vinz 1.1.7
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +7 -0
- data/.gitignore +18 -0
- data/.rspec +1 -0
- data/Gemfile +4 -0
- data/LICENSE.txt +22 -0
- data/README.md +29 -0
- data/Rakefile +1 -0
- data/lib/vinz.rb +4 -0
- data/lib/vinz/crypto.rb +38 -0
- data/lib/vinz/error.rb +6 -0
- data/lib/vinz/url.rb +25 -0
- data/lib/vinz/version.rb +3 -0
- data/spec/spec_helper.rb +20 -0
- data/spec/vinz_crypto_spec.rb +26 -0
- data/spec/vinz_url_spec.rb +30 -0
- data/vinz.gemspec +30 -0
- metadata +147 -0
checksums.yaml
ADDED
@@ -0,0 +1,7 @@
|
|
1
|
+
---
|
2
|
+
SHA1:
|
3
|
+
metadata.gz: ca33f414b21a2acfcec372b8715904315ef518e7
|
4
|
+
data.tar.gz: 1da6ef4d9af594b2aa4aba59db77f9541375472d
|
5
|
+
SHA512:
|
6
|
+
metadata.gz: d283c57d7816c836dfc492d35b34313c54f9148e95a4c5ab0c26425653e74dc5f5af7822aa59f067d6e1d196a89a0dd12b1980bc6720bb1fabee04bb3c3ffa07
|
7
|
+
data.tar.gz: de10364ec0af102dd5e3318dc90f3f5397655618e41f78a72e8916e2f9ba85f4245c1c88eb36c44f7c201564de88f0069a42ed1402415f8410e564358130e6d2
|
data/.gitignore
ADDED
data/.rspec
ADDED
@@ -0,0 +1 @@
|
|
1
|
+
--color
|
data/Gemfile
ADDED
data/LICENSE.txt
ADDED
@@ -0,0 +1,22 @@
|
|
1
|
+
Copyright (c) 2013 Ged Dackys
|
2
|
+
|
3
|
+
MIT License
|
4
|
+
|
5
|
+
Permission is hereby granted, free of charge, to any person obtaining
|
6
|
+
a copy of this software and associated documentation files (the
|
7
|
+
"Software"), to deal in the Software without restriction, including
|
8
|
+
without limitation the rights to use, copy, modify, merge, publish,
|
9
|
+
distribute, sublicense, and/or sell copies of the Software, and to
|
10
|
+
permit persons to whom the Software is furnished to do so, subject to
|
11
|
+
the following conditions:
|
12
|
+
|
13
|
+
The above copyright notice and this permission notice shall be
|
14
|
+
included in all copies or substantial portions of the Software.
|
15
|
+
|
16
|
+
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
|
17
|
+
EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
|
18
|
+
MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
|
19
|
+
NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
|
20
|
+
LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
|
21
|
+
OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
|
22
|
+
WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
|
data/README.md
ADDED
@@ -0,0 +1,29 @@
|
|
1
|
+
# Vinz
|
2
|
+
|
3
|
+
Vinz encrypts traffic between Zuul and it's consumers
|
4
|
+
|
5
|
+
## Installation
|
6
|
+
|
7
|
+
Add this line to your application's Gemfile:
|
8
|
+
|
9
|
+
gem 'vinz'
|
10
|
+
|
11
|
+
And then execute:
|
12
|
+
|
13
|
+
$ bundle
|
14
|
+
|
15
|
+
Or install it yourself as:
