mauth-client 7.0.0 → 7.2.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/.github/PULL_REQUEST_TEMPLATE.md +8 -0
- data/.github/dependabot.yml +24 -0
- data/.github/workflows/ci.yml +53 -0
- data/.github/workflows/fossa.yml +17 -0
- data/.github/workflows/publish.yml +34 -0
- data/.github/workflows/release-please.yml +16 -0
- data/.release-please-manifest.json +3 -0
- data/Appraisals +1 -5
- data/CHANGELOG.md +14 -0
- data/README.md +6 -19
- data/UPGRADE_GUIDE.md +1 -1
- data/gemfiles/faraday_1.x.gemfile +1 -1
- data/lib/mauth/client/security_token_cacher.rb +19 -12
- data/lib/mauth/client.rb +9 -3
- data/lib/mauth/config_env.rb +5 -8
- data/lib/mauth/private_key_helper.rb +30 -0
- data/lib/mauth/version.rb +1 -1
- data/mauth-client.gemspec +4 -1
- data/release-please-config.json +11 -0
- metadata +56 -8
- data/.fossa.yml +0 -14
- data/.travis.yml +0 -56
- data/gemfiles/faraday_0.x.gemfile +0 -23
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 26dbb5eeff53416bf247a264a415eb7223359a142a2150e75734c0f62e824256
|
4
|
+
data.tar.gz: 6e73c8fdc1637927ba7625dc33b0e1ab0d8239f5e086c68a74d4a46385479940
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: c4eb6c25146c155208258e513ed64c9215c39dc0f250078db7fc57288d66df7f1d64f68aa41382be6c22ed25ed8dcf98249421433b93f2feb8ef7377d5922825
|
7
|
+
data.tar.gz: a06299bb7874d516e4391e33edab52c8c4d1ea8bef8ee39ca4e325115700b241ae25a0fe50ee49dee11029607056a6043922f2a0246c2393ad31aafa479341ab
|
@@ -0,0 +1,24 @@
|
|
1
|
+
# To get started with Dependabot version updates, you'll need to specify which
|
2
|
+
# package ecosystems to update and where the package manifests are located.
|
3
|
+
# Please see the documentation for all configuration options:
|
4
|
+
# https://docs.github.com/github/administering-a-repository/configuration-options-for-dependency-updates
|
5
|
+
|
6
|
+
version: 2
|
7
|
+
|
8
|
+
updates:
|
9
|
+
- package-ecosystem: bundler
|
10
|
+
directory: /
|
11
|
+
insecure-external-code-execution: allow
|
12
|
+
schedule:
|
13
|
+
interval: weekly
|
14
|
+
allow:
|
15
|
+
- dependency-type: all
|
16
|
+
groups:
|
17
|
+
dependencies:
|
18
|
+
patterns:
|
19
|
+
- "*"
|
20
|
+
|
21
|
+
- package-ecosystem: github-actions
|
22
|
+
directory: /
|
23
|
+
schedule:
|
24
|
+
interval: weekly
|
@@ -0,0 +1,53 @@
|
|
1
|
+
# This workflow uses actions that are not certified by GitHub.
|
2
|
+
# They are provided by a third-party and are governed by
|
3
|
+
# separate terms of service, privacy policy, and support
|
4
|
+
# documentation.
|
5
|
+
# This workflow will download a prebuilt Ruby version, install dependencies and run tests with Rake
|
6
|
+
# For more information see: https://github.com/marketplace/actions/setup-ruby-jruby-and-truffleruby
|
7
|
+
|
8
|
+
name: CI
|
9
|
+
|
10
|
+
on:
|
11
|
+
push:
|
12
|
+
branches:
|
13
|
+
- master
|
14
|
+
pull_request:
|
15
|
+
|
16
|
+
permissions:
|
17
|
+
contents: read
|
18
|
+
|
19
|
+
jobs:
|
20
|
+
test:
|
21
|
+
runs-on: ubuntu-latest
|
22
|
+
timeout-minutes: 10
|
23
|
+
|
24
|
+
concurrency:
|
25
|
+
# Cancel intermediate builds
|
26
|
+
group: ${{ github.workflow }}-${{ github.ref }}-${{ matrix.ruby-version }}-${{ matrix.appraisal }}
|
27
|
+
cancel-in-progress: true
|
28
|
+
|
29
|
+
strategy:
|
30
|
+
matrix:
|
31
|
+
ruby-version: ['2.7', '3.0', '3.1', '3.2', '3.3']
|
32
|
+
appraisal: ['faraday_1.x', 'faraday_2.x']
|
33
|
+
|
34
|
+
env:
|
35
|
+
BUNDLE_JOBS: 4
|
36
|
+
BUNDLE_GEMFILE: gemfiles/${{ matrix.appraisal }}.gemfile
|
37
|
+
|
38
|
+
steps:
|
39
|
+
