mauth-client 6.1.1 → 6.2.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.gitmodules +3 -0
- data/.rspec +0 -1
- data/CHANGELOG.md +3 -0
- data/CONTRIBUTING.md +17 -8
- data/doc/implementations.md +2 -3
- data/lib/mauth/client/security_token_cacher.rb +15 -17
- data/lib/mauth/version.rb +1 -1
- data/mauth-client.gemspec +2 -0
- metadata +37 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: be045713042cd9a25e7b0219d959c1208c66b700c8a113130d7865d91e17db7d
|
|
4
|
+
data.tar.gz: 155e903f0fa2fafabf2167c9d908398259ec2c9336b7f953bda83efe13667559
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 8c97d131c0f9aef554ab5ebb7fd06193ec50a50f7a81fc93a184ba30b5b91bf870c560a06ce9c5dfeb19dab7cb7410c771b355fbbfb1055e56327147c32c5a6a
|
|
7
|
+
data.tar.gz: 446f8d0a681376361e3b9eabd86b20f3bfe2d28bdb028edf0b78c6e21f9222a7eaed5de3ba4fecd5afa95059698a14f6f4aaeba083d31ff5c55f618b9cbcdb12
|
data/.gitmodules
ADDED
data/.rspec
CHANGED
data/CHANGELOG.md
CHANGED
data/CONTRIBUTING.md
CHANGED
|
@@ -1,5 +1,22 @@
|
|
|
1
1
|
# Contributing
|
|
2
2
|
|
|
3
|
+
## Cloning the Repo
|
|
4
|
+
|
|
5
|
+
This repo contains the submodule `mauth-protocol-test-suite` so requires a flag when initially cloning in order to clone and init submodules.
|
|
6
|
+
|
|
7
|
+
```
|
|
8
|
+
git clone --recurse-submodules git@github.com:mdsol/mauth-client-ruby.git
|
|
9
|
+
```
|
|
10
|
+
|
|
11
|
+
If you have already cloned a version of this repo before the submodule was introduced in version 6.1.2 then run
|
|
12
|
+
|
|
13
|
+
```
|
|
14
|
+
cd spec/fixtures/mauth-protocol-test-suite
|
|
15
|
+
git submodule update --init
|
|
16
|
+
```
|
|
17
|
+
|
|
18
|
+
to init the submodule.
|
|
19
|
+
|
|
3
20
|
## General Information
|
|
4
21
|
|
|
5
22
|
* Check out the latest develop to make sure the feature hasn't been implemented or the bug hasn't been fixed yet
|
|
@@ -19,14 +36,6 @@ Next, run the tests:
|
|
|
19
36
|
bundle exec rspec
|
|
20
37
|
```
|
|
21
38
|
|
|
22
|
-
# Running mauth-protocol-test-suite
|
|
23
|
-
|
|
24
|
-
To run the mauth-protocol-test-suite clone the latest test suite onto your machine and place it in the same parent directory as this repo (or supply the ENV var `TEST_SUITE_RELATIVE_PATH` with the path to the test suite relative to this repo). Then run:
|
|
25
|
-
|
|
26
|
-
```
|
|
27
|
-
bundle exec rspec --tag protocol_suite
|
|
28
|
-
```
|
|
29
|
-
|
|
30
39
|
## Running Benchmark
|
|
31
40
|
|
|
32
41
|
If you make changes which could affect performance, please run the benchmark before and after the change as a sanity check.
|
data/doc/implementations.md
CHANGED
|
@@ -4,8 +4,7 @@
|
|
|
4
4
|
- Clojure: [clojure-mauth-client](https://github.com/mdsol/clojure-mauth-client)
|
|
5
5
|
- Go: [go-mauth-client](https://github.com/mdsol/go-mauth-client)
|
|
6
6
|
- Java: [mauth-jvm-clients](https://github.com/mdsol/mauth-jvm-clients)
|
|
7
|
-
- Python:
|
|
8
|
-
- [requests-mauth](https://github.com/mdsol/requests-mauth)
|
|
9
|
-
- [flask-mauth](https://github.com/mdsol/flask-mauth)
|
|
7
|
+
- Python: [mauth-client-python](https://github.com/mdsol/mauth-client-python)
|
|
10
8
|
- R: [RMauthClient](https://github.com/mdsol/RMauthClient)
|
|
11
9
|
- Ruby: [mauth-client-ruby](https://github.com/mdsol/mauth-client-ruby)
|
|
10
|
+
- Rust: [mauth-client-rust](https://github.com/mdsol/mauth-client-rust)
|
|
@@ -1,15 +1,11 @@
|
|
|
1
|
+
require 'faraday-http-cache'
|
|
2
|
+
require 'oj'
|
|
3
|
+
|
|
1
4
|
module MAuth
|
|
2
5
|
class Client
|
|
3
6
|
module LocalAuthenticator
|
|
4
7
|
class SecurityTokenCacher
|
|
5
8
|
|
|
6
|
-
class ExpirableSecurityToken < Struct.new(:security_token, :create_time)
|
|
7
|
-
CACHE_LIFE = 60
|
|
8
|
-
def expired?
|
|
9
|
-
create_time + CACHE_LIFE < Time.now
|
|
10
|
-
end
|
|
11
|
-
end
|
|
12
|
-
|
|
13
9
|
def initialize(mauth_client)
|
|
14
10
|
@mauth_client = mauth_client
|
|
15
11
|
# TODO: should this be UnableToSignError?
|
|
@@ -20,7 +16,7 @@ module MAuth
|
|
|
20
16
|
end
|
|
21
17
|
|
|
22
18
|
def get(app_uuid)
|
|
23
|
-
if !@cache[app_uuid]
|
|
19
|
+
if !@cache[app_uuid]
|
|
24
20
|
# url-encode the app_uuid to prevent trickery like escaping upward with ../../ in a malicious
|
|
25
21
|
# app_uuid - probably not exploitable, but this is the right way to do it anyway.
|
|
26
22
|
url_encoded_app_uuid = CGI.escape(app_uuid)
|
|
@@ -32,15 +28,8 @@ module MAuth
|
|
|
32
28
|
raise UnableToAuthenticateError, msg
|
|
33
29
|
end
|
|
34
30
|
if response.status == 200
|
|
35
|
-
begin
|
|
36
|
-
security_token = JSON.parse(response.body)
|
|
37
|
-
rescue JSON::ParserError => e
|
|
38
|
-
msg = "mAuth service responded with unparseable json: #{response.body}\n#{e.class}: #{e.message}"
|
|
39
|
-
@mauth_client.logger.error("Unable to authenticate with MAuth. Exception #{msg}")
|
|
40
|
-
raise UnableToAuthenticateError, msg
|
|
41
|
-
end
|
|
42
31
|
@cache_write_lock.synchronize do
|
|
43
|
-
@cache[app_uuid] =
|
|
32
|
+
@cache[app_uuid] = security_token_from(response.body)
|
|
44
33
|
end
|
|
45
34
|
elsif response.status == 404
|
|
46
35
|
# signing with a key mAuth doesn't know about is considered inauthentic
|
|
@@ -49,11 +38,19 @@ module MAuth
|
|
|
49
38
|
@mauth_client.send(:mauth_service_response_error, response)
|
|
50
39
|
end
|
|
51
40
|
end
|
|
52
|
-
@cache[app_uuid]
|
|
41
|
+
@cache[app_uuid]
|
|
53
42
|
end
|
|
54
43
|
|
|
55
44
|
private
|
|
56
45
|
|
|
46
|
+
def security_token_from(response_body)
|
|
47
|
+
JSON.parse response_body
|
|
48
|
+
rescue JSON::ParserError => e
|
|
49
|
+
msg = "mAuth service responded with unparseable json: #{response_body}\n#{e.class}: #{e.message}"
|
|
50
|
+
@mauth_client.logger.error("Unable to authenticate with MAuth. Exception #{msg}")
|
|
51
|
+
raise UnableToAuthenticateError, msg
|
|
52
|
+
end
|
|
53
|
+
|
|
57
54
|
def signed_mauth_connection
|
|
58
55
|
require 'faraday'
|
|
59
56
|
require 'mauth/faraday'
|
|
@@ -61,6 +58,7 @@ module MAuth
|
|
|
61
58
|
@signed_mauth_connection ||= ::Faraday.new(@mauth_client.mauth_baseurl, @mauth_client.faraday_options) do |builder|
|
|
62
59
|
builder.use MAuth::Faraday::MAuthClientUserAgent
|
|
63
60
|
builder.use MAuth::Faraday::RequestSigner, 'mauth_client' => @mauth_client
|
|
61
|
+
builder.use :http_cache, serializer: Oj, logger: MAuth::Client.new.logger, shared_cache: false
|
|
64
62
|
builder.adapter ::Faraday.default_adapter
|
|
65
63
|
end
|
|
66
64
|
end
|
data/lib/mauth/version.rb
CHANGED
data/mauth-client.gemspec
CHANGED
|
@@ -20,6 +20,8 @@ Gem::Specification.new do |spec|
|
|
|
20
20
|
|
|
21
21
|
spec.add_dependency 'faraday', '>= 0.9', '< 2.0'
|
|
22
22
|
spec.add_dependency 'faraday_middleware', '>= 0.9', '< 2.0'
|
|
23
|
+
spec.add_dependency 'faraday-http-cache', '>= 2.0', '< 3.0'
|
|
24
|
+
spec.add_dependency 'oj', '~> 3.0'
|
|
23
25
|
spec.add_dependency 'term-ansicolor', '~> 1.0'
|
|
24
26
|
spec.add_dependency 'coderay', '~> 1.0'
|
|
25
27
|
spec.add_dependency 'rack'
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: mauth-client
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 6.
