vestauth 0.2.2 → 0.4.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/README.md +1 -1
- data/lib/vestauth/agent.rb +15 -0
- data/lib/vestauth/binary.rb +51 -5
- data/lib/vestauth/primitives.rb +22 -0
- data/lib/vestauth/provider.rb +3 -38
- data/lib/vestauth/tool.rb +42 -0
- data/lib/vestauth/version.rb +1 -1
- data/lib/vestauth.rb +14 -4
- metadata +4 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 8c89e42127df034e314cc6b11c576f76165c3ba8f99b0b6540eb9aee92e77541
|
|
4
|
+
data.tar.gz: 74d41456361216beb075c498b1cb6f1f8f1cf381628d64303ab5e8af2daf76cd
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: '098e54f2851e34efa9b82d5a5d0afc0f5d531c27f23cb41384764f1a10f6238e232ca14971e98df38dea2ba48f41db2f5946b5c3b8900ab0e8c36ecf322851f2'
|
|
7
|
+
data.tar.gz: 44a27df536ced66a434eaf705caa617cb545f0883f979fdf8574b7b23544a109870873848ee3c6e802931a6b744d6af325cacaa4bbbf87ea243f0896e37a8dd9
|
data/README.md
CHANGED
|
@@ -17,7 +17,7 @@ class ApplicationController < ActionController::Base
|
|
|
17
17
|
private
|
|
18
18
|
|
|
19
19
|
def verify_agent!
|
|
20
|
-
@current_agent ||= Vestauth.
|
|
20
|
+
@current_agent ||= Vestauth.tool.verify(http_method: request.method, uri: request.original_url, headers: request.headers)
|
|
21
21
|
rescue => e
|
|
22
22
|
render json: { error: { status: 401, code: 401, message: e.message } }, status: 401
|
|
23
23
|
end
|
data/lib/vestauth/agent.rb
CHANGED
|
@@ -2,5 +2,20 @@
|
|
|
2
2
|
|
|
3
3
|
module Vestauth
|
|
4
4
|
module Agent
|
|
5
|
+
module_function
|
|
6
|
+
|
|
7
|
+
def headers(http_method:, uri:, private_key:, id:)
|
|
8
|
+
vestauth_binary.agent_headers(
|
|
9
|
+
http_method: http_method,
|
|
10
|
+
uri: uri,
|
|
11
|
+
private_key: private_key,
|
|
12
|
+
id: id
|
|
13
|
+
)
|
|
14
|
+
end
|
|
15
|
+
|
|
16
|
+
def vestauth_binary
|
|
17
|
+
Vestauth::Binary.new
|
|
18
|
+
end
|
|
19
|
+
private_class_method :vestauth_binary
|
|
5
20
|
end
|
|
6
21
|
end
|
data/lib/vestauth/binary.rb
CHANGED
|
@@ -2,7 +2,6 @@
|
|
|
2
2
|
|
|
3
3
|
require "json"
|
|
4
4
|
require "open3"
|
|
5
|
-
require "shellwords"
|
|
6
5
|
|
|
7
6
|
module Vestauth
|
|
8
7
|
class Binary
|
|
@@ -10,10 +9,10 @@ module Vestauth
|
|
|
10
9
|
@executable = executable
|
|
11
10
|
end
|
|
12
11
|
|
|
13
|
-
def
|
|
12
|
+
def tool_verify(http_method:, uri:, signature:, signature_input:, signature_agent:)
|
|
14
13
|
command = [
|
|
15
14
|
@executable,
|
|
16
|
-
"
|
|
15
|
+
"tool",
|
|
17
16
|
"verify",
|
|
18
17
|
http_method,
|
|
19
18
|
uri,
|
|
@@ -28,15 +27,62 @@ module Vestauth
|
|
|
28
27
|
run_json_command(command)
|
|
29
28
|
end
|
|
30
29
|
|
|
30
|
+
def agent_headers(http_method:, uri:, private_key:, id:)
|
|
31
|
+
private_jwk = serialize_json_arg(private_key, name: "private_key")
|
|
32
|
+
|
|
33
|
+
command = [
|
|
34
|
+
@executable,
|
|
35
|
+
"agent",
|
|
36
|
+
"headers",
|
|
37
|
+
http_method,
|
|
38
|
+
uri,
|
|
39
|
+
"--private-jwk",
|
|
40
|
+
private_jwk,
|
|
41
|
+
"--uid",
|
|
42
|
+
id
|
|
43
|
+
]
|
|
44
|
+
|
|
45
|
+
run_json_command(command)
|
|
46
|
+
end
|
|
47
|
+
|
|
48
|
+
def primitives_verify(http_method:, uri:, signature_header:, signature_input_header:, public_key:)
|
|
49
|
+
public_jwk = serialize_json_arg(public_key, name: "public_key")
|
|
50
|
+
|
|
51
|
+
command = [
|
|
52
|
+
@executable,
|
|
53
|
+
"primitives",
|
|
54
|
+
"verify",
|
|
55
|
+
http_method,
|
|
56
|
+
uri,
|
|
57
|
+
"--signature",
|
|
58
|
+
signature_header,
|
|
59
|
+
"--signature-input",
|
|
60
|
+
signature_input_header,
|
|
61
|
+
"--public-jwk",
|
|
62
|
+
public_jwk
|
|
63
|
+
]
|
|
64
|
+
|
|
65
|
+
run_json_command(command)
|
|
66
|
+
end
|
|
67
|
+
|
|
31
68
|
private
|
|
32
69
|
|
|
33
70
|
def run_json_command(command_args)
|
|
34
|
-
|
|
35
|
-
stdout, stderr, status = Open3.capture3(
|
|
71
|
+
argv = command_args.map { |arg| arg.nil? ? "" : arg.to_s }
|
|
72
|
+
stdout, stderr, status = Open3.capture3(*argv)
|
|
36
73
|
|
|
37
74
|
raise Vestauth::Error, (stderr.to_s.strip.empty? ? stdout : stderr) unless status.success?
