prx_auth 1.7.1 → 1.8.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.git-blame-ignore-revs +2 -0
- data/.github/workflows/check-project-std.yml +21 -0
- data/Gemfile +1 -1
- data/Guardfile +5 -5
- data/Rakefile +5 -5
- data/lib/prx_auth/resource_map.rb +46 -35
- data/lib/prx_auth/scope_list.rb +26 -26
- data/lib/prx_auth/version.rb +1 -1
- data/lib/prx_auth.rb +3 -3
- data/lib/rack/prx_auth/auth_validator.rb +6 -7
- data/lib/rack/prx_auth/certificate.rb +9 -11
- data/lib/rack/prx_auth/token_data.rb +25 -12
- data/lib/rack/prx_auth.rb +11 -11
- data/prx_auth.gemspec +24 -23
- data/test/prx_auth/resource_map_test.rb +80 -68
- data/test/prx_auth/scope_list_test.rb +53 -55
- data/test/rack/prx_auth/auth_validator_test.rb +49 -50
- data/test/rack/prx_auth/certificate_test.rb +28 -28
- data/test/rack/prx_auth/token_data_test.rb +80 -43
- data/test/rack/prx_auth_test.rb +23 -23
- data/test/test_helper.rb +9 -7
- metadata +53 -16
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 80b52f104115aa7226438db0566660e430cec97a304798bf2098467d69a73547
|
4
|
+
data.tar.gz: a40db03c0c4a4f529231a8d7f63c80a8c6c50b5f7010c6cc84d6d63f399e5752
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: cb2093473b3f817c9e0b7edf4eacd9427d3efa30d3338c344956a64c004876b788e1342615f72d20f2fcfd7e3ff79a1247180da65c9691c30a960dbafd7b0e2d
|
7
|
+
data.tar.gz: ed0ee1c6557b1a5420e9f6e195067de9b5440175c59cb8d6708f668464e86018c89d162d146b8e92fddf5c81594aedc86011d4c48a670796a9b989a62af81026
|
@@ -0,0 +1,21 @@
|
|
1
|
+
name: Check project standards
|
2
|
+
|
3
|
+
on:
|
4
|
+
push
|
5
|
+
jobs:
|
6
|
+
lint:
|
7
|
+
runs-on: ubuntu-latest
|
8
|
+
env:
|
9
|
+
RAILS_ENV: test
|
10
|
+
steps:
|
11
|
+
- name: Checkout code
|
12
|
+
uses: actions/checkout@v3
|
13
|
+
with:
|
14
|
+
fetch-depth: 0
|
15
|
+
- name: Install Ruby and gems
|
16
|
+
uses: ruby/setup-ruby@v1
|
17
|
+
with:
|
18
|
+
ruby-version: '3.0'
|
19
|
+
bundler-cache: true
|
20
|
+
- name: Lint Ruby files
|
21
|
+
run: bundle exec standardrb
|
data/Gemfile
CHANGED
data/Guardfile
CHANGED
@@ -1,8 +1,8 @@
|
|
1
1
|
guard :minitest, all_after_pass: true do
|
2
|
-
watch(%r{^test/(.*)
|
3
|
-
watch(%r{^lib/(.*/)?([^/]+)\.rb})
|
4
|
-
watch(%r{^lib/(.+)\.rb})
|
5
|
-
watch(%r{^lib/(.+)\.rb})
|
2
|
+
watch(%r{^test/(.*)/?test_(.*)\.rb})
|
3
|
+
watch(%r{^lib/(.*/)?([^/]+)\.rb}) { |m| "test/#{m[1]}test_#{m[2]}.rb" }
|
4
|
+
watch(%r{^lib/(.+)\.rb}) { |m| "test/#{m[1]}_test.rb" }
|
5
|
+
watch(%r{^lib/(.+)\.rb}) { |m| "test/#{m[1]}_test.rb" }
|
6
6
|
watch(%r{^test/.+_test\.rb})
|
7
|
-
watch(%r{^test/test_helper\.rb})
|
7
|
+
watch(%r{^test/test_helper\.rb}) { "test" }
