warden-jwt_auth 0.1.0 → 0.1.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (9) hide show
  1. checksums.yaml +4 -4
  2. data/.codeclimate.yml +2 -0
  3. data/.overcommit.yml +1 -0
  4. data/CHANGELOG.md +9 -0
  5. data/README.md +4 -1
  6. data/lib/warden/jwt_auth.rb +18 -15
  7. data/lib/warden/jwt_auth/token_encoder.rb +2 -0
  8. data/lib/warden/jwt_auth/version.rb +1 -1
  9. metadata +4 -3
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 94613bf0dc1c95f06be0cf8c4bc38b0a0f67b45f
4
- data.tar.gz: 7872eb474f7ca7b3c4b2c015c3d442aadd16df46
3
+ metadata.gz: 34e03053d7d0cbb4203ab4d6aa8bb7bfc676e761
4
+ data.tar.gz: 72b74b1f1615ddc0662cd0890ae607da8533d94a
5
5
  SHA512:
6
- metadata.gz: 8ece658df524ab614cd752b0c0b317221aeffe32600a3a40e5c419ffaf89c510afb7d38fac056264ba96482a78a50369d7e6a163aed697a5db49588188209b7c
7
- data.tar.gz: cd03343d7e9f303e3021ddf17601408b92fae71ae0b622ef5b60e0b959c2b132ded512429596ab516c4f3ffd7622d93471d31fc6d26634a95881d1542647894e
6
+ metadata.gz: 4c47f358804b6c9c686a8b0f04a4f090891bb16632668e8fc72003fe3d4bdde9ae725daa1e3e464210bd24a303c5eb7a4267cd585937e83326c38ec00848cf52
7
+ data.tar.gz: 232aa46affc391d94fa5c0a8b00adb24078294b2587a6fa7806595388a660aeade514a465f3803d452bda05a56e8d654243eed5408cb81b21b55d0ce8d0fb867
data/.codeclimate.yml CHANGED
@@ -15,3 +15,5 @@ ratings:
15
15
  - "**.rb"
16
16
  exclude_paths:
17
17
  - spec/
18
+ - Gemfile
19
+ - warden-jwt_auth.gemspec
data/.overcommit.yml CHANGED
@@ -11,6 +11,7 @@ CommitMsg:
11
11
  required: true
12
12
  exclude: &default_excludes
13
13
  - Gemfile
14
+ - CHANGELOG.md
14
15
  - warden-jwt_auth.gemspec
15
16
  - README.md
16
17
 
data/CHANGELOG.md ADDED
@@ -0,0 +1,9 @@
1
+ # Change Log
2
+ All notable changes to this project will be documented in this file.
3
+
4
+ The format is based on [Keep a Changelog](http://keepachangelog.com/)
5
+ and this project adheres to [Semantic Versioning](http://semver.org/).
6
+
7
+ ## [0.1.1] - 2017-02-28
8
+ ### Fixed
9
+ - Explicit require of `securerandom` standard library
data/README.md CHANGED
@@ -1,5 +1,6 @@
1
1
  # Warden::JWTAuth
2
2
 
3
+ [![Gem Version](https://badge.fury.io/rb/warden-jwt_auth.svg)](https://badge.fury.io/rb/warden-jwt_auth)
3
4
  [![Build Status](https://travis-ci.org/waiting-for-dev/warden-jwt_auth.svg?branch=master)](https://travis-ci.org/waiting-for-dev/warden-jwt_auth)
4
5
  [![Code Climate](https://codeclimate.com/github/waiting-for-dev/warden-jwt_auth/badges/gpa.svg)](https://codeclimate.com/github/waiting-for-dev/warden-jwt_auth)
5
6
  [![Test Coverage](https://codeclimate.com/github/waiting-for-dev/warden-jwt_auth/badges/coverage.svg)](https://codeclimate.com/github/waiting-for-dev/warden-jwt_auth/coverage)
@@ -11,7 +12,7 @@ You can read about which security concerns this library takes into account and a
11
12
  - [Stand Up for JWT Revocation](http://waiting-for-dev.github.io/blog/2017/01/23/stand_up_for_jwt_revocation/)
12
13
  - [JWT Recovation Strategies](http://waiting-for-dev.github.io/blog/2017/01/24/jwt_revocation_strategies/)
13
14
  - [JWT Secure Usage](http://waiting-for-dev.github.io/blog/2017/01/25/jwt_secure_usage/)
14
- - [A secure JWT authentication implementation for Rack and Rails](http://waiting-for-dev.github.io/blog/2017/01/26/a_secure_jwt_authentication_for_rack_and_rails)
15
+ - [A secure JWT authentication implementation for Rack and Rails](http://waiting-for-dev.github.io/blog/2017/01/26/a_secure_jwt_authentication_implementation_for_rack_and_rails/)
15
16
 
