autosign 0.1.3 → 0.1.4
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +5 -5
- data/Gemfile.lock +55 -77
- data/autosign.gemspec +2 -2
- data/bin/autosign-validator +3 -2
- data/lib/autosign.rb +1 -1
- data/lib/autosign/token.rb +4 -4
- data/lib/autosign/version.rb +1 -1
- metadata +18 -18
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
|
-
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
2
|
+
SHA256:
|
3
|
+
metadata.gz: 7cea4888327d41b345649b2eee66159c1bb0e7f5c72bc47181273c2288267c22
|
4
|
+
data.tar.gz: e955bcf5683d7a732e5a230809249757abc85b15b3d472a19d8d1bae15888e07
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 51af9e930cf1348583e03bb824a43dc6a554064d3868aea5a29aafe47ba90680ab4f139b57f8371c269dfe20917d49fb6e4cabd60f3b4dc429aacea958e9175a
|
7
|
+
data.tar.gz: 32de31aabf2e38ea9ad43c9ec51d7f8fd8d3e1fd2a529f4ff504819b4f28ae7d83dcbe12e09495415c6a9fcab1d70c65e455ecbed5ef7f95c03b93db225ef49a
|
data/Gemfile.lock
CHANGED
@@ -1,122 +1,99 @@
|
|
1
1
|
PATH
|
2
2
|
remote: .
|
3
3
|
specs:
|
4
|
-
autosign (0.1.
|
4
|
+
autosign (0.1.4)
|
5
5
|
deep_merge (~> 1)
|
6
6
|
gli (~> 2)
|
7
7
|
iniparse (~> 1)
|
8
|
-
json (>= 1)
|
9
8
|
jwt (~> 1)
|
10
9
|
logging (~> 2)
|
10
|
+
multi_json (>= 1)
|
11
11
|
require_all (~> 1)
|
12
|
-
yard (~> 0.9.11)
|
13
12
|
|
14
13
|
GEM
|
15
14
|
remote: https://rubygems.org/
|
16
15
|
specs:
|
17
|
-
|
18
|
-
|
19
|
-
childprocess (~> 0.5.6)
|
16
|
+
aruba (0.14.12)
|
17
|
+
childprocess (>= 0.6.3, < 4.0.0)
|
20
18
|
contracts (~> 0.9)
|
21
19
|
cucumber (>= 1.3.19)
|
22
|
-
ffi (~> 1.9
|
20
|
+
ffi (~> 1.9)
|
23
21
|
rspec-expectations (>= 2.99)
|
24
22
|
thor (~> 0.19)
|
25
|
-
builder (3.2.
|
26
|
-
childprocess (0.
|
27
|
-
|
28
|
-
|
29
|
-
|
30
|
-
|
31
|
-
|
32
|
-
rest-client (>= 1.6.8, < 2)
|
33
|
-
simplecov (~> 0.11.0)
|
23
|
+
builder (3.2.3)
|
24
|
+
childprocess (3.0.0)
|
25
|
+
coderay (1.1.2)
|
26
|
+
contracts (0.16.0)
|
27
|
+
coveralls (0.8.23)
|
28
|
+
json (>= 1.8, < 3)
|
29
|
+
simplecov (~> 0.16.1)
|
34
30
|
term-ansicolor (~> 1.3)
|
35
|
-
thor (
|
36
|
-
tins (~> 1.6
|
37
|
-
cucumber (2.
|
31
|
+
thor (>= 0.19.4, < 2.0)
|
32
|
+
tins (~> 1.6)
|
33
|
+
cucumber (2.99.0)
|
38
34
|
builder (>= 2.1.2)
|
39
|
-
cucumber-core (~> 1.
|
35
|
+
cucumber-core (~> 1.5.0)
|
40
36
|
cucumber-wire (~> 0.0.1)
|
41
37
|
diff-lcs (>= 1.1.3)
|
42
|
-
|
43
|
-
gherkin3 (~> 3.1.0)
|
38
|
+
gherkin (~> 4.0)
|
44
39
|
multi_json (>= 1.7.5, < 2.0)
|
45
40
|
multi_test (>= 0.1.2)
|
46
|
-
cucumber-core (1.
