api-auth 0.9.0 → 0.9.1

data/Gemfile.lock

@@ -0,0 +1,43 @@
+GEM
+  remote: http://rubygems.org/
+  specs:
+    actionpack (2.3.10)
+      activesupport (= 2.3.10)
+      rack (~> 1.1.0)
+    activeresource (2.3.10)
+      activesupport (= 2.3.10)
+    activesupport (2.3.10)
+    amatch (0.2.5)
+    curb (0.7.10)
+    diff-lcs (1.1.2)
+    git (1.2.5)
+    jeweler (1.5.2)
+      bundler (~> 1.0.0)
+      git (>= 1.2.5)
+      rake
+    mime-types (1.16)
+    rack (1.1.0)
+    rake (0.8.7)
+    rest-client (1.6.1)
+      mime-types (>= 1.16)
+    rspec (2.4.0)
+      rspec-core (~> 2.4.0)
+      rspec-expectations (~> 2.4.0)
+      rspec-mocks (~> 2.4.0)
+    rspec-core (2.4.0)
+    rspec-expectations (2.4.0)
+      diff-lcs (~> 1.1.2)
+    rspec-mocks (2.4.0)
+
+PLATFORMS
+  ruby
+
+DEPENDENCIES
+  actionpack (~> 2.3.2)
+  activeresource (~> 2.3.2)
+  amatch (~> 0.2.5)
+  bundler (~> 1.0.0)
+  curb (~> 0.7.7)
+  jeweler (~> 1.5.2)
+  rest-client (~> 1.6.0)
+  rspec (~> 2.4.0)

data/README.md

@@ -1,11 +1,11 @@
-api-auth
-========
+ApiAuth
+=======
 
 Logins and passwords are for humans. Communication between applications need to 
 be protected through different means.
 
-api-auth is Ruby gem designed to be used both in your client and server
-HTTP-based applications. It implements the same authentication methods (HMAC) 
+ApiAuth is a Ruby gem designed to be used both in your client and server
+HTTP-based applications. It implements the same authentication methods (HMAC-SHA1) 
 used by Amazon Web Services.
 
 The gem will sign your requests on the client side and authenticate that 
@@ -14,28 +14,25 @@ Rails ActiveResource, it will integrate with that. It will even generate the
 secret keys necessary for your clients to sign their requests.
 
 Since it operates entirely using HTTP headers, the server component does not 
-have to be written in the same language as the clients. Any language with 
-OpenSSL bindings will suffice.
+have to be written in the same language as the clients.
 
 How it works
 ------------
 
 1. A canonical string is first created using your HTTP headers containing the 
-content-type, content-MD5, request URI and the 
-timestamp. The canonical string string is computed as follows:
+content-type, content-MD5, request URI and the timestamp. If content-type or 
+content-MD5 are not present, then a blank string is used in their place. If the 
+timestamp isn't present, a valid HTTP date is automatically added to the 
+request. The canonical string string is computed as follows:
 
-    canonical_string = "<content-type>,<content-MD5>,<URI>,<timestamp>"
-
-If content-type or content-MD5 are not present, then a blank string is used in 
-their place. If the timestamp isn't present, a valid HTTP date is automatically 
-added to the request.
+    canonical_string = 'content-type,content-MD5,request URI,timestamp'
 
 2. This string is then used to create the signature which is a Base64 encoded 
 SHA1 HMAC, using the client's private secret key.
 
 3. This signature is then added as the `Authorization` HTTP header in the form:
 
-    Authorization = APIAuth <client access id>:<signature from step 2>
+    Authorization = APIAuth 'client access id':'signature from step 2'
         
 5. On the server side, the SHA1 HMAC is computed in the same way using the 
 request headers and the client's secret key, which is known to only 
@@ -52,18 +49,19 @@ References
 * [HMAC algorithm](http://en.wikipedia.org/wiki/HMAC)
 * [RFC 2104 (HMAC)](http://tools.ietf.org/html/rfc2104)
 
-Usage
------
+Install
+-------
 
-### Install ###
+The gem doesn't have any dependencies outside of having a working OpenSSL 
+configuration for your Ruby VM. To install:
 
-    [sudo] gem install api-auth
+    [sudo] gem install api_auth
     
-### Supported Request Objects ###
+Clients
+-------
 
-ApiAuth supports most request objects. With the support of 
-ActionController::Request, ApiAuth is fully compatible with Rails. Support for 
-other request objects can be added as a request driver.
+ApiAuth supports many popular HTTP clients. Support for other clients can be 
+added as a request driver.
 
