cider_ci-open_session 1.0.0 → 2.0.1
Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 1c6710fa1241c8a5bf742a235516658147b1ff97
|
4
|
+
data.tar.gz: e502de6c5e3040a2e50d3e08e74a095bc29d3af1
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: d10cd0c89f1627ee451b1bee407fcce2163d0bfaddef5ee0358341f5db5e2d78110ee2fe5e94f3dfa7399cfeb0f2bd41e99fcb69631421c6cffdadb25200f48d
|
7
|
+
data.tar.gz: 489086b799cb68c9c72c95c1e5af765b0e6252e12360256acdfbe16a85a7903a66a97c7391b3b69e20bd2ed6456cfe2317b19fd82a8fb00697a0cd12749eccf7
|
data/README.md
CHANGED
@@ -3,7 +3,7 @@
|
|
3
3
|
|
4
4
|
The Cider-CI Open-Session projects provide platform and language agnostic
|
5
5
|
encoding, encryption and signatures. They are used for session handling in
|
6
|
-
Cider-CI itself.
|
6
|
+
Cider-CI itself.
|
7
7
|
|
8
8
|
|
9
9
|
## Installation
|
@@ -11,7 +11,7 @@ Cider-CI itself.
|
|
11
11
|
Add this line to your application's Gemfile:
|
12
12
|
|
13
13
|
```ruby
|
14
|
-
gem 'cider_ci-open_session', '>=
|
14
|
+
gem 'cider_ci-open_session', '>= 2.0.0', '< 3.0.0'
|
15
15
|
```
|
16
16
|
|
17
17
|
And then execute:
|
@@ -5,19 +5,11 @@ module CiderCi
|
|
5
5
|
module Encoder
|
6
6
|
extend self
|
7
7
|
def encode(msg)
|
8
|
-
::Base64.urlsafe_encode64(msg)
|
8
|
+
::Base64.urlsafe_encode64(msg)
|
9
9
|
end
|
10
10
|
|
11
11
|
def decode(msg)
|
12
|
-
::Base64.urlsafe_decode64(
|
13
|
-
case msg.length % 4
|
14
|
-
when 2
|
15
|
-
msg + '=='
|
16
|
-
when 3
|
17
|
-
msg + '='
|
18
|
-
else
|
19
|
-
msg
|
20
|
-
end)
|
12
|
+
::Base64.urlsafe_decode64(msg)
|
21
13
|
end
|
22
14
|
end
|
23
15
|
end
|
@@ -1,7 +1,6 @@
|
|
1
1
|
require 'cider_ci/open_session/encoder'
|
2
|
+
require 'cider_ci/open_session/signature'
|
2
3
|
require 'openssl'
|
3
|
-
require 'digest/sha1'
|
4
|
-
require 'digest/sha2'
|
5
4
|
require 'json'
|
6
5
|
|
7
6
|
module CiderCi
|
@@ -11,8 +10,9 @@ module CiderCi
|
|
11
10
|
extend self
|
12
11
|
|
13
12
|
def decrypt(secret, encrypted_message)
|
13
|
+
iv, encrypted_data, sig = encrypted_message.split('~').map { |m| decode(m) }
|
14
|
+
CiderCi::OpenSession::Signature.validate! sig, secret, encrypted_data
|
14
15
|
cipher = create_cipher :decrypt, secret
|
15
|
-
iv, encrypted_data = encrypted_message.split('~').map { |m| decode(m) }
|
16
16
|
cipher.iv = iv
|
17
17
|
decrypted_data = cipher.update(encrypted_data)
|
18
18
|
decrypted_data << cipher.final
|
@@ -24,7 +24,8 @@ module CiderCi
|
|
24
24
|
iv = cipher.random_iv
|
25
25
|
encrypted_data = cipher.update(message_object.to_json)
|
26
26
|
encrypted_data << cipher.final
|
27
|
-
|
27
|
+
sig = CiderCi::OpenSession::Signature.create secret, encrypted_data
|
28
|
+
"#{encode iv}~#{encode encrypted_data}~#{encode sig}"
|
28
29
|
end
|
29
30
|
|
30
31
|
private
|
@@ -1,3 +1,5 @@
|
|
1
|
+
require 'openssl'
|
2
|
+
|
1
3
|
module CiderCi
|
2
4
|
module OpenSession
|
3
5
|
module Signature
|
@@ -7,8 +9,8 @@ module CiderCi
|
|
7
9
|
extend self
|
8
10
|
|
9
11
|
def create(secret, message)
|
10
|
-
OpenSSL::HMAC.
|
11
|
-
OpenSSL::Digest.new('
|
12
|
+
OpenSSL::HMAC.digest(
|
13
|
+
OpenSSL::Digest.new('sha256'),
|
12
14
|
secret, message)
|
13
15
|
end
|
14
16
|
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: cider_ci-open_session
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version:
|
4
|
+
version: 2.0.1
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Thomas Schank
|
8
8
|
autorequire:
|
9
9
|
bindir: exe
|
10
10
|
cert_chain: []
|
11
|
-
date:
|
11
|
+
date: 2017-11-21 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: bundler
|
@@ -135,7 +135,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
135
135
|
version: '0'
|
136
136
|
requirements: []
|
137
137
|
rubyforge_project:
|
138
|
-
rubygems_version: 2.
|
138
|
+
rubygems_version: 2.5.2
|
139
139
|
signing_key:
|
140
140
|
specification_version: 4
|
141
141
|
summary: Platform and language agnostic encoding, encryption and signatures for session
|