- uses: actions/checkout@v4
|
40
|
+
with:
|
41
|
+
submodules: true
|
42
|
+
|
43
|
+
- name: Set up Ruby
|
44
|
+
uses: ruby/setup-ruby@v1
|
45
|
+
with:
|
46
|
+
ruby-version: ${{ matrix.ruby-version }}
|
47
|
+
bundler-cache: true # runs 'bundle install' and caches installed gems automatically
|
48
|
+
|
49
|
+
- name: Run tests
|
50
|
+
run: |
|
51
|
+
bundle exec rspec
|
52
|
+
bundle exec rubocop
|
53
|
+
bundle exec rake benchmark
|
@@ -0,0 +1,17 @@
|
|
1
|
+
name: FOSSA License Check
|
2
|
+
|
3
|
+
on:
|
4
|
+
push:
|
5
|
+
# branches:
|
6
|
+
# - master
|
7
|
+
pull_request:
|
8
|
+
|
9
|
+
jobs:
|
10
|
+
fossa-scan:
|
11
|
+
runs-on: ubuntu-latest
|
12
|
+
steps:
|
13
|
+
- uses: actions/checkout@v4
|
14
|
+
- uses: mdsol/fossa_ci_scripts@main
|
15
|
+
env:
|
16
|
+
FOSSA_API_KEY: ${{ secrets.FOSSA_API_KEY }}
|
17
|
+
FOSSA_FAIL_BUILD: false
|
@@ -0,0 +1,34 @@
|
|
1
|
+
name: Publish
|
2
|
+
|
3
|
+
on:
|
4
|
+
release:
|
5
|
+
types:
|
6
|
+
- published
|
7
|
+
workflow_dispatch:
|
8
|
+
|
9
|
+
permissions:
|
10
|
+
contents: read
|
11
|
+
|
12
|
+
jobs:
|
13
|
+
build:
|
14
|
+
name: Build + Publish
|
15
|
+
runs-on: ubuntu-latest
|
16
|
+
|
17
|
+
steps:
|
18
|
+
- uses: actions/checkout@v4
|
19
|
+
|
20
|
+
- name: Set up Ruby
|
21
|
+
uses: ruby/setup-ruby@v1
|
22
|
+
with:
|
23
|
+
ruby-version: 3.3
|
24
|
+
|
25
|
+
- name: Publish to RubyGems
|
26
|
+
run: |
|
27
|
+
mkdir -p $HOME/.gem
|
28
|
+
touch $HOME/.gem/credentials
|
29
|
+
chmod 0600 $HOME/.gem/credentials
|
30
|
+
printf -- "---\n:rubygems_api_key: ${GEM_HOST_API_KEY}\n" > $HOME/.gem/credentials
|
31
|
+
gem build *.gemspec
|
32
|
+
gem push *.gem
|
33
|
+
env:
|
34
|
+
GEM_HOST_API_KEY: "${{ secrets.RUBYGEMS_AUTH_TOKEN }}"
|
data/Appraisals
CHANGED
data/CHANGELOG.md
CHANGED
@@ -1,3 +1,17 @@
|
|
1
|
+
## v7.1.0
|
2
|
+
- Add MAuth::PrivateKeyHelper.load method to process RSA private keys.
|
3
|
+
- Update Faraday configuration in SecurityTokenCacher:
|
4
|
+
- Add the `MAUTH_USE_RAILS_CACHE` environment variable to make `Rails.cache` usable to cache public keys.
|
5
|
+
- Shorten timeout for connection, add retries, and use persistent HTTP connections.
|
6
|
+
- Drop support for Faraday < 1.9.
|
7
|
+
|
8
|
+
## [7.2.0](https://github.com/mdsol/mauth-client-ruby/compare/v7.1.0...v7.2.0) (2024-04-25)
|
9
|
+
|
10
|
+
|
11
|
+
### Features
|
12
|
+
|
13
|
+
* Support Ruby 3.3 ([245bb06](https://github.com/mdsol/mauth-client-ruby/commit/245bb06d8abb86bd6a4b557b84bc9d0898254a95))
|
14
|
+
|
1
15
|
## v7.0.0
|
2
16
|
- Remove dice_bag and set configuration through environment variables directly.
|
3
17
|
- Rename the `V2_ONLY_SIGN_REQUESTS`, `V2_ONLY_AUTHENTICATE`, `DISABLE_FALLBACK_TO_V1_ON_V2_FAILURE` and `V1_ONLY_SIGN_REQUESTS` environment variables.
|
data/README.md
CHANGED
@@ -1,5 +1,4 @@
|
|
1
1
|
# MAuth-Client
|
2
|
-
[](https://travis-ci.org/mdsol/mauth-client-ruby)
|
3
2
|
|
4
3
|
This gem consists of MAuth::Client, a class to manage the information needed to both sign and authenticate requests
|
5
4
|
and responses, and middlewares for Rack and Faraday which leverage the client's capabilities.
|
@@ -30,7 +29,7 @@ $ gem install mauth-client
|
|
30
29
|
Configuration is set through environment variables:
|
31
30
|
|
32
31
|
- `MAUTH_PRIVATE_KEY`
|
33
|
-
- Required for signing and for
|
32
|
+
- Required for signing and for authentication.
|
34
33
|
|
35
34
|
- `MAUTH_PRIVATE_KEY_FILE`
|
36
35
|
- May be used instead of `MAUTH_PRIVATE_KEY`, mauth-client will load the file instead.
|
@@ -56,6 +55,8 @@ Configuration is set through environment variables:
|
|
56
55
|
- `MAUTH_V1_ONLY_SIGN_REQUESTS`
|
57
56
|
- If true, all outgoing requests will be signed with only the V1 protocol. Defaults to true. Note, cannot be `true` if `MAUTH_V2_ONLY_SIGN_REQUESTS` is also `true`.
|
58
57
|
|
58
|
+
- `MAUTH_USE_RAILS_CACHE`
|
59
|
+
- If true, `Rails.cache` is used to cache public keys for authentication.
|
59
60
|
|
60
61
|
This is simply loaded and passed to either middleware or directly to a MAuth::Client instance.
|
61
62
|
See the documentation for [MAuth::Client#initialize](lib/mauth/client.rb) for more details of what it accepts. Usually you will want:
|
@@ -67,10 +68,10 @@ MAUTH_CONF = MAuth::Client.default_config
|
|
67
68
|
The `.default_config` method takes a number of options to tweak its expectations regarding defaults. See the
|
68
69
|
documentation for [MAuth::Client.default_config](lib/mauth/client.rb) for details.
|
69
70
|
|
70
|
-
The `private_key` and `app_uuid`
|
71
|
+
The `private_key` and `app_uuid` are required for signing and for authentication.
|
71
72
|
They’ll only work if the `app_uuid` has been stored in MAuth with a public key corresponding to the `private_key`.
|
72
73
|
|
73
|
-
The `mauth_baseurl` and `mauth_api_version` are required.
|
74
|
+
The `mauth_baseurl` and `mauth_api_version` are required for authentication.
|
74
75
|
These tell the MAuth-Client where and how to communicate with the MAuth service.
|
75
76
|
|
76
77
|
The `v2_only_sign_requests` and `v2_only_authenticate` flags were added to facilitate conversion from the MAuth V1 protocol to the MAuth
|
@@ -248,9 +249,7 @@ Only use the `MAuth::Faraday::ResponseAuthenticator` middleware if you are expec
|
|
248
249
|
`MAUTH_CONF` is the same as in Rack middleware, and as with the Rack middleware is used to initialize a `MAuth::Client` instance.
|
249
250
|
Also as with the Rack middleware, you can pass in a `MAuth::Client` instance you are using yourself on the `:mauth_client` key, and omit any other configuration.
|
250
251
|
|
251
|
-
|
252
|
-
mauth service to authenticate.
|
253
|
-
`MAuth::Faraday::RequestSigner` cannot be used without a `private_key` and `app_uuid`.
|
252
|
+
Both `MAuth::Faraday::ResponseAuthenticator` and `MAuth::Faraday::RequestSigner` cannot be used without a `private_key` and `app_uuid`.
|
254
253
|
|
255
254
|
If a response which does not appear to be authentic is received by the `MAuth::Faraday::ResponseAuthenticator` middleware, a `MAuth::InauthenticError` will be raised.
|
256
255
|
|
@@ -272,18 +271,6 @@ request = MAuth::Request.new(verb: my_verb, request_url: my_request_url, body: m
|
|
272
271
|
```
|
273
272
|
`mauth_client.signed_headers(request)` will then return mauth headers which you can apply to your request.
|
274
273
|
|
275
|
-
## Local Authentication
|
276
|
-
|
277
|
-
When doing local authentication, the MAuth-Client will periodically fetch and cache public keys from MAuth.
|
278
|
-
Each public key will be cached locally for 60 seconds.
|
279
|
-
Applications which connect frequently to the app will benefit most from this caching strategy.
|
280
|
-
When fetching public keys from MAuth, the following rules apply:
|
281
|
-
|
282
|
-
1. If MAuth returns the public key for a given `app_uuid`, MAuth-Client will refresh its local cache with this new public key.
|
283
|
-
2. If MAuth cannot find the public key for a given `app_uuid` (i.e. returns a 404 status code), MAuth-Client will remove the corresponding public key from its local cache and authentication of any message from the application with this public key will fail as a consequence.
|
284
|
-
3. If the request to MAuth times out or MAuth returns a 500 status code, the requested public key will not be removed from local MAuth-Client cache (if it exists there in the first place).
|
285
|
-
The cached version will continue to be used for local authentication until MAuth::Client is able to again communicate with MAuth.
|
286
|
-
|
287
274
|
## Warning
|
288
275
|
|
289
276
|
During development classes are typically not cached in Rails applications.
|
data/UPGRADE_GUIDE.md
CHANGED
@@ -8,7 +8,7 @@
|
|
8
8
|
Version 7.0.0 drops dice_bag.
|
9
9
|
|
10
10
|
Please remove the following files and update the `.gitignore` file accordingly:
|
11
|
-
- `config/initializers/mauth.rb.dice`
|
11
|
+
- `config/initializers/mauth.rb.dice` (rename to `mauth.rb` and remove the top line `<%= warning.as_yaml_comment %>`)
|
12
12
|
- `config/mauth_key`
|
13
13
|
- `config/mauth_key.dice`
|
14
14
|
- `config/mauth.yml`
|
@@ -1,16 +1,24 @@
|
|
1
1
|
# frozen_string_literal: true
|
2
2
|
|
3
3
|
require 'faraday-http-cache'
|
4
|
+
require 'faraday/retry'
|
5
|
+
if Gem::Version.new(Faraday::VERSION) >= Gem::Version.new('2.0')
|
6
|
+
require 'faraday/net_http_persistent'
|
7
|
+
else
|
8
|
+
require 'net/http/persistent'
|
9
|
+
end
|
4
10
|
require 'mauth/faraday'
|
5
11
|
|
6
12
|
module MAuth
|
7
13
|
class Client
|
8
14
|
module Authenticator
|
9
15
|
class SecurityTokenCacher
|
16
|
+
attr_reader :mauth_client
|
17
|
+
|
10
18
|
def initialize(mauth_client)
|
11
19
|
@mauth_client = mauth_client
|
12
20
|
# TODO: should this be UnableToSignError?
|
13
|
-
|
21
|
+
mauth_client.assert_private_key(
|
14
22
|
UnableToAuthenticateError.new('Cannot fetch public keys from mAuth service without a private key!')
|
15
23
|
)
|
16
24
|
end
|
@@ -19,7 +27,7 @@ module MAuth
|
|
19
27
|
# url-encode the app_uuid to prevent trickery like escaping upward with ../../ in a malicious
|
20
28
|
# app_uuid - probably not exploitable, but this is the right way to do it anyway.
|
21
29
|
url_encoded_app_uuid = CGI.escape(app_uuid)
|
22
|
-
path = "/mauth/#{
|
30
|
+
path = "/mauth/#{mauth_client.mauth_api_version}/security_tokens/#{url_encoded_app_uuid}.json"
|
23
31
|
response = signed_mauth_connection.get(path)
|
24
32
|
|
25
33
|
case response.status
|
@@ -29,11 +37,11 @@ module MAuth
|
|
29
37
|
# signing with a key mAuth doesn't know about is considered inauthentic
|
30
38
|
raise InauthenticError, "mAuth service responded with 404 looking up public key for #{app_uuid}"
|
31
39
|
else
|
32
|
-
|
40
|
+
mauth_client.send(:mauth_service_response_error, response)
|
33
41
|
end
|
34
42
|
rescue ::Faraday::ConnectionFailed, ::Faraday::TimeoutError => e
|
35
43
|
msg = "mAuth service did not respond; received #{e.class}: #{e.message}"
|
36
|
-
|
44
|
+
mauth_client.logger.error("Unable to authenticate with MAuth. Exception #{msg}")
|
37
45
|
raise UnableToAuthenticateError, msg
|
38
46
|
end
|
39
47
|
|
@@ -43,21 +51,20 @@ module MAuth
|
|
43
51
|
JSON.parse response_body
|
44
52
|
rescue JSON::ParserError => e
|
45
53
|
msg = "mAuth service responded with unparseable json: #{response_body}\n#{e.class}: #{e.message}"
|
46
|
-
|
54
|
+
mauth_client.logger.error("Unable to authenticate with MAuth. Exception #{msg}")
|
47
55
|
raise UnableToAuthenticateError, msg
|
48
56
|
end
|
49
57
|
|
50
58
|
def signed_mauth_connection
|
51
59
|
@signed_mauth_connection ||= begin
|
52
|
-
if
|
53
|
-
@mauth_client.faraday_options[:ssl] = { ca_path: @mauth_client.ssl_certs_path }
|
54
|
-
end
|
60
|
+
mauth_client.faraday_options[:ssl] = { ca_path: mauth_client.ssl_certs_path } if mauth_client.ssl_certs_path
|
55
61
|
|
56
|
-
::Faraday.new(
|
62
|
+
::Faraday.new(mauth_client.mauth_baseurl, mauth_client.faraday_options) do |builder|
|
57
63
|
builder.use MAuth::Faraday::MAuthClientUserAgent
|
58
|
-
builder.use MAuth::Faraday::RequestSigner, 'mauth_client' =>
|
59
|
-
builder.use :http_cache, logger:
|
60
|
-
builder.
|
64
|
+
builder.use MAuth::Faraday::RequestSigner, 'mauth_client' => mauth_client
|
65
|
+
builder.use :http_cache, store: mauth_client.cache_store, logger: mauth_client.logger, shared_cache: false
|
66
|
+
builder.request :retry, max: 2
|
67
|
+
builder.adapter :net_http_persistent
|
61
68
|
end
|
62
69
|
end
|
63
70
|
end
|
data/lib/mauth/client.rb
CHANGED
@@ -12,6 +12,7 @@ require 'mauth/client/authenticator'
|
|
12
12
|
require 'mauth/client/signer'
|
13
13
|
require 'mauth/config_env'
|
14
14
|
require 'mauth/errors'
|
15
|
+
require 'mauth/private_key_helper'