 Here is the current list of supported request objects:
 
@@ -71,16 +69,100 @@ Here is the current list of supported request objects:
 * ActionController::Request
 * Curb (Curl::Easy)
 * RestClient
+
+### HTTP Client Objects ###
+
+Here's a sample implementation of signing a request created with RestClient. For
+more examples, please check out the ApiAuth Spec where every supported HTTP 
+client is tested.
+
+Assuming you have a client access id and secret as follows:
+
+    @access_id = "1044"
+    @secret_key = ApiAuth.generate_secret_key
     
-### ActiveResource ###
+A typical RestClient PUT request may look like:
+
+    headers = { 'Content-MD5' => "e59ff97941044f85df5297e1c302d260",
+        'Content-Type' => "text/plain",
+        'Date' => "Mon, 23 Jan 1984 03:29:56 GMT" }
+    @request = RestClient::Request.new(:url => "/resource.xml?foo=bar&bar=foo", 
+        :headers => headers,
+        :method => :put)
+        
+To sign that request, simply call the `sign!` method as follows:
+
+    @signed_request = ApiAuth.sign!(@request, @access_id, @secret_key)
+    
+The proper `Authorization` request header has now been added to that request 
+object and it's ready to be transmitted. It's recommended that you sign the 
+request as one of the last steps in building the request to ensure the headers 
+don't change after the signing process which would cause the authentication 
+check to fail on the server side.
+    
+### ActiveResource Clients ###
+
+ApiAuth can transparently protect your ActiveResource communications with a 
+single configuration line:
 
     class MyResource < ActiveResource::Base
-      with_api_auth(<access_id>, <secret_key>)
+      with_api_auth(access_id, secret_key)
+    end
+    
+This will automatically sign all outgoing ActiveResource requests from your app.
+
+Server
+------
+
+ApiAuth provides some built in methods to help you generate API keys for your 
+clients as well as verifying incoming API requests.
+
+To generate a Base64 encoded API key for a client:
+
+    ApiAuth.generate_secret_key
+    
+To validate whether or not a request is authentic:
+    
+    ApiAuth.authentic?(signed_request, secret_key)
+    
+If your server is a Rails app, the signed request will be the `request` object. 
+
+In order to obtain the secret key for the client, you first need to look up the 
+client's access_id. ApiAuth can pull that from the request headers for you:
+
+    ApiAuth.access_id(signed_request)
+    
+Once you've looked up the client's record via the access id, you can then verify
+whether or not the request is authentic. Typically, the access id for the client
+will be their record's primary key in the DB that stores the record or some other
+public unique identifier for the client.
+
+Here's a sample method that can be used in a `before_filter` if your server is a 
+Rails app:
+
+    before_filter :api_authenticate
+
+    def api_authenticate
+      @current_account = Account.find_by_access_id(ApiAuth.access_id(request))
+      return ApiAuth.authentic?(request, @current_account.secret_key) unless @current_account.nil?
+      false
     end
+    
+Development
+-----------
 
-### Server ###
+ApiAuth uses bundler for gem dependencies and RSpec for testing. Developing the
+gem requires that you have all supported HTTP clients installed. Bundler will 
+take care of all that for you.
 
