opentoken 1.2.3 → 1.2.5
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +7 -0
- data/.rvmrc +1 -5
- data/.travis.yml +5 -0
- data/README.md +3 -2
- data/Rakefile +3 -8
- data/lib/opentoken/password_key_generator.rb +10 -10
- data/lib/opentoken/version.rb +1 -1
- data/opentoken.gemspec +7 -7
- data/spec/opentoken_spec.rb +85 -0
- data/spec/spec_helper.rb +5 -0
- metadata +37 -52
- data/test/helper.rb +0 -19
- data/test/test_opentoken.rb +0 -135
checksums.yaml
ADDED
@@ -0,0 +1,7 @@
|
|
1
|
+
---
|
2
|
+
SHA1:
|
3
|
+
metadata.gz: 454da937c0af7d6f9156b0d1cc82e0c3bc22d2b8
|
4
|
+
data.tar.gz: 9dca1286d13a5c1f273065b5fefa5482eae24d74
|
5
|
+
SHA512:
|
6
|
+
metadata.gz: 2ce6c44f2d4b5e0e5cc1679c485ce1b2089afa84de9b5a49e2a83cd7840f8d8d9dab49ae4ea3d527dfd23c24faf1cd620ccf32bfaf081df72926e4f21587daef
|
7
|
+
data.tar.gz: bed7bdb2ba6d142b41af5c2499684f7096915aea78e1539b471110ae24cbc189da7828a8389f5af6d7cb7ca58633a9eb3c7fd24188c38a9269b1400959a007dc
|
data/.rvmrc
CHANGED
data/.travis.yml
ADDED
data/README.md
CHANGED
@@ -1,3 +1,4 @@
|
|
1
|
+
[![Build Status](https://travis-ci.org/socialcast/opentoken.svg)](https://travis-ci.org/socialcast/opentoken)
|
1
2
|
# opentoken
|
2
3
|
|
3
4
|
Parse encrypted opentoken properties
|
@@ -17,9 +18,9 @@ attributes = OpenToken.decode 'opentoken-hashed-string'
|
|
17
18
|
attributes = { 'subject' => 'foo', 'bar' => 'bak' }
|
18
19
|
token = OpenToken.encode attributes, OpenToken::Cipher::AES_128_CBC
|
19
20
|
```
|
20
|
-
|
21
|
+
|
21
22
|
## Contributing
|
22
|
-
|
23
|
+
|
23
24
|
* Fork the project
|
24
25
|
* Fix the issue
|
25
26
|
* Add tests
|
data/Rakefile
CHANGED
@@ -1,11 +1,6 @@
|
|
1
1
|
require 'bundler'
|
2
2
|
Bundler::GemHelper.install_tasks
|
3
3
|
|
4
|
-
require '
|
5
|
-
|
6
|
-
|
7
|
-
test.test_files = FileList['test/test*.rb']
|
8
|
-
test.verbose = true
|
9
|
-
end
|
10
|
-
|
11
|
-
task :default => :test
|
4
|
+
require 'rspec/core/rake_task'
|
5
|
+
RSpec::Core::RakeTask.new('spec')
|
6
|
+
task :default => :spec
|
@@ -1,6 +1,6 @@
|
|
1
1
|
module OpenToken
|
2
2
|
class PasswordKeyGenerator
|
3
|
-
SHA1_DIGEST = OpenSSL::Digest
|
3
|
+
SHA1_DIGEST = OpenSSL::Digest.new('sha1')
|
4
4
|
|
5
5
|
class << self
|
6
6
|
def generate(password, cipher)
|
@@ -12,16 +12,16 @@ module OpenToken
|
|
12
12
|
def generate_block(password, salt, count, index)
|
13
13
|
mac = salt
|
14
14
|
mac += [index].pack("N")
|
15
|
-
|
15
|
+
|
16
16
|
result = OpenSSL::HMAC.digest(SHA1_DIGEST, password, mac)
|
17
17
|
cur = result
|
18
|
-
|
18
|
+
|
19
19
|
i_count = 1
|
20
20
|
while i_count < count
|
21
21
|
i_count +=1
|
22
|
-
|
22
|
+
|
23
23
|
cur = OpenSSL::HMAC.digest(SHA1_DIGEST, password, cur)
|
24
|
-
|
24
|
+
|
25
25
|
20.times do |i|
|
26
26
|
if RUBY_VERSION < "1.9"
|
27
27
|
result[i] = result[i] ^ cur[i]
|
@@ -33,14 +33,14 @@ module OpenToken
|
|
33
33
|
|
34
34
|
return result
|
35
35
|
end
|
36
|
-
|
36
|
+
|
37
37
|
def generate_impl(password, cipher, salt, iterations)
