aptible-auth 1.2.4 → 1.2.6
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/.github/workflows/ci.yml +36 -0
- data/SECURITY.md +23 -0
- data/aptible-auth.gemspec +3 -1
- data/lib/aptible/auth/resource.rb +1 -0
- data/lib/aptible/auth/ssh_key_pre_authorization.rb +11 -0
- data/lib/aptible/auth/token.rb +6 -0
- data/lib/aptible/auth/version.rb +1 -1
- data/spec/aptible/auth/token_spec.rb +10 -0
- data/spec/oauth2/lib/token_exchange_spec.rb +2 -2
- metadata +36 -6
- data/.travis.yml +0 -7
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 91eb4ee95916762970bae2c1ddc260b9f0e5ffccebc5ca6479875aad3ca66ca5
|
|
4
|
+
data.tar.gz: 45db7f42ff6ca821dee7fef025e28c22bdf87b8601d97d7d637646b976fd7f56
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 3aa579e5df97ad873dbd566322f2e6d8d6dcd3fee8e06bfdcb7d54e5a8eedff793d667266e6be5cf35427c3510046164b5ec4e3a12cad86006f031bc66734dc6
|
|
7
|
+
data.tar.gz: f978a956c1037c31f920f33646ad247af9048038fef96fc858ffc928983451de5ccb3bdb707aade59d83ac10088a753f1258cb31ac6af788c966400879fccb0e
|
|
@@ -0,0 +1,36 @@
|
|
|
1
|
+
name: Tests
|
|
2
|
+
|
|
3
|
+
on:
|
|
4
|
+
pull_request:
|
|
5
|
+
branches:
|
|
6
|
+
- master
|
|
7
|
+
push:
|
|
8
|
+
branches:
|
|
9
|
+
- master
|
|
10
|
+
|
|
11
|
+
jobs:
|
|
12
|
+
test:
|
|
13
|
+
name: Run tests on Ruby ${{ matrix.RUBY_VERSION }}
|
|
14
|
+
runs-on: ubuntu-24.04
|
|
15
|
+
strategy:
|
|
16
|
+
fail-fast: false
|
|
17
|
+
matrix:
|
|
18
|
+
RUBY_VERSION: [2.6, 2.7]
|
|
19
|
+
steps:
|
|
20
|
+
- name: Check out code
|
|
21
|
+
uses: actions/checkout@v4
|
|
22
|
+
|
|
23
|
+
- name: Install Ruby
|
|
24
|
+
uses: ruby/setup-ruby@v1
|
|
25
|
+
with:
|
|
26
|
+
ruby-version: ${{ matrix.RUBY_VERSION }}
|
|
27
|
+
bundler: 1.17.3
|
|
28
|
+
|
|
29
|
+
- name: Bundle install
|
|
30
|
+
run: bundle install
|
|
31
|
+
|
|
32
|
+
- name: Rubocop
|
|
33
|
+
run: bundle exec rake rubocop
|
|
34
|
+
|
|
35
|
+
- name: Rspec
|
|
36
|
+
run: bundle exec rspec
|
data/SECURITY.md
ADDED
|
@@ -0,0 +1,23 @@
|
|
|
1
|
+
# Aptible Open Source Security Policies and Procedures
|
|
2
|
+
|
|
3
|
+
This document outlines security procedures and general policies for the Aptible open source projects as found on https://github.com/aptible.
|
|
4
|
+
|
|
5
|
+
* [Reporting a Vulnerability](#reporting-a-vulnerability)
|
|
6
|
+
* [Responsible Disclosure Policy](#responsible-disclosure-policy)
|
|
7
|
+
|
|
8
|
+
## Reporting a Vulnerability
|
|
9
|
+
|
|
10
|
+
The Aptible team and community take all security vulnerabilities
|
|
11
|
+
seriously. Thank you for improving the security of our open source software. We appreciate your efforts and responsible disclosure and will make every effort to acknowledge your contributions.
|
|
12
|
+
|
|
13
|
+
Report security vulnerabilities by emailing the Aptible security team at:
|
|
14
|
+
|
|
15
|
+
security@aptible.com
|
|
16
|
+
|
|
17
|
+
Security researchers can also privately report security vulnerabilities to repository maintainers using the GitHub "Report a Vulnerability" feature. [See how-to here](https://docs.github.com/en/code-security/security-advisories/guidance-on-reporting-and-writing/privately-reporting-a-security-vulnerability#privately-reporting-a-security-vulnerability).
|
|
18
|
+
|
|
19
|
+
The Aptible team will acknowledge your email within 24 business hours and send a detailed response within 48 business hours indicating the next steps in handling your report. The Aptible security team will keep you informed of the progress and may ask for additional information or guidance.
