usps-jwt_auth 0.2.6 → 0.2.7

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 34bde76a473a9a091c8b44a0253d49868d957e7ea2edd365aae1d0b8639073e1
-  data.tar.gz: 2f5a5df0b10c3344b563abede725f50b65c3fad6694babb2dd6683569e3d784c
+  metadata.gz: e46b14c6f88047e2a91d8b3dee98dc62b77453e8df259af908673471215eaf61
+  data.tar.gz: 758b74fc5fe973143b1bf23cb73df23c27fbf97953e51a244cdb5fda41dc6140
 SHA512:
-  metadata.gz: b77c1978798dbe4e885b7f9f47b46d18b53bc0e72c8075ad6be054d0ac0a80c4268f945431523158f3534b896858ad32b58fa7153ae3934d87e638fa4df57bf8
-  data.tar.gz: fe942f554c30ef6eca06a9e99f8d4e0b73381e59da2145ae7dabe233008db30b5a01ca19095d2f48d6168e367de0db62b880eaf54a3bf74618704538de9e1fc7
+  metadata.gz: 64525963c48bbc9485cf639e0d09473288df601d3b6b85c3d7077cda7da694395d7d5070de76f3de5c5fc27498d42b8cead943ce670f5f39b3582c8fcc7d8e5f
+  data.tar.gz: 6b345b3c1f03158242261cea4e01d95939a3c87e0f4af77efb0b4c129b55ddc284d4d0c7a10d5e45a75e6f6d0ccaca4e9b81d9e8b40135aec81b92a6728fa311

data/Gemfile.lock

@@ -1,8 +1,9 @@
 PATH
   remote: .
   specs:
-    usps-jwt_auth (0.2.6)
+    usps-jwt_auth (0.2.7)
       activesupport (~> 8.0)
+      colorize (~> 1.1)
       fileutils (~> 1.7)
       jwt (~> 3.1)
 
@@ -26,6 +27,7 @@ GEM
     base64 (0.3.0)
     benchmark (0.4.1)
     bigdecimal (3.3.1)
+    colorize (1.1.0)
     concurrent-ruby (1.3.5)
     connection_pool (2.5.4)
     date (3.4.1)

data/README.md

@@ -7,7 +7,7 @@
 Add the gem to your Gemfile:
 
 ```ruby
-gem 'usps-jwt_auth', '>= 0.2.6'
+gem 'usps-jwt_auth', '>= 0.2.7'
 ```
 
 Then run the install task:
@@ -18,17 +18,26 @@ bundle exec rails usps:jwt:install
 
