rbsso 0.1.0 → 0.2.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/rbsso/client.rb +6 -2
- data/lib/rbsso/content.rb +16 -4
- data/lib/rbsso/server.rb +2 -1
- metadata +60 -4
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: b6439a85993ed2c25cf7a18a36dee23e59e9ec14
|
|
4
|
+
data.tar.gz: bdba3aa011488b4f543758d44a3edd07e5c65129
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 3886c8bfddd37a037a30763184a00851fe70df542fb05ec1184b361f14a619a9c910ab4596b24f8c92bff901140c35aced9acff3790b5d793185dee11b4e42f6
|
|
7
|
+
data.tar.gz: 1bf92c7714f70d2b9e9bd2d9b0c06b13d87a5d18fa7d3273552f036fbfa460b84b51984b84b0430919e0c63702be49d7cee5d2b786d49ea3f4540f322e8f175f
|
data/lib/rbsso/client.rb
CHANGED
|
@@ -5,10 +5,11 @@ require 'rbsso/content'
|
|
|
5
5
|
module RbSSO
|
|
6
6
|
class Client
|
|
7
7
|
|
|
8
|
-
def initialize(key)
|
|
8
|
+
def initialize(service, key)
|
|
9
9
|
if !key || key !~ /[0-9a-f]{64}/i
|
|
10
10
|
raise ArgumentError, "key MUST be 32 bytes, hex encoded string, was: #{key}"
|
|
11
11
|
end
|
|
12
|
+
@service = service
|
|
12
13
|
key = RbNaCl::VerifyKey.new [key].pack('H*')
|
|
13
14
|
@verify_key = key
|
|
14
15
|
end
|
|
@@ -16,10 +17,13 @@ module RbSSO
|
|
|
16
17
|
def open(ticket_string)
|
|
17
18
|
ticket = RbSSO::Ticket.open ticket_string, verify_key
|
|
18
19
|
content = RbSSO::Content.parse ticket.content
|
|
20
|
+
if content.service != service
|
|
21
|
+
raise RuntimeError.new("Wrong service in ticket: #{content.service}")
|
|
22
|
+
end
|
|
19
23
|
content.to_info
|
|
20
24
|
end
|
|
21
25
|
|
|
22
26
|
protected
|
|
23
|
-
attr_reader :verify_key
|
|
27
|
+
attr_reader :verify_key, :service
|
|
24
28
|
end
|
|
25
29
|
end
|
data/lib/rbsso/content.rb
CHANGED
|
@@ -2,6 +2,12 @@ module RbSSO
|
|
|
2
2
|
class Content
|
|
3
3
|
VERSION = 3
|
|
4
4
|
|
|
5
|
+
class VersionMismatch < ArgumentError
|
|
6
|
+
def initialize(version)
|
|
7
|
+
super "Version mismatch! Expected: #{VERSION} Got: #{version}."
|
|
8
|
+
end
|
|
9
|
+
end
|
|
10
|
+
|
|
5
11
|
attr_reader :user, :service, :domain, :groups, :expires
|
|
6
12
|
|
|
7
13
|
def initialize(user:, service:, domain:, groups: [], ttl: 3600, expires: nil)
|
|
@@ -11,10 +17,12 @@ module RbSSO
|
|
|
11
17
|
|
|
12
18
|
def self.parse(string)
|
|
13
19
|
version, user, service, domain, expires, groups = string.split '|'
|
|
14
|
-
|
|
15
|
-
|
|
16
|
-
|
|
17
|
-
|
|
20
|
+
check_version(version)
|
|
21
|
+
new user: user,
|
|
22
|
+
service: service,
|
|
23
|
+
domain: domain,
|
|
24
|
+
expires: expires.to_i,
|
|
25
|
+
groups: (groups || '').split(',')
|
|
18
26
|
end
|
|
19
27
|
|
|
20
28
|
def to_s
|
|
@@ -37,5 +45,9 @@ module RbSSO
|
|
|
37
45
|
expires == other.expires
|
|
38
46
|
end
|
|
39
47
|
|
|
48
|
+
def self.check_version(version)
|
|
49
|
+
return if version.to_s == VERSION.to_s
|
|
50
|
+
raise VersionMismatch.new(version)
|
|
51
|
+
end
|
|
40
52
|
end
|
|
41
53
|
end
|
data/lib/rbsso/server.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: rbsso