|
16
|
+
|
17
|
+
$ gem install vinz
|
18
|
+
|
19
|
+
## Usage
|
20
|
+
|
21
|
+
TODO: Write usage instructions here
|
22
|
+
|
23
|
+
## Contributing
|
24
|
+
|
25
|
+
1. Fork it
|
26
|
+
2. Create your feature branch (`git checkout -b my-new-feature`)
|
27
|
+
3. Commit your changes (`git commit -am 'Add some feature'`)
|
28
|
+
4. Push to the branch (`git push origin my-new-feature`)
|
29
|
+
5. Create new Pull Request
|
data/Rakefile
ADDED
@@ -0,0 +1 @@
|
|
1
|
+
require "bundler/gem_tasks"
|
data/lib/vinz.rb
ADDED
data/lib/vinz/crypto.rb
ADDED
@@ -0,0 +1,38 @@
|
|
1
|
+
require 'active_support/message_encryptor'
|
2
|
+
require 'active_support/message_verifier'
|
3
|
+
require 'active_support/key_generator'
|
4
|
+
|
5
|
+
module Vinz
|
6
|
+
class Crypto
|
7
|
+
def initialize(key)
|
8
|
+
_key = ActiveSupport::KeyGenerator.new(key).generate_key(key, 32)
|
9
|
+
@crypt = ActiveSupport::MessageEncryptor.new(_key)
|
10
|
+
end
|
11
|
+
|
12
|
+
def encrypt(message)
|
13
|
+
@crypt.encrypt_and_sign(message)
|
14
|
+
end
|
15
|
+
|
16
|
+
def decrypt(message)
|
17
|
+
@crypt.decrypt_and_verify(message)
|
18
|
+
rescue ActiveSupport::MessageVerifier::InvalidSignature => ignore
|
19
|
+
raise Vinz::Error.new('invalid signature')
|
20
|
+
rescue ActiveSupport::MessageEncryptor::InvalidMessage => ignore
|
21
|
+
raise Vinz::Error.new('invalid message')
|
22
|
+
end
|
23
|
+
|
24
|
+
def encode(message)
|
25
|
+
encrypted = encrypt(message)
|
26
|
+
Base64.urlsafe_encode64(encrypted)
|
27
|
+
end
|
28
|
+
|
29
|
+
def decode(message)
|
30
|
+
decoded64 = Base64.urlsafe_decode64(message)
|
31
|
+
decrypt(decoded64)
|
32
|
+
rescue ArgumentError => ignore
|
33
|
+
raise Vinz::Error.new('invalid encoding')
|
34
|
+
rescue NoMethodError => ignore
|
35
|
+
raise Vinz::Error.new('invalid message')
|
36
|
+
end
|
37
|
+
end
|
38
|
+
end
|
data/lib/vinz/error.rb
ADDED
data/lib/vinz/url.rb
ADDED
@@ -0,0 +1,25 @@
|
|
1
|
+
require 'rack/utils'
|
2
|
+
require 'uri'
|
3
|
+
|
4
|
+
module Vinz
|
5
|
+
class Url
|
6
|
+
def initialize(uri, crypto)
|
7
|
+
@uri = uri.is_a?(String) ? URI.parse(uri) : uri
|
8
|
+
@crypto = crypto
|
9
|
+
@param_key = '_creq'
|
10
|
+
end
|
11
|
+
|
12
|
+
def pack(message)
|
13
|
+
uri = @uri.clone
|
14
|
+
query = Rack::Utils.parse_nested_query(uri.query)
|
15
|
+
query[@param_key] = @crypto.encode(message)
|
16
|
+
uri.query = Rack::Utils.build_nested_query(query)
|
17
|
+
uri
|
18
|
+
end
|
19
|
+
|
20
|
+
def unpack
|
21
|
+
query = Rack::Utils.parse_nested_query(@uri.query)
|
22
|
+
@crypto.decode(query[@param_key])
|
23
|
+
end
|
24
|
+
end
|
25
|
+
end
|
data/lib/vinz/version.rb
ADDED
data/spec/spec_helper.rb
