glogin 0.3.1 → 0.4.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/glogin/codec.rb +76 -0
- data/lib/glogin/cookie.rb +11 -30
- data/lib/glogin/version.rb +1 -1
- data/test/glogin/test_codec.rb +53 -0
- metadata +4 -1
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 3c119e131499ee21da88734113b234d547954e07
|
|
4
|
+
data.tar.gz: 1f8d5998346047a3c5d818b4d76510c1d23b5ef5
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: d49f67f6d1469db13a608e22c01bf3dda74065b5e9d95ef0c695fd321e79d81213b574a678d6f13c2894086aea3d2028c3221bd3a0a75017989866b058a85544
|
|
7
|
+
data.tar.gz: 64ebc43231b37ef27f359384fef145ad4b6aac34f07c3003c183bb4a743fa7c724474583470cec6d8a9791f874579d9afc5fa10f7a0cf67f74d64041442232cb
|
data/lib/glogin/codec.rb
ADDED
|
@@ -0,0 +1,76 @@
|
|
|
1
|
+
#
|
|
2
|
+
# Copyright (c) 2017-2018 Yegor Bugayenko
|
|
3
|
+
#
|
|
4
|
+
# Permission is hereby granted, free of charge, to any person obtaining a copy
|
|
5
|
+
# of this software and associated documentation files (the 'Software'), to deal
|
|
6
|
+
# in the Software without restriction, including without limitation the rights
|
|
7
|
+
# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
|
8
|
+
# copies of the Software, and to permit persons to whom the Software is
|
|
9
|
+
# furnished to do so, subject to the following conditions:
|
|
10
|
+
#
|
|
11
|
+
# The above copyright notice and this permission notice shall be included in all
|
|
12
|
+
# copies or substantial portions of the Software.
|
|
13
|
+
#
|
|
14
|
+
# THE SOFTWARE IS PROVIDED 'AS IS', WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
|
15
|
+
# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
|
16
|
+
# FITNESS FOR A PARTICULAR PURPOSE AND NONINFINGEMENT. IN NO EVENT SHALL THE
|
|
17
|
+
# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
|
18
|
+
# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
|
19
|
+
# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
|
|
20
|
+
# SOFTWARE.
|
|
21
|
+
|
|
22
|
+
require 'securerandom'
|
|
23
|
+
require 'openssl'
|
|
24
|
+
require 'digest/sha1'
|
|
25
|
+
require 'base64'
|
|
26
|
+
|
|
27
|
+
# Codec.
|
|
28
|
+
# Author:: Yegor Bugayenko (yegor256@gmail.com)
|
|
29
|
+
# Copyright:: Copyright (c) 2017-2018 Yegor Bugayenko
|
|
30
|
+
# License:: MIT
|
|
31
|
+
module GLogin
|
|
32
|
+
#
|
|
33
|
+
# Codec
|
|
34
|
+
#
|
|
35
|
+
class Codec
|
|
36
|
+
def initialize(secret)
|
|
37
|
+
raise 'Secret can\'t be nil' if secret.nil?
|
|
38
|
+
@secret = secret
|
|
39
|
+
end
|
|
40
|
+
|
|
41
|
+
def decrypt(text)
|
|
42
|
+
if @secret.empty?
|
|
43
|
+
text
|
|
44
|
+
else
|
|
45
|
+
cpr = cipher
|
|
46
|
+
cpr.decrypt
|
|
47
|
+
cpr.key = digest
|
|
48
|
+
plain = Base64.decode64(text)
|
|
49
|
+
raise OpenSSL::Cipher::CipherError if plain.empty?
|
|
50
|
+
decrypted = cpr.update(plain)
|
|
51
|
+
decrypted << cpr.final
|
|
52
|
+
salt, body = decrypted.to_s.force_encoding('UTF-8').split(' ', 2)
|
|
53
|
+
raise OpenSSL::Cipher::CipherError if salt.empty?