+To run the tests:
 
+    rake spec
+    
+If you'd like to add support for additional HTTP clients, check out the already
+implemented drivers in `lib/api_auth/request_drivers` for reference. All of 
+the public methods for each driver are required to be implemented by your driver.
+        
 Authors
 -------
 

data/Rakefile

@@ -12,7 +12,7 @@ require 'rake'
 require 'jeweler'
 Jeweler::Tasks.new do |gem|
   gem.name = "api-auth"
-  gem.homepage = "http://github.com/geminisbs/api-auth"
+  gem.homepage = "http://github.com/mgomes/api_auth"
   gem.license = "MIT"
   gem.summary = %Q{Simple HMAC authentication for your APIs}
   gem.description = %Q{Full HMAC auth implementation for use in your gems and Rails apps.}
@@ -39,7 +39,7 @@ Rake::RDocTask.new do |rdoc|
   version = File.exist?('VERSION') ? File.read('VERSION') : ""
 
   rdoc.rdoc_dir = 'rdoc'
-  rdoc.title = "api-auth #{version}"
+  rdoc.title = "api_auth #{version}"
   rdoc.rdoc_files.include('README*')
   rdoc.rdoc_files.include('lib/**/*.rb')
 end

data/VERSION

@@ -0,0 +1 @@
+0.9.1

data/api_auth.gemspec

@@ -0,0 +1,75 @@
+# Generated by jeweler
+# DO NOT EDIT THIS FILE DIRECTLY
+# Instead, edit Jeweler::Tasks in Rakefile, and run 'rake gemspec'
+# -*- encoding: utf-8 -*-
+
+Gem::Specification.new do |s|
+  s.name = %q{api_auth}
+  s.version = "0.9.0"
+
+  s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
+  s.authors = ["Mauricio Gomes"]
+  s.date = %q{2011-01-30}
+  s.description = %q{Full HMAC auth implementation for use in your gems and Rails apps.}
+  s.email = %q{mgomes@geminisbs.com}
+  s.extra_rdoc_files = [
+    "LICENSE.txt",
+    "README.md"
+  ]
+  s.files = [
+    ".document",
+    ".rspec",
+    "Gemfile",
+    "LICENSE.txt",
+    "Rakefile",
+    "lib/api_auth.rb",
+    "spec/api_auth_spec.rb",
+    "spec/spec_helper.rb"
+  ]
+  s.homepage = %q{http://github.com/geminisbs/api-auth}
+  s.licenses = ["MIT"]
+  s.require_paths = ["lib"]
+  s.rubygems_version = %q{1.4.1}
+  s.summary = %q{Simple HMAC authentication for your APIs}
+  s.test_files = [
+    "spec/api_auth_spec.rb",
+    "spec/headers_spec.rb",
+    "spec/helpers_spec.rb",
+    "spec/railtie_spec.rb",
+    "spec/spec_helper.rb"
+  ]
+
+  if s.respond_to? :specification_version then
+    s.specification_version = 3
+
+    if Gem::Version.new(Gem::VERSION) >= Gem::Version.new('1.2.0') then
+      s.add_development_dependency(%q<rspec>, ["~> 2.4.0"])
+      s.add_development_dependency(%q<bundler>, ["~> 1.0.0"])
+      s.add_development_dependency(%q<jeweler>, ["~> 1.5.2"])
+      s.add_development_dependency(%q<amatch>, ["~> 0.2.5"])
+      s.add_development_dependency(%q<curb>, ["~> 0.7.7"])
+      s.add_development_dependency(%q<rest-client>, ["~> 1.6.0"])
+      s.add_development_dependency(%q<actionpack>, ["~> 2.3.2"])
+      s.add_development_dependency(%q<activeresource>, ["~> 2.3.2"])
+    else
+      s.add_dependency(%q<rspec>, ["~> 2.4.0"])
+      s.add_dependency(%q<bundler>, ["~> 1.0.0"])
+      s.add_dependency(%q<jeweler>, ["~> 1.5.2"])
+      s.add_dependency(%q<amatch>, ["~> 0.2.5"])
+      s.add_dependency(%q<curb>, ["~> 0.7.7"])
+      s.add_dependency(%q<rest-client>, ["~> 1.6.0"])
+      s.add_dependency(%q<actionpack>, ["~> 2.3.2"])
+      s.add_dependency(%q<activeresource>, ["~> 2.3.2"])
+    end
+  else
+    s.add_dependency(%q<rspec>, ["~> 2.4.0"])
+    s.add_dependency(%q<bundler>, ["~> 1.0.0"])
+    s.add_dependency(%q<jeweler>, ["~> 1.5.2"])
+    s.add_dependency(%q<amatch>, ["~> 0.2.5"])
+    s.add_dependency(%q<curb>, ["~> 0.7.7"])
+    s.add_dependency(%q<rest-client>, ["~> 1.6.0"])
+    s.add_dependency(%q<actionpack>, ["~> 2.3.2"])
+    s.add_dependency(%q<activeresource>, ["~> 2.3.2"])
+  end
+end
+

