tozny-auth 0.1.4 → 0.1.5

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: f88e975adf4c7b8ca5dfc1bdc17dbfdbd4491815
-  data.tar.gz: 695c46c5741214b12eef87f2187602ebb7c47c50
+  metadata.gz: 2eb729af3e457366a65763b14a64592dad16f316
+  data.tar.gz: e623a5995a6f6a59227d30f9e68a1b3ee5f881ae
 SHA512:
-  metadata.gz: 8a7544b849a0a10306e46bb9b58554b75aaacd627328df4b26285349664104d3a3e7f35053a91b3d73afacb5f54d4d5a0bf9dfc6625b9d6449755d4154cc92a9
-  data.tar.gz: d34e998e76655590c97d8e9267675bbcef6571ab9b7bb8f408764d627efa2339673c5e7167221bae88b4a0fd41441e6c9bb5066e6135a4f8d5f262924adf0fb3
+  metadata.gz: e2fc60e32ed36a9543a24a1550e8acff4fb424f4d2c6399f412c7dc0dc9467c362346bde8c5b14679a27a6a46725c0d41f63cfb116defb599d664a80e8169389
+  data.tar.gz: f2fb6af758d2b234a850fe6b924c5e7c395776b7191c08637d70bd879f1cabb49035fa1ca9001fd276a757b088f1723535f66c88e2085f77c75ebc0108630f7e

data/.gitignore

@@ -9,4 +9,5 @@
 /tmp/
 /.idea
 .rakeTasks
-*.gem
+*.gem
+*.bak

data/.rubocop.yml

@@ -0,0 +1,8 @@
+Metrics/LineLength:
+  Enabled: false
+Metrics/MethodLength:
+  Enabled: false
+Rails:
+  Enabled: false
+Style/SpaceInsideHashLiteralBraces:
+  Enabled: false

data/README.md

@@ -16,7 +16,7 @@ Or install it yourself as:
 
     $ gem install tozny-auth
 
-## Usage
+## Usage (Authentication)
 In your template, include jQuery and the Tozny jQuery library:
 ```html
 <script src="https://code.jquery.com/jquery-1.10.2.min.js"></script>
@@ -45,6 +45,40 @@ if params[:tozny_action] == 'tozny_login'
 end
 ```
 
+## Usage (SMS OTP / 2FA)
+
+To send a one-time-password (via SMS)
+```ruby
+require 'tozny/auth'
+realm_key_id = 'sid_123456789'
+realm_secret = '6f75.....190a8dbc7'
+tozny = Tozny::Realm.new(realm_key_id, realm_secret)
+
+tozny.otp_challenge('sms-otp-6', '8005551234', nil, {foo: 'bar'})
+#or alternatively (for a 6 digit OTP -- you cannot do an 8 digit OTP using the following method)
+tozny.sms_otp('8005551234', {foo: 'bar'})
+#or, if you don't need custom data, and you have unauthenticated OTP enabled in your realm's admin console:
+tozny.user_api.otp_challenge('sms-otp-6', '8005551234')
+#finally, if you already have an otp 'presence' you can use that instead of the type and destination:
+tozny.otp_challenge(presence='237fa....af794')
+```
+
+To verify the OTP the end-user enters based on the session
+```ruby
+require 'tozny/auth'
+realm_key_id = 'sid_123456789'
+tozny_user = Tozny::User.new(realm_key_id) # Note: Tozny::Realm#user_api is an instance of Tozny::User pre-set to the realm
+
+session_id = '2392e...134' # this should be the session_id you got back from otp_challenge
+otp = '123456' # this should be the OTP entered by the user
+
+if tozny_user.otp_result(session_id, otp).key?(:signed_data)
+  # the OTP was correct
+else
+  # you can try another OTP until the session expires
+end
+```
+
 ## Contributing
 
 Bug reports and pull requests are welcome on GitHub at https://github.com/tozny/sdk-ruby

data/Rakefile

@@ -1,10 +1,14 @@
-require "bundler/gem_tasks"
-require "rake/testtask"
+require 'bundler/gem_tasks'
+require 'rake/testtask'
+require 'rubocop/rake_task'
 