 ## Configuration
 
+Config options `audience`, `is_admin`, and `find_member` are required.
+
 ```ruby
 Usps::JwtAuth.configure do |config|
-  # config.environment = Rails.env
-  # config.keys_path = 'config/keys'
-  # config.public_keys_path = 'config/public_keys'
-  # config.key_size = 4096
-  # config.algorithm = 'RS512'
-
-  config.audience = ENV.fetch('JWT_AUDIENCE')
-  # config.issuer_base = ENV.fetch('JWT_ISSUER_BASE', 'usps:1')
-  config.issuers = ENV.fetch('JWT_ISSUERS', 'admin:1').split(',')
+  # This will default to `Rails.env` if available.
+  config.environment = 'development'
+
+  # These will append to `Rails.root` if available.
+  config.keys_path        = 'config/keys'
+  config.public_keys_path = 'config/public_keys'
+
+  # These options will default to the listed `ENV` variable if available.
+  #
+  # The ultimate defaults are listed to the right.
+  #
+  config.audience    = 'example'   # ENV['JWT_AUDIENCE']    # nil
+  config.algorithm   = 'RS512'     # ENV['JWT_ALGORITHM']   # 'RS512'
+  config.key_size    = 4096        # ENV['JWT_KEY_SIZE']    # 4096
+  config.issuer_base = 'usps:1'    # ENV['JWT_ISSUER_BASE'] # 'usps:1'
+  config.issuers     = ['admin:1'] # ENV['JWT_ISSUERS']     # []
 
   config.is_admin = ->(user) { Pundit.policy(user, :admin).admin? }
   config.find_member = ->(certificate) { Members::Member.find(certificate) }

data/lib/tasks/.rubocop.yml

@@ -0,0 +1,2 @@
+Metrics/BlockLength:
+  Enabled: false

data/lib/tasks/default/.rubocop.yml

@@ -0,0 +1,2 @@
+Style/FrozenStringLiteralComment:
+  Enabled: false

data/lib/tasks/default/initializer.rb

@@ -0,0 +1,7 @@
+Usps::JwtAuth.configure do |config|
+  config.audience = ENV.fetch('JWT_AUDIENCE', 'example')
+  config.issuers  = ENV.fetch('JWT_ISSUERS', ['admin:1'])
+
+  config.is_admin = ->(user) { Pundit.policy(user, :admin).admin? }
+  config.find_member = ->(certificate) { Members::Member.find(certificate) }
+end

data/lib/tasks/jwt_auth.rake

@@ -1,24 +1,110 @@
 # frozen_string_literal: true
 
+require 'colorize'
+
 namespace :usps do
   namespace :jwt do
     desc 'Setup JWT Authentication'
     task install: :environment do
-      # Ensure keys directories exist
+      Rake::Task['usps:jwt:keys'].invoke
+      Rake::Task['usps:jwt:ignore_keys'].invoke
+      Rake::Task['usps:jwt:initializer'].invoke
+      Rake::Task['usps:jwt:controller'].invoke
+    end
+
+    desc 'Ensure key directories exist'
+    task keys: :environment do
+      print 'Ensuring configured key directories exist... '
+
       FileUtils.mkdir_p(Usps::JwtAuth.config.keys_path)
       FileUtils.touch(Usps::JwtAuth.config.keys_path.join('.keep'))
       FileUtils.mkdir_p(Usps::JwtAuth.config.public_keys_path)
       FileUtils.touch(Usps::JwtAuth.config.public_keys_path.join('.keep'))
 
-      # Ignore keys directories from git
-      File.open('.gitignore', 'a') do |file|
-        file.puts <<~IGNORE
-          /#{Usps::JwtAuth.config.keys_path}
-          /!#{Usps::JwtAuth.config.keys_path.join('.keep')}
-          /#{Usps::JwtAuth.config.public_keys_path}
-          /!#{Usps::JwtAuth.config.public_keys_path.join('.keep')}
-        IGNORE
+      puts 'Done.'.green
+    end
+
+    desc 'Create configuration initializer'
+    task initializer: :environment do
+      print 'Creating configuration initializer... '
+
+      initializer_path = defined?(Rails) ? Rails.root.join('config/initializers/jwt_auth.rb') : 'jwt_auth.rb'
+
+      initializer = File.read(File.join(__dir__, 'default/initializer.rb'))
+
+      if File.exist?(initializer_path)
+        if File.read(initializer_path).include?('Usps::JwtAuth.configure')
+          puts 'Existing detected: Skipping.'.yellow
+          next
+        end
+
+        puts "Conflict!\n".red
+        warn "File #{initializer_path} already exists!".yellow
+        puts "\nPlease choose a different location for your configuration initializer:\n".yellow
+        puts "#{initializer}\n".blue
+        abort
+      else
+        File.open(initializer_path, 'w') { |f| f.puts(initializer) }
+
+        puts 'Done.'.green
+      end
+    end
+
+    desc 'Add key directories to git ignore'
