flow_client 0.1.1 → 0.1.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/.github/workflows/brakeman-analysis.yml +46 -0
- data/.github/workflows/rubocop-analysis.yml +47 -0
- data/Gemfile +1 -4
- data/Gemfile.lock +7 -12
- data/README.md +29 -2
- data/flow_client.gemspec +0 -4
- data/lib/flow_client/crypto.rb +28 -3
- data/lib/flow_client/version.rb +1 -1
- metadata +4 -44
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 3bd686d62caad9fb944665388d7014910df8500b7252f6962e9cd46a9d78a95a
|
4
|
+
data.tar.gz: d2357ad477ce9fa62f60ab0d510849e110aa172b9a2219f5986a5cecfa4992a3
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: d589dbbda843abd41dac7cbfa7b2406bf1bffbbff7ed8bede326c2df5b21da048a35ec390762ccf9638a7ad7b38f527dfe47dd6243c4b601a8047a1106b3a504
|
7
|
+
data.tar.gz: 47824803a2aac66cd2c272a1846ff09e02124187860faab26f2f6508ad9c929cee1acf4f414091793ed14b9156f003e172143f00892e14ccbde8a1c6649b9ab7
|
@@ -0,0 +1,46 @@
|
|
1
|
+
# This workflow integrates Brakeman with GitHub's Code Scanning feature
|
2
|
+
# Brakeman is a static analysis security vulnerability scanner for Ruby on Rails applications
|
3
|
+
|
4
|
+
name: Brakeman Scan
|
5
|
+
|
6
|
+
on:
|
7
|
+
push:
|
8
|
+
branches: [ main ]
|
9
|
+
pull_request:
|
10
|
+
# The branches below must be a subset of the branches above
|
11
|
+
branches: [ main ]
|
12
|
+
schedule:
|
13
|
+
- cron: '44 7 * * 1'
|
14
|
+
|
15
|
+
jobs:
|
16
|
+
brakeman-scan:
|
17
|
+
name: Brakeman Scan
|
18
|
+
runs-on: ubuntu-latest
|
19
|
+
steps:
|
20
|
+
# Checkout the repository to the GitHub Actions runner
|
21
|
+
- name: Checkout
|
22
|
+
uses: actions/checkout@v2
|
23
|
+
|
24
|
+
# Customize the ruby version depending on your needs
|
25
|
+
- name: Setup Ruby
|
26
|
+
uses: actions/setup-ruby@v1
|
27
|
+
with:
|
28
|
+
ruby-version: '2.7'
|
29
|
+
|
30
|
+
- name: Setup Brakeman
|
31
|
+
env:
|
32
|
+
BRAKEMAN_VERSION: '4.10' # SARIF support is provided in Brakeman version 4.10+
|
33
|
+
run: |
|
34
|
+
gem install brakeman --version $BRAKEMAN_VERSION
|
35
|
+
|
36
|
+
# Execute Brakeman CLI and generate a SARIF output with the security issues identified during the analysis
|
37
|
+
- name: Scan
|
38
|
+
continue-on-error: true
|
39
|
+
run: |
|
40
|
+
brakeman -f sarif -o output.sarif.json .
