RubyGems - rack-jwt - Versions diffs - 0.1.0 - Mend

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (15) hide show

checksums.yaml ADDED Viewed

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: e20bf24155aaeda649c643bde660ed334b5e081d
+  data.tar.gz: 125bff003cd0fc9f3d2ec2feb7fd7d1fa01438bc
+SHA512:
+  metadata.gz: 8ebece61f89d84ae0b61e82a3631a556a09597bbc2e6265eb9beacc6ef958859ceb2f7ab6bcdabf407ee36e97160396ce7db80da7791d611860329560f5c77b7
+  data.tar.gz: 85107621925d5e21c2a8d7d275b429622155a596a49cad78520dcb93f80ba7104ac6e84f4a627095fbb685f74eee28680fc242f7ed91c883c76faa937a69d7b5

data/.gitignore ADDED Viewed

@@ -0,0 +1,14 @@
+/.bundle/
+/.yardoc
+/Gemfile.lock
+/_yardoc/
+/coverage/
+/doc/
+/pkg/
+/spec/reports/
+/tmp/
+*.bundle
+*.so
+*.o
+*.a
+mkmf.log

data/.rspec ADDED Viewed

	@@ -0,0 +1 @@
1	+ --color

data/Gemfile ADDED Viewed

@@ -0,0 +1,4 @@
+source 'https://rubygems.org'
+# Specify your gem's dependencies in rack-jwt.gemspec
+gemspec

data/LICENSE.txt ADDED Viewed

@@ -0,0 +1,22 @@
+Copyright (c) 2015 Mr. Eigenbart
+MIT License
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.md ADDED Viewed

@@ -0,0 +1,48 @@
+# Rack::Jwt
+This gem provides JSON Web Token (JWT) based authentication.
+## Installation
+Add this line to your application's Gemfile:
+```ruby
+gem 'rack-jwt'
+```
+And then execute:
+    $ bundle
+Or install it yourself as:
+    $ gem install rack-jwt
+## Usage
+### sinatra
+```
+use Rack::JWT::Auth secret: 'you_secret_token_goes_here', exclude: ['/api/docs']
+```
+### Rails
+```
+Rails.application.config.middleware.use, Rack::JWT::Auth, secret: Rails.application.secrets.secret_key_base, exclude: ['/api/docs']
+```
+## Generating tokens
+You can generate JSON Wen Tokens for your users using the `Token#encode` method
+```
+Rack::JWT::Token.encode(payload, secret)
+```
+## Contributing
+1. Fork it ( https://github.com/[my-github-username]/rack-jwt/fork )
+2. Create your feature branch (`git checkout -b my-new-feature`)
+3. Commit your changes (`git commit -am 'Add some feature'`)
+4. Push to the branch (`git push origin my-new-feature`)
+5. Create a new Pull Request

data/Rakefile ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ require "bundler/gem_tasks"
2	+

data/lib/rack/jwt/auth.rb ADDED Viewed

@@ -0,0 +1,67 @@
+require 'jwt'
+module Rack
+  module JWT
+    class Auth
+      def initialize(app, opts = {})
+        @app      = app
+        @secret   = opts.fetch(:secret)
+        @exclude  = opts.fetch(:exclude, [])
+      end
+      def call(env)
+        if @exclude.include? env["PATH_INFO"]
+          @app.call(env)
+        elsif env["HTTP_AUTHORIZATION"]
+          begin
+            if env["HTTP_AUTHORIZATION"].split(" ").first != 'Bearer'
+              invalid_auth_header
+            else
+              token = env["HTTP_AUTHORIZATION"].split(" ")[-1]
+              decoded_token = Token.decode(token, @secret)
+              env["jwt.header"]  = decoded_token.last
+              env["jwt.payload"] = decoded_token.first
+              @app.call(env)
+            end
+          rescue
+            unauthorized
+          end
+        else
+          no_auth_header
+        end
+      end
+      private
+      def unauthorized
+        body = { error: "Invalid JWT token" }.to_json
+        headers = {
+                    'Content-Type' => 'application/json',
+                    'Content-Length' => body.bytesize.to_s
+                  }
+        return [401, headers, [body]]
+      end
+      def no_auth_header
+        body = { error: "Missing Authorization header" }.to_json
+        headers = {
+                    'Content-Type' => 'application/json',
+                    'Content-Length' => body.bytesize.to_s
+                  }
+        return [401, headers, [body]]
+      end
+      def invalid_auth_header
+        body = { error: "Invalid Authorization header format" }.to_json
+        headers = {
+                    'Content-Type' => 'application/json',
+                    'Content-Length' => body.bytesize.to_s
+                  }
+        return [401, headers, [body]]
+      end
+    end
+  end
+end

data/lib/rack/jwt/token.rb ADDED Viewed

@@ -0,0 +1,16 @@
+module Rack
+  module JWT
+    class Token
+      def self.encode(payload, secret)
+        ::JWT.encode(payload, secret)
+      end
+      def self.decode(token, secret)
+        ::JWT.decode(token, secret)
+      rescue
+        # It will raise an error if it is not a valid token due to any reason
+        nil
+      end
+    end
+  end
+end

data/lib/rack/jwt/version.rb ADDED Viewed

@@ -0,0 +1,5 @@
+module Rack
+  module Jwt
+    VERSION = "0.1.0"
+  end
+end

data/lib/rack/jwt.rb ADDED Viewed

@@ -0,0 +1,8 @@
+require "rack/jwt/version"
+module Rack
+  module JWT
+    autoload :Auth, 'rack/jwt/auth'
+    autoload :Token, 'rack/jwt/token'
+  end
+end

data/rack-jwt.gemspec ADDED Viewed

@@ -0,0 +1,28 @@
+# coding: utf-8
+lib = File.expand_path('../lib', __FILE__)
+$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
+require 'rack/jwt/version'
+Gem::Specification.new do |spec|
+  spec.name          = "rack-jwt"
+  spec.version       = Rack::Jwt::VERSION
+  spec.authors       = ["Mr. Eigenbart"]
+  spec.email         = ["eigenbart@gmail.com"]
+  spec.summary       = %q{Rack middleware that provides authentication based on JSON Web Tokens.}
+  spec.description   = %q{Rack middleware that provides authentication based on JSON Web Tokens.}
+  spec.homepage      = ""
+  spec.license       = "MIT"
+  spec.files         = `git ls-files -z`.split("\x0")
+  spec.executables   = spec.files.grep(%r{^bin/}) { |f| File.basename(f) }
+  spec.test_files    = spec.files.grep(%r{^(test|spec|features)/})
+  spec.require_paths = ["lib"]
+  spec.add_development_dependency "bundler", "~> 1.7"
+  spec.add_development_dependency "rake", "~> 10.0"
+  spec.add_development_dependency 'rack-test', '~> 0.6.3'
+  spec.add_development_dependency 'rspec',     '~> 3.2.0'
+  spec.add_runtime_dependency 'rack', '>= 1.6.0'
+  spec.add_runtime_dependency 'jwt', '~> 1.2.1'
+end

data/spec/auth_spec.rb ADDED Viewed

@@ -0,0 +1,68 @@
+require 'spec_helper'
+describe Rack::JWT::Auth do
+  include Rack::Test::Methods
+  let(:issuer) { Rack::JWT::Token }
+  let(:secret) { 'foo' }
+  let(:app) do
+    main_app = lambda { |env| [200, env, ['Hello']] }
+    Rack::JWT::Auth.new(main_app, {secret: secret})
+  end
+  it 'raises an exception if no secret if provided' do
+    expect{ Rack::JWT::Auth.new(main_app, {}) }.to raise_error
+  end
+  it 'returns 200 ok if the request is authenticated' do
+    token = issuer.encode({ iss: 1 }, secret)
+    get('/', {}, {'HTTP_AUTHORIZATION' => 'Bearer #{token}'})
+    expect(last_response.status).to eq 200
+    expect(last_response.body).to   eq 'Hello'
+    payload = last_response.header['jwt.payload']
+    expect(payload['iss']).to  eql(1)
+  end
+  it 'returns 401 if the authorization header is missing' do
+    get('/')
+    jsonResponse = JSON.parse(last_response.body)
+    expect(last_response.status).to eql(401)
+    expect(jsonResponse['error']).to eql('Missing Authorization header')
+  end
+  it 'returns 401 if the authorization header signature is invalid' do
+    token = issuer.encode({ iss: 1 }, 'invalid secret')
+    get('/', {}, {'HTTP_AUTHORIZATION' => 'Bearer #{token}'})
+    jsonResponse = JSON.parse(last_response.body)
+    expect(last_response.status).to eql(401)
+    expect(jsonResponse['error']).to eql('Invalid JWT token')
+  end
+  it 'returns 401 if the header format is not Authorization: Bearer [token]' do
+    token = issuer.encode({ iss: 1 }, secret)
+    get('/', {}, {'HTTP_AUTHORIZATION' => '#{token}'})
+    jsonResponse = JSON.parse(last_response.body)
+    expect(last_response.status).to eql(401)
+    expect(jsonResponse['error']).to eql('Invalid Authorization header format')
+  end
+  it 'returns 401 if authorization scheme is not Bearer' do
+    token = issuer.encode({ iss: 1 }, secret)
+    get('/', {}, {'HTTP_AUTHORIZATION' => 'WrongScheme #{token}'})
+    jsonResponse = JSON.parse(last_response.body)
+    expect(last_response.status).to eql(401)
+    expect(jsonResponse['error']).to eql('Invalid Authorization header format')
+  end
+end

data/spec/spec_helper.rb ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ require "rack/test"
2	+ require "rack/jwt"

metadata ADDED Viewed

@@ -0,0 +1,143 @@
+--- !ruby/object:Gem::Specification
+name: rack-jwt
+version: !ruby/object:Gem::Version
+  version: 0.1.0
+platform: ruby
+authors:
+- Mr. Eigenbart
+autorequire:
+bindir: bin
+cert_chain: []
+date: 2015-02-06 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: bundler
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.7'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.7'
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '10.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '10.0'
+- !ruby/object:Gem::Dependency
+  name: rack-test
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 0.6.3
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 0.6.3
+- !ruby/object:Gem::Dependency
+  name: rspec
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 3.2.0
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 3.2.0
+- !ruby/object:Gem::Dependency
+  name: rack
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 1.6.0
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 1.6.0
+- !ruby/object:Gem::Dependency
+  name: jwt
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 1.2.1
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 1.2.1
+description: Rack middleware that provides authentication based on JSON Web Tokens.
+email:
+- eigenbart@gmail.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- ".gitignore"
+- ".rspec"
+- Gemfile
+- LICENSE.txt
+- README.md
+- Rakefile
+- lib/rack/jwt.rb
+- lib/rack/jwt/auth.rb
+- lib/rack/jwt/token.rb
+- lib/rack/jwt/version.rb
+- rack-jwt.gemspec
+- spec/auth_spec.rb
+- spec/spec_helper.rb
+homepage: ''
+licenses:
+- MIT
+metadata: {}
+post_install_message:
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project:
+rubygems_version: 2.4.5
+signing_key:
+specification_version: 4
+summary: Rack middleware that provides authentication based on JSON Web Tokens.
+test_files:
+- spec/auth_spec.rb
+- spec/spec_helper.rb

rack-jwt 0.1.0