zaikio-jwt_auth 1.0.0 → 2.0.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (7) hide show
  1. checksums.yaml +4 -4
  2. data/README.md +28 -1
  3. data/lib/zaikio/jwt_auth/configuration.rb +1 -1
  4. data/lib/zaikio/jwt_auth/directory_cache.rb +15 -9
  5. data/lib/zaikio/jwt_auth/version.rb +1 -1
  6. data/lib/zaikio/jwt_auth.rb +14 -3
  7. metadata +17 -3
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 5246d95da7085c56dce3719ba3bdba4c102c3b4dd01c941cacb5de5d9e813eb0
4
- data.tar.gz: 354e97d2ef3972049e103fa0afea9e047f9990ab816ca8b7afec7c3671e0d90b
3
+ metadata.gz: c782ad558e422167c59f3c29dfdd9533d97153a17f05955a12eb127e32d55a68
4
+ data.tar.gz: 063fc86f98d24d70e496f324ccc87ec32f71f61ba50c91a70708ca20afe8b1c7
5
5
  SHA512:
6
- metadata.gz: 8025ca7934fac9df869afde1fd23287208fb9edbd1970e3d065d9591062a1557a435f6cb0d7d8147d8f8f2fdbb476ae00dead2d89bb232951489de785df0e248
7
- data.tar.gz: 89431f5cdf4ad50dff018a35530fb95d97d2a9a91a1908566b8d9de187dff65f1203bfb76a7eef79fcc3fca116f336ab194c18b8bd583d830098481678a53aa8
6
+ metadata.gz: 4b24750a7edda299537d85f6bf852a85aaba442f77a18d6c9998d3ef491fa1b329b843b23ddc7b2b6f309ab3abac2c94e0448eef2c7370a9a59014e8823add84
7
+ data.tar.gz: 8b39b2cdaa531bb985b59a374584e6ba2d0167213f9e70185be84462843044478026bc74b8d24e972cd840e1a4402a8ff5390245948fd0b3393ebb1ccc31baa7
data/README.md CHANGED
@@ -28,7 +28,9 @@ $ gem install zaikio-jwt_auth
28
28
  Zaikio::JWTAuth.configure do |config|
29
29
  config.environment = :sandbox # or production
30
30
  config.app_name = "test_app" # Your Zaikio App-Name
31
- config.redis = Redis.new
31
+
32
+ # Enable caching Hub API responses for e.g. revoked tokens
33
+ config.cache = Rails.cache
32
34
  end
33
35
  ```
34
36
 
@@ -63,6 +65,24 @@ end
63
65
 
64
66
  By convention, `authorize_by_jwt_scopes` automatically maps all CRUD actions in a controller. Requests for `show` and `index` with a read or read_write scope are allowed. All other actions like `create`, `update` and `destroy` are accepted if the scope is a write or read_write scope. Therefore it is strongly recommended to always create standard Rails resources. If a custom action is required, you will need to authorize yourself using the `after_jwt_auth`.
65
67
 
68
+ Both of these behaviours are automatically inherited by child classes, for example:
69
+
70
+ ```ruby
71
+ class API::ChildController < API::ResourcesController
72
+ end
73
+
74
+ API::ChildController.authorize_by_jwt_subject_type
75
+ #=> "Organization"
76
+ ```
77
+
78
+ You can always override the behaviour in children if needed:
79
+
80
+ ```ruby
81
+ class API::ChildController < API::ResourcesController
82
+ authorize_by_jwt_subject_type nil
83
+ end
84
+ ```
85
+
66
86
  #### Modifying required scopes
67
87
  If you nonetheless want to change the required scopes for CRUD routes, you can use the `type` option which accepts the following values: `:read`, `:write`, `:read_write`
68
88
 
@@ -165,6 +185,13 @@ rescue JWT::DecodeError, JWT::ExpiredSignature
165
185
  end
166
186
  ```
167
187
 
