Class: OpenID::DiffieHelmanAssociator

Inherits:
Object
  • Object
show all
Includes:
OpenID
Defined in:
lib/openid/association.rb

Overview

A class for establishing associations with OpenID servers.

Constant Summary

Constants included from OpenID

DEFAULT_DH_GEN, DEFAULT_DH_MODULUS, SECRET_SIZES

Instance Method Summary collapse

Methods included from OpenID

#append_args, #error_page, #from_btwoc, #normalize_url, #parse_kv, #parse_link_attrs, #quote_minimal, #redirect, #response_page, #sign_reply, #url_encode

Constructor Details

#initialize(http_client) ⇒ DiffieHelmanAssociator

Returns a new instance of DiffieHelmanAssociator.



146
147
148
 
# File 'lib/openid/association.rb', line 146

def initialize(http_client)
	@http_client = http_client
end

Instance Method Details

#associate(server_url) ⇒ Object

Establishes an association with an OpenID server, indicated by server_url. Returns a ConsumerAssociation.



158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
 
# File 'lib/openid/association.rb', line 158

def associate(server_url)
	p, g = get_mod_gen()
	private_key = (1 + rand(p-2))
	dh_public = g.mod_exp(private_key, p)
	args = {
		'openid.mode' => 'associate',
		'openid.assoc_type' => 'HMAC-SHA1',
		'openid.session_type' => 'DH-SHA1',
		'openid.dh_modulus' => Base64.encode64(p.to_btwoc).delete("\n"),
		'openid.dh_gen' => Base64.encode64(g.to_btwoc).delete("\n"),
		'openid.dh_consumer_public' => Base64.encode64(dh_public.to_btwoc).delete("\n")
	}
	body = url_encode(args)
	url, data = @http_client.post(server_url, body)
	now = Time.now.utc
	# results are temporarily stored in an instance variable.
	# I'd like to restructure to avoid this.
	@results = parse_kv(data)
	
	assoc_type = get_result('assoc_type')
	if assoc_type != 'HMAC-SHA1'
		raise RuntimeError, "Unknown association type: #{assoc_type}", caller
	end
	
	assoc_handle = get_result('assoc_handle')
	issued = DateTime.strptime(get_result('issued')).to_time
	expiry = DateTime.strptime(get_result('expiry')).to_time
	
	delta = now - issued
	expiry = expiry + delta
	
	replace_after_s = @results['replace_after']
	if replace_after_s
		replace_after = DateTime.strptime(replace_after_s).to_time + delta
	else
		replace_after = nil
	end
	
	session_type = @results['session_type']
	if session_type
		if session_type != 'DH-SHA1'
			raise RuntimeError, "Unknown Session Type: #{session_type}", caller
		end
		dh_server_pub = from_btwoc(Base64.decode64(get_result('dh_server_public')))
		enc_mac_key = get_result('enc_mac_key')
		dh_shared = dh_server_pub.mod_exp(private_key, p)

		secret = Base64.decode64(enc_mac_key) ^ Digest::SHA1.digest(dh_shared.to_btwoc)
	else
		secret = get_result('mac_key')
	end
	@results = nil
	return ConsumerAssociation.new(server_url, assoc_handle, secret, expiry, replace_after)
end

#get_mod_genObject

Returns modulus and generator for Diffie-Helman. Override this for non-default values.



152
153
154
 
# File 'lib/openid/association.rb', line 152

def get_mod_gen()
	return DEFAULT_DH_MODULUS, DEFAULT_DH_GEN
end