|
41
|
+
|
42
|
+
# Upload the SARIF file generated in the previous step
|
43
|
+
- name: Upload SARIF
|
44
|
+
uses: github/codeql-action/upload-sarif@v1
|
45
|
+
with:
|
46
|
+
sarif_file: output.sarif.json
|
@@ -0,0 +1,47 @@
|
|
1
|
+
# pulled from repo
|
2
|
+
name: "Rubocop"
|
3
|
+
|
4
|
+
on:
|
5
|
+
push:
|
6
|
+
branches: [ main ]
|
7
|
+
pull_request:
|
8
|
+
# The branches below must be a subset of the branches above
|
9
|
+
branches: [ main ]
|
10
|
+
schedule:
|
11
|
+
- cron: '16 3 * * 1'
|
12
|
+
|
13
|
+
jobs:
|
14
|
+
rubocop:
|
15
|
+
runs-on: ubuntu-latest
|
16
|
+
strategy:
|
17
|
+
fail-fast: false
|
18
|
+
|
19
|
+
steps:
|
20
|
+
- name: Checkout repository
|
21
|
+
uses: actions/checkout@v2
|
22
|
+
|
23
|
+
# If running on a self-hosted runner, check it meets the requirements
|
24
|
+
# listed at https://github.com/ruby/setup-ruby#using-self-hosted-runners
|
25
|
+
- name: Set up Ruby
|
26
|
+
uses: ruby/setup-ruby@v1
|
27
|
+
with:
|
28
|
+
ruby-version: 2.6
|
29
|
+
|
30
|
+
# This step is not necessary if you add the gem to your Gemfile
|
31
|
+
- name: Install Code Scanning integration
|
32
|
+
run: bundle add code-scanning-rubocop --version 0.3.0 --skip-install
|
33
|
+
|
34
|
+
- name: Install dependencies
|
35
|
+
run: bundle install
|
36
|
+
|
37
|
+
- name: Rubocop run
|
38
|
+
run: |
|
39
|
+
bash -c "
|
40
|
+
bundle exec rubocop --require code_scanning --format CodeScanning::SarifFormatter -o rubocop.sarif
|
41
|
+
[[ $? -ne 2 ]]
|
42
|
+
"
|
43
|
+
|
44
|
+
- name: Upload Sarif output
|
45
|
+
uses: github/codeql-action/upload-sarif@v1
|
46
|
+
with:
|
47
|
+
sarif_file: rubocop.sarif
|
data/Gemfile
CHANGED
data/Gemfile.lock
CHANGED
@@ -1,15 +1,12 @@
|
|
1
1
|
PATH
|
2
2
|
remote: .
|
3
3
|
specs:
|
4
|
-
flow_client (0.1.
|
5
|
-
digest-sha3
|
6
|
-
ecdsa
|
4
|
+
flow_client (0.1.2)
|
7
5
|
grpc
|
8
6
|
grpc-tools
|
9
7
|
json
|
10
8
|
openssl
|
11
9
|
rlp
|
12
|
-
rspec
|
13
10
|
|
14
11
|
GEM
|
15
12
|
remote: https://rubygems.org/
|
@@ -17,8 +14,6 @@ GEM
|
|
17
14
|
ast (2.4.2)
|
18
15
|
coderay (1.1.3)
|
19
16
|
diff-lcs (1.4.4)
|
20
|
-
digest-sha3 (1.0.2)
|
21
|
-
ecdsa (1.2.0)
|
22
17
|
ffi (1.15.3)
|
23
18
|
formatador (0.3.0)
|
24
19
|
google-protobuf (3.17.3-universal-darwin)
|
@@ -28,13 +23,13 @@ GEM
|
|
28
23
|
google-protobuf (~> 3.15)
|
29
24
|
googleapis-common-protos-types (~> 1.0)
|
30
25
|
grpc-tools (1.38.0)
|
31
|
-
guard (2.
|
26
|
+
guard (2.18.0)
|
32
27
|
formatador (>= 0.2.4)
|
33
28
|
listen (>= 2.7, < 4.0)
|
34
29
|
lumberjack (>= 1.0.12, < 2.0)
|
35
30
|
nenv (~> 0.1)
|
36
31
|
notiffany (~> 0.0)
|
37
|
-
pry (>= 0.
|
32
|
+
pry (>= 0.13.0)
|
38
33
|
shellany (~> 0.0)
|
39
34
|
thor (>= 0.18.1)
|
40
35
|
guard-compat (1.2.1)
|
@@ -43,7 +38,7 @@ GEM
|
|
43
38
|
guard-compat (~> 1.1)
|
44
39
|
rspec (>= 2.99.0, < 4.0)
|
45
40
|
json (2.5.1)
|
46
|
-
listen (3.
|
41
|
+
listen (3.7.0)
|
47
42
|
rb-fsevent (~> 0.10, >= 0.10.3)
|
48
43
|
rb-inotify (~> 0.9, >= 0.9.10)
|
49
44
|
lumberjack (1.2.8)
|
@@ -80,16 +75,16 @@ GEM
|
|
80
75
|
diff-lcs (>= 1.2.0, < 2.0)
|
81
76
|
rspec-support (~> 3.10.0)
|
82
77
|
rspec-support (3.10.2)
|
83
|
-
rubocop (1.