188
+ ### Using a different cache backend
189
+
190
+ This client supports any implementation of
191
+ [`ActiveSupport::Cache::Store`](https://api.rubyonrails.org/classes/ActiveSupport/Cache/Store.html),
192
+ but you can also write your own client that supports these methods: `#read(key)`,
193
+ `#write(key, value)`, `#delete(key)`
194
+
168
195
  ## Contributing
169
196
 
170
197
  **Make sure you have the dummy app running locally to validate your changes.**
data/lib/zaikio/jwt_auth/configuration.rb CHANGED
@@ -11,7 +11,7 @@ module Zaikio
11
11
  production: "https://hub.zaikio.com"
12
12
  }.freeze
13
13
 
14
- attr_accessor :app_name, :redis, :host
14
+ attr_accessor :app_name, :cache, :host
15
15
  attr_reader :environment
16
16
  attr_writer :logger, :revoked_token_ids, :keys
17
17
 
data/lib/zaikio/jwt_auth/directory_cache.rb CHANGED
@@ -16,7 +16,7 @@ module Zaikio
16
16
 
17
17
  class << self
18
18
  def fetch(directory_path, options = {})
19
- cache = Zaikio::JWTAuth.configuration.redis.get("zaikio::jwt_auth::#{directory_path}")
19
+ cache = Zaikio::JWTAuth.configuration.cache.read("zaikio::jwt_auth::#{directory_path}")
20
20
 
21
21
  json = Oj.load(cache) if cache
22
22
 
@@ -31,14 +31,14 @@ module Zaikio
31
31
  def update(directory_path, options = {})
32
32
  data = fetch(directory_path, options)
33
33
  data = yield(data)
34
- Zaikio::JWTAuth.configuration.redis.set("zaikio::jwt_auth::#{directory_path}", {
34
+ Zaikio::JWTAuth.configuration.cache.write("zaikio::jwt_auth::#{directory_path}", {
35
35
  fetched_at: Time.now.to_i,
36
36
  data: data
37
37
  }.to_json)
38
38
  end
39
39
 
40
40
  def reset(directory_path)
41
- Zaikio::JWTAuth.configuration.redis.del("zaikio::jwt_auth::#{directory_path}")
41
+ Zaikio::JWTAuth.configuration.cache.delete("zaikio::jwt_auth::#{directory_path}")
42
42
  end
43
43
 
44
44
  private
@@ -49,28 +49,34 @@ module Zaikio
49
49
 
50
50
  def reload_or_enqueue(directory_path)
51
51
  data = fetch_from_directory(directory_path)
52
- Zaikio::JWTAuth.configuration.redis.set("zaikio::jwt_auth::#{directory_path}", {
52
+ Zaikio::JWTAuth.configuration.cache.write("zaikio::jwt_auth::#{directory_path}", {
53
53
  fetched_at: Time.now.to_i,
54
54
  data: data
55
55
  }.to_json)
56
56
 
57
57
  data
58
58
  rescue Errno::ECONNREFUSED, Net::ReadTimeout, BadResponseError
59
- Zaikio::JWTAuth.configuration.logger.info("Error updating DirectoryCache(#{directory_path}), enqueueing job to update")
59
+ Zaikio::JWTAuth.configuration.logger
60
+ .info("Error updating DirectoryCache(#{directory_path}), enqueueing job to update")
60
61
  UpdateJob.set(wait: 10.seconds).perform_later(directory_path)
61
62
  nil
62
63
  end
63
64
 
64
65
  def fetch_from_directory(directory_path)
65
- uri = URI("#{Zaikio::JWTAuth.configuration.host}/#{directory_path}")
66
- http = Net::HTTP.new(uri.host, uri.port)
67
- http.use_ssl = uri.scheme == "https"
68
- response = http.request(Net::HTTP::Get.new(uri.request_uri))
66
+ response = make_http_request(directory_path)
67
+
69
68
  raise BadResponseError unless (200..299).cover?(response.code.to_i)
70
69
  raise BadResponseError unless response["content-type"].to_s.include?("application/json")
71
70
 
