rack-jwt-auth 0.0.2 → 0.0.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/rack/jwt/auth/authenticate.rb +7 -1
- data/lib/rack/jwt/auth/version.rb +1 -1
- data/spec/authenticate_options_spec.rb +82 -0
- data/spec/authenticate_spec.rb +4 -30
- metadata +5 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: d6a2052e477acf5027ed8dedce21869b2780c497
|
|
4
|
+
data.tar.gz: b3103b770c27029fc0c6d9eb865d8d8c8a2577cf
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 049bc6f3a49f25795a765ce22415378d46a79458de78d7c1f4096e4a2cf077e3e6546d95fcb31f69ac23892eb520bac0c0ba4a405298163de95dd68b51cdb96c
|
|
7
|
+
data.tar.gz: bbd0aa5a7f5d032c1c7cedf4b9e209110e267df9745bc4649b79d67bc03d401613181589be80a8df462824eabb1aa5b8a5ba56a874a5b698861932f04a816ef6
|
|
@@ -11,6 +11,8 @@ module Rack
|
|
|
11
11
|
raise 'Secret must be provided' if opts[:secret].nil?
|
|
12
12
|
|
|
13
13
|
@secret = opts[:secret]
|
|
14
|
+
|
|
15
|
+
@authenticated_routes = compile_paths(opts[:only])
|
|
14
16
|
@unauthenticated_routes = compile_paths(opts[:except])
|
|
15
17
|
end
|
|
16
18
|
|
|
@@ -24,7 +26,11 @@ module Rack
|
|
|
24
26
|
private
|
|
25
27
|
|
|
26
28
|
def authenticated_route?(env)
|
|
27
|
-
|
|
29
|
+
if @authenticated_routes.length > 0
|
|
30
|
+
@authenticated_routes.find { |route| route =~ env['PATH_INFO'] }
|
|
31
|
+
else
|
|
32
|
+
!@unauthenticated_routes.find { |route| route =~ env['PATH_INFO'] }
|
|
33
|
+
end
|
|
28
34
|
end
|
|
29
35
|
|
|
30
36
|
def with_authorization(env)
|
|
@@ -0,0 +1,82 @@
|
|
|
1
|
+
require 'spec_helper'
|
|
2
|
+
|
|
3
|
+
describe Rack::Jwt::Auth::Authenticate do
|
|
4
|
+
include Rack::Test::Methods
|
|
5
|
+
|
|
6
|
+
let(:issuer) { Rack::Jwt::Auth::AuthToken }
|
|
7
|
+
|
|
8
|
+
context "Except routes" do
|
|
9
|
+
|
|
10
|
+
let(:app) do
|
|
11
|
+
main_app = lambda { |env| [200, env, ['Hello']] }
|
|
12
|
+
Rack::Jwt::Auth::Authenticate.new(main_app, {except: ['/not_authenticated', '/not_authenticated/*'], secret: 'supertestsecret'})
|
|
13
|
+
end
|
|
14
|
+
|
|
15
|
+
it 'returns 200 ok if the request is for a route that is not authenticated' do
|
|
16
|
+
get('/not_authenticated')
|
|
17
|
+
|
|
18
|
+
expect(last_response.status).to eql(200)
|
|
19
|
+
expect(last_response.body).to eql('Hello')
|
|
20
|
+
|
|
21
|
+
get('/not_authenticated/other')
|
|
22
|
+
|
|
23
|
+
expect(last_response.status).to eql(200)
|
|
24
|
+
expect(last_response.body).to eql('Hello')
|
|
25
|
+
|
|
26
|
+
get('/not_authenticated/other/test')
|
|
27
|
+
|
|
28
|
+
expect(last_response.status).to eql(200)
|
|
29
|
+
expect(last_response.body).to eql('Hello')
|
|
30
|
+
end
|
|
31
|
+
|
|
32
|
+
it 'returns 401 ok if the request is for a route that is authenticated' do
|
|
33
|
+
get('/authenticated')
|
|
34
|
+
expect(last_response.status).to eql(401)
|
|
35
|
+
|
|
36
|
+
get('/authenticated/other')
|
|
37
|
+
expect(last_response.status).to eql(401)
|
|
38
|
+
|
|
39
|
+
get('/authenticated/other/test')
|
|
40
|
+
expect(last_response.status).to eql(401)
|
|
41
|
+
end
|
|
42
|
+
|
|
43
|
+
end
|
|
44
|
+
|
|
45
|
+
context "Only routes" do
|
|
46
|
+
|
|
47
|
+
let(:app) do
|
|
48
|
+
main_app = lambda { |env| [200, env, ['Hello']] }
|
|
49
|
+
Rack::Jwt::Auth::Authenticate.new(main_app, {only: ['/authenticated', '/authenticated/*'], secret: 'supertestsecret'})
|
|
50
|
+
end
|
|
51
|
+
|
|
52
|
+
it 'returns 200 ok if the request is for a route that is not authenticated' do
|
|
53
|
+
get('/not_authenticated')
|
|
54
|
+
|
|
55
|
+
expect(last_response.status).to eql(200)
|
|
56
|
+
expect(last_response.body).to eql('Hello')
|
|
57
|
+
|
|
58
|
+
get('/not_authenticated/other')
|
|
59
|
+
|
|
60
|
+
