truelayer-signing 0.1.0

data/doc/TrueLayerSigning/Signer.html

@@ -0,0 +1,186 @@
+<!DOCTYPE html>
+
+<html>
+<head>
+<meta charset="UTF-8">
+
+<title>class TrueLayerSigning::Signer - RDoc Documentation</title>
+
+<script type="text/javascript">
+  var rdoc_rel_prefix = "../";
+  var index_rel_prefix = "../";
+</script>
+
+<script src="../js/navigation.js" defer></script>
+<script src="../js/search.js" defer></script>
+<script src="../js/search_index.js" defer></script>
+<script src="../js/searcher.js" defer></script>
+<script src="../js/darkfish.js" defer></script>
+
+<link href="../css/fonts.css" rel="stylesheet">
+<link href="../css/rdoc.css" rel="stylesheet">
+
+
+<body id="top" role="document" class="class">
+<nav role="navigation">
+  <div id="project-navigation">
+    <div id="home-section" role="region" title="Quick navigation" class="nav-section">
+  <h2>
+    <a href="../index.html" rel="home">Home</a>
+  </h2>
+
+  <div id="table-of-contents-navigation">
+    <a href="../table_of_contents.html#pages">Pages</a>
+    <a href="../table_of_contents.html#classes">Classes</a>
+    <a href="../table_of_contents.html#methods">Methods</a>
+  </div>
+</div>
+
+    <div id="search-section" role="search" class="project-section initially-hidden">
+  <form action="#" method="get" accept-charset="utf-8">
+    <div id="search-field-wrapper">
+      <input id="search-field" role="combobox" aria-label="Search"
+             aria-autocomplete="list" aria-controls="search-results"
+             type="text" name="search" placeholder="Search" spellcheck="false"
+             title="Type to search, Up and Down to navigate, Enter to load">
+    </div>
+
+    <ul id="search-results" aria-label="Search Results"
+        aria-busy="false" aria-expanded="false"
+        aria-atomic="false" class="initially-hidden"></ul>
+  </form>
+</div>
+
+  </div>
+
+  
+
+  <div id="class-metadata">
+    
+    
+<div id="parent-class-section" class="nav-section">
+  <h3>Parent</h3>
+
+  <p class="link">JwsBase
+</div>
+
+    
+    
+    
+<!-- Method Quickref -->
+<div id="method-list-section" class="nav-section">
+  <h3>Methods</h3>
+
+  <ul class="link-list" role="directory">
+    <li ><a href="#method-i-set_jku">#set_jku</a>
+    <li ><a href="#method-i-sign">#sign</a>
+  </ul>
+</div>
+
+  </div>
+</nav>
+
+<main role="main" aria-labelledby="class-TrueLayerSigning::Signer">
+  <h1 id="class-TrueLayerSigning::Signer" class="class">
+    class TrueLayerSigning::Signer
+  </h1>
+
+  <section class="description">
+    
+  </section>
+
+  <section id="5Buntitled-5D" class="documentation-section">
+
+
+
+    <section class="attribute-method-details" class="method-section">
+      <header>
+        <h3>Attributes</h3>
+      </header>
+
+      <div id="attribute-i-jws_jku" class="method-detail">
+        <div class="method-heading attribute-method-heading">
+          <span class="method-name">jws_jku</span><span
+            class="attribute-access-type">[R]</span>
+        </div>
+
+        <div class="method-description">
+        
+        </div>
+      </div>
+    </section>
+
+
+     <section id="public-instance-5Buntitled-5D-method-details" class="method-section">
+       <header>
+         <h3>Public Instance Methods</h3>
+       </header>
+
+      <div id="method-i-set_jku" class="method-detail ">
+        <div class="method-header">
+          <div class="method-heading">
+            <span class="method-name">set_jku</span><span
+              class="method-args">(jku)</span>
+            <span class="method-click-advice">click to toggle source</span>
