Gem::Dependency
+  name: rubocop
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
 - !ruby/object:Gem::Dependency
   name: rubocop-performance
   requirement: !ruby/object:Gem::Requirement
@@ -168,16 +182,30 @@ dependencies:
   name: sqlite3
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: tzinfo-data
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
       - !ruby/object:Gem::Version
-        version: 1.3.6
+        version: '0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: 1.3.6
+        version: '0'
 - !ruby/object:Gem::Dependency
   name: yardstick
   requirement: !ruby/object:Gem::Requirement
@@ -199,15 +227,8 @@ executables: []
 extensions: []
 extra_rdoc_files: []
 files:
-- ".github/main.workflow"
-- ".gitignore"
-- ".rspec"
-- ".rubocop.yml"
-- ".yardstick.yml"
-- Gemfile
-- Gemfile.lock
+- LICENSE.txt
 - README.md
-- Rakefile
 - lib/otp.rb
 - lib/otp/active_record.rb
 - lib/otp/jwt.rb
@@ -219,10 +240,15 @@ files:
 - lib/otp/mailer.rb
 - lib/otp/mailer/otp.text.erb
 - lib/otp/sms_job.rb
-- otp-jwt.gemspec
+- spec/dummy.rb
+- spec/otp/jwt/token_spec.rb
+- spec/spec_helper.rb
+- spec/tokens_controller_spec.rb
+- spec/user_spec.rb
+- spec/users_controller_spec.rb
 homepage: https://github.com/stas/otp-jwt
 licenses:
-- TBD
+- MIT
 metadata: {}
 post_install_message: 
 rdoc_options: []
@@ -239,8 +265,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubyforge_project: 
-rubygems_version: 2.5.2.2
+rubygems_version: 3.2.3
 signing_key: 
 specification_version: 4
 summary: Passwordless HTTP APIs

data/.github/main.workflow

@@ -1,30 +0,0 @@
-workflow "Tests" {
-  on = "push"
-  resolves = [
-    "rspec-ruby2.6_rails4",
-    "rspec-ruby2.6_rails5"
-  ]
-}
-
-action "rspec-ruby2.6_rails4" {
-  uses = "docker://ruby:2.6-alpine"
-  env = {
-    RAILS_VERSION = "~> 4"
-  }
-  args = [
-    "sh", "-c",
-    "apk add -U git build-base sqlite-dev && rm Gemfile.lock && bundle install && rake"
-  ]
-}
-
-action "rspec-ruby2.6_rails5" {
-  uses = "docker://ruby:2.6-alpine"
-  needs = ["rspec-ruby2.6_rails4"]
-  env = {
-    RAILS_VERSION = "~> 5"
-  }
-  args = [
-    "sh", "-c",
-    "apk add -U git build-base sqlite-dev && rm Gemfile.lock && bundle install && rake"
-  ]
-}

data/.gitignore

@@ -1,2 +0,0 @@
-coverage
-pkg

data/.rspec

@@ -1,3 +0,0 @@
---format documentation
---color
---require spec_helper

data/.rubocop.yml

@@ -1,46 +0,0 @@
-inherit_gem:
-  rubocop-rails_config:
-    - config/rails.yml
-
-require:
-  - rubocop-performance
-  - rubocop-rspec
-
-Rails:
-  Enabled: true
-
-RSpec:
-  Enabled: true
-
-RSpec/MultipleExpectations:
-  Enabled: false
-
-Performance:
-  Enabled: true
-
-Bundler:
-  Enabled: true
-
-Gemspec:
-  Enabled: true
-
-Style/StringLiterals:
-  Enabled: true
-  EnforcedStyle: single_quotes
-
-Style/FrozenStringLiteralComment:
-  Enabled: false
-
-Metrics/LineLength:
-  Max: 80
-
-Metrics/BlockLength:
-  Exclude:
-    - 'spec/**/*_spec.rb'
-    - '**/*.gemspec'
-
-Layout/IndentationConsistency:
-  EnforcedStyle: normal
-
-Style/BlockDelimiters:
-  Enabled: true

data/.yardstick.yml

@@ -1,29 +0,0 @@
----
-path: ['lib/**/*.rb']
-threshold: 100
-rules:
-  ApiTag::Presence:
-    enabled: false
-  ApiTag::Inclusion:
-    enabled: false
-  ApiTag::ProtectedMethod:
-    enabled: false
-  ApiTag::PrivateMethod:
-    enabled: false
-  ExampleTag:
-    enabled: false
-  ReturnTag:
-    enabled: true
-    exclude: []
-  Summary::Presence:
-    enabled: true
-    exclude: []
-  Summary::Length:
-    enabled: true
-    exclude: []
-  Summary::Delimiter:
-    enabled: true
-    exclude: []
-  Summary::SingleLine:
-    enabled: true
-    exclude: []

data/Gemfile

@@ -1,6 +0,0 @@
-source 'https://rubygems.org'
-
-# Specify your gem's dependencies in otp-jwt.gemspec
-gemspec
-
-gem 'rails', ENV['RAILS_VERSION']

data/Gemfile.lock

@@ -1,197 +0,0 @@
-PATH
-  remote: .
-  specs:
-    otp-jwt (0.2.1)
-      activesupport
-      jwt (~> 2.2.0.pre.beta.0)
-      rotp (~> 4.1)
-
-GEM
-  remote: https://rubygems.org/
-  specs:
-    actioncable (5.2.3)
-      actionpack (= 5.2.3)
-      nio4r (~> 2.0)
-      websocket-driver (>= 0.6.1)
-    actionmailer (5.2.3)
-      actionpack (= 5.2.3)
-      actionview (= 5.2.3)
-      activejob (= 5.2.3)
-      mail (~> 2.5, >= 2.5.4)
-      rails-dom-testing (~> 2.0)
-    actionpack (5.2.3)
-      actionview (= 5.2.3)
-      activesupport (= 5.2.3)
-      rack (~> 2.0)
-      rack-test (>= 0.6.3)
-      rails-dom-testing (~> 2.0)
-      rails-html-sanitizer (~> 1.0, >= 1.0.2)
-    actionview (5.2.3)
-      activesupport (= 5.2.3)
-      builder (~> 3.1)
-      erubi (~> 1.4)
-      rails-dom-testing (~> 2.0)
-      rails-html-sanitizer (~> 1.0, >= 1.0.3)
-    activejob (5.2.3)
-      activesupport (= 5.2.3)
-      globalid (>= 0.3.6)
-    activemodel (5.2.3)
-      activesupport (= 5.2.3)
-    activerecord (5.2.3)
-      activemodel (= 5.2.3)
-      activesupport (= 5.2.3)
-      arel (>= 9.0)
-    activestorage (5.2.3)
-      actionpack (= 5.2.3)
-      activerecord (= 5.2.3)
-      marcel (~> 0.3.1)
-    activesupport (5.2.3)
-      concurrent-ruby (~> 1.0, >= 1.0.2)
-      i18n (>= 0.7, < 2)
-      minitest (~> 5.1)
-      tzinfo (~> 1.1)
-    addressable (2.6.0)
-      public_suffix (>= 2.0.2, < 4.0)
-    arel (9.0.0)
-    ast (2.4.0)
-    builder (3.2.3)
-    concurrent-ruby (1.1.5)
-    crass (1.0.4)
-    diff-lcs (1.3)
-    docile (1.3.1)
-    erubi (1.8.0)
-    ffaker (2.10.0)
-    globalid (0.4.2)
-      activesupport (>= 4.2.0)
-    i18n (1.6.0)
-      concurrent-ruby (~> 1.0)
-    jaro_winkler (1.5.2)
-    json (2.2.0)
-    jwt (2.2.0.pre.beta.0)
-    loofah (2.2.3)
-      crass (~> 1.0.2)
-      nokogiri (>= 1.5.9)
-    mail (2.7.1)
-      mini_mime (>= 0.1.1)
-    marcel (0.3.3)
-      mimemagic (~> 0.3.2)
-    method_source (0.9.2)
-    mimemagic (0.3.3)
-    mini_mime (1.0.1)
-    mini_portile2 (2.4.0)
-    minitest (5.11.3)
-    nio4r (2.3.1)
-    nokogiri (1.10.2)
-      mini_portile2 (~> 2.4.0)
-    parallel (1.16.2)
-    parser (2.6.2.0)
-      ast (~> 2.4.0)
-    psych (3.1.0)
-    public_suffix (3.0.3)
-    rack (2.0.6)
-    rack-test (1.1.0)
-      rack (>= 1.0, < 3)
-    rails (5.2.3)
-      actioncable (= 5.2.3)
-      actionmailer (= 5.2.3)
-      actionpack (= 5.2.3)
-      actionview (= 5.2.3)
-      activejob (= 5.2.3)
-      activemodel (= 5.2.3)
-      activerecord (= 5.2.3)
-      activestorage (= 5.2.3)
-      activesupport (= 5.2.3)
-      bundler (>= 1.3.0)
-      railties (= 5.2.3)
-      sprockets-rails (>= 2.0.0)
-    rails-dom-testing (2.0.3)
-      activesupport (>= 4.2.0)
-      nokogiri (>= 1.6)
-    rails-html-sanitizer (1.0.4)
-      loofah (~> 2.2, >= 2.2.2)
-    railties (5.2.3)
-      actionpack (= 5.2.3)
-      activesupport (= 5.2.3)
-      method_source
-      rake (>= 0.8.7)
-      thor (>= 0.19.0, < 2.0)
-    rainbow (3.0.0)
-    rake (12.3.2)
-    rotp (4.1.0)
-      addressable (~> 2.5)
-    rspec-core (3.8.0)
-      rspec-support (~> 3.8.0)
-    rspec-expectations (3.8.2)
-      diff-lcs (>= 1.2.0, < 2.0)
-      rspec-support (~> 3.8.0)
-    rspec-mocks (3.8.0)
-      diff-lcs (>= 1.2.0, < 2.0)
-      rspec-support (~> 3.8.0)
-    rspec-rails (3.8.2)
-      actionpack (>= 3.0)
-      activesupport (>= 3.0)
-      railties (>= 3.0)
-      rspec-core (~> 3.8.0)
-      rspec-expectations (~> 3.8.0)
-      rspec-mocks (~> 3.8.0)
-      rspec-support (~> 3.8.0)
-    rspec-support (3.8.0)
-    rubocop (0.66.0)
-      jaro_winkler (~> 1.5.1)
-      parallel (~> 1.10)
-      parser (>= 2.5, != 2.5.1.1)
-      psych (>= 3.1.0)
-      rainbow (>= 2.2.2, < 4.0)
-      ruby-progressbar (~> 1.7)
-      unicode-display_width (>= 1.4.0, < 1.6)
-    rubocop-performance (1.0.0)
-      rubocop (>= 0.58.0)
-    rubocop-rails_config (0.4.4)
-      railties (>= 3.0)
-      rubocop (~> 0.58)
-    rubocop-rspec (1.32.0)
-      rubocop (>= 0.60.0)
-    ruby-progressbar (1.10.0)
-    simplecov (0.16.1)
-      docile (~> 1.1)
-      json (>= 1.8, < 3)
-      simplecov-html (~> 0.10.0)
-    simplecov-html (0.10.2)
-    sprockets (3.7.2)
-      concurrent-ruby (~> 1.0)
-      rack (> 1, < 3)
-    sprockets-rails (3.2.1)
-      actionpack (>= 4.0)
-      activesupport (>= 4.0)
-      sprockets (>= 3.0.0)
-    sqlite3 (1.3.13)
-    thor (0.20.3)
-    thread_safe (0.3.6)
-    tzinfo (1.2.5)
-      thread_safe (~> 0.1)
-    unicode-display_width (1.5.0)
-    websocket-driver (0.7.0)
-      websocket-extensions (>= 0.1.0)
-    websocket-extensions (0.1.3)
-    yard (0.9.18)
-    yardstick (0.9.9)
-      yard (~> 0.8, >= 0.8.7.2)
-
-PLATFORMS
-  ruby
-
-DEPENDENCIES
-  bundler
-  ffaker
-  otp-jwt!
-  rails
-  rspec-rails
-  rubocop-performance
-  rubocop-rails_config
-  rubocop-rspec
-  simplecov
-  sqlite3 (~> 1.3.6)
-  yardstick
-
-BUNDLED WITH
-   1.17.3

