telegram-auth 0.0.2 → 0.0.4

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 43a49d15eadc587f42d29e5e6153c5d740f94cb5b142ad876318b287a9c5886e
-  data.tar.gz: fe7697fb8faeb27aa2d3aa77c4bb257eddf1f5ae411d591aaaad97922b105483
+  metadata.gz: 82653d76cf5a5ce000ce009ebaccab8fa57ec32b6c3ec848bcb440bb3cdbf4f6
+  data.tar.gz: 723190f3a810b0bf68c3887bb5e419fed47fc598107dee2bf6620ae8ba4f5f61
 SHA512:
-  metadata.gz: a3188b26889708383daab1923d67516926409a2a59994be701210c7c5c61c20dc1344f2f92cc40cdeef20c3a6020f07f96850c08473be10ad254eb36bf836cb6
-  data.tar.gz: 67aead184841ab0e113428f218338809354078ea961d60cc6ddfd79d6f15103481dc684326aad2c83d2d59d4e3b4e89244d8e6010bfa7739bc9c66467f7bdfb7
+  metadata.gz: c3e5f89e314b7088134746aaeda7a0110cb8301fd3ddd2ea52fc3e9cc2eb0f8c1db5a45308cb440d21871a9cab6c7a989f0c360f5ed49910fd1ee26035bf80bc
+  data.tar.gz: b917711aeee692453f8f4688f12cf6add3bf4730326d8e90804ecb1aa716684e5d143fde97cbd9c0009c853283b116de329d73f54290b31c08501d7ef1a135bf

data/lib/telegram/auth.rb

@@ -0,0 +1,40 @@
+require "telegram/auth/version"
+require "telegram/auth/configuration"
+require "telegram/auth/fields"
+require "telegram/auth/verification"
+require "logger"
+
+module Telegram
+  module Auth
+    class Error < StandardError; end
+    class ConfigurationError < Error; end
+    class ShaError < Error; end;
+    class ExpiredError < Error; end;
+    def self.configure(&block)
+      yield(Configuration.instance) if block_given?
+    end
+
+    def self.configure!(&blk)
+      configure(&blk)
+      Configuration.instance.verify!
+    end
+
+    def self.create(hash:, **field_data)
+      verification = Verification.new(hash, Fields.new(field_data))
+      success = verification.process
+      yield(verification.error) if !success && block_given?
+      success
+    end
+
+    def self.logger=(logger)
+      @logger = logger
+    end
+
+    def self.logger
+      @logger
+    end
+  end
+end
+
+Telegram::Auth.logger = Logger.new(STDOUT)
+Telegram::Auth.logger.level = Logger::DEBUG

data/lib/telegram/auth/configuration.rb

@@ -0,0 +1,29 @@
+require "singleton"
+
+module Telegram::Auth
+  class Configuration
+    include Singleton
+    attr_accessor :token
+    attr_accessor :auth_expires_in
+
+    def valid?
+      @errors = []
+      @errors << ConfigurationError.new("Invalid token") if (!token || token.empty?)
+      @errors.none?
+    end
+
+    def validate!
+      valid? or raise @errors.first
+    end
+
+    def verify!
+      return true if valid?
+      raise @errors.shift
+    end
+
+    def reset!
+      self.token = nil
+      self.auth_expires_in = nil
+    end
+  end
+end

data/lib/telegram/auth/fields.rb

@@ -0,0 +1,22 @@
+module Telegram::Auth
+  class Fields
+    def initialize(hash)
+      @hash = hash
+    end
+
+    def expired?(time = Time.now.to_i)
+      return false unless Configuration.instance.auth_expires_in.present?
+      time > @hash[:auth_date] + Configuration.instance.auth_expires_in
+    end
+
+    def hash
+      token_sha = OpenSSL::Digest::SHA256.new.digest(Configuration.instance.token)
+      OpenSSL::HMAC.hexdigest(OpenSSL::Digest::SHA256.new, token_sha, to_s)
+    end
+
+    def to_s
+      permitted_hash = @hash.slice(:auth_date, :id, :username, :first_name, :last_name, :photo_url)
+      permitted_hash.map { |k,v| "#{k}=#{v}" }.sort.join("\n")
+    end
+  end
+end

data/lib/telegram/auth/verification.rb

@@ -0,0 +1,27 @@
+require 'openssl'
+
+module Telegram::Auth
+  class Verification
+    attr_reader :error
+    
+    def initialize(hash, fields)
+      @fields = fields
+      @hash = hash
+    end
+
+    def process
+      Configuration.instance.validate! && check_sha && check_expiry
+    end
+
+    private
+    def check_sha
+      @error = ShaError.new("Invalid hash") unless @hash.casecmp(@fields.hash) == 0
+      !@error
+    end
+
+    def check_expiry
+      @error = ExpiredError.new("Expired") if @fields.expired?
+      !@error
+    end
+  end
+end

data/lib/telegram/auth/version.rb

@@ -0,0 +1,5 @@
+module Telegram
+  module Auth
+    VERSION = "0.0.4"
+  end
+end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: telegram-auth
 version: !ruby/object:Gem::Version
-  version: 0.0.2
+  version: 0.0.4
 platform: ruby
 authors:
 - Aninda
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2020-10-17 00:00:00.000000000 Z
+date: 2020-10-25 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler
@@ -80,13 +80,32 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: 0.9.2
+- !ruby/object:Gem::Dependency
+  name: openssl
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 2.2.0
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 2.2.0
 description: Gem to verify the auth hash for a telegram domain login
 email:
 - spacefugitive@gmail.com
 executables: []
 extensions: []
 extra_rdoc_files: []
-files: []
+files:
+- lib/telegram/auth.rb
+- lib/telegram/auth/configuration.rb
+- lib/telegram/auth/fields.rb
+- lib/telegram/auth/verification.rb
+- lib/telegram/auth/version.rb
 homepage: https://github.com/spacefugitive/telegram-auth
 licenses:
 - MIT
@@ -99,7 +118,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: '0'
+      version: 2.4.0
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="