|
78
|
+
rubocop (1.19.1)
|
84
79
|
parallel (~> 1.10)
|
85
80
|
parser (>= 3.0.0.0)
|
86
81
|
rainbow (>= 2.2.2, < 4.0)
|
87
82
|
regexp_parser (>= 1.8, < 3.0)
|
88
83
|
rexml
|
89
|
-
rubocop-ast (>= 1.
|
84
|
+
rubocop-ast (>= 1.9.1, < 2.0)
|
90
85
|
ruby-progressbar (~> 1.7)
|
91
86
|
unicode-display_width (>= 1.4.0, < 3.0)
|
92
|
-
rubocop-ast (1.
|
87
|
+
rubocop-ast (1.10.0)
|
93
88
|
parser (>= 3.0.1.1)
|
94
89
|
ruby-progressbar (1.11.0)
|
95
90
|
shellany (0.0.1)
|
data/README.md
CHANGED
@@ -1,3 +1,5 @@
|
|
1
|
+
[](https://badge.fury.io/rb/flow_client)
|
2
|
+
|
1
3
|
# FlowClient
|
2
4
|
|
3
5
|
FlowClient is a Ruby gRPC client for Flow (onflow.org)
|
@@ -13,7 +15,7 @@ FlowClient is a Ruby gRPC client for Flow (onflow.org)
|
|
13
15
|
- [x] Get a transaction
|
14
16
|
- [x] Single account signing
|
15
17
|
- [ ] Multi account signing
|
16
|
-
- [
|
18
|
+
- [x] secp256k1 keys
|
17
19
|
- [x] prime256v1 keys
|
18
20
|
|
19
21
|
### Flow Data
|
@@ -43,16 +45,24 @@ Or install it yourself as:
|
|
43
45
|
client = FlowClient::Client.new("access.devnet.nodes.onflow.org:9000")
|
44
46
|
res = client.ping
|
45
47
|
```
|
48
|
+
### Accounts
|
49
|
+
|
50
|
+
```ruby
|
51
|
+
# get_account(account_address)
|
52
|
+
res = client.get_account("0xAlice")
|
53
|
+
```
|
54
|
+
|
46
55
|
### Events
|
47
56
|
|
48
57
|
```ruby
|
49
|
-
get_events(type, start_height, end_height)
|
58
|
+
# get_events(type, start_height, end_height)
|
50
59
|
res = client.get_events("A.0b2a3299cc857e29.TopShot.Deposit", 12913388, 12913389)
|
51
60
|
```
|
52
61
|
|
53
62
|
### Scripts
|
54
63
|
|
55
64
|
```ruby
|
65
|
+
# execute_script(cadence_string, args_array)
|
56
66
|
args = [{ type: "Address", value: "0xAlice" }.to_json]
|
57
67
|
# Execute a Cadence script
|
58
68
|
res = client.execute_script(script, args)
|
@@ -61,6 +71,15 @@ res = client.execute_script(script, args)
|
|
61
71
|
### Transactions
|
62
72
|
|
63
73
|
```ruby
|
74
|
+
# Construct a key - left pad with 0x04 to indicate it is uncompressed
|
75
|
+
# as per https://datatracker.ietf.org/doc/html/rfc5480. You can generate keys
|
76
|
+
# using the Flow CLI command `flow keys generate`
|
77
|
+
key = FlowClient::Crypto.key_from_hex_keys(
|
78
|
+
"<priv key hex>",
|
79
|
+
"04<public key hex>"
|
80
|
+
)
|
81
|
+
|
82
|
+
# Send a transaction with a single signer, proposer and authorizer
|
64
83
|
transaction = FlowClient::Transaction.new
|
65
84
|
transaction.script = cadence
|
66
85
|
transaction.reference_block_id = ref_block_id
|
@@ -74,6 +93,14 @@ transaction.payer_address = "0xAlice"
|
|
74
93
|
transaction.authorizer_addresses = ["0xAlice"]
|
75
94
|
transaction.add_envelope_signature("0xAlice", 0, key)
|
76
95