data/Rakefile

@@ -1,30 +0,0 @@
-require 'bundler/gem_tasks'
-require 'rspec/core/rake_task'
-require 'rubocop/rake_task'
-require 'yaml'
-require 'yardstick'
-
-desc('Documentation stats and measurements')
-task('qa:docs') do
-  yaml = YAML.load_file(File.expand_path('../.yardstick.yml', __FILE__))
-  config = Yardstick::Config.coerce(yaml)
-  measure = Yardstick.measure(config)
-  measure.puts
-  coverage = Yardstick.round_percentage(measure.coverage * 100)
-  exit(1) if coverage < config.threshold
-end
-
-desc('Codestyle check and linter')
-RuboCop::RakeTask.new('qa:code') do |task|
-  task.fail_on_error = true
-  task.patterns = [
-    'lib/**/*.rb',
-    'spec/**/*.rb'
-  ]
-end
-
-desc('Run CI QA tasks')
-task(qa: ['qa:docs', 'qa:code'])
-
-RSpec::Core::RakeTask.new(spec: :qa)
-task(default: :spec)

data/otp-jwt.gemspec

@@ -1,36 +0,0 @@
-lib = File.expand_path('../lib', __FILE__)
-$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
-
-require 'otp/jwt/version'
-
-Gem::Specification.new do |spec|
-  spec.name          = 'otp-jwt'
-  spec.version       = OTP::JWT::VERSION
-  spec.authors       = ['Stas Suscov']
-  spec.email         = ['stas@nerd.ro']
-
-  spec.summary       = 'Passwordless HTTP APIs'
-  spec.description   = 'OTP (email, SMS) JWT authentication for HTTP APIs.'
-  spec.homepage      = 'https://github.com/stas/otp-jwt'
-  spec.license       = 'TBD'
-
-  spec.files         = Dir.chdir(File.expand_path('..', __FILE__)) do
-    `git ls-files -z`.split("\x0").reject { |f| f.match(%r{^(spec)/}) }
-  end
-  spec.require_paths = ['lib']
-
-  spec.add_dependency 'activesupport'
-  spec.add_dependency 'jwt', '~> 2.2.0.pre.beta.0'
-  spec.add_dependency 'rotp', '~> 4.1'
-
-  spec.add_development_dependency 'bundler'
-  spec.add_development_dependency 'ffaker'
-  spec.add_development_dependency 'rails'
-  spec.add_development_dependency 'rspec-rails'
-  spec.add_development_dependency 'rubocop-performance'
-  spec.add_development_dependency 'rubocop-rails_config'
-  spec.add_development_dependency 'rubocop-rspec'
-  spec.add_development_dependency 'simplecov'
-  spec.add_development_dependency 'sqlite3', '~> 1.3.6'
-  spec.add_development_dependency 'yardstick'
-end