RubyGems - th7-clerk-sdk-ruby - Versions diffs - 4.2.2 - Mend

th7-clerk-sdk-ruby 4.2.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (195) hide show

checksums.yaml +7 -0
data/.env.example +3 -0
data/.github/workflows/main.yml +30 -0
data/.github/workflows/semgrep.yml +24 -0
data/.gitignore +21 -0
data/.rspec +3 -0
data/.ruby-version +1 -0
data/CHANGELOG.md +212 -0
data/Gemfile +33 -0
data/Gemfile.lock +300 -0
data/Guardfile +14 -0
data/LICENSE.txt +21 -0
data/README.md +278 -0
data/Rakefile +56 -0
data/apps/rack/app.rb +67 -0
data/apps/rack/config.ru +17 -0
data/apps/rack/middleware/disable_paths.rb +13 -0
data/apps/rails-api/.dockerignore +41 -0
data/apps/rails-api/.gitattributes +9 -0
data/apps/rails-api/.gitignore +32 -0
data/apps/rails-api/.kamal/hooks/docker-setup.sample +3 -0
data/apps/rails-api/.kamal/hooks/post-deploy.sample +14 -0
data/apps/rails-api/.kamal/hooks/post-proxy-reboot.sample +3 -0
data/apps/rails-api/.kamal/hooks/pre-build.sample +51 -0
data/apps/rails-api/.kamal/hooks/pre-connect.sample +47 -0
data/apps/rails-api/.kamal/hooks/pre-deploy.sample +109 -0
data/apps/rails-api/.kamal/hooks/pre-proxy-reboot.sample +3 -0
data/apps/rails-api/.kamal/secrets +17 -0
data/apps/rails-api/.rubocop.yml +8 -0
data/apps/rails-api/.ruby-version +1 -0
data/apps/rails-api/Dockerfile +69 -0
data/apps/rails-api/Gemfile +54 -0
data/apps/rails-api/Gemfile.lock +374 -0
data/apps/rails-api/README.md +24 -0
data/apps/rails-api/Rakefile +6 -0
data/apps/rails-api/app/controllers/application_controller.rb +3 -0
data/apps/rails-api/app/controllers/home_controller.rb +5 -0
data/apps/rails-api/app/jobs/application_job.rb +7 -0
data/apps/rails-api/app/mailers/application_mailer.rb +4 -0
data/apps/rails-api/app/models/application_record.rb +3 -0
data/apps/rails-api/app/views/layouts/mailer.html.erb +13 -0
data/apps/rails-api/app/views/layouts/mailer.text.erb +1 -0
data/apps/rails-api/bin/brakeman +7 -0
data/apps/rails-api/bin/bundle +109 -0
data/apps/rails-api/bin/dev +2 -0
data/apps/rails-api/bin/docker-entrypoint +14 -0
data/apps/rails-api/bin/jobs +6 -0
data/apps/rails-api/bin/kamal +27 -0
data/apps/rails-api/bin/rails +4 -0
data/apps/rails-api/bin/rake +4 -0
data/apps/rails-api/bin/rubocop +8 -0
data/apps/rails-api/bin/setup +34 -0
data/apps/rails-api/bin/thrust +5 -0
data/apps/rails-api/config/application.rb +36 -0
data/apps/rails-api/config/boot.rb +4 -0
data/apps/rails-api/config/cable.yml +17 -0
data/apps/rails-api/config/cache.yml +16 -0
data/apps/rails-api/config/credentials.yml.enc +1 -0
data/apps/rails-api/config/database.yml +41 -0
data/apps/rails-api/config/deploy.yml +116 -0
data/apps/rails-api/config/environment.rb +5 -0
data/apps/rails-api/config/environments/development.rb +70 -0
data/apps/rails-api/config/environments/production.rb +88 -0
data/apps/rails-api/config/environments/test.rb +53 -0
data/apps/rails-api/config/initializers/cors.rb +16 -0
data/apps/rails-api/config/initializers/filter_parameter_logging.rb +8 -0