|
res = client.send_transaction(transaction)
|
96
|
+
|
97
|
+
# Get a transaction
|
98
|
+
# get_transaction(transaction_id)
|
99
|
+
client.get_transaction(res.id.unpack("H*"))
|
100
|
+
|
101
|
+
# Get a transaction result
|
102
|
+
# get_transaction_result(transaction_id)
|
103
|
+
client.get_transaction_result(res.id.unpack("H*"))
|
77
104
|
```
|
78
105
|
|
79
106
|
### Address Alias Resolution
|
data/flow_client.gemspec
CHANGED
@@ -7,7 +7,6 @@ Gem::Specification.new do |spec|
|
|
7
7
|
spec.version = FlowClient::VERSION
|
8
8
|
spec.authors = ["Nico du Plessis"]
|
9
9
|
spec.email = ["nico@glucode.com"]
|
10
|
-
|
11
10
|
spec.summary = "A Ruby client for the Flow blockchain"
|
12
11
|
spec.description = "A Ruby client for the Flow blockchain"
|
13
12
|
spec.homepage = "https://github.com/glucode/flow_client"
|
@@ -30,14 +29,11 @@ Gem::Specification.new do |spec|
|
|
30
29
|
spec.require_paths = ["lib"]
|
31
30
|
|
32
31
|
# Uncomment to register a new dependency of your gem
|
33
|
-
spec.add_dependency "digest-sha3"
|
34
|
-
spec.add_dependency "ecdsa"
|
35
32
|
spec.add_dependency "grpc"
|
36
33
|
spec.add_dependency "grpc-tools"
|
37
34
|
spec.add_dependency "json"
|
38
35
|
spec.add_dependency "openssl"
|
39
36
|
spec.add_dependency "rlp"
|
40
|
-
spec.add_dependency "rspec"
|
41
37
|
|
42
38
|
# For more information and examples about making a new gem, checkout our
|
43
39
|
# guide at: https://bundler.io/guides/creating_gem.html
|
data/lib/flow_client/crypto.rb
CHANGED
@@ -3,7 +3,14 @@
|
|
3
3
|
require "openssl"
|
4
4
|
|
5
5
|
module FlowClient
|
6
|
+
# Crypto helpers
|
6
7
|
class Crypto
|
8
|
+
module Curves
|
9
|
+
P256 = "prime256v1"
|
10
|
+
SECP256K1 = "secp256k1"
|
11
|
+
end
|
12
|
+
|
13
|
+
# Sign data using the provided key
|
7
14
|
def self.sign(data, key)
|
8
15
|
digest = OpenSSL::Digest.digest("SHA3-256", data)
|
9
16
|
asn = key.dsa_sign_asn1(digest)
|
@@ -14,20 +21,38 @@ module FlowClient
|
|
14
21
|
combined_bytes.pack("C*")
|
15
22
|
end
|
16
23
|
|
17
|
-
#
|
24
|
+
# Constructs an OpenSSL::PKey::EC key from an octet string
|
25
|
+
# keypair.
|
26
|
+
#
|
18
27
|
# secp256k1
|
19
28
|
# prime256v1
|
20
|
-
def self.key_from_hex_keys(private_hex, public_hex)
|
29
|
+
def self.key_from_hex_keys(private_hex, public_hex, algo = Curves::P256)
|
21
30
|
asn1 = OpenSSL::ASN1::Sequence(
|
22
31
|
[
|
23
32
|
OpenSSL::ASN1::Integer(1),
|
24
33
|
OpenSSL::ASN1::OctetString([private_hex].pack("H*")),
|
25
|
-
OpenSSL::ASN1::ObjectId(
|
34
|
+
OpenSSL::ASN1::ObjectId(algo, 0, :EXPLICIT),
|
26
35
|
OpenSSL::ASN1::BitString([public_hex].pack("H*"), 1, :EXPLICIT)
|
27
36
|
]
|
28
37
|
)
|
29
38
|
|
30
39
|
OpenSSL::PKey::EC.new(asn1.to_der)
