Updated to Joken 0.11.0. Now reading from joken config, it exists

CHANGELOG.md

@@ -0,0 +1,8 @@
+#v0.6.0
+
+* Enhancements
+  * Updated to Joken 0.11
+  * Will now read from joken config block if there. If not will still used paramters set on plug. Parameters set on the plug will override any parameters in the joken configuration.
+
+* Breaking
+  * `secret` is now `secret_key`

README.md

@@ -5,12 +5,21 @@ A JWT Plug
 
 Usage:
 
-```
-    plug PlugJwt, secret: "secret", claims: %{aud: "spiderman"}, json_module: TestJsx
+```elixir
+#When reading from joken config block
+plug PlugJwt
+
+#or parameters can be set directly and override the configurations in the joken config block
+plug PlugJwt, secret_key: "secret", claims: %{aud: "spiderman"}, json_module: TestJsx, algorithm: :HS256
 ```
 
 Parameters:
 
-* secret: The secret used to encode and verify the token
-* json_module: The module that implements `Joken.Codec`
+PlugJWT will attempt to read from your joken config block. Settings can also be placed on the Plug itself
+which overrides the joken configuration
+
+
+* secret_key: The secret used to encode and verify the token
+* json_module: The module that implements Joken.Codec
+* algorithm (optional): The algorithm used to encode the token. Default: :HS256
 * claims (optional):  A map containing aud, iss, and sub values to verify if needed. Default: %{}

config/config.exs

@@ -21,4 +21,7 @@ use Mix.Config
 # Configuration from the imported file will override the ones defined
 # here (which is why it is important to import them last).
 #
-#     import_config "#{Mix.env}.exs"
+
+if Mix.env == :test do
+  import_config "test.exs"
+end

config/test.exs

@@ -0,0 +1,7 @@
+# This file is responsible for configuring your application
+# and its dependencies with the aid of the Mix.Config module.
+use Mix.Config
+
+config :joken,
+  secret_key: "test",
+  json_module: PlugJwtRouterTest.TestJsx

lib/plug_jwt.ex

@@ -5,24 +5,33 @@ defmodule PlugJwt do
     Usage:
 
     ```
-        plug PlugJwt, secret: "secret", claims: %{aud: "spiderman"}, json_module: TestJsx
+        #When reading from joken config block
+        plug PlugJwt
+        
+        #or parameters can be set directly and override the configurations in the joken config block
+        plug PlugJwt, secret_key: "secret", claims: %{aud: "spiderman"}, json_module: TestJsx, algorithm: :HS256
     ```
 
     Parameters:
+    
+    PlugJWT will attempt to read from your joken config block. Settings can also be placed on the Plug itself
+    which overrides the joken configuration
 
-    * secret: The secret used to encode and verify the token
+
+    * secret_key: The secret used to encode and verify the token
     * json_module: The module that implements Joken.Codec
+    * algorithm (optional): The algorithm used to encode the token. Default: :HS256
     * claims (optional):  A map containing aud, iss, and sub values to verify if needed. Default: %{}
   """
   import Plug.Conn
 
   def init(opts) do
-    secret = Keyword.fetch!(opts, :secret)
-    json_module = Keyword.fetch!(opts, :json_module)
-    claims = Keyword.get(opts, :claims, %{})
-    algorithm = Application.get_env(:joken, :algorithm, :HS256)
+    secret = Keyword.get(opts, :secret_key, Application.get_env(:joken, :secret_key))
+    json_module = Keyword.get(opts, :json_module, Application.get_env(:joken, :json_module))
+    claims = Keyword.get(opts, :claims, Application.get_env(:joken, :claims, %{}))
+    algorithm = Keyword.get(opts, :algorithm,  Application.get_env(:joken, :algorithm, :HS256))
 
-    {secret, json_module, claims}
+    {secret, json_module, algorithm, claims}
   end
 
   def call(conn, config) do
@@ -38,7 +47,7 @@ defmodule PlugJwt do
     end
   end
 
-  defp parse_auth(conn, _, {_secret, json_module, _claims}) do
+  defp parse_auth(conn, _, {_secret, json_module, _algorithm, _claims}) do
     create_401_response(conn, "Unauthorized", json_module)
   end
 

mix.exs

@@ -3,20 +3,20 @@ defmodule PlugJwt.Mixfile do
 
   def project do
