multipassify 1.0.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (10) hide show
  1. checksums.yaml +7 -0
  2. data/.document +5 -0
  3. data/Gemfile +14 -0
  4. data/Gemfile.lock +85 -0
  5. data/LICENSE.txt +20 -0
  6. data/README.rdoc +18 -0
  7. data/Rakefile +50 -0
  8. data/VERSION +1 -0
  9. data/lib/multipassify.rb +54 -0
  10. metadata +123 -0
checksums.yaml ADDED
@@ -0,0 +1,7 @@
1
+ ---
2
+ SHA1:
3
+ metadata.gz: 0cce7af6055a1e60ae15ad913d7eb48999d9ff28
4
+ data.tar.gz: af8cbc9febfeaae2498375794a3065b7f0e68669
5
+ SHA512:
6
+ metadata.gz: 21e02acbf3cbab2d766320c28dd4e2a004d688ab3024a98b37843f98c34e254c7878cf0f4622f69e2e202f1415f30cf47b0ec8497fc9ae46f4eebe7682a0e9dc
7
+ data.tar.gz: 6a544aec57caf835293d52ac77c90fd2209882df519ba3e27b4ff619d954525a98f1949581e6d866d7625889a72fd62872510c721eb0b8b86ad357390c3a52cb
data/.document ADDED
@@ -0,0 +1,5 @@
1
+ lib/**/*.rb
2
+ bin/*
3
+ -
4
+ features/**/*.feature
5
+ LICENSE.txt
data/Gemfile ADDED
@@ -0,0 +1,14 @@
1
+ source "https://rubygems.org"
2
+ # Add dependencies required to use your gem here.
3
+ # Example:
4
+ # gem "activesupport", ">= 2.3.5"
5
+
6
+ # Add dependencies to develop your gem here.
7
+ # Include everything needed to run rake, tests, features, etc.
8
+ group :development do
9
+ gem "shoulda", ">= 0"
10
+ gem "rdoc", "~> 3.12"
11
+ gem "bundler", "~> 1.0"
12
+ gem "juwelier", "~> 2.1.0"
13
+ gem "simplecov", ">= 0"
14
+ end
data/Gemfile.lock ADDED
@@ -0,0 +1,85 @@
1
+ GEM
2
+ remote: https://rubygems.org/
3
+ specs:
4
+ activesupport (5.1.2)
5
+ concurrent-ruby (~> 1.0, >= 1.0.2)
6
+ i18n (~> 0.7)
7
+ minitest (~> 5.1)
8
+ tzinfo (~> 1.1)
9
+ addressable (2.4.0)
10
+ builder (3.2.3)
11
+ concurrent-ruby (1.0.5)
12
+ descendants_tracker (0.0.4)
13
+ thread_safe (~> 0.3, >= 0.3.1)
14
+ docile (1.1.5)
15
+ faraday (0.9.2)
16
+ multipart-post (>= 1.2, < 3)
17
+ git (1.3.0)
18
+ github_api (0.17.0)
19
+ addressable (~> 2.4.0)
20
+ descendants_tracker (~> 0.0.4)
21
+ faraday (~> 0.8, < 0.10)
22
+ hashie (>= 3.4)
23
+ mime-types (>= 1.16, < 3.0)
24
+ oauth2 (~> 1.0)
25
+ hashie (3.5.6)
26
+ highline (1.7.8)
27
+ i18n (0.8.6)
28
+ json (1.8.6)
29
+ juwelier (2.1.3)
30
+ builder
31
+ bundler (>= 1.13)
32
+ git (>= 1.2.5)
33
+ github_api
34
+ highline (>= 1.6.15)
35
+ nokogiri (>= 1.5.10)
36
+ rake
37
+ rdoc
38
+ semver
39
+ jwt (1.5.6)
40
+ mime-types (2.99.3)
41
+ mini_portile2 (2.2.0)
42
+ minitest (5.10.2)
43
+ multi_json (1.12.1)
44
+ multi_xml (0.6.0)
45
+ multipart-post (2.0.0)
46
+ nokogiri (1.8.0)
47
+ mini_portile2 (~> 2.2.0)
48
+ oauth2 (1.4.0)
49
+ faraday (>= 0.8, < 0.13)
50
+ jwt (~> 1.0)
51
+ multi_json (~> 1.3)
52
+ multi_xml (~> 0.5)
53
+ rack (>= 1.2, < 3)
54