|
8
8
|
end
|
data/Rakefile
CHANGED
@@ -1,10 +1,10 @@
|
|
1
|
-
require
|
2
|
-
require
|
3
|
-
require
|
1
|
+
require "bundler/gem_tasks"
|
2
|
+
require "rake"
|
3
|
+
require "rake/testtask"
|
4
4
|
|
5
5
|
Rake::TestTask.new do |t|
|
6
|
-
t.libs <<
|
7
|
-
t.pattern =
|
6
|
+
t.libs << "test"
|
7
|
+
t.pattern = "test/**/*test.rb"
|
8
8
|
end
|
9
9
|
|
10
10
|
task default: :test
|
@@ -1,32 +1,30 @@
|
|
1
1
|
module PrxAuth
|
2
2
|
class ResourceMap < Hash
|
3
|
-
WILDCARD_KEY =
|
3
|
+
WILDCARD_KEY = "*"
|
4
4
|
|
5
5
|
def initialize(mapped_values)
|
6
6
|
super() do |hash, key|
|
7
7
|
if key == WILDCARD_KEY
|
8
8
|
@wildcard
|
9
|
-
else
|
10
|
-
nil
|
11
9
|
end
|
12
10
|
end
|
13
11
|
input = mapped_values.clone
|
14
|
-
@wildcard = ScopeList.new(input.delete(WILDCARD_KEY)||
|
12
|
+
@wildcard = ScopeList.new(input.delete(WILDCARD_KEY) || "")
|
15
13
|
input.each do |(key, values)|
|
16
14
|
self[key.to_s] = ScopeList.new(values)
|
17
15
|
end
|
18
16
|
end
|
19
17
|
|
20
|
-
def contains?(resource, namespace=nil, scope=nil)
|
18
|
+
def contains?(resource, namespace = nil, scope = nil)
|
21
19
|
resource = resource.to_s
|
22
20
|
|
23
21
|
if resource == WILDCARD_KEY
|
24
22
|
raise ArgumentError if namespace.nil?
|
25
|
-
|
23
|
+
|
26
24
|
@wildcard.contains?(namespace, scope)
|
27
25
|
else
|
28
26
|
mapped_resource = self[resource]
|
29
|
-
|
27
|
+
|
30
28
|
if mapped_resource && !namespace.nil?
|
31
29
|
mapped_resource.contains?(namespace, scope) || @wildcard.contains?(namespace, scope)
|
32
30
|
elsif !namespace.nil?
|
@@ -45,37 +43,50 @@ module PrxAuth
|
|
45
43
|
super(key.to_s, value)
|
46
44
|
end
|
47
45
|
|
46
|
+
def except!(*keys)
|
47
|
+
keys.each { |key| delete(key.to_s) }
|
48
|
+
self
|
49
|
+
end
|
50
|
+
|
51
|
+
def except(*keys)
|
52
|
+
dup.except!(*keys)
|
53
|
+
end
|
54
|
+
|
55
|
+
def empty?
|
56
|
+
@wildcard.empty? && (super || values.all?(&:empty?))
|
57
|
+
end
|
58
|
+
|
48
59
|
def condense
|
49
60
|
condensed_wildcard = @wildcard.condense
|
50
|
-
condensed_map =
|
61
|
+
condensed_map = map do |resource, list|
|
51
62
|
[resource, (list - condensed_wildcard).condense]
|
52
|
-
end
|
63
|
+
end.to_h
|
53
64
|
ResourceMap.new(condensed_map.merge(WILDCARD_KEY => condensed_wildcard))
|
54
65
|
end
|
55
66
|
|
56
|
-
def +(
|
67
|
+
def +(other)
|
57
68
|
result = {}
|
58
|
-
(resources +
|
69
|
+
(resources + other.resources + [WILDCARD_KEY]).uniq.each do |resource|
|
59
70
|
list_a = list_for_resource(resource)
|
60
|
-
list_b =
|
71
|
+
list_b = other.list_for_resource(resource)
|
61
72
|
result[resource] = if list_a.nil?