|
|
38
75
|
|
|
39
76
|
JSON.parse(stdout)
|
|
40
77
|
end
|
|
78
|
+
|
|
79
|
+
def serialize_json_arg(value, name:)
|
|
80
|
+
return value if value.is_a?(String)
|
|
81
|
+
return JSON.generate(value) if value.is_a?(Hash) || value.is_a?(Array)
|
|
82
|
+
return JSON.generate(value.to_h) if value.respond_to?(:to_h)
|
|
83
|
+
return JSON.generate(value.as_json) if value.respond_to?(:as_json)
|
|
84
|
+
|
|
85
|
+
raise ArgumentError, "#{name} must be a JSON string, Hash/Array, or object responding to #to_h"
|
|
86
|
+
end
|
|
41
87
|
end
|
|
42
88
|
end
|
|
@@ -0,0 +1,22 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
module Vestauth
|
|
4
|
+
module Primitives
|
|
5
|
+
module_function
|
|
6
|
+
|
|
7
|
+
def verify(http_method:, uri:, signature_header:, signature_input_header:, public_key:)
|
|
8
|
+
vestauth_binary.primitives_verify(
|
|
9
|
+
http_method: http_method,
|
|
10
|
+
uri: uri,
|
|
11
|
+
signature_header: signature_header,
|
|
12
|
+
signature_input_header: signature_input_header,
|
|
13
|
+
public_key: public_key
|
|
14
|
+
)
|
|
15
|
+
end
|
|
16
|
+
|
|
17
|
+
def vestauth_binary
|
|
18
|
+
Vestauth::Binary.new
|
|
19
|
+
end
|
|
20
|
+
private_class_method :vestauth_binary
|
|
21
|
+
end
|
|
22
|
+
end
|
data/lib/vestauth/provider.rb
CHANGED
|
@@ -1,42 +1,7 @@
|
|
|
1
1
|
# frozen_string_literal: true
|
|
2
2
|
|
|
3
|
-
|
|
4
|
-
module Provider
|
|
5
|
-
module_function
|
|
6
|
-
|
|
7
|
-
def verify(http_method:, uri:, headers:)
|
|
8
|
-
signature = signature_header(headers)
|
|
9
|
-
signature_input = signature_input_header(headers)
|
|
10
|
-
signature_agent = signature_agent_header(headers)
|
|
11
|
-
|
|
12
|
-
attrs = {
|
|
13
|
-
http_method: http_method,
|
|
14
|
-
uri: uri,
|
|
15
|
-
signature: signature,
|
|
16
|
-
signature_input: signature_input,
|
|
17
|
-
signature_agent: signature_agent
|
|
18
|
-
}
|
|
19
|
-
vestauth_binary.provider_verify(**attrs)
|
|
20
|
-
end
|
|
21
|
-
|
|
22
|
-
def vestauth_binary
|
|
23
|
-
Vestauth::Binary.new
|
|
24
|
-
end
|
|
25
|
-
private_class_method :vestauth_binary
|
|
3
|
+
require_relative "tool"
|
|
26
4
|
|
|
27
|
-
|
|
28
|
-
|
|
29
|
-
end
|
|
30
|
-
private_class_method :signature_header
|
|
31
|
-
|
|
32
|
-
def signature_input_header(headers)
|
|
33
|
-
headers["Signature-Input"] || headers["signature-input"]
|
|
34
|
-
end
|
|
35
|
-
private_class_method :signature_input_header
|
|
36
|
-
|
|
37
|
-
def signature_agent_header(headers)
|
|
38
|
-
headers["Signature-Agent"] || headers["signature-agent"]
|
|
39
|
-
end
|
|
40
|
-
private_class_method :signature_agent_header
|
|
41
|
-
end
|
|
5
|
+
module Vestauth
|
|
6
|
+
Provider = Tool
|
|
42
7
|
end
|
|
@@ -0,0 +1,42 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
module Vestauth
|
|
4
|
+
module Tool
|
|
5
|
+
module_function
|
|
6
|
+
|
|
7
|
+
def verify(http_method:, uri:, headers:)
|
|
8
|
+
