Module: Riddl::Utils::OAuth2::Helper
- Defined in:
- lib/ruby/riddl/utils/oauth2-helper.rb
Defined Under Namespace
Modules: Tokens
Class Method Summary collapse
-
.access_payload(client_id, dur) ⇒ Object
}}}.
-
.decrypt_with_shared_secret(data, secret) ⇒ Object
}}}.
-
.encrypt_with_shared_secret(data, secret) ⇒ Object
}}}.
-
.generate_access_token(client_id, secret, dur) ⇒ Object
}}}.
-
.generate_optimistic_token(client_id, secret, adur, rdur) ⇒ Object
}}}.
-
.generate_refresh_token(client_id, secret, dur) ⇒ Object
}}}.
-
.header ⇒ Object
}}}.
-
.nonce ⇒ Object
}}}.
-
.refresh_payload(client_id, dur) ⇒ Object
}}}.
-
.sign(secret, what) ⇒ Object
}}}.
Class Method Details
.access_payload(client_id, dur) ⇒ Object
}}}
155 156 157 158 159 160 161 162 |
# File 'lib/ruby/riddl/utils/oauth2-helper.rb', line 155 def self::access_payload(client_id, dur) #{{{ { :iss => client_id, :sub => nonce, :aud => client_id, :exp => Time.now.to_i + dur }.to_json end |
.decrypt_with_shared_secret(data, secret) ⇒ Object
}}}
197 198 199 200 201 202 203 204 205 206 207 208 |
# File 'lib/ruby/riddl/utils/oauth2-helper.rb', line 197 def self::decrypt_with_shared_secret(data, secret) #{{{ # extract initialization vector from encrypted data for further shenanigans iv, encr = data[0...16], data[16..-1] decipher = OpenSSL::Cipher::Cipher.new 'aes-256-cbc' decipher.decrypt decipher.key = Digest::SHA256.hexdigest secret decipher.iv = iv decipher.update(encr) + decipher.final rescue nil end |
.encrypt_with_shared_secret(data, secret) ⇒ Object
}}}
209 210 211 212 213 214 215 216 217 218 219 |
# File 'lib/ruby/riddl/utils/oauth2-helper.rb', line 209 def self::encrypt_with_shared_secret(data, secret) #{{{ cipher = OpenSSL::Cipher::Cipher.new 'aes-256-cbc' cipher.encrypt key = Digest::SHA256.hexdigest secret iv = cipher.random_iv cipher.key = key cipher.iv = iv Base64::urlsafe_encode64(iv + cipher.update(data) + cipher.final) rescue nil end |
.generate_access_token(client_id, secret, dur) ⇒ Object
}}}
180 181 182 183 184 185 |
# File 'lib/ruby/riddl/utils/oauth2-helper.rb', line 180 def self::generate_access_token(client_id, secret, dur)# {{{ h = Base64::urlsafe_encode64 header p = Base64::urlsafe_encode64 access_payload(client_id,dur) s = sign(secret, "#{h}.#{p}") "#{h}.#{p}.#{s}" end |
.generate_optimistic_token(client_id, secret, adur, rdur) ⇒ Object
}}}
191 192 193 194 195 |
# File 'lib/ruby/riddl/utils/oauth2-helper.rb', line 191 def self::generate_optimistic_token(client_id, secret, adur, rdur) #{{{ t = generate_access_token(client_id, secret, adur) r = generate_refresh_token(client_id, secret, rdur) [t, r] end |
.generate_refresh_token(client_id, secret, dur) ⇒ Object
}}}
186 187 188 189 190 |
# File 'lib/ruby/riddl/utils/oauth2-helper.rb', line 186 def self::generate_refresh_token(client_id, secret, dur) # {{{ p = Base64::urlsafe_encode64 refresh_payload(client_id,dur) s = sign(secret, p) "#{p}.#{s}" end |
.header ⇒ Object
}}}
148 149 150 151 152 153 |
# File 'lib/ruby/riddl/utils/oauth2-helper.rb', line 148 def self::header #{{{ { :alg => 'HS256', :typ => 'JWT' }.to_json end |
.nonce ⇒ Object
}}}
172 173 174 |
# File 'lib/ruby/riddl/utils/oauth2-helper.rb', line 172 def self::nonce #{{{ SecureRandom::hex(32) end |
.refresh_payload(client_id, dur) ⇒ Object
}}}
164 165 166 167 168 169 170 |
# File 'lib/ruby/riddl/utils/oauth2-helper.rb', line 164 def self::refresh_payload(client_id, dur) #{{{ { :iss => client_id, :sub => nonce, :exp => Time.now.to_i + dur }.to_json end |
.sign(secret, what) ⇒ Object
}}}
176 177 178 |
# File 'lib/ruby/riddl/utils/oauth2-helper.rb', line 176 def self::sign(secret, what) #{{{ Base64::urlsafe_encode64 OpenSSL::HMAC.digest(OpenSSL::Digest.new('sha256'), secret, what) end |