From 165c21995a6d26304a42655555ec1a3c81d2a6ca Mon Sep 17 00:00:00 2001 From: mo khan Date: Wed, 12 Mar 2025 12:07:24 -0600 Subject: feat: generate users with bcrypt password digest --- bin/idp | 36 +++++++++++++++++++++++++++--------- 1 file changed, 27 insertions(+), 9 deletions(-) diff --git a/bin/idp b/bin/idp index f90dd28..9bc8a80 100755 --- a/bin/idp +++ b/bin/idp @@ -5,6 +5,7 @@ require "bundler/inline" gemfile do source "https://rubygems.org" + gem "bcrypt", "~> 3.1" gem "declarative_policy", "~> 1.0" gem "erb", "~> 4.0" gem "globalid", "~> 1.0" @@ -44,15 +45,29 @@ end module Authn class User + include ::BCrypt + class << self + def all + @all ||= 10.times.map do |n| + new( + id: SecureRandom.uuid, + username: "username#{n}", + email: "username#{n}@example.org", + password_digest: password_digest = ::BCrypt::Password.create("password#{n}") + ) + end + end + def find_by_username(username) - User.new(id: SecureRandom.uuid, username: username, email: "#{username}@example.com") + all.find do |user| + user[:username] == username + end end def find_by_credentials(params = {}) user = find_by_username(params["username"]) - return user if user.valid_password?(params["password"]) - + user&.valid_password?(params["password"]) ? user : nil end end @@ -60,27 +75,30 @@ module Authn @attributes = attributes end + def [](attribute) + @attributes.fetch(attribute.to_sym) + end + def name_id_for(name_id_format) if name_id_format == Saml::Kit::Namespaces::EMAIL_ADDRESS - @attributes[:email] + self[:email] else - @attributes[:id] + self[:id] end end def create_access_token - ::Authz::JWT.new(sub: @attributes[:id], iat: Time.now.to_i) + ::Authz::JWT.new(sub: self[:id], iat: Time.now.to_i) end def assertion_attributes_for(request) { - email: @attributes[:email], + email: self[:email], } end def valid_password?(entered_password) - # TODO:: BCrypt hash secure compare - true + ::BCrypt::Password.new(self[:password_digest]) == entered_password end end -- cgit v1.2.3