RubyGems - devise_fido_usf - Versions diffs - 0.1.6 → 0.1.7 - Mend

devise_fido_usf 0.1.6 → 0.1.7

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (9) hide show

checksums.yaml +4 -4
data/app/controllers/devise/fido_usf_authentications_controller.rb +16 -9
data/app/controllers/devise/fido_usf_registrations_controller.rb +15 -9
data/lib/devise_fido_usf/controllers/helpers.rb +18 -9
data/lib/devise_fido_usf/hooks/fido_usf_authenticatable.rb +10 -6
data/lib/devise_fido_usf/version.rb +1 -1
data/lib/generators/devise_fido_usf/install_generator.rb +0 -17
data/lib/generators/templates/migration.rb +5 -5
metadata +2 -2

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 6818c646ee1328a03e416afb48e95a3249a24093
-  data.tar.gz: 5363ecb84e7f86b72ed9de132c10c11e9c1e8367
+  metadata.gz: 42abbd5255725a51542abfb644b763acb7d88bc0
+  data.tar.gz: d4a778d571a0d53f8b795019b7b0f4d926c74463
 SHA512:
-  metadata.gz: 5f9f9e9ea7abe3caf6c7ee5b54da01ad66d7cde4fbdeac61d4ea5730c8927974f1cbee27cbce71da740ab16e53eda309d914484ca8bb18d28aafa402b510a000
-  data.tar.gz: 3c9f2e4522e85de76327404fde6471afe51e37b759c2226daef855d08ea0d33c08c95e4308cd9205671ba100ffca6fe3ca6d41a608ee9850ff95d6d438fc1ee9
+  metadata.gz: b3731b702a48ab0544f31482d1b00e6ddf3972ff22ff83fed7d098e111d5b3c4098eb2f9681bfcd179493ef4d3fe57c94027f52e88be5cdc5dcb061dc22ee69d
+  data.tar.gz: 538830aa044e285f94d089d89c8b21f7cd077f84c27fe3853409a4d790c17d068870e9f5329c77959b74efbe8baf0444734993d9e159fadc1dc51d9ba0fe5a6f

data/app/controllers/devise/fido_usf_authentications_controller.rb CHANGED Viewed

@@ -3,9 +3,9 @@ class Devise::FidoUsfAuthenticationsController < DeviseController
   def new
     key_handles = @resource.fido_usf_devices.map(&:key_handle)
-    @app_id = helpers.u2f.app_id
-    @sign_requests = helpers.u2f.authentication_requests(key_handles)
-    @challenge = helpers.u2f.challenge
+    @app_id = u2f.app_id
+    @sign_requests = u2f.authentication_requests(key_handles)
+    @challenge = u2f.challenge
     session[:"#{resource_name}_u2f_challenge"] = @challenge
     render :new
   end
@@ -17,14 +17,15 @@ class Devise::FidoUsfAuthenticationsController < DeviseController
       return redirect_to root_path
     end
-    registration = @resource.fido_usf_devices.find_by_key_handle(response.key_handle)
+    registration = @resource.fido_usf_devices
+                            .find_by(key_handle: response.key_handle)
     return 'Need to register first' unless registration
     begin
-      #helpers.u2f.authenticate!(session[:"#{resource_name}_u2f_challenge"], response, Base64.decode64(registration.public_key), registration.counter)
-      helpers.u2f.authenticate!(session[:"#{resource_name}_u2f_challenge"], response, registration.public_key, registration.counter)
-      registration.update(counter: response.counter, last_authenticated_at: Time.now)
+      u2f.authenticate!(session[:"#{resource_name}_u2f_challenge"], response,
+                        registration.public_key, registration.counter)
+      registration.update(counter: response.counter,
+                          last_authenticated_at: Time.now)
       # Remember the user (if applicable)
       @resource.remember_me = Devise::TRUE_VALUES.include?(session[:"#{resource_name}_remember_me"]) if @resource.respond_to?(:remember_me=)
@@ -38,10 +39,11 @@ class Devise::FidoUsfAuthenticationsController < DeviseController
       session.delete(:"#{resource_name}_u2f_challenge")
     end
-    respond_with resource, :location => after_sign_in_path_for(@resource)
+    respond_with resource, location: after_sign_in_path_for(@resource)
   end
   private
   def find_resource_and_verify_password
     @resource = send("current_#{resource_name}")
     if @resource.nil?
@@ -51,4 +53,9 @@ class Devise::FidoUsfAuthenticationsController < DeviseController
       redirect_to root_path
     end
   end
+  def u2f
+    # use base_url as app_id, e.g. 'http://localhost:3000'
+    @u2f ||= U2F::U2F.new(request.base_url)
+  end
 end

