rails-auth 3.0.0 → 3.2.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/.github/workflows/jruby.yml +31 -0
- data/.github/workflows/mri.yml +30 -0
- data/.rubocop.yml +4 -19
- data/CHANGES.md +6 -0
- data/Gemfile +7 -14
- data/lib/rails/auth/acl.rb +8 -3
- data/lib/rails/auth/rack.rb +1 -0
- data/lib/rails/auth/rspec/matchers/acl_matchers.rb +1 -1
- data/lib/rails/auth/version.rb +1 -1
- data/lib/rails/auth/x509/filter/pem.rb +1 -1
- data/lib/rails/auth/x509/filter/pem_urlencoded.rb +17 -0
- data/lib/rails/auth.rb +3 -0
- data/rails-auth.gemspec +4 -5
- data/spec/rails/auth/controller_methods_spec.rb +1 -1
- data/spec/rails/auth/x509/middleware_spec.rb +1 -1
- data/spec/spec_helper.rb +0 -3
- metadata +16 -33
- data/.travis.yml +0 -24
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 1c24122c461b2ef37326ca28f26261614ef8215bd85b62bfc171b47f56aeac29
|
4
|
+
data.tar.gz: e6453804040de859e7da0cb344ebe8e75b34f846a221441f246499016e05b4ec
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: aa0db28d5b895a29f3fc8563575895cb0bf18e8917f7e816d4e6148a25a5615d9b649ba089f94369a7565c2d24a9622a93eff0f1dbb7c14d62c4926ac2333c7f
|
7
|
+
data.tar.gz: ddae5587f3da9ef4291bb0b9cea00563007e58d55d830a025375ba03a9ad2c83aa754d5b86050cf4dac0a8dbb72280c8eb93c905ef4dd5cbc3f883c09da0a52f
|
@@ -0,0 +1,31 @@
|
|
1
|
+
name: CI - JRuby
|
2
|
+
|
3
|
+
on:
|
4
|
+
push:
|
5
|
+
branches: [ master ]
|
6
|
+
pull_request:
|
7
|
+
branches: [ master ]
|
8
|
+
|
9
|
+
jobs:
|
10
|
+
test:
|
11
|
+
runs-on: ubuntu-latest
|
12
|
+
strategy:
|
13
|
+
matrix:
|
14
|
+
java-version:
|
15
|
+
- 8
|
16
|
+
- 11
|
17
|
+
|
18
|
+
steps:
|
19
|
+
- uses: actions/checkout@v2
|
20
|
+
- name: Set up Java
|
21
|
+
uses: actions/setup-java@v2
|
22
|
+
with:
|
23
|
+
distribution: temurin
|
24
|
+
java-version: ${{ matrix.java-version }}
|
25
|
+
- name: Set up Ruby
|
26
|
+
uses: ruby/setup-ruby@v1
|
27
|
+
with:
|
28
|
+
bundler-cache: true
|
29
|
+
ruby-version: jruby
|
30
|
+
- name: Run tests
|
31
|
+
run: bundle exec rake
|
@@ -0,0 +1,30 @@
|
|
1
|
+
name: CI - MRI
|
2
|
+
|
3
|
+
on:
|
4
|
+
push:
|
5
|
+
branches: [ master ]
|
6
|
+
pull_request:
|
7
|
+
branches: [ master ]
|
8
|
+
|
9
|
+
jobs:
|
10
|
+
test:
|
11
|
+
runs-on: ubuntu-latest
|
12
|
+
strategy:
|
13
|
+
matrix:
|
14
|
+
ruby-version:
|
15
|
+
- 2.6
|
16
|
+
- 2.7
|
17
|
+
- 3.0
|
18
|
+
- 3.1
|
19
|
+
- 3.2
|
20
|
+
- 3.3
|
21
|
+
|
22
|
+
steps:
|
23
|
+
- uses: actions/checkout@v2
|
24
|
+
- name: Set up Ruby
|
25
|
+
uses: ruby/setup-ruby@v1
|
26
|
+
with:
|
27
|
+
bundler-cache: true
|
28
|
+
ruby-version: ${{ matrix.ruby-version }}
|
29
|
+
- name: Run tests
|
30
|
+
run: bundle exec rake
|
data/.rubocop.yml
CHANGED
@@ -1,6 +1,7 @@
|
|
1
1
|
AllCops:
|
2
|
+
NewCops: enable
|
2
3
|
DisplayCopNames: true
|
3
|
-
TargetRubyVersion: 2.
