golden_ticket 0.9.4 → 0.9.6
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/golden_ticket/version.rb +1 -1
- data/lib/golden_ticket.rb +14 -4
- metadata +1 -1
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 7cbf14e7734504389fcf9b4b813deb036e7bd090
|
4
|
+
data.tar.gz: 82b33beb1992679098bbc0e12303accf9cb3b175
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 3abf89814e603ce0cb7da54e59901da086c990286025af6d4e0a5f6ca1436852e7d49e955c97d8cdb2dc7d511cc6849995713382c2149349f866f5a9a457c91a
|
7
|
+
data.tar.gz: e6a07817335023bcea05a626fd9d854eb1aa1d488c0bc45272b33a089138afa83e9649791918ca36792235a8b9fe60d671f2aa558a4b883502f6ad40cb4a29e9
|
data/lib/golden_ticket.rb
CHANGED
@@ -10,15 +10,25 @@ require 'golden_ticket/version'
|
|
10
10
|
# GoldenTicket Module
|
11
11
|
module GoldenTicket
|
12
12
|
|
13
|
+
# Encode Base64URL
|
14
|
+
def self.b64url_encode s
|
15
|
+
Base64.urlsafe_encode64(s).gsub '=', ''
|
16
|
+
end
|
17
|
+
|
18
|
+
# Decode Base64URL
|
19
|
+
def self.b64url_decode s
|
20
|
+
Base64.urlsafe_decode64 s + ((4 - (s.length % 4)) * '=')
|
21
|
+
end
|
22
|
+
|
13
23
|
# Encode (Generate JWT)
|
14
24
|
def self.encode key, payload
|
15
25
|
|
16
26
|
# Prep Header - Always HMAC SHA 256 / JWT
|
17
27
|
header = { alg: 'HS256', typ: 'JWT' }
|
18
|
-
header_data =
|
28
|
+
header_data = b64url_encode header.to_json
|
19
29
|
|
20
30
|
# Prepare Payload
|
21
|
-
payload_data =
|
31
|
+
payload_data = b64url_encode payload.to_json
|
22
32
|
|
23
33
|
# Compute Token Secret
|
24
34
|
secret = "#{header_data}.#{payload_data}"
|
@@ -32,13 +42,13 @@ module GoldenTicket
|
|
32
42
|
def self.decode key, token
|
33
43
|
|
34
44
|
# Split Token
|
35
|
-
header_data, payload_data, secret_data = token.split
|
45
|
+
header_data, payload_data, secret_data = token.split '.'
|
36
46
|
|
37
47
|
# Verify Token
|
38
48
|
secret = "#{header_data}.#{payload_data}"
|
39
49
|
raise 'Invalid Token' unless secret_data == OpenSSL::HMAC.hexdigest(OpenSSL::Digest.new('sha256'), key, secret)
|
40
50
|
|
41
51
|
# Pull dat Payload
|
42
|
-
JSON.parse
|
52
|
+
JSON.parse b64url_decode payload_data
|
43
53
|
end
|
44
54
|
end
|