tanker-core 4.1.1.alpha.1 → 4.2.0.alpha.4
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/tanker/c_tanker/c_future.rb +1 -1
- data/lib/tanker/c_tanker/c_http.rb +39 -8
- data/lib/tanker/c_tanker/c_verification.rb +57 -3
- data/lib/tanker/c_tanker/c_verification_method.rb +2 -0
- data/lib/tanker/c_tanker.rb +4 -0
- data/lib/tanker/core/http.rb +37 -14
- data/lib/tanker/core/session.rb +2 -0
- data/lib/tanker/core/verification.rb +30 -0
- data/lib/tanker/core/version.rb +1 -1
- data/vendor/tanker/darwin-aarch64/libctanker.dylib +0 -0
- data/vendor/tanker/darwin-x86_64/libctanker.dylib +0 -0
- data/vendor/tanker/linux-x86_64/libctanker.so +0 -0
- metadata +3 -3
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 8b324e59522e58e2fb40fef4834366caf17acdf64138396f3102b2e829bb10d8
|
|
4
|
+
data.tar.gz: 56d5f6ee65264d27e10d3d264d5effbcb53b308cdc6cb4859544f887853688c3
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: cd5c54e0e3a30f2a1e1e62cfcc6b994f56fe0b2924c47abd93a02ff557a8f8d9e93e77d206b28e57d668a2f91c32b4f7b8d0658a89761571a5f7733c2a664fec
|
|
7
|
+
data.tar.gz: 9c5925ae4b3bd2fe0e53e886389be8d828ccad2098e4ad48996d6898c68a21de22b20c2be91530a9d4aff8bf78a11125a3674d19deaf3d84ebfa9fadf653d20e
|
|
@@ -6,44 +6,75 @@ module Tanker
|
|
|
6
6
|
module CTanker
|
|
7
7
|
extend FFI::Library
|
|
8
8
|
|
|
9
|
+
class CHttpRequestHeader < FFI::Struct
|
|
10
|
+
layout :name, :string,
|
|
11
|
+
:value, :string
|
|
12
|
+
end
|
|
13
|
+
|
|
9
14
|
class CHttpRequest < FFI::Struct
|
|
10
15
|
layout :method, :string,
|
|
11
16
|
:url, :string,
|
|
12
|
-
:
|
|
13
|
-
:
|
|
17
|
+
:headers, :pointer,
|
|
18
|
+
:num_headers, :int32,
|
|
14
19
|
:body, :pointer,
|
|
15
20
|
:body_size, :int32
|
|
16
21
|
end
|
|
17
22
|
|
|
23
|
+
class CHttpResponseHeader < FFI::Struct
|
|
24
|
+
layout :name, :pointer,
|
|
25
|
+
:value, :pointer
|
|
26
|
+
|
|
27
|
+
def initialize(name, value)
|
|
28
|
+
super()
|
|
29
|
+
|
|
30
|
+
@name = CTanker.new_cstring name
|
|
31
|
+
@value = CTanker.new_cstring value
|
|
32
|
+
|
|
33
|
+
self[:name] = @name
|
|
34
|
+
self[:value] = @value
|
|
35
|
+
end
|
|
36
|
+
end
|
|
37
|
+
|
|
18
38
|
class CHttpResponse < FFI::Struct
|
|
19
|
-
def self.new_ok(status_code:,
|
|
20
|
-
new nil, status_code,
|
|
39
|
+
def self.new_ok(status_code:, headers:, body:)
|
|
40
|
+
new nil, status_code, headers, body
|
|
21
41
|
end
|
|
22
42
|
|
|
23
43
|
def self.new_error(msg)
|
|
24
44
|
new msg, nil, nil, nil
|
|
25
45
|
end
|
|
26
46
|
|
|
27
|
-
def initialize(error_msg, status_code,
|
|
47
|
+
def initialize(error_msg, status_code, headers, body)
|
|
28
48
|
super()
|
|
29
49
|
|
|
30
50
|
if error_msg
|
|
31
51
|
@error_msg = CTanker.new_cstring(error_msg)
|
|
32
52
|
self[:error_msg] = @error_msg
|
|
33
53
|
else
|
|
34
|
-
|
|
54
|
+
raise TypeError, 'headers argument is not an Array[HttpHeader]' unless headers.is_a?(Array)
|
|
55
|
+
|
|
35
56
|
@body = FFI::MemoryPointer.from_string(body)
|
|
36
57
|
|
|
37
58
|
self[:error_msg] = nil
|
|
38
|
-
self[:
|
|
59
|
+