16
17
  If what you need is a JWT authentication library for [devise](https://github.com/plataformatec/devise), better look at [devise-jwt](https://github.com/waiting-for-dev/devise-jwt), which is just a thin layer on top of this gem.
17
18
 
@@ -31,6 +32,8 @@ Or install it yourself as:
31
32
 
32
33
  ## Usage
33
34
 
35
+ You can look at this gem's wiki to see some [example applications](https://github.com/waiting-for-dev/warden-jwt_auth/wiki). Please, add yours if you think it can help somebody.
36
+
34
37
  At its core, this library consists of:
35
38
 
36
39
  - A Warden strategy that authenticates a user if a valid JWT token is present in the request headers.
data/lib/warden/jwt_auth.rb CHANGED
@@ -30,11 +30,7 @@ module Warden
30
30
  # @see Interfaces::UserRepository
31
31
  # @see Interfaces::User
32
32
  setting(:mappings, {}) do |value|
33
- Hash[
34
- value.each_pair do |scope, mapping|
35
- [scope.to_sym, mapping]
36
- end
37
- ]
33
+ symbolize_keys(value)
38
34
  end
39
35
 
40
36
  # Array of tuples [request_method, request_path_regex] to match request
@@ -46,10 +42,7 @@ module Warden
46
42
  # ['POST', %r{^/sign_in$}]
47
43
  # ]
48
44
  setting(:dispatch_requests, []) do |value|
49
- value.map do |tuple|
50
- method, path = tuple
51
- [method.to_s.upcase, path]
52
- end
45
+ upcase_first_items(value)
53
46
  end
54
47
 
55
48
  # Array of tuples [request_method, request_path_regex] to match request
@@ -60,10 +53,7 @@ module Warden
60
53
  # ['DELETE', %r{^/sign_out$}]
61
54
  # ]
62
55
  setting :revocation_requests, [] do |value|
63
- value.map do |tuple|
64
- method, path = tuple
65
- [method.to_s.upcase, path]
66
- end
56
+ upcase_first_items(value)
67
57
  end
68
58
 
69
59
  # Hash with scopes as keys and values with the strategy to revoke tokens for
@@ -76,13 +66,26 @@ module Warden
76
66
  #
77
67
  # @see Interfaces::RevocationStrategy
78
68
  setting(:revocation_strategies, {}) do |value|
69
+ symbolize_keys(value)
70
+ end
71
+
72
+ # :reek:UtilityFunction
73
+ def self.symbolize_keys(hash)
79
74
  Hash[
80
- value.each_pair do |scope, strategy|
81
- [scope.to_sym, strategy]
75
+ hash.each_pair do |key, value|
76
+ [key.to_sym, value]
82
77
  end
83
78
  ]
84
79
  end
85
80
 
81
+ # :reek:UtilityFunction
82
+ def self.upcase_first_items(array)
83
+ array.map do |tuple|
84
+ method, path = tuple
85
+ [method.to_s.upcase, path]
86
+ end
87
+ end
88
+
86
89
  Import = Dry::AutoInject(config)
87
90
  end
88
91
  end
data/lib/warden/jwt_auth/token_encoder.rb CHANGED
@@ -1,5 +1,7 @@
1
1
  # frozen_string_literal: true
2
2
 
3
+ require 'securerandom'
4
+
3
5
  module Warden
4
6
  module JWTAuth
5
7
  # Encodes a payload into a JWT token, adding some configurable
data/lib/warden/jwt_auth/version.rb CHANGED
@@ -2,6 +2,6 @@
2
2
 
3
3
  module Warden
4
4
  module JWTAuth
5
- VERSION = '0.1.0'
5
+ VERSION = '0.1.1'
6
6
  end
7
7
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: warden-jwt_auth
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.1.0
4
+ version: 0.1.1
5
5
  platform: ruby
6
6
  authors:
7
7
  - Marc Busqué
8
8
  autorequire:
9
9
  bindir: exe
10
10
  cert_chain: []
11
- date: 2017-01-26 00:00:00.000000000 Z
11
+ date: 2017-02-28 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: dry-configurable
@@ -180,6 +180,7 @@ files:
180
180
  - ".rspec"
181
181
  - ".rubocop.yml"
182
182
  - ".travis.yml"
183
+ - CHANGELOG.md
183
184
  - CODE_OF_CONDUCT.md
184
185
  - Dockerfile
185
186
  - Gemfile
@@ -226,7 +227,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
226
227
  version: '0'
227
228
  requirements: []
228
229
  rubyforge_project:
229
- rubygems_version: 2.5.1
230
+ rubygems_version: 2.6.8
230
231
  signing_key:
231
232
  specification_version: 4
232
233
  summary: JWT authentication for Warden.