RubyGems - warden-jwt_auth - Versions diffs - 0.10.0 → 0.11.0 - Mend

warden-jwt_auth 0.10.0 → 0.11.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (11) hide show

checksums.yaml +4 -4
data/.github/workflows/ci.yml +21 -0
data/.github/workflows/lint.yml +17 -0
data/CHANGELOG.md +6 -3
data/README.md +1 -1
data/lib/warden/jwt_auth/hooks.rb +1 -2
data/lib/warden/jwt_auth/strategy.rb +11 -1
data/lib/warden/jwt_auth/version.rb +1 -1
data/lib/warden/jwt_auth.rb +2 -2
metadata +4 -3
data/.travis.yml +0 -21

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 260c2b0490d54bd3d4c2b359774209e3f326429b41fc7cbceb310253e9d55b46
-  data.tar.gz: 6f43001c9de49f7cbd9c071a881344d50e0eb9c157552100407f0fa65c1ff3a5
+  metadata.gz: 0b1a585fc4b4ab038046cf25e745fdebb4363001374d31a3ab4c31b41e35b10e
+  data.tar.gz: e6e3ed8c59296a260b80d851a26fbd347662571b6650987d791dcaa1e9e2ef44
 SHA512:
-  metadata.gz: 6c017145c06a747e5966e382940cf94b2dc247027a9c19b466a127a85ad5809db085d8e17483531a341c1f208b2fc25e8b007a994b387afc5fcf41c6d2256104
-  data.tar.gz: 5fee963870a4f3bf0ecb356d764610e146f6d4557817b21c0d9f53ef4ba304449b3ea35d12e548ffaa02a9b12060e8099af18a4b9f68a47b4878cc8755df2a47
+  metadata.gz: 38e048fa380035adf7907ce3839911d0515686537a2cc6e7e96bce559006ef54aadcfadbfaf0edf73ab26d285e9de3593d5cbbd35e935c050f8b3423e4db8a2d
+  data.tar.gz: 80ffb413ffcf71cea9cf68e766a55a4f22a03f7f1f9128a7746be1357b2cca2b06a60ca8863533625c6c2298ffd859e6afd9303bc19be5580d9e52fdcb8196af

data/.github/workflows/ci.yml ADDED Viewed

@@ -0,0 +1,21 @@
+name: CI
+on: [push, pull_request]
+jobs:
+  test:
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        ruby-version: ['3.0', '3.1', '3.2', '3.3', ruby-head]
+    steps:
+    - uses: actions/checkout@v4
+    - name: Set up Ruby ${{ matrix.ruby-version }}
+      uses: ruby/setup-ruby@v1
+      with:
+        ruby-version: ${{ matrix.ruby-version }}
+        bundler-cache: true # 'bundle install' and cache
+    - name: Run specs
+      run: |
+        bundle exec rspec

data/.github/workflows/lint.yml ADDED Viewed

@@ -0,0 +1,17 @@
+name: Lint
+on: [push, pull_request]
+jobs:
+  lint:
+    runs-on: ubuntu-latest
+    steps:
+    - uses: actions/checkout@v4
+    - name: Set up Ruby ${{ matrix.ruby-version }}
+      uses: ruby/setup-ruby@v1
+      with:
+        ruby-version: 2.7
+        bundler-cache: true # 'bundle install' and cache
+    - name: Run specs
+      run: |
+        bundle exec rubocop

data/CHANGELOG.md CHANGED Viewed

@@ -4,10 +4,13 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](http://keepachangelog.com/)
 and this project adheres to [Semantic Versioning](http://semver.org/).
-## [0.10.0] - 2024-07-10
-- Add support for configurable token header ([55](https://github.com/waiting-for-dev/warden-jwt_auth/pull/55))
+## [0.11.0] - 2024-12-20
+- Prevent strategy from running when the current path matches a dispatch request ([60](https://github.com/waiting-for-dev/warden-jwt_auth/pull/60))
-## [0.9.0] - 2024-06-28
+## [0.10.1] - 2024-12-15
+- Fix version mismatch
+## [0.8.0] - 2024-06-28
 - Add support for issue claim ([56](https://github.com/waiting-for-dev/warden-jwt_auth/pull/56))
 ## [0.8.0] - 2023-01-31

