sworn 0.0.2 → 0.0.3
Sign up to get free protection for your applications and to get access to all the features.
- data/lib/sworn.rb +2 -0
- data/lib/sworn/replay_protector/memory.rb +15 -0
- data/lib/sworn/replay_protector/redis.rb +28 -0
- data/lib/sworn/version.rb +1 -1
- data/spec/sworn/middleware_spec.rb +1 -6
- data/spec/sworn/replay_protector/memory_spec.rb +15 -0
- data/spec/sworn/replay_protector/redis_spec.rb +40 -0
- metadata +7 -1
data/lib/sworn.rb
CHANGED
@@ -0,0 +1,28 @@
|
|
1
|
+
module Sworn
|
2
|
+
module ReplayProtector
|
3
|
+
class Redis
|
4
|
+
def initialize(*args)
|
5
|
+
options, _ = args.flatten
|
6
|
+
@connection = options.fetch(:redis_connection)
|
7
|
+
end
|
8
|
+
|
9
|
+
def replayed?(oauth)
|
10
|
+
key = nonce_key(oauth)
|
11
|
+
|
12
|
+
return true if @connection.exists(key)
|
13
|
+
@connection.setex(key, Sworn.configuration.max_drift, 1)
|
14
|
+
|
15
|
+
false
|
16
|
+
end
|
17
|
+
|
18
|
+
private
|
19
|
+
|
20
|
+
def nonce_key(oauth)
|
21
|
+
timestamp = oauth.fetch(:timestamp)
|
22
|
+
nonce = oauth.fetch(:nonce)
|
23
|
+
|
24
|
+
"nonce:#{timestamp}:#{nonce}"
|
25
|
+
end
|
26
|
+
end
|
27
|
+
end
|
28
|
+
end
|
data/lib/sworn/version.rb
CHANGED
@@ -14,12 +14,7 @@ describe Sworn::Middleware do
|
|
14
14
|
config.consumers = { "consumer" => "consumersecret" }
|
15
15
|
config.tokens = { "token" => "tokensecret" }
|
16
16
|
config.max_drift = 30
|
17
|
-
config.replay_protector = Sworn::ReplayProtector::
|
18
|
-
@store ||= Set.new
|
19
|
-
return true if @store.include?(oauth)
|
20
|
-
@store << oauth
|
21
|
-
false
|
22
|
-
}
|
17
|
+
config.replay_protector = Sworn::ReplayProtector::Memory
|
23
18
|
end
|
24
19
|
|
25
20
|
Sworn::Middleware.new dummy_app
|
@@ -0,0 +1,15 @@
|
|
1
|
+
require 'spec_helper'
|
2
|
+
|
3
|
+
describe Sworn::ReplayProtector::Memory do
|
4
|
+
let(:memory) { Sworn::ReplayProtector::Memory.new }
|
5
|
+
describe "#replayed?" do
|
6
|
+
it "returns false for fresh tokens" do
|
7
|
+
expect(memory.replayed?("signature")).to be_false
|
8
|
+
end
|
9
|
+
|
10
|
+
it "returns true for replayed tokens" do
|
11
|
+
memory.replayed?("signature")
|
12
|
+
expect(memory.replayed?("signature")).to be_true
|
13
|
+
end
|
14
|
+
end
|
15
|
+
end
|
@@ -0,0 +1,40 @@
|
|
1
|
+
require 'spec_helper'
|
2
|
+
|
3
|
+
class DummyRedis
|
4
|
+
def initialize
|
5
|
+
@store = Hash.new
|
6
|
+
end
|
7
|
+
|
8
|
+
def exists(key)
|
9
|
+
@store.has_key?(key)
|
10
|
+
end
|
11
|
+
|
12
|
+
def setex(key, ttl, value)
|
13
|
+
raise 'ttl mismatch' unless ttl == Sworn.configuration.max_drift
|
14
|
+
@store[key] = [ttl, value]
|
15
|
+
end
|
16
|
+
end
|
17
|
+
|
18
|
+
describe Sworn::ReplayProtector::Redis do
|
19
|
+
let(:redis_protector) do
|
20
|
+
Sworn::ReplayProtector::Redis.new(:redis_connection => DummyRedis.new)
|
21
|
+
end
|
22
|
+
|
23
|
+
let(:signature) do
|
24
|
+
{
|
25
|
+
:timestamp => 123,
|
26
|
+
:nonce => "abc"
|
27
|
+
}
|
28
|
+
end
|
29
|
+
|
30
|
+
describe "#replayed?" do
|
31
|
+
it "returns false for fresh tokens" do
|
32
|
+
expect(redis_protector.replayed?(signature)).to be_false
|
33
|
+
end
|
34
|
+
|
35
|
+
it "returns true for replayed tokens" do
|
36
|
+
redis_protector.replayed?(signature)
|
37
|
+
expect(redis_protector.replayed?(signature)).to be_true
|
38
|
+
end
|
39
|
+
end
|
40
|
+
end
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: sworn
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.0.
|
4
|
+
version: 0.0.3
|
5
5
|
prerelease:
|
6
6
|
platform: ruby
|
7
7
|
authors:
|
@@ -124,10 +124,14 @@ files:
|
|
124
124
|
- lib/sworn/configuration.rb
|
125
125
|
- lib/sworn/middleware.rb
|
126
126
|
- lib/sworn/replay_protector/custom.rb
|
127
|
+
- lib/sworn/replay_protector/memory.rb
|
128
|
+
- lib/sworn/replay_protector/redis.rb
|
127
129
|
- lib/sworn/verifier.rb
|
128
130
|
- lib/sworn/version.rb
|
129
131
|
- spec/spec_helper.rb
|
130
132
|
- spec/sworn/middleware_spec.rb
|
133
|
+
- spec/sworn/replay_protector/memory_spec.rb
|
134
|
+
- spec/sworn/replay_protector/redis_spec.rb
|
131
135
|
- spec/sworn_spec.rb
|
132
136
|
- sworn.gemspec
|
133
137
|
homepage: ''
|
@@ -158,4 +162,6 @@ summary: Rack middleware for OAuth 1.0a signed requests
|
|
158
162
|
test_files:
|
159
163
|
- spec/spec_helper.rb
|
160
164
|
- spec/sworn/middleware_spec.rb
|
165
|
+
- spec/sworn/replay_protector/memory_spec.rb
|
166
|
+
- spec/sworn/replay_protector/redis_spec.rb
|
161
167
|
- spec/sworn_spec.rb
|