mauth-client 6.1.1 → 6.2.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/.gitmodules +3 -0
- data/.rspec +0 -1
- data/CHANGELOG.md +3 -0
- data/CONTRIBUTING.md +17 -8
- data/doc/implementations.md +2 -3
- data/lib/mauth/client/security_token_cacher.rb +15 -17
- data/lib/mauth/version.rb +1 -1
- data/mauth-client.gemspec +2 -0
- metadata +37 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: be045713042cd9a25e7b0219d959c1208c66b700c8a113130d7865d91e17db7d
|
|
4
|
+
data.tar.gz: 155e903f0fa2fafabf2167c9d908398259ec2c9336b7f953bda83efe13667559
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 8c97d131c0f9aef554ab5ebb7fd06193ec50a50f7a81fc93a184ba30b5b91bf870c560a06ce9c5dfeb19dab7cb7410c771b355fbbfb1055e56327147c32c5a6a
|
|
7
|
+
data.tar.gz: 446f8d0a681376361e3b9eabd86b20f3bfe2d28bdb028edf0b78c6e21f9222a7eaed5de3ba4fecd5afa95059698a14f6f4aaeba083d31ff5c55f618b9cbcdb12
|
data/.gitmodules
ADDED
data/.rspec
CHANGED
data/CHANGELOG.md
CHANGED
data/CONTRIBUTING.md
CHANGED
|
@@ -1,5 +1,22 @@
|
|
|
1
1
|
# Contributing
|
|
2
2
|
|
|
3
|
+
## Cloning the Repo
|
|
4
|
+
|
|
5
|
+
This repo contains the submodule `mauth-protocol-test-suite` so requires a flag when initially cloning in order to clone and init submodules.
|
|
6
|
+
|
|
7
|
+
```
|
|
8
|
+
git clone --recurse-submodules git@github.com:mdsol/mauth-client-ruby.git
|
|
9
|
+
```
|
|
10
|
+
|
|
11
|
+
If you have already cloned a version of this repo before the submodule was introduced in version 6.1.2 then run
|
|
12
|
+
|
|
13
|
+
```
|
|
14
|
+
cd spec/fixtures/mauth-protocol-test-suite
|
|
15
|
+
git submodule update --init
|
|
16
|
+
```
|
|
17
|
+
|
|
18
|
+
to init the submodule.
|
|
19
|
+
|
|
3
20
|
## General Information
|
|
4
21
|
|
|
5
22
|
* Check out the latest develop to make sure the feature hasn't been implemented or the bug hasn't been fixed yet
|
|
@@ -19,14 +36,6 @@ Next, run the tests:
|
|
|
19
36
|
bundle exec rspec
|
|
20
37
|
```
|
|
21
38
|
|
|
22
|
-
# Running mauth-protocol-test-suite
|
|
23
|
-
|
|
24
|
-
To run the mauth-protocol-test-suite clone the latest test suite onto your machine and place it in the same parent directory as this repo (or supply the ENV var `TEST_SUITE_RELATIVE_PATH` with the path to the test suite relative to this repo). Then run:
|
|
25
|
-
|
|
26
|
-
```
|
|
27
|
-
bundle exec rspec --tag protocol_suite
|
|
28
|
-
```
|
|
29
|
-
|
|
30
39
|
## Running Benchmark
|
|
31
40
|
|
|
32
41
|
If you make changes which could affect performance, please run the benchmark before and after the change as a sanity check.
|
data/doc/implementations.md
CHANGED
|
@@ -4,8 +4,7 @@
|
|
|
4
4
|
- Clojure: [clojure-mauth-client](https://github.com/mdsol/clojure-mauth-client)
|
|
5
5
|
- Go: [go-mauth-client](https://github.com/mdsol/go-mauth-client)
|
|
6
6
|
- Java: [mauth-jvm-clients](https://github.com/mdsol/mauth-jvm-clients)
|
|
7
|
-
- Python:
|
|
8
|
-
- [requests-mauth](https://github.com/mdsol/requests-mauth)
|
|
9
|
-
- [flask-mauth](https://github.com/mdsol/flask-mauth)
|
|
7
|
+
- Python: [mauth-client-python](https://github.com/mdsol/mauth-client-python)
|
|
10
8
|
- R: [RMauthClient](https://github.com/mdsol/RMauthClient)
|
|
11
9
|
- Ruby: [mauth-client-ruby](https://github.com/mdsol/mauth-client-ruby)
|
|
10
|
+
- Rust: [mauth-client-rust](https://github.com/mdsol/mauth-client-rust)
|
|
@@ -1,15 +1,11 @@
|
|
|
1
|
+
require 'faraday-http-cache'
|
|
2
|
+
require 'oj'
|
|
3
|
+
|
|
1
4
|
module MAuth
|
|
2
5
|
class Client
|
|
3
6
|
module LocalAuthenticator
|
|
4
7
|
class SecurityTokenCacher
|
|
5
8
|
|
|
6
|
-
class ExpirableSecurityToken < Struct.new(:security_token, :create_time)
|
|
7
|
-
CACHE_LIFE = 60
|
|
8
|
-
def expired?