+ rack (2.0.3)
55
+ rake (12.0.0)
56
+ rdoc (3.12.2)
57
+ json (~> 1.4)
58
+ semver (1.0.1)
59
+ shoulda (3.5.0)
60
+ shoulda-context (~> 1.0, >= 1.0.1)
61
+ shoulda-matchers (>= 1.4.1, < 3.0)
62
+ shoulda-context (1.2.2)
63
+ shoulda-matchers (2.8.0)
64
+ activesupport (>= 3.0.0)
65
+ simplecov (0.14.1)
66
+ docile (~> 1.1.0)
67
+ json (>= 1.8, < 3)
68
+ simplecov-html (~> 0.10.0)
69
+ simplecov-html (0.10.1)
70
+ thread_safe (0.3.6)
71
+ tzinfo (1.2.3)
72
+ thread_safe (~> 0.1)
73
+
74
+ PLATFORMS
75
+ ruby
76
+
77
+ DEPENDENCIES
78
+ bundler (~> 1.0)
79
+ juwelier (~> 2.1.0)
80
+ rdoc (~> 3.12)
81
+ shoulda
82
+ simplecov
83
+
84
+ BUNDLED WITH
85
+ 1.15.2
data/LICENSE.txt ADDED
@@ -0,0 +1,20 @@
1
+ Copyright (c) 2017 Renato Alves
2
+
3
+ Permission is hereby granted, free of charge, to any person obtaining
4
+ a copy of this software and associated documentation files (the
5
+ "Software"), to deal in the Software without restriction, including
6
+ without limitation the rights to use, copy, modify, merge, publish,
7
+ distribute, sublicense, and/or sell copies of the Software, and to
8
+ permit persons to whom the Software is furnished to do so, subject to
9
+ the following conditions:
10
+
11
+ The above copyright notice and this permission notice shall be
12
+ included in all copies or substantial portions of the Software.
13
+
14
+ THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
15
+ EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
16
+ MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
17
+ NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
18
+ LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
19
+ OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
20
+ WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
data/README.rdoc ADDED
@@ -0,0 +1,18 @@
1
+ = multipassify
2
+
3
+ Description goes here.
4
+
5
+ == Contributing to multipassify
6
+
7
+ * Check out the latest master to make sure the feature hasn't been implemented or the bug hasn't been fixed yet.
8
+ * Check out the issue tracker to make sure someone already hasn't requested it and/or contributed it.
9
+ * Fork the project.
10
+ * Start a feature/bugfix branch.
11
+ * Commit and push until you are happy with your contribution.
12
+ * Make sure to add tests for it. This is important so I don't break it in a future version unintentionally.
13
+ * Please try not to mess with the Rakefile, version, or history. If you want to have your own version, or is otherwise necessary, that is fine, but please isolate to its own commit so I can cherry-pick around it.
14
+
15
+ == Copyright
16
+
17
+ Copyright (c) 2017 Renato Alves. See LICENSE.txt for
18
+ further details.