data/lib/api-auth.rb

@@ -1,14 +1,2 @@
-require 'openssl'
-require 'base64'
-
-require 'api-auth/errors'
-require 'api-auth/helpers'
-
-require 'api-auth/request_drivers/net_http'
-require 'api-auth/request_drivers/curb'
-require 'api-auth/request_drivers/rest_client'
-require 'api-auth/request_drivers/action_controller'
-
-require 'api-auth/headers'
-require 'api-auth/base'
-require 'api-auth/railtie'
+# So you can require "api-auth" instead of "api_auth"
+require "api_auth"

data/lib/api_auth.rb

@@ -0,0 +1,14 @@
+require 'openssl'
+require 'base64'
+
+require 'api_auth/errors'
+require 'api_auth/helpers'
+
+require 'api_auth/request_drivers/net_http'
+require 'api_auth/request_drivers/curb'
+require 'api_auth/request_drivers/rest_client'
+require 'api_auth/request_drivers/action_controller'
+
+require 'api_auth/headers'
+require 'api_auth/base'
+require 'api_auth/railtie'

data/lib/api_auth/base.rb

@@ -0,0 +1,81 @@
+# api-auth is Ruby gem designed to be used both in your client and server
+# HTTP-based applications. It implements the same authentication methods (HMAC) 
+# used by Amazon Web Services.
+
+# The gem will sign your requests on the client side and authenticate that 
+# signature on the server side. If your server resources are implemented as a 
+# Rails ActiveResource, it will integrate with that. It will even generate the 
+# secret keys necessary for your clients to sign their requests.
+module ApiAuth
+  
+  class << self
+    
+    include Helpers
+    
+    # Signs an HTTP request using the client's access id and secret key.
+    # Returns the HTTP request object with the modified headers.
+    #
+    # request: The request can be a Net::HTTP, ActionController::Request, 
+    # Curb (Curl::Easy) or a RestClient object.
+    #
+    # access_id: The public unique identifier for the client
+    #
+    # secret_key: assigned secret key that is known to both parties 
+    def sign!(request, access_id, secret_key)
+      headers = Headers.new(request)
+      headers.sign_header auth_header(request, access_id, secret_key)
+    end
+    
+    # Determines if the request is authentic given the request and the client's
+    # secret key. Returns true if the request is authentic and false otherwise.
+    def authentic?(request, secret_key)
+      return false if secret_key.nil?
+      
+      headers = Headers.new(request)
+      if match_data = parse_auth_header(headers.authorization_header)
+        hmac = match_data[2]
+        return hmac == hmac_signature(request, secret_key)
+      end
+      
+      false
+    end
+    
+    # Returns the access id from the request's authorization header
+    def access_id(request)
+      headers = Headers.new(request)
+      if match_data = parse_auth_header(headers.authorization_header)
+        return match_data[1]
+      end
+      
+      nil
+    end
+    
+    # Generates a Base64 encoded, randomized secret key
+    #
+    # Store this key along with the access key that will be used for 
+    # authenticating the client
+    def generate_secret_key
+      random_bytes = OpenSSL::Random.random_bytes(512)
+      b64_encode(Digest::SHA2.new(512).digest(random_bytes))
+    end
+    
+  private
+  
+    def hmac_signature(request, secret_key)
+      headers = Headers.new(request)
+      canonical_string = headers.canonical_string
+      digest = OpenSSL::Digest::Digest.new('sha1')
+      b64_encode(OpenSSL::HMAC.digest(digest, secret_key, canonical_string))
+    end
+    
+    def auth_header(request, access_id, secret_key)
+      "APIAuth #{access_id}:#{hmac_signature(request, secret_key)}"      
+    end
+    
+    def parse_auth_header(auth_header)
+      Regexp.new("APIAuth ([^:]+):(.+)$").match(auth_header)
+    end
+    
+  end # class methods
+  
+end # ApiAuth

