flow_client 0.1.1 → 0.1.2
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.github/workflows/brakeman-analysis.yml +46 -0
- data/.github/workflows/rubocop-analysis.yml +47 -0
- data/Gemfile +1 -4
- data/Gemfile.lock +7 -12
- data/README.md +29 -2
- data/flow_client.gemspec +0 -4
- data/lib/flow_client/crypto.rb +28 -3
- data/lib/flow_client/version.rb +1 -1
- metadata +4 -44
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 3bd686d62caad9fb944665388d7014910df8500b7252f6962e9cd46a9d78a95a
|
4
|
+
data.tar.gz: d2357ad477ce9fa62f60ab0d510849e110aa172b9a2219f5986a5cecfa4992a3
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: d589dbbda843abd41dac7cbfa7b2406bf1bffbbff7ed8bede326c2df5b21da048a35ec390762ccf9638a7ad7b38f527dfe47dd6243c4b601a8047a1106b3a504
|
7
|
+
data.tar.gz: 47824803a2aac66cd2c272a1846ff09e02124187860faab26f2f6508ad9c929cee1acf4f414091793ed14b9156f003e172143f00892e14ccbde8a1c6649b9ab7
|
@@ -0,0 +1,46 @@
|
|
1
|
+
# This workflow integrates Brakeman with GitHub's Code Scanning feature
|
2
|
+
# Brakeman is a static analysis security vulnerability scanner for Ruby on Rails applications
|
3
|
+
|
4
|
+
name: Brakeman Scan
|
5
|
+
|
6
|
+
on:
|
7
|
+
push:
|
8
|
+
branches: [ main ]
|
9
|
+
pull_request:
|
10
|
+
# The branches below must be a subset of the branches above
|
11
|
+
branches: [ main ]
|
12
|
+
schedule:
|
13
|
+
- cron: '44 7 * * 1'
|
14
|
+
|
15
|
+
jobs:
|
16
|
+
brakeman-scan:
|
17
|
+
name: Brakeman Scan
|
18
|
+
runs-on: ubuntu-latest
|
19
|
+
steps:
|
20
|
+
# Checkout the repository to the GitHub Actions runner
|
21
|
+
- name: Checkout
|
22
|
+
uses: actions/checkout@v2
|
23
|
+
|
24
|
+
# Customize the ruby version depending on your needs
|
25
|
+
- name: Setup Ruby
|
26
|
+
uses: actions/setup-ruby@v1
|
27
|
+
with:
|
28
|
+
ruby-version: '2.7'
|
29
|
+
|
30
|
+
- name: Setup Brakeman
|
31
|
+
env:
|
32
|
+
BRAKEMAN_VERSION: '4.10' # SARIF support is provided in Brakeman version 4.10+
|
33
|
+
run: |
|
34
|
+
gem install brakeman --version $BRAKEMAN_VERSION
|
35
|
+
|
36
|
+
# Execute Brakeman CLI and generate a SARIF output with the security issues identified during the analysis
|
37
|
+
- name: Scan
|
38
|
+
continue-on-error: true
|
39
|
+
run: |
|
40
|
+
brakeman -f sarif -o output.sarif.json .
|
41
|
+
|
42
|
+
# Upload the SARIF file generated in the previous step
|
43
|
+
- name: Upload SARIF
|
44
|
+
uses: github/codeql-action/upload-sarif@v1
|
45
|
+
with:
|
46
|
+
sarif_file: output.sarif.json
|
@@ -0,0 +1,47 @@
|
|
1
|
+
# pulled from repo
|
2
|
+
name: "Rubocop"
|
3
|
+
|
4
|
+
on:
|
5
|
+
push:
|
6
|
+
branches: [ main ]
|
7
|
+
pull_request:
|
8
|
+
# The branches below must be a subset of the branches above
|
9
|
+
branches: [ main ]
|
10
|
+
schedule:
|
11
|
+
- cron: '16 3 * * 1'
|
12
|
+
|
13
|
+
jobs:
|
14
|
+
rubocop:
|
15
|
+
runs-on: ubuntu-latest
|
16
|
+
strategy:
|
17
|
+
fail-fast: false
|
18
|
+
|
19
|
+
steps:
|
20
|
+
- name: Checkout repository
|
21
|
+
uses: actions/checkout@v2
|
22
|
+
|
23
|
+
# If running on a self-hosted runner, check it meets the requirements
|
24
|
+
# listed at https://github.com/ruby/setup-ruby#using-self-hosted-runners
|
25
|
+
- name: Set up Ruby
|
26
|
+
uses: ruby/setup-ruby@v1
|
27
|
+
with:
|
28
|
+
ruby-version: 2.6
|
29
|
+
|
30
|
+
# This step is not necessary if you add the gem to your Gemfile
|
31
|
+
- name: Install Code Scanning integration
|
32
|
+
run: bundle add code-scanning-rubocop --version 0.3.0 --skip-install
|
33
|
+
|
34
|
+
- name: Install dependencies
|
35
|
+
run: bundle install
|
36
|
+
|
37
|
+
- name: Rubocop run
|
38
|
+
run: |
|
39
|
+
bash -c "
|
40
|
+
bundle exec rubocop --require code_scanning --format CodeScanning::SarifFormatter -o rubocop.sarif
|
41
|
+
[[ $? -ne 2 ]]
|
42
|
+
"
|
43
|
+
|
44
|
+
- name: Upload Sarif output
|
45
|
+
uses: github/codeql-action/upload-sarif@v1
|
46
|
+
with:
|
47
|
+
sarif_file: rubocop.sarif
|
data/Gemfile
CHANGED
data/Gemfile.lock
CHANGED
@@ -1,15 +1,12 @@
|
|
1
1
|
PATH
|
2
2
|
remote: .
|
3
3
|
specs:
|
4
|
-
flow_client (0.1.
|
5
|
-
digest-sha3
|
6
|
-
ecdsa
|
4
|
+
flow_client (0.1.2)
|
7
5
|
grpc
|
8
6
|
grpc-tools
|
9
7
|
json
|
10
8
|
openssl
|
11
9
|
rlp
|
12
|
-
rspec
|
13
10
|
|
14
11
|
GEM
|
15
12
|
remote: https://rubygems.org/
|
@@ -17,8 +14,6 @@ GEM
|
|
17
14
|
ast (2.4.2)
|
18
15
|
coderay (1.1.3)
|
19
16
|
diff-lcs (1.4.4)
|
20
|
-
digest-sha3 (1.0.2)
|
21
|
-
ecdsa (1.2.0)
|
22
17
|
ffi (1.15.3)
|
23
18
|
formatador (0.3.0)
|
24
19
|
google-protobuf (3.17.3-universal-darwin)
|
@@ -28,13 +23,13 @@ GEM
|
|
28
23
|
google-protobuf (~> 3.15)
|
29
24
|
googleapis-common-protos-types (~> 1.0)
|
30
25
|
grpc-tools (1.38.0)
|
31
|
-
guard (2.
|
26
|
+
guard (2.18.0)
|
32
27
|
formatador (>= 0.2.4)
|
33
28
|
listen (>= 2.7, < 4.0)
|
34
29
|
lumberjack (>= 1.0.12, < 2.0)
|
35
30
|
nenv (~> 0.1)
|
36
31
|
notiffany (~> 0.0)
|
37
|
-
pry (>= 0.
|
32
|
+
pry (>= 0.13.0)
|
38
33
|
shellany (~> 0.0)
|
39
34
|
thor (>= 0.18.1)
|
40
35
|
guard-compat (1.2.1)
|
@@ -43,7 +38,7 @@ GEM
|
|
43
38
|
guard-compat (~> 1.1)
|
44
39
|
rspec (>= 2.99.0, < 4.0)
|
45
40
|
json (2.5.1)
|
46
|
-
listen (3.
|
41
|
+
listen (3.7.0)
|
47
42
|
rb-fsevent (~> 0.10, >= 0.10.3)
|
48
43
|
rb-inotify (~> 0.9, >= 0.9.10)
|
49
44
|
lumberjack (1.2.8)
|
@@ -80,16 +75,16 @@ GEM
|
|
80
75
|
diff-lcs (>= 1.2.0, < 2.0)
|
81
76
|
rspec-support (~> 3.10.0)
|
82
77
|
rspec-support (3.10.2)
|
83
|
-
rubocop (1.
