riddl 0.99.233 → 0.99.234

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: e023417dff45880c13899fa20a9949376f27317a
4
- data.tar.gz: 323810c54386ca0dca442962ef57288ab5e75cf4
3
+ metadata.gz: 2ca93248adde70b071655d4b0216f00511496271
4
+ data.tar.gz: 49324eeeafb669bd4b2090d312cd91ef332d172d
5
5
  SHA512:
6
- metadata.gz: d49f600293f1ce6dec1313530b2adad6358892faddf5459ab24e014d9e11ddd5fc4e645378b43daa1d6cd17c0966708ff541035eb9f01c08760baa240fae0936
7
- data.tar.gz: 4070c96163be8524ff934a0c203cc42609ca55721bea2534074254c3f4ed94b03498aaec78e9881546c069d59618fc4997658219f2be88ff5b4e8e9b4158bad0
6
+ metadata.gz: ada3aebb57578cd169a84710b8ef75bb6d4c7d73ab6cb864e0ab54349088fff60c3bdf90f7fcc9a9f5ed910cc0d458c79fbe65f4c787b857b05bd39184f44433
7
+ data.tar.gz: 1101e2de3121e467205694db830536b1c977e03484b2e824cafc0ecb10d2f04ecc96bd4743f1f7759c708034ddceaa2c9af7bcf4c3d3085fdfc759f3b03ddd92
@@ -50,8 +50,9 @@ module Riddl
50
50
  end
51
51
 
52
52
  def delete(key)
53
- value = @redis.get key
53
+ value = nil
54
54
  @redis.multi do
55
+ value = @redis.get key
55
56
  @redis.del key
56
57
  @redis.del value
57
58
  end
@@ -59,9 +60,10 @@ module Riddl
59
60
  end
60
61
 
61
62
  def delete_by_value(value)
63
+ key = nil
62
64
  value = value.is_a?(String) ? value.to_s : (JSON::generate(value) rescue {})
63
- key = @redis.get value
64
65
  @redis.multi do
66
+ key = @redis.get value
65
67
  @redis.del key
66
68
  @redis.del value
67
69
  end
@@ -3,65 +3,65 @@ require File.expand_path(File.dirname(__FILE__) + '/oauth2-helper')
3
3
  module Riddl
4
4
  module Utils
5
5
  module OAuth2
6
-
6
+
7
7
  module UnivieBearer
8
8
  def self::implementation(client_id, client_secret, access_tokens)
9
9
  Proc.new do
10
- run CheckAuth, client_id, client_secret, access_tokens if get
10
+ run CheckAuth, client_id, client_secret, access_tokens if get
11
11
  end
12
- end
13
-
14
- class CheckAuth < Riddl::Implementation
15
- def response
16
- client_id = @a[0]
17
- client_secret = @a[1]
18
- access_tokens = @a[2]
19
- if @h['AUTHORIZATION']
20
- token = @h['AUTHORIZATION'].sub(/^Bearer /, '')
21
-
22
- data, _, signature = token.rpartition '.'
23
- expected_sign = Riddl::Utils::OAuth2::Helper::sign(client_id + ':' + client_secret, data)
24
-
25
- if !access_tokens.key? token
26
- @status = 403
27
- return Riddl::Parameter::Complex.new('data', 'application/json', {
28
- :error => 'Unknown token'
29
- }.to_json)
30
- elsif signature != expected_sign
31
- @status = 403
32
- return Riddl::Parameter::Complex.new('data', 'application/json', {
33
- :error => 'Invalid token, you bad boy'
34
- }.to_json)
35
- end
36
-
37
- header_claims, payload_claims = data.split('.').map { |v| Base64::urlsafe_decode64 v }
38
- payload_claims = JSON::parse payload_claims
39
-
40
- if header_claims != Riddl::Utils::OAuth2::Helper::header
41
- @status = 401
42
- return Riddl::Parameter::Complex.new('data', 'application/json', {
43
- :error => 'Invalid header claims'
44
- }.to_json)
45
- elsif payload_claims['exp'] <= Time.now.to_i
46
- @status = 403
47
- return Riddl::Parameter::Complex.new('data', 'application/json', {
48
- :error => 'Expired token'
49
- }.to_json)
50
- elsif !payload_claims['aud'].split(',').map(&:strip).include? client_id
51
- # XXX: ein token für mehrere clients gültig? lookup?
52
- @status = 403
53
- return Riddl::Parameter::Complex.new('data', 'application/json', {
54
- :error => 'Token is not valid for this application'
55
- }.to_json)
56
- end
57
-
58
- @headers << Riddl::Header.new('AUTHORIZATION_BEARER', access_tokens.get(token))
59
- end
60
-
61
- @p
62
- end
63
- end
64
- end
12
+ end
13
+
14
+ class CheckAuth < Riddl::Implementation
15
+ def response
16
+ client_id = @a[0]
17
+ client_secret = @a[1]
18
+ access_tokens = @a[2]
19
+ if @h['AUTHORIZATION']
20
+ token = @h['AUTHORIZATION'].sub(/^Bearer /, '')
21
+
22
+ data, _, signature = token.rpartition '.'
23
+ expected_sign = Riddl::Utils::OAuth2::Helper::sign(client_id + ':' + client_secret, data)
24
+
25
+ if !access_tokens.key? token
26
+ @status = 403
27
+ return Riddl::Parameter::Complex.new('data', 'application/json', {
28
+ :error => 'Unknown token'
29
+ }.to_json)
30
+ elsif signature != expected_sign
31
+ @status = 403
32
+ return Riddl::Parameter::Complex.new('data', 'application/json', {
33
+ :error => 'Invalid token, you bad boy'
34
+ }.to_json)
35
+ end
36
+
37
+ header_claims, payload_claims = data.split('.').map { |v| Base64::urlsafe_decode64 v }
38
+ payload_claims = JSON::parse payload_claims
39
+
40
+ if header_claims != Riddl::Utils::OAuth2::Helper::header
41
+ @status = 401
42
+ return Riddl::Parameter::Complex.new('data', 'application/json', {
43
+ :error => 'Invalid header claims'
44
+ }.to_json)
45
+ elsif payload_claims['exp'] <= Time.now.to_i
46
+ @status = 403
47
+ return Riddl::Parameter::Complex.new('data', 'application/json', {
48
+ :error => 'Expired token'
49
+ }.to_json)
50
+ elsif !payload_claims['aud'].split(',').map(&:strip).include? client_id
51
+ # XXX: ein token für mehrere clients gültig? lookup?
52
+ @status = 403
53
+ return Riddl::Parameter::Complex.new('data', 'application/json', {
54
+ :error => 'Token is not valid for this application'
55
+ }.to_json)
56
+ end
57
+
58
+ @headers << Riddl::Header.new('AUTHORIZATION_BEARER', access_tokens.get(token))
59
+ end
60
+
61
+ @p
62
+ end
63
+ end
64
+ end
65
65
 
