Changelog

All notable changes to this project will be documented in this file.

[0.17.0] - 2026-06-11

Added

feat(authentication): expose gateway_login_path view helper
feat(authentication): add login redirect authentication helper

[0.16.0] - 2026-06-11

Added

feat(test-helpers): add anonymous gateway headers builder
feat(authentication): add anonymous request helpers

Documentation

docs(readme): document anonymous requests

Tests

test(middleware): pin acceptance of anonymous signed requests

[0.15.0] - 2026-05-26

Added

feat(omniauth): translate known error codes, drop raw-code display
feat: omniauth error landing page for SSR tenants

CI

ci(main): drop github.actor from BUNDLE_RUBYGEMS auth username
ci(workflows): bump remaining ci-workflows pins from @v4 to @v5
ci: bump ci-workflows to @v5 (multi-gem-capable reusables)
ci: bump ci-workflows v2 → v3, drop namespace :doc Rakefile boilerplate
ci: migrate dev/CI tools to fluence-ci-tools meta-gem
ci: grant packages: read on @v2 wrappers (fix startup_failure)
ci: bump remaining ci-workflows wrappers from @v1 to @v2

Documentation

docs: locales live under lib/, not config/, in this gem
docs: align Railtie / OmniauthController comments with actual behaviour
docs(contributing): refresh CI section to match the real workflow set

Fixed

fix(omniauth): constrain @error shape to block i18n hash leak
fix(omniauth): prepend route so host wildcards cannot shadow it
fix(omniauth): disable host application layout
fix(omniauth): i18n + yardstick doc fixes

Other

chore: migrate to ci-workflows v4 (FLUENCE_BOT naming)

[0.14.0] - 2026-04-28

Added

feat(railtie): auto-whitelist fluence cable origins in development

CI

ci: add workflow_dispatch to publish.yml for manual republish
ci: bump release.yml to @v2 and forward RELEASE_APP_PRIVATE_KEY
ci: pin reek/flog/flay versions to stabilize codequality deltas
ci: add codequality workflow (reek + flog + flay, advisory)
ci: pin yard/yardstick versions to stabilize docs deltas
ci: forward FLUENCE_CI_BOT_PRIVATE_KEY to author sticky comments as App
ci: drop FLUENCE_CI_BOT_PRIVATE_KEY forwarding (no longer needed)
ci(release): document paths filter invariant (match client/mosaic)
ci: skip SimpleCov on matrix runs (coverage produced by coverage-measure)
ci: fix docs-pr startup + keep 4.0 in matrix for eager_load
ci: add rubocop-measure.yml + rubocop-pr.yml, drop 4.0/latest from matrix
ci: add coverage-measure.yml + coverage-pr.yml (symmetric with docs)
ci: add docs-measure.yml for yardstick baseline on main push
ci: forward FLUENCE_CI_BOT_PRIVATE_KEY to docs-pr + coverage-pr

Documentation

docs: install via GitHub Packages source instead of git URL

Other

chore: shorten step name (rubocop/coverage context already in matrix comment)

Refactored

refactor(ci): migrate to centralized reusable workflows

[0.13.0] - 2026-04-23

Added

feat(railtie): auto-whitelist fluence local dev hosts in development

[0.12.1] - 2026-04-23

Build

build(deps): bump actions/upload-pages-artifact from 3 to 5
build(deps): bump actions/deploy-pages from 4 to 5

Fixed

fix(middleware): rewind request body before reading for HMAC digest

[0.12.0] - 2026-04-21

Added

feat(test-helpers): add sign_in_as_service and gateway_service_headers (#64)
feat(test-helpers): add sign_in_as_service and gateway_service_headers

CI

ci(release): recognise squash-merged release commits and allow manual publish (#66)
ci(release): recognise squash-merged release commits and allow manual publish

[0.11.0] - 2026-04-21

Added

feat(authentication): add service-to-service authentication helpers

Documentation

docs(authentication): list authenticate__or_service! in custom scope example
docs(contributing): update running tests, architecture, and CI sections

[0.10.1] - 2026-04-15

Added

feat(doc): tag the public API surface with @api and enforce it via yardstick
feat(doc): override YARD template to hide embedded source code

Build

build(doc): regenerate Appraisal gemfiles with yard and yardstick
build(doc): add yard and yardstick documentation coverage

CI

ci(doc): group violations by file with linkable rows in PR comment
ci(doc): render PR comment via a Ruby script matching coverage style
ci(doc): add docs workflow with Pages deploy and PR report

Documentation

docs(readme): align ActionCable section with scope-based concern
docs: rewrite README from source
docs: rewrite YARD comments across lib from source

Fixed

fix(coverage): exclude version.rb from SimpleCov tracking
fix(generator): scaffold first_name and last_name when creating the user table
fix(ci): query workflow runs with status=completed and filter by conclusion

Refactored

refactor(rakefile): guard doc tasks against missing yard, yardstick or config

Tests

test(coverage): load gem via hyphenated entrypoint so SimpleCov measures it

[0.10.0] - 2026-04-14

Fixed

fix(railtie): fix eager loading + derive scope in GatewayConnection

[0.9.0] - 2026-04-10

Fixed

fix(actioncable): correct docs examples and add missing spec
fix(actioncable): add missing requires, on_missing_user provisioning, and clean up specs

Refactored

refactor(actioncable): replace instance authenticate_connection! with class-level declarative
refactor(actioncable): do not force auth by default, add authenticate_connection!

