real_savvy 0.0.9 → 0.0.10
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/real_savvy/jwt/abstract_token.rb +39 -31
- data/lib/real_savvy/jwt/config.rb +8 -4
- data/lib/real_savvy/version.rb +1 -1
- metadata +1 -1
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: a089cce034187b8f9c6592b50b73e0ff2bcb4416
|
|
4
|
+
data.tar.gz: d98f257df54ca0c40f9565e9b8be9fa3958b0c4a
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 704bb7a5810c7e0b3f42f82c106c4f32a907f7cc2797cdc192382cf1d072c49ecd8ad6d8c9034ac34a9fd23eb2c2701395d79b8b08a73f091cfa72e0247bc1a9
|
|
7
|
+
data.tar.gz: 1a24892e521670cc0ba0727fbdb90b9614fd6caad1711b366140eb13bff864e0166647f22ac2f98b6f272c9ce9567ae29c6a97d4a26efddf0a0cfc0fbc4d71ee
|
|
@@ -4,21 +4,18 @@ module RealSavvy
|
|
|
4
4
|
# In order of access level
|
|
5
5
|
SCOPE_VERBS = %w{public read write admin}.freeze
|
|
6
6
|
|
|
7
|
-
attr_reader :
|
|
7
|
+
attr_reader :token
|
|
8
8
|
|
|
9
9
|
def initialize(token)
|
|
10
10
|
@token = token
|
|
11
11
|
standardized_token
|
|
12
|
-
retrieve_claims
|
|
13
|
-
retrieve_scopes
|
|
14
|
-
retrieve_audience
|
|
15
|
-
retrieve_site
|
|
16
|
-
retrieve_subject
|
|
17
|
-
retrieve_user
|
|
18
12
|
end
|
|
19
13
|
|
|
14
|
+
# New token, plus makes sure there isn't any errors with the token
|
|
20
15
|
def self.decode(token)
|
|
21
|
-
new(token)
|
|
16
|
+
new(token).tap do |new_token|
|
|
17
|
+
new_token.valid?
|
|
18
|
+
end
|
|
22
19
|
end
|
|
23
20
|
|
|
24
21
|
def scope_includes?(*scope_parts)
|
|
@@ -90,6 +87,7 @@ module RealSavvy
|
|
|
90
87
|
end
|
|
91
88
|
|
|
92
89
|
def imposter?
|
|
90
|
+
user
|
|
93
91
|
@imposter ? true : false
|
|
94
92
|
end
|
|
95
93
|
|
|
@@ -97,43 +95,53 @@ module RealSavvy
|
|
|
97
95
|
@token.split('.')[1]
|
|
98
96
|
end
|
|
99
97
|
|
|
100
|
-
|
|
98
|
+
def claims
|
|
99
|
+
retrieve_claims unless @claims
|
|
100
|
+
@claims
|
|
101
|
+
end
|
|
101
102
|
|
|
102
|
-
|
|
103
|
+
def header
|
|
104
|
+
retrieve_claims unless @header
|
|
105
|
+
@header
|
|
106
|
+
end
|
|
103
107
|
|
|
104
|
-
def
|
|
105
|
-
|
|
108
|
+
def site
|
|
109
|
+
audience
|
|
106
110
|
end
|
|
107
111
|
|
|
108
|
-
def
|
|
109
|
-
@
|
|
112
|
+
def user
|
|
113
|
+
@user ||= begin
|
|
114
|
+
if subject_is_user?
|
|
115
|
+
subject
|
|
116
|
+
elsif subject_is_imposter?
|
|
117
|
+
@imposter = true
|
|
118
|
+
subject.user
|
|
119
|
+
end
|
|
120
|
+
end
|
|
110
121
|
end
|
|
111
122
|
|
|
112
|
-
def
|
|
113
|
-
@
|
|
123
|
+
def scopes
|
|
124
|
+
@scopes ||= raw_scopes.each_with_object({}) do |scope, result|
|
|
125
|
+
scope.split(':').inject(result) { |m, v| m[v] ||= {} }
|
|
126
|
+
end
|
|
114
127
|
end
|
|
115
128
|
|
|
116
|
-
|
|
117
|
-
|
|
129
|
+
private
|
|
130
|
+
|
|
131
|
+
def retrieve_claims
|
|
132
|
+
raise NotImplementedError, "subclass did not define #retrieve_claims"
|
|
118
133
|
end
|
|
119
134
|
|
|
120
|
-
def
|
|
121
|
-
if
|
|
122
|
-
@user = subject
|
|
123
|
-
elsif subject_is_imposter?