|
38
38
|
return unless cipher.algorithm
|
39
39
|
|
40
40
|
key_size = cipher.key_length / 8
|
41
41
|
numblocks = key_size / 20
|
42
42
|
numblocks += 1 if (key_size % 20) > 0
|
43
|
-
|
43
|
+
|
44
44
|
# Generate the appropriate number of blocks and write their output to
|
45
45
|
# the key bytes; note that it's important to start from 1 (vs. 0) as the
|
46
46
|
# initial block number affects the hash. It's not clear that this fact
|
@@ -48,7 +48,7 @@ module OpenToken
|
|
48
48
|
# keys will not match up with test cases defined in RFC 3962.
|
49
49
|
key_buffer_index = 0
|
50
50
|
key = ""
|
51
|
-
|
51
|
+
|
52
52
|
numblocks.times do |i|
|
53
53
|
i+=1 # Previously zero based, needs to be 1 based
|
54
54
|
block = generate_block(password, salt, iterations, i)
|
@@ -56,10 +56,10 @@ module OpenToken
|
|
56
56
|
key += block[0, len]
|
57
57
|
key_buffer_index += len
|
58
58
|
end
|
59
|
-
|
59
|
+
|
60
60
|
return key
|
61
61
|
end
|
62
62
|
end
|
63
63
|
|
64
|
-
|
64
|
+
end
|
65
65
|
end
|
data/lib/opentoken/version.rb
CHANGED
data/opentoken.gemspec
CHANGED
@@ -6,19 +6,19 @@ Gem::Specification.new do |s|
|
|
6
6
|
s.name = "opentoken"
|
7
7
|
s.version = OpenToken::VERSION
|
8
8
|
s.platform = Gem::Platform::RUBY
|
9
|
-
s.authors = ["Ryan Sonnek"]
|
10
|
-
s.email = ["
|
11
|
-
s.homepage = "
|
9
|
+
s.authors = ["Socialcast Developers", "Ryan Sonnek"]
|
10
|
+
s.email = ["developers@socialcast.com"]
|
11
|
+
s.homepage = "https://github.com/socialcast/opentoken"
|
12
12
|
s.summary = %q{ruby implementation of the opentoken specification}
|
13
13
|
s.description = %q{parse opentoken properties passed for Single Signon requests}
|
14
|
-
|
14
|
+
s.license = "MIT"
|
15
15
|
s.rubyforge_project = "opentoken"
|
16
16
|
|
17
17
|
s.add_runtime_dependency(%q<activesupport>, [">= 3.0.3"])
|
18
18
|
s.add_runtime_dependency(%q<i18n>, [">= 0"])
|
19
|
-
s.add_development_dependency
|
20
|
-
s.add_development_dependency
|
21
|
-
s.add_development_dependency
|
19
|
+
s.add_development_dependency 'rspec', '>= 2.11'
|
20
|
+
s.add_development_dependency 'timecop', '>= 0.7'
|
21
|
+
s.add_development_dependency 'rake', '>= 0.9.2.2'
|
22
22
|
|
23
23
|
s.files = `git ls-files`.split("\n")
|
24
24
|
s.test_files = `git ls-files -- {test,spec,features}/*`.split("\n")
|
@@ -0,0 +1,85 @@
|
|
1
|
+
# encoding: UTF-8
|
2
|
+
require 'spec_helper'
|
3
|
+
|
4
|
+
describe OpenToken do
|
5
|
+
|
6
|
+
#"renew-until"=>"2010-03-05T07:19:15Z"
|
7
|
+
#"not-before"=>"2010-03-04T19:19:15Z"
|
8
|
+
#"not-on-or-after"=>"2010-03-04T19:24:15Z"
|
9
|
+
describe ".decode" do
|
10
|
+
|
11
|
+
before do
|
12
|
+
OpenToken.password = 'Test123'
|
13
|
+
end
|
14
|
+
|
15
|
+
context "with an aes-128-cbc token with a subject attribute" do
|
16
|
+
let(:opentoken) { "T1RLAQJ0Ca97sl6MLJAZDa_hdFzMlicMQBDjqUzrXl0EOXKmpj5oo7L5AACgaWoW8fZizrsLbtxb_F00aTdFmhw8flGy4iGqPWPtqYpdIzQZzg5WvrvYH8Rnq7ckJpYk2YPZw6yNyA4ohG-BgFdTHc0U7CwZTFmodg1MuO0cTh7T98s2RXiTcaZa21MNO0yuXKm2Q10cbrWhnB5yHJUhSHx6JLxlgMTZ0oE0DoUOB6JmoLMYHcyL9hKRiPTh62ky_QmXRaifDNOdl4sH2w**" }
|
17
|
+
