slosilo 2.1.1 → 2.2.1

Sign up to get free protection for your applications and to get access to all the features.
Files changed (13) hide show
  1. checksums.yaml +5 -5
  2. data/.gitleaks.toml +221 -0
  3. data/CHANGELOG.md +4 -0
  4. data/CONTRIBUTING.md +16 -0
  5. data/Jenkinsfile +17 -1
  6. data/LICENSE +2 -2
  7. data/README.md +3 -5
  8. data/lib/slosilo/key.rb +1 -1
  9. data/lib/slosilo/version.rb +1 -1
  10. data/spec/jwt_spec.rb +2 -3
  11. data/spec/slosilo_spec.rb +3 -3
  12. data/spec/spec_helper.rb +1 -1
  13. metadata +5 -4
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
- SHA1:
3
- metadata.gz: 1b7ca2d8d2bbd323237e1ff513bd8d00af684da0
4
- data.tar.gz: 152b2735c0d053e414baeebd40ce229761514a2a
2
+ SHA256:
3
+ metadata.gz: 8723a6eff81a1e81b1e8f8a3b4998c202b4a36b042d2c3b33d830232f800e45e
4
+ data.tar.gz: 22abadf8b5edca4b2ad971be894e54a906e9b84f166098a95fbfa8cf8401a046
5
5
  SHA512:
6
- metadata.gz: a09dd7a7607809467e9f77c0400c85e3c8336722058de27e00f5aad6cda1577db3f747f3b30b2ecdf677ef679a2a78061f0dbd292de253f02d3f6c14a3ee2495
7
- data.tar.gz: 56e9ee6c12c3419d32b6e6260a6889cad2d38e9822cd66788950b17bf3f559e1a8c660cd9519d1c05c070dc4873fc7446e3cda58809d535886ce62835032db34
6
+ metadata.gz: 937190eaf606924682f14850313aeedf6b852f7cc0e88669451d6b0d147fcd61a485d4089ccdce35bb188fc057a750c82f01bd43118da104735efc264386caa7
7
+ data.tar.gz: 6e3b22a70e85c036932bb15b309e45d28d4b9f2eeaa59cdd2aa9f3db5b580b9d23e3844eaf71a59667acc99706b55e2100d1e4a1f6f0b70bafae117459babff3
data/.gitleaks.toml ADDED
@@ -0,0 +1,221 @@
1
+ title = "Secretless Broker gitleaks config"
2
+
3
+ # This is the config file for gitleaks. You can configure gitleaks what to search for and what to whitelist.
4
+ # If GITLEAKS_CONFIG environment variable
5
+ # is set, gitleaks will load configurations from that path. If option --config-path is set, gitleaks will load
6
+ # configurations from that path. Gitleaks does not whitelist anything by default.
7
+ # - https://www.ndss-symposium.org/wp-content/uploads/2019/02/ndss2019_04B-3_Meli_paper.pdf
8
+ # - https://github.com/dxa4481/truffleHogRegexes/blob/master/truffleHogRegexes/regexes.json
9
+ [[rules]]
10
+ description = "AWS Client ID"
11
+ regex = '''(A3T[A-Z0-9]|AKIA|AGPA|AIDA|AROA|AIPA|ANPA|ANVA|ASIA)[A-Z0-9]{16}'''
12
+ tags = ["key", "AWS"]
13
+
14
+ [[rules]]
15
+ description = "AWS Secret Key"
16
+ regex = '''(?i)aws(.{0,20})?(?-i)['\"][0-9a-zA-Z\/+]{40}['\"]'''
17
+ tags = ["key", "AWS"]
18
+
19
+ [[rules]]
20
+ description = "AWS MWS key"
21
+ regex = '''amzn\.mws\.[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}'''
22
+ tags = ["key", "AWS", "MWS"]
23
+
24
+ [[rules]]
25
+ description = "PKCS8"
26
+ regex = '''-----BEGIN PRIVATE KEY-----'''
27
+ tags = ["key", "PKCS8"]
28
+
29
+ [[rules]]
30
+ description = "RSA"
31
+ regex = '''-----BEGIN RSA PRIVATE KEY-----'''
32
+ tags = ["key", "RSA"]
33
+
34
+ [[rules]]
35
+ description = "SSH"
36
+ regex = '''-----BEGIN OPENSSH PRIVATE KEY-----'''
