warden-jwt_auth 0.3.5 → 0.5.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
-SHA1:
-  metadata.gz: 581e544d6b6fccb8635aac2719efefbbb5b760e8
-  data.tar.gz: e36d38d069f456bccc0b8eece033c7419da005ac
+SHA256:
+  metadata.gz: ac884c1ecfe8201fe9973503bcb067186a2683b290828d9b5bac8b3667929f6d
+  data.tar.gz: 26f14054831f628f83c083709fd8e044182eb28bcef092110c48c386009576fb
 SHA512:
-  metadata.gz: e8b1e212fa604ed3b2af19aa44392c625f6192869750d479be7af50f0c426c5961fa91497d95385d5bfa452b528fadf474283f744880debba8547c7d16329177
-  data.tar.gz: 67a9837cc9c55f1fd4cf1970d1891e68c3e59a8262e4161835e398b827fc1074b5f8df9ba3121196dec197e51237c024b0f708139e633437e4c0ba547c101385
+  metadata.gz: dadca31dc64203c56ca77c98e69a8bfc48813e2bf0a61a52ee8741f7a08df9c71d96aa481ca424e908b3ba1e8f979f36544244e8545bba6b0e83624ab96db1fa
+  data.tar.gz: 3c58c89cb5d42c462b071008c548d85649e1d88d7186e4d4cc9c987d72e9dbab9d2ddf4a3ed9eb99e017d8f0f66b76f4ccdb88ec584ef64b3bdc097ec69a06ee

data/.rubocop.yml

@@ -1,6 +1,6 @@
 require: rubocop-rspec
 AllCops:
-  TargetRubyVersion: 2.3
+  TargetRubyVersion: 2.6
 RSpec/NestedGroups:
   Max: 3
 RSpec/MessageSpies:
@@ -13,3 +13,5 @@ Metrics/BlockLength:
     - "spec/**/*.rb"
 Metrics/LineLength:
   Max: 100
+Naming/RescuedExceptionsVariableName:
+  PreferredName: exception

data/.travis.yml

@@ -1,9 +1,8 @@
-sudo: false
 language: ruby
 rvm:
-  - 2.2.6
-  - 2.3.3
-  - 2.4.0
+  - 2.5
+  - 2.6
+  - 2.7
 before_install:
   - gem update --system --no-doc
   - bundle install --gemfile=.overcommit_gems.rb

data/CHANGELOG.md

@@ -4,6 +4,28 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](http://keepachangelog.com/) 
 and this project adheres to [Semantic Versioning](http://semver.org/).
 
+## [0.5.0] 
+### Fixed
+- Fixed dry-configurable compatibility. ([28](https://github.com/waiting-for-dev/warden-jwt_auth/issues/28))
+
+## [0.4.2] - 2020-03-19
+### Fixed
+- Lock dry-configurable dependency to fix upstream regression. ([21](https://github.com/waiting-for-dev/warden-jwt_auth/issues/21))
+- Fix ruby 2.7 warnings (@trevorrjohn [23](https://github.com/waiting-for-dev/warden-jwt_auth/pull/23) )
+
+## [0.4.1] - 2020-02-23
+### Fixed
+- Upgrade dry-configurable dependency to fix upstream bug preventing
+  warden-jwt_auth to be loaded ([21](https://github.com/waiting-for-dev/warden-jwt_auth/issues/21)).
+
+## [0.4.0] - 2019-08-01
+### Added
+- Allow configuration of the signing algorithm ([19](https://github.com/waiting-for-dev/warden-jwt_auth/pull/19)].
+
+## [0.3.6] - 2019-03-29
+### Fixed
+- Update depencies.
+
 ## [0.3.5] - 2018-01-30
 ### Fixed
 - Do not disallow fetching JWT scopes from session

data/README.md

@@ -24,7 +24,7 @@ If what you need is a JWT authentication library for [devise](https://github.com
 ## Installation
 
 ```ruby
-gem 'warden-jwt_auth', '~> 0.3.5'
+gem 'warden-jwt_auth'
 ```
 
 And then execute:
@@ -59,7 +59,14 @@ end
 
 **Important:** You are encouraged to use a dedicated secret key, different than others in use in your application. If several components share the same secret key, chances that a vulnerability in one of them has a wider impact increase. Also, never share your secrets pushing it to a remote repository, you are better off using an environment variable like in the example.
 
