rack-token_auth 0.1.0 → 0.2.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +6 -14
- data/.gitignore +2 -0
- data/Gemfile +3 -1
- data/Rakefile +4 -2
- data/lib/rack-token_auth.rb +3 -1
- data/lib/rack/token_auth.rb +13 -11
- data/lib/rack/token_auth/version.rb +5 -1
- data/rack-token_auth.gemspec +7 -6
- data/spec/{rack_token_auth_spec.rb → rack/token_auth_spec.rb} +20 -21
- data/spec/spec_helper.rb +21 -0
- metadata +20 -20
checksums.yaml
CHANGED
@@ -1,15 +1,7 @@
|
|
1
1
|
---
|
2
|
-
|
3
|
-
metadata.gz:
|
4
|
-
|
5
|
-
|
6
|
-
|
7
|
-
|
8
|
-
metadata.gz: !binary |-
|
9
|
-
OTc4YjI2ZDcyYjdmMGU3MjI5YmI3NDIyMTNjMWFjYzY3NzFiYzljY2Q3MzA2
|
10
|
-
MGI2YjUyZTc5ZThkNGQzOWU5YWRhMmY4MDYwMzVjOGFlOWZiMTE5MjE0OTYx
|
11
|
-
ZjcyNWZhMjI4NmQ3N2JkZDIxZmEwZGQwNDgxYzk1NDMzZjhhZTA=
|
12
|
-
data.tar.gz: !binary |-
|
13
|
-
YWUzN2E5NTA1OTcwOGUwYzdkOGJiMTVlZjM3OGI2MzhjYTNjYzNjYjNiOWI2
|
14
|
-
MzE3YjNlYzUyM2VjMDI3NzZlNWMwNjA0MGFmYzEzZTMyM2VlZDc4MDQzMWYw
|
15
|
-
OWE5Yjg3MmZiYzM2N2JkYTcwMDNlNmE3NTA4MTI5MDk3NTliNDY=
|
2
|
+
SHA256:
|
3
|
+
metadata.gz: b56e499c772ba6a2e0da73660b71301bb63a7bb7e2b6095986ae108c2da33ffe
|
4
|
+
data.tar.gz: ce62a6ed4b6639e42ed4da328d98614a046f90499feb183da4306694981f2714
|
5
|
+
SHA512:
|
6
|
+
metadata.gz: 32f80f3e09d500869e25e0ee39510fe2f5e6159e0ad136a9a1f7c8a79bce76762ca49c701195419a2931a00b1e03988760c8a4c5dc938d0780206a57f26de10d
|
7
|
+
data.tar.gz: 3ec2ca1d567dba0c44e470957aac107767517e1058d6dc1c0e272e5412a144ccb9a9d7a0130c15b8f00e7bd2c77521ab8dba67f9ac3213de9c68ff5d4b79be54
|
data/.gitignore
CHANGED
data/Gemfile
CHANGED
data/Rakefile
CHANGED
data/lib/rack-token_auth.rb
CHANGED
data/lib/rack/token_auth.rb
CHANGED
@@ -1,4 +1,6 @@
|
|
1
|
-
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
require "rack/token_auth/version"
|
2
4
|
|
3
5
|
module Rack
|
4
6
|
class TokenAuth
|
@@ -31,11 +33,11 @@ module Rack
|
|
31
33
|
end
|
32
34
|
|
33
35
|
def default_unprocessable_header_app
|
34
|
-
lambda { |
|
36
|
+
lambda { |_env| Rack::Response.new("Unprocessable Authorization header", 400).to_a }
|
35
37
|
end
|
36
38
|
|
37
39
|
def default_unauthorized_app
|
38
|
-
lambda { |
|
40
|
+
lambda { |_env| Rack::Response.new("Unauthorized", 401).to_a }
|
39
41
|
end
|
40
42
|
|
41
43
|
# Taken and adapted from Rails
|
@@ -44,19 +46,19 @@ module Rack
|
|
44
46
|
token = header.to_s.match(/^Token (.*)/) { |m| m[1] }
|
45
47
|
if token
|
46
48
|
begin
|
47
|
-
values = Hash[token.split(
|
48
|
-
value.strip!
