Conform to style guide

Gemfile

@@ -1,7 +1,7 @@
-source 'https://rubygems.org'
+source "https://rubygems.org"
 
-# Specify your gem's dependencies in rack-prx_auth.gemspec
+# Specify your gem"s dependencies in rack-prx_auth.gemspec
 gemspec
 
-gem 'guard'
-gem 'guard-minitest'
+gem "guard"
+gem "guard-minitest"

Guardfile

@@ -4,5 +4,5 @@ guard :minitest, all_after_pass: true do
   watch(%r{^lib/(.+)\.rb}) { |m| "test/#{m[1]}_test.rb" }
   watch(%r{^lib/(.+)\.rb}) { |m| "test/#{m[1]}_test.rb" }
   watch(%r{^test/.+_test\.rb})
-  watch(%r{^test/test_helper\.rb}) { 'test' }
+  watch(%r{^test/test_helper\.rb}) { "test" }
 end

Rakefile

@@ -1,10 +1,10 @@
-require 'bundler/gem_tasks'
-require 'rake'
-require 'rake/testtask'
+require "bundler/gem_tasks"
+require "rake"
+require "rake/testtask"
 
 Rake::TestTask.new do |t|
-  t.libs << 'test'
-  t.pattern = 'test/**/*test.rb'
+  t.libs << "test"
+  t.pattern = "test/**/*test.rb"
 end
 
 require "rubocop/rake_task"

lib/rack/prx_auth.rb

@@ -1,16 +1,16 @@
-require 'json/jwt'
-require 'rack/prx_auth/version'
-require 'rack/prx_auth/certificate'
-require 'rack/prx_auth/token_data'
+require "json/jwt"
+require "rack/prx_auth/version"
+require "rack/prx_auth/certificate"
+require "rack/prx_auth/token_data"
 
 module Rack
   class PrxAuth
     INVALID_TOKEN = [
-      401, {'Content-Type' => 'application/json'},
-      [{status: 401, error: 'Invalid JSON Web Token'}.to_json]
+      401, { "Content-Type" => "application/json" },
+      [{ status: 401, error: "Invalid JSON Web Token" }.to_json]
     ]
 
-    DEFAULT_ISS = 'id.prx.org'
+    DEFAULT_ISS = "id.prx.org"
 
     attr_reader :issuer
 
@@ -21,15 +21,15 @@ def initialize(app, options = {})
     end
 
     def call(env)
-      return @app.call(env) unless env['HTTP_AUTHORIZATION']
+      return @app.call(env) unless env["HTTP_AUTHORIZATION"]
 
-      token = env['HTTP_AUTHORIZATION'].split[1]
+      token = env["HTTP_AUTHORIZATION"].split[1]
       claims = decode_token(token)
 
       return @app.call(env) unless should_validate_token?(claims)
 
       if valid?(claims, token)
-        env['prx.auth'] = TokenData.new(claims)
+        env["prx.auth"] = TokenData.new(claims)
         @app.call(env)
       else
         INVALID_TOKEN
@@ -43,19 +43,17 @@ def valid?(claims, token)
     end
 
     def decode_token(token)
-      begin
-        JSON::JWT.decode(token, :skip_verification)
-      rescue JSON::JWT::InvalidFormat
-        {}
-      end
+      JSON::JWT.decode(token, :skip_verification)
+    rescue JSON::JWT::InvalidFormat
+      {}
     end
 
     def expired?(claims)
-      Time.now.to_i > (claims['iat'] + claims['exp'])
+      Time.now.to_i > (claims["iat"] + claims["exp"])
     end
 
     def should_validate_token?(claims)
-      claims['iss'] == @issuer
+      claims["iss"] == @issuer
     end
   end
 end

lib/rack/prx_auth/certificate.rb

@@ -1,11 +1,11 @@
-require 'json/jwt'
-require 'net/http'
+require "json/jwt"
+require "net/http"
 
 module Rack
   class PrxAuth
     class Certificate
       EXPIRES_IN = 43200
-      DEFAULT_CERT_LOC = URI('https://id.prx.org/api/v1/certs')
+      DEFAULT_CERT_LOC = URI("https://id.prx.org/api/v1/certs")
 
       attr_reader :cert_location
 
@@ -14,13 +14,11 @@ def initialize(cert_uri = nil)
       end
 
       def valid?(token)
-        begin
-          JSON::JWT.decode(token, public_key)
-        rescue JSON::JWT::VerificationFailed
-          false
-        else
-          true
-        end
+        JSON::JWT.decode(token, public_key)
+      rescue JSON::JWT::VerificationFailed
+        false
+      else
+        true
       end
 
