sworn 0.0.2 → 0.0.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- data/lib/sworn.rb +2 -0
- data/lib/sworn/replay_protector/memory.rb +15 -0
- data/lib/sworn/replay_protector/redis.rb +28 -0
- data/lib/sworn/version.rb +1 -1
- data/spec/sworn/middleware_spec.rb +1 -6
- data/spec/sworn/replay_protector/memory_spec.rb +15 -0
- data/spec/sworn/replay_protector/redis_spec.rb +40 -0
- metadata +7 -1
data/lib/sworn.rb
CHANGED
|
@@ -0,0 +1,28 @@
|
|
|
1
|
+
module Sworn
|
|
2
|
+
module ReplayProtector
|
|
3
|
+
class Redis
|
|
4
|
+
def initialize(*args)
|
|
5
|
+
options, _ = args.flatten
|
|
6
|
+
@connection = options.fetch(:redis_connection)
|
|
7
|
+
end
|
|
8
|
+
|
|
9
|
+
def replayed?(oauth)
|
|
10
|
+
key = nonce_key(oauth)
|
|
11
|
+
|
|
12
|
+
return true if @connection.exists(key)
|
|
13
|
+
@connection.setex(key, Sworn.configuration.max_drift, 1)
|
|
14
|
+
|
|
15
|
+
false
|
|
16
|
+
end
|
|
17
|
+
|
|
18
|
+
private
|
|
19
|
+
|
|
20
|
+
def nonce_key(oauth)
|
|
21
|
+
timestamp = oauth.fetch(:timestamp)
|
|
22
|
+
nonce = oauth.fetch(:nonce)
|
|
23
|
+
|
|
24
|
+
"nonce:#{timestamp}:#{nonce}"
|
|
25
|
+
end
|
|
26
|
+
end
|
|
27
|
+
end
|
|
28
|
+
end
|
data/lib/sworn/version.rb
CHANGED
|
@@ -14,12 +14,7 @@ describe Sworn::Middleware do
|
|
|
14
14
|
config.consumers = { "consumer" => "consumersecret" }
|
|
15
15
|
config.tokens = { "token" => "tokensecret" }
|
|
16
16
|
config.max_drift = 30
|
|
17
|
-
config.replay_protector = Sworn::ReplayProtector::
|
|
18
|
-
@store ||= Set.new
|
|
19
|
-
return true if @store.include?(oauth)
|
|
20
|
-
@store << oauth
|
|
21
|
-
false
|
|
22
|
-
}
|
|
17
|
+
config.replay_protector = Sworn::ReplayProtector::Memory
|
|
23
18
|
end
|
|
24
19
|
|
|
25
20
|
Sworn::Middleware.new dummy_app
|
|
@@ -0,0 +1,15 @@
|
|
|
1
|
+
require 'spec_helper'
|
|
2
|
+
|
|
3
|
+
describe Sworn::ReplayProtector::Memory do
|
|
4
|
+
let(:memory) { Sworn::ReplayProtector::Memory.new }
|
|
5
|
+
describe "#replayed?" do
|
|
6
|
+
it "returns false for fresh tokens" do
|
|
7
|
+
expect(memory.replayed?("signature")).to be_false
|
|
8
|
+
end
|
|
9
|
+
|
|
10
|
+
it "returns true for replayed tokens" do
|
|
11
|
+
memory.replayed?("signature")
|
|
12
|
+
expect(memory.replayed?("signature")).to be_true
|
|
13
|
+
end
|
|
14
|
+
end
|
|
15
|
+
end
|
|
@@ -0,0 +1,40 @@
|
|
|
1
|
+
require 'spec_helper'
|
|
2
|
+
|
|
3
|
+
class DummyRedis
|
|
4
|
+
def initialize
|
|
5
|
+
@store = Hash.new
|
|
6
|
+
end
|
|
7
|
+
|
|
8
|
+
def exists(key)
|
|
9
|
+
@store.has_key?(key)
|
|
10
|
+
end
|
|
11
|
+
|
|
12
|
+
def setex(key, ttl, value)
|
|
13
|
+
raise 'ttl mismatch' unless ttl == Sworn.configuration.max_drift
|
|
14
|
+
@store[key] = [ttl, value]
|
|
15
|
+
end
|
|
16
|
+
end
|
|
17
|
+
|
|
18
|
+
describe Sworn::ReplayProtector::Redis do
|
|
19
|
+
let(:redis_protector) do
|
|
20
|
+
Sworn::ReplayProtector::Redis.new(:redis_connection => DummyRedis.new)
|
|
21
|
+
end
|
|
22
|
+
|
|
23
|
+
let(:signature) do
|
|
24
|
+
{
|
|
25
|
+
:timestamp => 123,
|
|
26
|
+
:nonce => "abc"
|
|
27
|
+
}
|
|
28
|
+
end
|
|
29
|
+
|
|
30
|
+
describe "#replayed?" do
|
|
31
|
+
it "returns false for fresh tokens" do
|
|
32
|
+
expect(redis_protector.replayed?(signature)).to be_false
|
|
33
|
+
end
|
|
34
|
+
|
|
35
|
+
it "returns true for replayed tokens" do
|
|
36
|
+
redis_protector.replayed?(signature)
|
|
37
|
+
expect(redis_protector.replayed?(signature)).to be_true
|
|
38
|
+
end
|
|
39
|
+
end
|
|
40
|
+
end
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: sworn
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.0.
|
|
4
|
+
version: 0.0.3
|
|
5
5
|
prerelease:
|
|
6
6
|
platform: ruby
|
|
7
7
|
authors:
|
|
@@ -124,10 +124,14 @@ files:
|
|
|
124
124
|
- lib/sworn/configuration.rb
|
|
125
125
|
- lib/sworn/middleware.rb
|
|
126
126
|
- lib/sworn/replay_protector/custom.rb
|
|
127
|
+
- lib/sworn/replay_protector/memory.rb
|
|
128
|
+
- lib/sworn/replay_protector/redis.rb
|
|
127
129
|
- lib/sworn/verifier.rb
|
|
128
130
|
- lib/sworn/version.rb
|
|
129
131
|
- spec/spec_helper.rb
|
|
130
132
|
- spec/sworn/middleware_spec.rb
|
|
133
|
+
- spec/sworn/replay_protector/memory_spec.rb
|
|
134
|
+
- spec/sworn/replay_protector/redis_spec.rb
|
|
131
135
|
- spec/sworn_spec.rb
|
|
132
136
|
- sworn.gemspec
|
|
133
137
|
homepage: ''
|
|
@@ -158,4 +162,6 @@ summary: Rack middleware for OAuth 1.0a signed requests
|
|
|
158
162
|
test_files:
|
|
159
163
|
- spec/spec_helper.rb
|
|
160
164
|
- spec/sworn/middleware_spec.rb
|
|
165
|
+
- spec/sworn/replay_protector/memory_spec.rb
|
|
166
|
+
- spec/sworn/replay_protector/redis_spec.rb
|
|
161
167
|
- spec/sworn_spec.rb
|