File tree 3 files changed +23
-3
lines changed
3 files changed +23
-3
lines changed Original file line number Diff line number Diff line change @@ -86,6 +86,12 @@ def confirm_auth_server(me, authorization_endpoint)
86
86
end
87
87
end
88
88
89
+ def self . generate_code_challenge ( code_verifier )
90
+ Base64 . urlsafe_encode64 (
91
+ Digest ::SHA256 . digest ( code_verifier )
92
+ ) . gsub ( /=/ , '' )
93
+ end
94
+
89
95
def self . valid_uri? ( u )
90
96
begin
91
97
uri = URI . parse ( u )
Original file line number Diff line number Diff line change @@ -72,9 +72,7 @@ class Server < Sinatra::Application
72
72
session [ :me ] = params [ :me ]
73
73
# code challenge from code verified
74
74
session [ :code_verifier ] = SecureRandom . alphanumeric ( 100 )
75
- code_challenge = Base64 . urlsafe_encode64 (
76
- Digest ::SHA256 . hexdigest ( session [ :code_verifier ] )
77
- ) . gsub ( /=/ , '' ) # removes `=`s from base64 string
75
+ code_challenge = Auth . generate_code_challenge ( session [ :code_verifier ] )
78
76
# redirect to auth endpoint
79
77
query = URI . encode_www_form ( {
80
78
me : session [ :me ] ,
Original file line number Diff line number Diff line change 1
1
describe Micropublish ::Auth do
2
+
3
+ before do
4
+ # from https://tools.ietf.org/html/rfc7636#appendix-A
5
+ @code_verifier = "dBjftJeZ4CVP-mB92K27uhbUJU1p1r_wW1gFWFOEjXk"
6
+ @expected_code_challenge = "E9Melhoa2OwvFrEMTJguCHaoeK1t8URWbuGJSstw-cM"
7
+ end
8
+
9
+ context "given a random string as a code verifier" do
10
+ describe "#generate_code_challenge" do
11
+ it "should generate a code challenge in the expected format" do
12
+ code_challenge = Micropublish ::Auth . generate_code_challenge ( @code_verifier )
13
+ expect ( code_challenge ) . to eql ( @expected_code_challenge )
14
+ end
15
+ end
16
+ end
17
+
2
18
end
You can’t perform that action at this time.
0 commit comments