 Rake::TestTask.new(:test) do |t|
-  t.libs << "test"
-  t.libs << "lib"
+  t.libs << 'test'
+  t.libs << 'lib'
   t.test_files = FileList['test/**/*_test.rb']
 end
 
 task :default => :test
+
+RuboCop::RakeTask.new
+

data/lib/tozny/auth/common.rb

@@ -12,9 +12,9 @@ module Tozny
     # @return [String] the base64url-encoded string
     def self.base64url_encode(str)
       Base64::strict_encode64(
-          str #str to decode
-        ) #remove padding
-        .tr('+/', '-_') #replace + with - and / with _
+          str
+        )
+        .tr('+/', '-_')
         .tr('=', '')
     end
 
@@ -22,15 +22,18 @@ module Tozny
     # @param [String] str the base64url-encoded string
     # @return [String] the decoded plaintext string
     def self.base64url_decode(str)
-      Base64::strict_decode64(str.tr('-_', '+/') #replace - with + and _ with /
-        .ljust(str.length+(str.length % 4), '=')) #add padding
+      Base64::strict_decode64(
+        str.tr('-_', '+/')
+        .ljust(str.length+(str.length % 4), '='))
+        # replace - with + and _ with /
+        # then add padding
     end
 
     # checks the HMAC/SHA256 signature of a string
     # @param [String] signature the signature to check against
     # @param [String] str the signed data to check the signature against
     # @param [String] secret the secret to check the signature against
-    # @return [Boolean] whether the signature matched
+    # @return [TrueClass, FalseClass] whether the signature matched
     def self.check_signature(signature, str, secret)
       expected_sig = OpenSSL::HMAC.hexdigest(OpenSSL::Digest.new('sha256'), secret, str)
       expected_sig == signature
@@ -44,11 +47,11 @@ module Tozny
     # @return [Hash] a hash including the signed_data and a signature
     def self.encode_and_sign(data, secret)
       encoded_data = base64url_encode(data)
-      sig=OpenSSL::HMAC.digest(OpenSSL::Digest.new('sha256'), secret, encoded_data)
+      sig = OpenSSL::HMAC.digest(OpenSSL::Digest.new('sha256'), secret, encoded_data)
       encoded_sig = base64url_encode(sig)
-      return { #behold, the rare return statement
-          :signed_data => encoded_data,
-          :signature => encoded_sig
+      {
+        signed_data: encoded_data,
+        signature: encoded_sig
       }
     end
 
@@ -58,4 +61,4 @@ module Tozny
       OpenSSL::Digest::SHA256.hexdigest SecureRandom.random_bytes(8)
     end
   end
-end
+end

data/lib/tozny/auth/version.rb

@@ -1,5 +1,5 @@
 module Tozny
   module Auth
-    VERSION = '0.1.4'
+    VERSION = '0.1.5'
   end
 end

data/lib/tozny/realm.rb

@@ -3,27 +3,26 @@ require 'json'
 require 'net/http'
 require 'uri'
 
+# rubocop:disable Metrics/PerceivedComplexity
+
 module Tozny
   class Realm
     attr_accessor :realm_key_id, :realm_secret, :api_url, :user_api
 
     def initialize(realm_key_id, realm_secret, api_url = nil)
-      #self.realm_key_id = realm_key_id
-      #self.realm_secret = realm_secret
-
-      #set the API URL
+      # set the API URL
       if !api_url.nil?
         self.api_url = api_url
       elsif !(ENV['API_URL'].nil?)
-        self.api_url=ENV['API_URL']
+        self.api_url = ENV['API_URL']
       else
-        self.api_url='https://api.tozny.com/index.php'
+        self.api_url = 'https://api.tozny.com/index.php'
       end
-      unless self.api_url.is_a? URI #don't try to parse a URI instance into a URI, as this will break
+      unless self.api_url.is_a? URI # don't try to parse a URI instance into a URI, as this will break
         self.api_url = URI.parse(self.api_url)
       end
 
