cf-uaa-lib 3.4.0 → 3.5.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/.travis.yml +4 -0
- data/lib/uaa/info.rb +23 -0
- data/lib/uaa/version.rb +1 -1
- data/spec/info_spec.rb +21 -0
- metadata +3 -3
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: dbe6ea6062d205c929b98f06cf3cd02356b6d9b8
|
|
4
|
+
data.tar.gz: 5f57643c8e7dc8993de4d08603674b758bd54118
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: c4bc0c8fc0767ea6aa5ae255f3a51e2ed0b0d5aad5e5a2fb4f7fef71a9f53ae2b08688e0042221a68168337ebceb4a5b751d0c407a335162d67ade14a03644d8
|
|
7
|
+
data.tar.gz: ce106ed5356cc816412ca39fa06693d71c6a29cc21c52e307f66992145b656b8fcb94cef97ffb3a1551cda97dc669041e38338957ac7484a6a8389a21e8e774e
|
data/.travis.yml
CHANGED
data/lib/uaa/info.rb
CHANGED
|
@@ -99,6 +99,29 @@ class Info
|
|
|
99
99
|
json_get(target, "/token_key", key_style, hdrs)
|
|
100
100
|
end
|
|
101
101
|
|
|
102
|
+
# Gets all currently valid token verification keys. If the server has had
|
|
103
|
+
# its signing key changed, then +/token_key+ will return a verification key
|
|
104
|
+
# that does not match a JWT token issued before the change. To validate the
|
|
105
|
+
# signature of these tokens, refer to the +kid+ header of the JWT token. The
|
|
106
|
+
# +validation_keys_hash+ method returns a hash of all currently valid
|
|
107
|
+
# verification keys, indexed by +kid+. To retrieve symmetric keys as part of
|
|
108
|
+
# the result, client credentials are required.
|
|
109
|
+
# @param (see Misc.server)
|
|
110
|
+
# @return [Hash]
|
|
111
|
+
def validation_keys_hash(client_id = nil, client_secret = nil)
|
|
112
|
+
hdrs = client_id && client_secret ?
|
|
113
|
+
{ "authorization" => Http.basic_auth(client_id, client_secret)} : {}
|
|
114
|
+
response = json_get(target, "/token_keys", key_style, hdrs)
|
|
115
|
+
|
|
116
|
+
keys_map = {}
|
|
117
|
+
|
|
118
|
+
response['keys'].each do |key|
|
|
119
|
+
keys_map[key['kid']] = key
|
|
120
|
+
end
|
|
121
|
+
|
|
122
|
+
keys_map
|
|
123
|
+
end
|
|
124
|
+
|
|
102
125
|
# Sends +token+ to the server to validate and decode. Authenticates with
|
|
103
126
|
# +client_id+ and +client_secret+. If +audience_ids+ are specified and the
|
|
104
127
|
# token's "aud" attribute does not contain one or more of the audience_ids,
|
data/lib/uaa/version.rb
CHANGED
data/spec/info_spec.rb
CHANGED
|
@@ -115,5 +115,26 @@ module CF::UAA
|
|
|
115
115
|
result['alg'].should == 'SHA256withRSA'
|
|
116
116
|
end
|
|
117
117
|
end
|
|
118
|
+
|
|
119
|
+
describe "validation keys" do
|
|
120
|
+
let(:target_url) { "https://login.cloudfoundry.com/token_keys" }
|
|
121
|
+
let(:response_body) { '{ "keys": [ { "kid": "the_key", "alg": "SHA256withRSA", "value": "-----BEGIN PUBLIC KEY-----\nabc123\n-----END PUBLIC KEY-----\n", "kty": "RSA", "use": "sig", "n": "Ufn7Qc", "e": "EEXZ" }, { "kid": "the_other_key", "alg": "SHA256withRSA", "value": "-----BEGIN PUBLIC KEY-----\ndef456\n-----END PUBLIC KEY-----\n", "kty": "RSA", "use": "sig", "n": "AMcW9/P", "e": "AQAB" } ] }' }
|
|
122
|
+
|
|
123
|
+
it "returns a hash of keys" do
|
|
124
|
+
result = uaa_info.validation_keys_hash(authorization)
|
|
125
|
+
|
|
126
|
+
the_key = result['the_key']
|
|
127
|
+
the_key.should_not be_nil
|
|
128
|
+
|
|
129
|
+
the_other_key = result['the_other_key']
|
|
130
|
+
the_other_key.should_not be_nil
|
|
131
|
+
|
|
132
|
+
the_key['alg'].should == 'SHA256withRSA'
|
|
133
|
+
the_other_key['alg'].should == 'SHA256withRSA'
|
|
134
|
+
|
|
135
|
+
the_key['value'].should == "-----BEGIN PUBLIC KEY-----\nabc123\n-----END PUBLIC KEY-----\n"
|
|
136
|
+
the_other_key['value'].should == "-----BEGIN PUBLIC KEY-----\ndef456\n-----END PUBLIC KEY-----\n"
|
|
137
|
+
end
|
|
138
|
+
end
|
|
118
139
|
end
|
|
119
140
|
end
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: cf-uaa-lib
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 3.
|
|
4
|
+
version: 3.5.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Dave Syer
|
|
@@ -12,7 +12,7 @@ authors:
|
|
|
12
12
|
autorequire:
|
|
13
13
|
bindir: bin
|
|
14
14
|
cert_chain: []
|
|
15
|
-
date: 2016-
|
|
15
|
+
date: 2016-06-22 00:00:00.000000000 Z
|
|
16
16
|
dependencies:
|
|
17
17
|
- !ruby/object:Gem::Dependency
|
|
18
18
|
name: multi_json
|
|
@@ -187,7 +187,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
187
187
|
version: '0'
|
|
188
188
|
requirements: []
|
|
189
189
|
rubyforge_project: cf-uaa-lib
|
|
190
|
-
rubygems_version: 2.
|
|
190
|
+
rubygems_version: 2.4.6
|
|
191
191
|
signing_key:
|
|
192
192
|
specification_version: 4
|
|
193
193
|
summary: Client library for CloudFoundry UAA
|