|
|
4
|
+
version: 6.2.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Matthew Szenher
|
|
@@ -11,7 +11,7 @@ authors:
|
|
|
11
11
|
autorequire:
|
|
12
12
|
bindir: exe
|
|
13
13
|
cert_chain: []
|
|
14
|
-
date:
|
|
14
|
+
date: 2021-06-10 00:00:00.000000000 Z
|
|
15
15
|
dependencies:
|
|
16
16
|
- !ruby/object:Gem::Dependency
|
|
17
17
|
name: faraday
|
|
@@ -53,6 +53,40 @@ dependencies:
|
|
|
53
53
|
- - "<"
|
|
54
54
|
- !ruby/object:Gem::Version
|
|
55
55
|
version: '2.0'
|
|
56
|
+
- !ruby/object:Gem::Dependency
|
|
57
|
+
name: faraday-http-cache
|
|
58
|
+
requirement: !ruby/object:Gem::Requirement
|
|
59
|
+
requirements:
|
|
60
|
+
- - ">="
|
|
61
|
+
- !ruby/object:Gem::Version
|
|
62
|
+
version: '2.0'
|
|
63
|
+
- - "<"
|
|
64
|
+
- !ruby/object:Gem::Version
|
|
65
|
+
version: '3.0'
|
|
66
|
+
type: :runtime
|
|
67
|
+
prerelease: false
|
|
68
|
+
version_requirements: !ruby/object:Gem::Requirement
|
|
69
|
+
requirements:
|
|
70
|
+
- - ">="
|
|
71
|
+
- !ruby/object:Gem::Version
|
|
72
|
+
version: '2.0'
|
|
73
|
+
- - "<"
|
|
74
|
+
- !ruby/object:Gem::Version
|
|
75
|
+
version: '3.0'
|
|
76
|
+
- !ruby/object:Gem::Dependency
|
|
77
|
+
name: oj
|
|
78
|
+
requirement: !ruby/object:Gem::Requirement
|
|
79
|
+
requirements:
|
|
80
|
+
- - "~>"
|
|
81
|
+
- !ruby/object:Gem::Version
|
|
82
|
+
version: '3.0'
|
|
83
|
+
type: :runtime
|
|
84
|
+
prerelease: false
|
|
85
|
+
version_requirements: !ruby/object:Gem::Requirement
|
|
86
|
+
requirements:
|
|
87
|
+
- - "~>"
|
|
88
|
+
- !ruby/object:Gem::Version
|
|
89
|
+
version: '3.0'
|
|
56
90
|
- !ruby/object:Gem::Dependency
|
|
57
91
|
name: term-ansicolor
|
|
58
92
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -268,6 +302,7 @@ extra_rdoc_files: []
|
|
|
268
302
|
files:
|
|
269
303
|
- ".fossa.yml"
|
|
270
304
|
- ".gitignore"
|
|
305
|
+
- ".gitmodules"
|
|
271
306
|
- ".rspec"
|
|
272
307
|
- ".travis.yml"
|
|
273
308
|
- ".yardopts"
|