|
62
|
-
|
63
|
-
|
64
|
-
|
65
|
-
|
66
|
-
|
67
|
-
|
73
|
+
list_b
|
74
|
+
elsif list_b.nil?
|
75
|
+
list_a
|
76
|
+
else
|
77
|
+
list_a + list_b
|
78
|
+
end
|
68
79
|
end
|
69
80
|
|
70
81
|
ResourceMap.new(result).condense
|
71
82
|
end
|
72
83
|
|
73
|
-
def -(
|
84
|
+
def -(other)
|
74
85
|
result = {}
|
75
|
-
other_wildcard =
|
86
|
+
other_wildcard = other.list_for_resource(WILDCARD_KEY) || PrxAuth::ScopeList.new("")
|
76
87
|
|
77
88
|
resources.each do |resource|
|
78
|
-
result[resource] = list_for_resource(resource) - (other_wildcard +
|
89
|
+
result[resource] = list_for_resource(resource) - (other_wildcard + other.list_for_resource(resource))
|
79
90
|
end
|
80
91
|
|
81
92
|
if @wildcard.length
|
@@ -85,21 +96,21 @@ module PrxAuth
|
|
85
96
|
ResourceMap.new(result)
|
86
97
|
end
|
87
98
|
|
88
|
-
def &(
|
99
|
+
def &(other)
|
89
100
|
result = {}
|
90
|
-
other_wildcard =
|
91
|
-
|
92
|
-
(resources +
|
101
|
+
other_wildcard = other.list_for_resource(WILDCARD_KEY)
|
102
|
+
|
103
|
+
(resources + other.resources).uniq.each do |res|
|
93
104
|
left = list_for_resource(res)
|
94
|
-
right =
|
105
|
+
right = other.list_for_resource(res)
|
95
106
|
|
96
107
|
result[res] = if left.nil?
|
97
|
-
|
98
|
-
|
99
|
-
|
100
|
-
|
101
|
-
|
102
|
-
|
108
|
+
right & @wildcard
|
109
|
+
elsif right.nil?
|
110
|
+
left & other_wildcard
|
111
|
+
else
|
112
|
+
(left + @wildcard) & (right + other_wildcard)
|
113
|
+
end
|
103
114
|
end
|
104
115
|
|
105
116
|
if @wildcard.length > 0
|
@@ -109,11 +120,11 @@ module PrxAuth
|
|
109
120
|
ResourceMap.new(result).condense
|
110
121
|
end
|
111
122
|
|
112
|
-
def as_json(opts={})
|
113
|
-
super(opts).merge(@wildcard.length > 0 ? {WILDCARD_KEY => @wildcard}.as_json(opts) : {})
|
123
|
+
def as_json(opts = {})
|
124
|
+
super(opts).merge((@wildcard.length > 0) ? {WILDCARD_KEY => @wildcard}.as_json(opts) : {})
|
114
125
|
end
|
115
126
|
|
116
|
-
def resources(namespace=nil, scope=nil)
|
127
|
+
def resources(namespace = nil, scope = nil)
|
117
128
|
if namespace.nil?
|
118
129
|
keys
|
119
130
|
else
|
data/lib/prx_auth/scope_list.rb
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
module PrxAuth
|
2
2
|
class ScopeList < Array
|
3
|
-
SCOPE_SEPARATOR =
|
4
|
-
NAMESPACE_SEPARATOR =
|
3
|
+
SCOPE_SEPARATOR = " "
|
4
|
+
NAMESPACE_SEPARATOR = ":"
|
5
5
|
NO_NAMESPACE = :_
|
6
6
|
|
7
7
|
Entry = Struct.new(:namespace, :scope, :string)
|
8
8
|
|
9
9
|
class Entry
|
10
|
-
def ==(
|
11
|
-
namespace ==
|
10
|
+
def ==(other)
|
11
|
+
namespace == other.namespace && scope == other.scope
|
12
12
|
end
|
13
13
|
|
14
14
|
def to_s
|
@@ -21,21 +21,21 @@ module PrxAuth
|
|
21
21
|
|
22
22
|
def unnamespaced
|
23
23
|
if namespaced?