data/lib/api_auth/errors.rb

@@ -0,0 +1,9 @@
+module ApiAuth
+  
+  # :nodoc:
+  class ApiAuthError < StandardError; end
+  
+  # Raised when the HTTP request object passed is not supported
+  class UnknownHTTPRequest < ApiAuthError; end
+  
+end

data/lib/api_auth/headers.rb

@@ -0,0 +1,53 @@
+module ApiAuth
+  
+  # Builds the canonical string given a request object.
+  class Headers
+    
+    include RequestDrivers
+    
+    def initialize(request)
+      @original_request = request
+      
+      case request.class.to_s
+      when /Net::HTTP/
+        @request = NetHttpRequest.new(request)
+      when /RestClient/
+        @request = RestClientRequest.new(request)
+      when /Curl::Easy/
+        @request = CurbRequest.new(request)
+      when /ActionController::Request/
+        @request = ActionControllerRequest.new(request)
+      when /ActionController::TestRequest/
+        @request = ActionControllerRequest.new(request)
+      else
+        raise UnknownHTTPRequest, "#{request.class.to_s} is not yet supported."
+      end
+      true
+    end
+    
+    # Returns the canonical string computed from the request's headers
+    def canonical_string
+      [ @request.content_type,
+        @request.content_md5,
+        @request.request_uri,
+        @request.timestamp
+      ].join(",")
+    end
+    
+    # Returns the authorization header from the request's headers
+    def authorization_header
+      @request.authorization_header
+    end
+    
+    # Sets the request's authorization header with the passed in value.
+    # The header should be the ApiAuth HMAC signature.
+    #
+    # This will return the original request object with the signed Authorization
+    # header already in place.
+    def sign_header(header)
+      @request.set_auth_header header
+    end
+    
+  end
+  
+end

data/lib/api_auth/helpers.rb

@@ -0,0 +1,19 @@
+module ApiAuth
+
+  module Helpers # :nodoc:
+    
+    # Remove the ending new line character added by default
+    def b64_encode(string)
+      Base64.encode64(string).strip
+    end
+    
+    # Capitalizes the keys of a hash
+    def capitalize_keys(hsh)
+      capitalized_hash = {}
+      hsh.each_pair {|k,v| capitalized_hash[k.to_s.upcase] = v }
+      capitalized_hash
+    end
+    
+  end
+  
+end

