gridspace 0.1.0 → 0.1.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/gridspace/capability.rb +32 -11
- data/lib/gridspace/version.rb +1 -1
- metadata +1 -1
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 5c8b345d04ba7233afb7d08b0d52341fd38f6cda
|
|
4
|
+
data.tar.gz: 29bf156a42879e9f8c9eb89db83416f35d441f88
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 5b34799a1a5032ee2738635ec66a969133542b26977e4fd060ac3877ebb21f68db0bed591621a7fbe55fe7b48fb982be021b9f6f1389624f7afcdbdb1fd82f7c
|
|
7
|
+
data.tar.gz: 822432b4584dcd25faa60f92e573da6b894f124b65e1662e3518af08f7b22b13c054b2bc4f5003ebff513c1f560ba3c3860818f5b93c398323c3ca20513845ea
|
data/lib/gridspace/capability.rb
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
require 'jwt'
|
|
2
2
|
|
|
3
3
|
module Gridspace
|
|
4
|
-
module
|
|
4
|
+
module Sift
|
|
5
5
|
def url_encode(hash)
|
|
6
6
|
hash.to_a.map {|p| p.map {|e| CGI.escape get_string(e)}.join '='}.join '&'
|
|
7
7
|
end
|
|
@@ -15,31 +15,49 @@ module Gridspace
|
|
|
15
15
|
end
|
|
16
16
|
|
|
17
17
|
class Capability
|
|
18
|
-
include Gridspace::
|
|
18
|
+
include Gridspace::Sift
|
|
19
19
|
|
|
20
|
-
|
|
21
|
-
|
|
20
|
+
# A token to control permissions with Gridspace relying-party client
|
|
21
|
+
# *Args* :
|
|
22
|
+
# - +account_id+ -> The account id to which this token is granted access
|
|
23
|
+
# - +auth_token+ -> The secret key used to sign the token. Note, this auth token is not visible to the
|
|
24
|
+
# user of the token.
|
|
25
|
+
# *Returns*:
|
|
26
|
+
# - A new ``GridspaceCapability`` with zero permissions
|
|
27
|
+
def initialize(account_id, auth_token)
|
|
28
|
+
@account_id = account_id
|
|
22
29
|
@auth_token = auth_token
|
|
23
|
-
if @
|
|
24
|
-
raise ArgumentError, 'Account
|
|
30
|
+
if @account_id.nil? || @auth_token.nil?
|
|
31
|
+
raise ArgumentError, 'Account ID and auth token are required'
|
|
25
32
|
end
|
|
26
33
|
@capabilities = []
|
|
27
34
|
end
|
|
28
35
|
|
|
36
|
+
# Allow the user of this token to accept incoming connections at the given client name.
|
|
37
|
+
# This function grants the ``GridspaceCapability`` the permission to allow incoming connections
|
|
38
|
+
# *Args*:
|
|
39
|
+
# - +client_name+ -> Client name to accept calls from. This should be unique among all clients
|
|
40
|
+
# using capability tokens generated from a given API account
|
|
29
41
|
def allow_client_incoming(client_name)
|
|
30
42
|
@client_name = client_name # stash for use in outgoing
|
|
31
43
|
scope_params = { 'clientName' => client_name }
|
|
32
44
|
@capabilities << scope_uri_for('client', 'incoming', scope_params)
|
|
33
45
|
end
|
|
34
46
|
|
|
35
|
-
|
|
47
|
+
# Allow the user of this token to make outgoing connections. Keyword arguments are passed to
|
|
48
|
+
# the application. This function grants the ``GridspaceCapability`` the permission to allow
|
|
49
|
+
# outgoing connections
|
|
50
|
+
# *Args*:
|
|
51
|
+
# - +applicaiton_id+ -> `Application` to contact
|
|
52
|
+
def allow_client_outgoing(app_id, params = {})
|
|
36
53
|
@allow_client_outgoing = true
|
|
37
|
-
@outgoing_scope_params = { '
|
|
54
|
+
@outgoing_scope_params = { 'appId' => app_id }
|
|
38
55
|
unless params.empty?
|
|
39
56
|
@outgoing_scope_params['appParams'] = url_encode params
|
|
40
57
|
end
|
|
41
58
|
end
|
|
42
59
|
|
|
60
|
+
# Allow the user of this token to access their event stream
|
|
43
61
|
def allow_event_stream(filters = {})
|
|
44
62
|
scope_params = { 'path' => '/2010-04-01/Events' }
|
|
45
63
|
scope_params['params'] = filters unless filters.empty?
|
|
@@ -51,7 +69,10 @@ module Gridspace
|
|
|
51
69
|
scope_uri << "?#{url_encode(params)}" unless params.empty?
|
|
52
70
|
end
|
|
53
71
|
|
|
54
|
-
|
|
72
|
+
# Generate a capability token with an expiration date.
|
|
73
|
+
# *Args*:
|
|
74
|
+
# - +expires+ -> The token lifetime, in seconds. Defaults to 1 hour (3600)
|
|
75
|
+
def generate(expires = 3600)
|
|
55
76
|
capabilities = @capabilities.clone # we need a local copy to work on
|
|
56
77
|
|
|
57
78
|
# build the outgoing scope lazily so that we can use @client_name
|
|
@@ -63,8 +84,8 @@ module Gridspace
|
|
|
63
84
|
|
|
64
85
|
payload = {
|
|
65
86
|
'scope' => capabilities.join(' '),
|
|
66
|
-
'iss' => @
|
|
67
|
-
'exp' => (Time.now.to_i +
|
|
87
|
+
'iss' => @account_id,
|
|
88
|
+
'exp' => (Time.now.to_i + expires),
|
|
68
89
|
}
|
|
69
90
|
|
|
70
91
|
JWT.encode payload, @auth_token
|
data/lib/gridspace/version.rb
CHANGED