RubyGems - fernet - Versions diffs - 1.0 → 1.1 - Mend

fernet 1.0 → 1.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (9) hide show

data/fernet.gemspec CHANGED Viewed

@@ -4,8 +4,8 @@ require File.expand_path('../lib/fernet/version', __FILE__)
 Gem::Specification.new do |gem|
   gem.authors       = ["Harold Giménez"]
   gem.email         = ["harold.gimenez@gmail.com"]
-  gem.description   = %q{Delicious HMAC Digest(if) authentication}
-  gem.summary       = %q{Easily generate and verify HMAC based authentication tokens}
+  gem.description   = %q{Delicious HMAC Digest(if) authentication and encryption}
+  gem.summary       = %q{Easily generate and verify AES encrypted HMAC based authentication tokens}
   gem.homepage      = ""
   gem.files         = `git ls-files`.split($\)
@@ -15,5 +15,7 @@ Gem::Specification.new do |gem|
   gem.require_paths = ["lib"]
   gem.version       = Fernet::VERSION
+  gem.add_dependency "yajl-ruby"
   gem.add_development_dependency "rspec"
 end

data/lib/fernet.rb CHANGED Viewed

@@ -3,6 +3,10 @@ require 'fernet/generator'
 require 'fernet/verifier'
 require 'fernet/secret'
+if RUBY_VERSION == '1.8.7'
+  require 'shim/base64'
+end
 module Fernet
   def self.generate(secret, encrypt = true, &block)
     Generator.new(secret, encrypt).generate(&block)

data/lib/fernet/generator.rb CHANGED Viewed

@@ -1,5 +1,5 @@
 require 'base64'
-require 'json'
+require 'yajl'
 require 'openssl'
 require 'date'
@@ -16,13 +16,13 @@ module Fernet
     def generate
       yield self if block_given?
-      data.merge!(issued_at: DateTime.now)
+      data.merge!(:issued_at => DateTime.now)
       if encrypt?
         iv = encrypt_data!
         @payload = "#{base64(data)}|#{base64(iv)}"
       else
-        @payload = base64(JSON.dump(data))
+        @payload = base64(Yajl::Encoder.encode(data))
       end
       mac = OpenSSL::HMAC.hexdigest('sha256', payload, signing_key)
@@ -47,7 +47,7 @@ module Fernet
       iv         = cipher.random_iv
       cipher.iv  = iv
       cipher.key = encryption_key
-      @data = cipher.update(JSON.dump(data)) + cipher.final
+      @data = cipher.update(Yajl::Encoder.encode(data)) + cipher.final
       iv
     end

data/lib/fernet/secret.rb CHANGED Viewed

@@ -6,12 +6,12 @@ module Fernet
     end
     def encryption_key
-      @secret.byteslice(@secret.bytesize/2, @secret.bytesize)
+      @secret.slice(@secret.size/2, @secret.size)
     end
     def signing_key
       if @encrypt
-        @secret.byteslice(0, @secret.bytesize/2)
+        @secret.slice(0, @secret.size/2)
       else
         @secret
       end

data/lib/fernet/verifier.rb CHANGED Viewed

@@ -1,16 +1,18 @@
 require 'base64'
-require 'json'
+require 'yajl'
 require 'openssl'
 require 'date'
 module Fernet
   class Verifier
     attr_reader :token, :data
-    attr_writer :seconds_valid
+    attr_accessor :ttl, :enforce_ttl
     def initialize(secret, decrypt)
-      @secret  = Secret.new(secret, decrypt)
-      @decrypt = decrypt
+      @secret      = Secret.new(secret, decrypt)
+      @decrypt     = decrypt
+      @ttl         = 60
+      @enforce_ttl = true
     end
     def verify_token(token)
@@ -27,7 +29,7 @@ module Fernet
     end
     def inspect
-      "#<Fernet::Verifier @secret=[masked] @token=#{@token} @data=#{@data.inspect} @seconds_valid=#{@seconds_valid}>"
+      "#<Fernet::Verifier @secret=[masked] @token=#{@token} @data=#{@data.inspect} @ttl=#{@ttl}>"
     end
     alias to_s inspect
@@ -38,18 +40,22 @@ module Fernet
       parts = @token.split('|')
       if decrypt?
         encrypted_data, iv, @received_signature = *parts
-        @data = JSON.parse(decrypt!(encrypted_data, Base64.urlsafe_decode64(iv)))
+        @data = Yajl::Parser.parse(decrypt!(encrypted_data, Base64.urlsafe_decode64(iv)))
         signing_blob = "#{encrypted_data}|#{iv}"
       else
         encoded_data, @received_signature = *parts
         signing_blob = encoded_data
-        @data = JSON.parse(Base64.urlsafe_decode64(encoded_data))
+        @data = Yajl::Parser.parse(Base64.urlsafe_decode64(encoded_data))
       end
       @regenerated_mac = OpenSSL::HMAC.hexdigest('sha256', signing_blob, signing_key)
     end
     def token_recent_enough?
-      DateTime.parse(data['issued_at']) > (DateTime.now - 60)
+      if enforce_ttl?
+        DateTime.parse(data['issued_at']) > (now - ttl)
+      else
+        true
+      end
     end
     def signatures_match?
@@ -80,5 +86,12 @@ module Fernet
       @decrypt
     end
+    def enforce_ttl?
+      @enforce_ttl
+    end
+    def now
+      DateTime.now
+    end
   end
 end

