pusher-platform 0.7.0 → 0.8.0
Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 1e41ca7382c2f692a1d29b1bd0f6663c7527999576a9018edf69b95700517149
|
4
|
+
data.tar.gz: f54842de0b46252cc2fe8321b13aa21e9459f3fc23a57a2c65ff784f14d3b02c
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: efe40b722811a77d902526e9096fa462f0e3563178c24ce62b79a654fea89b8a396f458f19844fb9a336e00659255a737933843f41e9fc53ff1c8fb32568ea21
|
7
|
+
data.tar.gz: d0c897bb31a552d3f20eb5e82677063e45131579f1784f1c3f2f0f42ae74efe04a6290b8a7d058e3ff9289f3ebb1f68ea3eda1d01ad40d8f1dfb362f24061aaa
|
@@ -0,0 +1,28 @@
|
|
1
|
+
module PusherPlatform
|
2
|
+
class AuthenticationResponse
|
3
|
+
attr_reader :status, :headers, :body
|
4
|
+
|
5
|
+
def initialize(options)
|
6
|
+
@status = options[:status]
|
7
|
+
@headers = options[:headers] || {}
|
8
|
+
@body = options[:body]
|
9
|
+
end
|
10
|
+
|
11
|
+
def to_s
|
12
|
+
"PusherPlatform::AuthenticationResponse - status: #{@status} body: #{@body.to_json}"
|
13
|
+
end
|
14
|
+
|
15
|
+
def as_json(options = {})
|
16
|
+
{
|
17
|
+
status: @status,
|
18
|
+
headers: @headers,
|
19
|
+
body: @body
|
20
|
+
}
|
21
|
+
end
|
22
|
+
|
23
|
+
def to_json(*options)
|
24
|
+
as_json(*options).to_json(*options)
|
25
|
+
end
|
26
|
+
|
27
|
+
end
|
28
|
+
end
|
@@ -1,6 +1,7 @@
|
|
1
1
|
require 'jwt'
|
2
2
|
require 'rack'
|
3
|
-
require_relative './
|
3
|
+
require_relative './common'
|
4
|
+
require_relative './authentication_response'
|
4
5
|
|
5
6
|
module PusherPlatform
|
6
7
|
TOKEN_EXPIRY = 24*60*60
|
@@ -13,10 +14,31 @@ module PusherPlatform
|
|
13
14
|
end
|
14
15
|
|
15
16
|
def authenticate(auth_payload, options)
|
16
|
-
|
17
|
+
grant_type = auth_payload['grant_type'] || auth_payload[:grant_type]
|
18
|
+
|
19
|
+
unless grant_type == "client_credentials"
|
20
|
+
return AuthenticationResponse.new({
|
21
|
+
status: 422,
|
22
|
+
body: {
|
23
|
+
error: 'token_provider/invalid_grant_type',
|
24
|
+
error_description: "The grant_type provided, #{grant_type}, is unsupported"
|
25
|
+
}
|
26
|
+
})
|
27
|
+
end
|
28
|
+
|
29
|
+
authenticate_using_client_credentials(options)
|
17
30
|
end
|
18
31
|
|
19
32
|
def authenticate_with_request(request, options)
|
33
|
+
auth_data = Rack::Utils.parse_nested_query request.body.read
|
34
|
+
authenticate(auth_data, options)
|
35
|
+
end
|
36
|
+
|
37
|
+
def authenticate_with_refresh_token(auth_payload, options)
|
38
|
+
authenticate_based_on_grant_type(auth_payload, options)
|
39
|
+
end
|
40
|
+
|
41
|
+
def authenticate_with_refresh_token_and_request(request, options)
|
20
42
|
auth_data = Rack::Utils.parse_nested_query request.body.read
|
21
43
|
authenticate_based_on_grant_type(auth_data, options)
|
22
44
|
end
|
@@ -46,25 +68,38 @@ module PusherPlatform
|
|
46
68
|
grant_type = auth_data['grant_type'] || auth_data[:grant_type]
|
47
69
|
|
48
70
|
if grant_type == "client_credentials"
|
49
|
-
return
|
71
|
+
return authenticate_using_client_credentials(options, true)
|
50
72
|
elsif grant_type == "refresh_token"
|
51
73
|
refresh_token = auth_data['refresh_token'] || auth_data[:refresh_token]
|
52
|
-
return
|
74
|
+
return authenticate_using_refresh_token(refresh_token, options)
|
53
75
|
else
|
54
|
-
|
55
|
-
status:
|
56
|
-
|
57
|
-
|
76
|
+
return AuthenticationResponse.new({
|
77
|
+
status: 422,
|
78
|
+
body: ErrorBody.new({
|
79
|
+
error: 'token_provider/invalid_grant_type',
|
80
|
+
error_description: "The grant_type provided, #{grant_type}, is unsupported"
|
81
|
+
})
|
58
82
|
})
|
59
|
-
return err
|
60
83
|
end
|
61
84
|
end
|
62
85
|
|
63
|
-
def
|
64
|
-
|
86
|
+
def authenticate_using_client_credentials(options, with_refresh_token = false)
|
87
|
+
access_token = generate_access_token(options)[:token]
|
88
|
+
token_payload = {
|
89
|
+
access_token: access_token,
|
90
|
+
token_type: "bearer",
|
91
|
+
expires_in: TOKEN_EXPIRY
|
92
|
+
}
|
93
|
+
|
94
|
+
token_payload[:refresh_token] = generate_refresh_token(options)[:token] if with_refresh_token
|
95
|
+
|
96
|
+
