zaikio-jwt_auth 0.1.0 → 0.1.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/zaikio/jwt_auth.rb +10 -8
- data/lib/zaikio/jwt_auth/version.rb +1 -1
- metadata +1 -1
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: fc049533f5e0a82a2fa15f189514a997ae95b2a5cda50a8142d28d4776bacba3
|
4
|
+
data.tar.gz: 9e0cd0c5aee054152abc83dfa717711ae0f3b4aedd53a1eae321091c3c2b0a9f
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: dd1cf4ac348ab2fba0d05a94e3accf3db35f3170043bf51953810ef3d19538e9be1ecd2a130f921f22bd1b4e5351b051b5c92f9c7f47b28b5bbb4cc4f04f036a
|
7
|
+
data.tar.gz: 9c0725178d406e5ce35c8af71b0c5f480739a65579b5c65d3fc8d0e79cba9714af14f64eb1e3e777f925f18d8314a8f61646dfac60d93eaf82d19c2cb5a9ac32
|
data/lib/zaikio/jwt_auth.rb
CHANGED
@@ -34,9 +34,7 @@ module Zaikio
|
|
34
34
|
|
35
35
|
module InstanceMethods
|
36
36
|
def authenticate_by_jwt
|
37
|
-
unless jwt_from_auth_header
|
38
|
-
render(status: :unauthorized, plain: "Please authenticate via Zaikio JWT") && return
|
39
|
-
end
|
37
|
+
render_error("no_jwt_passed", status: :unauthorized) && return unless jwt_from_auth_header
|
40
38
|
|
41
39
|
token_data = TokenData.new(jwt_payload)
|
42
40
|
|
@@ -48,9 +46,9 @@ module Zaikio
|
|
48
46
|
|
49
47
|
send(:after_jwt_auth, token_data) if respond_to?(:after_jwt_auth)
|
50
48
|
rescue JWT::ExpiredSignature
|
51
|
-
|
49
|
+
render_error("jwt_expired") && (return)
|
52
50
|
rescue JWT::DecodeError
|
53
|
-
|
51
|
+
render_error("invalid_jwt") && (return)
|
54
52
|
end
|
55
53
|
|
56
54
|
private
|
@@ -71,7 +69,7 @@ module Zaikio
|
|
71
69
|
return
|
72
70
|
end
|
73
71
|
|
74
|
-
|
72
|
+
render_error("unpermitted_scope")
|
75
73
|
end
|
76
74
|
|
77
75
|
def show_error_if_authorize_by_jwt_subject_type_fails(token_data)
|
@@ -80,13 +78,13 @@ module Zaikio
|
|
80
78
|
return
|
81
79
|
end
|
82
80
|
|
83
|
-
|
81
|
+
render_error("unpermitted_subject")
|
84
82
|
end
|
85
83
|
|
86
84
|
def show_error_if_token_is_blacklisted(token_data)
|
87
85
|
return unless blacklisted_token_ids.include?(token_data.jti)
|
88
86
|
|
89
|
-
|
87
|
+
render_error("invalid_jwt")
|
90
88
|
end
|
91
89
|
|
92
90
|
def blacklisted_token_ids
|
@@ -96,6 +94,10 @@ module Zaikio
|
|
96
94
|
|
97
95
|
DirectoryCache.fetch("api/v1/blacklisted_token_ids.json", expires_after: 5.minutes)["blacklisted_token_ids"]
|
98
96
|
end
|
97
|
+
|
98
|
+
def render_error(error, status: :forbidden)
|
99
|
+
render(status: status, json: { "errors" => [error] })
|
100
|
+
end
|
99
101
|
end
|
100
102
|
end
|
101
103
|
end
|