rbsso 0.2.1 → 0.2.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/rbsso/{content.rb → authentication.rb} +5 -1
- data/lib/rbsso/client.rb +16 -6
- data/lib/rbsso/server.rb +5 -3
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 996a190fc1fa080d95879c4ea3394e775d7702c4
|
|
4
|
+
data.tar.gz: 9952ff5c4043e76c7bb7676e0548294732a10459
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: f21e9d6425249836f09d683899bb9b95a96f5a8d0f1f20e0b3d0cfb51d0715522720d336622d3573848f2073c2fadf8975a92773928f65f5ce558f5f9d97deac
|
|
7
|
+
data.tar.gz: 132676840c808b18a78788561a867f045f41ee25659836b3faaf316b363c62a3631846836d1ccbbf6f7f0cf6167e95ff89fb2b706c934d5387c4e94c8965a635
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
module RbSSO
|
|
2
|
-
class
|
|
2
|
+
class Authentication
|
|
3
3
|
VERSION = 3
|
|
4
4
|
|
|
5
5
|
class VersionMismatch < ArgumentError
|
|
@@ -45,6 +45,10 @@ module RbSSO
|
|
|
45
45
|
expires == other.expires
|
|
46
46
|
end
|
|
47
47
|
|
|
48
|
+
def expired?
|
|
49
|
+
self.expires < Time.now.to_i
|
|
50
|
+
end
|
|
51
|
+
|
|
48
52
|
def self.check_version(version)
|
|
49
53
|
return if version.to_s == VERSION.to_s
|
|
50
54
|
raise VersionMismatch.new(version)
|
data/lib/rbsso/client.rb
CHANGED
|
@@ -1,9 +1,20 @@
|
|
|
1
1
|
require 'rbnacl'
|
|
2
2
|
require 'rbsso/ticket'
|
|
3
|
-
require 'rbsso/
|
|
3
|
+
require 'rbsso/authentication'
|
|
4
4
|
|
|
5
5
|
module RbSSO
|
|
6
6
|
class Client
|
|
7
|
+
class TicketExpired < RuntimeError
|
|
8
|
+
def initialize(expiry)
|
|
9
|
+
super "Expired #{Time.now.to_i - expiry} seconds ago."
|
|
10
|
+
end
|
|
11
|
+
end
|
|
12
|
+
|
|
13
|
+
class WrongService < RuntimeError
|
|
14
|
+
def initialize(expected, was)
|
|
15
|
+
super "Ticket issued for #{was} is not valid on #{expected}."
|
|
16
|
+
end
|
|
17
|
+
end
|
|
7
18
|
|
|
8
19
|
def initialize(service, key)
|
|
9
20
|
if !key || key !~ /[0-9a-f]{64}/i
|
|
@@ -16,11 +27,10 @@ module RbSSO
|
|
|
16
27
|
|
|
17
28
|
def open(ticket_string)
|
|
18
29
|
ticket = RbSSO::Ticket.open ticket_string, verify_key
|
|
19
|
-
|
|
20
|
-
|
|
21
|
-
|
|
22
|
-
|
|
23
|
-
content.to_info
|
|
30
|
+
auth = RbSSO::Authentication.parse ticket.content
|
|
31
|
+
raise TicketExpired.new(auth.expires) if auth.expired?
|
|
32
|
+
raise WrongService.new(service, auth.service) if auth.service != service
|
|
33
|
+
auth.to_info
|
|
24
34
|
end
|
|
25
35
|
|
|
26
36
|
protected
|
data/lib/rbsso/server.rb
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
require 'rbnacl'
|
|
2
2
|
require 'rbsso/ticket'
|
|
3
|
-
require 'rbsso/
|
|
3
|
+
require 'rbsso/authentication'
|
|
4
4
|
|
|
5
5
|
module RbSSO
|
|
6
6
|
class Server
|
|
@@ -14,8 +14,10 @@ module RbSSO
|
|
|
14
14
|
end
|
|
15
15
|
|
|
16
16
|
def ticket(user, service, domain)
|
|
17
|
-
|
|
18
|
-
|
|
17
|
+
auth = RbSSO::Authentication.new user: user,
|
|
18
|
+
service: service,
|
|
19
|
+
domain: domain
|
|
20
|
+
ticket = RbSSO::Ticket.sign auth, key
|
|
19
21
|
return ticket.to_base64
|
|
20
22
|
end
|
|
21
23
|
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: rbsso
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.2.
|
|
4
|
+
version: 0.2.2
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Azul
|
|
@@ -124,8 +124,8 @@ extensions: []
|
|
|
124
124
|
extra_rdoc_files: []
|
|
125
125
|
files:
|
|
126
126
|
- lib/rbsso.rb
|
|
127
|
+
- lib/rbsso/authentication.rb
|
|
127
128
|
- lib/rbsso/client.rb
|
|
128
|
-
- lib/rbsso/content.rb
|
|
129
129
|
- lib/rbsso/server.rb
|
|
130
130
|
- lib/rbsso/ticket.rb
|
|
131
131
|
homepage: https://0xacab.org/riseup/rbsso
|