warden-jwt_auth 0.5.0 → 0.6.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: ac884c1ecfe8201fe9973503bcb067186a2683b290828d9b5bac8b3667929f6d
-  data.tar.gz: 26f14054831f628f83c083709fd8e044182eb28bcef092110c48c386009576fb
+  metadata.gz: d51f6ca62ae932ecce00a1302bcf89afa9e39a073d64e2e1ed8573b1f35ac887
+  data.tar.gz: c412529d04dcb06a4360accaff043d5a11948ac6acc621f795b0d53087abe360
 SHA512:
-  metadata.gz: dadca31dc64203c56ca77c98e69a8bfc48813e2bf0a61a52ee8741f7a08df9c71d96aa481ca424e908b3ba1e8f979f36544244e8545bba6b0e83624ab96db1fa
-  data.tar.gz: 3c58c89cb5d42c462b071008c548d85649e1d88d7186e4d4cc9c987d72e9dbab9d2ddf4a3ed9eb99e017d8f0f66b76f4ccdb88ec584ef64b3bdc097ec69a06ee
+  metadata.gz: 917659441336dbdd2f7dce8e4e29ac0ed278e7961ab1c6f209eed25e6e8d613b59154c302fd27695a2432c8cc9aa8bd09eca52958132ba96cb0d3590ee6bafa9
+  data.tar.gz: e7acd7d7922d344056f16fc7412bbf2241780dafb573ba550915de60dc371738d63a70acf363778c7bcd38e6e5e38b78f2eb237c5b3d3448616e90e44dc54b26

data/.codeclimate.yml

@@ -8,8 +8,6 @@ engines:
     enabled: true
   rubocop:
     enabled: true
-  reek:
-    enabled: true
 ratings:
   paths:
   - "**.rb"

data/.rubocop.yml

@@ -1,17 +1,51 @@
 require: rubocop-rspec
 AllCops:
-  TargetRubyVersion: 2.6
+  TargetRubyVersion: 2.7
+  Exclude:
+    - Gemfile
+    - warden-jwt_auth.gemspec
+    - spec/support/shared_contexts/*rb
+    - vendor/**/*
 RSpec/NestedGroups:
   Max: 3
-RSpec/MessageSpies:
-  EnforcedStyle: 'receive'
-RSpec/ContextWording:
-  Exclude:
-    - "spec/support/shared_contexts/*rb"
+RSpec/MessageExpectation:
+  EnforcedStyle: 'expect'
 Metrics/BlockLength:
   Exclude:
     - "spec/**/*.rb"
-Metrics/LineLength:
-  Max: 100
-Naming/RescuedExceptionsVariableName:
-  PreferredName: exception
+Style/SafeNavigation:
+  Enabled: false
+Layout/EmptyLinesAroundAttributeAccessor:
+  Enabled: true
+Layout/SpaceAroundMethodCallOperator:
+  Enabled: true
+Lint/DeprecatedOpenSSLConstant:
+  Enabled: true
+Lint/MixedRegexpCaptureTypes:
+  Enabled: true
+Lint/RaiseException:
+  Enabled: true
+Lint/StructNewOverride:
+  Enabled: true
+Style/AccessorGrouping:
+  Enabled: true
+Style/BisectedAttrAccessor:
+  Enabled: true
+Style/ExponentialNotation:
+  Enabled: true
+Style/HashEachMethods:
+  Enabled: true
+Style/HashTransformKeys:
+  Enabled: true
+Style/HashTransformValues:
+  Enabled: true
+Style/RedundantAssignment:
+  Enabled: true
+Style/RedundantFetchBlock:
+  Enabled: true
+Style/RedundantRegexpCharacterClass:
+  Enabled: true
+Style/RedundantRegexpEscape:
+  Enabled: true
+Style/SlicingWithRange:
+  Enabled: true