data/apps/rails-api/config/initializers/inflections.rb +16 -0
data/apps/rails-api/config/locales/en.yml +31 -0
data/apps/rails-api/config/puma.rb +41 -0
data/apps/rails-api/config/queue.yml +18 -0
data/apps/rails-api/config/recurring.yml +10 -0
data/apps/rails-api/config/routes.rb +10 -0
data/apps/rails-api/config/storage.yml +34 -0
data/apps/rails-api/config.ru +6 -0
data/apps/rails-api/db/cable_schema.rb +11 -0
data/apps/rails-api/db/cache_schema.rb +14 -0
data/apps/rails-api/db/queue_schema.rb +129 -0
data/apps/rails-api/db/seeds.rb +9 -0
data/apps/rails-api/public/robots.txt +1 -0
data/apps/rails-api/test/controllers/home_controller_test.rb +7 -0
data/apps/rails-api/test/test_helper.rb +15 -0
data/apps/rails-full/.dockerignore +47 -0
data/apps/rails-full/.gitattributes +9 -0
data/apps/rails-full/.gitignore +34 -0
data/apps/rails-full/.kamal/hooks/docker-setup.sample +3 -0
data/apps/rails-full/.kamal/hooks/post-deploy.sample +14 -0
data/apps/rails-full/.kamal/hooks/post-proxy-reboot.sample +3 -0
data/apps/rails-full/.kamal/hooks/pre-build.sample +51 -0
data/apps/rails-full/.kamal/hooks/pre-connect.sample +47 -0
data/apps/rails-full/.kamal/hooks/pre-deploy.sample +109 -0
data/apps/rails-full/.kamal/hooks/pre-proxy-reboot.sample +3 -0
data/apps/rails-full/.kamal/secrets +17 -0
data/apps/rails-full/.rubocop.yml +8 -0
data/apps/rails-full/.ruby-version +1 -0
data/apps/rails-full/Dockerfile +72 -0
data/apps/rails-full/Gemfile +70 -0
data/apps/rails-full/Gemfile.lock +429 -0
data/apps/rails-full/README.md +24 -0
data/apps/rails-full/Rakefile +6 -0
data/apps/rails-full/app/assets/stylesheets/application.css +10 -0
data/apps/rails-full/app/controllers/application_controller.rb +6 -0
data/apps/rails-full/app/controllers/home_controller.rb +11 -0
data/apps/rails-full/app/helpers/application_helper.rb +2 -0
data/apps/rails-full/app/helpers/home_helper.rb +2 -0
data/apps/rails-full/app/javascript/application.js +3 -0
data/apps/rails-full/app/javascript/controllers/application.js +9 -0
data/apps/rails-full/app/javascript/controllers/hello_controller.js +7 -0
data/apps/rails-full/app/javascript/controllers/index.js +4 -0
data/apps/rails-full/app/jobs/application_job.rb +7 -0
data/apps/rails-full/app/mailers/application_mailer.rb +4 -0
data/apps/rails-full/app/models/application_record.rb +3 -0
data/apps/rails-full/app/views/home/index.html.erb +7 -0
data/apps/rails-full/app/views/layouts/application.html.erb +60 -0
data/apps/rails-full/app/views/layouts/mailer.html.erb +13 -0
data/apps/rails-full/app/views/layouts/mailer.text.erb +1 -0
data/apps/rails-full/app/views/pwa/manifest.json.erb +22 -0
data/apps/rails-full/app/views/pwa/service-worker.js +26 -0
data/apps/rails-full/bin/brakeman +7 -0
data/apps/rails-full/bin/bundle +109 -0
data/apps/rails-full/bin/dev +2 -0
data/apps/rails-full/bin/docker-entrypoint +14 -0
data/apps/rails-full/bin/importmap +4 -0
data/apps/rails-full/bin/jobs +6 -0
data/apps/rails-full/bin/kamal +27 -0
data/apps/rails-full/bin/rails +4 -0
data/apps/rails-full/bin/rake +4 -0