     [app: :plug_jwt,
-     version: "0.5.0",
+     version: "0.6.0",
      elixir: "~> 1.0.0",
      description: description,
      package: package,
      deps: deps]
   end
 
   def application do
-    [applications: [:logger, :joken, :plug, :cowboy, :jsx]]
+    [applications: [:logger, :joken, :plug, :cowboy]]
   end
 
   defp deps do
     [
-      {:joken, "~> 0.10"},
+      {:joken, "~> 0.11"},
       {:plug, ">= 0.7.0"},
       {:cowboy, "~> 1.0.0"},
       {:jsx, "~> 2.1.1",  only: :test}

mix.lock

@@ -1,7 +1,7 @@
 %{"cowboy": {:hex, :cowboy, "1.0.0"},
   "cowlib": {:hex, :cowlib, "1.0.1"},
   "jazz": {:package, "0.2.1"},
-  "joken": {:hex, :joken, "0.10.0"},
+  "joken": {:hex, :joken, "0.11.0"},
   "jsx": {:hex, :jsx, "2.1.1"},
   "plug": {:hex, :plug, "0.11.1"},
   "ranch": {:hex, :ranch, "1.0.0"},

test/plug_jwt_router_test.exs

@@ -20,7 +20,7 @@ defmodule PlugJwtRouterTest do
     import Plug.Conn
     use Plug.Router
 
-    plug PlugJwt, secret: "secret", json_module: TestJsx
+    plug PlugJwt, secret_key: "secret", json_module: TestJsx
     plug :match
     plug :dispatch
 
@@ -31,12 +31,29 @@ defmodule PlugJwtRouterTest do
     end
   end
 
-  defp call(conn) do
-    TestRouterPlug.call(conn, [])
+  defmodule TestRouterPlugFromConfig do
+    import Plug.Conn
+    use Plug.Router
+
+    plug PlugJwt
+    plug :match
+    plug :dispatch
+
+    get "/" do
+      conn
+      |> put_resp_content_type("text/plain")
+      |> send_resp(200, "Hello Tester")
+    end
   end
 
   test "Sends 401 when credentials are missing" do
-    conn = conn(:get, "/") |> call
+    conn = conn(:get, "/") |> TestRouterPlug.call([])
+    assert conn.status == 401
+    assert conn.resp_body == "{\"description\":\"Unauthorized\",\"error\":\"Unauthorized\",\"status_code\":401}"
+  end
+
+  test "Sends 401 when credentials are missing (settings from config)" do
+    conn = conn(:get, "/") |> TestRouterPlugFromConfig.call([])
     assert conn.status == 401
     assert conn.resp_body == "{\"description\":\"Unauthorized\",\"error\":\"Unauthorized\",\"status_code\":401}"
   end
@@ -46,15 +63,33 @@ defmodule PlugJwtRouterTest do
     {:ok, token} = Joken.Token.encode("secret", TestJsx, payload)
 
     auth_header = "Bearer " <> token
-    conn = conn(:get, "/", [], headers: [{"authorization", auth_header}]) |> call
+    conn = conn(:get, "/", [], headers: [{"authorization", auth_header}]) |> TestRouterPlug.call([])
+    assert conn.status == 200
+    assert conn.resp_body == "Hello Tester"
+    assert conn.assigns.claims == %{admin: true, name: "John Doe", sub: 1234567890}
+  end
+
+  test "Passes connection and assigns claims when JWT token is valid (settings from config)" do
+    payload = %{ sub: 1234567890, name: "John Doe", admin: true }
+    {:ok, token} = Joken.Token.encode("test", TestJsx, payload)
+
+    auth_header = "Bearer " <> token
+    conn = conn(:get, "/", [], headers: [{"authorization", auth_header}]) |> TestRouterPlugFromConfig.call([])
     assert conn.status == 200
     assert conn.resp_body == "Hello Tester"
     assert conn.assigns.claims == %{admin: true, name: "John Doe", sub: 1234567890}
   end
 
   test "Send 401 when invalid token sent" do
     incorrect_credentials = "Bearer " <> "Not a token"
-    conn = conn(:get, "/", [], headers: [{"authorization", incorrect_credentials}]) |> call
+    conn = conn(:get, "/", [], headers: [{"authorization", incorrect_credentials}]) |> TestRouterPlug.call([])
+    assert conn.status == 401
+    assert conn.resp_body == "{\"description\":\"Invalid JSON Web Token\",\"error\":\"Unauthorized\",\"status_code\":401}"
+  end
+
+  test "Send 401 when invalid token sent (settings from config)" do
+    incorrect_credentials = "Bearer " <> "Not a token"
+    conn = conn(:get, "/", [], headers: [{"authorization", incorrect_credentials}]) |> TestRouterPlugFromConfig.call([])
     assert conn.status == 401
     assert conn.resp_body == "{\"description\":\"Invalid JSON Web Token\",\"error\":\"Unauthorized\",\"status_code\":401}"
   end