storedsafe 0.0.1 → 0.0.2
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +97 -1
- data/lib/storedsafe/config.rb +4 -4
- data/lib/storedsafe/config/env_reader.rb +18 -23
- data/lib/storedsafe/config/rc_reader.rb +29 -33
- metadata +2 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 3284ce4b299b3a111699580ab7a144ece6586017688a190277f19db54750eab1
|
4
|
+
data.tar.gz: 7712584e6f771e1825166aca610b349bc0067a9f3ea8d1742f9802a5362d41e6
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 7d0ab608ef2f79adef486a5f3ed67828fe4327e43cccc4734649c4c1384e4cc7b8c48cf96e799b4bd1ad36ba2f6ff85ddd5310b76620e3a2c5d685447a26da80
|
7
|
+
data.tar.gz: 130f06c1fb087a0d2a29e7e276a6f449ee45eef9a1f29813fc32ae1499de2920728bcfd6733cf122427bd488a8e6b7580841846e1d33d8056f9621f29001f1d8
|
data/README.md
CHANGED
@@ -1,3 +1,99 @@
|
|
1
1
|
# Storedsafe API ruby wrapper
|
2
2
|
|
3
|
-
This is a ruby wrapper for the Storedsafe REST-like API.
|
3
|
+
This is a ruby wrapper for the Storedsafe REST-like API (See full [docs here](https://tracker.storedsafe.com/projects/storedsafe20/wiki/Version_10_release_documentation)).
|
4
|
+
|
5
|
+
**This early version may contain errors and is subject to change and should be used with caution**
|
6
|
+
|
7
|
+
## Install
|
8
|
+
|
9
|
+
Install from rubygems `gem install storedsafe`
|
10
|
+
|
11
|
+
Add to Gemfile `gem 'storedsafe', '~> 0.0.1'`
|
12
|
+
|
13
|
+
## Usage
|
14
|
+
To pass a manual configuration, you simply pass a block to *Storedsafe.configure*.
|
15
|
+
```
|
16
|
+
api = Storedsafe.configure do |config|
|
17
|
+
config.server = 'storedsafe.example.com'
|
18
|
+
config.api_token = 'abc123'
|
19
|
+
config.token = 'secret'
|
20
|
+
config.username = 'bob'
|
21
|
+
end
|
22
|
+
```
|
23
|
+
|
24
|
+
If you only want to use the built-in defaults you can skip the block.
|
25
|
+
```
|
26
|
+
api = Storedsafe.configure
|
27
|
+
```
|
28
|
+
|
29
|
+
See [Configuration](#configuration) for more info about default values and external configuration sources.
|
30
|
+
|
31
|
+
All methods of the `Storedsafe::API` object returns the data parsed by whichever parser is listed in your config's *parser* field. By default the `Storedsafe::Parser::RawParser` is used, which simply turns the returned JSON data into a Ruby hash.
|
32
|
+
|
33
|
+
### Authentication
|
34
|
+
If you already have a token from another source, you can enter it in the config and skip this section.
|
35
|
+
|
36
|
+
Three forms of authentication are currently availble. Either by the default *TOTP* (`Storedsafe::API::LogintType::TOTP`), *yubikey* (`Storedsafe::API::LoginType::YUBIKEY`) or *smartcard* (`Storedsafe::API::LoginType::SMARTCARD`).
|
37
|
+
|
38
|
+
NOTE: Make sure all other relevant fields are set on the Storedsafe::API object (username, api\_key)
|
39
|
+
|
40
|
+
Example authenticating using TOTP (sets the *token* field of the Storedsafe::API object).
|
41
|
+
```
|
42
|
+
api.authenticate('abc123', '123456')
|
43
|
+
```
|
44
|
+
|
45
|
+
Example authenticating using YubiKey.
