capbac_cli 0.4.3

Sign up to get free protection for your applications and to get access to all the features.
Files changed (6) hide show
  1. checksums.yaml +7 -0
  2. data/LICENSE +21 -0
  3. data/README.md +35 -0
  4. data/cli_lib/capbac_cli.rb +159 -0
  5. data/exe/capbac-cli +5 -0
  6. metadata +75 -0
checksums.yaml ADDED
@@ -0,0 +1,7 @@
1
+ ---
2
+ SHA256:
3
+ metadata.gz: 886d97ead136540c97f3294c37d77d5a982933ee449b405e44d91629974efb92
4
+ data.tar.gz: 1934bac409b4e2c3f83efae982f597507ffa27fdacd68ee7f7290bf9147c1fdb
5
+ SHA512:
6
+ metadata.gz: a49c48ff999c693f66c07474caaa4abf77b5648b7e38298789ee01591f43dcb35f45ce54c357dee9d36711e44ea9d094de9246e1758722cd55de4389b32c5d01
7
+ data.tar.gz: e49baea931de42f78c8774fad81ee613f7cfd021cde1ea53c87ee8ebe975ec7ad95961692c7791d0f7b3e63f1c08084fe44868e95485df44b4842328c0c8a39e
data/LICENSE ADDED
@@ -0,0 +1,21 @@
1
+ MIT License
2
+
3
+ Copyright (c) 2020 Xapix GmbH
4
+
5
+ Permission is hereby granted, free of charge, to any person obtaining a copy
6
+ of this software and associated documentation files (the "Software"), to deal
7
+ in the Software without restriction, including without limitation the rights
8
+ to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
9
+ copies of the Software, and to permit persons to whom the Software is
10
+ furnished to do so, subject to the following conditions:
11
+
12
+ The above copyright notice and this permission notice shall be included in all
13
+ copies or substantial portions of the Software.
14
+
15
+ THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
16
+ IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
17
+ FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
18
+ AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
19
+ LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
20
+ OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
21
+ SOFTWARE.
data/README.md ADDED
@@ -0,0 +1,35 @@
1
+ # Capbac
2
+
3
+ Welcome to your new gem! In this directory, you'll find the files you need to be able to package up your Ruby library into a gem. Put your Ruby code in the file `lib/capbac`. To experiment with that code, run `bin/console` for an interactive prompt.
4
+
5
+ TODO: Delete this and the text above, and describe your gem
6
+
7
+ ## Installation
8
+
9
+ Add this line to your application's Gemfile:
10
+
11
+ ```ruby
12
+ gem 'capbac'
13
+ ```
14
+
15
+ And then execute:
16
+
17
+ $ bundle
18
+
19
+ Or install it yourself as:
20
+
21
+ $ gem install capbac
22
+
23
+ ## Usage
24
+
25
+ TODO: Write usage instructions here
26
+
27
+ ## Development
28
+
29
+ After checking out the repo, run `bin/setup` to install dependencies. Then, run `rake spec` to run the tests. You can also run `bin/console` for an interactive prompt that will allow you to experiment.
30
+
31
+ To install this gem onto your local machine, run `bundle exec rake install`. To release a new version, update the version number in `version.rb`, and then run `bundle exec rake release`, which will create a git tag for the version, push git commits and tags, and push the `.gem` file to [rubygems.org](https://rubygems.org).
32
+
33
+ ## Contributing
34
+
35
+ Bug reports and pull requests are welcome on GitHub at https://github.com/[USERNAME]/capbac.
