rbsso 0.2.1 → 0.2.2

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: b6439a85993ed2c25cf7a18a36dee23e59e9ec14
-  data.tar.gz: bdba3aa011488b4f543758d44a3edd07e5c65129
+  metadata.gz: 996a190fc1fa080d95879c4ea3394e775d7702c4
+  data.tar.gz: 9952ff5c4043e76c7bb7676e0548294732a10459
 SHA512:
-  metadata.gz: 3886c8bfddd37a037a30763184a00851fe70df542fb05ec1184b361f14a619a9c910ab4596b24f8c92bff901140c35aced9acff3790b5d793185dee11b4e42f6
-  data.tar.gz: 1bf92c7714f70d2b9e9bd2d9b0c06b13d87a5d18fa7d3273552f036fbfa460b84b51984b84b0430919e0c63702be49d7cee5d2b786d49ea3f4540f322e8f175f
+  metadata.gz: f21e9d6425249836f09d683899bb9b95a96f5a8d0f1f20e0b3d0cfb51d0715522720d336622d3573848f2073c2fadf8975a92773928f65f5ce558f5f9d97deac
+  data.tar.gz: 132676840c808b18a78788561a867f045f41ee25659836b3faaf316b363c62a3631846836d1ccbbf6f7f0cf6167e95ff89fb2b706c934d5387c4e94c8965a635

data/lib/rbsso/{content.rb → authentication.rb}

@@ -1,5 +1,5 @@
 module RbSSO
-  class Content
+  class Authentication
     VERSION = 3
 
     class VersionMismatch < ArgumentError
@@ -45,6 +45,10 @@ module RbSSO
         expires == other.expires
     end
 
+    def expired?
+      self.expires < Time.now.to_i
+    end
+
     def self.check_version(version)
       return if version.to_s == VERSION.to_s
       raise VersionMismatch.new(version)

data/lib/rbsso/client.rb

@@ -1,9 +1,20 @@
 require 'rbnacl'
 require 'rbsso/ticket'
-require 'rbsso/content'
+require 'rbsso/authentication'
 
 module RbSSO
   class Client
+    class TicketExpired < RuntimeError
+      def initialize(expiry)
+        super "Expired #{Time.now.to_i - expiry} seconds ago."
+      end
+    end
+
+    class WrongService < RuntimeError
+      def initialize(expected, was)
+        super "Ticket issued for #{was} is not valid on #{expected}."
+      end
+    end
 
     def initialize(service, key)
       if !key || key !~ /[0-9a-f]{64}/i
@@ -16,11 +27,10 @@ module RbSSO
 
     def open(ticket_string)
       ticket = RbSSO::Ticket.open ticket_string, verify_key
-      content = RbSSO::Content.parse ticket.content
-      if content.service != service
-        raise RuntimeError.new("Wrong service in ticket: #{content.service}")
-      end
-      content.to_info
+      auth = RbSSO::Authentication.parse ticket.content
+      raise TicketExpired.new(auth.expires) if auth.expired?
+      raise WrongService.new(service, auth.service) if auth.service != service
+      auth.to_info
     end
 
     protected

data/lib/rbsso/server.rb

@@ -1,6 +1,6 @@
 require 'rbnacl'
 require 'rbsso/ticket'
-require 'rbsso/content'
+require 'rbsso/authentication'
 
 module RbSSO
   class Server
@@ -14,8 +14,10 @@ module RbSSO
     end
 
     def ticket(user, service, domain)
-      content = RbSSO::Content.new user: user, service: service, domain: domain
-      ticket = RbSSO::Ticket.sign content, key
+      auth = RbSSO::Authentication.new user: user,
+        service: service,
+        domain: domain
+      ticket = RbSSO::Ticket.sign auth, key
       return ticket.to_base64
     end
 

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: rbsso
 version: !ruby/object:Gem::Version
-  version: 0.2.1
+  version: 0.2.2
 platform: ruby
 authors:
 - Azul
@@ -124,8 +124,8 @@ extensions: []
 extra_rdoc_files: []
 files:
 - lib/rbsso.rb
+- lib/rbsso/authentication.rb
 - lib/rbsso/client.rb
-- lib/rbsso/content.rb
 - lib/rbsso/server.rb
 - lib/rbsso/ticket.rb
 homepage: https://0xacab.org/riseup/rbsso