fernet 1.3 → 1.4
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- data/README.md +11 -0
- data/lib/fernet.rb +6 -0
- data/lib/fernet/verifier.rb +5 -1
- data/lib/fernet/version.rb +1 -1
- data/spec/fernet_spec.rb +10 -0
- metadata +5 -5
data/README.md
CHANGED
|
@@ -54,6 +54,17 @@ The `verified` variable will be true if:
|
|
|
54
54
|
Otherwise, `verified` will be false, and you should deny the request with an
|
|
55
55
|
HTTP 401, for example.
|
|
56
56
|
|
|
57
|
+
The `Fernet.verify` method can be awkward if extracting the plain text data is
|
|
58
|
+
required. For this case, a `verifier` can be requested that makes more
|
|
59
|
+
pleasent:
|
|
60
|
+
|
|
61
|
+
```ruby
|
|
62
|
+
verifier = Fernet.verifier(secret, token)
|
|
63
|
+
if verifier.valid? # signature valid, TTL verified
|
|
64
|
+
operate_on(verifier.data) # the original, decrypted data
|
|
65
|
+
end
|
|
66
|
+
```
|
|
67
|
+
|
|
57
68
|
The specs
|
|
58
69
|
([spec/fernet_spec.rb](https://github.com/hgmnz/fernet/blob/master/spec/fernet_spec.rb))
|
|
59
70
|
have more usage examples.
|
data/lib/fernet.rb
CHANGED
|
@@ -18,4 +18,10 @@ module Fernet
|
|
|
18
18
|
def self.verify(secret, token, encrypt = Configuration.encrypt, &block)
|
|
19
19
|
Verifier.new(secret, encrypt).verify_token(token, &block)
|
|
20
20
|
end
|
|
21
|
+
|
|
22
|
+
def self.verifier(secret, token, encrypt = Configuration.encrypt)
|
|
23
|
+
Verifier.new(secret, encrypt).tap do |v|
|
|
24
|
+
v.verify_token(token)
|
|
25
|
+
end
|
|
26
|
+
end
|
|
21
27
|
end
|
data/lib/fernet/verifier.rb
CHANGED
|
@@ -25,7 +25,11 @@ module Fernet
|
|
|
25
25
|
custom_verification = true
|
|
26
26
|
end
|
|
27
27
|
|
|
28
|
-
signatures_match? && token_recent_enough? && custom_verification
|
|
28
|
+
@valid = signatures_match? && token_recent_enough? && custom_verification
|
|
29
|
+
end
|
|
30
|
+
|
|
31
|
+
def valid?
|
|
32
|
+
@valid
|
|
29
33
|
end
|
|
30
34
|
|
|
31
35
|
def inspect
|
data/lib/fernet/version.rb
CHANGED
data/spec/fernet_spec.rb
CHANGED
|
@@ -135,4 +135,14 @@ describe Fernet do
|
|
|
135
135
|
verifier.data['password'].should == 'password1'
|
|
136
136
|
end
|
|
137
137
|
end
|
|
138
|
+
|
|
139
|
+
it 'returns the unencrypted message upon verify' do
|
|
140
|
+
token = Fernet.generate(secret) do |generator|
|
|
141
|
+
generator.data['password'] = 'password1'
|
|
142
|
+
end
|
|
143
|
+
|
|
144
|
+
verifier = Fernet.verifier(secret, token)
|
|
145
|
+
verifier.should be_valid
|
|
146
|
+
verifier.data['password'].should == 'password1'
|
|
147
|
+
end
|
|
138
148
|
end
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: fernet
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: '1.
|
|
4
|
+
version: '1.4'
|
|
5
5
|
prerelease:
|
|
6
6
|
platform: ruby
|
|
7
7
|
authors:
|
|
@@ -13,7 +13,7 @@ date: 2012-08-15 00:00:00.000000000 Z
|
|
|
13
13
|
dependencies:
|
|
14
14
|
- !ruby/object:Gem::Dependency
|
|
15
15
|
name: yajl-ruby
|
|
16
|
-
requirement: &
|
|
16
|
+
requirement: &70124570227380 !ruby/object:Gem::Requirement
|
|
17
17
|
none: false
|
|
18
18
|
requirements:
|
|
19
19
|
- - ! '>='
|
|
@@ -21,10 +21,10 @@ dependencies:
|
|
|
21
21
|
version: '0'
|
|
22
22
|
type: :runtime
|
|
23
23
|
prerelease: false
|
|
24
|
-
version_requirements: *
|
|
24
|
+
version_requirements: *70124570227380
|
|
25
25
|
- !ruby/object:Gem::Dependency
|
|
26
26
|
name: rspec
|
|
27
|
-
requirement: &
|
|
27
|
+
requirement: &70124570226960 !ruby/object:Gem::Requirement
|
|
28
28
|
none: false
|
|
29
29
|
requirements:
|
|
30
30
|
- - ! '>='
|
|
@@ -32,7 +32,7 @@ dependencies:
|
|
|
32
32
|
version: '0'
|
|
33
33
|
type: :development
|
|
34
34
|
prerelease: false
|
|
35
|
-
version_requirements: *
|
|
35
|
+
version_requirements: *70124570226960
|
|
36
36
|
description: Delicious HMAC Digest(if) authentication and encryption
|
|
37
37
|
email:
|
|
38
38
|
- harold.gimenez@gmail.com
|