ADDED
@@ -0,0 +1,20 @@
|
|
1
|
+
require 'simplecov'
|
2
|
+
|
3
|
+
SimpleCov.start do
|
4
|
+
add_filter 'spec'
|
5
|
+
end
|
6
|
+
|
7
|
+
require 'bundler/setup'
|
8
|
+
require 'vinz'
|
9
|
+
|
10
|
+
RSpec.configure do |config|
|
11
|
+
config.order = 'random'
|
12
|
+
|
13
|
+
config.expect_with :rspec do |c|
|
14
|
+
c.syntax = :expect
|
15
|
+
end
|
16
|
+
|
17
|
+
config.mock_with :rspec do |c|
|
18
|
+
c.syntax = :expect
|
19
|
+
end
|
20
|
+
end
|
@@ -0,0 +1,26 @@
|
|
1
|
+
require 'spec_helper'
|
2
|
+
require 'securerandom'
|
3
|
+
|
4
|
+
describe Vinz::Crypto do
|
5
|
+
let(:message) { {foo: 'bar'} }
|
6
|
+
let(:key) { SecureRandom.hex(128) }
|
7
|
+
subject { described_class.new(key) }
|
8
|
+
|
9
|
+
describe 'when key is valid' do
|
10
|
+
it 'encrypts and decrypts message' do
|
11
|
+
encrypted = subject.encrypt(message)
|
12
|
+
decrypted = subject.decrypt(encrypted)
|
13
|
+
expect(decrypted).to eq(message)
|
14
|
+
end
|
15
|
+
end
|
16
|
+
|
17
|
+
describe 'when key is invalid' do
|
18
|
+
it 'raises an exception' do
|
19
|
+
enc = described_class.new(SecureRandom.hex(128))
|
20
|
+
encrypted = enc.encrypt(message)
|
21
|
+
dec = described_class.new(SecureRandom.hex(128))
|
22
|
+
|
23
|
+
expect { dec.decrypt(encrypted) }.to raise_error(Vinz::Error)
|
24
|
+
end
|
25
|
+
end
|
26
|
+
end
|
@@ -0,0 +1,30 @@
|
|
1
|
+
require 'spec_helper'
|
2
|
+
require 'securerandom'
|
3
|
+
|
4
|
+
describe Vinz::Url do
|
5
|
+
describe '#pack / #unpack' do
|
6
|
+
let(:key) { SecureRandom.hex(128) }
|
7
|
+
let(:crypto) { Vinz::Crypto.new(key) }
|
8
|
+
let(:url) { 'http://localhost/foo' }
|
9
|
+
let(:uri) { URI.parse(url) }
|
10
|
+
|
11
|
+
it 'packs and unpacks the message' do
|
12
|
+
message = {foo: 'bar'}
|
13
|
+
|
14
|
+
packer = Vinz::Url.new(uri, crypto)
|
15
|
+
packed = packer.pack(message)
|
16
|
+
|
17
|
+
unpacker = Vinz::Url.new(packed, crypto)
|
18
|
+
payload = unpacker.unpack
|
19
|
+
|
20
|
+
expect(payload).to eq(message)
|
21
|
+
end
|
22
|
+
|
23
|
+
context 'when base64 is invalid' do
|
24
|
+
it 'raises an error' do
|
25
|
+
unpacker = Vinz::Url.new("#{url}?_creq=foobar", crypto)
|
26
|
+
expect { unpacker.unpack }.to raise_error(Vinz::Error)
|
27
|
+
end
|
28
|
+
end
|
29
|
+
end
|
30
|
+
end
|
data/vinz.gemspec
ADDED
@@ -0,0 +1,30 @@
|
|
1
|
+
# coding: utf-8
|
2
|
+
lib = File.expand_path('../lib', __FILE__)
|
3
|
+
$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
|
4
|
+
require 'vinz/version'
|
5
|
+
|
6
|
+
Gem::Specification.new do |spec|
|
7
|
+
spec.name = 'vinz'
|
8
|
+
spec.version = Vinz::VERSION
|
9
|
+
spec.authors = ['Ged Dackys', 'Alex Rowan']
|
10
|
+
