rails-vault-jwt 0.1.3 → 0.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (9) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +7 -0
  3. data/Gemfile.lock +20 -20
  4. data/lib/rails/vault/jwt.rb +4 -0
  5. data/lib/rails/vault/jwt/config.rb +1 -1
  6. data/lib/rails/vault/jwt/token_provider/base_provider.rb +6 -1
  7. data/lib/rails/vault/jwt/token_provider/role_id.rb +2 -2
  8. data/lib/rails/vault/jwt/version.rb +1 -1
  9. metadata +2 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: a2cc4bd6c97d1029d671f49ee94a1f3b628ff385dc71386d621d4f24db299512
4
- data.tar.gz: ef9184fbef5ee181d7d62105c67a937c66af6680fc498b8c1e8a9b92ff6117ae
3
+ metadata.gz: 848db8369ff224dd2b96fd875b1bba6069b82bf07dd0a901d6807c72c7f51302
4
+ data.tar.gz: c46c394c5953ecb4570234add0d27dc2a02707c116d80690544345b7da178c77
5
5
  SHA512:
6
- metadata.gz: 0674d5bc92bbd3a963ba506a55084095e9279ac67be5ff9104abb59cf24474aa332cd80c1f9c0469b2dec3dfe96a73e3b4aaf9dba09116795a26e66b74b9b342
7
- data.tar.gz: ffea10ab232b7dea73a123453c8dbe5350c112f60e09a7490ba2ebda0d60d2c8aaa488fd10e0474e37fae5f75c11193c171f48ddcc244fe98566e2934e068960
6
+ metadata.gz: c598d842e181e015f894fd8ca6fdaaaac928fe86b15eea74b79adc6e5a06707925ab2fd5a55fa81eaf97a0b7ed84518a3ac5f9628ff1cdf0fd1dfe46abfd4b58
7
+ data.tar.gz: eee69ffe7f2c9381cf123396d6115a057979b85422a0d48e7e28c8e236378aee9554ced5d379a9ee5411ed3ed114b8333f57d3f6849cc06a1f64366a660c05da
data/CHANGELOG.md CHANGED
@@ -6,6 +6,13 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
6
6
 
7
7
  ## [Unreleased]
8
8
 
9
+ ## [0.2.0] - 2021-02-06
10
+ ### Added
11
+ - Add #bearer_token method to use token to acquire a JWT
12
+
13
+ ### Changed
14
+ - Prefix env vars with `VAULT_`
15
+
9
16
  ## [0.1.3] - 2021-01-18
10
17
  ### Added
11
18
  - Added `valid_issuers` config item to allow restricting key lookups to specific issuers
data/Gemfile.lock CHANGED
@@ -1,7 +1,7 @@
1
1
  PATH
2
2
  remote: .
3
3
  specs:
4
- rails-vault-jwt (0.1.3)
4
+ rails-vault-jwt (0.2.0)
5
5
  activesupport (~> 6.1)
6
6
  jwt (~> 2.2)
7
7
  vault (~> 0.15)
@@ -9,36 +9,36 @@ PATH
9
9
  GEM
10
10
  remote: https://rubygems.org/
11
11
  specs:
12
- actionpack (6.1.0)
13
- actionview (= 6.1.0)
14
- activesupport (= 6.1.0)
12
+ actionpack (6.1.1)
13
+ actionview (= 6.1.1)
14
+ activesupport (= 6.1.1)
15
15
  rack (~> 2.0, >= 2.0.9)
16
16
  rack-test (>= 0.6.3)
17
17
  rails-dom-testing (~> 2.0)
18
18
  rails-html-sanitizer (~> 1.0, >= 1.2.0)
19
- actionview (6.1.0)
20
- activesupport (= 6.1.0)
19
+ actionview (6.1.1)
20
+ activesupport (= 6.1.1)
21
21
  builder (~> 3.1)
22
22
  erubi (~> 1.4)
23
23
  rails-dom-testing (~> 2.0)
24
24
  rails-html-sanitizer (~> 1.1, >= 1.2.0)
25
- activesupport (6.1.0)
25
+ activesupport (6.1.1)
26
26
  concurrent-ruby (~> 1.0, >= 1.0.2)
27
27
  i18n (>= 1.6, < 2)
28
28
  minitest (>= 5.1)
29
29
  tzinfo (~> 2.0)
30
30
  zeitwerk (~> 2.3)
31
- ast (2.4.1)
31
+ ast (2.4.2)
32
32
  aws-eventstream (1.1.0)
33
33
  aws-sigv4 (1.2.2)
34
34
  aws-eventstream (~> 1, >= 1.0.2)
35
35
  builder (3.2.4)
36
- concurrent-ruby (1.1.7)
36
+ concurrent-ruby (1.1.8)
37
37
  crass (1.0.6)
38
38
  diff-lcs (1.4.4)
39
- docile (1.3.4)
39
+ docile (1.3.5)
40
40
  erubi (1.10.0)
41
- i18n (1.8.7)
41
+ i18n (1.8.8)
42
42
  concurrent-ruby (~> 1.0)
43
43
  jwt (2.2.2)
44
44
  loofah (2.9.0)
@@ -74,28 +74,28 @@ GEM
74
74
  rspec-expectations (3.10.1)
75
75
  diff-lcs (>= 1.2.0, < 2.0)
76
76
  rspec-support (~> 3.10.0)
77
- rspec-mocks (3.10.1)
77
+ rspec-mocks (3.10.2)
78
78
  diff-lcs (>= 1.2.0, < 2.0)
79
79
  rspec-support (~> 3.10.0)
80
- rspec-support (3.10.1)
81
- rubocop (1.7.0)
80
+ rspec-support (3.10.2)
81
+ rubocop (1.9.1)
82
82
  parallel (~> 1.10)
83
- parser (>= 2.7.1.5)
83
+ parser (>= 3.0.0.0)
84
84
  rainbow (>= 2.2.2, < 4.0)
85
85
  regexp_parser (>= 1.8, < 3.0)
86
86
  rexml
87
87
  rubocop-ast (>= 1.2.0, < 2.0)
88
88
  ruby-progressbar (~> 1.7)
89
- unicode-display_width (>= 1.4.0, < 2.0)
90
- rubocop-ast (1.4.0)
89
+ unicode-display_width (>= 1.4.0, < 3.0)
90
+ rubocop-ast (1.4.1)
91
91
  parser (>= 2.7.1.5)
92
92
  rubocop-rake (0.5.1)
93
93
  rubocop
94
- rubocop-rspec (2.1.0)
94
+ rubocop-rspec (2.2.0)
95
95
  rubocop (~> 1.0)
96
96
  rubocop-ast (>= 1.1.0)
97
97
  ruby-progressbar (1.11.0)
98
- simplecov (0.21.0)
98
+ simplecov (0.21.2)
99
99
  docile (~> 1.1)
100
100
  simplecov-html (~> 0.11)
101
101
  simplecov_json_formatter (~> 0.1)
@@ -103,7 +103,7 @@ GEM
103
103
  simplecov_json_formatter (0.1.2)
104
104
  tzinfo (2.0.4)
105
105
  concurrent-ruby (~> 1.0)
106
- unicode-display_width (1.7.0)
106
+ unicode-display_width (2.0.0)
107
107
  vault (0.15.0)
108
108
  aws-sigv4
109
109
  zeitwerk (2.4.2)
data/lib/rails/vault/jwt.rb CHANGED
@@ -16,6 +16,8 @@ module Rails
16
16
  class InvalidIssuer < StandardError; end
17
17
 