data/Rakefile ADDED
@@ -0,0 +1,50 @@
1
+ # encoding: utf-8
2
+
3
+ require 'rubygems'
4
+ require 'bundler'
5
+ begin
6
+ Bundler.setup(:default, :development)
7
+ rescue Bundler::BundlerError => e
8
+ $stderr.puts e.message
9
+ $stderr.puts "Run `bundle install` to install missing gems"
10
+ exit e.status_code
11
+ end
12
+ require 'rake'
13
+ require 'juwelier'
14
+ Juwelier::Tasks.new do |gem|
15
+ # gem is a Gem::Specification... see http://guides.rubygems.org/specification-reference/ for more options
16
+ gem.name = "multipassify"
17
+ gem.homepage = "http://github.com/renatodex/multipassify"
18
+ gem.license = "MIT"
19
+ gem.summary = %Q{Ruby port of npm package Multipassify}
20
+ gem.description = %Q{Ruby port of npm package Multipassify}
21
+ gem.email = "renatodex@gmail.com"
22
+ gem.authors = ["Renato Alves"]
23
+
24
+ # dependencies defined in Gemfile
25
+ end
26
+ Juwelier::RubygemsDotOrgTasks.new
27
+ require 'rake/testtask'
28
+ Rake::TestTask.new(:test) do |test|
29
+ test.libs << 'lib' << 'test'
30
+ test.pattern = 'test/**/test_*.rb'
31
+ test.verbose = true
32
+ end
33
+
34
+ desc "Code coverage detail"
35
+ task :simplecov do
36
+ ENV['COVERAGE'] = "true"
37
+ Rake::Task['test'].execute
38
+ end
39
+
40
+ task :default => :test
41
+
42
+ require 'rdoc/task'
43
+ Rake::RDocTask.new do |rdoc|
44
+ version = File.exist?('VERSION') ? File.read('VERSION') : ""
45
+
46
+ rdoc.rdoc_dir = 'rdoc'
47
+ rdoc.title = "multipassify #{version}"
48
+ rdoc.rdoc_files.include('README*')
49
+ rdoc.rdoc_files.include('lib/**/*.rb')
50
+ end
data/VERSION ADDED
@@ -0,0 +1 @@
1
+ 1.0.0
data/lib/multipassify.rb ADDED
@@ -0,0 +1,54 @@
1
+ require 'openssl'
2
+ require 'time'
3
+ require 'json'
4
+ require 'base64'
5
+
6
+ class Multipassify
7
+ attr_accessor :encryptionKey, :signingKey
8
+
9
+ def initialize(secret)
10
+ block_size = 16
11
+
12
+ # Use the Multipass secret to derive two cryptographic keys,
13
+ # one for encryption, one for signing
14
+ hash = OpenSSL::Digest::Digest.new("sha256").digest(secret)
15
+ self.encryptionKey = hash[0,block_size]
16
+ self.signingKey = hash[block_size, 32]
17
+ end
18
+
19
+ def encode(obj)
20
+ return if !obj
21
+
22
+ # Store the current time in ISO8601 format.
23
+ # The token will only be valid for a small timeframe around this timestamp.
24
+ obj["created_at"] = Time.now.iso8601
25
+
26
+ # Serialize the customer data to JSON and encrypt it
27
+ cipherText = self.encrypt(obj.to_json)
28
+
29
+ # Create a signature (message authentication code) of the ciphertext
30
+ # and encode everything using URL-safe Base64 (RFC 4648)
31
+ Base64.urlsafe_encode64(cipherText + self.sign(cipherText))
32
+ end
33
+
34
+ def encrypt(plaintext)
35
+ cipher = OpenSSL::Cipher::Cipher.new("aes-128-cbc")
36
+ cipher.encrypt
37
+ cipher.key = self.encryptionKey
38
+
39
+ ### Use a random IV
40
+ cipher.iv = iv = cipher.random_iv
41
+
42
+ # Use IV as first block of ciphertext
43
+ iv + cipher.update(plaintext) + cipher.final
44
+ end
45
+
46
+ def generate_url(obj, domain)
47
+ return if !domain
48
+ return "https://" + domain + "/account/login/multipass/" + self.encode(obj)
49
+ end
50
+
51
+ def sign(data)
52
+ OpenSSL::HMAC.digest("sha256", self.signingKey, data)
53
+ end
