RubyGems - mod-auth-pubtkt-rb - Versions diffs - 0.0.2 → 0.0.3 - Mend

mod-auth-pubtkt-rb 0.0.2 → 0.0.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (2) hide show

data/lib/mod_auth_pubtkt.rb +24 -24
metadata +4 -4

data/lib/mod_auth_pubtkt.rb CHANGED Viewed

@@ -18,47 +18,47 @@ module ModAuthPubTkt
   #
   # === Parameters
   #
-  # - uid:      (required; 32 chars max.)
+  # - uid:      (required; 32 chars max.)
   #             The user ID / username the ticket has been issued for, passed to the environment in REMOTE_USER
   #
-  # - expires:  (required.)
+  # - expires:  (required.)
   #             A Time object that describes when this ticket will expire
   #
-  # - key_path: (required.)
+  # - key_path: (required.)
   #             Path to your SSL key to sign the ticket with
   #
-  # - key_type: (required.)
+  # - key_type: (required.)
   #             The type of key ("RSA" or "DSA")
   #
-  # - cip:      (optional; 39 chars max.)
+  # - cip:      (optional; 39 chars max.)
   #             The client IP address.
   #
   # - tokens:   (optional; 255 chars max.)
-  #             A comma-separated list of words (group names etc.) The contents of this field are available
+  #             A comma-separated list of words (group names etc.) The contents of this field are available
   #             to the environment in REMOTE_USER_TOKENS
   #
   # - udata:    (optional; 255 chars max.)
   #             User data, for use by scripts; made available to the environment in REMOTE_USER_DATA
-  #
+  #
   # - grace_period: (optional)
   #             A number of seconds grace period before ticket is refreshed
   #
   def create_ticket(uid, expires, key_path, key_type, cip = '', tokens = '', udata = '', grace_period = 0)
     key    = open_key_file(key_path, key_type)
-    tkt    = "uid=#{uid};validuntil=#{expires.to_i};cip=#{cip};tokens=#{tokens};udata=#{udata};grace_period=#{grace_period}";
+    tkt    = "uid=#{uid};validuntil=#{expires.to_i};cip=#{cip};tokens=#{tokens};udata=#{udata};graceperiod=#{(expires - grace_period).to_i}";
     sig    = encrypt tkt, key
     tkt + ";sig=" + Base64.b64encode(sig).gsub("\n", '').strip
   end
-  # Verify a ticket is good / not been tampered with.
+  # Verify a ticket is good / not been tampered with.
   # NB: This should be done by the apache module but is useful for testing here too
   def verify(tkt, key)
     if tkt =~ /(.*);sig=(.*)/
       str = $1
       sig = Base64.decode64($2)
@@ -69,22 +69,22 @@ module ModAuthPubTkt
     if key.class == OpenSSL::PKey::DSA
       key.verify(OpenSSL::Digest::DSS1.new, sig, str)
     elsif key.class == OpenSSL::PKey::RSA
-      key.verify(OpenSSL::Digest::SHA1.new, sig, str)
-    end
+      key.verify(OpenSSL::Digest::SHA1.new, sig, str)
+    end
   end
   # Encrypt the string using key
   def encrypt(string, key)
     if key.class == OpenSSL::PKey::DSA
       key.sign(OpenSSL::Digest::DSS1.new, string)
     elsif key.class == OpenSSL::PKey::RSA
       key.sign(OpenSSL::Digest::SHA1.new, string)
     end
   end
   # Get the SSL key
   def open_key_file(path, type)
     if type == 'DSA'
@@ -95,5 +95,5 @@ module ModAuthPubTkt
   end
   module_function :create_ticket, :encrypt, :verify, :open_key_file
 end

metadata CHANGED Viewed

@@ -1,13 +1,13 @@
 --- !ruby/object:Gem::Specification
 name: mod-auth-pubtkt-rb
 version: !ruby/object:Gem::Version
-  hash: 27
+  hash: 25
   prerelease: false
   segments:
   - 0
   - 0
-  - 2
-  version: 0.0.2
+  - 3
+  version: 0.0.3
 platform: ruby
 authors:
 - Matt Haynes
@@ -15,7 +15,7 @@ autorequire:
 bindir: bin
 cert_chain: []
-date: 2010-08-04 00:00:00 +01:00
+date: 2010-11-04 00:00:00 +00:00
 default_executable:
 dependencies: []