18
18
  class << self
19
+ extend Forwardable
20
+
19
21
  def configure
20
22
  @config = Config.new
21
23
  yield(@config) if block_given?
@@ -25,6 +27,8 @@ module Rails
25
27
  def config
26
28
  @config || configure
27
29
  end
30
+
31
+ def_delegators :config, :token, :bearer_token
28
32
  end
29
33
  end
30
34
  end
data/lib/rails/vault/jwt/config.rb CHANGED
@@ -23,7 +23,7 @@ module Rails
23
23
  end
24
24
  end
25
25
 
26
- def_delegators :@token_provider, :token
26
+ def_delegators :@token_provider, :token, :bearer_token
27
27
  end
28
28
  end
29
29
  end
data/lib/rails/vault/jwt/token_provider/base_provider.rb CHANGED
@@ -9,12 +9,17 @@ module Rails
9
9
  class BaseProvider
10
10
  attr_reader :expire_time
11
11
 
12
- def initialize(*_args)
12
+ def initialize(*_args, bearer_role_name: nil, **_kwargs)
13
13
  @expire_time = DateTime.now
14
+ @bearer_role_name = bearer_role_name || ENV.fetch('VAULT_BEARER_ROLE', '')
14
15
  end
15
16
 
16
17
  def auth; end
17
18
 
19
+ def bearer_token
20
+ client.logical.read("identity/oidc/token/#{@bearer_role_name}")&.data[:token]
21
+ end
22
+
18
23
  def token
19
24
  unless token_valid?
20
25
  auth_data = auth
data/lib/rails/vault/jwt/token_provider/role_id.rb CHANGED
@@ -8,8 +8,8 @@ module Rails
8
8
  def initialize(*args, mount_name: 'approle', role_id: nil, secret_id: nil, token_ttl: '5m')
9
9
  super
10
10
  @mount_name = mount_name
11
- @role_id = role_id || ENV.fetch('ROLE_ID')
12
- @secret_id = secret_id || ENV.fetch('SECRET_ID')
11
+ @role_id = role_id || ENV.fetch('VAULT_ROLE_ID')
12
+ @secret_id = secret_id || ENV.fetch('VAULT_SECRET_ID')
13
13
  @token_ttl = token_ttl
14
14
  end
15
15
 
data/lib/rails/vault/jwt/version.rb CHANGED
@@ -3,7 +3,7 @@
3
3
  module Rails
4
4
  module Vault
5
5
  module JWT
6
- VERSION = '0.1.3'
6
+ VERSION = '0.2.0'
7
7
  end
8
8
  end
9
9
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: rails-vault-jwt
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.1.3
4
+ version: 0.2.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Nick King
8
8
  autorequire:
9
9
  bindir: exe
10
10
  cert_chain: []
11
- date: 2021-01-18 00:00:00.000000000 Z
11
+ date: 2021-02-06 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: activesupport