data/apps/rails-full/bin/rubocop +8 -0
data/apps/rails-full/bin/setup +34 -0
data/apps/rails-full/bin/thrust +5 -0
data/apps/rails-full/config/application.rb +31 -0
data/apps/rails-full/config/boot.rb +4 -0
data/apps/rails-full/config/cable.yml +17 -0
data/apps/rails-full/config/cache.yml +16 -0
data/apps/rails-full/config/credentials.yml.enc +1 -0
data/apps/rails-full/config/database.yml +41 -0
data/apps/rails-full/config/deploy.yml +116 -0
data/apps/rails-full/config/environment.rb +5 -0
data/apps/rails-full/config/environments/development.rb +72 -0
data/apps/rails-full/config/environments/production.rb +91 -0
data/apps/rails-full/config/environments/test.rb +53 -0
data/apps/rails-full/config/importmap.rb +7 -0
data/apps/rails-full/config/initializers/assets.rb +7 -0
data/apps/rails-full/config/initializers/clerk.rb +4 -0
data/apps/rails-full/config/initializers/content_security_policy.rb +25 -0
data/apps/rails-full/config/initializers/filter_parameter_logging.rb +8 -0
data/apps/rails-full/config/initializers/inflections.rb +16 -0
data/apps/rails-full/config/locales/en.yml +31 -0
data/apps/rails-full/config/puma.rb +41 -0
data/apps/rails-full/config/queue.yml +18 -0
data/apps/rails-full/config/recurring.yml +10 -0
data/apps/rails-full/config/routes.rb +15 -0
data/apps/rails-full/config/storage.yml +34 -0
data/apps/rails-full/config.ru +6 -0
data/apps/rails-full/db/cable_schema.rb +11 -0
data/apps/rails-full/db/cache_schema.rb +14 -0
data/apps/rails-full/db/queue_schema.rb +129 -0
data/apps/rails-full/db/seeds.rb +9 -0
data/apps/rails-full/public/400.html +114 -0
data/apps/rails-full/public/404.html +114 -0
data/apps/rails-full/public/406-unsupported-browser.html +114 -0
data/apps/rails-full/public/422.html +114 -0
data/apps/rails-full/public/500.html +114 -0
data/apps/rails-full/public/icon.png +0 -0
data/apps/rails-full/public/icon.svg +3 -0
data/apps/rails-full/public/robots.txt +1 -0
data/apps/rails-full/test/application_system_test_case.rb +5 -0
data/apps/rails-full/test/controllers/home_controller_test.rb +7 -0
data/apps/rails-full/test/test_helper.rb +15 -0
data/apps/sinatra/app.rb +29 -0
data/apps/sinatra/config.ru +8 -0
data/apps/sinatra/views/index.erb +44 -0
data/bin/console +16 -0
data/bin/release +21 -0
data/bin/setup +8 -0
data/clerk-sdk-ruby.gemspec +38 -0
data/docs/clerk-logo-dark.png +0 -0
data/docs/clerk-logo-light.png +0 -0
data/lib/clerk/authenticatable.rb +32 -0
data/lib/clerk/authenticate_context.rb +168 -0
data/lib/clerk/authenticate_request.rb +261 -0
data/lib/clerk/configuration.rb +84 -0
data/lib/clerk/constants.rb +74 -0
data/lib/clerk/error.rb +17 -0
data/lib/clerk/jwks_cache.rb +37 -0
data/lib/clerk/proxy.rb +135 -0
data/lib/clerk/rack.rb +2 -0
data/lib/clerk/rack_middleware.rb +112 -0
data/lib/clerk/rails.rb +3 -0
data/lib/clerk/railtie.rb +15 -0
data/lib/clerk/sdk.rb +84 -0
data/lib/clerk/sinatra.rb +52 -0
data/lib/clerk/utils.rb +73 -0
data/lib/clerk/version.rb +5 -0
data/lib/clerk.rb +27 -0
metadata +340 -0

