global_session 3.0.4 → 3.0.5
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- data/README.rdoc +6 -1
- data/VERSION +1 -1
- data/global_session.gemspec +14 -14
- data/lib/global_session.rb +1 -0
- data/lib/global_session/session.rb +3 -1
- data/lib/global_session/session/v3.rb +25 -2
- metadata +43 -45
data/README.rdoc
CHANGED
|
@@ -9,7 +9,12 @@ In other words: it glues your semi-related Web apps together so they share the
|
|
|
9
9
|
same bits of session state. This is done by putting the session itself into
|
|
10
10
|
cookies.
|
|
11
11
|
|
|
12
|
-
Maintained by
|
|
12
|
+
Maintained by
|
|
13
|
+
- [Sapphire Team](https://wookiee.rightscale.com/display/rightscale/Meet+the+Sapphire+Team)
|
|
14
|
+
|
|
15
|
+
Merge to master whitelist
|
|
16
|
+
- @tony-spataro-rs
|
|
17
|
+
- @ryanwilliamson
|
|
13
18
|
|
|
14
19
|
== What Is It Not?
|
|
15
20
|
|
data/VERSION
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
3.0.
|
|
1
|
+
3.0.5
|
data/global_session.gemspec
CHANGED
|
@@ -2,16 +2,18 @@
|
|
|
2
2
|
# DO NOT EDIT THIS FILE DIRECTLY
|
|
3
3
|
# Instead, edit Jeweler::Tasks in Rakefile, and run 'rake gemspec'
|
|
4
4
|
# -*- encoding: utf-8 -*-
|
|
5
|
+
# stub: global_session 3.0.5 ruby lib
|
|
5
6
|
|
|
6
7
|
Gem::Specification.new do |s|
|
|
7
|
-
s.name =
|
|
8
|
-
s.version = "3.0.
|
|
8
|
+
s.name = "global_session"
|
|
9
|
+
s.version = "3.0.5"
|
|
9
10
|
|
|
10
11
|
s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
|
|
12
|
+
s.require_paths = ["lib"]
|
|
11
13
|
s.authors = ["Tony Spataro"]
|
|
12
|
-
s.date =
|
|
13
|
-
s.description =
|
|
14
|
-
s.email =
|
|
14
|
+
s.date = "2014-11-12"
|
|
15
|
+
s.description = "This Rack middleware allows several web apps in an authentication domain to share session state, facilitating single sign-on in a distributed web app. It only provides session sharing and does not concern itself with authentication or replication of the user database."
|
|
16
|
+
s.email = "support@rightscale.com"
|
|
15
17
|
s.extra_rdoc_files = [
|
|
16
18
|
"LICENSE",
|
|
17
19
|
"README.rdoc"
|
|
@@ -44,20 +46,18 @@ Gem::Specification.new do |s|
|
|
|
44
46
|
"rails_generators/global_session_authority/USAGE",
|
|
45
47
|
"rails_generators/global_session_authority/global_session_authority_generator.rb"
|
|
46
48
|
]
|
|
47
|
-
s.homepage =
|
|
49
|
+
s.homepage = "https://github.com/rightscale/global_session"
|
|
48
50
|
s.licenses = ["MIT"]
|
|
49
|
-
s.
|
|
50
|
-
s.
|
|
51
|
-
s.summary = %q{Secure single-domain session sharing plugin for Rack and Rails.}
|
|
51
|
+
s.rubygems_version = "2.2.0"
|
|
52
|
+
s.summary = "Secure single-domain session sharing plugin for Rack and Rails."