data/lib/fernet/version.rb CHANGED Viewed

@@ -1,3 +1,3 @@
 module Fernet
-  VERSION = "1.0"
+  VERSION = "1.1"
 end

data/lib/shim/base64.rb ADDED Viewed

@@ -0,0 +1,21 @@
+Base64.class_eval do
+  def strict_encode64(bin)
+    encode64(bin).tr("\n",'')
+  end
+  def strict_decode64(str)
+    unless str.include?("\n")
+      decode64(str)
+    else
+      raise(ArgumentError,"invalid base64")
+    end
+  end
+  def urlsafe_encode64(bin)
+    strict_encode64(bin).tr("+/", "-_")
+  end
+  def urlsafe_decode64(str)
+    strict_decode64(str.tr("-_", "+/"))
+  end
+end

data/spec/fernet_spec.rb CHANGED Viewed

@@ -3,11 +3,11 @@ require 'fernet'
 describe Fernet do
   let(:token_data) do
-    { email: 'harold@heroku.com', id: '123', arbitrary: 'data' }
+    { :email => 'harold@heroku.com', :id => '123', :arbitrary => 'data' }
   end
-  let(:secret) { 'JrdICDH6x3M7duQeM8dJEMK4Y5TkBIsYDw1lPy35RiY=' }
-  let(:bad_secret) { 'jrdICDH6x3M7duQeM8dJEMK4Y5TkBIsYDw1lPy35RiY=' }
+  let(:secret)     { 'JrdICDH6x3M7duQeM8dJEMK4Y5TkBIsYDw1lPy35RiY=' }
+  let(:bad_secret) { 'badICDH6x3M7duQeM8dJEMK4Y5TkBIsYDw1lPy35RiY=' }
   it 'can verify tokens it generates' do
     token = Fernet.generate(secret) do |generator|
@@ -45,7 +45,7 @@ describe Fernet do
     end
     Fernet.verify(bad_secret, token) do |verifier|
-      verifier.seconds_valid = 0
+      verifier.ttl = 0
     end.should be_false
   end
@@ -57,6 +57,20 @@ describe Fernet do
     Fernet.verify(secret, token).should be_true
   end
+  it 'can TTL enforcement' do
+    token = Fernet.generate(secret) do |generator|
+      generator.data = token_data
+    end
+    Fernet.verify(secret, token) do |verifier|
+      def verifier.now
+        Time.now + 99999999999
+      end
+      verifier.enforce_ttl = false
+      true
+    end.should be_true
+  end
   it 'generates without custom data' do
     token = Fernet.generate(secret)
@@ -88,5 +102,4 @@ describe Fernet do
       verifier.data['password'].should == 'password1'
     end
   end
 end

metadata CHANGED Viewed

@@ -1,34 +1,59 @@
---- !ruby/object:Gem::Specification
+--- !ruby/object:Gem::Specification
 name: fernet
-version: !ruby/object:Gem::Version
-  version: '1.0'
+version: !ruby/object:Gem::Version
+  hash: 13
   prerelease:
+  segments:
+  - 1
+  - 1
+  version: "1.1"
 platform: ruby
-authors:
-- Harold Giménez
+authors:
+- "Harold Gim\xC3\xA9nez"
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2012-08-14 00:00:00.000000000 Z
-dependencies:
-- !ruby/object:Gem::Dependency
+date: 2012-08-15 00:00:00 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: yajl-ruby
+  prerelease: false
+  requirement: &id001 !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        hash: 3
+        segments:
+        - 0
+        version: "0"
+  type: :runtime
+  version_requirements: *id001
+- !ruby/object:Gem::Dependency
   name: rspec
-  requirement: &70135148211780 !ruby/object:Gem::Requirement
+  prerelease: false
+  requirement: &id002 !ruby/object:Gem::Requirement
     none: false
-    requirements:
-    - - ! '>='
-      - !ruby/object:Gem::Version
-        version: '0'
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        hash: 3
+        segments:
+        - 0
+        version: "0"
   type: :development
-  prerelease: false
-  version_requirements: *70135148211780
-description: Delicious HMAC Digest(if) authentication
-email:
+  version_requirements: *id002
+description: Delicious HMAC Digest(if) authentication and encryption
+email:
 - harold.gimenez@gmail.com
 executables: []
 extensions: []
 extra_rdoc_files: []
-files:
+files:
 - .gitignore
 - .rspec
 - Gemfile
@@ -41,32 +66,42 @@ files:
 - lib/fernet/secret.rb
 - lib/fernet/verifier.rb
 - lib/fernet/version.rb
+- lib/shim/base64.rb
 - spec/fernet_spec.rb
 - spec/spec_helper.rb
-homepage: ''
+homepage: ""
 licenses: []
 post_install_message:
 rdoc_options: []
-require_paths:
+require_paths:
 - lib
-required_ruby_version: !ruby/object:Gem::Requirement
+required_ruby_version: !ruby/object:Gem::Requirement
   none: false
-  requirements:
-  - - ! '>='
-    - !ruby/object:Gem::Version
-      version: '0'
-required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      hash: 3
+      segments:
+      - 0
+      version: "0"
+required_rubygems_version: !ruby/object:Gem::Requirement
   none: false
-  requirements:
-  - - ! '>='
-    - !ruby/object:Gem::Version
-      version: '0'
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      hash: 3
+      segments:
+      - 0
+      version: "0"
 requirements: []
 rubyforge_project:
 rubygems_version: 1.8.10
 signing_key:
 specification_version: 3
-summary: Easily generate and verify HMAC based authentication tokens
-test_files:
+summary: Easily generate and verify AES encrypted HMAC based authentication tokens
+test_files:
 - spec/fernet_spec.rb
 - spec/spec_helper.rb