RubyGems - warden-auth0 - Versions diffs - 0.4.2 → 0.5.0 - Mend

warden-auth0 0.4.2 → 0.5.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (4) hide show

checksums.yaml +4 -4
data/lib/warden/auth0/strategy.rb +41 -25
data/lib/warden/auth0/version.rb +1 -1
metadata +2 -2

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 53ff7d4cd272f2a0a1f45dc8fbb761f199b25202b187ec8e0e53aabfeeec1729
-  data.tar.gz: f605f8c6e8519917fa5b9ccc8049695b3d6b573aa2bb6bc28b2692951626f293
+  metadata.gz: 54c3afd13ee677f68ff3d9714dafe2e65618b0676ee572571b4ef5677ac619c9
+  data.tar.gz: 25c718da351deef825992ad9173e837a94d24a8cc1d8e087271d59d537fb1c05
 SHA512:
-  metadata.gz: c8391f20dd8832db7ad18ee839cf54d8b5351351a300327bc4f262df17ac1615b52c77991e8d32ccd904fcd5e2439dbe7288b3c93cf07c170c88ff8c55381560
-  data.tar.gz: 564cf79c6e4bd150859779d4ae2dc0fd416cf2efadf83c34e600678070881f702ee0c5a32e92e90fd98d69d085f96ea5f88900716fb5a7b365dd1186417baf06
+  metadata.gz: 3d9d3c595aea0c10ea9b60a98ced9be0695fbc26fe04ed90fc3c70ce85521afbc5d4a534b5a39470b1091fd24bb04e7c6de3af381d41c88097193f1c997b23ed
+  data.tar.gz: 5280943643893b15dbbdcac569e3a9cb619ddf7d05d775eb7cb20f84f9bd6280e000804c658de12a21e8bee12e595cab6b2861eeb0fa418e58f85600824f28ec

data/lib/warden/auth0/strategy.rb CHANGED Viewed

@@ -17,14 +17,12 @@ module Warden
       def authenticate!
         raise Errors::WrongIssuer, 'wrong issuer' unless issuer_claim_valid?
         raise Errors::WrongAud, 'wrong audience' unless aud_claim_valid?
-        method = "#{scope}_resolver"
-        raise "unimplemented resolver #{method}" unless respond_to?(method)
-        user = send(method, decoded_token)
+        resolver_method = "#{scope}_resolver"
+        raise "unimplemented resolver #{resolver_method}" unless respond_to?(resolver_method)
+        user = send(resolver_method, decoded_token)
         raise Warden::Auth0::Errors::NilUser, 'nil user' unless user
         success!(user)
@@ -35,6 +33,18 @@ module Warden
       private
+      def token
+        @token ||= HeaderParser.from_env(env)
+      end
+      def token_exists?
+        !token.nil?
+      end
+      def decoded_token
+        TokenDecoder.new.call(token)
+      end
       def issuer_claim_valid?
         issuer = configured_issuer
         issuer_matches?(decoded_token, issuer)
@@ -43,21 +53,17 @@ module Warden
       end
       def aud_claim_valid?
-        aud = configured_aud
-        aud_matches?(decoded_token, aud)
+        audience = configured_aud
+        aud_matches?(decoded_token, audience)
       rescue JWT::DecodeError
         false
       end
-      def decoded_token
-        TokenDecoder.new.call(token)
-      end
       def configured_aud
-        configured_aud = Warden::Auth0.config.aud
-        raise Errors::NoConfiguredAud if configured_aud.nil?
+        audience = Warden::Auth0.config.aud
+        raise Errors::NoConfiguredAud if audience.nil?
-        configured_aud
+        audience
       end
       def configured_issuer
@@ -67,22 +73,32 @@ module Warden
         configured_issuer
       end
-      def token_exists?
-        !token.nil?
-      end
+      def issuer_matches?(payload, issuer_config)
+        token_issuer = payload['iss'].to_s
+        return false unless token_issuer
-      def issuer_matches?(payload, issuer)
-        payload['iss'] == issuer.to_s
+        if issuer_config.is_a?(String)
+          return token_issuer == issuer_config.to_s
+        elsif issuer_config.is_a?(Array)
+          return issuer_config.map(&:to_s).include?(token_issuer)
+        end
+        false
       end
-      def aud_matches?(payload, aud)
-        return true if payload['aud'] == aud.to_s
+      def aud_matches?(payload, issuer_aud)
+        token_audience = payload['aud']
+        return false unless token_audience
-        payload['aud'].is_a?(Array) && payload['aud'].include?(aud)
-      end
+        if issuer_aud.is_a?(String)
+          return true if token_audience == issuer_aud.to_s
+          return token_audience.is_a?(Array) && token_audience.include?(issuer_aud)
+        elsif issuer_aud.is_a?(Array)
+          return true if issuer_aud.include?(token_audience)
+          return token_audience.is_a?(Array) && (token_audience & issuer_aud).any?
+        end
-      def token
-        @token ||= HeaderParser.from_env(env)
+        false
       end
     end
   end

data/lib/warden/auth0/version.rb CHANGED Viewed

@@ -2,6 +2,6 @@
 module Warden
   module Auth0
-    VERSION = '0.4.2'
+    VERSION = '0.5.0'
   end
 end

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: warden-auth0
 version: !ruby/object:Gem::Version
-  version: 0.4.2
+  version: 0.5.0
 platform: ruby
 authors:
 - 1KOMMA5º
 autorequire:
 bindir: exe
 cert_chain: []
-date: 2024-09-18 00:00:00.000000000 Z
+date: 2025-06-02 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: dry-auto_inject