|
24
|
-
Entry.new(NO_NAMESPACE, scope, string.split(
|
24
|
+
Entry.new(NO_NAMESPACE, scope, string.split(":").last)
|
25
25
|
else
|
26
26
|
self
|
27
27
|
end
|
28
28
|
end
|
29
29
|
|
30
30
|
def inspect
|
31
|
-
"#<ScopeList::Entry \"#{
|
31
|
+
"#<ScopeList::Entry \"#{self}\">"
|
32
32
|
end
|
33
33
|
end
|
34
34
|
|
35
35
|
def self.new(list)
|
36
36
|
case list
|
37
37
|
when PrxAuth::ScopeList then list
|
38
|
-
when Array then super(list.join(
|
38
|
+
when Array then super(list.join(" "))
|
39
39
|
else super(list)
|
40
40
|
end
|
41
41
|
end
|
@@ -54,15 +54,15 @@ module PrxAuth
|
|
54
54
|
end
|
55
55
|
end
|
56
56
|
|
57
|
-
def contains?(namespace, scope=nil)
|
57
|
+
def contains?(namespace, scope = nil)
|
58
58
|
entries = if scope.nil?
|
59
|
-
|
60
|
-
|
61
|
-
|
62
|
-
|
63
|
-
|
64
|
-
|
65
|
-
|
59
|
+
scope, namespace = namespace, NO_NAMESPACE
|
60
|
+
[Entry.new(namespace, symbolize(scope), nil)]
|
61
|
+
else
|
62
|
+
scope = symbolize(scope)
|
63
|
+
namespace = symbolize(namespace)
|
64
|
+
[Entry.new(namespace, scope, nil), Entry.new(NO_NAMESPACE, scope, nil)]
|
65
|
+
end
|
66
66
|
|
67
67
|
entries.any? do |possible_match|
|
68
68
|
include?(possible_match)
|
@@ -92,18 +92,18 @@ module PrxAuth
|
|
92
92
|
end
|
93
93
|
end
|
94
94
|
|
95
|
-
def as_json(opts=())
|
95
|
+
def as_json(opts = ()) # standard:disable Lint/EmptyExpression
|
96
96
|
to_s.as_json(opts)
|
97
97
|
end
|
98
98
|
|
99
|
-
def -(
|
100
|
-
return self if
|
99
|
+
def -(other)
|
100
|
+
return self if other.nil?
|
101
101
|
|
102
102
|
tripped = false
|
103
103
|
result = []
|
104
104
|
|
105
105
|
each do |entry|
|
106
|
-
if
|
106
|
+
if other.include?(entry) || other.include?(entry.unnamespaced)
|
107
107
|
tripped = true
|
108
108
|
else
|
109
109
|
result << entry
|
@@ -117,16 +117,16 @@ module PrxAuth
|
|
117
117
|
end
|
118
118
|
end
|
119
119
|
|
120
|
-
def +(
|
121
|
-
return self if
|
120
|
+
def +(other)
|
121
|
+
return self if other.nil?
|
122
122
|
|
123
|
-
ScopeList.new([to_s,
|
123
|
+
ScopeList.new([to_s, other.to_s].join(SCOPE_SEPARATOR)).condense
|
124
124
|
end
|
125
125
|
|
126
|
-
def &(
|
127
|
-
return ScopeList.new(
|
126
|
+
def &(other)
|
127
|
+
return ScopeList.new("") if other.nil?
|
128
128
|
|
129
|
-
self - (self -
|
129
|
+
self - (self - other) + (other - (other - self))
|
130
130
|
end
|
131
131
|
|
132
132
|
def ==(other)
|
@@ -138,7 +138,7 @@ module PrxAuth
|
|
138
138
|
def symbolize(value)
|
139
139
|
case value
|
140
140
|
when Symbol then value
|
141
|
-
when String then value.downcase.
