rack-jwt 0.4.0 → 0.5.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (6) hide show
  1. checksums.yaml +4 -4
  2. data/README.md +11 -3
  3. data/lib/rack/jwt/auth.rb +16 -6
  4. data/lib/rack/jwt/token.rb +9 -8
  5. data/lib/rack/jwt/version.rb +1 -1
  6. metadata +34 -22
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: d0c3dd5975bdb1e6b9d7b07a349a1334bca43ca5e25bfeb8049d6ba00abbb0f5
4
- data.tar.gz: 05e53f4a510f3362cc05fa1fe8ede02b637a6549a33767ba19325657591f74ab
3
+ metadata.gz: e07bb7937ca24d7787e58ae9733c38db07a4a86e3fffb660197bdf4bbda80e40
4
+ data.tar.gz: e52fcc5a9882d22a28dbed0d9e8e4cbaaf06db5015351afd558f3fc69d3ffae7
5
5
  SHA512:
6
- metadata.gz: 19e0681e2971f43737705c0e5d9fe8e939c6414879b21baacf6e3537948874c92623bec5a05878a4050c37d0670af6b7e2c332590a7cf5c1c4049fc192a5e71a
7
- data.tar.gz: b50c41b582a5ddf5738fee45b1221b3ceddd389f0335f6a5fcc57447d9a05659f10e20a726fa290a561a7601112d62c2885dc7f79571716da459fa4cf55ac696
6
+ metadata.gz: 70cd6e0e66b4ff1e4ac2f3662198a9bff90c8e8159f687646562b0efcc15810f44a40f28d254036e24cc851fde3846f0695e15ca9c78792907467e9c935fc482
7
+ data.tar.gz: 8b494ae14692de777fe2838e87869af27fe3ee29b6b1a1157a687779b6df3035a077637903fbafadf970f55635f91d98c079c04d10e0eacc520707d6a2d0b60c
data/README.md CHANGED
@@ -8,6 +8,10 @@
8
8
 
9
9
  This gem provides JSON Web Token (JWT) based authentication.
10
10
 
11
+ ## Requirements
12
+
13
+ - Ruby 2.3.8 or greater
14
+
11
15
  ## Installation
12
16
 
13
17
  Add this line to your application's `Gemfile`:
@@ -36,7 +40,7 @@ $ gem install rack-jwt
36
40
 
37
41
  * `verify` : optional : Boolean : Determines whether JWT will verify tokens keys for mismatch key types when decoded. Default is `true`. Set to `false` if you are using the `'none'` algorithm.
38
42
 
39
- * `options` : optional : Hash : A hash of options that are passed through to JWT to configure supported claims and algorithms. See [the ruby-jwt docs](https://github.com/progrium/ruby-jwt#support-for-reserved-claim-names) for much more info on the available options and how they work. These options are passed through without change to the underlying `ruby-jwt` gem. By default only expiration (exp) and Not Before (nbf) claims are verified. Pass in an algorithm choice like `{ algorithm: 'HS256' }`.
43
+ * `options` : optional : Hash : A hash of options that are passed through to JWT to configure supported claims and algorithms. See the ruby-jwt docs for [more information of the algorithms and their requirements](https://github.com/jwt/ruby-jwt#algorithms-and-usage) as well as [more information on the supported claims](https://github.com/progrium/ruby-jwt#support-for-reserved-claim-names). These options are passed through without change to the underlying `ruby-jwt` gem. By default only expiration (exp) and Not Before (nbf) claims are verified. Pass in an algorithm choice like `{ algorithm: 'HS256' }`.
40
44
 
41
45
  * `exclude` : optional : Array : An Array of path strings representing paths that should not be checked for the presence of a valid JWT token. Excludes sub-paths as of specified paths as well (e.g. `%w(/docs)` excludes `/docs/some/thing.html` also). Each path should start with a `/`. If a path matches the current request path this entire middleware is skipped and no authentication or verification of tokens takes place.
42
46
 
@@ -61,7 +65,7 @@ Cuba.use Rack::JWT::Auth, my_args
61
65
  ### Rails
62
66
 
63
67
  ```ruby
64
- Rails.application.config.middleware.use, Rack::JWT::Auth, my_args
68
+ Rails.application.config.middleware.use Rack::JWT::Auth, my_args
65
69
  ```
66
70
 
67
71
  ## Generating tokens
@@ -77,11 +81,15 @@ the [ruby-jwt gem repo](https://github.com/jwt/ruby-jwt/blob/master/README.md)
77
81
  The `algorithm` is an optional String and can be one of the following (default HMAC 'HS256'):
78
82
 
79
83
  ```ruby
80
- %w(none HS256 HS384 HS512 RS256 RS384 RS512 ES256 ES384 ES512)
84
+ %w(none HS256 HS384 HS512 RS256 RS384 RS512 ED25519 ES256 ES384 ES512)
81
85
 
82
86
  HS256 is the default
83
87
  ```
84
88
 