66
66
  module UnivieApp
67
67
  def self::implementation(client_id, client_secret, access_tokens, refresh_tokens, adur, rdur)
@@ -77,7 +77,7 @@ module Riddl
77
77
  run RevokeUserFlow, access_tokens, refresh_tokens if get 'revoke_user_in'
78
78
  end
79
79
  end
80
- end
80
+ end
81
81
 
82
82
  class VerifyIdentity < Riddl::Implementation
83
83
  def response
@@ -88,20 +88,27 @@ module Riddl
88
88
  client_secret = @a[3]
89
89
  adur = @a[4]
90
90
  rdur = @a[5]
91
+ client_pass = "#{client_id}:#{client_secret}"
91
92
 
92
- client_pass = "#{client_id}:#{client_secret}"
93
- user_id, decrypted = Riddl::Utils::OAuth2::Helper::decrypt_with_shared_secret(code, client_pass).split(':', 2)
94
- token, refresh_token = Riddl::Utils::OAuth2::Helper::generate_optimistic_token(client_id, client_pass, adur, rdur)
95
- access_tokens.set(token, user_id, adur)
96
- refresh_tokens.set(refresh_token, token, rdur)
97
-
98
- json_response = {
99
- :access_token => token,
100
- :refresh_token => refresh_token,
101
- :code => Base64.urlsafe_encode64(decrypted)
102
- }.to_json
103
-
104
- Riddl::Parameter::Complex.new('data', 'application/json', json_response)
93
+ user_id, decrypted = Riddl::Utils::OAuth2::Helper::decrypt_with_shared_secret(code, client_pass).split(':', 2) rescue [nil,nil]
94
+ if user_id.nil?
95
+ @status = 403
96
+ return Riddl::Parameter::Complex.new('data', 'application/json', {
97
+ :error => 'Code invalid. Client_id or client_secret not suitable for decryption.'
98
+ }.to_json)
99
+ else
100
+ token, refresh_token = Riddl::Utils::OAuth2::Helper::generate_optimistic_token(client_id, client_pass, adur, rdur)
101
+ access_tokens.set(token, user_id, adur)
102
+ refresh_tokens.set(refresh_token, token, rdur)
103
+
104
+ json_response = {
105
+ :access_token => token,
106
+ :refresh_token => refresh_token,
107
+ :code => Base64.urlsafe_encode64(decrypted)
108
+ }.to_json
109
+
110
+ Riddl::Parameter::Complex.new('data', 'application/json', json_response)
111
+ end
105
112
  end
106
113
  end
107
114
 
@@ -166,6 +173,6 @@ module Riddl
166
173
  end
167
174
  end
168
175
 
169
- end
170
- end
176
+ end
177
+ end
171
178
  end
@@ -1,6 +1,6 @@
1
1
  Gem::Specification.new do |s|
2
2
  s.name = "riddl"
3
- s.version = "0.99.233"
3
+ s.version = "0.99.234"
4
4
  s.platform = Gem::Platform::RUBY
5
5
  s.license = "LGPL-3"
6
6
  s.summary = "restful interface description and declaration language: tools and client/server libs"
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: riddl
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.99.233
4
+ version: 0.99.234
5
5
  platform: ruby
6
6
  authors:
7
7
  - Juergen 'eTM' Mangler