warden-cognito 0.3.0 → 0.4.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/.rubocop.yml +2 -0
- data/CHANGELOG.md +17 -1
- data/README.md +4 -4
- data/docker-compose.yml +0 -1
- data/lib/warden/cognito/cognito_client.rb +1 -1
- data/lib/warden/cognito/jwk_loader.rb +3 -1
- data/lib/warden/cognito/test_helpers.rb +11 -6
- data/lib/warden/cognito/version.rb +1 -1
- data/lib/warden/cognito.rb +4 -4
- metadata +6 -6
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 72decab69c879a899d9468de899c6d53792975e5cb2264c939be04bad97f4d75
|
4
|
+
data.tar.gz: 7ec3da2314db8b2b4d4c79e459626ac1a2ecfe6c7ef8fdd2f64cbb34485ab6c4
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: d2ad1bf73dfeb5e346cb704328965c4a9c5c853499c7ae1cf0845ae90feeaec74a29df7dcf968e2cd5f10abe3055529889873419a6eb883c4db3da97d41ea136
|
7
|
+
data.tar.gz: ae72cf25a49f230a128ecc8dad4e82926c0f76c4bd3b7bddb8e675d92944df3e4fed2c3ccf294e6a9c5714f219f0b64457ce9b1fdf89456f8f947dbf79d36e15
|
data/.rubocop.yml
CHANGED
data/CHANGELOG.md
CHANGED
@@ -6,6 +6,18 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
|
|
6
6
|
|
7
7
|
## [Unreleased]
|
8
8
|
|
9
|
+
## [0.4.0]
|
10
|
+
- Fix deprecated syntax on configuration
|
11
|
+
|
12
|
+
## [0.3.3]
|
13
|
+
- Improve test helpers to include `jti` and `exp` claims and accept user-supplied claims.
|
14
|
+
|
15
|
+
## [0.3.2]
|
16
|
+
- Fix - specify region on scoped aws client
|
17
|
+
|
18
|
+
## [0.3.1]
|
19
|
+
- Allow selection of `user_pool` when generating a jwt through the test helper
|
20
|
+
|
9
21
|
## [0.3.0]
|
10
22
|
- **Breaking Changes**: Configuration explicitly moved to `user_pools` object
|
11
23
|
|
@@ -27,7 +39,11 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
|
|
27
39
|
|
28
40
|
- Scratching the gem
|
29
41
|
|
30
|
-
[Unreleased]: https://github.com/barkibu/warden-cognito/compare/v0.
|
42
|
+
[Unreleased]: https://github.com/barkibu/warden-cognito/compare/v0.4.0...HEAD
|
43
|
+
[0.4.0]: https://github.com/barkibu/warden-cognito/compare/v0.3.3...v0.4.0
|
44
|
+
[0.3.3]: https://github.com/barkibu/warden-cognito/compare/v0.3.2...v0.3.3
|
45
|
+
[0.3.2]: https://github.com/barkibu/warden-cognito/compare/v0.3.1...v0.3.2
|
46
|
+
[0.3.1]: https://github.com/barkibu/warden-cognito/compare/v0.3.0...v0.3.1
|
31
47
|
[0.3.0]: https://github.com/barkibu/warden-cognito/compare/v0.2.3...v0.3.0
|
32
48
|
[0.2.3]: https://github.com/barkibu/warden-cognito/compare/v0.2.2...v0.2.3
|
33
49
|
[0.2.2]: https://github.com/barkibu/warden-cognito/compare/v0.2.1...v0.2.2
|
data/README.md
CHANGED
@@ -82,12 +82,12 @@ module Helpers
|
|
82
82
|
end
|
83
83
|
end
|
84
84
|
|
85
|
-
def auth_headers_for_user(user, headers = {})
|
86
|
-
Warden::Cognito::TestHelpers.auth_headers(headers, user)
|
85
|
+
def auth_headers_for_user(user, pool_identifier, headers = {})
|
86
|
+
Warden::Cognito::TestHelpers.auth_headers(headers, user, pool_identifier)
|
87
87
|
end
|
88
88
|
|
89
|
-
def jwt_for_user(user)
|
90
|
-
auth_headers_for_user(user)[:Authorization].split[1]
|
89
|
+
def jwt_for_user(user, pool_identifier)
|
90
|
+
auth_headers_for_user(user, pool_identifier)[:Authorization].split[1]
|
91
91
|
end
|
92
92
|
end
|
93
93
|
end
|
data/docker-compose.yml
CHANGED
@@ -5,7 +5,9 @@ module Warden
|
|
5
5
|
include HasUserPoolIdentifier
|
6
6
|
|
7
7
|
def jwt_issuer
|
8
|
-
|
8
|
+
return "#{user_pool.identifier}-#{jwk.issuer}" if jwk.issuer.present?
