opentoken 0.2.0 → 0.2.1

data/Rakefile

@@ -10,7 +10,6 @@ begin
     gem.email = "ryan@socialcast.com"
     gem.homepage = "http://github.com/wireframe/opentoken"
     gem.authors = ["Ryan Sonnek"]
-    gem.add_dependency "activesupport", ">=2.3.4"
     gem.add_development_dependency "shoulda", ">= 0"
     gem.add_development_dependency "timecop", ">=0.3.4"
     # gem is a Gem::Specification... see http://www.rubygems.org/read/chapter/20 for additional settings

data/VERSION

@@ -1 +1 @@
-0.2.0
+0.2.1

data/lib/opentoken.rb

@@ -4,6 +4,8 @@ require 'digest/sha1'
 require 'zlib'
 require 'stringio'
 require 'cgi'
+require File.join(File.dirname(__FILE__), 'opentoken', 'key_value_serializer')
+require File.join(File.dirname(__FILE__), 'opentoken', 'password_key_generator')
 
 class OpenToken
   class TokenExpiredError < StandardError;  end
@@ -90,6 +92,7 @@ class OpenToken
     rescue Zlib::BufError
       Zlib::Inflate.new(-Zlib::MAX_WBITS).inflate(compressed_payload[2, compressed_payload.size])
     end
+    puts 'EXPANDED PAYLOAD', unparsed_payload if DEBUG
 
     #validate payload hmac
     mac = "0x01".hex.chr
@@ -102,7 +105,10 @@ class OpenToken
       raise "HMAC for payload was #{hash} and expected to be #{payload_hmac}" unless payload_hmac == hash
     end
 
-    @payload = KeyValueSerializer.deserialize CGI::unescapeHTML(unparsed_payload)
+    unescaped_payload = CGI::unescapeHTML(unparsed_payload)
+    puts 'UNESCAPED PAYLOAD', unescaped_payload if DEBUG
+    @payload = KeyValueSerializer.deserialize unescaped_payload
+    puts @payload.inspect if DEBUG
     raise TokenExpiredError.new("#{Time.now.utc} is not within token duration: #{self.start_at} - #{self.end_at}") if self.expired?
   end
 