data/lib/api_auth/railtie.rb

@@ -0,0 +1,120 @@
+module ApiAuth
+
+  # Integration with Rails
+  #
+  class Rails # :nodoc:
+    
+    module ControllerMethods # :nodoc:
+      
+      module InstanceMethods # :nodoc:
+        
+        def get_api_access_id_from_request
+          ApiAuth.access_id(request)
+        end
+        
+        def api_authenticated?(secret_key)
+          ApiAuth.authentic?(request, secret_key)
+        end
+        
+      end
+      
+      unless defined?(ActionController)
+        begin
+          require 'rubygems'
+          gem 'actionpack'
+          gem 'activesupport'
+          require 'action_controller'
+          require 'active_support'
+        rescue
+          nil
+        end
+      end
+      
+      if defined?(ActionController::Base)        
+        ActionController::Base.send(:include, ControllerMethods::InstanceMethods)
+      end
+      
+    end # ControllerMethods
+  
+    module ActiveResourceExtension  # :nodoc:
+    
+      module ActiveResourceApiAuth # :nodoc:
+      
+        def self.included(base)
+          base.extend(ClassMethods)
+        
+          base.class_inheritable_accessor :hmac_access_id
+          base.class_inheritable_accessor :hmac_secret_key
+          base.class_inheritable_accessor :use_hmac
+        end
+      
+        module ClassMethods
+
+          def with_api_auth(access_id, secret_key)
+            self.hmac_access_id = access_id
+            self.hmac_secret_key = secret_key
+            self.use_hmac = true
+          
+            class << self
+              alias_method_chain :connection, :auth
+            end
+          end
+        
+          def connection_with_auth(refresh = false) 
+            c = connection_without_auth(refresh)
+            c.hmac_access_id = self.hmac_access_id
+            c.hmac_secret_key = self.hmac_secret_key
+            c.use_hmac = self.use_hmac
+            c
+          end   
+               
+        end # class methods
+      
+        module InstanceMethods
+        end
+      
+      end # BaseApiAuth
+    
+      module Connection
+      
+        def self.included(base)
+          base.send :alias_method_chain, :request, :auth
+          base.class_eval do
+            attr_accessor :hmac_secret_key, :hmac_access_id, :use_hmac
+          end
+        end
+
+        def request_with_auth(method, path, *arguments)
+          if use_hmac && hmac_access_id && hmac_secret_key
+            h = arguments.last
+            tmp = "Net::HTTP::#{method.to_s.capitalize}".constantize.new(path, h)
+            ApiAuth.sign!(tmp, hmac_access_id, hmac_secret_key)
+            arguments.last['DATE'] = tmp['DATE']
+            arguments.last['Authorization'] = tmp['Authorization']
+          end
+        
+          request_without_auth(method, path, *arguments)
+        end
+      
+      end # Connection
+          
+      unless defined?(ActiveResource)
+        begin
+          require 'rubygems'
+          gem 'activeresource'
+          require 'active_resource'
+        rescue
+          nil
+        end
+      end
+    
+      if defined?(ActiveResource)
+        ActiveResource::Base.send(:include, ActiveResourceApiAuth)        
+        ActiveResource::Connection.send(:include, Connection)
+      end 
+        
+    end # ActiveResourceExtension
+  
+  end # Rails
+  
+end # ApiAuth

data/lib/api_auth/request_drivers/action_controller.rb

@@ -0,0 +1,62 @@
+module ApiAuth
+  
+  module RequestDrivers # :nodoc:
+  
+    class ActionControllerRequest # :nodoc:
+      
+      include ApiAuth::Helpers
+
+      def initialize(request)
+        @request = request
+        @headers = fetch_headers
+        true
+      end
+      
+      def set_auth_header(header)
+        @request.env["Authorization"] = header
+        @headers = fetch_headers
+        @request
+      end
+      
+      def fetch_headers
+        capitalize_keys @request.env
+      end
+
+      def content_type
+        value = find_header(%w(CONTENT-TYPE CONTENT_TYPE HTTP_CONTENT_TYPE))
+        value.nil? ? "" : value
+      end
+
+      def content_md5
+        value = find_header(%w(CONTENT-MD5 CONTENT_MD5))
+        value.nil? ? "" : value
+      end
+
+      def request_uri
+        @request.path
+      end
+
+      def timestamp
+        value = find_header(%w(DATE HTTP_DATE))
+        if value.nil?
+          value = Time.now.utc.httpdate
+          @request.env['DATE'] = value
+        end
+        value
+      end
+
+      def authorization_header
+        find_header %w(Authorization AUTHORIZATION HTTP_AUTHORIZATION)
+      end
+
+    private
+
+      def find_header(keys)
+        keys.map {|key| @headers[key] }.compact.first
+      end
+
+    end
+    
+  end
+  
+end