-Currently, HS256 algorithm is the one in use.
+Currently, HS256 algorithm is the default.
+Configure the matching secret and algorithm name to use a different one (e.g. RS256) (see [ruby-jwt](https://github.com/jwt/ruby-jwt#algorithms-and-usage) to see which are supported)
+```ruby
+Warden::JWTAuth.configure do |config|
+  config.secret = OpenSSL::PKey::RSA.new(ENV['WARDEN_JWT_SECRET_KEY'])
+  config.algorithm = ENV['WARDEN_JWT_ALGORITHM']
+end
+```
 
 ### Warden scopes configuration
 

data/issue_template.md

@@ -0,0 +1,25 @@
+Please, for a bug report fill in the following template. Before that, make sure to read the whole [README](https://github.com/waiting-for-dev/warden-jwt_auth/blob/master/README.md).
+
+Feature requests and questions about `warden-jwt_auth` are also accepted.
+
+## Expected behavior
+
+## Actual behavior
+
+## Steps to Reproduce the Problem
+
+1.
+2.
+3.
+
+## Debugging information
+
+Provide following information. Please, format pasted output as code. Feel free to remove the secret key value.
+
+- Version of `warden-jwt_auth` in use
+- Output of `Warden::JWTAuth.config`
+- If your issue is related with not getting a JWT from the server:
+  - Involved request path, method and request headers
+  - Response headers for that request
+- If your issue is related with not being able to revoke a JWT:
+  - Involved request path, method and request headers

data/lib/warden/jwt_auth.rb

@@ -19,9 +19,33 @@ module Warden
   module JWTAuth
     extend Dry::Configurable
 
+    def symbolize_keys(hash)
+      hash.each_with_object({}) do |(key, value), memo|
+        memo[key.to_sym] = value
+      end
+    end
+
+    def upcase_first_items(array)
+      array.map do |tuple|
+        method, path = tuple
+        [method.to_s.upcase, path]
+      end
+    end
+
+    def constantize_values(hash)
+      hash.each_with_object({}) do |(key, value), memo|
+        memo[key] = value.is_a?(String) ? Object.const_get(value) : value
+      end
+    end
+
+    module_function :constantize_values, :symbolize_keys, :upcase_first_items
+
     # The secret used to encode the token
     setting :secret
 
+    # The algorithm used to encode the token
+    setting :algorithm, 'HS256'
+
     # Expiration time for tokens
     setting :expiration_time, 3600
 
@@ -35,7 +59,7 @@ module Warden
     # @see Interfaces::UserRepository
     # @see Interfaces::User
     setting(:mappings, {}) do |value|
-      symbolize_keys(value)
+      constantize_values(symbolize_keys(value))
     end
 
     # Array of tuples [request_method, request_path_regex] to match request
@@ -72,44 +96,10 @@ module Warden
     #
     # @see Interfaces::RevocationStrategy
     setting(:revocation_strategies, {}) do |value|
-      symbolize_keys(value)
-    end
-
-    # :reek:UtilityFunction
-    def self.symbolize_keys(hash)
-      Hash[
-        hash.each_pair do |key, value|
-          [key.to_sym, value]
-        end
-      ]
-    end
-
-    # :reek:UtilityFunction
-    def self.upcase_first_items(array)
-      array.map do |tuple|
-        method, path = tuple
-        [method.to_s.upcase, path]
-      end
+      constantize_values(symbolize_keys(value))
     end
 
     Import = Dry::AutoInject(config)
-
-    config.instance_eval do
-      def mappings
-        constantize_values(super)
-      end
-
-      def revocation_strategies
-        constantize_values(super)
-      end
-
-      # :reek:UtilityFunction
-      def constantize_values(hash)
-        hash.each_with_object({}) do |(key, value), memo|
-          memo[key] = value.is_a?(String) ? Object.const_get(value) : value
-        end
-      end
-    end
   end
 end
 

data/lib/warden/jwt_auth/header_parser.rb

@@ -16,6 +16,7 @@ module Warden
       def self.from_env(env)
         auth = EnvHelper.authorization_header(env)
         return nil unless auth
+
         method, token = auth.split
         method == METHOD ? token : nil
       end

data/lib/warden/jwt_auth/hooks.rb

@@ -24,6 +24,7 @@ module Warden
         env = auth.env
         scope = opts[:scope]
         return unless token_should_be_added?(scope, env)
+
         add_token_to_env(user, scope, env)
       end
 