|
49
|
-
key, value = value.split(
|
50
|
-
value.chomp!('"')
|
51
|
-
value.gsub!(
|
49
|
+
values = Hash[token.split(",").map do |value|
|
50
|
+
value.strip! # remove any spaces between commas and values
|
51
|
+
key, value = value.split(/="?/) # split key=value pairs
|
52
|
+
value.chomp!('"') # chomp trailing " in value
|
53
|
+
value.gsub!(/\\"/, '"') # unescape remaining quotes
|
52
54
|
[key, value]
|
53
55
|
end]
|
54
56
|
[values.delete("token"), values]
|
55
|
-
rescue =>
|
56
|
-
raise UnprocessableHeader,
|
57
|
+
rescue StandardError => exception
|
58
|
+
raise UnprocessableHeader, exception
|
57
59
|
end
|
58
60
|
else
|
59
|
-
[nil,{}]
|
61
|
+
[nil, {}]
|
60
62
|
end
|
61
63
|
end
|
62
64
|
|
data/rack-token_auth.gemspec
CHANGED
@@ -1,19 +1,20 @@
|
|
1
|
-
#
|
2
|
-
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
lib = File.expand_path("lib", __dir__)
|
3
4
|
$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
|
4
|
-
require
|
5
|
+
require "rack/token_auth/version"
|
5
6
|
|
6
7
|
Gem::Specification.new do |gem|
|
7
8
|
gem.name = "rack-token_auth"
|
8
9
|
gem.version = Rack::TokenAuth::VERSION
|
9
10
|
gem.authors = ["iain"]
|
10
11
|
gem.email = ["iain@iain.nl"]
|
11
|
-
gem.description =
|
12
|
-
gem.summary =
|
12
|
+
gem.description = "Rack middleware for using the Authorization header with token authentication"
|
13
|
+
gem.summary = "Rack middleware for using the Authorization header with token authentication"
|
13
14
|
gem.homepage = "https://github.com/iain/rack-token_auth"
|
14
15
|
|
15
16
|
gem.files = `git ls-files`.split($/)
|
16
|
-
gem.executables = gem.files.grep(%r{^bin/}).map{ |f| File.basename(f) }
|
17
|
+
gem.executables = gem.files.grep(%r{^bin/}).map { |f| File.basename(f) }
|
17
18
|
gem.test_files = gem.files.grep(%r{^(test|spec|features)/})
|
18
19
|
gem.require_paths = ["lib"]
|
19
20
|
|
@@ -1,9 +1,8 @@
|
|
1
|
-
|
2
|
-
require 'rack/token_auth'
|
1
|
+
# frozen_string_literal: true
|
3
2
|
|
4
|
-
|
3
|
+
require "spec_helper"
|
5
4
|
|
6
|
-
|
5
|
+
RSpec.describe Rack::TokenAuth do
|
7
6
|
|
8
7
|
describe "parsing the authorization header" do
|
9
8
|
|
@@ -12,33 +11,33 @@ describe Rack::TokenAuth do
|
|
12
11
|
|
13
12
|
it "evaluates the block with token and options" do
|
14
13
|
env = { "HTTP_AUTHORIZATION" => %(Token token="abc", foo="bar") }
|
15
|
-
block.
|
14
|
+
expect(block).to receive(:call).with("abc", { "foo" => "bar" }, env)
|
16
15
|
app.call(env)
|
17
16
|
end
|
18
17
|
|
19
18
|
it "handles absent header" do
|
20
19
|
env = {}
|
21
|
-
block.
|
20
|
+
expect(block).to receive(:call).with(nil, {}, env)
|
22
21
|
app.call(env)
|
23
22
|
end
|
24
23
|
|
25
24
|
it "handles other authorization header" do
|
26
25
|
env = { "HTTP_AUTHORIZATION" => %(Basic QWxhZGluOnNlc2FtIG9wZW4=) }
|
27
|
-
block.
|
26
|
+
expect(block).to receive(:call).with(nil, {}, env)
|
28
27
|
app.call(env)
|
29
28
|
end
|
30
29
|
|
31
30
|
it "handles misformed authorization header" do
|
32
|
-
block.
