riddl 0.99.219 → 0.99.220

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: f5a7fd98e32be12a9b153657c3959ac670be0e3f
4
- data.tar.gz: d743380ae7ebab04a1c4d8ddcdb1d3acfdb156c9
3
+ metadata.gz: ce47165e288d9448eecdc4ceff488af317a1458f
4
+ data.tar.gz: 16e22cc288618e8c91e4f01dea79c316321e57f4
5
5
  SHA512:
6
- metadata.gz: a1e1424f7bb9820af80dbfe314071f8a9f81584eb7ee13579c5571e0bcb63909a506f6c5ed12f9d78372bc1e8233dc5ce7f37fce2b273801faf029f2557ffc86
7
- data.tar.gz: 454f78db0320ad93dece4b885ec3796ae267f40cad9f3061d5fe9676658a983624bb49d93e28ad05b7f5b9bc1acf9fc20bbd74bbd3a9054825ea8957992db0f3
6
+ metadata.gz: a4cccae7cfedfe0c4e76139c73a5b130961b11050a0bb10434f0048131159a0878b968899f42d38a7bf65c1678482be28d6e237b9432cd656e4052b4e5ba9ecc
7
+ data.tar.gz: 533e699f9267e98379440f9a13bf0379aeed2f847360388df3998083398fcd7d0ad9e517b2c60ea5d7685c324edc3719381aed6c3752d53b7fba36ca33819e04
@@ -15,16 +15,16 @@ module Riddl
15
15
  read
16
16
  end
17
17
 
18
- def [](name)
18
+ def get(name,valuem,dur)
19
19
  read if changed != @changed
20
20
  @tokens[name]
21
21
  end
22
22
 
23
- def method_missing(name,*opts)
24
- @tokens.send(name,*opts)
23
+ def key?(key)
24
+ @tokens.key?(key)
25
25
  end
26
26
 
27
- def []=(name,value)
27
+ def set(name,value,dur)
28
28
  @tokens[name] = value
29
29
  write
30
30
  nil
@@ -38,6 +38,7 @@ module Riddl
38
38
  write
39
39
  end
40
40
  end
41
+ private :changed
41
42
 
42
43
  def write
43
44
  EM.defer {
@@ -72,40 +73,45 @@ module Riddl
72
73
  }.to_json
73
74
  end #}}}
74
75
 
75
- def self::nonce
76
- SecureRandom::hex(32)
77
- end
78
-
79
- def self::payload(client_id) #{{{
76
+ def self::access_payload(client_id, dur) #{{{
80
77
  {
81
78
  :iss => client_id,
82
79
  :sub => nonce,
83
80
  :aud => client_id,
84
- :exp => Time.now.to_i + 3600
81
+ :exp => Time.now.to_i + dur
85
82
  }.to_json
86
83
  end #}}}
87
84
 
85
+ def self::refresh_payload(client_id, dur) #{{{
86
+ {
87
+ :iss => client_id,
88
+ :sub => nonce,
89
+ :exp => Time.now.to_i + dur
90
+ }.to_json
91
+ end #}}}
92
+
93
+ def self::nonce #{{{
94
+ SecureRandom::hex(32)
95
+ end #}}}
96
+
88
97
  def self::sign(secret, what) #{{{
89
98
  Base64::urlsafe_encode64 OpenSSL::HMAC.digest(OpenSSL::Digest.new('sha256'), secret, what)
90
99
  end #}}}
91
100
 
92
- def self::make_access_token(client_id, secret)# {{{
101
+ def self::generate_access_token(client_id, secret, dur)# {{{
93
102
  h = Base64::urlsafe_encode64 header
94
- p = Base64::urlsafe_encode64 payload(client_id)
103
+ p = Base64::urlsafe_encode64 access_payload(client_id,dur)
95
104
  s = sign(secret, "#{h}.#{p}")
96
105
  "#{h}.#{p}.#{s}"
97
106
  end# }}}
98
- def self::make_refresh_token(client_id, secret) # {{{
99
- token = Base64::urlsafe_encode64({
100
- :iss => client_id,
101
- :sub => nonce,
102
- :exp => Time.now.to_i + 7.884e6
103
- }.to_json)
104
- "#{token}.#{sign(secret,token)}"
107
+ def self::generate_refresh_token(client_id, secret, dur) # {{{
108
+ p = Base64::urlsafe_encode64 refresh_payload(client_id,dur)
109
+ s = sign(secret, p)
110
+ "#{p}.#{s}"
105
111
  end# }}}
106
- def self::generate_optimistic_token(client_id, secret) #{{{
107
- t = make_access_token(client_id, secret)
108
- r = make_refresh_token(client_id, secret)
112
+ def self::generate_optimistic_token(client_id, secret, adur, rdur) #{{{
113
+ t = generate_access_token(client_id, secret, adur)
114
+ r = generate_refresh_token(client_id, secret, rdur)
109
115
  [t, r]
110
116
  end #}}}
111
117
 
@@ -130,7 +136,7 @@ module Riddl
130
136
  cipher.key = key
131
137
  cipher.iv = iv
132
138
 
133
- Base64::urlsafe_encode64(iv + cipher.update(data) + cipher.final) rescue nil
139
+ Base64::urlsafe_encode64(iv + cipher.update(data) + cipher.final) rescue nil
134
140
  end #}}}
135
141
  end
136
142
  end
@@ -6,9 +6,6 @@ module Riddl
6
6
 
7
7
  module UnivieBearer
8
8
  def self::implementation(client_id, client_secret, access_tokens)
9
- unless access_tokens.is_a?(Riddl::Utils::OAuth2::Helper::Tokens) && client_id.is_a?(String) && client_secret.is_a?(String)
10
- raise "client_id, client_secret or token storage not available."
11
- end
12
9
  Proc.new do
13
10
  run CheckAuth, client_id, client_secret, access_tokens if get
14
11
  end
@@ -67,16 +64,13 @@ module Riddl
67
64
  end
68
65
 
69
66
  module UnivieApp
70
- def self::implementation(client_id, client_secret, access_tokens, refresh_tokens)
71
- unless access_tokens.is_a?(Riddl::Utils::OAuth2::Helper::Tokens) && refresh_tokens.is_a?(Riddl::Utils::OAuth2::Helper::Tokens) && client_id.is_a?(String) && client_secret.is_a?(String)
72
- raise "client_id, client_secret or token storage not available."
73
- end
67
+ def self::implementation(client_id, client_secret, access_tokens, refresh_tokens, adur, rdur)
74
68
  Proc.new do
75
69
  on resource 'verify' do
76
- run VerifyIdentity, access_tokens, refresh_tokens, client_id, client_secret if post 'verify_in'
70
+ run VerifyIdentity, access_tokens, refresh_tokens, client_id, client_secret, adur, rdur if post 'verify_in'
77
71
  end
78
72
  on resource 'token' do
79
- run RefreshToken, access_tokens, refresh_tokens, client_id, client_secret if post 'refresh_token_in'
73
+ run RefreshToken, access_tokens, refresh_tokens, client_id, client_secret, adur, rdur if post 'refresh_token_in'
80
74
  end
81
75
  on resource 'revoke' do
82
76
  run RevokeTokenFlow, access_tokens, refresh_tokens if get 'revoke_token_in'
@@ -88,16 +82,18 @@ module Riddl
88
82
  class VerifyIdentity < Riddl::Implementation
89
83
  def response
90
84
  code = Base64::urlsafe_decode64 @p[0].value
91
- access_tokens = @a[0]
85
+ access_tokens = @a[0]
92
86
  refresh_tokens = @a[1]
93
- client_id = @a[2]
94
- client_secret = @a[3]
87
+ client_id = @a[2]
88
+ client_secret = @a[3]
89
+ adur = @a[4]
90
+ rdur = @a[5]
95
91
 
96
92
  client_pass = "#{client_id}:#{client_secret}"
97
93
  user_id, decrypted = Riddl::Utils::OAuth2::Helper::decrypt_with_shared_secret(code, client_pass).split(':', 2)
98
- token, refresh_token = Riddl::Utils::OAuth2::Helper::generate_optimistic_token(client_id, client_pass)
99
- access_tokens[token] = user_id
100
- refresh_tokens[refresh_token] = token
94
+ token, refresh_token = Riddl::Utils::OAuth2::Helper::generate_optimistic_token(client_id, client_pass, adur, rdur)
95
+ access_tokens.set(token, user_id, adur)
96
+ refresh_tokens.set(refresh_token, token, rdur)
101
97
 
102
98
  json_response = {
103
99
  :access_token => token,
@@ -133,11 +129,13 @@ module Riddl
133
129
 
134
130
  class RefreshToken < Riddl::Implementation
135
131
  def response
136
- refresh_token = @p[1].value
137
- access_tokens = @a[0]
132
+ refresh_token = @p[1].value
133
+ access_tokens = @a[0]
138
134
  refresh_tokens = @a[1]
139
- client_id = @a[2]
140
- client_secret = @a[3]
135
+ client_id = @a[2]
136
+ client_secret = @a[3]
137
+ adur = @a[4]
138
+ rdur = @a[5]
141
139
 
142
140
  token, _ = refresh_token.split '.'
143
141
  token_data = JSON::parse(Base64::urlsafe_decode64 token)
@@ -158,10 +156,10 @@ module Riddl
158
156
  old_token = refresh_tokens[refresh_token]
159
157
  user = access_tokens.delete old_token
160
158
 
161
- token = Riddl::Utils::OAuth2::Helper::make_access_token(client_id, client_id + ':' + client_secret)
159
+ token = Riddl::Utils::OAuth2::Helper::generate_access_token(client_id, client_id + ':' + client_secret, adur)
162
160
 
163
- refresh_tokens[refresh_token] = token
164
- access_tokens[token] = user
161
+ access_tokens.set(token,user,adur)
162
+ refresh_tokens.set(refresh_token, token, rdur)
165
163
 
166
164
  Riddl::Parameter::Complex.new('data', 'application/json', { :token => token }.to_json)
167
165
  end
data/riddl.gemspec CHANGED
@@ -1,6 +1,6 @@
1
1
  Gem::Specification.new do |s|
2
2
  s.name = "riddl"
3
- s.version = "0.99.219"
3
+ s.version = "0.99.220"
4
4
  s.platform = Gem::Platform::RUBY
5
5
  s.license = "LGPL-3"
6
6
  s.summary = "restful interface description and declaration language: tools and client/server libs"
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: riddl
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.99.219
4
+ version: 0.99.220
5
5
  platform: ruby
6
6
  authors:
7
7
  - Juergen 'eTM' Mangler