context "when current time is between expiration dates" do
|
18
|
+
subject(:token) do
|
19
|
+
result = nil
|
20
|
+
Timecop.freeze(Time.iso8601('2010-03-04T19:20:10Z')) do
|
21
|
+
result = OpenToken.decode opentoken
|
22
|
+
end
|
23
|
+
result
|
24
|
+
end
|
25
|
+
it "decrypts subject from token payload" do
|
26
|
+
token[:subject].should == 'john@example.com'
|
27
|
+
end
|
28
|
+
it "decrypts subject using string or symbol" do
|
29
|
+
token['subject'].should == 'john@example.com'
|
30
|
+
end
|
31
|
+
it "parses 'renew-until' date" do
|
32
|
+
token.valid_until.should == Time.iso8601('2010-03-05T07:19:15Z')
|
33
|
+
end
|
34
|
+
end
|
35
|
+
context "when current time is outside clock skew tolerance before expiration date" do
|
36
|
+
it do
|
37
|
+
Timecop.freeze(Time.iso8601('2010-03-04T19:19:05Z')) do
|
38
|
+
expect { OpenToken.decode opentoken }.to raise_error OpenToken::TokenExpiredError
|
39
|
+
end
|
40
|
+
end
|
41
|
+
end
|
42
|
+
context "when current time is within clock skew tolerance before expiration date" do
|
43
|
+
it do
|
44
|
+
Timecop.freeze(Time.iso8601('2010-03-04T19:19:11Z')) do
|
45
|
+
expect { OpenToken.decode opentoken }.to_not raise_error
|
46
|
+
end
|
47
|
+
end
|
48
|
+
end
|
49
|
+
end
|
50
|
+
|
51
|
+
context "with a token with an attribute value containing an apostrophe" do
|
52
|
+
subject(:token) do
|
53
|
+
result = nil
|
54
|
+
Timecop.freeze(Time.iso8601('2011-01-13T11:08:02Z')) do
|
55
|
+
result = OpenToken.decode("T1RLAQLIjiqgexqi1PQcEKCetvGoSYR2jhDFSIfE5ctlSBxEnq3S1ydjAADQUNRIKJx6_14aE3MQZnDABupGJrKNfoJHFS5VOnKexjMtboeOgst31Hf-D9CZBrpB7Jv0KBwnQ7DN3HizecPT76oX3UGtq_Vi5j5bKYCeObYm9W6h7NY-VzcZY5TTqIuulc2Jit381usAWZ2Sv1c_CWwhrH4hw-x7vUQMSjErvXK1qvsrFCpfNr7XlArx0HjI6kT5XEaHgQNdC0zrLw9cZ4rewoEisR3H5oM7B6gMaP82wTSFVBXvpn5r0KT-Iuc3JuG2en1zVh3GNf110oQCKQ**")
|
56
|
+
end
|
57
|
+
result
|
58
|
+
end
|
59
|
+
it "preserves the apostrophe" do
|
60
|
+
token[:last_name].should == "D'angelo"
|
61
|
+
end
|
62
|
+
end
|
63
|
+
|
64
|
+
context "with a nil token" do
|
65
|
+
it { expect { OpenToken.decode(nil) }.to raise_error OpenToken::TokenInvalidError }
|
66
|
+
end
|
67
|
+
|
68
|
+
end
|
69
|
+
|
70
|
+
describe ".encode" do
|
71
|
+
before { OpenToken.password = 'Password1' }
|
72
|
+
|
73
|
+
context "with aes-128-cbc and subject attribute" do
|
74
|
+
let(:attributes_in) { { "subject" => "john", "email" => "john@example.com" } }
|
75
|
+
let(:token) { OpenToken.encode attributes_in, OpenToken::Cipher::AES_128_CBC }
|
76
|
+
it { OpenToken.decode(token).should == attributes_in }
|
77
|
+
end
|
78
|
+
|
79
|
+
context "with non-ascii utf-8 values" do
|
80
|
+
let(:attributes_in) { { "subject" => "André", "email" => "john@example.com" } }
|
81
|
+
let(:token) { OpenToken.encode attributes_in, OpenToken::Cipher::AES_128_CBC }
|
82
|
+
it { OpenToken.decode(token).should == attributes_in }
|
83
|
+
end
|
84
|
+
end
|
85
|
+
end
|
data/spec/spec_helper.rb
ADDED
metadata
CHANGED
@@ -1,106 +1,97 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: opentoken
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.2.
|
5
|
-
prerelease:
|
4
|
+
version: 1.2.5
|
6
5
|
platform: ruby
|
7
6
|
authors:
|
7
|
+
- Socialcast Developers
|
8
8
|
- Ryan Sonnek
|
9
9
|
autorequire:
|
10
10
|
bindir: bin
|
11
11
|
cert_chain: []
|
12
|
-
date:
|
12
|
+
date: 2014-06-02 00:00:00.000000000 Z
|
13
13
|
dependencies:
|
14
14
|
- !ruby/object:Gem::Dependency
|
15
15
|
name: activesupport
|
16
16
|
requirement: !ruby/object:Gem::Requirement
|
17
|
-
none: false
|
18
17
|
requirements:
|
19
|
-
- -
|
18
|
+
- - ">="
|
20
19
|
- !ruby/object:Gem::Version
|
21
20
|
version: 3.0.3
|
22
21
|
type: :runtime
|
23
22
|
prerelease: false
|
24
23
|
version_requirements: !ruby/object:Gem::Requirement
|
25
|
-
none: false
|
26
24
|
requirements:
|
27
|
-
- -
|
25
|
+
- - ">="
|
28
26
|
- !ruby/object:Gem::Version
|
29
27
|
version: 3.0.3
|
30
28
|
- !ruby/object:Gem::Dependency
|
31
29
|
name: i18n
|
32
30
|
requirement: !ruby/object:Gem::Requirement
|
33
|
-
none: false
|
34
31
|
requirements:
|
35
|
-
- -
|
32
|
+
- - ">="
|
36
33
|
- !ruby/object:Gem::Version
|
37
34
|
version: '0'
|
38
35
|
type: :runtime
|
39
36
|
prerelease: false
|
40
37
|
version_requirements: !ruby/object:Gem::Requirement
|
41
|
-
none: false
|
42
38
|
requirements:
|
43
|
-
- -
|
39
|
+
- - ">="
|
44
40
|
- !ruby/object:Gem::Version
|
45
41
|
version: '0'
|
46
42
|
- !ruby/object:Gem::Dependency
|
47
|
-
name:
|
43
|
+
name: rspec
|
48
44
|
requirement: !ruby/object:Gem::Requirement
|
49
|
-
none: false
|
50
45
|
requirements:
|
51
|
-
- -
|
46
|
+
- - ">="
|
52
47
|
- !ruby/object:Gem::Version
|
53
|
-
version: 2.11
|
48
|
+
version: '2.11'
|
54
49
|
type: :development
|
55
50
|
prerelease: false
|
56
51
|
version_requirements: !ruby/object:Gem::Requirement
|
57
|
-
none: false
|
58
52
|
requirements:
|
59
|
-
- -
|
53
|
+
- - ">="
|
60
54
|
- !ruby/object:Gem::Version
|
61
|
-
version: 2.11
|
55
|
+
version: '2.11'
|
62
56
|
- !ruby/object:Gem::Dependency
|
63
57
|
name: timecop
|
64
58
|
requirement: !ruby/object:Gem::Requirement
|
65
|
-
none: false
|
66
59
|
requirements:
|
67
|
-
- -
|
60
|
+
- - ">="
|
68
61
|
- !ruby/object:Gem::Version
|
69
|
-
version: 0.
|
62
|
+
version: '0.7'
|
70
63
|
type: :development
|
71
64
|
prerelease: false
|
72
65
|
version_requirements: !ruby/object:Gem::Requirement
|
73
|
-
none: false
|
74
66
|
requirements:
|
75
|
-
- -
|
67
|
+
- - ">="
|
76
68
|
- !ruby/object:Gem::Version
|
77
|
-
version: 0.
