warden-jwt_auth 0.2.0 → 0.2.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 4a2ccfa065ae0684252e27bb7ec7e96ecf0d707d
-  data.tar.gz: c0a21d42ab4f41891f7a9cadd6edb273c2821dc0
+  metadata.gz: 1f24397de1422507d524eba4a8c60050e6a6abde
+  data.tar.gz: b767bf87c6b29a12da5a64b4367f619b8685568e
 SHA512:
-  metadata.gz: 5ce27233145e6481666a408fc2d92066364a04601a127b3b92fc7100aec4318afb077c7909ed3b6a7b5cf66983d82b5111aa67b234c0e7baa32791f10c11dfdd
-  data.tar.gz: 9b423f5b1f7304f91bc88385fbf451cab180c2cb7673071dcf98d594dada87a68398d5876a639a2e38baccc2bc89e02a88c47aa0427d414a83ec01b5a4039d07
+  metadata.gz: 29f2e7ef4ea4de94a68b4cac0e394df30609fa706c6afb468d725000995a68c80227abd64392367b94fda770fe7884aac11041ecd742661d96eaa8045efb04c7
+  data.tar.gz: ab4e91316b5ca085c1f2f1f267656097d788a2e1e5ad1cf9face21402f569aa989264c57bdb8310512d7028a0e10351697abf13ece06512c0470f9bf72b49f93

data/CHANGELOG.md

@@ -4,6 +4,13 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](http://keepachangelog.com/) 
 and this project adheres to [Semantic Versioning](http://semver.org/).
 
+## [0.2.1] - 2017-12-04
+### Added
+- Allow configuring classes as strings
+
+### Fixed
+- Take `PATH_INFO` as an empty string when it is not present
+
 ## [0.2.0] - 2017-11-23
 ### Added
 - `fail!` with message

data/README.md

@@ -24,7 +24,7 @@ If what you need is a JWT authentication library for [devise](https://github.com
 ## Installation
 
 ```ruby
-gem 'warden-jwt_auth', '~> 0.2.0'
+gem 'warden-jwt_auth', '~> 0.2.1'
 ```
 
 And then execute:
@@ -63,7 +63,7 @@ Currently, HS256 algorithm is the one in use.
 
 ### Warden scopes configuration
 
-You have to map the warden scopes that will be authenticatable through JWT, with the user repositories from where these scope user records can be fetched.
+You have to map the warden scopes that will be authenticatable through JWT, with the user repositories from where these scope user records can be fetched. If a string is supplied, the user repository will first be looked up as a constant.
 
 For instance:
 