|
|
52
53
|
|
|
53
54
|
if s.respond_to? :specification_version then
|
|
54
|
-
|
|
55
|
-
s.specification_version = 3
|
|
55
|
+
s.specification_version = 4
|
|
56
56
|
|
|
57
57
|
if Gem::Version.new(Gem::VERSION) >= Gem::Version.new('1.2.0') then
|
|
58
58
|
s.add_runtime_dependency(%q<json>, ["~> 1.4"])
|
|
59
59
|
s.add_runtime_dependency(%q<rack-contrib>, ["~> 1.0"])
|
|
60
|
-
s.add_runtime_dependency(%q<right_support>, ["
|
|
60
|
+
s.add_runtime_dependency(%q<right_support>, ["< 3.0", ">= 2.8.2"])
|
|
61
61
|
s.add_runtime_dependency(%q<simple_uuid>, [">= 0.2.0"])
|
|
62
62
|
s.add_development_dependency(%q<cucumber>, ["~> 1.0"])
|
|
63
63
|
s.add_development_dependency(%q<debugger>, ["~> 1.5"])
|
|
@@ -72,7 +72,7 @@ Gem::Specification.new do |s|
|
|
|
72
72
|
else
|
|
73
73
|
s.add_dependency(%q<json>, ["~> 1.4"])
|
|
74
74
|
s.add_dependency(%q<rack-contrib>, ["~> 1.0"])
|
|
75
|
-
s.add_dependency(%q<right_support>, ["
|
|
75
|
+
s.add_dependency(%q<right_support>, ["< 3.0", ">= 2.8.2"])
|
|
76
76
|
s.add_dependency(%q<simple_uuid>, [">= 0.2.0"])
|
|
77
77
|
s.add_dependency(%q<cucumber>, ["~> 1.0"])
|
|
78
78
|
s.add_dependency(%q<debugger>, ["~> 1.5"])
|
|
@@ -88,7 +88,7 @@ Gem::Specification.new do |s|
|
|
|
88
88
|
else
|
|
89
89
|
s.add_dependency(%q<json>, ["~> 1.4"])
|
|
90
90
|
s.add_dependency(%q<rack-contrib>, ["~> 1.0"])
|
|
91
|
-
s.add_dependency(%q<right_support>, ["
|
|
91
|
+
s.add_dependency(%q<right_support>, ["< 3.0", ">= 2.8.2"])
|
|
92
92
|
s.add_dependency(%q<simple_uuid>, [">= 0.2.0"])
|
|
93
93
|
s.add_dependency(%q<cucumber>, ["~> 1.0"])
|
|
94
94
|
s.add_dependency(%q<debugger>, ["~> 1.5"])
|
data/lib/global_session.rb
CHANGED
|
@@ -25,11 +25,13 @@ require 'global_session/session/v3'
|
|
|
25
25
|
# by the different versions; it is responsible for detecting the version of
|
|
26
26
|
# a given cookie, then instantiating a suitable session object.
|
|
27
27
|
module GlobalSession::Session
|
|
28
|
-
# Decode a global session cookie without
|
|
28
|
+
# Decode a global session cookie without checking signature or expiration. Good for debugging.
|
|
29
29
|
def self.decode_cookie(cookie)
|
|
30
30
|
guess_version(cookie).decode_cookie(cookie)
|
|
31
31
|
end
|
|
32
32
|
|
|
33
|
+
# Decode a global session cookie. Use a heuristic to determine the version.
|
|
34
|
+
# @raise [GlobalSession::MalformedCookie] if the cookie is not a valid serialized global session
|
|
33
35
|
def self.new(directory, cookie=nil, valid_signature_digest=nil)
|
|
34
36
|
guess_version(cookie).new(directory, cookie)
|
|
35
37
|
end
|
|
@@ -112,14 +112,19 @@ module GlobalSession::Session
|
|
|
112
112
|
# secure attributes have changed since the session was instantiated, compute
|
|
113
113
|
# a fresh RSA signature.
|
|
114
114
|
#
|
|
115
|
-
#
|
|
116
|
-
#
|
|
115
|
+
# @return [String] a B64cookie-encoded JSON-serialized global session
|
|
116
|
+
# @raise [GlobalSession::UnserializableType] if the attributes hash contains
|
|
117
117
|
def to_s
|
|
118
118
|
if @cookie && !@dirty_insecure && !@dirty_secure
|
|
119
119
|
#use cached cookie if nothing has changed
|
|
120
120
|
return @cookie
|
|
121
121
|
end
|
|
122
122
|
|
|
123
|
+
unless serializable?(@signed) && serializable?(@insecure)
|
|
124
|
+
raise GlobalSession::UnserializableType,
|
|
125
|
+
"Attributes hash contains non-String keys, cannot be cleanly marshalled"
|
|
126
|
+
end
|
|
127
|
+
|
|
123
128
|
hash = {'v' => 3,
|
|
124
129
|
'id' => @id, 'a' => @authority,
|
|
125
130
|
'tc' => @created_at.to_i, 'te' => @expired_at.to_i,
|
|
@@ -369,5 +374,23 @@ module GlobalSession::Session
|
|
|
369
374
|
'dx' => array[6],
|
|
370
375
|
}
|
|
371
376
|
end
|
|
377
|
+
|
|
378
|
+
# Determine whether an object can be cleanly round-tripped to JSON
|
|
379
|
+
# @param [Object] obj
|
|
380
|
+
# @return [Boolean]
|
|
381
|
+
def serializable?(obj)
|
|
382
|
+
case obj
|
|
383
|
+
when Numeric, String, TrueClass, FalseClass, NilClass, Symbol
|
|
384
|
+
true
|
|
385
|
+
when Array
|
|
386
|
+
obj.each { |e| serializable?(e) }
|
|
387
|
+
when Hash
|
|
388
|
+
obj.all? do |k, v|
|
|
389
|
+
k.is_a?(String) && serializable?(v)
|
|
390
|
+
end
|
|
391
|
+
else
|
|
392
|
+
false
|
|
393
|
+
end
|
|
394
|
+
end
|
|
372
395
|
end
|
|
373
396
|
end
|
metadata
CHANGED
|
@@ -1,13 +1,13 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: global_session
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
hash:
|
|
5
|
-
prerelease:
|
|
4
|
+
hash: 13
|
|
5
|
+
prerelease:
|
|
6
6
|
segments:
|
|
7
7
|
- 3
|
|
8
8
|
- 0
|
|
9
|
-
-
|
|
10
|
-
version: 3.0.