|
69
|
+
version: '0.7'
|
78
70
|
- !ruby/object:Gem::Dependency
|
79
71
|
name: rake
|
80
72
|
requirement: !ruby/object:Gem::Requirement
|
81
|
-
none: false
|
82
73
|
requirements:
|
83
|
-
- -
|
74
|
+
- - ">="
|
84
75
|
- !ruby/object:Gem::Version
|
85
|
-
version: 0.9.2
|
76
|
+
version: 0.9.2.2
|
86
77
|
type: :development
|
87
78
|
prerelease: false
|
88
79
|
version_requirements: !ruby/object:Gem::Requirement
|
89
|
-
none: false
|
90
80
|
requirements:
|
91
|
-
- -
|
81
|
+
- - ">="
|
92
82
|
- !ruby/object:Gem::Version
|
93
|
-
version: 0.9.2
|
83
|
+
version: 0.9.2.2
|
94
84
|
description: parse opentoken properties passed for Single Signon requests
|
95
85
|
email:
|
96
|
-
-
|
86
|
+
- developers@socialcast.com
|
97
87
|
executables: []
|
98
88
|
extensions: []
|
99
89
|
extra_rdoc_files: []
|
100
90
|
files:
|
101
|
-
- .document
|
102
|
-
- .gitignore
|
103
|
-
- .rvmrc
|
91
|
+
- ".document"
|
92
|
+
- ".gitignore"
|
93
|
+
- ".rvmrc"
|
94
|
+
- ".travis.yml"
|
104
95
|
- CONTRIBUTORS.txt
|
105
96
|
- Gemfile
|
106
97
|
- LICENSE.txt
|
@@ -113,38 +104,32 @@ files:
|
|
113
104
|
- lib/opentoken/token.rb
|
114
105
|
- lib/opentoken/version.rb
|
115
106
|
- opentoken.gemspec
|
116
|
-
-
|
117
|
-
-
|
118
|
-
homepage:
|
119
|
-
licenses:
|
107
|
+
- spec/opentoken_spec.rb
|
108
|
+
- spec/spec_helper.rb
|
109
|
+
homepage: https://github.com/socialcast/opentoken
|
110
|
+
licenses:
|
111
|
+
- MIT
|
112
|
+
metadata: {}
|
120
113
|
post_install_message:
|
121
114
|
rdoc_options: []
|
122
115
|
require_paths:
|
123
116
|
- lib
|
124
117
|
required_ruby_version: !ruby/object:Gem::Requirement
|
125
|
-
none: false
|
126
118
|
requirements:
|
127
|
-
- -
|
119
|
+
- - ">="
|
128
120
|
- !ruby/object:Gem::Version
|
129
121
|
version: '0'
|
130
|
-
segments:
|
131
|
-
- 0
|
132
|
-
hash: 4385898841292862662
|
133
122
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
134
|
-
none: false
|
135
123
|
requirements:
|
136
|
-
- -
|
124
|
+
- - ">="
|
137
125
|
- !ruby/object:Gem::Version
|
138
126
|
version: '0'
|
139
|
-
segments:
|
140
|
-
- 0
|
141
|
-
hash: 4385898841292862662
|
142
127
|
requirements: []
|
143
128
|
rubyforge_project: opentoken
|
144
|
-
rubygems_version:
|
129
|
+
rubygems_version: 2.2.2
|
145
130
|
signing_key:
|
146
|
-
specification_version:
|
131
|
+
specification_version: 4
|
147
132
|
summary: ruby implementation of the opentoken specification
|
148
133
|
test_files:
|
149
|
-
-
|
150
|
-
-
|
134
|
+
- spec/opentoken_spec.rb
|
135
|
+
- spec/spec_helper.rb
|
data/test/helper.rb
DELETED
@@ -1,19 +0,0 @@
|
|
1
|
-
require 'rubygems'
|
2
|
-
require 'bundler'
|
3
|
-
begin
|
4
|
-
Bundler.setup(:default, :development)
|
5
|
-
rescue Bundler::BundlerError => e
|
6
|
-
$stderr.puts e.message
|
7
|
-
$stderr.puts "Run `bundle install` to install missing gems"
|
8
|
-
exit e.status_code
|
9
|
-
end
|
10
|
-
require 'test/unit'
|
11
|
-
require 'shoulda'
|
12
|
-
require 'timecop'
|
13
|
-
|
14
|
-
$LOAD_PATH.unshift(File.join(File.dirname(__FILE__), '..', 'lib'))
|
15
|
-
$LOAD_PATH.unshift(File.dirname(__FILE__))
|
16
|
-
require 'opentoken'
|
17
|
-
|
18
|
-
class Test::Unit::TestCase
|
19
|
-
end
|
data/test/test_opentoken.rb
DELETED
@@ -1,135 +0,0 @@
|
|
1
|
-
require 'helper'
|
2
|
-
|
3
|
-
class TestOpentoken < Test::Unit::TestCase
|
4
|
-
# OpenToken.debug = true
|
5
|
-
|
6
|
-
#"renew-until"=>"2010-03-05T07:19:15Z"
|
7
|
-
#"not-before"=>"2010-03-04T19:19:15Z"
|
8
|
-
#"not-on-or-after"=>"2010-03-04T19:24:15Z"
|
9
|
-
context "aes-128-cbc token with subject attribute" do
|
10
|
-
setup do
|
11
|
-
@opentoken = "T1RLAQJ0Ca97sl6MLJAZDa_hdFzMlicMQBDjqUzrXl0EOXKmpj5oo7L5AACgaWoW8fZizrsLbtxb_F00aTdFmhw8flGy4iGqPWPtqYpdIzQZzg5WvrvYH8Rnq7ckJpYk2YPZw6yNyA4ohG-BgFdTHc0U7CwZTFmodg1MuO0cTh7T98s2RXiTcaZa21MNO0yuXKm2Q10cbrWhnB5yHJUhSHx6JLxlgMTZ0oE0DoUOB6JmoLMYHcyL9hKRiPTh62ky_QmXRaifDNOdl4sH2w**"
|
12
|
-
@password = 'Test123'
|
13
|
-
OpenToken.password = @password
|
14
|
-
end
|
15
|
-
context "decoding token between expiration dates" do
|
16
|
-
setup do
|
17
|
-
Timecop.travel(Time.iso8601('2010-03-04T19:20:10Z')) do
|
18
|
-
assert_nothing_raised do
|
19
|
-
@token = OpenToken.decode @opentoken
|
20
|
-
end
|
21
|
-
end
|
22
|
-
end
|
23
|
-
should "decrypt subject from token payload" do
|
24
|
-
assert_equal 'john@example.com', @token[:subject]
|
25
|
-
end
|
26
|
-
should "decrypt subject using string or symbol" do
|
27
|
-
assert_equal 'john@example.com', @token['subject']
|
28
|
-
end
|
29
|
-
should "parse 'renew-until' date" do
|
30
|
-
assert_equal Time.iso8601('2010-03-05T07:19:15Z'), @token.valid_until
|
31
|
-
end
|
32
|
-
end
|
33
|
-
|
34
|
-
context "decoding token when current time is outside clock skew tolerance of before expiration date" do
|
35
|
-
should "raise TokenExpiredError" do
|
36
|
-
Timecop.travel(Time.iso8601('2010-03-04T19:19:05Z')) do
|
37
|
-
assert_raises OpenToken::TokenExpiredError do
|
38
|
-
@token = OpenToken.decode @opentoken
|
39
|
-
end
|
40
|
-
end
|
41
|
-
end
|
42
|
-
end
|
43
|
-
|
44
|
-
context "decoding token when current time is within clock skew tolerance of before expiration date" do
|
45
|
-
should "not raise TokenExpiredError" do
|
46
|
-
Timecop.travel(Time.iso8601('2010-03-04T19:19:10Z')) do
|
47
|
-
assert_nothing_raised do
|
48
|
-
@token = OpenToken.decode @opentoken
|
49
|
-
end
|
50
|
-
end
|
51
|
-
end
|
52
|
-
end
|
53
|
-
|
54
|
-
context "decoding token when current time is equal to expiration date" do
|
55
|
-
should "not raise TokenExpiredError" do
|
56
|
-
Timecop.travel(Time.iso8601('2010-03-04T19:24:15Z')) do
|
57
|
-
assert_nothing_raised do
|
58
|
-
@token = OpenToken.decode @opentoken
|
59
|
-
end
|
60
|
-
end
|
61
|
-
end
|
62
|
-
end
|
63
|
-
|
64
|
-
