has_global_session 0.8.5 → 0.8.6

data/has_global_session.gemspec

@@ -7,8 +7,8 @@ spec = Gem::Specification.new do |s|
   s.required_ruby_version = Gem::Requirement.new(">= 1.8.7")
 
   s.name    = 'has_global_session'
-  s.version = '0.8.5'
-  s.date    = '2010-06-16'
+  s.version = '0.8.6'
+  s.date    = '2010-06-17'
 
   s.authors = ['Tony Spataro']
   s.email   = 'code@tracker.xeger.net'

data/lib/has_global_session/configuration.rb

@@ -1,14 +1,17 @@
 module HasGlobalSession
   module Configuration
-    mattr_accessor :config_file
-    mattr_accessor :environment
-    
+    def self.environment; @environment; end
+    def self.environment=(value); @environment = value; end
+
+    def self.config_file; @config_file; end
+    def self.config_file=(value); @config_file= value; end
+
     def self.[](key)
       get(key, true)
     end
 
     def self.validate
-      ['attributes/signed', 'integrated', 'cookie/name', 'cookie/domain'].each do |path|
+      ['attributes/signed', 'integrated', 'cookie/name', 'cookie/domain', 'timeout'].each do |path|
         elements = path.split '/'
         object = get(elements.shift, false)
         elements.each do |element|
@@ -31,12 +34,13 @@ module HasGlobalSession
         validate if validated
       end
       if @config.has_key?(environment) &&
-         @config[environment].respond_to?(:has_key?) &&
          @config[environment].has_key?(key)
         return @config[environment][key]
       else
         @config['common'][key]
       end
+    rescue NoMethodError
+      raise MissingConfiguration, "Configuration key '#{key}' not found"
     end
   end  
 end

data/lib/has_global_session/encoding.rb

@@ -20,7 +20,7 @@ module HasGlobalSession
     # and Filename Safe Alphabet," described in RFC4648, with the exception that
     # this scheme preserves the '=' padding characters due to limitations of
     # Ruby's built-in base64 encoding routines.
-    class Base64
+    class Base64Cookie
       def self.load(string)
         tr = string.tr('-_', '+/')
         return tr.unpack('m')[0]

data/lib/has_global_session/global_session.rb

@@ -10,8 +10,8 @@ module HasGlobalSession
     attr_reader :id, :authority, :created_at, :expired_at
 
     def initialize(directory, cookie=nil)
-      @schema_signed   = Set.new((Configuration['attributes']['signed'] rescue []))
-      @schema_insecure = Set.new((Configuration['attributes']['insecure'] rescue []))
+      @schema_signed   = Set.new((Configuration['attributes']['signed']))
+      @schema_insecure = Set.new((Configuration['attributes']['insecure']))
       @directory       = directory
 
       if cookie
@@ -46,7 +46,7 @@ module HasGlobalSession
         authority = @directory.local_authority_name
         hash['a'] = authority
         digest    = digest(hash)
-        signature = Encoding::Base64.dump(@directory.private_key.private_encrypt(digest))
+        signature = Encoding::Base64Cookie.dump(@directory.private_key.private_encrypt(digest))
       end
 
       hash['dx'] = @insecure
@@ -55,7 +55,7 @@ module HasGlobalSession
       
       json = Encoding::JSON.dump(hash)
       zbin = Zlib::Deflate.deflate(json, Zlib::BEST_COMPRESSION)
-      return Encoding::Base64.dump(zbin)
+      return Encoding::Base64Cookie.dump(zbin)
     end
 
     def supports_key?(key)
@@ -107,7 +107,7 @@ module HasGlobalSession
 
     def renew!
       authority_check
-      @expired_at = Configuration['timeout'].to_i.minutes.from_now.utc || 1.hours.from_now.utc
+      @expired_at = Configuration['timeout'].to_i.minutes.from_now.utc
       @dirty_secure = true
     end
 
@@ -144,14 +144,14 @@ module HasGlobalSession
     end
 
     def load_from_cookie(cookie)
-      zbin = Encoding::Base64.load(cookie)
+      zbin = Encoding::Base64Cookie.load(cookie)
       json = Zlib::Inflate.inflate(zbin)
       hash = Encoding::JSON.load(json)
 
       id         = hash['id']
       authority  = hash['a']
-      created_at = Time.at(hash['tc'].to_i)
-      expired_at = Time.at(hash['te'].to_i)
+      created_at = Time.at(hash['tc'].to_i).utc
+      expired_at = Time.at(hash['te'].to_i).utc
       signed     = hash['ds']
       insecure   = hash.delete('dx')
       signature  = hash.delete('s')
@@ -160,7 +160,7 @@ module HasGlobalSession
       expected = digest(hash)
       signer   = @directory.authorities[authority]
       raise SecurityError, "Unknown signing authority #{authority}" unless signer
-      got      = signer.public_decrypt(Encoding::Base64.load(signature))
+      got      = signer.public_decrypt(Encoding::Base64Cookie.load(signature))
       unless (got == expected)
         raise SecurityError, "Signature mismatch on global session cookie; tampering suspected"
       end
@@ -184,6 +184,13 @@ module HasGlobalSession
       @insecure   = insecure
       @signature  = signature
       @cookie     = cookie
+
+      #Auto-renew session if needed
+      renew = Configuration['renew']
+      if @directory.local_authority_name &&
+         renew && @expired_at < renew.to_i.minutes.from_now.utc
+        renew!
+      end
     end
 
     def create_from_scratch

metadata

@@ -1,13 +1,13 @@
 --- !ruby/object:Gem::Specification 
 name: has_global_session
 version: !ruby/object:Gem::Version 
-  hash: 53
+  hash: 51
   prerelease: false
   segments: 
   - 0
   - 8
-  - 5
-  version: 0.8.5
+  - 6
+  version: 0.8.6
 platform: ruby
 authors: 
 - Tony Spataro
@@ -15,7 +15,7 @@ autorequire:
 bindir: bin
 cert_chain: []
 
-date: 2010-06-16 00:00:00 -07:00
+date: 2010-06-17 00:00:00 -07:00
 default_executable: 
 dependencies: 
 - !ruby/object:Gem::Dependency