|
47
|
-
|
41
|
+
cucumber-core (1.5.0)
|
42
|
+
gherkin (~> 4.0)
|
48
43
|
cucumber-wire (0.0.1)
|
49
44
|
deep_merge (1.2.1)
|
50
|
-
diff-lcs (1.
|
51
|
-
docile (1.
|
52
|
-
|
53
|
-
|
54
|
-
|
55
|
-
|
56
|
-
CFPropertyList (~> 2.2.6)
|
57
|
-
ffi (1.9.10)
|
58
|
-
gherkin3 (3.1.2)
|
59
|
-
gli (2.17.1)
|
45
|
+
diff-lcs (1.3)
|
46
|
+
docile (1.3.2)
|
47
|
+
facter (2.5.6)
|
48
|
+
ffi (1.11.2)
|
49
|
+
gherkin (4.1.3)
|
50
|
+
gli (2.19.0)
|
60
51
|
hiera (1.3.4)
|
61
52
|
json_pure
|
62
|
-
http-cookie (1.0.2)
|
63
|
-
domain_name (~> 0.5)
|
64
53
|
iniparse (1.4.4)
|
65
|
-
json (
|
66
|
-
json_pure (
|
54
|
+
json (2.2.0)
|
55
|
+
json_pure (2.2.0)
|
67
56
|
jwt (1.5.6)
|
68
57
|
little-plugger (1.1.4)
|
69
58
|
logging (2.2.2)
|
70
59
|
little-plugger (~> 1.1)
|
71
60
|
multi_json (~> 1.10)
|
72
|
-
method_source (0.
|
73
|
-
|
74
|
-
multi_json (1.11.2)
|
61
|
+
method_source (0.9.2)
|
62
|
+
multi_json (1.14.1)
|
75
63
|
multi_test (0.1.2)
|
76
|
-
|
77
|
-
pry (0.10.3)
|
64
|
+
pry (0.12.2)
|
78
65
|
coderay (~> 1.1.0)
|
79
|
-
method_source (~> 0.
|
80
|
-
|
81
|
-
puppet (3.8.4)
|
66
|
+
method_source (~> 0.9.0)
|
67
|
+
puppet (3.8.7)
|
82
68
|
facter (> 1.6, < 3)
|
83
69
|
hiera (~> 1.0)
|
84
70
|
json_pure
|
85
|
-
rake (10.
|
86
|
-
rdoc (4.
|
87
|
-
json (~> 1.4)
|
71
|
+
rake (10.5.0)
|
72
|
+
rdoc (4.3.0)
|
88
73
|
require_all (1.5.0)
|
89
|
-
|
90
|
-
|
91
|
-
|
92
|
-
|
93
|
-
rspec (3.
|
94
|
-
rspec-
|
95
|
-
|
96
|
-
rspec-mocks (~> 3.4.0)
|
97
|
-
rspec-core (3.4.1)
|
98
|
-
rspec-support (~> 3.4.0)
|
99
|
-
rspec-expectations (3.4.0)
|
74
|
+
rspec (3.9.0)
|
75
|
+
rspec-core (~> 3.9.0)
|
76
|
+
rspec-expectations (~> 3.9.0)
|
77
|
+
rspec-mocks (~> 3.9.0)
|
78
|
+
rspec-core (3.9.0)
|
79
|
+
rspec-support (~> 3.9.0)
|
80
|
+
rspec-expectations (3.9.0)
|
100
81
|
diff-lcs (>= 1.2.0, < 2.0)
|
101
|
-
rspec-support (~> 3.
|
102
|
-
rspec-mocks (3.
|
82
|
+
rspec-support (~> 3.9.0)
|
83
|
+
rspec-mocks (3.9.0)
|
103
84
|
diff-lcs (>= 1.2.0, < 2.0)
|
104
|
-
rspec-support (~> 3.
|
105
|
-
rspec-support (3.
|
106
|
-
simplecov (0.
