blockstack 7.0.0 → 7.0.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: fdf4936b41292c2309f116a60b9a86dbd4909ea3
-  data.tar.gz: a414239cee794d16ccedb5a2c39c65ba370a7d52
+  metadata.gz: 98dc45c77ec49a8d6725daf6e4eb4e642edad166
+  data.tar.gz: 02e764103cafbc18bac059b23487a8827ccc1128
 SHA512:
-  metadata.gz: 7be8209da468a56ed390d2c5175a6f94c448eb3cab903075be1f881fdcf6daf1b36d781b4d991c097b6f64e562a58266f5c10e47924604d229d887bf8d402599
-  data.tar.gz: f1d7e39d5284ec7ae5df63bab0f68e101968926fa56ff6decfa8dfb078d071f1b129dc5e3e25d9c3d72e45bb64217b3a47db8d881494180f253d4db63a6c5701
+  metadata.gz: 64266c0200959358ae3f0e06d3d7678d56bc1a0c9030e831dd21b56b209e0d2397a636cdf47d04107b6b960b11e18d9124172504aa3f62f1c138f886b4d81d43
+  data.tar.gz: 589cec9d95fc24c24f64679da6b3f4fdea85e9d9924044fd0a1038f8482fd80e5aa074771a5f81f4d7b6c4746e9490a480bda99b1d1a73753efb2876224d6b8a

data/README.md

@@ -34,7 +34,7 @@ the [OmniAuth Blockstack strategy](https://github.com/blockstack/omniauth-blocks
 ### To verify an auth response
 
 ```ruby
-require "blockstack"
+require 'blockstack'
 
 begin
   auth_response = request.params['authResponse']

data/Rakefile

@@ -1,7 +1,13 @@
-require "bundler/gem_tasks"
-require "rspec/core/rake_task"
+require 'bundler/gem_tasks'
+require 'rspec/core/rake_task'
+require 'rubocop/rake_task'
+
+RuboCop::RakeTask.new(:rubocop) do |t|
+  t.options = ['--lint']
+end
 
 RSpec::Core::RakeTask.new
 
-task :default => :spec
-task :test => :spec
+
+task test: [:rubocop, :spec]
+task default: :test

data/bin/console

@@ -1,14 +1,14 @@
 #!/usr/bin/env ruby
 
-require "bundler/setup"
-require "blockstack"
+require 'bundler/setup'
+require 'blockstack'
 
 # You can add fixtures and/or initialization code here to make experimenting
 # with your gem easier. You can also use a different console, if you like.
 
 # (If you use this, don't forget to add pry to your Gemfile!)
-# require "pry"
+# require 'pry'
 # Pry.start
 
-require "irb"
+require 'irb'
 IRB.start

data/blockstack.gemspec

@@ -4,29 +4,29 @@ $LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
 require 'blockstack/version'
 
 Gem::Specification.new do |spec|
-  spec.name          = "blockstack"
+  spec.name          = 'blockstack'
   spec.version       = Blockstack::VERSION
-  spec.authors       = ["Larry Salibra"]
-  spec.email         = ["rubygems@larrysalibra.com"]
-  spec.summary       = "The Blockstack ruby library for identity and authentication"
-  spec.homepage      = "https://github.com/larrysalibra/blockstack-ruby"
-  spec.license       = "MIT"
+  spec.authors       = ['Larry Salibra']
+  spec.email         = ['rubygems@larrysalibra.com']
+  spec.summary       = 'The Blockstack ruby library for identity and authentication'
+  spec.homepage      = 'https://github.com/larrysalibra/blockstack-ruby'
+  spec.license       = 'MIT'
 
   spec.files         = `git ls-files -z`.split("\x0").reject do |f|
-      f.match(%r{^(test|spec|features)/})
+    f.match(%r{^(test|spec|features)/})
   end
-  spec.bindir        = "exe"
+  spec.bindir        = 'exe'
   spec.executables   = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
-  spec.require_paths = ["lib"]
+  spec.require_paths = ['lib']
 
-  spec.add_development_dependency "bundler", "~> 1.13"
-  spec.add_development_dependency "rake", "~> 10.0"
-  spec.add_development_dependency "rspec"
-  spec.add_development_dependency "webmock"
-  spec.add_development_dependency "vcr"
-
-  spec.add_dependency "jwtb", "2.0.0.beta2.bsk1"
-  spec.add_dependency "bitcoin-ruby"
-  spec.add_dependency "faraday"
+  spec.add_development_dependency 'bundler', '~> 1.13'
+  spec.add_development_dependency 'rake', '~> 10.0'
+  spec.add_development_dependency 'rspec'
+  spec.add_development_dependency 'webmock'
