apache_secure_download 0.0.3.217 → 0.0.4.218
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- data/ChangeLog +6 -3
- data/README +3 -1
- data/lib/apache/secure_download/util.rb +44 -0
- data/lib/apache/secure_download/version.rb +1 -1
- data/lib/apache/secure_download.rb +10 -0
- metadata +2 -2
data/ChangeLog
CHANGED
|
@@ -1,10 +1,13 @@
|
|
|
1
1
|
= Revision history for apache_secure_download
|
|
2
2
|
|
|
3
|
+
== 0.0.4 [2008-02-26]
|
|
4
|
+
|
|
5
|
+
* Some documentation, at last
|
|
6
|
+
|
|
3
7
|
== 0.0.3 [2008-02-25]
|
|
4
8
|
|
|
5
|
-
* Apache::SecureDownload::Util.secure_url
|
|
6
|
-
|
|
7
|
-
** can create cacheable URLs by setting the <tt>:cache</tt> option
|
|
9
|
+
* Apache::SecureDownload::Util.secure_url also takes a hash with options instead of explicit expiration time
|
|
10
|
+
* Apache::SecureDownload::Util.secure_url can create cacheable URLs by setting the <tt>:cache</tt> option
|
|
8
11
|
|
|
9
12
|
== 0.0.2 [2008-02-20]
|
|
10
13
|
|
data/README
CHANGED
|
@@ -2,7 +2,7 @@
|
|
|
2
2
|
|
|
3
3
|
== VERSION
|
|
4
4
|
|
|
5
|
-
This documentation refers to apache_secure_download version 0.0.
|
|
5
|
+
This documentation refers to apache_secure_download version 0.0.4
|
|
6
6
|
|
|
7
7
|
|
|
8
8
|
== DESCRIPTION
|
|
@@ -38,6 +38,8 @@ And create links to your resources with timestamp and token:
|
|
|
38
38
|
# specify expiration time using an offset (results in Time.now + 60; also includes caching for 60 seconds):
|
|
39
39
|
url = Apache::SecureDownload::Util.secure_url("secret", path, :offset => 60)
|
|
40
40
|
|
|
41
|
+
See Apache::SecureDownload::Util.secure_url for more examples.
|
|
42
|
+
|
|
41
43
|
|
|
42
44
|
== AUTHORS
|
|
43
45
|
|
|
@@ -37,10 +37,54 @@ module Apache
|
|
|
37
37
|
|
|
38
38
|
extend self
|
|
39
39
|
|
|
40
|
+
# Computes the token from +secret+, +path+, and +timestamp+.
|
|
40
41
|
def token(secret, path, timestamp)
|
|
41
42
|
Digest::SHA1.hexdigest(secret + path + timestamp.to_s)
|
|
42
43
|
end
|
|
43
44
|
|
|
45
|
+
# Creates a valid URL to the secured resource, identified by +url+. The
|
|
46
|
+
# argument +secret+ is the shared secret string that has been passed to
|
|
47
|
+
# the relevant RubyAccessHandler instance (cf. SecureDownload.new).
|
|
48
|
+
#
|
|
49
|
+
# The expiration time may be either given as a Time (or Integer), or as
|
|
50
|
+
# a Hash with the following parameters:
|
|
51
|
+
#
|
|
52
|
+
# <tt>:expires</tt>:: Same as for the simple +expires+ argument
|
|
53
|
+
# <tt>:offset</tt>:: The amount of seconds in the future (only if
|
|
54
|
+
# <tt>:expires</tt> is not given)
|
|
55
|
+
# <tt>:cache</tt>:: A time window for which identical URLs shall be
|
|
56
|
+
# produced, on average (defaults to <tt>:offset</tt>,
|
|
57
|
+
# if given)
|
|
58
|
+
#
|
|
59
|
+
# Examples (<tt>s = "secret"</tt>):
|
|
60
|
+
#
|
|
61
|
+
# # Only the path component (and an optional query component) will be taken into account
|
|
62
|
+
# secure_url(s, "/secure/url") #=> "/secure/url?timestamp=1204024618&token=4dd9ebe9d3c9bc0efbeea7e1ee453a8c41d5e04d"
|
|
63
|
+
# secure_url(s, "http://example.com/secure/url") #=> "http://example.com/secure/url?timestamp=1204024618&token=4dd9ebe9d3c9bc0efbeea7e1ee453a8c41d5e04d"
|
|
64
|
+
# secure_url(s, "/secure/url?query=value") #=> "/secure/url?query=value×tamp=1204024618&token=4732b30f5899821426bd0c15da363c60cc4f943b"
|
|
65
|
+
#
|
|
66
|
+
# # Expires in 10 minutes
|
|
67
|
+
# secure_url(s, "/secure/url", Time.now + 600) #=> "/secure/url?timestamp=1204025158&token=efefcd93f8065836cf576b34e1849075c3d56bbf"
|