|
|
20
|
+
|
|
21
|
+
## Responsible Disclosure Policy
|
|
22
|
+
|
|
23
|
+
Please see Aptible's Responsible Disclosure Policy here: https://www.aptible.com/legal/responsible-disclosure/
|
data/aptible-auth.gemspec
CHANGED
|
@@ -21,8 +21,10 @@ Gem::Specification.new do |spec|
|
|
|
21
21
|
spec.require_paths = ['lib']
|
|
22
22
|
|
|
23
23
|
spec.add_dependency 'aptible-resource', '~> 1.0'
|
|
24
|
+
spec.add_dependency 'concurrent-ruby', '1.3.4'
|
|
24
25
|
spec.add_dependency 'gem_config'
|
|
25
|
-
spec.add_dependency '
|
|
26
|
+
spec.add_dependency 'multipart-post', '2.1.1'
|
|
27
|
+
spec.add_dependency 'oauth2', '2.0.9'
|
|
26
28
|
|
|
27
29
|
spec.add_development_dependency 'aptible-tasks', '>= 0.6.0'
|
|
28
30
|
spec.add_development_dependency 'pry'
|
data/lib/aptible/auth/token.rb
CHANGED
|
@@ -106,6 +106,12 @@ module Aptible
|
|
|
106
106
|
authenticate_impersonate(
|
|
107
107
|
token_as_string(user_token), 'aptible:token', options
|
|
108
108
|
)
|
|
109
|
+
elsif (href = options.delete(:ssh_key_pre_authorization_href))
|
|
110
|
+
authenticate_impersonate(
|
|
111
|
+
href,
|
|
112
|
+
'aptible:ssh_key_pre_authorization:href',
|
|
113
|
+
options
|
|
114
|
+
)
|
|
109
115
|
else
|
|
110
116
|
raise 'Unrecognized options'
|
|
111
117
|
end
|
data/lib/aptible/auth/version.rb
CHANGED
|
@@ -67,6 +67,16 @@ describe Aptible::Auth::Token do
|
|
|
67
67
|
described_class.create(user_token: 'tok tok tok')
|
|
68
68
|
end
|
|
69
69
|
|
|
70
|
+
it(
|
|
71
|
+
'should #authenticate_impersonate if passed ' \
|
|
72
|
+
'ssh_key_pre_authorization_href'
|
|
73
|
+
) do
|
|
74
|
+
Aptible::Auth::Token.any_instance.should_receive(
|
|
75
|
+
:authenticate_impersonate
|
|
76
|
+
).with('foo.href', 'aptible:ssh_key_pre_authorization:href', {})
|
|
77
|
+
described_class.create(ssh_key_pre_authorization_href: 'foo.href')
|
|
78
|
+
end
|
|
79
|
+
|
|
70
80
|
it 'should not alter the hash it receives' do
|
|
71
81
|
options = { email: 'some email' }
|
|
72
82
|
options_before = options.dup
|
|
@@ -4,14 +4,14 @@ require 'oauth2/strategy/token_exchange'
|
|
|
4
4
|
RSpec.describe OAuth2::Strategy::TokenExchange do
|
|
5
5
|
let(:client) do
|
|
6
6
|
cli = OAuth2::Client.new('abc', 'def', :site => 'http://api.example.com')
|
|
7
|
-
cli.connection.build do |b|
|
|
7
|
+
cli.connection.builder.build do |b|
|
|
8
8
|
b.adapter :test do |stub|
|
|
9
9
|
stub.post('/oauth/token') do |env|
|
|
10
10
|
case @mode
|
|
11
11
|
when 'formencoded'
|
|
12
12
|
[200, {'Content-Type' => 'application/x-www-form-urlencoded'}, 'expires_in=600&access_token=salmon&refresh_token=trout']
|
|
13
13
|
when 'json'
|
|
14
|
-
[200, {'Content-Type' => 'application/json'},
|
|
14
|
+
[200, {'Content-Type' => 'application/json'}, {"expires_in" => 600, "access_token" => "salmon", "refresh_token" => "trout"}]
|
|
15
15
|
end
|
|
16
16
|
end
|
|
17
17
|
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: aptible-auth
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.2.
