Skip to content

Instantly share code, notes, and snippets.

Nov Matake nov

View GitHub Profile
@nov
nov / ENExposureConfiguration.json
Last active Jul 2, 2020
Covid-19Radar/Covid19Radar の ENExposureConfiguration (2020.06.21)
View ENExposureConfiguration.json
{
"MinimumRiskScore": 1,
"AttenuationWeight": 50,
"TransmissionWeight": 50,
"DurationWeight": 50,
"DaysSinceLastExposureWeight": 50,
"TransmissionRiskScores": [1, 2, 3, 4, 5, 6, 7, 8],
"AttenuationScores": [1, 2, 3, 4, 5, 6, 7, 8],
"DurationScores": [1, 2, 3, 4, 5, 6, 7, 8],
"DaysSinceLastExposureScores": [1, 2, 3, 4, 5, 6, 7, 8],
View Choice_of_DynReg_PKCE_DPoP.markdown

Choice of DynReg, PKCE and/or DPoP

Code Access Token Refresh Token Choice
Bearer Bearer Bearer Nothing to use
Bearer Bearer Sender-Constrained DPoP (in bearer access token mode)
Bearer Sender-Constrained Bearer Impossible
Bearer Sender-Constrained Sender-Constrained DPoP
Sender-Constrained Bearer Bearer PKCE only
Sender-Constrained Sender-Constrained Bearer Impossible
View signin_with_apple.rb
require 'apple_id'
# NOTE: in debugging mode, you can see all HTTPS request & response in the log.
# AppleID.debug!
pem = <<-PEM
-----BEGIN PRIVATE KEY-----
:
:
-----END PRIVATE KEY-----
View google_pkce_client.rb
require 'rack/oauth2'
Rack::OAuth2.debug!
client = Rack::OAuth2::Client.new(
identifier: 'YOUR_CLIENT_ID',
secret: 'YOUR_CLIENT_SECRET',
redirect_uri: 'YOUR_REDIRECT_URI',
authorization_endpoint: 'https://accounts.google.com/o/oauth2/v2/auth',
token_endpoint: 'https://oauth2.googleapis.com/token'
@nov
nov / token_request_sample.rb
Created Mar 23, 2011
Rack::OAuth2::Client Sample - Token Request
View token_request_sample.rb
require 'rubygems'
require 'rack/oauth2'
client = Rack::OAuth2::Client.new(
:identifier => YOUR_CLIENT_ID,
:secret => YOUR_CLIENT_SECRET,
:redirect_uri => YOUR_REDIRECT_URI, # only required for grant_type = :code
:host => 'rack-oauth2-sample.heroku.com'
)
@nov
nov / mtls-policy.xml
Last active Apr 20, 2020
Azure API Management Policy for MTLS
View mtls-policy.xml
<policies>
<inbound>
<base />
<!-- TODO: limit by client_id, not token itself -->
<rate-limit-by-key calls="30" renewal-period="10" counter-key="@(context.Request.Headers.GetValueOrDefault("Authorization",""))" />
<choose>
<when condition="@(context.Request.Certificate != null && context.Request.Certificate.NotAfter > DateTime.Now)">
<set-header name="Client-Certificate" exists-action="override">
<value>@(context.Request.Certificate.GetRawCertDataString())</value>
</set-header>
@nov
nov / authorization_request_sample.rb
Created Mar 9, 2011
Rack::OAuth2::Client Sample - Authorization Request
View authorization_request_sample.rb
require 'rubygems'
require 'rack/oauth2'
client = Rack::OAuth2::Client.new(
:identifier => YOUR_CLIENT_ID,
:secret => YOUR_CLIENT_SECRET,
:redirect_uri => YOUR_REDIRECT_URI, # only required for grant_type = :code
:host => 'rack-oauth2-sample.heroku.com'
)
@nov
nov / iGov_client.rb
Last active Feb 21, 2018
Rack::OAuth2 (& OpenIDConnect) gem's iGov profile support concept code
View iGov_client.rb
# NOTE:
# * rack-oauth gem v1.8.2+ is required. (openid_connect gem is largelly developed on top of the rack-oauth2 gem)
# * this feature isn't tested well yet.
# * you can replace `OpenIDConnect` with `Rack::OAuth2` if you don't need ID Token & UserInfo API support.
require 'openid_connect'
OpenIDConnect.debug!
pem = <<-PEM
@nov
nov / saml2_unavailable_gakunin_sps.rb
Last active Jan 19, 2018
SAML2 Unavailable Gakunin SPs
View saml2_unavailable_gakunin_sps.rb
require 'saml'
require 'open-uri'
idps_and_sps = Saml::Elements::EntityDescriptor.parse(
open('https://metadata.gakunin.nii.ac.jp/gakunin-metadata.xml?generation=2')
)
sps = idps_and_sps.select do |idp_or_sp|
idp_or_sp.sp_sso_descriptor.present?
end
@nov
nov / line_login.rb
Last active Nov 24, 2017
LINE ID Login
View line_login.rb
require 'openid_connect'
OpenIDConnect.debug!
config = {
client_id: 'YOUR-CHANNEL-ID',
client_secret: 'YOUR-CHANNEL-SECRET'
}
client = OpenIDConnect::Client.new(
You can’t perform that action at this time.