RubyGems - devise_fido_usf - Versions diffs - 0.1.6 → 0.1.7 - Mend

devise_fido_usf 0.1.6 → 0.1.7

Files changed (9) hide show

checksums.yaml +4 -4
data/app/controllers/devise/fido_usf_authentications_controller.rb +16 -9
data/app/controllers/devise/fido_usf_registrations_controller.rb +15 -9
data/lib/devise_fido_usf/controllers/helpers.rb +18 -9
data/lib/devise_fido_usf/hooks/fido_usf_authenticatable.rb +10 -6
data/lib/devise_fido_usf/version.rb +1 -1
data/lib/generators/devise_fido_usf/install_generator.rb +0 -17
data/lib/generators/templates/migration.rb +5 -5
metadata +2 -2

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 6818c646ee1328a03e416afb48e95a3249a24093
-  data.tar.gz: 5363ecb84e7f86b72ed9de132c10c11e9c1e8367
+  metadata.gz: 42abbd5255725a51542abfb644b763acb7d88bc0
+  data.tar.gz: d4a778d571a0d53f8b795019b7b0f4d926c74463
 SHA512:
-  metadata.gz: 5f9f9e9ea7abe3caf6c7ee5b54da01ad66d7cde4fbdeac61d4ea5730c8927974f1cbee27cbce71da740ab16e53eda309d914484ca8bb18d28aafa402b510a000
-  data.tar.gz: 3c9f2e4522e85de76327404fde6471afe51e37b759c2226daef855d08ea0d33c08c95e4308cd9205671ba100ffca6fe3ca6d41a608ee9850ff95d6d438fc1ee9
+  metadata.gz: b3731b702a48ab0544f31482d1b00e6ddf3972ff22ff83fed7d098e111d5b3c4098eb2f9681bfcd179493ef4d3fe57c94027f52e88be5cdc5dcb061dc22ee69d
+  data.tar.gz: 538830aa044e285f94d089d89c8b21f7cd077f84c27fe3853409a4d790c17d068870e9f5329c77959b74efbe8baf0444734993d9e159fadc1dc51d9ba0fe5a6f

data/app/controllers/devise/fido_usf_authentications_controller.rb CHANGED Viewed

@@ -3,9 +3,9 @@ class Devise::FidoUsfAuthenticationsController < DeviseController
   def new
     key_handles = @resource.fido_usf_devices.map(&:key_handle)
-    @app_id = helpers.u2f.app_id
-    @sign_requests = helpers.u2f.authentication_requests(key_handles)
-    @challenge = helpers.u2f.challenge
+    @app_id = u2f.app_id
+    @sign_requests = u2f.authentication_requests(key_handles)
+    @challenge = u2f.challenge
     session[:"#{resource_name}_u2f_challenge"] = @challenge
     render :new
   end
@@ -17,14 +17,15 @@ class Devise::FidoUsfAuthenticationsController < DeviseController
       return redirect_to root_path
     end
-    registration = @resource.fido_usf_devices.find_by_key_handle(response.key_handle)
+    registration = @resource.fido_usf_devices
+                            .find_by(key_handle: response.key_handle)
     return 'Need to register first' unless registration
     begin
-      #helpers.u2f.authenticate!(session[:"#{resource_name}_u2f_challenge"], response, Base64.decode64(registration.public_key), registration.counter)
-      helpers.u2f.authenticate!(session[:"#{resource_name}_u2f_challenge"], response, registration.public_key, registration.counter)
-      registration.update(counter: response.counter, last_authenticated_at: Time.now)
+      u2f.authenticate!(session[:"#{resource_name}_u2f_challenge"], response,
+                        registration.public_key, registration.counter)
+      registration.update(counter: response.counter,
+                          last_authenticated_at: Time.now)
       # Remember the user (if applicable)
       @resource.remember_me = Devise::TRUE_VALUES.include?(session[:"#{resource_name}_remember_me"]) if @resource.respond_to?(:remember_me=)
@@ -38,10 +39,11 @@ class Devise::FidoUsfAuthenticationsController < DeviseController
       session.delete(:"#{resource_name}_u2f_challenge")
     end
-    respond_with resource, :location => after_sign_in_path_for(@resource)
+    respond_with resource, location: after_sign_in_path_for(@resource)
   end
   private
   def find_resource_and_verify_password
     @resource = send("current_#{resource_name}")
     if @resource.nil?
@@ -51,4 +53,9 @@ class Devise::FidoUsfAuthenticationsController < DeviseController
       redirect_to root_path
     end
   end
+  def u2f
+    # use base_url as app_id, e.g. 'http://localhost:3000'
+    @u2f ||= U2F::U2F.new(request.base_url)
+  end
 end