-      self.set_new_realm(realm_key_id, realm_secret)
+      set_new_realm(realm_key_id, realm_secret)
 
     end
 
@@ -31,11 +30,11 @@ module Tozny
     # @param [String] realm_key_id
     # @param [String] realm_secret
     # @return [TrueClass] will always return true
-    def set_new_realm (realm_key_id, realm_secret)
+    def set_new_realm(realm_key_id, realm_secret)
       self.realm_key_id = realm_key_id
       self.realm_secret = realm_secret
-      if self.user_api.is_a? ::Tozny::User
-        self.user_api.set_new_realm(realm_key_id)
+      if user_api.is_a? ::Tozny::User
+        user_api.set_new_realm(realm_key_id)
       else
         self.user_api = ::Tozny::User.new(realm_key_id, api_url)
       end
@@ -60,12 +59,12 @@ module Tozny
     # @param [String] user_id the user_id of the login to check
     # @param [String] session_id the session_id of the login to check
     # @return [Hash] the return from the API
-    def check_login_via_api(user_id, session_id) #NOTE: this only returns true/false. You need to parse the data locally. See Tozny::Core.base64url_decode
-      raw_call({
-        :method => 'realm.check_valid_login',
-        :user_id => user_id,
-        :session_id => session_id
-      })[:return] == 'true'
+    def check_login_via_api(user_id, session_id) # NOTE: this only returns true/false. You need to parse the data locally. See Tozny::Core.base64url_decode
+      raw_call(
+        method: 'realm.check_valid_login',
+        user_id: user_id,
+        session_id: session_id
+      )[:return] == 'true'
     end
 
     # Add a user to a closed realm
@@ -74,17 +73,15 @@ module Tozny
     # @param [String, OpenSSL::PKey::RSA] pub_key the public key of the user to be added. Only necessary
     # @return [Hash, FalseClass] the user in its current (incomplete if defer is 'true' state)
     # @raise ArgumentError if there is no pubkey when there should be one
-    def user_add(defer = 'false', meta, pub_key)
+    def user_add(defer = 'false', meta = nil, pub_key)
       unless pub_key.nil?
-        if pub_key.is_a? String
-          pub_key = OpenSSL::PKey::RSA.new pub_key
-        end
+        pub_key = OpenSSL::PKey::RSA.new pub_key if pub_key.is_a? String
         pub_key = pub_key.public_key if pub_key.private?
       end
 
       request_obj = {
-          :method => 'realm.user_add',
-          :defer => defer
+        method: 'realm.user_add',
+        defer: defer
       }
       if defer == 'false'
         raise ArgumentError, 'Must provide a public key if not using deferred enrollment' if pub_key.nil?
@@ -106,31 +103,31 @@ module Tozny
     # @param [Hash{Symbol,String=>Object}] meta the metadata fields to update, along with their new values
     # @return [Hash] the updated user
     def user_update(user_id, meta)
-      raw_call({
-          :method => 'realm.user_update',
-          :user_id => user_id,
-          :extra_fields => Tozny::Core::base64url_encode(meta.to_json)
-               })
+      raw_call(
+        method: 'realm.user_update',
+        user_id: user_id,
+        extra_fields: Tozny::Core.base64url_encode(meta.to_json)
+      )
     end
 
     # @param [String] user_id
     # @return [Hash] the result of the request to the API
     def user_delete(user_id)
-      raw_call({
-               :method => 'realm.user_delete',
-               :user_id => user_id
-               })
+      raw_call(
+        method: 'realm.user_delete',
+        user_id: user_id
+      )
     end
 
     # retrieve a user's information
     # * Note: all meta fields are stored as strings
     # @param [String] user_id the id or email (if is_id = false) of the user to get
-    # @param [Boolean] is_id true if looking up the user by id, false if looking up by email. defaults to true
+    # @param [TrueClass, FalseClass] is_id true if looking up the user by id, false if looking up by email. defaults to true
     # @return [Hash] the user's information
     # @raise ArgumentError on failed lookup
     def user_get(user_id, is_id = true)
       request_obj = {
-          :method => 'realm.user_get'
+        method: 'realm.user_get'
       }
       if is_id
         request_obj[:user_id] = user_id
@@ -139,8 +136,8 @@ module Tozny
       end
 
       user = raw_call(request_obj)
-      if user.nil? or user[:results].nil?
-        raise ArgumentError, ('No user was found for '+(is_id ? 'id' : 'email')+': '+user_id+'.')
+      if user.nil? || user[:results].nil?
+        raise ArgumentError, ('No user was found for ' + (is_id ? 'id' : 'email') + ': ' + user_id + '.')
       end
       user[:results]
     end
@@ -149,10 +146,10 @@ module Tozny
     # @param [String] user_id
     # @return [Hash] the result of the call: keys include  :user_id, :temp_key, :secret_enrollment_url, and :key_id
     def user_device_add(user_id)
-      raw_call({
-          :method=>'realm.user_device_add',
-          :user_id=>user_id
-               })
+      raw_call(
+        method: 'realm.user_device_add',
+        user_id: user_id
+      )
     end
 
