nm-gigya 0.1.25 → 0.1.26
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/gigya/connection.rb +17 -0
- data/lib/gigya/controller_utils.rb +1 -21
- metadata +1 -1
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: b8253c94735c73d0870a148bfc7babdf2da0bc6baab966ba4c0d7207ce33f90f
|
|
4
|
+
data.tar.gz: b4ebd99810c2e3283a86c33982934ef47cd4627ca2068c5622200331118b7efc
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 18216ea8d1ef4c8ee108349cbcbf473d4743a4f76604fe72a973241a735265576eb4be4a406b72daa465ffa6dede7e0ba328717aa7a233f579f5ed4376421847
|
|
7
|
+
data.tar.gz: 6d9146dce8eb144384c6d1824172526b9856c37bdf9510006829e14ec380f6cbf9010d96e1da2f334bb2c933fdef342d9144a0ac85e2fee7ed34b00f4c03fb2c
|
data/lib/gigya/connection.rb
CHANGED
|
@@ -153,6 +153,7 @@ module Gigya
|
|
|
153
153
|
|
|
154
154
|
class Connection
|
|
155
155
|
attr_accessor :jwt_skip_validation
|
|
156
|
+
attr_accessor :whitelisted_api_keys
|
|
156
157
|
|
|
157
158
|
GIGYA_BASE_URL="gigya.com"
|
|
158
159
|
def self.shared_connection
|
|
@@ -164,6 +165,10 @@ module Gigya
|
|
|
164
165
|
:user_secret => ENV["GIGYA_USER_SECRET"],
|
|
165
166
|
:debug_connection => ENV["GIGYA_DEBUG_CONNECTION"] == "1"
|
|
166
167
|
)
|
|
168
|
+
|
|
169
|
+
whitelist = ENV["GIGYA_WHITELISTED_API_KEYS"]
|
|
170
|
+
conn.whitelisted_api_keys => whitelist.split(",") unless whitelist.blank?
|
|
171
|
+
|
|
167
172
|
conn.jwt_skip_validation = false
|
|
168
173
|
conn
|
|
169
174
|
end
|
|
@@ -263,6 +268,18 @@ module Gigya
|
|
|
263
268
|
|
|
264
269
|
return user_jwt_info if jwt_skip_validation
|
|
265
270
|
|
|
271
|
+
# If we have enumerated whitelisted API keys
|
|
272
|
+
unless whitelisted_api_keys.nil?
|
|
273
|
+
# Grab the API key encoded in the token
|
|
274
|
+
jwt_api_key = user_jwt_info["apiKey"]
|
|
275
|
+
|
|
276
|
+
# Our own API key is automatically valid
|
|
277
|
+
if jwt_api_key != api_key
|
|
278
|
+
# Make sure it is listed in the whitelisted keys
|
|
279
|
+
raise "Invalid API Key" unless whitelisted_api_keys.include?(jwt_api_key)
|
|
280
|
+
end
|
|
281
|
+
end
|
|
282
|
+
|
|
266
283
|
signing_key_id = signing_jwt_info["keyid"]
|
|
267
284
|
@cached_data["jwt_public_keys"] ||= {}
|
|
268
285
|
k = @cached_data["jwt_public_keys"][signing_key_id]
|
|
@@ -23,30 +23,10 @@ module Gigya
|
|
|
23
23
|
@@gigya_refresh_time_decay
|
|
24
24
|
end
|
|
25
25
|
|
|
26
|
-
@@max_logged_tokens = 20
|
|
27
|
-
@@logged_tokens = {}
|
|
28
|
-
|
|
29
|
-
def log_token_error(tok, msg = nil)
|
|
30
|
-
if @@max_logged_tokens > 0
|
|
31
|
-
if @@logged_tokens[tok]
|
|
32
|
-
# already logged
|
|
33
|
-
else
|
|
34
|
-
@@logged_tokens[tok] = true
|
|
35
|
-
@@max_logged_tokens = @@max_logged_tokens - 1
|
|
36
|
-
end
|
|
37
|
-
Rails.logger.warn("Token Issue: #{tok}") if tok.present?
|
|
38
|
-
Rails.logger.warn("Token message: #{msg}") if msg.present?
|
|
39
|
-
end
|
|
40
|
-
end
|
|
41
|
-
|
|
42
26
|
def gigya_user_required
|
|
43
27
|
begin
|
|
44
|
-
if gigya_user_identifier.blank?
|
|
45
|
-
log_token_error(request.headers["Authorization"])
|
|
46
|
-
render(:json => {:error => "Invalid login"}, :status => 401)
|
|
47
|
-
end
|
|
28
|
+
render(:json => {:error => "Invalid login"}, :status => 401) if gigya_user_identifier.blank?
|
|
48
29
|
rescue
|
|
49
|
-
log_token_error(request.headers["Authorization"], $!.message)
|
|
50
30
|
render(:json => {:error => "#{$!.message}"}, :status => 401)
|
|
51
31
|
end
|
|
52
32
|
end
|