mod-auth-pubtkt-rb 0.0.2 → 0.0.3

Sign up to get free protection for your applications and to get access to all the features.
Files changed (2) hide show
  1. data/lib/mod_auth_pubtkt.rb +24 -24
  2. metadata +4 -4
data/lib/mod_auth_pubtkt.rb CHANGED
@@ -18,47 +18,47 @@ module ModAuthPubTkt
18
18
  #
19
19
  # === Parameters
20
20
  #
21
- # - uid: (required; 32 chars max.)
21
+ # - uid: (required; 32 chars max.)
22
22
  # The user ID / username the ticket has been issued for, passed to the environment in REMOTE_USER
23
23
  #
24
- # - expires: (required.)
24
+ # - expires: (required.)
25
25
  # A Time object that describes when this ticket will expire
26
26
  #
27
- # - key_path: (required.)
27
+ # - key_path: (required.)
28
28
  # Path to your SSL key to sign the ticket with
29
29
  #
30
- # - key_type: (required.)
30
+ # - key_type: (required.)
31
31
  # The type of key ("RSA" or "DSA")
32
32
  #
33
- # - cip: (optional; 39 chars max.)
33
+ # - cip: (optional; 39 chars max.)
34
34
  # The client IP address.
35
35
  #
36
36
  # - tokens: (optional; 255 chars max.)
37
- # A comma-separated list of words (group names etc.) The contents of this field are available
37
+ # A comma-separated list of words (group names etc.) The contents of this field are available
38
38
  # to the environment in REMOTE_USER_TOKENS
39
39
  #
40
40
  # - udata: (optional; 255 chars max.)
41
41
  # User data, for use by scripts; made available to the environment in REMOTE_USER_DATA
42
- #
42
+ #
43
43
  # - grace_period: (optional)
44
44
  # A number of seconds grace period before ticket is refreshed
45
45
  #
46
46
  def create_ticket(uid, expires, key_path, key_type, cip = '', tokens = '', udata = '', grace_period = 0)
47
-
47
+
48
48
  key = open_key_file(key_path, key_type)
49
-
50
- tkt = "uid=#{uid};validuntil=#{expires.to_i};cip=#{cip};tokens=#{tokens};udata=#{udata};grace_period=#{grace_period}";
51
-
49
+
50
+ tkt = "uid=#{uid};validuntil=#{expires.to_i};cip=#{cip};tokens=#{tokens};udata=#{udata};graceperiod=#{(expires - grace_period).to_i}";
51
+
52
52
  sig = encrypt tkt, key
53
-
53
+
54
54
  tkt + ";sig=" + Base64.b64encode(sig).gsub("\n", '').strip
55
-
55
+
56
56
  end
57
-
58
- # Verify a ticket is good / not been tampered with.
57
+
58
+ # Verify a ticket is good / not been tampered with.
59
59
  # NB: This should be done by the apache module but is useful for testing here too
60
60
  def verify(tkt, key)
61
-
61
+
62
62
  if tkt =~ /(.*);sig=(.*)/
63
63
  str = $1
64
64
  sig = Base64.decode64($2)
@@ -69,22 +69,22 @@ module ModAuthPubTkt
69
69
  if key.class == OpenSSL::PKey::DSA
70
70
  key.verify(OpenSSL::Digest::DSS1.new, sig, str)
71
71
  elsif key.class == OpenSSL::PKey::RSA
72
- key.verify(OpenSSL::Digest::SHA1.new, sig, str)
73
- end
74
-
72
+ key.verify(OpenSSL::Digest::SHA1.new, sig, str)
73
+ end
74
+
75
75
  end
76
-
76
+
77
77
  # Encrypt the string using key
78
78
  def encrypt(string, key)
79
-
79
+
80
80
  if key.class == OpenSSL::PKey::DSA
81
81
  key.sign(OpenSSL::Digest::DSS1.new, string)
82
82
  elsif key.class == OpenSSL::PKey::RSA
83
83
  key.sign(OpenSSL::Digest::SHA1.new, string)
84
84
  end
85
-
85
+
86
86
  end
87
-
87
+
88
88
  # Get the SSL key
89
89
  def open_key_file(path, type)
90
90
  if type == 'DSA'
@@ -95,5 +95,5 @@ module ModAuthPubTkt
95
95
  end
96
96
 
97
97
  module_function :create_ticket, :encrypt, :verify, :open_key_file
98
-
98
+
99
99
  end
metadata CHANGED
@@ -1,13 +1,13 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: mod-auth-pubtkt-rb
3
3
  version: !ruby/object:Gem::Version
4
- hash: 27
4
+ hash: 25
5
5
  prerelease: false
6
6
  segments:
7
7
  - 0
8
8
  - 0
9
- - 2
10
- version: 0.0.2
9
+ - 3
10
+ version: 0.0.3
11
11
  platform: ruby
12
12
  authors:
13
13
  - Matt Haynes
@@ -15,7 +15,7 @@ autorequire:
15
15
  bindir: bin
16
16
  cert_chain: []
17
17
 
18
- date: 2010-08-04 00:00:00 +01:00
18
+ date: 2010-11-04 00:00:00 +00:00
19
19
  default_executable:
20
20
  dependencies: []
21
21