autosign 0.1.1 → 1.0.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +5 -5
- data/.rubocop.yml +12 -0
- data/.rubocop_todo.yml +659 -0
- data/.travis.yml +4 -5
- data/CHANGELOG.md +56 -0
- data/Gemfile.lock +107 -89
- data/LICENSE +201 -0
- data/README.md +37 -0
- data/Rakefile +22 -22
- data/autosign.gemspec +24 -20
- data/bin/autosign +23 -15
- data/bin/autosign-validator +14 -6
- data/lib/autosign.rb +1 -1
- data/lib/autosign/config.rb +71 -56
- data/lib/autosign/decoder.rb +7 -3
- data/lib/autosign/journal.rb +2 -2
- data/lib/autosign/token.rb +7 -7
- data/lib/autosign/validator.rb +34 -197
- data/lib/autosign/{validators → validator}/jwt.rb +41 -42
- data/lib/autosign/{validators → validator}/multiplexer.rb +24 -32
- data/lib/autosign/{validators → validator}/passwordlist.rb +16 -17
- data/lib/autosign/validator/validator_base.rb +168 -0
- data/lib/autosign/version.rb +1 -1
- metadata +78 -74
- data/features/autosign.feature +0 -93
- data/features/step_definitions/autosign_steps.rb +0 -44
- data/features/support/env.rb +0 -17
- data/features/validate.feature +0 -22
- data/fixtures/i-7672fe81.pem +0 -34
- data/spec/spec_helper.rb +0 -102
- data/spec/specs/config_spec.rb +0 -20
- data/spec/specs/decoder_spec.rb +0 -16
- data/spec/specs/journal_spec.rb +0 -41
- data/spec/specs/token_spec.rb +0 -102
- data/spec/specs/validators/jwt_spec.rb +0 -69
- data/spec/specs/validators/passwordlist_spec.rb +0 -51
@@ -1,6 +1,8 @@
|
|
1
|
-
|
2
|
-
|
1
|
+
# frozen_string_literal: true
|
2
|
+
require 'autosign/validator/validator_base'
|
3
3
|
|
4
|
+
module Autosign
|
5
|
+
module Validator
|
4
6
|
# The multiplexer validator sends the same request received by the autosign
|
5
7
|
# executable to one or more external executables. The purpose is to allow
|
6
8
|
# one or more existing autosign scripts to be used in conjunction with the
|
@@ -25,15 +27,8 @@ module Autosign
|
|
25
27
|
# external_policy_executable = /usr/local/bin/another-autosign-script.rb
|
26
28
|
# # requests will only be validated by the multiplexer validator if they
|
27
29
|
# # are validated by both external policy executables.
|
28
|
-
class Multiplexer < Autosign::Validator
|
29
|
-
|
30
|
-
# set the user-friendly name of the Multiplexer validator.
|
31
|
-
# This name is used to specify that configuration should come from the
|
32
|
-
# [multiplexer] section of the autosign.conf file.
|
33
|
-
# @return [String] name of the validator
|
34
|
-
def name
|
35
|
-
"multiplexer"
|
36
|
-
end
|
30
|
+
class Multiplexer < Autosign::Validator::ValidatorBase
|
31
|
+
NAME = 'multiplexer'
|
37
32
|
|
38
33
|
private
|
39
34
|
|
@@ -42,25 +37,24 @@ module Autosign
|
|
42
37
|
# @param certname [String] certname requested in the CSR
|
43
38
|
# @param raw_csr [String] X509 certificate signing request as received by the policy executable
|
44
39
|
# @return [True, False] returns true to indicate successful validation, and false to indicate failure to validate
|
45
|
-
def perform_validation(
|
40
|
+
def perform_validation(_token, certname, raw_csr)
|
46
41
|
results = []
|
47
|
-
@log.debug
|
48
|
-
policy_executables.each
|
49
|
-
@log.debug "attempting to validate using #{executable
|
50
|
-
results << IO.popen(executable + ' ' + certname.to_s, 'r+') {|obj| obj.puts raw_csr; obj.close_write; obj.read; obj.close;
|
51
|
-
@log.debug "exit code from #{executable
|
52
|
-
|
53
|
-
bool_results = results.map {|val| val == 0}
|
54
|
-
|
42
|
+
@log.debug 'validating using multiplexed external executables'
|
43
|
+
policy_executables.each do |executable|
|
44
|
+
@log.debug "attempting to validate using #{executable}"
|
45
|
+
results << IO.popen(executable + ' ' + certname.to_s, 'r+') { |obj| obj.puts raw_csr; obj.close_write; obj.read; obj.close; $CHILD_STATUS.to_i }
|
46
|
+
@log.debug "exit code from #{executable}: #{results.last}"
|
47
|
+
end
|
48
|
+
bool_results = results.map { |val| val == 0 }
|
49
|
+
validate_using_strategy(bool_results)