data/app/controllers/devise/fido_usf_registrations_controller.rb CHANGED Viewed

@@ -2,11 +2,11 @@ class Devise::FidoUsfRegistrationsController < ApplicationController
   before_action :authenticate_user!
   def new
-    @registration_requests = helpers.u2f.registration_requests
+    @registration_requests = u2f.registration_requests
     session[:challenges] = @registration_requests.map(&:challenge)
     key_handles = current_user.fido_usf_devices.map(&:key_handle)
-    @sign_requests = helpers.u2f.authentication_requests(key_handles)
-    @app_id = helpers.u2f.app_id
+    @sign_requests = u2f.authentication_requests(key_handles)
+    @app_id = u2f.app_id
     render :new
   end
@@ -31,8 +31,8 @@ class Devise::FidoUsfRegistrationsController < ApplicationController
   def create
     begin
       response = U2F::RegisterResponse.load_from_json(params[:response])
-      reg = helpers.u2f.register!(session[:challenges], response)
+      reg = u2f.register!(session[:challenges], response)
       pubkey = reg.public_key
       pubkey = Base64.decode64(reg.public_key) unless pubkey.bytesize == 65 && pubkey.byteslice(0) != "\x04"
@@ -68,8 +68,14 @@ class Devise::FidoUsfRegistrationsController < ApplicationController
   end
   private
-    def fido_usf_params
-      # Only allow to update the name
-      params.require(:fido_usf_device).permit(:name)
-    end
+  def fido_usf_params
+    # Only allow to update the name
+    params.require(:fido_usf_device).permit(:name)
+  end
+  def u2f
+    # use base_url as app_id, e.g. 'http://localhost:3000'
+    @u2f ||= U2F::U2F.new(request.base_url)
+  end
 end

data/lib/devise_fido_usf/controllers/helpers.rb CHANGED Viewed

@@ -26,26 +26,35 @@ module DeviseFidoUsf
       end
       def check_request_and_redirect_to_verify_fido_usf
-        if signed_in?(resource_name) && warden.session(resource_name)[:with_fido_usf_authentication]
+        if signed_in?(resource_name) &&
+           warden.session(resource_name)[:with_fido_usf_authentication]
           # login with 2fa
           id = warden.session(resource_name)[:id]
+          remember_me = Devise::TRUE_VALUES.include?(remember_me_from_params)
           return_to = session["#{resource_name}_return_to"]
-          remember_me = Devise::TRUE_VALUES.include?(sign_in_params[:remember_me])
           sign_out
-          # It is secure to put these information in a Rails 5 session
-          # because cookies are signed and encrypted.
-          session["#{resource_name}_id"] = id
-          session["#{resource_name}_remember_me"] = remember_me
-          session["#{resource_name}_password_checked"] = true
-          session["#{resource_name}_return_to"] = return_to if return_to
+          update_session_with!(id, remember_me, return_to)
           redirect_to verify_fido_usf_path_for(resource_name)
-          return
         end
       end
+      def remember_me_from_params
+        sign_in_params[:remember_me]
+      end
+      def update_session_with!(id, remember_me, return_to)
+        # It is secure to put these information in a Rails 5 session
+        # because cookies are signed and encrypted.
+        session["#{resource_name}_id"] = id
+        session["#{resource_name}_remember_me"] = remember_me
+        session["#{resource_name}_password_checked"] = true
+        session["#{resource_name}_return_to"] = return_to if return_to
+      end
       def verify_fido_usf_path_for(resource_or_scope = nil)
         scope = Devise::Mapping.find_scope!(resource_or_scope)
         send(:"new_#{scope}_fido_usf_authentication_path")

