Add 'sign_token'
This commit is contained in:
parent
5dc45c35e6
commit
aad0f90a9d
2 changed files with 43 additions and 0 deletions
|
@ -1,4 +1,5 @@
|
||||||
require "kemal"
|
require "kemal"
|
||||||
|
require "openssl/hmac"
|
||||||
require "pg"
|
require "pg"
|
||||||
require "spec"
|
require "spec"
|
||||||
require "yaml"
|
require "yaml"
|
||||||
|
@ -81,4 +82,27 @@ describe "Helpers" do
|
||||||
produce_comment_reply_continuation("_cE8xSu6swE", "UC1AZY74-dGVPe6bfxFwwEMg", "UgyBUaRGHB9Jmt1dsUZ4AaABAg").should eq("EiYSC19jRTh4U3U2c3dFwAEByAEB4AEBogINKP___________wFAABgGMk0aSxIaVWd5QlVhUkdIQjlKbXQxZHNVWjRBYUFCQWciAggAKhhVQzFBWlk3NC1kR1ZQZTZiZnhGd3dFTWcyC19jRTh4U3U2c3dFQAFICg%3D%3D")
|
produce_comment_reply_continuation("_cE8xSu6swE", "UC1AZY74-dGVPe6bfxFwwEMg", "UgyBUaRGHB9Jmt1dsUZ4AaABAg").should eq("EiYSC19jRTh4U3U2c3dFwAEByAEB4AEBogINKP___________wFAABgGMk0aSxIaVWd5QlVhUkdIQjlKbXQxZHNVWjRBYUFCQWciAggAKhhVQzFBWlk3NC1kR1ZQZTZiZnhGd3dFTWcyC19jRTh4U3U2c3dFQAFICg%3D%3D")
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
|
describe "#sign_token" do
|
||||||
|
it "correctly signs a given hash" do
|
||||||
|
token = {
|
||||||
|
"session" => "v1:AAAAAAAAAAAAAAAAAAAAAAAAAAAAAA",
|
||||||
|
"expires" => 1554680038,
|
||||||
|
"scopes" => [
|
||||||
|
":notifications",
|
||||||
|
":subscriptions/*",
|
||||||
|
"GET:tokens*",
|
||||||
|
],
|
||||||
|
"signature" => "f//2hS20th8pALF305PJFK+D2aVtvefNnQheILHD2vU=",
|
||||||
|
}
|
||||||
|
sign_token("SECRET_KEY", token).should eq(token["signature"])
|
||||||
|
|
||||||
|
token = {
|
||||||
|
"session" => "v1:AAAAAAAAAAAAAAAAAAAAAAAAAAAAAA",
|
||||||
|
"scopes" => [":notifications", "POST:subscriptions/*"],
|
||||||
|
"signature" => "fNvXoT0MRAL9eE6lTE33CEg8HitYJDOL9a22rSN2Ihg=",
|
||||||
|
}
|
||||||
|
sign_token("SECRET_KEY", token).should eq(token["signature"])
|
||||||
|
end
|
||||||
|
end
|
||||||
end
|
end
|
||||||
|
|
|
@ -211,6 +211,25 @@ def create_response(user_id, operation, key, db, expire = 6.hours)
|
||||||
return challenge, token
|
return challenge, token
|
||||||
end
|
end
|
||||||
|
|
||||||
|
def sign_token(key, hash)
|
||||||
|
string_to_sign = [] of String
|
||||||
|
hash.each do |key, value|
|
||||||
|
if key == "signature"
|
||||||
|
next
|
||||||
|
end
|
||||||
|
|
||||||
|
case value
|
||||||
|
when Array
|
||||||
|
string_to_sign << "#{key}=#{value.sort.join(",")}"
|
||||||
|
else
|
||||||
|
string_to_sign << "#{key}=#{value}"
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
string_to_sign = string_to_sign.sort.join("\n")
|
||||||
|
return Base64.encode(OpenSSL::HMAC.digest(:sha256, key, string_to_sign)).strip
|
||||||
|
end
|
||||||
|
|
||||||
def validate_response(challenge, token, user_id, operation, key, db, locale)
|
def validate_response(challenge, token, user_id, operation, key, db, locale)
|
||||||
if !challenge
|
if !challenge
|
||||||
raise translate(locale, "Hidden field \"challenge\" is a required field")
|
raise translate(locale, "Hidden field \"challenge\" is a required field")
|
||||||
|
|
Loading…
Reference in a new issue