warden-jwt_auth 0.1.4 → 0.2.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (9) hide show
  1. checksums.yaml +4 -4
  2. data/.rubocop.yml +2 -0
  3. data/CHANGELOG.md +7 -0
  4. data/README.md +1 -1
  5. data/lib/warden/jwt_auth/errors.rb +4 -0
  6. data/lib/warden/jwt_auth/strategy.rb +2 -2
  7. data/lib/warden/jwt_auth/user_decoder.rb +8 -2
  8. data/lib/warden/jwt_auth/version.rb +1 -1
  9. metadata +2 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 4082fce67deba19f7d0b8b1adf411676b7b30c4f
4
- data.tar.gz: 8b48402434ee8634dd7c06e359a4b4a9621df9b8
3
+ metadata.gz: 4a2ccfa065ae0684252e27bb7ec7e96ecf0d707d
4
+ data.tar.gz: c0a21d42ab4f41891f7a9cadd6edb273c2821dc0
5
5
  SHA512:
6
- metadata.gz: 274bf114481da6a87e527e51a3721053c3f094432fc59b4761a031d4972cf9dcf2eedbb657ab2ea490065cd2d218f10326ab7ca897d65d08249352688afe1113
7
- data.tar.gz: b0815f82470d23d7d06e6a3921196e907c2b6655bc1e9cc9303dbdf4e38c0d11e613cbccd1231ba4091cfecd1a7ab8d6820cc2f48282bd784b9cc46e3425d602
6
+ metadata.gz: 5ce27233145e6481666a408fc2d92066364a04601a127b3b92fc7100aec4318afb077c7909ed3b6a7b5cf66983d82b5111aa67b234c0e7baa32791f10c11dfdd
7
+ data.tar.gz: 9b423f5b1f7304f91bc88385fbf451cab180c2cb7673071dcf98d594dada87a68398d5876a639a2e38baccc2bc89e02a88c47aa0427d414a83ec01b5a4039d07
data/.rubocop.yml CHANGED
@@ -11,3 +11,5 @@ RSpec/ContextWording:
11
11
  Metrics/BlockLength:
12
12
  Exclude:
13
13
  - "spec/**/*.rb"
14
+ Metrics/LineLength:
15
+ Max: 100
data/CHANGELOG.md CHANGED
@@ -4,6 +4,13 @@ All notable changes to this project will be documented in this file.
4
4
  The format is based on [Keep a Changelog](http://keepachangelog.com/)
5
5
  and this project adheres to [Semantic Versioning](http://semver.org/).
6
6
 
7
+ ## [0.2.0] - 2017-11-23
8
+ ### Added
9
+ - `fail!` with message
10
+
11
+ ### Fixed
12
+ - Unauthorize when fetched user is nil
13
+
7
14
  ## [0.1.4] - 2017-11-21
8
15
  ### Fixed
9
16
  - Update `jwt` dependency
data/README.md CHANGED
@@ -24,7 +24,7 @@ If what you need is a JWT authentication library for [devise](https://github.com
24
24
  ## Installation
25
25
 
26
26
  ```ruby
27
- gem 'warden-jwt_auth', '~> 0.1.4'
27
+ gem 'warden-jwt_auth', '~> 0.2.0'
28
28
  ```
29
29
 
30
30
  And then execute:
data/lib/warden/jwt_auth/errors.rb CHANGED
@@ -8,6 +8,10 @@ module Warden
8
8
  class RevokedToken < JWT::DecodeError
9
9
  end
10
10
 
11
+ # Error raised when the user decoded from a token is nil
12
+ class NilUser < JWT::DecodeError
13
+ end
14
+
11
15
  # Error raised when trying to decode a token for an scope that doesn't
12
16
  # match the one encoded in the payload
13
17
  class WrongScope < JWT::DecodeError
data/lib/warden/jwt_auth/strategy.rb CHANGED
@@ -20,8 +20,8 @@ module Warden
20
20
  def authenticate!
21
21
  user = UserDecoder.new.call(token, scope)
22
22
  success!(user)
23
- rescue JWT::DecodeError
24
- fail!
23
+ rescue JWT::DecodeError => e
24
+ fail!(e.message)
25
25
  end
26
26
 
27
27
  private
data/lib/warden/jwt_auth/user_decoder.rb CHANGED
@@ -24,13 +24,14 @@ module Warden
24
24
  # @return [Interfaces::User] an user, whatever it is
25
25
  # @raise [Errors::RevokedToken] when token has been revoked for the
26
26
  # encoded user
27
+ # @raise [Errors::NilUser] when decoded user is nil
27
28
  # @raise [Errors::WrongScope] when encoded scope does not match with scope
28
29
  # argument
29
30
  def call(token, scope)
30
31
  payload = TokenDecoder.new.call(token)
31
- raise Errors::WrongScope unless helper.scope_matches?(payload, scope)
32
+ raise Errors::WrongScope, 'wrong scope' unless helper.scope_matches?(payload, scope)
32
33
  user = helper.find_user(payload)
33
- raise Errors::RevokedToken if revoked?(payload, user, scope)
34
+ check_valid_user(payload, user, scope)
34
35
  user
35
36
  end
36
37
 
@@ -40,6 +41,11 @@ module Warden
40
41
  strategy = revocation_strategies[scope]
41
42
  strategy.jwt_revoked?(payload, user)
42
43
  end
44
+
45
+ def check_valid_user(payload, user, scope)
46
+ raise Errors::NilUser, 'nil user' unless user
47
+ raise Errors::RevokedToken, 'revoked token' if revoked?(payload, user, scope)
48
+ end
43
49
  end
44
50
  end
45
51
  end
data/lib/warden/jwt_auth/version.rb CHANGED
@@ -2,6 +2,6 @@
2
2
 
3
3
  module Warden
4
4
  module JWTAuth
5
- VERSION = '0.1.4'
5
+ VERSION = '0.2.0'
6
6
  end
7
7
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: warden-jwt_auth
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.1.4
4
+ version: 0.2.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Marc Busqué
8
8
  autorequire:
9
9
  bindir: exe
10
10
  cert_chain: []
11
- date: 2017-11-21 00:00:00.000000000 Z
11
+ date: 2017-11-23 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: dry-configurable