|
31
|
+
expect(block).not_to receive(:call)
|
33
32
|
result = app.call("HTTP_AUTHORIZATION" => %(Token foobar))
|
34
|
-
result.
|
33
|
+
expect(result.first).to eq 400
|
35
34
|
end
|
36
35
|
|
37
36
|
it "allows specifying the unprocessable header app" do
|
38
|
-
unprocessable_header_app =
|
39
|
-
app = build_app(:
|
37
|
+
unprocessable_header_app = double :unprocessable_header_app
|
38
|
+
app = build_app(unprocessable_header_app: unprocessable_header_app)
|
40
39
|
|
41
|
-
unprocessable_header_app.
|
40
|
+
expect(unprocessable_header_app).to receive(:call)
|
42
41
|
app.call("HTTP_AUTHORIZATION" => %(Token foobar))
|
43
42
|
end
|
44
43
|
|
@@ -46,26 +45,26 @@ describe Rack::TokenAuth do
|
|
46
45
|
|
47
46
|
context "when block returns false" do
|
48
47
|
|
49
|
-
let(:env) {
|
48
|
+
let(:env) { double :env, :[] => true }
|
50
49
|
|
51
50
|
it "doesn't call the rest of the app" do
|
52
51
|
app = build_app do false end
|
53
|
-
Endpoint.
|
52
|
+
expect(Endpoint).not_to receive(:call)
|
54
53
|
app.call(env)
|
55
54
|
end
|
56
55
|
|
57
56
|
it "has a default response" do
|
58
57
|
app = build_app do false end
|
59
58
|
result = app.call(env)
|
60
|
-
result.
|
61
|
-
result.
|
59
|
+
expect(result.last).to eq ["Unauthorized"]
|
60
|
+
expect(result.first).to eq 401
|
62
61
|
end
|
63
62
|
|
64
63
|
it "is able to set the unauthorized app" do
|
65
|
-
unauthorized_app =
|
66
|
-
app = build_app :
|
64
|
+
unauthorized_app = double :unauthorized_app
|
65
|
+
app = build_app unauthorized_app: unauthorized_app do false end
|
67
66
|
|
68
|
-
unauthorized_app.
|
67
|
+
expect(unauthorized_app).to receive(:call).with(env)
|
69
68
|
app.call(env)
|
70
69
|
end
|
71
70
|
|
@@ -73,11 +72,11 @@ describe Rack::TokenAuth do
|
|
73
72
|
|
74
73
|
context "when the block returns true" do
|
75
74
|
|
76
|
-
let(:env) {
|
75
|
+
let(:env) { double :env, :[] => true }
|
77
76
|
|
78
77
|
it "calls the rest of your app" do
|
79
78
|
app = build_app do true end
|
80
|
-
Endpoint.
|
79
|
+
expect(Endpoint).to receive(:call).with(env)
|
81
80
|
app.call(env)
|
82
81
|
end
|
83
82
|
|
data/spec/spec_helper.rb
ADDED
@@ -0,0 +1,21 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
require "bundler/setup"
|
4
|
+
|
5
|
+
require "rack"
|
6
|
+
require "rack/token_auth"
|
7
|
+
|
8
|
+
Endpoint = Rack::Response.new("OK")
|
9
|
+
|
10
|
+
RSpec.configure do |config|
|
11
|
+
# Enable flags like --only-failures and --next-failure
|
12
|
+
config.example_status_persistence_file_path = ".rspec_status"
|
13
|
+
|
14
|
+
# Disable RSpec exposing methods globally on `Module` and `main`
|
15
|
+
config.disable_monkey_patching!
