storedsafe 0.0.3 → 1.0.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +52 -58
- data/lib/storedsafe.rb +6 -6
- data/lib/storedsafe/api.rb +55 -35
- data/lib/storedsafe/api/auth.rb +16 -18
- data/lib/storedsafe/api/misc.rb +31 -0
- data/lib/storedsafe/api/objects.rb +21 -47
- data/lib/storedsafe/api/templates.rb +4 -5
- data/lib/storedsafe/api/users.rb +33 -0
- data/lib/storedsafe/api/vaults.rb +48 -17
- data/lib/storedsafe/config.rb +4 -4
- data/lib/storedsafe/config/configurable.rb +4 -4
- data/lib/storedsafe/config/env_reader.rb +2 -2
- data/lib/storedsafe/config/rc_reader.rb +3 -5
- data/lib/storedsafe/parser.rb +2 -2
- data/lib/storedsafe/parser/raw_parser.rb +3 -3
- metadata +77 -6
- data/lib/storedsafe/version.rb +0 -3
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 4bff6b3480d106541211e5535dd7627acf681d25a0ddd59cb9b579923eb93221
|
4
|
+
data.tar.gz: 6f1c08f73fd048419571258caf9d005a6f53e1e5de0ac9068f0bb237f23b26d6
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: a4f1a886d6a1f752313a26bf71a4531b6306b3edb2aaccbd5dfbb63eddfd54f84f884a3e39810b763b6cd328bb059bdbc7be13f11ca63686e32105de111b6b0f
|
7
|
+
data.tar.gz: 4b95dc9b88627a2e4ffd89afc3b874e919e203bef700001d813ebe86158a4b25dc6699a568ff0bdafda6000f67fcd7609583f7953bba93df87957bdc39defff3
|
data/README.md
CHANGED
@@ -1,14 +1,14 @@
|
|
1
|
-
#
|
1
|
+
# StoredSafe API ruby wrapper
|
2
2
|
|
3
|
-
|
3
|
+
Transparent Ruby wrapper for the StoredSafe REST-like API. (See full [docs here](https://developer.storedsafe.com/)).
|
4
4
|
|
5
|
-
|
5
|
+
Full documentation of the API response signatures and more advanced paramters can be found at the [StoredSafe API Documentation](https://developer.storedsafe.com/).
|
6
6
|
|
7
7
|
## Install
|
8
8
|
|
9
9
|
Install from rubygems `gem install storedsafe`
|
10
10
|
|
11
|
-
Add to Gemfile `gem 'storedsafe', '~> 0.0
|
11
|
+
Add to Gemfile `gem 'storedsafe', '~> 1.0.0'`
|
12
12
|
|
13
13
|
Alternatively, if you whish to install the gem manually, you can clone this repo and build the gem yourself.
|
14
14
|
|
@@ -16,78 +16,72 @@ Alternatively, if you whish to install the gem manually, you can clone this repo
|
|
16
16
|
git clone https://github.com/storedsafe/storedsafe-ruby
|
17
17
|
cd storedsafe-ruby
|
18
18
|
gem build storedsafe.gemspec
|
19
|
-
gem install storedsafe-0.0.
|
19
|
+
gem install storedsafe-0.1.0.gem
|
20
20
|
```
|
21
21
|
|
22
22
|
## Usage
|
23
|
-
To pass a manual configuration, you simply pass a block to *Storedsafe.configure*.
|
24
|
-
```
|
25
|
-
api = Storedsafe.configure do |config|
|
26
|
-
config.server = 'storedsafe.example.com'
|
27
|
-
config.api_key = 'abc123'
|
28
|
-
config.token = 'secret'
|
29
|
-
end
|
30
|
-
```
|
31
|
-
|
32
|
-
If you only want to use the built-in defaults you can skip the block.
|
33
|
-
```
|
34
|
-
api = Storedsafe.configure
|
35
|
-
```
|
36
|
-
|
37
|
-
See [Configuration](#configuration) for more info about default values and external configuration sources.
|
38
|
-
|
39
|
-
All methods of the `Storedsafe::API` object returns the data parsed by whichever parser is listed in your config's *parser* field. By default the `Storedsafe::Parser::RawParser` is used, which simply turns the returned JSON data into a Ruby hash.
|
40
|
-
|
41
|
-
### Authentication
|
42
|
-
If you already have a token from another source, you can enter it in the config and skip this section.
|
43
23
|
|
44
|
-
|
45
|
-
|
46
|
-
|
47
|
-
|
48
|
-
|
49
|
-
|
50
|
-
api.authenticate('abc123', '123456')
|
51
|
-
```
|
24
|
+
```ruby
|
25
|
+
require 'storedsafe'
|
26
|
+
api = StoredSafe.configure do |config|
|
27
|
+
config.host = 'my.site.com'
|
28
|
+
config.apikey = 'my-api-key'
|
29
|
+
end
|
52
30
|
|
53
|
-
|
54
|
-
|
55
|
-
api.
