openstax_accounts 8.1.0 → 8.1.1

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 5f7776ce8e75c51c3a8b3435712dc37aab19225584f25c99f82ce6bd92042350
4
- data.tar.gz: fac871ea9ca585e3b5e02d46bd37fe6b462ed80283cf23881e551c92d25e9297
3
+ metadata.gz: edf27a81aef8f196ab5b804f38903395d24367628209a9eeb001a37f258f33d5
4
+ data.tar.gz: af2ac3a3de4ab707958bc03b0faf561e876b99521f82a8695a55cfcbbd1bc740
5
5
  SHA512:
6
- metadata.gz: 90ed74a62cb7a299c8ef064accfc52e295a3baa334a110ac8020e02bebf61408f846e3b278124ebb0feb921bf3f32ea4d2551e01a4fb42a9e14b30d9b1169720
7
- data.tar.gz: 882b93e2e815f42e1942fafaca8754787b1a86538ba46bb5604dc313b5da8a370fd2708c7cd268a24ee434de0961691af336dd30b45b5b5bbd9440f0a38ee6ed
6
+ metadata.gz: 3f8b506ad52a7bb2b59ed822f0347c7bb5343728dbedf7fa166f7ffc2aabc7ce9c3b8a6113d09aab44795a04e79e74595583e2335e825b0e682e7be3604b4a8c
7
+ data.tar.gz: fca6c2d52b5540bac193bc099c905ca4a6aa860c7353b411259ae95c878e872fb7c0f46f67c7b0a3813b7ae853dd967e969839c524384a07d1b30e3754677874
@@ -14,7 +14,7 @@ module OpenStax
14
14
  extend self
15
15
 
16
16
  def user_uuid(request)
17
- decrypt(request)['user_uuid']
17
+ (decrypt(request) || {}).dig("user", "uuid")
18
18
  end
19
19
 
20
20
  # https://github.com/rails/rails/blob/4-2-stable/activesupport/lib/active_support/message_encryptor.rb#L90
@@ -40,14 +40,15 @@ module OpenStax
40
40
  key = OpenStax::Accounts.configuration.sso_secret_key
41
41
  raise InvalidSecretsConfiguration, 'Missing sso_secret_key configuration' if key.blank?
42
42
 
43
+ cipher = 'aes-256-cbc'
43
44
  salt = OpenStax::Accounts.configuration.sso_secret_salt
44
45
  signed_salt = "signed encrypted #{salt}"
45
46
  key_generator = ActiveSupport::KeyGenerator.new(key, iterations: 1000)
46
47
  secret = key_generator.generate_key(salt)[
47
- 0, OpenSSL::Cipher.new('aes-256-cbc').key_len
48
+ 0, OpenSSL::Cipher.new(cipher).key_len
48
49
  ]
49
50
  sign_secret = key_generator.generate_key(signed_salt)
50
- ActiveSupport::MessageEncryptor.new(secret, sign_secret, serializer: JSON)
51
+ ActiveSupport::MessageEncryptor.new(secret, sign_secret, cipher: cipher, serializer: JSON)
51
52
  end
52
53
  end
53
54
 
@@ -1,5 +1,5 @@
1
1
  module OpenStax
2
2
  module Accounts
3
- VERSION = "8.1.0"
3
+ VERSION = "8.1.1"
4
4
  end
5
5
  end
metadata CHANGED
@@ -1,29 +1,29 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: openstax_accounts
3
3
  version: !ruby/object:Gem::Version
4
- version: 8.1.0
4
+ version: 8.1.1
5
5
  platform: ruby
6
6
  authors:
7
7
  - JP Slavinsky
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2019-08-01 00:00:00.000000000 Z
11
+ date: 2019-11-06 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: rails
15
15
  requirement: !ruby/object:Gem::Requirement
16
16
  requirements:
17
- - - ">="
17
+ - - "<"
18
18
  - !ruby/object:Gem::Version
19
- version: '0'
19
+ version: '6.0'
20
20
  type: :runtime
21
21
  prerelease: false
22
22
  version_requirements: !ruby/object:Gem::Requirement
23
23
  requirements:
24
- - - ">="
24
+ - - "<"
25
25
  - !ruby/object:Gem::Version
26
- version: '0'
26
+ version: '6.0'
27
27
  - !ruby/object:Gem::Dependency
28
28
  name: omniauth
29
29
  requirement: !ruby/object:Gem::Requirement
@@ -399,7 +399,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
399
399
  - !ruby/object:Gem::Version
400
400
  version: '0'
401
401
  requirements: []
402
- rubygems_version: 3.0.3
402
+ rubyforge_project:
403
+ rubygems_version: 2.7.3
403
404
  signing_key:
404
405
  specification_version: 4
405
406
  summary: Rails common code and bindings for the 'accounts' API