|
16
|
+
|
17
|
+
config.expect_with :rspec do |c|
|
18
|
+
c.syntax = :expect
|
19
|
+
end
|
20
|
+
|
21
|
+
end
|
metadata
CHANGED
@@ -1,55 +1,55 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: rack-token_auth
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 0.2.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- iain
|
8
|
-
autorequire:
|
8
|
+
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date:
|
11
|
+
date: 2020-07-20 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: rack
|
15
15
|
requirement: !ruby/object:Gem::Requirement
|
16
16
|
requirements:
|
17
|
-
- -
|
17
|
+
- - ">="
|
18
18
|
- !ruby/object:Gem::Version
|
19
19
|
version: '0'
|
20
20
|
type: :runtime
|
21
21
|
prerelease: false
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
23
23
|
requirements:
|
24
|
-
- -
|
24
|
+
- - ">="
|
25
25
|
- !ruby/object:Gem::Version
|
26
26
|
version: '0'
|
27
27
|
- !ruby/object:Gem::Dependency
|
28
28
|
name: rake
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|
30
30
|
requirements:
|
31
|
-
- -
|
31
|
+
- - ">="
|
32
32
|
- !ruby/object:Gem::Version
|
33
33
|
version: '0'
|
34
34
|
type: :development
|
35
35
|
prerelease: false
|
36
36
|
version_requirements: !ruby/object:Gem::Requirement
|
37
37
|
requirements:
|
38
|
-
- -
|
38
|
+
- - ">="
|
39
39
|
- !ruby/object:Gem::Version
|
40
40
|
version: '0'
|
41
41
|
- !ruby/object:Gem::Dependency
|
42
42
|
name: rspec
|
43
43
|
requirement: !ruby/object:Gem::Requirement
|
44
44
|
requirements:
|
45
|
-
- -
|
45
|
+
- - ">="
|
46
46
|
- !ruby/object:Gem::Version
|
47
47
|
version: '0'
|
48
48
|
type: :development
|
49
49
|
prerelease: false
|
50
50
|
version_requirements: !ruby/object:Gem::Requirement
|
51
51
|
requirements:
|
52
|
-
- -
|
52
|
+
- - ">="
|
53
53
|
- !ruby/object:Gem::Version
|
54
54
|
version: '0'
|
55
55
|
description: Rack middleware for using the Authorization header with token authentication
|
@@ -59,8 +59,8 @@ executables: []
|
|
59
59
|
extensions: []
|
60
60
|
extra_rdoc_files: []
|
61
61
|
files:
|
62
|
-
- .gitignore
|
63
|
-
- .rspec
|
62
|
+
- ".gitignore"
|
63
|
+
- ".rspec"
|
64
64
|
- Gemfile
|
65
65
|
- LICENSE.txt
|
66
66
|
- README.md
|
@@ -69,30 +69,30 @@ files:
|
|
69
69
|
- lib/rack/token_auth.rb
|
70
70
|
- lib/rack/token_auth/version.rb
|
71
71
|
- rack-token_auth.gemspec
|
72
|
-
- spec/
|
72
|
+
- spec/rack/token_auth_spec.rb
|
73
|
+
- spec/spec_helper.rb
|
73
74
|
homepage: https://github.com/iain/rack-token_auth
|
74
75
|
licenses: []
|
75
76
|
metadata: {}
|
76
|
-
post_install_message:
|
77
|
+
post_install_message:
|
77
78
|
rdoc_options: []
|
78
79
|
require_paths:
|
79
80
|
- lib
|
80
81
|
required_ruby_version: !ruby/object:Gem::Requirement
|
81
82
|
requirements:
|
82
|
-
- -
|
83
|
+
- - ">="
|
83
84
|
- !ruby/object:Gem::Version
|
84
85
|
version: '0'
|
85
86
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
86
87
|
requirements:
|
87
|
-
- -
|
88
|
+
- - ">="
|
88
89
|
- !ruby/object:Gem::Version
|
89
90
|
version: '0'
|
90
91
|
requirements: []
|
91
|
-
|
92
|
-
|
93
|
-
signing_key:
|
92
|
+
rubygems_version: 3.1.2
|
93
|
+
signing_key:
|
94
94
|
specification_version: 4
|
95
95
|
summary: Rack middleware for using the Authorization header with token authentication
|
96
96
|
test_files:
|
97
|
-
- spec/
|
98
|
-
|
97
|
+
- spec/rack/token_auth_spec.rb
|
98
|
+
- spec/spec_helper.rb
|