|
31
|
+
# Auth
|
32
|
+
api.login_totp('username', 'passphrase', 'otp')
|
33
|
+
api.login_yubikey('username', 'passphrase', 'otp')
|
34
|
+
api.logout()
|
35
|
+
api.check()
|
36
|
+
|
37
|
+
# Vaults
|
38
|
+
api.list_vaults()
|
39
|
+
api.vault_objects(vault_id)
|
40
|
+
api.vault_members(vault_id)
|
41
|
+
api.create_vault(**args) # See parameters in API documentation
|
42
|
+
api.edit_vault(vault_id, **args)
|
43
|
+
api.delete_vault(vault_id)
|
44
|
+
|
45
|
+
# Objects
|
46
|
+
api.get_object(object_id) # String or integer
|
47
|
+
api.get_object(object_id, children=True) # children False by default
|
48
|
+
api.decrypt_object(object_id)
|
49
|
+
api.create_object(**args)
|
50
|
+
api.edit_object(object_id, **args)
|
51
|
+
api.delete_object(object_id)
|
52
|
+
|
53
|
+
# Users
|
54
|
+
api.list_users() # List all users
|
55
|
+
api.list_users(user_id) # List specific user
|
56
|
+
api.list_users(search_string) # Search for any user matching search_string
|
57
|
+
api.create_user(**args)
|
58
|
+
api.edit_user(user_id, **args)
|
59
|
+
api.delete_user(user_id)
|
60
|
+
|
61
|
+
# Utils
|
62
|
+
api.status_values()
|
63
|
+
api.password_policies()
|
64
|
+
api.version()
|
65
|
+
api.generate_password() # Use vault policy
|
66
|
+
api.generate_password(**args)
|
56
67
|
```
|
57
68
|
|
58
|
-
### Vaults
|
59
|
-
* list\_vaults
|
60
|
-
* list\_objects(vault\_id)
|
61
|
-
* create\_vault(groupname, policy, description)
|
62
|
-
* edit\_vault(vault\_id, { groupname, policy, description })
|
63
|
-
* delete\_vault(vault\_id)
|
64
|
-
|
65
|
-
### Templates
|
66
|
-
* list\_templates
|
67
|
-
* retrieve\_template(template\_id)
|
68
|
-
|
69
|
-
### Objects
|
70
|
-
* object(object\_id, decrypt: false, children: false)
|
71
|
-
* create\_object(template\_id, group\_id, parent\_id, object\_name, template\_args)
|
72
|
-
* edit\_object(object\_id, template\_id, group\_id, parent\_id, object\_name, template\_args)
|
73
|
-
* delete\_object(object\_id)
|
74
|
-
* find(needle)
|
75
69
|
|
76
70
|
## Configuration
|
77
|
-
Configuration can be done in a few different ways. Other than the manual configuration, external configuration sources can be applied through the *config\_sources* array. This array contains Ruby Hashes with the fields that should be applied to the `
|
71
|
+
Configuration can be done in a few different ways. Other than the manual configuration, external configuration sources can be applied through the *config\_sources* array. This array contains Ruby Hashes with the fields that should be applied to the `StoredSafe::Config::Configurable` instance. By default fetch configurations through the `StoredSafe::Config::RcReader` and `StoredSafe::Config::EnvReader`.
|
78
72
|
|
79
73
|
The order of priority between these different configuration sources are:
|
80
74
|
1. Manual Configuration
|
81
75
|
2. Built-in defaults
|
82
76
|
3. Elements in the config\_sources array in order of appearance
|
83
77
|
|
84
|
-
The **RcReader** will extract a configuration hash from a file (default is ~/.storedsafe-client.rc) which is generated by the [
|
78
|
+
The **RcReader** will extract a configuration hash from a file (default is ~/.storedsafe-client.rc) which is generated by the [StoredSafe Tokenhandler](https://github.com/storedsafe/tokenhandler).
|
85
79
|
|
86
80
|
The **EnvReader** will extract a configuration hash from environment variables. By default these variables are `STOREDSAFE_SERVER`, `STOREDSAFE_TOKEN`, `STOREDSAFE_CABUNDLE` and `STOREDSAFE_SKIP_VERIFY`.
|
87
81
|
|
88
82
|
To disable all external configuration sources such as the rc-file and environment vairables, set the *config\_sources* option to an empty array.
|
89
83
|
```
|
90
|
-
api =
|
84
|
+
api = StoredSafe.configure do |config|
|
91
85
|
config.config_sources = []
|
92
86
|
...
|
93
87
|
end
|
@@ -96,10 +90,10 @@ end
|
|
96
90
|
If you want to add your own configurations, simply add them to the config\_sources array.
|
97
91
|
```
|
98
92
|
def fetch_password(options, obj_id)
|
99
|
-
api =
|
93
|
+
api = StoredSafe.configure do |config|
|
100
94
|
config.config_sources = [
|
101
95
|
options,
|
102
|
-
|
96
|
+
StoredSafe::Config::RcReader.parse_file('/path/to/.storedsafe-client.rc'),
|
103
97
|
]
|
104
98
|
end
|
105
99
|
api.object(obj_id, true)
|
data/lib/storedsafe.rb
CHANGED
@@ -1,19 +1,19 @@
|
|
1
1
|
# frozen_string_literal: true
|
2
|
+
|
2
3
|
require 'storedsafe/api'
|
3
4
|
require 'storedsafe/config'
|
4
5
|
require 'storedsafe/parser'
|
5
6
|
|
6
7
|
##
|
7
|
-
# Ruby wrapper for the
|
8
|
-
module
|
9
|
-
VERSION = '0.0
|
8
|
+
# Ruby wrapper for the StoredSafe RESTlike API.
|
9
|
+
module StoredSafe
|
10
|
+
VERSION = '1.0.0'
