rails-vault-jwt 0.1.2 → 0.1.3
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +4 -0
- data/Gemfile.lock +1 -1
- data/lib/rails/vault/jwt.rb +2 -0
- data/lib/rails/vault/jwt/config.rb +2 -1
- data/lib/rails/vault/jwt/key_provider.rb +2 -0
- data/lib/rails/vault/jwt/version.rb +1 -1
- data/rails-vault-jwt.gemspec +2 -2
- metadata +3 -3
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: a2cc4bd6c97d1029d671f49ee94a1f3b628ff385dc71386d621d4f24db299512
|
4
|
+
data.tar.gz: ef9184fbef5ee181d7d62105c67a937c66af6680fc498b8c1e8a9b92ff6117ae
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 0674d5bc92bbd3a963ba506a55084095e9279ac67be5ff9104abb59cf24474aa332cd80c1f9c0469b2dec3dfe96a73e3b4aaf9dba09116795a26e66b74b9b342
|
7
|
+
data.tar.gz: ffea10ab232b7dea73a123453c8dbe5350c112f60e09a7490ba2ebda0d60d2c8aaa488fd10e0474e37fae5f75c11193c171f48ddcc244fe98566e2934e068960
|
data/CHANGELOG.md
CHANGED
@@ -6,6 +6,10 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
|
|
6
6
|
|
7
7
|
## [Unreleased]
|
8
8
|
|
9
|
+
## [0.1.3] - 2021-01-18
|
10
|
+
### Added
|
11
|
+
- Added `valid_issuers` config item to allow restricting key lookups to specific issuers
|
12
|
+
|
9
13
|
## [0.1.2] - 2021-01-18
|
10
14
|
### Fixed
|
11
15
|
- Fixed issuer key url
|
data/Gemfile.lock
CHANGED
data/lib/rails/vault/jwt.rb
CHANGED
@@ -7,11 +7,12 @@ module Rails
|
|
7
7
|
module JWT
|
8
8
|
class Config
|
9
9
|
extend Forwardable
|
10
|
-
attr_accessor :cache, :logger
|
10
|
+
attr_accessor :cache, :logger, :valid_issuers
|
11
11
|
attr_reader :token_provider
|
12
12
|
|
13
13
|
def initialize
|
14
14
|
@logger = defined?(Rails) && defined?(Rails.logger) ? Rails.logger : Logger.new($stdout)
|
15
|
+
@valid_issuers = []
|
15
16
|
end
|
16
17
|
|
17
18
|
def token_provider=(value)
|
@@ -12,6 +12,8 @@ module Rails
|
|
12
12
|
end
|
13
13
|
|
14
14
|
def keys(issuer)
|
15
|
+
raise InvalidIssuer if JWT.config.valid_issuers.any? && !(JWT.config.valid_issuers.include? issuer)
|
16
|
+
|
15
17
|
if @cache.respond_to?(:fetch)
|
16
18
|
@cache.fetch("keys/#{issuer}", expires_in: 5.minutes) do
|
17
19
|
fetch_keys issuer
|
data/rails-vault-jwt.gemspec
CHANGED
@@ -22,8 +22,8 @@ Gem::Specification.new do |spec|
|
|
22
22
|
spec.metadata['allowed_push_host'] = 'https://rubygems.org'
|
23
23
|
|
24
24
|
spec.metadata['homepage_uri'] = spec.homepage
|
25
|
-
spec.metadata['source_code_uri'] = 'https://github.com/
|
26
|
-
spec.metadata['changelog_uri'] = 'https://github.com/
|
25
|
+
spec.metadata['source_code_uri'] = 'https://github.com/twitch-data-nuggets/rails-vault-jwt'
|
26
|
+
spec.metadata['changelog_uri'] = 'https://github.com/twitch-data-nuggets/rails-vault-jwt/blob/main/CHANGELOG.md'
|
27
27
|
else
|
28
28
|
raise 'RubyGems 2.0 or newer is required to protect against ' \
|
29
29
|
'public gem pushes.'
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: rails-vault-jwt
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.1.
|
4
|
+
version: 0.1.3
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Nick King
|
@@ -148,8 +148,8 @@ licenses:
|
|
148
148
|
metadata:
|
149
149
|
allowed_push_host: https://rubygems.org
|
150
150
|
homepage_uri: https://github.com/datanuggets/rails-vault-jwt
|
151
|
-
source_code_uri: https://github.com/
|
152
|
-
changelog_uri: https://github.com/
|
151
|
+
source_code_uri: https://github.com/twitch-data-nuggets/rails-vault-jwt
|
152
|
+
changelog_uri: https://github.com/twitch-data-nuggets/rails-vault-jwt/blob/main/CHANGELOG.md
|
153
153
|
post_install_message:
|
154
154
|
rdoc_options: []
|
155
155
|
require_paths:
|