tanker-core 4.1.0 → 4.2.0.alpha.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/tanker/c_tanker/c_future.rb +1 -1
- data/lib/tanker/c_tanker/c_http.rb +39 -8
- data/lib/tanker/c_tanker/c_verification.rb +57 -3
- data/lib/tanker/c_tanker/c_verification_method.rb +2 -0
- data/lib/tanker/c_tanker.rb +4 -0
- data/lib/tanker/core/http.rb +37 -14
- data/lib/tanker/core/session.rb +2 -0
- data/lib/tanker/core/verification.rb +30 -0
- data/lib/tanker/core/version.rb +1 -1
- data/vendor/tanker/darwin-aarch64/libctanker.dylib +0 -0
- data/vendor/tanker/darwin-x86_64/libctanker.dylib +0 -0
- data/vendor/tanker/linux-x86_64/libctanker.so +0 -0
- metadata +5 -5
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 7e2f9fa0aba3b29e9ef0345f227c6f42d1bd19a67310ac270907110b8a320ce7
|
4
|
+
data.tar.gz: e605b66a88ac7c7530be1d635ef461cbcbc32219c853f57d9a0c4fbf577c9717
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 2a6e9a052713c65f50126eb32094c532a6f065d6f4dc7aaf5e77bda9681e02312f3ef3a6f25d8cbee4bd563f7fb25b49b93c191a005295b4b43613f5e0551954
|
7
|
+
data.tar.gz: 2337e1564ce91d9fbeb304ce44f180ffc9502601bd8c6a0421c162048a416b3ea5f501d5817520b21d73094dca1ef4ce563677b5c8952d858239d6398e5fb0f6
|
@@ -6,44 +6,75 @@ module Tanker
|
|
6
6
|
module CTanker
|
7
7
|
extend FFI::Library
|
8
8
|
|
9
|
+
class CHttpRequestHeader < FFI::Struct
|
10
|
+
layout :name, :string,
|
11
|
+
:value, :string
|
12
|
+
end
|
13
|
+
|
9
14
|
class CHttpRequest < FFI::Struct
|
10
15
|
layout :method, :string,
|
11
16
|
:url, :string,
|
12
|
-
:
|
13
|
-
:
|
17
|
+
:headers, :pointer,
|
18
|
+
:num_headers, :int32,
|
14
19
|
:body, :pointer,
|
15
20
|
:body_size, :int32
|
16
21
|
end
|
17
22
|
|
23
|
+
class CHttpResponseHeader < FFI::Struct
|
24
|
+
layout :name, :pointer,
|
25
|
+
:value, :pointer
|
26
|
+
|
27
|
+
def initialize(name, value)
|
28
|
+
super()
|
29
|
+
|
30
|
+
@name = CTanker.new_cstring name
|
31
|
+
@value = CTanker.new_cstring value
|
32
|
+
|
33
|
+
self[:name] = @name
|
34
|
+
self[:value] = @value
|
35
|
+
end
|
36
|
+
end
|
37
|
+
|
18
38
|
class CHttpResponse < FFI::Struct
|
19
|
-
def self.new_ok(status_code:,
|
20
|
-
new nil, status_code,
|
39
|
+
def self.new_ok(status_code:, headers:, body:)
|
40
|
+
new nil, status_code, headers, body
|
21
41
|
end
|
22
42
|
|
23
43
|
def self.new_error(msg)
|
24
44
|
new msg, nil, nil, nil
|
25
45
|
end
|
26
46
|
|
27
|
-
def initialize(error_msg, status_code,
|
47
|
+
def initialize(error_msg, status_code, headers, body)
|
28
48
|
super()
|
29
49
|
|
30
50
|
if error_msg
|
31
51
|
@error_msg = CTanker.new_cstring(error_msg)
|
32
52
|
self[:error_msg] = @error_msg
|
33
53
|
else
|
34
|
-
|
54
|
+
raise TypeError, 'headers argument is not an Array[HttpHeader]' unless headers.is_a?(Array)
|
55
|
+
|
35
56
|
@body = FFI::MemoryPointer.from_string(body)
|
36
57
|
|
37
58
|
self[:error_msg] = nil
|
38
|
-
self[:
|
59
|
+
self[:num_headers] = headers.length
|
39
60
|