data/.travis.yml

@@ -1,19 +1,20 @@
 language: ruby
+cache: bundler
 rvm:
-  - 2.5
   - 2.6
   - 2.7
+  - 3.0
+  - ruby-head
 before_install:
   - gem update --system --no-doc
-  - bundle install --gemfile=.overcommit_gems.rb
-before_script:
-  - git config --global user.email 'travis@travis.ci'
-  - git config --global user.name 'Travis CI'
+  - gem install bundler
 script:
   - bundle exec rspec
+  - bundle exec rubocop
   - bundle exec codeclimate-test-reporter
-  - overcommit --sign
-  - overcommit --run
+jobs:
+  allow_failures:
+    - rvm: ruby-head
 addons:
   code_climate:
     repo_token:

data/CHANGELOG.md

@@ -4,6 +4,10 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](http://keepachangelog.com/) 
 and this project adheres to [Semantic Versioning](http://semver.org/).
 
+## [0.6.0] 
+- Support ruby 3.0 and deprecate 2.5
+- Fixed dry-configurable compatibility. ([28](https://github.com/waiting-for-dev/warden-jwt_auth/issues/28))
+
 ## [0.5.0] 
 ### Fixed
 - Fixed dry-configurable compatibility. ([28](https://github.com/waiting-for-dev/warden-jwt_auth/issues/28))

data/Dockerfile

@@ -1,8 +1,5 @@
-FROM ruby:2.3.1
-ENV APP_HOME /app/
-ENV LIB_DIR lib/warden/jwt_auth/
-RUN mkdir -p $APP_HOME/$LIB_DIR
-WORKDIR $APP_HOME
-COPY Gemfile *gemspec $APP_HOME
-COPY $LIB_DIR/version.rb $APP_HOME/$LIB_DIR
-RUN bundle install
+FROM ruby:3.0.0
+ENV APP_USER warden_jwt_auth_user
+RUN useradd -ms /bin/bash $APP_USER
+USER $APP_USER
+WORKDIR /home/$APP_USER/app

data/README.md

@@ -14,10 +14,10 @@ off with a solution using refresh tokens, like some implementation of OAuth2.
 
 You can read about which security concerns this library takes into account and about JWT generic secure usage in the following series of posts:
 
-- [Stand Up for JWT Revocation](http://waiting-for-dev.github.io/blog/2017/01/23/stand_up_for_jwt_revocation/)
-- [JWT Revocation Strategies](http://waiting-for-dev.github.io/blog/2017/01/24/jwt_revocation_strategies/)
-- [JWT Secure Usage](http://waiting-for-dev.github.io/blog/2017/01/25/jwt_secure_usage/)
-- [A secure JWT authentication implementation for Rack and Rails](http://waiting-for-dev.github.io/blog/2017/01/26/a_secure_jwt_authentication_implementation_for_rack_and_rails/)
+- [Stand Up for JWT Revocation](http://waiting-for-dev.github.io/blog/2017/01/23/stand_up_for_jwt_revocation)
+- [JWT Revocation Strategies](http://waiting-for-dev.github.io/blog/2017/01/24/jwt_revocation_strategies)
+- [JWT Secure Usage](http://waiting-for-dev.github.io/blog/2017/01/25/jwt_secure_usage)
+- [A secure JWT authentication implementation for Rack and Rails](http://waiting-for-dev.github.io/blog/2017/01/26/a_secure_jwt_authentication_implementation_for_rack_and_rails)
 
 If what you need is a JWT authentication library for [devise](https://github.com/plataformatec/devise), better look at [devise-jwt](https://github.com/waiting-for-dev/devise-jwt), which is just a thin layer on top of this gem.
 
@@ -195,14 +195,6 @@ An then, for example:
 
 `docker-compose exec app rspec`
 
-This gem uses [overcommit](https://github.com/brigade/overcommit) to execute some code review engines. If you submit a pull request, it will be executed in the CI process. In order to set it up, you need to do:
-
-```ruby
-bundle install --gemfile=.overcommit_gems.rb
-overcommit --sign
-overcommit --run # To test if it works
-```
-
 ## Contributing
 
 Bug reports and pull requests are welcome on GitHub at https://github.com/waiting-for-dev/warden-jwt_auth. This project is intended to be a safe, welcoming space for collaboration, and contributors are expected to adhere to the [Contributor Covenant](http://contributor-covenant.org) code of conduct.

