nm-gigya 0.1.23 → 0.1.28
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/gigya/connection.rb +18 -1
- metadata +5 -5
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 2f188ae6c637a581d11e437fbd8f43605a20f4333e1ab9eaf77d69e4e5617cdf
|
|
4
|
+
data.tar.gz: 4794e48c694d55793fe3ef81fcb5949c0682a6d3a83fa9503958202814376016
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 0a14804514d964a85e655ef0018f308004ceeacfa715ed3be9d8c4c9ce88d6010ff0d2638238616cb1f7cb7595e688281400eb1c1d9add26bf69246f3cd8fce0
|
|
7
|
+
data.tar.gz: 50486bb76349c58acc39159669db183bf42c0bcd69a36e3d5708318ea32aa4fc47b925732ca3c92507dc08fc6eede7dfcce80ee25aaed5b7464947b8df71a9ca
|
data/lib/gigya/connection.rb
CHANGED
|
@@ -153,6 +153,7 @@ module Gigya
|
|
|
153
153
|
|
|
154
154
|
class Connection
|
|
155
155
|
attr_accessor :jwt_skip_validation
|
|
156
|
+
attr_accessor :whitelisted_api_keys
|
|
156
157
|
|
|
157
158
|
GIGYA_BASE_URL="gigya.com"
|
|
158
159
|
def self.shared_connection
|
|
@@ -164,6 +165,10 @@ module Gigya
|
|
|
164
165
|
:user_secret => ENV["GIGYA_USER_SECRET"],
|
|
165
166
|
:debug_connection => ENV["GIGYA_DEBUG_CONNECTION"] == "1"
|
|
166
167
|
)
|
|
168
|
+
|
|
169
|
+
whitelist = ENV["GIGYA_WHITELISTED_API_KEYS"]
|
|
170
|
+
conn.whitelisted_api_keys = whitelist.split(",") unless whitelist.blank?
|
|
171
|
+
|
|
167
172
|
conn.jwt_skip_validation = false
|
|
168
173
|
conn
|
|
169
174
|
end
|
|
@@ -263,7 +268,19 @@ module Gigya
|
|
|
263
268
|
|
|
264
269
|
return user_jwt_info if jwt_skip_validation
|
|
265
270
|
|
|
266
|
-
|
|
271
|
+
# If we have enumerated whitelisted API keys
|
|
272
|
+
unless whitelisted_api_keys.nil?
|
|
273
|
+
# Grab the API key encoded in the token
|
|
274
|
+
jwt_api_key = user_jwt_info["apiKey"]
|
|
275
|
+
|
|
276
|
+
# Our own API key is automatically valid
|
|
277
|
+
if jwt_api_key != api_key
|
|
278
|
+
# Make sure it is listed in the whitelisted keys
|
|
279
|
+
raise "Invalid API Key" unless whitelisted_api_keys.include?(jwt_api_key)
|
|
280
|
+
end
|
|
281
|
+
end
|
|
282
|
+
|
|
283
|
+
signing_key_id = signing_jwt_info["keyid"] || signing_jwt_info["kid"]
|
|
267
284
|
@cached_data["jwt_public_keys"] ||= {}
|
|
268
285
|
k = @cached_data["jwt_public_keys"][signing_key_id]
|
|
269
286
|
k = download_latest_jwt_public_key(signing_key_id) if k == nil
|
metadata
CHANGED
|
@@ -1,13 +1,13 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: nm-gigya
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.1.
|
|
4
|
+
version: 0.1.28
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Jonathan Bartlett
|
|
8
8
|
- Tyler Jackson
|
|
9
9
|
- Clark Ritchie
|
|
10
|
-
autorequire:
|
|
10
|
+
autorequire:
|
|
11
11
|
bindir: bin
|
|
12
12
|
cert_chain: []
|
|
13
13
|
date: 2020-04-22 00:00:00.000000000 Z
|
|
@@ -40,7 +40,7 @@ dependencies:
|
|
|
40
40
|
- - "~>"
|
|
41
41
|
- !ruby/object:Gem::Version
|
|
42
42
|
version: '2.1'
|
|
43
|
-
description:
|
|
43
|
+
description:
|
|
44
44
|
email: jonathan.bartlett@specialized.com
|
|
45
45
|
executables: []
|
|
46
46
|
extensions: []
|
|
@@ -56,7 +56,7 @@ homepage: http://www.newmedio.com/
|
|
|
56
56
|
licenses:
|
|
57
57
|
- MIT
|
|
58
58
|
metadata: {}
|
|
59
|
-
post_install_message:
|
|
59
|
+
post_install_message:
|
|
60
60
|
rdoc_options: []
|
|
61
61
|
require_paths:
|
|
62
62
|
- lib
|
|
@@ -72,7 +72,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
72
72
|
version: '0'
|
|
73
73
|
requirements: []
|
|
74
74
|
rubygems_version: 3.1.2
|
|
75
|
-
signing_key:
|
|
75
|
+
signing_key:
|
|
76
76
|
specification_version: 4
|
|
77
77
|
summary: Gigya API Utility Package
|
|
78
78
|
test_files: []
|