|
55
50
|
end
|
56
51
|
|
57
|
-
|
58
52
|
# set the default validation strategy to "any", succeeding if any one
|
59
53
|
# external autosign script succeeds.
|
60
54
|
# @return [Hash] config hash to be merged in with config file settings and overrides.
|
61
55
|
def default_settings
|
62
56
|
{
|
63
|
-
'strategy' => 'any'
|
57
|
+
'strategy' => 'any'
|
64
58
|
}
|
65
59
|
end
|
66
60
|
|
@@ -72,13 +66,13 @@ module Autosign
|
|
72
66
|
case settings['strategy']
|
73
67
|
when 'any'
|
74
68
|
@log.debug "validating using 'any' strategy"
|
75
|
-
|
69
|
+
array.any?
|
76
70
|
when 'all'
|
77
71
|
@log.debug "validating using 'all' strategy"
|
78
|
-
|
72
|
+
array.all?
|
79
73
|
else
|
80
|
-
@log.error
|
81
|
-
|
74
|
+
@log.error 'unable to validate; unknown strategy'
|
75
|
+
false
|
82
76
|
end
|
83
77
|
end
|
84
78
|
|
@@ -86,25 +80,23 @@ module Autosign
|
|
86
80
|
# or an empty array if none are specified.
|
87
81
|
# @return [Array] of policy executables.
|
88
82
|
def policy_executables
|
89
|
-
|
83
|
+
Array(settings['external_policy_executable'])
|
90
84
|
end
|
91
85
|
|
92
|
-
|
93
86
|
# validate that settins are reasonable. Validation strategy must be
|
94
87
|
# either any or all.
|
95
88
|
# @param settings [Hash] config settings hash
|
96
89
|
# @return [True, False] true if settings validate successfully, false otherwise
|
97
90
|
def validate_settings(settings)
|
98
|
-
@log.debug
|
99
|
-
unless [
|
91
|
+
@log.debug 'validating settings: ' + settings.to_s
|
92
|
+
unless %w[any all].include? settings['strategy']
|
100
93
|
@log.error "strategy setting must be set to 'any' or 'all'"
|
101
94
|
return false
|
102
95
|
end
|
103
96
|
|
104
|
-
@log.debug
|
97
|
+
@log.debug 'done validating settings'
|
105
98
|
true
|
106
99
|
end
|
107
|
-
|
108
100
|
end
|
109
101
|
end
|
110
102
|
end
|
@@ -1,5 +1,7 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
require 'autosign/validator/validator_base'