|
107
|
-
docile (~> 1.1
|
108
|
-
json (
|
85
|
+
rspec-support (~> 3.9.0)
|
86
|
+
rspec-support (3.9.0)
|
87
|
+
simplecov (0.16.1)
|
88
|
+
docile (~> 1.1)
|
89
|
+
json (>= 1.8, < 3)
|
109
90
|
simplecov-html (~> 0.10.0)
|
110
|
-
simplecov-html (0.10.
|
111
|
-
|
112
|
-
term-ansicolor (1.3.2)
|
91
|
+
simplecov-html (0.10.2)
|
92
|
+
term-ansicolor (1.7.1)
|
113
93
|
tins (~> 1.0)
|
114
|
-
thor (0.
|
115
|
-
tins (1.
|
116
|
-
|
117
|
-
unf_ext
|
118
|
-
unf_ext (0.0.7.1)
|
119
|
-
yard (0.9.12)
|
94
|
+
thor (0.20.3)
|
95
|
+
tins (1.22.2)
|
96
|
+
yard (0.9.20)
|
120
97
|
|
121
98
|
PLATFORMS
|
122
99
|
ruby
|
@@ -131,6 +108,7 @@ DEPENDENCIES
|
|
131
108
|
rake (~> 10)
|
132
109
|
rdoc (~> 4)
|
133
110
|
rspec (~> 3)
|
111
|
+
yard (~> 0.9.11)
|
134
112
|
|
135
113
|
BUNDLED WITH
|
136
|
-
1.
|
114
|
+
1.17.3
|
data/autosign.gemspec
CHANGED
@@ -24,12 +24,12 @@ spec = Gem::Specification.new do |s|
|
|
24
24
|
s.add_development_dependency('rspec', '~> 3')
|
25
25
|
s.add_development_dependency('coveralls')
|
26
26
|
s.add_development_dependency('pry', '~> 0.10')
|
27
|
+
s.add_development_dependency('yard', '~> 0.9.11')
|
27
28
|
s.add_runtime_dependency('gli','~> 2')
|
28
29
|
s.add_runtime_dependency('jwt','~> 1')
|
29
30
|
s.add_runtime_dependency('iniparse','~> 1')
|
30
31
|
s.add_runtime_dependency('logging', '~> 2')
|
31
|
-
s.add_runtime_dependency('
|
32
|
+
s.add_runtime_dependency('multi_json', '>=1')
|
32
33
|
s.add_runtime_dependency('deep_merge', '~> 1')
|
33
34
|
s.add_runtime_dependency('require_all', '~> 1')
|
34
|
-
s.add_runtime_dependency('yard', '~> 0.9.11')
|
35
35
|
end
|
data/bin/autosign-validator
CHANGED
@@ -2,6 +2,8 @@
|
|
2
2
|
require 'autosign'
|
3
3
|
require 'logging'
|
4
4
|
|
5
|
+
### Ensure stdin is read https://tickets.puppetlabs.com/browse/SERVER-1116
|
6
|
+
raw_csr = $stdin.read
|
5
7
|
|
6
8
|
### Start logging
|
7
9
|
@logger = Logging.logger['Autosign']
|
@@ -28,11 +30,10 @@ unless ARGV.count == 1
|
|
28
30
|
exit 1
|
29
31
|
end
|
30
32
|
|
31
|
-
certname = ARGV
|
33
|
+
certname = ARGV.shift
|
32
34
|
@logger.debug "certname is " + certname
|
33
35
|
|
34
36
|
@logger.debug "reading CSR from stdin"
|
35
|
-
raw_csr = $stdin.read
|
36
37
|
csr = Autosign::Decoder.decode_csr(raw_csr)
|
37
38
|
exit 1 unless csr.is_a?(Hash)
|
38
39
|
|
data/lib/autosign.rb
CHANGED
data/lib/autosign/token.rb
CHANGED
@@ -1,6 +1,6 @@
|
|
1
1
|
module Autosign
|
2
2
|
require 'jwt'
|
3
|
-
require '
|
3
|
+
require 'multi_json'
|
4
4
|
require 'securerandom'
