fernet 1.3 → 1.4
Sign up to get free protection for your applications and to get access to all the features.
- data/README.md +11 -0
- data/lib/fernet.rb +6 -0
- data/lib/fernet/verifier.rb +5 -1
- data/lib/fernet/version.rb +1 -1
- data/spec/fernet_spec.rb +10 -0
- metadata +5 -5
data/README.md
CHANGED
|
@@ -54,6 +54,17 @@ The `verified` variable will be true if:
|
|
|
54
54
|
Otherwise, `verified` will be false, and you should deny the request with an
|
|
55
55
|
HTTP 401, for example.
|
|
56
56
|
|
|
57
|
+
The `Fernet.verify` method can be awkward if extracting the plain text data is
|
|
58
|
+
required. For this case, a `verifier` can be requested that makes more
|
|
59
|
+
pleasent:
|
|
60
|
+
|
|
61
|
+
```ruby
|
|
62
|
+
verifier = Fernet.verifier(secret, token)
|
|
63
|
+
if verifier.valid? # signature valid, TTL verified
|
|
64
|
+
operate_on(verifier.data) # the original, decrypted data
|
|
65
|
+
end
|
|
66
|
+
```
|
|
67
|
+
|
|
57
68
|
The specs
|
|
58
69
|
([spec/fernet_spec.rb](https://github.com/hgmnz/fernet/blob/master/spec/fernet_spec.rb))
|
|
59
70
|
have more usage examples.
|
data/lib/fernet.rb
CHANGED
|
@@ -18,4 +18,10 @@ module Fernet
|
|
|
18
18
|
def self.verify(secret, token, encrypt = Configuration.encrypt, &block)
|
|
19
19
|
Verifier.new(secret, encrypt).verify_token(token, &block)
|
|
20
20
|
end
|
|
21
|
+
|
|
22
|
+
def self.verifier(secret, token, encrypt = Configuration.encrypt)
|
|
23
|
+
Verifier.new(secret, encrypt).tap do |v|
|
|
24
|
+
v.verify_token(token)
|
|
25
|
+
end
|
|
26
|
+
end
|
|
21
27
|
end
|
data/lib/fernet/verifier.rb
CHANGED
|
@@ -25,7 +25,11 @@ module Fernet
|
|
|
25
25
|
custom_verification = true
|
|
26
26
|
end
|
|
27
27
|
|
|
28
|
-
signatures_match? && token_recent_enough? && custom_verification
|
|
28
|
+
@valid = signatures_match? && token_recent_enough? && custom_verification
|
|
29
|
+
end
|
|
30
|
+
|
|
31
|
+
def valid?
|
|
32
|
+
@valid
|
|
29
33
|
end
|
|
30
34
|
|
|
31
35
|
def inspect
|
data/lib/fernet/version.rb
CHANGED
data/spec/fernet_spec.rb
CHANGED
|
@@ -135,4 +135,14 @@ describe Fernet do
|
|
|
135
135
|
verifier.data['password'].should == 'password1'
|
|
136
136
|
end
|
|
137
137
|
end
|
|
138
|
+
|
|
139
|
+
it 'returns the unencrypted message upon verify' do
|
|
140
|
+
token = Fernet.generate(secret) do |generator|
|
|
141
|
+
generator.data['password'] = 'password1'
|
|
142
|
+
end
|
|
143
|
+
|
|
144
|
+
verifier = Fernet.verifier(secret, token)
|
|
145
|
+
verifier.should be_valid
|
|
146
|
+
verifier.data['password'].should == 'password1'
|
|
147
|
+
end
|
|
138
148
|
end
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: fernet
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: '1.
|
|
4
|
+
version: '1.4'
|
|
5
5
|
prerelease:
|
|
6
6
|
platform: ruby
|
|
7
7
|
authors:
|
|
@@ -13,7 +13,7 @@ date: 2012-08-15 00:00:00.000000000 Z
|
|
|
13
13
|
dependencies:
|
|
14
14
|
- !ruby/object:Gem::Dependency
|
|
15
15
|
name: yajl-ruby
|
|
16
|
-
requirement: &
|
|
16
|
+
requirement: &70124570227380 !ruby/object:Gem::Requirement
|
|
17
17
|
none: false
|
|
18
18
|
requirements:
|
|
19
19
|
- - ! '>='
|
|
@@ -21,10 +21,10 @@ dependencies:
|
|
|
21
21
|
version: '0'
|
|
22
22
|
type: :runtime
|
|
23
23
|
prerelease: false
|
|
24
|
-
version_requirements: *
|
|
24
|
+
version_requirements: *70124570227380
|
|
25
25
|
- !ruby/object:Gem::Dependency
|
|
26
26
|
name: rspec
|
|
27
|
-
requirement: &
|
|
27
|
+
requirement: &70124570226960 !ruby/object:Gem::Requirement
|
|
28
28
|
none: false
|
|
29
29
|
requirements:
|
|
30
30
|
- - ! '>='
|
|
@@ -32,7 +32,7 @@ dependencies:
|
|
|
32
32
|
version: '0'
|
|
33
33
|
type: :development
|
|
34
34
|
prerelease: false
|
|
35
|
-
version_requirements: *
|
|
35
|
+
version_requirements: *70124570226960
|
|
36
36
|
description: Delicious HMAC Digest(if) authentication and encryption
|
|
37
37
|
email:
|
|
38
38
|
- harold.gimenez@gmail.com
|