spec.email = ['developers@wordtracker.com']
|
11
|
+
spec.description = %q{This is a description}
|
12
|
+
spec.summary = %q{This is a summary of this fancy new gem}
|
13
|
+
spec.homepage = 'https://bitbucket.org/wordtracker/vinz'
|
14
|
+
spec.license = 'MIT'
|
15
|
+
|
16
|
+
spec.files = `git ls-files`.split($/)
|
17
|
+
spec.executables = spec.files.grep(%r{^bin/}) { |f| File.basename(f) }
|
18
|
+
spec.test_files = spec.files.grep(%r{^(test|spec|features)/})
|
19
|
+
spec.require_paths = ['lib']
|
20
|
+
|
21
|
+
spec.add_development_dependency 'bundler', '~> 1.16.0'
|
22
|
+
spec.add_development_dependency 'rake'
|
23
|
+
spec.add_development_dependency 'rspec'
|
24
|
+
spec.add_development_dependency 'simplecov'
|
25
|
+
|
26
|
+
spec.required_ruby_version = '~> 2.4.2'
|
27
|
+
|
28
|
+
spec.add_dependency 'activesupport'
|
29
|
+
spec.add_dependency 'rack', '~> 2.0'
|
30
|
+
end
|
metadata
ADDED
@@ -0,0 +1,147 @@
|
|
1
|
+
--- !ruby/object:Gem::Specification
|
2
|
+
name: vinz
|
3
|
+
version: !ruby/object:Gem::Version
|
4
|
+
version: 1.1.7
|
5
|
+
platform: ruby
|
6
|
+
authors:
|
7
|
+
- Ged Dackys
|
8
|
+
- Alex Rowan
|
9
|
+
autorequire:
|
10
|
+
bindir: bin
|
11
|
+
cert_chain: []
|
12
|
+
date: 2017-11-24 00:00:00.000000000 Z
|
13
|
+
dependencies:
|
14
|
+
- !ruby/object:Gem::Dependency
|
15
|
+
name: bundler
|
16
|
+
requirement: !ruby/object:Gem::Requirement
|
17
|
+
requirements:
|
18
|
+
- - "~>"
|
19
|
+
- !ruby/object:Gem::Version
|
20
|
+
version: 1.16.0
|
21
|
+
type: :development
|
22
|
+
prerelease: false
|
23
|
+
version_requirements: !ruby/object:Gem::Requirement
|
24
|
+
requirements:
|
25
|
+
- - "~>"
|
26
|
+
- !ruby/object:Gem::Version
|
27
|
+
version: 1.16.0
|
28
|
+
- !ruby/object:Gem::Dependency
|
29
|
+
name: rake
|
30
|
+
requirement: !ruby/object:Gem::Requirement
|
31
|
+
requirements:
|
32
|
+
- - ">="
|
33
|
+
- !ruby/object:Gem::Version
|
34
|
+
version: '0'
|
35
|
+
type: :development
|
36
|
+
prerelease: false
|
37
|
+
version_requirements: !ruby/object:Gem::Requirement
|
38
|
+
requirements:
|
39
|
+
- - ">="
|
40
|
+
- !ruby/object:Gem::Version
|
41
|
+
version: '0'
|
42
|
+
- !ruby/object:Gem::Dependency
|
43
|
+
name: rspec
|
44
|
+
requirement: !ruby/object:Gem::Requirement
|
45
|
+
requirements:
|
46
|
+
- - ">="
|
47
|
+
- !ruby/object:Gem::Version
|
48
|
+
version: '0'
|
49
|
+
type: :development
|
50
|
+
prerelease: false
|
51
|
+
version_requirements: !ruby/object:Gem::Requirement
|
52
|
+
requirements:
|
53
|
+
- - ">="
|
54
|
+
- !ruby/object:Gem::Version
|
55
|
+
version: '0'
|
56
|
+
- !ruby/object:Gem::Dependency
|
57
|
+
name: simplecov
|
58
|
+
requirement: !ruby/object:Gem::Requirement
