riddl 0.99.213 → 0.99.214

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 5c0d5de962676162c1b4fb7debeceb78037479fb
-  data.tar.gz: c4b833642deeab806fcf9780141efffd73727e9f
+  metadata.gz: 327de3f2646080a6f91f901abbc02cdc60397c5c
+  data.tar.gz: 0c5ec7bf74dbfa4e0d3870db9c9086ebfda91a5d
 SHA512:
-  metadata.gz: 69a511bfdfc3e5a3c88622317de6c3ca427a8efa59214b4199a847360c5a08bdbd38c11c281b1d5648f4de3f1e469fea77b07cb267b26fe9cc8a0e69b7aa7d64
-  data.tar.gz: a2e287977c39d79eb0d68e39d34b6ebdc3e00e1210572768af437b127cede94097ccfff76a5b99825db8e4cee4205ff8fa528c391ee369e0506f8dd218440e52
+  metadata.gz: 361ac4490ae77ed21010205b350e51c16ddfae03a3a09f6ae96ab2d92ebedac52db4eb325a6eedb47ee4bc1e0b5fd2864627195bb6dd7201bdc6a5be1c4fa325
+  data.tar.gz: fb85cecb2795fb1e50eb90caa03d4ac03a7ac9cb0c1accb02317d605e6ce3f5a0227f475007e25bd3bc1520011cc2823739d8c8f40cabd7f98377f9f8da95252

data/lib/ruby/riddl/ns/common-patterns/oauth2-univie-app/1.0/bearer.xml

@@ -0,0 +1,7 @@
+<description datatypeLibrary="http://www.w3.org/2001/XMLSchema-datatypes" xmlns="http://riddl.org/ns/description/1.0" xmlns:xi="http://www.w3.org/2001/XInclude" xmlns:doc="http://riddl.org/ns/documentation/1.0">
+
+  <resource>
+    <get pass="*"/>
+  </resource>
+
+</description>

data/lib/ruby/riddl/utils/{oauth2-univie-app.rb → oauth2-univie.rb}

@@ -3,6 +3,68 @@ require File.expand_path(File.dirname(__FILE__) + '/oauth2-helper')
 module Riddl
   module Utils
     module OAuth2
+      
+      module UnivieBearer
+        def self::implementation(client_id, client_secret, access_tokens)
+          unless access_tokens.is_a?(Riddl::Utils::OAuth2::Helper::Tokens) client_id.is_a?(String) && client_secret.is_a?(String)
+            raise "client_id, client_secret or token storage not available."
+          end
+          Proc.new do
+						run CheckAuth, client_id, client_secret, access_tokens if get
+          end
+        end  
+
+				class CheckAuth < Riddl::Implementation
+					def response
+						client_id = @a[0]
+						client_secret = @a[1]
+						access_tokens = @a[2]
+						if @h['AUTHORIZATION']
+							token = @h['AUTHORIZATION'].sub(/^Bearer /, '')
+
+							data, _, signature = token.rpartition '.'
+							expected_sign = Riddl::Utils::OAuth2::Helper::sign(client_id + ':' + client_secret, data)
+
+							if !access_tokens.key? token
+								@status = 403
+								return Riddl::Parameter::Complex.new('data', 'application/json', {
+									:error => 'Unknown token'
+								}.to_json)
+							elsif signature != expected_sign
+								@status = 403
+								return Riddl::Parameter::Complex.new('data', 'application/json', {
+									:error => 'Invalid token, you bad boy'
+								}.to_json)
+							end
+
+							header_claims, payload_claims = data.split('.').map { |v| Base64::urlsafe_decode64 v }
+							payload_claims = JSON::parse payload_claims
+
+							if header_claims != Riddl::Utils::OAuth2::Helper::header
+								@status = 401
+								return Riddl::Parameter::Complex.new('data', 'application/json', {
+									:error => 'Invalid header claims'
+								}.to_json)
+							elsif payload_claims['exp'] <= Time.now.to_i
+								@status = 403
+								return Riddl::Parameter::Complex.new('data', 'application/json', {
+									:error => 'Expired token'
+								}.to_json)
+							elsif !payload_claims['aud'].split(',').map(&:strip).include? client_id
+								# XXX: ein token für mehrere clients gültig? lookup?
+								@status = 403
+								return Riddl::Parameter::Complex.new('data', 'application/json', {
+									:error => 'Token is not valid for this application'
+								}.to_json)
+							end
+
+							@headers << Riddl::Header.new('AUTHORIZATION_BEARER', access_tokens[token])
+						end
+
+						@p
+					end
+				end
+			end
 
       module UnivieApp
         def self::implementation(client_id, client_secret, access_tokens, refresh_tokens)

data/ns/common-patterns/oauth2-univie-app/1.0/bearer.xml

@@ -0,0 +1,7 @@
+<description datatypeLibrary="http://www.w3.org/2001/XMLSchema-datatypes" xmlns="http://riddl.org/ns/description/1.0" xmlns:xi="http://www.w3.org/2001/XInclude" xmlns:doc="http://riddl.org/ns/documentation/1.0">
+
+  <resource>
+    <get pass="*"/>
+  </resource>
+
+</description>

data/riddl.gemspec

@@ -1,6 +1,6 @@
 Gem::Specification.new do |s|
   s.name             = "riddl"
-  s.version          = "0.99.213"
+  s.version          = "0.99.214"
   s.platform         = Gem::Platform::RUBY
   s.license          = "LGPL-3"
   s.summary          = "restful interface description and declaration language: tools and client/server libs"

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: riddl
 version: !ruby/object:Gem::Version
-  version: 0.99.213
+  version: 0.99.214
 platform: ruby
 authors:
 - Juergen 'eTM' Mangler
@@ -401,6 +401,7 @@ files:
 - lib/ruby/riddl/ns/common-patterns/notifications-consumer/1.0/consumer.xml
 - lib/ruby/riddl/ns/common-patterns/notifications-producer/1.0/producer.xml
 - lib/ruby/riddl/ns/common-patterns/oauth2-univie-app/1.0/app.xml
+- lib/ruby/riddl/ns/common-patterns/oauth2-univie-app/1.0/bearer.xml
 - lib/ruby/riddl/ns/common-patterns/properties/1.0/properties.schema.schema
 - lib/ruby/riddl/ns/common-patterns/properties/1.0/properties.schema.xsl
 - lib/ruby/riddl/ns/common-patterns/properties/1.0/properties.xml
@@ -434,7 +435,7 @@ files:
 - lib/ruby/riddl/utils/fileserve.rb
 - lib/ruby/riddl/utils/notifications_producer.rb
 - lib/ruby/riddl/utils/oauth2-helper.rb
-- lib/ruby/riddl/utils/oauth2-univie-app.rb
+- lib/ruby/riddl/utils/oauth2-univie.rb
 - lib/ruby/riddl/utils/properties.rb
 - lib/ruby/riddl/utils/turtle.rb
 - lib/ruby/riddl/utils/xmlserve.rb
@@ -457,6 +458,7 @@ files:
 - ns/common-patterns/notifications-consumer/1.0/consumer.xml
 - ns/common-patterns/notifications-producer/1.0/producer.xml
 - ns/common-patterns/oauth2-univie-app/1.0/app.xml
+- ns/common-patterns/oauth2-univie-app/1.0/bearer.xml
 - ns/common-patterns/properties/1.0/properties.schema.schema
 - ns/common-patterns/properties/1.0/properties.schema.xsl
 - ns/common-patterns/properties/1.0/properties.xml