|
15
16
|
|
16
17
|
module MAuth
|
17
18
|
# does operations which require a private key and corresponding app uuid. this is primarily:
|
@@ -60,7 +61,7 @@ module MAuth
|
|
60
61
|
|
61
62
|
# new client with the given App UUID and public key. config may include the following (all
|
62
63
|
# config keys may be strings or symbols):
|
63
|
-
# - private_key - required for signing and for
|
64
|
+
# - private_key - required for signing and for authentication.
|
64
65
|
# may be given as a string or a OpenSSL::PKey::RSA instance.
|
65
66
|
# - app_uuid - required in the same circumstances where a private_key is required
|
66
67
|
# - mauth_baseurl - required. needed to retrieve public keys.
|
@@ -80,7 +81,7 @@ module MAuth
|
|
80
81
|
when nil
|
81
82
|
nil
|
82
83
|
when String
|
83
|
-
|
84
|
+
PrivateKeyHelper.load(given_config['private_key'])
|
84
85
|
when OpenSSL::PKey::RSA
|
85
86
|
given_config['private_key']
|
86
87
|
else
|
@@ -102,7 +103,7 @@ module MAuth
|
|
102
103
|
end
|
103
104
|
end
|
104
105
|
|
105
|
-
request_config = { timeout: 10, open_timeout:
|
106
|
+
request_config = { timeout: 10, open_timeout: 3 }
|
106
107
|
request_config.merge!(symbolize_keys(given_config['faraday_options'])) if given_config['faraday_options']
|
107
108
|
@config['faraday_options'] = { request: request_config } || {}
|
108
109
|
@config['ssl_certs_path'] = given_config['ssl_certs_path'] if given_config['ssl_certs_path']
|
@@ -115,6 +116,7 @@ module MAuth
|
|
115
116
|
|
116
117
|
@config['disable_fallback_to_v1_on_v2_failure'] =
|
117
118
|
given_config['disable_fallback_to_v1_on_v2_failure'].to_s.casecmp('true').zero?
|
119
|
+
@config['use_rails_cache'] = given_config['use_rails_cache']
|
118
120
|
end
|
119
121
|
|
120
122
|
def logger
|
@@ -165,6 +167,10 @@ module MAuth
|
|
165
167
|
raise err unless private_key
|
166
168
|
end
|
167
169
|
|
170
|
+
def cache_store
|
171
|
+
Rails.cache if @config['use_rails_cache'] && Object.const_defined?(:Rails) && ::Rails.respond_to?(:cache)
|
172
|
+
end
|
173
|
+
|
168
174
|
private
|
169
175
|
|
170
176
|
def mauth_service_response_error(response)
|
data/lib/mauth/config_env.rb
CHANGED
@@ -13,7 +13,8 @@ module MAuth
|
|
13
13
|
'MAUTH_V2_ONLY_AUTHENTICATE' => false,
|
14
14
|
'MAUTH_V2_ONLY_SIGN_REQUESTS' => false,
|
15
15
|
'MAUTH_DISABLE_FALLBACK_TO_V1_ON_V2_FAILURE' => false,
|
16
|
-
'MAUTH_V1_ONLY_SIGN_REQUESTS' => true
|
16
|
+
'MAUTH_V1_ONLY_SIGN_REQUESTS' => true,
|
17
|
+
'MAUTH_USE_RAILS_CACHE' => false
|
17
18
|
}.freeze
|
18
19
|
|
19
20
|
class << self
|
@@ -24,11 +25,12 @@ module MAuth
|
|
24
25
|
'mauth_baseurl' => env[:mauth_url] || 'http://localhost:7000',
|
25
26
|
'mauth_api_version' => env[:mauth_api_version],
|
26
27
|
'app_uuid' => env[:mauth_app_uuid] || 'fb17460e-9868-11e1-8399-0090f5ccb4d3',
|
27
|
-
'private_key' => private_key ||
|
28
|
+
'private_key' => private_key || PrivateKeyHelper.generate.to_s,
|
28
29
|
'v2_only_authenticate' => env[:mauth_v2_only_authenticate],
|
29
30
|
'v2_only_sign_requests' => env[:mauth_v2_only_sign_requests],
|
30
31
|
'disable_fallback_to_v1_on_v2_failure' => env[:mauth_disable_fallback_to_v1_on_v2_failure],
|
31
|
-
'v1_only_sign_requests' => env[:mauth_v1_only_sign_requests]
|
32
|
+
'v1_only_sign_requests' => env[:mauth_v1_only_sign_requests],
|
33
|
+
'use_rails_cache' => env[:mauth_use_rails_cache]
|
32
34
|
}
|
33
35
|
end
|
34
36
|
|
@@ -74,11 +76,6 @@ module MAuth
|
|
74
76
|
|
75
77
|
File.read(env[:mauth_private_key_file])
|
76
78
|
end
|
77
|
-
|
78
|
-
def generate_private_key
|
79
|
-
require 'openssl'
|
80
|
-
OpenSSL::PKey::RSA.generate(2048).to_s
|
81
|
-
end
|
82
79
|
end
|
83
80
|
end
|
84
81
|
end
|
@@ -0,0 +1,30 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
require 'openssl'
|
4
|
+
|
5
|
+
module MAuth
|
6
|
+
module PrivateKeyHelper
|
7
|
+
HEADER = '-----BEGIN RSA PRIVATE KEY-----'
|
8
|
+
FOOTER = '-----END RSA PRIVATE KEY-----'
|
9
|
+
|
10
|
+
module_function
|
11
|
+
|