data/lib/devise_fido_usf/hooks/fido_usf_authenticatable.rb CHANGED Viewed

@@ -1,10 +1,14 @@
 Warden::Manager.after_authentication do |user, auth, options|
-  if user.respond_to?(:with_fido_usf_authentication?)
-    with_fido_usf_authentication = user.with_fido_usf_authentication?()
-    auth.session(options[:scope])[:with_fido_usf_authentication] = with_fido_usf_authentication
-    if with_fido_usf_authentication
-      auth.session(options[:scope])[:id] = user.id
+  u2fauth_enabled = true
+  u2fauth_enabled = user.u2fauth_enabled? if user.respond_to?(:u2fauth_enabled?)
+  if u2fauth_enabled
+    if user.respond_to?(:with_fido_usf_authentication?)
+      with_fido_usf_authentication = user.with_fido_usf_authentication?
+      scope = auth.session(options[:scope])
+      scope[:with_fido_usf_authentication] = with_fido_usf_authentication
+      scope[:id] = user.id if with_fido_usf_authentication
     end
   end
 end

data/lib/devise_fido_usf/version.rb CHANGED Viewed

@@ -1,3 +1,3 @@
 module DeviseFidoUsf
-  VERSION = '0.1.6'
+  VERSION = '0.1.7'
 end

data/lib/generators/devise_fido_usf/install_generator.rb CHANGED Viewed

@@ -26,12 +26,6 @@ module DeviseFidoUsf
       end
-      def add_application_helper
-        in_root do
-          inject_into_module "app/helpers/application_helper.rb", ApplicationHelper, application_helper_data
-        end
-      end
       def copy_locale
         copy_file "../../../config/locales/en.yml", "config/locales/fido_usf.en.yml"
       end
@@ -43,17 +37,6 @@ module DeviseFidoUsf
       def show_readme
         readme("README") if behavior == :invoke
       end
-      def application_helper_data
-<<RUBY
-  def u2f
-    # use base_url as app_id, e.g. 'http://localhost:3000'
-    @u2f ||= U2F::U2F.new(request.base_url)
-  end
-RUBY
-      end
     end
   end
 end

data/lib/generators/templates/migration.rb CHANGED Viewed

@@ -2,13 +2,13 @@ class Create<%= table_name.camelize %> < ActiveRecord::Migration<%= migration_ve
   def change
     create_table :<%= table_name %> do |t|
       t.references  :user,                  null: false, polymorphic: true, index: true
-      t.string      :name,                  null: false, default: ""
-      t.string      :key_handle,            null: false, limit: 255, default: ""
-      t.binary      :public_key,            null: false, limit: 10.kilobytes, default: ""
-      t.binary      :certificate,           null: false, limit: 1.megabyte, default: ""
+      t.string      :name,                  null: false, default: ''
+      t.string      :key_handle,            null: false, limit: 255, default: ''
+      t.binary      :public_key,            null: false, limit: 10.kilobytes
+      t.binary      :certificate,           null: false, limit: 1.megabyte
       t.integer     :counter,               null: false, default: 0
       t.timestamp   :last_authenticated_at, null: false
-<% attributes.each do |attribute| -%>
+<% attributes.each do |attribute| -%>
       t.<%= attribute.type %> :<%= attribute.name %>
 <% end -%>
       t.timestamps

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: devise_fido_usf
 version: !ruby/object:Gem::Version
-  version: 0.1.6
+  version: 0.1.7
 platform: ruby
 authors:
 - H. Gregor Molter
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2017-12-28 00:00:00.000000000 Z
+date: 2017-12-30 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: devise