       private
@@ -38,7 +36,7 @@ def certificate
 
       def fetch
         certs = JSON.parse(Net::HTTP.get(cert_location))
-        cert_string = certs['certificates'].values[0]
+        cert_string = certs["certificates"].values[0]
         @refresh_at = Time.now.to_i + EXPIRES_IN
         OpenSSL::X509::Certificate.new(cert_string)
       end

lib/rack/prx_auth/token_data.rb

@@ -5,34 +5,34 @@ class TokenData
 
       def initialize(attrs = {})
         @attributes = attrs
-        if attrs['aur']
-          @authorized_resources = unpack_aur(attrs['aur']).freeze
+        if attrs["aur"]
+          @authorized_resources = unpack_aur(attrs["aur"]).freeze
         else
           @authorized_resources = {}.freeze
         end
-        if attrs['scope']
-          @scopes = attrs['scope'].split(' ').freeze
+        if attrs["scope"]
+          @scopes = attrs["scope"].split(" ").freeze
         else
           @scopes = [].freeze
         end
       end
 
       def user_id
-        @attributes['sub']
+        @attributes["sub"]
       end
 
-      def authorized?(resource, scope=nil)
+      def authorized?(resource, scope = nil)
         if auth = authorized_resources[resource.to_s]
-          scope.nil? || (scopes + auth.split(' ')).include?(scope.to_s)
+          scope.nil? || (scopes + auth.split(" ")).include?(scope.to_s)
         end
       end
 
       private
 
       def unpack_aur(aur)
         aur.clone.tap do |result|
-          unless result['$'].nil?
-            result.delete('$').each do |role, resources|
+          unless result["$"].nil?
+            result.delete("$").each do |role, resources|
               resources.each do |res|
                 result[res.to_s] = role
               end

rack-prx_auth.gemspec

@@ -1,15 +1,15 @@
 # coding: utf-8
-lib = File.expand_path('../lib', __FILE__)
+lib = File.expand_path("../lib", __FILE__)
 $LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
-require 'rack/prx_auth/version'
+require "rack/prx_auth/version"
 
 Gem::Specification.new do |spec|
   spec.name          = "rack-prx_auth"
   spec.version       = Rack::PrxAuth::VERSION
   spec.authors       = ["Eve Asher", "Chris Rhoden"]
   spec.email         = ["eve@prx.org", "carhoden@gmail.com"]
-  spec.summary       = %q{Rack middleware that verifies and decodes a JWT token and attaches the token's claims to env.}
-  spec.description   = %q{Specific to PRX. Will ignore tokens that were not issued by PRX.}
+  spec.summary       = "Rack middleware that verifies and decodes a JWT token and attaches the token's claims to env."
+  spec.description   = "Specific to PRX. Will ignore tokens that were not issued by PRX."
   spec.homepage      = "https://github.com/PRX/rack-prx_auth"
   spec.license       = "MIT"
 
@@ -18,12 +18,12 @@ Gem::Specification.new do |spec|
   spec.test_files    = spec.files.grep(%r{^test/})
   spec.require_paths = ["lib"]
 
-  spec.add_development_dependency 'bundler', '~> 1.3'
-  spec.add_development_dependency 'rake', '~> 10.0'
-  spec.add_development_dependency 'coveralls', '~> 0'
+  spec.add_development_dependency "bundler", "~> 1.3"
+  spec.add_development_dependency "rake", "~> 10.0"
+  spec.add_development_dependency "coveralls", "~> 0"
   spec.add_development_dependency "rubocop", "~> 0"
 
-  spec.add_dependency 'rack', '~> 1.5', '>= 1.5.2'
-  spec.add_dependency 'json', '~> 1.8', '>= 1.8.1'
-  spec.add_dependency 'json-jwt', '~> 1.0', '>= 1.0.1'
+  spec.add_dependency "rack", "~> 1.5", ">= 1.5.2"
+  spec.add_dependency "json", "~> 1.8", ">= 1.8.1"
+  spec.add_dependency "json-jwt", "~> 1.0", ">= 1.0.1"
 end

test/rack/prx_auth/certificate_test.rb

@@ -1,25 +1,26 @@
-require 'test_helper'
+require "test_helper"
 
 describe Rack::PrxAuth::Certificate do
   let(:subject) { Rack::PrxAuth::Certificate.new }
   let(:certificate) { subject }
 
-  describe '#initialize' do
-    it 'allows setting the location of the certificates' do
-      cert = Rack::PrxAuth::Certificate.new('http://example.com')
-      cert.cert_location.must_equal URI('http://example.com')
+  describe "#initialize" do
+    it "allows setting the location of the certificates" do
+      cert = Rack::PrxAuth::Certificate.new("http://example.com")
+      cert.cert_location.must_equal URI("http://example.com")
     end
 
