class SoarAuthenticationToken::ConfigRotator

Attributes

maximum_number_of_public_keys[RW]

Public Class Methods

new() click to toggle source
# File lib/soar_authentication_token/config_rotator.rb, line 7
def initialize
  @maximum_number_of_public_keys = 3
end

Public Instance Methods

configurations_match_and_valid?(generator_config:,validator_config:) click to toggle source
# File lib/soar_authentication_token/config_rotator.rb, line 51
def configurations_match_and_valid?(generator_config:,validator_config:)
  validate_generator_config(generator_config)
  validate_validator_config(validator_config)
  test_token = generate_test_token(generator_config)
  validate_test_token(validator_config,test_token)
end
rotate_configs(generator_config:, validator_config:) click to toggle source
# File lib/soar_authentication_token/config_rotator.rb, line 26
def rotate_configs(generator_config:, validator_config:)
  private_key, public_key = KeypairGenerator.new.generate
  key_description = generate_keypair_description
  updated_generator_config = rotate_generator_config(config: generator_config,new_private_key: private_key,new_key_description: key_description)
  updated_validator_config = rotate_validator_config(config: validator_config,new_public_key:  public_key, new_key_description: key_description)
  raise 'generated configuration does not match' unless configurations_match_and_valid?(generator_config: updated_generator_config,validator_config: updated_validator_config)
  [updated_generator_config, updated_validator_config]
end
rotate_generator_config(config: ,new_private_key: ,new_key_description:) click to toggle source
# File lib/soar_authentication_token/config_rotator.rb, line 35
def rotate_generator_config(config: ,new_private_key: ,new_key_description:)
  validate_generator_config(config)
  new_config = config.dup
  new_config['auth_token_generator']['private_key'] = new_private_key
  new_config['auth_token_generator']['key_description'] = new_key_description
  new_config
end
rotate_json_config_files(generator_file_name:, validator_file_name:) click to toggle source
# File lib/soar_authentication_token/config_rotator.rb, line 11
def rotate_json_config_files(generator_file_name:, validator_file_name:)
  generator_config = JSON.parse(File.read(generator_file_name))
  validator_config = JSON.parse(File.read(validator_file_name))
  generator_config, validator_config = rotate_configs(generator_config: generator_config,
                                                      validator_config: validator_config)
  File.open(generator_file_name,"w") do |f|
    f.write(JSON.pretty_generate generator_config)
    f.close
  end
  File.open(validator_file_name,"w") do |f|
    f.write(JSON.pretty_generate validator_config)
    f.close
  end
end
rotate_validator_config(config: ,new_public_key: ,new_key_description:) click to toggle source
# File lib/soar_authentication_token/config_rotator.rb, line 43
def rotate_validator_config(config: ,new_public_key: ,new_key_description:)
  validate_validator_config(config)
  new_config = config.dup
  trim_public_keys(new_config)
  new_config['auth_token_validator']['keys'][new_key_description] = { 'public_key' => new_public_key }
  new_config
end

Private Instance Methods

generate_keypair_description() click to toggle source
# File lib/soar_authentication_token/config_rotator.rb, line 68
def generate_keypair_description
  "KEYPAIR_#{Time.now.strftime("%Y%m%dT%H%M%S")}"
end
generate_test_token(generator_config) click to toggle source
# File lib/soar_authentication_token/config_rotator.rb, line 72
def generate_test_token(generator_config)
  generator = SoarAuthenticationToken::TokenGenerator.new(generator_config['auth_token_generator'])
  generator.inject_store_provider(DummyStorageClient.new)
  token, meta = generator.generate(authenticated_identifier: 'test')
  token
end
trim_public_keys(config) click to toggle source
# File lib/soar_authentication_token/config_rotator.rb, line 60
def trim_public_keys(config)
  traversed_keys = 0
  config['auth_token_validator']['keys'].sort.reverse_each do |key_name, key_data|
    traversed_keys += 1
    config['auth_token_validator']['keys'].delete(key_name) if traversed_keys >= @maximum_number_of_public_keys
  end
end
validate_generator_config(config) click to toggle source
# File lib/soar_authentication_token/config_rotator.rb, line 86
def validate_generator_config(config)
  raise ArgumentError, 'private_key not in config' unless config['auth_token_generator']['private_key']
end
validate_test_token(validator_config,test_token) click to toggle source
# File lib/soar_authentication_token/config_rotator.rb, line 79
def validate_test_token(validator_config,test_token)
  validator = SoarAuthenticationToken::TokenValidator.new(validator_config['auth_token_validator'])
  validator.inject_store_provider(DummyStorageClient.new)
  validity, meta, message = validator.validate(authentication_token: test_token)
  validity
end
validate_validator_config(config) click to toggle source
# File lib/soar_authentication_token/config_rotator.rb, line 90
def validate_validator_config(config)
  raise ArgumentError, 'keys not in config' unless config['auth_token_validator']['keys']
end