data/lib/clerk/jwks_cache.rb ADDED Viewed

@@ -0,0 +1,37 @@
+require "concurrent"
+module Clerk
+  class JWKSCache
+    def initialize(lifetime)
+      @lifetime = lifetime
+      @jwks = nil
+      @last_update = nil
+      @lock = Concurrent::ReadWriteLock.new
+    end
+    def fetch(sdk, force_refresh: false, kid_not_found: false)
+      should_refresh = @lock.with_read_lock do
+        now = Time.now.to_i
+        @jwks.nil? || @last_update.nil? || force_refresh ||
+          (now - @last_update > @lifetime) ||
+          (kid_not_found && now - @last_update > 300)
+      end
+      if should_refresh
+        @lock.with_write_lock do
+          @last_update = Time.now.to_i
+          @jwks = begin
+            sdk.jwks.get_jwks.keys.map(&:to_hash)
+          rescue Clerk::Error, ClerkHttpClient::ApiError
+            nil
+          end
+        end
+      end
+      @lock.with_read_lock do
+        @jwks
+      end
+    end
+  end
+end

data/lib/clerk/proxy.rb ADDED Viewed

@@ -0,0 +1,135 @@
+require "clerk"
+require "clerk/authenticate_context"
+require "clerk/authenticate_request"
+module Clerk
+  class Proxy
+    CACHE_TTL = 60 # seconds
+    attr_reader :session_claims, :session_token
+    def initialize(session_claims: nil, session_token: nil)
+      @session_claims = session_claims
+      @session_token = session_token
+    end
+    def user?
+      !@session_claims.nil?
+    end
+    def user
+      return nil unless user?
+      @user ||= fetch_user(user_id)
+    end
+    def user_id
+      return nil unless user?
+      @session_claims["sub"]
+    end
+    def organization?
+      !organization_id.nil?
+    end
+    def organization
+      return nil unless organization?
+      @org ||= fetch_org(organization_id)
+    end
+    def organization_id
+      return nil unless user?
+      @session_claims["org_id"]
+    end
+    def organization_role
+      return nil if @session_claims.nil?
+      @session_claims["org_role"]
+    end
+    def organization_permissions
+      return nil if @session_claims.nil?
+      @session_claims["org_permissions"]
+    end
+    # Returns true if the session needs to perform step up verification
+    def user_reverified?(params)
+      return false unless user?
+      fva = session_claims["fva"]
+      # the feature is disabled
+      return true if fva.nil?
+      level = params[:level]
+      after_minutes = params[:after_minutes].to_i
+      return false if after_minutes.nil? || level.nil?
+      factor1_age, factor2_age = fva
+      is_valid_factor1 = factor1_age != -1 && after_minutes > factor1_age
+      is_valid_factor2 = factor2_age != -1 && after_minutes > factor2_age
+      case level
+      when :first_factor
+        is_valid_factor1
+      when :second_factor
+        (factor2_age == -1) ? is_valid_factor1 : is_valid_factor2
+      when :multi_factor
+        (factor2_age == -1) ? is_valid_factor1 : is_valid_factor1 && is_valid_factor2
+      end
+    end
+    def user_needs_reverification?(preset = StepUp::Preset::STRICT)
+      !user_reverified?(preset)
+    end
+    def user_require_reverification!(preset = StepUp::Preset::STRICT, &block)
+      return unless user_needs_reverification?(preset)
+      yield(preset) if block_given?
+    end
+    def user_reverification_rack_response(config = nil)
+      raise ArgumentError, "Missing config, please pass a preset a la `Clerk::StepUp::Preset::*`" if config.nil?
+      [
+        403,
+        {Clerk::CONTENT_TYPE_HEADER => "application/json"},
+        [StepUp::Reverification.error_payload(config).to_json]
+      ]
+    end
+    private
+    def fetch_user(user_id)
+      cached_fetch("clerk:user:#{user_id}") do
+        sdk.users.get_user(user_id)
+      end
+    end
+    def fetch_org(org_id)
+      cached_fetch("clerk:org:#{org_id}") do
+        sdk.organizations.get_organization(org_id)
+      end
+    end
+    def cached_fetch(key, &block)
+      store = Clerk.configuration.cache_store
+      if store
+        store.fetch(key, expires_in: CACHE_TTL, &block)
+      else
+        yield
+      end
+    end
+    def sdk
+      @sdk ||= Clerk::SDK.new
+    end
+  end
+end

data/lib/clerk/rack.rb ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ require "clerk"
2	+ require "clerk/rack_middleware"