     # create an OOB challenge question session
@@ -163,53 +160,115 @@ module Tozny
     # @param [String] success_url The URL the user's browser should be redirected to after successful authentication if not specified in the question object
     # @param [String] error_url The URL the user's browser should be redirected to after unsuccessful authentication if not specified in the question object
     # @param [String] user_id optional. The user who should answer the question.
+    # @raise ArgumentError on invalid question type
     # TODO: support URI objects instead of strings for success and error
     # @return [Hash] the result of the API call
     def question_challenge(question, success_url, error_url, user_id)
-      raise ArgumentError, 'question must either be a string or an options hash as specified' unless question.is_a?String or question.is_a?Hash
-      final_question = nil #scope final_question and prevent linting errors
+      raise ArgumentError, 'question must either be a string or an options hash as specified' unless (question.is_a?String) || (question.is_a?Hash)
+      final_question = nil # scope final_question and prevent linting errors
       if question.is_a?Hash
         final_question = question
         final_question[:type] = 'callback'
+      elsif (success_url.is_a?String) || (error_url.is_a?String)
+        final_question = {
+          type: 'callback',
+          question: question
+        }
+        final_question[:success] = success_url if success_url.is_a?String
+        final_question[:error] = error_url if error_url.is_a?String
       else
-        if success_url.is_a?String or error_url.is_a?String
-          final_question = {
-              :type => 'callback',
-              :question => question
-          }
-          final_question[:success] = success_url if success_url.is_a?String
-          final_question[:error] = error_url if error_url.is_a?String
-        else
-          final_question = {
-              :type => 'question',
-              :question => question
-          }
-        end
+        final_question = {
+          type: 'question',
+          question: question
+        }
       end
       request_obj = {
-          :method => 'realm.question_challenge',
-          :question => final_question
+        method: 'realm.question_challenge',
+        question: final_question
       }
       request_obj[:user_id] = user_id if user_id.is_a?String
       raw_call request_obj
     end
 
