licensing

This commit is contained in:
Yan
2017-11-15 12:01:35 +06:30
parent 5ec45593de
commit 7c6153f16f
4 changed files with 58 additions and 95 deletions

View File

@@ -46,8 +46,8 @@ class ApplicationController < ActionController::Base
def current_license(url) def current_license(url)
@license = License.new(url) @license = License.new(url)
if (@license.detail_with_local_file(lookup) == true) if (@license.detail_with_local_file() == true)
return @license puts "RUN SA BYAR"
else else
return nil return nil
end end
@@ -55,9 +55,8 @@ class ApplicationController < ActionController::Base
def cache_license(url, lookup) def cache_license(url, lookup)
@license = License.new(url, lookup) @license = License.new(url, lookup)
# Export for Key # Export for Key
aes = AesCrypt.new aes = MyAesCrypt.new
aes_key, aes_iv = aes.export_key(lookup) aes_key, aes_iv = aes.export_key(lookup)
if (@license.detail_with_local_cache(lookup, aes_key, aes_iv) == true) if (@license.detail_with_local_cache(lookup, aes_key, aes_iv) == true)

View File

@@ -1,38 +0,0 @@
class AesCrypt
@cipher = ""
def initialize
@cipher = OpenSSL::Cipher::Cipher.new(ENV["cipher_type"])
end
private
def export_key(passphrase)
# We want a 256 bit key symetric key based on passphrase
digest = Digest::SHA256.new
key = digest.update(passphrase)
# key = digest.digest
ENV['aes_key'] = @cipher.key = key # stores the key in key, and also sets the generated key on the @cipher
ENV['aes_iv'] = @cipher.iv = @cipher.random_iv # stores the iv in iv, and also sets the generated iv on the @cipher
return @cipher.key, @cipher.iv
end
def encrypt(data)
cipher.encrypt
cipher.key = ENV["aes_key"]
cipher.iv = ENV["aes_iv"]
encrypted = cipher.update(data) + cipher.final
encrypted = Base64.encode64(encrypted)
return encrypted
end
def decrypt(data)
cipher.decrypt
cipher.key = ENV["aes_key"]
cipher.iv = ENV["aes_iv"]
# Start the decryption
decoded = Base64.decode64(data)
decrypted = cipher.update(decoded) + cipher.final
return decrypted
end
end

