Module: LicenseKit

Defined in:

lib/licensekit/generated/clients.rb,
lib/licensekit/types.rb,
lib/licensekit/client.rb,
lib/licensekit/errors.rb,
lib/licensekit/scopes.rb,
lib/licensekit/version.rb,
lib/licensekit/verification.rb,
lib/licensekit/generated/metadata.rb,
lib/licensekit/generated/operation_scopes.rb

Overview

Generated by scripts/generate_from_openapi.rb. Do not edit manually.

Defined Under Namespace

Modules: Generated Classes: ApiError, BaseClient, DefaultTransport, ManagementClient, ManagementRawClient, PublicKeyStore, RawResponse, RequestOptions, RetryOptions, RuntimeClient, RuntimeRawClient, SystemClient, SystemRawClient, TransportError, TransportRequest, TransportResponse, VerificationResult

Constant Summary

MANAGEMENT_SCOPES =

Generated::MANAGEMENT_SCOPES

OPERATION_SCOPES =

Generated::OPERATION_SCOPES

VERSION =

"1.0.0".freeze

Class Method Summary

• .api_error?(value) ⇒ Boolean
• .find_public_key(keys, kid) ⇒ Object
• .get_required_scopes(operation_id) ⇒ Object
• .has_required_scopes(operation_id, scopes) ⇒ Object
• .normalize_base_url(base_url) ⇒ Object
• .parse_error_envelope(body) ⇒ Object
• .verify_runtime_payload(data, signature, keys) ⇒ Object
• .verify_runtime_result(result, keys) ⇒ Object

Class Method Details

.api_error?(value) ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/licensekit/errors.rb', line 32

def self.api_error?(value)
  value.is_a?(ApiError)
end

.find_public_key(keys, kid) ⇒ Object

# File 'lib/licensekit/verification.rb', line 51

def self.find_public_key(keys, kid)
  if keys.is_a?(PublicKeyStore)
    keys.get(kid)
  else
    Array(keys).find { |key| key["kid"] == kid }
  end
end

.get_required_scopes(operation_id) ⇒ Object

# File 'lib/licensekit/scopes.rb', line 5

def self.get_required_scopes(operation_id)
  entry = OPERATION_SCOPES.fetch(operation_id)
  entry[:scopes]
end

.has_required_scopes(operation_id, scopes) ⇒ Object

# File 'lib/licensekit/scopes.rb', line 10

def self.has_required_scopes(operation_id, scopes)
  granted = Array(scopes).map(&:to_s)
  return true if granted.include?("admin")

  get_required_scopes(operation_id).all? { |scope| granted.include?(scope) }
end

.normalize_base_url(base_url) ⇒ Object

Raises:

• (ArgumentError)

# File 'lib/licensekit/client.rb', line 11

def self.normalize_base_url(base_url)
  trimmed = base_url.to_s.strip
  raise ArgumentError, "base_url is required" if trimmed.empty?

  trimmed.sub(%r{/+\z}, "")
end

.parse_error_envelope(body) ⇒ Object

# File 'lib/licensekit/errors.rb', line 36

def self.parse_error_envelope(body)
  return nil unless body.is_a?(Hash)

  error = body["error"]
  return nil unless error.is_a?(Hash)
  return nil unless error["code"].is_a?(String) && error["message"].is_a?(String)

  result = {
    "error" => {
      "code" => error["code"],
      "message" => error["message"]
    }
  }

  result["error"]["detail"] = error["detail"] if error["detail"].is_a?(String)

  meta = body["meta"]
  if meta.is_a?(Hash) && meta["request_id"].is_a?(String) && meta["timestamp"].is_a?(String)
    result["meta"] = {
      "request_id" => meta["request_id"],
      "timestamp" => meta["timestamp"]
    }
  end

  result
end

.verify_runtime_payload(data, signature, keys) ⇒ Object

Raises:

• (TypeError)

# File 'lib/licensekit/verification.rb', line 59

def self.verify_runtime_payload(data, signature, keys)
  public_key = find_public_key(keys, signature.fetch("kid"))
  raise TypeError, "Unknown public key kid: #{signature.fetch('kid')}" if public_key.nil?

  if public_key.fetch("algorithm") != "Ed25519" || signature.fetch("alg") != "Ed25519"
    raise TypeError, "Unsupported signature algorithm: expected Ed25519, received key=#{public_key.fetch('algorithm')}, signature=#{signature.fetch('alg')}"
  end

  verify_key = keys.is_a?(PublicKeyStore) ? keys.verify_key(public_key.fetch("kid")) : Ed25519::VerifyKey.new(LicenseKit.send(:decode_base64, public_key.fetch("public_key")))
  payload = stable_json_bytes(data)
  signature_bytes = LicenseKit.send(:decode_base64, signature.fetch("value"))

  begin
    verify_key.verify(signature_bytes, payload)
    VerificationResult.new(ok: true, key: public_key)
  rescue Ed25519::VerifyError
    VerificationResult.new(ok: false, key: public_key)
  end
end

.verify_runtime_result(result, keys) ⇒ Object

# File 'lib/licensekit/verification.rb', line 79

def self.verify_runtime_result(result, keys)
  verify_runtime_payload(result.fetch("data"), result.fetch("signature"), keys)
end