warden-cognito 0.3.0 → 0.4.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 67b38f626935f1b428eade990cec7e0aa79be73de6ecdf12f747a0cf9fca8b9d
-  data.tar.gz: f9e1ae36d5bc9508e02e57c479848d195ad5d47baa01b597f819479dd285d954
+  metadata.gz: 72decab69c879a899d9468de899c6d53792975e5cb2264c939be04bad97f4d75
+  data.tar.gz: 7ec3da2314db8b2b4d4c79e459626ac1a2ecfe6c7ef8fdd2f64cbb34485ab6c4
 SHA512:
-  metadata.gz: 185dc40763cc5a39964b9f088cb122597abc78bef86b6937a8a630bb5813bb3cfbaa7bc7a7e32732d8daff9892f1033e30a408b8bf2121376b16b220f6c4afae
-  data.tar.gz: 49917c80e5c75c2a29fc62597e697438e8e21bffe15f53ec4c79ec701f50dc57de8e836f87b16cf39ff5fb6390f0d4a10016167ca7140622d5a97b42b6b336f1
+  metadata.gz: d2ad1bf73dfeb5e346cb704328965c4a9c5c853499c7ae1cf0845ae90feeaec74a29df7dcf968e2cd5f10abe3055529889873419a6eb883c4db3da97d41ea136
+  data.tar.gz: ae72cf25a49f230a128ecc8dad4e82926c0f76c4bd3b7bddb8e675d92944df3e4fed2c3ccf294e6a9c5714f219f0b64457ce9b1fdf89456f8f947dbf79d36e15

data/.rubocop.yml

@@ -4,6 +4,8 @@ AllCops:
     - 'db/**/*'
     - 'vendor/**/*'
 
+  TargetRubyVersion: 2.6
+
 Style/FrozenStringLiteralComment:
   Enabled: false
 

data/CHANGELOG.md

@@ -6,6 +6,18 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ## [Unreleased]
 
+## [0.4.0]
+- Fix deprecated syntax on configuration
+
+## [0.3.3]
+- Improve test helpers to include `jti` and `exp` claims and accept user-supplied claims.
+
+## [0.3.2]
+- Fix - specify region on scoped aws client
+
+## [0.3.1]
+- Allow selection of `user_pool` when generating a jwt through the test helper
+
 ## [0.3.0]
 - **Breaking Changes**: Configuration explicitly moved to `user_pools` object
 
@@ -27,7 +39,11 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 - Scratching the gem
 
-[Unreleased]: https://github.com/barkibu/warden-cognito/compare/v0.3.0...HEAD
+[Unreleased]: https://github.com/barkibu/warden-cognito/compare/v0.4.0...HEAD
+[0.4.0]: https://github.com/barkibu/warden-cognito/compare/v0.3.3...v0.4.0
+[0.3.3]: https://github.com/barkibu/warden-cognito/compare/v0.3.2...v0.3.3
+[0.3.2]: https://github.com/barkibu/warden-cognito/compare/v0.3.1...v0.3.2
+[0.3.1]: https://github.com/barkibu/warden-cognito/compare/v0.3.0...v0.3.1
 [0.3.0]: https://github.com/barkibu/warden-cognito/compare/v0.2.3...v0.3.0
 [0.2.3]: https://github.com/barkibu/warden-cognito/compare/v0.2.2...v0.2.3
 [0.2.2]: https://github.com/barkibu/warden-cognito/compare/v0.2.1...v0.2.2

data/README.md

@@ -82,12 +82,12 @@ module Helpers
       end
     end
 
-    def auth_headers_for_user(user, headers = {})
-      Warden::Cognito::TestHelpers.auth_headers(headers, user)
+    def auth_headers_for_user(user, pool_identifier, headers = {})
+      Warden::Cognito::TestHelpers.auth_headers(headers, user, pool_identifier)
     end
 