|
|
124
|
-
@user = subject.user
|
|
125
|
-
@imposter = true
|
|
126
|
-
end
|
|
135
|
+
def audience
|
|
136
|
+
@audience ||= ::RealSavvy::JWT::Config.retrieve_audience(self) if claims && claims['aud']
|
|
127
137
|
end
|
|
128
138
|
|
|
129
|
-
def
|
|
130
|
-
claims
|
|
139
|
+
def subject
|
|
140
|
+
@subject ||= ::RealSavvy::JWT::Config.retrieve_subject(self) if claims && claims['sub']
|
|
131
141
|
end
|
|
132
142
|
|
|
133
|
-
def
|
|
134
|
-
|
|
135
|
-
scope.split(':').inject(result) { |m, v| m[v] ||= {} }
|
|
136
|
-
end
|
|
143
|
+
def raw_scopes
|
|
144
|
+
claims&.fetch('scopes', nil).to_a
|
|
137
145
|
end
|
|
138
146
|
|
|
139
147
|
def standardized_token
|
|
@@ -5,6 +5,7 @@ module RealSavvy
|
|
|
5
5
|
if block_given?
|
|
6
6
|
@public_key = Proc.new
|
|
7
7
|
else
|
|
8
|
+
raise NotImplementedError, "public_key not provided" unless @public_key
|
|
8
9
|
result = @public_key.is_a?(Proc) ? @public_key.call : @public_key
|
|
9
10
|
result.is_a?(OpenSSL::PKey::RSA) ? result : OpenSSL::PKey::RSA.new(result)
|
|
10
11
|
end
|
|
@@ -14,11 +15,12 @@ module RealSavvy
|
|
|
14
15
|
@public_key = value
|
|
15
16
|
end
|
|
16
17
|
|
|
17
|
-
def self.retrieve_audience
|
|
18
|
+
def self.retrieve_audience token = nil
|
|
18
19
|
if block_given?
|
|
19
20
|
@retrieve_audience = Proc.new
|
|
20
21
|
else
|
|
21
|
-
@retrieve_audience
|
|
22
|
+
raise NotImplementedError, "retrieve_audience logic not implemeted" unless @retrieve_audience
|
|
23
|
+
@retrieve_audience.call(token)
|
|
22
24
|
end
|
|
23
25
|
end
|
|
24
26
|
|
|
@@ -26,11 +28,12 @@ module RealSavvy
|
|
|
26
28
|
@retrieve_audience = value
|
|
27
29
|
end
|
|
28
30
|
|
|
29
|
-
def self.retrieve_subject
|
|
31
|
+
def self.retrieve_subject token = nil
|
|
30
32
|
if block_given?
|
|
31
33
|
@retrieve_subject = Proc.new
|
|
32
34
|
else
|
|
33
|
-
@retrieve_subject
|
|
35
|
+
raise NotImplementedError, "retrieve_subject logic not implemeted" unless @retrieve_subject
|
|
36
|
+
@retrieve_subject.call(token)
|
|
34
37
|
end
|
|
35
38
|
end
|
|
36
39
|
|
|
@@ -42,6 +45,7 @@ module RealSavvy
|
|
|
42
45
|
if block_given?
|
|
43
46
|
@validate_token = Proc.new
|
|
44
47
|
else
|
|
48
|
+
raise NotImplementedError, "validate_token logic not implemeted" unless @validate_token
|
|
45
49
|
@validate_token.call(token)
|
|
46
50
|
end
|
|
47
51
|
end
|
data/lib/real_savvy/version.rb
CHANGED