rails-vault-jwt 0.1.2 → 0.1.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (9) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +4 -0
  3. data/Gemfile.lock +1 -1
  4. data/lib/rails/vault/jwt.rb +2 -0
  5. data/lib/rails/vault/jwt/config.rb +2 -1
  6. data/lib/rails/vault/jwt/key_provider.rb +2 -0
  7. data/lib/rails/vault/jwt/version.rb +1 -1
  8. data/rails-vault-jwt.gemspec +2 -2
  9. metadata +3 -3
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 68362487c468f62427b11aad0beb4e9a18757bb05149c927fc252e7934ad0059
4
- data.tar.gz: daf16e0954e57981ced7a033eb91351bc73b73faa94266704ed0e6f3ddfe652f
3
+ metadata.gz: a2cc4bd6c97d1029d671f49ee94a1f3b628ff385dc71386d621d4f24db299512
4
+ data.tar.gz: ef9184fbef5ee181d7d62105c67a937c66af6680fc498b8c1e8a9b92ff6117ae
5
5
  SHA512:
6
- metadata.gz: fccd7bd58ec1bc80e396b1dcc38eb7ef831a214c7701b990f6edd8a57e4d04fb670071f60b50869ccf4dae737c2f4c835c50fe0b0eb411a06d048620898f2c5a
7
- data.tar.gz: e4efe5ffb04361e32a7198ee34f4ea8660dfb69117afca991d586bf2c29379b9d3cf4a64847da6938a53618622cd74567cf0b142c345baaf2753ca418f57fa1c
6
+ metadata.gz: 0674d5bc92bbd3a963ba506a55084095e9279ac67be5ff9104abb59cf24474aa332cd80c1f9c0469b2dec3dfe96a73e3b4aaf9dba09116795a26e66b74b9b342
7
+ data.tar.gz: ffea10ab232b7dea73a123453c8dbe5350c112f60e09a7490ba2ebda0d60d2c8aaa488fd10e0474e37fae5f75c11193c171f48ddcc244fe98566e2934e068960
data/CHANGELOG.md CHANGED
@@ -6,6 +6,10 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
6
6
 
7
7
  ## [Unreleased]
8
8
 
9
+ ## [0.1.3] - 2021-01-18
10
+ ### Added
11
+ - Added `valid_issuers` config item to allow restricting key lookups to specific issuers
12
+
9
13
  ## [0.1.2] - 2021-01-18
10
14
  ### Fixed
11
15
  - Fixed issuer key url
data/Gemfile.lock CHANGED
@@ -1,7 +1,7 @@
1
1
  PATH
2
2
  remote: .
3
3
  specs:
4
- rails-vault-jwt (0.1.2)
4
+ rails-vault-jwt (0.1.3)
5
5
  activesupport (~> 6.1)
6
6
  jwt (~> 2.2)
7
7
  vault (~> 0.15)
data/lib/rails/vault/jwt.rb CHANGED
@@ -13,6 +13,8 @@ module Rails
13
13
  module JWT
14
14
  class Error < StandardError; end
15
15
 
16
+ class InvalidIssuer < StandardError; end
17
+
16
18
  class << self
17
19
  def configure
18
20
  @config = Config.new
data/lib/rails/vault/jwt/config.rb CHANGED
@@ -7,11 +7,12 @@ module Rails
7
7
  module JWT
8
8
  class Config
9
9
  extend Forwardable
10
- attr_accessor :cache, :logger
10
+ attr_accessor :cache, :logger, :valid_issuers
11
11
  attr_reader :token_provider
12
12
 
13
13
  def initialize
14
14
  @logger = defined?(Rails) && defined?(Rails.logger) ? Rails.logger : Logger.new($stdout)
15
+ @valid_issuers = []
15
16
  end
16
17
 
17
18
  def token_provider=(value)
data/lib/rails/vault/jwt/key_provider.rb CHANGED
@@ -12,6 +12,8 @@ module Rails
12
12
  end
13
13
 
14
14
  def keys(issuer)
15
+ raise InvalidIssuer if JWT.config.valid_issuers.any? && !(JWT.config.valid_issuers.include? issuer)
16
+
15
17
  if @cache.respond_to?(:fetch)
16
18
  @cache.fetch("keys/#{issuer}", expires_in: 5.minutes) do
17
19
  fetch_keys issuer
data/lib/rails/vault/jwt/version.rb CHANGED
@@ -3,7 +3,7 @@
3
3
  module Rails
4
4
  module Vault
5
5
  module JWT
6
- VERSION = '0.1.2'
6
+ VERSION = '0.1.3'
7
7
  end
8
8
  end
9
9
  end
data/rails-vault-jwt.gemspec CHANGED
@@ -22,8 +22,8 @@ Gem::Specification.new do |spec|
22
22
  spec.metadata['allowed_push_host'] = 'https://rubygems.org'
23
23
 
24
24
  spec.metadata['homepage_uri'] = spec.homepage
25
- spec.metadata['source_code_uri'] = 'https://github.com/datanuggets/rails-vault-jwt'
26
- spec.metadata['changelog_uri'] = 'https://github.com/datanuggets/rails-vault-jwt/blob/main/CHANGELOG.md'
25
+ spec.metadata['source_code_uri'] = 'https://github.com/twitch-data-nuggets/rails-vault-jwt'
26
+ spec.metadata['changelog_uri'] = 'https://github.com/twitch-data-nuggets/rails-vault-jwt/blob/main/CHANGELOG.md'
27
27
  else
28
28
  raise 'RubyGems 2.0 or newer is required to protect against ' \
29
29
  'public gem pushes.'
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: rails-vault-jwt
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.1.2
4
+ version: 0.1.3
5
5
  platform: ruby
6
6
  authors:
7
7
  - Nick King
@@ -148,8 +148,8 @@ licenses:
148
148
  metadata:
149
149
  allowed_push_host: https://rubygems.org
150
150
  homepage_uri: https://github.com/datanuggets/rails-vault-jwt
151
- source_code_uri: https://github.com/datanuggets/rails-vault-jwt
152
- changelog_uri: https://github.com/datanuggets/rails-vault-jwt/blob/main/CHANGELOG.md
151
+ source_code_uri: https://github.com/twitch-data-nuggets/rails-vault-jwt
152
+ changelog_uri: https://github.com/twitch-data-nuggets/rails-vault-jwt/blob/main/CHANGELOG.md
153
153
  post_install_message:
154
154
  rdoc_options: []
155
155
  require_paths: