octokey 0.1.pre.1 → 0.1.pre.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- data/lib/octokey.rb +33 -9
- metadata +1 -1
data/lib/octokey.rb
CHANGED
|
@@ -80,10 +80,41 @@ class Octokey
|
|
|
80
80
|
# @return [String] username The user who successfully authenticated.
|
|
81
81
|
# @raise [InvalidRequest] If the login failed for some reason.
|
|
82
82
|
def self.login(auth_request, opts = {}, &block)
|
|
83
|
+
raise ArgumentError, "No public key lookup block given to login" unless block_given?
|
|
84
|
+
|
|
85
|
+
username, public_key = signup(auth_request, opts)
|
|
86
|
+
valid_public_keys = block.call(username)
|
|
87
|
+
valid_public_keys.map!{ |public_key| format_public_key(unformat_public_key(public_key)) }
|
|
88
|
+
|
|
89
|
+
unless valid_public_keys.include? public_key
|
|
90
|
+
raise InvalidRequest, "Got unknown public key for #{username.inspect}: #{format_public_key(public_key).inspect}"
|
|
91
|
+
end
|
|
92
|
+
|
|
93
|
+
username
|
|
94
|
+
end
|
|
95
|
+
|
|
96
|
+
# Validate a signup request.
|
|
97
|
+
#
|
|
98
|
+
# @param [String] auth_request The string sent by the Octokey client.
|
|
99
|
+
# @option opts [String] :client_ip The IP address of the client (see {.new_challenge)}
|
|
100
|
+
# @option opts [Array<String>] :valid_hostnames The list of hostnames which clients may
|
|
101
|
+
# log in from.
|
|
102
|
+
# @option opts [Time] :time (Time.now)
|
|
103
|
+
#
|
|
104
|
+
# @yield [String] username The block should (when given a username) return a list of
|
|
105
|
+
# public keys that are associated with that users account.
|
|
106
|
+
#
|
|
107
|
+
# NOTE: Do not assume that the username passed to the block
|
|
108
|
+
# is logged in. The block is necessarily called before we know
|
|
109
|
+
# this.
|
|
110
|
+
#
|
|
111
|
+
# @return [String] username The username they tried to sign up with.
|
|
112
|
+
# @return [String] public_key Their public key
|
|
113
|
+
# @raise [InvalidRequest] If the login failed for some reason.
|
|
114
|
+
def self.signup(auth_request, opts = {})
|
|
83
115
|
client_ip = opts[:client_ip] or raise ArgumentError, "No :client_ip given to login"
|
|
84
116
|
hostnames = opts[:valid_hostnames] or raise ArgumentError, "No :valid_hostnames given to login"
|
|
85
117
|
time = opts[:time] || Time.now
|
|
86
|
-
raise ArgumentError, "No public key lookup block given to login" unless block_given?
|
|
87
118
|
|
|
88
119
|
buffer = Octokey::Buffer.new(auth_request)
|
|
89
120
|
|
|
@@ -96,9 +127,6 @@ class Octokey
|
|
|
96
127
|
public_key_b = buffer.scan_buffer
|
|
97
128
|
signature_b = buffer.scan_buffer
|
|
98
129
|
|
|
99
|
-
valid_public_keys = block.call(username)
|
|
100
|
-
valid_public_keys.map!{ |public_key| format_public_key(unformat_public_key(public_key)) }
|
|
101
|
-
|
|
102
130
|
public_key, errors = decode_public_key(public_key_b, "ssh-rsa")
|
|
103
131
|
signature, sig_errors = decode_signature(signature_b, signing_alg)
|
|
104
132
|
|
|
@@ -141,15 +169,11 @@ class Octokey
|
|
|
141
169
|
errors << "Incorrect signing algorithm: Got #{signing_alg.inspect}, expected: #{SIGNING_ALGORITHM.inspect}"
|
|
142
170
|
end
|
|
143
171
|
|
|
144
|
-
unless valid_public_keys.include?(format_public_key(public_key))
|
|
145
|
-
errors << "Got unknown public key for #{username.inspect}: #{format_public_key(public_key).inspect}"
|
|
146
|
-
end
|
|
147
|
-
|
|
148
172
|
unless errors.empty?
|
|
149
173
|
raise InvalidRequest.new("Octokey request failed: #{errors.join(". ")}.")
|
|
150
174
|
end
|
|
151
175
|
|
|
152
|
-
username
|
|
176
|
+
[username, format_public_key(public_key)]
|
|
153
177
|
end
|
|
154
178
|
|
|
155
179
|
private
|