riddl 0.99.257 → 0.99.258
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/examples/library/test +5315 -0
- data/lib/ruby/riddl/client.rb +4 -0
- data/lib/ruby/riddl/utils/oauth2-univie.rb +0 -5
- data/lib/ruby/riddl/wrapper/description/message_and_transformation.rb +19 -16
- data/riddl.gemspec +1 -1
- metadata +9 -10
- data/lib/ruby/riddl/utils/oauth2-univie.rb.orig +0 -166
- data/lib/ruby/riddl/utils/oauth2-univie.rb.rej +0 -10
data/lib/ruby/riddl/client.rb
CHANGED
@@ -257,6 +257,10 @@ unless Module.constants.include?('CLIENT_INCLUDED')
|
|
257
257
|
|
258
258
|
def exec_request(riddl_method,parameters,simulate) #{{{
|
259
259
|
parameters = [ parameters ] unless parameters.is_a? Array
|
260
|
+
(URI.parse(@base)&.query || '').split(/[#{D}] */n).each do |p|
|
261
|
+
k, v = Riddl::Protocols::Utils::unescape(p).split('=', 2)
|
262
|
+
parameters << Parameter::Simple.new(k,v,:query)
|
263
|
+
end
|
260
264
|
parameters = parameters.dup
|
261
265
|
headers = extract_headers(parameters)
|
262
266
|
options = extract_options(parameters)
|
@@ -50,11 +50,6 @@ module Riddl
|
|
50
50
|
end
|
51
51
|
|
52
52
|
@headers << Riddl::Header.new('AUTHORIZATION_BEARER', access_tokens.get(token))
|
53
|
-
else
|
54
|
-
@status = 403
|
55
|
-
return Riddl::Parameter::Complex.new('data', 'application/json', {
|
56
|
-
:error => 'No authorization provided.'
|
57
|
-
}.to_json)
|
58
53
|
end
|
59
54
|
|
60
55
|
@p
|
@@ -10,10 +10,13 @@ module Riddl
|
|
10
10
|
if layer.nil?
|
11
11
|
@content = content
|
12
12
|
else
|
13
|
+
puts layer.dump
|
14
|
+
puts "des:#{type}[@name='#{name}']"
|
15
|
+
|
13
16
|
@content = layer.find("des:#{type}[@name='#{name}']").first.to_doc
|
14
17
|
@content.root.find("@name").delete_all!
|
15
18
|
@content.register_namespace 'des', Riddl::Wrapper::DESCRIPTION
|
16
|
-
end
|
19
|
+
end
|
17
20
|
update_hash!
|
18
21
|
end
|
19
22
|
def update_hash!
|
@@ -32,8 +35,8 @@ module Riddl
|
|
32
35
|
@hash = hb.serialize.hash
|
33
36
|
end
|
34
37
|
def traverse?(other)
|
35
|
-
if other.name.nil?
|
36
|
-
false
|
38
|
+
if other.name.nil?
|
39
|
+
false
|
37
40
|
else
|
38
41
|
paths = self.hash_base.find("//des:parameter").map{ |e| e.path + "/@name" }
|
39
42
|
hb2 = XML::Smart::string(other.hash_base.serialize)
|
@@ -45,7 +48,7 @@ module Riddl
|
|
45
48
|
end
|
46
49
|
|
47
50
|
self.hash_base.serialize.hash == hb2.serialize.hash
|
48
|
-
end
|
51
|
+
end
|
49
52
|
end
|
50
53
|
attr_reader :name, :content, :hash, :hash_base
|
51
54
|
#}}}
|
@@ -68,7 +71,7 @@ module Riddl
|
|
68
71
|
super layer,name,:message
|
69
72
|
end
|
70
73
|
def initialize_copy(o)
|
71
|
-
@content = @content.dup
|
74
|
+
@content = @content.dup
|
72
75
|
end
|
73
76
|
def transform(trans)
|
74
77
|
ret = self.dup
|
@@ -82,18 +85,18 @@ module Riddl
|
|
82
85
|
when 'add_after'
|
83
86
|
raise "TODO"
|
84
87
|
when 'add_as_first'
|
85
|
-
t = ret.content.root
|
88
|
+
t = ret.content.root
|
86
89
|
n = t.find("header[last()]").first
|
87
90
|
if n.nil?
|
88
91
|
m = t.find("*[not(header)]").first
|
89
92
|
if m.nil?
|
90
93
|
t.add(e.children)
|
91
|
-
else
|
94
|
+
else
|
92
95
|
m.add_before(e.children)
|
93
96
|
end
|
94
|
-
else
|
97
|
+
else
|
95
98
|
n.add_after(e.children)
|
96
|
-
end
|
99
|
+
end
|
97
100
|
when 'add_as_last'
|
98
101
|
ret.content.root.add(e.children)
|
99
102
|
ret.update_hash!
|
@@ -108,14 +111,14 @@ module Riddl
|
|
108
111
|
opt.add(node)
|
109
112
|
when 'header'
|
110
113
|
ret.content.find("header[@name=\"#{e.attributes['name']}\"]").delete_all!
|
111
|
-
end
|
114
|
+
end
|
112
115
|
else
|
113
116
|
case e.attributes['type']
|
114
117
|
when 'parameter', nil
|
115
118
|
ret.content.find("//parameter[first()]").delete_all!
|
116
119
|
when 'header'
|
117
120
|
ret.content.find("//header[first()]").delete_all!
|
118
|
-
end
|
121
|
+
end
|
119
122
|
end
|
120
123
|
when 'remove_last'
|
121
124
|
if e.attributes['name']
|
@@ -126,18 +129,18 @@ module Riddl
|
|
126
129
|
opt.add(node)
|
127
130
|
when 'header'
|
128
131
|
ret.content.find("header[@name=\"#{e.attributes['name']}\"]").delete_all!
|
129
|
-
end
|
132
|
+
end
|
130
133
|
else
|
131
134
|
case e.attributes['type']
|
132
135
|
when 'parameter', nil
|
133
136
|
ret.content.find("//parameter[last()]").delete_all!
|
134
137
|
when 'header'
|
135
138
|
ret.content.find("//header[last()]").delete_all!
|
136
|
-
end
|
139
|
+
end
|
137
140
|
end
|
138
|
-
end
|
139
|
-
end
|
140
|
-
end
|
141
|
+
end
|
142
|
+
end
|
143
|
+
end
|
141
144
|
return ret
|
142
145
|
end
|
143
146
|
#}}}
|
data/riddl.gemspec
CHANGED
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: riddl
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.99.
|
4
|
+
version: 0.99.258
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Juergen 'eTM' Mangler
|
@@ -10,7 +10,7 @@ authors:
|
|
10
10
|
autorequire:
|
11
11
|
bindir: tools
|
12
12
|
cert_chain: []
|
13
|
-
date: 2018-01-
|
13
|
+
date: 2018-01-16 00:00:00.000000000 Z
|
14
14
|
dependencies:
|
15
15
|
- !ruby/object:Gem::Dependency
|
16
16
|
name: xml-smart
|
@@ -347,6 +347,7 @@ files:
|
|
347
347
|
- examples/library/rngs/list-of-loans.rng
|
348
348
|
- examples/library/server.rb
|
349
349
|
- examples/library/static/info.txt
|
350
|
+
- examples/library/test
|
350
351
|
- examples/notifications/implementation/index.html
|
351
352
|
- examples/notifications/implementation/juergen.html
|
352
353
|
- examples/notifications/implementation/oliver.html
|
@@ -442,8 +443,6 @@ files:
|
|
442
443
|
- lib/ruby/riddl/utils/notifications_producer.rb
|
443
444
|
- lib/ruby/riddl/utils/oauth2-helper.rb
|
444
445
|
- lib/ruby/riddl/utils/oauth2-univie.rb
|
445
|
-
- lib/ruby/riddl/utils/oauth2-univie.rb.orig
|
446
|
-
- lib/ruby/riddl/utils/oauth2-univie.rb.rej
|
447
446
|
- lib/ruby/riddl/utils/properties.rb
|
448
447
|
- lib/ruby/riddl/utils/turtle.rb
|
449
448
|
- lib/ruby/riddl/utils/xmlserve.rb
|
@@ -514,18 +513,18 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
514
513
|
version: '0'
|
515
514
|
requirements: []
|
516
515
|
rubyforge_project:
|
517
|
-
rubygems_version: 2.
|
516
|
+
rubygems_version: 2.6.6
|
518
517
|
signing_key:
|
519
518
|
specification_version: 4
|
520
519
|
summary: 'restful interface description and declaration language: tools and client/server
|
521
520
|
libs'
|
522
521
|
test_files:
|
523
|
-
- test/tc_websocket.rb
|
524
|
-
- test/tc_producer.rb
|
525
|
-
- test/tc_helloworld.rb
|
526
|
-
- test/tc_declaration-local.rb
|
527
522
|
- test/tc_properties.rb
|
528
|
-
- test/tc_library.rb
|
529
523
|
- test/tc_declaration-hybrid.rb
|
524
|
+
- test/tc_declaration-local.rb
|
525
|
+
- test/tc_helloworld.rb
|
526
|
+
- test/tc_library.rb
|
530
527
|
- test/tc_declaration-distributed.rb
|
528
|
+
- test/tc_websocket.rb
|
529
|
+
- test/tc_producer.rb
|
531
530
|
- test/smartrunner.rb
|
@@ -1,166 +0,0 @@
|
|
1
|
-
require File.expand_path(File.dirname(__FILE__) + '/oauth2-helper')
|
2
|
-
|
3
|
-
module Riddl
|
4
|
-
module Utils
|
5
|
-
module OAuth2
|
6
|
-
|
7
|
-
module UnivieBearer
|
8
|
-
class CheckAuth < Riddl::Implementation
|
9
|
-
def response
|
10
|
-
client_id = @a[0]
|
11
|
-
client_secret = @a[1]
|
12
|
-
access_tokens = @a[2]
|
13
|
-
if @h['AUTHORIZATION']
|
14
|
-
token = @h['AUTHORIZATION'].sub(/^Bearer /, '')
|
15
|
-
|
16
|
-
data, _, signature = token.rpartition '.'
|
17
|
-
expected_sign = Riddl::Utils::OAuth2::Helper::sign(client_id + ':' + client_secret, data)
|
18
|
-
|
19
|
-
if !access_tokens.key? token
|
20
|
-
@status = 403
|
21
|
-
return Riddl::Parameter::Complex.new('data', 'application/json', {
|
22
|
-
:error => 'Unknown token'
|
23
|
-
}.to_json)
|
24
|
-
elsif signature != expected_sign
|
25
|
-
@status = 403
|
26
|
-
return Riddl::Parameter::Complex.new('data', 'application/json', {
|
27
|
-
:error => 'Invalid token, you bad boy'
|
28
|
-
}.to_json)
|
29
|
-
end
|
30
|
-
|
31
|
-
header_claims, payload_claims = data.split('.').map { |v| Base64::urlsafe_decode64 v }
|
32
|
-
payload_claims = JSON::parse payload_claims
|
33
|
-
|
34
|
-
if header_claims != Riddl::Utils::OAuth2::Helper::header
|
35
|
-
@status = 401
|
36
|
-
return Riddl::Parameter::Complex.new('data', 'application/json', {
|
37
|
-
:error => 'Invalid header claims'
|
38
|
-
}.to_json)
|
39
|
-
elsif payload_claims['exp'] <= Time.now.to_i
|
40
|
-
@status = 403
|
41
|
-
return Riddl::Parameter::Complex.new('data', 'application/json', {
|
42
|
-
:error => 'Expired token'
|
43
|
-
}.to_json)
|
44
|
-
elsif !payload_claims['aud'].split(',').map(&:strip).include? client_id
|
45
|
-
# XXX: ein token für mehrere clients gültig? lookup?
|
46
|
-
@status = 403
|
47
|
-
return Riddl::Parameter::Complex.new('data', 'application/json', {
|
48
|
-
:error => 'Token is not valid for this application'
|
49
|
-
}.to_json)
|
50
|
-
end
|
51
|
-
|
52
|
-
@headers << Riddl::Header.new('AUTHORIZATION_BEARER', access_tokens.get(token))
|
53
|
-
end
|
54
|
-
|
55
|
-
@p
|
56
|
-
end
|
57
|
-
end
|
58
|
-
end
|
59
|
-
|
60
|
-
module UnivieApp
|
61
|
-
def self::implementation(client_id, client_secret, access_tokens, refresh_tokens, codes, adur, rdur)
|
62
|
-
Proc.new do
|
63
|
-
run UnivieBearer::CheckAuth, client_id, client_secret, access_tokens if get 'check'
|
64
|
-
on resource 'verify' do
|
65
|
-
run VerifyIdentity, access_tokens, refresh_tokens, codes, client_id, client_secret, adur, rdur if post 'verify_in'
|
66
|
-
end
|
67
|
-
on resource 'token' do
|
68
|
-
run RefreshToken, access_tokens, refresh_tokens, client_id, client_secret, adur, rdur if post 'refresh_token_in'
|
69
|
-
end
|
70
|
-
on resource 'revoke' do
|
71
|
-
run RevokeFlow, access_tokens, refresh_tokens, codes if delete 'revoke_in'
|
72
|
-
end
|
73
|
-
end
|
74
|
-
end
|
75
|
-
|
76
|
-
class VerifyIdentity < Riddl::Implementation
|
77
|
-
def response
|
78
|
-
code = Base64::urlsafe_decode64 @p[0].value
|
79
|
-
access_tokens = @a[0]
|
80
|
-
refresh_tokens = @a[1]
|
81
|
-
codes = @a[2]
|
82
|
-
client_id = @a[3]
|
83
|
-
client_secret = @a[4]
|
84
|
-
adur = @a[5]
|
85
|
-
rdur = @a[6]
|
86
|
-
client_pass = "#{client_id}:#{client_secret}"
|
87
|
-
|
88
|
-
user_id, decrypted = Riddl::Utils::OAuth2::Helper::decrypt_with_shared_secret(code, client_pass).split(':', 2) rescue [nil,nil]
|
89
|
-
if user_id.nil?
|
90
|
-
@status = 403
|
91
|
-
return Riddl::Parameter::Complex.new('data', 'application/json', {
|
92
|
-
:error => 'Code invalid. Client_id or client_secret not suitable for decryption.'
|
93
|
-
}.to_json)
|
94
|
-
else
|
95
|
-
token, refresh_token = Riddl::Utils::OAuth2::Helper::generate_optimistic_token(client_id, client_pass, adur, rdur)
|
96
|
-
codes.set(code, refresh_token, rdur)
|
97
|
-
access_tokens.set(token, user_id, rdur) # not adur, to identify expired access tokens
|
98
|
-
refresh_tokens.set(refresh_token, token, rdur)
|
99
|
-
|
100
|
-
json_response = {
|
101
|
-
:access_token => token,
|
102
|
-
:refresh_token => refresh_token,
|
103
|
-
:code => Base64.urlsafe_encode64(decrypted),
|
104
|
-
:user_id => user_id
|
105
|
-
}.to_json
|
106
|
-
|
107
|
-
Riddl::Parameter::Complex.new('data', 'application/json', json_response)
|
108
|
-
end
|
109
|
-
end
|
110
|
-
end
|
111
|
-
|
112
|
-
class RevokeFlow < Riddl::Implementation
|
113
|
-
def response
|
114
|
-
code = Base64::urlsafe_decode64 @p[0].value
|
115
|
-
access_tokens = @a[0]
|
116
|
-
refresh_tokens = @a[1]
|
117
|
-
codes = @a[2]
|
118
|
-
|
119
|
-
rt = codes.delete(code)
|
120
|
-
at = refresh_tokens.delete(rt)
|
121
|
-
access_tokens.delete(at)
|
122
|
-
end
|
123
|
-
end
|
124
|
-
|
125
|
-
class RefreshToken < Riddl::Implementation
|
126
|
-
def response
|
127
|
-
refresh_token = @p[1].value
|
128
|
-
access_tokens = @a[0]
|
129
|
-
refresh_tokens = @a[1]
|
130
|
-
client_id = @a[2]
|
131
|
-
client_secret = @a[3]
|
132
|
-
adur = @a[4]
|
133
|
-
rdur = @a[5]
|
134
|
-
|
135
|
-
token, _ = refresh_token.split '.'
|
136
|
-
token_data = JSON::parse(Base64::urlsafe_decode64 token)
|
137
|
-
|
138
|
-
if token_data['iss'] != client_id
|
139
|
-
@status = 401
|
140
|
-
return Riddl::Parameter::Complex.new('data', 'application/json', {
|
141
|
-
:error => 'Token must be refreshed by issuer.'
|
142
|
-
}.to_json)
|
143
|
-
elsif !refresh_tokens.key?(refresh_token) || token_data['exp'] <= Time.now.to_i
|
144
|
-
@status = 403
|
145
|
-
puts "i dont know #{refresh_token}", "#{refresh_tokens.get(refresh_token)}"
|
146
|
-
return Riddl::Parameter::Complex.new('data', 'application/json', {
|
147
|
-
:error => 'Invalid refresh token.'
|
148
|
-
}.to_json)
|
149
|
-
end
|
150
|
-
|
151
|
-
old_token = refresh_tokens.get(refresh_token)
|
152
|
-
user = access_tokens.delete old_token
|
153
|
-
|
154
|
-
token = Riddl::Utils::OAuth2::Helper::generate_access_token(client_id, client_id + ':' + client_secret, adur)
|
155
|
-
|
156
|
-
access_tokens.set(token,user,rdur) # not adur, to identify expired access tokens
|
157
|
-
refresh_tokens.set(refresh_token, token)
|
158
|
-
|
159
|
-
Riddl::Parameter::Complex.new('data', 'application/json', { :token => token }.to_json)
|
160
|
-
end
|
161
|
-
end
|
162
|
-
end
|
163
|
-
|
164
|
-
end
|
165
|
-
end
|
166
|
-
end
|