+          </div>
+        </div>
+
+        <div class="method-description">
+          
+
+          <div class="method-source-code" id="set_jku-source">
+            <pre><span class="ruby-comment"># File lib/truelayer-signing/signer.rb, line 18</span>
+<span class="ruby-keyword">def</span> <span class="ruby-identifier ruby-title">set_jku</span>(<span class="ruby-identifier">jku</span>)
+  <span class="ruby-ivar">@jws_jku</span> = <span class="ruby-identifier">jku</span>
+  <span class="ruby-keyword">self</span>
+<span class="ruby-keyword">end</span></pre>
+          </div>
+        </div>
+
+
+      </div>
+
+      <div id="method-i-sign" class="method-detail ">
+        <div class="method-header">
+          <div class="method-heading">
+            <span class="method-name">sign</span><span
+              class="method-args">()</span>
+            <span class="method-click-advice">click to toggle source</span>
+          </div>
+        </div>
+
+        <div class="method-description">
+          
+
+          <div class="method-source-code" id="sign-source">
+            <pre><span class="ruby-comment"># File lib/truelayer-signing/signer.rb, line 5</span>
+<span class="ruby-keyword">def</span> <span class="ruby-identifier ruby-title">sign</span>
+  <span class="ruby-identifier">ensure_signer_config!</span>
+
+  <span class="ruby-identifier">private_key</span> = <span class="ruby-constant">OpenSSL</span><span class="ruby-operator">::</span><span class="ruby-constant">PKey</span>.<span class="ruby-identifier">read</span>(<span class="ruby-constant">TrueLayerSigning</span>.<span class="ruby-identifier">private_key</span>)
+  <span class="ruby-identifier">jws_header_args</span> = { <span class="ruby-value">tl_headers:</span> <span class="ruby-identifier">headers</span> }
+  <span class="ruby-identifier">jws_header_args</span>[<span class="ruby-value">:jku</span>] = <span class="ruby-identifier">jws_jku</span> <span class="ruby-keyword">if</span> <span class="ruby-identifier">jws_jku</span>
+  <span class="ruby-identifier">jws_header</span> = <span class="ruby-constant">TrueLayerSigning</span><span class="ruby-operator">::</span><span class="ruby-constant">JwsHeader</span>.<span class="ruby-identifier">new</span>(<span class="ruby-identifier">jws_header_args</span>).<span class="ruby-identifier">to_h</span>
+  <span class="ruby-identifier">jwt</span> = <span class="ruby-constant">JWT</span>.<span class="ruby-identifier">encode</span>(<span class="ruby-identifier">build_signing_payload</span>, <span class="ruby-identifier">private_key</span>, <span class="ruby-constant">TrueLayerSigning</span>.<span class="ruby-identifier">algorithm</span>, <span class="ruby-identifier">jws_header</span>)
+  <span class="ruby-identifier">header</span>, <span class="ruby-identifier">_</span>, <span class="ruby-identifier">signature</span> = <span class="ruby-identifier">jwt</span>.<span class="ruby-identifier">split</span>(<span class="ruby-string">&quot;.&quot;</span>)
+
+  <span class="ruby-node">&quot;#{header}..#{signature}&quot;</span>
+<span class="ruby-keyword">end</span></pre>
+          </div>
+        </div>
+
+
+      </div>
+
+    </section>
+
+  </section>
+</main>
+
+
+<footer id="validator-badges" role="contentinfo">
+  <p><a href="https://validator.w3.org/check/referer">Validate</a>
+  <p>Generated by <a href="https://ruby.github.io/rdoc/">RDoc</a> 6.5.0.
+  <p>Based on <a href="http://deveiate.org/projects/Darkfish-RDoc/">Darkfish</a> by <a href="http://deveiate.org">Michael Granger</a>.