|
|
9
|
+
- 5
|
|
10
|
+
version: 3.0.5
|
|
11
11
|
platform: ruby
|
|
12
12
|
authors:
|
|
13
13
|
- Tony Spataro
|
|
@@ -15,10 +15,12 @@ autorequire:
|
|
|
15
15
|
bindir: bin
|
|
16
16
|
cert_chain: []
|
|
17
17
|
|
|
18
|
-
date: 2014-
|
|
19
|
-
default_executable:
|
|
18
|
+
date: 2014-11-12 00:00:00 Z
|
|
20
19
|
dependencies:
|
|
21
20
|
- !ruby/object:Gem::Dependency
|
|
21
|
+
prerelease: false
|
|
22
|
+
name: json
|
|
23
|
+
type: :runtime
|
|
22
24
|
version_requirements: &id001 !ruby/object:Gem::Requirement
|
|
23
25
|
none: false
|
|
24
26
|
requirements:
|
|
@@ -29,11 +31,11 @@ dependencies:
|
|
|
29
31
|
- 1
|
|
30
32
|
- 4
|
|
31
33
|
version: "1.4"
|
|
32
|
-
name: json
|
|
33
34
|
requirement: *id001
|
|
35
|
+
- !ruby/object:Gem::Dependency
|
|
34
36
|
prerelease: false
|
|
37
|
+
name: rack-contrib
|
|
35
38
|
type: :runtime
|
|
36
|
-
- !ruby/object:Gem::Dependency
|
|
37
39
|
version_requirements: &id002 !ruby/object:Gem::Requirement
|
|
38
40
|
none: false
|
|
39
41
|
requirements:
|
|
@@ -44,14 +46,21 @@ dependencies:
|
|
|
44
46
|
- 1
|
|
45
47
|
- 0
|
|
46
48
|
version: "1.0"
|
|
47
|
-
name: rack-contrib
|
|
48
49
|
requirement: *id002
|
|
50
|
+
- !ruby/object:Gem::Dependency
|
|
49
51
|
prerelease: false
|
|
52
|
+
name: right_support
|
|
50
53
|
type: :runtime
|
|
51
|
-
- !ruby/object:Gem::Dependency
|
|
52
54
|
version_requirements: &id003 !ruby/object:Gem::Requirement
|
|
53
55
|
none: false
|
|
54
56
|
requirements:
|
|
57
|
+
- - <
|
|
58
|
+
- !ruby/object:Gem::Version
|
|
59
|
+
hash: 7
|
|
60
|
+
segments:
|
|
61
|
+
- 3
|
|
62
|
+
- 0
|
|
63
|
+
version: "3.0"
|
|
55
64
|
- - ">="
|
|
56
65
|
- !ruby/object:Gem::Version
|
|
57
66
|
hash: 43
|
|
@@ -60,18 +69,11 @@ dependencies:
|
|
|
60
69
|
- 8
|
|
61
70
|
- 2
|
|
62
71
|
version: 2.8.2
|
|
63
|
-
- - <
|
|
64
|
-
- !ruby/object:Gem::Version
|
|
65
|
-
hash: 7
|
|
66
|
-
segments:
|
|
67
|
-
- 3
|
|
68
|
-
- 0
|
|
69
|
-
version: "3.0"
|
|
70
|
-
name: right_support
|
|
71
72
|
requirement: *id003
|
|
73
|
+
- !ruby/object:Gem::Dependency
|
|
72
74
|
prerelease: false
|
|
75
|
+
name: simple_uuid
|
|
73
76
|
type: :runtime
|
|
74
|
-
- !ruby/object:Gem::Dependency
|
|
75
77
|
version_requirements: &id004 !ruby/object:Gem::Requirement
|
|
76
78
|
none: false
|
|
77
79
|
requirements:
|
|
@@ -83,11 +85,11 @@ dependencies:
|
|
|
83
85
|
- 2
|
|
84
86
|
- 0
|
|
85
87
|
version: 0.2.0
|
|
86
|
-
name: simple_uuid
|
|
87
88
|
requirement: *id004
|
|
88
|
-
prerelease: false
|
|
89
|
-
type: :runtime
|
|
90
89
|
- !ruby/object:Gem::Dependency
|
|
90
|
+
prerelease: false
|
|
91
|
+
name: cucumber
|
|
92
|
+
type: :development
|
|
91
93
|
version_requirements: &id005 !ruby/object:Gem::Requirement
|
|
92
94
|
none: false
|
|
93
95
|
requirements:
|
|
@@ -98,11 +100,11 @@ dependencies:
