rack-authentication_bearer 1.0.0 → 2.0.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +5 -5
- data/lib/rack/authentication_bearer.rb +22 -27
- data/lib/rack/authentication_bearer/invalid_bearer_token_error.rb +15 -0
- data/lib/rack/authentication_bearer/missing_bearer_token_error.rb +15 -0
- data/lib/rack/authentication_bearer/version.rb +1 -1
- data/spec/lib/rack/authentication_bearer_spec.rb +35 -16
- data/spec/spec_helper.rb +1 -3
- metadata +10 -24
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
|
-
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
2
|
+
SHA256:
|
|
3
|
+
metadata.gz: 3bfef1eb0eaf10a966794d416a5536c96b406f717d45a57466ff608cf5b56f38
|
|
4
|
+
data.tar.gz: db6d7f17f8ade3e6e1086ed460b4f5518b4211d22745cfb844074a9886f6ad6c
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 82003422eb4add5675de7441b1fef5079bf643851cdfa5dc6d698957c838f73c96c1c5cf1a30aad77b33eeef502e6188583f9dfbb4eb4e7ccd17e060600cb7f4
|
|
7
|
+
data.tar.gz: 61d3040df5765dd1815e1cd0d4ce2b6a0880399e3feedadd3395fb4a28dff6b0a98562370a6c51a363c39772d36ba4accf0ab161646cb8004b72933a8b02d971
|
|
@@ -1,13 +1,19 @@
|
|
|
1
1
|
module Rack
|
|
2
2
|
class AuthenticationBearer
|
|
3
3
|
require_relative "authentication_bearer/version"
|
|
4
|
-
|
|
4
|
+
require_relative "authentication_bearer/invalid_bearer_token_error"
|
|
5
|
+
require_relative "authentication_bearer/missing_bearer_token_error"
|
|
6
|
+
PATTERN = /^Bearer ([\w\d\.~\+\/]+=*)/
|
|
5
7
|
RACK_KEY = "rack.authentication"
|
|
6
8
|
AUTHENTICATION_KEY = "HTTP_AUTHENTICATION"
|
|
7
9
|
AUTHORIZATION_KEY = "HTTP_AUTHORIZATION"
|
|
8
10
|
|
|
9
11
|
attr_reader :process
|
|
10
12
|
private :process
|
|
13
|
+
attr_reader :state
|
|
14
|
+
private :state
|
|
15
|
+
attr_reader :stack
|
|
16
|
+
private :stack
|
|
11
17
|
|
|
12
18
|
def initialize(stack, &process)
|
|
13
19
|
@stack = stack
|
|
@@ -17,43 +23,32 @@ module Rack
|
|
|
17
23
|
def call(previous_state)
|
|
18
24
|
@state = previous_state
|
|
19
25
|
|
|
20
|
-
|
|
21
|
-
|
|
22
|
-
|
|
23
|
-
state
|
|
26
|
+
return stack.call(state) unless state
|
|
27
|
+
return stack.call(state) unless process
|
|
28
|
+
unless present?
|
|
29
|
+
return stack.call(state.merge(RACK_KEY => Rack::AuthenticationBearer::MissingBearerTokenError))
|
|
24
30
|
end
|
|
25
|
-
|
|
26
|
-
|
|
27
|
-
end
|
|
28
|
-
|
|
29
|
-
private def token
|
|
30
|
-
if authentication.respond_to?(:split) && authentication.length > 0
|
|
31
|
-
authentication.split(EXPRESSION).last
|
|
31
|
+
unless matches?
|
|
32
|
+
return stack.call(state.merge(RACK_KEY => Rack::AuthenticationBearer::InvalidBearerTokenError))
|
|
32
33
|
end
|
|
33
|
-
end
|
|
34
|
-
|
|
35
|
-
private def authentication
|
|
36
|
-
state[AUTHENTICATION_KEY] || state[AUTHORIZATION_KEY]
|
|
37
|
-
end
|
|
38
34
|
|
|
39
|
-
|
|
40
|
-
@stack
|
|
35
|
+
stack.call(state.merge(RACK_KEY => process.call(shared)))
|
|
41
36
|
end
|
|
42
37
|
|
|
43
|
-
private def
|
|
44
|
-
|
|
38
|
+
private def shared
|
|
39
|
+
value.match(PATTERN)[1]
|
|
45
40
|
end
|
|
46
41
|
|
|
47
|
-
private def
|
|
48
|
-
@
|
|
42
|
+
private def value
|
|
43
|
+
@value ||= state[AUTHENTICATION_KEY] || state[AUTHORIZATION_KEY]
|
|
49
44
|
end
|
|
50
45
|
|
|
51
|
-
private def
|
|
52
|
-
|
|
46
|
+
private def present?
