zaikio-jwt_auth 1.0.1 → 1.0.2

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 4103bf1e59a9fa8a68a868c33d785082993255fe24616a01c1113a5a8026dcfe
4
- data.tar.gz: e0be8641749a07f97620c73a56a97211ba51e9fe4f9dc6e1bdbaa5dd0422b0e3
3
+ metadata.gz: 7b3b79eed92b123729aea0048bfcd019ca98bb914430a5d8cd1f081241ef3752
4
+ data.tar.gz: d148777cff0767854dfedd703eaf55713666fd6e96d2551f6cd68103f59f52bc
5
5
  SHA512:
6
- metadata.gz: 28c8d6ea0b394450f7ae0027e9388fca1a9bd449213b6825356c65452e8a3efa4ab670802537cf9e08146d8a6980b5cbb22f2efa5cdec4c4b271b4c02b759fcf
7
- data.tar.gz: 647aa957f6e7d82ca26b50169fd265b30e144dcef5a26a8273e786c388569ac09babed909a1ddf295255df404f097bc5a867ff5520920d81f37ae4a48a5c60da
6
+ metadata.gz: 891bf2b7f94f9ee25878ebd46e49e7e2fcf8e7472d2688e9c00716241199b78ad2d57c14a5ac3b0ff9605ce1059c8be2285c9d97513a192c1eb989ab8ba1ed65
7
+ data.tar.gz: d44a02245269d8693380ba6a6e7a389214582848b3264ae5fc2b11678c8d2ba5bb2f77781bb63c85e4c110ec08490fd0f87c309b1770253388a7b76707107d87
data/README.md CHANGED
@@ -63,6 +63,24 @@ end
63
63
 
64
64
  By convention, `authorize_by_jwt_scopes` automatically maps all CRUD actions in a controller. Requests for `show` and `index` with a read or read_write scope are allowed. All other actions like `create`, `update` and `destroy` are accepted if the scope is a write or read_write scope. Therefore it is strongly recommended to always create standard Rails resources. If a custom action is required, you will need to authorize yourself using the `after_jwt_auth`.
65
65
 
66
+ Both of these behaviours are automatically inherited by child classes, for example:
67
+
68
+ ```ruby
69
+ class API::ChildController < API::ResourcesController
70
+ end
71
+
72
+ API::ChildController.authorize_by_jwt_subject_type
73
+ #=> "Organization"
74
+ ```
75
+
76
+ You can always override the behaviour in children if needed:
77
+
78
+ ```ruby
79
+ class API::ChildController < API::ResourcesController
80
+ authorize_by_jwt_subject_type nil
81
+ end
82
+ ```
83
+
66
84
  #### Modifying required scopes
67
85
  If you nonetheless want to change the required scopes for CRUD routes, you can use the `type` option which accepts the following values: `:read`, `:write`, `:read_write`
68
86
 
@@ -56,21 +56,27 @@ module Zaikio
56
56
 
57
57
  data
58
58
  rescue Errno::ECONNREFUSED, Net::ReadTimeout, BadResponseError
59
- Zaikio::JWTAuth.configuration.logger.info("Error updating DirectoryCache(#{directory_path}), enqueueing job to update")
59
+ Zaikio::JWTAuth.configuration.logger
60
+ .info("Error updating DirectoryCache(#{directory_path}), enqueueing job to update")
60
61
  UpdateJob.set(wait: 10.seconds).perform_later(directory_path)
61
62
  nil
62
63
  end
63
64
 
64
65
  def fetch_from_directory(directory_path)
65
- uri = URI("#{Zaikio::JWTAuth.configuration.host}/#{directory_path}")
66
- http = Net::HTTP.new(uri.host, uri.port)
67
- http.use_ssl = uri.scheme == "https"
68
- response = http.request(Net::HTTP::Get.new(uri.request_uri))
66
+ response = make_http_request(directory_path)
67
+
69
68
  raise BadResponseError unless (200..299).cover?(response.code.to_i)
70
69
  raise BadResponseError unless response["content-type"].to_s.include?("application/json")
71
70
 
72
71
  Oj.load(response.body)
73
72
  end
73
+
74
+ def make_http_request(directory_path)
75
+ uri = URI("#{Zaikio::JWTAuth.configuration.host}/#{directory_path}")
76
+ http = Net::HTTP.new(uri.host, uri.port)
77
+ http.use_ssl = uri.scheme == "https"
78
+ http.request(Net::HTTP::Get.new(uri.request_uri))
79
+ end
74
80
  end
75
81
  end
76
82
  end
@@ -1,5 +1,5 @@
1
1
  module Zaikio
2
2
  module JWTAuth
3
- VERSION = "1.0.1".freeze
3
+ VERSION = "1.0.2".freeze
4
4
  end
5
5
  end
@@ -45,7 +45,7 @@ module Zaikio
45
45
  end
46
46
 
47
47
  def self.mocked_jwt_payload
48
- @mocked_jwt_payload
48
+ instance_variable_defined?(:@mocked_jwt_payload) && @mocked_jwt_payload
49
49
  end
50
50
 
51
51
  def self.mocked_jwt_payload=(payload)
@@ -67,8 +67,12 @@ module Zaikio
67
67
  end
68
68
 
69
69
  module ClassMethods
70
- def authorize_by_jwt_subject_type(type = nil)
71
- @authorize_by_jwt_subject_type ||= type
70
+ def authorize_by_jwt_subject_type(type = :_not_given_)
71
+ if type != :_not_given_
72
+ @authorize_by_jwt_subject_type = type
73
+ elsif instance_variable_defined?(:@authorize_by_jwt_subject_type)
74
+ @authorize_by_jwt_subject_type
75
+ end
72
76
  end
73
77
 
74
78
  def authorize_by_jwt_scopes(scopes = nil, options = {})
@@ -78,6 +82,13 @@ module Zaikio
78
82
 
79
83
  @authorize_by_jwt_scopes
80
84
  end
85
+
86
+ def inherited(child)
87
+ super(child)
88
+
89
+ child.instance_variable_set(:@authorize_by_jwt_subject_type, @authorize_by_jwt_subject_type)
90
+ child.instance_variable_set(:@authorize_by_jwt_scopes, @authorize_by_jwt_scopes)
91
+ end
81
92
  end
82
93
 
83
94
  module InstanceMethods
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: zaikio-jwt_auth
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.0.1
4
+ version: 1.0.2
5
5
  platform: ruby
6
6
  authors:
7
7
  - crispymtn
@@ -10,7 +10,7 @@ authors:
10
10
  autorequire:
11
11
  bindir: bin
12
12
  cert_chain: []
13
- date: 2021-04-28 00:00:00.000000000 Z
13
+ date: 2022-04-22 00:00:00.000000000 Z
14
14
  dependencies:
15
15
  - !ruby/object:Gem::Dependency
16
16
  name: activejob
@@ -113,7 +113,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
113
113
  - !ruby/object:Gem::Version
114
114
  version: '0'
115
115
  requirements: []
116
- rubygems_version: 3.1.4
116
+ rubygems_version: 3.3.11
117
117
  signing_key:
118
118
  specification_version: 4
119
119
  summary: JWT-Based authentication and authorization with zaikio