selfsdk 0.0.129 → 0.0.130

Sign up to get free protection for your applications and to get access to all the features.
Files changed (6) hide show
  1. checksums.yaml +4 -4
  2. data/lib/jwt_service.rb +3 -1
  3. data/lib/messages/base.rb +2 -2
  4. data/lib/services/auth.rb +2 -4
  5. data/lib/signature_graph.rb +17 -17
  6. metadata +1 -1
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 7ba1c83bef5db464131c2343e7f81500c1e5175fd9f740b7563dad90613dd73c
4
- data.tar.gz: 12c89161d2837b4f6dba855b43bd554fcb6380dbd207fe7482e9f9fcef4d8493
3
+ metadata.gz: 8cd8bbeabc6798771630833d0ee6f9225b7ea5bbfda2b9df6cfd3e4cea609dd6
4
+ data.tar.gz: dbd4e84bb35285e6d75214a132c4169e480d47c1579a8eccb0e4616cab1b6b40
5
5
  SHA512:
6
- metadata.gz: bd1a8234d5d4ba9ef9589ed41e2a60e9313aa2ba45d3de46f428db95e716125dc9213dff852025643e2c1bafc9342cb3e823eb435e3ed903947161d08c9252bb
7
- data.tar.gz: 52c50572cf2587106fb160b3042faeb8c129d2bc35d8df9ee6a29a1b7617af7723be54a16b43190c774ed93a4d694a0cfacc85e0882b5867229f8fdd0ce0c390
6
+ metadata.gz: b92d9445e7ea43168cba6bf7ba9634a98e51626bd64dd2562309e9ca483363c2eab5e9090802d8afe686aeca45dca9a1d8b8384f240037de5d1aa9b3d6627cb8
7
+ data.tar.gz: 49d29af17a720257dff8fe2844feea27875e8ef1403959b9340d4a6f3f3e6d0e3f836b1f4a5e2a704ef9e9566e04dbcb1301f44fd34401c81b4be2a765cf726b
data/lib/jwt_service.rb CHANGED
@@ -71,7 +71,9 @@ module SelfSDK
71
71
  if verify_key.verify(decode(payload[:signature]), "#{payload[:protected]}.#{payload[:payload]}")
72
72
  return true
73
73
  end
74
- rescue StandardError
74
+ false
75
+ rescue StandardError => e
76
+ SelfSDK.logger.info e
75
77
  false
76
78
  end
77
79
 
data/lib/messages/base.rb CHANGED
@@ -78,9 +78,9 @@ module SelfSDK
78
78
  payload
79
79
  end
80
80
 
81
- def verify!(jwt, kid)
81
+ def verify!(input, kid)
82
82
  k = @client.public_key(@from, kid).raw_public_key
83
- return if @jwt.verify(jwt, k)
83
+ return if @jwt.verify(input, k)
84
84
 
85
85
  SelfSDK.logger.info "skipping message, invalid signature"
86
86
  raise ::StandardError.new("invalid signature on incoming message")
data/lib/services/auth.rb CHANGED
@@ -115,6 +115,7 @@ module SelfSDK
115
115
  def valid_payload(response)
116
116
  parse_payload(response)
117
117
  rescue StandardError => e
118
+ SelfSDK.logger.error e
118
119
  uuid = ""
119
120
  uuid = response[:cid] unless response.nil?
120
121
  SelfSDK.logger.error "error checking authentication for #{uuid} : #{e.message}"
@@ -153,10 +154,7 @@ module SelfSDK
153
154
  identity = @client.entity(payload[:sub])
154
155
  return if identity.nil?
155
156
 
156
- identity[:public_keys].each do |key|
157
- return payload if @client.jwt.verify(jws, key[:key])
158
- end
159
- nil
157
+ return payload
160
158
  end
161
159
  end
162
160
  end
data/lib/signature_graph.rb CHANGED
@@ -9,7 +9,7 @@ module SelfSDK
9
9
  ACTION_REVOKE = "key.revoke"
10
10
  KEY_TYPE_DEVICE = "device.key"
11
11
  KEY_TYPE_RECOVERY = "recovery.key"
12
-
12
+
13
13
  class Operation
14
14
 
15
15
  attr_reader :sequence, :previous, :timestamp, :actions, :signing_key, :jws
@@ -46,7 +46,7 @@ module SelfSDK
46
46
  def revokes(kid)
47
47
  @actions.each do |action|
48
48
  if action[:kid] == kid && action[:action] == ACTION_REVOKE
49
- return true
49
+ return true
50
50
  end
51
51
  end
52
52
  return false
@@ -64,8 +64,8 @@ module SelfSDK
64
64
  @created = action[:from]
65
65
  @revoked = 0
66
66
 
67
- @raw_public_key = Base64.urlsafe_decode64(action[:key])
68
- @public_key = Ed25519::VerifyKey.new(@raw_public_key)
67
+ @raw_public_key = action[:key]
68
+ @public_key = Ed25519::VerifyKey.new(Base64.urlsafe_decode64(@raw_public_key))
69
69
 
70
70
  @incoming = Array.new
71
71
  @outgoing = Array.new
@@ -104,7 +104,7 @@ module SelfSDK
104
104
  @recovery_key = nil
105
105
 
106
106
  history.each do |operation|
107
- execute(operation)
107
+ execute(operation)
108
108
  end
109
109
  end
110
110
 
@@ -124,10 +124,10 @@ module SelfSDK
124
124
  op = Operation.new(operation)
125
125
 
126
126
  raise "operation sequence is out of order" if op.sequence != @operations.length
127
-
128
- if op.sequence > 0
127
+
128
+ if op.sequence > 0
129
129
  if @signatures[op.previous] != op.sequence - 1
130
- raise "operation previous signature does not match"
130
+ raise "operation previous signature does not match"
131
131
  end
132
132
 
133
133
  if @operations[op.sequence - 1].timestamp >= op.timestamp
@@ -135,7 +135,7 @@ module SelfSDK
135
135
  end
136
136
 
137
137
  sk = @keys[op.signing_key]
138
-
138
+
139
139
  raise "operation specifies a signing key that does not exist" if sk.nil?
140
140
 
141
141
  if sk.revoked? && op.timestamp > sk.revoked
@@ -144,7 +144,7 @@ module SelfSDK
144
144
 
145
145
  if sk.type == KEY_TYPE_RECOVERY && op.revokes(op.signing_key) != true
146
146
  raise "account recovery operation does not revoke the current active recovery key"
147
- end
147
+ end
148
148
  end
149
149
 
150
150
  execute_actions(op)
@@ -154,7 +154,7 @@ module SelfSDK
154
154
  raise "operation specifies a signing key that does not exist" if sk.nil?
155
155
 
156
156
  if op.timestamp < sk.created || sk.revoked? && op.timestamp > sk.revoked
157
- raise "operation was signed with a key that was revoked"
157
+ raise "operation was signed with a key that was revoked"
158
158
  end
159
159
 
160
160
  sig = Base64.urlsafe_decode64(op.jws[:signature])
@@ -198,9 +198,9 @@ module SelfSDK
198
198
  end
199
199
 
200
200
  if action[:from] < 0
201
- raise "operation action does not provide a valid timestamp for the action to take effect from"
201
+ raise "operation action does not provide a valid timestamp for the action to take effect from"
202
202
  end
203
-
203
+
204
204
  case action[:action]
205
205
  when ACTION_ADD
206
206
  action[:from] = op.timestamp
@@ -213,7 +213,7 @@ module SelfSDK
213
213
 
214
214
  def add(operation, action)
215
215
  if @keys[action[:kid]].nil? != true
216
- raise "operation contains a key with a duplicate identifier"
216
+ raise "operation contains a key with a duplicate identifier"
217
217
  end
218
218
 
219
219
  k = Key.new(action)
@@ -226,7 +226,7 @@ module SelfSDK
226
226
  end
227
227
  when KEY_TYPE_RECOVERY
228
228
  unless @recovery_key.nil?
229
- raise "operation contains more than one active recovery key" unless @recovery_key.revoked?
229
+ raise "operation contains more than one active recovery key" unless @recovery_key.revoked?
230
230
  end
231
231
 
232
232
  @recovery_key = k
@@ -239,7 +239,7 @@ module SelfSDK
239
239
  @root = k
240
240
  return
241
241
  end
242
-
242
+
243
243
  parent = @keys[operation.signing_key]
244
244
 
245
245
  raise "operation specifies a signing key that does not exist" if parent.nil?
@@ -271,7 +271,7 @@ module SelfSDK
271
271
 
272
272
  return
273
273
  end
274
-
274
+
275
275
  k.child_keys.each do |ck|
276
276
  ck.revoke(action[:from]) unless ck.created < action[:from]
277
277
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: selfsdk
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.0.129
4
+ version: 0.0.130
5
5
  platform: ruby
6
6
  authors:
7
7
  - Aldgate Ventures