darrrr 0.1.5 → 0.1.6
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +2 -1
- data/Rakefile +14 -12
- data/lib/darrrr/cryptors/default/default_encryptor.rb +2 -0
- data/lib/darrrr/cryptors/default/encrypted_data_io.rb +3 -3
- data/lib/darrrr/provider.rb +4 -4
- data/lib/darrrr/serialization/recovery_token_reader.rb +6 -6
- data/lib/darrrr/serialization/recovery_token_writer.rb +6 -6
- data/lib/darrrr/version.rb +5 -0
- metadata +6 -4
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 4e4d16827e31e26f9846f5ea2c9b6fe8eaad6fc3d7f1a9f781bfdf93f57aa676
|
|
4
|
+
data.tar.gz: ac6e18da73cd37b5b1fc607215c7411c99177489d39e467a004d2c4434c28412
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 4462e21b6f909a0820e31d1e307a86854107ce037637c9799d729c5d0a1c71878d92fa8ffc997e86d72fb0f78bd4b02b567cab1395e1241792fbdf4f52206d42
|
|
7
|
+
data.tar.gz: 508954e346e52ccde9e75df3eac647e8467e84489d9043c77c0f4d2187d350d31d81ccb2a61550a0e2e0f480c92535a5e76df9c24b26a4add23c423565ed444b
|
data/README.md
CHANGED
|
@@ -1,4 +1,5 @@
|
|
|
1
|
-
[](https://codeclimate.com/github/github/darrrr)
|
|
2
|
+
|
|
2
3
|
|
|
3
4
|
The Delegated Account Recovery Rigid Reusable Ruby (aka D.a.r.r.r.r. or "Darrrr") library is meant to be used as the fully-complete plumbing in your Rack application when implementing the [Delegated Account Recovery specification](https://github.com/facebook/DelegatedRecoverySpecification). This library is currently used for the implementation at [GitHub](https://githubengineering.com/recover-accounts-elsewhere/).
|
|
4
5
|
|
data/Rakefile
CHANGED
|
@@ -1,8 +1,10 @@
|
|
|
1
1
|
#!/usr/bin/env rake
|
|
2
|
-
|
|
3
|
-
|
|
4
|
-
require
|
|
5
|
-
require
|
|
2
|
+
# frozen_string_literal: true
|
|
3
|
+
|
|
4
|
+
require "bundler/gem_tasks"
|
|
5
|
+
require "net/http"
|
|
6
|
+
require "net/https"
|
|
7
|
+
require "date"
|
|
6
8
|
|
|
7
9
|
require_relative "app"
|
|
8
10
|
require_relative "lib/darrrr"
|
|
@@ -16,7 +18,7 @@ end
|
|
|
16
18
|
|
|
17
19
|
|
|
18
20
|
unless ENV["RACK_ENV"] == "production"
|
|
19
|
-
require
|
|
21
|
+
require "rspec/core/rake_task"
|
|
20
22
|
desc "Run RSpec"
|
|
21
23
|
RSpec::Core::RakeTask.new do |t|
|
|
22
24
|
t.verbose = false
|
|
@@ -27,16 +29,16 @@ unless ENV["RACK_ENV"] == "production"
|
|
|
27
29
|
end
|
|
28
30
|
|
|
29
31
|
begin
|
|
30
|
-
require
|
|
32
|
+
require "rdoc/task"
|
|
31
33
|
rescue LoadError
|
|
32
|
-
require
|
|
33
|
-
require
|
|
34
|
+
require "rdoc/rdoc"
|
|
35
|
+
require "rake/rdoctask"
|
|
34
36
|
RDoc::Task = Rake::RDocTask
|
|
35
37
|
end
|
|
36
38
|
|
|
37
39
|
RDoc::Task.new(:rdoc) do |rdoc|
|
|
38
|
-
rdoc.rdoc_dir =
|
|
39
|
-
rdoc.title =
|
|
40
|
-
rdoc.options <<
|
|
41
|
-
rdoc.rdoc_files.include(
|
|
40
|
+
rdoc.rdoc_dir = "rdoc"
|
|
41
|
+
rdoc.title = "SecureHeaders"
|
|
42
|
+
rdoc.options << "--line-numbers"
|
|
43
|
+
rdoc.rdoc_files.include("lib/**/*.rb")
|
|
42
44
|
end
|
|
@@ -3,8 +3,8 @@
|
|
|
3
3
|
module Darrrr
|
|
4
4
|
class EncryptedDataIO < BinData::Record
|
|
5
5
|
uint8 :version
|
|
6
|
-
array :auth_tag, :
|
|
7
|
-
array :iv, :
|
|
8
|
-
array :ciphertext, :
