angus-authentication 0.0.4 → 0.0.6
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +7 -0
- data/lib/angus/authentication/provider.rb +49 -35
- data/lib/angus/authentication/version.rb +1 -1
- metadata +23 -51
checksums.yaml
ADDED
@@ -0,0 +1,7 @@
|
|
1
|
+
---
|
2
|
+
SHA1:
|
3
|
+
metadata.gz: 080062cb636890dfd1eb9f6711775374dcab517e
|
4
|
+
data.tar.gz: a8c4d762dff97f53d11e18cf045821e1f0f9ee34
|
5
|
+
SHA512:
|
6
|
+
metadata.gz: 2a16551b23b7819e9550938be9b425e2bf486d6420fd816f2d1cbb30304be1ccfe7943821a41dc6864afccf76adfff5643d85747b4cf62cb357e8e66ba1c821c
|
7
|
+
data.tar.gz: 8d39de5c20d58c842a3f88adb47729b3b6cc129a62279d11a76e8f24cb5b0e5ef994cd52d04178b23ab1c5ae6bf49acea123df43242564392c3ac52e08baf505
|
@@ -9,21 +9,23 @@ module Angus
|
|
9
9
|
|
10
10
|
class Provider
|
11
11
|
|
12
|
-
DEFAULT_ID_TTL
|
13
|
-
DEFAULT_SESSION_TTL
|
14
|
-
DEFAULT_PRIVATE_KEY
|
15
|
-
|
16
|
-
|
17
|
-
|
18
|
-
|
19
|
-
|
20
|
-
|
21
|
-
|
12
|
+
DEFAULT_ID_TTL = 60 * 60
|
13
|
+
DEFAULT_SESSION_TTL = 60 * 60
|
14
|
+
DEFAULT_PRIVATE_KEY = 'change_me'
|
15
|
+
DEFAULT_USE_SESSION = false
|
16
|
+
|
17
|
+
AUTHENTICATION_HEADER = 'HTTP_AUTHORIZATION'
|
18
|
+
BAAS_AUTHENTICATION_HEADER = 'HTTP_X_BAAS_AUTH'
|
19
|
+
BAAS_SESSION_HEADER = 'X-Baas-Session-Seed'
|
20
|
+
DATE_HEADER = 'HTTP_DATE'
|
21
|
+
REQUEST_HEADER = 'REQUEST_METHOD'
|
22
|
+
PATH_HEADER = 'PATH_INFO'
|
22
23
|
|
23
24
|
def initialize(settings, env)
|
24
25
|
@session_id_ttl = settings[:session_id_ttl] || DEFAULT_ID_TTL
|
25
26
|
@session_ttl = settings[:session_ttl] || DEFAULT_SESSION_TTL
|
26
27
|
@private_key = settings[:private_key] || DEFAULT_PRIVATE_KEY
|
28
|
+
@use_session = settings[:use_session]
|
27
29
|
@authenticator = settings[:authenticator] || DefaultAuthenticator.new(@private_key)
|
28
30
|
@store = RedisStore.new(settings[:store] || {})
|
29
31
|
@excluded_regexps = settings[:excluded_regexps] || []
|
@@ -33,7 +35,7 @@ module Angus
|
|
33
35
|
def authenticate!
|
34
36
|
return unless should_authenticate?
|
35
37
|
|
36
|
-
if has_session?
|
38
|
+
if has_session? && use_session?
|
37
39
|
authenticate_session
|
38
40
|
else
|
39
41
|
start_session
|
@@ -41,17 +43,19 @@ module Angus
|
|
41
43
|
end
|
42
44
|
|
43
45
|
def update_response_header(response)
|
44
|
-
return unless should_authenticate?
|
46
|
+
return unless use_session? && should_authenticate?
|
45
47
|
|
46
48
|
headers = response[1]
|
47
49
|
|
48
|
-
|
49
|
-
|
50
|
-
headers[BAAS_SESSION_HEADER] = session_data['key_seed']
|
50
|
+
headers[BAAS_SESSION_HEADER] = get_session_data['key_seed']
|
51
51
|
end
|
52
52
|
|
53
53
|
private
|
54
54
|
|
55
|
+
def use_session?