data/README.md CHANGED Viewed

@@ -175,7 +175,7 @@ config.revocation_strategies = { user: RevocationStrategy }
 The implementation of the revocation strategy is also on your side. They just need to implement two methods: `jwt_revoked?` and `revoke_jwt`, both of them accepting as parameters the JWT payload and the user record, in this order.
-You can read about which [JWT recovation strategies](http://waiting-for-dev.github.io/blog/2017/01/24/jwt_revocation_strategies/) can be implement with their pros and cons.
+You can read about which [JWT recovation strategies](http://waiting-for-dev.github.io/blog/2017/01/24/jwt_revocation_strategies) can be implement with their pros and cons.
 ```ruby
 module RevocationStrategy

data/lib/warden/jwt_auth/hooks.rb CHANGED Viewed

@@ -47,8 +47,7 @@ module Warden
       end
       def request_matches?(path_info, method)
-        dispatch_requests.each do |tuple|
-          dispatch_method, dispatch_path = tuple
+        dispatch_requests.each do |(dispatch_method, dispatch_path)|
           return true if path_info.match(dispatch_path) &&
                          method == dispatch_method
         end

data/lib/warden/jwt_auth/strategy.rb CHANGED Viewed

@@ -7,8 +7,10 @@ module Warden
     # Warden strategy to authenticate an user through a JWT token in the
     # `Authorization` request header
     class Strategy < Warden::Strategies::Base
+      include JWTAuth::Import['dispatch_requests']
       def valid?
-        token_exists? && issuer_claim_valid?
+        token_exists? && issuer_claim_valid? && !path_is_dispatch_request_path?
       end
       def store?
@@ -25,6 +27,14 @@ module Warden
       private
+      def path_is_dispatch_request_path?
+        current_path = EnvHelper.path_info(env)
+        request_method = EnvHelper.request_method(env)
+        dispatch_requests.any? do |(dispatch_method, dispatch_path)|
+          request_method == dispatch_method && current_path.match(dispatch_path)
+        end
+      end
       def issuer_claim_valid?
         configured_issuer = Warden::JWTAuth.config.issuer
         return true if configured_issuer.nil?

data/lib/warden/jwt_auth/version.rb CHANGED Viewed

@@ -2,6 +2,6 @@
 module Warden
   module JWTAuth
-    VERSION = '0.10.0'
+    VERSION = '0.11.0'
   end
 end

data/lib/warden/jwt_auth.rb CHANGED Viewed

@@ -19,6 +19,8 @@ module Warden
   module JWTAuth
     extend Dry::Configurable
+    module_function
     def symbolize_keys(hash)
       hash.transform_keys(&:to_sym)
     end
@@ -36,8 +38,6 @@ module Warden
       end
     end
-    module_function :constantize_values, :symbolize_keys, :upcase_first_items
     # The secret used to encode the token
     setting :secret

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: warden-jwt_auth
 version: !ruby/object:Gem::Version
-  version: 0.10.0
+  version: 0.11.0
 platform: ruby
 authors:
 - Marc Busqué
 autorequire:
 bindir: exe
 cert_chain: []
-date: 2024-07-10 00:00:00.000000000 Z
+date: 2024-12-20 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: dry-auto_inject
@@ -214,10 +214,11 @@ extra_rdoc_files: []
 files:
 - ".codeclimate.yml"
 - ".github/FUNDING.yml"
+- ".github/workflows/ci.yml"
+- ".github/workflows/lint.yml"
 - ".gitignore"
 - ".rspec"
 - ".rubocop.yml"
-- ".travis.yml"
 - CHANGELOG.md
 - CODE_OF_CONDUCT.md
 - Dockerfile

data/.travis.yml DELETED Viewed

@@ -1,21 +0,0 @@
-language: ruby
-cache: bundler
-rvm:
-  - 2.6
-  - 2.7
-  - 3.0
-  - ruby-head
-before_install:
-  - gem update --system --no-doc
-  - gem install bundler
-script:
-  - bundle exec rspec
-  - bundle exec rubocop
-  - bundle exec codeclimate-test-reporter
-jobs:
-  allow_failures:
-    - rvm: ruby-head
-addons:
-  code_climate:
-    repo_token:
-      secure: neJ5LVLV6vgeCnerSQjUpLuQDvxEH87iW8swCSWl2hTtPcD/GuwYSeSXnhH72HVHi/9basHHhaYPcE2YeBwBCr39PhiHMNwS5GGGk/RGjKpU/Gt1KXV8KXTbNGT4v+ZMM3cdsdDfe8OnzGguNVsdxseHa3KE2pyuvo2a0swXwKa7BU9VB/3ZoZvvfI3Xr9im4eklWam5yCwVR0FOF7epzmNTKMXcUga2BOc9PV5aVELzLILLCHCJSCupe5Rx8mfcsRoRmZXKduF8Ke3eq8eULvLEo4EGfC107najOqrKt7x8uDVIsuGrP4LUQ4ainmNEb2jIvpjuqAxpusMjhpjCINF1Tn0OXK93OXAp4QKeIYoYEqKtzRxX0TWFNWHB8ombF9HTMF2DmloDZyFRiI40JSMImU0hc4MDxRgiTW5MDWGbohDaJ+9VV6+rIqtlEfLhgj1grFBAroaJce9BB7RQEmfsZPzhC2VXwGxHw/YkJgzBNGq1/9E1DoTY9RPSNTQfSRodhI3XW8LSQSHTBeXZvymVcjeOyYgjzJYviLHR8QS4cXpUALtlFXyaMkPHUBLUn8XsBa5Azfh5y3qPMGiJq1/qaHA4mKj5ls+ngFbzOq82sYGAKgQHj/ZDb+FZMQQanp4jyWADKcpXcmINb9jEQwkU0bjpuhUYtghASxH1Kl8=