|
10
11
|
|
11
12
|
class << self
|
12
|
-
|
13
13
|
##
|
14
|
-
# Set up a new API instance configured to communicate with your
|
14
|
+
# Set up a new API instance configured to communicate with your StoredSafe
|
15
15
|
# server.
|
16
|
-
# @see
|
16
|
+
# @see StoredSafe::Config::Configurable for more information about the
|
17
17
|
# available fields for configuration.
|
18
18
|
def configure
|
19
19
|
API.new do |api|
|
data/lib/storedsafe/api.rb
CHANGED
@@ -10,29 +10,23 @@ require_relative 'api/auth'
|
|
10
10
|
require_relative 'api/objects'
|
11
11
|
require_relative 'api/vaults'
|
12
12
|
require_relative 'api/templates'
|
13
|
+
require_relative 'api/users'
|
14
|
+
require_relative 'api/misc'
|
13
15
|
|
14
|
-
module
|
16
|
+
module StoredSafe
|
15
17
|
class ConnectionError < StandardError
|
16
18
|
end
|
17
19
|
|
18
20
|
##
|
19
21
|
# Contains all interaction and configuration relating to the remote API.
|
20
22
|
class API
|
21
|
-
include
|
22
|
-
|
23
|
-
##
|
24
|
-
# Supported Login Types
|
25
|
-
module LoginType
|
26
|
-
YUBIKEY = 'yubikey' # HOTP with Yubico YubiKey device
|
27
|
-
TOTP = 'totp' # Time-Based OTP using Authenticator
|
28
|
-
SMARTCARD = 'smc_rest' # Smartcard
|
29
|
-
end
|
23
|
+
include StoredSafe::Config::Configurable
|
30
24
|
|
31
25
|
##
|
32
26
|
# Creates a new API handler with the passed configuration,
|
33
27
|
# then allocates remaining uninitialized values with values from
|
34
28
|
# alternate sources.
|
35
|
-
# @see
|
29
|
+
# @see StoredSafe::Config
|
36
30
|
def initialize
|
37
31
|
yield self
|
38
32
|
Config.apply(self)
|
@@ -40,26 +34,52 @@ module Storedsafe
|
|
40
34
|
|
41
35
|
private
|
42
36
|
|
37
|
+
def create_headers
|
38
|
+
{ 'X-Http-Token': @token }
|
39
|
+
end
|
40
|
+
|
41
|
+
def request_auth(**params)
|
42
|
+
request(
|
43
|
+
:post, '/auth',
|
44
|
+
apikey: @apikey, **params
|
45
|
+
)
|
46
|
+
end
|
47
|
+
|
48
|
+
def request_get(path, **params)
|
49
|
+
request(:get, path, params, create_headers)
|
50
|
+
end
|
51
|
+
|
52
|
+
def request_post(path, **params)
|
53
|
+
request(:post, path, params, create_headers)
|
54
|
+
end
|
55
|
+
|
56
|
+
def request_put(path, **params)
|
57
|
+
request(:put, path, params, create_headers)
|
58
|
+
end
|
59
|
+
|
60
|
+
def request_delete(path, **params)
|
61
|
+
request(:delete, path, params, create_headers)
|
62
|
+
end
|
63
|
+
|
43
64
|
##
|
44
65
|
# Sends a request to the StoredSafe API.
|
45
66
|
# @param [String] method HTTP method used for request.
|
46
67
|
# @param [String] path Endpoint path relative to the API
|
47
68
|
# root on the server.
|
48
69
|
# @param [Hash] params Data to be sent with the request.
|
49
|
-
def request(method, path, params)
|
50
|
-
url = "https://#{@
|
70
|
+
def request(method, path, params, headers = {})
|
71
|
+
url = "https://#{@host}/api/#{@version}#{path}"
|
51
72
|
uri = URI.parse(url)
|
52
73
|
http = Net::HTTP.new(uri.host, uri.port)
|
53
74
|
http.use_ssl = true
|
54
75
|
|
55
76
|
assign_verify_mode(http)
|
56
|
-
request = create_request(method, uri, params)
|
77
|
+
request = create_request(method, uri, params, headers)
|
57
78
|
|
58
79
|
res = http.request(request) if request
|
59
80
|
parse_body(res)
|
60
|
-
|
61
81
|
rescue SocketError => e
|
62
|
-
raise ConnectionError
|
82
|
+
raise ConnectionError, e.message
|
63
83
|
end
|
64
84
|
|
65
85
|
def assign_verify_mode(http)
|
@@ -72,43 +92,43 @@ module Storedsafe
|
|
72
92
|
end
|
73
93
|
end
|
74
94
|
|
75
|
-
def create_request(method, uri, params)
|
95
|
+
def create_request(method, uri, params, headers)
|
76
96
|
case method
|
77
97
|
when :get
|
78
|
-
create_get_request(uri, params)
|
98
|
+
create_get_request(uri, params, headers)
|
79
99
|
when :post
|
80
|
-
create_post_request(uri, params)
|
100
|
+
create_post_request(uri, params, headers)
|
81
101
|
when :delete
|
82
|
-
create_delete_request(uri, params)
|
102
|
+
create_delete_request(uri, params, headers)
|
83
103
|
when :put
|
84
|
-
create_put_request(uri, params)
|
104
|
+
create_put_request(uri, params, headers)
|
85