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.1
|
|
4
|
+
version: 0.2.1
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Azul
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2017-01-
|
|
11
|
+
date: 2017-01-13 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: rbnacl
|
|
@@ -58,10 +58,66 @@ dependencies:
|
|
|
58
58
|
- - "~>"
|
|
59
59
|
- !ruby/object:Gem::Version
|
|
60
60
|
version: '5.0'
|
|
61
|
+
- !ruby/object:Gem::Dependency
|
|
62
|
+
name: minitest-autotest
|
|
63
|
+
requirement: !ruby/object:Gem::Requirement
|
|
64
|
+
requirements:
|
|
65
|
+
- - "~>"
|
|
66
|
+
- !ruby/object:Gem::Version
|
|
67
|
+
version: '1.0'
|
|
68
|
+
type: :development
|
|
69
|
+
prerelease: false
|
|
70
|
+
version_requirements: !ruby/object:Gem::Requirement
|
|
71
|
+
requirements:
|
|
72
|
+
- - "~>"
|
|
73
|
+
- !ruby/object:Gem::Version
|
|
74
|
+
version: '1.0'
|
|
75
|
+
- !ruby/object:Gem::Dependency
|
|
76
|
+
name: autotest-suffix
|
|
77
|
+
requirement: !ruby/object:Gem::Requirement
|
|
78
|
+
requirements:
|
|
79
|
+
- - "~>"
|
|
80
|
+
- !ruby/object:Gem::Version
|
|
81
|
+
version: '1.1'
|
|
82
|
+
type: :development
|
|
83
|
+
prerelease: false
|
|
84
|
+
version_requirements: !ruby/object:Gem::Requirement
|
|
85
|
+
requirements:
|
|
86
|
+
- - "~>"
|
|
87
|
+
- !ruby/object:Gem::Version
|
|
88
|
+
version: '1.1'
|
|
89
|
+
- !ruby/object:Gem::Dependency
|
|
90
|
+
name: simplecov
|
|
91
|
+
requirement: !ruby/object:Gem::Requirement
|
|
92
|
+
requirements:
|
|
93
|
+
- - "~>"
|
|
94
|
+
- !ruby/object:Gem::Version
|
|
95
|
+
version: '0.11'
|
|
96
|
+
type: :development
|
|
97
|
+
prerelease: false
|
|
98
|
+
version_requirements: !ruby/object:Gem::Requirement
|
|
99
|
+
requirements:
|
|
100
|
+
- - "~>"
|
|
101
|
+
- !ruby/object:Gem::Version
|
|
102
|
+
version: '0.11'
|
|
103
|
+
- !ruby/object:Gem::Dependency
|
|
104
|
+
name: conventional-changelog
|
|
105
|
+
requirement: !ruby/object:Gem::Requirement
|
|
106
|
+
requirements:
|
|
107
|
+
- - "~>"
|
|
108
|
+
- !ruby/object:Gem::Version
|
|
109
|
+
version: '1.2'
|
|
110
|
+
type: :development
|
|
111
|
+
prerelease: false
|
|
112
|
+
version_requirements: !ruby/object:Gem::Requirement
|
|
113
|
+
requirements:
|
|
114
|
+
- - "~>"
|
|
115
|
+
- !ruby/object:Gem::Version
|
|
116
|
+
version: '1.2'
|
|
61
117
|
description: |
|
|
62
118
|
This is a ruby version based on libsodium of "ai sso"(https://git.autistici.org/ai/sso).
|
|
63
119
|
|
|
64
|
-
We
|
|
120
|
+
We provide an omniauth strategy. It could also be used in bonafide server to sign sso tickets to be consumed by soledad server.
|
|
65
121
|
email: azul@riseup.net
|
|
66
122
|
executables: []
|
|
67
123
|
extensions: []
|
|
@@ -72,7 +128,7 @@ files:
|
|
|
72
128
|
- lib/rbsso/content.rb
|
|
73
129
|
- lib/rbsso/server.rb
|
|
74
130
|
- lib/rbsso/ticket.rb
|
|
75
|
-
homepage: https://0xacab.org/
|
|
131
|
+
homepage: https://0xacab.org/riseup/rbsso
|
|
76
132
|
licenses:
|
|
77
133
|
- MIT
|
|
78
134
|
metadata: {}
|