+  spec.add_development_dependency 'vcr'
+  spec.add_development_dependency 'rubocop'
 
+  spec.add_dependency 'jwtb', '2.0.0.beta2.bsk1'
+  spec.add_dependency 'bitcoin-ruby'
+  spec.add_dependency 'faraday'
 end

data/lib/blockstack/user.rb

@@ -1,124 +1,119 @@
 module Blockstack
   class User
-      def self.from_json(json, username)
-          User.new(json, username)
-      end
+    def self.from_json(json, username)
+      User.new(json, username)
+    end
 
-      attr_reader :username
-      attr_reader :name_formatted
-      attr_reader :avatar_url
-      attr_reader :cover_url
-      attr_reader :location_formatted
-      attr_reader :website
-      attr_reader :bio
-      attr_reader :angellist_username
-      attr_reader :github_username
-      attr_reader :facebook_username
-      attr_reader :twitter_username
-      attr_reader :instagram_username
-      attr_reader :linkedin_url
-      attr_reader :bitcoin_address
-      attr_reader :bitmessage_address
-      attr_reader :bitcoinotc_username
-      attr_reader :pgp_fingerprint
-      attr_reader :pgp_url
-      attr_reader :orgs
-      attr_reader :schema_version
+    attr_reader :username
+    attr_reader :name_formatted
+    attr_reader :avatar_url
+    attr_reader :cover_url
+    attr_reader :location_formatted
+    attr_reader :website
+    attr_reader :bio
+    attr_reader :angellist_username
+    attr_reader :github_username
+    attr_reader :facebook_username
+    attr_reader :twitter_username
+    attr_reader :instagram_username
+    attr_reader :linkedin_url
+    attr_reader :bitcoin_address
+    attr_reader :bitmessage_address
+    attr_reader :bitcoinotc_username
+    attr_reader :pgp_fingerprint
+    attr_reader :pgp_url
+    attr_reader :orgs
+    attr_reader :schema_version
 
-      def initialize(json, username)
-          if(json["profile"])
-              json = json["profile"]
-          end
-          if(json['v'] == "0.2")
-            @username = username
-            @name_formatted = json["name"]["formatted"] if json["name"]
-            @avatar_url = json["avatar"]["url"] if json["avatar"]
-            @cover_url = json["cover"]["url"] if json["cover"]
-            @location_formatted = json["location"]["formatted"] if json["location"]
-            @website = json["website"]
-            @bio = json["bio"]
-            @angellist_username = json["angellist"]["username"] if json["angellist"]
-            @github_username = json["github"]["username"] if json["github"]
-            @facebook_username = json["facebook"]["username"] if json["facebook"]
-            @twitter_username = json["twitter"]["username"] if json["twitter"]
-            @instagram_username = json["instagram"]["username"] if json["instagram"]
-            @linkedin_url = json["linkedin"]["url"] if json["linkedin"]
-            @bitcoin_address = json["bitcoin"]["address"] if json["bitcoin"]
-            @bitmessage_address = json["bitmessage"]["address"] if json["bitmessage"]
-            @bitcoinotc_username = json["bitcoinotc"]["username"] if json["bitcoinotc"]
-            @pgp_fingerprint = json["pgp"]["fingerprint"] if json["pgp"]
-            @pgp_url = json["pgp"]["url"] if json["pgp"]
-            @schema_version = json["v"]
-            @orgs = parse_orgs(json["orgs"])
-          else
-            @username = username
-            @name_formatted = json["name"] if json["name"]
-            @avatar_url = find_image_url(json, 'avatar')
-            @cover_url = find_image_url(json, 'cover')
-            @location_formatted = json["address"]["addressLocality"] if json["address"]
-            @website = json["website"][0]["url"] if json["website"] && json["website"][0]
-            @bio = json["description"]
-            @angellist_username = find_account_username(json, "angellist")