|
1
3
|
module Autosign
|
2
|
-
module
|
4
|
+
module Validator
|
3
5
|
# Validate certificate signing requests using a simple password list.
|
4
6
|
# This is not a very secure or flexible validation scheme, but is provided
|
5
7
|
# because so many existing autosign policy scripts implement it.
|
@@ -11,35 +13,32 @@ module Autosign
|
|
11
13
|
# password = opensesame
|
12
14
|
# password = CPE1704TKS
|
13
15
|
#
|
14
|
-
class Passwordlist < Autosign::Validator
|
15
|
-
|
16
|
-
"password_list"
|
17
|
-
end
|
16
|
+
class Passwordlist < Autosign::Validator::ValidatorBase
|
17
|
+
NAME = 'password_list'
|
18
18
|
|
19
19
|
private
|
20
20
|
|
21
|
-
def perform_validation(password,
|
22
|
-
@log.debug
|
23
|
-
@log.debug
|
21
|
+
def perform_validation(password, _certname, _raw_csr)
|
22
|
+
@log.debug 'validating against simple password list'
|
23
|
+
@log.debug 'passwords: ' + settings.to_s
|
24
24
|
result = validate_password(password.to_s)
|
25
|
-
@log.debug
|
26
|
-
|
25
|
+
@log.debug 'validation result: ' + result.to_s
|
26
|
+
result
|
27
27
|
end
|
28
28
|
|
29
29
|
def validate_password(password)
|
30
|
-
@log.debug
|
30
|
+
@log.debug 'Checking if password list includes password'
|
31
31
|
password_list.include?(password.to_s)
|
32
32
|
end
|
33
33
|
|
34
34
|
def password_list
|
35
|
-
|
35
|
+
Array(settings['password'])
|
36
36
|
end
|
37
37
|
|
38
|
-
|
39
|
-
|
40
|
-
|
41
|
-
|
42
|
-
|
38
|
+
def validate_settings(settings)
|
39
|
+
@log.debug 'validating settings: ' + settings.to_s
|
40
|
+
true
|
41
|
+
end
|
43
42
|
end
|
44
43
|
end
|
45
44
|
end
|
@@ -0,0 +1,168 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
require 'logging'
|
4
|
+
|
5
|
+
module Autosign
|
6
|
+
module Validator
|
7
|
+
# Parent class for validation backends. Validator take the
|
8
|
+
# challenge_password and common name from a certificate signing request,
|
9
|
+
# and perform some action to determine whether the request is valid.
|
10
|
+
#
|
11
|
+
# Validator also get the raw X509 CSR in case the extracted information
|
12
|
+
# is insufficient for future, more powerful validators.
|
13
|
+
#
|
14
|
+
# All validators must inherit from this class, and must override several
|
15
|
+
# methods in order to function. At a minimum, the name and perform_validation
|
16
|
+
# methods must be implemented by child classes.
|
17
|
+
#
|
18
|
+
# @return Autosign::Validator::ValidatorBase instance of the Autosign::Validator::ValidatorBase class
|
19
|
+
class ValidatorBase
|
20
|
+
NAME = 'base'
|
21
|
+
attr_reader :config_file_settings
|
22
|
+
|
23
|
+
def initialize(config_file_settings = nil)
|
24
|
+
@config_file_settings = config_file_settings
|
25
|
+
start_logging
|
26
|
+
settings # just run to validate settings
|
27
|
+
setup
|
28
|
+
# call name to ensure that the class fails immediately if child classes
|
29
|
+
# do not implement it.
|
30
|
+
name
|
31
|
+
end
|
32
|
+
|
33
|
+
# @return [String] name of the validator. Do not use special characters.
|
34
|
+
# You must set the NAME constant in the sublcass
|
35
|
+
def name
|
36
|
+
self.class::NAME
|
37
|
+
end
|
38
|
+
|
39
|
+
# define how a validator actually validates the request.
|
40
|
+
# This must be implemented by validators which inherit from the
|
41
|
+
# Autosign::Validator class.
|
42
|
+
#
|
43
|
+
# @param challenge_password [String] the challenge_password OID from the certificate signing request. The challenge_password field is the same setting as the "challengePassword" field in a `csr_attributes.yaml` file when the CSR is generated. In a request using a JSON web token, this would be the serialized token.
|
44
|
+
# @param certname [String] the common name being requested in the certificate signing request. Treat the certname as untrusted. This is user-submitted data that you must validate.
|
45
|
+
# @param raw_csr [String] the encoded X509 certificate signing request, as received by the autosign policy executable. This is provided as an optional extension point, but your validator may not need to use it.
|
46
|
+
# @return [True, False] return true if the certificate should be signed, and false if you cannot validate the request successfully.