37
+ tags = ["key", "SSH"]
38
+
39
+ [[rules]]
40
+ description = "PGP"
41
+ regex = '''-----BEGIN PGP PRIVATE KEY BLOCK-----'''
42
+ tags = ["key", "PGP"]
43
+
44
+ [[rules]]
45
+ description = "Facebook Secret Key"
46
+ regex = '''(?i)(facebook|fb)(.{0,20})?(?-i)['\"][0-9a-f]{32}['\"]'''
47
+ tags = ["key", "Facebook"]
48
+
49
+ [[rules]]
50
+ description = "Facebook Client ID"
51
+ regex = '''(?i)(facebook|fb)(.{0,20})?['\"][0-9]{13,17}['\"]'''
52
+ tags = ["key", "Facebook"]
53
+
54
+ [[rules]]
55
+ description = "Facebook access token"
56
+ regex = '''EAACEdEose0cBA[0-9A-Za-z]+'''
57
+ tags = ["key", "Facebook"]
58
+
59
+ [[rules]]
60
+ description = "Twitter Secret Key"
61
+ regex = '''(?i)twitter(.{0,20})?['\"][0-9a-z]{35,44}['\"]'''
62
+ tags = ["key", "Twitter"]
63
+
64
+ [[rules]]
65
+ description = "Twitter Client ID"
66
+ regex = '''(?i)twitter(.{0,20})?['\"][0-9a-z]{18,25}['\"]'''
67
+ tags = ["client", "Twitter"]
68
+
69
+ [[rules]]
70
+ description = "Github"
71
+ regex = '''(?i)github(.{0,20})?(?-i)['\"][0-9a-zA-Z]{35,40}['\"]'''
72
+ tags = ["key", "Github"]
73
+
74
+ [[rules]]
75
+ description = "LinkedIn Client ID"
76
+ regex = '''(?i)linkedin(.{0,20})?(?-i)['\"][0-9a-z]{12}['\"]'''
77
+ tags = ["client", "Twitter"]
78
+
79
+ [[rules]]
80
+ description = "LinkedIn Secret Key"
81
+ regex = '''(?i)linkedin(.{0,20})?['\"][0-9a-z]{16}['\"]'''
82
+ tags = ["secret", "Twitter"]
83
+
84
+ [[rules]]
85
+ description = "Slack"
86
+ regex = '''xox[baprs]-([0-9a-zA-Z]{10,48})?'''
87
+ tags = ["key", "Slack"]
88
+
89
+ [[rules]]
90
+ description = "EC"
91
+ regex = '''-----BEGIN EC PRIVATE KEY-----'''
92
+ tags = ["key", "EC"]
93
+
94
+ [[rules]]
95
+ description = "Generic API key"
96
+ regex = '''(?i)(api_key|apikey)(.{0,20})?['|"][0-9a-zA-Z]{32,45}['|"]'''
97
+ tags = ["key", "API", "generic"]
98
+
99
+ [[rules]]
100
+ description = "Generic Secret"
101
+ regex = '''(?i)secret(.{0,20})?['|"][0-9a-zA-Z]{32,45}['|"]'''
102
+ tags = ["key", "Secret", "generic"]
103
+
104
+ [[rules]]
105
+ description = "Google API key"
106
+ regex = '''AIza[0-9A-Za-z\\-_]{35}'''
107
+ tags = ["key", "Google"]
108
+
109
+ [[rules]]
110
+ description = "Google Cloud Platform API key"
111
+ regex = '''(?i)(google|gcp|youtube|drive|yt)(.{0,20})?['\"][AIza[0-9a-z\\-_]{35}]['\"]'''
112
+ tags = ["key", "Google", "GCP"]
113
+
114
+ [[rules]]
115
+ description = "Google OAuth"
116
+ regex = '''(?i)(google|gcp|auth)(.{0,20})?['"][0-9]+-[0-9a-z_]{32}\.apps\.googleusercontent\.com['"]'''
117
+ tags = ["key", "Google", "OAuth"]
118
+
119
+ [[rules]]
120
+ description = "Google OAuth access token"
121
+ regex = '''ya29\.[0-9A-Za-z\-_]+'''
122
+ tags = ["key", "Google", "OAuth"]
123
+
124
+ [[rules]]
125
+ description = "Heroku API key"
126
+ regex = '''(?i)heroku(.{0,20})?['"][0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}['"]'''
127
+ tags = ["key", "Heroku"]
128
+
129
+ [[rules]]
130
