akamai-edgeauth 0.1.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: 83c736a708b2fb20a392c036e30bcd54ca622190
+  data.tar.gz: aa2f7d5c9b23ce48c09428afc23eedf9fa183b4a
+SHA512:
+  metadata.gz: c22efda1440facf518e3f6ae61409b10ae6b52f23d5724acf07cdd35d1d0601c6a2424e8faa4d4f772ad78172c5bdec151e0fea3ad019de2070d3369bef8825e
+  data.tar.gz: 15dea57f6d38d873b3c5e7b30e243f8f543ea220bebd3cce3e9e8a73ea22bc231dbfc3de1f3db7612aa7b07c7a78ea6e1e376ab3d67666ad2606d1c4f22e92a1

data/lib/akamai/edgeauth.rb

@@ -0,0 +1,199 @@
+# Copyright 2017 Akamai Technologies http://developer.akamai.com.
+
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+
+#     http://www.apache.org/licenses/LICENSE-2.0
+
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+
+require 'cgi'
+require 'openssl'
+require 'optparse'
+
+
+ENV['TZ'] = 'GMT'
+
+
+module Akamai
+    class EdgeAuthError < Exception
+        """Base-class for all exceptions raised by EdgeAuth Class"""
+    end
+
+
+    class EdgeAuth
+        attr_accessor :token_type, :token_name, :key, :algorithm, :salt, 
+                :start_time, :end_time, :window_secondse, :field_delimiter, 
+                :acl_delimiter, :escape_early, :verbose
+        
+        @@acl_delimiter = '!'
+        def self.ACL_DELIMITER
+            @@acl_delimiter
+        end
+        
+        def initialize(token_type: nil, token_name: '__token__', key: nil,
+                algorithm: 'sha256', salt: nil, start_time: nil, end_time: nil,
+                window_seconds: nil, field_delimiter: '~', escape_early: false, verbose: false)
+
+            @token_type = token_type
+            @token_name = token_name
+            @start_time = start_time
+            @end_time = end_time
+            @window_seconds = window_seconds
+            if !key || key.length <= 0
+                raise EdgeAuthError, 
+                    'You must provide a secret in order to generate a new token.'
+            end
+            @key = key
+            @algorithm = algorithm
+            @salt = salt
+            @field_delimiter = field_delimiter
+            @escape_early = escape_early
+            @verbose = verbose
+        end
+
+        def _escapeEarly(text)
+            if @escape_early
+                return CGI::escape(text).gsub(/(%..)/) {$1.downcase}
+            else
+                return text
+            end
+        end
+
+        def generateToken(url: nil, acl: nil, start_time: nil, end_time: nil, window_seconds: nil,
+                        ip: nil, payload: nil, session_id: nil)
+            
+            if !start_time
+                start_time = @start_time
+            end
+            if !end_time
+                end_time = @end_time
+            end
+            if !window_seconds
+                window_seconds = @window_seconds
+            end
+
+            if start_time.to_s.downcase == 'now'
+                start_time = Time.new.getgm.to_i
+            elsif start_time
+                begin
+                    if start_time <= 0
+                        raise EdgeAuthError, 'start_time must be ( > 0 )'
+                    end
+                rescue
+                    raise EdgeAuthError, 'start_time must be numeric or now'
+                end
+                
+            end
+
+            if end_time
+                begin
+                    if end_time <= 0
+                        raise EdgeAuthError, 'end_time must be ( > 0 )'
+                    end
+                rescue
+                    raise EdgeAuthError, 'end_time must be numeric'
+                end
+            end
+
+            if window_seconds
+                begin
+                    if window_seconds <= 0
+                        raise EdgeAuthError, 'window_seconds must be ( > 0 )'
+                    end
+                rescue
+                    raise EdgeAuthError, 'window_seconds must be numeric'
+                end
+            end
+
+            if !end_time
+                if window_seconds
+                    if !start_time
+                        end_time = Time.new.getgm.to_i + window_seconds
+                    else
+                        end_time = start_time + window_seconds
+                    end
+                else
+                    raise EdgeAuthError, 'You must provide an expiration time or a duration window..'
+                end
+            end
+
+            if start_time && end_time <= start_time
+                raise EdgeAuthError, 'Token will have already expired.'
+            end
+
+            if (!acl && !url) || (acl && url)
+                raise EdgeAuthError, 'You must provide a URL or an ACL'
+            end
+
+            if @verbose
+                puts "Akamai Token Generation Parameters"
+                puts "Token Type      : #{@token_type}"
+                puts "Token Name      : #{@token_name}"
+                puts "Start Time      : #{start_time}"
+                puts "End Time        : #{end_time}"
+                puts "Window(seconds) : #{window_seconds}"
+                puts "IP              : #{ip}"
+                puts "URL             : #{url}"
+                puts "ACL             : #{acl}"
+                puts "Key/Secret      : #{@key}"
+                puts "Payload         : #{payload}"
+                puts "Algo            : #{@algo}"
+                puts "Salt            : #{@salt}"
+                puts "Session ID      : #{session_id}"
+                puts "Field Delimiter : #{@field_delimiter}"
+                puts "ACL Delimiter   : #{@@acl_delimiter}"
+                puts "Escape Early    : #{@escape_early}"
+            end
+
+            hash_code = Array.new
+            new_token = Array.new
+
+            if ip
+                new_token.push('ip=%s' % _escapeEarly(ip))
+            end
+            if start_time
+                new_token.push('st=%s' % start_time)
+            end
+            new_token.push('exp=%s' % end_time)
+
+            if acl
+                new_token.push('acl=%s' % acl)
+            end
+            if session_id
+                new_token.push('id=%s' % _escapeEarly(session_id))
+            end
+            if payload
+               new_token.push('data=%s' % _escapeEarly(payload))
+            end
+
+            hash_code = new_token.clone
+            
+            if url and !acl
+                hash_code.push('url=%s' % _escapeEarly(url))
+            end
+
+            if @salt
+                hash_code.push('salt=%s' % @salt)
+            end
+            if !(['sha256', 'sha1', 'md5'].include? @algorithm)
+                raise EdgeAuthError, 'Unknown algorithm'
+            end
+            
+            bin_key = Array(@key.gsub(/\s/,'')).pack("H*")
+            digest = OpenSSL::Digest.new(@algorithm)
+            token_hmac = OpenSSL::HMAC.new(bin_key, digest)
+            token_hmac.update(hash_code.join(@field_delimiter))
+
+            new_token.push('hmac=%s' % token_hmac)
+
+            return new_token.join(@field_delimiter)
+        end
+    end
+end

metadata

@@ -0,0 +1,44 @@
+--- !ruby/object:Gem::Specification
+name: akamai-edgeauth
+version: !ruby/object:Gem::Version
+  version: 0.1.0
+platform: ruby
+authors:
+- Astin Choi
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2018-02-22 00:00:00.000000000 Z
+dependencies: []
+description: Akamai-EdgeAuth is Akamai Edge Authorization Token for Ruby 2.0+
+email: achoi@akamai.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- lib/akamai/edgeauth.rb
+homepage: https://github.com/AstinCHOI/AkamaiEdgeAuth-Ruby
+licenses:
+- Apache-2.0
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '2.0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 2.5.2
+signing_key: 
+specification_version: 4
+summary: Akamai Edge Authorization Token for Ruby
+test_files: []