|
78
|
+
rubocop (1.19.1)
|
84
79
|
parallel (~> 1.10)
|
85
80
|
parser (>= 3.0.0.0)
|
86
81
|
rainbow (>= 2.2.2, < 4.0)
|
87
82
|
regexp_parser (>= 1.8, < 3.0)
|
88
83
|
rexml
|
89
|
-
rubocop-ast (>= 1.
|
84
|
+
rubocop-ast (>= 1.9.1, < 2.0)
|
90
85
|
ruby-progressbar (~> 1.7)
|
91
86
|
unicode-display_width (>= 1.4.0, < 3.0)
|
92
|
-
rubocop-ast (1.
|
87
|
+
rubocop-ast (1.10.0)
|
93
88
|
parser (>= 3.0.1.1)
|
94
89
|
ruby-progressbar (1.11.0)
|
95
90
|
shellany (0.0.1)
|
data/README.md
CHANGED
@@ -1,3 +1,5 @@
|
|
1
|
+
[![Gem Version](https://badge.fury.io/rb/flow_client.svg)](https://badge.fury.io/rb/flow_client)
|
2
|
+
|
1
3
|
# FlowClient
|
2
4
|
|
3
5
|
FlowClient is a Ruby gRPC client for Flow (onflow.org)
|
@@ -13,7 +15,7 @@ FlowClient is a Ruby gRPC client for Flow (onflow.org)
|
|
13
15
|
- [x] Get a transaction
|
14
16
|
- [x] Single account signing
|
15
17
|
- [ ] Multi account signing
|
16
|
-
- [
|
18
|
+
- [x] secp256k1 keys
|
17
19
|
- [x] prime256v1 keys
|
18
20
|
|
19
21
|
### Flow Data
|
@@ -43,16 +45,24 @@ Or install it yourself as:
|
|
43
45
|
client = FlowClient::Client.new("access.devnet.nodes.onflow.org:9000")
|
44
46
|
res = client.ping
|
45
47
|
```
|
48
|
+
### Accounts
|
49
|
+
|
50
|
+
```ruby
|
51
|
+
# get_account(account_address)
|
52
|
+
res = client.get_account("0xAlice")
|
53
|
+
```
|
54
|
+
|
46
55
|
### Events
|
47
56
|
|
48
57
|
```ruby
|
49
|
-
get_events(type, start_height, end_height)
|
58
|
+
# get_events(type, start_height, end_height)
|
50
59
|
res = client.get_events("A.0b2a3299cc857e29.TopShot.Deposit", 12913388, 12913389)
|
51
60
|
```
|
52
61
|
|
53
62
|
### Scripts
|
54
63
|
|
55
64
|
```ruby
|
65
|
+
# execute_script(cadence_string, args_array)
|
56
66
|
args = [{ type: "Address", value: "0xAlice" }.to_json]
|
57
67
|
# Execute a Cadence script
|
58
68
|
res = client.execute_script(script, args)
|
@@ -61,6 +71,15 @@ res = client.execute_script(script, args)
|
|
61
71
|
### Transactions
|
62
72
|
|
63
73
|
```ruby
|
74
|
+
# Construct a key - left pad with 0x04 to indicate it is uncompressed
|
75
|
+
# as per https://datatracker.ietf.org/doc/html/rfc5480. You can generate keys
|
76
|
+
# using the Flow CLI command `flow keys generate`
|
77
|
+
key = FlowClient::Crypto.key_from_hex_keys(
|
78
|
+
"<priv key hex>",
|
79
|
+
"04<public key hex>"
|
80
|
+
)
|
81
|
+
|
82
|
+
# Send a transaction with a single signer, proposer and authorizer
|
64
83
|
transaction = FlowClient::Transaction.new
|
65
84
|
transaction.script = cadence
|
66
85
|
transaction.reference_block_id = ref_block_id
|
@@ -74,6 +93,14 @@ transaction.payer_address = "0xAlice"
|
|
74
93
|
transaction.authorizer_addresses = ["0xAlice"]
|
75
94
|
transaction.add_envelope_signature("0xAlice", 0, key)