72
71
  Oj.load(response.body)
73
72
  end
73
+
74
+ def make_http_request(directory_path)
75
+ uri = URI("#{Zaikio::JWTAuth.configuration.host}/#{directory_path}")
76
+ http = Net::HTTP.new(uri.host, uri.port)
77
+ http.use_ssl = uri.scheme == "https"
78
+ http.request(Net::HTTP::Get.new(uri.request_uri))
79
+ end
74
80
  end
75
81
  end
76
82
  end
data/lib/zaikio/jwt_auth/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  module Zaikio
2
2
  module JWTAuth
3
- VERSION = "1.0.0".freeze
3
+ VERSION = "2.0.0".freeze
4
4
  end
5
5
  end
data/lib/zaikio/jwt_auth.rb CHANGED
@@ -45,7 +45,7 @@ module Zaikio
45
45
  end
46
46
 
47
47
  def self.mocked_jwt_payload
48
- @mocked_jwt_payload
48
+ instance_variable_defined?(:@mocked_jwt_payload) && @mocked_jwt_payload
49
49
  end
50
50
 
51
51
  def self.mocked_jwt_payload=(payload)
@@ -67,8 +67,12 @@ module Zaikio
67
67
  end
68
68
 
69
69
  module ClassMethods
70
- def authorize_by_jwt_subject_type(type = nil)
71
- @authorize_by_jwt_subject_type ||= type
70
+ def authorize_by_jwt_subject_type(type = :_not_given_)
71
+ if type != :_not_given_
72
+ @authorize_by_jwt_subject_type = type
73
+ elsif instance_variable_defined?(:@authorize_by_jwt_subject_type)
74
+ @authorize_by_jwt_subject_type
75
+ end
72
76
  end
73
77
 
74
78
  def authorize_by_jwt_scopes(scopes = nil, options = {})
@@ -78,6 +82,13 @@ module Zaikio
78
82
 
79
83
  @authorize_by_jwt_scopes
80
84
  end
85
+
86
+ def inherited(child)
87
+ super(child)
88
+
89
+ child.instance_variable_set(:@authorize_by_jwt_subject_type, @authorize_by_jwt_subject_type)
90
+ child.instance_variable_set(:@authorize_by_jwt_scopes, @authorize_by_jwt_scopes)
91
+ end
81
92
  end
82
93
 
83
94
  module InstanceMethods
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: zaikio-jwt_auth
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.0.0
4
+ version: 2.0.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - crispymtn
@@ -10,8 +10,22 @@ authors:
10
10
  autorequire:
11
11
  bindir: bin
12
12
  cert_chain: []
13
- date: 2021-04-23 00:00:00.000000000 Z
13
+ date: 2022-04-29 00:00:00.000000000 Z
14
14
  dependencies:
15
+ - !ruby/object:Gem::Dependency
16
+ name: activejob
17
+ requirement: !ruby/object:Gem::Requirement
18
+ requirements:
19
+ - - ">="
20
+ - !ruby/object:Gem::Version
21
+ version: '0'
22
+ type: :runtime
23
+ prerelease: false
24
+ version_requirements: !ruby/object:Gem::Requirement
25
+ requirements:
26
+ - - ">="
27
+ - !ruby/object:Gem::Version
28
+ version: '0'
15
29
  - !ruby/object:Gem::Dependency
16
30
  name: oj
17
31
  requirement: !ruby/object:Gem::Requirement
@@ -99,7 +113,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
99
113
  - !ruby/object:Gem::Version
100
114
  version: '0'
101
115
  requirements: []
102
- rubygems_version: 3.1.4
116
+ rubygems_version: 3.3.11
103
117
  signing_key:
104
118
  specification_version: 4
105
119
  summary: JWT-Based authentication and authorization with zaikio