RubyGems - selfsdk - Versions diffs - 0.0.129 → 0.0.130 - Mend

selfsdk 0.0.129 → 0.0.130

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (6) hide show

checksums.yaml CHANGED

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 7ba1c83bef5db464131c2343e7f81500c1e5175fd9f740b7563dad90613dd73c
-  data.tar.gz: 12c89161d2837b4f6dba855b43bd554fcb6380dbd207fe7482e9f9fcef4d8493
+  metadata.gz: 8cd8bbeabc6798771630833d0ee6f9225b7ea5bbfda2b9df6cfd3e4cea609dd6
+  data.tar.gz: dbd4e84bb35285e6d75214a132c4169e480d47c1579a8eccb0e4616cab1b6b40
 SHA512:
-  metadata.gz: bd1a8234d5d4ba9ef9589ed41e2a60e9313aa2ba45d3de46f428db95e716125dc9213dff852025643e2c1bafc9342cb3e823eb435e3ed903947161d08c9252bb
-  data.tar.gz: 52c50572cf2587106fb160b3042faeb8c129d2bc35d8df9ee6a29a1b7617af7723be54a16b43190c774ed93a4d694a0cfacc85e0882b5867229f8fdd0ce0c390
+  metadata.gz: b92d9445e7ea43168cba6bf7ba9634a98e51626bd64dd2562309e9ca483363c2eab5e9090802d8afe686aeca45dca9a1d8b8384f240037de5d1aa9b3d6627cb8
+  data.tar.gz: 49d29af17a720257dff8fe2844feea27875e8ef1403959b9340d4a6f3f3e6d0e3f836b1f4a5e2a704ef9e9566e04dbcb1301f44fd34401c81b4be2a765cf726b

data/lib/jwt_service.rb CHANGED

@@ -71,7 +71,9 @@ module SelfSDK
       if verify_key.verify(decode(payload[:signature]), "#{payload[:protected]}.#{payload[:payload]}")
         return true
       end
-    rescue StandardError
+      false
+    rescue StandardError => e
+      SelfSDK.logger.info e
       false
     end

data/lib/messages/base.rb CHANGED

@@ -78,9 +78,9 @@ module SelfSDK
         payload
       end
-      def verify!(jwt, kid)
+      def verify!(input, kid)
         k = @client.public_key(@from, kid).raw_public_key
-        return if @jwt.verify(jwt, k)
+        return if @jwt.verify(input, k)
         SelfSDK.logger.info "skipping message, invalid signature"
         raise ::StandardError.new("invalid signature on incoming message")

data/lib/services/auth.rb CHANGED

@@ -115,6 +115,7 @@ module SelfSDK
       def valid_payload(response)
         parse_payload(response)
       rescue StandardError => e
+        SelfSDK.logger.error e
         uuid = ""
         uuid = response[:cid] unless response.nil?
         SelfSDK.logger.error "error checking authentication for #{uuid} : #{e.message}"
@@ -153,10 +154,7 @@ module SelfSDK
         identity = @client.entity(payload[:sub])
         return if identity.nil?
-        identity[:public_keys].each do |key|
-          return payload if @client.jwt.verify(jws, key[:key])
-        end
-        nil
+        return payload
       end
     end
   end

data/lib/signature_graph.rb CHANGED

@@ -9,7 +9,7 @@ module SelfSDK
   ACTION_REVOKE = "key.revoke"
   KEY_TYPE_DEVICE = "device.key"
   KEY_TYPE_RECOVERY = "recovery.key"
   class Operation
     attr_reader :sequence, :previous, :timestamp, :actions, :signing_key, :jws
@@ -46,7 +46,7 @@ module SelfSDK
     def revokes(kid)
       @actions.each do |action|
         if action[:kid] == kid && action[:action] == ACTION_REVOKE
-          return true
+          return true
         end
       end
       return false
@@ -64,8 +64,8 @@ module SelfSDK
       @created = action[:from]
       @revoked = 0
-      @raw_public_key = Base64.urlsafe_decode64(action[:key])
-      @public_key = Ed25519::VerifyKey.new(@raw_public_key)
+      @raw_public_key = action[:key]
+      @public_key = Ed25519::VerifyKey.new(Base64.urlsafe_decode64(@raw_public_key))
       @incoming = Array.new
       @outgoing = Array.new
@@ -104,7 +104,7 @@ module SelfSDK
       @recovery_key = nil
       history.each do |operation|
-        execute(operation)
+        execute(operation)
       end
     end
@@ -124,10 +124,10 @@ module SelfSDK
       op = Operation.new(operation)
       raise "operation sequence is out of order" if op.sequence != @operations.length
-      if op.sequence > 0
+      if op.sequence > 0
         if @signatures[op.previous] != op.sequence - 1
-          raise "operation previous signature does not match"
+          raise "operation previous signature does not match"
         end
         if @operations[op.sequence - 1].timestamp >= op.timestamp
@@ -135,7 +135,7 @@ module SelfSDK
         end
         sk = @keys[op.signing_key]
         raise "operation specifies a signing key that does not exist" if sk.nil?
         if sk.revoked? && op.timestamp > sk.revoked
@@ -144,7 +144,7 @@ module SelfSDK
         if sk.type == KEY_TYPE_RECOVERY && op.revokes(op.signing_key) != true
           raise "account recovery operation does not revoke the current active recovery key"
-        end
+        end
       end
       execute_actions(op)
@@ -154,7 +154,7 @@ module SelfSDK
       raise "operation specifies a signing key that does not exist" if sk.nil?
       if op.timestamp < sk.created || sk.revoked? && op.timestamp > sk.revoked
-        raise "operation was signed with a key that was revoked"
+        raise "operation was signed with a key that was revoked"
       end
       sig = Base64.urlsafe_decode64(op.jws[:signature])
@@ -198,9 +198,9 @@ module SelfSDK
         end
         if action[:from] < 0
-          raise "operation action does not provide a valid timestamp for the action to take effect from"
+          raise "operation action does not provide a valid timestamp for the action to take effect from"
         end
         case action[:action]
         when ACTION_ADD
           action[:from] = op.timestamp
@@ -213,7 +213,7 @@ module SelfSDK
     def add(operation, action)
       if @keys[action[:kid]].nil? != true
-        raise "operation contains a key with a duplicate identifier"
+        raise "operation contains a key with a duplicate identifier"
       end
       k = Key.new(action)
@@ -226,7 +226,7 @@ module SelfSDK
         end
       when KEY_TYPE_RECOVERY
         unless @recovery_key.nil?
-          raise "operation contains more than one active recovery key" unless @recovery_key.revoked?
+          raise "operation contains more than one active recovery key" unless @recovery_key.revoked?
         end
         @recovery_key = k
@@ -239,7 +239,7 @@ module SelfSDK
         @root = k
         return
       end
       parent = @keys[operation.signing_key]
       raise "operation specifies a signing key that does not exist" if parent.nil?
@@ -271,7 +271,7 @@ module SelfSDK
         return
       end
       k.child_keys.each do |ck|
         ck.revoke(action[:from]) unless ck.created < action[:from]
       end

metadata CHANGED

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: selfsdk
 version: !ruby/object:Gem::Version
-  version: 0.0.129
+  version: 0.0.130
 platform: ruby
 authors:
 - Aldgate Ventures