|
47
|
+
def perform_validation(_challenge_password, _certname, _raw_csr)
|
48
|
+
# override this after inheriting
|
49
|
+
# should return true to indicate success validating
|
50
|
+
# or false to indicate that the validator was unable to validate
|
51
|
+
raise NotImplementedError
|
52
|
+
end
|
53
|
+
|
54
|
+
# wrapper method that wraps input validation and logging around the perform_validation method.
|
55
|
+
# Do not override or use this class in child classes. This is the class that gets called
|
56
|
+
# on validator objects.
|
57
|
+
def validate(challenge_password, certname, raw_csr)
|
58
|
+
raise unless challenge_password.is_a?(String)
|
59
|
+
raise unless certname.is_a?(String)
|
60
|
+
|
61
|
+
case perform_validation(challenge_password, certname, raw_csr)
|
62
|
+
when true
|
63
|
+
@log.debug 'validated successfully'
|
64
|
+
@log.info "Validated '#{certname}' using '#{name}' validator"
|
65
|
+
true
|
66
|
+
when false
|
67
|
+
@log.debug 'validation failed'
|
68
|
+
@log.debug "Unable to validate '#{certname}' using '#{name}' validator"
|
69
|
+
false
|
70
|
+
else
|
71
|
+
@log.error 'perform_validation returned a non-boolean result'
|
72
|
+
raise 'perform_validation returned a non-boolean result'
|
73
|
+
end
|
74
|
+
end
|
75
|
+
|
76
|
+
private
|
77
|
+
|
78
|
+
# this is automatically called when the class is initialized; do not
|
79
|
+
# override it in child classes.
|
80
|
+
def start_logging
|
81
|
+
@log = Logging.logger[self.class]
|
82
|
+
@log.debug 'starting autosign validator: ' + name.to_s
|
83
|
+
end
|
84
|
+
|
85
|
+
# (optionally) override this method in validator child classes to perform any additional
|
86
|
+
# setup during class initialization prior to beginning validation.
|
87
|
+
# If you need to create a database connection, this would be a good place to do it.
|
88
|
+
# @return [True, False] return true if setup succeeded, or false if setup failed and the validation should not continue
|
89
|
+
def setup
|
90
|
+
true
|
91
|
+
end
|
92
|
+
|
93
|
+
# provide a merged settings hash of default settings for a validator,
|
94
|
+
# config file settings for the validator, and override settings defined in
|
95
|
+
# the validator.
|
96
|
+
#
|
97
|
+
# Do not override this in child classes. If you need to set
|
98
|
+
# custom config settings, override the get_override_settings method.
|
99
|
+
# The section of the config file this reads from is the same as the name
|
100
|
+
# method returns.
|
101
|
+
#
|
102
|
+
# @return [Hash] of config settings
|
103
|
+
def settings
|
104
|
+
@settings ||= begin
|
105
|
+
@log.debug "merging settings for #{name} validator"
|
106
|
+
setting_sources = [get_override_settings, load_config, default_settings]
|
107
|
+
merged_settings = setting_sources.inject({}) { |merged, hash| merged.deep_merge(hash, {:overwrite_arrays => true}) }
|
108
|
+
@log.debug 'using merged settings: ' + merged_settings.to_s
|
109
|
+
@log.debug 'validating merged settings'
|
110
|
+
if validate_settings(merged_settings)
|
111
|
+
@log.debug 'successfully validated merged settings'
|
112
|
+
merged_settings
|
113
|
+
else
|
114
|
+
@log.warn 'validation of merged settings failed'
|
115
|
+
@log.warn "unable to validate settings in #{name} validator"
|
116
|
+
raise 'settings validation error'
|
117
|
+
end
|
118
|
+
merged_settings
|
119
|
+
end
|
120
|
+
end
|
121
|
+
|
122
|
+
# (optionally) override this from a child class to set config defaults.
|
123
|
+
# These will be overridden by config file settings.
|
124
|
+
#
|
125
|
+
# Override this when inheriting if you need to set config defaults.
|
126
|
+
# For example, if you want to pull settings from zookeeper, this would
|
127
|
+
# be a good place to do that.
|
128
|
+
#
|
129
|
+
# @return [Hash] of config settings
|
130
|
+
def default_settings
|
131
|
+
{}
|
132
|
+
end
|
133
|
+
|
134
|
+
# (optionally) override this to perform validation checks on the merged
|
135
|
+
# config hash of default settings, config file settings, and override
|
136
|
+
# settings.
|
137
|
+
# @return [True, False]
|
138
|
+
def validate_settings(settings)
|
139
|
+
settings.is_a?(Hash)
|
140
|
+
end
|
141
|
+
|
142
|
+
# load any required configuration from the config file.
|
143
|
+
# Do not override this in child classes.
|
144
|
+
# @return [Hash] configuration settings from the validator's section of the config file
|
145
|
+
def load_config
|
146
|
+
@log.debug 'loading validator-specific configuration'
|
147
|
+
config_settings = @config_file_settings ||= Autosign::Config.new.settings
|
148
|
+
if config_settings.to_hash[name].nil?