+ description = "MailChimp API key"
131
+ regex = '''(?i)(mailchimp|mc)(.{0,20})?['"][0-9a-f]{32}-us[0-9]{1,2}['"]'''
132
+ tags = ["key", "Mailchimp"]
133
+
134
+ [[rules]]
135
+ description = "Mailgun API key"
136
+ regex = '''(?i)(mailgun|mg)(.{0,20})?['"][0-9a-z]{32}['"]'''
137
+ tags = ["key", "Mailgun"]
138
+
139
+ [[rules]]
140
+ description = "Password in URL"
141
+ regex = '''[a-zA-Z]{3,10}:\/\/[^\/\s:@]{3,20}:[^\/\s:@]{3,20}@.{1,100}\/?.?'''
142
+ tags = ["key", "URL", "generic"]
143
+
144
+ [[rules]]
145
+ description = "PayPal Braintree access token"
146
+ regex = '''access_token\$production\$[0-9a-z]{16}\$[0-9a-f]{32}'''
147
+ tags = ["key", "Paypal"]
148
+
149
+ [[rules]]
150
+ description = "Picatic API key"
151
+ regex = '''sk_live_[0-9a-z]{32}'''
152
+ tags = ["key", "Picatic"]
153
+
154
+ [[rules]]
155
+ description = "Slack Webhook"
156
+ regex = '''https://hooks.slack.com/services/T[a-zA-Z0-9_]{8}/B[a-zA-Z0-9_]{8}/[a-zA-Z0-9_]{24}'''
157
+ tags = ["key", "slack"]
158
+
159
+ [[rules]]
160
+ description = "Stripe API key"
161
+ regex = '''(?i)stripe(.{0,20})?['\"][sk|rk]_live_[0-9a-zA-Z]{24}'''
162
+ tags = ["key", "Stripe"]
163
+
164
+ [[rules]]
165
+ description = "Square access token"
166
+ regex = '''sq0atp-[0-9A-Za-z\-_]{22}'''
167
+ tags = ["key", "square"]
168
+
169
+ [[rules]]
170
+ description = "Square OAuth secret"
171
+ regex = '''sq0csp-[0-9A-Za-z\\-_]{43}'''
172
+ tags = ["key", "square"]
173
+
174
+ [[rules]]
175
+ description = "Twilio API key"
176
+ regex = '''(?i)twilio(.{0,20})?['\"][0-9a-f]{32}['\"]'''
177
+ tags = ["key", "twilio"]
178
+
179
+ [whitelist]
180
+ files = [
181
+ "(.*?)(jpg|gif|doc|pdf|bin)$",
182
+ ".gitleaks.toml"
183
+ ]
184
+ regexes = [
185
+ ]
186
+ commits = [
187
+ "3a496cef2d737f69038630f3c884a159f783bd06", # old commit to add test data
188
+ "047e58e40c87f9d19d68c21a533b706616ab1ef2", # old commit to add test data
189
+ "5345e49e7d63589fc637c2b0c7156bf97e9c72b8", # old commit to add test data
190
+ "9c31229cedceedd75e06c381fe7218571a03c26d" # old commit to add test data
191
+ ]
192
+
193
+ # Additional Examples
194
+
195
+ # [[rules]]
196
+ # description = "Generic Key"
197
+ # regex = '''(?i)key(.{0,6})?(:|=|=>|:=)'''
198
+ # entropies = [
199
+ # "4.1-4.3",
200
+ # "5.5-6.3",
201
+ # ]
202
+ # entropyROI = "line"
203
+ # filetypes = [".go", ".py", ".c"]
204
+ # tags = ["key"]
205
+ # severity = "8"
206
+ #
207
+ #
208
+ # [[rules]]
209
+ # description = "Generic Key"
210
+ # regex = '''(?i)key(.{0,6})?(:|=|=>|:=)'''
211
+ # entropies = ["4.1-4.3"]
212
+ # filetypes = [".gee"]
213
+ # entropyROI = "line"
214
+ # tags = ["key"]
215
+ # severity = "medium"
216
+
217
+ # [[rules]]
218
+ # description = "Any pem file"
219
+ # filetypes = [".key"]
220
+ # tags = ["pem"]
221
+ # severity = "high"
data/CHANGELOG.md CHANGED
@@ -1,3 +1,7 @@
1
+ # v2.2.1
2
+
3
+ * Use SHA256 algorithm instead of MD5 for public key fingerprints.
4
+
1
5
  # v2.1.1
2
6
 