data/lib/api_auth/request_drivers/curb.rb

@@ -0,0 +1,62 @@
+module ApiAuth
+  
+  module RequestDrivers # :nodoc:
+  
+    class CurbRequest # :nodoc:
+      
+      include ApiAuth::Helpers
+
+      def initialize(request)
+        @request = request
+        @headers = fetch_headers
+        true
+      end
+      
+      def set_auth_header(header)
+        @request.headers.merge!({ "Authorization" => header })
+        @headers = fetch_headers
+        @request
+      end
+      
+      def fetch_headers
+        capitalize_keys @request.headers
+      end
+
+      def content_type
+        value = find_header(%w(CONTENT-TYPE CONTENT_TYPE HTTP_CONTENT_TYPE))
+        value.nil? ? "" : value
+      end
+
+      def content_md5
+        value = find_header(%w(CONTENT-MD5 CONTENT_MD5))
+        value.nil? ? "" : value
+      end
+
+      def request_uri
+        @request.url
+      end
+
+      def timestamp
+        value = find_header(%w(DATE HTTP_DATE))
+        if value.nil?
+          value = Time.now.utc.httpdate
+          @request.headers.merge!({ "DATE" => value })
+        end
+        value
+      end
+
+      def authorization_header
+        find_header %w(Authorization AUTHORIZATION HTTP_AUTHORIZATION)
+      end
+
+    private
+
+      def find_header(keys)
+        keys.map {|key| @headers[key] }.compact.first
+      end
+
+    end
+    
+  end
+  
+end

data/lib/api_auth/request_drivers/net_http.rb

@@ -0,0 +1,60 @@
+module ApiAuth
+  
+  module RequestDrivers # :nodoc:
+  
+    class NetHttpRequest # :nodoc:
+
+      def initialize(request)
+        @request = request
+        @headers = fetch_headers
+        true
+      end
+      
+      def set_auth_header(header)
+        @request["Authorization"] = header
+        @headers = fetch_headers
+        @request
+      end
+      
+      def fetch_headers
+        @request
+      end
+
+      def content_type
+        value = find_header(%w(CONTENT-TYPE CONTENT_TYPE HTTP_CONTENT_TYPE))
+        value.nil? ? "" : value
+      end
+
+      def content_md5
+        value = find_header(%w(CONTENT-MD5 CONTENT_MD5))
+        value.nil? ? "" : value
+      end
+
+      def request_uri
+        @request.path
+      end
+
+      def timestamp
+        value = find_header(%w(DATE HTTP_DATE))
+        if value.nil?
+          value = Time.now.utc.httpdate
+          @request["DATE"] = value
+        end  
+        value
+      end
+
+      def authorization_header
+        find_header %w(Authorization AUTHORIZATION HTTP_AUTHORIZATION)
+      end
+
+    private
+
+      def find_header(keys)
+        keys.map {|key| @headers[key] }.compact.first
+      end
+
+    end
+    
+  end
+  
+end

data/lib/api_auth/request_drivers/rest_client.rb

@@ -0,0 +1,62 @@
+module ApiAuth
+  
+  module RequestDrivers # :nodoc:
+  
+    class RestClientRequest # :nodoc:
+      
+      include ApiAuth::Helpers
+
+      def initialize(request)
+        @request = request
+        @headers = fetch_headers
+        true
+      end
+      
+      def set_auth_header(header)
+        @request.headers.merge!({ "Authorization" => header })
+        @headers = fetch_headers
+        @request
+      end
+      
+      def fetch_headers
+        capitalize_keys @request.headers
+      end
+
+      def content_type
+        value = find_header(%w(CONTENT-TYPE CONTENT_TYPE HTTP_CONTENT_TYPE))
+        value.nil? ? "" : value
+      end
+
+      def content_md5
+        value = find_header(%w(CONTENT-MD5 CONTENT_MD5))
+        value.nil? ? "" : value
+      end
+
+      def request_uri
+        @request.url
+      end
+
+      def timestamp
+        value = find_header(%w(DATE HTTP_DATE))
+        if value.nil?
+          value = Time.now.utc.httpdate
+          @request.headers.merge!({ "DATE" => value })
+        end  
+        value
+      end
+
+      def authorization_header
+        find_header %w(Authorization AUTHORIZATION HTTP_AUTHORIZATION)
+      end
+
+    private
+
+      def find_header(keys)
+        keys.map {|key| @headers[key] }.compact.first
+      end
+
+    end
+    
+  end
+  
+end

