zaikio-jwt_auth 2.3.0 → 2.4.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/zaikio/jwt_auth/directory_cache.rb +2 -2
- data/lib/zaikio/jwt_auth/version.rb +1 -1
- data/lib/zaikio/jwt_auth.rb +15 -13
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: d747cb5921e0b8c6f7b9424d15add0cf5d0471ee01d6db77ec2bb82577db794e
|
|
4
|
+
data.tar.gz: a38ec5412d24766df3bc6dee455a59a2ab9326216988545ecdc614ab46b7426e
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: a7f3053aef038da812f845c77ac2fd5fa132a7ee77dd0d0ef638e1b81ac1c635a713af36f9c682806a12b44e2bf221602814011c678c92c5a966b816422e903e
|
|
7
|
+
data.tar.gz: fd8660695b98ccdca7d20142a9066f2287285a5ddf836c360e504a250163e95d9b9e5f31b11b3856a3de75c403c287b9a882eba0a9b6b30f7fd4e4ab9d307b90
|
|
@@ -5,7 +5,7 @@ require "logger"
|
|
|
5
5
|
module Zaikio
|
|
6
6
|
module JWTAuth
|
|
7
7
|
class DirectoryCache
|
|
8
|
-
class UpdateJob < ::ActiveJob::Base
|
|
8
|
+
class UpdateJob < ::ActiveJob::Base # rubocop:disable Rails/ApplicationJob
|
|
9
9
|
def perform(directory_path)
|
|
10
10
|
DirectoryCache.fetch(directory_path)
|
|
11
11
|
true # This job will always re-queue until it succeeds.
|
|
@@ -70,7 +70,7 @@ module Zaikio
|
|
|
70
70
|
rescue Errno::ECONNREFUSED, Net::ReadTimeout, BadResponseError
|
|
71
71
|
Zaikio::JWTAuth.configuration.logger
|
|
72
72
|
.info("Error updating DirectoryCache(#{directory_path}), enqueueing job to update")
|
|
73
|
-
UpdateJob.
|
|
73
|
+
UpdateJob.perform_later(directory_path)
|
|
74
74
|
nil
|
|
75
75
|
end
|
|
76
76
|
|
data/lib/zaikio/jwt_auth.rb
CHANGED
|
@@ -131,8 +131,8 @@ module Zaikio
|
|
|
131
131
|
|
|
132
132
|
private
|
|
133
133
|
|
|
134
|
-
def
|
|
135
|
-
scope_configurations.
|
|
134
|
+
def find_scope_configurations(scope_configurations)
|
|
135
|
+
scope_configurations.select do |scope_configuration|
|
|
136
136
|
action_matches = action_matches_config?(scope_configuration)
|
|
137
137
|
|
|
138
138
|
if action_matches && scope_configuration[:if] && !instance_exec(&scope_configuration[:if])
|
|
@@ -169,21 +169,23 @@ module Zaikio
|
|
|
169
169
|
end
|
|
170
170
|
|
|
171
171
|
def show_error_if_authorize_by_jwt_scopes_fails(token_data)
|
|
172
|
-
|
|
172
|
+
configurations = find_scope_configurations(self.class.authorize_by_jwt_scopes)
|
|
173
173
|
|
|
174
|
-
return if
|
|
175
|
-
configuration,
|
|
176
|
-
action_name
|
|
177
|
-
)
|
|
174
|
+
return if configurations.empty?
|
|
178
175
|
|
|
179
|
-
|
|
176
|
+
configuration = configurations.find do |scope_configuration|
|
|
177
|
+
token_data.scope_by_configurations?(
|
|
178
|
+
scope_configuration,
|
|
179
|
+
action_name
|
|
180
|
+
)
|
|
181
|
+
end
|
|
180
182
|
|
|
181
|
-
if configuration
|
|
182
|
-
required_scopes = required_scopes(token_data, configuration)
|
|
183
|
+
return if configuration
|
|
183
184
|
|
|
184
|
-
|
|
185
|
-
|
|
186
|
-
|
|
185
|
+
required_scopes = required_scopes(token_data, configuration || configurations.first)
|
|
186
|
+
|
|
187
|
+
details = "This endpoint requires one of the following scopes: #{required_scopes.join(', ')} but your " \
|
|
188
|
+
"access token only includes the following scopes: #{token_data.scope.join(', ')} - #{DOCS_LINK}"
|
|
187
189
|
|
|
188
190
|
render_error(["unpermitted_scope", details])
|
|
189
191
|
end
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: zaikio-jwt_auth
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 2.
|
|
4
|
+
version: 2.4.1
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- crispymtn
|
|
@@ -10,7 +10,7 @@ authors:
|
|
|
10
10
|
autorequire:
|
|
11
11
|
bindir: bin
|
|
12
12
|
cert_chain: []
|
|
13
|
-
date: 2023-
|
|
13
|
+
date: 2023-05-08 00:00:00.000000000 Z
|
|
14
14
|
dependencies:
|
|
15
15
|
- !ruby/object:Gem::Dependency
|
|
16
16
|
name: activejob
|