BookshoutHmacShaAuth 0.0.1

Sign up to get free protection for your applications and to get access to all the features.
@@ -0,0 +1,7 @@
1
+ ---
2
+ SHA1:
3
+ metadata.gz: 2928b52a026cf45139ddc526946a4d4d47bfa463
4
+ data.tar.gz: 1e3d6094fcd4159ce5aec3175f940e905d96445b
5
+ SHA512:
6
+ metadata.gz: 389bd48eb8ad48cec63626869d8664e27a6e28b842bd334336c46a0582700156d989c48f71b84e652fa9fd06853b727181a953120e77c3cc6bac33246cc5b968
7
+ data.tar.gz: 2fed0eb9419f79cd8079d603ab9d617551cf7ad92e466d2ca41fca1d97a127a7b24e66425055b313848c87385803dca46245c335fd83c7c461b6a604f2d23029
@@ -0,0 +1,14 @@
1
+ /.bundle/
2
+ /.yardoc
3
+ /Gemfile.lock
4
+ /_yardoc/
5
+ /coverage/
6
+ /doc/
7
+ /pkg/
8
+ /spec/reports/
9
+ /tmp/
10
+ *.bundle
11
+ *.so
12
+ *.o
13
+ *.a
14
+ mkmf.log
@@ -0,0 +1,26 @@
1
+ # coding: utf-8
2
+ lib = File.expand_path('../lib', __FILE__)
3
+ $LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
4
+ require 'BookshoutHmacShaAuth/version'
5
+ require 'hmac_shable'
6
+ require 'hmac_sha_generator'
7
+
8
+ Gem::Specification.new do |spec|
9
+ spec.name = "BookshoutHmacShaAuth"
10
+ spec.version = BookshoutHmacShaAuth::VERSION
11
+ spec.authors = ["Eric Roos"]
12
+ spec.email = ["eric@bookshout.com"]
13
+ spec.summary = "Gem containing a ActiveSupport concern for habling HmacSha auth"
14
+ spec.description = ""
15
+ spec.homepage = ""
16
+ spec.license = "MIT"
17
+
18
+ spec.files = `git ls-files -z`.split("\x0")
19
+ spec.executables = spec.files.grep(%r{^bin/}) { |f| File.basename(f) }
20
+ spec.test_files = spec.files.grep(%r{^(test|spec|features)/})
21
+ spec.require_paths = ["lib"]
22
+
23
+ spec.add_development_dependency "bundler", "~> 1.7"
24
+ spec.add_development_dependency "rake", "~> 10.0"
25
+ spec.add_dependency "activesupport"
26
+ end
data/Gemfile ADDED
@@ -0,0 +1,4 @@
1
+ source 'https://rubygems.org'
2
+
3
+ # Specify your gem's dependencies in BookshoutHmacShaAuth.gemspec
4
+ gemspec
@@ -0,0 +1,22 @@
1
+ Copyright (c) 2016 Eric Roos
2
+
3
+ MIT License
4
+
5
+ Permission is hereby granted, free of charge, to any person obtaining
6
+ a copy of this software and associated documentation files (the
7
+ "Software"), to deal in the Software without restriction, including
8
+ without limitation the rights to use, copy, modify, merge, publish,
9
+ distribute, sublicense, and/or sell copies of the Software, and to
10
+ permit persons to whom the Software is furnished to do so, subject to
11
+ the following conditions:
12
+
13
+ The above copyright notice and this permission notice shall be
14
+ included in all copies or substantial portions of the Software.
15
+
16
+ THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
17
+ EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
18
+ MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
19
+ NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
20
+ LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
21
+ OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
22
+ WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
@@ -0,0 +1,22 @@
1
+ # BookshoutHmacShaAuth
2
+
3
+ This gem is used as an HMAC sha auth for your rails controllers
4
+ This is not a stand-alone gem and should be used with a Rails application
5
+
6
+ ## Installation
7
+
8
+ Add this line to your application's Gemfile:
9
+
10
+ ```ruby
11
+ gem 'BookshoutHmacShaAuth'
12
+ ```
13
+
14
+ And then execute:
15
+
16
+ $ bundle
17
+
18
+ ## Usage
19
+
20
+ Include HmacShable in your controller use the before_filter
21
+ handle_auth
22
+
@@ -0,0 +1,2 @@
1
+ require "bundler/gem_tasks"
2
+
@@ -0,0 +1,7 @@
1
+ require "BookshoutHmacShaAuth/version"
2
+ require "hmac_shable"
3
+ require "hmac_sha_generator"
4
+
5
+ module BookshoutHmacShaAuth
6
+ # Your code goes here...
