solidus_jwt 0.1.0 → 1.2.0

data/bin/console

@@ -0,0 +1,17 @@
+#!/usr/bin/env ruby
+
+# frozen_string_literal: true
+
+require "bundler/setup"
+require "solidus_jwt"
+
+# You can add fixtures and/or initialization code here to make experimenting
+# with your gem easier. You can also use a different console, if you like.
+$LOAD_PATH.unshift(*Dir["#{__dir__}/../app/*"])
+
+# (If you use this, don't forget to add pry to your Gemfile!)
+# require "pry"
+# Pry.start
+
+require "irb"
+IRB.start(__FILE__)

data/bin/r

@@ -0,0 +1,9 @@
+#!/usr/bin/env ruby
+# frozen_string_literal: true
+
+warn %{
+DEPRECATION: bin/r has been replaced by bin/rails-engine, please use that
+command instead.
+}.strip
+
+exec "#{__dir__}/rails-engine"

data/bin/rails

@@ -0,0 +1,8 @@
+#!/usr/bin/env ruby
+# frozen_string_literal: true
+
+if %w[g generate].include? ARGV.first
+  exec "#{__dir__}/rails-engine", *ARGV
+else
+  exec "#{__dir__}/rails-sandbox", *ARGV
+end

data/bin/rails-engine

@@ -0,0 +1,15 @@
+#!/usr/bin/env ruby
+# frozen_string_literal: true
+
+# This command will automatically be run when you run "rails" with Rails gems
+# installed from the root of your application.
+
+ENGINE_ROOT = File.expand_path('..', __dir__)
+ENGINE_PATH = File.expand_path('../lib/solidus_jwt/engine', __dir__)
+
+# Set up gems listed in the Gemfile.
+ENV['BUNDLE_GEMFILE'] ||= File.expand_path('../Gemfile', __dir__)
+require 'bundler/setup' if File.exist?(ENV['BUNDLE_GEMFILE'])
+
+require 'rails/all'
+require 'rails/engine/commands'

data/bin/rails-sandbox

@@ -0,0 +1,17 @@
+#!/usr/bin/env ruby
+# frozen_string_literal: true
+
+app_root = 'sandbox'
+
+unless File.exist? "#{app_root}/bin/rails"
+  warn 'Creating the sandbox app...'
+  Dir.chdir "#{__dir__}/.." do
+    system "#{__dir__}/sandbox" or begin # rubocop:disable Style/AndOr
+      warn 'Automatic creation of the sandbox app failed'
+      exit 1
+    end
+  end
+end
+
+Dir.chdir app_root
+exec 'bin/rails', *ARGV

data/bin/rake

@@ -0,0 +1,7 @@
+#!/usr/bin/env ruby
+# frozen_string_literal: true
+
+require "rubygems"
+require "bundler/setup"
+
+load Gem.bin_path("rake", "rake")

data/bin/sandbox

@@ -0,0 +1,84 @@
+#!/usr/bin/env bash
+
+set -e
+
+case "$DB" in
+postgres|postgresql)
+  RAILSDB="postgresql"
+  ;;
+mysql)
+  RAILSDB="mysql"
+  ;;
+sqlite|'')
+  RAILSDB="sqlite3"
+  ;;
+*)
+  echo "Invalid DB specified: $DB"
+  exit 1
+  ;;
+esac
+
+if [ ! -z $SOLIDUS_BRANCH ]
+then
+  BRANCH=$SOLIDUS_BRANCH
+else
+  BRANCH="master"
+fi
+
+extension_name="solidus_jwt"
+
+# Stay away from the bundler env of the containing extension.
+function unbundled {
+  ruby -rbundler -e'b = proc {system *ARGV}; Bundler.respond_to?(:with_unbundled_env) ? Bundler.with_unbundled_env(&b) : Bundler.with_clean_env(&b)' -- $@
+}
+
+rm -rf ./sandbox
+unbundled bundle exec rails new sandbox --database="$RAILSDB" \
+  --skip-bundle \
+  --skip-git \
+  --skip-keeps \
+  --skip-rc \
+  --skip-spring \
+  --skip-test \
+  --skip-javascript
+
+if [ ! -d "sandbox" ]; then
+  echo 'sandbox rails application failed'
+  exit 1
+fi
+
+cd ./sandbox
+cat <<RUBY >> Gemfile
+gem 'solidus', github: 'solidusio/solidus', branch: '$BRANCH'
+gem 'solidus_auth_devise', '>= 2.1.0'
+gem 'rails-i18n'
+gem 'solidus_i18n'
+
+gem '$extension_name', path: '..'
+
+group :test, :development do
+  platforms :mri do
+    gem 'pry-byebug'
+  end
+end
+RUBY
+
+unbundled bundle install --gemfile Gemfile
+
+unbundled bundle exec rake db:drop db:create
+
+unbundled bundle exec rails generate spree:install \
+  --auto-accept \
+  --user_class=Spree::User \
+  --enforce_available_locales=true \
+  --with-authentication=false \
+  $@
+
+unbundled bundle exec rails generate solidus:auth:install
+
+echo
+echo "🚀 Sandbox app successfully created for $extension_name!"
+echo "🚀 Using $RAILSDB and Solidus $BRANCH"
+echo "🚀 Use 'export DB=[postgres|mysql|sqlite]' to control the DB adapter"
+echo "🚀 Use 'export SOLIDUS_BRANCH=<BRANCH-NAME>' to control the Solidus version"
+echo "🚀 This app is intended for test purposes."