|
68
|
+
# secure_url(s, "/secure/url", :offset => 600) #=> "/secure/url?timestamp=1204026000&token=58eb12f9fc3fcd984fe4e918d3fd0590392c172d"
|
|
69
|
+
#
|
|
70
|
+
# # Setting an offset will also allow caching; turn it off explicitly
|
|
71
|
+
# secure_url(s, "/secure/url", :offset => 600, :cache => false) #=> "/secure/url?timestamp=1204025158&token=efefcd93f8065836cf576b34e1849075c3d56bbf"
|
|
72
|
+
#
|
|
73
|
+
# # Produce identical URLs for a window of 1 minute (on average)
|
|
74
|
+
# t = Time.now
|
|
75
|
+
# secure_url(s, "/secure/url", :expires => t, :cache => 60) #=> "/secure/url?timestamp=1204024620&token=d4f9145f45c5826b50506c770cc204e22c3b7a21"
|
|
76
|
+
# secure_url(s, "/secure/url", :expires => t + 30, :cache => 60) #=> "/secure/url?timestamp=1204024620&token=d4f9145f45c5826b50506c770cc204e22c3b7a21"
|
|
77
|
+
# secure_url(s, "/secure/url", :expires => t + 60, :cache => 60) #=> "/secure/url?timestamp=1204024680&token=ccf279daf1787d34ad063cbf5851ee88aae967fb"
|
|
78
|
+
# secure_url(s, "/secure/url", :expires => t + 90, :cache => 60) #=> "/secure/url?timestamp=1204024680&token=ccf279daf1787d34ad063cbf5851ee88aae967fb"
|
|
79
|
+
#
|
|
80
|
+
# # Same as before, but use offset
|
|
81
|
+
# secure_url(s, "/secure/url", :offset => 60) #=> "/secure/url?timestamp=1204024680&token=ccf279daf1787d34ad063cbf5851ee88aae967fb"
|
|
82
|
+
# # 30 seconds later...
|
|
83
|
+
# secure_url(s, "/secure/url", :offset => 60) #=> "/secure/url?timestamp=1204024680&token=ccf279daf1787d34ad063cbf5851ee88aae967fb"
|
|
84
|
+
# # 30 seconds later...
|
|
85
|
+
# secure_url(s, "/secure/url", :offset => 60) #=> "/secure/url?timestamp=1204024740&token=c7dcea5679ad539a7bad1dc4b7f44eb3dd36d6e8"
|
|
86
|
+
# # 30 seconds later...
|
|
87
|
+
# secure_url(s, "/secure/url", :offset => 60) #=> "/secure/url?timestamp=1204024740&token=c7dcea5679ad539a7bad1dc4b7f44eb3dd36d6e8"
|
|
44
88
|
def secure_url(secret, url, expires = Time.now + 60)
|
|
45
89
|
path, _, query = URI.split(url)[5..7]
|
|
46
90
|
path << '?' << query if query
|
|
@@ -34,10 +34,20 @@ module Apache
|
|
|
34
34
|
|
|
35
35
|
class SecureDownload
|
|
36
36
|
|
|
37
|
+
# Creates a new RubyAccessHandler instance for the Apache web server.
|
|
38
|
+
# The argument +secret+ is the shared secret string that the application
|
|
39
|
+
# uses to create valid URLs (tokens).
|
|
37
40
|
def initialize(secret)
|
|
38
41
|
raise ArgumentError, 'secret string missing' unless @secret = secret
|
|
39
42
|
end
|
|
40
43
|
|
|
44
|
+
# Checks whether the current +request+ satisfies the following requirements:
|
|
45
|
+
#
|
|
46
|
+
# 1. The expiration time lies in the future (i.e., not expired)
|
|
47
|
+
# 2. The token is valid for the requested URL and the given timestamp
|
|
48
|
+
#
|
|
49
|
+
# If either condition doesn't hold true, access to the requested resource
|
|
50
|
+
# is forbidden!
|
|
41
51
|
def check_access(request)
|
|
42
52
|
timestamp = request.param('timestamp')
|
|
43
53
|
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: apache_secure_download
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.0.
|
|
4
|
+
version: 0.0.4.218
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Jens Wille
|
|
@@ -9,7 +9,7 @@ autorequire:
|
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
11
|
|
|
12
|
-
date: 2008-02-
|
|
12
|
+
date: 2008-02-26 00:00:00 +01:00
|
|
13
13
|
default_executable:
|
|
14
14
|
dependencies: []
|
|
15
15
|
|