3
7
  * Add support for JWT-formatted tokens, with arbitrary expiration.
data/CONTRIBUTING.md ADDED
@@ -0,0 +1,16 @@
1
+ # Contributing
2
+
3
+ For general contribution and community guidelines, please see the [community repo](https://github.com/cyberark/community).
4
+
5
+ ## Contributing Workflow
6
+
7
+ 1. [Fork the project](https://help.github.com/en/github/getting-started-with-github/fork-a-repo)
8
+ 2. [Clone your fork](https://help.github.com/en/github/creating-cloning-and-archiving-repositories/cloning-a-repository)
9
+ 3. Make local changes to your fork by editing files
10
+ 3. [Commit your changes](https://help.github.com/en/github/managing-files-in-a-repository/adding-a-file-to-a-repository-using-the-command-line)
11
+ 4. [Push your local changes to the remote server](https://help.github.com/en/github/using-git/pushing-commits-to-a-remote-repository)
12
+ 5. [Create new Pull Request](https://help.github.com/en/github/collaborating-with-issues-and-pull-requests/creating-a-pull-request-from-a-fork)
13
+
14
+ From here your pull request will be reviewed and once you've responded to all
15
+ feedback it will be merged into the project. Congratulations, you're a
16
+ contributor!
data/Jenkinsfile CHANGED
@@ -20,7 +20,23 @@ pipeline {
20
20
  stage('Publish to RubyGems') {
21
21
  agent { label 'releaser-v2' }
22
22
  when {
23
- branch 'master'
23
+ allOf {
24
+ branch 'master'
25
+ expression {
26
+ boolean publish = false
27
+
28
+ try {
29
+ timeout(time: 5, unit: 'MINUTES') {
30
+ input(message: 'Publish to RubyGems?')
31
+ publish = true
32
+ }
33
+ } catch (final ignore) {
34
+ publish = false
35
+ }
36
+
37
+ return publish
38
+ }
39
+ }
24
40
  }
25
41
 
26
42
  steps {
data/LICENSE CHANGED
@@ -1,4 +1,4 @@
1
- Copyright (c) 2012 Conjur Inc
1
+ Copyright (c) 2020 CyberArk Software Ltd. All rights reserved.
2
2
 
3
3
  MIT License
4
4
 
@@ -19,4 +19,4 @@ MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
19
19
  NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
20
20
  LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
21
21
  OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
22
- WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
22
+ WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
data/README.md CHANGED
@@ -144,8 +144,6 @@ Slosilo.adapter = Slosilo::Adapters::SequelAdapter.new
144
144
 
145
145
  ## Contributing
146
146
 
147
- 1. Fork it
148
- 2. Create your feature branch (`git checkout -b my-new-feature`)
149
- 3. Commit your changes (`git commit -am 'Added some feature'`)
150
- 4. Push to the branch (`git push origin my-new-feature`)
151
- 5. Create new Pull Request
147
+ We welcome contributions of all kinds to this repository. For instructions on
148
+ how to get started and descriptions of our development workflows, please see our
149
+ [contributing guide](CONTRIBUTING.md).
data/lib/slosilo/key.rb CHANGED
@@ -158,7 +158,7 @@ module Slosilo
158
158
  end
159
159
 
160
160
  def fingerprint
161
- @fingerprint ||= OpenSSL::Digest::MD5.hexdigest key.public_key.to_der
161
+ @fingerprint ||= OpenSSL::Digest::SHA256.hexdigest key.public_key.to_der
162
162
  end
163
163
 
164
164
  def == other
data/lib/slosilo/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module Slosilo
2
- VERSION = "2.1.1"
2
+ VERSION = "2.2.1"
3
3
  end
data/spec/jwt_spec.rb CHANGED
@@ -80,7 +80,6 @@ describe Slosilo::JWT do
80
80
  'iat' => 1401938552,
81
81
  'exp' => 1401938552 + 60*60,
82
82
  'cidr' => ['fec0::/64']
83
-
84
83
  expect(key.verify_signature token.string_to_sign, token.signature).to be_truthy
85
84
  end
86
85
  end
@@ -97,7 +96,7 @@ describe Slosilo::JWT do
97
96
  end
98
97
  end
99
98
 
100
- COMPACT_TOKEN = "eyJ0eXAiOiJKV1QiLCJhbGciOiJjb25qdXIub3JnL3Nsb3NpbG8vdjIiLCJraWQiOiJkMjhlM2EzNDdlMzY4NDE2YjMxMjlhNDBjMWI4ODdmZSJ9.eyJzdWIiOiJob3N0L2V4YW1wbGUiLCJpYXQiOjE0MDE5Mzg1NTIsImV4cCI6MTQwMTk0MjE1MiwiY2lkciI6WyJmZWMwOjovNjQiXX0=.cw9S8Oxu8BmvDgEotBlNiZoJNkAGDpvGIuhCCnG-nMq80dy0ECjC4xERYXHx3bcadEJ8jWfqDB90d7CGvJyepbMhC1hEdsb8xNWGkkqTvQOh33cnZiEJjjfbORpKnOpcc8QySmB9Eb_zKl5WaM6Sjm-uINJri3djuVo_n_S7I43YvKw7gbd5u2gVttgaWnqlnJoeXZnnmXSYH8_66Lr__BqO4tCedShQIf4gA0R_dljrzVSZtJsFTKvwuNOuCvBqO8dQkhp8vplOkKynDkdip-H2nDBQb9Y3bQ8K0NVtSJatBy-d1HvPHSwFZrH4K7P_J2OgJtw9GtckT43QasliXoibdk__Hyvy4HJIIM44rSm7JUuyZWl8e8svRqLujBP7".freeze
99
+ COMPACT_TOKEN = "eyJ0eXAiOiJKV1QiLCJhbGciOiJjb25qdXIub3JnL3Nsb3NpbG8vdjIiLCJraWQiOiIxMDdiZGI4NTAxYzQxOWZhZDJmZGIyMGI0NjdkNGQwYTYyYTE2YTk4YzM1ZjJkYTBlYjNiMWZmOTI5Nzk1YWQ5In0=.eyJzdWIiOiJob3N0L2V4YW1wbGUiLCJjaWRyIjpbImZlYzA6Oi82NCJdLCJleHAiOjE0MDE5NDIxNTIsImlhdCI6MTQwMTkzODU1Mn0=.qSxy6gx0DbiIc-Wz_vZhBsYi1SCkHhzxfMGPnnG6MTqjlzy7ntmlU2H92GKGoqCRo6AaNLA_C3hA42PeEarV5nMoTj8XJO_kwhrt2Db2OX4u83VS0_enoztWEZG5s45V0Lv71lVR530j4LD-hpqhm_f4VuISkeH84u0zX7s1zKOlniuZP-abCAHh0htTnrVz9wKG0VywkCUmWYyNNqC2h8PRf64SvCWcQ6VleHpjO-ms8OeTw4ZzRbzKMi0mL6eTmQlbT3PeBArUaS0pNJPg9zdDQaL2XDOofvQmj6Yy_8RA4eCt9HEfTYEdriVqK-_9QCspbGzFVn9GTWf51MRi5dngV9ItsDoG9ktDtqFuMttv7TcqjftsIHZXZsAZ175E".freeze
101
100
 