|
149
|
+
@log.warn 'Unable to load validator-specific configuration'
|
150
|
+
@log.warn "Cannot load configuration section named '#{name}'"
|
151
|
+
{}
|
152
|
+
else
|
153
|
+
@log.debug 'Set validator-specific settings from config file: ' + config_settings.to_hash[name].to_s
|
154
|
+
config_settings.to_hash[name]
|
155
|
+
end
|
156
|
+
end
|
157
|
+
|
158
|
+
# (optionally) override this from child classes to get custom configuration
|
159
|
+
# from a validator.
|
160
|
+
#
|
161
|
+
# This is how you override defaults and config file settings.
|
162
|
+
# @return [Hash] configuration settings
|
163
|
+
def get_override_settings
|
164
|
+
{}
|
165
|
+
end
|
166
|
+
end
|
167
|
+
end
|
168
|
+
end
|
data/lib/autosign/version.rb
CHANGED
metadata
CHANGED
@@ -1,171 +1,185 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: autosign
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.1
|
4
|
+
version: 1.0.1
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Daniel Dreier
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date:
|
11
|
+
date: 2020-06-03 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
|
-
name:
|
14
|
+
name: aruba
|
15
15
|
requirement: !ruby/object:Gem::Requirement
|
16
16
|
requirements:
|
17
17
|
- - "~>"
|
18
18
|
- !ruby/object:Gem::Version
|
19
|
-
version: '
|
19
|
+
version: '0.6'
|
20
20
|
type: :development
|
21
21
|
prerelease: false
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
23
23
|
requirements:
|
24
24
|
- - "~>"
|
25
25
|
- !ruby/object:Gem::Version
|
26
|
-
version: '
|
26
|
+
version: '0.6'
|
27
27
|
- !ruby/object:Gem::Dependency
|
28
|
-
name:
|
28
|
+
name: coveralls
|
29
|
+
requirement: !ruby/object:Gem::Requirement
|
30
|
+
requirements:
|
31
|
+
- - ">="
|
32
|
+
- !ruby/object:Gem::Version
|
33
|
+
version: '0'
|
34
|
+
type: :development
|
35
|
+
prerelease: false
|
36
|
+
version_requirements: !ruby/object:Gem::Requirement
|
37
|
+
requirements:
|
38
|
+
- - ">="
|
39
|
+
- !ruby/object:Gem::Version
|
40
|
+
version: '0'
|
41
|
+
- !ruby/object:Gem::Dependency
|
42
|
+
name: cucumber
|
29
43
|
requirement: !ruby/object:Gem::Requirement
|
30
44
|
requirements:
|
31
45
|
- - "~>"
|
32
46
|
- !ruby/object:Gem::Version
|
33
|
-
version: '
|
47
|
+
version: '2'
|
34
48
|
type: :development
|
35
49
|
prerelease: false
|
36
50
|
version_requirements: !ruby/object:Gem::Requirement
|
37
51
|
requirements:
|
38
52
|
- - "~>"
|
39
53
|
- !ruby/object:Gem::Version
|
40
|
-
version: '
|
54
|
+
version: '2'
|
41
55
|
- !ruby/object:Gem::Dependency
|
42
|
-
name:
|
56
|
+
name: pry
|
43
57
|
requirement: !ruby/object:Gem::Requirement
|
44
58
|
requirements:
|
45
59
|
- - "~>"
|
46
60
|
- !ruby/object:Gem::Version
|
47
|
-
version: '0.
|
61
|
+
version: '0.10'
|
48
62
|
type: :development
|
49
63
|
prerelease: false
|
50
64
|
version_requirements: !ruby/object:Gem::Requirement
|
51
65
|
requirements:
|
52
66
|
- - "~>"
|
53
67
|
- !ruby/object:Gem::Version
|
54
|
-
version: '0.