|
46
|
+
```
|
47
|
+
api.authenticate('abc123', 'abcdef123456', Storedsafe::API::LoginType::YUBIKEY)
|
48
|
+
```
|
49
|
+
|
50
|
+
### Vaults
|
51
|
+
* list\_vaults
|
52
|
+
* list\_objects(vault\_id)
|
53
|
+
* create\_vault(groupname, policy, description)
|
54
|
+
* edit\_vault(vault\_id, { groupname, policy, description })
|
55
|
+
* delete\_vault(vault\_id)
|
56
|
+
|
57
|
+
### Templates
|
58
|
+
* list\_templates
|
59
|
+
* retrieve\_template(template\_id)
|
60
|
+
|
61
|
+
### Objects
|
62
|
+
* object(object\_id, decrypt=false)
|
63
|
+
* create\_object(template\_id, group\_id, parent\_id, object\_name, template\_args)
|
64
|
+
* edit\_object(object\_id, template\_id, group\_id, parent\_id, object\_name, template\_args)
|
65
|
+
* delete\_object(object\_id)
|
66
|
+
* find\_object(needle)
|
67
|
+
|
68
|
+
## Configuration
|
69
|
+
Configuration can be done in a few different ways. Other than the manual configuration, external configuration sources can be applied through the *config\_sources* array. This array contains Ruby Hashes with the fields that should be applied to the `Storedsafe::Config::Configurable` instance. By default fetch configurations through the `Storedsafe::Config::RcReader` and `Storedsafe::Config::EnvReader`.
|
70
|
+
|
71
|
+
The order of priority between these different configuration sources are:
|
72
|
+
1. Manual Configuration
|
73
|
+
2. Built-in defaults
|
74
|
+
3. Elements in the config\_sources array in order of appearance
|
75
|
+
|
76
|
+
The **RcReader** will extract a configuration hash from a file (default is ~/.storedsafe-client.rc) which is generated by the [Storedsafe Tokenhandler](https://github.com/storedsafe/tokenhandler).
|
77
|
+
|
78
|
+
The **EnvReader** will extract a configuration hash from environment variables. By default these variables are `STOREDSAFE_SERVER`, `STOREDSAFE_TOKEN`, `STOREDSAFE_CABUNDLE` and `STOREDSAFE_SKIP_VERIFY`.
|
79
|
+
|
80
|
+
To disable all external configuration sources such as the rc-file and environment vairables, set the *config\_sources* option to an empty array.
|
81
|
+
```
|
82
|
+
api = Storedsafe.configure do |config|
|
83
|
+
config.config_sources = []
|
84
|
+
...
|
85
|
+
end
|
86
|
+
```
|
87
|
+
|
88
|
+
If you want to add your own configurations, simply add them to the config\_sources array.
|
89
|
+
```
|
90
|
+
def fetch_password(options, obj_id)
|
91
|
+
api = Storedsafe.configure do |config|
|
92
|
+
config.config_sources = [
|
93
|
+
options,
|
94
|
+
Storedsafe::Config::RcReader.parse_file('/path/to/.storedsafe-client.rc'),
|
95
|
+
]
|
96
|
+
end
|
97
|
+
api.object(obj_id, true)
|
98
|
+
end
|
99
|
+
```
|
data/lib/storedsafe/config.rb
CHANGED
@@ -16,8 +16,8 @@ module Storedsafe
|
|
16
16
|
# Default configuration values
|
17
17
|
DEFAULTS = {
|
18
18
|
config_sources: [
|
19
|
-
RcReader.
|
20
|
-
EnvReader.
|
19
|
+
RcReader.parse_file,
|
20
|
+
EnvReader.parse_env
|
21
21
|
],
|
22
22
|
api_version: '1.0',
|
23
23
|
parser: Parser::RawParser
|
@@ -30,8 +30,8 @@ module Storedsafe
|
|
30
30
|
def self.apply(configurable)
|
31
31
|
apply_config(configurable, DEFAULTS)
|
32
32
|
|
33
|
-
configurable.config_sources.each do |
|
34
|
-
apply_config(configurable,
|
33
|
+
configurable.config_sources.each do |config|
|
34
|
+
apply_config(configurable, config)