data/docker-compose.yml

@@ -2,6 +2,11 @@ version: '2'
 services:
   app:
     build: .
-    command: tail -f Gemfile
+    image: warden_jwt_auth
+    command: bash -c "bundle && tail -f Gemfile"
     volumes:
-      - .:/app
+      - .:/home/warden_jwt_auth_user/app
+    tty: true
+    stdin_open: true
+    tmpfs:
+      - /tmp

data/lib/warden/jwt_auth/hooks.rb

@@ -34,8 +34,6 @@ module Warden
         jwt_scope?(scope) && request_matches?(path_info, method)
       end
 
-      # :reek:ManualDispatch
-      # :reek:UtilityFunction
       def add_token_to_env(user, scope, env)
         aud = EnvHelper.aud_header(env)
         token, payload = UserEncoder.new.call(user, scope, aud)
@@ -48,7 +46,6 @@ module Warden
         jwt_scopes.include?(scope)
       end
 
-      # :reek:ControlParameter
       def request_matches?(path_info, method)
         dispatch_requests.each do |tuple|
           dispatch_method, dispatch_path = tuple

data/lib/warden/jwt_auth/middleware/revocation_manager.rb

@@ -34,7 +34,6 @@ module Warden
           TokenRevoker.new.call(token)
         end
 
-        # :reek:ControlParameter
         def token_should_be_revoked?(path_info, method)
           revocation_requests = config.revocation_requests
           revocation_requests.each do |tuple|

data/lib/warden/jwt_auth/middleware/token_dispatcher.rb

@@ -24,7 +24,6 @@ module Warden
 
         private
 
-        # :reek:UtilityFunction
         def headers_with_token(env, headers)
           token = env[Hooks::PREPARED_TOKEN_ENV_KEY]
           token ? HeaderParser.to_headers(headers, token) : headers

data/lib/warden/jwt_auth/middleware.rb

@@ -14,7 +14,6 @@ module Warden
         @app = app
       end
 
-      # :reek:FeatureEnvy
       def call(env)
         builder = Rack::Builder.new
         builder.use(RevocationManager)

data/lib/warden/jwt_auth/payload_user_helper.rb

@@ -34,7 +34,6 @@ module Warden
       # @param user [Interfaces::User] an user, whatever it is
       # @param scope [Symbol] A Warden scope
       # @return [Hash] payload to encode
-      # :reek:ManualDispatch
       def self.payload_for_user(user, scope)
         sub = user.jwt_subject
         payload = { 'sub' => String(sub), 'scp' => scope.to_s }

data/lib/warden/jwt_auth/strategy.rb

@@ -6,9 +6,7 @@ module Warden
   module JWTAuth
     # Warden strategy to authenticate an user through a JWT token in the
     # `Authorization` request header
-    # :reek:PrimaDonnaMethod
     class Strategy < Warden::Strategies::Base
-      # :reek:NilCheck
       def valid?
         !token.nil?
       end
@@ -21,8 +19,8 @@ module Warden
         aud = EnvHelper.aud_header(env)
         user = UserDecoder.new.call(token, scope, aud)
         success!(user)
-      rescue JWT::DecodeError => exception
-        fail!(exception.message)
+      rescue JWT::DecodeError => e
+        fail!(e.message)
       end
 
       private

data/lib/warden/jwt_auth/token_encoder.rb

@@ -20,12 +20,11 @@ module Warden
 
       private
 
-      #:reek:FeatureEnvy
       def merge_with_default_claims(payload)
         now = Time.now.to_i
-        payload['iat']  ||= now
-        payload['exp']  ||= now + expiration_time
-        payload['jti']  ||= SecureRandom.uuid
+        payload['iat'] ||= now
+        payload['exp'] ||= now + expiration_time
+        payload['jti'] ||= SecureRandom.uuid
         payload
       end
     end

data/lib/warden/jwt_auth/token_revoker.rb

@@ -14,10 +14,10 @@ module Warden
         scope = payload['scp'].to_sym
         user = PayloadUserHelper.find_user(payload)
         revocation_strategies[scope].revoke_jwt(payload, user)
-      # rubocop:disable Lint/HandleExceptions
+      # rubocop:disable Lint/SuppressedException
       rescue JWT::ExpiredSignature
       end
-      # rubocop:enable Lint/HandleExceptions
+      # rubocop:enable Lint/SuppressedException
     end
   end
 end