|
|
47
|
+
value.respond_to?(:length) && value.length > 0
|
|
53
48
|
end
|
|
54
49
|
|
|
55
|
-
private def
|
|
56
|
-
|
|
50
|
+
private def matches?
|
|
51
|
+
value.respond_to?(:match) && value.respond_to?(:length) && value.length > 0 && value.match?(PATTERN)
|
|
57
52
|
end
|
|
58
53
|
end
|
|
59
54
|
end
|
|
@@ -0,0 +1,15 @@
|
|
|
1
|
+
module Rack
|
|
2
|
+
class AuthenticationBearer
|
|
3
|
+
class InvalidBearerTokenError < StandardError
|
|
4
|
+
STATUS = 422
|
|
5
|
+
|
|
6
|
+
def initialize(message = nil)
|
|
7
|
+
@message = message || "The Authentication header value was malformed."
|
|
8
|
+
end
|
|
9
|
+
|
|
10
|
+
def status
|
|
11
|
+
self.const_get("STATUS")
|
|
12
|
+
end
|
|
13
|
+
end
|
|
14
|
+
end
|
|
15
|
+
end
|
|
@@ -0,0 +1,15 @@
|
|
|
1
|
+
module Rack
|
|
2
|
+
class AuthenticationBearer
|
|
3
|
+
class MissingBearerTokenError < StandardError
|
|
4
|
+
STATUS = 422
|
|
5
|
+
|
|
6
|
+
def initialize(message = nil)
|
|
7
|
+
@message = message || "The Authentication header value was missing."
|
|
8
|
+
end
|
|
9
|
+
|
|
10
|
+
def status
|
|
11
|
+
self.const_get("STATUS")
|
|
12
|
+
end
|
|
13
|
+
end
|
|
14
|
+
end
|
|
15
|
+
end
|
|
@@ -1,24 +1,43 @@
|
|
|
1
1
|
require "spec_helper"
|
|
2
2
|
|
|
3
3
|
describe Rack::AuthenticationBearer do
|
|
4
|
-
let(:
|
|
5
|
-
let(:
|
|
6
|
-
let(:
|
|
7
|
-
let(:status) { 200 }
|
|
8
|
-
let(:headers) do
|
|
9
|
-
{
|
|
10
|
-
"REQUEST_METHOD" => verb,
|
|
11
|
-
"Content-Type" => "text/plain",
|
|
12
|
-
"Content-Length" => "0"
|
|
13
|
-
}
|
|
14
|
-
end
|
|
15
|
-
let(:body) { "" }
|
|
16
|
-
|
|
17
|
-
before(:each) do
|
|
18
|
-
allow(application).to receive(:call).and_return([status, headers, body])
|
|
19
|
-
end
|
|
4
|
+
let(:stack) { ->(a) { a } }
|
|
5
|
+
let(:process) { ->(b) { Base64.urlsafe_decode64(b) } }
|
|
6
|
+
let(:middleware) { described_class.new(stack, &process) }
|
|
20
7
|
|
|
21
8
|
describe "#call" do
|
|
9
|
+
let(:call) { middleware.call(previous_state) }
|
|
10
|
+
|
|
11
|
+
context "when the Authorization key exists and the value is valid" do
|
|
12
|
+
let(:previous_state) { {"HTTP_AUTHORIZATION" => "Bearer #{Base64.urlsafe_encode64("This Is A Secret")}"} }
|
|
13
|
+
|
|
14
|
+
it "sets the rack.authentication key with the decoded value" do
|
|
15
|
+
expect(call).to include({"rack.authentication"=> "This Is A Secret"})
|
|
16
|
+
end
|
|
17
|
+
end
|
|
18
|
+
|
|
19
|
+
context "when the Authorization key exists and the value is invalid" do
|
|
20
|
+
let(:previous_state) { {"HTTP_AUTHORIZATION" => "Bearer "} }
|
|
21
|
+
|
|
22
|
+
it "sets the key to an exception" do
|
|
23
|
+
expect(call).to include("rack.authentication" => Rack::AuthenticationBearer::InvalidBearerTokenError)
|
|
24
|
+
end
|
|
25
|
+
|
|
26
|
+
it "does not call the process" do
|
|
27
|
+
expect(process).to_not receive(:call)
|
|
28
|
+
end
|
|
29
|
+
end
|
|
30
|
+
|
|
31
|
+
context "when the Authorization key does not exist" do
|
|
32
|
+
let(:previous_state) { {} }
|
|
33
|
+
|
|
34
|
+
it "sets the key to an exception" do
|
|
35
|
+
expect(call).to include("rack.authentication" => Rack::AuthenticationBearer::MissingBearerTokenError)
|
|
36
|
+
end
|
|
22
37
|
|
|
38
|
+
it "does not call the process" do
|
|
39
|
+
