pkce_challenge 0.2.0 → 1.0.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: b24f70ed4dc880603fc1bb11a17a5c2c576d8810ec0abb9b1b7ae36fbeef46e2
-  data.tar.gz: 75b4d4b4e347b0ead4b2acfc4190b90f5767cafcd16c87186170758764749a74
+  metadata.gz: 7ecf2db55010f4dbfc0a506b8a28a6f79e61a3417b6b68d183c52a20379857a3
+  data.tar.gz: 01ea88cbc4da0fa3d07b037ad890ae634d9b3a91650f9709fcbff8cbd48fb130
 SHA512:
-  metadata.gz: ee179537017917cc647efb5f683200d66319e783ad73a3575ff3071cf6278ee3286641f6f7896d4eedd0615bda64b0d370c672bc86e0e35f3f162966027049f9
-  data.tar.gz: 663f440155dede9a1a406b6cd96ed7f4de900413b94c5008f759a8c3ddbbe1016e8f621884bd0e55f6aeae52dcf32765dba07f3d5a95c6d465e533ea674f24fb
+  metadata.gz: ac7c704a12cfc3df964510a305f7977ccc915b3b7ccbac061d4dbd29355a1b313fe12879aefa823bed8e4e0c57851fb4ffd88682550477c2eaae6958c1f9eab8
+  data.tar.gz: e7b70a852a3431520befeadeec22b682401ed5492bf5da69a887da02744e9a45d8fc49485874c77d976125693a8e4e9401ab71666710d8ca9e9f5061f4252055

data/Gemfile.lock

@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    pkce_challenge (0.1.0)
+    pkce_challenge (1.0.0)
 
 GEM
   remote: https://rubygems.org/

data/README.md

@@ -1,8 +1,6 @@
-# PkceChallenge
+# PKCE Code challenge generator
 
-Welcome to your new gem! In this directory, you'll find the files you need to be able to package up your Ruby library into a gem. Put your Ruby code in the file `lib/pkce_challenge`. To experiment with that code, run `bin/console` for an interactive prompt.
-
-TODO: Delete this and the text above, and describe your gem
+PKCE flow code verifier and code challenge **generator**
 
 ## Installation
 
@@ -22,29 +20,30 @@ Or install it yourself as:
 
 ## Usage
 
+To generate the code verifier and challenge simply run:
+
 ```ruby
-2.6.0 :001 > require "pkce_challenge"
+PkceChallenge.challenge
 ```
 
+Or with the char length option:
+
 ```ruby
-2.6.0 :001 > PkceChallenge.challenge
+PkceChallenge.challenge(char_length: 128)
 ```
 
-Output:
+Additionally you can run:
 ```ruby
-=> #<PkceChallenge::Challenge:0x00007f894f810378 @char_length=48, @code_verifier="QbS08cDO9pce~HVCKe9-UDiJoBMG8xwql4FI.Y3CIdpyJtPU", @code_challenge="HT90mmypkXgneRUVK-Ja009VvnoL-flydbEgRcTp5Yw">
+pkce_challenge = PkceChallenge.challenge 
+pkce_challenge = PkceChallenge.challenge(char_length: 128) # or with char_length option
 ```
 
-Generating a code challenge with the `char_length` option:
+Returned value is an instance of PkceChallenge::Challenge class which will have the following methods:
 ```ruby
-# Accepts valid length between 43 and 128
-
-2.6.0 :003 > PkceChallenge.challenge(char_length: 50)
-
- => #<PkceChallenge::Challenge:0x00007f894f20b9a0 @char_length=50, @code_verifier="0St0oCRzGDFj_iIxB8PCwaMPvGLk8vQxDfJIoC_zU56XwwQM21", @code_challenge="01g9RYPZOjpVFB-BBQhd6OC70jlgPFzJ6ie5YkSC7rI">
+pkce_challenge.code_verifier # a dynamically created cryptographically random key
+pkce_challenge.code_challenge # a BASE64-URL-encoded string of the SHA256 hash of the code verifier
 ```
 
-
 ## Development
 
 After checking out the repo, run `bin/setup` to install dependencies. Then, run `rake spec` to run the tests. You can also run `bin/console` for an interactive prompt that will allow you to experiment.
@@ -53,7 +52,7 @@ To install this gem onto your local machine, run `bundle exec rake install`. To
 
 ## Contributing
 
-Bug reports and pull requests are welcome on GitHub at https://github.com/[USERNAME]/pkce_challenge. This project is intended to be a safe, welcoming space for collaboration, and contributors are expected to adhere to the [Contributor Covenant](http://contributor-covenant.org) code of conduct.
+Bug reports and pull requests are welcome on GitHub at https://github.com/samuelralak/pkce_challenge. This project is intended to be a safe, welcoming space for collaboration, and contributors are expected to adhere to the [Contributor Covenant](http://contributor-covenant.org) code of conduct.
 
 ## License
 

data/lib/pkce_challenge/challenge.rb

@@ -1,34 +1,20 @@
 # frozen_string_literal: true
 
 require "digest"
+require "securerandom"
 
 module PkceChallenge
   class Challenge
     attr_accessor :code_verifier, :code_challenge
 
     def initialize(options = {})
-      @char_length = (options[:char_length] || CHAR_LENGTH[:default]).to_i
-
-      unless @char_length.between?(CHAR_LENGTH[:min], CHAR_LENGTH[:max])
-        raise PkceChallenge::LengthOutOfRangeError
-      end
-
+      @options = options
       @code_verifier = generate_code_verifier
       @code_challenge = generate_pkce_challenge
     end
 
     # constants definition
 
-    CHAR_RANGE = [
-      *"A".."Z",
-      *"a".."z",
-      *"0".."9",
-      "-",
-      ".",
-      "_",
-      "~",
-    ].freeze
-
     CHAR_LENGTH = {
       default: 48,
       max: 128,
@@ -38,11 +24,21 @@ module PkceChallenge
     private
 
     def generate_code_verifier
-      Array.new(@char_length) { CHAR_RANGE[rand(CHAR_RANGE.length)] }.join
+      length = (@options[:char_length] || CHAR_LENGTH[:default]).to_i
+
+      unless length.between?(CHAR_LENGTH[:min], CHAR_LENGTH[:max])
+        raise PkceChallenge::LengthOutOfRangeError
+      end
+
+      urlsafe_base64(SecureRandom.base64((length * 3) / 4))
     end
 
     def generate_pkce_challenge
-      Digest::SHA256.base64digest(@code_verifier).tr("+/", "-_").tr("=", "")
+      urlsafe_base64(Digest::SHA256.base64digest(@code_verifier))
+    end
+
+    def urlsafe_base64(base64_str)
+      base64_str.tr("+/", "-_").tr("=", "")
     end
   end
 end

data/lib/pkce_challenge/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module PkceChallenge
-  VERSION = "0.2.0"
+  VERSION = "1.0.0"
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: pkce_challenge
 version: !ruby/object:Gem::Version
-  version: 0.2.0
+  version: 1.0.0
 platform: ruby
 authors:
 - Samuel Ralak
@@ -86,6 +86,8 @@ files:
 - bin/console
 - bin/setup
 - gemfiles/pkce_challenge-0.1.0.gem
+- gemfiles/pkce_challenge-0.2.0.gem
+- gemfiles/pkce_challenge-1.0.0.gem
 - lib/pkce_challenge.rb
 - lib/pkce_challenge/challenge.rb
 - lib/pkce_challenge/version.rb