|
68
|
+
version: '0.10'
|
55
69
|
- !ruby/object:Gem::Dependency
|
56
|
-
name:
|
70
|
+
name: puppet
|
57
71
|
requirement: !ruby/object:Gem::Requirement
|
58
72
|
requirements:
|
59
73
|
- - "~>"
|
60
74
|
- !ruby/object:Gem::Version
|
61
|
-
version: '
|
75
|
+
version: '6'
|
62
76
|
type: :development
|
63
77
|
prerelease: false
|
64
78
|
version_requirements: !ruby/object:Gem::Requirement
|
65
79
|
requirements:
|
66
80
|
- - "~>"
|
67
81
|
- !ruby/object:Gem::Version
|
68
|
-
version: '
|
82
|
+
version: '6'
|
69
83
|
- !ruby/object:Gem::Dependency
|
70
|
-
name:
|
84
|
+
name: rake
|
71
85
|
requirement: !ruby/object:Gem::Requirement
|
72
86
|
requirements:
|
73
87
|
- - "~>"
|
74
88
|
- !ruby/object:Gem::Version
|
75
|
-
version: '
|
89
|
+
version: '13'
|
76
90
|
type: :development
|
77
91
|
prerelease: false
|
78
92
|
version_requirements: !ruby/object:Gem::Requirement
|
79
93
|
requirements:
|
80
94
|
- - "~>"
|
81
95
|
- !ruby/object:Gem::Version
|
82
|
-
version: '
|
96
|
+
version: '13'
|
83
97
|
- !ruby/object:Gem::Dependency
|
84
|
-
name:
|
98
|
+
name: rdoc
|
85
99
|
requirement: !ruby/object:Gem::Requirement
|
86
100
|
requirements:
|
87
101
|
- - "~>"
|
88
102
|
- !ruby/object:Gem::Version
|
89
|
-
version: '
|
103
|
+
version: '4'
|
90
104
|
type: :development
|
91
105
|
prerelease: false
|
92
106
|
version_requirements: !ruby/object:Gem::Requirement
|
93
107
|
requirements:
|
94
108
|
- - "~>"
|
95
109
|
- !ruby/object:Gem::Version
|
96
|
-
version: '
|
110
|
+
version: '4'
|
97
111
|
- !ruby/object:Gem::Dependency
|
98
|
-
name:
|
112
|
+
name: rspec
|
99
113
|
requirement: !ruby/object:Gem::Requirement
|
100
114
|
requirements:
|
101
|
-
- - "
|
115
|
+
- - "~>"
|
102
116
|
- !ruby/object:Gem::Version
|
103
|
-
version: '
|
117
|
+
version: '3'
|
104
118
|
type: :development
|
105
119
|
prerelease: false
|
106
120
|
version_requirements: !ruby/object:Gem::Requirement
|
107
121
|
requirements:
|
108
|
-
- - "
|
122
|
+
- - "~>"
|
109
123
|
- !ruby/object:Gem::Version
|
110
|
-
version: '
|
124
|
+
version: '3'
|
111
125
|
- !ruby/object:Gem::Dependency
|
112
|
-
name:
|
126
|
+
name: rubocop
|
113
127
|
requirement: !ruby/object:Gem::Requirement
|
114
128
|
requirements:
|
115
129
|
- - "~>"
|
116
130
|
- !ruby/object:Gem::Version
|
117
|
-
version:
|
131
|
+
version: 0.83.0
|
118
132
|
type: :development
|
119
133
|
prerelease: false
|
120
134
|
version_requirements: !ruby/object:Gem::Requirement
|
121
135
|
requirements:
|
122
136
|
- - "~>"
|
123
137
|
- !ruby/object:Gem::Version
|
124
|
-
version:
|
138
|
+
version: 0.83.0
|
125
139
|
- !ruby/object:Gem::Dependency
|
126
|
-
name:
|
140
|
+
name: yard
|
127
141
|
requirement: !ruby/object:Gem::Requirement
|
128
142
|
requirements:
|
129
143
|
- - "~>"
|
130
144
|
- !ruby/object:Gem::Version
|
131
|
-
version:
|
132
|
-
type: :
|
145
|
+
version: 0.9.11
|
146
|
+
type: :development
|
133
147
|
prerelease: false
|
134
148
|
version_requirements: !ruby/object:Gem::Requirement
|
135
149
|
requirements:
|
136
150
|
- - "~>"
|
137
151
|
- !ruby/object:Gem::Version
|
138
|
-
version:
|
152
|
+
version: 0.9.11
|
139
153
|
- !ruby/object:Gem::Dependency
|
140
|
-
name:
|
154
|
+
name: bundler
|
141
155
|
requirement: !ruby/object:Gem::Requirement
|
142
156
|
requirements:
|
143
157
|
- - "~>"
|
144
158
|
- !ruby/object:Gem::Version
|
145
|
-
version: '
|
146
|
-
type: :
|
159
|
+
version: '2.0'
|
160
|
+
type: :development
|
147
161
|
prerelease: false
|
148
162
|
version_requirements: !ruby/object:Gem::Requirement
|
149
163
|
requirements:
|
150
164
|
- - "~>"
|
151
165
|
- !ruby/object:Gem::Version
|
152
|
-
version: '
|
166
|
+
version: '2.0'
|
153
167
|
- !ruby/object:Gem::Dependency
|
154
|
-
name:
|
168
|
+
name: deep_merge
|
155
169
|
requirement: !ruby/object:Gem::Requirement
|
156
170
|
requirements:
|
157
171
|
- - "~>"
|
158
172
|
- !ruby/object:Gem::Version
|
159
|
-
version: '1'
|
173
|
+
version: '1.2'
|
160
174
|
type: :runtime
|
161
175
|
prerelease: false
|
162
176
|
version_requirements: !ruby/object:Gem::Requirement
|
163
177
|
requirements:
|
164
178
|
- - "~>"
|
165
179
|
- !ruby/object:Gem::Version
|
166
|
-
version: '1'
|
180
|
+
version: '1.2'
|
167
181
|
- !ruby/object:Gem::Dependency
|
168
|
-
name:
|
182
|
+
name: gli
|
169
183
|
requirement: !ruby/object:Gem::Requirement
|
170
184
|
requirements:
|
171
185
|
- - "~>"
|
@@ -179,7 +193,7 @@ dependencies:
|
|
179
193
|
- !ruby/object:Gem::Version
|
180
194
|
version: '2'
|
181
195
|
- !ruby/object:Gem::Dependency
|
182
|
-
name:
|
196
|
+
name: iniparse
|
183
197
|
requirement: !ruby/object:Gem::Requirement
|
184
198
|
requirements:
|
185
199
|
- - "~>"
|
@@ -193,7 +207,7 @@ dependencies:
|
|
193
207
|
- !ruby/object:Gem::Version
|
194
208
|
version: '1'
|
195
209
|
- !ruby/object:Gem::Dependency
|
196
|
-
name:
|
210
|
+
name: jwt
|
197
211
|
requirement: !ruby/object:Gem::Requirement
|
198
212
|
requirements:
|
199
213
|
- - "~>"
|
@@ -207,83 +221,74 @@ dependencies:
|
|
207
221
|
- !ruby/object:Gem::Version
|
208
222
|
version: '1'
|
209
223
|
- !ruby/object:Gem::Dependency
|
210
|
-
name:
|
224
|
+
name: logging
|
211
225
|
requirement: !ruby/object:Gem::Requirement
|
212
226
|
requirements:
|
213
227
|
- - "~>"
|
214
228
|
- !ruby/object:Gem::Version
|
215
|
-
version: '
|
229
|
+
version: '2'
|
216
230
|
type: :runtime
|
217
231
|
prerelease: false
|
218
232
|
version_requirements: !ruby/object:Gem::Requirement
|
219
233
|
requirements:
|
220
234
|
- - "~>"
|
221
235
|
- !ruby/object:Gem::Version
|
222
|
-
version: '
|
236
|
+
version: '2'
|
223
237
|
- !ruby/object:Gem::Dependency
|
224
|
-
name:
|
238
|
+
name: multi_json
|
225
239
|
requirement: !ruby/object:Gem::Requirement
|
226