12
|
+
def generate
|
13
|
+
OpenSSL::PKey::RSA.generate(2048)
|
14
|
+
end
|
15
|
+
|
16
|
+
def load(key)
|
17
|
+
OpenSSL::PKey::RSA.new(to_rsa_format(key))
|
18
|
+
rescue OpenSSL::PKey::RSAError
|
19
|
+
raise 'The private key provided is invalid'
|
20
|
+
end
|
21
|
+
|
22
|
+
def to_rsa_format(key)
|
23
|
+
return key if key.include?("\n")
|
24
|
+
|
25
|
+
body = key.strip.delete_prefix(HEADER).delete_suffix(FOOTER).strip
|
26
|
+
body = body.include?("\s") ? body.tr("\s", "\n") : body.scan(/.{1,64}/).join("\n")
|
27
|
+
"#{HEADER}\n#{body}\n#{FOOTER}"
|
28
|
+
end
|
29
|
+
end
|
30
|
+
end
|
data/lib/mauth/version.rb
CHANGED
data/mauth-client.gemspec
CHANGED
@@ -23,8 +23,11 @@ Gem::Specification.new do |spec|
|
|
23
23
|
|
24
24
|
spec.add_dependency 'addressable', '~> 2.0'
|
25
25
|
spec.add_dependency 'coderay', '~> 1.0'
|
26
|
-
spec.add_dependency 'faraday', '>=
|
26
|
+
spec.add_dependency 'faraday', '>= 1.9', '< 3.0'
|
27
27
|
spec.add_dependency 'faraday-http-cache', '>= 2.0', '< 3.0'
|
28
|
+
spec.add_dependency 'faraday-net_http_persistent'
|
29
|
+
spec.add_dependency 'faraday-retry'
|
30
|
+
spec.add_dependency 'net-http-persistent', '>= 3.1'
|
28
31
|
spec.add_dependency 'rack', '> 2.2.3'
|
29
32
|
spec.add_dependency 'term-ansicolor', '~> 1.0'
|
30
33
|
end
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: mauth-client
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 7.
|
4
|
+
version: 7.2.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Matthew Szenher
|
@@ -11,7 +11,7 @@ authors:
|
|
11
11
|
autorequire:
|
12
12
|
bindir: exe
|
13
13
|
cert_chain: []
|
14
|
-
date:
|
14
|
+
date: 2024-04-25 00:00:00.000000000 Z
|
15
15
|
dependencies:
|
16
16
|
- !ruby/object:Gem::Dependency
|
17
17
|
name: addressable
|
@@ -47,7 +47,7 @@ dependencies:
|
|
47
47
|
requirements:
|
48
48
|
- - ">="
|
49
49
|
- !ruby/object:Gem::Version
|
50
|
-
version: '
|
50
|
+
version: '1.9'
|
51
51
|
- - "<"
|
52
52
|
- !ruby/object:Gem::Version
|
53
53
|
version: '3.0'
|
@@ -57,7 +57,7 @@ dependencies:
|
|
57
57
|
requirements:
|
58
58
|
- - ">="
|
59
59
|
- !ruby/object:Gem::Version
|
60
|
-
version: '
|
60
|
+
version: '1.9'
|
61
61
|
- - "<"
|
62
62
|
- !ruby/object:Gem::Version
|
63
63
|
version: '3.0'
|
@@ -81,6 +81,48 @@ dependencies:
|
|
81
81
|
- - "<"
|
82
82
|
- !ruby/object:Gem::Version
|
83
83
|
version: '3.0'
|
84
|
+
- !ruby/object:Gem::Dependency
|
85
|
+
name: faraday-net_http_persistent
|
86
|
+
requirement: !ruby/object:Gem::Requirement
|
87
|
+
requirements:
|
88
|
+
- - ">="
|
89
|
+
- !ruby/object:Gem::Version
|
90
|
+
version: '0'
|
91
|
+
type: :runtime
|
92
|
+
prerelease: false
|
93
|
+
version_requirements: !ruby/object:Gem::Requirement
|
94
|
+
requirements:
|
95
|
+
- - ">="
|
96
|
+
- !ruby/object:Gem::Version
|
97
|
+
version: '0'
|
98
|
+
- !ruby/object:Gem::Dependency
|
99
|
+
name: faraday-retry
|
100
|
+
requirement: !ruby/object:Gem::Requirement
|
101
|
+
requirements:
|
102
|
+
- - ">="
|
103
|
+
- !ruby/object:Gem::Version
|
104
|
+
version: '0'
|
105
|
+
type: :runtime
|
106
|
+
prerelease: false
|
107
|
+
version_requirements: !ruby/object:Gem::Requirement
|
108
|
+
requirements:
|
109
|
+
- - ">="
|
110
|
+
- !ruby/object:Gem::Version
|
111
|
+
version: '0'
|
112
|
+
- !ruby/object:Gem::Dependency
|
113
|
+
name: net-http-persistent
|
114
|
+
requirement: !ruby/object:Gem::Requirement
|
115
|
+
requirements:
|
116
|
+
- - ">="
|
117
|
+
- !ruby/object:Gem::Version
|
118
|
+
version: '3.1'
|
119
|
+
type: :runtime
|
120
|
+
prerelease: false
|
121
|
+
version_requirements: !ruby/object:Gem::Requirement
|
122
|
+
requirements:
|
123
|
+
- - ">="
|
124
|
+
- !ruby/object:Gem::Version
|
125
|
+
version: '3.1'
|
84
126
|
- !ruby/object:Gem::Dependency
|
85
127
|
name: rack
|
86
128
|
requirement: !ruby/object:Gem::Requirement
|
@@ -120,13 +162,18 @@ executables:
|
|
120
162
|
extensions: []
|
121
163
|
extra_rdoc_files: []
|
122
164
|
files:
|
123
|
-
- ".