Style

style: fix NilLambda rubocop offense

Tests

test(actioncable): cover on_missing_user edge cases

[0.8.0] - 2026-04-10

Added

feat(actioncable): add GatewayConnection concern for WebSocket auth

[0.7.0] - 2026-04-10

Added

feat(authentication): expose first_name and last_name from gateway headers

[0.6.1] - 2026-04-09

Fixed

fix(middleware): include query string in HMAC signature

Refactored

refactor(middleware): return explicit rejection codes in dev/test

[0.6.0] - 2026-04-09

Added

feat(test): add TestHelpers module for application specs

[0.5.0] - 2026-04-08

Added

feat(authentication): add on_missing_user provisioning hook
feat(generators): create model file when missing
feat(generators): auto-detect create_table vs add_column migration
feat(generators)!: add gateway_subject column instead of creating users table
feat(railtie): validate subject_column at boot
feat(authentication)!: look up user by configured subject_column
feat(config): add subject_column setting
feat(errors): add InvalidSubjectColumn

Documentation

docs: rewrite README from scratch
docs: revert manual changelog/upgrade entries
docs: document subject_column and 0.5.0 upgrade path

Fixed

fix(generators): handle namespaced models in table_name

Refactored

refactor(generators): inherit from NamedBase
refactor(railtie): drop subject_column boot validation
refactor(generators): use native active_record:migration
refactor(generators): align with Devise pattern (file-based detection)
refactor(generators): use Thor skip option instead of File.exist?

Tests

test(coverage): exclude generator templates from simplecov
test(dummy): add gateway_subject column to accounts

[0.4.1] - 2026-04-08

Added

feat(authentication): expose gateway_logout_path helper

[0.4.0] - 2026-04-08

Added

feat!: derive auth helpers from configured user_model
feat(config): add scope_name derived from user_model

Build

build(deps): bump actions/create-github-app-token from 2 to 3

CI

ci(rubocop): exclude Appraisal-generated gemfiles from linting
ci: add Rails version matrix via Appraisal
ci(coverage): grant actions:read so cross-run artifact lookup works
ci(coverage): show before/after diff vs base in PR comment
ci(coverage): surface undercover-flagged blocks in PR comment
ci(coverage): pass undercover-formatted coverage.json to undercover
ci(release): create release PR via GitHub App token
ci(coverage): point undercover at simplecov resultset

Documentation

docs(generator): document scope_name in initializer template
docs(readme): document derived auth helpers and migration

Fixed

fix(integration): constrain SQLite in-memory pool to a single connection
fix(integration): address review feedback on dummy app
fix(config): reject whitespace-only user_model values
fix(config): validate derived scope_name to fail fast on invalid identifiers
fix(config): validate user_model to fail fast on nil or blank
fix(railtie): defer controller include until after initializers
fix(coverage): close coverage.json file handle via block form
fix(coverage): make parse_resultset defensive against malformed input

Other

chore(gitignore): ignore .DS_Store

Refactored

refactor!: introduce custom error hierarchy

Tests

test(integration): add Rails dummy app for railtie + ActiveRecord coverage

[0.3.1] - 2026-04-03

Build

build(deps): bump actions/upload-artifact from 4 to 7
build(deps): bump actions/download-artifact from 4 to 8

CI

ci: unify release system with Fluence gems

Fixed

fix(rubocop): restore default excludes and fix generator offense
fix(rubocop): exclude gemspec from BlockLength check

Other

chore: add MIT LICENSE file
chore(gemspec): add license, metadata URIs and clean up gitignore

Tests

test(gateway_authentication): add specs for controller concern

[0.3.0] - 2026-04-03

Build

build(ci): add SimpleCov + undercover coverage with PR reporting

Refactored

refactor(generators): split install into initializer + AR migration

[0.2.1] - 2026-03-18

Added

feat: add gateway_client_id, service_request? helpers and remove Gemfile.lock

[0.2.0] - 2026-03-18

Added

feat: add client_id to HMAC payload and require X-Client-Id header

[0.1.1] - 2026-03-18

Added

feat: auto-register HMAC middleware via Railtie
feat: add Railtie for automatic controller concern inclusion
feat: add authenticate_user! method for before_action protection
feat: add configuration, controller concern, and install generator
feat: HMAC authentication middleware for Fluence Gateway

CI

ci: add release pipeline with changelog and GitHub Packages publish

Documentation

docs: add CONTRIBUTING.md
docs: update README with installation and usage guide
docs: add YARD documentation and hyphenated require path

Other

chore: remove unused Error class
chore: simplify migration template to email only
chore: add rubocop config and fix style offenses
chore: remove .idea from tracking and add to gitignore

Refactored

refactor: move ENV fallback for hmac_secret into Configuration