google-jwt 0.0.5
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- data/Gemfile +4 -0
- data/README.md +4 -0
- data/Rakefile +1 -0
- data/google-jwt.gemspec +19 -0
- data/lib/google-jwt.rb +58 -0
- metadata +51 -0
data/Gemfile
ADDED
data/README.md
ADDED
data/Rakefile
ADDED
|
@@ -0,0 +1 @@
|
|
|
1
|
+
require "bundler/gem_tasks"
|
data/google-jwt.gemspec
ADDED
|
@@ -0,0 +1,19 @@
|
|
|
1
|
+
# -*- encoding: utf-8 -*-
|
|
2
|
+
$:.push File.expand_path("../lib", __FILE__)
|
|
3
|
+
|
|
4
|
+
Gem::Specification.new do |s|
|
|
5
|
+
s.name = "google-jwt"
|
|
6
|
+
s.version = "0.0.5"
|
|
7
|
+
s.authors = ["Jon Durbin"]
|
|
8
|
+
s.email = ["jond@greenviewdata.com"]
|
|
9
|
+
s.homepage = "https://github.com/jondurbin/google-jwt"
|
|
10
|
+
s.summary = %q{Simple gem for generating google-specific JWT's for OAuth 2.0}
|
|
11
|
+
s.description = %q{Simple gem for generating google-specific JWT's for OAuth 2.0}
|
|
12
|
+
|
|
13
|
+
s.rubyforge_project = "google-jwt"
|
|
14
|
+
|
|
15
|
+
s.files = `git ls-files`.split("\n")
|
|
16
|
+
s.test_files = `git ls-files -- {test,spec,features}/*`.split("\n")
|
|
17
|
+
s.executables = `git ls-files -- bin/*`.split("\n").map{ |f| File.basename(f) }
|
|
18
|
+
s.require_paths = ["lib"]
|
|
19
|
+
end
|
data/lib/google-jwt.rb
ADDED
|
@@ -0,0 +1,58 @@
|
|
|
1
|
+
require 'openssl'
|
|
2
|
+
require 'base64'
|
|
3
|
+
require 'json'
|
|
4
|
+
|
|
5
|
+
class String
|
|
6
|
+
# Quick method for signing strings with a key.
|
|
7
|
+
def sign(private_key)
|
|
8
|
+
digest = OpenSSL::Digest::SHA256.new
|
|
9
|
+
private_key.sign(digest, self)
|
|
10
|
+
end
|
|
11
|
+
|
|
12
|
+
def clean_base64_encode
|
|
13
|
+
Base64.urlsafe_encode64(self).gsub('=', '')
|
|
14
|
+
end
|
|
15
|
+
end
|
|
16
|
+
|
|
17
|
+
class GoogleJWT
|
|
18
|
+
attr_accessor :claim_set, :header, :private_key
|
|
19
|
+
def initialize(claim_set, private_key, password, header = nil)
|
|
20
|
+
# Symbolize the keys.
|
|
21
|
+
self.claim_set = claim_set.inject({}){|item,(k,v)| item[k.to_sym] = v; item}
|
|
22
|
+
|
|
23
|
+
# Remove unknown/invalid keys.
|
|
24
|
+
self.claim_set = self.claim_set.delete_if {|k,v| ![:iss, :scope, :aud, :exp, :iat, :prn].include?(k)}
|
|
25
|
+
|
|
26
|
+
# Make sure we have all the required keys.
|
|
27
|
+
[:iss, :scope, :aud].each {|r| raise RuntimeError "Missing required claim key: #{r}" unless self.claim_set[r]}
|
|
28
|
+
|
|
29
|
+
# Set defaults for create/expire time.
|
|
30
|
+
self.claim_set[:exp] ||= Time.now.to_i + 3600
|
|
31
|
+
self.claim_set[:iat] ||= Time.now.to_i
|
|
32
|
+
|
|
33
|
+
# Make sure the header is clean and has required items.
|
|
34
|
+
self.header ||= {:alg => "RS256", :typ => "JWT"}
|
|
35
|
+
self.header = self.header.inject({}){|item,(k,v)| item[k.to_sym] = v; item}
|
|
36
|
+
self.header = self.header.delete_if {|k,v| ![:alg, :typ].include?(k)}
|
|
37
|
+
[:alg, :typ].each {|r| raise RuntimeError "Missing required header key: #{r}" unless self.header[r]}
|
|
38
|
+
|
|
39
|
+
# Make sure we were passed the private key and password.
|
|
40
|
+
raise RuntimeError "Missing required private key parameter." unless private_key
|
|
41
|
+
raise RuntimeError "Missing required password parameter." unless password
|
|
42
|
+
|
|
43
|
+
# Set the private key.
|
|
44
|
+
self.private_key = key_from_pkcs12(private_key, password)
|
|
45
|
+
end
|
|
46
|
+
|
|
47
|
+
def jwt
|
|
48
|
+
header = self.header.to_json.clean_base64_encode
|
|
49
|
+
claim_set = self.claim_set.to_json.clean_base64_encode
|
|
50
|
+
signature = "#{header}.#{claim_set}".sign(self.private_key).clean_base64_encode
|
|
51
|
+
"#{header}.#{claim_set}.#{signature}"
|
|
52
|
+
end
|
|
53
|
+
|
|
54
|
+
private
|
|
55
|
+
def key_from_pkcs12(key, password)
|
|
56
|
+
OpenSSL::PKey::RSA.new(OpenSSL::PKCS12.new(key, password).key)
|
|
57
|
+
end
|
|
58
|
+
end
|
metadata
ADDED
|
@@ -0,0 +1,51 @@
|
|
|
1
|
+
--- !ruby/object:Gem::Specification
|
|
2
|
+
name: google-jwt
|
|
3
|
+
version: !ruby/object:Gem::Version
|
|
4
|
+
version: 0.0.5
|
|
5
|
+
prerelease:
|
|
6
|
+
platform: ruby
|
|
7
|
+
authors:
|
|
8
|
+
- Jon Durbin
|
|
9
|
+
autorequire:
|
|
10
|
+
bindir: bin
|
|
11
|
+
cert_chain: []
|
|
12
|
+
date: 2012-11-01 00:00:00.000000000 Z
|
|
13
|
+
dependencies: []
|
|
14
|
+
description: Simple gem for generating google-specific JWT's for OAuth 2.0
|
|
15
|
+
email:
|
|
16
|
+
- jond@greenviewdata.com
|
|
17
|
+
executables: []
|
|
18
|
+
extensions: []
|
|
19
|
+
extra_rdoc_files: []
|
|
20
|
+
files:
|
|
21
|
+
- Gemfile
|
|
22
|
+
- README.md
|
|
23
|
+
- Rakefile
|
|
24
|
+
- google-jwt.gemspec
|
|
25
|
+
- lib/google-jwt.rb
|
|
26
|
+
homepage: https://github.com/jondurbin/google-jwt
|
|
27
|
+
licenses: []
|
|
28
|
+
post_install_message:
|
|
29
|
+
rdoc_options: []
|
|
30
|
+
require_paths:
|
|
31
|
+
- lib
|
|
32
|
+
required_ruby_version: !ruby/object:Gem::Requirement
|
|
33
|
+
none: false
|
|
34
|
+
requirements:
|
|
35
|
+
- - ! '>='
|
|
36
|
+
- !ruby/object:Gem::Version
|
|
37
|
+
version: '0'
|
|
38
|
+
required_rubygems_version: !ruby/object:Gem::Requirement
|
|
39
|
+
none: false
|
|
40
|
+
requirements:
|
|
41
|
+
- - ! '>='
|
|
42
|
+
- !ruby/object:Gem::Version
|
|
43
|
+
version: '0'
|
|
44
|
+
requirements: []
|
|
45
|
+
rubyforge_project: google-jwt
|
|
46
|
+
rubygems_version: 1.8.24
|
|
47
|
+
signing_key:
|
|
48
|
+
specification_version: 3
|
|
49
|
+
summary: Simple gem for generating google-specific JWT's for OAuth 2.0
|
|
50
|
+
test_files: []
|
|
51
|
+
has_rdoc:
|