|
141
|
+
when String then value.downcase.tr("-", "_").intern
|
142
142
|
else symbolize value.to_s
|
143
143
|
end
|
144
144
|
end
|
data/lib/prx_auth/version.rb
CHANGED
data/lib/prx_auth.rb
CHANGED
@@ -1,3 +1,3 @@
|
|
1
|
-
require
|
2
|
-
require
|
3
|
-
require
|
1
|
+
require "prx_auth/resource_map"
|
2
|
+
require "prx_auth/scope_list"
|
3
|
+
require "prx_auth/version"
|
@@ -1,9 +1,8 @@
|
|
1
|
-
require
|
1
|
+
require "json/jwt"
|
2
2
|
|
3
3
|
module Rack
|
4
4
|
class PrxAuth
|
5
5
|
class AuthValidator
|
6
|
-
|
7
6
|
attr_reader :issuer, :token
|
8
7
|
|
9
8
|
def initialize(token, certificate = nil, issuer = nil)
|
@@ -40,18 +39,18 @@ module Rack
|
|
40
39
|
|
41
40
|
def time_to_live
|
42
41
|
now = Time.now.to_i
|
43
|
-
if claims[
|
42
|
+
if claims["exp"].nil?
|
44
43
|
0
|
45
|
-
elsif claims[
|
46
|
-
claims[
|
44
|
+
elsif claims["iat"].nil? || claims["iat"] <= claims["exp"]
|
45
|
+
claims["exp"] - now
|
47
46
|
else
|
48
47
|
# malformed - exp is a num-seconds offset from issued-at-time
|
49
|
-
(claims[
|
48
|
+
(claims["iat"] + claims["exp"]) - now
|
50
49
|
end
|
51
50
|
end
|
52
51
|
|
53
52
|
def token_issuer_matches?
|
54
|
-
claims[
|
53
|
+
claims["iss"] == @issuer
|
55
54
|
end
|
56
55
|
end
|
57
56
|
end
|
@@ -1,11 +1,11 @@
|
|
1
|
-
require
|
2
|
-
require
|
1
|
+
require "json/jwt"
|
2
|
+
require "net/http"
|
3
3
|
|
4
4
|
module Rack
|
5
5
|
class PrxAuth
|
6
6
|
class Certificate
|
7
7
|
EXPIRES_IN = 43200
|
8
|
-
DEFAULT_CERT_LOC = URI(
|
8
|
+
DEFAULT_CERT_LOC = URI("https://id.prx.org/api/v1/certs")
|
9
9
|
|
10
10
|
attr_reader :cert_location
|
11
11
|
|
@@ -15,13 +15,11 @@ module Rack
|
|
15
15
|
end
|
16
16
|
|
17
17
|
def valid?(token)
|
18
|
-
|
19
|
-
|
20
|
-
|
21
|
-
|
22
|
-
|
23
|
-
true
|
24
|
-
end
|
18
|
+
JSON::JWT.decode(token, public_key)
|
19
|
+
rescue JSON::JWT::VerificationFailed
|
20
|
+
false
|
21
|
+
else
|
22
|
+
true
|
25
23
|
end
|
26
24
|
|
27
25
|
private
|
@@ -39,7 +37,7 @@ module Rack
|
|
39
37
|
|
40
38
|
def fetch
|
41
39
|
certs = JSON.parse(Net::HTTP.get(cert_location))
|
42
|
-
cert_string = certs[
|
40
|
+
cert_string = certs["certificates"].values[0]
|
43
41
|
@refresh_at = Time.now.to_i + EXPIRES_IN
|
44
42
|
OpenSSL::X509::Certificate.new(cert_string)
|
45
43
|
end
|
@@ -1,4 +1,4 @@
|
|
1
|
-
require
|
1
|
+
require "prx_auth/resource_map"
|
2
2
|
|
3
3
|
module Rack
|
4
4
|
class PrxAuth
|
@@ -8,28 +8,28 @@ module Rack
|
|
8
8
|
def initialize(attrs = {})
|
9
9
|
@attributes = attrs
|
10
10
|
|
11
|
-
@authorized_resources = ::PrxAuth::ResourceMap.new(unpack_aur(attrs[
|
12
|
-
|
13
|
-
if attrs[
|
14
|
-
|
11
|
+
@authorized_resources = ::PrxAuth::ResourceMap.new(unpack_aur(attrs["aur"])).freeze
|
12
|
+
|
13
|
+
@scopes = if attrs["scope"]
|
14
|
+
attrs["scope"].split(" ").freeze