@@ -151,176 +157,3 @@ class OpenToken
     end
   end
 end
-
-class PasswordKeyGenerator
-  SHA1_DIGEST = OpenSSL::Digest::Digest.new('sha1')
-
-  def self.generate(password, cipher_suite)
-    salt = 0.chr * 8
-    self.generate_impl(password, cipher_suite, salt, 1000)
-  end
-
-  def self.generate_block(password, salt, count, index)
-    mac = salt
-    mac += [index].pack("N")
-    
-    result = OpenSSL::HMAC.digest(SHA1_DIGEST, password, mac)
-    cur = result
-    
-    i_count = 1
-    while i_count < count
-      i_count +=1
-      
-      cur = OpenSSL::HMAC.digest(SHA1_DIGEST, password, cur)
-      
-      20.times do |i|
-        result[i] = result[i] ^ cur[i]
-      end
-    end
-
-    return result
-  end
-  
-  def self.generate_impl(password, cipher, salt, iterations)
-    return unless cipher[:algorithm]
-
-    key_size = cipher[:key_length] / 8
-    numblocks = key_size / 20
-    numblocks += 1 if (key_size % 20) > 0
-    
-    # Generate the appropriate number of blocks and write their output to
-    # the key bytes; note that it's important to start from 1 (vs. 0) as the
-    # initial block number affects the hash. It's not clear that this fact
-    # is stated explicitly anywhere, but without this approach, the generated
-    # keys will not match up with test cases defined in RFC 3962.
-    key_buffer_index = 0
-    key = ""
-    
-    numblocks.times do |i|
-      i+=1 # Previously zero based, needs to be 1 based
-      block = self.generate_block(password, salt, iterations, i)
-      len = [20, (key_size - key_buffer_index)].min
-      key += block[0, len]
-      key_buffer_index += len
-    end
-    
-    return key
-  end
-end
-
-class KeyValueSerializer
-  LINE_START = 0
-  EMPTY_SPACE = 1
-  VALUE_START = 2
-  LINE_END = 3
-  IN_KEY = 4
-  IN_VALUE = 5
-  IN_QUOTED_VALUE = 6
-
-  def self.unescape_value(value)
-    value.gsub("\\\"", "\"").gsub("\'", "'")
-  end
-
-  def self.deserialize(string)
-    result = {}
-    state = LINE_START
-    open_quote_char = 0.chr
-    currkey = ""
-    token = ""
-    nextval = ""
-    
-    string.split(//).each do |c|
-      
-      nextval = c
-
-      case c
-      when "\t"
-        if state == IN_KEY
-          # key ends
-          currkey = token
-          token = ""
-          state = EMPTY_SPACE
-        elsif state == IN_VALUE
-          # non-quoted value ends
-          result[currkey] = self.deserialize(token)
-          token = ""
-          state = LINE_END
-        elsif state == IN_QUOTED_VALUE
-          token += c
-        end
-      when " "
-        if state == IN_KEY
-          # key ends
-          currkey = token
-          token = ""
-          state = EMPTY_SPACE
-        elsif state == IN_VALUE
-          # non-quoted value ends
-          result[currkey] = self.deserialize(token)
-          token = ""
-          state = LINE_END
-        elsif state == IN_QUOTED_VALUE
-          token += c
-        end
-      when "\n"
-        # newline
-        if (state == IN_VALUE) || (state == VALUE_START)
-          result[currkey] = self.unescape_value(token)
-          token = ""
-          state = LINE_START
-        elsif state == LINE_END
-          token = ""
-          state = LINE_START
-        elsif state == IN_QUOTED_VALUE
-          token += c
-        end
-      when "="
-        if state == IN_KEY
-          currkey = token
-          token = ""
-          state = VALUE_START
-        elsif (state == IN_QUOTED_VALUE) || (state == IN_VALUE)
-          token += c
-        end
-      when "\""
-        if state == IN_QUOTED_VALUE
-          if (c == open_quote_char) && (token[token.size-1] != "\\")
-            result[currkey] = self.unescape_value(token)
-            token = ""
-            state = LINE_END
-          else
-            token += c
-          end
-        elsif state == VALUE_START
-          state = IN_QUOTED_VALUE
-          open_quote_char = c
-        end
-      when "'"
-        if state == IN_QUOTED_VALUE
-          if (c == open_quote_char) && (token[token.size-1] != "\\")
-            result[currkey] = self.unescape_value(token)
-            token = ""
-            state = LINE_END
-          else
-            token += c
-          end
-        else state == VALUE_START
-          state = IN_QUOTED_VALUE
-          open_quote_char = c
-        end
-      else
-        if state == LINE_START
-          state = IN_KEY
-        elsif state == VALUE_START
-          state = IN_VALUE
-        end
-        token += c
-      end
-      
-      if (state == IN_QUOTED_VALUE) || (state == IN_VALUE)
-        result[currkey] = unescape_value(token)
-      end
-    end
-    result
-  end
-end

data/lib/opentoken/key_value_serializer.rb

@@ -0,0 +1,115 @@
+class KeyValueSerializer
+  LINE_START = 0
+  EMPTY_SPACE = 1
+  VALUE_START = 2
+  LINE_END = 3
+  IN_KEY = 4
+  IN_VALUE = 5
+  IN_QUOTED_VALUE = 6
+
+  def self.unescape_value(value)
+    value.gsub("\\\"", "\"").gsub("\\\'", "'")
+  end
+
+  def self.deserialize(string)
+    result = {}
+    state = LINE_START
+    open_quote_char = 0.chr
+    currkey = ""
+    token = ""
+    nextval = ""
+    
+    string.split(//).each do |c|
+      nextval = c
+
+      case c
+      when "\t"
+        if state == IN_KEY
+          # key ends
+          currkey = token
+          token = ""
+          state = EMPTY_SPACE
+        elsif state == IN_VALUE
+          # non-quoted value ends
+          result[currkey] = self.deserialize(token)
+          token = ""
+          state = LINE_END
+        elsif state == IN_QUOTED_VALUE
+          token += c
+        end
+      when " "
+        if state == IN_KEY
+          # key ends
+          currkey = token
+          token = ""
+          state = EMPTY_SPACE
+        elsif state == IN_VALUE
+          # non-quoted value ends
+          result[currkey] = self.deserialize(token)
+          token = ""
+          state = LINE_END
+        elsif state == IN_QUOTED_VALUE
+          token += c
+        end
+      when "\n"
+        # newline
+        if (state == IN_VALUE) || (state == VALUE_START)
+          result[currkey] = self.unescape_value(token)
+          token = ""
+          state = LINE_START
+        elsif state == LINE_END
+          token = ""
+          state = LINE_START
+        elsif state == IN_QUOTED_VALUE
+          token += c
+        end
+      when "="
+        if state == IN_KEY
+          currkey = token
+          token = ""
+          state = VALUE_START
+        elsif (state == IN_QUOTED_VALUE) || (state == IN_VALUE)
+          token += c
+        end
+      when "\""
+        if state == IN_QUOTED_VALUE
+          if (c == open_quote_char) && (token[token.size-1] != "\\"[0])
+            result[currkey] = self.unescape_value(token)
+            token = ""
+            state = LINE_END
+          else
+            token += c
+          end
+        elsif state == VALUE_START
+          state = IN_QUOTED_VALUE
+          open_quote_char = c
+        end
+      when "'"
+        if state == IN_QUOTED_VALUE
+          if (c == open_quote_char) && (token[token.size-1] != "\\"[0])
+            result[currkey] = self.unescape_value(token)
+            token = ""
+            state = LINE_END
+          else
+            token += c
+          end
+        else state == VALUE_START
+          state = IN_QUOTED_VALUE
+          open_quote_char = c
+        end
+      else
+        if state == LINE_START
+          state = IN_KEY
+        elsif state == VALUE_START
+          state = IN_VALUE
+        end
+        token += c
+      end
+      
+      if (state == IN_QUOTED_VALUE) || (state == IN_VALUE)
+        result[currkey] = unescape_value(token)
+      end
+    end
+    result
+  end
+end