105
|
end
|
86
106
|
end
|
87
107
|
|
88
|
-
def create_get_request(uri, params)
|
108
|
+
def create_get_request(uri, params, headers)
|
89
109
|
uri.query = URI.encode_www_form(params)
|
90
|
-
request = Net::HTTP::Get.new(uri)
|
110
|
+
request = Net::HTTP::Get.new(uri, headers)
|
91
111
|
request
|
92
112
|
end
|
93
113
|
|
94
|
-
def create_delete_request(uri, params)
|
95
|
-
headers
|
96
|
-
request
|
97
|
-
request.body
|
114
|
+
def create_delete_request(uri, params, headers)
|
115
|
+
headers = { 'Content-Type': 'application/json', **headers }
|
116
|
+
request = Net::HTTP::Delete.new(uri, headers)
|
117
|
+
request.body = params.to_json
|
98
118
|
request
|
99
119
|
end
|
100
120
|
|
101
|
-
def create_post_request(uri, params)
|
102
|
-
headers
|
103
|
-
request
|
104
|
-
request.body
|
121
|
+
def create_post_request(uri, params, headers)
|
122
|
+
headers = { 'Content-Type': 'application/json', **headers }
|
123
|
+
request = Net::HTTP::Post.new(uri, headers)
|
124
|
+
request.body = params.to_json
|
105
125
|
request
|
106
126
|
end
|
107
127
|
|
108
|
-
def create_put_request(uri, params)
|
109
|
-
headers
|
110
|
-
request
|
111
|
-
request.body
|
128
|
+
def create_put_request(uri, params, headers)
|
129
|
+
headers = { 'Content-Type': 'application/json', **headers }
|
130
|
+
request = Net::HTTP::Put.new(uri, headers)
|
131
|
+
request.body = params.to_json
|
112
132
|
request
|
113
133
|
end
|
114
134
|
|
data/lib/storedsafe/api/auth.rb
CHANGED
@@ -1,37 +1,35 @@
|
|
1
1
|
# frozen_string_literal: true
|
2
2
|
|
3
|
-
module
|
3
|
+
module StoredSafe
|
4
4
|
##
|
5
5
|
# Handles API requests to the /auth path.
|
6
6
|
class API
|
7
7
|
##
|
8
8
|
# Authenticates a user with a Yubico OTP.
|
9
|
+
# @param [String] username
|
9
10
|
# @param [String] passphrase
|
10
11
|
# @param [String] otp Yubikey press
|
11
12
|
# @see authenticate Authentication with other OTP types.
|
12
|
-
def
|
13
|
-
data =
|
14
|
-
:
|
15
|
-
|
13
|
+
def login_yubikey(username, passphrase, otp)
|
14
|
+
data = request_auth(
|
15
|
+
username: username,
|
16
|
+
keys: "#{passphrase}#{@apikey}#{otp}"
|
16
17
|
)
|
17
18
|
@token = data['CALLINFO']['token']
|
18
19
|
data
|
19
20
|
end
|
20
21
|
|
21
22
|
##
|
22
|
-
# Authenticates a user
|
23
|
+
# Authenticates a user using TOTP.
|
24
|
+
# @param [String] username
|
23
25
|
# @param [String] passphrase
|
24
26
|
# @param [String] otp One-time password
|
25
|
-
|
26
|
-
|
27
|
-
|
28
|
-
|
29
|
-
|
30
|
-
|
31
|
-
data = request(
|
32
|
-
:post, '/auth',
|
33
|
-
username: @username, passphrase: passphrase, otp: otp,
|
34
|
-
apikey: @api_key, logintype: logintype
|
27
|
+
def login_totp(username, passphrase, otp)
|
28
|
+
data = request_auth(
|
29
|
+
username: username,
|
30
|
+
passphrase: passphrase,
|
31
|
+
otp: otp,
|
32
|
+
logintype: 'totp'
|
35
33
|
)
|
36
34
|
@token = data['CALLINFO']['token']
|
37
35
|
data
|
@@ -40,7 +38,7 @@ module Storedsafe
|
|
40
38
|
##
|
41
39
|
# Invalidates the token.
|
42
40
|
def logout
|
43
|
-
data =
|
41
|
+
data = request_get('/auth/logout')
|
44
42
|
@token = nil if data['CALLINFO']['status'] == 'SUCCESS'
|
45
43
|
data
|
46
44
|
end
|
@@ -49,7 +47,7 @@ module Storedsafe
|
|
49
47
|
# Checks whether or not the token is valid and refreshes the
|
50
48
|
# timeout for that token if valid.
|
51
49
|
def check
|
52
|
-
|
50
|
+
request_get('/auth/check')
|
53
51
|
end
|
54
52
|
end
|
55
53
|
end
|
@@ -0,0 +1,31 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
module StoredSafe
|
4
|
+
##
|
5
|
+
# Handles API requests to the /auth path.
|
6
|
+
class API
|
7
|
+
##
|
8
|
+
# Request a list of all available capabilities and permission bits.
|
9
|
+
def status_values
|
10
|
+
request_get('/utils/statusvalues')
|
11
|
+
end
|
12
|
+
|
13
|
+
##
|
14
|
+
# Request a list of all available password policies.
|
15
|
+
def password_policies
|
16
|
+
request_get('/utils/policies')
|
17
|
+
end
|
18
|
+
|
19
|
+
##
|
20
|
+
# Request the version of the StoredSafe server.
|
21
|
+
def version
|
22
|
+
request_get('/utils/version')
