google-id-token 1.1.0 → 1.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (4) hide show
  1. checksums.yaml +7 -0
  2. data/README.rdoc +13 -1
  3. data/lib/google-id-token.rb +26 -5
  4. metadata +32 -31
checksums.yaml ADDED
@@ -0,0 +1,7 @@
1
+ ---
2
+ SHA1:
3
+ metadata.gz: a91e7c02dd1ddec8e70d9af8940d05e5fba153be
4
+ data.tar.gz: d2feb1c443c5c8e4f4f068edf4688884d71c22cb
5
+ SHA512:
6
+ metadata.gz: 548e15467d7de07a13244382f2ad6d2e4edb17de8efa5e38c7e2cc417a034f72c0ce604dc7cb597304b616528c4724471ef2abf968d7ec2023eac5853bfdb11c
7
+ data.tar.gz: 3eca2094951140d5c194cf33c9752643f7966a58093de3fe192bd19e54f3d67e5f87103920a9154d34934c50c2aa8f023576d47c3fbb19e07e62a56f34f0693d
data/README.rdoc CHANGED
@@ -2,6 +2,8 @@
2
2
 
3
3
  GoogleIDToken currently provides a single useful class "Validator", which provides a single method "#check", which parses and validates an ID Token allegedly generated by Google auth servers.
4
4
 
5
+ Creating a new validator takes a single optional hash argument. If the hash has an entry for :x509_key, that value is taken to be a key as created by OpenSSL::X509::Certificate.new, and the token is validated using that key. If there is no such entry, the keys are fetched from the Google certs endpoint https://www.googleapis.com/oauth2/v1/certs.
6
+
5
7
  === Installation
6
8
 
7
9
  gem install google-id-token
@@ -14,4 +16,14 @@ GoogleIDToken currently provides a single useful class "Validator", which provid
14
16
  email = jwt['email']
15
17
  else
16
18
  report "Cannot validate: #{validator.problem}"
17
- end
19
+ end
20
+
21
+
22
+ cert = OpenSSL::X509::Certificate.new(File.read('my-cert.pem'))
23
+ validator = GoogleIDToken::Validator.new(:x509_cert => cert)
24
+ jwt = validator.check(token, required_audience, required_client_id)
25
+ if jwt
26
+ email = jwt['email']
27
+ else
28
+ report "Cannot validate: #{validator.problem}"
29
+ end
data/lib/google-id-token.rb CHANGED
@@ -36,8 +36,18 @@ module GoogleIDToken
36
36
  # Reason for failure, if #check returns nil
37
37
  attr_reader :problem
38
38
 
39
- def initialize
40
- @certs = {}
39
+ def initialize(keyopts = {})
40
+ if keyopts[:x509_cert]
41
+ @certs_mode = :literal
42
+ @certs = { :_ => keyopts[:x509_cert] }
43
+ # elsif keyopts[:jwk_uri] # TODO
44
+ # @certs_mode = :jwk
45
+ # @certs = {}
46
+ else
47
+ @certs_mode = :old_skool
48
+ @certs = {}
49
+ end
50
+
41
51
  end
42
52
 
43
53
  ##
@@ -121,11 +131,22 @@ module GoogleIDToken
121
131
 
122
132
  # returns true if there was a problem
123
133
  def refresh_certs
134
+ case @certs_mode
135
+ when :literal
136
+ return # no-op
137
+ when :old_skool
138
+ old_skool_refresh_certs
139
+ # when :jwk # TODO
140
+ # jwk_refresh_certs
141
+ end
142
+ end
143
+
144
+ def old_skool_refresh_certs
124
145
  uri = URI(GOOGLE_CERTS_URI)
125
146
  get = Net::HTTP::Get.new uri.request_uri
126
- res = Net::HTTP.start(uri.hostname, uri.port, :use_ssl => true) do |http|
127
- http.request(get)
128
- end
147
+ http = Net::HTTP.new(uri.host, uri.port)
148
+ http.use_ssl = true
149
+ res = http.request(get)
129
150
 
130
151
  if res.kind_of?(Net::HTTPSuccess)
131
152
  new_certs = Hash[MultiJson.load(res.body).map do |key, cert|
metadata CHANGED
@@ -1,8 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: google-id-token
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.1.0
5
- prerelease:
4
+ version: 1.2.0
6
5
  platform: ruby
7
6
  authors:
8
7
  - Tim Bray
@@ -10,86 +9,90 @@ authors:
10
9
  autorequire:
11
10
  bindir: bin
12
11
  cert_chain: []
13
- date: 2013-02-22 00:00:00.000000000 Z
12
+ date: 2014-02-18 00:00:00.000000000 Z
14
13
  dependencies:
15
14
  - !ruby/object:Gem::Dependency
16
15
  name: multi_json
17
16
  requirement: !ruby/object:Gem::Requirement
18
- none: false
19
17
  requirements:
20
- - - ! '>='
18
+ - - '>='
21
19
  - !ruby/object:Gem::Version
22
20
  version: '0'
23
21
  type: :runtime
24
22
  prerelease: false
25
23
  version_requirements: !ruby/object:Gem::Requirement
26
- none: false
27
24
  requirements:
28
- - - ! '>='
25
+ - - '>='
29
26
  - !ruby/object:Gem::Version
30
27
  version: '0'
31
28
  - !ruby/object:Gem::Dependency
32
29
  name: jwt
33
30
  requirement: !ruby/object:Gem::Requirement
34
- none: false
35
31
  requirements:
36
- - - ! '>='
32
+ - - '>='
37
33
  - !ruby/object:Gem::Version
38
34
  version: '0'
39
35
  type: :runtime
40
36
  prerelease: false
41
37
  version_requirements: !ruby/object:Gem::Requirement
42
- none: false
43
38
  requirements:
44
- - - ! '>='
39
+ - - '>='
45
40
  - !ruby/object:Gem::Version
46
41
  version: '0'
47
42
  - !ruby/object:Gem::Dependency
48
43
  name: fakeweb
49
44
  requirement: !ruby/object:Gem::Requirement
50
- none: false
51
45
  requirements:
52
- - - ! '>='
46
+ - - '>='
53
47
  - !ruby/object:Gem::Version
54
48
  version: '0'
55
49
  type: :development
56
50
  prerelease: false
57
51
  version_requirements: !ruby/object:Gem::Requirement
58
- none: false
59
52
  requirements:
60
- - - ! '>='
53
+ - - '>='
61
54
  - !ruby/object:Gem::Version
62
55
  version: '0'
63
56
  - !ruby/object:Gem::Dependency
64
57
  name: rake
65
58
  requirement: !ruby/object:Gem::Requirement
66
- none: false
67
59
  requirements:
68
- - - ! '>='
60
+ - - '>='
69
61
  - !ruby/object:Gem::Version
70
62
  version: '0'
71
63
  type: :development
72
64
  prerelease: false
73
65
  version_requirements: !ruby/object:Gem::Requirement
74
- none: false
75
66
  requirements:
76
- - - ! '>='
67
+ - - '>='
77
68
  - !ruby/object:Gem::Version
78
69
  version: '0'
79
70
  - !ruby/object:Gem::Dependency
80
71
  name: rspec
81
72
  requirement: !ruby/object:Gem::Requirement
82
- none: false
83
73
  requirements:
84
- - - ! '>='
74
+ - - '>='
85
75
  - !ruby/object:Gem::Version
86
76
  version: '0'
87
77
  type: :development
88
78
  prerelease: false
89
79
  version_requirements: !ruby/object:Gem::Requirement
90
- none: false
91
80
  requirements:
92
- - - ! '>='
81
+ - - '>='
82
+ - !ruby/object:Gem::Version
83
+ version: '0'
84
+ - !ruby/object:Gem::Dependency
85
+ name: openssl
86
+ requirement: !ruby/object:Gem::Requirement
87
+ requirements:
88
+ - - '>='
89
+ - !ruby/object:Gem::Version
90
+ version: '0'
91
+ type: :development
92
+ prerelease: false
93
+ version_requirements: !ruby/object:Gem::Requirement
94
+ requirements:
95
+ - - '>='
93
96
  - !ruby/object:Gem::Version
94
97
  version: '0'
95
98
  description: Google ID Token utilities; currently just a parser/checker
@@ -98,31 +101,29 @@ executables: []
98
101
  extensions: []
99
102
  extra_rdoc_files: []
100
103
  files:
101
- - lib/google-id-token.rb
102
104
  - README.rdoc
105
+ - lib/google-id-token.rb
103
106
  homepage: https://code.google.com/p/google-id-token/
104
107
  licenses: []
108
+ metadata: {}
105
109
  post_install_message:
106
110
  rdoc_options: []
107
111
  require_paths:
108
112
  - lib
109
113
  required_ruby_version: !ruby/object:Gem::Requirement
110
- none: false
111
114
  requirements:
112
- - - ! '>='
115
+ - - '>='
113
116
  - !ruby/object:Gem::Version
114
117
  version: '0'
115
118
  required_rubygems_version: !ruby/object:Gem::Requirement
116
- none: false
117
119
  requirements:
118
- - - ! '>='
120
+ - - '>='
119
121
  - !ruby/object:Gem::Version
120
122
  version: '0'
121
123
  requirements: []
122
124
  rubyforge_project:
123
- rubygems_version: 1.8.25
125
+ rubygems_version: 2.2.2
124
126
  signing_key:
125
- specification_version: 3
127
+ specification_version: 4
126
128
  summary: Google ID Token utilities
127
129
  test_files: []
128
- has_rdoc: