Skip to content

Instantly share code, notes, and snippets.

Nov Matake nov

Block or report user

Report or block nov

Hide content and notifications from this user.

Learn more about blocking users

Contact Support about this user’s behavior.

Learn more about reporting abuse

Report abuse
View GitHub Profile
View signin_with_apple.rb
require 'apple_id'
# NOTE: in debugging mode, you can see all HTTPS request & response in the log.
# AppleID.debug!
pem = <<-PEM
-----BEGIN PRIVATE KEY-----
:
:
-----END PRIVATE KEY-----
@nov
nov / mtls-policy.xml
Last active Oct 22, 2018
Azure API Management Policy for MTLS
View mtls-policy.xml
<policies>
<inbound>
<base />
<!-- TODO: limit by client_id, not token itself -->
<rate-limit-by-key calls="30" renewal-period="10" counter-key="@(context.Request.Headers.GetValueOrDefault("Authorization",""))" />
<choose>
<when condition="@(context.Request.Certificate != null && context.Request.Certificate.NotAfter > DateTime.Now)">
<set-header name="Client-Certificate" exists-action="override">
<value>@(context.Request.Certificate.GetRawCertDataString())</value>
</set-header>
@nov
nov / iGov_client.rb
Last active Feb 21, 2018
Rack::OAuth2 (& OpenIDConnect) gem's iGov profile support concept code
View iGov_client.rb
# NOTE:
# * rack-oauth gem v1.8.2+ is required. (openid_connect gem is largelly developed on top of the rack-oauth2 gem)
# * this feature isn't tested well yet.
# * you can replace `OpenIDConnect` with `Rack::OAuth2` if you don't need ID Token & UserInfo API support.
require 'openid_connect'
OpenIDConnect.debug!
pem = <<-PEM
@nov
nov / saml2_unavailable_gakunin_sps.rb
Last active Jan 19, 2018
SAML2 Unavailable Gakunin SPs
View saml2_unavailable_gakunin_sps.rb
require 'saml'
require 'open-uri'
idps_and_sps = Saml::Elements::EntityDescriptor.parse(
open('https://metadata.gakunin.nii.ac.jp/gakunin-metadata.xml?generation=2')
)
sps = idps_and_sps.select do |idp_or_sp|
idp_or_sp.sp_sso_descriptor.present?
end
@nov
nov / line_login.rb
Last active Nov 24, 2017
LINE ID Login
View line_login.rb
require 'openid_connect'
OpenIDConnect.debug!
config = {
client_id: 'YOUR-CHANNEL-ID',
client_secret: 'YOUR-CHANNEL-SECRET'
}
client = OpenIDConnect::Client.new(
View gist:e48cdcc785fa480b0c05be102839f194
Desktop$ curl -i https://auth.login.yahoo.co.jp/yconnect/v2/.well-known/openid-configuration | od -c
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 1485 100 1485 0 0 5671 0 --:--:-- --:--:-- --:--:-- 5689
0000000 H T T P / 1 . 1 2 0 0 O K \r
0000020 \n D a t e : W e d , 1 7 M
0000040 a y 2 0 1 7 0 5 : 2 8 : 2 5
0000060 G M T \r \n P 3 P : p o l i c
0000100 y r e f = " h t t p : / / p r i
0000120 v a c y . y a h o o . c o . j p
View yconnect_discovery.rb
require 'openid_connect'
# NOTE: Webfinger
OpenIDConnect::Discovery::Provider.discover! 'https://auth.login.yahoo.co.jp'
# => raise OpenIDConnect::Discovery::DiscoveryFailed exception saying "Not Found"
# NOTE: OIDC OP Config (v2)
OpenIDConnect::Discovery::Provider::Config.discover! 'https://auth.login.yahoo.co.jp/yconnect/v2'
# => success
View azure_ad_b2c.rb
require 'openid_connect'
require 'readline'
OpenIDConnect.debug!
def scopes_for(rs_alias)
['common', rs_alias].collect do |scope|
File.join 'https://sts4b2c.onmicrosoft.com/', rs_alias, scope
end
end
View azure_ad_b2c_without_credentials.rb
require 'openid_connect'
require 'readline'
OpenIDConnect.debug!
tenant_domain_prefix = '<YOUR-TENANT-DOMAIN-PREFIX>'
tenant_uuid = '<YOUR-TENANT-UUID>'
client_id = '<YOUR-CLIENT-ID>'
client_secret = '<YOUR-CLIENT-SECRET>'
redirect_uri = '<YOUR-REDIRECT-URI>'
View SalesForce_SCIM_Client.rb
require 'rack/oauth2'
Rack::OAuth2.debug!
client = Rack::OAuth2::Client.new(
identifier: '<YOUR-CLIENT-ID>',
secret: '<YOUR-CLIENT-SECRET>',
authorization_endpoint: 'https://login.salesforce.com/services/oauth2/authorize',
token_endpoint: 'https://login.salesforce.com/services/oauth2/token',
redirect_uri: '<YOUR-CALLBACK-URL>'
You can’t perform that action at this time.