nm-gigya 0.1.23 → 0.1.28

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: c8e15740efa701141cdd538da4839d5ce5286c02aaceff82e990022e3578bb10
-  data.tar.gz: 7495fa6f7cf0cd1f761e410652fb5bb1f69cb6dd48b22787042b7f855ee924e3
+  metadata.gz: 2f188ae6c637a581d11e437fbd8f43605a20f4333e1ab9eaf77d69e4e5617cdf
+  data.tar.gz: 4794e48c694d55793fe3ef81fcb5949c0682a6d3a83fa9503958202814376016
 SHA512:
-  metadata.gz: 128ac6258b41c8b5e8de224a6d98587ce7130e49b010f511e8ff47ec92ce67ebff03c300772db51d9c8b87f531924970b642bf448b4633265ce20cc5c86da681
-  data.tar.gz: 013ea387ae6850a00a1c255ee3d95f0b72e7d954f84a2a815eb8ba897dc18f7d5beedb35093950798c93e12c12b80269daf97b44586bd8aebf158d120ebe7665
+  metadata.gz: 0a14804514d964a85e655ef0018f308004ceeacfa715ed3be9d8c4c9ce88d6010ff0d2638238616cb1f7cb7595e688281400eb1c1d9add26bf69246f3cd8fce0
+  data.tar.gz: 50486bb76349c58acc39159669db183bf42c0bcd69a36e3d5708318ea32aa4fc47b925732ca3c92507dc08fc6eede7dfcce80ee25aaed5b7464947b8df71a9ca

data/lib/gigya/connection.rb

@@ -153,6 +153,7 @@ module Gigya
 
 	class Connection
 		attr_accessor :jwt_skip_validation
+		attr_accessor :whitelisted_api_keys
 
 		GIGYA_BASE_URL="gigya.com"
 		def self.shared_connection
@@ -164,6 +165,10 @@ module Gigya
 					:user_secret => ENV["GIGYA_USER_SECRET"],
 					:debug_connection => ENV["GIGYA_DEBUG_CONNECTION"] == "1"
 				)
+
+				whitelist = ENV["GIGYA_WHITELISTED_API_KEYS"]
+				conn.whitelisted_api_keys = whitelist.split(",") unless whitelist.blank?
+
 				conn.jwt_skip_validation = false
 				conn
 			end
@@ -263,7 +268,19 @@ module Gigya
 
 			return user_jwt_info if jwt_skip_validation
 
-			signing_key_id = signing_jwt_info["keyid"]
+			# If we have enumerated whitelisted API keys
+			unless whitelisted_api_keys.nil?
+				# Grab the API key encoded in the token
+				jwt_api_key = user_jwt_info["apiKey"]
+
+				# Our own API key is automatically valid
+				if jwt_api_key != api_key
+					# Make sure it is listed in the whitelisted keys
+					raise "Invalid API Key" unless whitelisted_api_keys.include?(jwt_api_key)
+				end
+			end
+
+			signing_key_id = signing_jwt_info["keyid"] || signing_jwt_info["kid"]
 			@cached_data["jwt_public_keys"] ||= {}
 			k = @cached_data["jwt_public_keys"][signing_key_id]
 			k = download_latest_jwt_public_key(signing_key_id) if k == nil

metadata

@@ -1,13 +1,13 @@
 --- !ruby/object:Gem::Specification
 name: nm-gigya
 version: !ruby/object:Gem::Version
-  version: 0.1.23
+  version: 0.1.28
 platform: ruby
 authors:
 - Jonathan Bartlett
 - Tyler Jackson
 - Clark Ritchie
-autorequire: 
+autorequire:
 bindir: bin
 cert_chain: []
 date: 2020-04-22 00:00:00.000000000 Z
@@ -40,7 +40,7 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: '2.1'
-description: 
+description:
 email: jonathan.bartlett@specialized.com
 executables: []
 extensions: []
@@ -56,7 +56,7 @@ homepage: http://www.newmedio.com/
 licenses:
 - MIT
 metadata: {}
-post_install_message: 
+post_install_message:
 rdoc_options: []
 require_paths:
 - lib
@@ -72,7 +72,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubygems_version: 3.1.2
-signing_key: 
+signing_key:
 specification_version: 4
 summary: Gigya API Utility Package
 test_files: []