89
+ Note that `ED25519` support depends on the `rbnacl` which is _not_ already included by the
90
+ `rack-jwt` gem. If you wish to use the `ED25519` algorith, you must also manually require
91
+ `rbnacl` gem in addition to `rack-jwt`.
92
+
85
93
  Here is a sample payload with illustrative data. You don't have to use all,
86
94
  or even most, of these.
87
95
 
data/lib/rack/jwt/auth.rb CHANGED
@@ -9,7 +9,20 @@ module Rack
9
9
  attr_reader :options
10
10
  attr_reader :exclude
11
11
 
12
- SUPPORTED_ALGORITHMS = %w(none HS256 HS384 HS512 RS256 RS384 RS512 ES256 ES384 ES512).freeze
12
+ SUPPORTED_ALGORITHMS = [
13
+ 'none',
14
+ 'HS256',
15
+ 'HS384',
16
+ 'HS512',
17
+ 'RS256',
18
+ 'RS384',
19
+ 'RS512',
20
+ 'ES256',
21
+ 'ES384',
22
+ 'ES512',
23
+ ('ED25519' if defined?(RbNaCl)),
24
+ ].compact.freeze
25
+
13
26
  DEFAULT_ALGORITHM = 'HS256'.freeze
14
27
 
15
28
  # The last segment gets dropped for 'none' algorithm since there is no
@@ -94,10 +107,7 @@ module Rack
94
107
  end
95
108
 
96
109
  def check_secret_type!
97
- unless @secret.nil? ||
98
- @secret.is_a?(String) ||
99
- @secret.is_a?(OpenSSL::PKey::RSA) ||
100
- @secret.is_a?(OpenSSL::PKey::EC)
110
+ unless Token.secret_of_valid_type?(@secret)
101
111
  raise ArgumentError, 'secret argument must be a valid type'
102
112
  end
103
113
  end
@@ -174,7 +184,7 @@ module Rack
174
184
 
175
185
  def return_error(message)
176
186
  body = { error: message }.to_json
177
- headers = { 'Content-Type' => 'application/json', 'Content-Length' => body.bytesize.to_s }
187
+ headers = { 'Content-Type' => 'application/json' }
178
188
 
179
189
  [401, headers, [body]]
180
190
  end
data/lib/rack/jwt/token.rb CHANGED
@@ -38,6 +38,15 @@ module Rack
38
38
  end
39
39
  end
40
40
 
41
+ def self.secret_of_valid_type?(secret)
42
+ secret.nil? ||
43
+ secret.is_a?(String) ||
44
+ secret.is_a?(OpenSSL::PKey::RSA) ||
45
+ secret.is_a?(OpenSSL::PKey::EC) ||
46
+ (defined?(RbNaCl) && secret.is_a?(RbNaCl::Signatures::Ed25519::SigningKey)) ||
47
+ (defined?(RbNaCl) && secret.is_a?(RbNaCl::Signatures::Ed25519::VerifyKey))
48
+ end
49
+
41
50
  # Private Utility Class Methods
42
51
  # See : https://gist.github.com/Integralist/bb8760d11a03c88da151
43
52
 
