Project

storedsafe

0.0
No release in over 3 years
Low commit activity in last 3 years
storedsafestoredsafe/storedsafe-rubyHomepageDocumentationSource CodeBug TrackerWiki
The Storedsafe gem is a ruby interface for the Storedsafe REST-like API.
2005
2006
2007
2008
2009
2010
2011
2012
2013
2014
2015
2016
2017
2018
2019
2020
2021
2022
2023
2024
 Popularity
Downloads
7,521
Stars
0
Forks
0
Watchers
3
 Releases
Current version
1.0.0
Total releases
4
First release
2019-06-07
Latest release
2020-08-07
 Pull Requests
Open Pull Requests
1
Closed Pull Requests
4
Merged Pull Requests
5
Pull Request Acceptance Rate
50%
 Development
Primary Language
Ruby
Licenses
Apache-2.0
Average date of last 50 commits
2019-11-22
Reverse Dependencies
0

 Dependencies

Development

bundler
~> 2.0
rspec
~> 3.7
rubocop
~> 0.74.0
sinatra
~> 2.0
webmock
~> 3.4
 Project Readme

StoredSafe API ruby wrapper

Transparent Ruby wrapper for the StoredSafe REST-like API. (See full docs here).

Full documentation of the API response signatures and more advanced paramters can be found at the StoredSafe API Documentation.

Install

Install from rubygems gem install storedsafe

Add to Gemfile gem 'storedsafe', '~> 1.0.0'

Alternatively, if you whish to install the gem manually, you can clone this repo and build the gem yourself.

git clone https://github.com/storedsafe/storedsafe-ruby
cd storedsafe-ruby
gem build storedsafe.gemspec
gem install storedsafe-1.0.0.gem

Usage

require 'storedsafe'
api = StoredSafe.configure do |config|
  config.host = 'my.site.com'
  config.apikey = 'my-api-key'
end

# Auth
api.login_totp(username, passphrase, otp)
api.login_yubikey(username, passphrase, otp)
api.logout()
api.check()

# Vaults
api.list_vaults()
api.vault_objects(vault_id)
api.vault_members(vault_id)
api.add_vault_member(vault_id, user_id, status)
api.edit_vault_member(vault_id, user_id, status)
api.remove_vault_member(vault_id, user_id)
api.create_vault(**args) # See parameters in API documentation
api.edit_vault(vault_id, **args)
api.delete_vault(vault_id)

# Objects
api.get_object(object_id) # String or integer
api.get_object(object_id, include_children) # children False by default
api.decrypt_object(object_id)
api.create_object(**args)
api.edit_object(object_id, **args)
api.delete_object(object_id)

# Users
api.list_users() # List all users
api.list_users(user_id) # List specific user
api.list_users(search_string) # Search for any user matching search_string
api.create_user(**args)
api.edit_user(user_id, **args)
api.delete_user(user_id)

# Utils
api.status_values()
api.password_policies()
api.version()
api.generate_password() # Use vault policy
api.generate_password(**args)

Examples

Generate password

res = api.generate_password(type: 'diceword', words: 6, delimiter: '_')
password = res['CALLINFO']['passphrase']

Configuration

Configuration can be done in a few different ways. Other than the manual configuration, external configuration sources can be applied through the config_sources array. This array contains Ruby Hashes with the fields that should be applied to the StoredSafe::Config::Configurable instance. By default fetch configurations through the StoredSafe::Config::RcReader and StoredSafe::Config::EnvReader.

The order of priority between these different configuration sources are:

  1. Manual Configuration
  2. Built-in defaults
  3. Elements in the config_sources array in order of appearance

The RcReader will extract a configuration hash from a file (default is ~/.storedsafe-client.rc) which is generated by the StoredSafe Tokenhandler.

The EnvReader will extract a configuration hash from environment variables. By default these variables are STOREDSAFE_SERVER, STOREDSAFE_TOKEN, STOREDSAFE_CABUNDLE and STOREDSAFE_SKIP_VERIFY.

To disable all external configuration sources such as the rc-file and environment vairables, set the config_sources option to an empty array.

api = StoredSafe.configure do |config|
  config.config_sources = []
  ...
end

If you want to add your own configurations, simply add them to the config_sources array.

def fetch_password(options, obj_id)
  api = StoredSafe.configure do |config|
    config.config_sources = [
      options,
      StoredSafe::Config::RcReader.parse_file('/path/to/.storedsafe-client.rc'),
    ]
  end
  res = api.decrypt_object(obj_id)
  res['OBJECT'][0]['crypted']['password']
end