+    # Create an OTP challenge session
+    # @return [Hash] a hash [session_id, presence] containing an OTP session id and an OTP presence (an alias for a type-destination combination)
+    # @param [String] type one of 'sms-otp-6', 'sms-otp-8': the type of the OTP to send
+    # @param [String] destination the destination for the OTP. For an SMS OTP, this should be a phone number
+    # @param [String] presence can be used instead of 'type' and 'destination': an OTP presence provided by the TOZNY API
+    # @param [Object] data optional passthru data to be added to the signed response on a successful request
+    # @raise ArgumentError when not enough information to submit an OTP request
+    # @raise ArgumentError on invalid request type
+    def otp_challenge(type = nil, destination = nil, presence = nil, data = nil)
+      raise ArgumentError, 'must provide either a presence or a type and destination' if (type.nil? || destination.nil?) && presence.nil?
+      request_obj = {
+        method: 'realm.otp_challenge'
+      }
+      unless data.nil?
+        data = data.to_json unless data.is_a?String
+        request_obj[:data] = data
+      end
+
+      if presence.nil?
+        raise ArgumentError, "request type must one of 'sms-otp-6' or 'sms-otp-8'" unless %w(sms-otp-6 sms-otp-8).include? type
+        request_obj[:type] = type
+        # TODO: consider validating that 'destination' is a valid phone number when 'type' is sms-otp-*
+        request_obj[:destination] = destination
+      else
+        request_obj[:presence] = presence
+      end
+      raw_call request_obj
+    end
+
+    # Shorthand method to send an 6-digit OTP via SMS without a presence token
+    # @param destination @see(otp_challenge)
+    # @param data @see(otp_challenge)
+    # @return @see(otp_challenge)
+    def sms_otp(destination, data = nil)
+      # TODO: validate that 'destination' is a phone number
+      otp_challenge('sms-otp-6', destination, nil, data)
+    end
+
+    # push to a user's device based off of their id, email, or username
+    # @raise ArgumentError when not enough information is provided to find the user
+    # @param [String] session_id optional a valid Tozny session_id
+    # @param [String] user_id optional a Tozny user_id
+    # @param [String] email optional an email for a field associated with tozny_email
+    # @param [String] username optional a username for a field associated with tozny_username
+    # @return [Hash {Symbol => String, Integer, Array<TrueClass, FalseClass>}] the result of the push attempt. Will be true if any device owned by the user is successfully sent a push.
+    def user_push(session_id = nil, user_id = nil, email = nil, username = nil)
+      raise ArgumentError, 'must provide either a Tozny user id, a tozny_email, or a tozny_username in order to find the user to push to' if
+          user_id.nil? && email.nil? && username.nil?
+      session_id ||= user_api.login_challenge[:session_id]
+      request_obj = {
+        method: 'realm.user_push',
+        session_id: session_id
+      }
+      if !user_id.nil?
+        request_obj[:user_id] = user_id
+      elsif !email.nil?
+        request_obj[:tozny_email] = email
+      elsif !username.nil?
+        request_obj[:tozny_username] = username
+      end
+      raw_call request_obj
+    end
+
     # perform a raw(ish) API call
     # @param [Hash{Symbol, String => Object}] request_obj The request to conduct. Should include a :method at the least. Prefer symbol keys to string keys
     # @return [Object] The parsed result of the request. NOTE: most types will be stringified for most requests
     def raw_call(request_obj)
-      request_obj[:nonce] = Tozny::Core.generate_nonce #generate the nonce
-      request_obj[:expires_at] = Time.now.to_i + 5*60 # UNIX timestamp for now +5 min TODO: does this work with check_login_via_api, or should it default to a passed in expires_at?
-      unless request_obj.key?('realm_key_id') || request_obj.key?(:realm_key_id) #check for both string and symbol
-        #TODO: how should we handle conflicts of symbol and string keys?
+      request_obj[:nonce] = Tozny::Core.generate_nonce # generate the nonce
+      request_obj[:expires_at] = Time.now.to_i + 5 * 60 # UNIX timestamp for now +5 min TODO: does this work with check_login_via_api, or should it default to a passed in expires_at?
+      unless request_obj.key?('realm_key_id') || request_obj.key?(:realm_key_id) # check for both string and symbol
+        # TODO: how should we handle conflicts of symbol and string keys?
         request_obj[:realm_key_id] = realm_key_id
       end
-      encoded_params = Tozny::Core.encode_and_sign(request_obj.to_json, realm_secret) #make a proper request of it.
-      request_url = api_url #copy the URL to a local variable so that we can add the query params
-      request_url.query = URI.encode_www_form encoded_params #encode signed_data and signature as query params
-      #p request_url
+      encoded_params = Tozny::Core.encode_and_sign(request_obj.to_json, realm_secret) # make a proper request of it.
+      request_url = api_url # copy the URL to a local variable so that we can add the query params
+      request_url.query = URI.encode_www_form encoded_params # encode signed_data and signature as query params
+      # p request_url
       http_result = Net::HTTP.get(request_url)
-      JSON.parse(http_result, {:symbolize_names => true}) #TODO: handle errors
+      JSON.parse(http_result, symbolize_names: true) # TODO: handle errors
     end
   end
-end
+end

data/lib/tozny/user.rb

@@ -4,49 +4,90 @@ module Tozny
   class User
     attr_accessor :realm_key_id, :api_url
     def initialize(realm_key_id, api_url = nil)
-
       if !api_url.nil?
         self.api_url = api_url
-      elsif !(ENV['API_URL'].nil?)
-        self.api_url=ENV['API_URL']
+      elsif !(ENV['API_URL'].nil?) # rubocop:disable all
+        self.api_url = ENV['API_URL']
       else
-        self.api_url='https://api.tozny.com/index.php'
+        self.api_url = 'https://api.tozny.com/index.php'
       end
 