View File

@@ -13,7 +13,7 @@ class License
def initialize(server = "", lookup = "") def initialize(server = "", lookup = "")
#this code is hard-code to reflect server mode - Very important. #this code is hard-code to reflect server mode - Very important.
self.server_mode = ENV["server_mode"] self.server_mode = ENV["SERVER_MODE"]
if (server != "") if (server != "")
self.class.base_uri server self.class.base_uri server
@@ -50,7 +50,6 @@ class License
##change the d/e key ##change the d/e key
# @options = { query: {device: "SXlite", lookup: lookup, skey: @secret, token: SECRETS_CONFIG['provision_key']} } # @options = { query: {device: "SXlite", lookup: lookup, skey: @secret, token: SECRETS_CONFIG['provision_key']} }
@params = { query: { lookup_type: self.server_mode, lookup: lookup, encrypted_key: key, iv_key: iv} } @params = { query: { lookup_type: self.server_mode, lookup: lookup, encrypted_key: key, iv_key: iv} }
response = self.class.get("/subdomain", @params) response = self.class.get("/subdomain", @params)
@license = response.parsed_response @license = response.parsed_response
@@ -75,49 +74,49 @@ class License
end end
def detail_with_local_file(lookup) def detail_with_local_file()
has_license = verify_license() has_license = true #verify_license()
if has_license if has_license
puts "VERIFIED"
end end
if cache_license.nil? # if cache_license.nil?
##change the d/e key # ##change the d/e key
@params = { query: { lookup_type: self.server_mode, lookup: lookup, encrypted_key: key, iv_key: iv} } # @params = { query: { lookup_type: self.server_mode, lookup: lookup, encrypted_key: key, iv_key: iv} }
response = self.class.get("/request_license", @params) # response = self.class.get("/request_license", @params)
@license = response.parsed_response # @license = response.parsed_response
if (@license["status"] == true) # if (@license["status"] == true)
assign() # assign()
Rails.logger.info "License - " + response.parsed_response.to_s # Rails.logger.info "License - " + response.parsed_response.to_s
Redis.current do |conn| # Redis.current do |conn|
##Remote - store the remote response in local redis cache # ##Remote - store the remote response in local redis cache
conn.set(cache_key, Marshal.dump(@license)) # conn.set(cache_key, Marshal.dump(@license))
##ADD to List to remove later # ##ADD to List to remove later
conn.sadd("License:cache:keys", cache_key) # conn.sadd("License:cache:keys", cache_key)
end # end
return true # return true
end # end
Rails.logger.info 'API License' # Rails.logger.info 'API License'
else # else
@license = Marshal.load(cache_license) if cache_license # @license = Marshal.load(cache_license) if cache_license
Rails.logger.info 'Cache License' # Rails.logger.info 'Cache License'
if (@license["status"] == true) # if (@license["status"] == true)
assign() # assign()
return true # return true
end # end
end # end
return false # return false
end end
def detail def detail
@@ -144,10 +143,13 @@ class License
Rails.logger.debug "License Remote Response - " + response.parsed_response.to_s Rails.logger.debug "License Remote Response - " + response.parsed_response.to_s
if (@varified["status"]) if (@varified["status"])
check_expire_date if (!check_expired(@varified["plan_next_renewal_date"]))
return true
end
else else
delete_license_file delete_license_file
end end
return false
end end
def check_remote_license(license_key) def check_remote_license(license_key)
@@ -181,16 +183,15 @@ class License
#Load License is remove from the cloud license because - this license is must be validated against subdmain instead of license.data from file. #Load License is remove from the cloud license because - this license is must be validated against subdmain instead of license.data from file.
def expired? def check_expired(renewal_date)
if (self.plan_next_renewal_date < Date.today) if (renewal_date < Date.today)
return true return true
else else
return false return false
end end
end end
private def self.check_license_file
def check_license_file
return File.exist?("config/license.yml") return File.exist?("config/license.yml")
end end
@@ -201,12 +202,13 @@ class License
File.open("config/license.yml").each do |line| File.open("config/license.yml").each do |line|
if line.include? (key) if line.include? (key)
decrypted_line_array = line.split(":") decrypted_line_array = line.split(":")
decrypted_line = AESEncDec.decrypt(decrypted_line_array[1]) decrypted_line = AESCrypt.decrypt(decrypted_line_array[1])
end end
end end
end end
end end
private
def assign def assign
# self.name = @license["name"] # self.name = @license["name"]
# self.address_1 = @license["address_1"] # self.address_1 = @license["address_1"]

View File

@@ -15,8 +15,8 @@ development:
sx_provision_url: provision.zsai.ws/api #192.168.1.94:3002 sx_provision_url: provision.zsai.ws/api #192.168.1.94:3002
server_mode: cloud server_mode: cloud
cipher_type: AES-256-CBC cipher_type: AES-256-CBC
aes_key: <%= ENV['aes_key'] %> aes_key: <%= ENV['AES_KEY'] %>
aes_iv: <%= ENV['aes_iv'] %> aes_iv: <%= ENV['AES_IV'] %>
test: test:
secret_key_base: 5c92143fd4a844fdaf8b22aba0cda22ef1fc68f1b26dd3d40656866893718ae5e58625b4c3a5dc86b04c8be0a505ec0ebc0be3bf52249a3d1e0c1334ee591cf0 secret_key_base: 5c92143fd4a844fdaf8b22aba0cda22ef1fc68f1b26dd3d40656866893718ae5e58625b4c3a5dc86b04c8be0a505ec0ebc0be3bf52249a3d1e0c1334ee591cf0
@@ -27,6 +27,6 @@ production:
secret_key_base: c4bc81065013f9a3506d385bcbd49586c42e586488144b0de90c7da36867de9fa880f46b5c4f86f0ce9b7c783bb5a73bdb0e5605a47716567294390e726d3e22 secret_key_base: c4bc81065013f9a3506d385bcbd49586c42e586488144b0de90c7da36867de9fa880f46b5c4f86f0ce9b7c783bb5a73bdb0e5605a47716567294390e726d3e22
sx_provision_url: provision.zsai.ws/api #192.168.1.94:3002 sx_provision_url: provision.zsai.ws/api #192.168.1.94:3002
server_mode: cloud server_mode: cloud
aes_key: <%= ENV['aes_key'] %> aes_key: <%= ENV['AES_KEY'] %>
aes_iv: <%= ENV['aes_iv'] %> aes_iv: <%= ENV['AES_IV'] %>