aptible-auth 0.1.2 → 0.1.3
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/aptible/auth/token.rb +30 -1
- data/lib/aptible/auth/version.rb +1 -1
- data/spec/aptible/auth/token_spec.rb +41 -3
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 944d38b34bbc1c213f954760d6ff5b7a580a4f0a
|
|
4
|
+
data.tar.gz: a7fc6914293f4f159e8e0f3192736355812f1b95
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 3ff9d46b6e646a2ed567eb90b90e64ad2f6a248d299c06d175bc64ae4cfa8942ea0718f914d63704712cc2aab563e50d65507e7cf54d115e63ebfd2393641957
|
|
7
|
+
data.tar.gz: 785dbffe0912ee10277e64576a5945d1eca5218cd4964ad94c9dee5e95d1450c7a1149b40dcad6ebfeb417831e80fc73b208dca03bb2126030dac93844f5548c
|
data/lib/aptible/auth/token.rb
CHANGED
|
@@ -23,7 +23,10 @@ module Aptible
|
|
|
23
23
|
|
|
24
24
|
def authenticate_client(id, secret, user, options = {})
|
|
25
25
|
options[:scope] ||= 'manage'
|
|
26
|
-
response = client.assertion.get_token(
|
|
26
|
+
response = client.assertion.get_token({
|
|
27
|
+
iss: id,
|
|
28
|
+
sub: user
|
|
29
|
+
}.merge(signing_params_from_secret(secret).merge(options)))
|
|
27
30
|
parse_oauth_response(response)
|
|
28
31
|
end
|
|
29
32
|
|
|
@@ -45,6 +48,32 @@ module Aptible
|
|
|
45
48
|
@refresh_token = response.refresh_token
|
|
46
49
|
@expires_at = Time.at(response.expires_at)
|
|
47
50
|
end
|
|
51
|
+
|
|
52
|
+
def signing_params_from_secret(secret)
|
|
53
|
+
private_key = parse_private_key(secret)
|
|
54
|
+
{
|
|
55
|
+
private_key: private_key,
|
|
56
|
+
algorithm: "RS#{key_length(private_key) / 2}"
|
|
57
|
+
}
|
|
58
|
+
end
|
|
59
|
+
|
|
60
|
+
def parse_private_key(string)
|
|
61
|
+
if string =~ /\A-----/
|
|
62
|
+
OpenSSL::PKey::RSA.new(string)
|
|
63
|
+
else
|
|
64
|
+
formatted_string = <<PRIVATE_KEY
|
|
65
|
+
-----BEGIN RSA PRIVATE KEY-----
|
|
66
|
+
#{string.scan(/.{1,64}/).join("\n")}
|
|
67
|
+
-----END RSA PRIVATE KEY-----
|
|
68
|
+
PRIVATE_KEY
|
|
69
|
+
OpenSSL::PKey::RSA.new(formatted_string)
|
|
70
|
+
end
|
|
71
|
+
end
|
|
72
|
+
|
|
73
|
+
def key_length(private_key)
|
|
74
|
+
# http://stackoverflow.com/questions/13747212
|
|
75
|
+
private_key.n.num_bytes * 8
|
|
76
|
+
end
|
|
48
77
|
end
|
|
49
78
|
end
|
|
50
79
|
end
|
data/lib/aptible/auth/version.rb
CHANGED
|
@@ -60,18 +60,30 @@ describe Aptible::Auth::Token do
|
|
|
60
60
|
describe '#authenticate_client' do
|
|
61
61
|
let(:args) { %w(id secret user@example.com) }
|
|
62
62
|
|
|
63
|
+
before do
|
|
64
|
+
subject.stub(:signing_params_from_secret) { { algorithm: 'foobar' } }
|
|
65
|
+
end
|
|
63
66
|
before { subject.stub(:client) { client } }
|
|
64
67
|
before { client.stub_chain(:assertion, :get_token) { response } }
|
|
65
68
|
|
|
66
69
|
it 'should use the assertion strategy' do
|
|
67
|
-
|
|
68
|
-
|
|
70
|
+
expect(client.assertion).to receive(:get_token).with(
|
|
71
|
+
iss: 'id',
|
|
72
|
+
sub: 'user@example.com',
|
|
73
|
+
algorithm: 'foobar',
|
|
74
|
+
scope: 'manage'
|
|
75
|
+
)
|
|
69
76
|
subject.authenticate_client(*args)
|
|
70
77
|
end
|
|
71
78
|
|
|
72
79
|
it 'should allow the token scope to be specified' do
|
|
73
80
|
args << { scope: 'read' }
|
|
74
|
-
expect(client.assertion).to receive(:get_token).with(
|
|
81
|
+
expect(client.assertion).to receive(:get_token).with(
|
|
82
|
+
iss: 'id',
|
|
83
|
+
sub: 'user@example.com',
|
|
84
|
+
algorithm: 'foobar',
|
|
85
|
+
scope: 'read'
|
|
86
|
+
)
|
|
75
87
|
subject.authenticate_client(*args)
|
|
76
88
|
end
|
|
77
89
|
|
|
@@ -81,4 +93,30 @@ describe Aptible::Auth::Token do
|
|
|
81
93
|
expect(subject.access_token).to eq 'access_token'
|
|
82
94
|
end
|
|
83
95
|
end
|
|
96
|
+
|
|
97
|
+
describe '#signing_params_from_secret' do
|
|
98
|
+
let(:private_key_string) { OpenSSL::PKey::RSA.new(512).to_s }
|
|
99
|
+
|
|
100
|
+
subject do
|
|
101
|
+
lambda do |secret|
|
|
102
|
+
described_class.new.send(:signing_params_from_secret, secret)
|
|
103
|
+
end
|
|
104
|
+
end
|
|
105
|
+
|
|
106
|
+
it 'should return a correct :algorithm' do
|
|
107
|
+
params = subject.call(private_key_string)
|
|
108
|
+
expect(params[:algorithm]).to eq 'RS256'
|
|
109
|
+
end
|
|
110
|
+
|
|
111
|
+
it 'should return a correct :private_key for header/footer keys' do
|
|
112
|
+
params = subject.call(private_key_string)
|
|
113
|
+
expect(params[:private_key]).to be_a OpenSSL::PKey::RSA
|
|
114
|
+
end
|
|
115
|
+
|
|
116
|
+
it 'should return a correct :private_key for Base64-only keys' do
|
|
117
|
+
stripped_key = private_key_string.gsub(/^-.*-$/, '').gsub("\n", '')
|
|
118
|
+
params = subject.call(stripped_key)
|
|
119
|
+
expect(params[:private_key]).to be_a OpenSSL::PKey::RSA
|
|
120
|
+
end
|
|
121
|
+
end
|
|
84
122
|
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: aptible-auth
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.1.
|
|
4
|
+
version: 0.1.3
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Frank Macreery
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2014-02-
|
|
11
|
+
date: 2014-02-17 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: gem_config
|