rack-jwt 0.4.0 → 0.5.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (6) hide show
  1. checksums.yaml +4 -4
  2. data/README.md +11 -3
  3. data/lib/rack/jwt/auth.rb +16 -6
  4. data/lib/rack/jwt/token.rb +9 -8
  5. data/lib/rack/jwt/version.rb +1 -1
  6. metadata +34 -22
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: d0c3dd5975bdb1e6b9d7b07a349a1334bca43ca5e25bfeb8049d6ba00abbb0f5
4
- data.tar.gz: 05e53f4a510f3362cc05fa1fe8ede02b637a6549a33767ba19325657591f74ab
3
+ metadata.gz: e07bb7937ca24d7787e58ae9733c38db07a4a86e3fffb660197bdf4bbda80e40
4
+ data.tar.gz: e52fcc5a9882d22a28dbed0d9e8e4cbaaf06db5015351afd558f3fc69d3ffae7
5
5
  SHA512:
6
- metadata.gz: 19e0681e2971f43737705c0e5d9fe8e939c6414879b21baacf6e3537948874c92623bec5a05878a4050c37d0670af6b7e2c332590a7cf5c1c4049fc192a5e71a
7
- data.tar.gz: b50c41b582a5ddf5738fee45b1221b3ceddd389f0335f6a5fcc57447d9a05659f10e20a726fa290a561a7601112d62c2885dc7f79571716da459fa4cf55ac696
6
+ metadata.gz: 70cd6e0e66b4ff1e4ac2f3662198a9bff90c8e8159f687646562b0efcc15810f44a40f28d254036e24cc851fde3846f0695e15ca9c78792907467e9c935fc482
7
+ data.tar.gz: 8b494ae14692de777fe2838e87869af27fe3ee29b6b1a1157a687779b6df3035a077637903fbafadf970f55635f91d98c079c04d10e0eacc520707d6a2d0b60c
data/README.md CHANGED
@@ -8,6 +8,10 @@
8
8
 
9
9
  This gem provides JSON Web Token (JWT) based authentication.
10
10
 
11
+ ## Requirements
12
+
13
+ - Ruby 2.3.8 or greater
14
+
11
15
  ## Installation
12
16
 
13
17
  Add this line to your application's `Gemfile`:
@@ -36,7 +40,7 @@ $ gem install rack-jwt
36
40
 
37
41
  * `verify` : optional : Boolean : Determines whether JWT will verify tokens keys for mismatch key types when decoded. Default is `true`. Set to `false` if you are using the `'none'` algorithm.
38
42
 
39
- * `options` : optional : Hash : A hash of options that are passed through to JWT to configure supported claims and algorithms. See [the ruby-jwt docs](https://github.com/progrium/ruby-jwt#support-for-reserved-claim-names) for much more info on the available options and how they work. These options are passed through without change to the underlying `ruby-jwt` gem. By default only expiration (exp) and Not Before (nbf) claims are verified. Pass in an algorithm choice like `{ algorithm: 'HS256' }`.
43
+ * `options` : optional : Hash : A hash of options that are passed through to JWT to configure supported claims and algorithms. See the ruby-jwt docs for [more information of the algorithms and their requirements](https://github.com/jwt/ruby-jwt#algorithms-and-usage) as well as [more information on the supported claims](https://github.com/progrium/ruby-jwt#support-for-reserved-claim-names). These options are passed through without change to the underlying `ruby-jwt` gem. By default only expiration (exp) and Not Before (nbf) claims are verified. Pass in an algorithm choice like `{ algorithm: 'HS256' }`.
40
44
 
41
45
  * `exclude` : optional : Array : An Array of path strings representing paths that should not be checked for the presence of a valid JWT token. Excludes sub-paths as of specified paths as well (e.g. `%w(/docs)` excludes `/docs/some/thing.html` also). Each path should start with a `/`. If a path matches the current request path this entire middleware is skipped and no authentication or verification of tokens takes place.
42
46
 
@@ -61,7 +65,7 @@ Cuba.use Rack::JWT::Auth, my_args
61
65
  ### Rails
62
66
 
63
67
  ```ruby
64
- Rails.application.config.middleware.use, Rack::JWT::Auth, my_args
68
+ Rails.application.config.middleware.use Rack::JWT::Auth, my_args
65
69
  ```
66
70
 
67
71
  ## Generating tokens
@@ -77,11 +81,15 @@ the [ruby-jwt gem repo](https://github.com/jwt/ruby-jwt/blob/master/README.md)
77
81
  The `algorithm` is an optional String and can be one of the following (default HMAC 'HS256'):
78
82
 
79
83
  ```ruby
80
- %w(none HS256 HS384 HS512 RS256 RS384 RS512 ES256 ES384 ES512)
84
+ %w(none HS256 HS384 HS512 RS256 RS384 RS512 ED25519 ES256 ES384 ES512)
81
85
 
82
86
  HS256 is the default
83
87
  ```
84
88
 