self[:body] = @body
|
40
61
|
self[:body_size] = body.bytesize
|
41
62
|
self[:status_code] = status_code
|
63
|
+
|
64
|
+
@headers = []
|
65
|
+
self[:headers] = FFI::MemoryPointer.new(CHttpResponseHeader, self[:num_headers])
|
66
|
+
headers.each_with_index do |header, idx|
|
67
|
+
@headers.push(CHttpResponseHeader.new(header.name, header.value))
|
68
|
+
# NOTE: memcopy
|
69
|
+
str = @headers[idx].pointer.read_bytes CHttpResponseHeader.size
|
70
|
+
self[:headers].put_bytes(idx * CHttpResponseHeader.size, str, 0, CHttpResponseHeader.size)
|
71
|
+
end
|
42
72
|
end
|
43
73
|
end
|
44
74
|
|
45
75
|
layout :error_msg, :pointer,
|
46
|
-
:
|
76
|
+
:headers, :pointer,
|
77
|
+
:num_headers, :int32,
|
47
78
|
:body, :pointer,
|
48
79
|
:body_size, :int64,
|
49
80
|
:status_code, :int32
|
@@ -42,6 +42,45 @@ module Tanker
|
|
42
42
|
end
|
43
43
|
end
|
44
44
|
|
45
|
+
class COIDCVerification < FFI::Struct
|
46
|
+
layout :version, :uint8,
|
47
|
+
:subject, :pointer,
|
48
|
+
:provider_id, :pointer
|
49
|
+
|
50
|
+
def initialize(subject, provider_id)
|
51
|
+
super()
|
52
|
+
|
53
|
+
# NOTE: Instance variables are required to keep the CStrings alive
|
54
|
+
@subject = CTanker.new_cstring subject
|
55
|
+
@provider_id = CTanker.new_cstring provider_id
|
56
|
+
|
57
|
+
self[:version] = 1
|
58
|
+
self[:subject] = @subject
|
59
|
+
self[:provider_id] = @provider_id
|
60
|
+
end
|
61
|
+
end
|
62
|
+
|
63
|
+
class COIDCAuthorizationCodeVerification < FFI::Struct
|
64
|
+
layout :version, :uint8,
|
65
|
+
:provider_id, :pointer,
|
66
|
+
:authorization_code, :pointer,
|
67
|
+
:state, :pointer
|
68
|
+
|
69
|
+
def initialize(provider_id, authorization_code, state)
|
70
|
+
super()
|
71
|
+
|
72
|
+
# NOTE: Instance variables are required to keep the CStrings alive
|
73
|
+
@provider_id = CTanker.new_cstring provider_id
|
74
|
+
@authorization_code = CTanker.new_cstring authorization_code
|
75
|
+
@state = CTanker.new_cstring state
|
76
|
+
|
77
|
+
self[:version] = 1
|
78
|
+
self[:provider_id] = @provider_id
|
79
|
+
self[:authorization_code] = @authorization_code
|
80
|
+
self[:state] = @state
|
81
|
+
end
|
82
|
+
end
|
83
|
+
|
45
84
|
class CVerification < FFI::Struct
|
46
85
|
layout :version, :uint8,
|
47
86
|
:type, :uint8,
|
@@ -52,7 +91,9 @@ module Tanker
|
|
52
91
|
:oidc_id_token, :pointer,
|
53
92
|
:phone_number_verification, CPhoneNumberVerification,
|
54
93
|
:preverified_email, :pointer,
|
55
|
-
:preverified_phone_number, :pointer
|
94
|
+
:preverified_phone_number, :pointer,
|
95
|
+
:preverified_oidc, COIDCVerification,
|
96
|
+
:oidc_authorization_code_verification, COIDCAuthorizationCodeVerification
|
56
97
|
|
57
98
|
TYPE_EMAIL = 1
|
58
99
|
TYPE_PASSPHRASE = 2
|
@@ -62,8 +103,10 @@ module Tanker
|
|
62
103
|
TYPE_PREVERIFIED_EMAIL = 6
|
63
104
|
TYPE_PREVERIFIED_PHONE_NUMBER = 7
|
64
105
|
TYPE_E2E_PASSPHRASE = 8
|
106
|
+
TYPE_PREVERIFIED_OIDC = 9
|
107
|
+