|
|
6
|
+
array :auth_tag, type: :uint8, initial_length: EncryptedData::AUTH_TAG_LENGTH
|
|
7
|
+
array :iv, type: :uint8, initial_length: EncryptedData::IV_LENGTH
|
|
8
|
+
array :ciphertext, type: :uint8, read_until: :eof
|
|
9
9
|
end
|
|
10
10
|
end
|
data/lib/darrrr/provider.rb
CHANGED
|
@@ -33,7 +33,7 @@ module Darrrr
|
|
|
33
33
|
# Returns the crypto API to be used. A thread local instance overrides the
|
|
34
34
|
# globally configured value which overrides the default encryptor.
|
|
35
35
|
def encryptor
|
|
36
|
-
Thread.current[encryptor_key
|
|
36
|
+
Thread.current[encryptor_key] || @encryptor || DefaultEncryptor
|
|
37
37
|
end
|
|
38
38
|
|
|
39
39
|
# Overrides the global `encryptor` API to use
|
|
@@ -53,14 +53,14 @@ module Darrrr
|
|
|
53
53
|
raise ArgumentError, "custom encryption class must respond to all of #{REQUIRED_CRYPTO_OPS}"
|
|
54
54
|
end
|
|
55
55
|
|
|
56
|
-
Thread.current[encryptor_key
|
|
56
|
+
Thread.current[encryptor_key] = encryptor
|
|
57
57
|
yield
|
|
58
58
|
ensure
|
|
59
|
-
Thread.current[encryptor_key
|
|
59
|
+
Thread.current[encryptor_key] = nil
|
|
60
60
|
end
|
|
61
61
|
|
|
62
62
|
private def valid_encryptor?(encryptor)
|
|
63
|
-
REQUIRED_CRYPTO_OPS.all? {|m| encryptor.respond_to?(m)}
|
|
63
|
+
REQUIRED_CRYPTO_OPS.all? { |m| encryptor.respond_to?(m) }
|
|
64
64
|
end
|
|
65
65
|
|
|
66
66
|
# Lazily loads attributes if attrs is nil. It makes an http call to the
|
|
@@ -4,17 +4,17 @@ module Darrrr
|
|
|
4
4
|
class RecoveryTokenReader < BinData::Record
|
|
5
5
|
uint8 :version
|
|
6
6
|
uint8 :token_type
|
|
7
|
-
array :token_id, :
|
|
7
|
+
array :token_id, type: :uint8, read_until: lambda { index + 1 == Darrrr::TOKEN_ID_BYTE_LENGTH }
|
|
8
8
|
uint8 :options
|
|
9
9
|
uint16be :issuer_length
|
|
10
|
-
string :issuer, :
|
|
10
|
+
string :issuer, read_length: :issuer_length
|
|
11
11
|
uint16be :audience_length
|
|
12
|
-
string :audience, :
|
|
12
|
+
string :audience, read_length: :audience_length
|
|
13
13
|
uint16be :issued_time_length
|
|
14
|
-
string :issued_time, :
|
|
14
|
+
string :issued_time, read_length: :issued_time_length
|
|
15
15
|
uint16be :data_length
|
|
16
|
-
string :data, :
|
|
16
|
+
string :data, read_length: :data_length
|
|
17
17
|
uint16be :binding_data_length
|
|
18
|
-
string :binding_data, :
|
|
18
|
+
string :binding_data, read_length: :binding_data_length
|
|
19
19
|
end
|
|
20
20
|
end
|
|
@@ -4,17 +4,17 @@ module Darrrr
|
|
|
4
4
|
class RecoveryTokenWriter < BinData::Record
|
|
5
5
|
uint8 :version
|
|
6
6
|
uint8 :token_type
|
|
7
|
-
array :token_id, :
|
|
7
|
+
array :token_id, type: :uint8, initial_length: Darrrr::TOKEN_ID_BYTE_LENGTH
|
|
8
8
|
uint8 :options
|
|
9
|
-
uint16be :issuer_length, :
|
|
9
|
+
uint16be :issuer_length, value: lambda { issuer.length }
|
|
10
10
|
string :issuer
|
|
11
|
-
uint16be :audience_length, :
|
|
11
|
+
uint16be :audience_length, value: lambda { audience.length }
|
|
12
12
|
string :audience
|
|
13
|
-
uint16be :issued_time_length, :
|
|
13
|
+
uint16be :issued_time_length, value: lambda { issued_time.length }
|
|
14
14
|
string :issued_time
|
|
15
|
-
uint16be :data_length, :
|
|
15
|
+
uint16be :data_length, value: lambda { data.length }
|
|
16
16
|
string :data
|
|
17
|
-
uint16be :binding_data_length, :
|
|
17
|
+
uint16be :binding_data_length, value: lambda { binding_data.length }
|
|
18
18
|
string :binding_data
|
|
19
19
|
end
|
|
20
20
|
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: darrrr
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.1.
|
|
4
|
+
version: 0.1.6
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Neil Matatall
|
|
8
8
|
autorequire:
|
|
9
|
-
bindir:
|
|
9
|
+
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date:
|
|
11
|
+
date: 2020-03-04 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: rake
|
|
@@ -87,6 +87,7 @@ files:
|
|
|
87
87
|
- lib/darrrr/recovery_token.rb
|
|
88
88
|
- lib/darrrr/serialization/recovery_token_reader.rb
|
|
89
89
|
- lib/darrrr/serialization/recovery_token_writer.rb
|
|
90
|
+
- lib/darrrr/version.rb
|
|
90
91
|
homepage: http://github.com/github/darrrr
|
|
91
92
|
licenses:
|
|
92
93
|
- MIT
|
|
@@ -106,7 +107,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
106
107
|
- !ruby/object:Gem::Version
|
|
107
108
|
version: '0'
|
|
108
109
|
requirements: []
|
|
109
|
-
|
|
110
|
+
rubyforge_project:
|
|
111
|
+
rubygems_version: 2.7.6.2
|
|
110
112
|
signing_key:
|
|
111
113
|
specification_version: 4
|
|
112
114
|
summary: Client library for the Delegated Recovery spec
|