data/bin/sandbox_rails

@@ -0,0 +1,9 @@
+#!/usr/bin/env ruby
+# frozen_string_literal: true
+
+warn %{
+DEPRECATION: bin/sandbox_rails has been replaced by bin/rails-sandbox, please
+use that command instead.
+}.strip
+
+exec "#{__dir__}/rails-engine"

data/bin/setup

@@ -0,0 +1,8 @@
+#!/usr/bin/env bash
+set -euo pipefail
+IFS=$'\n\t'
+set -vx
+
+gem install bundler --conservative
+bundle update
+bin/rake clobber

data/config/locales/en.yml

@@ -2,4 +2,5 @@
 # See https://github.com/svenfuchs/rails-i18n/tree/master/rails%2Flocale for starting points.
 
 en:
-  hello: Hello world
+  solidus_jwt:
+    invalid_credentials: invalid username or password

data/config/routes.rb

@@ -1,3 +1,6 @@
+# frozen_string_literal: true
+
 Spree::Core::Engine.routes.draw do
   # Add your extension routes here
+  post 'oauth/token', to: 'api/oauths#token'
 end

data/db/migrate/20190222220038_create_solidus_jwt_tokens.rb

@@ -0,0 +1,14 @@
+# frozen_string_literal: true
+
+class CreateSolidusJwtTokens < ActiveRecord::Migration[5.2]
+  def change
+    create_table :solidus_jwt_tokens do |t|
+      t.string :token, index: true
+      t.integer :auth_type, default: 0, null: false
+      t.integer :user_id, index: true
+      t.boolean :active, default: true, null: false
+
+      t.timestamps null: false
+    end
+  end
+end

data/db/migrate/20191212083655_add_foreign_key_to_users_table.rb

@@ -0,0 +1,7 @@
+# frozen_string_literal: true
+
+class AddForeignKeyToUsersTable < ActiveRecord::Migration[5.2]
+  def change
+    add_foreign_key :solidus_jwt_tokens, Spree.user_class.table_name, column: :user_id, on_delete: :cascade
+  end
+end

data/lib/controllers/api/spree/api/oauths_controller.rb

@@ -0,0 +1,47 @@
+# frozen_string_literal: true
+
+module Spree
+  module Api
+    class OauthsController < BaseController
+      skip_before_action :authenticate_user
+
+      def token
+        result = catch(:warden) do
+          try_authenticate_user
+        end
+
+        case result
+        when Spree::User
+          render json: token_response_json(result)
+        when Hash
+          render status: :unauthorized, json: { error: I18n.t(result[:message], scope: 'devise.failure') }
+        else
+          render status: :unauthorized, json: { error: I18n.t(:invalid_credentials, scope: 'solidus_jwt') }
+        end
+      end
+
+      private
+
+      def token_response_json(user)
+        expires_in = SolidusJwt::Config.jwt_expiration
+
+        {
+          token_type: 'bearer',
+          access_token: user.generate_jwt(expires_in: expires_in),
+          expires_in: expires_in,
+          refresh_token: generate_refresh_token_for(user)
+        }
+      end
+
+      def try_authenticate_user
+        warden.authenticate(:solidus_jwt_password) ||
+          warden.authenticate(:solidus_jwt_refresh_token)
+      end
+
+      def generate_refresh_token_for(user)
+        token_resource = user.auth_tokens.create!
+        token_resource.token
+      end
+    end
+  end
+end

data/lib/generators/solidus_jwt/install/install_generator.rb

@@ -1,18 +1,10 @@
+# frozen_string_literal: true
+
 module SolidusJwt
   module Generators
     class InstallGenerator < Rails::Generators::Base
       class_option :auto_run_migrations, type: :boolean, default: false
 
-      def add_javascripts
-        append_file 'vendor/assets/javascripts/spree/frontend/all.js', "//= require spree/frontend/solidus_jwt\n"
-        append_file 'vendor/assets/javascripts/spree/backend/all.js', "//= require spree/backend/solidus_jwt\n"
-      end
-
-      def add_stylesheets
-        inject_into_file 'vendor/assets/stylesheets/spree/frontend/all.css', " *= require spree/frontend/solidus_jwt\n", before: /\*\//, verbose: true
-        inject_into_file 'vendor/assets/stylesheets/spree/backend/all.css', " *= require spree/backend/solidus_jwt\n", before: /\*\//, verbose: true
-      end
-
       def add_migrations
         run 'bundle exec rake railties:install:migrations FROM=solidus_jwt'
       end
@@ -22,7 +14,7 @@ module SolidusJwt
         if run_migrations
           run 'bundle exec rake db:migrate'
         else
-          puts 'Skipping rake db:migrate, don\'t forget to run it!'
+          puts 'Skipping rake db:migrate, don\'t forget to run it!' # rubocop:disable Rails/Output
         end
       end
     end

data/lib/solidus_jwt.rb

@@ -1,8 +1,16 @@
+# frozen_string_literal: true
+
 require 'jwt'
 
 require 'solidus_core'
+require 'solidus_support'
+require 'solidus_auth_devise'
 require 'solidus_jwt/engine'
 