+    task ignore_keys: :environment do
+      print 'Git ignoring key directories... '
+
+      ignores = [
+        "/#{Usps::JwtAuth.config.raw_keys_path}/*",
+        "!/#{Usps::JwtAuth.config.raw_keys_path.join('.keep')}",
+        "/#{Usps::JwtAuth.config.raw_public_keys_path}/*",
+        "!/#{Usps::JwtAuth.config.raw_public_keys_path.join('.keep')}"
+      ]
+
+      ignores.each do |ignore|
+        next if File.foreach('.gitignore').find { |line| line.chomp == ignore }
+
+        File.open('.gitignore', 'a') { |f| f.puts ignore }
+      end
+
+      puts 'Done.'.green
+    end
+
+    desc 'Add include and callback to ApplicationController'
+    task controller: :environment do
+      next unless defined?(Rails)
+
+      application_controller = Rails.root.join('app/controllers/application_controller.rb')
+      next unless File.exist?(application_controller)
+
+      existing = File.foreach(application_controller).find do |line|
+        line.chomp.match?(/^\s+include Usps::JwtAuth::Concern$/)
+      end
+
+      print 'Including in ApplicationController... '
+
+      if existing
+        puts 'Existing detected: Skipping.'.yellow
+        next
+      end
+
+      lines = []
+      File.foreach(application_controller) do |line|
+        lines << line
+        next unless line.chomp =~ /^(\s*)class ApplicationController < ActionController::Base$/
+
+        indent = Regexp.last_match(1)
+
+        lines << "#{indent}  include Usps::JwtAuth::Concern"
+        lines << ''
+        lines << "#{indent}  before_action :authorize_user_from_jwt!"
+        lines << "#{indent}  # skip_before_action :authorize_user_from_jwt!, only: %i[]"
+        lines << ''
       end
+
+      File.open(application_controller, 'w').puts(lines)
+
+      puts 'Done.'.green
     end
   end
 end

data/lib/usps/jwt_auth/config.rb

@@ -14,11 +14,11 @@ module Usps
         @environment = defined?(Rails) ? Rails.env : ActiveSupport::StringInquirer.new('development')
         @keys_path = Pathname.new('config/keys')
         @public_keys_path = Pathname.new('config/public_keys')
-        @key_size = 4096
-        @algorithm = 'RS512'
-        @issuer_base = 'usps:1'
-        @issuers = []
-        @audience = nil
+        @key_size = ENV.fetch('JWT_KEY_SIZE', '4096').to_i
+        @algorithm = ENV.fetch('JWT_ALGORITHM', 'RS512')
+        @issuer_base = ENV.fetch('JWT_ISSUER_BASE', 'usps:1')
+        @issuers = ENV.fetch('JWT_ISSUERS', [])
+        @audience = ENV.fetch('JWT_AUDIENCE', nil)
 
         yield self if block_given? # Also support setting options on initialize
       end
@@ -31,6 +31,10 @@ module Usps
         defined?(Rails) ? Rails.root.join(@keys_path) : @keys_path
       end
 
+      def raw_keys_path
+        @keys_path
+      end
+
       def keys_path=(path)
         @keys_path = path.is_a?(Pathname) ? path : Pathname.new(path)
       end
@@ -39,6 +43,10 @@ module Usps
         defined?(Rails) ? Rails.root.join(@public_keys_path) : @public_keys_path
       end
 
+      def raw_public_keys_path
+        @public_keys_path
+      end
+
       def public_keys_path=(path)
         @public_keys_path = path.is_a?(Pathname) ? path : Pathname.new(path)
       end

data/lib/usps/jwt_auth/version.rb

@@ -2,6 +2,6 @@
 
 module Usps
   module JwtAuth
-    VERSION = '0.2.6'
+    VERSION = '0.2.7'
   end
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: usps-jwt_auth
 version: !ruby/object:Gem::Version
-  version: 0.2.6
+  version: 0.2.7
 platform: ruby
 authors:
 - Julian Fiander
@@ -23,6 +23,20 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: '8.0'
+- !ruby/object:Gem::Dependency
+  name: colorize
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.1'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.1'
 - !ruby/object:Gem::Dependency
   name: fileutils
   requirement: !ruby/object:Gem::Requirement
@@ -63,6 +77,9 @@ files:
 - Gemfile.lock
 - README.md
 - Rakefile
+- lib/tasks/.rubocop.yml
+- lib/tasks/default/.rubocop.yml
+- lib/tasks/default/initializer.rb
 - lib/tasks/jwt_auth.rake
 - lib/usps/jwt_auth.rb
 - lib/usps/jwt_auth/concern.rb