-            @github_username = find_account_username(json, "github")
-            @facebook_username = find_account_username(json, "facebook")
-            @twitter_username = find_account_username(json, "twitter")
-            @instagram_username = find_account_username(json, "instagram")
-            @linkedin_url = find_account_username(json, "linkedin")
-            @bitcoin_address = find_account_username(json, "bitcoin")
-            @bitmessage_address = find_account_username(json, "bitmessage")
-            @bitcoinotc_username = find_account_username(json, "bitcoinotc")
-            @pgp_fingerprint = find_account_username(json, "pgp")
-            @pgp_url = find_account(json, "pgp")['contentUrl'] if @pgp_fingerprint
-            @schema_version = "0.3"
-            @orgs = parse_orgs(json["orgs"])
-          end
+    def initialize(json, username)
+      json = json['profile'] if json['profile']
 
+      if json['v'] == '0.2'
+        @username = username
+        @name_formatted = json['name']['formatted'] if json['name']
+        @avatar_url = json['avatar']['url'] if json['avatar']
+        @cover_url = json['cover']['url'] if json['cover']
+        @location_formatted = json['location']['formatted'] if json['location']
+        @website = json['website']
+        @bio = json['bio']
+        @angellist_username = json['angellist']['username'] if json['angellist']
+        @github_username = json['github']['username'] if json['github']
+        @facebook_username = json['facebook']['username'] if json['facebook']
+        @twitter_username = json['twitter']['username'] if json['twitter']
+        @instagram_username = json['instagram']['username'] if json['instagram']
+        @linkedin_url = json['linkedin']['url'] if json['linkedin']
+        @bitcoin_address = json['bitcoin']['address'] if json['bitcoin']
+        @bitmessage_address = json['bitmessage']['address'] if json['bitmessage']
+        @bitcoinotc_username = json['bitcoinotc']['username'] if json['bitcoinotc']
+        @pgp_fingerprint = json['pgp']['fingerprint'] if json['pgp']
+        @pgp_url = json['pgp']['url'] if json['pgp']
+        @schema_version = json['v']
+        @orgs = parse_orgs(json['orgs'])
+      else
+        @username = username
+        @name_formatted = json['name'] if json['name']
+        @avatar_url = find_image_url(json, 'avatar')
+        @cover_url = find_image_url(json, 'cover')
+        @location_formatted = json['address']['addressLocality'] if json['address']
+        @website = json['website'][0]['url'] if json['website'] && json['website'][0]
+        @bio = json['description']
+        @angellist_username = find_account_username(json, 'angellist')
+        @github_username = find_account_username(json, 'github')
+        @facebook_username = find_account_username(json, 'facebook')
+        @twitter_username = find_account_username(json, 'twitter')
+        @instagram_username = find_account_username(json, 'instagram')
+        @linkedin_url = find_account_username(json, 'linkedin')
+        @bitcoin_address = find_account_username(json, 'bitcoin')
+        @bitmessage_address = find_account_username(json, 'bitmessage')
+        @bitcoinotc_username = find_account_username(json, 'bitcoinotc')
+        @pgp_fingerprint = find_account_username(json, 'pgp')
+        @pgp_url = find_account(json, 'pgp')['contentUrl'] if @pgp_fingerprint
+        @schema_version = '0.3'
+        @orgs = parse_orgs(json['orgs'])
       end
+    end
 
-      def openname
-          warn "[DEPRECATION] `openname` is deprecated.  Please use `username` instead."
-          username
-      end
+    def openname
+      warn '[DEPRECATION] `openname` is deprecated.  Please use `username` instead.'
