warden-cognito 0.3.0 → 0.4.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.rubocop.yml +2 -0
- data/CHANGELOG.md +17 -1
- data/README.md +4 -4
- data/docker-compose.yml +0 -1
- data/lib/warden/cognito/cognito_client.rb +1 -1
- data/lib/warden/cognito/jwk_loader.rb +3 -1
- data/lib/warden/cognito/test_helpers.rb +11 -6
- data/lib/warden/cognito/version.rb +1 -1
- data/lib/warden/cognito.rb +4 -4
- metadata +6 -6
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 72decab69c879a899d9468de899c6d53792975e5cb2264c939be04bad97f4d75
|
4
|
+
data.tar.gz: 7ec3da2314db8b2b4d4c79e459626ac1a2ecfe6c7ef8fdd2f64cbb34485ab6c4
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: d2ad1bf73dfeb5e346cb704328965c4a9c5c853499c7ae1cf0845ae90feeaec74a29df7dcf968e2cd5f10abe3055529889873419a6eb883c4db3da97d41ea136
|
7
|
+
data.tar.gz: ae72cf25a49f230a128ecc8dad4e82926c0f76c4bd3b7bddb8e675d92944df3e4fed2c3ccf294e6a9c5714f219f0b64457ce9b1fdf89456f8f947dbf79d36e15
|
data/.rubocop.yml
CHANGED
data/CHANGELOG.md
CHANGED
@@ -6,6 +6,18 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
|
|
6
6
|
|
7
7
|
## [Unreleased]
|
8
8
|
|
9
|
+
## [0.4.0]
|
10
|
+
- Fix deprecated syntax on configuration
|
11
|
+
|
12
|
+
## [0.3.3]
|
13
|
+
- Improve test helpers to include `jti` and `exp` claims and accept user-supplied claims.
|
14
|
+
|
15
|
+
## [0.3.2]
|
16
|
+
- Fix - specify region on scoped aws client
|
17
|
+
|
18
|
+
## [0.3.1]
|
19
|
+
- Allow selection of `user_pool` when generating a jwt through the test helper
|
20
|
+
|
9
21
|
## [0.3.0]
|
10
22
|
- **Breaking Changes**: Configuration explicitly moved to `user_pools` object
|
11
23
|
|
@@ -27,7 +39,11 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
|
|
27
39
|
|
28
40
|
- Scratching the gem
|
29
41
|
|
30
|
-
[Unreleased]: https://github.com/barkibu/warden-cognito/compare/v0.
|
42
|
+
[Unreleased]: https://github.com/barkibu/warden-cognito/compare/v0.4.0...HEAD
|
43
|
+
[0.4.0]: https://github.com/barkibu/warden-cognito/compare/v0.3.3...v0.4.0
|
44
|
+
[0.3.3]: https://github.com/barkibu/warden-cognito/compare/v0.3.2...v0.3.3
|
45
|
+
[0.3.2]: https://github.com/barkibu/warden-cognito/compare/v0.3.1...v0.3.2
|
46
|
+
[0.3.1]: https://github.com/barkibu/warden-cognito/compare/v0.3.0...v0.3.1
|
31
47
|
[0.3.0]: https://github.com/barkibu/warden-cognito/compare/v0.2.3...v0.3.0
|
32
48
|
[0.2.3]: https://github.com/barkibu/warden-cognito/compare/v0.2.2...v0.2.3
|
33
49
|
[0.2.2]: https://github.com/barkibu/warden-cognito/compare/v0.2.1...v0.2.2
|
data/README.md
CHANGED
@@ -82,12 +82,12 @@ module Helpers
|
|
82
82
|
end
|
83
83
|
end
|
84
84
|
|
85
|
-
def auth_headers_for_user(user, headers = {})
|
86
|
-
Warden::Cognito::TestHelpers.auth_headers(headers, user)
|
85
|
+
def auth_headers_for_user(user, pool_identifier, headers = {})
|
86
|
+
Warden::Cognito::TestHelpers.auth_headers(headers, user, pool_identifier)
|
87
87
|
end
|
88
88
|
|
89
|
-
def jwt_for_user(user)
|
90
|
-
auth_headers_for_user(user)[:Authorization].split[1]
|
89
|
+
def jwt_for_user(user, pool_identifier)
|
90
|
+
auth_headers_for_user(user, pool_identifier)[:Authorization].split[1]
|
91
91
|
end
|
92
92
|
end
|
93
93
|
end
|
data/docker-compose.yml
CHANGED
@@ -5,7 +5,9 @@ module Warden
|
|
5
5
|
include HasUserPoolIdentifier
|
6
6
|
|
7
7
|
def jwt_issuer
|
8
|
-
|
8
|
+
return "#{user_pool.identifier}-#{jwk.issuer}" if jwk.issuer.present?