self[:num_headers] = headers.length
|
|
39
60
|
self[:body] = @body
|
|
40
61
|
self[:body_size] = body.bytesize
|
|
41
62
|
self[:status_code] = status_code
|
|
63
|
+
|
|
64
|
+
@headers = []
|
|
65
|
+
self[:headers] = FFI::MemoryPointer.new(CHttpResponseHeader, self[:num_headers])
|
|
66
|
+
headers.each_with_index do |header, idx|
|
|
67
|
+
@headers.push(CHttpResponseHeader.new(header.name, header.value))
|
|
68
|
+
# NOTE: memcopy
|
|
69
|
+
str = @headers[idx].pointer.read_bytes CHttpResponseHeader.size
|
|
70
|
+
self[:headers].put_bytes(idx * CHttpResponseHeader.size, str, 0, CHttpResponseHeader.size)
|
|
71
|
+
end
|
|
42
72
|
end
|
|
43
73
|
end
|
|
44
74
|
|
|
45
75
|
layout :error_msg, :pointer,
|
|
46
|
-
:
|
|
76
|
+
:headers, :pointer,
|
|
77
|
+
:num_headers, :int32,
|
|
47
78
|
:body, :pointer,
|
|
48
79
|
:body_size, :int64,
|
|
49
80
|
:status_code, :int32
|
|
@@ -42,6 +42,45 @@ module Tanker
|
|
|
42
42
|
end
|
|
43
43
|
end
|
|
44
44
|
|
|
45
|
+
class COIDCVerification < FFI::Struct
|
|
46
|
+
layout :version, :uint8,
|
|
47
|
+
:subject, :pointer,
|
|
48
|
+
:provider_id, :pointer
|
|
49
|
+
|
|
50
|
+
def initialize(subject, provider_id)
|
|
51
|
+
super()
|
|
52
|
+
|
|
53
|
+
# NOTE: Instance variables are required to keep the CStrings alive
|
|
54
|
+
@subject = CTanker.new_cstring subject
|
|
55
|
+
@provider_id = CTanker.new_cstring provider_id
|
|
56
|
+
|
|
57
|
+
self[:version] = 1
|
|
58
|
+
self[:subject] = @subject
|
|
59
|
+
self[:provider_id] = @provider_id
|
|
60
|
+
end
|
|
61
|
+
end
|
|
62
|
+
|
|
63
|
+
class COIDCAuthorizationCodeVerification < FFI::Struct
|
|
64
|
+
layout :version, :uint8,
|
|
65
|
+
:provider_id, :pointer,
|
|
66
|
+
:authorization_code, :pointer,
|
|
67
|
+
:state, :pointer
|
|
68
|
+
|
|
69
|
+
def initialize(provider_id, authorization_code, state)
|
|
70
|
+
super()
|
|
71
|
+
|
|
72
|
+
# NOTE: Instance variables are required to keep the CStrings alive
|
|
73
|
+
@provider_id = CTanker.new_cstring provider_id
|
|
74
|
+
@authorization_code = CTanker.new_cstring authorization_code
|
|
75
|
+
@state = CTanker.new_cstring state
|
|
76
|
+
|
|
77
|
+
self[:version] = 1
|
|
78
|
+
self[:provider_id] = @provider_id
|
|
79
|
+
self[:authorization_code] = @authorization_code
|
|
80
|
+
self[:state] = @state
|
|
81
|
+
end
|
|
82
|
+
end
|
|
83
|
+
|
|
45
84
|
class CVerification < FFI::Struct
|
|
46
85
|
layout :version, :uint8,
|
|
47
86
|
:type, :uint8,
|
|
@@ -52,7 +91,9 @@ module Tanker
|
|
|
52
91
|
:oidc_id_token, :pointer,
|
|
53
92
|
:phone_number_verification, CPhoneNumberVerification,
|
|
54
93
|
:preverified_email, :pointer,
|
|
55
|
-
:preverified_phone_number, :pointer
|
|
94
|
+
:preverified_phone_number, :pointer,
|
|
95
|
+
:preverified_oidc, COIDCVerification,
|
|
96
|
+
:oidc_authorization_code_verification, COIDCAuthorizationCodeVerification
|
|
56
97
|
|
|
57
98
|
TYPE_EMAIL = 1
|
|
58
99
|
TYPE_PASSPHRASE = 2
|
|
@@ -62,8 +103,10 @@ module Tanker
|
|
|
62
103
|
TYPE_PREVERIFIED_EMAIL = 6
|
|
63
104
|
TYPE_PREVERIFIED_PHONE_NUMBER = 7
|
|
64
105
|
TYPE_E2E_PASSPHRASE = 8
|
|
106
|
+
TYPE_PREVERIFIED_OIDC = 9
|
|
107
|
+
TYPE_OIDC_AUTHORIZATION_CODE = 10
|
|
65
108
|
|
|
66
|
-
def initialize(verification) # rubocop:disable Metrics/CyclomaticComplexity Not relevant for a case/when
|
|
109
|
+
def initialize(verification) # rubocop:disable Metrics/MethodLength, Metrics/CyclomaticComplexity Not relevant for a case/when
|
|
67
110
|
super()
|
|
68
111
|
|
|
69
112
|
unless verification.is_a? Tanker::Verification
|
|
@@ -103,11 +146,22 @@ module Tanker
|
|
|
103
146
|
@e2e_passphrase = CTanker.new_cstring verification.e2e_passphrase
|
|
104
147
|
self[:type] = TYPE_E2E_PASSPHRASE
|
|
105
148
|
self[:e2e_passphrase] = @e2e_passphrase
|
|
149
|
+
when Tanker::PreverifiedOIDCVerification
|
|
150
|
+
@preverified_oidc = COIDCVerification.new verification.subject, verification.provider_id
|
|
151
|
+
self[:type] = TYPE_PREVERIFIED_OIDC
|
|
152
|
+
self[:preverified_oidc] = @preverified_oidc
|
|
153
|
+
when Tanker::OIDCAuthorizationCodeVerification
|
|
154
|
+
self[:type] = TYPE_OIDC_AUTHORIZATION_CODE
|
|
155
|
+
self[:oidc_authorization_code_verification] = COIDCAuthorizationCodeVerification.new(
|
|
156
|
+
verification.provider_id,
|
|
157
|
+
verification.authorization_code,
|
|
158
|
+
verification.state
|
|
159
|
+
)
|
|
106
160
|
else
|
|
107
161
|
raise ArgumentError, 'Unknown Tanker::Verification type!'
|
|
108
162
|
end
|
|
109
163
|
|
|
110
|
-
self[:version] =
|
|
164
|
+
self[:version] = 8
|
|
111
165
|
end
|
|
112
166
|
end
|
|
113
167
|
|
|
@@ -20,6 +20,8 @@ module Tanker
|
|
|
20
20
|
TYPE_PREVERIFIED_EMAIL = 6
|
|
21
21
|
TYPE_PREVERIFIED_PHONE_NUMBER = 7
|
|
22
22
|
TYPE_E2E_PASSPHRASE = 8
|
|
23
|
+
# TYPE_PREVERIFIED_OIDC = 9 # Preverified OIDC is not exposed as a VerificationMethod
|
|
24
|
+
# TYPE_OIDC_AUTHORIZATION_CODE, = 10 # OIDC authorization code is not exposed as a VerificationMethod
|
|
23
25
|
|
|
24
26
|
def to_verification_method # rubocop:disable Metrics/CyclomaticComplexity Not relevant for a case/when
|
|
25
27
|
case self[:type]
|
data/lib/tanker/c_tanker.rb
CHANGED
|
@@ -42,6 +42,7 @@ module Tanker
|
|
|
42
42
|
blocking_attach_function :tanker_set_oidc_test_nonce, [:session_pointer, :string], CFuture
|
|
43
43
|
|
|
44
44
|
blocking_attach_function :tanker_attach_provisional_identity, [:session_pointer, :string], CFuture
|
|
45
|
+
blocking_attach_function :tanker_free_attach_result, [:pointer], :void
|
|
45
46
|
blocking_attach_function :tanker_verify_provisional_identity, [:session_pointer, CVerification], CFuture
|
|
46
47
|
|
|
47
48
|
blocking_attach_function :tanker_encrypted_size, [:uint64, :uint32], :uint64
|
|
@@ -89,6 +90,9 @@ module Tanker
|
|
|
89
90
|
|
|
90
91
|
blocking_attach_function :tanker_prehash_password, [:string], CFuture
|
|
91
92
|
|
|
93
|
+
blocking_attach_function :tanker_authenticate_with_idp, [:session_pointer, :string, :string], CFuture
|
|
94
|
+
blocking_attach_function :tanker_free_authenticate_with_idp_result, [:pointer], :void
|
|
95
|
+
|
|
92
96
|
