mauth-client 6.2.0 → 6.2.1

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: be045713042cd9a25e7b0219d959c1208c66b700c8a113130d7865d91e17db7d
4
- data.tar.gz: 155e903f0fa2fafabf2167c9d908398259ec2c9336b7f953bda83efe13667559
3
+ metadata.gz: 1871065424b09a341be04ecae785be82574cef1fafacb689d2ea538e8d25d03e
4
+ data.tar.gz: 6ff7c37a989fcdd8ec8e4d46d9ce4e0ab61cd16a7fcd1784f1d85f24e67a2ad1
5
5
  SHA512:
6
- metadata.gz: 8c97d131c0f9aef554ab5ebb7fd06193ec50a50f7a81fc93a184ba30b5b91bf870c560a06ce9c5dfeb19dab7cb7410c771b355fbbfb1055e56327147c32c5a6a
7
- data.tar.gz: 446f8d0a681376361e3b9eabd86b20f3bfe2d28bdb028edf0b78c6e21f9222a7eaed5de3ba4fecd5afa95059698a14f6f4aaeba083d31ff5c55f618b9cbcdb12
6
+ metadata.gz: a71f408dd52e310d544f65d0b0ea03df7a671db23bfc11a39a38795bd23f3f0ff78472982e4176461fd55ea98d3ed5de9a8d9ec9cfea19ffd334d167d9ba1836
7
+ data.tar.gz: 8334a7c74a7829b52fae5bde7ac783e425c86285d6d17db8f79088ff3998736786813cc5a56de2ffe12fe594db32606e76d9831befb59e3ee507683e4bbd6c76
data/.travis.yml CHANGED
@@ -34,7 +34,7 @@ deploy:
34
34
  provider: rubygems
35
35
  gem: mauth-client
36
36
  api_key:
37
- secure: J0aPDp4+Ev2L+ZDcgpF+hAG95S4IsD6pCiDRxDWnrk79P5hq1rXoD3S39ANyqtQEQqkoVjsgoSP5JLi420aL2lYj7mhvaEOty9fK+flwUhI4nw+Gztm7EKNDNX8WKvk4fl4Zc7noIeI0uyes867hDjRQfyYvUuma7aK5H9NWzNUV9Q+KrVAoneVDGnNydxwkuuIpOFdjbVQgNpxVhVBV7Q4OLsB1KtWB9lptMwhqnyqZKex7JZ+37sojaj3oVT5ijrnAm+bR1QO1hGIOwuBako2iz+MBZHPccM4BEFsZme/7olypxv0JfeCuhqDnH1VWIFh6IZRDeLnZuX3qOhkdx4HLwxB//5O5+iapK0wh1zbnLvXqkE1dalUHyaZzStKH9xchIWl5I77Ica232OJYrpj9hhroae0p3VARF0IoZceKaH8NnMpq+nBAW4REcWrqPpe9xkRLDTNibkpaAy08vGOF2kPZkWw4lfkVBM1+wjY2xDn6wJ7VgQ1BeosbeTXbmny2TUeI22beihn894tzpCPPHiTRvKu0lV3jBfeoOAXzE333PrGm3zF9MDhg+1/iBwXVhdoOwEwBPQ/3Hu37xJn0AfRneni4StYnIkZ1Ur9Vub03J/3C3Aw6it99rQSWvC+2PzHqQhsG22VprvxlozFe1jFzdqKgvDkbkn44ltI=
37
+ secure: QDp0P/lMGLYc4+A3M6VD9y551X6GrGwOSBE6xSG4lE6mPXoSISK5Yj18vNWQRQuQ4BsE6CdfZ/xsPjSRDda6b+yUQbgisjJ+Ry6jUVE1v9UKTZ0VHgHyXcsaJFC29tBKBeuGCj0AD5qhbTO1+ybeZSUfdSeVVoidD4W/bSnvzlT1Lht7IE8jbHbR57LsJKoEaDxKu33dg4CYV96xrlYGxHAS2UgEgi5Ve3ohzBWkX9RWF/wWoGCzIYhJBzXgCEEFw8iWkspjTePgv9yjD2HIMtF44aiSTHM5iqBBsYJ7A8+kUwoq7+srsashHZ1wZz1YulsCSkjwM9AXZ4E0f9AnERw/RQ5gG7bCuHZtSG9g/0SWBQeNfkAF3An6eTSS24KVfnarGdH2bk0G28k2oP26MWiDKz8nlQxNAY4rH+dITael18bgf45H4KccQqiooBEGnuYpUAuIPB+1l+BsIcRQnrU3LDtmtZn0KrCHHJ7EHOdogOG+/Pxof8ht1xF7V+HYhhzSRJs2JkvmZsp4q2T7W6b6kfi59Cz3LpqA1HHYcL5/OFZeLA/TlCNke0CRMxG8k3udDKj50jqFATXEa8lNyGLjmWh7tL9Bb/uy+CU47qUdx+V4K+kheAvNFtHfpxmyUGJSY0FH02H1VBPWm10DZ7kH+6jgCKyXuql+yWDw62s=
38
38
  on:
39
39
  tags: true
40
40
  repo: mdsol/mauth-client-ruby
data/CHANGELOG.md CHANGED
@@ -1,3 +1,6 @@
1
+ ## v6.2.1
2
+ * Fix SecurityTokenCacher to not cache tokens forever.
3
+
1
4
  ## v6.2.0
2
5
  * Drop legacy security token expiry in favor of honoring server cache headers via Faraday HTTP Cache Middleware.
3
6
 