+</footer>
+

data/doc/TrueLayerSigning/Verifier.html

@@ -0,0 +1,327 @@
+<!DOCTYPE html>
+
+<html>
+<head>
+<meta charset="UTF-8">
+
+<title>class TrueLayerSigning::Verifier - RDoc Documentation</title>
+
+<script type="text/javascript">
+  var rdoc_rel_prefix = "../";
+  var index_rel_prefix = "../";
+</script>
+
+<script src="../js/navigation.js" defer></script>
+<script src="../js/search.js" defer></script>
+<script src="../js/search_index.js" defer></script>
+<script src="../js/searcher.js" defer></script>
+<script src="../js/darkfish.js" defer></script>
+
+<link href="../css/fonts.css" rel="stylesheet">
+<link href="../css/rdoc.css" rel="stylesheet">
+
+
+<body id="top" role="document" class="class">
+<nav role="navigation">
+  <div id="project-navigation">
+    <div id="home-section" role="region" title="Quick navigation" class="nav-section">
+  <h2>
+    <a href="../index.html" rel="home">Home</a>
+  </h2>
+
+  <div id="table-of-contents-navigation">
+    <a href="../table_of_contents.html#pages">Pages</a>
+    <a href="../table_of_contents.html#classes">Classes</a>
+    <a href="../table_of_contents.html#methods">Methods</a>
+  </div>
+</div>
+
+    <div id="search-section" role="search" class="project-section initially-hidden">
+  <form action="#" method="get" accept-charset="utf-8">
+    <div id="search-field-wrapper">
+      <input id="search-field" role="combobox" aria-label="Search"
+             aria-autocomplete="list" aria-controls="search-results"
+             type="text" name="search" placeholder="Search" spellcheck="false"
+             title="Type to search, Up and Down to navigate, Enter to load">
+    </div>
+
+    <ul id="search-results" aria-label="Search Results"
+        aria-busy="false" aria-expanded="false"
+        aria-atomic="false" class="initially-hidden"></ul>
+  </form>
+</div>
+
+  </div>
+
+  
+
+  <div id="class-metadata">
+    
+    
+<div id="parent-class-section" class="nav-section">
+  <h3>Parent</h3>
+
+  <p class="link"><a href="JwsBase.html">TrueLayerSigning::JwsBase</a>
+</div>
+
+    
+    
+    
+<!-- Method Quickref -->
+<div id="method-list-section" class="nav-section">
+  <h3>Methods</h3>
+
+  <ul class="link-list" role="directory">
+    <li class="calls-super" ><a href="#method-c-new">::new</a>
+    <li ><a href="#method-c-parse_tl_signature">::parse_tl_signature</a>
+    <li ><a href="#method-i-require_header">#require_header</a>
+    <li ><a href="#method-i-require_headers">#require_headers</a>
+    <li ><a href="#method-i-verify">#verify</a>
+  </ul>
+</div>
+
+  </div>
+</nav>
+
+<main role="main" aria-labelledby="class-TrueLayerSigning::Verifier">
+  <h1 id="class-TrueLayerSigning::Verifier" class="class">
+    class TrueLayerSigning::Verifier
+  </h1>
+
+  <section class="description">
+    
+  </section>
+
+  <section id="5Buntitled-5D" class="documentation-section">
+
+
+
+    <section class="attribute-method-details" class="method-section">
+      <header>
+        <h3>Attributes</h3>
+      </header>
+
+      <div id="attribute-i-key_type" class="method-detail">
+        <div class="method-heading attribute-method-heading">
+          <span class="method-name">key_type</span><span
+            class="attribute-access-type">[R]</span>
+        </div>
+
+        <div class="method-description">
+        
+        </div>
+      </div>
+      <div id="attribute-i-key_value" class="method-detail">
+        <div class="method-heading attribute-method-heading">
+          <span class="method-name">key_value</span><span
+            class="attribute-access-type">[R]</span>
+        </div>
+
+        <div class="method-description">
+        
+        </div>
+      </div>
+      <div id="attribute-i-required_headers" class="method-detail">
+        <div class="method-heading attribute-method-heading">
+          <span class="method-name">required_headers</span><span
+            class="attribute-access-type">[R]</span>
+        </div>
+
+        <div class="method-description">
+        
+        </div>
+      </div>
+    </section>
+
+
+     <section id="public-class-5Buntitled-5D-method-details" class="method-section">
+       <header>
+         <h3>Public Class Methods</h3>
+       </header>
+
+      <div id="method-c-new" class="method-detail ">
+        <div class="method-header">
+          <div class="method-heading">