signature = signature_header(headers)
|
|
9
|
+
signature_input = signature_input_header(headers)
|
|
10
|
+
signature_agent = signature_agent_header(headers)
|
|
11
|
+
|
|
12
|
+
attrs = {
|
|
13
|
+
http_method: http_method,
|
|
14
|
+
uri: uri,
|
|
15
|
+
signature: signature,
|
|
16
|
+
signature_input: signature_input,
|
|
17
|
+
signature_agent: signature_agent
|
|
18
|
+
}
|
|
19
|
+
vestauth_binary.tool_verify(**attrs)
|
|
20
|
+
end
|
|
21
|
+
|
|
22
|
+
def vestauth_binary
|
|
23
|
+
Vestauth::Binary.new
|
|
24
|
+
end
|
|
25
|
+
private_class_method :vestauth_binary
|
|
26
|
+
|
|
27
|
+
def signature_header(headers)
|
|
28
|
+
headers["Signature"] || headers["signature"]
|
|
29
|
+
end
|
|
30
|
+
private_class_method :signature_header
|
|
31
|
+
|
|
32
|
+
def signature_input_header(headers)
|
|
33
|
+
headers["Signature-Input"] || headers["signature-input"]
|
|
34
|
+
end
|
|
35
|
+
private_class_method :signature_input_header
|
|
36
|
+
|
|
37
|
+
def signature_agent_header(headers)
|
|
38
|
+
headers["Signature-Agent"] || headers["signature-agent"]
|
|
39
|
+
end
|
|
40
|
+
private_class_method :signature_agent_header
|
|
41
|
+
end
|
|
42
|
+
end
|
data/lib/vestauth/version.rb
CHANGED
data/lib/vestauth.rb
CHANGED
|
@@ -3,19 +3,29 @@
|
|
|
3
3
|
require_relative "vestauth/version"
|
|
4
4
|
require_relative "vestauth/agent"
|
|
5
5
|
require_relative "vestauth/binary"
|
|
6
|
+
require_relative "vestauth/primitives"
|
|
7
|
+
require_relative "vestauth/tool"
|
|
6
8
|
require_relative "vestauth/provider"
|
|
7
9
|
|
|
8
10
|
module Vestauth
|
|
9
11
|
class Error < StandardError; end
|
|
10
12
|
|
|
11
|
-
def self.provider
|
|
12
|
-
Provider
|
|
13
|
-
end
|
|
14
|
-
|
|
15
13
|
def self.agent
|
|
16
14
|
Agent
|
|
17
15
|
end
|
|
18
16
|
|
|
17
|
+
def self.tool
|
|
18
|
+
Tool
|
|
19
|
+
end
|
|
20
|
+
|
|
21
|
+
class << self
|
|
22
|
+
alias provider tool
|
|
23
|
+
end
|
|
24
|
+
|
|
25
|
+
def self.primitives
|
|
26
|
+
Primitives
|
|
27
|
+
end
|
|
28
|
+
|
|
19
29
|
def self.binary
|
|
20
30
|
Binary
|
|
21
31
|
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: vestauth
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.4.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- motdotla
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: exe
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2026-02-
|
|
11
|
+
date: 2026-02-26 00:00:00.000000000 Z
|
|
12
12
|
dependencies: []
|
|
13
13
|
description: web-bot-auth for agents–from the creator of `dotenv` and `dotenvx`
|
|
14
14
|
email:
|
|
@@ -25,7 +25,9 @@ files:
|
|
|
25
25
|
- lib/vestauth.rb
|
|
26
26
|
- lib/vestauth/agent.rb
|
|
27
27
|
- lib/vestauth/binary.rb
|
|
28
|
+
- lib/vestauth/primitives.rb
|
|
28
29
|
- lib/vestauth/provider.rb
|
|
30
|
+
- lib/vestauth/tool.rb
|
|
29
31
|
- lib/vestauth/version.rb
|
|
30
32
|
homepage: https://vestauth.com
|
|
31
33
|
licenses:
|