akamai-authtoken 0.4.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: c1d6b93d6b4ddac65963b2a51b60ad4c003f79a7
+  data.tar.gz: b0c1e74bd7c1b55ceb4f50ea31735a391b9125db
+SHA512:
+  metadata.gz: 934edf4bc3495870db8fab8aa8b27d7b69daff39fb62da7d40fe9834385986e924d4dae34313d8e03e29486d7acf392d2396d06ec16163b0bba7abd933bbb3e9
+  data.tar.gz: 7a66faa06156f420af5e8c31acdb3740b0a66266c738782dfded6337e923b88be119d242492b38c0ec5a5dc510c0e1061ab25139f2d5893613e6473d0130876c

data/lib/akamai/authtoken.rb

@@ -0,0 +1,161 @@
+require 'cgi'
+require 'openssl'
+require 'optparse'
+
+
+ENV['TZ'] = 'GMT'
+
+module Akamai
+    class AuthTokenError < Exception
+        """Base-class for all exceptions raised by AuthToken Class"""
+    end
+
+
+    class AuthToken
+        attr_accessor :token_type, :token_name, :key, :algorithm, :salt, 
+                :start_time, :end_time, :window_secondse, :field_delimiter, 
+                :acl_delimiter, :escape_early, :verbose
+        
+        def initialize(token_type: nil, token_name: '__token__', key: nil,
+                algorithm: 'sha256', salt: nil, start_time: nil, end_time: nil,
+                window_seconds: nil, field_delimiter: '~', acl_delimiter: '!',
+                escape_early: false, verbose: false)
+
+            @token_type = token_type
+            @token_name = token_name
+            @start_time = start_time
+            @end_time = end_time
+            @window_seconds = window_seconds
+            if !key || key.length <= 0
+                raise AuthTokenError, 
+                    'You must provide a secret in order to generate a new token.'
+            end
+            @key = key
+            @algorithm = algorithm
+            @salt = salt
+            @field_delimiter = field_delimiter
+            @acl_delimiter = acl_delimiter
+            @escape_early = escape_early
+            @verbose = verbose
+        end
+
+        def _escapeEarly(text)
+            if @escape_early
+                return CGI::escape(text).gsub(/(%..)/) {$1.downcase}
+            else
+                return text
+            end
+        end
+
+        def generateToken(url: nil, acl: nil, start_time: nil, end_time: nil, window_seconds: nil,
+                        ip: nil, payload: nil, session_id: nil)
+            
+            if !start_time
+                start_time = @start_time
+            end
+            if !end_time
+                end_time = @end_time
+            end
+            if !window_seconds
+                window_seconds = @window_seconds
+            end
+
+            if start_time.to_s.downcase == 'now'
+                start_time = Time.new.getgm.to_i
+            elsif start_time && !(start_time.is_a? Integer)
+                raise AuthTokenError, 'start_time must be numeric or now'
+            end
+
+            if end_time && !(end_time.is_a? Integer)
+                raise AuthTokenError, 'end_time must be numeric or now'
+            end
+
+            if window_seconds && !(window_seconds.is_a? Integer)
+                raise AuthTokenError, 'window_seconds must be numeric or now'
+            end
+
+            if !end_time
+                if window_seconds.to_i > 0
+                    if !start_time
+                        end_time = Time.new.getgm.to_i + window_seconds
+                    else
+                        end_time = start_time + window_seconds
+                    end
+                else
+                    raise AuthTokenError, 'You must provide an expiration time or a duration window..'
+                end
+            end
+
+            if start_time && end_time < start_time
+                raise AuthTokenError, 'Token will have already expired.'
+            end
+
+            if (!acl && !url) || (acl && url)
+                raise AuthTokenError, 'You must provide a URL or an ACL'
+            end
+
+            if @verbose
+                puts "Akamai Token Generation Parameters"
+                puts "Token Type      : #{@token_type}"
+                puts "Token Name      : #{@token_name}"
+                puts "Start Time      : #{start_time}"
+                puts "End Time        : #{end_time}"
+                puts "Window(seconds) : #{window_seconds}"
+                puts "IP              : #{ip}"
+                puts "URL             : #{url}"
+                puts "ACL             : #{acl}"
+                puts "Key/Secret      : #{@key}"
+                puts "Payload         : #{payload}"
+                puts "Algo            : #{@algo}"
+                puts "Salt            : #{@salt}"
+                puts "Session ID      : #{session_id}"
+                puts "Field Delimiter : #{@field_delimiter}"
+                puts "ACL Delimiter   : #{@acl_delimiter}"
+                puts "Escape Early    : #{@escape_early}"
+            end
+
+            hash_code = Array.new
+            new_token = Array.new
+
+            if ip
+                new_token.push('ip=%s' % _escapeEarly(ip))
+            end
+            if start_time
+                new_token.push('st=%s' % start_time)
+            end
+            new_token.push('exp=%s' % end_time)
+
+            if acl
+                new_token.push('acl=%s' % acl)
+            end
+            if session_id
+                new_token.push('id=%s' % _escapeEarly(session_id))
+            end
+            if payload
+               new_token.push('data=%s' % _escapeEarly(payload))
+            end
+
+            hash_code = new_token.clone
+            
+            if url and !acl
+                hash_code.push('url=%s' % _escapeEarly(url))
+            end
+
+            if @salt
+                hash_code.push('salt=%s' % @salt)
+            end
+            if !(['sha256', 'sha1', 'md5'].include? @algorithm)
+                raise AuthTokenError, 'Unknown algorithm'
+            end
+            
+            bin_key = Array(@key.gsub(/\s/,'')).pack("H*")
+            digest = OpenSSL::Digest.new(@algorithm)
+            token_hmac = OpenSSL::HMAC.new(bin_key, digest)
+            token_hmac.update(hash_code.join(@field_delimiter))
+
+            new_token.push('hmac=%s' % token_hmac)
+
+            return new_token.join(@field_delimiter)
+        end
+    end
+end

metadata

@@ -0,0 +1,44 @@
+--- !ruby/object:Gem::Specification
+name: akamai-authtoken
+version: !ruby/object:Gem::Version
+  version: 0.4.0
+platform: ruby
+authors:
+- Astin Choi
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2017-03-09 00:00:00.000000000 Z
+dependencies: []
+description: Akamai-AuthToken is Akamai Authorization Token for Ruby 2.0+
+email: achoi@akamai.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- lib/akamai/authtoken.rb
+homepage: https://github.com/AstinCHOI/AkamaiAuthToken-Ruby
+licenses:
+- Apache
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '2.0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 2.6.8
+signing_key: 
+specification_version: 4
+summary: Akamai Authorization Token for Ruby
+test_files: []