|
23
|
+
end
|
24
|
+
|
25
|
+
##
|
26
|
+
# Request a password generated with the passed settings.
|
27
|
+
def generate_password(**args)
|
28
|
+
request_get('/utils/pwgen', **args)
|
29
|
+
end
|
30
|
+
end
|
31
|
+
end
|
@@ -1,79 +1,53 @@
|
|
1
1
|
# frozen_string_literal: true
|
2
2
|
|
3
|
-
module
|
3
|
+
module StoredSafe
|
4
4
|
##
|
5
5
|
# Handles API requests to the /object path.
|
6
6
|
class API
|
7
|
-
|
7
|
+
##
|
8
|
+
# Lists all information regarding an object and optionally lists children
|
9
|
+
# of the object.
|
10
|
+
# @param [Integer] object_id
|
11
|
+
# @param [Boolean] include_children=false List object children
|
12
|
+
def get_object(object_id, include_children = false)
|
13
|
+
request_get("/object/#{object_id}", children: include_children)
|
14
|
+
end
|
8
15
|
|
9
16
|
##
|
10
|
-
# Lists all information regarding an object
|
11
|
-
#
|
17
|
+
# Lists all information regarding an object, including decrypted
|
18
|
+
# information.
|
12
19
|
# @param [Integer] object_id
|
13
|
-
|
14
|
-
|
15
|
-
# @option options [Boolean] :children (false)
|
16
|
-
def object(object_id, options = {})
|
17
|
-
decrypt = options.fetch(:decrypt, false)
|
18
|
-
children = options.fetch(:children, false)
|
19
|
-
request(
|
20
|
-
:get, "/object/#{object_id}",
|
21
|
-
token: @token, decrypt: decrypt, children: children
|
22
|
-
)
|
20
|
+
def decrypt_object(object_id)
|
21
|
+
request_get("/object/#{object_id}", decrypt: true)
|
23
22
|
end
|
24
23
|
|
25
24
|
##
|
26
25
|
# Creates a new object in an existing vault.
|
27
|
-
# @param [
|
28
|
-
|
29
|
-
|
30
|
-
# @param [String] object_name
|
31
|
-
# @param [Hash] template_args See Storedsafe::API#list_templates.
|
32
|
-
def create_object(
|
33
|
-
template_id, group_id, parent_id, object_name, template_args
|
34
|
-
)
|
35
|
-
request(
|
36
|
-
:post, '/object', {
|
37
|
-
token: @token, templateid: template_id, groupid: group_id,
|
38
|
-
parentid: parent_id, objectname: object_name
|
39
|
-
}.merge(template_args)
|
40
|
-
)
|
26
|
+
# @param [Hash] args (See API documentation)
|
27
|
+
def create_object(**args)
|
28
|
+
request_post('/object', **args)
|
41
29
|
end
|
42
30
|
|
43
31
|
##
|
44
32
|
# Edits an existing object.
|
45
33
|
# @param [Integer] object_id Object to edit.
|
46
|
-
# @param [
|
47
|
-
|
48
|
-
|
49
|
-
# @param [String] object_name New Object name.
|
50
|
-
# @param [Hash] template_args New Object values,
|
51
|
-
# see Storedsafe::API#list_templates.
|
52
|
-
def edit_object(
|
53
|
-
object_id, template_id, group_id, parent_id, object_name, template_args
|
54
|
-
)
|
55
|
-
request(
|
56
|
-
:put, "/object/#{object_id}", {
|
57
|
-
token: @token, templateid: template_id, groupid: group_id,
|
58
|
-
parentid: parent_id, objectname: object_name
|
59
|
-
}.merge(template_args)
|
60
|
-
)
|
34
|
+
# @param [Hash] args (See API documentation)
|
35
|
+
def edit_object(object_id, **args)
|
36
|
+
request_put("/object/#{object_id}", **args)
|
61
37
|
end
|
62
38
|
|
63
39
|
##
|
64
40
|
# Deletes an existing object.
|
65
41
|
# @param [Integer] object_id
|
66
42
|
def delete_object(object_id)
|
67
|
-
|
43
|
+
request_delete("/object/#{object_id}")
|
68
44
|
end
|
69
45
|
|
70
46
|
##
|
71
47
|
# Search in unencrypted data to find Objects.
|
72
48
|
# @param [String] needle String to match Objects with.
|
73
49
|
def find(needle)
|
74
|
-
|
50
|
+
request_get('/find', needle: needle)
|
75
51
|
end
|
76
|
-
|
77
|
-
# rubocop:enable Metrics/ParameterLists
|
78
52
|
end
|
79
53
|
end
|
@@ -1,21 +1,20 @@
|
|
1
1
|
# frozen_string_literal: true
|
2
2
|
|
3
|
-
module
|
3
|
+
module StoredSafe
|
4
4
|
##
|
5
5
|
# Handles API requests to the /template path.
|
6
6
|
class API
|
7
7
|
##
|
8
8
|
# Obtains a list with information about all available templates.
|
9
9
|
def list_templates
|
10
|
-
|
10
|
+
request_get('/template')
|
11
11
|
end
|
12
12
|
|
13
13
|
##
|
14
14
|
# Obtains information about the specified template.
|
15
15
|
# @param [Integer] template_id
|
16
|
-
|
17
|
-
|
18
|
-
request(:get, "/template/#{template_id}", token: @token)
|
16
|
+
def get_template(template_id)
|
17
|
+
request_get("/template/#{template_id}")
|
19
18
|
end
|
20
19
|
end
|
21
20
|
end
|
@@ -0,0 +1,33 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
module StoredSafe
|
4
|
+
##
|
5
|
+
# Handles API requests to the /auth path.
|
6
|
+
class API
|
7
|
+
##
|
8
|
+
# Request list of all users or any users matching search string.
|
9
|
+
def list_users(search_string = nil)
|
10
|
+
return request_get('/user') if search_string.nil?
