browserid-verify 0.1.0 → 0.2.0
Sign up to get free protection for your applications and to get access to all the features.
- data/.gitignore +1 -0
- data/README.md +24 -10
- data/Rakefile +20 -0
- data/browserid-verify.gemspec +20 -0
- data/lib/browserid.rb +1 -0
- data/lib/browserid/verify.rb +62 -0
- data/test/integration/test_failure.rb +6 -0
- data/test/test_busy.rb +20 -6
- data/test/test_okay.rb +43 -15
- metadata +8 -3
data/.gitignore
ADDED
@@ -0,0 +1 @@
|
|
1
|
+
browserid-verify-*.gem
|
data/README.md
CHANGED
@@ -5,17 +5,25 @@ Verify BrowserID assertions in Ruby.
|
|
5
5
|
Currently this package only allows remote verification. Once the assertion format has stabilised we'll also add the
|
6
6
|
ability to verify assertions locally.
|
7
7
|
|
8
|
-
##
|
8
|
+
## Installation ##
|
9
|
+
|
10
|
+
Install as Ruby Gem in your Project.
|
9
11
|
|
12
|
+
```bash
|
13
|
+
gem install browserid-verify
|
10
14
|
```
|
15
|
+
|
16
|
+
## Usage ##
|
17
|
+
|
18
|
+
```ruby
|
11
19
|
require 'browserid/verify'
|
12
20
|
include BrowserID::Verify
|
13
21
|
```
|
14
22
|
|
15
|
-
Using the functional API, you can call ```
|
23
|
+
Using the functional API, you can call ```verify()``` with both an ```audience``` and an ```assertion```.
|
16
24
|
|
17
|
-
```
|
18
|
-
data =
|
25
|
+
```ruby
|
26
|
+
data = verify(audience, assertion)
|
19
27
|
puts "Data: #{data.inspect}"
|
20
28
|
```
|
21
29
|
|
@@ -25,7 +33,7 @@ supported) and the audience.
|
|
25
33
|
|
26
34
|
Then, use the ```verify()``` method to give it the assertion.
|
27
35
|
|
28
|
-
```
|
36
|
+
```ruby
|
29
37
|
verifier = Verify.new('remote', audience)
|
30
38
|
|
31
39
|
data = verifier.verify(assertion)
|
@@ -35,7 +43,7 @@ puts "Data: #{data.inspect}"
|
|
35
43
|
Using your own hosted version of the verifier, you can pass in a URL as the third parameter of either the constructor
|
36
44
|
or the ```verify_remotely()``` function.
|
37
45
|
|
38
|
-
```
|
46
|
+
```ruby
|
39
47
|
data = verify_remotely(audience, assertion, 'https://verifier.localhost/')
|
40
48
|
|
41
49
|
# or
|
@@ -48,17 +56,23 @@ data = verifier.verify(assertion)
|
|
48
56
|
|
49
57
|
Functional interface:
|
50
58
|
|
51
|
-
```
|
59
|
+
```ruby
|
60
|
+
data = verify_remotely(audience, assertion[, url = 'https://verifier.login.persona.org/verify'])
|
61
|
+
```
|
52
62
|
|
53
63
|
Object interface:
|
54
64
|
|
55
|
-
```
|
65
|
+
```ruby
|
66
|
+
verifier = Verify.new(type, audience[, url = 'https://verifier.login.persona.org/verify'])
|
67
|
+
```
|
56
68
|
|
57
|
-
```
|
69
|
+
```ruby
|
70
|
+
data = verifier.verify(assertion)
|
71
|
+
```
|
58
72
|
|
59
73
|
Options:
|
60
74
|
|
61
|
-
```type``` - must be 'remote' or 'local' (this library currently only supports 'remote'
|
75
|
+
```type``` - must be 'remote' or 'local' (this library currently only supports 'remote')
|
62
76
|
|
63
77
|
```audience``` - should be your hostname such as ```https://example.com```
|
64
78
|
|
data/Rakefile
ADDED
@@ -0,0 +1,20 @@
|
|
1
|
+
require 'rake/testtask'
|
2
|
+
|
3
|
+
desc "Perform all tests"
|
4
|
+
Rake::TestTask.new do |t|
|
5
|
+
t.libs = ["lib"]
|
6
|
+
t.name = "test"
|
7
|
+
t.warning = true
|
8
|
+
t.verbose = true
|
9
|
+
t.test_files = FileList['test/test_*.rb']
|
10
|
+
end
|
11
|
+
|
12
|
+
desc "Perform integration tests"
|
13
|
+
Rake::TestTask.new do |t|
|
14
|
+
t.libs = ["lib"]
|
15
|
+
t.name = "test:integration"
|
16
|
+
t.warning = true
|
17
|
+
t.test_files = FileList['test/integration/test_*.rb']
|
18
|
+
end
|
19
|
+
|
20
|
+
task :default => :test
|
@@ -0,0 +1,20 @@
|
|
1
|
+
#!/usr/bin/env gem build
|
2
|
+
|
3
|
+
Gem::Specification.new do |s|
|
4
|
+
s.name = 'browserid-verify'
|
5
|
+
s.version = '0.2.0'
|
6
|
+
s.summary = "A BrowserID Verifier."