|
|
54
|
+
body
|
|
55
|
+
end
|
|
56
|
+
end
|
|
57
|
+
|
|
58
|
+
def encrypt(text)
|
|
59
|
+
cpr = cipher
|
|
60
|
+
cpr.encrypt
|
|
61
|
+
cpr.key = digest
|
|
62
|
+
salt = SecureRandom.base64(Random.rand(8..32))
|
|
63
|
+
encrypted = cpr.update(salt + ' ' + text)
|
|
64
|
+
encrypted << cpr.final
|
|
65
|
+
Base64.encode64(encrypted.to_s)
|
|
66
|
+
end
|
|
67
|
+
|
|
68
|
+
def digest
|
|
69
|
+
Digest::SHA1.hexdigest(@secret)[0..31]
|
|
70
|
+
end
|
|
71
|
+
|
|
72
|
+
def cipher
|
|
73
|
+
OpenSSL::Cipher.new('aes-256-cbc')
|
|
74
|
+
end
|
|
75
|
+
end
|
|
76
|
+
end
|
data/lib/glogin/cookie.rb
CHANGED
|
@@ -48,25 +48,15 @@ module GLogin
|
|
|
48
48
|
# OpenSSL::Cipher::CipherError will be raised, which you have
|
|
49
49
|
# to catch in your applicaiton and ignore the login attempt.
|
|
50
50
|
def to_user
|
|
51
|
-
plain =
|
|
52
|
-
|
|
53
|
-
|
|
54
|
-
else
|
|
55
|
-
cpr = Cookie.cipher
|
|
56
|
-
cpr.decrypt
|
|
57
|
-
cpr.key = Cookie.digest(@secret)
|
|
58
|
-
decrypted = cpr.update(Base64.decode64(@text))
|
|
59
|
-
decrypted << cpr.final
|
|
60
|
-
decrypted.to_s
|
|
61
|
-
end
|
|
62
|
-
parts = plain.split('|', 3)
|
|
63
|
-
if !@secret.empty? && parts[2].to_s != @context
|
|
51
|
+
plain = Codec.new(@secret).decrypt(@text)
|
|
52
|
+
login, avatar, ctx = plain.split('|', 3)
|
|
53
|
+
if !@secret.empty? && ctx.to_s != @context
|
|
64
54
|
raise(
|
|
65
55
|
OpenSSL::Cipher::CipherError,
|
|
66
|
-
"Context '#{@context}' expected, but '#{
|
|
56
|
+
"Context '#{@context}' expected, but '#{ctx}' found"
|
|
67
57
|
)
|
|
68
58
|
end
|
|
69
|
-
{ login:
|
|
59
|
+
{ login: login, avatar: avatar }
|
|
70
60
|
end
|
|
71
61
|
end
|
|
72
62
|
|
|
@@ -83,23 +73,14 @@ module GLogin
|
|
|
83
73
|
|
|
84
74
|
# Returns the text you should drop back to the user as a cookie.
|
|
85
75
|
def to_s
|
|
86
|
-
|
|
87
|
-
|
|
88
|
-
|
|
89
|
-
|
|
90
|
-
|
|
76
|
+
Codec.new(@secret).encrypt(
|
|
77
|
+
[
|
|
78
|
+
@json['login'],
|
|
79
|
+
@json['avatar_url'],
|
|
80
|
+
@context
|
|
81
|
+
].join('|')
|
|
91
82
|
)
|
|
92
|
-
encrypted << cpr.final
|
|
93
|
-
Base64.encode64(encrypted.to_s)
|
|
94
83
|
end
|
|
95
84
|
end
|
|
96
|
-
|
|
97
|
-
def self.digest(secret)
|
|
98
|
-
Digest::SHA1.hexdigest(secret)[0..31]
|
|
99
|
-
end
|
|
100
|
-
|
|
101
|
-
def self.cipher
|
|
102
|
-
OpenSSL::Cipher.new('aes-256-cbc')