|
4
|
+
TargetRubyVersion: 2.5
|
4
5
|
|
5
6
|
Style/StringLiterals:
|
6
7
|
EnforcedStyle: double_quotes
|
@@ -8,24 +9,8 @@ Style/StringLiterals:
|
|
8
9
|
Layout/HashAlignment:
|
9
10
|
Enabled: false
|
10
11
|
|
11
|
-
Metrics
|
12
|
-
|
13
|
-
|
14
|
-
Metrics/ParameterLists:
|
15
|
-
Max: 5
|
16
|
-
CountKeywordArgs: false
|
17
|
-
|
18
|
-
Metrics/LineLength:
|
19
|
-
Max: 128
|
20
|
-
|
21
|
-
Metrics/MethodLength:
|
22
|
-
Max: 25
|
23
|
-
|
24
|
-
Metrics/AbcSize:
|
25
|
-
Max: 25
|
26
|
-
|
27
|
-
Metrics/CyclomaticComplexity:
|
28
|
-
Max: 8
|
12
|
+
Metrics:
|
13
|
+
Enabled: false
|
29
14
|
|
30
15
|
Naming/MethodParameterName:
|
31
16
|
MinNameLength: 2
|
data/CHANGES.md
CHANGED
data/Gemfile
CHANGED
@@ -2,19 +2,12 @@
|
|
2
2
|
|
3
3
|
source "https://rubygems.org"
|
4
4
|
|
5
|
-
|
6
|
-
|
7
|
-
|
8
|
-
|
9
|
-
|
10
|
-
|
11
|
-
|
12
|
-
gem "coveralls", require: false
|
13
|
-
# Workaround for: https://github.com/bundler/bundler/pull/4650
|
14
|
-
gem "rack", "~> 1.x"
|
15
|
-
gem "rake"
|
16
|
-
gem "rspec"
|
17
|
-
gem "rubocop", "0.77.0"
|
18
|
-
end
|
5
|
+
gem "activesupport"
|
6
|
+
gem "certificate_authority", require: false
|
7
|
+
gem "guard-rspec"
|
8
|
+
gem "pry-byebug", platform: :mri
|
9
|
+
gem "rake"
|
10
|
+
gem "rspec"
|
11
|
+
gem "rubocop"
|
19
12
|
|
20
13
|
gemspec
|
data/lib/rails/auth/acl.rb
CHANGED
@@ -19,9 +19,14 @@ module Rails
|
|
19
19
|
# @param [String] :yaml serialized YAML to load an ACL from
|
20
20
|
def self.from_yaml(yaml, **args)
|
21
21
|
require "yaml"
|
22
|
-
|
23
|
-
|
24
|
-
|
22
|
+
new(
|
23
|
+
if YAML::VERSION >= "4.0"
|
24
|
+
YAML.safe_load(yaml, aliases: true)
|
25
|
+
else
|
26
|
+
YAML.safe_load(yaml, [], [], true)
|
27
|
+
end,
|
28
|
+
**args
|
29
|
+
)
|
25
30
|
end
|
26
31
|
|
27
32
|
# @param [Array<Hash>] :acl Access Control List configuration
|
data/lib/rails/auth/rack.rb
CHANGED
@@ -24,6 +24,7 @@ require "rails/auth/monitor/middleware"
|
|
24
24
|
|
25
25
|
require "rails/auth/x509/certificate"
|
26
26
|
require "rails/auth/x509/filter/pem"
|
27
|
+
require "rails/auth/x509/filter/pem_urlencoded"
|
27
28
|
require "rails/auth/x509/filter/java" if defined?(JRUBY_VERSION)
|
28
29
|
require "rails/auth/x509/matcher"
|
29
30
|
require "rails/auth/x509/middleware"
|
@@ -6,7 +6,7 @@ RSpec::Matchers.define(:permit) do |env|
|
|
6
6
|
credentials = Rails::Auth.credentials(env)
|
7
7
|
message = "allow #{method}s by "
|
8
8
|
|
9
|
-
return message
|
9
|
+
return "#{message}unauthenticated clients" if credentials.count.zero?