7
+ end
@@ -0,0 +1,3 @@
1
+ module BookshoutHmacShaAuth
2
+ VERSION = "0.0.1"
3
+ end
@@ -0,0 +1,16 @@
1
+ class BookshoutHmacShaAuth::HmacShaGenerator
2
+ def self.build_signature(timestamp_str, params_string,application="www")
3
+ #key = "bookshout_key"
4
+ begin
5
+ #env_key =YAML.load_file("#{Rails.root}/config/hmac_sha_envs.yml")["hmac_sha_env_key"]
6
+ env_key = "BOOKSHOUT_#{application.upcase}_HMAC_KEY"
7
+ rescue
8
+ env_key = "BOOKSHOUT_HMAC_SHA_LOCAL_KEY"
9
+ end
10
+ key = ENV[env_key]
11
+ data = timestamp_str + params_string
12
+ digest = OpenSSL::Digest.new('sha1')
13
+ hmac = OpenSSL::HMAC.digest(digest, key, data)
14
+ Base64.encode64(hmac)
15
+ end
16
+ end
@@ -0,0 +1,46 @@
1
+ require 'open-uri'
2
+ require 'active_support/concern'
3
+ module BookshoutHmacShaAuth::HmacShable
4
+ extend ::ActiveSupport::Concern
5
+
6
+ def handle_auth
7
+ timestamp = request.headers["X-Bs-Timestamp"]
8
+ param_list = request.headers["X-Bs-Param-List"]
9
+ signature = request.headers["X-Bs-Signature"]
10
+
11
+ datetime = DateTime.parse(timestamp)
12
+ param_str = ""
13
+ param_list.split(",").each do |param|
14
+ param_str << (params[param.to_sym].to_s || "")
15
+ end
16
+ app_name = YAML.load_file("#{Rails.root}/config/hmac_sha_envs.yml")["app_name"]
17
+ computed_signature = BookshoutHmacShaAuth::HmacShaGenerator.build_signature timestamp,param_str,app_name
18
+ computed_signature = URI::encode(computed_signature.strip)
19
+
20
+ #if user_id && timestamp && param_list && signature && computed_signature == signature
21
+ successfull_attempt = signature == computed_signature
22
+ Rails.logger.debug "Access: #{successfull_attempt}"
23
+
24
+ if datetime < DateTime.now-1.minute
25
+ Rails.logger.debug "INVALID TIMESTAMP"
26
+ render(json: {:message => "Invalid timestamp. Too far in the past. Request expired."}, :status => 401 )
27
+ end
28
+
29
+ if !successfull_attempt
30
+ render(json: {:message => "Invalid auth credentials."}, :status => 401 )
31
+ end
32
+
33
+ true
34
+ end
35
+
36
+ def handle_grape_auth
37
+ begin
38
+ handle_auth
39
+ true
40
+ rescue Exception => e
41
+ Rails.logger.error e.to_s
42
+ false
43
+ end
44
+ end
45
+
46
+ end
metadata ADDED
@@ -0,0 +1,96 @@
1
+ --- !ruby/object:Gem::Specification
2
+ name: BookshoutHmacShaAuth
3
+ version: !ruby/object:Gem::Version
4
+ version: 0.0.1
5
+ platform: ruby
6
+ authors:
7
+ - Eric Roos
8
+ autorequire:
9
+ bindir: bin
10
+ cert_chain: []
11
+ date: 2016-04-27 00:00:00.000000000 Z
12
+ dependencies:
13
+ - !ruby/object:Gem::Dependency
14
+ name: bundler
15
+ requirement: !ruby/object:Gem::Requirement
16
+ requirements:
17
+ - - "~>"
18
+ - !ruby/object:Gem::Version
19
+ version: '1.7'
20
+ type: :development
21
+ prerelease: false
22
+ version_requirements: !ruby/object:Gem::Requirement
23
+ requirements:
24
+ - - "~>"
25
+ - !ruby/object:Gem::Version
26
+ version: '1.7'
27
+ - !ruby/object:Gem::Dependency
28
+ name: rake
29
+ requirement: !ruby/object:Gem::Requirement
30
+ requirements:
31
+ - - "~>"
32
+ - !ruby/object:Gem::Version
33
+ version: '10.0'
34
+ type: :development
35
+ prerelease: false
36
+ version_requirements: !ruby/object:Gem::Requirement
37
+ requirements:
38
+ - - "~>"
39
+ - !ruby/object:Gem::Version
40
+ version: '10.0'
41
+ - !ruby/object:Gem::Dependency
42
+ name: activesupport
43
+ requirement: !ruby/object:Gem::Requirement
44
+ requirements:
45
+ - - ">="
46
+ - !ruby/object:Gem::Version
47
+ version: '0'
48
+ type: :runtime
49
+ prerelease: false
50
+ version_requirements: !ruby/object:Gem::Requirement
51
+ requirements:
52
+ - - ">="
53
+ - !ruby/object:Gem::Version
54
+ version: '0'
55
+ description: ''
56
+ email:
57
+ - eric@bookshout.com
58
+ executables: []
59
+ extensions: []
60
+ extra_rdoc_files: []
61
+ files:
62
+ - ".gitignore"
63
+ - BookshoutHmacShaAuth.gemspec
64
+ - Gemfile
65
+ - LICENSE.txt
66
+ - README.md
67
+ - Rakefile
68
+ - lib/BookshoutHmacShaAuth.rb
69
+ - lib/BookshoutHmacShaAuth/version.rb
70
+ - lib/hmac_sha_generator.rb
71
+ - lib/hmac_shable.rb
72
+ homepage: ''
73
+ licenses:
74
+ - MIT
75
+ metadata: {}
76
+ post_install_message:
77
+ rdoc_options: []
78
+ require_paths:
79
+ - lib
80
+ required_ruby_version: !ruby/object:Gem::Requirement
81
+ requirements:
82
+ - - ">="
83
+ - !ruby/object:Gem::Version
84
+ version: '0'
85
+ required_rubygems_version: !ruby/object:Gem::Requirement
86
+ requirements:
87
+ - - ">="
88
+ - !ruby/object:Gem::Version
89
+ version: '0'
90
+ requirements: []
91
+ rubyforge_project:
92
+ rubygems_version: 2.2.2
93
+ signing_key:
94
+ specification_version: 4
95
+ summary: Gem containing a ActiveSupport concern for habling HmacSha auth
96
+ test_files: []