mauth-client 4.1.0 → 4.1.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/.fossa.yml +14 -0
- data/.travis.yml +18 -6
- data/CHANGELOG.md +3 -0
- data/doc/implementations.md +6 -3
- data/examples/Gemfile +1 -1
- data/examples/Gemfile.lock +14 -14
- data/lib/mauth/client.rb +17 -13
- data/lib/mauth/version.rb +1 -1
- data/mauth-client.gemspec +1 -1
- metadata +8 -8
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: f525040d66da5d6e6d3b5bf59e3d84267efad0d5f91598cc42291c972532c0b7
|
4
|
+
data.tar.gz: bb573ed893f4f385f1f5c7847c79002d09257dd04d7e848968020245ae5fb82a
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 8ee4aea0f49aa76ff0f70fce3afb8190edf5fce30b9d2750ab80a7297f7ae0f5ca639e0d3e8b89e2cdd932222b7ab164ac32ccf655ab0c791b356efd99016694
|
7
|
+
data.tar.gz: 45aa7a70ddf934913348f063b287af103f32cafdc440aeaa00ec95430b883b1a726863aabf2055eb4e3216e7703f7e1a76fc2e511d24a0d11e4e047e89db8825
|
data/.fossa.yml
ADDED
@@ -0,0 +1,14 @@
|
|
1
|
+
# Generated by FOSSA CLI (https://github.com/fossas/fossa-cli)
|
2
|
+
# Visit https://fossa.io to learn more
|
3
|
+
|
4
|
+
version: 1
|
5
|
+
cli:
|
6
|
+
server: https://app.fossa.io
|
7
|
+
fetcher: custom
|
8
|
+
project: mauth-client-ruby
|
9
|
+
analyze:
|
10
|
+
modules:
|
11
|
+
- name: Gemfile
|
12
|
+
type: gem
|
13
|
+
target: .
|
14
|
+
path: .
|
data/.travis.yml
CHANGED
@@ -1,13 +1,25 @@
|
|
1
1
|
language: ruby
|
2
2
|
cache: bundler
|
3
|
-
sudo: false
|
4
3
|
|
5
4
|
rvm:
|
6
|
-
- 2.3.
|
7
|
-
- 2.4.
|
8
|
-
- 2.5.
|
5
|
+
- 2.3.8
|
6
|
+
- 2.4.6
|
7
|
+
- 2.5.5
|
8
|
+
- 2.6.3
|
9
9
|
|
10
|
-
|
10
|
+
before_install:
|
11
|
+
- gem update --system -N > /dev/null && echo "Rubygems version $(gem --version)"
|
12
|
+
- gem install bundler --force -N -v=2.0.1 && bundle --version
|
13
|
+
|
14
|
+
install:
|
15
|
+
- bundle install --jobs=3 --retry=3
|
16
|
+
- |-
|
17
|
+
curl -H 'Cache-Control: no-cache' https://raw.githubusercontent.com/mdsol/fossa_ci_scripts/master/travis_ci/fossa_install.sh | bash -s -- -b $TRAVIS_BUILD_DIR
|
18
|
+
|
19
|
+
script:
|
20
|
+
- bundle exec rspec
|
21
|
+
- |-
|
22
|
+
curl -H 'Cache-Control: no-cache' https://raw.githubusercontent.com/mdsol/fossa_ci_scripts/master/travis_ci/fossa_run.sh | bash -s -- -b $TRAVIS_BUILD_DIR
|
11
23
|
|
12
24
|
deploy:
|
13
25
|
provider: rubygems
|
@@ -17,4 +29,4 @@ deploy:
|
|
17
29
|
on:
|
18
30
|
tags: true
|
19
31
|
repo: mdsol/mauth-client-ruby
|
20
|
-
condition: "$TRAVIS_RUBY_VERSION == 2.
|
32
|
+
condition: "$TRAVIS_RUBY_VERSION == 2.6.3"
|
data/CHANGELOG.md
CHANGED
data/doc/implementations.md
CHANGED
@@ -1,8 +1,11 @@
|
|
1
|
-
# MAuth
|
1
|
+
# MAuth client implementations
|
2
2
|
|
3
3
|
- .Net: [mauth-client-dotnet](https://github.com/mdsol/mauth-client-dotnet)
|
4
|
+
- Clojure: [clojure-mauth-client](https://github.com/mdsol/clojure-mauth-client)
|
4
5
|
- Go: [go-mauth-client](https://github.com/mdsol/go-mauth-client)
|
5
|
-
- Java: [mauth-
|
6
|
-
- Python:
|
6
|
+
- Java: [mauth-jvm-clients](https://github.com/mdsol/mauth-jvm-clients)
|
7
|
+
- Python:
|
8
|
+
- [requests-mauth](https://github.com/mdsol/requests-mauth)
|
9
|
+
- [flask-mauth](https://github.com/mdsol/flask-mauth)
|
7
10
|
- R: [RMauthClient](https://github.com/mdsol/RMauthClient)
|
8
11
|
- Ruby: [mauth-client-ruby](https://github.com/mdsol/mauth-client-ruby)
|
data/examples/Gemfile
CHANGED
data/examples/Gemfile.lock
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
PATH
|
2
2
|
remote: ..