|
76
95
|
res = client.send_transaction(transaction)
|
96
|
+
|
97
|
+
# Get a transaction
|
98
|
+
# get_transaction(transaction_id)
|
99
|
+
client.get_transaction(res.id.unpack("H*"))
|
100
|
+
|
101
|
+
# Get a transaction result
|
102
|
+
# get_transaction_result(transaction_id)
|
103
|
+
client.get_transaction_result(res.id.unpack("H*"))
|
77
104
|
```
|
78
105
|
|
79
106
|
### Address Alias Resolution
|
data/flow_client.gemspec
CHANGED
@@ -7,7 +7,6 @@ Gem::Specification.new do |spec|
|
|
7
7
|
spec.version = FlowClient::VERSION
|
8
8
|
spec.authors = ["Nico du Plessis"]
|
9
9
|
spec.email = ["nico@glucode.com"]
|
10
|
-
|
11
10
|
spec.summary = "A Ruby client for the Flow blockchain"
|
12
11
|
spec.description = "A Ruby client for the Flow blockchain"
|
13
12
|
spec.homepage = "https://github.com/glucode/flow_client"
|
@@ -30,14 +29,11 @@ Gem::Specification.new do |spec|
|
|
30
29
|
spec.require_paths = ["lib"]
|
31
30
|
|
32
31
|
# Uncomment to register a new dependency of your gem
|
33
|
-
spec.add_dependency "digest-sha3"
|
34
|
-
spec.add_dependency "ecdsa"
|
35
32
|
spec.add_dependency "grpc"
|
36
33
|
spec.add_dependency "grpc-tools"
|
37
34
|
spec.add_dependency "json"
|
38
35
|
spec.add_dependency "openssl"
|
39
36
|
spec.add_dependency "rlp"
|
40
|
-
spec.add_dependency "rspec"
|
41
37
|
|
42
38
|
# For more information and examples about making a new gem, checkout our
|
43
39
|
# guide at: https://bundler.io/guides/creating_gem.html
|
data/lib/flow_client/crypto.rb
CHANGED
@@ -3,7 +3,14 @@
|
|
3
3
|
require "openssl"
|
4
4
|
|
5
5
|
module FlowClient
|
6
|
+
# Crypto helpers
|
6
7
|
class Crypto
|
8
|
+
module Curves
|
9
|
+
P256 = "prime256v1"
|
10
|
+
SECP256K1 = "secp256k1"
|
11
|
+
end
|
12
|
+
|
13
|
+
# Sign data using the provided key
|
7
14
|
def self.sign(data, key)
|
8
15
|
digest = OpenSSL::Digest.digest("SHA3-256", data)
|
9
16
|
asn = key.dsa_sign_asn1(digest)
|
@@ -14,20 +21,38 @@ module FlowClient
|
|
14
21
|
combined_bytes.pack("C*")
|
15
22
|
end
|
16
23
|
|
17
|
-
#
|
24
|
+
# Constructs an OpenSSL::PKey::EC key from an octet string
|
25
|
+
# keypair.
|
26
|
+
#
|
18
27
|
# secp256k1
|
19
28
|
# prime256v1
|
20
|
-
def self.key_from_hex_keys(private_hex, public_hex)
|
29
|
+
def self.key_from_hex_keys(private_hex, public_hex, algo = Curves::P256)
|
21
30
|
asn1 = OpenSSL::ASN1::Sequence(
|
22
31
|
[
|
23
32
|
OpenSSL::ASN1::Integer(1),
|
24
33
|
OpenSSL::ASN1::OctetString([private_hex].pack("H*")),
|
25
|
-
OpenSSL::ASN1::ObjectId(
|
34
|
+
OpenSSL::ASN1::ObjectId(algo, 0, :EXPLICIT),
|
26
35
|
OpenSSL::ASN1::BitString([public_hex].pack("H*"), 1, :EXPLICIT)
|
27
36
|
]
|
28
37
|
)
|
29
38
|
|
30
39
|
OpenSSL::PKey::EC.new(asn1.to_der)