@@ -55,14 +64,6 @@ module Rack
55
64
  verify.nil? || verify.is_a?(FalseClass) || verify.is_a?(TrueClass)
56
65
  end
57
66
  private_class_method :verify_of_valid_type?
58
-
59
- def self.secret_of_valid_type?(secret)
60
- secret.nil? ||
61
- secret.is_a?(String) ||
62
- secret.is_a?(OpenSSL::PKey::RSA) ||
63
- secret.is_a?(OpenSSL::PKey::EC)
64
- end
65
- private_class_method :secret_of_valid_type?
66
67
  end
67
68
  end
68
69
  end
data/lib/rack/jwt/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  module Rack
2
2
  module JWT
3
- VERSION = '0.4.0'.freeze
3
+ VERSION = '0.5.0'.freeze
4
4
  end
5
5
  end
metadata CHANGED
@@ -1,15 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: rack-jwt
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.4.0
4
+ version: 0.5.0
5
5
  platform: ruby
6
6
  authors:
7
- - Mr. Eigenbart
8
7
  - Emili Parreno
9
8
  autorequire:
10
9
  bindir: bin
11
10
  cert_chain: []
12
- date: 2018-11-14 00:00:00.000000000 Z
11
+ date: 2019-12-16 00:00:00.000000000 Z
13
12
  dependencies:
14
13
  - !ruby/object:Gem::Dependency
15
14
  name: bundler
@@ -17,98 +16,112 @@ dependencies:
17
16
  requirements:
18
17
  - - "~>"
19
18
  - !ruby/object:Gem::Version
20
- version: '1.6'
19
+ version: 1.16.2
21
20
  type: :development
22
21
  prerelease: false
23
22
  version_requirements: !ruby/object:Gem::Requirement
24
23
  requirements:
25
24
  - - "~>"
26
25
  - !ruby/object:Gem::Version
27
- version: '1.6'
26
+ version: 1.16.2
28
27
  - !ruby/object:Gem::Dependency
29
28
  name: rake
30
29
  requirement: !ruby/object:Gem::Requirement
31
30
  requirements:
32
31
  - - "~>"
33
32
  - !ruby/object:Gem::Version
34
- version: '10.5'
33
+ version: 12.0.0
35
34
  type: :development
36
35
  prerelease: false
37
36
  version_requirements: !ruby/object:Gem::Requirement
38
37
  requirements:
39
38
  - - "~>"
40
39
  - !ruby/object:Gem::Version
41
- version: '10.5'
40
+ version: 12.0.0
42
41
  - !ruby/object:Gem::Dependency
43
42
  name: rack-test
44
43
  requirement: !ruby/object:Gem::Requirement
45
44
  requirements:
46
45
  - - "~>"
47
46
  - !ruby/object:Gem::Version
48
- version: 0.6.3
47
+ version: 1.0.0
49
48
  type: :development
50
49
  prerelease: false
51
50
  version_requirements: !ruby/object:Gem::Requirement
52
51
  requirements:
53
52
  - - "~>"
54
53
  - !ruby/object:Gem::Version
55
- version: 0.6.3
54
+ version: 1.0.0
56
55
  - !ruby/object:Gem::Dependency
57
56
  name: rspec
58
57
  requirement: !ruby/object:Gem::Requirement
59
58
  requirements:
60
59
  - - "~>"
61
60
  - !ruby/object:Gem::Version
62
- version: 3.4.0
61
+ version: 3.8.0
63
62
  type: :development
64
63
  prerelease: false
65
64
  version_requirements: !ruby/object:Gem::Requirement
66
65
  requirements:
67
66
  - - "~>"
68
67
  - !ruby/object:Gem::Version
69
- version: 3.4.0
68
+ version: 3.8.0
70
69
  - !ruby/object:Gem::Dependency
71
70
  name: simplecov
72
71
  requirement: !ruby/object:Gem::Requirement
73
72
  requirements:
74
73
  - - "~>"
75
74
  - !ruby/object:Gem::Version
76
- version: 0.11.2
75
+ version: 0.16.0
77
76
  type: :development
78
77
  prerelease: false
79
78
  version_requirements: !ruby/object:Gem::Requirement
80
79
  requirements:
81
80
  - - "~>"
82
81
  - !ruby/object:Gem::Version
83
- version: 0.11.2
82
+ version: 0.16.0
83
+ - !ruby/object:Gem::Dependency
84
+ name: rbnacl
85
+ requirement: !ruby/object:Gem::Requirement
86
+ requirements:
87
+ - - "~>"
88
+ - !ruby/object:Gem::Version
89
+ version: 6.0.1
90
+ type: :development
91
+ prerelease: false
92
+ version_requirements: !ruby/object:Gem::Requirement
93
+ requirements:
94
+ - - "~>"
95
+ - !ruby/object:Gem::Version
96
+ version: 6.0.1
84
97
  - !ruby/object:Gem::Dependency
85
98
  name: rack
86
99
  requirement: !ruby/object:Gem::Requirement
87
100
  requirements:
88
- - - ">="
101
+ - - "~>"
89
102
  - !ruby/object:Gem::Version
90
- version: 1.6.0
103
+ version: 2.0.0
91
104
  type: :runtime
92
105
  prerelease: false
93
106
  version_requirements: !ruby/object:Gem::Requirement
94
107
  requirements:
95
- - - ">="
108
+ - - "~>"
96
109
  - !ruby/object:Gem::Version
97
- version: 1.6.0
110
+ version: 2.0.0
98
111
  - !ruby/object:Gem::Dependency
99
112
  name: jwt
100
113
  requirement: !ruby/object:Gem::Requirement
101
114
  requirements:
102
115
  - - "~>"
103
116
  - !ruby/object:Gem::Version
104
- version: '2.0'
117
+ version: 2.1.0
105
118
  type: :runtime
106
119
  prerelease: false
107
120
  version_requirements: !ruby/object:Gem::Requirement
108
121
  requirements:
109
122
  - - "~>"
110
123
  - !ruby/object:Gem::Version
111
- version: '2.0'
124
+ version: 2.1.0
112
125
  description: Rack middleware that provides authentication based on JSON Web Tokens.
113
126
  email:
114
127
  - emili@eparreno.com
@@ -134,15 +147,14 @@ required_ruby_version: !ruby/object:Gem::Requirement
134
147
  requirements:
135
148
  - - ">="
136
149
  - !ruby/object:Gem::Version
137
- version: 2.1.0
150
+ version: 2.3.8
138
151
  required_rubygems_version: !ruby/object:Gem::Requirement
139
152
  requirements:
140
153
  - - ">="
141
154
  - !ruby/object:Gem::Version
142
155
  version: '0'
143
156
  requirements: []
144
- rubyforge_project:
145
- rubygems_version: 2.7.6
157
+ rubygems_version: 3.0.3
146
158
  signing_key:
147
159
  specification_version: 4
148
160
  summary: Rack middleware that provides authentication based on JSON Web Tokens.