data/lib/clerk/rack_middleware.rb ADDED Viewed

@@ -0,0 +1,112 @@
+require "clerk"
+require "clerk/authenticate_context"
+require "clerk/authenticate_request"
+require "clerk/proxy"
+require "clerk/utils"
+module Clerk
+  module Rack
+    class Middleware
+      def initialize(app, options = {})
+        @app = app
+        Clerk.configuration.update(options) if options
+        @excluded_routes, @excluded_routes_wildcards = Clerk::Utils.filter_routes(Clerk.configuration.excluded_routes)
+      end
+      def call(env)
+        env["clerk.initialized"] = true
+        req = ::Rack::Request.new(env)
+        if @excluded_routes[req.path]
+          env["clerk.excluded_route"] = true
+          return @app.call(env)
+        end
+        @excluded_routes_wildcards.each do |route|
+          if req.path.start_with?(route)
+            env["clerk.excluded_route"] = true
+            return @app.call(env)
+          end
+        end
+        env["clerk"] = Clerk::Proxy.new
+        auth_context = AuthenticateContext.new(req, Clerk.configuration)
+        auth_request = AuthenticateRequest.new(auth_context)
+        status, auth_request_headers, body = auth_request.resolve(env)
+        return [status, auth_request_headers, body] if status
+        status, headers, body = @app.call(env)
+        unless auth_request_headers.empty?
+          # Remove them to avoid overriding existing cookies set in headers by other middlewares
+          auth_request_cookies = auth_request_headers.delete(SET_COOKIE_HEADER.downcase)
+          # merge non-cookie related headers into response headers
+          headers.merge!(auth_request_headers)
+          set_cookie_headers!(headers, auth_request_cookies) if auth_request_cookies
+        end
+        [status, headers, body]
+      end
+      private
+      def parse_cookie_key(cookie_header)
+        cookie_header.split(";")[0].split("=")[0]
+      end
+      def set_cookie_headers!(headers, cookie_headers)
+        cookie_headers.each do |cookie_header|
+          cookie_key = parse_cookie_key(cookie_header)
+          cookie = ::Clerk::Utils.parse_cookies_header(cookie_header)
+          cookie_params = convert_http_cookie_to_cookie_setter_params(cookie_key, cookie)
+          ::Rack::Utils.set_cookie_header!(headers, cookie_key, cookie_params)
+        end
+      end
+      def convert_http_cookie_to_cookie_setter_params(cookie_key, cookie)
+        # convert cookie to to match cookie setter method params (lowercase symbolized keys with `:value` key)
+        cookie_params = cookie.transform_keys { |k| k.downcase.to_sym }
+        # drop the current cookie name key to avoid polluting the expected cookie params
+        cookie_params[:value] = cookie_params.delete(cookie_key.to_sym)
+        # Ensure secure and httponly are set to true if present
+        cookie_params[:secure] = cookie_params.has_key?(:secure)
+        cookie_params[:httponly] = cookie_params.has_key?(:httponly)
+        # fix issue with cookie expiration expected to be Date type
+        cookie_params[:expires] = Date.parse(cookie_params[:expires]) if cookie_params[:expires]
+        cookie_params
+      end
+    end
+    class Reverification
+      def initialize(app, routes: ["/*"], preset: Clerk::StepUp::Preset::STRICT)
+        @app = app
+        @preset = preset
+        @included_routes, @included_routes_wildcards = Clerk::Utils.filter_routes(routes)
+      end
+      def call(env)
+        raise Clerk::ConfigurationError, "`Clerk::Rack::Reverification` must be initialized after `Clerk::Rack::Middleware`" unless env["clerk.initialized"]
+        return @app.call(env) if env["clerk.excluded_route"]
+        req = ::Rack::Request.new(env)
+        valid_route = @included_routes[req.path] || @included_routes_wildcards.any? { |route| req.path.start_with?(route) }
+        if valid_route && env["clerk"].user_needs_reverification?(@preset)
+          return env["clerk"].user_reverification_rack_response(@preset)
+        end
+        @app.call(env)
+      end
+    end
+  end
+end

data/lib/clerk/rails.rb ADDED Viewed

@@ -0,0 +1,3 @@
+require "clerk"
+require "clerk/authenticatable"
+require "clerk/railtie" if defined?(Rails::Railtie)