|
|
4
|
+
version: 1.2.6
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Frank Macreery
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date:
|
|
11
|
+
date: 2025-04-23 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: aptible-resource
|
|
@@ -24,6 +24,20 @@ dependencies:
|
|
|
24
24
|
- - "~>"
|
|
25
25
|
- !ruby/object:Gem::Version
|
|
26
26
|
version: '1.0'
|
|
27
|
+
- !ruby/object:Gem::Dependency
|
|
28
|
+
name: concurrent-ruby
|
|
29
|
+
requirement: !ruby/object:Gem::Requirement
|
|
30
|
+
requirements:
|
|
31
|
+
- - '='
|
|
32
|
+
- !ruby/object:Gem::Version
|
|
33
|
+
version: 1.3.4
|
|
34
|
+
type: :runtime
|
|
35
|
+
prerelease: false
|
|
36
|
+
version_requirements: !ruby/object:Gem::Requirement
|
|
37
|
+
requirements:
|
|
38
|
+
- - '='
|
|
39
|
+
- !ruby/object:Gem::Version
|
|
40
|
+
version: 1.3.4
|
|
27
41
|
- !ruby/object:Gem::Dependency
|
|
28
42
|
name: gem_config
|
|
29
43
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -38,20 +52,34 @@ dependencies:
|
|
|
38
52
|
- - ">="
|
|
39
53
|
- !ruby/object:Gem::Version
|
|
40
54
|
version: '0'
|
|
55
|
+
- !ruby/object:Gem::Dependency
|
|
56
|
+
name: multipart-post
|
|
57
|
+
requirement: !ruby/object:Gem::Requirement
|
|
58
|
+
requirements:
|
|
59
|
+
- - '='
|
|
60
|
+
- !ruby/object:Gem::Version
|
|
61
|
+
version: 2.1.1
|
|
62
|
+
type: :runtime
|
|
63
|
+
prerelease: false
|
|
64
|
+
version_requirements: !ruby/object:Gem::Requirement
|
|
65
|
+
requirements:
|
|
66
|
+
- - '='
|
|
67
|
+
- !ruby/object:Gem::Version
|
|
68
|
+
version: 2.1.1
|
|
41
69
|
- !ruby/object:Gem::Dependency
|
|
42
70
|
name: oauth2
|
|
43
71
|
requirement: !ruby/object:Gem::Requirement
|
|
44
72
|
requirements:
|
|
45
73
|
- - '='
|
|
46
74
|
- !ruby/object:Gem::Version
|
|
47
|
-
version:
|
|
75
|
+
version: 2.0.9
|
|
48
76
|
type: :runtime
|
|
49
77
|
prerelease: false
|
|
50
78
|
version_requirements: !ruby/object:Gem::Requirement
|
|
51
79
|
requirements:
|
|
52
80
|
- - '='
|
|
53
81
|
- !ruby/object:Gem::Version
|
|
54
|
-
version:
|
|
82
|
+
version: 2.0.9
|
|
55
83
|
- !ruby/object:Gem::Dependency
|
|
56
84
|
name: aptible-tasks
|
|
57
85
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -144,14 +172,15 @@ extensions: []
|
|
|
144
172
|
extra_rdoc_files: []
|
|
145
173
|
files:
|
|
146
174
|
- ".github/CODEOWNERS"
|
|
175
|
+
- ".github/workflows/ci.yml"
|
|
147
176
|
- ".gitignore"
|
|
148
177
|
- ".rspec"
|
|
149
|
-
- ".travis.yml"
|
|
150
178
|
- Gemfile
|
|
151
179
|
- LICENSE.md
|
|
152
180
|
- Procfile
|
|
153
181
|
- README.md
|
|
154
182
|
- Rakefile
|
|
183
|
+
- SECURITY.md
|
|
155
184
|
- aptible-auth.gemspec
|
|
156
185
|
- lib/aptible/auth.rb
|
|
157
186
|
- lib/aptible/auth/agent.rb
|
|
@@ -165,6 +194,7 @@ files:
|
|
|
165
194
|
- lib/aptible/auth/saml_configuration.rb
|
|
166
195
|
- lib/aptible/auth/session.rb
|
|
167
196
|
- lib/aptible/auth/ssh_key.rb
|
|
197
|
+
- lib/aptible/auth/ssh_key_pre_authorization.rb
|
|
168
198
|
- lib/aptible/auth/token.rb
|
|
169
199
|
- lib/aptible/auth/user.rb
|
|
170
200
|
- lib/aptible/auth/version.rb
|
|
@@ -199,7 +229,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
199
229
|
- !ruby/object:Gem::Version
|
|
200
230
|
version: '0'
|
|
201
231
|
requirements: []
|
|
202
|
-
rubygems_version: 3.
|
|
232
|
+
rubygems_version: 3.3.27
|
|
203
233
|
signing_key:
|
|
204
234
|
specification_version: 4
|
|
205
235
|
summary: Ruby client for auth.aptible.com
|