-      unless self.api_url.is_a? URI
-        self.api_url = URI.parse(self.api_url)
-      end
+      self.api_url = URI.parse(self.api_url) unless self.api_url.is_a? URI
 
-      self.set_new_realm(realm_key_id)
+      set_new_realm(realm_key_id)
     end
 
+    # check the status of a session
+    # @param [String] session_id the session to check
+    # @return [TrueClass, FalseClass] 'true' if the use has logged in with the session, false otherwise
     def check_session_status(session_id)
-      raw_call({
-        :method => 'user.check_session_status',
-        :session_id => session_id
-      }).has_key?(:signed_data)
+      raw_call(
+        method: 'user.check_session_status',
+        session_id: session_id
+      ).key?(:signed_data)
     end
 
     # use a new realm_key_id
     # @param [String] realm_key_id
     # @return [TrueClass] will always return true
-    def set_new_realm (realm_key_id)
+    def set_new_realm(realm_key_id) # rubocop:disable Style/AccessorMethodName
       self.realm_key_id = realm_key_id
       true
     end
 
-    # perform a raw(ish) API call
+    # Generate a new login challenge session
+    # @param [TrueClass, FalseClass] user_add optional: whether or not to create an enrollment challenge rather than an authentication challenge
+    # @return [Hash] a challenge session (:challenge, :realm_key_id, :session_id, :qr_url, :mobile_url, :created_at, :presence = "")
+    def login_challenge(user_add = nil)
+      request_obj = {
+        method: 'user.login_challenge'
+      }
+      request_obj[:user_add] = user_add if user_add
+      raw_call request_obj
+    end
+
+    # Create an OTP challenge session
+    # @return [Hash] a hash [session_id, presence] containing an OTP session id and an OTP presence (an alias for a type-destination combination)
+    # @param [String] type one of 'sms-otp-6', 'sms-otp-8': the type of the OTP to send
+    # @param [String] destination the destination for the OTP. For an SMS OTP, this should be a phone number
+    # @param [String] presence can be used instead of 'type' and 'destination': an OTP presence provided by the TOZNY API
+    # @raise ArgumentError when not enough information to submit an OTP request
+    # @raise ArgumentError on invalid request type
+    def otp_challenge(type = nil, destination = nil, presence = nil)
+      raise ArgumentError, 'must provide either a presence or a type and destination' if (type.nil? || destination.nil?) && presence.nil?
+      request_obj = {
+        method: 'user.otp_challenge'
+      }
+      if presence.nil?
+        raise ArgumentError, "request type must one of 'sms-otp-6' or 'sms-otp-8'" unless %w(sms-otp-6 sms-otp-8).include? type
+        request_obj[:type] = type
+        # TODO: consider validating that 'destination' is a valid phone number when 'type' is sms-otp-*
+        request_obj[:destination] = destination
+      else
+        request_obj[:presence] = presence
+      end
+      raw_call request_obj
+    end
+
+    # Check an OTP against an OTP session
+    # @param [String] session_id the OTP session to validate
+    # @param [String, Integer] otp the OTP to check
+    # @return [Hash] The signed_data and signature containing a session ID and metadata, if any, on success. Otherwise, error[s].
+    def otp_result(session_id, otp)
+      raw_call(method: 'user.otp_result', session_id: session_id, otp: otp)
+    end
+
+    # Perform a raw(ish) API call
     # @param [Hash{Symbol, String => Object}] request_obj The request to conduct. Should include a :method at the least. Prefer symbol keys to string keys
     # @return [Object] The parsed result of the request. NOTE: most types will be stringified for most requests
     def raw_call(request_obj)
-      unless request_obj.key?('realm_key_id') || request_obj.key?(:realm_key_id) #check for both string and symbol
-        #TODO: how should we handle conflicts of symbol and string keys?
+      unless request_obj.key?('realm_key_id') || request_obj.key?(:realm_key_id) # check for both string and symbol
+        # TODO: how should we handle conflicts of symbol and string keys?
         request_obj[:realm_key_id] = realm_key_id
       end
-      request_url = api_url #copy the URL to a local variable so that we can add the query params
-      request_url.query = URI.encode_www_form request_obj #encode request as query params
-      #p request_url
-      JSON.parse(Net::HTTP.get(request_url), {:symbolize_names => true})
+      request_url = api_url # copy the URL to a local variable so that we can add the query params
+      request_url.query = URI.encode_www_form request_obj # encode request as query params
+      JSON.parse(Net::HTTP.get(request_url), symbolize_names: true)
     end
   end
-end
+end

