Skip to content
Open
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions .gitignore
Original file line number Diff line number Diff line change
Expand Up @@ -5,3 +5,4 @@ test/dummy_api/tmp/
test/support/.DS_Store
Gemfile.lock
.DS_Store
.idea
34 changes: 17 additions & 17 deletions lib/jwt_sessions/access_token.rb
Original file line number Diff line number Diff line change
Expand Up @@ -2,26 +2,26 @@

module JWTSessions
class AccessToken
attr_reader :payload, :uid, :expiration, :csrf, :store
attr_reader :payload, :uuid, :expiration, :csrf, :store

def initialize(csrf, payload, store, uid = SecureRandom.uuid, expiration = JWTSessions.access_expiration)
def initialize(csrf, payload, store, uuid = SecureRandom.uuid, expiration = JWTSessions.access_expiration)
@csrf = csrf
@uid = uid
@uuid = uuid
@expiration = expiration
@payload = payload.merge("uid" => uid, "exp" => expiration.to_i)
@payload = payload.merge("uuid" => uuid, "exp" => expiration.to_i)
@store = store
end

def destroy
store.destroy_access(uid)
store.destroy_access(uuid)
end

def refresh_uid=(uid)
self.payload["ruid"] = uid
def refresh_uuid=(uuid)
self.payload["ruuid"] = uuid
end

def refresh_uid
payload["ruid"]
def refresh_uuid
payload["ruuid"]
end

def token
Expand All @@ -31,27 +31,27 @@ def token
class << self
def create(csrf, payload, store, expiration = JWTSessions.access_expiration)
new(csrf, payload, store, SecureRandom.uuid, expiration).tap do |inst|
store.persist_access(inst.uid, inst.csrf, inst.expiration)
store.persist_access(inst.uuid, inst.csrf, inst.expiration)
end
end

def destroy(uid, store)
store.destroy_access(uid)
def destroy(uuid, store)
store.destroy_access(uuid)
end

# AccessToken's find method cannot be used to retrieve token's payload
# or any other information but is intended to identify if the token is present
# and to retrieve session's CSRF token
def find(uid, store)
token_attrs = store.fetch_access(uid)
def find(uuid, store)
token_attrs = store.fetch_access(uuid)
raise Errors::Unauthorized, "Access token not found" if token_attrs.empty?
build_with_token_attrs(store, uid, token_attrs)
build_with_token_attrs(store, uuid, token_attrs)
end

private

def build_with_token_attrs(store, uid, token_attrs)
new(token_attrs[:csrf], {}, store, uid)
def build_with_token_attrs(store, uuid, token_attrs)
new(token_attrs[:csrf], {}, store, uuid)
end
end
end
Expand Down
17 changes: 9 additions & 8 deletions lib/jwt_sessions/authorization.rb
Original file line number Diff line number Diff line change
Expand Up @@ -67,15 +67,15 @@ def should_check_csrf?
end

def request_headers
raise Errors::Malconfigured, "request_headers is not implemented"
raise Errors::Malconfigured, 'request_headers is not implemented'
end

def request_cookies
raise Errors::Malconfigured, "request_cookies is not implemented"
raise Errors::Malconfigured, 'request_cookies is not implemented'
end

def request_method
raise Errors::Malconfigured, "request_method is not implemented"
raise Errors::Malconfigured, 'request_method is not implemented'
end

def valid_csrf_token?(csrf_token, token_type)
Expand All @@ -98,20 +98,21 @@ def cookie_based_auth(token_type)

def retrieve_csrf
token = request_headers[JWTSessions.csrf_header]
raise Errors::Unauthorized, "CSRF token is not found" unless token
raise Errors::Unauthorized, 'CSRF token is not found' unless token
token
end

def token_from_headers(token_type)
raw_token = request_headers[JWTSessions.header_by(token_type)] || ""
token = raw_token.split(" ")[-1]
raise Errors::Unauthorized, "Token is not found" unless token
raw_token = request_headers[JWTSessions.header_by(token_type)] || ''
raw_token = request_headers.env[JWTSessions.header_by(token_type)] || '' unless raw_token.present?
token = raw_token.split(' ')[-1]
raise Errors::Unauthorized, 'Token is not found' unless token
token
end

def token_from_cookies(token_type)
token = request_cookies[JWTSessions.cookie_by(token_type)]
raise Errors::Unauthorized, "Token is not found" unless token
raise Errors::Unauthorized, 'Token is not found' unless token
token
end

