warden-auth0 0.2.0 → 0.4.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 37731f848d70bcbb50ae044f5b36b784af7d5588493164133212b886c8fac6f8
4
- data.tar.gz: fce5230a7893cf935801b4d6681cb2b564dad1848d49a226d97c368de802cba0
3
+ metadata.gz: afcf9aee49fb8c2b0f36a107c154357931a191753556748951451fd00ea4f996
4
+ data.tar.gz: aedf18139544af9c3c55c1fd8862709bcd825a6df122dd03088a309bb728c7e5
5
5
  SHA512:
6
- metadata.gz: 94e9c3a5c1a7b1247121dcfdb1f22c4bb3daad043168f0040a59d12d1367a1a5301d6fe7ffd6f7923169fc12b97b1cd8b51ad56529f6686a77409a26c45791d9
7
- data.tar.gz: 53c67aecae629bb63556ebdd9eeca868ffcb9303b9dceff5d20a676d0d06fe79b1e8ba1c3b4e2102cb6fc90c87b248f12ac385f34295a380e3d970c8eb7fc17e
6
+ metadata.gz: 8b9cdf67c51cdcb6edfea06d6ef7a73b9592ed8dd4fa8e3eac38149aa114086435f53c2261a9f6b800009134d3ab564ed4a64fc51e942389f3c7f6fcd67e9a50
7
+ data.tar.gz: 2e1e65fd7855d83be55b2374fda7b45e8d255154a2df735515db0100990eaf6fb2ee8d011ea3fa6e60d14c7c26dd943a951f75c0a6b83ffd09e973d0a2d733b6
@@ -20,7 +20,10 @@ module Warden
20
20
 
21
21
  raise Errors::WrongAud, 'wrong audience' unless aud_claim_valid?
22
22
 
23
- user = user_resolver(decoded_token)
23
+ method = "#{scope}_resolver"
24
+ raise "unimplemented resolver #{method}" unless respond_to?(method)
25
+
26
+ user = send(method, decoded_token)
24
27
 
25
28
  raise Warden::Auth0::Errors::NilUser, 'nil user' unless user
26
29
 
@@ -50,10 +53,6 @@ module Warden
50
53
  TokenDecoder.new.call(token)
51
54
  end
52
55
 
53
- def user_resolver(decoded_token)
54
- raise "TODO: Implement!"
55
- end
56
-
57
56
  def configured_aud
58
57
  configured_aud = Warden::Auth0.config.aud
59
58
  raise Errors::NoConfiguredAud if configured_aud.nil?
@@ -6,7 +6,7 @@ module Warden
6
6
  module Auth0
7
7
  # Decodes a JWT into a hash payload into a JWT token
8
8
  class TokenDecoder
9
- include Auth0::Import['decoding_secret', 'algorithm']
9
+ include Auth0::Import['algorithm', 'jwks']
10
10
 
11
11
  # Decodes the payload from a JWT as a hash
12
12
  #
@@ -16,17 +16,13 @@ module Warden
16
16
  # @param token [String] a JWT
17
17
  # @return [Hash] payload decoded from the JWT
18
18
  def call(token)
19
- decode(token, decoding_secret)
19
+ decode(token)
20
20
  end
21
21
 
22
22
  private
23
23
 
24
- def decode(token, secret)
25
- JWT.decode(token,
26
- secret,
27
- true,
28
- algorithm: algorithm,
29
- verify_jti: true)[0]
24
+ def decode(token)
25
+ JWT.decode(token, nil, true, algorithms: algorithm, jwks: jwks)[0]
30
26
  end
31
27
  end
32
28
  end
@@ -2,6 +2,6 @@
2
2
 
3
3
  module Warden
4
4
  module Auth0
5
- VERSION = '0.2.0'
5
+ VERSION = '0.4.0'
6
6
  end
7
7
  end
data/lib/warden/auth0.rb CHANGED
@@ -4,6 +4,7 @@ require 'dry/configurable'
4
4
  require 'dry/auto_inject'
5
5
  require 'jwt'
6
6
  require 'warden'
7
+ require 'faraday'
7
8
 