data/app/controllers/devise/fido_usf_registrations_controller.rb CHANGED Viewed

@@ -2,11 +2,11 @@ class Devise::FidoUsfRegistrationsController < ApplicationController
   before_action :authenticate_user!
   def new
-    @registration_requests = helpers.u2f.registration_requests
+    @registration_requests = u2f.registration_requests
     session[:challenges] = @registration_requests.map(&:challenge)
     key_handles = current_user.fido_usf_devices.map(&:key_handle)
-    @sign_requests = helpers.u2f.authentication_requests(key_handles)
-    @app_id = helpers.u2f.app_id
+    @sign_requests = u2f.authentication_requests(key_handles)
+    @app_id = u2f.app_id
     render :new
   end
@@ -31,8 +31,8 @@ class Devise::FidoUsfRegistrationsController < ApplicationController
   def create
     begin
       response = U2F::RegisterResponse.load_from_json(params[:response])
-      reg = helpers.u2f.register!(session[:challenges], response)
+      reg = u2f.register!(session[:challenges], response)
       pubkey = reg.public_key
       pubkey = Base64.decode64(reg.public_key) unless pubkey.bytesize == 65 && pubkey.byteslice(0) != "\x04"
@@ -68,8 +68,14 @@ class Devise::FidoUsfRegistrationsController < ApplicationController
   end
   private
-    def fido_usf_params
-      # Only allow to update the name
-      params.require(:fido_usf_device).permit(:name)
-    end
+  def fido_usf_params
+    # Only allow to update the name
+    params.require(:fido_usf_device).permit(:name)
+  end
+  def u2f
+    # use base_url as app_id, e.g. 'http://localhost:3000'
+    @u2f ||= U2F::U2F.new(request.base_url)
+  end
 end

data/lib/devise_fido_usf/controllers/helpers.rb CHANGED Viewed

@@ -26,26 +26,35 @@ module DeviseFidoUsf
       end
       def check_request_and_redirect_to_verify_fido_usf
-        if signed_in?(resource_name) && warden.session(resource_name)[:with_fido_usf_authentication]
+        if signed_in?(resource_name) &&
+           warden.session(resource_name)[:with_fido_usf_authentication]
           # login with 2fa
           id = warden.session(resource_name)[:id]
+          remember_me = Devise::TRUE_VALUES.include?(remember_me_from_params)
           return_to = session["#{resource_name}_return_to"]
-          remember_me = Devise::TRUE_VALUES.include?(sign_in_params[:remember_me])
           sign_out
-          # It is secure to put these information in a Rails 5 session
-          # because cookies are signed and encrypted.
-          session["#{resource_name}_id"] = id
-          session["#{resource_name}_remember_me"] = remember_me
-          session["#{resource_name}_password_checked"] = true
-          session["#{resource_name}_return_to"] = return_to if return_to
+          update_session_with!(id, remember_me, return_to)
           redirect_to verify_fido_usf_path_for(resource_name)
-          return
         end
       end
+      def remember_me_from_params
+        sign_in_params[:remember_me]
+      end
+      def update_session_with!(id, remember_me, return_to)
+        # It is secure to put these information in a Rails 5 session
+        # because cookies are signed and encrypted.
+        session["#{resource_name}_id"] = id
+        session["#{resource_name}_remember_me"] = remember_me
+        session["#{resource_name}_password_checked"] = true
+        session["#{resource_name}_return_to"] = return_to if return_to
+      end
       def verify_fido_usf_path_for(resource_or_scope = nil)
         scope = Devise::Mapping.find_scope!(resource_or_scope)
         send(:"new_#{scope}_fido_usf_authentication_path")

