ruby.git/test/rubygems/test_gem_commands_owner_command.rb, branch v3_4_9 The Ruby Programming Language Merge RubyGems-3.6.9 and Bundler-2.6.9 2025-05-22T16:20:28+00:00 Hiroshi SHIBATA hsbt@ruby-lang.org 2025-05-22T07:15:55+00:00 616771e34e651d2a09ab3dad77d826c2100512e8 






[rubygems/rubygems] Fix commands with 2 MFA requests when webauthn is enabled
2024-11-04T10:04:58+00:00

David Rodríguez
deivid.rodriguez@riseup.net

2024-10-22T14:57:43+00:00

9ce1b5e11f807541ba9e3f7800fe4f64dfd1a906

If a command requires two MFA authenticated requests, and webauthn is
enabled, then first one will succeed but the second one will fail
because it tries to reuse the OTP code from the first request and that
does not work.

This happens when you have not yet logged in to rubygems.org, or when
you have an API key with invalid scopes for the current operation. In
that case, we need:

* An API request to get a token or change scopes for the one that you
  have.
* Another API request to perform the actual operation.

Instead of trying to reuse the token, make sure it's cleared so we are
asked to authenticate again. We only do this when webauthn is enabled
because reusing TOPT tokens otherwise is allowed and I don't want to
break that.

https://github.com/rubygems/rubygems/commit/669e343935





If a command requires two MFA authenticated requests, and webauthn is
enabled, then first one will succeed but the second one will fail
because it tries to reuse the OTP code from the first request and that
does not work.

This happens when you have not yet logged in to rubygems.org, or when
you have an API key with invalid scopes for the current operation. In
that case, we need:

* An API request to get a token or change scopes for the one that you
  have.
* Another API request to perform the actual operation.

Instead of trying to reuse the token, make sure it's cleared so we are
asked to authenticate again. We only do this when webauthn is enabled
because reusing TOPT tokens otherwise is allowed and I don't want to
break that.

https://github.com/rubygems/rubygems/commit/669e343935







[rubygems/rubygems] TermError should inherit from SystemExit
2024-11-04T10:04:58+00:00

David Rodríguez
deivid.rodriguez@riseup.net

2024-10-31T18:47:01+00:00

1b190b342b2f642cbba12cf6551df2bec7432d71

The `gem owner` command rescues standard errors, but does not rescue
SystemExit errors. If TermError is a standard error, not a system exit,
tests don't behave like realworld for this command.

https://github.com/rubygems/rubygems/commit/cf7d500f4d





The `gem owner` command rescues standard errors, but does not rescue
SystemExit errors. If TermError is a standard error, not a system exit,
tests don't behave like realworld for this command.

https://github.com/rubygems/rubygems/commit/cf7d500f4d







[rubygems/rubygems] Adapt failing tests to new output
2024-02-02T19:26:58+00:00

Vitaliy Serov
vitaliy.serov@onlyoffice.com

2024-02-02T11:58:59+00:00

93fdf66bc5fb547035efbd0ded899c3ea57370ab

https://github.com/rubygems/rubygems/commit/cf549e71aa





https://github.com/rubygems/rubygems/commit/cf549e71aa







[rubygems/rubygems] Vendor net-http and net-protocol in RubyGems
2023-12-13T03:16:55+00:00

David Rodríguez
deivid.rodriguez@riseup.net

2023-01-29T20:24:11+00:00

ce924ce1fb029f19fd34a43f2012a485f4f62b53

https://github.com/rubygems/rubygems/commit/99d91c9ed2





https://github.com/rubygems/rubygems/commit/99d91c9ed2







[rubygems/rubygems] Create MockServer object to test WebAuthn logic to prevent real TCPServers from being created and be leaked into other tests
2023-07-28T16:08:10+00:00

Jenny Shen
jenny.shen@shopify.com

2023-07-20T05:42:58+00:00

afca1a31d05f3334342628a93d4d796c95e5f5fe

https://github.com/rubygems/rubygems/commit/96d6cb33a2





https://github.com/rubygems/rubygems/commit/96d6cb33a2







[rubygems/rubygems] Create MultifactorAuthFetcher to reduce duplication among tests
2023-07-28T16:08:09+00:00

Jenny Shen
jenny.shen@shopify.com

2023-07-11T04:40:05+00:00

3954a87d65f004e5148597ffa927dc7b9eef6fb8

https://github.com/rubygems/rubygems/commit/dead211206





https://github.com/rubygems/rubygems/commit/dead211206







[rubygems/rubygems] Move Webauthn listener thread to WebauthnListener class
2023-07-28T16:08:08+00:00

Jenny Shen
jenny.shen@shopify.com

2023-07-01T03:45:27+00:00

24913e3dda3d4ebd633e94e46ca221ebfcb9f89b

https://github.com/rubygems/rubygems/commit/6ec474975e





https://github.com/rubygems/rubygems/commit/6ec474975e







[rubygems/rubygems] Move WebauthnListener into the Gem::GemcutterUtilities namespace
2023-07-28T16:08:08+00:00

Jenny Shen
jenny.shen@shopify.com

2023-06-29T20:10:22+00:00

fce04f9a6c9935ef3f188558dce177e277b17711

https://github.com/rubygems/rubygems/commit/3080394f81





https://github.com/rubygems/rubygems/commit/3080394f81







[rubygems/rubygems] Add Webauthn verification poller to fetch OTP
2023-07-28T16:08:07+00:00

Jenny Shen
jenny.shen@shopify.com

2023-06-21T21:21:35+00:00

023d0f662b4487c2bd6636c4fcf1e223ef4c8b30

https://github.com/rubygems/rubygems/commit/39c5e86a67





https://github.com/rubygems/rubygems/commit/39c5e86a67