Expand Down
2 changes: 1 addition & 1 deletion lib/jwt_sessions/rails_authorization.rb
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,7 @@ def request_cookies
end

def request_method
request.method
request.request_method
end
end
end
55 changes: 31 additions & 24 deletions lib/jwt_sessions/refresh_token.rb
Original file line number Diff line number Diff line change
Expand Up @@ -2,28 +2,28 @@

module JWTSessions
class RefreshToken
attr_reader :expiration, :uid, :token, :csrf, :access_uid, :access_expiration, :store, :namespace
attr_reader :expiration, :uuid, :token, :csrf, :access_uuid, :access_expiration, :store, :namespace

def initialize(csrf,
access_uid,
access_uuid,
access_expiration,
store,
options = {})
@csrf = csrf
@access_uid = access_uid
@access_uuid = access_uuid
@access_expiration = access_expiration
@store = store
@uid = options.fetch(:uid, nil) || SecureRandom.uuid
@uuid = options.fetch(:uuid, nil) || SecureRandom.uuid
@expiration = options.fetch(:expiration, nil) || JWTSessions.refresh_expiration
@namespace = options.fetch(:namespace, nil)
@token = Token.encode(options.fetch(:payload, {}).merge("uid" => uid, "exp" => expiration.to_i))
@token = Token.encode(options.fetch(:payload, {}).merge("uuid" => uuid, "exp" => expiration.to_i))
end

class << self
def create(csrf, access_uid, access_expiration, store, payload, namespace, expiration = JWTSessions.refresh_expiration)
def create(csrf, access_uuid, access_expiration, store, payload, namespace, expiration = JWTSessions.refresh_expiration)
inst = new(
csrf,
access_uid,
access_uuid,
access_expiration,
store,
payload: payload,
Expand All @@ -36,63 +36,70 @@ def create(csrf, access_uid, access_expiration, store, payload, namespace, expir

def all(namespace, store)
tokens = store.all_refresh_tokens(namespace)
tokens.map do |uid, token_attrs|
build_with_token_attrs(store, uid, token_attrs, namespace)
tokens.map do |uuid, token_attrs|
build_with_token_attrs(store, uuid, token_attrs, namespace)
end
end

# first_match should be set to true when
# we need to search through the all namespaces
def find(uid, store, namespace = nil, first_match: false)
token_attrs = store.fetch_refresh(uid, namespace, first_match)
def find(uuid, store, namespace = nil, first_match: false)
token_attrs = store.fetch_refresh(uuid, namespace, first_match)
raise Errors::Unauthorized, "Refresh token not found" if token_attrs.empty?
build_with_token_attrs(store, uid, token_attrs, namespace)
build_with_token_attrs(store, uuid, token_attrs, namespace)
end

def destroy(uid, store, namespace)
store.destroy_refresh(uid, namespace)
def destroy(uuid, store, namespace)
store.destroy_refresh(uuid, namespace)
end

private

def build_with_token_attrs(store, uid, token_attrs, namespace)
def build_with_token_attrs(store, uuid, token_attrs, namespace)
new(
token_attrs[:csrf],
token_attrs[:access_uid],
token_attrs[:access_uuid],
token_attrs[:access_expiration],
store,
namespace: namespace,
payload: {},
uid: uid,
uuid: uuid,
expiration: token_attrs[:expiration]
)
end
end

def update(access_uid, access_expiration, csrf)
def update(access_uuid, access_expiration, csrf)
@csrf = csrf
@access_uid = access_uid
@access_uuid = access_uuid
@access_expiration = access_expiration
store.update_refresh(
uid: uid,
uuid: uuid,
access_expiration: access_expiration,
access_uid: access_uid,
access_uuid: access_uuid,
csrf: csrf,
namespace: namespace
)
end

def update_expiry(uuid, expiration)
store.update_refresh_expiry(
uuid: uuid,
expiration: expiration
)
end

def destroy
store.destroy_refresh(uid, namespace)
store.destroy_refresh(uuid, namespace)
end

private

def persist_in_store
store.persist_refresh(
uid: uid,
uuid: uuid,
access_expiration: access_expiration,
access_uid: access_uid,
access_uuid: access_uuid,
csrf: csrf,
expiration: expiration,
namespace: namespace
Expand Down
Loading