data/lib/devise_fido_usf/hooks/fido_usf_authenticatable.rb CHANGED Viewed

@@ -1,10 +1,14 @@
 Warden::Manager.after_authentication do |user, auth, options|
-  if user.respond_to?(:with_fido_usf_authentication?)
-    with_fido_usf_authentication = user.with_fido_usf_authentication?()
-    auth.session(options[:scope])[:with_fido_usf_authentication] = with_fido_usf_authentication
-    if with_fido_usf_authentication
-      auth.session(options[:scope])[:id] = user.id
+  u2fauth_enabled = true
+  u2fauth_enabled = user.u2fauth_enabled? if user.respond_to?(:u2fauth_enabled?)
+  if u2fauth_enabled
+    if user.respond_to?(:with_fido_usf_authentication?)
+      with_fido_usf_authentication = user.with_fido_usf_authentication?
+      scope = auth.session(options[:scope])
+      scope[:with_fido_usf_authentication] = with_fido_usf_authentication
+      scope[:id] = user.id if with_fido_usf_authentication
     end
   end
 end

data/lib/devise_fido_usf/version.rb CHANGED Viewed

@@ -1,3 +1,3 @@
 module DeviseFidoUsf
-  VERSION = '0.1.6'
+  VERSION = '0.1.7'
 end

data/lib/generators/devise_fido_usf/install_generator.rb CHANGED Viewed

@@ -26,12 +26,6 @@ module DeviseFidoUsf
       end
-      def add_application_helper
-        in_root do
-          inject_into_module "app/helpers/application_helper.rb", ApplicationHelper, application_helper_data
-        end
-      end
       def copy_locale
         copy_file "../../../config/locales/en.yml", "config/locales/fido_usf.en.yml"
       end
@@ -43,17 +37,6 @@ module DeviseFidoUsf
       def show_readme
         readme("README") if behavior == :invoke
       end
-      def application_helper_data
-<<RUBY
-  def u2f
-    # use base_url as app_id, e.g. 'http://localhost:3000'
-    @u2f ||= U2F::U2F.new(request.base_url)
-  end
-RUBY
-      end
     end
   end
 end

data/lib/generators/templates/migration.rb CHANGED Viewed

@@ -2,13 +2,13 @@ class Create<%= table_name.camelize %> < ActiveRecord::Migration<%= migration_ve
   def change
     create_table :<%= table_name %> do |t|
       t.references  :user,                  null: false, polymorphic: true, index: true
-      t.string      :name,                  null: false, default: ""
-      t.string      :key_handle,            null: false, limit: 255, default: ""
-      t.binary      :public_key,            null: false, limit: 10.kilobytes, default: ""
-      t.binary      :certificate,           null: false, limit: 1.megabyte, default: ""
+      t.string      :name,                  null: false, default: ''
+      t.string      :key_handle,            null: false, limit: 255, default: ''
+      t.binary      :public_key,            null: false, limit: 10.kilobytes
+      t.binary      :certificate,           null: false, limit: 1.megabyte
       t.integer     :counter,               null: false, default: 0
       t.timestamp   :last_authenticated_at, null: false
-<% attributes.each do |attribute| -%>
+<% attributes.each do |attribute| -%>
       t.<%= attribute.type %> :<%= attribute.name %>
 <% end -%>
       t.timestamps

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: devise_fido_usf
 version: !ruby/object:Gem::Version
-  version: 0.1.6
+  version: 0.1.7
 platform: ruby
 authors:
 - H. Gregor Molter
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2017-12-28 00:00:00.000000000 Z
+date: 2017-12-30 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: devise