@@ -142,7 +142,7 @@ config.revocation_requests = [
 
 **Important**: You are encouraged to delimit your regular expression with `^` and `$` to avoid unintentional matches.
 
-Besides, you need to configure which revocation strategy will be used for each scope.
+Besides, you need to configure which revocation strategy will be used for each scope. If a string is supplied, the revocation strategy will first be looked up as a constant.
 
 ```ruby
 config.revocation_strategies = { user: RevocationStrategy }

data/lib/warden/jwt_auth.rb

@@ -25,7 +25,8 @@ module Warden
     # Expiration time for tokens
     setting :expiration_time, 3600
 
-    # A hash of warden scopes as keys and user repositories as values.
+    # A hash of warden scopes as keys and user repositories as values. The
+    # values can be either the constants themselves or the constant names.
     #
     # @see Interfaces::UserRepository
     # @see Interfaces::User
@@ -56,8 +57,9 @@ module Warden
       upcase_first_items(value)
     end
 
-    # Hash with scopes as keys and values with the strategy to revoke tokens for
-    # that scope
+    # Hash with scopes as keys and strategies to revoke tokens for that scope
+    # as values. The values can be either the constants themselves or the
+    # constant names.
     #
     # @example
     #  {
@@ -87,12 +89,30 @@ module Warden
     end
 
     Import = Dry::AutoInject(config)
+
+    config.instance_eval do
+      def mappings
+        constantize_values(super)
+      end
+
+      def revocation_strategies
+        constantize_values(super)
+      end
+
+      # :reek:UtilityFunction
+      def constantize_values(hash)
+        hash.each_with_object({}) do |(key, value), memo|
+          memo[key] = value.is_a?(String) ? Object.const_get(value) : value
+        end
+      end
+    end
   end
 end
 
 require 'warden/jwt_auth/version'
 require 'warden/jwt_auth/header_parser'
 require 'warden/jwt_auth/payload_user_helper'
+require 'warden/jwt_auth/env_helper'
 require 'warden/jwt_auth/user_encoder'
 require 'warden/jwt_auth/user_decoder'
 require 'warden/jwt_auth/token_encoder'

data/lib/warden/jwt_auth/env_helper.rb

@@ -0,0 +1,52 @@
+# frozen_string_literal: true
+
+module Warden
+  module JWTAuth
+    # Helper functions to centralize working with rack env.
+    #
+    # It follows
+    # [rack](http://www.rubydoc.info/github/rack/rack/file/SPEC#The_Environment)
+    # and [PEP 333](https://www.python.org/dev/peps/pep-0333/#environ-variables)
+    # conventions.
+    module EnvHelper
+      # Returns PATH_INFO environment variable
+      #
+      # @param env [Hash] Rack env
+      # @return [String]
+      def self.path_info(env)
+        env['PATH_INFO'] || ''
+      end
+
+      # Returns REQUEST_METHOD environment variable
+      #
+      # @param env [Hash] Rack env
+      # @return [String]
+      def self.request_method(env)
+        env['REQUEST_METHOD']
+      end
+
+      # Returns HTTP_AUTHORIZATION environment variable
+      #
+      # @param env [Hash] Rack env
+      # @return [String]
+      def self.authorization_header(env)
+        env['HTTP_AUTHORIZATION']
+      end
+
+      # Returns a copy of `env` with value added to the `HTTP_AUTHORIZATION`
+      # environment variable.
+      #
+      # Be aware than `env` is not modified in place and still an updated copy
+      # is returned.
+      #
+      # @param env [Hash] Rack env
+      # @param value [String]
+      # @return [Hash] modified rack env
+      def self.set_authorization_header(env, value)
+        env = env.dup
+        env['HTTP_AUTHORIZATION'] = value
+        env
+      end
+    end
+  end
+end

data/lib/warden/jwt_auth/header_parser.rb

@@ -14,7 +14,7 @@ module Warden
       # @return [String] JWT token
       # @return [nil] if token is not present
       def self.from_env(env)
-        auth = env['HTTP_AUTHORIZATION']
+        auth = EnvHelper.authorization_header(env)
         return nil unless auth
         method, token = auth.split
         method == METHOD ? token : nil
@@ -27,9 +27,7 @@ module Warden
       # @param token [String] JWT token
       # @return [Hash] modified rack env
       def self.to_env(env, token)
-        env = env.dup
-        env['HTTP_AUTHORIZATION'] = "#{METHOD} #{token}"
-        env
+        EnvHelper.set_authorization_header(env, "#{METHOD} #{token}")
       end
 
       # Returns a copy of headers with token added in the `Authorization` key.

data/lib/warden/jwt_auth/hooks.rb

@@ -29,7 +29,9 @@ module Warden
       end
 
       def token_should_be_added?(scope, env)
-        jwt_scope?(scope) && request_matches?(env)
+        path_info = EnvHelper.path_info(env)
+        method = EnvHelper.request_method(env)
+        jwt_scope?(scope) && request_matches?(path_info, method)
       end
 
       def jwt_scope?(scope)
@@ -37,12 +39,12 @@ module Warden
         jwt_scopes.include?(scope)
       end
 
-      # :reek:FeatureEnvy
-      def request_matches?(env)
+      # :reek:ControlParameter
+      def request_matches?(path_info, method)
         dispatch_requests.each do |tuple|
-          method, path = tuple
-          return true if env['PATH_INFO'].match(path) &&
-                         env['REQUEST_METHOD'] == method
+          dispatch_method, dispatch_path = tuple
+          return true if path_info.match(dispatch_path) &&
+                         method == dispatch_method
         end
         false
       end

data/lib/warden/jwt_auth/middleware/revocation_manager.rb

@@ -8,11 +8,12 @@ module Warden
         # Debugging key added to `env`
         ENV_KEY = 'warden-jwt_auth.revocation_manager'
 
-        attr_reader :app, :config
+        attr_reader :app, :config, :helper
 
         def initialize(app)
           @app = app
           @config = JWTAuth.config
+          @helper = EnvHelper
         end
 
         def call(env)
@@ -26,17 +27,19 @@ module Warden
 
         def revoke_token(env)
           token = HeaderParser.from_env(env)
-          return unless token && token_should_be_revoked?(env)
+          path_info = EnvHelper.path_info(env)
+          method = EnvHelper.request_method(env)
+          return unless token && token_should_be_revoked?(path_info, method)
           TokenRevoker.new.call(token)
         end
 
-        # :reek:FeatureEnvy
-        def token_should_be_revoked?(env)
+        # :reek:ControlParameter
+        def token_should_be_revoked?(path_info, method)
           revocation_requests = config.revocation_requests
           revocation_requests.each do |tuple|
-            method, path = tuple
-            return true if env['PATH_INFO'].match(path) &&
-                           env['REQUEST_METHOD'] == method
+            revocation_method, revocation_path = tuple
+            return true if path_info.match(revocation_path) &&
+                           method == revocation_method
           end
           false
         end

data/lib/warden/jwt_auth/strategy.rb

@@ -8,7 +8,7 @@ module Warden
     # `Authorization` request header
     # :reek:PrimaDonnaMethod
     class Strategy < Warden::Strategies::Base
-      # :reek:NeelCheck
+      # :reek:NilCheck
       def valid?
         !token.nil?
       end
@@ -20,8 +20,8 @@ module Warden
       def authenticate!
         user = UserDecoder.new.call(token, scope)
         success!(user)
-      rescue JWT::DecodeError => e
-        fail!(e.message)
+      rescue JWT::DecodeError => exception
+        fail!(exception.message)
       end
 
       private

data/lib/warden/jwt_auth/version.rb

@@ -2,6 +2,6 @@
 
 module Warden
   module JWTAuth
-    VERSION = '0.2.0'
+    VERSION = '0.2.1'
   end
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: warden-jwt_auth
 version: !ruby/object:Gem::Version
-  version: 0.2.0
+  version: 0.2.1
 platform: ruby
 authors:
 - Marc Busqué
 autorequire: 
 bindir: exe
 cert_chain: []
-date: 2017-11-23 00:00:00.000000000 Z
+date: 2017-12-04 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: dry-configurable
@@ -191,6 +191,7 @@ files:
 - bin/setup
 - docker-compose.yml
 - lib/warden/jwt_auth.rb
+- lib/warden/jwt_auth/env_helper.rb
 - lib/warden/jwt_auth/errors.rb
 - lib/warden/jwt_auth/header_parser.rb
 - lib/warden/jwt_auth/hooks.rb