Module: Slosilo

Defined in:
lib/slosilo/version.rb,
lib/slosilo/jwt.rb,
lib/slosilo/key.rb,
lib/slosilo/errors.rb,
lib/slosilo/random.rb,
lib/slosilo/keystore.rb,
lib/slosilo/symmetric.rb,
lib/slosilo/attr_encrypted.rb,
lib/slosilo/adapters/file_adapter.rb,
lib/slosilo/adapters/mock_adapter.rb,
lib/slosilo/adapters/memory_adapter.rb,
lib/slosilo/adapters/sequel_adapter.rb,
lib/slosilo/adapters/abstract_adapter.rb,
lib/slosilo/adapters/sequel_adapter/migration.rb

Overview

Copyright 2013-2021 Conjur Inc.

Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the “Software”), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:

The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.

THE SOFTWARE IS PROVIDED “AS IS”, WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

Defined Under Namespace

Modules: Adapters, EncryptedAttributes, Extension, Random Classes: Error, JWT, Key, Keystore, Symmetric

Constant Summary collapse

VERSION = 
File.read(File.expand_path('../../VERSION', __dir__))

Class Attribute Summary collapse

Class Method Summary collapse

Class Attribute Details

.adapterObject

Returns the value of attribute adapter.



82
83
84
 
# File 'lib/slosilo/keystore.rb', line 82

def adapter
  @adapter
end

.encryption_keyObject 



79
80
81
 
# File 'lib/slosilo/attr_encrypted.rb', line 79

def encryption_key
  @encryption_key
end

Class Method Details

.[](id) ⇒ Object 



46
47
48
 
# File 'lib/slosilo/keystore.rb', line 46

def [] id
  keystore.get id
end

.[]=(id, value) ⇒ Object 



42
43
44
 
# File 'lib/slosilo/keystore.rb', line 42

def []= id, value
  keystore.put id, value
end

.each(&block) ⇒ Object 



50
51
52
 
# File 'lib/slosilo/keystore.rb', line 50

def each(&block)
  keystore.each(&block)
end

.JWT(raw) ⇒ Object

Try to convert by detecting token representation and parsing



111
112
113
114
115
116
117
118
119
120
121
 
# File 'lib/slosilo/jwt.rb', line 111

def self.JWT raw
  if raw.is_a? JWT
    raw
  elsif raw.respond_to?(:to_h) || raw =~ /\A\s*\{/
    JWT.parse_json raw
  else
    JWT.parse_compact raw
  end
rescue
  raise ArgumentError, "invalid value for JWT(): #{raw.inspect}"
end

.sign(object) ⇒ Object 



54
55
56
 
# File 'lib/slosilo/keystore.rb', line 54

def sign object
  self[:own].sign object
end

.token_signer(token) ⇒ Object

Looks up the signer by public key fingerprint and checks the validity of the signature. If the token is JWT, exp and/or iat claims are also verified; the caller is responsible for validating any other claims.



65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
 
# File 'lib/slosilo/keystore.rb', line 65

def token_signer token
  begin
    # see if maybe it's a JWT
    token = JWT token
    fingerprint = token.header['kid']
  rescue ArgumentError
    fingerprint = token['key']
  end

  key, id = keystore.get_by_fingerprint fingerprint
  if key && key.token_valid?(token)
    return id
  else
    return nil
  end
end

.token_valid?(token) ⇒ Boolean

Returns:

  • (Boolean) 


58
59
60
 
# File 'lib/slosilo/keystore.rb', line 58

def token_valid? token
  keystore.any? { |k| k.token_valid? token }
end