expect(process).to_not receive(:call)
|
|
40
|
+
end
|
|
41
|
+
end
|
|
23
42
|
end
|
|
24
43
|
end
|
data/spec/spec_helper.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: rack-authentication_bearer
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version:
|
|
4
|
+
version: 2.0.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
|
-
- Kurtis Rainbolt-Greene
|
|
7
|
+
- Kurtis Rainbolt-Greene <kurtis@rainbolt-greene.online>
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date:
|
|
11
|
+
date: 2018-02-09 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: bundler
|
|
@@ -44,14 +44,14 @@ dependencies:
|
|
|
44
44
|
requirements:
|
|
45
45
|
- - "~>"
|
|
46
46
|
- !ruby/object:Gem::Version
|
|
47
|
-
version: '
|
|
47
|
+
version: '12.3'
|
|
48
48
|
type: :development
|
|
49
49
|
prerelease: false
|
|
50
50
|
version_requirements: !ruby/object:Gem::Requirement
|
|
51
51
|
requirements:
|
|
52
52
|
- - "~>"
|
|
53
53
|
- !ruby/object:Gem::Version
|
|
54
|
-
version: '
|
|
54
|
+
version: '12.3'
|
|
55
55
|
- !ruby/object:Gem::Dependency
|
|
56
56
|
name: pry
|
|
57
57
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -80,34 +80,21 @@ dependencies:
|
|
|
80
80
|
- - "~>"
|
|
81
81
|
- !ruby/object:Gem::Version
|
|
82
82
|
version: '0.6'
|
|
83
|
-
- !ruby/object:Gem::Dependency
|
|
84
|
-
name: codeclimate-test-reporter
|
|
85
|
-
requirement: !ruby/object:Gem::Requirement
|
|
86
|
-
requirements:
|
|
87
|
-
- - "~>"
|
|
88
|
-
- !ruby/object:Gem::Version
|
|
89
|
-
version: '0.4'
|
|
90
|
-
type: :development
|
|
91
|
-
prerelease: false
|
|
92
|
-
version_requirements: !ruby/object:Gem::Requirement
|
|
93
|
-
requirements:
|
|
94
|
-
- - "~>"
|
|
95
|
-
- !ruby/object:Gem::Version
|
|
96
|
-
version: '0.4'
|
|
97
83
|
description: Middleware for handling Bearer type Authentication
|
|
98
|
-
email:
|
|
99
|
-
- me@kurtisrainboltgreene.name
|
|
84
|
+
email:
|
|
100
85
|
executables: []
|
|
101
86
|
extensions: []
|
|
102
87
|
extra_rdoc_files: []
|
|
103
88
|
files:
|
|
104
89
|
- lib/rack-authentication_bearer.rb
|
|
105
90
|
- lib/rack/authentication_bearer.rb
|
|
91
|
+
- lib/rack/authentication_bearer/invalid_bearer_token_error.rb
|
|
92
|
+
- lib/rack/authentication_bearer/missing_bearer_token_error.rb
|
|
106
93
|
- lib/rack/authentication_bearer/version.rb
|
|
107
94
|
- spec/lib/rack/authentication_bearer/version_spec.rb
|
|
108
95
|
- spec/lib/rack/authentication_bearer_spec.rb
|
|
109
96
|
- spec/spec_helper.rb
|
|
110
|
-
homepage:
|
|
97
|
+
homepage: https://github.com/krainboltgreene/rack-authentication_bearer.rb
|
|
111
98
|
licenses:
|
|
112
99
|
- MIT
|
|
113
100
|
metadata: {}
|
|
@@ -127,7 +114,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
127
114
|
version: '0'
|
|
128
115
|
requirements: []
|
|
129
116
|
rubyforge_project:
|
|
130
|
-
rubygems_version: 2.
|
|
117
|
+
rubygems_version: 2.7.4
|
|
131
118
|
signing_key:
|
|
132
119
|
specification_version: 4
|
|
133
120
|
summary: Middleware for handling Bearer type Authentication
|
|
@@ -135,4 +122,3 @@ test_files:
|
|
|
135
122
|
- spec/lib/rack/authentication_bearer/version_spec.rb
|
|
136
123
|
- spec/lib/rack/authentication_bearer_spec.rb
|
|
137
124
|
- spec/spec_helper.rb
|
|
138
|
-
has_rdoc:
|