data/lib/warden/jwt_auth/version.rb

@@ -2,6 +2,6 @@
 
 module Warden
   module JWTAuth
-    VERSION = '0.5.0'
+    VERSION = '0.6.0'
   end
 end

data/lib/warden/jwt_auth.rb

@@ -20,9 +20,7 @@ module Warden
     extend Dry::Configurable
 
     def symbolize_keys(hash)
-      hash.each_with_object({}) do |(key, value), memo|
-        memo[key.to_sym] = value
-      end
+      hash.transform_keys(&:to_sym)
     end
 
     def upcase_first_items(array)
@@ -33,8 +31,8 @@ module Warden
     end
 
     def constantize_values(hash)
-      hash.each_with_object({}) do |(key, value), memo|
-        memo[key] = value.is_a?(String) ? Object.const_get(value) : value
+      hash.transform_values do |value|
+        value.is_a?(String) ? Object.const_get(value) : value
       end
     end
 
@@ -44,23 +42,23 @@ module Warden
     setting :secret
 
     # The algorithm used to encode the token
-    setting :algorithm, 'HS256'
+    setting :algorithm, default: 'HS256'
 
     # Expiration time for tokens
-    setting :expiration_time, 3600
+    setting :expiration_time, default: 3600
 
     # Request header which value will be encoded as `aud` claim in JWT. If
     # the header is not present `aud` will be `nil`.
-    setting :aud_header, 'JWT_AUD'
+    setting :aud_header, default: 'JWT_AUD'
 
     # A hash of warden scopes as keys and user repositories as values. The
     # values can be either the constants themselves or the constant names.
     #
     # @see Interfaces::UserRepository
     # @see Interfaces::User
-    setting(:mappings, {}) do |value|
-      constantize_values(symbolize_keys(value))
-    end
+    setting(:mappings,
+            default: {},
+            constructor: ->(value) { constantize_values(symbolize_keys(value)) })
 
     # Array of tuples [request_method, request_path_regex] to match request
     # verbs and paths where a JWT token should be added to the `Authorization`
@@ -70,9 +68,9 @@ module Warden
     #  [
     #    ['POST', %r{^/sign_in$}]
     #  ]
-    setting(:dispatch_requests, []) do |value|
-      upcase_first_items(value)
-    end
+    setting(:dispatch_requests,
+            default: [],
+            constructor: ->(value) { upcase_first_items(value) })
 
     # Array of tuples [request_method, request_path_regex] to match request
     # verbs and paths where incoming JWT token should be be revoked
@@ -81,9 +79,9 @@ module Warden
     #  [
     #    ['DELETE', %r{^/sign_out$}]
     #  ]
-    setting :revocation_requests, [] do |value|
-      upcase_first_items(value)
-    end
+    setting(:revocation_requests,
+            default: [],
+            constructor: ->(value) { upcase_first_items(value) })
 
     # Hash with scopes as keys and strategies to revoke tokens for that scope
     # as values. The values can be either the constants themselves or the
@@ -95,9 +93,9 @@ module Warden
     #  }
     #
     # @see Interfaces::RevocationStrategy
-    setting(:revocation_strategies, {}) do |value|
-      constantize_values(symbolize_keys(value))
-    end
+    setting(:revocation_strategies,
+            default: {},
+            constructor: ->(value) { constantize_values(symbolize_keys(value)) })
 
     Import = Dry::AutoInject(config)
   end

data/warden-jwt_auth.gemspec

@@ -20,8 +20,8 @@ Gem::Specification.new do |spec|
   spec.executables   = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
   spec.require_paths = ['lib']
 
-  spec.add_dependency 'dry-auto_inject', '~> 0.6'
-  spec.add_dependency 'dry-configurable', '~> 0.9'
+  spec.add_dependency 'dry-auto_inject', '~> 0.8'
+  spec.add_dependency 'dry-configurable', '~> 0.13'
   spec.add_dependency 'jwt', '~> 2.1'
   spec.add_dependency 'warden', '~> 1.2'
 
