omniauth-ethereum 0.0.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +7 -0
- data/lib/omniauth-ethereum.rb +69 -0
- metadata +44 -0
checksums.yaml
ADDED
|
@@ -0,0 +1,7 @@
|
|
|
1
|
+
---
|
|
2
|
+
SHA256:
|
|
3
|
+
metadata.gz: 6947c484fefdc343cb442e3d34f8fbbba0f4ac877048fef87cc4ba2adba7dfec
|
|
4
|
+
data.tar.gz: 407145e7efecc556eca441957b950bc69e5c70b0f326694876e91349e96f9fce
|
|
5
|
+
SHA512:
|
|
6
|
+
metadata.gz: a2044f7abf6b20972f3bf5eed4f54ab735fd4aa33ea38824584270bb6d8a99f3c67603f03b169e96c02627d7770fb0645208cfb029adaac3cf1574de0fed4f0c
|
|
7
|
+
data.tar.gz: 3e2115d0a251336dd0cd4afd92f5373702cde207c8517bf0bf1c8cc044e036efb5b7285891f5d56084bb1fbc397248c12747bef3df8a0d3716ee70e77336d989
|
|
@@ -0,0 +1,69 @@
|
|
|
1
|
+
require 'omniauth'
|
|
2
|
+
require 'eth'
|
|
3
|
+
|
|
4
|
+
module OmniAuth
|
|
5
|
+
module Strategies
|
|
6
|
+
class Ethereum
|
|
7
|
+
include OmniAuth::Strategy
|
|
8
|
+
|
|
9
|
+
# ethereum authentication strategy fields
|
|
10
|
+
# `eth_message`: contains a custom string, the request time, and the specific nonce to sign
|
|
11
|
+
# `eth_address`: contains the public Eth::Address of the user's Ethereum account
|
|
12
|
+
# `eth_signature`: contains the signature of the `eth_message` signed by `eth_address`
|
|
13
|
+
option :fields, [:eth_message, :eth_address, :eth_signature]
|
|
14
|
+
|
|
15
|
+
# the `eth_address` will be the _fake_ unique identifier for the Ethereum strategy
|
|
16
|
+
option :uid_field, :eth_address
|
|
17
|
+
option :fields, [:eth_message, :eth_address, :eth_signature]
|
|
18
|
+
option :uid_field, :eth_address
|
|
19
|
+
|
|
20
|
+
def request_phase
|
|
21
|
+
form = OmniAuth::Form.new :title => 'Ethereum Authentication', :url => callback_path
|
|
22
|
+
options.fields.each do |field|
|
|
23
|
+
|
|
24
|
+
# these fields are read-only and will be filled by javascript in the process
|
|
25
|
+
if field == :eth_message
|
|
26
|
+
form.html("<input type='hidden' id='eth_message' name='eth_message' value='#{now}' />")
|
|
27
|
+
else
|
|
28
|
+
form.html("<input type='hidden' id='#{field.to_s}' name='#{field.to_s}' />")
|
|
29
|
+
end
|
|
30
|
+
end
|
|
31
|
+
|
|
32
|
+
# the form button will be heavy on javascript, requesting account, nonce, and signature before submission
|
|
33
|
+
form.button 'Sign In'
|
|
34
|
+
path = File.join( File.dirname(__FILE__), 'new_session.js')
|
|
35
|
+
js = File.read(path)
|
|
36
|
+
mod = "<script type='module'>\n#{js}\n</script>"
|
|
37
|
+
|
|
38
|
+
form.html(mod)
|
|
39
|
+
form.to_response
|
|
40
|
+
end
|
|
41
|
+
|
|
42
|
+
def callback_phase
|
|
43
|
+
address = request.params['eth_address'].downcase
|
|
44
|
+
message = request.params['eth_message']
|
|
45
|
+
signature = request.params['eth_signature']
|
|
46
|
+
signature_pubkey = Eth::Key.personal_recover message, signature
|
|
47
|
+
signature_address = (Eth::Utils.public_key_to_address signature_pubkey).downcase
|
|
48
|
+
|
|
49
|
+
unix_time = message.scan(/\d+/).first.to_i
|
|
50
|
+
ten_min = 10 * 60
|
|
51
|
+
return fail!(:invalid_time) unless unix_time + ten_min >= now && unix_time - ten_min <= now
|
|
52
|
+
|
|
53
|
+
return fail!(:invalid_credentials) unless signature_address == address
|
|
54
|
+
|
|
55
|
+
super
|
|
56
|
+
end
|
|
57
|
+
|
|
58
|
+
uid do
|
|
59
|
+
request.params[options.uid_field.to_s]
|
|
60
|
+
end
|
|
61
|
+
|
|
62
|
+
private
|
|
63
|
+
|
|
64
|
+
def now
|
|
65
|
+
Time.now.utc.to_i
|
|
66
|
+
end
|
|
67
|
+
end
|
|
68
|
+
end
|
|
69
|
+
end
|
metadata
ADDED
|
@@ -0,0 +1,44 @@
|
|
|
1
|
+
--- !ruby/object:Gem::Specification
|
|
2
|
+
name: omniauth-ethereum
|
|
3
|
+
version: !ruby/object:Gem::Version
|
|
4
|
+
version: 0.0.1
|
|
5
|
+
platform: ruby
|
|
6
|
+
authors:
|
|
7
|
+
- Afri Schoedon
|
|
8
|
+
autorequire:
|
|
9
|
+
bindir: bin
|
|
10
|
+
cert_chain: []
|
|
11
|
+
date: 2021-11-18 00:00:00.000000000 Z
|
|
12
|
+
dependencies: []
|
|
13
|
+
description: Authentication Strategy for OmniAuth to authenticate a user with an Ethereum
|
|
14
|
+
account
|
|
15
|
+
email: gems@fault.dev
|
|
16
|
+
executables: []
|
|
17
|
+
extensions: []
|
|
18
|
+
extra_rdoc_files: []
|
|
19
|
+
files:
|
|
20
|
+
- lib/omniauth-ethereum.rb
|
|
21
|
+
homepage: https://github.com/byz-f/omniauth-ethereum
|
|
22
|
+
licenses:
|
|
23
|
+
- Apache-2.0
|
|
24
|
+
metadata: {}
|
|
25
|
+
post_install_message:
|
|
26
|
+
rdoc_options: []
|
|
27
|
+
require_paths:
|
|
28
|
+
- lib
|
|
29
|
+
required_ruby_version: !ruby/object:Gem::Requirement
|
|
30
|
+
requirements:
|
|
31
|
+
- - ">="
|
|
32
|
+
- !ruby/object:Gem::Version
|
|
33
|
+
version: '0'
|
|
34
|
+
required_rubygems_version: !ruby/object:Gem::Requirement
|
|
35
|
+
requirements:
|
|
36
|
+
- - ">="
|
|
37
|
+
- !ruby/object:Gem::Version
|
|
38
|
+
version: '0'
|
|
39
|
+
requirements: []
|
|
40
|
+
rubygems_version: 3.2.29
|
|
41
|
+
signing_key:
|
|
42
|
+
specification_version: 4
|
|
43
|
+
summary: OmniAuth Strategy for Ethereum
|
|
44
|
+
test_files: []
|