warden-jwt_auth 0.9.0 → 0.10.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +4 -1
- data/README.md +1 -1
- data/lib/warden/jwt_auth/env_helper.rb +17 -7
- data/lib/warden/jwt_auth/header_parser.rb +3 -3
- data/lib/warden/jwt_auth/version.rb +1 -1
- data/lib/warden/jwt_auth.rb +3 -0
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 260c2b0490d54bd3d4c2b359774209e3f326429b41fc7cbceb310253e9d55b46
|
|
4
|
+
data.tar.gz: 6f43001c9de49f7cbd9c071a881344d50e0eb9c157552100407f0fa65c1ff3a5
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 6c017145c06a747e5966e382940cf94b2dc247027a9c19b466a127a85ad5809db085d8e17483531a341c1f208b2fc25e8b007a994b387afc5fcf41c6d2256104
|
|
7
|
+
data.tar.gz: 5fee963870a4f3bf0ecb356d764610e146f6d4557817b21c0d9f53ef4ba304449b3ea35d12e548ffaa02a9b12060e8099af18a4b9f68a47b4878cc8755df2a47
|
data/CHANGELOG.md
CHANGED
|
@@ -4,7 +4,10 @@ All notable changes to this project will be documented in this file.
|
|
|
4
4
|
The format is based on [Keep a Changelog](http://keepachangelog.com/)
|
|
5
5
|
and this project adheres to [Semantic Versioning](http://semver.org/).
|
|
6
6
|
|
|
7
|
-
## [0.
|
|
7
|
+
## [0.10.0] - 2024-07-10
|
|
8
|
+
- Add support for configurable token header ([55](https://github.com/waiting-for-dev/warden-jwt_auth/pull/55))
|
|
9
|
+
|
|
10
|
+
## [0.9.0] - 2024-06-28
|
|
8
11
|
- Add support for issue claim ([56](https://github.com/waiting-for-dev/warden-jwt_auth/pull/56))
|
|
9
12
|
|
|
10
13
|
## [0.8.0] - 2023-01-31
|
data/README.md
CHANGED
|
@@ -145,7 +145,7 @@ config.dispatch_requests = [
|
|
|
145
145
|
|
|
146
146
|
**Important**: You are encouraged to delimit your regular expression with `^` and `$` to avoid unintentional matches.
|
|
147
147
|
|
|
148
|
-
Tokens will be returned in the `Authorization` response header, with format `Bearer #{token}`.
|
|
148
|
+
Tokens will be returned in the `Authorization` response header (configurable via `config.token_header`), with format `Bearer #{token}`.
|
|
149
149
|
|
|
150
150
|
### Requests authentication
|
|
151
151
|
|
|
@@ -25,16 +25,17 @@ module Warden
|
|
|
25
25
|
env['REQUEST_METHOD']
|
|
26
26
|
end
|
|
27
27
|
|
|
28
|
-
# Returns
|
|
28
|
+
# Returns header configured through `token_header` option
|
|
29
29
|
#
|
|
30
30
|
# @param env [Hash] Rack env
|
|
31
31
|
# @return [String]
|
|
32
32
|
def self.authorization_header(env)
|
|
33
|
-
|
|
33
|
+
header_env_name = env_name(JWTAuth.config.token_header)
|
|
34
|
+
env[header_env_name]
|
|
34
35
|
end
|
|
35
36
|
|
|
36
|
-
# Returns a copy of `env` with value added to the
|
|
37
|
-
#
|
|
37
|
+
# Returns a copy of `env` with value added to the environment variable
|
|
38
|
+
# configured through `token_header` option
|
|
38
39
|
#
|
|
39
40
|
# Be aware than `env` is not modified in place and still an updated copy
|
|
40
41
|
# is returned.
|
|
@@ -44,7 +45,8 @@ module Warden
|
|
|
44
45
|
# @return [Hash] modified rack env
|
|
45
46
|
def self.set_authorization_header(env, value)
|
|
46
47
|
env = env.dup
|
|
47
|
-
|
|
48
|
+
header_env_name = env_name(JWTAuth.config.token_header)
|
|
49
|
+
env[header_env_name] = value
|
|
48
50
|
env
|
|
49
51
|
end
|
|
50
52
|
|
|
@@ -53,8 +55,16 @@ module Warden
|
|
|
53
55
|
# @param env [Hash] Rack env
|
|
54
56
|
# @return [String]
|
|
55
57
|
def self.aud_header(env)
|
|
56
|
-
|
|
57
|
-
env[
|
|
58
|
+
header_env_name = env_name(JWTAuth.config.aud_header)
|
|
59
|
+
env[header_env_name]
|
|
60
|
+
end
|
|
61
|
+
|
|
62
|
+
# Returns the ENV name for a given header
|
|
63
|
+
#
|
|
64
|
+
# @param header [String] Header name
|
|
65
|
+
# @return [String]
|
|
66
|
+
def self.env_name(header)
|
|
67
|
+
('HTTP_' + header.upcase).tr('-', '_')
|
|
58
68
|
end
|
|
59
69
|
end
|
|
60
70
|
end
|
|
@@ -21,8 +21,8 @@ module Warden
|
|
|
21
21
|
method == METHOD ? token : nil
|
|
22
22
|
end
|
|
23
23
|
|
|
24
|
-
# Returns a copy of `env` with token added to the
|
|
25
|
-
#
|
|
24
|
+
# Returns a copy of `env` with token added to the header configured through
|
|
25
|
+
# `token_header` option. Be aware than `env` is not modified in place.
|
|
26
26
|
#
|
|
27
27
|
# @param env [Hash] rack env hash
|
|
28
28
|
# @param token [String] JWT token
|
|
@@ -39,7 +39,7 @@ module Warden
|
|
|
39
39
|
# @return [Hash] response headers with the token added
|
|
40
40
|
def self.to_headers(headers, token)
|
|
41
41
|
headers = headers.dup
|
|
42
|
-
headers[
|
|
42
|
+
headers[JWTAuth.config.token_header] = "#{METHOD} #{token}"
|
|
43
43
|
headers
|
|
44
44
|
end
|
|
45
45
|
end
|
data/lib/warden/jwt_auth.rb
CHANGED
|
@@ -53,6 +53,9 @@ module Warden
|
|
|
53
53
|
# Expiration time for tokens
|
|
54
54
|
setting :expiration_time, default: 3600
|
|
55
55
|
|
|
56
|
+
# Request header that will be used for receiving and returning the token.
|
|
57
|
+
setting :token_header, default: 'Authorization'
|
|
58
|
+
|
|
56
59
|
# The issuer claims associated with the tokens
|
|
57
60
|
#
|
|
58
61
|
# Will be used to only apply the warden strategy when the issuer matches.
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: warden-jwt_auth
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.10.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Marc Busqué
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: exe
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2024-
|
|
11
|
+
date: 2024-07-10 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: dry-auto_inject
|