wor-authentication 0.2.0 → 0.2.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 787ae1d673913fc47b4ab942d4fca187c13a0e33
-  data.tar.gz: c4d4697f041f984c6fc37e3f36f7cbca3c10e1c2
+  metadata.gz: 543e92dae4b149469a024d4b4a9576816728687f
+  data.tar.gz: 49ec509fff4c4ce7556dca6a1cc86321be9f1e18
 SHA512:
-  metadata.gz: 6f52f09a7d4068a8bab032f5d6705d785be43afc08aafa5e5eb7ef90c35e779c487448e69940b54ec7bb34ac543987eecbeb7af7639eef85597443af73617dac
-  data.tar.gz: 8b87dddd1e8cb02d02e86e5eb32194f0c9123a72b9bfeac00cc2e250579a7326e592825559f4462e3c8372d5590209d136d32be9af815318731f87d643c064af
+  metadata.gz: fcdc1a635bca880a7020523522887603ac27e05897fbd06f04338725bda76dde51c0b8b1b2b0ac1d1f695566bd488b0a19161d2e89e56540688165dee669f494
+  data.tar.gz: e28dfd0059431608c9c1c5cc78e68555ffee312175d49b2f9cf225eb9ed11e3568699d2dc5c78d59e97adb48b9d8657adf17d391c54d2ef11c4b81cc4087eb3a

data/CHANGELOG.md

@@ -1,6 +1,11 @@
 
 ## Change log
 
+### [0.2.1] - 2017-07-27
+
+- Throws Wor::Authentication::MissingAuthorizationHeader when no Authorization header is sent
+- Throws Wor::Authentication::InvalidAuthorizationToken when the Authorization token is invalid
+
 ### [0.2.0]
 
 #### Added

data/README.md

@@ -34,7 +34,17 @@ class ApplicationController < ActionController::Base
   before_action :authenticate_request
 end
 ```
-> To know which exceptions can be thrown by the gem, please check the [exceptions file](./lib/wor/authentication/exceptions.rb).
+
+When a validation fails, an exception will be raised. Feel free to use `Wor::Authentication` helpers to render those errors like the following:
+```ruby
+rescue_from Wor::Authentication::Exceptions::NotRenewableTokenError, with: :render_not_renewable_token
+rescue_from Wor::Authentication::Exceptions::ExpiredTokenError, with: :render_expired_token
+rescue_from Wor::Authentication::Exceptions::EntityCustomValidationError, with: :render_entity_invalid_custom_validation
+rescue_from Wor::Authentication::Exceptions::MissingAuthorizationHeader, with: :render_missing_authorization_token
+rescue_from Wor::Authentication::Exceptions::InvalidAuthorizationToken, with: :render_invalid_authorization_token
+```
+
+> To know all the exceptions that can be thrown by the gem, please check the [exceptions file](./lib/wor/authentication/exceptions.rb).
 
 Second and last step, we have to define the routes to achieve authentication and a controller to handle them.
 ```ruby

data/lib/wor/authentication/controller.rb

@@ -15,13 +15,11 @@ module Wor
       end
 
       def new_token_expiration_date
-        expiration_days = Wor::Authentication.expiration_days
-        (Time.zone.now + expiration_days.days).to_i
+        Wor::Authentication.expiration_days.days.from_now.to_i
       end
 
       def token_maximum_useful_date
-        maximum_useful_days = Wor::Authentication.maximum_useful_days
-        (Time.zone.now + maximum_useful_days.days).to_i
+        Wor::Authentication.maximum_useful_days.days.from_now.to_i
       end
 
       ##
@@ -33,6 +31,9 @@ module Wor
       end
 
       def authentication_token
+        if request.headers['Authorization'].blank?
+          raise Wor::Authentication::Exceptions::MissingAuthorizationHeader
+        end
         request.headers['Authorization'].split(' ').last
       end
 

data/lib/wor/authentication/decoded_token.rb

@@ -16,33 +16,28 @@ module Wor
       end
 
       def fetch(key)
-        return payload[key.to_sym] if payload[key.to_sym]
-        return payload[key.to_s] if payload[key.to_s]
-        nil
+        payload[key.to_sym] || payload[key.to_s]
       end
 