|
11
|
+
|
12
|
+
request_get('/user', searchstring: search_string)
|
13
|
+
end
|
14
|
+
|
15
|
+
##
|
16
|
+
# Request the creation of a new user.
|
17
|
+
def create_user(**args)
|
18
|
+
request_post('/user', **args)
|
19
|
+
end
|
20
|
+
|
21
|
+
##
|
22
|
+
# Request the creation of a new user."""
|
23
|
+
def edit_user(user_id, **args)
|
24
|
+
request_put("/user/#{user_id}", **args)
|
25
|
+
end
|
26
|
+
|
27
|
+
##
|
28
|
+
# Request the creation of a new user."""
|
29
|
+
def delete_user(user_id)
|
30
|
+
request_delete("/user/#{user_id}")
|
31
|
+
end
|
32
|
+
end
|
33
|
+
end
|
@@ -1,21 +1,58 @@
|
|
1
1
|
# frozen_string_literal: true
|
2
2
|
|
3
|
-
module
|
3
|
+
module StoredSafe
|
4
4
|
##
|
5
5
|
# Handles API requests to the /vault path.
|
6
6
|
class API
|
7
7
|
##
|
8
8
|
# Lists all Vaults associated with the logged in user.
|
9
9
|
def list_vaults
|
10
|
-
|
10
|
+
request_get('/vault')
|
11
11
|
end
|
12
12
|
|
13
13
|
##
|
14
14
|
# Lists all objects within the specified Vault.
|
15
15
|
# @param [Integer] vault_id
|
16
16
|
# @see list_vaults
|
17
|
-
def
|
18
|
-
|
17
|
+
def vault_objects(vault_id)
|
18
|
+
request_get("/vault/#{vault_id}")
|
19
|
+
end
|
20
|
+
|
21
|
+
##
|
22
|
+
# Lists all members with access to the specified Vault.
|
23
|
+
# @param [Integer] vault_id
|
24
|
+
# @see list_vaults
|
25
|
+
def vault_members(vault_id)
|
26
|
+
request_get("/vault/#{vault_id}/members")
|
27
|
+
end
|
28
|
+
|
29
|
+
##
|
30
|
+
# Add a member to the specified Vault.
|
31
|
+
# @param [Integer] vault_id
|
32
|
+
# @param [Integer] user_id
|
33
|
+
# @param [Integer] status
|
34
|
+
# @see list_vaults
|
35
|
+
def add_vault_member(vault_id, user_id, status)
|
36
|
+
request_post("/vault/#{vault_id}/member/#{user_id}", status: status)
|
37
|
+
end
|
38
|
+
|
39
|
+
##
|
40
|
+
# Edit a member's privileges in the specified Vault.
|
41
|
+
# @param [Integer] vault_id
|
42
|
+
# @param [Integer] user_id
|
43
|
+
# @param [Integer] status
|
44
|
+
# @see list_vaults
|
45
|
+
def edit_vault_member(vault_id, user_id, status)
|
46
|
+
request_put("/vault/#{vault_id}/member/#{user_id}", status: status)
|
47
|
+
end
|
48
|
+
|
49
|
+
##
|
50
|
+
# Remove a member from the specified Vault.
|
51
|
+
# @param [Integer] vault_id
|
52
|
+
# @param [Integer] user_id
|
53
|
+
# @see list_vaults
|
54
|
+
def remove_vault_member(vault_id, user_id)
|
55
|
+
request_delete("/vault/#{vault_id}/member/#{user_id}")
|
19
56
|
end
|
20
57
|
|
21
58
|
##
|
@@ -24,24 +61,18 @@ module Storedsafe
|
|
24
61
|
# @param [String] groupname Name of Vault.
|
25
62
|
# @param [Integer] policy Password policy.
|
26
63
|
# @param [String] description
|
27
|
-
|
28
|
-
|
29
|
-
|
30
|
-
token: @token,
|
31
|
-
groupname: groupname, policy: policy, description: description
|
32
|
-
)
|
64
|
+
# @param [Hash] args (See API documentation)
|
65
|
+
def create_vault(**args)
|
66
|
+
request_post('/vault', **args)
|
33
67
|
end
|
34
68
|
|
35
69
|
##
|
36
70
|
# Changes information about an existing Vault using the optional
|
37
71
|
# parameters passed in the last argument Hash.
|
38
72
|
# @param [Integer] vault_id
|
39
|
-
# @param [Hash] args
|
40
|
-
|
41
|
-
|
42
|
-
# @option args [String] description New Vault description.
|
43
|
-
def edit_vault(vault_id, args)
|
44
|
-
request(:put, "/vault/#{vault_id}", { token: @token }.merge(args))
|
73
|
+
# @param [Hash] args (See API documentation)
|
74
|
+
def edit_vault(vault_id, **args)
|
75
|
+
request_put("/vault/#{vault_id}", **args)