|
5
5
|
|
6
6
|
# Class modeling JSON Web Tokens as credentials for certificate auto signing.
|
@@ -62,7 +62,7 @@ module Autosign
|
|
62
62
|
errors = []
|
63
63
|
begin
|
64
64
|
@log.debug "Decoding and parsing token"
|
65
|
-
data =
|
65
|
+
data = MultiJson.load(JWT.decode(token, hmac_secret)[0]["data"])
|
66
66
|
rescue JWT::ExpiredSignature
|
67
67
|
@log.warn "Token has an expired signature"
|
68
68
|
errors << "Expired Signature"
|
@@ -142,7 +142,7 @@ module Autosign
|
|
142
142
|
rescue
|
143
143
|
raise Autosign::Token::Invalid
|
144
144
|
end
|
145
|
-
cert_data =
|
145
|
+
cert_data = MultiJson.load(decoded["data"])
|
146
146
|
new_token = self.new(cert_data["certname"], cert_data["reusable"], cert_data["validfor"],
|
147
147
|
cert_data["requester"], hmac_secret)
|
148
148
|
|
@@ -186,7 +186,7 @@ module Autosign
|
|
186
186
|
end
|
187
187
|
|
188
188
|
def to_json
|
189
|
-
|
189
|
+
MultiJson.dump to_hash
|
190
190
|
end
|
191
191
|
|
192
192
|
end
|
data/lib/autosign/version.rb
CHANGED
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: autosign
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.1.
|
4
|
+
version: 0.1.4
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Daniel Dreier
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date:
|
11
|
+
date: 2019-11-25 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: rake
|
@@ -122,6 +122,20 @@ dependencies:
|
|
122
122
|
- - "~>"
|
123
123
|
- !ruby/object:Gem::Version
|
124
124
|
version: '0.10'
|
125
|
+
- !ruby/object:Gem::Dependency
|
126
|
+
name: yard
|
127
|
+
requirement: !ruby/object:Gem::Requirement
|
128
|
+
requirements:
|
129
|
+
- - "~>"
|
130
|
+
- !ruby/object:Gem::Version
|
131
|
+
version: 0.9.11
|
132
|
+
type: :development
|
133
|
+
prerelease: false
|
134
|
+
version_requirements: !ruby/object:Gem::Requirement
|
135
|
+
requirements:
|
136
|
+
- - "~>"
|
137
|
+
- !ruby/object:Gem::Version
|
138
|
+
version: 0.9.11
|
125
139
|
- !ruby/object:Gem::Dependency
|
126
140
|
name: gli
|
127
141
|
requirement: !ruby/object:Gem::Requirement
|
@@ -179,7 +193,7 @@ dependencies:
|
|
179
193
|
- !ruby/object:Gem::Version
|
180
194
|
version: '2'
|
181
195
|
- !ruby/object:Gem::Dependency
|
182
|
-
name:
|
196
|
+
name: multi_json
|
183
197
|
requirement: !ruby/object:Gem::Requirement
|
184
198
|
requirements:
|
185
199
|
- - ">="
|
@@ -220,20 +234,6 @@ dependencies:
|
|
220
234
|
- - "~>"
|
221
235
|
- !ruby/object:Gem::Version
|
222
236
|
version: '1'
|
223
|
-
- !ruby/object:Gem::Dependency
|
224
|
-
name: yard
|
225
|
-
requirement: !ruby/object:Gem::Requirement
|
226
|
-
requirements:
|
227
|
-
- - "~>"
|
228
|
-
- !ruby/object:Gem::Version
|
229
|
-
version: 0.9.11
|
230
|
-
type: :runtime
|
231
|
-
prerelease: false
|
232
|
-
version_requirements: !ruby/object:Gem::Requirement
|
233
|
-
requirements:
|
234
|
-
- - "~>"
|
235
|
-
- !ruby/object:Gem::Version
|
236
|
-
version: 0.9.11
|
237
237
|
description:
|
238
238
|
email: ddreier@thinkplango.com
|
239
239
|
executables:
|
@@ -300,7 +300,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
300
300
|
version: '0'
|
301
301
|
requirements: []
|
302
302
|
rubyforge_project:
|
303
|
-
rubygems_version: 2.
|
303
|
+
rubygems_version: 2.7.7
|
304
304
|
signing_key:
|
305
305
|
specification_version: 4
|
306
306
|
summary: Tooling to make puppet autosigning easy, secure, and extensible
|