cf-uaa-lib 3.4.0 → 3.5.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: f245d2cfe14edb44c63bc69fa6fe487f4ef64589
4
- data.tar.gz: c0f530c759641e62bf5f0b38be7233233e058ed0
3
+ metadata.gz: dbe6ea6062d205c929b98f06cf3cd02356b6d9b8
4
+ data.tar.gz: 5f57643c8e7dc8993de4d08603674b758bd54118
5
5
  SHA512:
6
- metadata.gz: 70bb9323f4c2955b266a8ad69f3b274ff3e1dda1c8aee11d15920b00fcbe5104281077cf3249cfdcbda0f260789ef9ff3ef9cd62b45376eecd86b38863975434
7
- data.tar.gz: 4f0a349fdcc4635de8c7692783353d7c5fda26e974fa4423f73c3f8b968666a977071a56cb738a10ff6fa453913dd49e744739ecfd5d1232b6d58df0e09535df
6
+ metadata.gz: c4bc0c8fc0767ea6aa5ae255f3a51e2ed0b0d5aad5e5a2fb4f7fef71a9f53ae2b08688e0042221a68168337ebceb4a5b751d0c407a335162d67ade14a03644d8
7
+ data.tar.gz: ce106ed5356cc816412ca39fa06693d71c6a29cc21c52e307f66992145b656b8fcb94cef97ffb3a1551cda97dc669041e38338957ac7484a6a8389a21e8e774e
@@ -1,5 +1,9 @@
1
1
  language: ruby
2
2
 
3
+ before_install:
4
+ - gem update
5
+ - gem install bundler
6
+
3
7
  rvm:
4
8
  - 1.9.3
5
9
 
@@ -99,6 +99,29 @@ class Info
99
99
  json_get(target, "/token_key", key_style, hdrs)
100
100
  end
101
101
 
102
+ # Gets all currently valid token verification keys. If the server has had
103
+ # its signing key changed, then +/token_key+ will return a verification key
104
+ # that does not match a JWT token issued before the change. To validate the
105
+ # signature of these tokens, refer to the +kid+ header of the JWT token. The
106
+ # +validation_keys_hash+ method returns a hash of all currently valid
107
+ # verification keys, indexed by +kid+. To retrieve symmetric keys as part of
108
+ # the result, client credentials are required.
109
+ # @param (see Misc.server)
110
+ # @return [Hash]
111
+ def validation_keys_hash(client_id = nil, client_secret = nil)
112
+ hdrs = client_id && client_secret ?
113
+ { "authorization" => Http.basic_auth(client_id, client_secret)} : {}
114
+ response = json_get(target, "/token_keys", key_style, hdrs)
115
+
116
+ keys_map = {}
117
+
118
+ response['keys'].each do |key|
119
+ keys_map[key['kid']] = key
120
+ end
121
+
122
+ keys_map
123
+ end
124
+
102
125
  # Sends +token+ to the server to validate and decode. Authenticates with
103
126
  # +client_id+ and +client_secret+. If +audience_ids+ are specified and the
104
127
  # token's "aud" attribute does not contain one or more of the audience_ids,
@@ -14,6 +14,6 @@
14
14
  # Cloud Foundry namespace
15
15
  module CF
16
16
  module UAA
17
- VERSION = "3.4.0"
17
+ VERSION = "3.5.0"
18
18
  end
19
19
  end
@@ -115,5 +115,26 @@ module CF::UAA
115
115
  result['alg'].should == 'SHA256withRSA'
116
116
  end
117
117
  end
118
+
119
+ describe "validation keys" do
120
+ let(:target_url) { "https://login.cloudfoundry.com/token_keys" }
121
+ let(:response_body) { '{ "keys": [ { "kid": "the_key", "alg": "SHA256withRSA", "value": "-----BEGIN PUBLIC KEY-----\nabc123\n-----END PUBLIC KEY-----\n", "kty": "RSA", "use": "sig", "n": "Ufn7Qc", "e": "EEXZ" }, { "kid": "the_other_key", "alg": "SHA256withRSA", "value": "-----BEGIN PUBLIC KEY-----\ndef456\n-----END PUBLIC KEY-----\n", "kty": "RSA", "use": "sig", "n": "AMcW9/P", "e": "AQAB" } ] }' }
122
+
123
+ it "returns a hash of keys" do
124
+ result = uaa_info.validation_keys_hash(authorization)
125
+
126
+ the_key = result['the_key']
127
+ the_key.should_not be_nil
128
+
129
+ the_other_key = result['the_other_key']
130
+ the_other_key.should_not be_nil
131
+
132
+ the_key['alg'].should == 'SHA256withRSA'
133
+ the_other_key['alg'].should == 'SHA256withRSA'
134
+
135
+ the_key['value'].should == "-----BEGIN PUBLIC KEY-----\nabc123\n-----END PUBLIC KEY-----\n"
136
+ the_other_key['value'].should == "-----BEGIN PUBLIC KEY-----\ndef456\n-----END PUBLIC KEY-----\n"
137
+ end
138
+ end
118
139
  end
119
140
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: cf-uaa-lib
3
3
  version: !ruby/object:Gem::Version
4
- version: 3.4.0
4
+ version: 3.5.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Dave Syer
@@ -12,7 +12,7 @@ authors:
12
12
  autorequire:
13
13
  bindir: bin
14
14
  cert_chain: []
15
- date: 2016-03-31 00:00:00.000000000 Z
15
+ date: 2016-06-22 00:00:00.000000000 Z
16
16
  dependencies:
17
17
  - !ruby/object:Gem::Dependency
18
18
  name: multi_json
@@ -187,7 +187,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
187
187
  version: '0'
188
188
  requirements: []
189
189
  rubyforge_project: cf-uaa-lib
190
- rubygems_version: 2.2.2
190
+ rubygems_version: 2.4.6
191
191
  signing_key:
192
192
  specification_version: 4
193
193
  summary: Client library for CloudFoundry UAA