8
9
  module Warden
9
10
  # Auth0 authentication plugin for warden.
@@ -12,29 +13,6 @@ module Warden
12
13
  # token present in the `Authentication` header (as `Bearer %token%`).
13
14
  module Auth0
14
15
  extend Dry::Configurable
15
-
16
- def symbolize_keys(hash)
17
- hash.transform_keys(&:to_sym)
18
- end
19
-
20
- def upcase_first_items(array)
21
- array.map do |tuple|
22
- method, path = tuple
23
- [method.to_s.upcase, path]
24
- end
25
- end
26
-
27
- def constantize_values(hash)
28
- hash.transform_values do |value|
29
- value.is_a?(String) ? Object.const_get(value) : value
30
- end
31
- end
32
-
33
- module_function :constantize_values, :symbolize_keys, :upcase_first_items
34
-
35
- # The secret used to decode the token, defaults to `secret` if not provided
36
- setting :decoding_secret, constructor: ->(value) { value || config.secret }
37
-
38
16
  # Request header that will be used for receiving and returning the token.
39
17
  setting :token_header, default: 'Authorization'
40
18
 
@@ -53,10 +31,30 @@ module Warden
53
31
  # Will be used to only apply the warden strategy when the audience matches.
54
32
  setting :aud, default: nil
55
33
 
56
- # This is a method that takes in the payload sub and should return a User
57
- setting :user_resolver
34
+ # The url to fetch jwks from
35
+ setting :jwks_url
36
+
37
+ # Store the JWKS after fetching it
38
+ setting :jwks, constructor: ->(jwks) { jwks || fetch_jwks(config.jwks_url) }
58
39
 
59
40
  Import = Dry::AutoInject(config)
41
+
42
+ # Method to fetch JWKS from the specified URL
43
+ def self.fetch_jwks(jwks_url)
44
+ raise 'No url provided for fetching jwks' if jwks_url.nil?
45
+
46
+ jwks_response = connection.get(jwks_url).body
47
+ jwks = JWT::JWK::Set.new(jwks_response)
48
+ jwks.select { |key| key[:use] == 'sig' }
49
+ rescue StandardError => e
50
+ raise "Failed to fetch JWKS: #{e.message}"
51
+ end
52
+
53
+ def self.connection
54
+ Faraday.new(request: { timeout: 5 }) do |conn|
55
+ conn.response :json
56
+ end
57
+ end
60
58
  end
61
59
  end
62
60
 
data/warden-auth0.gemspec CHANGED
@@ -25,6 +25,7 @@ Gem::Specification.new do |spec|
25
25
  spec.add_dependency 'dry-configurable', '>= 0.13', '< 2'
26
26
  spec.add_dependency 'jwt', '~> 2.1'
27
27
  spec.add_dependency 'warden', '~> 1.2'
28
+ spec.add_dependency 'faraday', '~> 2.11'
28
29
 
29
30
  spec.add_development_dependency 'bundler'
30
31
  spec.add_development_dependency 'pry-byebug', '~> 3.7'
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: warden-auth0
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.2.0
4
+ version: 0.4.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - 1KOMMA5º
8
8
  autorequire:
9
9
  bindir: exe
10
10
  cert_chain: []
11
- date: 2024-09-13 00:00:00.000000000 Z
11
+ date: 2024-09-18 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: dry-auto_inject
@@ -78,6 +78,20 @@ dependencies:
78
78
  - - "~>"
79
79
  - !ruby/object:Gem::Version
80
80
  version: '1.2'
81
+ - !ruby/object:Gem::Dependency
82
+ name: faraday
83
+ requirement: !ruby/object:Gem::Requirement
84
+ requirements:
85
+ - - "~>"
86
+ - !ruby/object:Gem::Version
87
+ version: '2.11'
88
+ type: :runtime
89
+ prerelease: false
90
+ version_requirements: !ruby/object:Gem::Requirement
91
+ requirements:
92
+ - - "~>"
93
+ - !ruby/object:Gem::Version
94
+ version: '2.11'
81
95
  - !ruby/object:Gem::Dependency
82
96
  name: bundler
83
97
  requirement: !ruby/object:Gem::Requirement