rbsso 0.2.1 → 0.2.2
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/rbsso/{content.rb → authentication.rb} +5 -1
- data/lib/rbsso/client.rb +16 -6
- data/lib/rbsso/server.rb +5 -3
- metadata +2 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 996a190fc1fa080d95879c4ea3394e775d7702c4
|
4
|
+
data.tar.gz: 9952ff5c4043e76c7bb7676e0548294732a10459
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: f21e9d6425249836f09d683899bb9b95a96f5a8d0f1f20e0b3d0cfb51d0715522720d336622d3573848f2073c2fadf8975a92773928f65f5ce558f5f9d97deac
|
7
|
+
data.tar.gz: 132676840c808b18a78788561a867f045f41ee25659836b3faaf316b363c62a3631846836d1ccbbf6f7f0cf6167e95ff89fb2b706c934d5387c4e94c8965a635
|
@@ -1,5 +1,5 @@
|
|
1
1
|
module RbSSO
|
2
|
-
class
|
2
|
+
class Authentication
|
3
3
|
VERSION = 3
|
4
4
|
|
5
5
|
class VersionMismatch < ArgumentError
|
@@ -45,6 +45,10 @@ module RbSSO
|
|
45
45
|
expires == other.expires
|
46
46
|
end
|
47
47
|
|
48
|
+
def expired?
|
49
|
+
self.expires < Time.now.to_i
|
50
|
+
end
|
51
|
+
|
48
52
|
def self.check_version(version)
|
49
53
|
return if version.to_s == VERSION.to_s
|
50
54
|
raise VersionMismatch.new(version)
|
data/lib/rbsso/client.rb
CHANGED
@@ -1,9 +1,20 @@
|
|
1
1
|
require 'rbnacl'
|
2
2
|
require 'rbsso/ticket'
|
3
|
-
require 'rbsso/
|
3
|
+
require 'rbsso/authentication'
|
4
4
|
|
5
5
|
module RbSSO
|
6
6
|
class Client
|
7
|
+
class TicketExpired < RuntimeError
|
8
|
+
def initialize(expiry)
|
9
|
+
super "Expired #{Time.now.to_i - expiry} seconds ago."
|
10
|
+
end
|
11
|
+
end
|
12
|
+
|
13
|
+
class WrongService < RuntimeError
|
14
|
+
def initialize(expected, was)
|
15
|
+
super "Ticket issued for #{was} is not valid on #{expected}."
|
16
|
+
end
|
17
|
+
end
|
7
18
|
|
8
19
|
def initialize(service, key)
|
9
20
|
if !key || key !~ /[0-9a-f]{64}/i
|
@@ -16,11 +27,10 @@ module RbSSO
|
|
16
27
|
|
17
28
|
def open(ticket_string)
|
18
29
|
ticket = RbSSO::Ticket.open ticket_string, verify_key
|
19
|
-
|
20
|
-
|
21
|
-
|
22
|
-
|
23
|
-
content.to_info
|
30
|
+
auth = RbSSO::Authentication.parse ticket.content
|
31
|
+
raise TicketExpired.new(auth.expires) if auth.expired?
|
32
|
+
raise WrongService.new(service, auth.service) if auth.service != service
|
33
|
+
auth.to_info
|
24
34
|
end
|
25
35
|
|
26
36
|
protected
|
data/lib/rbsso/server.rb
CHANGED
@@ -1,6 +1,6 @@
|
|
1
1
|
require 'rbnacl'
|
2
2
|
require 'rbsso/ticket'
|
3
|
-
require 'rbsso/
|
3
|
+
require 'rbsso/authentication'
|
4
4
|
|
5
5
|
module RbSSO
|
6
6
|
class Server
|
@@ -14,8 +14,10 @@ module RbSSO
|
|
14
14
|
end
|
15
15
|
|
16
16
|
def ticket(user, service, domain)
|
17
|
-
|
18
|
-
|
17
|
+
auth = RbSSO::Authentication.new user: user,
|
18
|
+
service: service,
|
19
|
+
domain: domain
|
20
|
+
ticket = RbSSO::Ticket.sign auth, key
|
19
21
|
return ticket.to_base64
|
20
22
|
end
|
21
23
|
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: rbsso
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.2.
|
4
|
+
version: 0.2.2
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Azul
|
@@ -124,8 +124,8 @@ extensions: []
|
|
124
124
|
extra_rdoc_files: []
|
125
125
|
files:
|
126
126
|
- lib/rbsso.rb
|
127
|
+
- lib/rbsso/authentication.rb
|
127
128
|
- lib/rbsso/client.rb
|
128
|
-
- lib/rbsso/content.rb
|
129
129
|
- lib/rbsso/server.rb
|
130
130
|
- lib/rbsso/ticket.rb
|
131
131
|
homepage: https://0xacab.org/riseup/rbsso
|