|
10
10
|
|
11
11
|
message + credentials.values.map(&:inspect).join(", ")
|
12
12
|
end
|
data/lib/rails/auth/version.rb
CHANGED
@@ -11,7 +11,7 @@ module Rails
|
|
11
11
|
# certificates are normally formatted in otherwise parsing with fail
|
12
12
|
# with a 'nested asn1 error'. split(" ") handles sequential whitespace
|
13
13
|
# characters like \t, \n, and space.
|
14
|
-
OpenSSL::X509::Certificate.new(pem.split
|
14
|
+
OpenSSL::X509::Certificate.new(pem.split.instance_eval do
|
15
15
|
[[self[0], self[1]].join(" "), self[2...-2], [self[-2], self[-1]].join(" ")]
|
16
16
|
.flatten.join("\n")
|
17
17
|
end).freeze
|
@@ -0,0 +1,17 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
module Rails
|
4
|
+
module Auth
|
5
|
+
module X509
|
6
|
+
module Filter
|
7
|
+
# Extract OpenSSL::X509::Certificates from Privacy Enhanced Mail (PEM) certificates
|
8
|
+
# that are URL encoded ($ssl_client_escaped_cert from Nginx).
|
9
|
+
class PemUrlencoded < Pem
|
10
|
+
def call(encoded_pem)
|
11
|
+
super(URI.decode_www_form_component(encoded_pem))
|
12
|
+
end
|
13
|
+
end
|
14
|
+
end
|
15
|
+
end
|
16
|
+
end
|
17
|
+
end
|
data/lib/rails/auth.rb
CHANGED
data/rails-auth.gemspec
CHANGED
@@ -21,15 +21,14 @@ Gem::Specification.new do |spec|
|
|
21
21
|
|
22
22
|
# Only allow gem to be pushed to https://rubygems.org
|
23
23
|
spec.metadata["allowed_push_host"] = "https://rubygems.org"
|
24
|
+
spec.metadata["rubygems_mfa_required"] = "true"
|
24
25
|
|
25
26
|
spec.files = `git ls-files`.split("\n")
|
26
27
|
spec.bindir = "exe"
|
27
28
|
spec.require_paths = ["lib"]
|
28
29
|
|
29
|
-
spec.required_ruby_version = ">= 2.
|
30
|
+
spec.required_ruby_version = ">= 2.5.0"
|
30
31
|
|
31
|
-
spec.
|
32
|
-
|
33
|
-
spec.add_development_dependency "bundler", ">= 1.10", "< 3"
|
34
|
-
spec.add_development_dependency "rake", "~> 10.0"
|
32
|
+
spec.add_dependency "activesupport"
|
33
|
+
spec.add_dependency "rack"
|
35
34
|
end
|
data/spec/spec_helper.rb
CHANGED
metadata
CHANGED
@@ -1,17 +1,17 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: rails-auth
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 3.
|
4
|
+
version: 3.2.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Tony Arcieri
|
8
|
-
autorequire:
|
8
|
+
autorequire:
|
9
9
|
bindir: exe
|
10
10
|
cert_chain: []
|
11
|
-
date:
|
11
|
+
date: 2024-08-02 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
|
-
name:
|
14
|
+
name: activesupport
|
15
15
|
requirement: !ruby/object:Gem::Requirement
|
16
16
|
requirements:
|
17
17
|
- - ">="
|
@@ -25,39 +25,19 @@ dependencies:
|
|
25
25
|
- !ruby/object:Gem::Version
|
26
26
|
version: '0'
|
27
27
|
- !ruby/object:Gem::Dependency
|
28
|
-
name:
|
28
|
+
name: rack
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|
30
30
|
requirements:
|
31
31
|
- - ">="
|
32
32
|
- !ruby/object:Gem::Version
|
33
|
-
version: '
|
34
|
-
|
35
|
-
- !ruby/object:Gem::Version
|
36
|
-
version: '3'
|
37
|
-
type: :development
|
33
|
+
version: '0'
|
34
|
+
type: :runtime
|
38
35
|
prerelease: false
|
39
36
|
version_requirements: !ruby/object:Gem::Requirement
|
40
37
|
requirements:
|
41
38
|
- - ">="
|
42
39
|
- !ruby/object:Gem::Version
|
43
|
-
version: '
|
44
|
-
- - "<"
|
45
|
-
- !ruby/object:Gem::Version
|
46
|
-
version: '3'
|
47
|
-
- !ruby/object:Gem::Dependency
|
48
|
-
name: rake
|
49
|
-
requirement: !ruby/object:Gem::Requirement
|
50
|
-
requirements:
|
51
|
-
- - "~>"
|
52
|
-
- !ruby/object:Gem::Version
|
53
|
-
version: '10.0'
|
54
|
-
type: :development
|
55
|
-
prerelease: false
|
56
|
-
version_requirements: !ruby/object:Gem::Requirement
|
57
|
-
requirements:
|
58
|
-
- - "~>"
|
59
|
-
- !ruby/object:Gem::Version
|
60
|
-
version: '10.0'
|
40
|
+
version: '0'
|
61
41
|
description: A plugin-based framework for supporting multiple authentication and authorization
|
62
42
|
systems in Rails/Rack apps. Supports resource-oriented route-by-route access control
|
63
43
|
lists with TLS authentication.