|
56
|
+
@use_session || DEFAULT_USE_SESSION
|
57
|
+
end
|
58
|
+
|
55
59
|
def should_authenticate?
|
56
60
|
return true if @excluded_regexps.empty?
|
57
61
|
|
@@ -67,12 +71,7 @@ module Angus
|
|
67
71
|
end
|
68
72
|
|
69
73
|
def start_session
|
70
|
-
|
71
|
-
|
72
|
-
private_session_key, private_session_key_seed = @authenticator.call(session_id, auth_data,
|
73
|
-
auth_token)
|
74
|
-
|
75
|
-
raise InvalidAuthorizationData unless private_session_key
|
74
|
+
private_session_key, private_session_key_seed = get_session_credentials
|
76
75
|
|
77
76
|
session_data = {
|
78
77
|
'private_key' => private_session_key,
|
@@ -80,26 +79,45 @@ module Angus
|
|
80
79
|
'created_at' => Time.now.iso8601
|
81
80
|
}
|
82
81
|
|
83
|
-
|
82
|
+
set_session_data(session_data)
|
84
83
|
end
|
85
84
|
|
86
85
|
def authenticate_session
|
87
|
-
raise MissingAuthorizationData unless session_data_present?
|
86
|
+
raise MissingAuthorizationData unless session_data_present? || authorization_data_present?
|
88
87
|
|
89
88
|
if session_expired? && authorization_data_present?
|
90
|
-
start_session
|
89
|
+
start_session
|
91
90
|
elsif session_expired?
|
92
91
|
raise AuthorizationTimeout
|
93
|
-
|
94
|
-
|
95
|
-
|
96
|
-
if authenticate_session_token(session_data['private_key'])
|
92
|
+
elsif !valid_session_token? && authorization_data_present?
|
93
|
+
start_session
|
94
|
+
elsif !valid_session_token?
|
97
95
|
raise InvalidAuthorizationData
|
98
96
|
end
|
99
97
|
end
|
100
98
|
|
101
|
-
def
|
102
|
-
|
99
|
+
def get_session_credentials
|
100
|
+
raise MissingAuthorizationData unless authorization_data_present?
|
101
|
+
|
102
|
+
private_session_key, private_session_key_seed = @authenticator.call(session_id, auth_data,
|
103
|
+
auth_token)
|
104
|
+
|
105
|
+
raise InvalidAuthorizationData unless private_session_key
|
106
|
+
|
107
|
+
return private_session_key, private_session_key_seed
|
108
|
+
end
|
109
|
+
|
110
|
+
def set_session_data(session_data)
|
111
|
+
@store.save_session_data(session_id, session_data, @session_id_ttl + @session_ttl)
|
112
|
+
end
|
113
|
+
|
114
|
+
def valid_session_token?
|
115
|
+
private_key = get_session_data['private_key']
|
116
|
+
Digest::SHA1.hexdigest("#{private_key}\n#{auth_data}") == session_auth_token
|
117
|
+
end
|
118
|
+
|
119
|
+
def get_session_data
|
120
|
+
@store.get_session_data(session_id)
|
103
121
|
end
|
104
122
|
|
105
123
|
def authorization_data_present?
|
@@ -113,13 +131,9 @@ module Angus
|
|
113
131
|
end
|
114
132
|
|
115
133
|
def session_expired?
|
116
|
-
|
117
|
-
|
118
|
-
created_at = Time.iso8601(session_data['created_at'])
|
134
|
+
created_at = Time.iso8601(get_session_data['created_at'])
|
119
135
|
|
120
136
|
(created_at + @session_ttl) < Time.now
|
121
|
-
rescue Exception
|
122
|
-
true
|
123
137
|
end
|
124
138
|
|
125
139
|
def auth_data
|
metadata
CHANGED
@@ -1,20 +1,18 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: angus-authentication
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.0.