240
|
requirements:
|
227
|
-
- - "
|
241
|
+
- - ">="
|
228
242
|
- !ruby/object:Gem::Version
|
229
|
-
version: '
|
243
|
+
version: '1'
|
230
244
|
type: :runtime
|
231
245
|
prerelease: false
|
232
246
|
version_requirements: !ruby/object:Gem::Requirement
|
233
247
|
requirements:
|
234
|
-
- - "
|
248
|
+
- - ">="
|
235
249
|
- !ruby/object:Gem::Version
|
236
|
-
version: '
|
250
|
+
version: '1'
|
237
251
|
description:
|
238
252
|
email: ddreier@thinkplango.com
|
239
253
|
executables:
|
240
254
|
- autosign
|
241
255
|
- autosign-validator
|
242
256
|
extensions: []
|
243
|
-
extra_rdoc_files:
|
257
|
+
extra_rdoc_files:
|
258
|
+
- CHANGELOG.md
|
259
|
+
- LICENSE
|
260
|
+
- README.md
|
244
261
|
files:
|
245
262
|
- ".gitignore"
|
246
263
|
- ".rspec"
|
264
|
+
- ".rubocop.yml"
|
265
|
+
- ".rubocop_todo.yml"
|
247
266
|
- ".travis.yml"
|
267
|
+
- CHANGELOG.md
|
248
268
|
- Gemfile
|
249
269
|
- Gemfile.lock
|
270
|
+
- LICENSE
|
250
271
|
- README.md
|
251
272
|
- Rakefile
|
252
273
|
- autosign.gemspec
|
253
274
|
- bin/autosign
|
254
275
|
- bin/autosign-validator
|
255
|
-
- features/autosign.feature
|
256
|
-
- features/step_definitions/autosign_steps.rb
|
257
|
-
- features/support/env.rb
|
258
|
-
- features/validate.feature
|
259
|
-
- fixtures/i-7672fe81.pem
|
260
276
|
- lib/autosign.rb
|
261
277
|
- lib/autosign/config.rb
|
262
278
|
- lib/autosign/decoder.rb
|
263
279
|
- lib/autosign/journal.rb
|
264
280
|
- lib/autosign/token.rb
|
265
281
|
- lib/autosign/validator.rb
|
266
|
-
- lib/autosign/
|
267
|
-
- lib/autosign/
|
268
|
-
- lib/autosign/
|
282
|
+
- lib/autosign/validator/jwt.rb
|
283
|
+
- lib/autosign/validator/multiplexer.rb
|
284
|
+
- lib/autosign/validator/passwordlist.rb
|
285
|
+
- lib/autosign/validator/validator_base.rb
|
269
286
|
- lib/autosign/version.rb
|
270
|
-
- spec/spec_helper.rb
|
271
|
-
- spec/specs/config_spec.rb
|
272
|
-
- spec/specs/decoder_spec.rb
|
273
|
-
- spec/specs/journal_spec.rb
|
274
|
-
- spec/specs/token_spec.rb
|
275
|
-
- spec/specs/validators/jwt_spec.rb
|
276
|
-
- spec/specs/validators/passwordlist_spec.rb
|
277
287
|
homepage: https://github.com/danieldreier/autosign
|
278
288
|
licenses: []
|
279
289
|
metadata: {}
|
280
290
|
post_install_message:
|
281
|
-
rdoc_options:
|
282
|
-
- "--title"
|
283
|
-
- autosign
|
284
|
-
- "--main"
|
285
|
-
- README.rdoc
|
286
|
-
- "-ri"
|
291
|
+
rdoc_options: []
|
287
292
|
require_paths:
|
288
293
|
- lib
|
289
294
|
- lib
|
@@ -298,8 +303,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
298
303
|
- !ruby/object:Gem::Version
|
299
304
|
version: '0'
|
300
305
|
requirements: []
|
301
|
-
|
302
|
-
rubygems_version: 2.2.2
|
306
|
+
rubygems_version: 3.0.8
|
303
307
|
signing_key:
|
304
308
|
specification_version: 4
|
305
309
|
summary: Tooling to make puppet autosigning easy, secure, and extensible
|