+require 'solidus_jwt/devise_strategies/base'
+require 'solidus_jwt/devise_strategies/password'
+require 'solidus_jwt/devise_strategies/refresh_token'
+
 require 'solidus_jwt/version'
 require 'solidus_jwt/config'
 require 'solidus_jwt/concerns/decodeable'

data/lib/solidus_jwt/concerns/decodeable.rb

@@ -1,15 +1,21 @@
+# frozen_string_literal: true
+
 module SolidusJwt
   module Decodeable
     ##
     # Decode a token generated by SolidusJwt
     # @see https://github.com/jwt/ruby-jwt
     #
+    # @example decode a token.
+    #   SolidusJwt.decode('abc.123.efg')
+    #   #=> [{"sub"=>"1234567890", "name"=>"John Doe", "iat"=>1516239022}, {"alg"=>"HS256", "typ"=>"JWT"}]
+    #
     # @param token [String] The token to decode
     # @return [Array<Hash>]
     #
     def decode(token)
       JWT.decode(token, SolidusJwt::Config.jwt_secret, true,
-                 algorithm: SolidusJwt::Config.jwt_algorithm)
+        algorithm: SolidusJwt::Config.jwt_algorithm)
     end
   end
 end

data/lib/solidus_jwt/concerns/encodeable.rb

@@ -1,9 +1,21 @@
+# frozen_string_literal: true
+
 module SolidusJwt
   module Encodeable
     ##
     # Encode a specified payload
     # @see https://github.com/jwt/ruby-jwt
     #
+    # @example encode data into token
+    #   payload = {
+    #     sub: 1,
+    #     iat: DateTime.current.to_i,
+    #     exp: 1.hour.from_now.to_i
+    #   }
+    #
+    #   SolidusJwt.encode payload: payload
+    #   #=> 'eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOjEsImlhdCI6MTU4NDEzMjExOCwiZXhwIjoxNTg0MTM1NzE4LCJpc3MiOiJzb2xpZHVzIn0.OKZOGlawx435GdgKp2AGD8SKxW7sqn0h-Ef2qdVSxqQ'
+    #
     # @param payload [Hash] Attributes to place within the jwt
     # @param expires_in [Integer] How long until token expires in Seconds (*Optional*).
     #   Note that if no expires at is set, then the token will last forever.
@@ -15,12 +27,12 @@ module SolidusJwt
       current_time = Time.current.to_i
 
       # @see https://github.com/jwt/ruby-jwt#support-for-reserved-claim-names
-      jwt_payload[:exp] ||= current_time + expires_in if expires_in.present?
+      jwt_payload[:exp] ||= current_time + expires_in.to_i if expires_in.present?
       jwt_payload[:iat] ||= current_time
       jwt_payload[:iss] ||= 'solidus'
 
       JWT.encode(jwt_payload, SolidusJwt::Config.jwt_secret,
-                 SolidusJwt::Config.jwt_algorithm)
+        SolidusJwt::Config.jwt_algorithm)
     end
   end
 end

data/lib/solidus_jwt/config.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'solidus_jwt/preferences'
 
 SolidusJwt::Config = SolidusJwt::Preferences.new

data/lib/solidus_jwt/devise_strategies/base.rb

@@ -0,0 +1,25 @@
+# frozen_string_literal: true
+
+module SolidusJwt
+  module DeviseStrategies
+    class Base < Devise::Strategies::Authenticatable
+      def valid?
+        valid_grant_type? && valid_params?
+      end
+
+      private
+
+      def grant_type
+        params[:grant_type]
+      end
+
+      def valid_grant_type?
+        raise NotImplementedError
+      end
+
+      def valid_params?
+        raise NotImplementedError
+      end
+    end
+  end
+end

data/lib/solidus_jwt/devise_strategies/password.rb

@@ -0,0 +1,46 @@
+# frozen_string_literal: true
+
+module SolidusJwt
+  module DeviseStrategies
+    class Password < Base
+      def authenticate!
+        block = proc { resource.valid_password?(password) }
+
+        if resource&.valid_for_authentication?(&block)
+          resource.after_database_authentication
+          return success!(resource)
+        end
+
+        fail!(:invalid)
+      end
+
+      private
+
+      def resource
+        @resource ||= mapping.to.find_for_database_authentication(auth_hash)
+      end
+
+      def auth_hash
+        { email: username }
+      end
+
+      def username
+        params[:username]
+      end
+
+      def password
+        params[:password]
+      end
+
+      def valid_grant_type?
+        grant_type == 'password'
+      end
+
+      def valid_params?
+        username.present? && password.present?
+      end
+    end
+  end
+end
+
+Warden::Strategies.add(:solidus_jwt_password, SolidusJwt::DeviseStrategies::Password)