warden-jwt_auth 0.1.0 → 0.1.1

Sign up to get free protection for your applications and to get access to all the features.
Files changed (9) hide show
  1. checksums.yaml +4 -4
  2. data/.codeclimate.yml +2 -0
  3. data/.overcommit.yml +1 -0
  4. data/CHANGELOG.md +9 -0
  5. data/README.md +4 -1
  6. data/lib/warden/jwt_auth.rb +18 -15
  7. data/lib/warden/jwt_auth/token_encoder.rb +2 -0
  8. data/lib/warden/jwt_auth/version.rb +1 -1
  9. metadata +4 -3
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 94613bf0dc1c95f06be0cf8c4bc38b0a0f67b45f
4
- data.tar.gz: 7872eb474f7ca7b3c4b2c015c3d442aadd16df46
3
+ metadata.gz: 34e03053d7d0cbb4203ab4d6aa8bb7bfc676e761
4
+ data.tar.gz: 72b74b1f1615ddc0662cd0890ae607da8533d94a
5
5
  SHA512:
6
- metadata.gz: 8ece658df524ab614cd752b0c0b317221aeffe32600a3a40e5c419ffaf89c510afb7d38fac056264ba96482a78a50369d7e6a163aed697a5db49588188209b7c
7
- data.tar.gz: cd03343d7e9f303e3021ddf17601408b92fae71ae0b622ef5b60e0b959c2b132ded512429596ab516c4f3ffd7622d93471d31fc6d26634a95881d1542647894e
6
+ metadata.gz: 4c47f358804b6c9c686a8b0f04a4f090891bb16632668e8fc72003fe3d4bdde9ae725daa1e3e464210bd24a303c5eb7a4267cd585937e83326c38ec00848cf52
7
+ data.tar.gz: 232aa46affc391d94fa5c0a8b00adb24078294b2587a6fa7806595388a660aeade514a465f3803d452bda05a56e8d654243eed5408cb81b21b55d0ce8d0fb867
data/.codeclimate.yml CHANGED
@@ -15,3 +15,5 @@ ratings:
15
15
  - "**.rb"
16
16
  exclude_paths:
17
17
  - spec/
18
+ - Gemfile
19
+ - warden-jwt_auth.gemspec
data/.overcommit.yml CHANGED
@@ -11,6 +11,7 @@ CommitMsg:
11
11
  required: true
12
12
  exclude: &default_excludes
13
13
  - Gemfile
14
+ - CHANGELOG.md
14
15
  - warden-jwt_auth.gemspec
15
16
  - README.md
16
17
 
data/CHANGELOG.md ADDED
@@ -0,0 +1,9 @@
1
+ # Change Log
2
+ All notable changes to this project will be documented in this file.
3
+
4
+ The format is based on [Keep a Changelog](http://keepachangelog.com/)
5
+ and this project adheres to [Semantic Versioning](http://semver.org/).
6
+
7
+ ## [0.1.1] - 2017-02-28
8
+ ### Fixed
9
+ - Explicit require of `securerandom` standard library
data/README.md CHANGED
@@ -1,5 +1,6 @@
1
1
  # Warden::JWTAuth
2
2
 
3
+ [![Gem Version](https://badge.fury.io/rb/warden-jwt_auth.svg)](https://badge.fury.io/rb/warden-jwt_auth)
3
4
  [![Build Status](https://travis-ci.org/waiting-for-dev/warden-jwt_auth.svg?branch=master)](https://travis-ci.org/waiting-for-dev/warden-jwt_auth)
4
5
  [![Code Climate](https://codeclimate.com/github/waiting-for-dev/warden-jwt_auth/badges/gpa.svg)](https://codeclimate.com/github/waiting-for-dev/warden-jwt_auth)
5
6
  [![Test Coverage](https://codeclimate.com/github/waiting-for-dev/warden-jwt_auth/badges/coverage.svg)](https://codeclimate.com/github/waiting-for-dev/warden-jwt_auth/coverage)
@@ -11,7 +12,7 @@ You can read about which security concerns this library takes into account and a
11
12
  - [Stand Up for JWT Revocation](http://waiting-for-dev.github.io/blog/2017/01/23/stand_up_for_jwt_revocation/)
12
13
  - [JWT Recovation Strategies](http://waiting-for-dev.github.io/blog/2017/01/24/jwt_revocation_strategies/)
13
14
  - [JWT Secure Usage](http://waiting-for-dev.github.io/blog/2017/01/25/jwt_secure_usage/)
14
- - [A secure JWT authentication implementation for Rack and Rails](http://waiting-for-dev.github.io/blog/2017/01/26/a_secure_jwt_authentication_for_rack_and_rails)
15
+ - [A secure JWT authentication implementation for Rack and Rails](http://waiting-for-dev.github.io/blog/2017/01/26/a_secure_jwt_authentication_implementation_for_rack_and_rails/)
15
16
 