|
5
|
-
prerelease:
|
4
|
+
version: 0.0.6
|
6
5
|
platform: ruby
|
7
6
|
authors:
|
8
7
|
- Adrian Gomez
|
9
8
|
autorequire:
|
10
9
|
bindir: bin
|
11
10
|
cert_chain: []
|
12
|
-
date:
|
11
|
+
date: 2014-04-21 00:00:00.000000000 Z
|
13
12
|
dependencies:
|
14
13
|
- !ruby/object:Gem::Dependency
|
15
14
|
name: rack
|
16
15
|
requirement: !ruby/object:Gem::Requirement
|
17
|
-
none: false
|
18
16
|
requirements:
|
19
17
|
- - ~>
|
20
18
|
- !ruby/object:Gem::Version
|
@@ -22,7 +20,6 @@ dependencies:
|
|
22
20
|
type: :runtime
|
23
21
|
prerelease: false
|
24
22
|
version_requirements: !ruby/object:Gem::Requirement
|
25
|
-
none: false
|
26
23
|
requirements:
|
27
24
|
- - ~>
|
28
25
|
- !ruby/object:Gem::Version
|
@@ -30,23 +27,20 @@ dependencies:
|
|
30
27
|
- !ruby/object:Gem::Dependency
|
31
28
|
name: redis
|
32
29
|
requirement: !ruby/object:Gem::Requirement
|
33
|
-
none: false
|
34
30
|
requirements:
|
35
|
-
- -
|
31
|
+
- - '>='
|
36
32
|
- !ruby/object:Gem::Version
|
37
33
|
version: '0'
|
38
34
|
type: :runtime
|
39
35
|
prerelease: false
|
40
36
|
version_requirements: !ruby/object:Gem::Requirement
|
41
|
-
none: false
|
42
37
|
requirements:
|
43
|
-
- -
|
38
|
+
- - '>='
|
44
39
|
- !ruby/object:Gem::Version
|
45
40
|
version: '0'
|
46
41
|
- !ruby/object:Gem::Dependency
|
47
42
|
name: bcrypt-ruby
|
48
43
|
requirement: !ruby/object:Gem::Requirement
|
49
|
-
none: false
|
50
44
|
requirements:
|
51
45
|
- - ~>
|
52
46
|
- !ruby/object:Gem::Version
|
@@ -54,7 +48,6 @@ dependencies:
|
|
54
48
|
type: :runtime
|
55
49
|
prerelease: false
|
56
50
|
version_requirements: !ruby/object:Gem::Requirement
|
57
|
-
none: false
|
58
51
|
requirements:
|
59
52
|
- - ~>
|
60
53
|
- !ruby/object:Gem::Version
|
@@ -62,7 +55,6 @@ dependencies:
|
|
62
55
|
- !ruby/object:Gem::Dependency
|
63
56
|
name: connection_pool
|
64
57
|
requirement: !ruby/object:Gem::Requirement
|
65
|
-
none: false
|
66
58
|
requirements:
|
67
59
|
- - ~>
|
68
60
|
- !ruby/object:Gem::Version
|
@@ -70,7 +62,6 @@ dependencies:
|
|
70
62
|
type: :runtime
|
71
63
|
prerelease: false
|
72
64
|
version_requirements: !ruby/object:Gem::Requirement
|
73
|
-
none: false
|
74
65
|
requirements:
|
75
66
|
- - ~>
|
76
67
|
- !ruby/object:Gem::Version
|
@@ -78,7 +69,6 @@ dependencies:
|
|
78
69
|
- !ruby/object:Gem::Dependency
|
79
70
|
name: rake
|
80
71
|
requirement: !ruby/object:Gem::Requirement
|
81
|
-
none: false
|
82
72
|
requirements:
|
83
73
|
- - ~>
|
84
74
|
- !ruby/object:Gem::Version
|
@@ -86,7 +76,6 @@ dependencies:
|
|
86
76
|
type: :development
|
87
77
|
prerelease: false
|
88
78
|
version_requirements: !ruby/object:Gem::Requirement
|
89
|
-
none: false
|
90
79
|
requirements:
|
91
80
|
- - ~>
|
92
81
|
- !ruby/object:Gem::Version
|
@@ -94,7 +83,6 @@ dependencies:
|
|
94
83
|
- !ruby/object:Gem::Dependency
|
95
84
|
name: rspec
|
96
85
|
requirement: !ruby/object:Gem::Requirement
|
97
