Skip to content

Instantly share code, notes, and snippets.

@snatchev
Last active May 15, 2018 21:14
Show Gist options
  • Save snatchev/bb74ca33bbc87048769b2d4241cb524a to your computer and use it in GitHub Desktop.
Save snatchev/bb74ca33bbc87048769b2d4241cb524a to your computer and use it in GitHub Desktop.
diff --git a/app/features-json/middleware/jwt_auth.rb b/app/features-json/middleware/jwt_auth.rb
index e6c1f15..9d0e1a1 100644
--- a/app/features-json/middleware/jwt_auth.rb
+++ b/app/features-json/middleware/jwt_auth.rb
@@ -5,14 +5,19 @@ require "jwt"
module FastlaneCI
# API Middleware responsible of authenticate all the requests that uses it.
class JwtAuth
- def initialize(app)
+ def initialize(app, encryption_key=nil)
@app = app
+ @encryption_key = encryption_key || FastlaneCI.dot_keys.encryption_key
end
def call(env)
options = { algorithm: "HS256", iss: "fastlane.ci" }
bearer = env.fetch("HTTP_AUTHORIZATION", "").slice(7..-1)
- payload, = JWT.decode(bearer, FastlaneCI.dot_keys.encryption_key, true, options)
+ payload = JWT.decode(bearer, @encryption_key, true, options)
env[:user] = payload["user"]
diff --git a/spec/features-json/jwt_auth_spec.rb b/spec/features-json/jwt_auth_spec.rb
index 014beb6..156fad8 100644
--- a/spec/features-json/jwt_auth_spec.rb
+++ b/spec/features-json/jwt_auth_spec.rb
@@ -2,25 +2,23 @@ require "spec_helper"
require "app/features-json/middleware/jwt_auth"
describe FastlaneCI::JwtAuth do
- let(:app) { ->(env) { [200, env, "app"] } }
- let(:middleware) { described_class.new(app) }
+ let(:inner_app) { ->(env) { [200, env, "app"] } }
+ let(:app) { described_class.new(inner_app, 'fastlane-ci-test') }
context "Client makes a request without authentication headers" do
- let(:request) { Rack::MockRequest.new(middleware) }
- let(:response) { request.get("/buy/tacos") }
-
it "Returns a 401 status" do
- expect(response.status).to eql(401)
+ get("/buy/tacos")
+ expect(last_response.status).to eql(401)
end
end
context "Client makes a request with an expired authentication token" do
- let(:request) { Rack::MockRequest.new(middleware) }
- let(:expired_header) { { "HTTP_AUTHORIZATION": "Bearer eyJhbGciOiJIUzI1NiJ9.eyJleHAiOjExNjM5MjYxLCJpYXQiOjExNjM5MjYxLCJpc3MiOiJmYXN0bGFuZS5jaSJ9._wzA6VzEuex1wJZctYHk94lCDMydOIe7scENvsCqTes" } }
- let(:response) { request.get("/buy/tacos", expired_header) }
+ let(:expired_authorization) { "Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxfQ.TXYts14isvWhsq6hOAAAclQQ2T9DgR8_hmezC-4wrJQ" }
it "Returns a 403 status" do
- expect(response.status).to eql(403)
+ header('Authorization', expired_authorization)
+ get("/buy/tacos")
+ expect(last_response.status).to eql(403)
end
end
end
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment