RubyGems - riddl - Versions diffs - 0.99.219 → 0.99.220 - Mend

riddl 0.99.219 → 0.99.220

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (5) hide show

checksums.yaml +4 -4
data/lib/ruby/riddl/utils/oauth2-helper.rb +29 -23
data/lib/ruby/riddl/utils/oauth2-univie.rb +20 -22
data/riddl.gemspec +1 -1
metadata +1 -1

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: f5a7fd98e32be12a9b153657c3959ac670be0e3f
-  data.tar.gz: d743380ae7ebab04a1c4d8ddcdb1d3acfdb156c9
+  metadata.gz: ce47165e288d9448eecdc4ceff488af317a1458f
+  data.tar.gz: 16e22cc288618e8c91e4f01dea79c316321e57f4
 SHA512:
-  metadata.gz: a1e1424f7bb9820af80dbfe314071f8a9f81584eb7ee13579c5571e0bcb63909a506f6c5ed12f9d78372bc1e8233dc5ce7f37fce2b273801faf029f2557ffc86
-  data.tar.gz: 454f78db0320ad93dece4b885ec3796ae267f40cad9f3061d5fe9676658a983624bb49d93e28ad05b7f5b9bc1acf9fc20bbd74bbd3a9054825ea8957992db0f3
+  metadata.gz: a4cccae7cfedfe0c4e76139c73a5b130961b11050a0bb10434f0048131159a0878b968899f42d38a7bf65c1678482be28d6e237b9432cd656e4052b4e5ba9ecc
+  data.tar.gz: 533e699f9267e98379440f9a13bf0379aeed2f847360388df3998083398fcd7d0ad9e517b2c60ea5d7685c324edc3719381aed6c3752d53b7fba36ca33819e04

data/lib/ruby/riddl/utils/oauth2-helper.rb CHANGED Viewed

@@ -15,16 +15,16 @@ module Riddl
             read
           end
-          def [](name)
+          def get(name,valuem,dur)
             read if changed != @changed
             @tokens[name]
           end
-          def method_missing(name,*opts)
-            @tokens.send(name,*opts)
+          def key?(key)
+            @tokens.key?(key)
           end
-          def []=(name,value)
+          def set(name,value,dur)
             @tokens[name] = value
             write
             nil
@@ -38,6 +38,7 @@ module Riddl
               write
             end
           end
+          private :changed
           def write
             EM.defer {
@@ -72,40 +73,45 @@ module Riddl
           }.to_json
         end #}}}
-        def self::nonce
-          SecureRandom::hex(32)
-        end
-        def self::payload(client_id) #{{{
+        def self::access_payload(client_id, dur) #{{{
           {
             :iss => client_id,
             :sub => nonce,
             :aud => client_id,
-            :exp => Time.now.to_i + 3600
+            :exp => Time.now.to_i + dur
           }.to_json
         end #}}}
+        def self::refresh_payload(client_id, dur) #{{{
+          {
+            :iss => client_id,
+            :sub => nonce,
+            :exp => Time.now.to_i + dur
+          }.to_json
+        end #}}}
+        def self::nonce #{{{
+          SecureRandom::hex(32)
+        end #}}}
         def self::sign(secret, what) #{{{
           Base64::urlsafe_encode64 OpenSSL::HMAC.digest(OpenSSL::Digest.new('sha256'), secret, what)
         end #}}}
-        def self::make_access_token(client_id, secret)# {{{
+        def self::generate_access_token(client_id, secret, dur)# {{{
           h = Base64::urlsafe_encode64 header
-          p = Base64::urlsafe_encode64 payload(client_id)
+          p = Base64::urlsafe_encode64 access_payload(client_id,dur)
           s = sign(secret, "#{h}.#{p}")
           "#{h}.#{p}.#{s}"
         end# }}}
-        def self::make_refresh_token(client_id, secret) # {{{
-          token = Base64::urlsafe_encode64({
-            :iss => client_id,
-            :sub => nonce,
-            :exp => Time.now.to_i + 7.884e6
-          }.to_json)
-          "#{token}.#{sign(secret,token)}"
+        def self::generate_refresh_token(client_id, secret, dur) # {{{
+          p = Base64::urlsafe_encode64 refresh_payload(client_id,dur)
+          s = sign(secret, p)
+          "#{p}.#{s}"
         end# }}}
-        def self::generate_optimistic_token(client_id, secret) #{{{
-          t = make_access_token(client_id, secret)
-          r = make_refresh_token(client_id, secret)
+        def self::generate_optimistic_token(client_id, secret, adur, rdur) #{{{
+          t = generate_access_token(client_id, secret, adur)
+          r = generate_refresh_token(client_id, secret, rdur)
           [t, r]
         end #}}}
@@ -130,7 +136,7 @@ module Riddl
           cipher.key = key
           cipher.iv = iv
-           Base64::urlsafe_encode64(iv + cipher.update(data) + cipher.final) rescue nil
+          Base64::urlsafe_encode64(iv + cipher.update(data) + cipher.final) rescue nil
         end #}}}
       end
     end

data/lib/ruby/riddl/utils/oauth2-univie.rb CHANGED Viewed

@@ -6,9 +6,6 @@ module Riddl
       module UnivieBearer
         def self::implementation(client_id, client_secret, access_tokens)
-          unless access_tokens.is_a?(Riddl::Utils::OAuth2::Helper::Tokens) && client_id.is_a?(String) && client_secret.is_a?(String)
-            raise "client_id, client_secret or token storage not available."
-          end
           Proc.new do
 						run CheckAuth, client_id, client_secret, access_tokens if get
           end
@@ -67,16 +64,13 @@ module Riddl
 			end
       module UnivieApp
-        def self::implementation(client_id, client_secret, access_tokens, refresh_tokens)
-          unless access_tokens.is_a?(Riddl::Utils::OAuth2::Helper::Tokens) && refresh_tokens.is_a?(Riddl::Utils::OAuth2::Helper::Tokens) && client_id.is_a?(String) && client_secret.is_a?(String)
-            raise "client_id, client_secret or token storage not available."
-          end
+        def self::implementation(client_id, client_secret, access_tokens, refresh_tokens, adur, rdur)
           Proc.new do
             on resource 'verify' do
-              run VerifyIdentity, access_tokens, refresh_tokens, client_id, client_secret if post 'verify_in'
+              run VerifyIdentity, access_tokens, refresh_tokens, client_id, client_secret, adur, rdur if post 'verify_in'
             end
             on resource 'token' do
-              run RefreshToken, access_tokens, refresh_tokens, client_id, client_secret if post 'refresh_token_in'
+              run RefreshToken, access_tokens, refresh_tokens, client_id, client_secret, adur, rdur if post 'refresh_token_in'
             end
             on resource 'revoke' do
               run RevokeTokenFlow, access_tokens, refresh_tokens if get 'revoke_token_in'
@@ -88,16 +82,18 @@ module Riddl
         class VerifyIdentity < Riddl::Implementation
           def response
             code = Base64::urlsafe_decode64 @p[0].value
-            access_tokens = @a[0]
+            access_tokens  = @a[0]
             refresh_tokens = @a[1]
-            client_id = @a[2]
-            client_secret = @a[3]
+            client_id      = @a[2]
+            client_secret  = @a[3]
+            adur           = @a[4]
+            rdur           = @a[5]
             client_pass   = "#{client_id}:#{client_secret}"
             user_id, decrypted            = Riddl::Utils::OAuth2::Helper::decrypt_with_shared_secret(code, client_pass).split(':', 2)
-            token, refresh_token          = Riddl::Utils::OAuth2::Helper::generate_optimistic_token(client_id, client_pass)
-            access_tokens[token]          = user_id
-            refresh_tokens[refresh_token] = token
+            token, refresh_token          = Riddl::Utils::OAuth2::Helper::generate_optimistic_token(client_id, client_pass, adur, rdur)
+            access_tokens.set(token, user_id, adur)
+            refresh_tokens.set(refresh_token, token, rdur)
             json_response = {
               :access_token => token,
@@ -133,11 +129,13 @@ module Riddl
         class RefreshToken < Riddl::Implementation
           def response
-            refresh_token = @p[1].value
-            access_tokens = @a[0]
+            refresh_token  = @p[1].value
+            access_tokens  = @a[0]
             refresh_tokens = @a[1]
-            client_id = @a[2]
-            client_secret = @a[3]
+            client_id      = @a[2]
+            client_secret  = @a[3]
+            adur           = @a[4]
+            rdur           = @a[5]
             token, _ = refresh_token.split '.'
             token_data = JSON::parse(Base64::urlsafe_decode64 token)
@@ -158,10 +156,10 @@ module Riddl
             old_token = refresh_tokens[refresh_token]
             user = access_tokens.delete old_token
-            token = Riddl::Utils::OAuth2::Helper::make_access_token(client_id, client_id + ':' + client_secret)
+            token = Riddl::Utils::OAuth2::Helper::generate_access_token(client_id, client_id + ':' + client_secret, adur)
-            refresh_tokens[refresh_token] = token
-            access_tokens[token] = user
+            access_tokens.set(token,user,adur)
+            refresh_tokens.set(refresh_token, token, rdur)
             Riddl::Parameter::Complex.new('data', 'application/json', { :token => token }.to_json)
           end

data/riddl.gemspec CHANGED Viewed

@@ -1,6 +1,6 @@
 Gem::Specification.new do |s|
   s.name             = "riddl"
-  s.version          = "0.99.219"
+  s.version          = "0.99.220"
   s.platform         = Gem::Platform::RUBY
   s.license          = "LGPL-3"
   s.summary          = "restful interface description and declaration language: tools and client/server libs"

metadata CHANGED Viewed

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: riddl
 version: !ruby/object:Gem::Version
-  version: 0.99.219
+  version: 0.99.220
 platform: ruby
 authors:
 - Juergen 'eTM' Mangler