cider_ci-open_session 1.0.0 → 2.0.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 1c6710fa1241c8a5bf742a235516658147b1ff97
|
|
4
|
+
data.tar.gz: e502de6c5e3040a2e50d3e08e74a095bc29d3af1
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: d10cd0c89f1627ee451b1bee407fcce2163d0bfaddef5ee0358341f5db5e2d78110ee2fe5e94f3dfa7399cfeb0f2bd41e99fcb69631421c6cffdadb25200f48d
|
|
7
|
+
data.tar.gz: 489086b799cb68c9c72c95c1e5af765b0e6252e12360256acdfbe16a85a7903a66a97c7391b3b69e20bd2ed6456cfe2317b19fd82a8fb00697a0cd12749eccf7
|
data/README.md
CHANGED
|
@@ -3,7 +3,7 @@
|
|
|
3
3
|
|
|
4
4
|
The Cider-CI Open-Session projects provide platform and language agnostic
|
|
5
5
|
encoding, encryption and signatures. They are used for session handling in
|
|
6
|
-
Cider-CI itself.
|
|
6
|
+
Cider-CI itself.
|
|
7
7
|
|
|
8
8
|
|
|
9
9
|
## Installation
|
|
@@ -11,7 +11,7 @@ Cider-CI itself.
|
|
|
11
11
|
Add this line to your application's Gemfile:
|
|
12
12
|
|
|
13
13
|
```ruby
|
|
14
|
-
gem 'cider_ci-open_session', '>=
|
|
14
|
+
gem 'cider_ci-open_session', '>= 2.0.0', '< 3.0.0'
|
|
15
15
|
```
|
|
16
16
|
|
|
17
17
|
And then execute:
|
|
@@ -5,19 +5,11 @@ module CiderCi
|
|
|
5
5
|
module Encoder
|
|
6
6
|
extend self
|
|
7
7
|
def encode(msg)
|
|
8
|
-
::Base64.urlsafe_encode64(msg)
|
|
8
|
+
::Base64.urlsafe_encode64(msg)
|
|
9
9
|
end
|
|
10
10
|
|
|
11
11
|
def decode(msg)
|
|
12
|
-
::Base64.urlsafe_decode64(
|
|
13
|
-
case msg.length % 4
|
|
14
|
-
when 2
|
|
15
|
-
msg + '=='
|
|
16
|
-
when 3
|
|
17
|
-
msg + '='
|
|
18
|
-
else
|
|
19
|
-
msg
|
|
20
|
-
end)
|
|
12
|
+
::Base64.urlsafe_decode64(msg)
|
|
21
13
|
end
|
|
22
14
|
end
|
|
23
15
|
end
|
|
@@ -1,7 +1,6 @@
|
|
|
1
1
|
require 'cider_ci/open_session/encoder'
|
|
2
|
+
require 'cider_ci/open_session/signature'
|
|
2
3
|
require 'openssl'
|
|
3
|
-
require 'digest/sha1'
|
|
4
|
-
require 'digest/sha2'
|
|
5
4
|
require 'json'
|
|
6
5
|
|
|
7
6
|
module CiderCi
|
|
@@ -11,8 +10,9 @@ module CiderCi
|
|
|
11
10
|
extend self
|
|
12
11
|
|
|
13
12
|
def decrypt(secret, encrypted_message)
|
|
13
|
+
iv, encrypted_data, sig = encrypted_message.split('~').map { |m| decode(m) }
|
|
14
|
+
CiderCi::OpenSession::Signature.validate! sig, secret, encrypted_data
|
|
14
15
|
cipher = create_cipher :decrypt, secret
|
|
15
|
-
iv, encrypted_data = encrypted_message.split('~').map { |m| decode(m) }
|
|
16
16
|
cipher.iv = iv
|
|
17
17
|
decrypted_data = cipher.update(encrypted_data)
|
|
18
18
|
decrypted_data << cipher.final
|
|
@@ -24,7 +24,8 @@ module CiderCi
|
|
|
24
24
|
iv = cipher.random_iv
|
|
25
25
|
encrypted_data = cipher.update(message_object.to_json)
|
|
26
26
|
encrypted_data << cipher.final
|
|
27
|
-
|
|
27
|
+
sig = CiderCi::OpenSession::Signature.create secret, encrypted_data
|
|
28
|
+
"#{encode iv}~#{encode encrypted_data}~#{encode sig}"
|
|
28
29
|
end
|
|
29
30
|
|
|
30
31
|
private
|
|
@@ -1,3 +1,5 @@
|
|
|
1
|
+
require 'openssl'
|
|
2
|
+
|
|
1
3
|
module CiderCi
|
|
2
4
|
module OpenSession
|
|
3
5
|
module Signature
|
|
@@ -7,8 +9,8 @@ module CiderCi
|
|
|
7
9
|
extend self
|
|
8
10
|
|
|
9
11
|
def create(secret, message)
|
|
10
|
-
OpenSSL::HMAC.
|
|
11
|
-
OpenSSL::Digest.new('
|
|
12
|
+
OpenSSL::HMAC.digest(
|
|
13
|
+
OpenSSL::Digest.new('sha256'),
|
|
12
14
|
secret, message)
|
|
13
15
|
end
|
|
14
16
|
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: cider_ci-open_session
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version:
|
|
4
|
+
version: 2.0.1
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Thomas Schank
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: exe
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date:
|
|
11
|
+
date: 2017-11-21 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: bundler
|
|
@@ -135,7 +135,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
135
135
|
version: '0'
|
|
136
136
|
requirements: []
|
|
137
137
|
rubyforge_project:
|
|
138
|
-
rubygems_version: 2.
|
|
138
|
+
rubygems_version: 2.5.2
|
|
139
139
|
signing_key:
|
|
140
140
|
specification_version: 4
|
|
141
141
|
summary: Platform and language agnostic encoding, encryption and signatures for session
|