|
165
|
+
- ".github/PULL_REQUEST_TEMPLATE.md"
|
166
|
+
- ".github/dependabot.yml"
|
167
|
+
- ".github/workflows/ci.yml"
|
168
|
+
- ".github/workflows/fossa.yml"
|
169
|
+
- ".github/workflows/publish.yml"
|
170
|
+
- ".github/workflows/release-please.yml"
|
124
171
|
- ".gitignore"
|
125
172
|
- ".gitmodules"
|
173
|
+
- ".release-please-manifest.json"
|
126
174
|
- ".rspec"
|
127
175
|
- ".rubocop.yml"
|
128
176
|
- ".ruby-version"
|
129
|
-
- ".travis.yml"
|
130
177
|
- ".yardopts"
|
131
178
|
- Appraisals
|
132
179
|
- CHANGELOG.md
|
@@ -145,7 +192,6 @@ files:
|
|
145
192
|
- examples/mauth_key
|
146
193
|
- exe/mauth-client
|
147
194
|
- exe/mauth-proxy
|
148
|
-
- gemfiles/faraday_0.x.gemfile
|
149
195
|
- gemfiles/faraday_1.x.gemfile
|
150
196
|
- gemfiles/faraday_2.x.gemfile
|
151
197
|
- lib/mauth-client.rb
|
@@ -160,6 +206,7 @@ files:
|
|
160
206
|
- lib/mauth/fake/rack.rb
|
161
207
|
- lib/mauth/faraday.rb
|
162
208
|
- lib/mauth/middleware.rb
|
209
|
+
- lib/mauth/private_key_helper.rb
|
163
210
|
- lib/mauth/proxy.rb
|
164
211
|
- lib/mauth/rack.rb
|
165
212
|
- lib/mauth/request_and_response.rb
|
@@ -167,6 +214,7 @@ files:
|
|
167
214
|
- lib/mauth/version.rb
|
168
215
|
- lib/rack/mauth.rb
|
169
216
|
- mauth-client.gemspec
|
217
|
+
- release-please-config.json
|
170
218
|
homepage: https://github.com/mdsol/mauth-client-ruby
|
171
219
|
licenses:
|
172
220
|
- MIT
|
@@ -186,7 +234,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
186
234
|
- !ruby/object:Gem::Version
|
187
235
|
version: '0'
|
188
236
|
requirements: []
|
189
|
-
rubygems_version: 3.
|
237
|
+
rubygems_version: 3.5.9
|
190
238
|
signing_key:
|
191
239
|
specification_version: 4
|
192
240
|
summary: Sign and authenticate requests and responses with mAuth authentication.
|
data/.fossa.yml
DELETED
@@ -1,14 +0,0 @@
|
|
1
|
-
# Generated by FOSSA CLI (https://github.com/fossas/fossa-cli)
|
2
|
-
# Visit https://fossa.io to learn more
|
3
|
-
|
4
|
-
version: 1
|
5
|
-
cli:
|
6
|
-
server: https://app.fossa.io
|
7
|
-
fetcher: custom
|
8
|
-
project: mauth-client-ruby
|
9
|
-
analyze:
|
10
|
-
modules:
|
11
|
-
- name: Gemfile
|
12
|
-
type: gem
|
13
|
-
target: .
|
14
|
-
path: .