|
45
76
|
end
|
46
77
|
|
47
78
|
##
|
@@ -51,7 +82,7 @@ module Storedsafe
|
|
51
82
|
# specified Vault.
|
52
83
|
# @param [Integer] vault_id
|
53
84
|
def delete_vault(vault_id)
|
54
|
-
|
85
|
+
request_delete("/vault/#{vault_id}")
|
55
86
|
end
|
56
87
|
end
|
57
88
|
end
|
data/lib/storedsafe/config.rb
CHANGED
@@ -6,11 +6,11 @@ require_relative 'config/configurable'
|
|
6
6
|
require_relative 'config/rc_reader'
|
7
7
|
require_relative 'config/env_reader'
|
8
8
|
|
9
|
-
module
|
9
|
+
module StoredSafe
|
10
10
|
##
|
11
11
|
# Contains modules and classes related to parsing configuration sources and
|
12
12
|
# merging said configurations into an object including the Configurable mixin.
|
13
|
-
# @see
|
13
|
+
# @see StoredSafe::Config::Configurable for more information about the
|
14
14
|
# available fields for configuration.
|
15
15
|
module Config
|
16
16
|
# Default configuration values
|
@@ -19,14 +19,14 @@ module Storedsafe
|
|
19
19
|
RcReader.parse_file,
|
20
20
|
EnvReader.parse_env
|
21
21
|
],
|
22
|
-
|
22
|
+
version: '1.0',
|
23
23
|
parser: Parser::RawParser
|
24
24
|
}.freeze
|
25
25
|
|
26
26
|
##
|
27
27
|
# Allocate uninitialized values in a configurable object with
|
28
28
|
# values from environment variables or an RC-file.
|
29
|
-
# @param [
|
29
|
+
# @param [StoredSafe::Config::Configurable] configurable
|
30
30
|
def self.apply(configurable)
|
31
31
|
apply_config(configurable, DEFAULTS)
|
32
32
|
|
@@ -1,13 +1,13 @@
|
|
1
1
|
# frozen_string_literal: true
|
2
2
|
|
3
|
-
module
|
3
|
+
module StoredSafe
|
4
4
|
module Config
|
5
5
|
##
|
6
|
-
# Set up fields needed for configuration of
|
6
|
+
# Set up fields needed for configuration of StoredSafe connection.
|
7
7
|
module Configurable
|
8
8
|
attr_accessor(
|
9
|
-
:
|
10
|
-
:
|
9
|
+
:host, :token, :ca_bundle, :skip_verify,
|
10
|
+
:config_sources, :apikey, :version, :parser
|
11
11
|
)
|
12
12
|
end
|
13
13
|
end
|
@@ -1,6 +1,6 @@
|
|
1
1
|
# frozen_string_literal: true
|
2
2
|
|
3
|
-
module
|
3
|
+
module StoredSafe
|
4
4
|
module Config
|
5
5
|
##
|
6
6
|
# Reads configuration items from environment variables.
|
@@ -12,7 +12,7 @@ module Storedsafe
|
|
12
12
|
# @param [Hash] fields Mapping from configuration field to environment
|
13
13
|
# variable name.
|
14
14
|
def parse_env(fields = {
|
15
|
-
|
15
|
+
host: 'STOREDSAFE_SERVER',
|
16
16
|
token: 'STOREDSAFE_TOKEN',
|
17
17
|
ca_bundle: 'STOREDSAFE_CABUNDLE',
|
18
18
|
skip_verify: 'STOREDSAFE_SKIP_VERIFY'
|
@@ -1,6 +1,6 @@
|
|
1
1
|
# frozen_string_literal: true
|
2
2
|
|
3
|
-
module
|
3
|
+
module StoredSafe
|
4
4
|
module Config
|
5
5
|
##
|
6
6
|
# Reads configuration items from rc file.
|
@@ -30,12 +30,10 @@ module Storedsafe
|
|
30
30
|
case key
|
31
31
|
when 'token'
|
32
32
|
config[:token] = val
|
33
|
-
when 'username'
|
34
|
-
config[:username] = val
|
35
33
|
when 'apikey'
|
36
|
-
config[:
|
34
|
+
config[:apikey] = val
|
37
35
|
when 'mysite'
|
38
|
-
config[:
|
36
|
+
config[:host] = val
|
39
37
|
end
|
40
38
|
end
|
41
39
|
end
|
data/lib/storedsafe/parser.rb
CHANGED
@@ -1,8 +1,8 @@
|
|
1
1
|
# frozen_string_literal: true
|
2
2
|
|
3
|
-
module
|
3
|
+
module StoredSafe
|
4
4
|
##
|
5
|
-
# Methods and modules used to parse responses from the
|
5
|
+
# Methods and modules used to parse responses from the StoredSafe API.
|
6
6
|
module Parser
|
7
7
|
require_relative 'parser/raw_parser'
|
8
8
|
end
|
@@ -2,14 +2,14 @@
|
|
2
2
|
|
3
3
|
require 'json'
