npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2024 – Pkg Stats / Ryan Hefner

speaks-for

v1.2.3

Published

Fed4FIRE Speaks-For credential management tools

Downloads

3

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

psotrespsotres

Keywords

Fed4FIREauthentication

Readme

Fed4FIRE Speaks-For credential management tools

Installation

Just install Node.JS and run npm install -g speaks-for. The tools have been tested on Ubuntu 14.04, but should also work on Windows and MacOS as well.

Credential generation

Usage: speaks-for -c <file-path> -f <p12|pem> -p <password> -t <file-path> -d <int> -o <file-path>

Signing User
  -c, --credential  User credential file path                                                           [required]
  -f, --format      Provided credential container format                        [required] [choices: "pem", "p12"]
  -p, --password    User credential password (only for encrypted credentials)                        [default: ""]

Speaks-for Parameters
  -t, --tc, --toolcertificate  Tool certificate file path                                               [required]
  -d, --days, --duration       Number of days the speaks-for credential will be valid               [default: 120]

Options:
  -o, --output   Output file to store speaks-for credential (base64 encoded)
  -v, --verbose  Verbosity level (none, -v or -vv)                                                         [count]
  -h, --help     Show help                                                                               [boolean]
  --version      Show version number                                                                     [boolean]

Examples:
  speaks-for -c user123.p12 -f p12 -p 123456 -t yourepm.pem  Generate a speaks-for credential which delegates
                                                             access to YourEPM tool during 120 days. In this case
                                                             the signing credential is a PKCS#12 container
  speaks-for --credential user123.pem --format pem           The Fed4FIRE user credential is PEM formatted, and
  --password 123456 --toolcertificate yourepm.pem            access is delegated during 1 year
  --duration 365
  speaks-for -vv -c user123.pem -f pem -p 123456 -t          Same command as previous one, but with DEBUG
  yourepm.pem -d 365 -o s4cred.base64                        verbosity and storing the result on an output file

Fed4FIRE - University of Cantabria - Copyright 2016

Credential validation

Usage: validate-speaks-for -s <file-path> -f <base64|xml> --ca <folder-path> -t <file-path>

Speaks-for Parameters
  -s, --s4credential  Speaks-for credential file                                                        [required]
  -f, --format        Provided Speaks-for credential file format             [required] [choices: "base64", "xml"]
  --ca, --trustedCA   Trusted CA's folder path

Speaker Validation parameters
  -t, --tc, --toolcertificate  Tool certificate file path to validate against Speaks-for credential tail section
  -k, --keyid, --keyhash       Tool certificate keyhash to be checked against Speaks-for credential tail section

Options:
  -v, --verbose  Verbosity level (none, -v or -vv)                                                         [count]
  -h, --help     Show help                                                                               [boolean]
  --version      Show version number                                                                     [boolean]

Examples:
  validate-speaks-for -s s4cred.base64 -f base64             Validates a base64 encoded speaks-for credential
                                                             using bundled CA
  validate-speaks-for -s s4cred.base64 -f base64             Validates a base64 encoded speaks-for credential
  --trustedCA ./ca                                           selecting an specific CA folder
  validate-speaks-for -v -s s4cred.xml -f xml                Validates an xml encoded speaks-for credential with
                                                             extra verbosity level using bundled CA
  validate-speaks-for -v -s s4cred.xml -f xml -t tool.cert   Same as before, but it also validates speaks-for tail
                                                             section against tool certificate
  validate-speaks-for -v -s s4cred.xml -f xml -k             Same as before, but speaks-for tail section
  bf844ce5a5f21569c2d5c97d6d1a1c737b5670ab                   validation is done against given keyid

Fed4FIRE - University of Cantabria - Copyright 2016

Other management tools

Usage: base64-urlsafe-encoder -s <file-path> -f <base64|xml> -o <file-path>

Speaks-for Parameters
  -s, --s4credential  Speaks-for credential file                                                        [required]
  -f, --format        Provided Speaks-for credential file format             [required] [choices: "base64", "xml"]

Options:
  -o, --output   Output file to store speaks-for credential (base64 urlsafe encoded)
  -v, --verbose  Verbosity level (none, -v or -vv)                                                         [count]
  -h, --help     Show help                                                                               [boolean]
  --version      Show version number                                                                     [boolean]

Examples:
  base64-urlsafe-encoder -s s4cred.base64 -f base64          Encodes a base64 encoded speaks-for credential into
                                                             its urlsafe variant (RFC4648) and prints the result
                                                             on the stdout
  base64-urlsafe-encoder -s s4cred.xml -f xml -o             Encodes an XML encoded speaks-for credential into a
  s4cred.base64.urlsafe                                      base64 urlsafe variant (RFC4648) and stores the
                                                             result on a file

Fed4FIRE - University of Cantabria - Copyright 2016

Hints

If you need to decode a base64 encoded credential you can use base64 --decode s4cred.base64 > s4cred.xml (on Linux)

You can check tool certificates information with openssl x509 -in <pem_file> -text -noout (on Linux)

CA certificates need to be named according to OpenSSL requirements, using the form: hash.0. You can use rehash.sh script (see resources/ca folder) inside any folder to generate valid symbolic links to all the existing certificates present in that folder.