Module: Riddl::Utils::OAuth2::Helper
- Defined in:
- lib/ruby/riddl/utils/oauth2-helper.rb
Defined Under Namespace
Classes: Tokens
Class Method Summary collapse
-
.decrypt_with_shared_secret(data, secret) ⇒ Object
}}}.
-
.encrypt_with_shared_secret(data, secret) ⇒ Object
}}}.
-
.generate_optimistic_token(client_id, secret) ⇒ Object
}}}.
-
.header ⇒ Object
}}}.
-
.make_access_token(client_id, secret) ⇒ Object
}}}.
-
.make_refresh_token(client_id, secret) ⇒ Object
}}}.
-
.nonce ⇒ Object
}}}.
-
.payload(client_id) ⇒ Object
{{{.
-
.sign(secret, what) ⇒ Object
}}}.
Class Method Details
.decrypt_with_shared_secret(data, secret) ⇒ Object
}}}
110 111 112 113 114 115 116 117 118 119 120 121 |
# File 'lib/ruby/riddl/utils/oauth2-helper.rb', line 110 def self::decrypt_with_shared_secret(data, secret) #{{{ # extract initialization vector from encrypted data for further shenanigans iv, encr = data[0...16], data[16..-1] decipher = OpenSSL::Cipher::Cipher.new 'aes-256-cbc' decipher.decrypt decipher.key = Digest::SHA256.hexdigest secret decipher.iv = iv decipher.update(encr) + decipher.final rescue nil end |
.encrypt_with_shared_secret(data, secret) ⇒ Object
}}}
122 123 124 125 126 127 128 129 130 131 132 |
# File 'lib/ruby/riddl/utils/oauth2-helper.rb', line 122 def self::encrypt_with_shared_secret(data, secret) #{{{ cipher = OpenSSL::Cipher::Cipher.new 'aes-256-cbc' cipher.encrypt key = Digest::SHA256.hexdigest secret iv = cipher.random_iv cipher.key = key cipher.iv = iv Base64::urlsafe_encode64(iv + cipher.update(data) + cipher.final) rescue nil end |
.generate_optimistic_token(client_id, secret) ⇒ Object
}}}
104 105 106 107 108 |
# File 'lib/ruby/riddl/utils/oauth2-helper.rb', line 104 def self::generate_optimistic_token(client_id, secret) #{{{ t = make_access_token(client_id, secret) r = make_refresh_token(client_id, secret) [t, r] end |
.header ⇒ Object
}}}
66 67 68 69 70 71 |
# File 'lib/ruby/riddl/utils/oauth2-helper.rb', line 66 def self::header #{{{ { :alg => 'HS256', :typ => 'JWT' }.to_json end |
.make_access_token(client_id, secret) ⇒ Object
}}}
90 91 92 93 94 95 |
# File 'lib/ruby/riddl/utils/oauth2-helper.rb', line 90 def self::make_access_token(client_id, secret)# {{{ h = Base64::urlsafe_encode64 header p = Base64::urlsafe_encode64 payload(client_id) s = sign(secret, "#{h}.#{p}") "#{h}.#{p}.#{s}" end |
.make_refresh_token(client_id, secret) ⇒ Object
}}}
96 97 98 99 100 101 102 103 |
# File 'lib/ruby/riddl/utils/oauth2-helper.rb', line 96 def self::make_refresh_token(client_id, secret) # {{{ token = Base64::urlsafe_encode64({ :iss => client_id, :sub => nonce, :exp => Time.now.to_i + 7.884e6 }.to_json) "#{token}.#{sign(secret,token)}" end |
.nonce ⇒ Object
}}}
73 74 75 |
# File 'lib/ruby/riddl/utils/oauth2-helper.rb', line 73 def self::nonce SecureRandom::hex(32) end |
.payload(client_id) ⇒ Object
{{{
77 78 79 80 81 82 83 84 |
# File 'lib/ruby/riddl/utils/oauth2-helper.rb', line 77 def self::payload(client_id) #{{{ { :iss => client_id, :sub => nonce, :aud => client_id, :exp => Time.now.to_i + 3600 }.to_json end |
.sign(secret, what) ⇒ Object
}}}
86 87 88 |
# File 'lib/ruby/riddl/utils/oauth2-helper.rb', line 86 def self::sign(secret, what) #{{{ Base64::urlsafe_encode64 OpenSSL::HMAC.digest(OpenSSL::Digest.new('sha256'), secret, what) end |