|
4
4
|
|
5
|
-
module
|
5
|
+
module StoredSafe
|
6
6
|
module Parser
|
7
7
|
##
|
8
|
-
# Transparent parser for the
|
8
|
+
# Transparent parser for the StoredSafe API.
|
9
9
|
module RawParser
|
10
10
|
class << self
|
11
11
|
##
|
12
|
-
# Transparently parses the
|
12
|
+
# Transparently parses the StoredSafe API response into a ruby Hash.
|
13
13
|
# @return [Hash]
|
14
14
|
def parse_response(res)
|
15
15
|
JSON.parse(res)
|
metadata
CHANGED
@@ -1,15 +1,85 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: storedsafe
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.0
|
4
|
+
version: 1.0.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Oscar Mattsson
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date:
|
12
|
-
dependencies:
|
11
|
+
date: 2020-08-07 00:00:00.000000000 Z
|
12
|
+
dependencies:
|
13
|
+
- !ruby/object:Gem::Dependency
|
14
|
+
name: bundler
|
15
|
+
requirement: !ruby/object:Gem::Requirement
|
16
|
+
requirements:
|
17
|
+
- - "~>"
|
18
|
+
- !ruby/object:Gem::Version
|
19
|
+
version: '2.0'
|
20
|
+
type: :development
|
21
|
+
prerelease: false
|
22
|
+
version_requirements: !ruby/object:Gem::Requirement
|
23
|
+
requirements:
|
24
|
+
- - "~>"
|
25
|
+
- !ruby/object:Gem::Version
|
26
|
+
version: '2.0'
|
27
|
+
- !ruby/object:Gem::Dependency
|
28
|
+
name: rspec
|
29
|
+
requirement: !ruby/object:Gem::Requirement
|
30
|
+
requirements:
|
31
|
+
- - "~>"
|
32
|
+
- !ruby/object:Gem::Version
|
33
|
+
version: '3.7'
|
34
|
+
type: :development
|
35
|
+
prerelease: false
|
36
|
+
version_requirements: !ruby/object:Gem::Requirement
|
37
|
+
requirements:
|
38
|
+
- - "~>"
|
39
|
+
- !ruby/object:Gem::Version
|
40
|
+
version: '3.7'
|
41
|
+
- !ruby/object:Gem::Dependency
|
42
|
+
name: rubocop
|
43
|
+
requirement: !ruby/object:Gem::Requirement
|
44
|
+
requirements:
|
45
|
+
- - "~>"
|
46
|
+
- !ruby/object:Gem::Version
|
47
|
+
version: 0.74.0
|
48
|
+
type: :development
|
49
|
+
prerelease: false
|
50
|
+
version_requirements: !ruby/object:Gem::Requirement
|
51
|
+
requirements:
|
52
|
+
- - "~>"
|
53
|
+
- !ruby/object:Gem::Version
|
54
|
+
version: 0.74.0
|
55
|
+
- !ruby/object:Gem::Dependency
|
56
|
+
name: sinatra
|
57
|
+
requirement: !ruby/object:Gem::Requirement
|
58
|
+
requirements:
|
59
|
+
- - "~>"
|
60
|
+
- !ruby/object:Gem::Version
|
61
|
+
version: '2.0'
|
62
|
+
type: :development
|
63
|
+
prerelease: false
|
64
|
+
version_requirements: !ruby/object:Gem::Requirement
|
65
|
+
requirements:
|
66
|
+
- - "~>"
|
67
|
+
- !ruby/object:Gem::Version
|
68
|
+
version: '2.0'
|
69
|
+
- !ruby/object:Gem::Dependency
|
70
|
+
name: webmock
|
71
|
+
requirement: !ruby/object:Gem::Requirement
|
72
|
+
requirements:
|
73
|
+
- - "~>"
|
74
|
+
- !ruby/object:Gem::Version
|
75
|
+
version: '3.4'
|
76
|
+
type: :development
|
77
|
+
prerelease: false
|
78
|
+
version_requirements: !ruby/object:Gem::Requirement
|
79
|
+
requirements:
|
80
|
+
- - "~>"
|
81
|
+
- !ruby/object:Gem::Version
|
82
|
+
version: '3.4'
|
13
83
|
description:
|
14
84
|
email: oscar_mattsson@live.se
|
15
85
|
executables: []
|
@@ -21,8 +91,10 @@ files:
|
|
21
91
|
- lib/storedsafe.rb
|
22
92
|
- lib/storedsafe/api.rb
|
23
93
|
- lib/storedsafe/api/auth.rb
|
94
|
+
- lib/storedsafe/api/misc.rb
|
24
95
|
- lib/storedsafe/api/objects.rb
|
25
96
|
- lib/storedsafe/api/templates.rb
|
97
|
+
- lib/storedsafe/api/users.rb
|
26
98
|
- lib/storedsafe/api/vaults.rb
|
27
99
|
- lib/storedsafe/config.rb
|
28
100
|
- lib/storedsafe/config/configurable.rb
|
@@ -30,7 +102,6 @@ files:
|
|
30
102
|
- lib/storedsafe/config/rc_reader.rb
|
31
103
|
- lib/storedsafe/parser.rb
|
32
104
|
- lib/storedsafe/parser/raw_parser.rb
|
33
|
-
- lib/storedsafe/version.rb
|
34
105
|
homepage: https://github.com/storedsafe/storedsafe-ruby
|
35
106
|
licenses:
|
36
107
|
- Apache-2.0
|
@@ -51,8 +122,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
51
122
|
- !ruby/object:Gem::Version
|
52
123
|
version: '0'
|
53
124
|
requirements: []
|
54
|
-
rubygems_version: 3.
|
125
|
+
rubygems_version: 3.1.2
|
55
126
|
signing_key:
|
56
127
|
specification_version: 4
|
57
|
-
summary: Storedsafe is a ruby
|
128
|
+
summary: The Storedsafe gem is a ruby interface for the Storedsafe REST-like API.
|
58
129
|
test_files: []
|
data/lib/storedsafe/version.rb
DELETED