snatchev · May 15, 2018 21:14
diff --git a/jwt_auth_spec.rb.diff b/jwt_auth_spec.rb.diff
 diff --git a/app/features-json/middleware/jwt_auth.rb b/app/features-json/middleware/jwt_auth.rb
 index e6c1f15..9d0e1a1 100644
 --- a/app/features-json/middleware/jwt_auth.rb
 +++ b/app/features-json/middleware/jwt_auth.rb
 @@ -5,14 +5,19 @@ require "jwt"
 module FastlaneCI
   # API Middleware responsible of authenticate all the requests that uses it.
   class JwtAuth
 -    def initialize(app)
 +    def initialize(app, encryption_key=nil)
       @app = app
 +      @encryption_key = encryption_key || FastlaneCI.dot_keys.encryption_key
     end
 
     def call(env)
       options = { algorithm: "HS256", iss: "fastlane.ci" }
       bearer = env.fetch("HTTP_AUTHORIZATION", "").slice(7..-1)
 -      payload, = JWT.decode(bearer, FastlaneCI.dot_keys.encryption_key, true, options)
 +      payload = JWT.decode(bearer, @encryption_key, true, options)
 
       env[:user] = payload["user"]
 
 diff --git a/spec/features-json/jwt_auth_spec.rb b/spec/features-json/jwt_auth_spec.rb
 index 014beb6..156fad8 100644
 --- a/spec/features-json/jwt_auth_spec.rb
 +++ b/spec/features-json/jwt_auth_spec.rb
 @@ -2,25 +2,23 @@ require "spec_helper"
 require "app/features-json/middleware/jwt_auth"
 
 describe FastlaneCI::JwtAuth do
 -  let(:app) { ->(env) { [200, env, "app"] } }
 -  let(:middleware) { described_class.new(app) }
 +  let(:inner_app) { ->(env) { [200, env, "app"] } }
 +  let(:app) { described_class.new(inner_app, 'fastlane-ci-test') }
 
   context "Client makes a request without authentication headers" do
 -    let(:request) { Rack::MockRequest.new(middleware) }
 -    let(:response) { request.get("/buy/tacos") }
 -
     it "Returns a 401 status" do
 -      expect(response.status).to eql(401)
 +      get("/buy/tacos")
 +      expect(last_response.status).to eql(401)
     end
   end
 
   context "Client makes a request with an expired authentication token" do
 -    let(:request) { Rack::MockRequest.new(middleware) }
 -    let(:expired_header) { { "HTTP_AUTHORIZATION": "Bearer eyJhbGciOiJIUzI1NiJ9.eyJleHAiOjExNjM5MjYxLCJpYXQiOjExNjM5MjYxLCJpc3MiOiJmYXN0bGFuZS5jaSJ9._wzA6VzEuex1wJZctYHk94lCDMydOIe7scENvsCqTes" } }
 -    let(:response) { request.get("/buy/tacos", expired_header) }
 +    let(:expired_authorization) { "Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxfQ.TXYts14isvWhsq6hOAAAclQQ2T9DgR8_hmezC-4wrJQ" }
 
     it "Returns a 403 status" do
 -      expect(response.status).to eql(403)
 +      header('Authorization', expired_authorization)
 +      get("/buy/tacos")
 +      expect(last_response.status).to eql(403)
     end
   end
 end
	diff --git a/app/features-json/middleware/jwt_auth.rb b/app/features-json/middleware/jwt_auth.rb
	index e6c1f15..9d0e1a1 100644
	--- a/app/features-json/middleware/jwt_auth.rb
	+++ b/app/features-json/middleware/jwt_auth.rb
	@@ -5,14 +5,19 @@ require "jwt"
	module FastlaneCI
	# API Middleware responsible of authenticate all the requests that uses it.
	class JwtAuth
	- def initialize(app)
	+ def initialize(app, encryption_key=nil)
	@app = app
	+ @encryption_key = encryption_key \|\| FastlaneCI.dot_keys.encryption_key
	end

	def call(env)
	options = { algorithm: "HS256", iss: "fastlane.ci" }
	bearer = env.fetch("HTTP_AUTHORIZATION", "").slice(7..-1)
	- payload, = JWT.decode(bearer, FastlaneCI.dot_keys.encryption_key, true, options)
	+ payload = JWT.decode(bearer, @encryption_key, true, options)

	env[:user] = payload["user"]

	diff --git a/spec/features-json/jwt_auth_spec.rb b/spec/features-json/jwt_auth_spec.rb
	index 014beb6..156fad8 100644
	--- a/spec/features-json/jwt_auth_spec.rb
	+++ b/spec/features-json/jwt_auth_spec.rb
	@@ -2,25 +2,23 @@ require "spec_helper"
	require "app/features-json/middleware/jwt_auth"

	describe FastlaneCI::JwtAuth do
	- let(:app) { ->(env) { [200, env, "app"] } }
	- let(:middleware) { described_class.new(app) }
	+ let(:inner_app) { ->(env) { [200, env, "app"] } }
	+ let(:app) { described_class.new(inner_app, 'fastlane-ci-test') }

	context "Client makes a request without authentication headers" do
	- let(:request) { Rack::MockRequest.new(middleware) }
	- let(:response) { request.get("/buy/tacos") }
	-
	it "Returns a 401 status" do
	- expect(response.status).to eql(401)
	+ get("/buy/tacos")
	+ expect(last_response.status).to eql(401)
	end
	end

	context "Client makes a request with an expired authentication token" do
	- let(:request) { Rack::MockRequest.new(middleware) }
	- let(:expired_header) { { "HTTP_AUTHORIZATION": "Bearer eyJhbGciOiJIUzI1NiJ9.eyJleHAiOjExNjM5MjYxLCJpYXQiOjExNjM5MjYxLCJpc3MiOiJmYXN0bGFuZS5jaSJ9._wzA6VzEuex1wJZctYHk94lCDMydOIe7scENvsCqTes" } }
	- let(:response) { request.get("/buy/tacos", expired_header) }
	+ let(:expired_authorization) { "Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxfQ.TXYts14isvWhsq6hOAAAclQQ2T9DgR8_hmezC-4wrJQ" }

	it "Returns a 403 status" do
	- expect(response.status).to eql(403)
	+ header('Authorization', expired_authorization)
	+ get("/buy/tacos")
	+ expect(last_response.status).to eql(403)
	end
	end
	end