This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
require 'openssl' | |
expired = <<-CERT | |
-----BEGIN CERTIFICATE----- | |
MIIDdTCCAl2gAwIBAgILAgAAAAAA1ni3lAUwDQYJKoZIhvcNAQEEBQAwVzELMAkG | |
A1UEBhMCQkUxGTAXBgNVBAoTEEdsb2JhbFNpZ24gbnYtc2ExEDAOBgNVBAsTB1Jv | |
b3QgQ0ExGzAZBgNVBAMTEkdsb2JhbFNpZ24gUm9vdCBDQTAeFw05ODA5MDExMjAw | |
MDBaFw0xNDAxMjgxMjAwMDBaMFcxCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9i | |
YWxTaWduIG52LXNhMRAwDgYDVQQLEwdSb290IENBMRswGQYDVQQDExJHbG9iYWxT | |
aWduIFJvb3QgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDaDuaZ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
nov-matake@nov ~$ curl https://userinfo.yahooapis.jp | |
curl: (60) SSL certificate problem, verify that the CA cert is OK. Details: | |
error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed | |
More details here: http://curl.haxx.se/docs/sslcerts.html | |
curl performs SSL certificate verification by default, using a "bundle" | |
of Certificate Authority (CA) public keys (CA certs). The default | |
bundle is named curl-ca-bundle.crt; you can specify an alternate file | |
using the --cacert option. | |
If this HTTPS server uses a certificate signed by a CA represented in |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
nov.matake@tovl ~$ openssl s_client -connect userinfo.yahooapis.jp:443 -showcerts | |
CONNECTED(00000003) | |
depth=1 C = BE, O = GlobalSign nv-sa, CN = GlobalSign Organization Validation CA - G2 | |
verify error:num=20:unable to get local issuer certificate | |
verify return:0 | |
--- | |
Certificate chain | |
0 s:/C=JP/ST=Tokyo/L=Minato-Ku/O=Yahoo Japan Corporation/CN=*.yahooapis.jp | |
i:/C=BE/O=GlobalSign nv-sa/CN=GlobalSign Organization Validation CA - G2 | |
-----BEGIN CERTIFICATE----- |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
require 'openssl' | |
root_cert = <<-CERT | |
-----BEGIN CERTIFICATE----- | |
MIIDdTCCAl2gAwIBAgILAgAAAAAA1ni3lAUwDQYJKoZIhvcNAQEEBQAwVzELMAkG | |
A1UEBhMCQkUxGTAXBgNVBAoTEEdsb2JhbFNpZ24gbnYtc2ExEDAOBgNVBAsTB1Jv | |
b3QgQ0ExGzAZBgNVBAMTEkdsb2JhbFNpZ24gUm9vdCBDQTAeFw05ODA5MDExMjAw | |
MDBaFw0xNDAxMjgxMjAwMDBaMFcxCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9i | |
YWxTaWduIG52LXNhMRAwDgYDVQQLEwdSb290IENBMRswGQYDVQQDExJHbG9iYWxT | |
aWduIFJvb3QgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDaDuaZ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
if (!crypto.subtle) { | |
crypto.subtle = crypto.webkitSubtle | |
} | |
// Encrypt some data using AES-CBC and alert() the result: | |
// ---------------------------------------- | |
var keyBytes1 = asciiToArrayBufferView("raw key bytes 1."); | |
crypto.subtle.importKey('raw', keyBytes1, {name: 'aes-cbc'}, false, ['encrypt', 'decrypt']).then(function(key) { | |
// Initialization vector of all zeros. | |
var iv = asciiToArrayBufferView("16 bytes of iv.."); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
nov.matake@tovl ~$ curl -I https://www.iknow.jp/open_ids | |
HTTP/1.1 302 Moved Temporarily | |
Content-length: 160 | |
Content-Type: text/html | |
Date: Thu, 08 May 2014 03:53:33 GMT | |
Location: https://iknow.jp/open_ids | |
Server: nginx/1.4.4 | |
X-Frame-Options: SAMEORIGIN | |
Connection: keep-alive |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
nov.matake@tovl ~$ curl https://iknow.jp/discovery.xrds | |
<?xml version="1.0" encoding="UTF-8"?> | |
<xrds:XRDS xmlns:xrds="xri://$xrds" xmlns:openid="http://openid.net/xmlns/1.0" xmlns="xri://$xrd*($v*2.0)"> | |
<XRD> | |
<Service priority="0"> | |
<Type>http://specs.openid.net/auth/2.0/return_to</Type> | |
<URI>https://iknow.jp/open_ids?_method=GET</URI> | |
</Service> | |
<Service priority="10"> | |
<Type>http://specs.openid.net/extensions/ui/icon</Type> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
nov.matake@tovl ~$ curl -I https://iknow.jp/open_ids | |
HTTP/1.1 200 OK | |
Cache-Control: max-age=0, private, must-revalidate | |
Content-length: 248 | |
Content-Type: text/html; charset=utf-8 | |
Date: Thu, 08 May 2014 03:00:19 GMT | |
ETag: "d7f555eab7c746d1f7d362f1188832cc" | |
P3P: CP="CAO CURa ADMa DEVa TAIa IVAa HISa OUR BUS UNI NAV INT" | |
Server: nginx/1.4.4 | |
Set-Cookie: csid=cffb1060b88a013140000a18ce984607; path=/; expires=Sun, 08-Jun-2014 03:00:19 GMT |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
require 'openid_connect' | |
private_key = OpenSSL::PKey::RSA.generate(2048) | |
client = Rack::OAuth2::Client.new( | |
identifier: 'client.example.com', | |
host: 'server.example.com', | |
redirect_uri: 'myapp://callback' | |
) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
require 'openid_connect' | |
private_key = SecureStorage.device_key_pair | |
client = Rack::OAuth2::Client.new( | |
identifier: 'client.example.com', | |
host: 'server.example.com', | |
redirect_uri: 'myapp://callback' | |
) |
OlderNewer