54
+ end
metadata ADDED
@@ -0,0 +1,123 @@
1
+ --- !ruby/object:Gem::Specification
2
+ name: multipassify
3
+ version: !ruby/object:Gem::Version
4
+ version: 1.0.0
5
+ platform: ruby
6
+ authors:
7
+ - Renato Alves
8
+ autorequire:
9
+ bindir: bin
10
+ cert_chain: []
11
+ date: 2017-07-20 00:00:00.000000000 Z
12
+ dependencies:
13
+ - !ruby/object:Gem::Dependency
14
+ name: shoulda
15
+ requirement: !ruby/object:Gem::Requirement
16
+ requirements:
17
+ - - ">="
18
+ - !ruby/object:Gem::Version
19
+ version: '0'
20
+ type: :development
21
+ prerelease: false
22
+ version_requirements: !ruby/object:Gem::Requirement
23
+ requirements:
24
+ - - ">="
25
+ - !ruby/object:Gem::Version
26
+ version: '0'
27
+ - !ruby/object:Gem::Dependency
28
+ name: rdoc
29
+ requirement: !ruby/object:Gem::Requirement
30
+ requirements:
31
+ - - "~>"
32
+ - !ruby/object:Gem::Version
33
+ version: '3.12'
34
+ type: :development
35
+ prerelease: false
36
+ version_requirements: !ruby/object:Gem::Requirement
37
+ requirements:
38
+ - - "~>"
39
+ - !ruby/object:Gem::Version
40
+ version: '3.12'
41
+ - !ruby/object:Gem::Dependency
42
+ name: bundler
43
+ requirement: !ruby/object:Gem::Requirement
44
+ requirements:
45
+ - - "~>"
46
+ - !ruby/object:Gem::Version
47
+ version: '1.0'
48
+ type: :development
49
+ prerelease: false
50
+ version_requirements: !ruby/object:Gem::Requirement
51
+ requirements:
52
+ - - "~>"
53
+ - !ruby/object:Gem::Version
54
+ version: '1.0'
55
+ - !ruby/object:Gem::Dependency
56
+ name: juwelier
57
+ requirement: !ruby/object:Gem::Requirement
58
+ requirements:
59
+ - - "~>"
60
+ - !ruby/object:Gem::Version
61
+ version: 2.1.0
62
+ type: :development
63
+ prerelease: false
64
+ version_requirements: !ruby/object:Gem::Requirement
65
+ requirements:
66
+ - - "~>"
67
+ - !ruby/object:Gem::Version
68
+ version: 2.1.0
69
+ - !ruby/object:Gem::Dependency
70
+ name: simplecov
71
+ requirement: !ruby/object:Gem::Requirement
72
+ requirements:
73
+ - - ">="
74
+ - !ruby/object:Gem::Version
75
+ version: '0'
76
+ type: :development
77
+ prerelease: false
78
+ version_requirements: !ruby/object:Gem::Requirement
79
+ requirements:
80
+ - - ">="
81
+ - !ruby/object:Gem::Version
82
+ version: '0'
83
+ description: Ruby port of npm package Multipassify
84
+ email: renatodex@gmail.com
85
+ executables: []
86
+ extensions: []
87
+ extra_rdoc_files:
88
+ - LICENSE.txt
89
+ - README.rdoc
90
+ files:
91
+ - ".document"
92
+ - Gemfile
93
+ - Gemfile.lock
94
+ - LICENSE.txt
95
+ - README.rdoc
96
+ - Rakefile
97
+ - VERSION
98
+ - lib/multipassify.rb
99
+ homepage: http://github.com/renatodex/multipassify
100
+ licenses:
101
+ - MIT
102
+ metadata: {}
103
+ post_install_message:
104
+ rdoc_options: []
105
+ require_paths:
106
+ - lib
107
+ required_ruby_version: !ruby/object:Gem::Requirement
108
+ requirements:
109
+ - - ">="
110
+ - !ruby/object:Gem::Version
111
+ version: '0'
112
+ required_rubygems_version: !ruby/object:Gem::Requirement
113
+ requirements:
114
+ - - ">="
115
+ - !ruby/object:Gem::Version
116
+ version: '0'
117
+ requirements: []
118
+ rubyforge_project:
119
+ rubygems_version: 2.6.12
120
+ signing_key:
121
+ specification_version: 4
122
+ summary: Ruby port of npm package Multipassify
123
+ test_files: []