|
31
40
|
end
|
41
|
+
|
42
|
+
# Returns an octet string keypair.
|
43
|
+
#
|
44
|
+
# Supported ECC curves are:
|
45
|
+
# Crypto::Curves::P256
|
46
|
+
# Crypto::Curves::SECP256K1
|
47
|
+
#
|
48
|
+
# Usage example:
|
49
|
+
# private_key, public_key = FlowClient::Crypto.generate_keys(FlowClient::Crypto::Curves::P256)
|
50
|
+
def self.generate_keys(curve)
|
51
|
+
key = OpenSSL::PKey::EC.new(curve).generate_key
|
52
|
+
[
|
53
|
+
key.private_key.to_s(16).downcase,
|
54
|
+
key.public_key.to_bn.to_s(16).downcase
|
55
|
+
]
|
56
|
+
end
|
32
57
|
end
|
33
58
|
end
|
data/lib/flow_client/version.rb
CHANGED
metadata
CHANGED
@@ -1,43 +1,15 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: flow_client
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.1.
|
4
|
+
version: 0.1.2
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Nico du Plessis
|
8
8
|
autorequire:
|
9
9
|
bindir: exe
|
10
10
|
cert_chain: []
|
11
|
-
date: 2021-08-
|
11
|
+
date: 2021-08-25 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
|
-
- !ruby/object:Gem::Dependency
|
14
|
-
name: digest-sha3
|
15
|
-
requirement: !ruby/object:Gem::Requirement
|
16
|
-
requirements:
|
17
|
-
- - ">="
|
18
|
-
- !ruby/object:Gem::Version
|
19
|
-
version: '0'
|
20
|
-
type: :runtime
|
21
|
-
prerelease: false
|
22
|
-
version_requirements: !ruby/object:Gem::Requirement
|
23
|
-
requirements:
|
24
|
-
- - ">="
|
25
|
-
- !ruby/object:Gem::Version
|
26
|
-
version: '0'
|
27
|
-
- !ruby/object:Gem::Dependency
|
28
|
-
name: ecdsa
|
29
|
-
requirement: !ruby/object:Gem::Requirement
|
30
|
-
requirements:
|
31
|
-
- - ">="
|
32
|
-
- !ruby/object:Gem::Version
|
33
|
-
version: '0'
|
34
|
-
type: :runtime
|
35
|
-
prerelease: false
|
36
|
-
version_requirements: !ruby/object:Gem::Requirement
|
37
|
-
requirements:
|
38
|
-
- - ">="
|
39
|
-
- !ruby/object:Gem::Version
|
40
|
-
version: '0'
|
41
13
|
- !ruby/object:Gem::Dependency
|
42
14
|
name: grpc
|
43
15
|
requirement: !ruby/object:Gem::Requirement
|
@@ -108,20 +80,6 @@ dependencies:
|
|
108
80
|
- - ">="
|
109
81
|
- !ruby/object:Gem::Version
|
110
82
|
version: '0'
|
111
|
-
- !ruby/object:Gem::Dependency
|
112
|
-
name: rspec
|
113
|
-
requirement: !ruby/object:Gem::Requirement
|
114
|
-
requirements:
|
115
|
-
- - ">="
|
116
|
-
- !ruby/object:Gem::Version
|
117
|
-
version: '0'
|
118
|
-
type: :runtime
|
119
|
-
prerelease: false
|
120
|
-
version_requirements: !ruby/object:Gem::Requirement
|
121
|
-
requirements:
|
122
|
-
- - ">="
|
123
|
-
- !ruby/object:Gem::Version
|
124
|
-
version: '0'
|
125
83
|
description: A Ruby client for the Flow blockchain
|
126
84
|
email:
|
127
85
|
- nico@glucode.com
|
@@ -129,6 +87,8 @@ executables: []
|
|
129
87
|
extensions: []
|
130
88
|
extra_rdoc_files: []
|
131
89
|
files:
|
90
|
+
- ".github/workflows/brakeman-analysis.yml"
|
91
|
+
- ".github/workflows/rubocop-analysis.yml"
|
132
92
|
- ".github/workflows/ruby.yml"
|
133
93
|
- ".gitignore"
|
134
94
|
- ".rspec"
|