+            <span class="method-name">new</span><span
+              class="method-args">(args)</span>
+            <span class="method-click-advice">click to toggle source</span>
+          </div>
+        </div>
+
+        <div class="method-description">
+          
+            <div class="method-calls-super">
+              Calls superclass method
+              <a href="JwsBase.html#method-c-new"><code>TrueLayerSigning::JwsBase::new</code></a>
+            </div>
+
+          <div class="method-source-code" id="new-source">
+            <pre><span class="ruby-comment"># File lib/truelayer-signing/verifier.rb, line 7</span>
+<span class="ruby-keyword">def</span> <span class="ruby-identifier ruby-title">initialize</span>(<span class="ruby-identifier">args</span>)
+  <span class="ruby-keyword">super</span>
+  <span class="ruby-ivar">@key_type</span> = <span class="ruby-identifier">args</span>[<span class="ruby-value">:key_type</span>]
+  <span class="ruby-ivar">@key_value</span> = <span class="ruby-identifier">args</span>[<span class="ruby-value">:key_value</span>]
+<span class="ruby-keyword">end</span></pre>
+          </div>
+        </div>
+
+
+      </div>
+
+      <div id="method-c-parse_tl_signature" class="method-detail ">
+        <div class="method-header">
+          <div class="method-heading">
+            <span class="method-name">parse_tl_signature</span><span
+              class="method-args">(tl_signature)</span>
+            <span class="method-click-advice">click to toggle source</span>
+          </div>
+        </div>
+
+        <div class="method-description">
+          
+
+          <div class="method-source-code" id="parse_tl_signature-source">
+            <pre><span class="ruby-comment"># File lib/truelayer-signing/verifier.rb, line 59</span>
+<span class="ruby-keyword">def</span> <span class="ruby-keyword">self</span>.<span class="ruby-identifier ruby-title">parse_tl_signature</span>(<span class="ruby-identifier">tl_signature</span>)
+  <span class="ruby-identifier">jws_header_b64</span>, <span class="ruby-identifier">signature_b64</span> = <span class="ruby-identifier">tl_signature</span>.<span class="ruby-identifier">split</span>(<span class="ruby-string">&quot;..&quot;</span>)
+
+  <span class="ruby-identifier">raise</span>(<span class="ruby-constant">Error</span>, <span class="ruby-string">&quot;Invalid signature format&quot;</span>) <span class="ruby-keyword">unless</span> <span class="ruby-identifier">signature_b64</span>
+
+  <span class="ruby-keyword">begin</span>
+    <span class="ruby-identifier">jws_header_raw</span> = <span class="ruby-constant">Base64</span>.<span class="ruby-identifier">urlsafe_decode64</span>(<span class="ruby-identifier">jws_header_b64</span>)
+  <span class="ruby-keyword">rescue</span> <span class="ruby-constant">ArgumentError</span>
+    <span class="ruby-identifier">raise</span>(<span class="ruby-constant">Error</span>, <span class="ruby-string">&quot;Invalid base64 for header&quot;</span>)
+  <span class="ruby-keyword">else</span>
+    <span class="ruby-identifier">jws_header</span> = <span class="ruby-constant">JwsHeader</span>.<span class="ruby-identifier">new</span>(<span class="ruby-constant">JSON</span>.<span class="ruby-identifier">parse</span>(<span class="ruby-identifier">jws_header_raw</span>, <span class="ruby-value">symbolize_names:</span> <span class="ruby-keyword">true</span>))
+  <span class="ruby-keyword">end</span>
+
+  [<span class="ruby-identifier">jws_header</span>, <span class="ruby-identifier">jws_header_b64</span>, <span class="ruby-identifier">signature_b64</span>]
+<span class="ruby-keyword">end</span></pre>
+          </div>
+        </div>
+
+
+      </div>
+
+    </section>
+
+     <section id="public-instance-5Buntitled-5D-method-details" class="method-section">
+       <header>
+         <h3>Public Instance Methods</h3>
+       </header>
+
+      <div id="method-i-require_header" class="method-detail ">
+        <div class="method-header">
+          <div class="method-heading">
+            <span class="method-name">require_header</span><span
+              class="method-args">(name)</span>
+            <span class="method-click-advice">click to toggle source</span>
+          </div>
+        </div>
+
+        <div class="method-description">
+          
+
