cipherpipe 0.2.2 → 0.2.3

Sign up to get free protection for your applications and to get access to all the features.
Files changed (5) hide show
  1. checksums.yaml +4 -4
  2. data/Gemfile.lock +1 -1
  3. data/cipherpipe.gemspec +1 -1
  4. data/lib/cipherpipe/vault/ec2_token.rb +13 -3
  5. metadata +1 -1
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: cede0f50205c1e4a24b08d331758e402e2da5cb71aafb1d1853098cf6e08b884
4
- data.tar.gz: 9a8ef8aa4b1b6b536b79235476d46fb08375e5d7874f7b5e0c57142aca4d7221
3
+ metadata.gz: 5b05909d357bbba3e06922c9aeb4f383b12b50aafe8fad70b925d32bfd84a011
4
+ data.tar.gz: 30c5fe0a31b6c4e30f9b52fe9b5602c3ef9e39b1fe28c11312cab94f2b6123ec
5
5
  SHA512:
6
- metadata.gz: 765bee7059a4cbb9e5be01c24202f5a9bdb5b98b30ab4a0676d736fe031bc775999842ca619cff4e005acd18e5c00fd85277616baebc6c34af8a93c105b57ca8
7
- data.tar.gz: eb417a756177d68525ca08805c06c5e2af061c5dce5d63532cca4e727ff86b7c1d9291a6ed34a157a6f783e79fe79db427d63d112fc3173766fa8394a6cc6c58
6
+ metadata.gz: 488f65a290e37ce2608ffb5690de2e6223467356edb455f36d587c42e18d84000d746bc0d80033d8934c5088317d0ddd1bdc965c5f22f56bfe8e487ae4994027
7
+ data.tar.gz: d3123e9d6ddb7547d0bae90ac2f68ba267292f651433b8557c538f5f5a5b2a32d0544df4d7507802b51b803666dcca549b4c286050251bbe2f71f61b1056abf2
data/Gemfile.lock CHANGED
@@ -1,7 +1,7 @@
1
1
  PATH
2
2
  remote: .
3
3
  specs:
4
- cipherpipe (0.2.2)
4
+ cipherpipe (0.2.3)
5
5
 
6
6
  GEM
7
7
  remote: https://rubygems.org/
data/cipherpipe.gemspec CHANGED
@@ -1,6 +1,6 @@
1
1
  Gem::Specification.new do |spec|
2
2
  spec.name = "cipherpipe"
3
- spec.version = "0.2.2"
3
+ spec.version = "0.2.3"
4
4
  spec.authors = ["Pat Allan"]
5
5
  spec.email = ["pat@freelancing-gods.com"]
6
6
 
data/lib/cipherpipe/vault/ec2_token.rb CHANGED
@@ -8,6 +8,8 @@ class Cipherpipe::Vault::EC2Token
8
8
  "http://169.254.169.254/latest/dynamic/instance-identity/pkcs7"
9
9
  )
10
10
 
11
+ NONCE_FILE = File.expand_path "~/.cipherpipe-nonce"
12
+
11
13
  def self.call(external_source)
12
14
  new(external_source).call
13
15
  end
@@ -17,15 +19,23 @@ class Cipherpipe::Vault::EC2Token
17
19
  end
18
20
 
19
21
  def call
20
- ::Vault.auth.aws_ec2(
21
- external_source.ec2_role, signature
22
- ).auth.client_token
22
+ response = ::Vault.auth.aws_ec2 external_source.ec2_role, signature, nonce
23
+
24
+ File.write NONCE_FILE, response.auth.metadata[:nonce]
25
+
26
+ response.auth.client_token
23
27
  end
24
28
 
25
29
  private
26
30
 
27
31
  attr_reader :external_source
28
32
 
33
+ def nonce
34
+ return nil unless File.exist?(NONCE_FILE)
35
+
36
+ File.read NONCE_FILE
37
+ end
38
+
29
39
  def signature
30
40
  http = Net::HTTP.new URL.host, URL.port
31
41
  http.open_timeout = 1 # second
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: cipherpipe
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.2.2
4
+ version: 0.2.3
5
5
  platform: ruby
6
6
  authors:
7
7
  - Pat Allan