data/lib/opentoken/password_key_generator.rb

@@ -0,0 +1,55 @@
+class PasswordKeyGenerator
+  SHA1_DIGEST = OpenSSL::Digest::Digest.new('sha1')
+
+  def self.generate(password, cipher_suite)
+    salt = 0.chr * 8
+    self.generate_impl(password, cipher_suite, salt, 1000)
+  end
+
+  def self.generate_block(password, salt, count, index)
+    mac = salt
+    mac += [index].pack("N")
+    
+    result = OpenSSL::HMAC.digest(SHA1_DIGEST, password, mac)
+    cur = result
+    
+    i_count = 1
+    while i_count < count
+      i_count +=1
+      
+      cur = OpenSSL::HMAC.digest(SHA1_DIGEST, password, cur)
+      
+      20.times do |i|
+        result[i] = result[i] ^ cur[i]
+      end
+    end
+
+    return result
+  end
+  
+  def self.generate_impl(password, cipher, salt, iterations)
+    return unless cipher[:algorithm]
+
+    key_size = cipher[:key_length] / 8
+    numblocks = key_size / 20
+    numblocks += 1 if (key_size % 20) > 0
+    
+    # Generate the appropriate number of blocks and write their output to
+    # the key bytes; note that it's important to start from 1 (vs. 0) as the
+    # initial block number affects the hash. It's not clear that this fact
+    # is stated explicitly anywhere, but without this approach, the generated
+    # keys will not match up with test cases defined in RFC 3962.
+    key_buffer_index = 0
+    key = ""
+    
+    numblocks.times do |i|
+      i+=1 # Previously zero based, needs to be 1 based
+      block = self.generate_block(password, salt, iterations, i)
+      len = [20, (key_size - key_buffer_index)].min
+      key += block[0, len]
+      key_buffer_index += len
+    end
+    
+    return key
+  end
+end

data/opentoken.gemspec

@@ -5,11 +5,11 @@
 
 Gem::Specification.new do |s|
   s.name = %q{opentoken}
-  s.version = "0.2.0"
+  s.version = "0.2.1"
 
   s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
   s.authors = ["Ryan Sonnek"]
-  s.date = %q{2011-01-12}
+  s.date = %q{2011-01-13}
   s.description = %q{parse opentoken properties passed for Single Signon requests}
   s.email = %q{ryan@socialcast.com}
   s.extra_rdoc_files = [
@@ -23,6 +23,8 @@ Gem::Specification.new do |s|
     "Rakefile",
     "VERSION",
     "lib/opentoken.rb",
+    "lib/opentoken/key_value_serializer.rb",
+    "lib/opentoken/password_key_generator.rb",
     "opentoken.gemspec",
     "test/helper.rb",
     "test/test_opentoken.rb"
@@ -40,16 +42,13 @@ Gem::Specification.new do |s|
     s.specification_version = 3
 