+          <div class="method-source-code" id="require_header-source">
+            <pre><span class="ruby-comment"># File lib/truelayer-signing/verifier.rb, line 48</span>
+<span class="ruby-keyword">def</span> <span class="ruby-identifier ruby-title">require_header</span>(<span class="ruby-identifier">name</span>)
+  <span class="ruby-ivar">@required_headers</span> <span class="ruby-operator">||=</span> []
+  <span class="ruby-ivar">@required_headers</span>.<span class="ruby-identifier">push</span>(<span class="ruby-identifier">name</span>)
+  <span class="ruby-keyword">self</span>
+<span class="ruby-keyword">end</span></pre>
+          </div>
+        </div>
+
+
+      </div>
+
+      <div id="method-i-require_headers" class="method-detail ">
+        <div class="method-header">
+          <div class="method-heading">
+            <span class="method-name">require_headers</span><span
+              class="method-args">(names)</span>
+            <span class="method-click-advice">click to toggle source</span>
+          </div>
+        </div>
+
+        <div class="method-description">
+          
+
+          <div class="method-source-code" id="require_headers-source">
+            <pre><span class="ruby-comment"># File lib/truelayer-signing/verifier.rb, line 54</span>
+<span class="ruby-keyword">def</span> <span class="ruby-identifier ruby-title">require_headers</span>(<span class="ruby-identifier">names</span>)
+  <span class="ruby-ivar">@required_headers</span> = <span class="ruby-identifier">names</span>
+  <span class="ruby-keyword">self</span>
+<span class="ruby-keyword">end</span></pre>
+          </div>
+        </div>
+
+
+      </div>
+
+      <div id="method-i-verify" class="method-detail ">
+        <div class="method-header">
+          <div class="method-heading">
+            <span class="method-name">verify</span><span
+              class="method-args">(tl_signature)</span>
+            <span class="method-click-advice">click to toggle source</span>
+          </div>
+        </div>
+
+        <div class="method-description">
+          
+
+          <div class="method-source-code" id="verify-source">
+            <pre><span class="ruby-comment"># File lib/truelayer-signing/verifier.rb, line 13</span>
+<span class="ruby-keyword">def</span> <span class="ruby-identifier ruby-title">verify</span>(<span class="ruby-identifier">tl_signature</span>)
+  <span class="ruby-identifier">ensure_verifier_config!</span>
+
+  <span class="ruby-identifier">jws_header</span>, <span class="ruby-identifier">jws_header_b64</span>, <span class="ruby-identifier">signature_b64</span> = <span class="ruby-keyword">self</span>.<span class="ruby-identifier">class</span>.<span class="ruby-identifier">parse_tl_signature</span>(<span class="ruby-identifier">tl_signature</span>)
+  <span class="ruby-identifier">public_key</span> = <span class="ruby-identifier">retrieve_public_key</span>(<span class="ruby-identifier">key_type</span>, <span class="ruby-identifier">key_value</span>, <span class="ruby-identifier">jws_header</span>)
+
+  <span class="ruby-identifier">raise</span>(<span class="ruby-constant">Error</span>, <span class="ruby-string">&quot;Unexpected `alg` header value&quot;</span>) <span class="ruby-keyword">if</span> <span class="ruby-identifier">jws_header</span>.<span class="ruby-identifier">alg</span> <span class="ruby-operator">!=</span> <span class="ruby-constant">TrueLayerSigning</span>.<span class="ruby-identifier">algorithm</span>
+
+  <span class="ruby-identifier">ordered_headers</span> = <span class="ruby-identifier">jws_header</span>.<span class="ruby-identifier">filter_headers</span>(<span class="ruby-identifier">headers</span>)
+  <span class="ruby-identifier">normalised_headers</span> = {}
+  <span class="ruby-identifier">ordered_headers</span>.<span class="ruby-identifier">to_a</span>.<span class="ruby-identifier">each</span> { <span class="ruby-operator">|</span><span class="ruby-identifier">header</span><span class="ruby-operator">|</span> <span class="ruby-identifier">normalised_headers</span>[<span class="ruby-identifier">header</span>.<span class="ruby-identifier">first</span>.<span class="ruby-identifier">downcase</span>] = <span class="ruby-identifier">header</span>.<span class="ruby-identifier">last</span> }
+
