philiprehberger-jwt_kit 0.5.0 → 0.6.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +6 -0
- data/README.md +13 -0
- data/lib/philiprehberger/jwt_kit/version.rb +1 -1
- data/lib/philiprehberger/jwt_kit.rb +17 -0
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: '09b9eb684b43c1e022244bc53c710d7ac590f454dde228d2bc2cf7ba6217810e'
|
|
4
|
+
data.tar.gz: 78e35b5e7712bde020b168ea4ba9077b2fc12c0735a967042339aab148b24254
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 41bbac9795276d4770337b6b71d660a53fc7ddee64460acb262fa302c40845e798af3db2889ada71ff1149e957283671d2fabf1ef98fcc1ceb98cf1b9ba8f2bd
|
|
7
|
+
data.tar.gz: 3d74d20e81228260558cb80a2cb69b2986f9c276798a1cec102fbe41abc41311b123e204683354b2bbf8810d917fb79dfce24ab2c3d90cc88f4743180f8d85f3
|
data/CHANGELOG.md
CHANGED
|
@@ -7,6 +7,12 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
|
|
|
7
7
|
|
|
8
8
|
## [Unreleased]
|
|
9
9
|
|
|
10
|
+
## [0.6.0] - 2026-05-31
|
|
11
|
+
|
|
12
|
+
### Added
|
|
13
|
+
- `JwtKit.time_to_expiry(token)` returns the seconds remaining until the token's `exp` claim. Negative for already-expired tokens; `nil` for malformed tokens or tokens without a numeric `exp`. Pairs with `expired?` for pre-emptive refresh scheduling.
|
|
14
|
+
- README now includes the standard package card image after the badges.
|
|
15
|
+
|
|
10
16
|
## [0.5.0] - 2026-04-26
|
|
11
17
|
|
|
12
18
|
### Added
|
data/README.md
CHANGED
|
@@ -4,6 +4,8 @@
|
|
|
4
4
|
[](https://rubygems.org/gems/philiprehberger-jwt_kit)
|
|
5
5
|
[](https://github.com/philiprehberger/rb-jwt-kit/commits/main)
|
|
6
6
|
|
|
7
|
+
|
|
8
|
+
|
|
7
9
|
Opinionated JWT toolkit for Ruby — secure by default, with support for encoding, validation, refresh tokens, revocation, and key rotation
|
|
8
10
|
|
|
9
11
|
## Requirements
|
|
@@ -117,6 +119,16 @@ Philiprehberger::JwtKit.expired?(token) # => false
|
|
|
117
119
|
# Use to decide whether to refresh before the authoritative decode
|
|
118
120
|
```
|
|
119
121
|
|
|
122
|
+
### Time to Expiry
|
|
123
|
+
|
|
124
|
+
Get the seconds remaining until the token's `exp` claim. Negative when expired, `nil` when the token is malformed or has no numeric `exp`. Useful for scheduling pre-emptive refreshes rather than reacting after the fact:
|
|
125
|
+
|
|
126
|
+
```ruby
|
|
127
|
+
Philiprehberger::JwtKit.time_to_expiry(token) # => 3599
|
|
128
|
+
# refresh when fewer than 60 seconds remain
|
|
129
|
+
Philiprehberger::JwtKit.refresh(refresh_token) if Philiprehberger::JwtKit.time_to_expiry(token).to_i < 60
|
|
130
|
+
```
|
|
131
|
+
|
|
120
132
|
### Audience Validation
|
|
121
133
|
|
|
122
134
|
```ruby
|
|
@@ -224,6 +236,7 @@ Callbacks fire only after a successful operation. Exceptions raised inside a cal
|
|
|
224
236
|
| `JwtKit.revoked?(token)` | Checks if a token has been revoked |
|
|
225
237
|
| `JwtKit.peek(token)` | Decode header and payload without signature verification |
|
|
226
238
|
| `JwtKit.expired?(token)` | Check `exp` claim without verifying the signature |
|
|
239
|
+
| `JwtKit.time_to_expiry(token)` | Seconds remaining until `exp`; negative when expired, nil when unknown |
|
|
227
240
|
| `JwtKit.revocation_store=` | Set a custom revocation store |
|
|
228
241
|
| `MemoryStore#cleanup!(max_age:)` | Remove revocation entries older than max_age seconds |
|
|
229
242
|
| `Configuration#on_encode { \|token, payload\| ... }` | Register a callback fired after a successful encode |
|
|
@@ -73,6 +73,23 @@ module Philiprehberger
|
|
|
73
73
|
true
|
|
74
74
|
end
|
|
75
75
|
|
|
76
|
+
# Seconds remaining until a token's `exp` claim. Does not verify the
|
|
77
|
+
# signature. Returns a negative integer for already-expired tokens and
|
|
78
|
+
# `nil` for malformed tokens or tokens without a numeric `exp` claim.
|
|
79
|
+
# Useful for scheduling a refresh before expiration rather than after.
|
|
80
|
+
#
|
|
81
|
+
# @param token [String] JWT token
|
|
82
|
+
# @return [Integer, nil] seconds remaining, or nil when undeterminable
|
|
83
|
+
def time_to_expiry(token)
|
|
84
|
+
payload = peek(token)[:payload]
|
|
85
|
+
exp = payload['exp']
|
|
86
|
+
return nil unless exp.is_a?(Numeric)
|
|
87
|
+
|
|
88
|
+
exp.to_i - Time.now.to_i
|
|
89
|
+
rescue DecodeError
|
|
90
|
+
nil
|
|
91
|
+
end
|
|
92
|
+
|
|
76
93
|
# Encodes a payload into a signed JWT token.
|
|
77
94
|
#
|
|
78
95
|
# @param payload [Hash] custom claims
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: philiprehberger-jwt_kit
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.6.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Philip Rehberger
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2026-
|
|
11
|
+
date: 2026-06-01 00:00:00.000000000 Z
|
|
12
12
|
dependencies: []
|
|
13
13
|
description: A complete JWT toolkit for Ruby. Encode and decode tokens with automatic
|
|
14
14
|
claim management (exp, iat, iss, jti), generate access/refresh token pairs, validate
|