89
+ Note that `ED25519` support depends on the `rbnacl` which is _not_ already included by the
90
+ `rack-jwt` gem. If you wish to use the `ED25519` algorith, you must also manually require
91
+ `rbnacl` gem in addition to `rack-jwt`.
92
+
85
93
  Here is a sample payload with illustrative data. You don't have to use all,
86
94
  or even most, of these.
87
95
 
data/lib/rack/jwt/auth.rb CHANGED
@@ -9,7 +9,20 @@ module Rack
9
9
  attr_reader :options
10
10
  attr_reader :exclude
11
11
 
12
- SUPPORTED_ALGORITHMS = %w(none HS256 HS384 HS512 RS256 RS384 RS512 ES256 ES384 ES512).freeze
12
+ SUPPORTED_ALGORITHMS = [
13
+ 'none',
14
+ 'HS256',
15
+ 'HS384',
16
+ 'HS512',
17
+ 'RS256',
18
+ 'RS384',
19
+ 'RS512',
20
+ 'ES256',
21
+ 'ES384',
22
+ 'ES512',
23
+ ('ED25519' if defined?(RbNaCl)),
24
+ ].compact.freeze
25
+
13
26
  DEFAULT_ALGORITHM = 'HS256'.freeze
14
27
 
15
28
  # The last segment gets dropped for 'none' algorithm since there is no
@@ -94,10 +107,7 @@ module Rack
94
107
  end
95
108
 
96
109
  def check_secret_type!
97
- unless @secret.nil? ||
98
- @secret.is_a?(String) ||
99
- @secret.is_a?(OpenSSL::PKey::RSA) ||
100
- @secret.is_a?(OpenSSL::PKey::EC)
110
+ unless Token.secret_of_valid_type?(@secret)
101
111
  raise ArgumentError, 'secret argument must be a valid type'
102
112
  end
103
113
  end
@@ -174,7 +184,7 @@ module Rack
174
184
 
175
185
  def return_error(message)
176
186
  body = { error: message }.to_json
177
- headers = { 'Content-Type' => 'application/json', 'Content-Length' => body.bytesize.to_s }
187
+ headers = { 'Content-Type' => 'application/json' }
178
188
 
179
189
  [401, headers, [body]]
180
190
  end
data/lib/rack/jwt/token.rb CHANGED
@@ -38,6 +38,15 @@ module Rack
38
38
  end
39
39
  end
40
40
 
41
+ def self.secret_of_valid_type?(secret)
42
+ secret.nil? ||
43
+ secret.is_a?(String) ||
44
+ secret.is_a?(OpenSSL::PKey::RSA) ||
45
+ secret.is_a?(OpenSSL::PKey::EC) ||
46
+ (defined?(RbNaCl) && secret.is_a?(RbNaCl::Signatures::Ed25519::SigningKey)) ||
47
+ (defined?(RbNaCl) && secret.is_a?(RbNaCl::Signatures::Ed25519::VerifyKey))
48
+ end
49
+
41
50
  # Private Utility Class Methods
42
51
  # See : https://gist.github.com/Integralist/bb8760d11a03c88da151
43
52
 