     if Gem::Version.new(Gem::VERSION) >= Gem::Version.new('1.2.0') then
-      s.add_runtime_dependency(%q<activesupport>, [">= 2.3.4"])
       s.add_development_dependency(%q<shoulda>, [">= 0"])
       s.add_development_dependency(%q<timecop>, [">= 0.3.4"])
     else
-      s.add_dependency(%q<activesupport>, [">= 2.3.4"])
       s.add_dependency(%q<shoulda>, [">= 0"])
       s.add_dependency(%q<timecop>, [">= 0.3.4"])
     end
   else
-    s.add_dependency(%q<activesupport>, [">= 2.3.4"])
     s.add_dependency(%q<shoulda>, [">= 0"])
     s.add_dependency(%q<timecop>, [">= 0.3.4"])
   end

data/test/test_opentoken.rb

@@ -44,5 +44,17 @@ class TestOpentoken < Test::Unit::TestCase
         end
       end
     end
+
+    context "parsing token with attribute value containing apostrophe" do
+      setup do
+        Timecop.travel(Time.iso8601('2011-01-13T11:08:01Z')) do
+          @opentoken = "T1RLAQLIjiqgexqi1PQcEKCetvGoSYR2jhDFSIfE5ctlSBxEnq3S1ydjAADQUNRIKJx6_14aE3MQZnDABupGJrKNfoJHFS5VOnKexjMtboeOgst31Hf-D9CZBrpB7Jv0KBwnQ7DN3HizecPT76oX3UGtq_Vi5j5bKYCeObYm9W6h7NY-VzcZY5TTqIuulc2Jit381usAWZ2Sv1c_CWwhrH4hw-x7vUQMSjErvXK1qvsrFCpfNr7XlArx0HjI6kT5XEaHgQNdC0zrLw9cZ4rewoEisR3H5oM7B6gMaP82wTSFVBXvpn5r0KT-Iuc3JuG2en1zVh3GNf110oQCKQ**"
+          @token = OpenToken.new @opentoken, :password => @password
+        end
+      end
+      should 'preserve apostrophe in attribute payload' do
+        assert_equal "D'angelo", @token[:last_name]
+      end
+    end
   end
 end

metadata

@@ -1,13 +1,13 @@
 --- !ruby/object:Gem::Specification 
 name: opentoken
 version: !ruby/object:Gem::Version 
-  hash: 23
+  hash: 21
   prerelease: 
   segments: 
   - 0
   - 2
-  - 0
-  version: 0.2.0
+  - 1
+  version: 0.2.1
 platform: ruby
 authors: 
 - Ryan Sonnek
@@ -15,29 +15,13 @@ autorequire:
 bindir: bin
 cert_chain: []
 
-date: 2011-01-12 00:00:00 -06:00
+date: 2011-01-13 00:00:00 -06:00
 default_executable: 
 dependencies: 
-- !ruby/object:Gem::Dependency 
-  name: activesupport
-  prerelease: false
-  requirement: &id001 !ruby/object:Gem::Requirement 
-    none: false
-    requirements: 
-    - - ">="
-      - !ruby/object:Gem::Version 
-        hash: 11
-        segments: 
-        - 2
-        - 3
-        - 4
-        version: 2.3.4
-  type: :runtime
-  version_requirements: *id001
 - !ruby/object:Gem::Dependency 
   name: shoulda
   prerelease: false
-  requirement: &id002 !ruby/object:Gem::Requirement 
+  requirement: &id001 !ruby/object:Gem::Requirement 
     none: false
     requirements: 
     - - ">="
@@ -47,11 +31,11 @@ dependencies:
         - 0
         version: "0"
   type: :development
-  version_requirements: *id002
+  version_requirements: *id001
 - !ruby/object:Gem::Dependency 
   name: timecop
   prerelease: false
-  requirement: &id003 !ruby/object:Gem::Requirement 
+  requirement: &id002 !ruby/object:Gem::Requirement 
     none: false
     requirements: 
     - - ">="
@@ -63,7 +47,7 @@ dependencies:
         - 4
         version: 0.3.4
   type: :development
-  version_requirements: *id003
+  version_requirements: *id002
 description: parse opentoken properties passed for Single Signon requests
 email: ryan@socialcast.com
 executables: []
@@ -80,6 +64,8 @@ files:
 - Rakefile
 - VERSION
 - lib/opentoken.rb
+- lib/opentoken/key_value_serializer.rb
+- lib/opentoken/password_key_generator.rb
 - opentoken.gemspec
 - test/helper.rb
 - test/test_opentoken.rb