|
-
none: false
|
98
86
|
requirements:
|
99
87
|
- - ~>
|
100
88
|
- !ruby/object:Gem::Version
|
@@ -102,7 +90,6 @@ dependencies:
|
|
102
90
|
type: :development
|
103
91
|
prerelease: false
|
104
92
|
version_requirements: !ruby/object:Gem::Requirement
|
105
|
-
none: false
|
106
93
|
requirements:
|
107
94
|
- - ~>
|
108
95
|
- !ruby/object:Gem::Version
|
@@ -110,7 +97,6 @@ dependencies:
|
|
110
97
|
- !ruby/object:Gem::Dependency
|
111
98
|
name: rack-test
|
112
99
|
requirement: !ruby/object:Gem::Requirement
|
113
|
-
none: false
|
114
100
|
requirements:
|
115
101
|
- - ~>
|
116
102
|
- !ruby/object:Gem::Version
|
@@ -118,7 +104,6 @@ dependencies:
|
|
118
104
|
type: :development
|
119
105
|
prerelease: false
|
120
106
|
version_requirements: !ruby/object:Gem::Requirement
|
121
|
-
none: false
|
122
107
|
requirements:
|
123
108
|
- - ~>
|
124
109
|
- !ruby/object:Gem::Version
|
@@ -126,39 +111,34 @@ dependencies:
|
|
126
111
|
- !ruby/object:Gem::Dependency
|
127
112
|
name: mock_redis
|
128
113
|
requirement: !ruby/object:Gem::Requirement
|
129
|
-
none: false
|
130
114
|
requirements:
|
131
|
-
- -
|
115
|
+
- - '>='
|
132
116
|
- !ruby/object:Gem::Version
|
133
117
|
version: '0'
|
134
118
|
type: :development
|
135
119
|
prerelease: false
|
136
120
|
version_requirements: !ruby/object:Gem::Requirement
|
137
|
-
none: false
|
138
121
|
requirements:
|
139
|
-
- -
|
122
|
+
- - '>='
|
140
123
|
- !ruby/object:Gem::Version
|
141
124
|
version: '0'
|
142
125
|
- !ruby/object:Gem::Dependency
|
143
126
|
name: timecop
|
144
127
|
requirement: !ruby/object:Gem::Requirement
|
145
|
-
none: false
|
146
128
|
requirements:
|
147
|
-
- -
|
129
|
+
- - '>='
|
148
130
|
- !ruby/object:Gem::Version
|
149
131
|
version: '0'
|
150
132
|
type: :development
|
151
133
|
prerelease: false
|
152
134
|
version_requirements: !ruby/object:Gem::Requirement
|
153
|
-
none: false
|
154
135
|
requirements:
|
155
|
-
- -
|
136
|
+
- - '>='
|
156
137
|
- !ruby/object:Gem::Version
|
157
138
|
version: '0'
|
158
139
|
- !ruby/object:Gem::Dependency
|
159
140
|
name: simplecov
|
160
141
|
requirement: !ruby/object:Gem::Requirement
|
161
|
-
none: false
|
162
142
|
requirements:
|
163
143
|
- - ~>
|
164
144
|
- !ruby/object:Gem::Version
|
@@ -166,7 +146,6 @@ dependencies:
|
|
166
146
|
type: :development
|
167
147
|
prerelease: false
|
168
148
|
version_requirements: !ruby/object:Gem::Requirement
|
169
|
-
none: false
|
170
149
|
requirements:
|
171
150
|
- - ~>
|
172
151
|
- !ruby/object:Gem::Version
|
@@ -174,49 +153,43 @@ dependencies:
|
|
174
153
|
- !ruby/object:Gem::Dependency
|
175
154
|
name: simplecov-rcov
|
176
155
|
requirement: !ruby/object:Gem::Requirement
|
177
|
-
none: false
|
178
156
|
requirements:
|
179
|
-
- -
|
157
|
+
- - '>='
|
180
158
|
- !ruby/object:Gem::Version
|
181
159
|
version: '0'
|
182
160
|
type: :development
|
183
161
|
prerelease: false
|
184
162
|