+      username
+    end
 
-      protected
+    protected
 
-      def find_image_url(json, type)
-        images = json['image']
-        if(images && images.kind_of?(Array))
-          for image in images
-            return image['contentUrl'] if image['name'] == type
-          end
+    def find_image_url(json, type)
+      images = json['image']
+      if images && images.is_a?(Array)
+        images.each do |image|
+          return image['contentUrl'] if image['name'] == type
         end
-        nil
       end
+      nil
+    end
 
-      def find_account(json, service)
-        accounts = json['account']
-        if(accounts && accounts.kind_of?(Array))
-          for account in accounts
-            return account if account['service'] == service
-          end
+    def find_account(json, service)
+      accounts = json['account']
+      if accounts && accounts.is_a?(Array)
+        accounts.each do |account|
+          return account if account['service'] == service
         end
-        nil
       end
+      nil
+    end
 
-      def find_account_username(json, service)
-        account = find_account(json, service)
-        if(account)
-          return account['identifier']
-        end
-        nil
-      end
+    def find_account_username(json, service)
+      account = find_account(json, service)
+      return account['identifier'] if account
+      nil
+    end
 
-      def parse_orgs(orgs_json)
-          orgs = Array.new
-          if orgs_json
-              for org_json in orgs_json
-                  orgs << Org.new(org_json)
-              end
-          end
-          orgs
+    def parse_orgs(orgs_json)
+      orgs = []
+      if orgs_json
+        orgs_json.each do |org_json|
+          orgs << Org.new(org_json)
+        end
       end
-
+      orgs
+    end
   end
 end

data/lib/blockstack/version.rb

@@ -1,3 +1,3 @@
 module Blockstack
-    VERSION = "7.0.0"
+    VERSION = "7.0.1"
 end

data/lib/blockstack.rb

@@ -1,137 +1,137 @@
-require "blockstack/version"
-require "blockstack/user"
-require "bitcoin"
-require "faraday"
-require "jwtb"
+require 'blockstack/version'
+require 'blockstack/user'
+require 'bitcoin'
+require 'faraday'
+require 'jwtb'
 
 module Blockstack
-    class InvalidAuthResponse < StandardError; end
-
-    USER_AGENT = "blockstack-ruby #{VERSION}"
-    ALGORITHM = "ES256K"
-    REQUIRED_CLAIMS = %w(iss iat jti exp username profile public_keys)
-
-    DEFAULT_LEEWAY = 30 # seconds
-    DEFAULT_VALID_WITHIN = 30 # seconds
-    DEFAULT_API = "https://core.blockstack.org"
-
-    def self.api=(api)
-      @@api = api.nil? ? DEFAULT_API : api
-    end
-
-    def self.api
-      @@api
-    end
-
-    def self.leeway=(leeway)
-      @@leeway = leeway.nil? ? DEFAULT_LEEWAY : leeway
-    end
-
-    def self.leeway
-      @@leeway
-    end
-
-    def self.valid_within=(valid_within)
-      @@valid_within = valid_within.nil? ? DEFAULT_VALID_WITHIN : valid_within
-    end
-
-    def self.valid_within
-      @@valid_within
-    end
-
-    def self.verify_auth_response(auth_token)
-      # decode & verify token without checking signature so we can extract
-      # public keys
-      public_key = nil
-      verify = false
-      decoded_tokens = JWTB.decode auth_token, public_key, verify, algorithm: ALGORITHM
-      decoded_token = decoded_tokens[0]
-
-      REQUIRED_CLAIMS.each do |field|
-        raise InvalidAuthResponse.new("Missing required '#{field}' claim.") if !decoded_token.key?(field.to_s)
-      end
-      raise InvalidAuthResponse.new("Missing required 'iat' claim.") if !decoded_token["iat"]
-      raise InvalidAuthResponse.new("'iat' timestamp claim is skewed too far from present.") if (Time.now.to_i - decoded_token["iat"]).abs > self.valid_within
-
-      public_keys = decoded_token['public_keys']
-
-      raise InvalidAuthResponse.new("Invalid public_keys array: only 1 key is supported") unless public_keys.length == 1
-
-      compressed_hex_public_key = public_keys[0]