|
31
40
|
end
|
41
|
+
|
42
|
+
# Returns an octet string keypair.
|
43
|
+
#
|
44
|
+
# Supported ECC curves are:
|
45
|
+
# Crypto::Curves::P256
|
46
|
+
# Crypto::Curves::SECP256K1
|
47
|
+
#
|
48
|
+
# Usage example:
|
49
|
+
# private_key, public_key = FlowClient::Crypto.generate_keys(FlowClient::Crypto::Curves::P256)
|
50
|
+
def self.generate_keys(curve)
|
51
|
+
key = OpenSSL::PKey::EC.new(curve).generate_key
|
52
|
+
[
|
53
|
+
key.private_key.to_s(16).downcase,
|
54
|
+
key.public_key.to_bn.to_s(16).downcase
|
55
|
+
]
|
56
|
+
end
|
32
57
|
end
|
33
58
|
end
|
data/lib/flow_client/version.rb
CHANGED
metadata
CHANGED
@@ -1,43 +1,15 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: flow_client
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.1.
|
4
|
+
version: 0.1.2
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Nico du Plessis
|
8
8
|
autorequire:
|
9
9
|
bindir: exe
|
10
10
|
cert_chain: []
|
11
|
-
date: 2021-08-
|
11
|
+
date: 2021-08-25 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
|
-
- !ruby/object:Gem::Dependency
|
14
|
-
name: digest-sha3
|
15
|
-
requirement: !ruby/object:Gem::Requirement
|
16
|
-
requirements:
|
17
|
-
- - ">="
|
18
|
-
- !ruby/object:Gem::Version
|
19
|
-
version: '0'
|
20
|
-
type: :runtime
|
21
|
-
prerelease: false
|
22
|
-
version_requirements: !ruby/object:Gem::Requirement
|
23
|
-
requirements:
|
24
|
-
- - ">="
|
25
|
-
- !ruby/object:Gem::Version
|
26
|
-
version: '0'
|
27
|
-
- !ruby/object:Gem::Dependency
|
28
|
-
name: ecdsa
|
29
|
-
requirement: !ruby/object:Gem::Requirement
|
30
|
-
requirements:
|
31
|
-
- - ">="
|
32
|
-
- !ruby/object:Gem::Version
|
33
|
-
version: '0'
|
34
|
-
type: :runtime
|
35
|
-
prerelease: false
|
36
|
-
version_requirements: !ruby/object:Gem::Requirement
|
37
|
-
requirements:
|
38
|
-
- - ">="
|
39
|
-
- !ruby/object:Gem::Version
|
40
|
-
version: '0'
|
41
13
|
- !ruby/object:Gem::Dependency
|
42
14
|
name: grpc
|
43
15
|
requirement: !ruby/object:Gem::Requirement
|
@@ -108,20 +80,6 @@ dependencies:
|
|
108
80
|
- - ">="
|
109
81
|
- !ruby/object:Gem::Version
|
110
82
|
version: '0'
|
111
|
-
- !ruby/object:Gem::Dependency
|
112
|
-
name: rspec
|
113
|
-
requirement: !ruby/object:Gem::Requirement
|
114
|
-
requirements:
|
115
|
-
- - ">="
|
116
|
-
- !ruby/object:Gem::Version
|
117
|
-
version: '0'
|
118
|
-
type: :runtime
|
119
|
-
prerelease: false
|
120
|
-
version_requirements: !ruby/object:Gem::Requirement
|
121
|
-
requirements:
|
122
|
-
- - ">="
|
123
|
-
- !ruby/object:Gem::Version
|
124
|
-
version: '0'
|
125
83
|
description: A Ruby client for the Flow blockchain
|
126
84
|
email:
|
127
85
|
- nico@glucode.com
|
@@ -129,6 +87,8 @@ executables: []
|
|
129
87
|
extensions: []
|
130
88
|
extra_rdoc_files: []
|
131
89
|
files:
|
90
|
+
- ".github/workflows/brakeman-analysis.yml"
|
91
|
+
- ".github/workflows/rubocop-analysis.yml"
|
132
92
|
- ".github/workflows/ruby.yml"
|
133
93
|
- ".gitignore"
|
134
94
|
- ".rspec"
|