102
- JSON_TOKEN = "{\"protected\":\"eyJ0eXAiOiJKV1QiLCJhbGciOiJjb25qdXIub3JnL3Nsb3NpbG8vdjIiLCJraWQiOiJkMjhlM2EzNDdlMzY4NDE2YjMxMjlhNDBjMWI4ODdmZSJ9\",\"payload\":\"eyJzdWIiOiJob3N0L2V4YW1wbGUiLCJpYXQiOjE0MDE5Mzg1NTIsImV4cCI6MTQwMTk0MjE1MiwiY2lkciI6WyJmZWMwOjovNjQiXX0=\",\"signature\":\"cw9S8Oxu8BmvDgEotBlNiZoJNkAGDpvGIuhCCnG-nMq80dy0ECjC4xERYXHx3bcadEJ8jWfqDB90d7CGvJyepbMhC1hEdsb8xNWGkkqTvQOh33cnZiEJjjfbORpKnOpcc8QySmB9Eb_zKl5WaM6Sjm-uINJri3djuVo_n_S7I43YvKw7gbd5u2gVttgaWnqlnJoeXZnnmXSYH8_66Lr__BqO4tCedShQIf4gA0R_dljrzVSZtJsFTKvwuNOuCvBqO8dQkhp8vplOkKynDkdip-H2nDBQb9Y3bQ8K0NVtSJatBy-d1HvPHSwFZrH4K7P_J2OgJtw9GtckT43QasliXoibdk__Hyvy4HJIIM44rSm7JUuyZWl8e8svRqLujBP7\"}".freeze
101
+ JSON_TOKEN = "{\"protected\":\"eyJ0eXAiOiJKV1QiLCJhbGciOiJjb25qdXIub3JnL3Nsb3NpbG8vdjIiLCJraWQiOiIxMDdiZGI4NTAxYzQxOWZhZDJmZGIyMGI0NjdkNGQwYTYyYTE2YTk4YzM1ZjJkYTBlYjNiMWZmOTI5Nzk1YWQ5In0=\",\"payload\":\"eyJzdWIiOiJob3N0L2V4YW1wbGUiLCJjaWRyIjpbImZlYzA6Oi82NCJdLCJleHAiOjE0MDE5NDIxNTIsImlhdCI6MTQwMTkzODU1Mn0=\",\"signature\":\"qSxy6gx0DbiIc-Wz_vZhBsYi1SCkHhzxfMGPnnG6MTqjlzy7ntmlU2H92GKGoqCRo6AaNLA_C3hA42PeEarV5nMoTj8XJO_kwhrt2Db2OX4u83VS0_enoztWEZG5s45V0Lv71lVR530j4LD-hpqhm_f4VuISkeH84u0zX7s1zKOlniuZP-abCAHh0htTnrVz9wKG0VywkCUmWYyNNqC2h8PRf64SvCWcQ6VleHpjO-ms8OeTw4ZzRbzKMi0mL6eTmQlbT3PeBArUaS0pNJPg9zdDQaL2XDOofvQmj6Yy_8RA4eCt9HEfTYEdriVqK-_9QCspbGzFVn9GTWf51MRi5dngV9ItsDoG9ktDtqFuMttv7TcqjftsIHZXZsAZ175E\"}".freeze
103
102
  end
data/spec/slosilo_spec.rb CHANGED
@@ -100,7 +100,7 @@ describe Slosilo do
100
100
 