@@ -30,6 +30,9 @@ Gem::Specification.new do |spec|
   spec.add_development_dependency 'rack-test', '~> 1.1'
   spec.add_development_dependency 'rake', '~> 12.3'
   spec.add_development_dependency 'rspec', '~> 3.8'
+  # Cops
+  spec.add_development_dependency 'rubocop', '~> 0.87'
+  spec.add_development_dependency 'rubocop-rspec', '~> 1.42'
   # Test reporting
   spec.add_development_dependency 'codeclimate-test-reporter', '~> 1.0'
   spec.add_development_dependency 'simplecov', '0.17'

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: warden-jwt_auth
 version: !ruby/object:Gem::Version
-  version: 0.5.0
+  version: 0.6.0
 platform: ruby
 authors:
 - Marc Busqué
 autorequire: 
 bindir: exe
 cert_chain: []
-date: 2020-07-06 00:00:00.000000000 Z
+date: 2021-09-21 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: dry-auto_inject
@@ -16,28 +16,28 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '0.6'
+        version: '0.8'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '0.6'
+        version: '0.8'
 - !ruby/object:Gem::Dependency
   name: dry-configurable
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '0.9'
+        version: '0.13'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '0.9'
+        version: '0.13'
 - !ruby/object:Gem::Dependency
   name: jwt
   requirement: !ruby/object:Gem::Requirement
@@ -136,6 +136,34 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: '3.8'
+- !ruby/object:Gem::Dependency
+  name: rubocop
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.87'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.87'
+- !ruby/object:Gem::Dependency
+  name: rubocop-rspec
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.42'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.42'
 - !ruby/object:Gem::Dependency
   name: codeclimate-test-reporter
   requirement: !ruby/object:Gem::Requirement
@@ -174,9 +202,6 @@ extra_rdoc_files: []
 files:
 - ".codeclimate.yml"
 - ".gitignore"
-- ".overcommit.yml"
-- ".overcommit_gems.rb"
-- ".reek"
 - ".rspec"
 - ".rubocop.yml"
 - ".travis.yml"
@@ -228,8 +253,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubyforge_project: 
-rubygems_version: 2.7.8
+rubygems_version: 3.1.2
 signing_key: 
 specification_version: 4
 summary: JWT authentication for Warden.

data/.overcommit.yml

@@ -1,54 +0,0 @@
-#
-# Select version of overcommit and the other tools from Gemfile
-#
-gemfile: .overcommit_gems.rb
-
-#
-# Hooks that are run against every commit message after a user has written it.
-#
-CommitMsg:
-  ALL:
-    required: true
-    exclude: &default_excludes
-      - Gemfile
-      - CHANGELOG.md
-      - warden-jwt_auth.gemspec
-      - README.md
-
-  HardTabs:
-    enabled: true
-
-  SingleLineSubject:
-    enabled: true
-
-#
-# Hooks that are run after `git commit` is executed, before the commit message
-# editor is displayed.
-#
-PreCommit:
-  ALL:
-    required: true
-    exclude: *default_excludes
-
-  BundleAudit:
-    enabled: true
-
-  BundleCheck:
-    enabled: true
-
-  LocalPathsInGemfile:
-    enabled: true
-
-  ExecutePermissions:
-    enabled: true
-    exclude:
-      - bin/*
-
-  Reek:
-    enabled: true
-
-  RuboCop:
-    enabled: true
-
-  TrailingWhitespace:
-    enabled: true

data/.overcommit_gems.rb

@@ -1,15 +0,0 @@
-# frozen_string_literal: true
-
-source 'https://rubygems.org'
-
-gem 'overcommit', '~> 0.36'
-
-# Patch-level verification for Bundled apps
-gem 'bundler-audit', '~> 0.5'
-
-# Ruby code smell reporter
-gem 'reek', '~> 4.5'
-
-# Ruby code style checking
-gem 'rubocop', '~> 0.43'
-gem 'rubocop-rspec', '~> 1.7'