google-jwt 0.0.5
Sign up to get free protection for your applications and to get access to all the features.
- data/Gemfile +4 -0
- data/README.md +4 -0
- data/Rakefile +1 -0
- data/google-jwt.gemspec +19 -0
- data/lib/google-jwt.rb +58 -0
- metadata +51 -0
data/Gemfile
ADDED
data/README.md
ADDED
data/Rakefile
ADDED
|
@@ -0,0 +1 @@
|
|
|
1
|
+
require "bundler/gem_tasks"
|
data/google-jwt.gemspec
ADDED
|
@@ -0,0 +1,19 @@
|
|
|
1
|
+
# -*- encoding: utf-8 -*-
|
|
2
|
+
$:.push File.expand_path("../lib", __FILE__)
|
|
3
|
+
|
|
4
|
+
Gem::Specification.new do |s|
|
|
5
|
+
s.name = "google-jwt"
|
|
6
|
+
s.version = "0.0.5"
|
|
7
|
+
s.authors = ["Jon Durbin"]
|
|
8
|
+
s.email = ["jond@greenviewdata.com"]
|
|
9
|
+
s.homepage = "https://github.com/jondurbin/google-jwt"
|
|
10
|
+
s.summary = %q{Simple gem for generating google-specific JWT's for OAuth 2.0}
|
|
11
|
+
s.description = %q{Simple gem for generating google-specific JWT's for OAuth 2.0}
|
|
12
|
+
|
|
13
|
+
s.rubyforge_project = "google-jwt"
|
|
14
|
+
|
|
15
|
+
s.files = `git ls-files`.split("\n")
|
|
16
|
+
s.test_files = `git ls-files -- {test,spec,features}/*`.split("\n")
|
|
17
|
+
s.executables = `git ls-files -- bin/*`.split("\n").map{ |f| File.basename(f) }
|
|
18
|
+
s.require_paths = ["lib"]
|
|
19
|
+
end
|
data/lib/google-jwt.rb
ADDED
|
@@ -0,0 +1,58 @@
|
|
|
1
|
+
require 'openssl'
|
|
2
|
+
require 'base64'
|
|
3
|
+
require 'json'
|
|
4
|
+
|
|
5
|
+
class String
|
|
6
|
+
# Quick method for signing strings with a key.
|
|
7
|
+
def sign(private_key)
|
|
8
|
+
digest = OpenSSL::Digest::SHA256.new
|
|
9
|
+
private_key.sign(digest, self)
|
|
10
|
+
end
|
|
11
|
+
|
|
12
|
+
def clean_base64_encode
|
|
13
|
+
Base64.urlsafe_encode64(self).gsub('=', '')
|
|
14
|
+
end
|
|
15
|
+
end
|
|
16
|
+
|
|
17
|
+
class GoogleJWT
|
|
18
|
+
attr_accessor :claim_set, :header, :private_key
|
|
19
|
+
def initialize(claim_set, private_key, password, header = nil)
|
|
20
|
+
# Symbolize the keys.
|
|
21
|
+
self.claim_set = claim_set.inject({}){|item,(k,v)| item[k.to_sym] = v; item}
|
|
22
|
+
|
|
23
|
+
# Remove unknown/invalid keys.
|
|
24
|
+
self.claim_set = self.claim_set.delete_if {|k,v| ![:iss, :scope, :aud, :exp, :iat, :prn].include?(k)}
|
|
25
|
+
|
|
26
|
+
# Make sure we have all the required keys.
|
|
27
|
+
[:iss, :scope, :aud].each {|r| raise RuntimeError "Missing required claim key: #{r}" unless self.claim_set[r]}
|
|
28
|
+
|
|
29
|
+
# Set defaults for create/expire time.
|
|
30
|
+
self.claim_set[:exp] ||= Time.now.to_i + 3600
|
|
31
|
+
self.claim_set[:iat] ||= Time.now.to_i
|
|
32
|
+
|
|
33
|
+
# Make sure the header is clean and has required items.
|
|
34
|
+
self.header ||= {:alg => "RS256", :typ => "JWT"}
|
|
35
|
+
self.header = self.header.inject({}){|item,(k,v)| item[k.to_sym] = v; item}
|
|
36
|
+
self.header = self.header.delete_if {|k,v| ![:alg, :typ].include?(k)}
|
|
37
|
+
[:alg, :typ].each {|r| raise RuntimeError "Missing required header key: #{r}" unless self.header[r]}
|
|
38
|
+
|
|
39
|
+
# Make sure we were passed the private key and password.
|
|
40
|
+
raise RuntimeError "Missing required private key parameter." unless private_key
|
|
41
|
+
raise RuntimeError "Missing required password parameter." unless password
|
|
42
|
+
|
|
43
|
+
# Set the private key.
|
|
44
|
+
self.private_key = key_from_pkcs12(private_key, password)
|
|
45
|
+
end
|
|
46
|
+
|
|
47
|
+
def jwt
|
|
48
|
+
header = self.header.to_json.clean_base64_encode
|
|
49
|
+
claim_set = self.claim_set.to_json.clean_base64_encode
|
|
50
|
+
signature = "#{header}.#{claim_set}".sign(self.private_key).clean_base64_encode
|
|
51
|
+
"#{header}.#{claim_set}.#{signature}"
|
|
52
|
+
end
|
|
53
|
+
|
|
54
|
+
private
|
|
55
|
+
def key_from_pkcs12(key, password)
|
|
56
|
+
OpenSSL::PKey::RSA.new(OpenSSL::PKCS12.new(key, password).key)
|
|
57
|
+
end
|
|
58
|
+
end
|
metadata
ADDED
|
@@ -0,0 +1,51 @@
|
|
|
1
|
+
--- !ruby/object:Gem::Specification
|
|
2
|
+
name: google-jwt
|
|
3
|
+
version: !ruby/object:Gem::Version
|
|
4
|
+
version: 0.0.5
|
|
5
|
+
prerelease:
|
|
6
|
+
platform: ruby
|
|
7
|
+
authors:
|
|
8
|
+
- Jon Durbin
|
|
9
|
+
autorequire:
|
|
10
|
+
bindir: bin
|
|
11
|
+
cert_chain: []
|
|
12
|
+
date: 2012-11-01 00:00:00.000000000 Z
|
|
13
|
+
dependencies: []
|
|
14
|
+
description: Simple gem for generating google-specific JWT's for OAuth 2.0
|
|
15
|
+
email:
|
|
16
|
+
- jond@greenviewdata.com
|
|
17
|
+
executables: []
|
|
18
|
+
extensions: []
|
|
19
|
+
extra_rdoc_files: []
|
|
20
|
+
files:
|
|
21
|
+
- Gemfile
|
|
22
|
+
- README.md
|
|
23
|
+
- Rakefile
|
|
24
|
+
- google-jwt.gemspec
|
|
25
|
+
- lib/google-jwt.rb
|
|
26
|
+
homepage: https://github.com/jondurbin/google-jwt
|
|
27
|
+
licenses: []
|
|
28
|
+
post_install_message:
|
|
29
|
+
rdoc_options: []
|
|
30
|
+
require_paths:
|
|
31
|
+
- lib
|
|
32
|
+
required_ruby_version: !ruby/object:Gem::Requirement
|
|
33
|
+
none: false
|
|
34
|
+
requirements:
|
|
35
|
+
- - ! '>='
|
|
36
|
+
- !ruby/object:Gem::Version
|
|
37
|
+
version: '0'
|
|
38
|
+
required_rubygems_version: !ruby/object:Gem::Requirement
|
|
39
|
+
none: false
|
|
40
|
+
requirements:
|
|
41
|
+
- - ! '>='
|
|
42
|
+
- !ruby/object:Gem::Version
|
|
43
|
+
version: '0'
|
|
44
|
+
requirements: []
|
|
45
|
+
rubyforge_project: google-jwt
|
|
46
|
+
rubygems_version: 1.8.24
|
|
47
|
+
signing_key:
|
|
48
|
+
specification_version: 3
|
|
49
|
+
summary: Simple gem for generating google-specific JWT's for OAuth 2.0
|
|
50
|
+
test_files: []
|
|
51
|
+
has_rdoc:
|