data/lib/warden/jwt_auth/middleware/revocation_manager.rb

@@ -30,6 +30,7 @@ module Warden
           path_info = EnvHelper.path_info(env)
           method = EnvHelper.request_method(env)
           return unless token && token_should_be_revoked?(path_info, method)
+
           TokenRevoker.new.call(token)
         end
 

data/lib/warden/jwt_auth/payload_user_helper.rb

@@ -39,6 +39,7 @@ module Warden
         sub = user.jwt_subject
         payload = { 'sub' => String(sub), 'scp' => scope.to_s }
         return payload unless user.respond_to?(:jwt_payload)
+
         user.jwt_payload.merge(payload)
       end
     end

data/lib/warden/jwt_auth/token_decoder.rb

@@ -4,7 +4,7 @@ module Warden
   module JWTAuth
     # Decodes a JWT into a hash payload into a JWT token
     class TokenDecoder
-      include JWTAuth::Import['secret']
+      include JWTAuth::Import['secret', 'algorithm']
 
       # Decodes the payload from a JWT as a hash
       #
@@ -17,7 +17,7 @@ module Warden
         JWT.decode(token,
                    secret,
                    true,
-                   algorithm: TokenEncoder::ALG,
+                   algorithm: algorithm,
                    verify_jti: true)[0]
       end
     end

data/lib/warden/jwt_auth/token_encoder.rb

@@ -7,10 +7,7 @@ module Warden
     # Encodes a payload into a JWT token, adding some configurable
     # claims
     class TokenEncoder
-      include JWTAuth::Import['secret', 'expiration_time']
-
-      # Algorithm used to encode
-      ALG = 'HS256'
+      include JWTAuth::Import['secret', 'algorithm', 'expiration_time']
 
       # Encodes a payload into a JWT
       #
@@ -18,7 +15,7 @@ module Warden
       # @return [String] JWT
       def call(payload)
         payload_to_encode = merge_with_default_claims(payload)
-        JWT.encode(payload_to_encode, secret, ALG)
+        JWT.encode(payload_to_encode, secret, algorithm)
       end
 
       private

data/lib/warden/jwt_auth/user_decoder.rb

@@ -10,7 +10,7 @@ module Warden
 
       attr_reader :helper
 
-      def initialize(*args)
+      def initialize(**args)
         super
         @helper = PayloadUserHelper
       end
@@ -46,6 +46,7 @@ module Warden
 
       def check_valid_user(payload, user, scope)
         raise Errors::NilUser, 'nil user' unless user
+
         strategy = revocation_strategies[scope]
         raise Errors::RevokedToken, 'revoked token' if strategy.jwt_revoked?(payload, user)
       end

data/lib/warden/jwt_auth/version.rb

@@ -2,6 +2,6 @@
 
 module Warden
   module JWTAuth
-    VERSION = '0.3.5'
+    VERSION = '0.5.0'
   end
 end

data/warden-jwt_auth.gemspec

@@ -1,35 +1,36 @@
-# coding: utf-8
-lib = File.expand_path('../lib', __FILE__)
+# frozen_string_literal: true
+
+lib = File.expand_path('lib', __dir__)
 $LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
 require 'warden/jwt_auth/version'
 
 Gem::Specification.new do |spec|
-  spec.name          = "warden-jwt_auth"
+  spec.name          = 'warden-jwt_auth'
   spec.version       = Warden::JWTAuth::VERSION
-  spec.authors       = ["Marc Busqué"]
-  spec.email         = ["marc@lamarciana.com"]
+  spec.authors       = ['Marc Busqué']
+  spec.email         = ['marc@lamarciana.com']
 
-  spec.summary       = %q{JWT authentication for Warden.}
-  spec.description   = %q{JWT authentication for Warden, ORM agnostic and accepting the implementation of token revocation strategies.}
-  spec.homepage      = "https://github.com/waiting-for-dev/warden-jwt_auth"
-  spec.license       = "MIT"
+  spec.summary       = 'JWT authentication for Warden.'
+  spec.description   = 'JWT authentication for Warden, ORM agnostic and accepting the implementation of token revocation strategies.'
+  spec.homepage      = 'https://github.com/waiting-for-dev/warden-jwt_auth'
+  spec.license       = 'MIT'
 
   spec.files         = `git ls-files -z`.split("\x0").reject { |f| f.match(%r{^(test|spec|features)/}) }
-  spec.bindir        = "exe"
+  spec.bindir        = 'exe'
   spec.executables   = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
-  spec.require_paths = ["lib"]
+  spec.require_paths = ['lib']
 
-  spec.add_dependency 'dry-configurable', '~> 0.5'
-  spec.add_dependency 'dry-auto_inject', '~> 0.4'
+  spec.add_dependency 'dry-auto_inject', '~> 0.6'
+  spec.add_dependency 'dry-configurable', '~> 0.9'
   spec.add_dependency 'jwt', '~> 2.1'
   spec.add_dependency 'warden', '~> 1.2'
 
-  spec.add_development_dependency "bundler", "~> 1.12"
-  spec.add_development_dependency "rake", "~> 10.0"
-  spec.add_development_dependency "rspec", "~> 3.0"
-  spec.add_development_dependency "rack-test", "~> 0.6"
-  spec.add_development_dependency "pry-byebug", "~> 3.4"
+  spec.add_development_dependency 'bundler'
+  spec.add_development_dependency 'pry-byebug', '~> 3.7'
+  spec.add_development_dependency 'rack-test', '~> 1.1'
+  spec.add_development_dependency 'rake', '~> 12.3'
+  spec.add_development_dependency 'rspec', '~> 3.8'
   # Test reporting
-  spec.add_development_dependency 'simplecov', '~> 0.13'
   spec.add_development_dependency 'codeclimate-test-reporter', '~> 1.0'
+  spec.add_development_dependency 'simplecov', '0.17'
 end

metadata

@@ -1,43 +1,43 @@
 --- !ruby/object:Gem::Specification
 name: warden-jwt_auth
 version: !ruby/object:Gem::Version
-  version: 0.3.5
+  version: 0.5.0
 platform: ruby
 authors:
 - Marc Busqué
 autorequire: 
 bindir: exe
 cert_chain: []
-date: 2018-01-30 00:00:00.000000000 Z
+date: 2020-07-06 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
-  name: dry-configurable
+  name: dry-auto_inject
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '0.5'
+        version: '0.6'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '0.5'
+        version: '0.6'
 - !ruby/object:Gem::Dependency
-  name: dry-auto_inject
+  name: dry-configurable
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '0.4'
+        version: '0.9'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '0.4'
+        version: '0.9'
 - !ruby/object:Gem::Dependency
   name: jwt
   requirement: !ruby/object:Gem::Requirement
@@ -70,100 +70,100 @@ dependencies:
   name: bundler
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '1.12'
+        version: '0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '1.12'
+        version: '0'
 - !ruby/object:Gem::Dependency
-  name: rake
+  name: pry-byebug
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '10.0'
+        version: '3.7'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '10.0'
+        version: '3.7'
 - !ruby/object:Gem::Dependency
-  name: rspec
+  name: rack-test
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '3.0'
+        version: '1.1'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '3.0'
+        version: '1.1'
 - !ruby/object:Gem::Dependency
-  name: rack-test
+  name: rake
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '0.6'
+        version: '12.3'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '0.6'
+        version: '12.3'
 - !ruby/object:Gem::Dependency
-  name: pry-byebug
+  name: rspec
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '3.4'
+        version: '3.8'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '3.4'
+        version: '3.8'
 - !ruby/object:Gem::Dependency
-  name: simplecov
+  name: codeclimate-test-reporter
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '0.13'
+        version: '1.0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '0.13'
+        version: '1.0'
 - !ruby/object:Gem::Dependency
-  name: codeclimate-test-reporter
+  name: simplecov
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - '='
       - !ruby/object:Gem::Version
-        version: '1.0'
+        version: '0.17'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - '='
       - !ruby/object:Gem::Version
-        version: '1.0'
+        version: '0.17'
 description: JWT authentication for Warden, ORM agnostic and accepting the implementation
   of token revocation strategies.
 email:
@@ -190,6 +190,7 @@ files:
 - bin/console
 - bin/setup
 - docker-compose.yml
+- issue_template.md
 - lib/warden/jwt_auth.rb
 - lib/warden/jwt_auth/env_helper.rb
 - lib/warden/jwt_auth/errors.rb
@@ -228,7 +229,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubyforge_project: 
-rubygems_version: 2.6.8
+rubygems_version: 2.7.8
 signing_key: 
 specification_version: 4
 summary: JWT authentication for Warden.