stytch 7.0.1 → 7.0.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: b5b6f3a220db5b04687a900ac17b0e8f538fb5880a71c390c9ffcef876fd5425
4
- data.tar.gz: ed5964bfc4b355a239cc8b5214ea6a2e7dd89a980fa923fd62cf9665176bf241
3
+ metadata.gz: 7db7ce0ca6bc7abc37055eb392add1196bf5b6a0d226bbd465c0a7d7fe77ce11
4
+ data.tar.gz: f7a8dc3fd353b3727e0ae8ac9567c6e3655f16a10c30589a2305560c15090a25
5
5
  SHA512:
6
- metadata.gz: ea9dca6572aaed91548265c03bf051237965cc57d7b82d4d0e3df4f4d1a5e9b1232501c983076057d2c38c168c0210f8051b8874e66155734d62772619c7b343
7
- data.tar.gz: 201db2bb213b9c97614c3392beca947df83ed24c57a229e7dadc635a293d4fd6ebc9c424f5d6156a794e53fa9185d23f7447f9f9c11a9896e5567d0653edc758
6
+ metadata.gz: c382982dece8ce8f68b22a06dd2522b0f86618f304642189b85f08b89c3a8870126abe1a3995377c61412b52609a6580e844a4345ef70bfa7265f763d501c168
7
+ data.tar.gz: 04755c76aef2e3a0d20dff671cbe34504ec7e0bc4a887bf77c7b975d3616700fea61594410389580cb0bc8056d68cbeef813e9234afafdd518f089e98dfec9c6
@@ -380,7 +380,7 @@ module StytchB2B
380
380
  )
381
381
  end
382
382
 
383
- decoded_jwt = authenticate_jwt_local(session_jwt: session_jwt, authorization_check: authorization_check)
383
+ decoded_jwt = authenticate_jwt_local(session_jwt, max_token_age_seconds: max_token_age_seconds, authorization_check: authorization_check)
384
384
  return decoded_jwt unless decoded_jwt.nil?
385
385
 
386
386
  authenticate(
@@ -215,16 +215,14 @@ module Stytch
215
215
  )
216
216
  end
217
217
 
218
- session = authenticate_jwt_local(session_jwt)
219
- if !session.nil?
220
- { 'session' => session }
221
- else
222
- authenticate(
223
- session_jwt: session_jwt,
224
- session_duration_minutes: session_duration_minutes,
225
- session_custom_claims: session_custom_claims
226
- )
227
- end
218
+ session = authenticate_jwt_local(session_jwt, max_token_age_seconds: max_token_age_seconds)
219
+ return session unless session.nil?
220
+
221
+ authenticate(
222
+ session_jwt: session_jwt,
223
+ session_duration_minutes: session_duration_minutes,
224
+ session_custom_claims: session_custom_claims
225
+ )
228
226
  rescue StandardError
229
227
  # JWT could not be verified locally. Check with the Stytch API.
230
228
  authenticate(
@@ -237,6 +235,7 @@ module Stytch
237
235
  # Parse a JWT and verify the signature locally (without calling /authenticate in the API)
238
236
  # Uses the cached value to get the JWK but if it is unavailable, it calls the get_jwks()
239
237
  # function to get the JWK
238
+ # This method never authenticates a JWT directly with the API
240
239
  # If max_token_age_seconds is not supplied 300 seconds will be used as the default.
241
240
  def authenticate_jwt_local(session_jwt, max_token_age_seconds: nil)
242
241
  max_token_age_seconds = 300 if max_token_age_seconds.nil?
@@ -245,6 +244,7 @@ module Stytch
245
244
  begin
246
245
  decoded_token = JWT.decode session_jwt, nil, true,
247
246
  { jwks: @jwks_loader, iss: issuer, verify_iss: true, aud: @project_id, verify_aud: true, algorithms: ['RS256'] }
247
+
248
248
  session = decoded_token[0]
249
249
  iat_time = Time.at(session['iat']).to_datetime
250
250
  return nil unless iat_time + max_token_age_seconds >= Time.now
@@ -272,15 +272,17 @@ module Stytch
272
272
  reserved_claims = ['aud', 'exp', 'iat', 'iss', 'jti', 'nbf', 'sub', stytch_claim]
273
273
  custom_claims = jwt.reject { |key, _| reserved_claims.include?(key) }
274
274
  {
275
- 'session_id' => jwt[stytch_claim]['id'],
276
- 'user_id' => jwt['sub'],
277
- 'started_at' => jwt[stytch_claim]['started_at'],
278
- 'last_accessed_at' => jwt[stytch_claim]['last_accessed_at'],
279
- # For JWTs that include it, prefer the inner expires_at claim.
280
- 'expires_at' => expires_at,
281
- 'attributes' => jwt[stytch_claim]['attributes'],
282
- 'authentication_factors' => jwt[stytch_claim]['authentication_factors'],
283
- 'custom_claims' => custom_claims
275
+ 'session' => {
276
+ 'session_id' => jwt[stytch_claim]['id'],
277
+ 'user_id' => jwt['sub'],
278
+ 'started_at' => jwt[stytch_claim]['started_at'],
279
+ 'last_accessed_at' => jwt[stytch_claim]['last_accessed_at'],
280
+ # For JWTs that include it, prefer the inner expires_at claim.
281
+ 'expires_at' => expires_at,
282
+ 'attributes' => jwt[stytch_claim]['attributes'],
283
+ 'authentication_factors' => jwt[stytch_claim]['authentication_factors'],
284
+ 'custom_claims' => custom_claims
285
+ }
284
286
  }
285
287
  end
286
288
  # ENDMANUAL(Sessions::authenticate_jwt)
@@ -1,5 +1,5 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module Stytch
4
- VERSION = '7.0.1'
4
+ VERSION = '7.0.3'
5
5
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: stytch
3
3
  version: !ruby/object:Gem::Version
4
- version: 7.0.1
4
+ version: 7.0.3
5
5
  platform: ruby
6
6
  authors:
7
7
  - stytch