|
3
3
|
specs:
|
4
|
-
mauth-client (
|
4
|
+
mauth-client (4.1.0)
|
5
5
|
coderay (~> 1.0)
|
6
6
|
dice_bag (>= 0.9, < 2.0)
|
7
7
|
faraday (~> 0.7)
|
@@ -12,30 +12,30 @@ PATH
|
|
12
12
|
GEM
|
13
13
|
remote: https://rubygems.org/
|
14
14
|
specs:
|
15
|
-
coderay (1.1.
|
16
|
-
dice_bag (1.
|
15
|
+
coderay (1.1.2)
|
16
|
+
dice_bag (1.3.1)
|
17
17
|
diff-lcs (~> 1.0)
|
18
18
|
rake
|
19
19
|
thor (~> 0.0)
|
20
|
-
diff-lcs (1.
|
21
|
-
faraday (0.
|
20
|
+
diff-lcs (1.3)
|
21
|
+
faraday (0.15.3)
|
22
22
|
multipart-post (>= 1.2, < 3)
|
23
|
-
faraday_middleware (0.
|
24
|
-
faraday (>= 0.7.4, < 0
|
23
|
+
faraday_middleware (0.12.2)
|
24
|
+
faraday (>= 0.7.4, < 1.0)
|
25
25
|
multipart-post (2.0.0)
|
26
|
-
rack (2.0.
|
27
|
-
rake (
|
28
|
-
term-ansicolor (1.
|
26
|
+
rack (2.0.6)
|
27
|
+
rake (12.3.1)
|
28
|
+
term-ansicolor (1.7.0)
|
29
29
|
tins (~> 1.0)
|
30
|
-
thor (0.
|
31
|
-
tins (1.
|
30
|
+
thor (0.20.3)
|
31
|
+
tins (1.20.2)
|
32
32
|
|
33
33
|
PLATFORMS
|
34
34
|
ruby
|
35
35
|
|
36
36
|
DEPENDENCIES
|
37
|
-
faraday (~> 0.
|
37
|
+
faraday (~> 0.15)
|
38
38
|
mauth-client!
|
39
39
|
|
40
40
|
BUNDLED WITH
|
41
|
-
1.
|
41
|
+
1.17.1
|
data/lib/mauth/client.rb
CHANGED
@@ -116,6 +116,11 @@ module MAuth
|
|
116
116
|
class InauthenticError < StandardError
|
117
117
|
end
|
118
118
|
|
119
|
+
# Used when the incoming request does not contain any mAuth related information
|
120
|
+
class MauthNotPresent < StandardError
|
121
|
+
end
|
122
|
+
|
123
|
+
|
119
124
|
# required information for signing was missing
|
120
125
|
class UnableToSignError < StandardError
|
121
126
|
end
|
@@ -288,7 +293,7 @@ module MAuth
|
|
288
293
|
begin
|
289
294
|
authenticate!(object)
|
290
295
|
true
|
291
|
-
rescue InauthenticError
|
296
|
+
rescue InauthenticError, MauthNotPresent
|
292
297
|
false
|
293
298
|
end
|
294
299
|
end
|
@@ -299,13 +304,14 @@ module MAuth
|
|
299
304
|
time_valid!(object)
|
300
305
|
token_valid!(object)
|
301
306
|
signature_valid!(object)
|
302
|
-
rescue
|
303
|
-
logger.
|
304
|
-
|
307
|
+
rescue MauthNotPresent => e
|
308
|
+
logger.warn "mAuth signature not present on #{object.class}. Exception: #{e.message}"
|
309
|
+
raise
|
310
|
+
rescue InauthenticError => e
|
311
|
+
logger.error "mAuth signature authentication failed for #{object.class}. Exception: #{e.message}"
|
305
312
|
raise
|
306
|
-
rescue UnableToAuthenticateError
|
307
|
-
logger.error "Unable to authenticate with MAuth.
|
308
|
-
$!.message.split("\n").each { |l| logger.error "\t#{l}" }
|
313
|
+
rescue UnableToAuthenticateError => e
|
314
|
+
logger.error "Unable to authenticate with MAuth for #{object.class}. Exception: #{e.message}"
|
309
315
|
raise
|
310
316
|
end
|
311
317
|
|
@@ -315,27 +321,25 @@ module MAuth
|
|
315
321
|
def log_authentication_request(object)
|
316
322
|
object_app_uuid = object.signature_app_uuid || '[none provided]'
|
317
323
|
logger.info "Mauth-client attempting to authenticate request from app with mauth app uuid #{object_app_uuid} to app with mauth app uuid #{client_app_uuid}."
|
318
|
-
rescue # don't let a failed attempt to log disrupt the rest of the action
|
319
|
-
logger.error "Mauth-client failed to log information about its attempts to authenticate the current request because #{$!}"
|
320
324
|
end
|
321
325
|
|
322
326
|
def authentication_present!(object)
|
323
327
|
if object.x_mws_authentication.nil? || object.x_mws_authentication !~ /\S/
|
324
|
-
raise
|
328
|
+
raise MauthNotPresent, "Authentication Failed. No mAuth signature present; X-MWS-Authentication header is blank."
|
325
329
|
end
|
326
330
|
end
|
327
331
|
|
328
332
|
def time_valid!(object, now = Time.now)
|
329
333
|
if object.x_mws_time.nil?
|
330
|
-
raise InauthenticError, "Time verification failed
|
334
|
+
raise InauthenticError, "Time verification failed. No x-mws-time present."
|
331
335
|
elsif !(-ALLOWED_DRIFT_SECONDS..ALLOWED_DRIFT_SECONDS).cover?(now.to_i - object.x_mws_time.to_i)
|
332
|
-
raise InauthenticError, "Time verification failed
|
336
|
+
raise InauthenticError, "Time verification failed. #{object.x_mws_time} not within #{ALLOWED_DRIFT_SECONDS} of #{now}"
|
333
337
|
end
|
334
338
|
end
|
335
339
|
|
336
340
|
def token_valid!(object)
|
337
341
|
unless object.signature_token == MWS_TOKEN
|
338
|
-
raise InauthenticError, "Token verification failed
|
342
|
+
raise InauthenticError, "Token verification failed. Expected #{MWS_TOKEN.inspect}; token was #{object.signature_token}"
|
339
343
|
end
|
340
344
|
end
|
341
345
|
end
|
data/lib/mauth/version.rb
CHANGED
data/mauth-client.gemspec
CHANGED
@@ -25,7 +25,7 @@ Gem::Specification.new do |spec|
|
|
25
25
|
spec.add_dependency 'rack'
|
26
26
|
spec.add_dependency 'dice_bag', '>= 0.9', '< 2.0'
|
27
27
|
|
28
|
-
spec.add_development_dependency 'bundler', '
|
28
|
+
spec.add_development_dependency 'bundler', '>= 1.17'
|
29
29
|
spec.add_development_dependency 'byebug'
|
30
30
|
spec.add_development_dependency 'rack-test', '~> 1.1.0'
|
31
31
|
spec.add_development_dependency 'rake', '~> 12.0'
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: mauth-client
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 4.1.
|
4
|
+
version: 4.1.1
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Matthew Szenher
|
@@ -11,7 +11,7 @@ authors:
|
|
11
11
|
autorequire:
|
12
12
|
bindir: exe
|
13
13
|
cert_chain: []
|
14
|
-
date:
|
14
|
+
date: 2019-06-26 00:00:00.000000000 Z
|
15
15
|
dependencies:
|
16
16
|
- !ruby/object:Gem::Dependency
|
17
17
|
name: faraday
|
@@ -107,16 +107,16 @@ dependencies:
|
|
107
107
|
name: bundler
|
108
108
|
requirement: !ruby/object:Gem::Requirement
|
109
109
|
requirements:
|
110
|
-
- - "
|
110
|
+
- - ">="
|
111
111
|
- !ruby/object:Gem::Version
|
112
|
-
version: '1.
|
112
|
+
version: '1.17'
|
113
113
|
type: :development
|
114
114
|
prerelease: false
|
115
115
|
version_requirements: !ruby/object:Gem::Requirement
|
116
116
|
requirements:
|
117
|
-
- - "
|
117
|
+
- - ">="
|
118
118
|
- !ruby/object:Gem::Version
|
119
|
-
version: '1.
|
119
|
+
version: '1.17'
|
120
120
|
- !ruby/object:Gem::Dependency
|
121
121
|
name: byebug
|
122
122
|
requirement: !ruby/object:Gem::Requirement
|
@@ -212,6 +212,7 @@ executables:
|
|
212
212
|
extensions: []
|
213
213
|
extra_rdoc_files: []
|
214
214
|
files:
|
215
|
+
- ".fossa.yml"
|
215
216
|
- ".gitignore"
|
216
217
|
- ".travis.yml"
|
217
218
|
- ".yardopts"
|
@@ -269,8 +270,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
269
270
|
- !ruby/object:Gem::Version
|
270
271
|
version: '0'
|
271
272
|
requirements: []
|
272
|
-
|
273
|
-
rubygems_version: 2.7.7
|
273
|
+
rubygems_version: 3.0.4
|
274
274
|
signing_key:
|
275
275
|
specification_version: 4
|
276
276
|
summary: Sign and authenticate requests and responses with mAuth authentication.
|