cipherpipe 0.2.2 → 0.2.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (5) hide show
  1. checksums.yaml +4 -4
  2. data/Gemfile.lock +1 -1
  3. data/cipherpipe.gemspec +1 -1
  4. data/lib/cipherpipe/vault/ec2_token.rb +13 -3
  5. metadata +1 -1
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: cede0f50205c1e4a24b08d331758e402e2da5cb71aafb1d1853098cf6e08b884
4
- data.tar.gz: 9a8ef8aa4b1b6b536b79235476d46fb08375e5d7874f7b5e0c57142aca4d7221
3
+ metadata.gz: 5b05909d357bbba3e06922c9aeb4f383b12b50aafe8fad70b925d32bfd84a011
4
+ data.tar.gz: 30c5fe0a31b6c4e30f9b52fe9b5602c3ef9e39b1fe28c11312cab94f2b6123ec
5
5
  SHA512:
6
- metadata.gz: 765bee7059a4cbb9e5be01c24202f5a9bdb5b98b30ab4a0676d736fe031bc775999842ca619cff4e005acd18e5c00fd85277616baebc6c34af8a93c105b57ca8
7
- data.tar.gz: eb417a756177d68525ca08805c06c5e2af061c5dce5d63532cca4e727ff86b7c1d9291a6ed34a157a6f783e79fe79db427d63d112fc3173766fa8394a6cc6c58
6
+ metadata.gz: 488f65a290e37ce2608ffb5690de2e6223467356edb455f36d587c42e18d84000d746bc0d80033d8934c5088317d0ddd1bdc965c5f22f56bfe8e487ae4994027
7
+ data.tar.gz: d3123e9d6ddb7547d0bae90ac2f68ba267292f651433b8557c538f5f5a5b2a32d0544df4d7507802b51b803666dcca549b4c286050251bbe2f71f61b1056abf2
data/Gemfile.lock CHANGED
@@ -1,7 +1,7 @@
1
1
  PATH
2
2
  remote: .
3
3
  specs:
4
- cipherpipe (0.2.2)
4
+ cipherpipe (0.2.3)
5
5
 
6
6
  GEM
7
7
  remote: https://rubygems.org/
data/cipherpipe.gemspec CHANGED
@@ -1,6 +1,6 @@
1
1
  Gem::Specification.new do |spec|
2
2
  spec.name = "cipherpipe"
3
- spec.version = "0.2.2"
3
+ spec.version = "0.2.3"
4
4
  spec.authors = ["Pat Allan"]
5
5
  spec.email = ["pat@freelancing-gods.com"]
6
6
 
data/lib/cipherpipe/vault/ec2_token.rb CHANGED
@@ -8,6 +8,8 @@ class Cipherpipe::Vault::EC2Token
8
8
  "http://169.254.169.254/latest/dynamic/instance-identity/pkcs7"
9
9
  )
10
10
 
11
+ NONCE_FILE = File.expand_path "~/.cipherpipe-nonce"
12
+
11
13
  def self.call(external_source)
12
14
  new(external_source).call
13
15
  end
@@ -17,15 +19,23 @@ class Cipherpipe::Vault::EC2Token
17
19
  end
18
20
 
19
21
  def call
20
- ::Vault.auth.aws_ec2(
21
- external_source.ec2_role, signature
22
- ).auth.client_token
22
+ response = ::Vault.auth.aws_ec2 external_source.ec2_role, signature, nonce
23
+
24
+ File.write NONCE_FILE, response.auth.metadata[:nonce]
25
+
26
+ response.auth.client_token
23
27
  end
24
28
 
25
29
  private
26
30
 
27
31
  attr_reader :external_source
28
32
 
33
+ def nonce
34
+ return nil unless File.exist?(NONCE_FILE)
35
+
36
+ File.read NONCE_FILE
37
+ end
38
+
29
39
  def signature
30
40
  http = Net::HTTP.new URL.host, URL.port
31
41
  http.open_timeout = 1 # second
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: cipherpipe
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.2.2
4
+ version: 0.2.3
5
5
  platform: ruby
6
6
  authors:
7
7
  - Pat Allan