-    it 'defaults to DEFAULT_CERT_LOC' do
+    it "defaults to DEFAULT_CERT_LOC" do
       certificate.cert_location.must_equal Rack::PrxAuth::Certificate::DEFAULT_CERT_LOC
     end
   end
 
-  describe '#valid?' do
-    it 'validates the token with the public key' do
-      token, key = nil, nil
+  describe "#valid?" do
+    it "validates the token with the public key" do
+      token = nil
+      key = nil
       certificate.stub(:public_key, :public_key) do
-        JSON::JWT.stub(:decode, Proc.new {|t, k| token, key = t, k }) do
+        JSON::JWT.stub(:decode, Proc.new { |t, k| token, key = t, k }) do
           certificate.valid?(:token)
         end
       end
@@ -28,8 +29,8 @@
       key.must_equal :public_key
     end
 
-    it 'returns false if verification fails' do
-      JSON::JWT.stub(:decode, Proc.new do |t, k|
+    it "returns false if verification fails" do
+      JSON::JWT.stub(:decode, Proc.new do |_t, _k|
         raise JSON::JWT::VerificationFailed
       end) do
         certificate.stub(:public_key, :foo) do
@@ -38,7 +39,7 @@
       end
     end
 
-    it 'returns true if verification passes' do
+    it "returns true if verification passes" do
       JSON::JWT.stub(:decode, {}) do
         certificate.stub(:public_key, :foo) do
           certificate.must_be :valid?, :token
@@ -47,8 +48,8 @@
     end
   end
 
-  describe '#certificate' do
-    it 'calls fetch if unprimed' do
+  describe "#certificate" do
+    it "calls fetch if unprimed" do
       def certificate.fetch
         :sigil
       end
@@ -57,16 +58,16 @@ def certificate.fetch
     end
   end
 
-  describe '#public_key' do
-    it 'pulls from the certificate' do
+  describe "#public_key" do
+    it "pulls from the certificate" do
       certificate.stub(:certificate, Struct.new(:public_key).new(:key)) do
         certificate.send(:public_key).must_equal :key
       end
     end
   end
 
-  describe '#fetch' do
-    it 'pulls from `#cert_location`' do
+  describe "#fetch" do
+    it "pulls from `#cert_location`" do
       Net::HTTP.stub(:get, ->(x) { "{\"certificates\":{\"asdf\":\"#{x}\"}}" }) do
         OpenSSL::X509::Certificate.stub(:new, ->(x) { x }) do
           certificate.stub(:cert_location, "a://fake.url/here") do
@@ -76,7 +77,7 @@ def certificate.fetch
       end
     end
 
-    it 'sets the expiration value' do
+    it "sets the expiration value" do
       Net::HTTP.stub(:get, ->(x) { "{\"certificates\":{\"asdf\":\"#{x}\"}}" }) do
         OpenSSL::X509::Certificate.stub(:new, ->(_) { Struct.new(:not_after).new(Time.now + 10000) }) do
           certificate.send :certificate
@@ -86,41 +87,41 @@ def certificate.fetch
     end
   end
 
-  describe '#expired?' do
+  describe "#expired?" do
     let(:stub_cert) { Struct.new(:not_after).new(Time.now + 10000) }
     before(:each) do
-      certificate.instance_variable_set :'@certificate', stub_cert
+      certificate.instance_variable_set :"@certificate", stub_cert
     end
 
-    it 'is false when the certificate is not expired' do
+    it "is false when the certificate is not expired" do
       certificate.wont_be :expired?
     end
 
-    it 'is true when the certificate is expired' do
+    it "is true when the certificate is expired" do
       stub_cert.not_after = Time.now - 500
       certificate.must_be :expired?
     end
   end
 
-  describe '#needs_refresh?' do
+  describe "#needs_refresh?" do
     def refresh_at=(time)
-      certificate.instance_variable_set :'@refresh_at', time
+      certificate.instance_variable_set :"@refresh_at", time
     end
 
-    it 'is true if certificate is expired' do
+    it "is true if certificate is expired" do
       certificate.stub(:expired?, true) do
         certificate.must_be :needs_refresh?
       end
     end
 
-    it 'is true if we are past refresh value' do
+    it "is true if we are past refresh value" do
       self.refresh_at = Time.now.to_i - 1000
       certificate.stub(:expired?, false) do
         certificate.must_be :needs_refresh?
       end
     end
 
-    it 'is false if certificate is not expired and refresh is in the future' do
+    it "is false if certificate is not expired and refresh is in the future" do
       self.refresh_at = Time.now.to_i + 10000
       certificate.stub(:expired?, false) do
         certificate.wont_be :needs_refresh?