RubyGems - keycard - Versions diffs - 0.3.0 → 0.3.1 - Mend

keycard 0.3.0 → 0.3.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (10) hide show

checksums.yaml +4 -4
data/lib/keycard.rb +1 -0
data/lib/keycard/request/attributes.rb +12 -1
data/lib/keycard/request/cosign_attributes.rb +0 -8
data/lib/keycard/request/direct_attributes.rb +0 -8
data/lib/keycard/request/proxied_attributes.rb +0 -8
data/lib/keycard/request/shibboleth_attributes.rb +12 -13
data/lib/keycard/token.rb +35 -0
data/lib/keycard/version.rb +1 -1
metadata +3 -2

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 3a653bd311fdb43e3c4f202e8761582c459ffa1c4e85a1e7309e337e8dd6e1f0
-  data.tar.gz: 846d43693d28a97cdd4a9fca88e0ee51c6a6289ac389122e078ccc9a8193a40f
+  metadata.gz: 4124184b5f99cb6976a978a75da83643bb40984c4e59bef1992fee722e046e4d
+  data.tar.gz: a525c3d884017cc30b371412d7268d746628cece3a1e27f8530399f960a92dc7
 SHA512:
-  metadata.gz: 6b9185d2dc8a350988c52bfd56c3417840969d89167ee7824132ddc505630b99a4bbc757edd1ea8b644e67da856a3ca78fe88a927334d0ecd7cc16c606de423a
-  data.tar.gz: 343cab74ac29ded2ff832c19c141fd0d14dc6fdb7d0da3fb0ba7e32006ba29a0550445a1d42c204d15e569c2797c142a02769e8360cfa9ac8e72c375b2a0f9ad
+  metadata.gz: dec363f76f004cee9a2d9275c5967c556dece83f91e427029e0e99a640fbf5ae164876d66d742cef4c4bdb0e64627cd7b3776019567f9ea475d913e981d81d6e
+  data.tar.gz: fbab3ccd2a07a9268bef3a20242dac63405b586a1d37a394bc25b5ee5bed6a0a243853c5eee2aeb9feb99b594005cd432981d889f98b6d216f6fd63feaf414d3

data/lib/keycard.rb CHANGED Viewed

@@ -18,3 +18,4 @@ require "keycard/db"
 require "keycard/railtie" if defined?(Rails)
 require "keycard/institution_finder"
 require "keycard/request"
+require "keycard/token"

data/lib/keycard/request/attributes.rb CHANGED Viewed

@@ -52,12 +52,23 @@ module Keycard::Request
       nil
     end
+    # The token supplied by the user via auth_param according to RFC 7235. Typically,
+    # this is the API token.
+    def auth_token
+      Keycard::Token.rfc7235(safe('HTTP_AUTHORIZATION'))
+    end
     # The set of base attributes for this request.
     #
     # Subclasses should implement user_pid, user_eid, and client_ip
     # and include them in the hash under those keys.
     def base
-      {}
+      {
+        user_pid: user_pid,
+        user_eid: user_eid,
+        client_ip: client_ip,
+        auth_token: auth_token
+      }
     end
     def [](attr)

data/lib/keycard/request/cosign_attributes.rb CHANGED Viewed

@@ -6,14 +6,6 @@ module Keycard::Request
   # the pid/eid are the same and there are currently no additional
   # attributes extracted.
   class CosignAttributes < Attributes
-    def base
-      {
-        user_pid:  user_pid,
-        user_eid:  user_eid,
-        client_ip: client_ip
-      }
-    end
     def user_pid
       get 'HTTP_X_REMOTE_USER'
     end

data/lib/keycard/request/direct_attributes.rb CHANGED Viewed

@@ -5,14 +5,6 @@ module Keycard::Request
   # serve HTTP requests directly or through a proxy that passes trusted
   # values into the application environment to be accessed as usual.
   class DirectAttributes < Attributes
-    def base
-      {
-        user_pid:  user_pid,
-        user_eid:  user_eid,
-        client_ip: client_ip
-      }
-    end
     def user_pid
       get 'REMOTE_USER'
     end

