cf-uaa-lib 3.4.0 → 3.5.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.travis.yml +4 -0
- data/lib/uaa/info.rb +23 -0
- data/lib/uaa/version.rb +1 -1
- data/spec/info_spec.rb +21 -0
- metadata +3 -3
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: dbe6ea6062d205c929b98f06cf3cd02356b6d9b8
|
|
4
|
+
data.tar.gz: 5f57643c8e7dc8993de4d08603674b758bd54118
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: c4bc0c8fc0767ea6aa5ae255f3a51e2ed0b0d5aad5e5a2fb4f7fef71a9f53ae2b08688e0042221a68168337ebceb4a5b751d0c407a335162d67ade14a03644d8
|
|
7
|
+
data.tar.gz: ce106ed5356cc816412ca39fa06693d71c6a29cc21c52e307f66992145b656b8fcb94cef97ffb3a1551cda97dc669041e38338957ac7484a6a8389a21e8e774e
|
data/.travis.yml
CHANGED
data/lib/uaa/info.rb
CHANGED
|
@@ -99,6 +99,29 @@ class Info
|
|
|
99
99
|
json_get(target, "/token_key", key_style, hdrs)
|
|
100
100
|
end
|
|
101
101
|
|
|
102
|
+
# Gets all currently valid token verification keys. If the server has had
|
|
103
|
+
# its signing key changed, then +/token_key+ will return a verification key
|
|
104
|
+
# that does not match a JWT token issued before the change. To validate the
|
|
105
|
+
# signature of these tokens, refer to the +kid+ header of the JWT token. The
|
|
106
|
+
# +validation_keys_hash+ method returns a hash of all currently valid
|
|
107
|
+
# verification keys, indexed by +kid+. To retrieve symmetric keys as part of
|
|
108
|
+
# the result, client credentials are required.
|
|
109
|
+
# @param (see Misc.server)
|
|
110
|
+
# @return [Hash]
|
|
111
|
+
def validation_keys_hash(client_id = nil, client_secret = nil)
|
|
112
|
+
hdrs = client_id && client_secret ?
|
|
113
|
+
{ "authorization" => Http.basic_auth(client_id, client_secret)} : {}
|
|
114
|
+
response = json_get(target, "/token_keys", key_style, hdrs)
|
|
115
|
+
|
|
116
|
+
keys_map = {}
|
|
117
|
+
|
|
118
|
+
response['keys'].each do |key|
|
|
119
|
+
keys_map[key['kid']] = key
|
|
120
|
+
end
|
|
121
|
+
|
|
122
|
+
keys_map
|
|
123
|
+
end
|
|
124
|
+
|
|
102
125
|
# Sends +token+ to the server to validate and decode. Authenticates with
|
|
103
126
|
# +client_id+ and +client_secret+. If +audience_ids+ are specified and the
|
|
104
127
|
# token's "aud" attribute does not contain one or more of the audience_ids,
|
data/lib/uaa/version.rb
CHANGED
data/spec/info_spec.rb
CHANGED
|
@@ -115,5 +115,26 @@ module CF::UAA
|
|
|
115
115
|
result['alg'].should == 'SHA256withRSA'
|
|
116
116
|
end
|
|
117
117
|
end
|
|
118
|
+
|
|
119
|
+
describe "validation keys" do
|
|
120
|
+
let(:target_url) { "https://login.cloudfoundry.com/token_keys" }
|
|
121
|
+
let(:response_body) { '{ "keys": [ { "kid": "the_key", "alg": "SHA256withRSA", "value": "-----BEGIN PUBLIC KEY-----\nabc123\n-----END PUBLIC KEY-----\n", "kty": "RSA", "use": "sig", "n": "Ufn7Qc", "e": "EEXZ" }, { "kid": "the_other_key", "alg": "SHA256withRSA", "value": "-----BEGIN PUBLIC KEY-----\ndef456\n-----END PUBLIC KEY-----\n", "kty": "RSA", "use": "sig", "n": "AMcW9/P", "e": "AQAB" } ] }' }
|
|
122
|
+
|
|
123
|
+
it "returns a hash of keys" do
|
|
124
|
+
result = uaa_info.validation_keys_hash(authorization)
|
|
125
|
+
|
|
126
|
+
the_key = result['the_key']
|
|
127
|
+
the_key.should_not be_nil
|
|
128
|
+
|
|
129
|
+
the_other_key = result['the_other_key']
|
|
130
|
+
the_other_key.should_not be_nil
|
|
131
|
+
|
|
132
|
+
the_key['alg'].should == 'SHA256withRSA'
|
|
133
|
+
the_other_key['alg'].should == 'SHA256withRSA'
|
|
134
|
+
|
|
135
|
+
the_key['value'].should == "-----BEGIN PUBLIC KEY-----\nabc123\n-----END PUBLIC KEY-----\n"
|
|
136
|
+
the_other_key['value'].should == "-----BEGIN PUBLIC KEY-----\ndef456\n-----END PUBLIC KEY-----\n"
|
|
137
|
+
end
|
|
138
|
+
end
|
|
118
139
|
end
|
|
119
140
|
end
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: cf-uaa-lib
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 3.
|
|
4
|
+
version: 3.5.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Dave Syer
|
|
@@ -12,7 +12,7 @@ authors:
|
|
|
12
12
|
autorequire:
|
|
13
13
|
bindir: bin
|
|
14
14
|
cert_chain: []
|
|
15
|
-
date: 2016-
|
|
15
|
+
date: 2016-06-22 00:00:00.000000000 Z
|
|
16
16
|
dependencies:
|
|
17
17
|
- !ruby/object:Gem::Dependency
|
|
18
18
|
name: multi_json
|
|
@@ -187,7 +187,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
187
187
|
version: '0'
|
|
188
188
|
requirements: []
|
|
189
189
|
rubyforge_project: cf-uaa-lib
|
|
190
|
-
rubygems_version: 2.
|
|
190
|
+
rubygems_version: 2.4.6
|
|
191
191
|
signing_key:
|
|
192
192
|
specification_version: 4
|
|
193
193
|
summary: Client library for CloudFoundry UAA
|