16
17
  If what you need is a JWT authentication library for [devise](https://github.com/plataformatec/devise), better look at [devise-jwt](https://github.com/waiting-for-dev/devise-jwt), which is just a thin layer on top of this gem.
17
18
 
@@ -31,6 +32,8 @@ Or install it yourself as:
31
32
 
32
33
  ## Usage
33
34
 
35
+ You can look at this gem's wiki to see some [example applications](https://github.com/waiting-for-dev/warden-jwt_auth/wiki). Please, add yours if you think it can help somebody.
36
+
34
37
  At its core, this library consists of:
35
38
 
36
39
  - A Warden strategy that authenticates a user if a valid JWT token is present in the request headers.
data/lib/warden/jwt_auth.rb CHANGED
@@ -30,11 +30,7 @@ module Warden
30
30
  # @see Interfaces::UserRepository
31
31
  # @see Interfaces::User
32
32
  setting(:mappings, {}) do |value|
33
- Hash[
34
- value.each_pair do |scope, mapping|
35
- [scope.to_sym, mapping]
36
- end
37
- ]
33
+ symbolize_keys(value)
38
34
  end
39
35
 
40
36
  # Array of tuples [request_method, request_path_regex] to match request
@@ -46,10 +42,7 @@ module Warden
46
42
  # ['POST', %r{^/sign_in$}]
47
43
  # ]
48
44
  setting(:dispatch_requests, []) do |value|
49
- value.map do |tuple|
50
- method, path = tuple
51
- [method.to_s.upcase, path]
52
- end
45
+ upcase_first_items(value)
53
46
  end
54
47
 
55
48
  # Array of tuples [request_method, request_path_regex] to match request
@@ -60,10 +53,7 @@ module Warden
60
53
  # ['DELETE', %r{^/sign_out$}]
61
54
  # ]
62
55
  setting :revocation_requests, [] do |value|
63
- value.map do |tuple|
64
- method, path = tuple
65
- [method.to_s.upcase, path]
66
- end
56
+ upcase_first_items(value)
67
57
  end
68
58
 
69
59
  # Hash with scopes as keys and values with the strategy to revoke tokens for
@@ -76,13 +66,26 @@ module Warden
76
66
  #
77
67
  # @see Interfaces::RevocationStrategy
78
68
  setting(:revocation_strategies, {}) do |value|
69
+ symbolize_keys(value)
70
+ end
71
+
72
+ # :reek:UtilityFunction
73
+ def self.symbolize_keys(hash)
79
74
  Hash[
80
- value.each_pair do |scope, strategy|
81
- [scope.to_sym, strategy]
75
+ hash.each_pair do |key, value|
76
+ [key.to_sym, value]
82
77
  end
83
78
  ]
84
79
  end
85
80
 
81
+ # :reek:UtilityFunction
82
+ def self.upcase_first_items(array)
83
+ array.map do |tuple|
84
+ method, path = tuple
85
+ [method.to_s.upcase, path]
86
+ end
87
+ end
88
+
86
89
  Import = Dry::AutoInject(config)
87
90
  end
88
91
  end
data/lib/warden/jwt_auth/token_encoder.rb CHANGED
@@ -1,5 +1,7 @@
1
1
  # frozen_string_literal: true
2
2
 
3
+ require 'securerandom'
4
+
3
5
  module Warden
4
6
  module JWTAuth
5
7
  # Encodes a payload into a JWT token, adding some configurable
data/lib/warden/jwt_auth/version.rb CHANGED
@@ -2,6 +2,6 @@
2
2
 
3
3
  module Warden
4
4
  module JWTAuth
5
- VERSION = '0.1.0'
5
+ VERSION = '0.1.1'
6
6
  end
7
7
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: warden-jwt_auth
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.1.0
4
+ version: 0.1.1
5
5
  platform: ruby
6
6
  authors:
7
7
  - Marc Busqué
8
8
  autorequire:
9
9
  bindir: exe
10
10
  cert_chain: []
11
- date: 2017-01-26 00:00:00.000000000 Z
11
+ date: 2017-02-28 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: dry-configurable
@@ -180,6 +180,7 @@ files:
180
180
  - ".rspec"
181
181
  - ".rubocop.yml"
182
182
  - ".travis.yml"
183
+ - CHANGELOG.md
183
184
  - CODE_OF_CONDUCT.md
184
185
  - Dockerfile
185
186
  - Gemfile
@@ -226,7 +227,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
226
227
  version: '0'
227
228
  requirements: []
228
229
  rubyforge_project:
229
- rubygems_version: 2.5.1
230
+ rubygems_version: 2.6.8
230
231
  signing_key:
231
232
  specification_version: 4
232
233
  summary: JWT authentication for Warden.