       def expired?
-        return false if fetch(:expiration_date).blank?
         # TODO: Use a ruby standard library for time
-        Time.zone.now.to_i > fetch(:expiration_date)
+        fetch(:expiration_date).present? && Time.zone.now.to_i > fetch(:expiration_date)
       end
 
       def able_to_renew?
-        return false if fetch(:maximum_useful_date).blank?
         # TODO: Use a ruby standard library for time
-        Time.zone.now.to_i < fetch(:maximum_useful_date)
+        fetch(:maximum_useful_date).present? && Time.zone.now.to_i < fetch(:maximum_useful_date)
       end
 
       def valid_renew_id?(renew_id)
-        return true unless fetch(:renew_id).present? && renew_id.present?
-        renew_id == fetch(:renew_id)
+        (fetch(:renew_id).blank? || renew_id.blank?) || renew_id == fetch(:renew_id)
       end
 
       private
 
       def valid_entity_custom_validation?(entity_custom_validation)
-        return true if fetch(:entity_custom_validation).blank?
-        entity_custom_validation == fetch(:entity_custom_validation)
+        fetch(:entity_custom_validation).blank? ||
+          entity_custom_validation == fetch(:entity_custom_validation)
       end
     end
   end

data/lib/wor/authentication/exceptions.rb

@@ -8,6 +8,8 @@ module Wor
       class ExpiredTokenError < StandardError; end
       class NotRenewableTokenError < StandardError; end
       class EntityCustomValidationError < StandardError; end
+      class MissingAuthorizationHeader < StandardError; end
+      class InvalidAuthorizationToken < StandardError; end
     end
   end
 end

data/lib/wor/authentication/sessions_controller.rb

@@ -71,6 +71,14 @@ module Wor
         params.require(:session).permit(:renew_id)
       end
 
+      def render_missing_authorization_token
+        render_error('You must pass an Authorization Header with the access token', :unauthorized)
+      end
+
+      def render_invalid_authorization_token
+        render_error('Invalid authorization token', :unauthorized)
+      end
+
       def render_not_renewable_token
         render_error('Access token is not valid anymore', :unauthorized)
       end

data/lib/wor/authentication/token_manager.rb

@@ -15,7 +15,7 @@ module Wor
         payload = JWT.decode(token, @key)[0]
         Wor::Authentication::DecodedToken.new(payload)
       rescue
-        nil
+        raise Wor::Authentication::Exceptions::InvalidAuthorizationToken
       end
     end
   end

data/lib/wor/authentication/version.rb

@@ -1,5 +1,5 @@
 module Wor
   module Authentication
-    VERSION = '0.2.0'.freeze
+    VERSION = '0.2.1'.freeze
   end
 end

data/wor-authentication.gemspec

@@ -21,7 +21,7 @@ Gem::Specification.new do |spec|
   spec.test_files    = spec.files.grep(%r{^(test|spec)/})
   spec.require_paths = ['lib']
 
-  spec.add_dependency 'railties', '>= 4.1.0', '< 5.1'
+  spec.add_dependency 'railties', '>= 4.1.0', '< 5.2'
   spec.add_dependency 'devise', '>= 4.2.0'
   spec.add_dependency 'jwt', '>= 1.5'
   spec.add_dependency 'rails', '>= 4.0'

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: wor-authentication
 version: !ruby/object:Gem::Version
-  version: 0.2.0
+  version: 0.2.1
 platform: ruby
 authors:
 - alebian
@@ -9,7 +9,7 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2017-05-05 00:00:00.000000000 Z
+date: 2017-08-01 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: railties
@@ -20,7 +20,7 @@ dependencies:
         version: 4.1.0
     - - "<"
       - !ruby/object:Gem::Version
-        version: '5.1'
+        version: '5.2'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
@@ -30,7 +30,7 @@ dependencies:
         version: 4.1.0
     - - "<"
       - !ruby/object:Gem::Version
-        version: '5.1'
+        version: '5.2'
 - !ruby/object:Gem::Dependency
   name: devise
   requirement: !ruby/object:Gem::Requirement
@@ -274,7 +274,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubyforge_project: 
-rubygems_version: 2.4.5
+rubygems_version: 2.6.7
 signing_key: 
 specification_version: 4
 summary: Easily add authentication to your application!.