return AuthenticationResponse.new({
|
97
|
+
status: 200,
|
98
|
+
body: token_payload
|
99
|
+
})
|
65
100
|
end
|
66
101
|
|
67
|
-
def
|
102
|
+
def authenticate_using_refresh_token(refresh_token, options)
|
68
103
|
old_refresh_token = begin
|
69
104
|
JWT.decode(refresh_token, @key_secret, true, {
|
70
105
|
iss: "api_keys/#{@key_id}",
|
@@ -76,33 +111,44 @@ module PusherPlatform
|
|
76
111
|
elsif e.is_a?(JWT::ImmatureSignature)
|
77
112
|
"Refresh token is not valid yet"
|
78
113
|
elsif e.is_a?(JWT::ExpiredSignature)
|
79
|
-
"Refresh
|
114
|
+
"Refresh token has expired"
|
80
115
|
else
|
81
116
|
"Refresh token is invalid"
|
82
117
|
end
|
83
118
|
|
84
|
-
|
119
|
+
return AuthenticationResponse.new({
|
85
120
|
status: 401,
|
86
|
-
|
87
|
-
|
121
|
+
body: ErrorBody.new({
|
122
|
+
error: "token_provider/invalid_refresh_token",
|
123
|
+
error_description: error_description
|
124
|
+
})
|
88
125
|
})
|
89
|
-
return err
|
90
126
|
end
|
91
127
|
|
92
128
|
if old_refresh_token["refresh"] != true
|
93
|
-
|
129
|
+
return AuthenticationResponse.new({
|
94
130
|
status: 401,
|
95
|
-
|
96
|
-
|
131
|
+
body: ErrorBody.new({
|
132
|
+
error: "token_provider/invalid_refresh_token",
|
133
|
+
error_description: "Refresh token does not have a refresh claim"
|
134
|
+
})
|
97
135
|
})
|
98
|
-
return err
|
99
136
|
end
|
100
137
|
|
101
138
|
if options[:user_id] != old_refresh_token["sub"]
|
102
|
-
return
|
139
|
+
return AuthenticationResponse.new({
|
140
|
+
status: 401,
|
141
|
+
body: ErrorBody.new({
|
142
|
+
error: "token_provider/invalid_user_id_in_refresh_token",
|
143
|
+
error_description: "Refresh token has an invalid user id"
|
144
|
+
})
|
145
|
+
})
|
103
146
|
end
|
104
147
|
|
105
|
-
return
|
148
|
+
return AuthenticationResponse.new({
|
149
|
+
status: 200,
|
150
|
+
body: new_token_pair(options)
|
151
|
+
})
|
106
152
|
end
|
107
153
|
|
108
154
|
# Creates a payload dictionary made out of access and refresh token pair and TTL for the access token.
|
@@ -1,4 +1,28 @@
|
|
1
1
|
module PusherPlatform
|
2
2
|
class Error < ::StandardError
|
3
3
|
end
|
4
|
+
|
5
|
+
class ErrorBody
|
6
|
+
attr_reader :error, :error_description, :error_uri
|
7
|
+
|
8
|
+
def initialize(options)
|
9
|
+
@error = options[:error]
|
10
|
+
@error_description = options[:error_description]
|
11
|
+
@error_uri = options[:error_uri]
|
12
|
+
end
|
13
|
+
|
14
|
+
def as_json(options = {})
|
15
|
+
json = {
|
16
|
+
error: @error,
|
17
|
+
error_description: @error_description,
|
18
|
+
}
|
19
|
+
json[:error_uri] = @error_uri unless @error_uri.nil?
|
20
|
+
json
|
21
|
+
end
|
22
|
+
|
23
|
+
def to_json(*options)
|
24
|
+
as_json(*options).to_json(*options)
|
25
|
+
end
|
26
|
+
|
27
|
+
end
|
4
28
|
end
|
@@ -60,6 +60,14 @@ module PusherPlatform
|
|
60
60
|
@authenticator.authenticate_with_request(request, options)
|
61
61
|
end
|
62
62
|
|
63
|
+
def authenticate_with_refresh_token(auth_payload, options)
|
64
|
+
@authenticator.authenticate_with_refresh_token(auth_payload, options)
|
65
|
+
end
|
66
|
+
|
67
|
+
def authenticate_with_refresh_token_and_request(auth_payload, options)
|
68
|
+
@authenticator.authenticate_with_refresh_token_and_request(auth_payload, options)
|
69
|
+
end
|
70
|
+
|
63
71
|
def generate_access_token(options)
|
64
72
|
@authenticator.generate_access_token(options)
|
65
73
|
end
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: pusher-platform
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 0.8.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Pusher
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2018-04-
|
11
|
+
date: 2018-04-20 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: excon
|
@@ -65,6 +65,7 @@ extensions: []
|
|
65
65
|
extra_rdoc_files: []
|
66
66
|
files:
|
67
67
|
- lib/pusher-platform.rb
|
68
|
+
- lib/pusher-platform/authentication_response.rb
|
68
69
|
- lib/pusher-platform/authenticator.rb
|
69
70
|
- lib/pusher-platform/base_client.rb
|
70
71
|
- lib/pusher-platform/common.rb
|