data/tozny-auth.gemspec

@@ -30,7 +30,8 @@ Gem::Specification.new do |spec|
   spec.add_development_dependency 'bundler', '~> 1.12'
   spec.add_development_dependency 'rake', '~> 10.0'
   spec.add_development_dependency 'minitest', '~> 5.0'
+  spec.add_development_dependency  'rubocop', '~> 0.41.1'
 
   # Only with ruby 2.0.x
-  spec.required_ruby_version = '~> 2.0'
+  spec.required_ruby_version = '~> 2'
 end

data/tozny-auth.iml

@@ -19,9 +19,17 @@
       <excludeFolder url="file://$MODULE_DIR$/.bundle" />
       <excludeFolder url="file://$MODULE_DIR$/vendor/bundle" />
     </content>
-    <orderEntry type="jdk" jdkName="ruby-2.1.5-p273" jdkType="RUBY_SDK" />
+    <orderEntry type="jdk" jdkName="ruby-2.2.4-p230" jdkType="RUBY_SDK" />
     <orderEntry type="sourceFolder" forTests="false" />
-    <orderEntry type="library" scope="PROVIDED" name="bundler (v1.12.2, ruby-2.1.5-p273) [gem]" level="application" />
-    <orderEntry type="library" scope="PROVIDED" name="minitest (v5.8.4, ruby-2.1.5-p273) [gem]" level="application" />
+    <orderEntry type="library" scope="PROVIDED" name="ast (v2.3.0, ruby-2.2.4-p230) [gem]" level="application" />
+    <orderEntry type="library" scope="PROVIDED" name="bundler (v1.12.5, ruby-2.2.4-p230) [gem]" level="application" />
+    <orderEntry type="library" scope="PROVIDED" name="minitest (v5.9.0, ruby-2.2.4-p230) [gem]" level="application" />
+    <orderEntry type="library" scope="PROVIDED" name="parser (v2.3.1.2, ruby-2.2.4-p230) [gem]" level="application" />
+    <orderEntry type="library" scope="PROVIDED" name="powerpack (v0.1.1, ruby-2.2.4-p230) [gem]" level="application" />
+    <orderEntry type="library" scope="PROVIDED" name="rainbow (v2.1.0, ruby-2.2.4-p230) [gem]" level="application" />
+    <orderEntry type="library" scope="PROVIDED" name="rake (v10.1.0, ruby-2.2.4-p230) [gem]" level="application" />
+    <orderEntry type="library" scope="PROVIDED" name="rubocop (v0.41.1, ruby-2.2.4-p230) [gem]" level="application" />
+    <orderEntry type="library" scope="PROVIDED" name="ruby-progressbar (v1.8.1, ruby-2.2.4-p230) [gem]" level="application" />
+    <orderEntry type="library" scope="PROVIDED" name="unicode-display_width (v1.1.0, ruby-2.2.4-p230) [gem]" level="application" />
   </component>
 </module>

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: tozny-auth
 version: !ruby/object:Gem::Version
-  version: 0.1.4
+  version: 0.1.5
 platform: ruby
 authors:
 - Ethan Bell / emanb29
 autorequire: 
 bindir: exe
 cert_chain: []
-date: 2016-06-27 00:00:00.000000000 Z
+date: 2016-06-28 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler
@@ -52,6 +52,20 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: '5.0'
+- !ruby/object:Gem::Dependency
+  name: rubocop
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 0.41.1
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 0.41.1
 description: A set of methods to more conveniently access the Tozny authentication
   API as a RP of Tozny from Ruby
 email:
@@ -61,6 +75,7 @@ extensions: []
 extra_rdoc_files: []
 files:
 - ".gitignore"
+- ".rubocop.yml"
 - ".travis.yml"
 - Gemfile
 - LICENSE
@@ -87,7 +102,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - "~>"
     - !ruby/object:Gem::Version
-      version: '2.0'
+      version: '2'
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="