RubyGems - warden-jwt_auth - Versions diffs - 0.6.0 → 0.7.0 - Mend

warden-jwt_auth 0.6.0 → 0.7.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (9) hide show

checksums.yaml +4 -4
data/.github/FUNDING.yml +1 -0
data/CHANGELOG.md +4 -1
data/README.md +10 -0
data/lib/warden/jwt_auth/token_decoder.rb +2 -2
data/lib/warden/jwt_auth/version.rb +1 -1
data/lib/warden/jwt_auth.rb +3 -0
data/warden-jwt_auth.gemspec +2 -0
metadata +6 -4

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: d51f6ca62ae932ecce00a1302bcf89afa9e39a073d64e2e1ed8573b1f35ac887
-  data.tar.gz: c412529d04dcb06a4360accaff043d5a11948ac6acc621f795b0d53087abe360
+  metadata.gz: d1d3eebd02efa288aa59f731fc3650a0c1deefe2922f35a606ce53f0fd16d0be
+  data.tar.gz: 8bdab56cf91544de74393491d842c34208b6028000c07a2187caf93f09887093
 SHA512:
-  metadata.gz: 917659441336dbdd2f7dce8e4e29ac0ed278e7961ab1c6f209eed25e6e8d613b59154c302fd27695a2432c8cc9aa8bd09eca52958132ba96cb0d3590ee6bafa9
-  data.tar.gz: e7acd7d7922d344056f16fc7412bbf2241780dafb573ba550915de60dc371738d63a70acf363778c7bcd38e6e5e38b78f2eb237c5b3d3448616e90e44dc54b26
+  metadata.gz: 8949c3f273247d3fbbf6bc034952d50ab58be7214c411fa6144ea190485b3c3963dac7f024ef9462b08f6240c64b7c9e11cade4d3ddb655419ce0c0cd88e1075
+  data.tar.gz: 05076d7b6e458c914cd974c8310820e80a5f0832e19e7b82303a6d75dd9e04a403b2fc19bc925d954d08229cafd6ac1a7d31316977bc08803f80981723dbca8c

data/.github/FUNDING.yml ADDED Viewed

	@@ -0,0 +1 @@
1	+ github: waiting-for-dev

data/CHANGELOG.md CHANGED Viewed

@@ -4,7 +4,10 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](http://keepachangelog.com/)
 and this project adheres to [Semantic Versioning](http://semver.org/).
-## [0.6.0]
+## [0.7.0] - 2022-09-12
+- Support asymmetric algorithms ([40](https://github.com/waiting-for-dev/warden-jwt_auth/issues/40))
+## [0.6.0] - 2021-09-21
 - Support ruby 3.0 and deprecate 2.5
 - Fixed dry-configurable compatibility. ([28](https://github.com/waiting-for-dev/warden-jwt_auth/issues/28))

data/README.md CHANGED Viewed

@@ -68,6 +68,16 @@ Warden::JWTAuth.configure do |config|
 end
 ```
+If the algorithm is asymmetric (e.g. RS256) and necessitates a different decoding secret than the encoding secret, configure the `decoding_secret` setting as well.
+```ruby
+Warden::JWTAuth.configure do |config|
+  config.secret = OpenSSL::PKey::RSA.new(ENV['WARDEN_JWT_PRIVATE_KEY'])
+  config.decoding_secret = OpenSSL::PKey::RSA.new(ENV['WARDEN_JWT_PUBLIC_KEY'])
+  config.algorithm = 'RS256' # or other asymmetric algorithm
+end
+```
 ### Warden scopes configuration
 You have to map the warden scopes that will be authenticatable through JWT, with the user repositories from where these scope user records can be fetched. If a string is supplied, the user repository will first be looked up as a constant.

data/lib/warden/jwt_auth/token_decoder.rb CHANGED Viewed

@@ -4,7 +4,7 @@ module Warden
   module JWTAuth
     # Decodes a JWT into a hash payload into a JWT token
     class TokenDecoder
-      include JWTAuth::Import['secret', 'algorithm']
+      include JWTAuth::Import['decoding_secret', 'algorithm']
       # Decodes the payload from a JWT as a hash
       #
@@ -15,7 +15,7 @@ module Warden
       # @return [Hash] payload decoded from the JWT
       def call(token)
         JWT.decode(token,
-                   secret,
+                   decoding_secret,
                    true,
                    algorithm: algorithm,
                    verify_jti: true)[0]

data/lib/warden/jwt_auth/version.rb CHANGED Viewed

@@ -2,6 +2,6 @@
 module Warden
   module JWTAuth
-    VERSION = '0.6.0'
+    VERSION = '0.7.0'
   end
 end

data/lib/warden/jwt_auth.rb CHANGED Viewed

@@ -41,6 +41,9 @@ module Warden
     # The secret used to encode the token
     setting :secret
+    # The secret used to decode the token, defaults to `secret` if not provided
+    setting :decoding_secret, constructor: ->(value) { value || config.secret }
     # The algorithm used to encode the token
     setting :algorithm, default: 'HS256'

data/warden-jwt_auth.gemspec CHANGED Viewed

@@ -20,6 +20,8 @@ Gem::Specification.new do |spec|
   spec.executables   = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
   spec.require_paths = ['lib']
+  spec.metadata['rubygems_mfa_required'] = 'true'
   spec.add_dependency 'dry-auto_inject', '~> 0.8'
   spec.add_dependency 'dry-configurable', '~> 0.13'
   spec.add_dependency 'jwt', '~> 2.1'

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: warden-jwt_auth
 version: !ruby/object:Gem::Version
-  version: 0.6.0
+  version: 0.7.0
 platform: ruby
 authors:
 - Marc Busqué
 autorequire:
 bindir: exe
 cert_chain: []
-date: 2021-09-21 00:00:00.000000000 Z
+date: 2022-09-12 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: dry-auto_inject
@@ -201,6 +201,7 @@ extensions: []
 extra_rdoc_files: []
 files:
 - ".codeclimate.yml"
+- ".github/FUNDING.yml"
 - ".gitignore"
 - ".rspec"
 - ".rubocop.yml"
@@ -237,7 +238,8 @@ files:
 homepage: https://github.com/waiting-for-dev/warden-jwt_auth
 licenses:
 - MIT
-metadata: {}
+metadata:
+  rubygems_mfa_required: 'true'
 post_install_message:
 rdoc_options: []
 require_paths:
@@ -253,7 +255,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.1.2
+rubygems_version: 3.0.3.1
 signing_key:
 specification_version: 4
 summary: JWT authentication for Warden.