|
7
|
+
s.description = "Verify BrowserID assertions either remotely or locally (only remote implemented currently)."
|
8
|
+
s.homepage = 'https://github.com/chilts/browserid-verify-ruby'
|
9
|
+
s.license = 'MPL 2'
|
10
|
+
|
11
|
+
s.date = '2013-08-21'
|
12
|
+
s.author = "Andrew Chilton"
|
13
|
+
s.email = 'chilts@mozilla.com'
|
14
|
+
|
15
|
+
s.files = `git ls-files`.split("\n")
|
16
|
+
s.test_files = `git ls-files -- test/*`.split("\n")
|
17
|
+
s.require_paths = ["lib"]
|
18
|
+
|
19
|
+
s.extra_rdoc_files = ["LICENSE", "README.md"]
|
20
|
+
end
|
data/lib/browserid.rb
ADDED
@@ -0,0 +1 @@
|
|
1
|
+
require 'browserid/verify'
|
@@ -0,0 +1,62 @@
|
|
1
|
+
require "uri"
|
2
|
+
require "net/http"
|
3
|
+
require 'net/https'
|
4
|
+
require "json"
|
5
|
+
|
6
|
+
module BrowserID
|
7
|
+
module Verify
|
8
|
+
|
9
|
+
class Verify
|
10
|
+
|
11
|
+
def initialize(type, audience, url = 'https://verifier.login.persona.org/verify')
|
12
|
+
# Instance variables
|
13
|
+
@type = type
|
14
|
+
@audience = audience
|
15
|
+
@url = url
|
16
|
+
@uri = URI.parse(@url)
|
17
|
+
|
18
|
+
# make an agent and remember it
|
19
|
+
@https = Net::HTTP.new(@uri.host, @uri.port)
|
20
|
+
@https.use_ssl = true
|
21
|
+
end
|
22
|
+
|
23
|
+
def verify(assertion)
|
24
|
+
# make a new request
|
25
|
+
request = Net::HTTP::Post.new(@uri.path)
|
26
|
+
request.set_form_data({"audience" => @audience, "assertion" => assertion})
|
27
|
+
|
28
|
+
# send the request
|
29
|
+
response = @https.request(request)
|
30
|
+
|
31
|
+
# if we have a non-200 response
|
32
|
+
if ! response.kind_of? Net::HTTPSuccess
|
33
|
+
return {
|
34
|
+
"status" => "failure",
|
35
|
+
"reason" => "Something went wrong with the request",
|
36
|
+
"body" => response.body
|
37
|
+
}
|
38
|
+
end
|
39
|
+
|
40
|
+
# process the response
|
41
|
+
data = JSON.parse(response.body) || nil
|
42
|
+
if data.nil?
|
43
|
+
# JSON parsing error
|
44
|
+
return {"status" => "failure", "reason" => "Received invalid JSON from the remote verifier"}
|
45
|
+
end
|
46
|
+
|
47
|
+
return data
|
48
|
+
end
|
49
|
+
|
50
|
+
end
|
51
|
+
|
52
|
+
def verify(audience, assertion, url = 'https://verifier.login.persona.org/verify')
|
53
|
+
return verify_remotely(audience, assertion, url)
|
54
|
+
end
|
55
|
+
|
56
|
+
def verify_remotely(audience, assertion, url = 'https://verifier.login.persona.org/verify')
|
57
|
+
verifier = Verify.new('remote', audience, url)
|
58
|
+
return verifier.verify(assertion)
|
59
|
+
end
|
60
|
+
|
61
|
+
end
|
62
|
+
end
|
@@ -16,4 +16,10 @@ class TC_Verify < Test::Unit::TestCase
|
|
16
16
|
assert_equal(data['status'], 'failure')
|
17
17
|
assert_equal(data['reason'], 'no certificates provided')
|
18
18
|
end
|
19
|
+
|
20
|
+
def test_simple_3
|
21
|
+
data = verify('http://localhost', 'invalid assertion')
|
22
|
+
assert_equal(data['status'], 'failure')
|
23
|
+
assert_equal(data['reason'], 'no certificates provided')
|
24
|
+
end
|
19
25
|
end
|
data/test/test_busy.rb
CHANGED
@@ -5,16 +5,30 @@ require 'browserid/verify'
|
|
5
5
|
include WebMock::API
|
6
6
|
include BrowserID::Verify
|
7
7
|
|
8
|
-
stub_request(:post, "https://verifier.login.persona.org/verify").
|
9
|
-
with(:body => {"assertion"=>"invalid assertion", "audience"=>"http://localhost"},
|
10
|
-
:headers => {'Accept'=>'*/*', 'Content-Type'=>'application/x-www-form-urlencoded', 'User-Agent'=>'Ruby'}).
|
11
|
-
to_return(:status => 503, :body => "Server is busy, try again later.", :headers => {})
|
12
|
-
|
13
8
|
class TC_Verify < Test::Unit::TestCase
|
14
|
-
|
9
|
+
|
10
|
+
def test_busy1
|
11
|
+
stub_request(:post, "https://verifier.login.persona.org/verify").
|
12
|
+
with(:body => {"assertion"=>"invalid assertion", "audience"=>"http://localhost"},
|
13
|
+
:headers => {'Accept'=>'*/*', 'Content-Type'=>'application/x-www-form-urlencoded', 'User-Agent'=>'Ruby'}).
|
14
|
+
to_return(:status => 503, :body => "Server is busy, try again later.", :headers => {})
|
15
|
+
|
15
16
|
data = verify_remotely('http://localhost', 'invalid assertion')
|
16
17
|
assert_equal('failure', data['status'])
|
17
18
|
assert_equal('Something went wrong with the request', data['reason'])
|
18
19
|
assert_equal('Server is busy, try again later.', data['body'])
|
19
20
|
end
|
21
|
+
|
22
|
+
def test_busy2
|
23
|
+
stub_request(:post, "https://verifier.login.persona.org/verify").
|
24
|
+
with(:body => {"assertion"=>"invalid assertion", "audience"=>"http://localhost"},
|
25
|
+
:headers => {'Accept'=>'*/*', 'Content-Type'=>'application/x-www-form-urlencoded', 'User-Agent'=>'Ruby'}).
|
26
|
+
to_return(:status => 503, :body => "Server is busy, try again later.", :headers => {})
|
27
|
+
|
28
|
+
data = verify_remotely('http://localhost', 'invalid assertion')
|
29
|
+
assert_equal('failure', data['status'])
|
30
|
+
assert_equal('Something went wrong with the request', data['reason'])
|
31
|
+
assert_equal('Server is busy, try again later.', data['body'])
|
32
|
+
end
|
33
|
+
|
20
34
|
end
|
data/test/test_okay.rb
CHANGED
@@ -7,22 +7,22 @@ require 'browserid/verify'
|
|
7
7
|
include WebMock::API
|
8
8
|
include BrowserID::Verify
|
9
9
|
|
10
|
-
response = {
|
11
|
-
"status" => "okay",
|
12
|
-
"email" => "me@example.com",
|
13
|
-
"audience" => "https://example.com",
|
14
|
-
"expires" => 1354217396705,
|
15
|
-
"issuer" => "example.com"
|
16
|
-
}
|
17
|
-
response = JSON.generate(response)
|
18
|
-
|
19
|
-
stub_request(:post, "https://verifier.login.persona.org/verify").
|
20
|
-
with(:body => {"assertion"=>"a fake assertion", "audience"=>"http://localhost"},
|
21
|
-
:headers => {'Accept'=>'*/*', 'Content-Type'=>'application/x-www-form-urlencoded', 'User-Agent'=>'Ruby'}).
|
22
|
-
to_return(:status => 200, :body => response, :headers => {'Content-Type'=>'application/json'})
|
23
|
-
|
24
10
|
class TC_Verify < Test::Unit::TestCase
|
25
|
-
def
|
11
|
+
def test_okay1
|
12
|
+
response = {
|
13
|
+
"status" => "okay",
|
14
|
+
"email" => "me@example.com",
|
15
|
+
"audience" => "https://example.com",
|
16
|
+
"expires" => 1354217396705,
|
17
|
+
"issuer" => "example.com"
|
18
|
+
}
|
19
|
+
responseJson = JSON.generate(response)
|
20
|
+
|
21
|
+
stub_request(:post, "https://verifier.login.persona.org/verify").
|
22
|
+
with(:body => {"assertion"=>"a fake assertion", "audience"=>"http://localhost"},
|
23
|
+
:headers => {'Accept'=>'*/*', 'Content-Type'=>'application/x-www-form-urlencoded', 'User-Agent'=>'Ruby'}).
|
24
|
+
to_return(:status => 200, :body => responseJson, :headers => {'Content-Type'=>'application/json'})
|
25
|
+
|
26
26
|
data = verify_remotely('http://localhost', 'a fake assertion')
|
27
27
|
assert_equal('okay', data['status'])
|
28
28
|
assert_equal('me@example.com', data['email'])
|
@@ -35,4 +35,32 @@ class TC_Verify < Test::Unit::TestCase
|
|
35
35
|
|
36
36
|
assert_equal(data['reason'], nil, 'No reason in the response at all.');
|
37
37
|
end
|
38
|
+
|
39
|
+
def test_okay2
|
40
|
+
response = {
|
41
|
+
"status" => "okay",
|
42
|
+
"email" => "me@example.com",
|
43
|
+
"audience" => "https://example.com",
|
44
|
+
"expires" => 1354217396705,
|
45
|
+
"issuer" => "example.com"
|
46
|
+
}
|
47
|
+
responseJson = JSON.generate(response)
|
48
|
+
|
49
|
+
stub_request(:post, "https://verifier.login.persona.org/verify").
|
50
|
+
with(:body => {"assertion"=>"a fake assertion", "audience"=>"http://localhost"},
|
51
|
+
:headers => {'Accept'=>'*/*', 'Content-Type'=>'application/x-www-form-urlencoded', 'User-Agent'=>'Ruby'}).
|
52
|
+
to_return(:status => 200, :body => responseJson, :headers => {'Content-Type'=>'application/json'})
|
53
|
+
|
54
|
+
data = verify('http://localhost', 'a fake assertion')
|
55
|
+
assert_equal('okay', data['status'])
|
56
|
+
assert_equal('me@example.com', data['email'])
|
57
|
+
|
58
|
+
assert_equal(data['status'], 'okay', 'Response status is okay.');
|
59
|
+
assert_equal(data['email'], 'me@example.com', 'Email in response is same as email passed back.');
|
60
|
+
assert_equal(data['issuer'], 'example.com', 'Issuer is also example.com.');
|
61
|
+
assert_equal(data['expires'], 1354217396705, 'Expires is correct.');
|
62
|
+
assert_equal(data['audience'], 'https://example.com', 'Audience is correct.');
|
63
|
+
|
64
|
+
assert_equal(data['reason'], nil, 'No reason in the response at all.');
|
65
|
+
end
|
38
66
|
end
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: browserid-verify
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 0.2.0
|
5
5
|
prerelease:
|
6
6
|
platform: ruby
|
7
7
|
authors:
|
@@ -20,11 +20,16 @@ extra_rdoc_files:
|
|
20
20
|
- LICENSE
|
21
21
|
- README.md
|
22
22
|
files:
|
23
|
+
- .gitignore
|
23
24
|
- LICENSE
|
24
25
|
- README.md
|
26
|
+
- Rakefile
|
27
|
+
- browserid-verify.gemspec
|
28
|
+
- lib/browserid.rb
|
29
|
+
- lib/browserid/verify.rb
|
30
|
+
- test/integration/test_failure.rb
|
25
31
|
- test/test_busy.rb
|
26
32
|
- test/test_okay.rb
|
27
|
-
- test/integration/test_failure.rb
|
28
33
|
homepage: https://github.com/chilts/browserid-verify-ruby
|
29
34
|
licenses:
|
30
35
|
- MPL 2
|
@@ -51,6 +56,6 @@ signing_key:
|
|
51
56
|
specification_version: 3
|
52
57
|
summary: A BrowserID Verifier.
|
53
58
|
test_files:
|
59
|
+
- test/integration/test_failure.rb
|
54
60
|
- test/test_busy.rb
|
55
61
|
- test/test_okay.rb
|
56
|
-
- test/integration/test_failure.rb
|