-    def jwt_for_user(user)
-      auth_headers_for_user(user)[:Authorization].split[1]
+    def jwt_for_user(user, pool_identifier)
+      auth_headers_for_user(user, pool_identifier)[:Authorization].split[1]
     end
   end
 end

data/docker-compose.yml

@@ -6,7 +6,6 @@ services:
     volumes:
       - .:/app
       - bundle:/usr/local/bundle
-      - ~/.ssh:/root/.ssh
       - ~/.gitconfig:/root/.gitconfig
 
 volumes:

data/lib/warden/cognito/cognito_client.rb

@@ -23,7 +23,7 @@ module Warden
       private
 
       def client
-        Aws::CognitoIdentityProvider::Client.new
+        Aws::CognitoIdentityProvider::Client.new region: user_pool.region
       end
 
       class << self

data/lib/warden/cognito/jwk_loader.rb

@@ -5,7 +5,9 @@ module Warden
       include HasUserPoolIdentifier
 
       def jwt_issuer
-        jwk.issuer || "https://cognito-idp.#{user_pool.region}.amazonaws.com/#{user_pool.pool_id}"
+        return "#{user_pool.identifier}-#{jwk.issuer}" if jwk.issuer.present?
+
+        "https://cognito-idp.#{user_pool.region}.amazonaws.com/#{user_pool.pool_id}"
       end
 
       def issued?(token)

data/lib/warden/cognito/test_helpers.rb

@@ -12,8 +12,9 @@ module Warden
           Warden::Cognito.config.jwk = { key: jwk, issuer: local_issuer }
         end
 
-        def auth_headers(headers, user)
-          headers.merge(Authorization: "Bearer #{generate_token(user)}")
+        def auth_headers(headers, user, pool_identifier = Warden::Cognito.config.user_pools.first.identifier,
+                         claims = {})
+          headers.merge(Authorization: "Bearer #{generate_token(user, pool_identifier, claims)}")
         end
 
         def local_issuer
@@ -22,10 +23,14 @@ module Warden
 
         private
 
-        def generate_token(user)
-          payload = { sub: user.object_id,
-                      "#{identifying_attribute}": user.cognito_id,
-                      iss: local_issuer }
+        def generate_token(user, pool_identifier, claims = {})
+          payload = {
+            sub: user.object_id,
+            "#{identifying_attribute}": user.cognito_id,
+            iss: "#{pool_identifier}-#{local_issuer}",
+            jti: SecureRandom.uuid,
+            exp: 1.hour.from_now.to_i
+          }.merge(claims)
           headers = { kid: jwk.kid }
           JWT.encode(payload, jwk.keypair, 'RS256', headers)
         end

data/lib/warden/cognito/version.rb

@@ -1,5 +1,5 @@
 module Warden
   module Cognito
-    VERSION = '0.3.0'.freeze
+    VERSION = '0.4.0'.freeze
   end
 end

data/lib/warden/cognito.rb

@@ -36,13 +36,13 @@ module Warden
     module_function :jwk_config_keys, :jwk_instance, :user_pool_configuration_keys, :user_pool_configurations
 
     setting :user_repository
-    setting(:identifying_attribute, 'sub', &:to_s)
+    setting :identifying_attribute, default: 'sub', constructor: ->(attr) { attr.to_s }
     setting :after_local_user_not_found
-    setting :cache, ActiveSupport::Cache::NullStore.new
+    setting :cache, default: ActiveSupport::Cache::NullStore.new
 
-    setting(:jwk, nil) { |value| jwk_instance(value) }
+    setting :jwk, default: nil, constructor: ->(value) { jwk_instance(value) }
 
-    setting(:user_pools, []) { |value| user_pool_configurations(value) }
+    setting :user_pools, default: [], constructor: ->(value) { user_pool_configurations(value) }
 
     Import = Dry::AutoInject(config)
   end

metadata

@@ -1,15 +1,15 @@
 --- !ruby/object:Gem::Specification
 name: warden-cognito
 version: !ruby/object:Gem::Version
-  version: 0.3.0
+  version: 0.4.0
 platform: ruby
 authors:
 - Juan F. Pérez
 - Léo Figea
-autorequire: 
+autorequire:
 bindir: exe
 cert_chain: []
-date: 2021-01-20 00:00:00.000000000 Z
+date: 2022-01-10 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: activesupport
@@ -235,7 +235,7 @@ metadata:
   homepage_uri: https://github.com/barkibu/warden-cognito
   source_code_uri: https://github.com/barkibu/warden-cognito
   changelog_uri: https://github.com/barkibu/warden-cognito/blob/master/CHANGELOG.md
-post_install_message: 
+post_install_message:
 rdoc_options: []
 require_paths:
 - lib
@@ -250,8 +250,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.0.3
-signing_key: 
+rubygems_version: 3.1.4
+signing_key:
 specification_version: 4
 summary: Amazon Cognito authentication for Warden
 test_files: []