glogin 0.2 → 0.2.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/README.md +7 -7
- data/lib/glogin/cookie.rb +13 -11
- data/lib/glogin/version.rb +1 -1
- data/test/glogin/test_cookie.rb +8 -0
- metadata +1 -1
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 39525c79b9353af1f2baa96306fd38ee13d73796
|
4
|
+
data.tar.gz: 3ae939f552d4ab34bb6b26de01b23b9944ac773d
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: ecbacab1006d2c2cab12dce480cc7a6e2948c0d3977b7ab8570c5deafc939f822885a17c584bcbb65341e1d45e5bb1f623c69a4f62ebabc78e39b1d4badb7506
|
7
|
+
data.tar.gz: b9a115d1c87718cece3763ededbe430ac7b6dcf5f52ec8b12242ae40cf0e6081a2a8fa474678e4685f615c08bbbd9b89b67404ebed1048c7c3093b061d8f75eb
|
data/README.md
CHANGED
@@ -23,11 +23,11 @@ First, somewhere in the global space, before the app starts:
|
|
23
23
|
require 'glogin'
|
24
24
|
configure do
|
25
25
|
set :glogin, GLogin::Auth.new(
|
26
|
-
|
27
|
-
|
26
|
+
# Make sure their values are coming from a secure
|
27
|
+
# place and are not visible in the source code:
|
28
28
|
client_id, client_secret,
|
29
|
-
|
30
|
-
|
29
|
+
# This is what you will register in GitHub as an
|
30
|
+
# authorization callback URL:
|
31
31
|
'http://www.example.com/github-callback'
|
32
32
|
)
|
33
33
|
end
|
@@ -43,8 +43,8 @@ before '/*' do
|
|
43
43
|
begin
|
44
44
|
@user = Cookie::Closed.new(
|
45
45
|
cookies[:glogin],
|
46
|
-
|
47
|
-
|
46
|
+
# This must be some long text to be used to
|
47
|
+
# encrypt the value in the cookie.
|
48
48
|
secret
|
49
49
|
).to_user
|
50
50
|
rescue OpenSSL::Cipher::CipherError => _
|
@@ -67,7 +67,7 @@ Next, we need a URL for GitHub OAuth callback:
|
|
67
67
|
get '/github-callback' do
|
68
68
|
cookies[:glogin] = Cookie::Open.new(
|
69
69
|
settings.glogin.user(params[:code]),
|
70
|
-
|
70
|
+
# The same encryption secret that we were using above:
|
71
71
|
secret
|
72
72
|
).to_s
|
73
73
|
redirect to('/')
|
data/lib/glogin/cookie.rb
CHANGED
@@ -41,17 +41,19 @@ module GLogin
|
|
41
41
|
end
|
42
42
|
|
43
43
|
def to_user
|
44
|
-
|
45
|
-
@
|
46
|
-
|
47
|
-
|
48
|
-
|
49
|
-
|
50
|
-
|
51
|
-
|
52
|
-
|
53
|
-
|
54
|
-
|
44
|
+
plain =
|
45
|
+
if @secret.empty?
|
46
|
+
@text
|
47
|
+
else
|
48
|
+
cpr = Cookie.cipher
|
49
|
+
cpr.decrypt
|
50
|
+
cpr.key = Digest::SHA1.hexdigest(@secret)
|
51
|
+
decrypted = cpr.update(Base64.decode64(@text))
|
52
|
+
decrypted << cpr.final
|
53
|
+
decrypted.to_s
|
54
|
+
end
|
55
|
+
parts = plain.split('|')
|
56
|
+
{ login: parts[0], avatar: parts[1] }
|
55
57
|
end
|
56
58
|
end
|
57
59
|
|
data/lib/glogin/version.rb
CHANGED
data/test/glogin/test_cookie.rb
CHANGED
@@ -40,6 +40,14 @@ class TestCookie < Minitest::Test
|
|
40
40
|
assert_equal(user[:avatar], 'https://avatars1.githubusercontent.com/u/526301')
|
41
41
|
end
|
42
42
|
|
43
|
+
def test_decrypts_in_test_mode
|
44
|
+
user = GLogin::Cookie::Closed.new(
|
45
|
+
'test|http://example.com', ''
|
46
|
+
).to_user
|
47
|
+
assert_equal(user[:login], 'test')
|
48
|
+
assert_equal(user[:avatar], 'http://example.com')
|
49
|
+
end
|
50
|
+
|
43
51
|
def test_fails_on_broken_text
|
44
52
|
assert_raises OpenSSL::Cipher::CipherError do
|
45
53
|
GLogin::Cookie::Closed.new(
|