expect(last_response.status).to eql(200)
|
|
61
|
+
expect(last_response.body).to eql('Hello')
|
|
62
|
+
|
|
63
|
+
get('/not_authenticated/other/test')
|
|
64
|
+
|
|
65
|
+
expect(last_response.status).to eql(200)
|
|
66
|
+
expect(last_response.body).to eql('Hello')
|
|
67
|
+
end
|
|
68
|
+
|
|
69
|
+
it 'returns 401 ok if the request is for a route that is authenticated' do
|
|
70
|
+
get('/authenticated')
|
|
71
|
+
expect(last_response.status).to eql(401)
|
|
72
|
+
|
|
73
|
+
get('/authenticated/other')
|
|
74
|
+
expect(last_response.status).to eql(401)
|
|
75
|
+
|
|
76
|
+
get('/authenticated/other/test')
|
|
77
|
+
expect(last_response.status).to eql(401)
|
|
78
|
+
end
|
|
79
|
+
|
|
80
|
+
end
|
|
81
|
+
|
|
82
|
+
end
|
data/spec/authenticate_spec.rb
CHANGED
|
@@ -7,23 +7,14 @@ describe Rack::Jwt::Auth::Authenticate do
|
|
|
7
7
|
|
|
8
8
|
let(:app) do
|
|
9
9
|
main_app = lambda { |env| [200, env, ['Hello']] }
|
|
10
|
-
Rack::Jwt::Auth::Authenticate.new(main_app, {
|
|
10
|
+
Rack::Jwt::Auth::Authenticate.new(main_app, {secret: 'supertestsecret'})
|
|
11
11
|
end
|
|
12
12
|
|
|
13
|
-
it '
|
|
14
|
-
|
|
15
|
-
get('/', {}, {'HTTP_AUTHORIZATION' => token})
|
|
16
|
-
|
|
17
|
-
expect(last_response.status).to eql(200)
|
|
18
|
-
expect(last_response.body).to eql('Hello')
|
|
19
|
-
|
|
20
|
-
session = last_response.header['rack.jwt.session'][0]
|
|
21
|
-
|
|
22
|
-
expect(session['user_id']).to eql(1)
|
|
23
|
-
expect(session['username']).to eql('test')
|
|
13
|
+
it 'raises an exception if no secret if provided' do
|
|
14
|
+
expect{ Rack::Jwt::Auth::Authenticate.new(main_app, {}) }.to raise_error
|
|
24
15
|
end
|
|
25
16
|
|
|
26
|
-
it '
|
|
17
|
+
it 'returns 200 ok if the request is authenticated' do
|
|
27
18
|
token = issuer.issue_token({user_id: 1, username: 'test'}, 'supertestsecret')
|
|
28
19
|
get('/', {}, {'HTTP_AUTHORIZATION' => token})
|
|
29
20
|
|
|
@@ -51,21 +42,4 @@ describe Rack::Jwt::Auth::Authenticate do
|
|
|
51
42
|
expect(last_response.body).to eql('Invalid Authorization')
|
|
52
43
|
end
|
|
53
44
|
|
|
54
|
-
it 'returns 200 ok if the request is for a route that is not authorized' do
|
|
55
|
-
get('/not_authenticated')
|
|
56
|
-
|
|
57
|
-
expect(last_response.status).to eql(200)
|
|
58
|
-
expect(last_response.body).to eql('Hello')
|
|
59
|
-
|
|
60
|
-
get('/not_authenticated/other')
|
|
61
|
-
|
|
62
|
-
expect(last_response.status).to eql(200)
|
|
63
|
-
expect(last_response.body).to eql('Hello')
|
|
64
|
-
|
|
65
|
-
get('/not_authenticated/other/test')
|
|
66
|
-
|
|
67
|
-
expect(last_response.status).to eql(200)
|
|
68
|
-
expect(last_response.body).to eql('Hello')
|
|
69
|
-
end
|
|
70
|
-
|
|
71
45
|
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: rack-jwt-auth
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.0.
|
|
4
|
+
version: 0.0.3
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- João Almeida
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2014-
|
|
11
|
+
date: 2014-11-28 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: jwt
|
|
@@ -98,6 +98,7 @@ files:
|
|
|
98
98
|
- lib/rack/jwt/auth/version.rb
|
|
99
99
|
- rack-jwt-auth.gemspec
|
|
100
100
|
- spec/auth_token_spec.rb
|
|
101
|
+
- spec/authenticate_options_spec.rb
|
|
101
102
|
- spec/authenticate_spec.rb
|
|
102
103
|
- spec/spec_helper.rb
|
|
103
104
|
homepage: ''
|
|
@@ -126,5 +127,7 @@ specification_version: 4
|
|
|
126
127
|
summary: Rack jwt auth middleware
|
|
127
128
|
test_files:
|
|
128
129
|
- spec/auth_token_spec.rb
|
|
130
|
+
- spec/authenticate_options_spec.rb
|
|
129
131
|
- spec/authenticate_spec.rb
|
|
130
132
|
- spec/spec_helper.rb
|
|
133
|
+
has_rdoc:
|