TYPE_OIDC_AUTHORIZATION_CODE = 10
|
65
108
|
|
66
|
-
def initialize(verification) # rubocop:disable Metrics/CyclomaticComplexity Not relevant for a case/when
|
109
|
+
def initialize(verification) # rubocop:disable Metrics/MethodLength, Metrics/CyclomaticComplexity Not relevant for a case/when
|
67
110
|
super()
|
68
111
|
|
69
112
|
unless verification.is_a? Tanker::Verification
|
@@ -103,11 +146,22 @@ module Tanker
|
|
103
146
|
@e2e_passphrase = CTanker.new_cstring verification.e2e_passphrase
|
104
147
|
self[:type] = TYPE_E2E_PASSPHRASE
|
105
148
|
self[:e2e_passphrase] = @e2e_passphrase
|
149
|
+
when Tanker::PreverifiedOIDCVerification
|
150
|
+
@preverified_oidc = COIDCVerification.new verification.subject, verification.provider_id
|
151
|
+
self[:type] = TYPE_PREVERIFIED_OIDC
|
152
|
+
self[:preverified_oidc] = @preverified_oidc
|
153
|
+
when Tanker::OIDCAuthorizationCodeVerification
|
154
|
+
self[:type] = TYPE_OIDC_AUTHORIZATION_CODE
|
155
|
+
self[:oidc_authorization_code_verification] = COIDCAuthorizationCodeVerification.new(
|
156
|
+
verification.provider_id,
|
157
|
+
verification.authorization_code,
|
158
|
+
verification.state
|
159
|
+
)
|
106
160
|
else
|
107
161
|
raise ArgumentError, 'Unknown Tanker::Verification type!'
|
108
162
|
end
|
109
163
|
|
110
|
-
self[:version] =
|
164
|
+
self[:version] = 8
|
111
165
|
end
|
112
166
|
end
|
113
167
|
|
@@ -20,6 +20,8 @@ module Tanker
|
|
20
20
|
TYPE_PREVERIFIED_EMAIL = 6
|
21
21
|
TYPE_PREVERIFIED_PHONE_NUMBER = 7
|
22
22
|
TYPE_E2E_PASSPHRASE = 8
|
23
|
+
# TYPE_PREVERIFIED_OIDC = 9 # Preverified OIDC is not exposed as a VerificationMethod
|
24
|
+
# TYPE_OIDC_AUTHORIZATION_CODE, = 10 # OIDC authorization code is not exposed as a VerificationMethod
|
23
25
|
|
24
26
|
def to_verification_method # rubocop:disable Metrics/CyclomaticComplexity Not relevant for a case/when
|
25
27
|
case self[:type]
|
data/lib/tanker/c_tanker.rb
CHANGED
@@ -42,6 +42,7 @@ module Tanker
|
|
42
42
|
blocking_attach_function :tanker_set_oidc_test_nonce, [:session_pointer, :string], CFuture
|
43
43
|
|
44
44
|
blocking_attach_function :tanker_attach_provisional_identity, [:session_pointer, :string], CFuture
|
45
|
+
blocking_attach_function :tanker_free_attach_result, [:pointer], :void
|
45
46
|
blocking_attach_function :tanker_verify_provisional_identity, [:session_pointer, CVerification], CFuture
|
46
47
|
|
47
48
|
blocking_attach_function :tanker_encrypted_size, [:uint64, :uint32], :uint64
|
@@ -89,6 +90,9 @@ module Tanker
|
|
89
90
|
|
90
91
|
blocking_attach_function :tanker_prehash_password, [:string], CFuture
|
91
92
|
|
93
|
+
blocking_attach_function :tanker_authenticate_with_idp, [:session_pointer, :string, :string], CFuture
|
94
|
+
blocking_attach_function :tanker_free_authenticate_with_idp_result, [:pointer], :void
|
95
|
+
|
92
96
|
blocking_attach_function :tanker_free_buffer, [:pointer], :void
|
93
97
|