data/lib/keycard/request/proxied_attributes.rb CHANGED Viewed

@@ -9,14 +9,6 @@ module Keycard::Request
   # which, somewhat confusingly, are transposed into HTTP_X_REMOTE_USER and
   # HTTP_X_FORWARDED_FOR once the Rack request is assembled.
   class ProxiedAttributes < Attributes
-    def base
-      {
-        user_pid:  user_pid,
-        user_eid:  user_eid,
-        client_ip: client_ip
-      }
-    end
     def user_pid
       get 'HTTP_X_REMOTE_USER'
     end

data/lib/keycard/request/shibboleth_attributes.rb CHANGED Viewed

@@ -10,19 +10,18 @@ module Keycard::Request
   # requests, and the user_pid, for requests from authenticated users.
   class ShibbolethAttributes < Attributes
     def base # rubocop:disable Metrics/MethodLength
-      {
-        user_pid:                   user_pid,
-        user_eid:                   user_eid,
-        client_ip:                  client_ip,
-        persistentNameID:           persistent_id,
-        eduPersonPrincipalName:     principal_name,
-        eduPersonScopedAffiliation: affiliation,
-        displayName:                display_name,
-        mail:                       email,
-        authnContextClassRef:       authn_context,
-        authenticationMethod:       authn_method,
-        identity_provider:          identity_provider
-      }
+      super.merge(
+        {
+          persistentNameID:           persistent_id,
+          eduPersonPrincipalName:     principal_name,
+          eduPersonScopedAffiliation: affiliation,
+          displayName:                display_name,
+          mail:                       email,
+          authnContextClassRef:       authn_context,
+          authenticationMethod:       authn_method,
+          identity_provider:          identity_provider
+        }
+      )
     end
     def user_pid

data/lib/keycard/token.rb ADDED Viewed

@@ -0,0 +1,35 @@
+# frozen_string_literal: true
+# Holds utility methods for parsing tokens from header values
+class Keycard::Token
+  TOKEN_DELIMS = /\s*[:,;\t]\s*/.freeze
+  class << self
+    def rfc7235(string)
+      string
+        .sub(/^(Bearer|Token):?/, '')
+        .split(TOKEN_DELIMS)
+        .map { |assignment| split_assignment(assignment) }
+        .to_h["token"]
+    end
+    private
+    # @param string_assignment [String] of the form 'key="value"'
+    # @return An array of pairs of key:value, both strings
+    def split_assignment(string_assignment)
+      clean_assignment(string_assignment)
+        .split('=')
+        .push('')
+        .slice(0, 2)
+    end
+    # @param string_assignment [String] of the form 'key="value"'
+    # @return [String] With the quotes and extraneous whitespace removed.
+    def clean_assignment(string_assignment)
+      string_assignment
+        .delete('"')
+        .strip
+    end
+  end
+end

data/lib/keycard/version.rb CHANGED Viewed

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 module Keycard
-  VERSION = "0.3.0"
+  VERSION = "0.3.1"
 end

metadata CHANGED Viewed

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: keycard
 version: !ruby/object:Gem::Version
-  version: 0.3.0
+  version: 0.3.1
 platform: ruby
 authors:
 - Noah Botimer
@@ -9,7 +9,7 @@ authors:
 autorequire:
 bindir: exe
 cert_chain: []
-date: 2019-03-06 00:00:00.000000000 Z
+date: 2019-03-13 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: sequel
@@ -207,6 +207,7 @@ files:
 - lib/keycard/request/direct_attributes.rb
 - lib/keycard/request/proxied_attributes.rb
 - lib/keycard/request/shibboleth_attributes.rb
+- lib/keycard/token.rb
 - lib/keycard/version.rb
 - lib/tasks/migrate.rake
 homepage: https://github.com/mlibrary/keycard