|
data/.travis.yml
DELETED
@@ -1,56 +0,0 @@
|
|
1
|
-
dist: focal
|
2
|
-
language: ruby
|
3
|
-
cache: bundler
|
4
|
-
|
5
|
-
rvm:
|
6
|
-
- 2.7
|
7
|
-
- 3.0
|
8
|
-
- 3.1
|
9
|
-
- 3.2
|
10
|
-
|
11
|
-
env:
|
12
|
-
global:
|
13
|
-
- BUNDLE_JOBS=4
|
14
|
-
|
15
|
-
jobs:
|
16
|
-
exclude:
|
17
|
-
- rvm: 3.0
|
18
|
-
gemfile: gemfiles/faraday_0.x.gemfile # Faraday v0.x does not officially support Ruby 3 (see: https://github.com/lostisland/faraday/releases/tag/v1.3.0)
|
19
|
-
- rvm: 3.1
|
20
|
-
gemfile: gemfiles/faraday_0.x.gemfile # Faraday v0.x does not officially support Ruby 3 (see: https://github.com/lostisland/faraday/releases/tag/v1.3.0)
|
21
|
-
- rvm: 3.2
|
22
|
-
gemfile: gemfiles/faraday_0.x.gemfile # Faraday v0.x does not officially support Ruby 3 (see: https://github.com/lostisland/faraday/releases/tag/v1.3.0)
|
23
|
-
|
24
|
-
gemfile:
|
25
|
-
- gemfiles/faraday_0.x.gemfile
|
26
|
-
- gemfiles/faraday_1.x.gemfile
|
27
|
-
- gemfiles/faraday_2.x.gemfile
|
28
|
-
|
29
|
-
before_install:
|
30
|
-
- gem update --system -N > /dev/null && echo "Rubygems version $(gem --version)" && bundle --version
|
31
|
-
|
32
|
-
install:
|
33
|
-
- bundle install
|
34
|
-
- >-
|
35
|
-
curl -H 'Cache-Control: no-cache'
|
36
|
-
https://raw.githubusercontent.com/mdsol/fossa_ci_scripts/main/travis_ci/fossa_install.sh |
|
37
|
-
bash -s -- -b $TRAVIS_BUILD_DIR
|
38
|
-
|
39
|
-
script:
|
40
|
-
- bundle exec rspec
|
41
|
-
- bundle exec rubocop
|
42
|
-
- bundle exec rake benchmark
|
43
|
-
- >-
|
44
|
-
curl -H 'Cache-Control: no-cache'
|
45
|
-
https://raw.githubusercontent.com/mdsol/fossa_ci_scripts/main/travis_ci/fossa_run.sh |
|
46
|
-
bash -s -- -b $TRAVIS_BUILD_DIR
|
47
|
-
|
48
|
-
deploy:
|
49
|
-
provider: rubygems
|
50
|
-
gem: mauth-client
|
51
|
-
api_key:
|
52
|
-
secure: QDp0P/lMGLYc4+A3M6VD9y551X6GrGwOSBE6xSG4lE6mPXoSISK5Yj18vNWQRQuQ4BsE6CdfZ/xsPjSRDda6b+yUQbgisjJ+Ry6jUVE1v9UKTZ0VHgHyXcsaJFC29tBKBeuGCj0AD5qhbTO1+ybeZSUfdSeVVoidD4W/bSnvzlT1Lht7IE8jbHbR57LsJKoEaDxKu33dg4CYV96xrlYGxHAS2UgEgi5Ve3ohzBWkX9RWF/wWoGCzIYhJBzXgCEEFw8iWkspjTePgv9yjD2HIMtF44aiSTHM5iqBBsYJ7A8+kUwoq7+srsashHZ1wZz1YulsCSkjwM9AXZ4E0f9AnERw/RQ5gG7bCuHZtSG9g/0SWBQeNfkAF3An6eTSS24KVfnarGdH2bk0G28k2oP26MWiDKz8nlQxNAY4rH+dITael18bgf45H4KccQqiooBEGnuYpUAuIPB+1l+BsIcRQnrU3LDtmtZn0KrCHHJ7EHOdogOG+/Pxof8ht1xF7V+HYhhzSRJs2JkvmZsp4q2T7W6b6kfi59Cz3LpqA1HHYcL5/OFZeLA/TlCNke0CRMxG8k3udDKj50jqFATXEa8lNyGLjmWh7tL9Bb/uy+CU47qUdx+V4K+kheAvNFtHfpxmyUGJSY0FH02H1VBPWm10DZ7kH+6jgCKyXuql+yWDw62s=
|
53
|
-
on:
|
54
|
-
tags: true
|
55
|
-
repo: mdsol/mauth-client-ruby
|
56
|
-
condition: $TRAVIS_RUBY_VERSION == 3.2 && $BUNDLE_GEMFILE == $TRAVIS_BUILD_DIR/gemfiles/faraday_2.x.gemfile
|
@@ -1,23 +0,0 @@
|
|
1
|
-
# This file was generated by Appraisal
|
2
|
-
|
3
|
-
source "https://rubygems.org"
|
4
|
-
|
5
|
-
gem "faraday", "~> 0.9"
|
6
|
-
|
7
|
-
group :development do
|
8
|
-
gem "appraisal", "~> 2.4"
|
9
|
-
gem "benchmark-ips", "~> 2.7"
|
10
|
-
gem "bundler", ">= 1.17"
|
11
|
-
gem "byebug", "~> 11.1"
|
12
|
-
gem "rack-test", "~> 1.1"
|
13
|
-
gem "rake", "~> 12.0"
|
14
|
-
gem "rspec", "~> 3.8"
|
15
|
-
gem "rubocop", "~> 1.25"
|
16
|
-
gem "rubocop-mdsol", "~> 0.1"
|
17
|
-
gem "rubocop-performance", "~> 1.13"
|
18
|
-
gem "simplecov", "~> 0.16"
|
19
|
-
gem "timecop", "~> 0.9"
|
20
|
-
gem "webmock", "~> 3.0"
|
21
|
-
end
|
22
|
-
|
23
|
-
gemspec path: "../"
|