|
|
|
98
100
|
- 1
|
|
99
101
|
- 0
|
|
100
102
|
version: "1.0"
|
|
101
|
-
name: cucumber
|
|
102
103
|
requirement: *id005
|
|
104
|
+
- !ruby/object:Gem::Dependency
|
|
103
105
|
prerelease: false
|
|
106
|
+
name: debugger
|
|
104
107
|
type: :development
|
|
105
|
-
- !ruby/object:Gem::Dependency
|
|
106
108
|
version_requirements: &id006 !ruby/object:Gem::Requirement
|
|
107
109
|
none: false
|
|
108
110
|
requirements:
|
|
@@ -113,11 +115,11 @@ dependencies:
|
|
|
113
115
|
- 1
|
|
114
116
|
- 5
|
|
115
117
|
version: "1.5"
|
|
116
|
-
name: debugger
|
|
117
118
|
requirement: *id006
|
|
119
|
+
- !ruby/object:Gem::Dependency
|
|
118
120
|
prerelease: false
|
|
121
|
+
name: flexmock
|
|
119
122
|
type: :development
|
|
120
|
-
- !ruby/object:Gem::Dependency
|
|
121
123
|
version_requirements: &id007 !ruby/object:Gem::Requirement
|
|
122
124
|
none: false
|
|
123
125
|
requirements:
|
|
@@ -128,11 +130,11 @@ dependencies:
|
|
|
128
130
|
- 0
|
|
129
131
|
- 8
|
|
130
132
|
version: "0.8"
|
|
131
|
-
name: flexmock
|
|
132
133
|
requirement: *id007
|
|
134
|
+
- !ruby/object:Gem::Dependency
|
|
133
135
|
prerelease: false
|
|
136
|
+
name: httpclient
|
|
134
137
|
type: :development
|
|
135
|
-
- !ruby/object:Gem::Dependency
|
|
136
138
|
version_requirements: &id008 !ruby/object:Gem::Requirement
|
|
137
139
|
none: false
|
|
138
140
|
requirements:
|
|
@@ -142,11 +144,11 @@ dependencies:
|
|
|
142
144
|
segments:
|
|
143
145
|
- 0
|
|
144
146
|
version: "0"
|
|
145
|
-
name: httpclient
|
|
146
147
|
requirement: *id008
|
|
148
|
+
- !ruby/object:Gem::Dependency
|
|
147
149
|
prerelease: false
|
|
150
|
+
name: jeweler
|
|
148
151
|
type: :development
|
|
149
|
-
- !ruby/object:Gem::Dependency
|
|
150
152
|
version_requirements: &id009 !ruby/object:Gem::Requirement
|
|
151
153
|
none: false
|
|
152
154
|
requirements:
|
|
@@ -158,11 +160,11 @@ dependencies:
|
|
|
158
160
|
- 8
|
|
159
161
|
- 3
|
|
160
162
|
version: 1.8.3
|
|
161
|
-
name: jeweler
|
|
162
163
|
requirement: *id009
|
|
164
|
+
- !ruby/object:Gem::Dependency
|
|
163
165
|
prerelease: false
|
|
166
|
+
name: msgpack
|
|
164
167
|
type: :development
|
|
165
|
-
- !ruby/object:Gem::Dependency
|
|
166
168
|
version_requirements: &id010 !ruby/object:Gem::Requirement
|
|
167
169
|
none: false
|
|
168
170
|
requirements:
|
|
@@ -173,11 +175,11 @@ dependencies:
|
|
|
173
175
|
- 0
|
|
174
176
|
- 4
|
|
175
177
|
version: "0.4"
|
|
176
|
-
name: msgpack
|
|
177
178
|
requirement: *id010
|
|
179
|
+
- !ruby/object:Gem::Dependency
|
|
178
180
|
prerelease: false
|
|
181
|
+
name: rake
|
|
179
182
|
type: :development
|
|
180
|
-
- !ruby/object:Gem::Dependency
|
|
181
183
|
version_requirements: &id011 !ruby/object:Gem::Requirement
|
|
182
184
|
none: false
|
|
183
185
|
requirements:
|
|
@@ -188,11 +190,11 @@ dependencies:
|
|
|
188
190
|
- 0
|
|
189
191
|
- 8
|
|
190
192
|
version: "0.8"
|
|
191
|
-
name: rake
|
|
192
193
|
requirement: *id011
|
|
194
|
+
- !ruby/object:Gem::Dependency
|
|
193
195
|
prerelease: false
|
|
196
|
+
name: right_develop
|
|
194
197
|
type: :development
|
|
195
|
-
- !ruby/object:Gem::Dependency
|
|
196
198
|
version_requirements: &id012 !ruby/object:Gem::Requirement
|
|
197
199
|
none: false
|
|
198
200
|
requirements:
|
|
@@ -203,11 +205,11 @@ dependencies:
|
|
|
203
205
|
- 1
|
|
204
206
|
- 2
|
|
205
207
|
version: "1.2"
|
|
206
|
-
name: right_develop
|
|
207
208
|
requirement: *id012
|
|
209
|
+
- !ruby/object:Gem::Dependency
|
|
208
210
|
prerelease: false
|
|
211
|
+
name: rspec
|
|
209
212
|
type: :development
|
|
210
|
-
- !ruby/object:Gem::Dependency
|
|
211
213
|
version_requirements: &id013 !ruby/object:Gem::Requirement
|
|
212
214
|
none: false
|
|
213
215
|
requirements:
|
|
@@ -218,11 +220,11 @@ dependencies:
|
|
|
218
220
|
- 1
|
|
219
221
|
- 3
|
|
220
222
|
version: "1.3"
|
|
221
|
-
name: rspec
|
|
222
223
|
requirement: *id013
|
|
224
|
+
- !ruby/object:Gem::Dependency
|
|
223
225
|
prerelease: false
|
|
226
|
+
name: ruby-debug
|
|
224
227
|
type: :development
|
|
225
|
-
- !ruby/object:Gem::Dependency
|
|
226
228
|
version_requirements: &id014 !ruby/object:Gem::Requirement
|
|
227
229
|
none: false
|
|
228
230
|
requirements:
|
|
@@ -233,10 +235,7 @@ dependencies:
|
|
|
233
235
|
- 0
|
|
234
236
|
- 10
|
|
235
237
|
version: "0.10"
|
|
236
|
-
name: ruby-debug
|
|
237
238
|
requirement: *id014
|
|
238
|
-
prerelease: false
|
|
239
|
-
type: :development
|
|
240
239
|
description: This Rack middleware allows several web apps in an authentication domain to share session state, facilitating single sign-on in a distributed web app. It only provides session sharing and does not concern itself with authentication or replication of the user database.
|
|
241
240
|
email: support@rightscale.com
|
|
242
241
|
executables: []
|
|
@@ -273,7 +272,6 @@ files:
|
|
|
273
272
|
- rails_generators/global_session/templates/global_session.yml.erb
|
|
274
273
|
- rails_generators/global_session_authority/USAGE
|
|
275
274
|
- rails_generators/global_session_authority/global_session_authority_generator.rb
|
|
276
|
-
has_rdoc: true
|
|
277
275
|
homepage: https://github.com/rightscale/global_session
|
|
278
276
|
licenses:
|
|
279
277
|
- MIT
|
|
@@ -303,7 +301,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
303
301
|
requirements: []
|
|
304
302
|
|
|
305
303
|
rubyforge_project:
|
|
306
|
-
rubygems_version: 1.
|
|
304
|
+
rubygems_version: 1.8.15
|
|
307
305
|
signing_key:
|
|
308
306
|
specification_version: 3
|
|
309
307
|
summary: Secure single-domain session sharing plugin for Rack and Rails.
|