|
15
15
|
else
|
16
|
-
|
16
|
+
[].freeze
|
17
17
|
end
|
18
18
|
end
|
19
19
|
|
20
|
-
def resources(namespace=nil, scope=nil)
|
20
|
+
def resources(namespace = nil, scope = nil)
|
21
21
|
@authorized_resources.resources(namespace, scope)
|
22
22
|
end
|
23
23
|
|
24
24
|
def user_id
|
25
|
-
@attributes[
|
25
|
+
@attributes["sub"]
|
26
26
|
end
|
27
27
|
|
28
|
-
def authorized?(resource, namespace=nil, scope=nil)
|
28
|
+
def authorized?(resource, namespace = nil, scope = nil)
|
29
29
|
@authorized_resources.contains?(resource, namespace, scope)
|
30
30
|
end
|
31
31
|
|
32
|
-
def globally_authorized?(namespace, scope=nil)
|
32
|
+
def globally_authorized?(namespace, scope = nil)
|
33
33
|
authorized?(::PrxAuth::ResourceMap::WILDCARD_KEY, namespace, scope)
|
34
34
|
end
|
35
35
|
|
@@ -37,14 +37,27 @@ module Rack
|
|
37
37
|
resources(::PrxAuth::Rails.configuration.namespace, scope).map(&:to_i)
|
38
38
|
end
|
39
39
|
|
40
|
+
def except!(*resources)
|
41
|
+
@authorized_resources = @authorized_resources.except(*resources)
|
42
|
+
self
|
43
|
+
end
|
44
|
+
|
45
|
+
def except(*resources)
|
46
|
+
dup.except!(*resources)
|
47
|
+
end
|
48
|
+
|
49
|
+
def empty_resources?
|
50
|
+
@authorized_resources.empty?
|
51
|
+
end
|
52
|
+
|
40
53
|
private
|
41
54
|
|
42
55
|
def unpack_aur(aur)
|
43
56
|
return {} if aur.nil?
|
44
57
|
|
45
58
|
aur.clone.tap do |result|
|
46
|
-
unless result[
|
47
|
-
result.delete(
|
59
|
+
unless result["$"].nil?
|
60
|
+
result.delete("$").each do |role, resources|
|
48
61
|
resources.each do |res|
|
49
62
|
result[res.to_s] = role
|
50
63
|
end
|
data/lib/rack/prx_auth.rb
CHANGED
@@ -1,17 +1,17 @@
|
|
1
|
-
require
|
2
|
-
require
|
3
|
-
require
|
4
|
-
require
|
5
|
-
require
|
1
|
+
require "json/jwt"
|
2
|
+
require "rack/prx_auth/certificate"
|
3
|
+
require "rack/prx_auth/token_data"
|
4
|
+
require "rack/prx_auth/auth_validator"
|
5
|
+
require "prx_auth"
|
6
6
|
|
7
7
|
module Rack
|
8
8
|
class PrxAuth
|
9
9
|
INVALID_TOKEN = [
|
10
|
-
401, {
|
11
|
-
[{status: 401, error:
|
10
|
+
401, {"Content-Type" => "application/json"},
|
11
|
+
[{status: 401, error: "Invalid JSON Web Token"}.to_json]
|
12
12
|
]
|
13
13
|
|
14
|
-
DEFAULT_ISS =
|
14
|
+
DEFAULT_ISS = "id.prx.org"
|
15
15
|
|
16
16
|
attr_reader :issuer
|
17
17
|
|
@@ -26,16 +26,16 @@ module Rack
|
|
26
26
|
end
|
27
27
|
|
28
28
|
def call(env)
|
29
|
-
return @app.call(env) unless env[
|
29
|
+
return @app.call(env) unless env["HTTP_AUTHORIZATION"]
|
30
30
|
|
31
|
-
token = env[
|
31
|
+
token = env["HTTP_AUTHORIZATION"].split[1]
|
32
32
|
|
33
33
|
auth_validator = build_auth_validator(token)
|
34
34
|
|
35
35
|
return @app.call(env) unless should_validate_token?(auth_validator)
|
36
36
|
|
37
37
|
if auth_validator.valid?