data/lib/clerk/railtie.rb ADDED Viewed

@@ -0,0 +1,15 @@
+# frozen_string_literal: true
+require "clerk/rack_middleware"
+module Clerk
+  module Rails
+    class Railtie < ::Rails::Railtie
+      initializer "clerk.configure_rails_initialization" do |app|
+        unless ENV["CLERK_SKIP_RAILTIE"]
+          app.middleware.use Clerk::Rack::Middleware
+        end
+      end
+    end
+  end
+end

data/lib/clerk/sdk.rb ADDED Viewed

@@ -0,0 +1,84 @@
+require "clerk-http-client"
+require "clerk/jwks_cache"
+require "clerk/version"
+require "jwt"
+module Clerk
+  class SDK < ClerkHttpClient::SDK
+    DEFAULT_HEADERS = {
+      "User-Agent": "Clerk/#{Clerk::VERSION}; Faraday/#{Faraday::VERSION}; Ruby/#{RUBY_VERSION}",
+      "X-Clerk-SDK": "ruby/#{Clerk::VERSION}",
+      "Clerk-API-Version": "2025-04-10",
+    }
+    # How often (in seconds) should JWKs be refreshed
+    JWKS_CACHE_LIFETIME = 3600 # 1 hour
+    @@jwks_cache = JWKSCache.new(JWKS_CACHE_LIFETIME)
+    def self.jwks_cache
+      @@jwks_cache
+    end
+    # Returns the decoded JWT payload without verifying if the signature is valid.
+    #
+    # WARNING: This will not verify whether the signature is valid. You should not
+    # use this for untrusted messages! You most likely want to use `verify_token`.
+    def decode_token(token)
+      JWT.decode(token, nil, false).first
+    end
+    # Decode the JWT and verify it's valid (verify claims, signature etc.) using the provided algorithms.
+    #
+    # JWKS are cached for JWKS_CACHE_LIFETIME seconds, in order to avoid unecessary roundtrips.
+    # In order to invalidate the cache, pass `force_refresh_jwks: true`.
+    #
+    # A timeout for the request to the JWKs endpoint can be set with the `timeout` argument.
+    def verify_token(token, force_refresh_jwks: false, algorithms: ["RS256"], timeout: 5)
+      jwk_loader = ->(options) do
+        # JWT.decode requires that the 'keys' key in the Hash is a symbol (as
+        # opposed to a string which our SDK returns by default)
+        {keys: SDK.jwks_cache.fetch(self, kid_not_found: options[:invalidate] || options[:kid_not_found], force_refresh: force_refresh_jwks)}
+      end
+      claims = JWT.decode(token, nil, true, algorithms: algorithms, exp_leeway: timeout, jwks: jwk_loader).first
+      # orgs
+      if claims["v"].nil? || claims["v"] == 1
+        claims["v"] = 1
+      elsif claims["v"] == 2 && claims["o"]
+        claims["org_id"]          = claims["o"].fetch("id", nil)
+        claims["org_slug"]        = claims["o"].fetch("slg", nil)
+        claims["org_role"]        = "org:#{claims["o"].fetch("rol", nil)}"
+        org_permissions = compute_org_permissions_from_v2_token(claims)
+        claims["org_permissions"] = org_permissions if org_permissions.any?
+        claims.delete("o")
+        claims.delete("fea")
+      end
+      claims
+    end
+    private
+    def compute_org_permissions_from_v2_token(claims)
+      features    = claims["fea"] ? claims["fea"].split(",") : []
+      permissions = claims["o"]["per"] ? claims["o"]["per"].split(",") : []
+      mappings    = claims["o"]["fpm"] ? claims["o"]["fpm"].split(",") : []
+      org_permissions = []
+      mappings.each_with_index do |mapping, i|
+        scope, feature = features[i].split(":")
+        next if !scope.include?("o") # not an orgs-related permission
+        mapping.to_i.to_s(2).reverse.each_char.each_with_index do |bit, i|
+          org_permissions << "org:#{feature}:#{permissions[i]}" if bit == "1"
+        end
+      end
+      org_permissions
+    end
+  end
+end

