Class: PasswordPing::PasswordPing
- Inherits:
-
Object
- Object
- PasswordPing::PasswordPing
- Defined in:
- lib/passwordping.rb
Overview
This is the main entry point for accessing PasswordPing.
Create this class with your API Key and Secret and then call the desired methods on the class to access the PasswordPing API.
Instance Method Summary collapse
- #check_credentials(username, password) ⇒ Object
- #check_password(password) ⇒ Object
- #get_exposure_details(exposure_id) ⇒ Object
- #get_exposures_for_user(username) ⇒ Object
-
#initialize(options = {}) ⇒ PasswordPing
constructor
A new instance of PasswordPing.
Constructor Details
#initialize(options = {}) ⇒ PasswordPing
Returns a new instance of PasswordPing.
17 18 19 20 21 22 23 24 |
# File 'lib/passwordping.rb', line 17 def initialize( = {}) @apiKey = [:apiKey] || ''; raise PasswordPingFail, "No API key provided" if @apiKey == '' @secret = [:secret] || ''; raise PasswordPingFail, "No Secret provided" if @secret == '' @baseURL = [:baseURL] || "https://api.passwordping.com/v1" @authString = calc_auth_string(@apiKey, @secret) end |
Instance Method Details
#check_credentials(username, password) ⇒ Object
26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 |
# File 'lib/passwordping.rb', line 26 def check_credentials(username, password) raise PasswordPingFail, "API key/Secret not set" if !@authString || @authString == '' response = make_rest_call(@baseURL + Constants::ACCOUNTS_API_PATH + "?username=" + Hashing.sha256(username), "GET", nil) if (response == "404") return false end account_response = JSON.parse(response) hashes_required = account_response["passwordHashesRequired"] bcrypt_count = 0 query_string = "" for i in 0..hashes_required.length - 1 do hash_spec = hashes_required[i] # bcrypt gets far too expensive for good response time if there are many of them to calculate. # some mostly garbage accounts have accumulated a number of them in our DB and if we happen to hit one it # kills performance, so short circuit out after at most 2 BCrypt hashes if (hash_spec["hashType"] != PasswordType::BCrypt || bcrypt_count <= 2) if (hash_spec["hashType"] == PasswordType::BCrypt) bcrypt_count = bcrypt_count + 1 end if (hash_spec["hashType"] != nil) credential_hash = calc_credential_hash(username, password, account_response["salt"], hash_spec); if (credential_hash != nil) if (query_string.length == 0) query_string = query_string + "?hashes=" + CGI.escape(credential_hash); else query_string = query_string + "&hashes=" + CGI.escape(credential_hash); end end end end end if (query_string.length > 0) creds_response = make_rest_call( @baseURL + Constants::CREDENTIALS_API_PATH + query_string, "GET", nil) return creds_response != "404" end return false end |
#check_password(password) ⇒ Object
75 76 77 78 79 80 81 82 83 84 |
# File 'lib/passwordping.rb', line 75 def check_password(password) response = make_rest_call( @baseURL + Constants::PASSWORDS_API_PATH + "?md5=" + Hashing.md5(password) + "&sha1=" + Hashing.sha1(password) + "&sha256=" + Hashing.sha256(password), "GET", nil) return response != "404" end |
#get_exposure_details(exposure_id) ⇒ Object
99 100 101 102 103 104 105 106 107 108 109 |
# File 'lib/passwordping.rb', line 99 def get_exposure_details(exposure_id) response = make_rest_call(@baseURL + Constants::EXPOSURES_API_PATH + "?id=" + CGI.escape(exposure_id), "GET", nil) if (response != "404") # deserialize response return JSON.parse(response, object_class: OpenStruct) else return nil end end |
#get_exposures_for_user(username) ⇒ Object
86 87 88 89 90 91 92 93 94 95 96 97 |
# File 'lib/passwordping.rb', line 86 def get_exposures_for_user(username) response = make_rest_call(@baseURL + Constants::EXPOSURES_API_PATH + "?username=" + Hashing.sha256(username), "GET", nil) if (response == "404") # don't have this email in the DB - return empty response return JSON.parse('{ "count": 0, "exposures": [] }', object_class: OpenStruct) else # deserialize response return JSON.parse(response, object_class: OpenStruct) end end |