|
9
|
+
|
10
|
+
"https://cognito-idp.#{user_pool.region}.amazonaws.com/#{user_pool.pool_id}"
|
9
11
|
end
|
10
12
|
|
11
13
|
def issued?(token)
|
@@ -12,8 +12,9 @@ module Warden
|
|
12
12
|
Warden::Cognito.config.jwk = { key: jwk, issuer: local_issuer }
|
13
13
|
end
|
14
14
|
|
15
|
-
def auth_headers(headers, user
|
16
|
-
|
15
|
+
def auth_headers(headers, user, pool_identifier = Warden::Cognito.config.user_pools.first.identifier,
|
16
|
+
claims = {})
|
17
|
+
headers.merge(Authorization: "Bearer #{generate_token(user, pool_identifier, claims)}")
|
17
18
|
end
|
18
19
|
|
19
20
|
def local_issuer
|
@@ -22,10 +23,14 @@ module Warden
|
|
22
23
|
|
23
24
|
private
|
24
25
|
|
25
|
-
def generate_token(user)
|
26
|
-
payload = {
|
27
|
-
|
28
|
-
|
26
|
+
def generate_token(user, pool_identifier, claims = {})
|
27
|
+
payload = {
|
28
|
+
sub: user.object_id,
|
29
|
+
"#{identifying_attribute}": user.cognito_id,
|
30
|
+
iss: "#{pool_identifier}-#{local_issuer}",
|
31
|
+
jti: SecureRandom.uuid,
|
32
|
+
exp: 1.hour.from_now.to_i
|
33
|
+
}.merge(claims)
|
29
34
|
headers = { kid: jwk.kid }
|
30
35
|
JWT.encode(payload, jwk.keypair, 'RS256', headers)
|
31
36
|
end
|
data/lib/warden/cognito.rb
CHANGED
@@ -36,13 +36,13 @@ module Warden
|
|
36
36
|
module_function :jwk_config_keys, :jwk_instance, :user_pool_configuration_keys, :user_pool_configurations
|
37
37
|
|
38
38
|
setting :user_repository
|
39
|
-
setting
|
39
|
+
setting :identifying_attribute, default: 'sub', constructor: ->(attr) { attr.to_s }
|
40
40
|
setting :after_local_user_not_found
|
41
|
-
setting :cache, ActiveSupport::Cache::NullStore.new
|
41
|
+
setting :cache, default: ActiveSupport::Cache::NullStore.new
|
42
42
|
|
43
|
-
setting
|
43
|
+
setting :jwk, default: nil, constructor: ->(value) { jwk_instance(value) }
|
44
44
|
|
45
|
-
setting
|
45
|
+
setting :user_pools, default: [], constructor: ->(value) { user_pool_configurations(value) }
|
46
46
|
|
47
47
|
Import = Dry::AutoInject(config)
|
48
48
|
end
|
metadata
CHANGED
@@ -1,15 +1,15 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: warden-cognito
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 0.4.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Juan F. Pérez
|
8
8
|
- Léo Figea
|
9
|
-
autorequire:
|
9
|
+
autorequire:
|
10
10
|
bindir: exe
|
11
11
|
cert_chain: []
|
12
|
-
date:
|
12
|
+
date: 2022-01-10 00:00:00.000000000 Z
|
13
13
|
dependencies:
|
14
14
|
- !ruby/object:Gem::Dependency
|
15
15
|
name: activesupport
|
@@ -235,7 +235,7 @@ metadata:
|
|
235
235
|
homepage_uri: https://github.com/barkibu/warden-cognito
|
236
236
|
source_code_uri: https://github.com/barkibu/warden-cognito
|
237
237
|
changelog_uri: https://github.com/barkibu/warden-cognito/blob/master/CHANGELOG.md
|
238
|
-
post_install_message:
|
238
|
+
post_install_message:
|
239
239
|
rdoc_options: []
|
240
240
|
require_paths:
|
241
241
|
- lib
|
@@ -250,8 +250,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
250
250
|
- !ruby/object:Gem::Version
|
251
251
|
version: '0'
|
252
252
|
requirements: []
|
253
|
-
rubygems_version: 3.
|
254
|
-
signing_key:
|
253
|
+
rubygems_version: 3.1.4
|
254
|
+
signing_key:
|
255
255
|
specification_version: 4
|
256
256
|
summary: Amazon Cognito authentication for Warden
|
257
257
|
test_files: []
|