@@ -1,5 +1,5 @@
1
1
  require 'faraday-http-cache'
2
- require 'oj'
2
+ require 'mauth/faraday'
3
3
 
4
4
  module MAuth
5
5
  class Client
@@ -9,36 +9,31 @@ module MAuth
9
9
  def initialize(mauth_client)
10
10
  @mauth_client = mauth_client
11
11
  # TODO: should this be UnableToSignError?
12
- @mauth_client.assert_private_key(UnableToAuthenticateError.new("Cannot fetch public keys from mAuth service without a private key!"))
13
- @cache = {}
14
- require 'thread'
15
- @cache_write_lock = Mutex.new
12
+ @mauth_client.assert_private_key(
13
+ UnableToAuthenticateError.new("Cannot fetch public keys from mAuth service without a private key!")
14
+ )
16
15
  end
17
16
 
18
17
  def get(app_uuid)
19
- if !@cache[app_uuid]
20
- # url-encode the app_uuid to prevent trickery like escaping upward with ../../ in a malicious
21
- # app_uuid - probably not exploitable, but this is the right way to do it anyway.
22
- url_encoded_app_uuid = CGI.escape(app_uuid)
23
- begin
24
- response = signed_mauth_connection.get("/mauth/#{@mauth_client.mauth_api_version}/security_tokens/#{url_encoded_app_uuid}.json")
25
- rescue ::Faraday::ConnectionFailed, ::Faraday::TimeoutError => e
26
- msg = "mAuth service did not respond; received #{e.class}: #{e.message}"
27
- @mauth_client.logger.error("Unable to authenticate with MAuth. Exception #{msg}")
28
- raise UnableToAuthenticateError, msg
29
- end
30
- if response.status == 200
31
- @cache_write_lock.synchronize do
32
- @cache[app_uuid] = security_token_from(response.body)
33
- end
34
- elsif response.status == 404
35
- # signing with a key mAuth doesn't know about is considered inauthentic
36
- raise InauthenticError, "mAuth service responded with 404 looking up public key for #{app_uuid}"
37
- else
38
- @mauth_client.send(:mauth_service_response_error, response)
39
- end
18
+ # url-encode the app_uuid to prevent trickery like escaping upward with ../../ in a malicious
19
+ # app_uuid - probably not exploitable, but this is the right way to do it anyway.
20
+ url_encoded_app_uuid = CGI.escape(app_uuid)
21
+ path = "/mauth/#{@mauth_client.mauth_api_version}/security_tokens/#{url_encoded_app_uuid}.json"
22
+ response = signed_mauth_connection.get(path)
23
+
24
+ case response.status
25
+ when 200
26
+ security_token_from(response.body)
27
+ when 404
28
+ # signing with a key mAuth doesn't know about is considered inauthentic
29
+ raise InauthenticError, "mAuth service responded with 404 looking up public key for #{app_uuid}"
30
+ else
31
+ @mauth_client.send(:mauth_service_response_error, response)
40
32
  end
41
- @cache[app_uuid]
33
+ rescue ::Faraday::ConnectionFailed, ::Faraday::TimeoutError => e
34
+ msg = "mAuth service did not respond; received #{e.class}: #{e.message}"
35
+ @mauth_client.logger.error("Unable to authenticate with MAuth. Exception #{msg}")
36
+ raise UnableToAuthenticateError, msg
42
37
  end
43
38
 
44
39
  private
@@ -52,14 +47,17 @@ module MAuth
52
47
  end
53
48
 
54
49
  def signed_mauth_connection
55
- require 'faraday'
56
- require 'mauth/faraday'
57
- @mauth_client.faraday_options[:ssl] = { ca_path: @mauth_client.ssl_certs_path } if @mauth_client.ssl_certs_path
58
- @signed_mauth_connection ||= ::Faraday.new(@mauth_client.mauth_baseurl, @mauth_client.faraday_options) do |builder|
59
- builder.use MAuth::Faraday::MAuthClientUserAgent
60
- builder.use MAuth::Faraday::RequestSigner, 'mauth_client' => @mauth_client
61
- builder.use :http_cache, serializer: Oj, logger: MAuth::Client.new.logger, shared_cache: false
62
- builder.adapter ::Faraday.default_adapter
50
+ @signed_mauth_connection ||= begin
51
+ if @mauth_client.ssl_certs_path
52
+ @mauth_client.faraday_options[:ssl] = { ca_path: @mauth_client.ssl_certs_path }
53
+ end
54
+
55
+ ::Faraday.new(@mauth_client.mauth_baseurl, @mauth_client.faraday_options) do |builder|
56
+ builder.use MAuth::Faraday::MAuthClientUserAgent
57
+ builder.use MAuth::Faraday::RequestSigner, 'mauth_client' => @mauth_client
58
+ builder.use :http_cache, logger: MAuth::Client.new.logger, shared_cache: false
59
+ builder.adapter ::Faraday.default_adapter
60
+ end
63
61
  end
64
62
  end
65
63
  end
data/lib/mauth/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module MAuth
4
- VERSION = '6.2.0'
4
+ VERSION = '6.2.1'
5
5
  end
data/mauth-client.gemspec CHANGED
@@ -21,7 +21,6 @@ Gem::Specification.new do |spec|
21
21
  spec.add_dependency 'faraday', '>= 0.9', '< 2.0'
22
22
  spec.add_dependency 'faraday_middleware', '>= 0.9', '< 2.0'
23
23
  spec.add_dependency 'faraday-http-cache', '>= 2.0', '< 3.0'
24
- spec.add_dependency 'oj', '~> 3.0'
25
24
  spec.add_dependency 'term-ansicolor', '~> 1.0'
26
25
  spec.add_dependency 'coderay', '~> 1.0'
27
26
  spec.add_dependency 'rack'
@@ -37,4 +36,5 @@ Gem::Specification.new do |spec|
37
36
  spec.add_development_dependency 'simplecov', '~> 0.16'
38
37
  spec.add_development_dependency 'timecop', '~> 0.9'
39
38
  spec.add_development_dependency 'benchmark-ips', '~> 2.7'
39
+ spec.add_development_dependency 'webmock', '~> 3.0'
40
40
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: mauth-client
3
3
  version: !ruby/object:Gem::Version
4
- version: 6.2.0
4
+ version: 6.2.1
5
5
  platform: ruby
6
6
  authors:
7
7
  - Matthew Szenher
@@ -11,7 +11,7 @@ authors:
11
11
  autorequire:
12
12
  bindir: exe
13
13
  cert_chain: []
14
- date: 2021-06-10 00:00:00.000000000 Z
14
+ date: 2021-09-23 00:00:00.000000000 Z
15
15
  dependencies:
16
16
  - !ruby/object:Gem::Dependency
17
17
  name: faraday
@@ -73,20 +73,6 @@ dependencies:
73
73
  - - "<"
74
74
  - !ruby/object:Gem::Version
75
75
  version: '3.0'
76
- - !ruby/object:Gem::Dependency
77
- name: oj
78
- requirement: !ruby/object:Gem::Requirement
79
- requirements:
80
- - - "~>"
81
- - !ruby/object:Gem::Version
82
- version: '3.0'
83
- type: :runtime
84
- prerelease: false
85
- version_requirements: !ruby/object:Gem::Requirement
86
- requirements:
87
- - - "~>"
88
- - !ruby/object:Gem::Version
89
- version: '3.0'
90
76
  - !ruby/object:Gem::Dependency
91
77
  name: term-ansicolor
92
78
  requirement: !ruby/object:Gem::Requirement
@@ -289,6 +275,20 @@ dependencies:
289
275
  - - "~>"
290
276
  - !ruby/object:Gem::Version
291
277
  version: '2.7'
278
+ - !ruby/object:Gem::Dependency
279
+ name: webmock
280
+ requirement: !ruby/object:Gem::Requirement
281
+ requirements:
282
+ - - "~>"
283
+ - !ruby/object:Gem::Version
284
+ version: '3.0'
285
+ type: :development
286
+ prerelease: false
287
+ version_requirements: !ruby/object:Gem::Requirement
288
+ requirements:
289
+ - - "~>"
290
+ - !ruby/object:Gem::Version
291
+ version: '3.0'
292
292
  description: Client for signing and authentication of requests and responses with
293
293
  mAuth authentication. Includes middleware for Rack and Faraday for incoming and
294
294
  outgoing requests and responses.