Module: CaveatEmptor

Defined in:

lib/caveat_emptor/macaroon.rb,
lib/caveat_emptor.rb,
lib/caveat_emptor/version.rb,
lib/caveat_emptor/protocol/v1.rb,
lib/caveat_emptor/serialization.rb

Overview

Main Macaroon entry point

There are three steps in accepting macaroons:

1. Validate -> Is this token structurally valid?

2. Verify -> Cryptographic authentication step

3. Authorize -> Do the caveats pass?

Defined Under Namespace

Modules: Protocol, Serialization Classes: Error, Macaroon

Constant Summary

KEY_SIZE =

32

VERSION =

"0.1.0"

Class Method Summary

• .attenuate(macaroon, caveat) ⇒ Object
• .generate_key(format: :raw) ⇒ Object
• .mint(root_key:, location:, id:) ⇒ Object
• .verify!(root_key, macaroon) ⇒ Object

Class Method Details

.attenuate(macaroon, caveat) ⇒ Object

# File 'lib/caveat_emptor.rb', line 29

def self.attenuate(macaroon, caveat)
  Protocol::V1.attenuate(macaroon, caveat)
end

.generate_key(format: :raw) ⇒ Object

# File 'lib/caveat_emptor.rb', line 14

def self.generate_key(format: :raw)
  bytes = SecureRandom.bytes(KEY_SIZE)

  case format
  when :raw then bytes
  when :hex then bytes.unpack1("H*")
  when :base64 then Base64.urlsafe_encode64(bytes, padding: false)
  else raise ArgumentError, "unknown format: #{format.inspect}"
  end
end

.mint(root_key:, location:, id:) ⇒ Object

# File 'lib/caveat_emptor.rb', line 25

def self.mint(root_key:, location:, id:)
  Protocol::V1.mint(root_key: root_key, location: location, id: id)
end

.verify!(root_key, macaroon) ⇒ Object

# File 'lib/caveat_emptor.rb', line 33

def self.verify!(root_key, macaroon)
  Protocol::V1.verify!(root_key, macaroon)
end