blocking_attach_function :tanker_free_buffer, [:pointer], :void
|
|
93
97
|
blocking_attach_function :tanker_free_verification_method_list, [:pointer], :void
|
|
94
98
|
end
|
data/lib/tanker/core/http.rb
CHANGED
|
@@ -4,6 +4,15 @@ require 'faraday'
|
|
|
4
4
|
|
|
5
5
|
module Tanker
|
|
6
6
|
module Http
|
|
7
|
+
class HttpHeader
|
|
8
|
+
attr_reader :name, :value
|
|
9
|
+
|
|
10
|
+
def initialize(name, value)
|
|
11
|
+
@name = name
|
|
12
|
+
@value = value
|
|
13
|
+
end
|
|
14
|
+
end
|
|
15
|
+
|
|
7
16
|
class HttpRequest
|
|
8
17
|
@@mutex = Mutex.new # rubocop:disable Style/ClassVars I have no idea why you don't like class vars
|
|
9
18
|
@@current_request_id = 0 # rubocop:disable Style/ClassVars
|
|
@@ -13,8 +22,7 @@ module Tanker
|
|
|
13
22
|
attr_reader :id
|
|
14
23
|
attr_reader :method
|
|
15
24
|
attr_reader :url
|
|
16
|
-
attr_reader :
|
|
17
|
-
attr_reader :authorization
|
|
25
|
+
attr_reader :headers
|
|
18
26
|
attr_reader :body
|
|
19
27
|
attr_reader :crequest
|
|
20
28
|
|
|
@@ -38,10 +46,16 @@ module Tanker
|
|
|
38
46
|
|
|
39
47
|
@method = self.class.method_str_to_symbol crequest[:method]
|
|
40
48
|
@url = crequest[:url]
|
|
41
|
-
@instance_id = crequest[:instance_id]
|
|
42
|
-
@authorization = crequest[:authorization]
|
|
43
49
|
@body = crequest[:body].read_string_length(crequest[:body_size])
|
|
44
50
|
|
|
51
|
+
count = crequest[:num_headers]
|
|
52
|
+
headers_base_addr = crequest[:headers]
|
|
53
|
+
@headers = count.times.map do |i|
|
|
54
|
+
header_ptr = headers_base_addr + (i * CTanker::CHttpRequestHeader.size)
|
|
55
|
+
c_header = CTanker::CHttpRequestHeader.new header_ptr
|
|
56
|
+
HttpHeader.new(c_header[:name], c_header[:value])
|
|
57
|
+
end
|
|
58
|
+
|
|
45
59
|
# Keep the crequest because we need its address to answer to Tanker
|
|
46
60
|
@crequest = crequest
|
|
47
61
|
end
|
|
@@ -123,18 +137,27 @@ module Tanker
|
|
|
123
137
|
end
|
|
124
138
|
|
|
125
139
|
def process_request(request)
|
|
126
|
-
|
|
127
|
-
|
|
128
|
-
|
|
129
|
-
|
|
130
|
-
|
|
131
|
-
|
|
132
|
-
|
|
133
|
-
|
|
140
|
+
headers = Faraday::Utils::Headers.new
|
|
141
|
+
|
|
142
|
+
request.headers.each do |header|
|
|
143
|
+
# Faraday stores identical headers as a comma separated string
|
|
144
|
+
headers[header.name] = [headers[header.name], header.value].compact
|
|
145
|
+
end
|
|
146
|
+
|
|
147
|
+
# overwrite sdk-native headers
|
|
148
|
+
headers['X-Tanker-SdkType'] = @sdk_type
|
|
149
|
+
headers['X-Tanker-SdkVersion'] = @sdk_version
|
|
150
|
+
|
|
151
|
+
fresponse = Faraday.run_request(request.method, request.url, request.body, headers)
|
|
134
152
|
|
|
135
153
|
request.complete_if_not_canceled do
|
|
154
|
+
# Faraday stores identical headers as a comma separated string
|
|
155
|
+
# So we will only see a single header in sdk-native
|
|
156
|
+
headers = fresponse.headers.map do |name, value|
|
|
157
|
+
HttpHeader.new name, value
|
|
158
|
+
end
|
|
136
159
|
cresponse = CTanker::CHttpResponse.new_ok status_code: fresponse.status,
|
|
137
|
-
|
|
160
|
+
headers:,
|
|