|
35
35
|
end
|
36
36
|
end
|
37
37
|
|
@@ -4,30 +4,25 @@ module Storedsafe
|
|
4
4
|
module Config
|
5
5
|
##
|
6
6
|
# Reads configuration items from environment variables.
|
7
|
-
|
8
|
-
|
9
|
-
|
10
|
-
|
11
|
-
|
12
|
-
|
13
|
-
|
14
|
-
|
15
|
-
|
16
|
-
|
17
|
-
|
18
|
-
|
19
|
-
|
20
|
-
|
21
|
-
|
22
|
-
|
23
|
-
|
24
|
-
|
25
|
-
# Read values from file into the @config hash.
|
26
|
-
def read
|
27
|
-
@fields.each do |key, val|
|
28
|
-
@config[key] = ENV[val]
|
7
|
+
module EnvReader
|
8
|
+
class << self
|
9
|
+
##
|
10
|
+
# Parses the passed environment variable names into a hash of config
|
11
|
+
# values.
|
12
|
+
# @param [Hash] fields Mapping from configuration field to environment
|
13
|
+
# variable name.
|
14
|
+
def parse_env(fields = {
|
15
|
+
server: 'STOREDSAFE_SERVER',
|
16
|
+
token: 'STOREDSAFE_TOKEN',
|
17
|
+
ca_bundle: 'STOREDSAFE_CABUNDLE',
|
18
|
+
skip_verify: 'STOREDSAFE_SKIP_VERIFY'
|
19
|
+
})
|
20
|
+
config = {}
|
21
|
+
fields.each do |key, val|
|
22
|
+
config[key] = ENV[val]
|
23
|
+
end
|
24
|
+
config
|
29
25
|
end
|
30
|
-
@config
|
31
26
|
end
|
32
27
|
end
|
33
28
|
end
|
@@ -4,43 +4,39 @@ module Storedsafe
|
|
4
4
|
module Config
|
5
5
|
##
|
6
6
|
# Reads configuration items from rc file.
|
7
|
-
|
8
|
-
|
9
|
-
|
10
|
-
|
11
|
-
|
12
|
-
|
13
|
-
|
14
|
-
|
15
|
-
|
16
|
-
|
17
|
-
|
18
|
-
|
19
|
-
|
20
|
-
|
21
|
-
|
22
|
-
|
23
|
-
key, val = line.split(':', 2)
|
24
|
-
key = key.strip
|
25
|
-
val = val.strip
|
26
|
-
parse_line(key, val)
|
7
|
+
module RcReader
|
8
|
+
class << self
|
9
|
+
##
|
10
|
+
# Parses values from RC file into a hash.
|
11
|
+
def parse_file(path = File.join(
|
12
|
+
Dir.home,
|
13
|
+
'.storedsafe-client.rc'
|
14
|
+
))
|
15
|
+
config = {}
|
16
|
+
if File.exist?(path)
|
17
|
+
File.open(path, 'r').each do |line|
|
18
|
+
key, val = line.split(':', 2)
|
19
|
+
key = key.strip
|
20
|
+
val = val.strip
|
21
|
+
parse_line(config, key, val)
|
22
|
+
end
|
27
23
|
end
|
24
|
+
config
|
28
25
|
end
|
29
|
-
@config
|
30
|
-
end
|
31
26
|
|
32
|
-
|
27
|
+
private
|
33
28
|
|
34
|
-
|
35
|
-
|
36
|
-
|
37
|
-
|
38
|
-
|
39
|
-
|
40
|
-
|
41
|
-
|
42
|
-
|
43
|
-
|
29
|
+
def parse_line(config, key, val)
|
30
|
+
case key
|
31
|
+
when 'token'
|
32
|
+
config[:token] = val
|
33
|
+
when 'username'
|
34
|
+
config[:username] = val
|
35
|
+
when 'apikey'
|
36
|
+
config[:api_key] = val
|
37
|
+
when 'mysite'
|
38
|
+
config[:server] = val
|
39
|
+
end
|
44
40
|
end
|
45
41
|
end
|
46
42
|
end
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: storedsafe
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.0.
|
4
|
+
version: 0.0.2
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Oscar Mattsson
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2019-06-
|
11
|
+
date: 2019-06-13 00:00:00.000000000 Z
|
12
12
|
dependencies: []
|
13
13
|
description:
|
14
14
|
email: oscar_mattsson@live.se
|