+  <span class="ruby-identifier">raise</span>(<span class="ruby-constant">Error</span>, <span class="ruby-string">&quot;Signature missing required header(s)&quot;</span>) <span class="ruby-keyword">if</span> <span class="ruby-identifier">required_headers</span> <span class="ruby-operator">&amp;&amp;</span>
+    <span class="ruby-identifier">required_headers</span>.<span class="ruby-identifier">any?</span> { <span class="ruby-operator">|</span><span class="ruby-identifier">key</span><span class="ruby-operator">|</span> <span class="ruby-operator">!</span><span class="ruby-identifier">normalised_headers</span>.<span class="ruby-identifier">has_key?</span>(<span class="ruby-identifier">key</span>.<span class="ruby-identifier">downcase</span>) }
+
+  <span class="ruby-identifier">payload_b64</span> = <span class="ruby-constant">Base64</span>.<span class="ruby-identifier">urlsafe_encode64</span>(<span class="ruby-identifier">build_signing_payload</span>(<span class="ruby-identifier">ordered_headers</span>), <span class="ruby-value">padding:</span> <span class="ruby-keyword">false</span>)
+  <span class="ruby-identifier">full_signature</span> = [<span class="ruby-identifier">jws_header_b64</span>, <span class="ruby-identifier">payload_b64</span>, <span class="ruby-identifier">signature_b64</span>].<span class="ruby-identifier">join</span>(<span class="ruby-string">&quot;.&quot;</span>)
+  <span class="ruby-identifier">jwt_options</span> = { <span class="ruby-value">algorithm:</span> <span class="ruby-constant">TrueLayerSigning</span>.<span class="ruby-identifier">algorithm</span> }
+
+  <span class="ruby-keyword">begin</span>
+    <span class="ruby-constant">JWT</span>.<span class="ruby-identifier">decode</span>(<span class="ruby-identifier">full_signature</span>, <span class="ruby-identifier">public_key</span>, <span class="ruby-keyword">true</span>, <span class="ruby-identifier">jwt_options</span>)
+  <span class="ruby-keyword">rescue</span> <span class="ruby-constant">JWT</span><span class="ruby-operator">::</span><span class="ruby-constant">VerificationError</span>
+    <span class="ruby-ivar">@path</span> = <span class="ruby-identifier">path</span>.<span class="ruby-identifier">end_with?</span>(<span class="ruby-string">&quot;/&quot;</span>) <span class="ruby-operator">&amp;&amp;</span> <span class="ruby-identifier">path</span>[<span class="ruby-value">0</span><span class="ruby-operator">...</span><span class="ruby-value">-1</span>] <span class="ruby-operator">||</span> <span class="ruby-identifier">path</span> <span class="ruby-operator">+</span> <span class="ruby-string">&quot;/&quot;</span>
+    <span class="ruby-identifier">payload_b64</span> = <span class="ruby-constant">Base64</span>.<span class="ruby-identifier">urlsafe_encode64</span>(<span class="ruby-identifier">build_signing_payload</span>(<span class="ruby-identifier">ordered_headers</span>),
+                                          <span class="ruby-value">padding:</span> <span class="ruby-keyword">false</span>)
+    <span class="ruby-identifier">full_signature</span> = [<span class="ruby-identifier">jws_header_b64</span>, <span class="ruby-identifier">payload_b64</span>, <span class="ruby-identifier">signature_b64</span>].<span class="ruby-identifier">join</span>(<span class="ruby-string">&quot;.&quot;</span>)
+
+    <span class="ruby-keyword">begin</span>
+      <span class="ruby-constant">JWT</span>.<span class="ruby-identifier">decode</span>(<span class="ruby-identifier">full_signature</span>, <span class="ruby-identifier">public_key</span>, <span class="ruby-keyword">true</span>, <span class="ruby-identifier">jwt_options</span>)
+    <span class="ruby-keyword">rescue</span>
+      <span class="ruby-identifier">raise</span>(<span class="ruby-constant">Error</span>, <span class="ruby-string">&quot;Signature verification failed&quot;</span>)
+    <span class="ruby-keyword">end</span>
+  <span class="ruby-keyword">end</span>
+<span class="ruby-keyword">end</span></pre>
+          </div>
+        </div>
+
+
+      </div>
+
+    </section>
+
+  </section>
+</main>
+
+
+<footer id="validator-badges" role="contentinfo">
+  <p><a href="https://validator.w3.org/check/referer">Validate</a>
+  <p>Generated by <a href="https://ruby.github.io/rdoc/">RDoc</a> 6.5.0.
+  <p>Based on <a href="http://deveiate.org/projects/Darkfish-RDoc/">Darkfish</a> by <a href="http://deveiate.org">Michael Granger</a>.
+</footer>
+