-      bignum = OpenSSL::BN.new(compressed_hex_public_key, 16)
-      group = OpenSSL::PKey::EC::Group.new 'secp256k1'
-      public_key = OpenSSL::PKey::EC::Point.new(group, bignum)
-      ecdsa_key = OpenSSL::PKey::EC.new 'secp256k1'
-      ecdsa_key.public_key = public_key
-      verify = true
-
-      # decode & verify signature
-      decoded_tokens = JWTB.decode auth_token, ecdsa_key, verify, algorithm: ALGORITHM, exp_leeway: self.leeway
-      decoded_token = decoded_tokens[0]
-
-      raise InvalidAuthResponse.new("Public keys don't match issuer address") unless self.public_keys_match_issuer?(decoded_token)
-
-      raise InvalidAuthResponse.new("Public keys don't match owner of claimed username") unless self.public_keys_match_username?(decoded_token)
-
-      return decoded_token
-    rescue JWTB::VerificationError => error
-      raise InvalidAuthResponse.new("Signature on JWT is invalid")
-    rescue JWTB::DecodeError => error
-      raise InvalidAuthResponse.new("Unable to decode JWT")
-    rescue RuntimeError => error
-      raise InvalidAuthResponse.new(error.message)
-    end
-
-    def self.get_did_type(decentralized_id)
-      did_parts = decentralized_id.split(':')
-      raise 'Decentralized IDs must have 3 parts' if did_parts.length != 3
-      raise 'Decentralized IDs must start with "did"' if did_parts[0].downcase != 'did'
-      did_parts[1].downcase
+  class InvalidAuthResponse < StandardError; end
+
+  USER_AGENT = "blockstack-ruby #{VERSION}"
+  ALGORITHM = 'ES256K'
+  REQUIRED_CLAIMS = %w(iss iat jti exp username profile public_keys)
+
+  DEFAULT_LEEWAY = 30 # seconds
+  DEFAULT_VALID_WITHIN = 30 # seconds
+  DEFAULT_API = 'https://core.blockstack.org'
+
+  def self.api=(api)
+    @api = api || DEFAULT_API
+  end
+
+  def self.api
+    @api
+  end
+
+  def self.leeway=(leeway)
+    @leeway = leeway || DEFAULT_LEEWAY
+  end
+
+  def self.leeway
+    @leeway
+  end
+
+  def self.valid_within=(valid_within)
+    @valid_within = valid_within || DEFAULT_VALID_WITHIN
+  end
+
+  def self.valid_within
+    @valid_within
+  end
+
+  # decode & verify token without checking signature so we can extract
+  # public keys
+  def self.verify_without_signature(auth_token)
+    public_key = nil
+    verify = false
+    decoded_tokens = JWTB.decode auth_token, public_key, verify, algorithm: ALGORITHM
+    decoded_tokens[0]
+  end
+
+  # decode & verify signature
+  def self.verify_with_signature(auth_token)
+    compressed_hex_public_key = public_keys[0]
+    bignum = OpenSSL::BN.new(compressed_hex_public_key, 16)
+    group = OpenSSL::PKey::EC::Group.new 'secp256k1'
+    public_key = OpenSSL::PKey::EC::Point.new(group, bignum)
+    ecdsa_key = OpenSSL::PKey::EC.new 'secp256k1'
+    ecdsa_key.public_key = public_key
+    verify = true
+
+    decoded_tokens = JWTB.decode auth_token, ecdsa_key, verify, algorithm: ALGORITHM, exp_leeway: leeway
+    decoded_tokens[0]
+  end
+
+  def self.verify_auth_response(auth_token)
+    decoded_token = verify_without_signature(auth_token)
+
+    REQUIRED_CLAIMS.each do |field|
+      fail InvalidAuthResponse.new("Missing required '#{field}' claim.") unless decoded_token.key?(field.to_s)
     end
-
-    def self.get_address_from_did(decentralized_id)
-      did_type = get_did_type(decentralized_id)
-      return nil if did_type != 'btc-addr'
-      decentralized_id.split(':')[2]
-    end
-
-    protected
-
-    def self.public_keys_match_issuer?(decoded_token)
-      public_keys = decoded_token['public_keys']
-      address_from_issuer = get_address_from_did(decoded_token['iss'])
-
-      raise 'Multiple public keys are not supported' unless public_keys.count == 1
-
-      address_from_public_keys = Bitcoin::pubkey_to_address public_keys.first
-
-      address_from_issuer == address_from_public_keys
-    end
-
-    def self.public_keys_match_username?(decoded_token)
-      username = decoded_token["username"]
-      return true if username.nil?
