x1-sat-support 0.0.2

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: 6968093245123be8d17c9bf51b06158a25671476
+  data.tar.gz: b1c6a1a1680279e96d7a0c40d9ccf72728d211fe
+SHA512:
+  metadata.gz: 8944bbf84c9d9d75b47fb00417bab72c464d5f17f827988aba8252c511cd96453072b423d266c95c770986ff8b9d2ae630d26b9cd5e63c44393d4f2eccd025ee
+  data.tar.gz: bbb09b4609796f95ab28900691052936f286ed33f562d6b5bc156918da5b5982bbdd30695a0f13d3f92ecebf44bdbb7cf123d2a0a39593b9346284703361ccca

data/README.md

@@ -0,0 +1,32 @@
+##Install
+Add to Gemfile:
+  gem 'x1-sat-support'
+
+Generate config file by:
+  rake x1_sat_support:generate_config
+
+Edit x1_sat_support.yml:
+  key_url: #url with public key
+  sat_token_url: #url with serviceAccessToken
+  path_to_store_keys: #path where public keys will be stored
+  keys_expiration_time: #lifetime for public key in seconds
+  numbers_of_keys_to_keep: #limit count public keys in storage (optional)
+
+  credentials:
+    principal: #header X-Codebig-Principal
+    client_id: #header X-Client-Id
+    client_secret: #header X-Client-Secret
+
+Run rake task:
+  rake x1_sat_support:update_keys
+
+#For manual use:
+```ruby
+require 'x1-sat-support'
+
+config = { "key_url"=>"...", "sat_token_url"=>"...", "path_to_store_keys"=>"...",
+           "keys_expiration_time"=>..., "numbers_of_keys_to_keep"=>...,
+           "credentials"=>{"principal"=>"...", "client_id"=>"...", "client_secret"=>"..."}}
+
+X1SatSupport::Client.new(config).update_keys
+```

data/lib/tasks/x1_sat_support.rake

@@ -0,0 +1,14 @@
+namespace :x1_sat_support do
+  desc 'Fetch public key from Sat service and store it'
+  task :update_keys do
+    config_file = File.exists?("config") ? "config/x1_sat_support.yml" : "x1_sat_support.yml"
+    raise "Config file is not found. Pleas run 'rake x1_sat_support:generate_config'" unless File.exists?(config_file)
+    X1SatSupport::Client.new(YAML.load(File.read(config_file))).update_keys
+  end
+
+  desc 'Generate config file'
+  task :generate_config do
+    config_file = File.exists?("config") ? "config/x1_sat_support.yml" : "x1_sat_support.yml"
+    File.write(config_file, File.read("#{File.expand_path("../../templates", __FILE__)}/x1_sat_support.yml"))
+  end
+end

data/lib/templates/x1_sat_support.yml

@@ -0,0 +1,10 @@
+key_url:
+sat_token_url:
+path_to_store_keys:
+keys_expiration_time:
+numbers_of_keys_to_keep:
+
+credentials:
+  principal:
+  client_id:
+  client_secret:

data/lib/x1-sat-support.rb

@@ -0,0 +1,5 @@
+require File.expand_path File.join(File.dirname(__FILE__), 'x1_sat_support/client.rb')
+
+module X1SatSupport
+  require 'x1_sat_support/railtie' if defined?(Rails)
+end

data/lib/x1_sat_support/client.rb

@@ -0,0 +1,94 @@
+require 'jwt'
+require 'rest-client'
+
+module X1SatSupport
+  class Client
+    #
+    # ==== Description
+    # This method initialize the client and client's variables
+    # ==== Parameters
+    # * <tt>config:</tt> - hash from config file that can be generated by 'rake x1_sat_support:generate_config'
+    #
+    def initialize(config)
+      @headers = {'X-Codebig-Principal' => config["credentials"]["principal"],
+                 'X-Client-Id' => config["credentials"]["client_id"],
+                 'X-Client-Secret' => config["credentials"]["client_secret"]}
+      @key_url = config["key_url"]
+      @sat_token_url = config["sat_token_url"]
+      @path_to_store_keys = config["path_to_store_keys"]
+      @keys_expiration_time = config["keys_expiration_time"]
+      @numbers_of_keys_to_keep = config["numbers_of_keys_to_keep"]
+    end
+    #
+    # ==== Description
+    # This method updates public keys
+    # It creates folder and write a file with public key there
+    #
+    def update_keys
+      unless @key_url && @sat_token_url && @path_to_store_keys && @keys_expiration_time
+        raise "Config is incorrect."
+      end
+      kid = get_kid
+      unless kid
+        raise "Key ID is not present"
+      end
+      key_name = kid + '.pub'
+      key = get_current_key
+      Dir.mkdir(@path_to_store_keys) unless File.exists?(@path_to_store_keys)
+      File.open("#{@path_to_store_keys}/#{key_name}", 'w') {|f| f.write(key)}
+      check_keys
+    end
+
+    private
+    #
+    # ==== Description
+    # This method makes get request that return encoded service access token and decode it
+    # ==== Return
+    # This method returns array of hashes with key id
+    #[{"jti"=>"<id>",
+    #  "iss"=>"...",
+    #  "sub"=>"...",
+    #  "iat"=>...,
+    #  "nbf"=>...,
+    #  "exp"=>...,
+    #  "version"=>"1.0",
+    #  "allowedResources"=>{"allowedDeviceIds"=>["*"], "allowedPartners"=>["*"], "allowedServiceAccountIds"=>["*"], "allowedUserIds"=>["*"]},
+    #  "capabilities"=>[],
+    #  "aud"=>[]},
+    # {"kid"=>"...", "alg"=>"RS256"}]
+    #
+    def get_kid
+      encoded_token = RestClient.get(@sat_token_url, @headers).body["serviceAccessToken"]
+      token = JWT.decode encoded_token, nil, false
+      token.last["kid"]
+    end
+    #
+    # ==== Description
+    # This method makes get request that return public key
+    # ==== Return
+    # This method returns public key
+    #
+    def get_current_key
+      RestClient.get(@key_url, @headers).body
+    end
+    #
+    # ==== Description
+    # This method checks existed public keys.
+    # It sorts all keys *.pub in defined path by created time (path_to_store_keys in config). If file's lifetime is bigger then keys_expiration_time from the config, method will delete it.
+    # If numbers_of_keys_to_keep parameter is present in config, method removes files until files.count will be equal numbers_of_keys_to_keep.
+    # ==== Return
+    # This method returns public key
+    #
+    def check_keys
+      files = Dir[@path_to_store_keys + "/*.pub"].sort_by {|file| File.ctime(file)}
+      files.each do |file|
+        File.delete(files.delete(file)) if (Time.now - File.ctime(file)) > @keys_expiration_time
+      end
+      if @numbers_of_keys_to_keep
+        until @numbers_of_keys_to_keep >= files.count do
+          File.delete(files.shift)
+        end
+      end
+    end
+  end
+end

data/lib/x1_sat_support/railtie.rb

@@ -0,0 +1,16 @@
+require 'x1-sat-support'
+require 'rails'
+
+module X1SatSupport
+  class Railtie < Rails::Railtie
+    railtie_name :x1_sat_support
+
+    rake_tasks do
+      load "tasks/x1_sat_support.rake"
+    end
+
+    generators do
+      require "generators/x1_sat_support/config/config_generator.rb"
+    end
+  end
+end

metadata

@@ -0,0 +1,122 @@
+--- !ruby/object:Gem::Specification
+name: x1-sat-support
+version: !ruby/object:Gem::Version
+  version: 0.0.2
+platform: ruby
+authors:
+- Pavel Kharchenko
+- Max Reznichenko
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2015-09-17 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: bundler
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.10'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.10'
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '10.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '10.0'
+- !ruby/object:Gem::Dependency
+  name: rspec
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: rest-client
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: jwt
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 1.5.1
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 1.5.1
+description: Gem fetches and stores public keys from X1 Sat service. Generator for
+  config and rake task are present
+email:
+- pkharchenko1990@gmail.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- README.md
+- lib/tasks/x1_sat_support.rake
+- lib/templates/x1_sat_support.yml
+- lib/x1-sat-support.rb
+- lib/x1_sat_support/client.rb
+- lib/x1_sat_support/railtie.rb
+homepage: http://rubygems.org/gems/x1-sat-support
+licenses:
+- MIT
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: 1.9.3
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 2.2.2
+signing_key: 
+specification_version: 4
+summary: Fetcher for x1 sat public keys
+test_files: []