blocking_attach_function :tanker_free_verification_method_list, [:pointer], :void
|
94
98
|
end
|
data/lib/tanker/core/http.rb
CHANGED
@@ -4,6 +4,15 @@ require 'faraday'
|
|
4
4
|
|
5
5
|
module Tanker
|
6
6
|
module Http
|
7
|
+
class HttpHeader
|
8
|
+
attr_reader :name, :value
|
9
|
+
|
10
|
+
def initialize(name, value)
|
11
|
+
@name = name
|
12
|
+
@value = value
|
13
|
+
end
|
14
|
+
end
|
15
|
+
|
7
16
|
class HttpRequest
|
8
17
|
@@mutex = Mutex.new # rubocop:disable Style/ClassVars I have no idea why you don't like class vars
|
9
18
|
@@current_request_id = 0 # rubocop:disable Style/ClassVars
|
@@ -13,8 +22,7 @@ module Tanker
|
|
13
22
|
attr_reader :id
|
14
23
|
attr_reader :method
|
15
24
|
attr_reader :url
|
16
|
-
attr_reader :
|
17
|
-
attr_reader :authorization
|
25
|
+
attr_reader :headers
|
18
26
|
attr_reader :body
|
19
27
|
attr_reader :crequest
|
20
28
|
|
@@ -38,10 +46,16 @@ module Tanker
|
|
38
46
|
|
39
47
|
@method = self.class.method_str_to_symbol crequest[:method]
|
40
48
|
@url = crequest[:url]
|
41
|
-
@instance_id = crequest[:instance_id]
|
42
|
-
@authorization = crequest[:authorization]
|
43
49
|
@body = crequest[:body].read_string_length(crequest[:body_size])
|
44
50
|
|
51
|
+
count = crequest[:num_headers]
|
52
|
+
headers_base_addr = crequest[:headers]
|
53
|
+
@headers = count.times.map do |i|
|
54
|
+
header_ptr = headers_base_addr + (i * CTanker::CHttpRequestHeader.size)
|
55
|
+
c_header = CTanker::CHttpRequestHeader.new header_ptr
|
56
|
+
HttpHeader.new(c_header[:name], c_header[:value])
|
57
|
+
end
|
58
|
+
|
45
59
|
# Keep the crequest because we need its address to answer to Tanker
|
46
60
|
@crequest = crequest
|
47
61
|
end
|
@@ -123,18 +137,27 @@ module Tanker
|
|
123
137
|
end
|
124
138
|
|
125
139
|
def process_request(request)
|
126
|
-
|
127
|
-
|
128
|
-
|
129
|
-
|
130
|
-
|
131
|
-
|
132
|
-
|
133
|
-
|
140
|
+
headers = Faraday::Utils::Headers.new
|
141
|
+
|
142
|
+
request.headers.each do |header|
|
143
|
+
# Faraday stores identical headers as a comma separated string
|
144
|
+
headers[header.name] = [headers[header.name], header.value].compact
|
145
|
+
end
|
146
|
+
|
147
|
+
# overwrite sdk-native headers
|
148
|
+
headers['X-Tanker-SdkType'] = @sdk_type
|
149
|
+
headers['X-Tanker-SdkVersion'] = @sdk_version
|
150
|
+
|
151
|
+
fresponse = Faraday.run_request(request.method, request.url, request.body, headers)
|
134
152
|
|
135
153
|
request.complete_if_not_canceled do
|
154
|
+
# Faraday stores identical headers as a comma separated string
|
155
|
+
# So we will only see a single header in sdk-native
|
156
|
+
headers = fresponse.headers.map do |name, value|
|
157
|
+
HttpHeader.new name, value
|
158
|
+
end
|
136
159
|
cresponse = CTanker::CHttpResponse.new_ok status_code: fresponse.status,
|
137
|
-
|
160
|
+
headers:,
|
138
161
|
body: fresponse.body
|
139
162
|
CTanker.tanker_http_handle_response(request.crequest, cresponse)
|
140
163
|
end
|
@@ -151,7 +174,7 @@ module Tanker