version_requirements: !ruby/object:Gem::Requirement
|
185
|
-
none: false
|
186
163
|
requirements:
|
187
|
-
- -
|
164
|
+
- - '>='
|
188
165
|
- !ruby/object:Gem::Version
|
189
166
|
version: '0'
|
190
167
|
- !ruby/object:Gem::Dependency
|
191
168
|
name: simplecov-rcov-text
|
192
169
|
requirement: !ruby/object:Gem::Requirement
|
193
|
-
none: false
|
194
170
|
requirements:
|
195
|
-
- -
|
171
|
+
- - '>='
|
196
172
|
- !ruby/object:Gem::Version
|
197
173
|
version: '0'
|
198
174
|
type: :development
|
199
175
|
prerelease: false
|
200
176
|
version_requirements: !ruby/object:Gem::Requirement
|
201
|
-
none: false
|
202
177
|
requirements:
|
203
|
-
- -
|
178
|
+
- - '>='
|
204
179
|
- !ruby/object:Gem::Version
|
205
180
|
version: '0'
|
206
181
|
- !ruby/object:Gem::Dependency
|
207
182
|
name: ci_reporter
|
208
183
|
requirement: !ruby/object:Gem::Requirement
|
209
|
-
none: false
|
210
184
|
requirements:
|
211
|
-
- -
|
185
|
+
- - '>='
|
212
186
|
- !ruby/object:Gem::Version
|
213
187
|
version: '0'
|
214
188
|
type: :development
|
215
189
|
prerelease: false
|
216
190
|
version_requirements: !ruby/object:Gem::Requirement
|
217
|
-
none: false
|
218
191
|
requirements:
|
219
|
-
- -
|
192
|
+
- - '>='
|
220
193
|
- !ruby/object:Gem::Version
|
221
194
|
version: '0'
|
222
195
|
description:
|
@@ -226,36 +199,35 @@ executables: []
|
|
226
199
|
extensions: []
|
227
200
|
extra_rdoc_files: []
|
228
201
|
files:
|
202
|
+
- lib/angus-authentication.rb
|
229
203
|
- lib/angus/authentication/default_authenticator.rb
|
230
|
-
- lib/angus/authentication/version.rb
|
231
204
|
- lib/angus/authentication/exceptions.rb
|
232
|
-
- lib/angus/authentication/redis_store.rb
|
233
205
|
- lib/angus/authentication/provider.rb
|
234
|
-
- lib/angus
|
206
|
+
- lib/angus/authentication/redis_store.rb
|
207
|
+
- lib/angus/authentication/version.rb
|
235
208
|
- lib/rack/middleware/angus_authentication.rb
|
236
|
-
homepage:
|
209
|
+
homepage: https://github.com/Moove-it/angus-authentication
|
237
210
|
licenses:
|
238
211
|
- MIT
|
212
|
+
metadata: {}
|
239
213
|
post_install_message:
|
240
214
|
rdoc_options: []
|
241
215
|
require_paths:
|
242
216
|
- lib
|
243
217
|
required_ruby_version: !ruby/object:Gem::Requirement
|
244
|
-
none: false
|
245
218
|
requirements:
|
246
|
-
- -
|
219
|
+
- - '>='
|
247
220
|
- !ruby/object:Gem::Version
|
248
221
|
version: '0'
|
249
222
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
250
|
-
none: false
|
251
223
|
requirements:
|
252
|
-
- -
|
224
|
+
- - '>='
|
253
225
|
- !ruby/object:Gem::Version
|
254
226
|
version: '0'
|
255
227
|
requirements: []
|
256
228
|
rubyforge_project:
|
257
|
-
rubygems_version:
|
229
|
+
rubygems_version: 2.2.1
|
258
230
|
signing_key:
|
259
|
-
specification_version:
|
231
|
+
specification_version: 4
|
260
232
|
summary: Offers authentication for rack applications.
|
261
233
|
test_files: []
|