138
161
|
body: fresponse.body
|
|
139
162
|
CTanker.tanker_http_handle_response(request.crequest, cresponse)
|
|
140
163
|
end
|
|
@@ -151,7 +174,7 @@ module Tanker
|
|
|
151
174
|
end
|
|
152
175
|
|
|
153
176
|
def send_request(crequest, _cdata)
|
|
154
|
-
request = HttpRequest.new
|
|
177
|
+
request = HttpRequest.new(crequest:)
|
|
155
178
|
ThreadPool.push(proc do
|
|
156
179
|
process_request request
|
|
157
180
|
end)
|
data/lib/tanker/core/session.rb
CHANGED
|
@@ -69,6 +69,8 @@ module Tanker
|
|
|
69
69
|
attach_status = attach_ptr.get(:uint8, 1)
|
|
70
70
|
method_ptr = attach_ptr.get_pointer(FFI::Pointer.size)
|
|
71
71
|
method = (CTanker::CVerificationMethod.new(method_ptr).to_verification_method if method_ptr.address != 0)
|
|
72
|
+
|
|
73
|
+
CTanker.tanker_free_attach_result(FFI::Pointer.new(:void, attach_ptr.address))
|
|
72
74
|
AttachResult.new attach_status, method
|
|
73
75
|
end
|
|
74
76
|
|
|
@@ -70,6 +70,22 @@ module Tanker
|
|
|
70
70
|
end
|
|
71
71
|
end
|
|
72
72
|
|
|
73
|
+
class OIDCAuthorizationCodeVerification < Verification
|
|
74
|
+
attr_reader :provider_id, :authorization_code, :state
|
|
75
|
+
|
|
76
|
+
def initialize(provider_id, authorization_code, state)
|
|
77
|
+
super()
|
|
78
|
+
|
|
79
|
+
ASSERT_UTF8.call(provider_id)
|
|
80
|
+
ASSERT_UTF8.call(authorization_code)
|
|
81
|
+
ASSERT_UTF8.call(state)
|
|
82
|
+
|
|
83
|
+
@provider_id = provider_id
|
|
84
|
+
@authorization_code = authorization_code
|
|
85
|
+
@state = state
|
|
86
|
+
end
|
|
87
|
+
end
|
|
88
|
+
|
|
73
89
|
class PreverifiedEmailVerification < Verification
|
|
74
90
|
attr_reader :preverified_email
|
|
75
91
|
|
|
@@ -94,6 +110,20 @@ module Tanker
|
|
|
94
110
|
end
|
|
95
111
|
end
|
|
96
112
|
|
|
113
|
+
class PreverifiedOIDCVerification < Verification
|
|
114
|
+
attr_reader :provider_id, :subject
|
|
115
|
+
|
|
116
|
+
def initialize(subject, provider_id)
|
|
117
|
+
super()
|
|
118
|
+
|
|
119
|
+
ASSERT_UTF8.call(provider_id)
|
|
120
|
+
ASSERT_UTF8.call(subject)
|
|
121
|
+
|
|
122
|
+
@provider_id = provider_id
|
|
123
|
+
@subject = subject
|
|
124
|
+
end
|
|
125
|
+
end
|
|
126
|
+
|
|
97
127
|
class E2ePassphraseVerification < Verification
|
|
98
128
|
attr_reader :e2e_passphrase
|
|
99
129
|
|
data/lib/tanker/core/version.rb
CHANGED
|
Binary file
|
|
Binary file
|
|
Binary file
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: tanker-core
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 4.
|
|
4
|
+
version: 4.2.0.alpha.4
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Tanker team
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2024-
|
|
11
|
+
date: 2024-05-22 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: faraday
|
|
@@ -100,7 +100,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
|
100
100
|
requirements:
|
|
101
101
|
- - ">="
|
|
102
102
|
- !ruby/object:Gem::Version
|
|
103
|
-
version: 3.
|
|
103
|
+
version: 3.1.0
|
|
104
104
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
|
105
105
|
requirements:
|
|
106
106
|
- - ">"
|