|
|
9
|
-
create_time + CACHE_LIFE < Time.now
|
|
10
|
-
end
|
|
11
|
-
end
|
|
12
|
-
|
|
13
9
|
def initialize(mauth_client)
|
|
14
10
|
@mauth_client = mauth_client
|
|
15
11
|
# TODO: should this be UnableToSignError?
|
|
@@ -20,7 +16,7 @@ module MAuth
|
|
|
20
16
|
end
|
|
21
17
|
|
|
22
18
|
def get(app_uuid)
|
|
23
|
-
if !@cache[app_uuid]
|
|
19
|
+
if !@cache[app_uuid]
|
|
24
20
|
# url-encode the app_uuid to prevent trickery like escaping upward with ../../ in a malicious
|
|
25
21
|
# app_uuid - probably not exploitable, but this is the right way to do it anyway.
|
|
26
22
|
url_encoded_app_uuid = CGI.escape(app_uuid)
|
|
@@ -32,15 +28,8 @@ module MAuth
|
|
|
32
28
|
raise UnableToAuthenticateError, msg
|
|
33
29
|
end
|
|
34
30
|
if response.status == 200
|
|
35
|
-
begin
|
|
36
|
-
security_token = JSON.parse(response.body)
|
|
37
|
-
rescue JSON::ParserError => e
|
|
38
|
-
msg = "mAuth service responded with unparseable json: #{response.body}\n#{e.class}: #{e.message}"
|
|
39
|
-
@mauth_client.logger.error("Unable to authenticate with MAuth. Exception #{msg}")
|
|
40
|
-
raise UnableToAuthenticateError, msg
|
|
41
|
-
end
|
|
42
31
|
@cache_write_lock.synchronize do
|
|
43
|
-
@cache[app_uuid] =
|
|
32
|
+
@cache[app_uuid] = security_token_from(response.body)
|
|
44
33
|
end
|
|
45
34
|
elsif response.status == 404
|
|
46
35
|
# signing with a key mAuth doesn't know about is considered inauthentic
|
|
@@ -49,11 +38,19 @@ module MAuth
|
|
|
49
38
|
@mauth_client.send(:mauth_service_response_error, response)
|
|
50
39
|
end
|
|
51
40
|
end
|
|
52
|
-
@cache[app_uuid]
|
|
41
|
+
@cache[app_uuid]
|
|
53
42
|
end
|
|
54
43
|
|
|
55
44
|
private
|
|
56
45
|
|
|
46
|
+
def security_token_from(response_body)
|
|
47
|
+
JSON.parse response_body
|
|
48
|
+
rescue JSON::ParserError => e
|
|
49
|
+
msg = "mAuth service responded with unparseable json: #{response_body}\n#{e.class}: #{e.message}"
|
|
50
|
+
@mauth_client.logger.error("Unable to authenticate with MAuth. Exception #{msg}")
|
|
51
|
+
raise UnableToAuthenticateError, msg
|
|
52
|
+
end
|
|
53
|
+
|
|
57
54
|
def signed_mauth_connection
|
|
58
55
|
require 'faraday'
|
|
59
56
|
require 'mauth/faraday'
|
|
@@ -61,6 +58,7 @@ module MAuth
|
|
|
61
58
|
@signed_mauth_connection ||= ::Faraday.new(@mauth_client.mauth_baseurl, @mauth_client.faraday_options) do |builder|
|
|
62
59
|
builder.use MAuth::Faraday::MAuthClientUserAgent
|
|
63
60
|
builder.use MAuth::Faraday::RequestSigner, 'mauth_client' => @mauth_client
|
|
61
|
+
builder.use :http_cache, serializer: Oj, logger: MAuth::Client.new.logger, shared_cache: false
|
|
64
62
|
builder.adapter ::Faraday.default_adapter
|
|
65
63
|
end
|
|
66
64
|
end
|
data/lib/mauth/version.rb
CHANGED
data/mauth-client.gemspec
CHANGED
|
@@ -20,6 +20,8 @@ Gem::Specification.new do |spec|
|
|
|
20
20
|
|
|
21
21
|
spec.add_dependency 'faraday', '>= 0.9', '< 2.0'
|
|
22
22
|
spec.add_dependency 'faraday_middleware', '>= 0.9', '< 2.0'
|
|
23
|
+
spec.add_dependency 'faraday-http-cache', '>= 2.0', '< 3.0'
|
|
24
|
+
spec.add_dependency 'oj', '~> 3.0'
|
|
23
25
|
spec.add_dependency 'term-ansicolor', '~> 1.0'
|
|
24
26
|
spec.add_dependency 'coderay', '~> 1.0'
|
|
25
27
|
spec.add_dependency 'rack'
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: mauth-client
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 6.