-
-      response = Faraday.get "#{self.api}/v1/names/#{username}"
-      json = JSON.parse response.body
-
-      raise "Issuer claimed username that doesn't exist" if response.status == 404
-      raise "Unable to verify issuer's claimed username" if response.status != 200
-
-      name_owning_address = json['address']
-      address_from_issuer = get_address_from_did decoded_token['iss']
-      name_owning_address == address_from_issuer
-    end
-
-    def self.faraday
-      connection = Faraday.new
-      connection.headers[:user_agent] = USER_AGENT
-      connection
-    end
-
-    private
-
-    @@leeway = DEFAULT_LEEWAY
-    @@valid_within = DEFAULT_VALID_WITHIN
-    @@api = DEFAULT_API
+    fail InvalidAuthResponse.new("Missing required 'iat' claim.") unless decoded_token['iat']
+    fail InvalidAuthResponse.new("'iat' timestamp claim is skewed too far from present.") if (Time.now.to_i - decoded_token['iat']).abs > valid_within
+
+    public_keys = decoded_token['public_keys']
+    fail InvalidAuthResponse.new('Invalid public_keys array: only 1 key is supported') unless public_keys.length == 1
+
+    decoded_token = verify_with_signature(auth_token)
+    fail InvalidAuthResponse.new("Public keys don't match issuer address") unless self.public_keys_match_issuer?(decoded_token)
+    fail InvalidAuthResponse.new("Public keys don't match owner of claimed username") unless self.public_keys_match_username?(decoded_token)
+
+    return decoded_token
+  rescue JWTB::VerificationError
+    raise InvalidAuthResponse.new('Signature on JWT is invalid')
+  rescue JWTB::DecodeError
+    raise InvalidAuthResponse.new('Unable to decode JWT')
+  rescue RuntimeError => error
+    raise InvalidAuthResponse.new(error.message)
+  end
+
+  def self.get_did_type(decentralized_id)
+    did_parts = decentralized_id.split(':')
+    fail 'Decentralized IDs must have 3 parts' if did_parts.length != 3
+    fail 'Decentralized IDs must start with "did"' if did_parts[0].downcase != 'did'
+    did_parts[1].downcase
+  end
+
+  def self.get_address_from_did(decentralized_id)
+    did_type = get_did_type(decentralized_id)
+    return nil if did_type != 'btc-addr'
+    decentralized_id.split(':')[2]
+  end
+
+  def self.public_keys_match_issuer?(decoded_token)
+    public_keys = decoded_token['public_keys']
+    address_from_issuer = get_address_from_did(decoded_token['iss'])
+
+    fail 'Multiple public keys are not supported' unless public_keys.count == 1
+
+    address_from_public_keys = Bitcoin.pubkey_to_address(public_keys.first)
+    address_from_issuer == address_from_public_keys
+  end
+
+  def self.public_keys_match_username?(decoded_token)
+    username = decoded_token['username']
+    return true if username.nil?
+
+    response = Faraday.get "#{api}/v1/names/#{username}"
+    json = JSON.parse response.body
+
+    fail "Issuer claimed username that doesn't exist" if response.status == 404
+    fail "Unable to verify issuer's claimed username" if response.status != 200
+
+    name_owning_address = json['address']
+    address_from_issuer = get_address_from_did decoded_token['iss']
+    name_owning_address == address_from_issuer
+  end
+
+  def self.faraday
+    connection = Faraday.new
+    connection.headers[:user_agent] = USER_AGENT
+    connection
+  end
+
+  @leeway = DEFAULT_LEEWAY
+  @valid_within = DEFAULT_VALID_WITHIN
+  @api = DEFAULT_API
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: blockstack
 version: !ruby/object:Gem::Version
-  version: 7.0.0
+  version: 7.0.1
 platform: ruby
 authors:
 - Larry Salibra
@@ -80,6 +80,20 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: '0'
+- !ruby/object:Gem::Dependency
+  name: rubocop
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
 - !ruby/object:Gem::Dependency
   name: jwtb
   requirement: !ruby/object:Gem::Requirement