golden_ticket 0.9.12 → 1.0.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/README.md +36 -0
- data/golden_ticket.gemspec +15 -14
- data/lib/golden_ticket.rb +19 -5
- data/lib/golden_ticket/version.rb +1 -1
- metadata +16 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 75e746f3d97a596f6318fb232b284b858f9a219d
|
4
|
+
data.tar.gz: 547087fd393f723f372a13f3f1b00beebb8a6b6a
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: a3a260c28b16d24150104c1182d8b9ee8ddd2dfa4fb7f58e2cb21deb2cc7d12cf85e0cd1a4b8036a7ee45edd4abba1c50ce38e2c305c654651b9d04e516f0cc1
|
7
|
+
data.tar.gz: d51e3ba3968a9be2e307198dfcc58d359b0bf5fe8e0aac9e523e507cf87a94d2bb38695b4912be72e82644bbbf5378db925581618af186dda88b72c36b2f71aa
|
data/README.md
CHANGED
@@ -2,6 +2,42 @@
|
|
2
2
|
|
3
3
|
Simple JSON Web Token tools
|
4
4
|
|
5
|
+
## Presentation
|
6
|
+
|
7
|
+
This library provides utilities for manipulating [JSON Web Tokens (JWT)](https://jwt.io/).
|
8
|
+
|
9
|
+
## Installation
|
10
|
+
|
11
|
+
### Gemfile
|
12
|
+
```ruby
|
13
|
+
gem 'golden_ticket'
|
14
|
+
```
|
15
|
+
|
16
|
+
### Terminal
|
17
|
+
```bash
|
18
|
+
gem install -V golden_ticket
|
19
|
+
```
|
20
|
+
|
21
|
+
## Usage
|
22
|
+
|
23
|
+
Any payload can be encoded as a JWT using the *encode* method:
|
24
|
+
|
25
|
+
```ruby
|
26
|
+
key = 'supersecret'
|
27
|
+
payload = { user_id: 0, foo: :bar }
|
28
|
+
GoldenTicket.encode key, payload
|
29
|
+
# => 'eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VyX2lkIjowLCJmb28iOiJiYXIifQ.4Tn4B_uV-FJ_xh2Vcg4LB24DP2faPoEll4Cttjblkhs'
|
30
|
+
```
|
31
|
+
|
32
|
+
Any JWT can be decoded using the *decode* method:
|
33
|
+
|
34
|
+
```ruby
|
35
|
+
key = 'supersecret'
|
36
|
+
token = 'eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VyX2lkIjowLCJmb28iOiJiYXIifQ.4Tn4B_uV-FJ_xh2Vcg4LB24DP2faPoEll4Cttjblkhs'
|
37
|
+
GoldenTicket.decode key, token
|
38
|
+
# => { user_id: 0, foo: 'bar' }
|
39
|
+
```
|
40
|
+
|
5
41
|
## License
|
6
42
|
|
7
43
|
The gem is available as open source under the terms of the [MIT License](http://opensource.org/licenses/MIT).
|
data/golden_ticket.gemspec
CHANGED
@@ -4,21 +4,22 @@ $LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
|
|
4
4
|
require 'golden_ticket/version'
|
5
5
|
|
6
6
|
Gem::Specification.new do |spec|
|
7
|
-
|
8
|
-
|
9
|
-
|
10
|
-
|
7
|
+
spec.name = "golden_ticket"
|
8
|
+
spec.version = GoldenTicket::VERSION
|
9
|
+
spec.authors = ["Eresse"]
|
10
|
+
spec.email = ["eresse@eresse.net"]
|
11
11
|
|
12
|
-
|
13
|
-
|
14
|
-
|
15
|
-
|
12
|
+
spec.summary = "Simple JWT Tools"
|
13
|
+
spec.description = "Provides simple tools to manipulate JSON Web Token"
|
14
|
+
spec.homepage = "http://redmine.eresse.net/projects/golden_ticket"
|
15
|
+
spec.license = "MIT"
|
16
16
|
|
17
|
-
|
18
|
-
|
19
|
-
|
20
|
-
|
17
|
+
spec.files = `git ls-files -z`.split("\x0").reject { |f| f.match(%r{^(test|spec|features)/}) }
|
18
|
+
spec.bindir = "exe"
|
19
|
+
spec.executables = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
|
20
|
+
spec.require_paths = ["lib"]
|
21
21
|
|
22
|
-
|
23
|
-
|
22
|
+
spec.add_development_dependency "bundler", "~> 1.12"
|
23
|
+
spec.add_development_dependency "rake", "~> 10.0"
|
24
|
+
spec.add_runtime_dependency 'aromat'
|
24
25
|
end
|
data/lib/golden_ticket.rb
CHANGED
@@ -5,22 +5,32 @@
|
|
5
5
|
require 'json'
|
6
6
|
require 'base64'
|
7
7
|
require 'openssl'
|
8
|
+
require 'aromat'
|
8
9
|
require 'golden_ticket/version'