|
59
|
+
requirements:
|
60
|
+
- - ">="
|
61
|
+
- !ruby/object:Gem::Version
|
62
|
+
version: '0'
|
63
|
+
type: :development
|
64
|
+
prerelease: false
|
65
|
+
version_requirements: !ruby/object:Gem::Requirement
|
66
|
+
requirements:
|
67
|
+
- - ">="
|
68
|
+
- !ruby/object:Gem::Version
|
69
|
+
version: '0'
|
70
|
+
- !ruby/object:Gem::Dependency
|
71
|
+
name: activesupport
|
72
|
+
requirement: !ruby/object:Gem::Requirement
|
73
|
+
requirements:
|
74
|
+
- - ">="
|
75
|
+
- !ruby/object:Gem::Version
|
76
|
+
version: '0'
|
77
|
+
type: :runtime
|
78
|
+
prerelease: false
|
79
|
+
version_requirements: !ruby/object:Gem::Requirement
|
80
|
+
requirements:
|
81
|
+
- - ">="
|
82
|
+
- !ruby/object:Gem::Version
|
83
|
+
version: '0'
|
84
|
+
- !ruby/object:Gem::Dependency
|
85
|
+
name: rack
|
86
|
+
requirement: !ruby/object:Gem::Requirement
|
87
|
+
requirements:
|
88
|
+
- - "~>"
|
89
|
+
- !ruby/object:Gem::Version
|
90
|
+
version: '2.0'
|
91
|
+
type: :runtime
|
92
|
+
prerelease: false
|
93
|
+
version_requirements: !ruby/object:Gem::Requirement
|
94
|
+
requirements:
|
95
|
+
- - "~>"
|
96
|
+
- !ruby/object:Gem::Version
|
97
|
+
version: '2.0'
|
98
|
+
description: This is a description
|
99
|
+
email:
|
100
|
+
- developers@wordtracker.com
|
101
|
+
executables: []
|
102
|
+
extensions: []
|
103
|
+
extra_rdoc_files: []
|
104
|
+
files:
|
105
|
+
- ".gitignore"
|
106
|
+
- ".rspec"
|
107
|
+
- Gemfile
|
108
|
+
- LICENSE.txt
|
109
|
+
- README.md
|
110
|
+
- Rakefile
|
111
|
+
- lib/vinz.rb
|
112
|
+
- lib/vinz/crypto.rb
|
113
|
+
- lib/vinz/error.rb
|
114
|
+
- lib/vinz/url.rb
|
115
|
+
- lib/vinz/version.rb
|
116
|
+
- spec/spec_helper.rb
|
117
|
+
- spec/vinz_crypto_spec.rb
|
118
|
+
- spec/vinz_url_spec.rb
|
119
|
+
- vinz.gemspec
|
120
|
+
homepage: https://bitbucket.org/wordtracker/vinz
|
121
|
+
licenses:
|
122
|
+
- MIT
|
123
|
+
metadata: {}
|
124
|
+
post_install_message:
|
125
|
+
rdoc_options: []
|
126
|
+
require_paths:
|
127
|
+
- lib
|
128
|
+
required_ruby_version: !ruby/object:Gem::Requirement
|
129
|
+
requirements:
|
130
|
+
- - "~>"
|
131
|
+
- !ruby/object:Gem::Version
|
132
|
+
version: 2.4.2
|
133
|
+
required_rubygems_version: !ruby/object:Gem::Requirement
|
134
|
+
requirements:
|
135
|
+
- - ">="
|
136
|
+
- !ruby/object:Gem::Version
|
137
|
+
version: '0'
|
138
|
+
requirements: []
|
139
|
+
rubyforge_project:
|
140
|
+
rubygems_version: 2.6.13
|
141
|
+
signing_key:
|
142
|
+
specification_version: 4
|
143
|
+
summary: This is a summary of this fancy new gem
|
144
|
+
test_files:
|
145
|
+
- spec/spec_helper.rb
|
146
|
+
- spec/vinz_crypto_spec.rb
|
147
|
+
- spec/vinz_url_spec.rb
|