@@ -55,14 +64,6 @@ module Rack
55
64
  verify.nil? || verify.is_a?(FalseClass) || verify.is_a?(TrueClass)
56
65
  end
57
66
  private_class_method :verify_of_valid_type?
58
-
59
- def self.secret_of_valid_type?(secret)
60
- secret.nil? ||
61
- secret.is_a?(String) ||
62
- secret.is_a?(OpenSSL::PKey::RSA) ||
63
- secret.is_a?(OpenSSL::PKey::EC)
64
- end
65
- private_class_method :secret_of_valid_type?
66
67
  end
67
68
  end
68
69
  end
data/lib/rack/jwt/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  module Rack
2
2
  module JWT
3
- VERSION = '0.4.0'.freeze
3
+ VERSION = '0.5.0'.freeze
4
4
  end
5
5
  end
metadata CHANGED
@@ -1,15 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: rack-jwt
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.4.0
4
+ version: 0.5.0
5
5
  platform: ruby
6
6
  authors:
7
- - Mr. Eigenbart
8
7
  - Emili Parreno
9
8
  autorequire:
10
9
  bindir: bin
11
10
  cert_chain: []
12
- date: 2018-11-14 00:00:00.000000000 Z
11
+ date: 2019-12-16 00:00:00.000000000 Z
13
12
  dependencies:
14
13
  - !ruby/object:Gem::Dependency
15
14
  name: bundler
@@ -17,98 +16,112 @@ dependencies:
17
16
  requirements:
18
17
  - - "~>"
19
18
  - !ruby/object:Gem::Version
20
- version: '1.6'
19
+ version: 1.16.2
21
20
  type: :development
22
21
  prerelease: false
23
22
  version_requirements: !ruby/object:Gem::Requirement
24
23
  requirements:
25
24
  - - "~>"
26
25
  - !ruby/object:Gem::Version
27
- version: '1.6'
26
+ version: 1.16.2
28
27
  - !ruby/object:Gem::Dependency
29
28
  name: rake
30
29
  requirement: !ruby/object:Gem::Requirement
31
30
  requirements:
32
31
  - - "~>"
33
32
  - !ruby/object:Gem::Version
34
- version: '10.5'
33
+ version: 12.0.0
35
34
  type: :development
36
35
  prerelease: false
37
36
  version_requirements: !ruby/object:Gem::Requirement
38
37
  requirements:
39
38
  - - "~>"
40
39
  - !ruby/object:Gem::Version
41
- version: '10.5'
40
+ version: 12.0.0
42
41
  - !ruby/object:Gem::Dependency
43
42
  name: rack-test
44
43
  requirement: !ruby/object:Gem::Requirement
45
44
  requirements:
46
45
  - - "~>"
47
46
  - !ruby/object:Gem::Version
48
- version: 0.6.3
47
+ version: 1.0.0
49
48
  type: :development
50
49
  prerelease: false
51
50
  version_requirements: !ruby/object:Gem::Requirement
52
51
  requirements:
53
52
  - - "~>"
54
53
  - !ruby/object:Gem::Version
55
- version: 0.6.3
54
+ version: 1.0.0
56
55
  - !ruby/object:Gem::Dependency
57
56
  name: rspec
58
57
  requirement: !ruby/object:Gem::Requirement
59
58
  requirements:
60
59
  - - "~>"
61
60
  - !ruby/object:Gem::Version
62
- version: 3.4.0
61
+ version: 3.8.0
63
62
  type: :development
64
63
  prerelease: false
65
64
  version_requirements: !ruby/object:Gem::Requirement
66
65
  requirements:
67
66
  - - "~>"
68
67
  - !ruby/object:Gem::Version
69
- version: 3.4.0
68
+ version: 3.8.0
70
69
  - !ruby/object:Gem::Dependency
71
70
  name: simplecov
72
71
  requirement: !ruby/object:Gem::Requirement
73
72
  requirements:
74
73
  - - "~>"
75
74
  - !ruby/object:Gem::Version
76
- version: 0.11.2
75
+ version: 0.16.0
77
76
  type: :development
78
77
  prerelease: false
79
78
  version_requirements: !ruby/object:Gem::Requirement
80
79
  requirements:
81
80
  - - "~>"
82
81
  - !ruby/object:Gem::Version
83
- version: 0.11.2
82
+ version: 0.16.0
83
+ - !ruby/object:Gem::Dependency
84
+ name: rbnacl
85
+ requirement: !ruby/object:Gem::Requirement
86
+ requirements:
87
+ - - "~>"
88
+ - !ruby/object:Gem::Version
89
+ version: 6.0.1
90
+ type: :development
91
+ prerelease: false
92
+ version_requirements: !ruby/object:Gem::Requirement
93
+ requirements:
94
+ - - "~>"
95
+ - !ruby/object:Gem::Version
96
+ version: 6.0.1
84
97
  - !ruby/object:Gem::Dependency
85
98
  name: rack
86
99
  requirement: !ruby/object:Gem::Requirement
87
100
  requirements:
88
- - - ">="
101
+ - - "~>"
89
102
  - !ruby/object:Gem::Version
90
- version: 1.6.0
103
+ version: 2.0.0
91
104
  type: :runtime
92
105
  prerelease: false
93
106
  version_requirements: !ruby/object:Gem::Requirement
94
107
  requirements:
95
- - - ">="
108
+ - - "~>"
96
109
  - !ruby/object:Gem::Version
97
- version: 1.6.0
110
+ version: 2.0.0
98
111
  - !ruby/object:Gem::Dependency
99
112
  name: jwt
100
113
  requirement: !ruby/object:Gem::Requirement
101
114
  requirements:
102
115
  - - "~>"
103
116
  - !ruby/object:Gem::Version
104
- version: '2.0'
117
+ version: 2.1.0
105
118
  type: :runtime
106
119
  prerelease: false
107
120
  version_requirements: !ruby/object:Gem::Requirement
108
121
  requirements:
109
122
  - - "~>"
110
123
  - !ruby/object:Gem::Version
111
- version: '2.0'
124
+ version: 2.1.0
112
125
  description: Rack middleware that provides authentication based on JSON Web Tokens.
113
126
  email:
114
127
  - emili@eparreno.com
@@ -134,15 +147,14 @@ required_ruby_version: !ruby/object:Gem::Requirement
134
147
  requirements:
135
148
  - - ">="
136
149
  - !ruby/object:Gem::Version
137
- version: 2.1.0
150
+ version: 2.3.8
138
151
  required_rubygems_version: !ruby/object:Gem::Requirement
139
152
  requirements:
140
153
  - - ">="
141
154
  - !ruby/object:Gem::Version
142
155
  version: '0'
143
156
  requirements: []
144
- rubyforge_project:
145
- rubygems_version: 2.7.6
157
+ rubygems_version: 3.0.3
146
158
  signing_key:
147
159
  specification_version: 4
148
160
  summary: Rack middleware that provides authentication based on JSON Web Tokens.