|
9
10
|
|
10
11
|
# GoldenTicket Module
|
11
12
|
module GoldenTicket
|
12
13
|
|
13
|
-
# Encode Base64URL
|
14
|
+
# Encode Base64URL:
|
15
|
+
# Base64-encodes a String in way that plays nice with URLs (no special characters).
|
16
|
+
# @param [String] s A chunk to encode
|
17
|
+
# @return [String] The encoded string
|
14
18
|
def self.b64url_encode s
|
15
19
|
Base64.urlsafe_encode64(s).gsub('=', '').gsub "\n", ''
|
16
20
|
end
|
17
21
|
|
18
|
-
# Decode Base64URL
|
22
|
+
# Decode Base64URL:
|
23
|
+
# Base64-decodes a String which has been encoded with #b64url_encode.
|
24
|
+
# @param [String] s An encoded String
|
25
|
+
# @return [String] The decoded chunk
|
19
26
|
def self.b64url_decode s
|
20
27
|
Base64.urlsafe_decode64 s + ('=' * (((s.length % 4) > 0) ? (4 - (s.length % 4)) : 0))
|
21
28
|
end
|
22
29
|
|
23
|
-
# Encode (Generate JWT)
|
30
|
+
# Encode (Generate JWT):
|
31
|
+
# Produces a JSON Web Token (JWT) by SHA-256-hashing a payload's JSON representation.
|
32
|
+
# @param [String] key Used for SHA-256 hashing
|
33
|
+
# @param [Object] payload The Actual token information payload
|
24
34
|
def self.encode key, payload
|
25
35
|
|
26
36
|
# Prep Header - Always HMAC SHA 256 / JWT
|
@@ -38,7 +48,11 @@ module GoldenTicket
|
|
38
48
|
"#{header_data}.#{payload_data}.#{secret_data}"
|
39
49
|
end
|
40
50
|
|
41
|
-
# Decode (Parse JWT)
|
51
|
+
# Decode (Parse JWT):
|
52
|
+
# Splits up and decodes a given JSON Web Token, after having verified its authenticity.
|
53
|
+
# @param [String] key Used for SHA-256 hashing
|
54
|
+
# @param [String] token The token itself (duh...)
|
55
|
+
# @return [Object] The actual token information payload
|
42
56
|
def self.decode key, token
|
43
57
|
|
44
58
|
# Split Token
|
@@ -49,6 +63,6 @@ module GoldenTicket
|
|
49
63
|
raise 'Invalid Token' unless secret_data == b64url_encode(OpenSSL::HMAC.digest(OpenSSL::Digest.new('sha256'), key, secret))
|
50
64
|
|
51
65
|
# Pull dat Payload
|
52
|
-
JSON.parse
|
66
|
+
JSON.parse(b64url_decode(payload_data)).sym_keys
|
53
67
|
end
|
54
68
|
end
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: golden_ticket
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 1.0.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Eresse
|
8
8
|
autorequire:
|
9
9
|
bindir: exe
|
10
10
|
cert_chain: []
|
11
|
-
date:
|
11
|
+
date: 2017-03-01 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: bundler
|
@@ -38,6 +38,20 @@ dependencies:
|
|
38
38
|
- - "~>"
|
39
39
|
- !ruby/object:Gem::Version
|
40
40
|
version: '10.0'
|
41
|
+
- !ruby/object:Gem::Dependency
|
42
|
+
name: aromat
|
43
|
+
requirement: !ruby/object:Gem::Requirement
|
44
|
+
requirements:
|
45
|
+
- - ">="
|
46
|
+
- !ruby/object:Gem::Version
|
47
|
+
version: '0'
|
48
|
+
type: :runtime
|
49
|
+
prerelease: false
|
50
|
+
version_requirements: !ruby/object:Gem::Requirement
|
51
|
+
requirements:
|
52
|
+
- - ">="
|
53
|
+
- !ruby/object:Gem::Version
|
54
|
+
version: '0'
|
41
55
|
description: Provides simple tools to manipulate JSON Web Token
|
42
56
|
email:
|
43
57
|
- eresse@eresse.net
|