|
38
|
-
env[
|
38
|
+
env["prx.auth"] = TokenData.new(auth_validator.claims)
|
39
39
|
@app.call(env)
|
40
40
|
else
|
41
41
|
INVALID_TOKEN
|
data/prx_auth.gemspec
CHANGED
@@ -1,32 +1,33 @@
|
|
1
|
-
|
2
|
-
lib = File.expand_path('../lib', __FILE__)
|
1
|
+
lib = File.expand_path("../lib", __FILE__)
|
3
2
|
$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
|
4
|
-
require
|
3
|
+
require "prx_auth/version"
|
5
4
|
|
6
5
|
Gem::Specification.new do |spec|
|
7
|
-
spec.name
|
8
|
-
spec.version
|
9
|
-
spec.authors
|
10
|
-
spec.email
|
11
|
-
spec.summary
|
12
|
-
spec.description
|
13
|
-
spec.homepage
|
14
|
-
spec.license
|
6
|
+
spec.name = "prx_auth"
|
7
|
+
spec.version = PrxAuth::VERSION
|
8
|
+
spec.authors = ["Eve Asher", "Chris Rhoden"]
|
9
|
+
spec.email = ["eve@prx.org", "carhoden@gmail.com"]
|
10
|
+
spec.summary = "Utilites for parsing PRX JWTs and Rack middleware that verifies and attaches the token's claims to env."
|
11
|
+
spec.description = "Specific to PRX. Will ignore tokens that were not issued by PRX."
|
12
|
+
spec.homepage = "https://github.com/PRX/prx_auth"
|
13
|
+
spec.license = "MIT"
|
15
14
|
|
16
|
-
spec.files
|
17
|
-
spec.executables
|
18
|
-
spec.test_files = spec.files.grep(%r{^test/})
|
15
|
+
spec.files = `git ls-files -z`.split("\x0")
|
16
|
+
spec.executables = spec.files.grep(%r{^bin/}) { |f| File.basename(f) }
|
19
17
|
spec.require_paths = ["lib"]
|
20
18
|
|
21
|
-
spec.required_ruby_version =
|
19
|
+
spec.required_ruby_version = ">= 2.3"
|
22
20
|
|
23
|
-
spec.add_development_dependency
|
24
|
-
spec.add_development_dependency
|
25
|
-
spec.add_development_dependency
|
26
|
-
spec.add_development_dependency
|
27
|
-
spec.add_development_dependency
|
21
|
+
spec.add_development_dependency "bundler", "~> 2.0"
|
22
|
+
spec.add_development_dependency "rake", "~> 12.3.3"
|
23
|
+
spec.add_development_dependency "coveralls", "~> 0"
|
24
|
+
spec.add_development_dependency "guard"
|
25
|
+
spec.add_development_dependency "guard-minitest"
|
26
|
+
spec.add_development_dependency "pry"
|
27
|
+
spec.add_development_dependency "pry-byebug"
|
28
|
+
spec.add_development_dependency "standard"
|
28
29
|
|
29
|
-
spec.add_dependency
|
30
|
-
spec.add_dependency
|
31
|
-
spec.add_dependency
|
30
|
+
spec.add_dependency "rack", ">= 1.5.2"
|
31
|
+
spec.add_dependency "json", ">= 1.8.1"
|
32
|
+
spec.add_dependency "json-jwt", ">= 1.12.0"
|
32
33
|
end
|