blockstack 0.5.2 → 0.5.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/blockstack/version.rb +1 -1
- data/lib/blockstack.rb +5 -5
- metadata +1 -1
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 2afc7cfdcf15787fa05c54435909bcffb382fd3b
|
|
4
|
+
data.tar.gz: e4380227dd173ad40ab834a4b4ada210a226c77f
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 1bed0576f8b639ff12fd0897a892abba6fa431bc0185b05f2daf230427ef3b14520f41f447656e6bc5b6d5630f44f62cbf15d02272604b0ad6aba9f40a71a2cb
|
|
7
|
+
data.tar.gz: 4d38536fe524a51ca0bd1476fa63b81b35df9443fa9963bfcdb7dcb1e8a29366dab6271d987c5e46b3d54a42a257fcf7a06e505c973e61537ec0e6ff891c0583
|
data/lib/blockstack/version.rb
CHANGED
data/lib/blockstack.rb
CHANGED
|
@@ -50,7 +50,7 @@ module Blockstack
|
|
|
50
50
|
raise InvalidAuthResponse.new("Missing required '#{field}' claim.") if !decoded_token.key?(field.to_s)
|
|
51
51
|
end
|
|
52
52
|
raise InvalidAuthResponse.new("Missing required 'iat' claim.") if !decoded_token["iat"]
|
|
53
|
-
raise InvalidAuthResponse.new("'iat' timestamp claim is skewed too far from present.") if (Time.now.to_i - decoded_token["iat"]).abs >
|
|
53
|
+
raise InvalidAuthResponse.new("'iat' timestamp claim is skewed too far from present.") if (Time.now.to_i - decoded_token["iat"]).abs > self.valid_within
|
|
54
54
|
|
|
55
55
|
public_keys = decoded_token['publicKeys']
|
|
56
56
|
|
|
@@ -65,12 +65,12 @@ module Blockstack
|
|
|
65
65
|
verify = true
|
|
66
66
|
|
|
67
67
|
# decode & verify signature
|
|
68
|
-
decoded_tokens = JWT.decode auth_token, ecdsa_key, verify, algorithm: ALGORITHM, exp_leeway:
|
|
68
|
+
decoded_tokens = JWT.decode auth_token, ecdsa_key, verify, algorithm: ALGORITHM, exp_leeway: self.leeway
|
|
69
69
|
decoded_token = decoded_tokens[0]
|
|
70
70
|
|
|
71
71
|
raise InvalidAuthResponse.new("Public keys don't match issuer address") unless self.public_keys_match_issuer?(decoded_token)
|
|
72
72
|
|
|
73
|
-
raise InvalidAuthResponse.new("Public keys don't match owner of claimed username") unless self.public_keys_match_username?(
|
|
73
|
+
raise InvalidAuthResponse.new("Public keys don't match owner of claimed username") unless self.public_keys_match_username?(decoded_token)
|
|
74
74
|
|
|
75
75
|
return decoded_token
|
|
76
76
|
rescue JWT::VerificationError => error
|
|
@@ -105,11 +105,11 @@ module Blockstack
|
|
|
105
105
|
address_from_issuer == address_from_public_keys
|
|
106
106
|
end
|
|
107
107
|
|
|
108
|
-
def self.public_keys_match_username?(
|
|
108
|
+
def self.public_keys_match_username?(decoded_token)
|
|
109
109
|
username = decoded_token["username"]
|
|
110
110
|
return true if username.nil?
|
|
111
111
|
|
|
112
|
-
response = Faraday.get "#{
|
|
112
|
+
response = Faraday.get "#{self.api}/v1/names/#{username}"
|
|
113
113
|
json = JSON.parse response.body
|
|
114
114
|
|
|
115
115
|
raise "Issuer claimed username that doesn't exist" if response.status == 404
|