context "decoding token when current time is within clock skew tolerance of expiration date" do
|
65
|
-
should "not raise TokenExpiredError" do
|
66
|
-
Timecop.travel(Time.iso8601('2010-03-04T19:24:19Z')) do
|
67
|
-
assert_nothing_raised do
|
68
|
-
@token = OpenToken.decode @opentoken
|
69
|
-
end
|
70
|
-
end
|
71
|
-
end
|
72
|
-
end
|
73
|
-
|
74
|
-
context "decoding token when current time is outside clock skew tolerance of expiration date" do
|
75
|
-
should "raise TokenExpiredError" do
|
76
|
-
Timecop.travel(Time.iso8601('2010-03-04T19:24:25Z')) do
|
77
|
-
assert_raises OpenToken::TokenExpiredError do
|
78
|
-
@token = OpenToken.decode @opentoken
|
79
|
-
end
|
80
|
-
end
|
81
|
-
end
|
82
|
-
end
|
83
|
-
|
84
|
-
context "decoding token with attribute value containing apostrophe" do
|
85
|
-
setup do
|
86
|
-
Timecop.travel(Time.iso8601('2011-01-13T11:08:01Z')) do
|
87
|
-
@opentoken = "T1RLAQLIjiqgexqi1PQcEKCetvGoSYR2jhDFSIfE5ctlSBxEnq3S1ydjAADQUNRIKJx6_14aE3MQZnDABupGJrKNfoJHFS5VOnKexjMtboeOgst31Hf-D9CZBrpB7Jv0KBwnQ7DN3HizecPT76oX3UGtq_Vi5j5bKYCeObYm9W6h7NY-VzcZY5TTqIuulc2Jit381usAWZ2Sv1c_CWwhrH4hw-x7vUQMSjErvXK1qvsrFCpfNr7XlArx0HjI6kT5XEaHgQNdC0zrLw9cZ4rewoEisR3H5oM7B6gMaP82wTSFVBXvpn5r0KT-Iuc3JuG2en1zVh3GNf110oQCKQ**"
|
88
|
-
@token = OpenToken.decode @opentoken
|
89
|
-
end
|
90
|
-
end
|
91
|
-
should 'preserve apostrophe in attribute payload' do
|
92
|
-
assert_equal "D'angelo", @token[:last_name]
|
93
|
-
end
|
94
|
-
end
|
95
|
-
|
96
|
-
should 'raise invalid token error parsing nil token' do
|
97
|
-
assert_raises OpenToken::TokenInvalidError do
|
98
|
-
OpenToken.decode nil
|
99
|
-
end
|
100
|
-
end
|
101
|
-
end
|
102
|
-
|
103
|
-
context "encoding token" do
|
104
|
-
setup do
|
105
|
-
OpenToken.password = "Password1"
|
106
|
-
end
|
107
|
-
context "with aes-128-cbc and subject attribute" do
|
108
|
-
setup do
|
109
|
-
@attributesIn = { "subject" => "john", "email" => "john@example.com"}
|
110
|
-
@token = OpenToken.encode @attributesIn, OpenToken::Cipher::AES_128_CBC
|
111
|
-
end
|
112
|
-
should "be decodable" do
|
113
|
-
@attributesOut = OpenToken.decode @token
|
114
|
-
assert_equal @attributesIn, @attributesOut
|
115
|
-
end
|
116
|
-
end
|
117
|
-
end
|
118
|
-
|
119
|
-
context "encoding token with utf-8 values" do
|
120
|
-
setup do
|
121
|
-
OpenToken.password = "Password1"
|
122
|
-
end
|
123
|
-
context "with aes-128-cbc and subject attribute" do
|
124
|
-
setup do
|
125
|
-
@subject = OpenToken.send(:force_encoding, "Andr\xC3\xA9", 'UTF-8')
|
126
|
-
@attributesIn = { "subject" => @subject, "email" => "john@example.com"}
|
127
|
-
@token = OpenToken.encode @attributesIn, OpenToken::Cipher::AES_128_CBC
|
128
|
-
end
|
129
|
-
should "be decodable" do
|
130
|
-
@attributesOut = OpenToken.decode @token
|
131
|
-
assert_equal @attributesIn, @attributesOut
|
132
|
-
end
|
133
|
-
end
|
134
|
-
end
|
135
|
-
end
|