warden-jwt_auth 0.9.0 → 0.10.1

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 639d91603d4e369d3d94c0dadc24816c08019ebdfef3c093fc9b8cd79a5d6bd3
4
- data.tar.gz: 39f9a053ed2af021eed742b94aa3e2360481c5120d8690085d40773470ec21e2
3
+ metadata.gz: 60f3a20e896744f9907bae893ef869cebf5240e3250c98ea9e642aee65f69971
4
+ data.tar.gz: c3fcb1ebf73d1553d8b91c2195b465095ed9b0cf888ccf0a4474f6ccbba7329e
5
5
  SHA512:
6
- metadata.gz: 727924aa4f6c6a993548c397e108bdb43b281047928aeaf8dcbe0a291784aa4bc4e2f25804b36a7d5549cb858e3006ba7997b0ec6d3dc762196586fe282aeedb
7
- data.tar.gz: 9152d951c19f477c23cde9e0e1b5437f8b33821e39825e355a1edfedf14ce3f7b14ea5798e0b1ae23ffb274892c58287dbdab1d06f38c49393f23a9007006f53
6
+ metadata.gz: a7a29ff7471a33da771a5a5ace1906e7e017aa3640f79779d1cd42c8edf1e52d2c3470489021c4826eefa7bf4023135260347cc004a2df9ddfcdb639a3fa0dfe
7
+ data.tar.gz: d9192d67594cc4f86392b5d45b3f41ed13e7321cc52406168f9edb073bcc985c384252000713c20294c6a38ed8fe8960ff544216cd73f9a3c74447050c8176a7
data/CHANGELOG.md CHANGED
@@ -4,6 +4,9 @@ All notable changes to this project will be documented in this file.
4
4
  The format is based on [Keep a Changelog](http://keepachangelog.com/)
5
5
  and this project adheres to [Semantic Versioning](http://semver.org/).
6
6
 
7
+ ## [0.10.1] - 2024-12-15
8
+ - Fix version mismatch
9
+
7
10
  ## [0.8.0] - 2024-06-28
8
11
  - Add support for issue claim ([56](https://github.com/waiting-for-dev/warden-jwt_auth/pull/56))
9
12
 
data/README.md CHANGED
@@ -145,7 +145,7 @@ config.dispatch_requests = [
145
145
 
146
146
  **Important**: You are encouraged to delimit your regular expression with `^` and `$` to avoid unintentional matches.
147
147
 
148
- Tokens will be returned in the `Authorization` response header, with format `Bearer #{token}`.
148
+ Tokens will be returned in the `Authorization` response header (configurable via `config.token_header`), with format `Bearer #{token}`.
149
149
 
150
150
  ### Requests authentication
151
151
 
@@ -175,7 +175,7 @@ config.revocation_strategies = { user: RevocationStrategy }
175
175
 
176
176
  The implementation of the revocation strategy is also on your side. They just need to implement two methods: `jwt_revoked?` and `revoke_jwt`, both of them accepting as parameters the JWT payload and the user record, in this order.
177
177
 
178
- You can read about which [JWT recovation strategies](http://waiting-for-dev.github.io/blog/2017/01/24/jwt_revocation_strategies/) can be implement with their pros and cons.
178
+ You can read about which [JWT recovation strategies](http://waiting-for-dev.github.io/blog/2017/01/24/jwt_revocation_strategies) can be implement with their pros and cons.
179
179
 
180
180
  ```ruby
181
181
  module RevocationStrategy
@@ -25,16 +25,17 @@ module Warden
25
25
  env['REQUEST_METHOD']
26
26
  end
27
27
 
28
- # Returns HTTP_AUTHORIZATION environment variable
28
+ # Returns header configured through `token_header` option
29
29
  #
30
30
  # @param env [Hash] Rack env
31
31
  # @return [String]
32
32
  def self.authorization_header(env)
33
- env['HTTP_AUTHORIZATION']
33
+ header_env_name = env_name(JWTAuth.config.token_header)
34
+ env[header_env_name]
34
35
  end
35
36
 
36
- # Returns a copy of `env` with value added to the `HTTP_AUTHORIZATION`
37
- # environment variable.
37
+ # Returns a copy of `env` with value added to the environment variable
38
+ # configured through `token_header` option
38
39
  #
39
40
  # Be aware than `env` is not modified in place and still an updated copy
40
41
  # is returned.
@@ -44,7 +45,8 @@ module Warden
44
45
  # @return [Hash] modified rack env
45
46
  def self.set_authorization_header(env, value)
46
47
  env = env.dup
47
- env['HTTP_AUTHORIZATION'] = value
48
+ header_env_name = env_name(JWTAuth.config.token_header)
49
+ env[header_env_name] = value
48
50
  env
49
51
  end
50
52
 
@@ -53,8 +55,16 @@ module Warden
53
55
  # @param env [Hash] Rack env
54
56
  # @return [String]
55
57
  def self.aud_header(env)
56
- env_name = ('HTTP_' + JWTAuth.config.aud_header.upcase).tr('-', '_')
57
- env[env_name]
58
+ header_env_name = env_name(JWTAuth.config.aud_header)
59
+ env[header_env_name]
60
+ end
61
+
62
+ # Returns the ENV name for a given header
63
+ #
64
+ # @param header [String] Header name
65
+ # @return [String]
66
+ def self.env_name(header)
67
+ ('HTTP_' + header.upcase).tr('-', '_')
58
68
  end
59
69
  end
60
70
  end
@@ -21,8 +21,8 @@ module Warden
21
21
  method == METHOD ? token : nil
22
22
  end
23
23
 
24
- # Returns a copy of `env` with token added to the `HTTP_AUTHORIZATION`
25
- # header. Be aware than `env` is not modified in place.
24
+ # Returns a copy of `env` with token added to the header configured through
25
+ # `token_header` option. Be aware than `env` is not modified in place.
26
26
  #
27
27
  # @param env [Hash] rack env hash
28
28
  # @param token [String] JWT token
@@ -39,7 +39,7 @@ module Warden
39
39
  # @return [Hash] response headers with the token added
40
40
  def self.to_headers(headers, token)
41
41
  headers = headers.dup
42
- headers['Authorization'] = "#{METHOD} #{token}"
42
+ headers[JWTAuth.config.token_header] = "#{METHOD} #{token}"
43
43
  headers
44
44
  end
45
45
  end
@@ -2,6 +2,6 @@
2
2
 
3
3
  module Warden
4
4
  module JWTAuth
5
- VERSION = '0.9.0'
5
+ VERSION = '0.10.1'
6
6
  end
7
7
  end
@@ -53,6 +53,9 @@ module Warden
53
53
  # Expiration time for tokens
54
54
  setting :expiration_time, default: 3600
55
55
 
56
+ # Request header that will be used for receiving and returning the token.
57
+ setting :token_header, default: 'Authorization'
58
+
56
59
  # The issuer claims associated with the tokens
57
60
  #
58
61
  # Will be used to only apply the warden strategy when the issuer matches.
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: warden-jwt_auth
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.9.0
4
+ version: 0.10.1
5
5
  platform: ruby
6
6
  authors:
7
7
  - Marc Busqué
8
8
  autorequire:
9
9
  bindir: exe
10
10
  cert_chain: []
11
- date: 2024-06-28 00:00:00.000000000 Z
11
+ date: 2024-12-15 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: dry-auto_inject