nm-gigya 0.1.23 → 0.1.28
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/gigya/connection.rb +18 -1
- metadata +5 -5
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 2f188ae6c637a581d11e437fbd8f43605a20f4333e1ab9eaf77d69e4e5617cdf
|
4
|
+
data.tar.gz: 4794e48c694d55793fe3ef81fcb5949c0682a6d3a83fa9503958202814376016
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 0a14804514d964a85e655ef0018f308004ceeacfa715ed3be9d8c4c9ce88d6010ff0d2638238616cb1f7cb7595e688281400eb1c1d9add26bf69246f3cd8fce0
|
7
|
+
data.tar.gz: 50486bb76349c58acc39159669db183bf42c0bcd69a36e3d5708318ea32aa4fc47b925732ca3c92507dc08fc6eede7dfcce80ee25aaed5b7464947b8df71a9ca
|
data/lib/gigya/connection.rb
CHANGED
@@ -153,6 +153,7 @@ module Gigya
|
|
153
153
|
|
154
154
|
class Connection
|
155
155
|
attr_accessor :jwt_skip_validation
|
156
|
+
attr_accessor :whitelisted_api_keys
|
156
157
|
|
157
158
|
GIGYA_BASE_URL="gigya.com"
|
158
159
|
def self.shared_connection
|
@@ -164,6 +165,10 @@ module Gigya
|
|
164
165
|
:user_secret => ENV["GIGYA_USER_SECRET"],
|
165
166
|
:debug_connection => ENV["GIGYA_DEBUG_CONNECTION"] == "1"
|
166
167
|
)
|
168
|
+
|
169
|
+
whitelist = ENV["GIGYA_WHITELISTED_API_KEYS"]
|
170
|
+
conn.whitelisted_api_keys = whitelist.split(",") unless whitelist.blank?
|
171
|
+
|
167
172
|
conn.jwt_skip_validation = false
|
168
173
|
conn
|
169
174
|
end
|
@@ -263,7 +268,19 @@ module Gigya
|
|
263
268
|
|
264
269
|
return user_jwt_info if jwt_skip_validation
|
265
270
|
|
266
|
-
|
271
|
+
# If we have enumerated whitelisted API keys
|
272
|
+
unless whitelisted_api_keys.nil?
|
273
|
+
# Grab the API key encoded in the token
|
274
|
+
jwt_api_key = user_jwt_info["apiKey"]
|
275
|
+
|
276
|
+
# Our own API key is automatically valid
|
277
|
+
if jwt_api_key != api_key
|
278
|
+
# Make sure it is listed in the whitelisted keys
|
279
|
+
raise "Invalid API Key" unless whitelisted_api_keys.include?(jwt_api_key)
|
280
|
+
end
|
281
|
+
end
|
282
|
+
|
283
|
+
signing_key_id = signing_jwt_info["keyid"] || signing_jwt_info["kid"]
|
267
284
|
@cached_data["jwt_public_keys"] ||= {}
|
268
285
|
k = @cached_data["jwt_public_keys"][signing_key_id]
|
269
286
|
k = download_latest_jwt_public_key(signing_key_id) if k == nil
|
metadata
CHANGED
@@ -1,13 +1,13 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: nm-gigya
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.1.
|
4
|
+
version: 0.1.28
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Jonathan Bartlett
|
8
8
|
- Tyler Jackson
|
9
9
|
- Clark Ritchie
|
10
|
-
autorequire:
|
10
|
+
autorequire:
|
11
11
|
bindir: bin
|
12
12
|
cert_chain: []
|
13
13
|
date: 2020-04-22 00:00:00.000000000 Z
|
@@ -40,7 +40,7 @@ dependencies:
|
|
40
40
|
- - "~>"
|
41
41
|
- !ruby/object:Gem::Version
|
42
42
|
version: '2.1'
|
43
|
-
description:
|
43
|
+
description:
|
44
44
|
email: jonathan.bartlett@specialized.com
|
45
45
|
executables: []
|
46
46
|
extensions: []
|
@@ -56,7 +56,7 @@ homepage: http://www.newmedio.com/
|
|
56
56
|
licenses:
|
57
57
|
- MIT
|
58
58
|
metadata: {}
|
59
|
-
post_install_message:
|
59
|
+
post_install_message:
|
60
60
|
rdoc_options: []
|
61
61
|
require_paths:
|
62
62
|
- lib
|
@@ -72,7 +72,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
72
72
|
version: '0'
|
73
73
|
requirements: []
|
74
74
|
rubygems_version: 3.1.2
|
75
|
-
signing_key:
|
75
|
+
signing_key:
|
76
76
|
specification_version: 4
|
77
77
|
summary: Gigya API Utility Package
|
78
78
|
test_files: []
|