101
101
  it "accepts pre-parsed JSON serialization" do
102
102
  expect(Slosilo.token_signer(
103
- 'protected' => 'eyJraWQiOiJkMjhlM2EzNDdlMzY4NDE2YjMxMjlhNDBjMWI4ODdmZSJ9',
103
+ 'protected' => 'eyJraWQiOiIxMDdiZGI4NTAxYzQxOWZhZDJmZGIyMGI0NjdkNGQwYTYyYTE2YTk4YzM1ZjJkYTBlYjNiMWZmOTI5Nzk1YWQ5In0=',
104
104
  'payload' => 'e30=',
105
105
  'signature' => 'c2ln'
106
106
  )).to eq 'test'
@@ -108,7 +108,7 @@ describe Slosilo do
108
108
 
109
109
  it "accepts pre-parsed JWT token" do
110
110
  expect(Slosilo.token_signer(Slosilo::JWT(
111
- 'protected' => 'eyJraWQiOiJkMjhlM2EzNDdlMzY4NDE2YjMxMjlhNDBjMWI4ODdmZSJ9',
111
+ 'protected' => 'eyJraWQiOiIxMDdiZGI4NTAxYzQxOWZhZDJmZGIyMGI0NjdkNGQwYTYyYTE2YTk4YzM1ZjJkYTBlYjNiMWZmOTI5Nzk1YWQ5In0=',
112
112
  'payload' => 'e30=',
113
113
  'signature' => 'c2ln'
114
114
  ))).to eq 'test'
@@ -116,7 +116,7 @@ describe Slosilo do
116
116
 
117
117
  it "accepts compact serialization" do
118
118
  expect(Slosilo.token_signer(
119
- 'eyJraWQiOiJkMjhlM2EzNDdlMzY4NDE2YjMxMjlhNDBjMWI4ODdmZSJ9.e30=.c2ln'
119
+ 'eyJraWQiOiIxMDdiZGI4NTAxYzQxOWZhZDJmZGIyMGI0NjdkNGQwYTYyYTE2YTk4YzM1ZjJkYTBlYjNiMWZmOTI5Nzk1YWQ5In0=.e30=.c2ln'
120
120
  )).to eq 'test'
121
121
  end
122
122
  end
data/spec/spec_helper.rb CHANGED
@@ -41,7 +41,7 @@ Dg1ikwi8GUF4HPZe9DyhXgDhg19wM/qcpjX8bSypsUWHWP+FanhjdWU=
41
41
  -----END RSA PRIVATE KEY-----
42
42
  """ }
43
43
  let (:key) { Slosilo::Key.new rsa.to_der }
44
- let (:key_fingerprint) { "d28e3a347e368416b3129a40c1b887fe" }
44
+ let (:key_fingerprint) { "107bdb8501c419fad2fdb20b467d4d0a62a16a98c35f2da0eb3b1ff929795ad9" }
45
45
 
46
46
  let (:another_rsa) do
47
47
  OpenSSL::PKey::RSA.new """
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: slosilo
3
3
  version: !ruby/object:Gem::Version
4
- version: 2.1.1
4
+ version: 2.2.1
5
5
  platform: ruby
6
6
  authors:
7
7
  - Rafał Rzepecki
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2017-10-17 00:00:00.000000000 Z
11
+ date: 2020-06-14 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: rake
@@ -132,8 +132,10 @@ extra_rdoc_files: []
132
132
  files:
133
133
  - ".dockerignore"
134
134
  - ".gitignore"
135
+ - ".gitleaks.toml"
135
136
  - ".kateproject"
136
137
  - CHANGELOG.md
138
+ - CONTRIBUTING.md
137
139
  - Gemfile
138
140
  - Jenkinsfile
139
141
  - LICENSE
@@ -187,8 +189,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
187
189
  - !ruby/object:Gem::Version
188
190
  version: '0'
189
191
  requirements: []
190
- rubyforge_project:
191
- rubygems_version: 2.6.14
192
+ rubygems_version: 3.1.2
192
193
  signing_key:
193
194
  specification_version: 4
194
195
  summary: Store SSL keys in a database