|
|
103
|
-
end
|
|
104
85
|
end
|
|
105
86
|
end
|
data/lib/glogin/version.rb
CHANGED
|
@@ -0,0 +1,53 @@
|
|
|
1
|
+
#
|
|
2
|
+
# Copyright (c) 2017-2018 Yegor Bugayenko
|
|
3
|
+
#
|
|
4
|
+
# Permission is hereby granted, free of charge, to any person obtaining a copy
|
|
5
|
+
# of this software and associated documentation files (the 'Software'), to deal
|
|
6
|
+
# in the Software without restriction, including without limitation the rights
|
|
7
|
+
# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
|
8
|
+
# copies of the Software, and to permit persons to whom the Software is
|
|
9
|
+
# furnished to do so, subject to the following conditions:
|
|
10
|
+
#
|
|
11
|
+
# The above copyright notice and this permission notice shall be included in all
|
|
12
|
+
# copies or substantial portions of the Software.
|
|
13
|
+
#
|
|
14
|
+
# THE SOFTWARE IS PROVIDED 'AS IS', WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
|
15
|
+
# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
|
16
|
+
# FITNESS FOR A PARTICULAR PURPOSE AND NONINFINGEMENT. IN NO EVENT SHALL THE
|
|
17
|
+
# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
|
18
|
+
# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
|
19
|
+
# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
|
|
20
|
+
# SOFTWARE.
|
|
21
|
+
|
|
22
|
+
require 'minitest/autorun'
|
|
23
|
+
require_relative '../../lib/glogin/codec'
|
|
24
|
+
|
|
25
|
+
class TestCodec < Minitest::Test
|
|
26
|
+
def test_encodes_and_decodes
|
|
27
|
+
text = 'This is the text, дорогой товарищ'
|
|
28
|
+
assert_equal(
|
|
29
|
+
text,
|
|
30
|
+
Base64.decode64(Base64.encode64(text)).force_encoding('UTF-8')
|
|
31
|
+
)
|
|
32
|
+
end
|
|
33
|
+
|
|
34
|
+
def test_encrypts_and_decrypts
|
|
35
|
+
crypt = GLogin::Codec.new('this is the secret key!')
|
|
36
|
+
text = 'This is the text, товарищ'
|
|
37
|
+
assert_equal(text, crypt.decrypt(crypt.encrypt(text)))
|
|
38
|
+
end
|
|
39
|
+
|
|
40
|
+
def test_decrypts_with_invalid_password
|
|
41
|
+
assert_raises OpenSSL::Cipher::CipherError do
|
|
42
|
+
GLogin::Codec.new('the wrong key').decrypt(
|
|
43
|
+
GLogin::Codec.new('the right key').encrypt('the text')
|
|
44
|
+
)
|
|
45
|
+
end
|
|
46
|
+
end
|
|
47
|
+
|
|
48
|
+
def test_decrypts_broken_text
|
|
49
|
+
assert_raises OpenSSL::Cipher::CipherError do
|
|
50
|
+
GLogin::Codec.new('the key').decrypt('этот текст не был зашифрован')
|
|
51
|
+
end
|
|
52
|
+
end
|
|
53
|
+
end
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: glogin
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.4.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Yegor Bugayenko
|
|
@@ -131,9 +131,11 @@ files:
|
|
|
131
131
|
- glogin.gemspec
|
|
132
132
|
- lib/glogin.rb
|
|
133
133
|
- lib/glogin/auth.rb
|
|
134
|
+
- lib/glogin/codec.rb
|
|
134
135
|
- lib/glogin/cookie.rb
|
|
135
136
|
- lib/glogin/version.rb
|
|
136
137
|
- test/glogin/test_auth.rb
|
|
138
|
+
- test/glogin/test_codec.rb
|
|
137
139
|
- test/glogin/test_cookie.rb
|
|
138
140
|
- test/test__helper.rb
|
|
139
141
|
- test/test_glogin.rb
|
|
@@ -164,6 +166,7 @@ specification_version: 2
|
|
|
164
166
|
summary: Login/logout via GitHub OAuth for your web app
|
|
165
167
|
test_files:
|
|
166
168
|
- test/glogin/test_auth.rb
|
|
169
|
+
- test/glogin/test_codec.rb
|
|
167
170
|
- test/glogin/test_cookie.rb
|
|
168
171
|
- test/test__helper.rb
|
|
169
172
|
- test/test_glogin.rb
|