|
@@ -67,10 +47,11 @@ executables: []
|
|
67
47
|
extensions: []
|
68
48
|
extra_rdoc_files: []
|
69
49
|
files:
|
50
|
+
- ".github/workflows/jruby.yml"
|
51
|
+
- ".github/workflows/mri.yml"
|
70
52
|
- ".gitignore"
|
71
53
|
- ".rspec"
|
72
54
|
- ".rubocop.yml"
|
73
|
-
- ".travis.yml"
|
74
55
|
- BUG-BOUNTY.md
|
75
56
|
- CHANGES.md
|
76
57
|
- CONDUCT.md
|
@@ -106,6 +87,7 @@ files:
|
|
106
87
|
- lib/rails/auth/x509/certificate.rb
|
107
88
|
- lib/rails/auth/x509/filter/java.rb
|
108
89
|
- lib/rails/auth/x509/filter/pem.rb
|
90
|
+
- lib/rails/auth/x509/filter/pem_urlencoded.rb
|
109
91
|
- lib/rails/auth/x509/matcher.rb
|
110
92
|
- lib/rails/auth/x509/middleware.rb
|
111
93
|
- lib/rails/auth/x509/subject_alt_name_extension.rb
|
@@ -137,7 +119,8 @@ licenses:
|
|
137
119
|
- Apache-2.0
|
138
120
|
metadata:
|
139
121
|
allowed_push_host: https://rubygems.org
|
140
|
-
|
122
|
+
rubygems_mfa_required: 'true'
|
123
|
+
post_install_message:
|
141
124
|
rdoc_options: []
|
142
125
|
require_paths:
|
143
126
|
- lib
|
@@ -145,15 +128,15 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
145
128
|
requirements:
|
146
129
|
- - ">="
|
147
130
|
- !ruby/object:Gem::Version
|
148
|
-
version: 2.
|
131
|
+
version: 2.5.0
|
149
132
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
150
133
|
requirements:
|
151
134
|
- - ">="
|
152
135
|
- !ruby/object:Gem::Version
|
153
136
|
version: '0'
|
154
137
|
requirements: []
|
155
|
-
rubygems_version: 3.
|
156
|
-
signing_key:
|
138
|
+
rubygems_version: 3.5.9
|
139
|
+
signing_key:
|
157
140
|
specification_version: 4
|
158
141
|
summary: Modular resource-oriented authentication and authorization for Rails/Rack
|
159
142
|
test_files: []
|
data/.travis.yml
DELETED
@@ -1,24 +0,0 @@
|
|
1
|
-
language: ruby
|
2
|
-
sudo: false
|
3
|
-
branches:
|
4
|
-
only:
|
5
|
-
- master
|
6
|
-
|
7
|
-
before_install:
|
8
|
-
- gem install bundler
|
9
|
-
|
10
|
-
bundler_args: --without development
|
11
|
-
|
12
|
-
rvm:
|
13
|
-
- 2.4
|
14
|
-
- 2.5
|
15
|
-
- 2.6
|
16
|
-
matrix:
|
17
|
-
include:
|
18
|
-
- rvm: jruby
|
19
|
-
jdk: openjdk8
|
20
|
-
env: JRUBY_OPTS="--debug" # for simplecov
|
21
|
-
- rvm: jruby
|
22
|
-
jdk: openjdk11
|
23
|
-
env: JRUBY_OPTS="--debug" # for simplecov
|
24
|
-
fast_finish: true
|