|
9
|
+
|
10
|
+
"https://cognito-idp.#{user_pool.region}.amazonaws.com/#{user_pool.pool_id}"
|
9
11
|
end
|
10
12
|
|
11
13
|
def issued?(token)
|
@@ -12,8 +12,9 @@ module Warden
|
|
12
12
|
Warden::Cognito.config.jwk = { key: jwk, issuer: local_issuer }
|
13
13
|
end
|
14
14
|
|
15
|
-
def auth_headers(headers, user
|
16
|
-
|
15
|
+
def auth_headers(headers, user, pool_identifier = Warden::Cognito.config.user_pools.first.identifier,
|
16
|
+
claims = {})
|
17
|
+
headers.merge(Authorization: "Bearer #{generate_token(user, pool_identifier, claims)}")
|
17
18
|
end
|
18
19
|
|
19
20
|
def local_issuer
|
@@ -22,10 +23,14 @@ module Warden
|
|
22
23
|
|
23
24
|
private
|
24
25
|
|
25
|
-
def generate_token(user)
|
26
|
-
payload = {
|
27
|
-
|
28
|
-
|
26
|
+
def generate_token(user, pool_identifier, claims = {})
|
27
|
+
payload = {
|
28
|
+
sub: user.object_id,
|
29
|
+
"#{identifying_attribute}": user.cognito_id,
|
30
|
+
iss: "#{pool_identifier}-#{local_issuer}",
|
31
|
+
jti: SecureRandom.uuid,
|
32
|
+
exp: 1.hour.from_now.to_i
|
33
|
+
}.merge(claims)
|
29
34
|
headers = { kid: jwk.kid }
|
30
35
|
JWT.encode(payload, jwk.keypair, 'RS256', headers)
|
31
36
|
end
|
data/lib/warden/cognito.rb
CHANGED
@@ -36,13 +36,13 @@ module Warden
|
|
36
36
|
module_function :jwk_config_keys, :jwk_instance, :user_pool_configuration_keys, :user_pool_configurations
|
37
37
|
|
38
38
|
setting :user_repository
|
39
|
-
setting
|
39
|
+
setting :identifying_attribute, default: 'sub', constructor: ->(attr) { attr.to_s }
|
40
40
|
setting :after_local_user_not_found
|
41
|
-
setting :cache, ActiveSupport::Cache::NullStore.new
|
41
|
+
setting :cache, default: ActiveSupport::Cache::NullStore.new
|
42
42
|
|
43
|
-
setting
|
43
|
+
setting :jwk, default: nil, constructor: ->(value) { jwk_instance(value) }
|
44
44
|
|
45
|
-
setting
|
45
|
+
setting :user_pools, default: [], constructor: ->(value) { user_pool_configurations(value) }
|
46
46
|
|
47
47
|
Import = Dry::AutoInject(config)
|
48
48
|
end
|
metadata
CHANGED
@@ -1,15 +1,15 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: warden-cognito
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 0.4.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Juan F. Pérez
|
8
8
|
- Léo Figea
|
9
|
-
autorequire:
|
9
|
+
autorequire:
|
10
10
|
bindir: exe
|
11
11
|
cert_chain: []
|
12
|
-
date:
|
12
|
+
date: 2022-01-10 00:00:00.000000000 Z
|
13
13
|
dependencies:
|
14
14
|
- !ruby/object:Gem::Dependency
|
15
15
|
name: activesupport
|
@@ -235,7 +235,7 @@ metadata:
|
|
235
235
|
homepage_uri: https://github.com/barkibu/warden-cognito
|
236
236
|
source_code_uri: https://github.com/barkibu/warden-cognito
|
237
237
|
changelog_uri: https://github.com/barkibu/warden-cognito/blob/master/CHANGELOG.md
|
238
|
-
post_install_message:
|
238
|
+
post_install_message:
|
239
239
|
rdoc_options: []
|
240
240
|
require_paths:
|
241
241
|
- lib
|
@@ -250,8 +250,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
250
250
|
- !ruby/object:Gem::Version
|
251
251
|
version: '0'
|
252
252
|
requirements: []
|
253
|
-
rubygems_version: 3.
|
254
|
-
signing_key:
|
253
|
+
rubygems_version: 3.1.4
|
254
|
+
signing_key:
|
255
255
|
specification_version: 4
|
256
256
|
summary: Amazon Cognito authentication for Warden
|
257
257
|
test_files: []
|