data/cli_lib/capbac_cli.rb ADDED
@@ -0,0 +1,159 @@
1
+ # frozen_string_literal: true
2
+
3
+ require 'capbac'
4
+ require 'capbac/version'
5
+ require 'commander/import'
6
+ require 'optparse/uri'
7
+ require 'uri'
8
+
9
+ class RegexpTrustChecker < CapBAC::TrustChecker
10
+ def initialize(regex)
11
+ @check_regex = regex
12
+ end
13
+
14
+ def trusted?(id)
15
+ !!@check_regex.match(id.to_s)
16
+ end
17
+ end
18
+
19
+ class HashPubs < CapBAC::Pubs
20
+ def initialize(pubs)
21
+ @pubs = {}
22
+ pubs.each do |pub|
23
+ pair = pub.split('=')
24
+ @pubs[URI.parse(pair[0])] = File.read(pair[1])
25
+ end
26
+ end
27
+
28
+ def get(id)
29
+ @pubs[id]
30
+ end
31
+ end
32
+
33
+ # :name is optional, otherwise uses the basename of this executable
34
+ program :name, 'CapBAC CLI'
35
+ program :version, CapBAC::VERSION
36
+ program :description, 'CapBAC CLI tool to forge, delegate and validate certificates and invocations.'
37
+
38
+ command :forge do |c|
39
+ c.option '--capability CAPABILITY', String
40
+ c.option '--subject SUBJECT', URI
41
+ c.option '--me ME', URI
42
+ c.option '--sk SK', String
43
+ c.option '--exp [EXP]', Integer
44
+ c.action do |_args, options|
45
+ holder = CapBAC::Holder.new(options.me, File.read(options.sk))
46
+ ios = IO.new STDOUT.fileno
47
+ cert = holder.forge(subject: options.subject, capability: options.capability)
48
+ ios.write cert
49
+ ios.close
50
+ end
51
+ end
52
+
53
+ command :delegate do |c|
54
+ c.option '--capability CAPABILITY', String
55
+ c.option '--subject SUBJECT', URI
56
+ c.option '--me ME', URI
57
+ c.option '--sk SK', String
58
+ c.option '--exp [EXP]', Integer
59
+ c.action do |_args, options|
60
+ holder = CapBAC::Holder.new(options.me, File.read(options.sk))
61
+ cert = holder.delegate(STDIN.read, subject: options.subject, capability: options.capability)
62
+ ios = IO.new STDOUT.fileno
63
+ ios.write cert
64
+ ios.close
65
+ end
66
+ end
67
+
68
+ command :invoke do |c|
69
+ c.option '--action ACTION', String
70
+ c.option '--cert CERT', String
71
+ c.option '--me ME', URI
72
+ c.option '--sk SK', String
73
+ c.option '--exp EXP', Integer
74
+ c.action do |_args, options|
75
+ holder = CapBAC::Holder.new(options.me, File.read(options.sk))
76
+ inv = holder.invoke(cert: File.read(options.cert), action: options.action, exp: options.exp)
77
+ ios = IO.new STDOUT.fileno
78
+ ios.write inv
79
+ ios.close
80
+ end
81
+ end
82
+
83
+ command 'certificate-validate' do |c|
84
+ pubs = []
85
+ c.option '--now NOW', Integer
86
+ c.option '--trust-ids REGEX', Regexp
87
+ c.option('--pub PUB', String) { |x| pubs << x }
88
+ c.action do |_args, options|
89
+ trust_checker = RegexpTrustChecker.new(options.trust_ids)
90
+ pubs = HashPubs.new(pubs)
91
+ validator = CapBAC::Validator.new(trust_checker, pubs)
92
+ begin
93
+ validator.validate_cert(STDIN.read, options.now)
94
+ rescue CapBAC::Malformed => e
95
+ say e
96
+ exit 11
97
+ rescue CapBAC::BadURL => e
98
+ say e
99
+ exit 12
100
+ rescue CapBAC::UnknownPub => e
101
+ say e
102
+ exit 12
103
+ rescue CapBAC::BadIssuer => e
104
+ say e
105
+ exit 13
106
+ rescue CapBAC::BadInvoker => e
107
+ say e
108
+ exit 13
109
+ rescue CapBAC::Untrusted => e
110
+ say e
111
+ exit 13
112
+ rescue CapBAC::Expired
113
+ say 'Expired'
114
+ exit 14
115
+ rescue CapBAC::BadSign
116
+ say 'Bad sign'
117
+ exit 15
118
+ end
119
+ end
120
+ end
121
+
122
+ command 'invocation-validate' do |c|
123
+ pubs = []
124
+ c.option '--now NOW', Integer
125
+ c.option '--trust-ids REGEX', Regexp
126
+ c.option('--pub PUB', String) { |x| pubs << x }
127
+ c.action do |_args, options|
128
+ trust_checker = RegexpTrustChecker.new(options.trust_ids)
129
+ pubs = HashPubs.new(pubs)
130
+ validator = CapBAC::Validator.new(trust_checker, pubs)
131
+ begin
132
+ validator.validate_invocation(STDIN.read, options.now)
133
+ rescue CapBAC::Malformed => e
134
+ say e
135
+ exit 11
136
+ rescue CapBAC::BadURL => e
137
+ say e
138
+ exit 12
139
+ rescue CapBAC::UnknownPub => e
140
+ say e
141
+ exit 12
142
+ rescue CapBAC::BadIssuer => e
143
+ say e
144
+ exit 13
145
+ rescue CapBAC::BadInvoker => e
146
+ say e
147
+ exit 13
148
+ rescue CapBAC::Untrusted => e
149
+ say e
150
+ exit 13
151
+ rescue CapBAC::Expired
152
+ say 'Expired'
153
+ exit 14
154
+ rescue CapBAC::BadSign
155
+ say 'Bad sign'
156
+ exit 15
157
+ end
158
+ end
159
+ end
data/exe/capbac-cli ADDED
@@ -0,0 +1,5 @@
1
+ #!/usr/bin/env ruby
2
+ # frozen_string_literal: true
3
+
4
+ require 'rubygems'
5
+ require 'capbac_cli'
metadata ADDED
@@ -0,0 +1,75 @@
1
+ --- !ruby/object:Gem::Specification
2
+ name: capbac_cli
3
+ version: !ruby/object:Gem::Version
4
+ version: 0.4.3
5
+ platform: ruby
6
+ authors:
7
+ - Kirill Chernyshov
8
+ autorequire:
9
+ bindir: exe
10
+ cert_chain: []
11
+ date: 2020-08-11 00:00:00.000000000 Z
12
+ dependencies:
13
+ - !ruby/object:Gem::Dependency
14
+ name: capbac
15
+ requirement: !ruby/object:Gem::Requirement
16
+ requirements:
17
+ - - '='
18
+ - !ruby/object:Gem::Version
19
+ version: 0.4.3
20
+ type: :runtime
21
+ prerelease: false
22
+ version_requirements: !ruby/object:Gem::Requirement
23
+ requirements:
24
+ - - '='
25
+ - !ruby/object:Gem::Version
26
+ version: 0.4.3
27
+ - !ruby/object:Gem::Dependency
28
+ name: commander
29
+ requirement: !ruby/object:Gem::Requirement
30
+ requirements:
31
+ - - "~>"
32
+ - !ruby/object:Gem::Version
33
+ version: 4.5.2
34
+ type: :runtime
35
+ prerelease: false
36
+ version_requirements: !ruby/object:Gem::Requirement
37
+ requirements:
38
+ - - "~>"
39
+ - !ruby/object:Gem::Version
40
+ version: 4.5.2
41
+ description:
42
+ email: delaguardo@gmail.com
43
+ executables:
44
+ - capbac-cli
45
+ extensions: []
46
+ extra_rdoc_files: []
47
+ files:
48
+ - LICENSE
49
+ - README.md
50
+ - cli_lib/capbac_cli.rb
51
+ - exe/capbac-cli
52
+ homepage: http://capbac.org
53
+ licenses:
54
+ - MIT
55
+ metadata: {}
56
+ post_install_message:
57
+ rdoc_options: []
58
+ require_paths:
59
+ - cli_lib
60
+ required_ruby_version: !ruby/object:Gem::Requirement
61
+ requirements:
62
+ - - ">="
63
+ - !ruby/object:Gem::Version
64
+ version: '0'
65
+ required_rubygems_version: !ruby/object:Gem::Requirement
66
+ requirements:
67
+ - - ">="
68
+ - !ruby/object:Gem::Version
69
+ version: '0'
70
+ requirements: []
71
+ rubygems_version: 3.1.2
72
+ signing_key:
73
+ specification_version: 4
74
+ summary: Command line utility for Capability-based Access Control model
75
+ test_files: []