|
|
4
|
+
version: 6.2.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Matthew Szenher
|
|
@@ -11,7 +11,7 @@ authors:
|
|
|
11
11
|
autorequire:
|
|
12
12
|
bindir: exe
|
|
13
13
|
cert_chain: []
|
|
14
|
-
date:
|
|
14
|
+
date: 2021-06-10 00:00:00.000000000 Z
|
|
15
15
|
dependencies:
|
|
16
16
|
- !ruby/object:Gem::Dependency
|
|
17
17
|
name: faraday
|
|
@@ -53,6 +53,40 @@ dependencies:
|
|
|
53
53
|
- - "<"
|
|
54
54
|
- !ruby/object:Gem::Version
|
|
55
55
|
version: '2.0'
|
|
56
|
+
- !ruby/object:Gem::Dependency
|
|
57
|
+
name: faraday-http-cache
|
|
58
|
+
requirement: !ruby/object:Gem::Requirement
|
|
59
|
+
requirements:
|
|
60
|
+
- - ">="
|
|
61
|
+
- !ruby/object:Gem::Version
|
|
62
|
+
version: '2.0'
|
|
63
|
+
- - "<"
|
|
64
|
+
- !ruby/object:Gem::Version
|
|
65
|
+
version: '3.0'
|
|
66
|
+
type: :runtime
|
|
67
|
+
prerelease: false
|
|
68
|
+
version_requirements: !ruby/object:Gem::Requirement
|
|
69
|
+
requirements:
|
|
70
|
+
- - ">="
|
|
71
|
+
- !ruby/object:Gem::Version
|
|
72
|
+
version: '2.0'
|
|
73
|
+
- - "<"
|
|
74
|
+
- !ruby/object:Gem::Version
|
|
75
|
+
version: '3.0'
|
|
76
|
+
- !ruby/object:Gem::Dependency
|
|
77
|
+
name: oj
|
|
78
|
+
requirement: !ruby/object:Gem::Requirement
|
|
79
|
+
requirements:
|
|
80
|
+
- - "~>"
|
|
81
|
+
- !ruby/object:Gem::Version
|
|
82
|
+
version: '3.0'
|
|
83
|
+
type: :runtime
|
|
84
|
+
prerelease: false
|
|
85
|
+
version_requirements: !ruby/object:Gem::Requirement
|
|
86
|
+
requirements:
|
|
87
|
+
- - "~>"
|
|
88
|
+
- !ruby/object:Gem::Version
|
|
89
|
+
version: '3.0'
|
|
56
90
|
- !ruby/object:Gem::Dependency
|
|
57
91
|
name: term-ansicolor
|
|
58
92
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -268,6 +302,7 @@ extra_rdoc_files: []
|
|
|
268
302
|
files:
|
|
269
303
|
- ".fossa.yml"
|
|
270
304
|
- ".gitignore"
|
|
305
|
+
- ".gitmodules"
|
|
271
306
|
- ".rspec"
|
|
272
307
|
- ".travis.yml"
|
|
273
308
|
- ".yardopts"
|