|
|
151
174
|
end
|
152
175
|
|
153
176
|
def send_request(crequest, _cdata)
|
154
|
-
request = HttpRequest.new
|
177
|
+
request = HttpRequest.new(crequest:)
|
155
178
|
ThreadPool.push(proc do
|
156
179
|
process_request request
|
157
180
|
end)
|
data/lib/tanker/core/session.rb
CHANGED
@@ -69,6 +69,8 @@ module Tanker
|
|
69
69
|
attach_status = attach_ptr.get(:uint8, 1)
|
70
70
|
method_ptr = attach_ptr.get_pointer(FFI::Pointer.size)
|
71
71
|
method = (CTanker::CVerificationMethod.new(method_ptr).to_verification_method if method_ptr.address != 0)
|
72
|
+
|
73
|
+
CTanker.tanker_free_attach_result(FFI::Pointer.new(:void, attach_ptr.address))
|
72
74
|
AttachResult.new attach_status, method
|
73
75
|
end
|
74
76
|
|
@@ -70,6 +70,22 @@ module Tanker
|
|
70
70
|
end
|
71
71
|
end
|
72
72
|
|
73
|
+
class OIDCAuthorizationCodeVerification < Verification
|
74
|
+
attr_reader :provider_id, :authorization_code, :state
|
75
|
+
|
76
|
+
def initialize(provider_id, authorization_code, state)
|
77
|
+
super()
|
78
|
+
|
79
|
+
ASSERT_UTF8.call(provider_id)
|
80
|
+
ASSERT_UTF8.call(authorization_code)
|
81
|
+
ASSERT_UTF8.call(state)
|
82
|
+
|
83
|
+
@provider_id = provider_id
|
84
|
+
@authorization_code = authorization_code
|
85
|
+
@state = state
|
86
|
+
end
|
87
|
+
end
|
88
|
+
|
73
89
|
class PreverifiedEmailVerification < Verification
|
74
90
|
attr_reader :preverified_email
|
75
91
|
|
@@ -94,6 +110,20 @@ module Tanker
|
|
94
110
|
end
|
95
111
|
end
|
96
112
|
|
113
|
+
class PreverifiedOIDCVerification < Verification
|
114
|
+
attr_reader :provider_id, :subject
|
115
|
+
|
116
|
+
def initialize(subject, provider_id)
|
117
|
+
super()
|
118
|
+
|
119
|
+
ASSERT_UTF8.call(provider_id)
|
120
|
+
ASSERT_UTF8.call(subject)
|
121
|
+
|
122
|
+
@provider_id = provider_id
|
123
|
+
@subject = subject
|
124
|
+
end
|
125
|
+
end
|
126
|
+
|
97
127
|
class E2ePassphraseVerification < Verification
|
98
128
|
attr_reader :e2e_passphrase
|
99
129
|
|
data/lib/tanker/core/version.rb
CHANGED
Binary file
|
Binary file
|
Binary file
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: tanker-core
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 4.
|
4
|
+
version: 4.2.0.alpha.1
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Tanker team
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2024-
|
11
|
+
date: 2024-04-18 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: faraday
|
@@ -100,12 +100,12 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
100
100
|
requirements:
|
101
101
|
- - ">="
|
102
102
|
- !ruby/object:Gem::Version
|
103
|
-
version: 3.
|
103
|
+
version: 3.1.0
|
104
104
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
105
105
|
requirements:
|
106
|
-
- - "
|
106
|
+
- - ">"
|
107
107
|
- !ruby/object:Gem::Version
|
108
|
-
version:
|
108
|
+
version: 1.3.1
|
109
109
|
requirements: []
|
110
110
|
rubygems_version: 3.4.10
|
111
111
|
signing_key:
|