data/lib/clerk/sinatra.rb ADDED Viewed

@@ -0,0 +1,52 @@
+require "sinatra/base"
+require "clerk/rack"
+module Sinatra
+  module Clerk
+    module Helpers
+      def clerk
+        env["clerk"]
+      end
+      def require_reverification!(preset = ::Clerk::StepUp::Preset::STRICT, &block)
+        clerk.user_require_reverification!(preset) do
+          return yield(preset) if block_given?
+          render_reverification!(preset)
+        end
+      end
+      def render_reverification!(preset = nil)
+        halt 403, ::Clerk::StepUp::Reverification.error_payload(preset).to_json
+      end
+      def clerk_sdk
+        @@sdk ||= ::Clerk::SDK.new
+      end
+    end
+    def self.registered(app)
+      app.helpers Clerk::Helpers
+      app.use ::Clerk::Rack::Middleware
+      app.set(:auth) do |active|
+        condition do
+          redirect clerk.sign_in_url if active && !clerk.session
+        end
+      end
+      app.set(:reverify) do |preset|
+        condition do
+          if preset === true
+            preset = ::Clerk::StepUp::Preset::STRICT
+          end
+          if preset
+            require_reverification!(preset)
+          end
+        end
+      end
+    end
+  end
+  register Clerk
+end

data/lib/clerk/utils.rb ADDED Viewed

@@ -0,0 +1,73 @@
+# frozen_string_literal: true
+require "base64"
+module Clerk
+  module Utils
+    class << self
+      def decode_publishable_key(publishable_key)
+        Base64.decode64(publishable_key.split("_")[2].to_s)
+      end
+      def filter_routes(routes)
+        filtered_routes = {}
+        filtered_wildcard_routes = []
+        routes.each do |route|
+          route = route.strip
+          if route.end_with?("/*")
+            filtered_wildcard_routes << route[0..-2]
+          else
+            filtered_routes[route] = true
+          end
+        end
+        filtered_wildcard_routes.uniq!
+        [filtered_routes, filtered_wildcard_routes]
+      end
+      def retrieve_header_from_request(request, key)
+        (request.env[key] || request.env[key.downcase]).to_s
+      end
+      def retrieve_from_query_string(url, key)
+        ::Rack::Utils.parse_query(url.query)[key]
+      end
+      def valid_publishable_key?(publishable_key)
+        raise ArgumentError, "publishable_key must be a string" unless publishable_key.is_a?(String)
+        key = publishable_key.to_s
+        valid_publishable_key_prefix?(key) && valid_publishable_key_postfix?(key)
+      end
+      def valid_publishable_key_postfix?(publishable_key)
+        decode_publishable_key(publishable_key).end_with?("$")
+      end
+      def valid_publishable_key_prefix?(publishable_key)
+        publishable_key.start_with?("pk_live_", "pk_test_")
+      end
+      # NOTE: This is a copy of Rack::Utils.parse_cookies_header to allow for
+      # compatibility with older versions of Rack.
+      def parse_cookies_header(value)
+        return {} unless value
+        value.split(/; */n).each_with_object({}) do |cookie, cookies|
+          next if cookie.empty?
+          key, value = cookie.split('=', 2)
+          cookies[key] = (unescape(value) rescue value) unless cookies.key?(key)
+        end
+      end
+      private
+      def unescape(s, encoding = Encoding::UTF_8)
+        URI.decode_www_form_component(s, encoding)
+      end
+    end
+  end
+end

data/lib/clerk/version.rb ADDED Viewed

@@ -0,0 +1,5 @@
+# frozen_string_literal: true
+module Clerk
+  VERSION = "4.2.2"
+end

data/lib/clerk.rb ADDED Viewed

@@ -0,0 +1,27 @@
+# frozen_string_literal: true
+require "clerk/configuration"
+require "clerk/constants"
+require "clerk/error"
+require "clerk/sdk"
+require "clerk/version"
+if defined?(::Rails)
+  require "clerk/rails"
+end
+module Clerk
+  class << self
+    def configure
+      if block_given?
+        yield(configuration)
+      else
+        configuration
+      end
+    end
+    def configuration
+      @configuration ||= Clerk::Configuration.default
+    end
+  end
+end