google-id-token 1.1.0 → 1.2.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (4) hide show
  1. checksums.yaml +7 -0
  2. data/README.rdoc +13 -1
  3. data/lib/google-id-token.rb +26 -5
  4. metadata +32 -31
checksums.yaml ADDED
@@ -0,0 +1,7 @@
1
+ ---
2
+ SHA1:
3
+ metadata.gz: a91e7c02dd1ddec8e70d9af8940d05e5fba153be
4
+ data.tar.gz: d2feb1c443c5c8e4f4f068edf4688884d71c22cb
5
+ SHA512:
6
+ metadata.gz: 548e15467d7de07a13244382f2ad6d2e4edb17de8efa5e38c7e2cc417a034f72c0ce604dc7cb597304b616528c4724471ef2abf968d7ec2023eac5853bfdb11c
7
+ data.tar.gz: 3eca2094951140d5c194cf33c9752643f7966a58093de3fe192bd19e54f3d67e5f87103920a9154d34934c50c2aa8f023576d47c3fbb19e07e62a56f34f0693d
data/README.rdoc CHANGED
@@ -2,6 +2,8 @@
2
2
 
3
3
  GoogleIDToken currently provides a single useful class "Validator", which provides a single method "#check", which parses and validates an ID Token allegedly generated by Google auth servers.
4
4
 
5
+ Creating a new validator takes a single optional hash argument. If the hash has an entry for :x509_key, that value is taken to be a key as created by OpenSSL::X509::Certificate.new, and the token is validated using that key. If there is no such entry, the keys are fetched from the Google certs endpoint https://www.googleapis.com/oauth2/v1/certs.
6
+
5
7
  === Installation
6
8
 
7
9
  gem install google-id-token
@@ -14,4 +16,14 @@ GoogleIDToken currently provides a single useful class "Validator", which provid
14
16
  email = jwt['email']
15
17
  else
16
18
  report "Cannot validate: #{validator.problem}"
17
- end
19
+ end
20
+
21
+
22
+ cert = OpenSSL::X509::Certificate.new(File.read('my-cert.pem'))
23
+ validator = GoogleIDToken::Validator.new(:x509_cert => cert)
24
+ jwt = validator.check(token, required_audience, required_client_id)
25
+ if jwt
26
+ email = jwt['email']
27
+ else
28
+ report "Cannot validate: #{validator.problem}"
29
+ end
data/lib/google-id-token.rb CHANGED
@@ -36,8 +36,18 @@ module GoogleIDToken
36
36
  # Reason for failure, if #check returns nil
37
37
  attr_reader :problem
38
38
 
39
- def initialize
40
- @certs = {}
39
+ def initialize(keyopts = {})
40
+ if keyopts[:x509_cert]
41
+ @certs_mode = :literal
42
+ @certs = { :_ => keyopts[:x509_cert] }
43
+ # elsif keyopts[:jwk_uri] # TODO
44
+ # @certs_mode = :jwk
45
+ # @certs = {}
46
+ else
47
+ @certs_mode = :old_skool
48
+ @certs = {}
49
+ end
50
+
41
51
  end
42
52
 
43
53
  ##
@@ -121,11 +131,22 @@ module GoogleIDToken
121
131
 
122
132
  # returns true if there was a problem
123
133
  def refresh_certs
134
+ case @certs_mode
135
+ when :literal
136
+ return # no-op
137
+ when :old_skool
138
+ old_skool_refresh_certs
139
+ # when :jwk # TODO
140
+ # jwk_refresh_certs
141
+ end
142
+ end
143
+
144
+ def old_skool_refresh_certs
124
145
  uri = URI(GOOGLE_CERTS_URI)
125
146
  get = Net::HTTP::Get.new uri.request_uri
126
- res = Net::HTTP.start(uri.hostname, uri.port, :use_ssl => true) do |http|
127
- http.request(get)
128
- end
147
+ http = Net::HTTP.new(uri.host, uri.port)
148
+ http.use_ssl = true
149
+ res = http.request(get)
129
150
 
130
151
  if res.kind_of?(Net::HTTPSuccess)
131
152
  new_certs = Hash[MultiJson.load(res.body).map do |key, cert|
metadata CHANGED
@@ -1,8 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: google-id-token
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.1.0
5
- prerelease:
4
+ version: 1.2.0
6
5
  platform: ruby
7
6
  authors:
8
7
  - Tim Bray
@@ -10,86 +9,90 @@ authors:
10
9
  autorequire:
11
10
  bindir: bin
12
11
  cert_chain: []
13
- date: 2013-02-22 00:00:00.000000000 Z
12
+ date: 2014-02-18 00:00:00.000000000 Z
14
13
  dependencies:
15
14
  - !ruby/object:Gem::Dependency
16
15
  name: multi_json
17
16
  requirement: !ruby/object:Gem::Requirement
18
- none: false
19
17
  requirements:
20
- - - ! '>='
18
+ - - '>='
21
19
  - !ruby/object:Gem::Version
22
20
  version: '0'
23
21
  type: :runtime
24
22
  prerelease: false
25
23
  version_requirements: !ruby/object:Gem::Requirement
26
- none: false
27
24
  requirements:
28
- - - ! '>='
25
+ - - '>='
29
26
  - !ruby/object:Gem::Version
30
27
  version: '0'
31
28
  - !ruby/object:Gem::Dependency
32
29
  name: jwt
33
30
  requirement: !ruby/object:Gem::Requirement
34
- none: false
35
31
  requirements:
36
- - - ! '>='
32
+ - - '>='
37
33
  - !ruby/object:Gem::Version
38
34
  version: '0'
39
35
  type: :runtime
40
36
  prerelease: false
41
37
  version_requirements: !ruby/object:Gem::Requirement
42
- none: false
43
38
  requirements:
44
- - - ! '>='
39
+ - - '>='
45
40
  - !ruby/object:Gem::Version
46
41
  version: '0'
47
42
  - !ruby/object:Gem::Dependency
48
43
  name: fakeweb
49
44
  requirement: !ruby/object:Gem::Requirement
50
- none: false
51
45
  requirements:
52
- - - ! '>='
46
+ - - '>='
53
47
  - !ruby/object:Gem::Version
54
48
  version: '0'
55
49
  type: :development
56
50
  prerelease: false
57
51
  version_requirements: !ruby/object:Gem::Requirement
58
- none: false
59
52
  requirements:
60
- - - ! '>='
53
+ - - '>='
61
54
  - !ruby/object:Gem::Version
62
55
  version: '0'
63
56
  - !ruby/object:Gem::Dependency
64
57
  name: rake
65
58
  requirement: !ruby/object:Gem::Requirement
66
- none: false
67
59
  requirements:
68
- - - ! '>='
60
+ - - '>='
69
61
  - !ruby/object:Gem::Version
70
62
  version: '0'
71
63
  type: :development
72
64
  prerelease: false
73
65
  version_requirements: !ruby/object:Gem::Requirement
74
- none: false
75
66
  requirements:
76
- - - ! '>='
67
+ - - '>='
77
68
  - !ruby/object:Gem::Version
78
69
  version: '0'
79
70
  - !ruby/object:Gem::Dependency
80
71
  name: rspec
81
72
  requirement: !ruby/object:Gem::Requirement
82
- none: false
83
73
  requirements:
84
- - - ! '>='
74
+ - - '>='
85
75
  - !ruby/object:Gem::Version
86
76
  version: '0'
87
77
  type: :development
88
78
  prerelease: false
89
79
  version_requirements: !ruby/object:Gem::Requirement
90
- none: false
91
80
  requirements:
92
- - - ! '>='
81
+ - - '>='
82
+ - !ruby/object:Gem::Version
83
+ version: '0'
84
+ - !ruby/object:Gem::Dependency
85
+ name: openssl
86
+ requirement: !ruby/object:Gem::Requirement
87
+ requirements:
88
+ - - '>='
89
+ - !ruby/object:Gem::Version
90
+ version: '0'
91
+ type: :development
92
+ prerelease: false
93
+ version_requirements: !ruby/object:Gem::Requirement
94
+ requirements:
95
+ - - '>='
93
96
  - !ruby/object:Gem::Version
94
97
  version: '0'
95
98
  description: Google ID Token utilities; currently just a parser/checker
@@ -98,31 +101,29 @@ executables: []
98
101
  extensions: []
99
102
  extra_rdoc_files: []
100
103
  files:
101
- - lib/google-id-token.rb
102
104
  - README.rdoc
105
+ - lib/google-id-token.rb
103
106
  homepage: https://code.google.com/p/google-id-token/
104
107
  licenses: []
108
+ metadata: {}
105
109
  post_install_message:
106
110
  rdoc_options: []
107
111
  require_paths:
108
112
  - lib
109
113
  required_ruby_version: !ruby/object:Gem::Requirement
110
- none: false
111
114
  requirements:
112
- - - ! '>='
115
+ - - '>='
113
116
  - !ruby/object:Gem::Version
114
117
  version: '0'
115
118
  required_rubygems_version: !ruby/object:Gem::Requirement
116
- none: false
117
119
  requirements:
118
- - - ! '>='
120
+ - - '>='
119
121
  - !ruby/object:Gem::Version
120
122
  version: '0'
121
123
  requirements: []
122
124
  rubyforge_project:
123
- rubygems_version: 1.8.25
125
+ rubygems_version: 2.2.2
124
126
  signing_key:
125
- specification_version: 3
127
+ specification_version: 4
126
128
  summary: Google ID Token utilities
127
129
  test_files: []
128
- has_rdoc: