RubyGems - zaikio-jwt_auth - Versions diffs - 0.2.1 → 0.2.2 - Mend

zaikio-jwt_auth 0.2.1 → 0.2.2

Files changed (6) hide show

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 025f45746c3a1a8f50fe821e580f5b41e3ae0126bf450a785488941200e2b0bf
-  data.tar.gz: 0ded26e92d822a537c8238f01f13ae3a51f3fc6e2e48863b88455ec25d26dd7b
+  metadata.gz: ec233ed24502a3c1787c5c8825ecbf4c889608522152192739ab5938a91e720a
+  data.tar.gz: d15c29da5093ec019ff083874321d6fe709946eee57e464bb4b80ea8c89a7277
 SHA512:
-  metadata.gz: 819316b9aa09aa764ce734b1f177da3aeb108c9b5b7e0cfb3426aac674dbc13115df3767d2cf933321241c88ff0721caecebef4eb7be630d04882e2a7c91eac2
-  data.tar.gz: 762dd6bb4b7e0abd44cc4333d6c5799ed2802d893875cab1808f690f46f10a6a3844fbe8a1c26004895846375be4832ad4afd218cf84ebf9eb79abe993a9714b
+  metadata.gz: 96a305a591381bbd7c768f27faaaf859dd2f01cca1032bb9f7b38b8e8a7b240c16da12e438cd6a325abe43ddf3f6d75602cfd068a9746348d52e89bb9274ce2d
+  data.tar.gz: a46b2f66a46b9a906b3ee2bcc0f98ee8ac88412d3bbaac81e0bebdaad2d831749d26a935f7d86c694fedc21ad890a277590fe582843629c8b98b96caf5b474d6

data/README.md CHANGED Viewed

@@ -61,6 +61,8 @@ class API::ResourcesController < API::ApplicationController
 end
 ```
+By convention, `authorize_by_jwt_scopes` automatically maps all CRUD actions in a controller. Requests for `show` and `index` with a read or read_write scope are allowed. All other actions like `create`, `update` and `destroy` are accepted if the scope is a write or read_write scope. Therefore it is strongly recommended to always create standard Rails resources. If a custom action is required, you will need to authorize yourself using the `after_jwt_auth`.
 ### 6. Optionally, if you are using SSO: Check revoked tokens
 Additionally, the API provides a method called `revoked_jwt?` which expects the `jti` of the JWT.
@@ -73,10 +75,23 @@ Zaikio::JWTAuth.revoked_jwt?('jti-of-token') # returns true if token was revoked
 ```rb
 # in your test_helper.rb
-include Zaikio::JWTAuth::TestHelper
+class ActiveSupport::TestCase
+  # ...
+  include Zaikio::JWTAuth::TestHelper
+  # ...
+end
+# in your integration tests you can use:
+class ResourcesControllerTest < ActionDispatch::IntegrationTest
+  def setup
+    mock_jwt(sub: 'Organization/123', scope: ['directory.organization.r'])
+  end
-# in your tests you can use:
-mock_jwt(sub: 'Organization/123', scope: ['directory.organization.r'])
+  test "do a request with a mocked jwt" do
+    get resources_path
+    # test the actual business logic
+  end
+end
 ```
 ## Advanced

data/config/initializers/inflections.rb CHANGED Viewed

@@ -1,3 +1,3 @@
 ActiveSupport::Inflector.inflections(:en) do |inflect|
-  inflect.acronym 'JWT'
+  inflect.acronym "JWT"
 end

data/lib/zaikio/jwt_auth/test_helper.rb CHANGED Viewed

@@ -1,7 +1,7 @@
 module Zaikio
   module JWTAuth
     module TestHelper
-      def after_setup
+      def after_teardown
         Zaikio::JWTAuth.mocked_jwt_payload = nil
         super
       end

data/lib/zaikio/jwt_auth/version.rb CHANGED Viewed

@@ -1,5 +1,5 @@
 module Zaikio
   module JWTAuth
-    VERSION = "0.2.1".freeze
+    VERSION = "0.2.2".freeze
   end
 end

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: zaikio-jwt_auth
 version: !ruby/object:Gem::Version
-  version: 0.2.1
+  version: 0.2.2
 platform: ruby
 authors:
 - Crispy Mountain GmbH
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2020-04-02 00:00:00.000000000 Z
+date: 2020-04-28 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: oj