data/spec/spec_helper.rb

@@ -1,7 +1,7 @@
 $LOAD_PATH.unshift(File.join(File.dirname(__FILE__), '..', 'lib'))
 $LOAD_PATH.unshift(File.dirname(__FILE__))
 require 'rspec'
-require 'api-auth'
+require 'api_auth'
 require 'amatch'
 require 'rest_client'
 require 'curb'

metadata

@@ -1,13 +1,8 @@
 --- !ruby/object:Gem::Specification 
 name: api-auth
 version: !ruby/object:Gem::Version 
-  hash: 59
   prerelease: 
-  segments: 
-  - 0
-  - 9
-  - 0
-  version: 0.9.0
+  version: 0.9.1
 platform: ruby
 authors: 
 - Mauricio Gomes
@@ -15,137 +10,97 @@ autorequire:
 bindir: bin
 cert_chain: []
 
-date: 2011-01-30 00:00:00 -05:00
+date: 2011-03-12 00:00:00 -05:00
 default_executable: 
 dependencies: 
 - !ruby/object:Gem::Dependency 
-  type: :development
-  version_requirements: &id001 !ruby/object:Gem::Requirement 
+  name: rspec
+  requirement: &id001 !ruby/object:Gem::Requirement 
     none: false
     requirements: 
     - - ~>
       - !ruby/object:Gem::Version 
-        hash: 31
-        segments: 
-        - 2
-        - 4
-        - 0
         version: 2.4.0
-  requirement: *id001
+  type: :development
   prerelease: false
-  name: rspec
+  version_requirements: *id001
 - !ruby/object:Gem::Dependency 
-  type: :development
-  version_requirements: &id002 !ruby/object:Gem::Requirement 
+  name: bundler
+  requirement: &id002 !ruby/object:Gem::Requirement 
     none: false
     requirements: 
     - - ~>
       - !ruby/object:Gem::Version 
-        hash: 23
-        segments: 
-        - 1
-        - 0
-        - 0
         version: 1.0.0
-  requirement: *id002
+  type: :development
   prerelease: false
-  name: bundler
+  version_requirements: *id002
 - !ruby/object:Gem::Dependency 
-  type: :development
-  version_requirements: &id003 !ruby/object:Gem::Requirement 
+  name: jeweler
+  requirement: &id003 !ruby/object:Gem::Requirement 
     none: false
     requirements: 
     - - ~>
       - !ruby/object:Gem::Version 
-        hash: 7
-        segments: 
-        - 1
-        - 5
-        - 2
         version: 1.5.2
-  requirement: *id003
+  type: :development
   prerelease: false
-  name: jeweler
+  version_requirements: *id003
 - !ruby/object:Gem::Dependency 
-  type: :development
-  version_requirements: &id004 !ruby/object:Gem::Requirement 
+  name: amatch
+  requirement: &id004 !ruby/object:Gem::Requirement 
     none: false
     requirements: 
     - - ~>
       - !ruby/object:Gem::Version 
-        hash: 29
-        segments: 
-        - 0
-        - 2
-        - 5
         version: 0.2.5
-  requirement: *id004
+  type: :development
   prerelease: false
-  name: amatch
+  version_requirements: *id004
 - !ruby/object:Gem::Dependency 
-  type: :development
-  version_requirements: &id005 !ruby/object:Gem::Requirement 
+  name: curb
+  requirement: &id005 !ruby/object:Gem::Requirement 
     none: false
     requirements: 
     - - ~>
       - !ruby/object:Gem::Version 
-        hash: 13
-        segments: 
-        - 0
-        - 7
-        - 7
         version: 0.7.7
-  requirement: *id005
+  type: :development
   prerelease: false
-  name: curb
+  version_requirements: *id005
 - !ruby/object:Gem::Dependency 
-  type: :development
-  version_requirements: &id006 !ruby/object:Gem::Requirement 
+  name: rest-client
+  requirement: &id006 !ruby/object:Gem::Requirement 
     none: false
     requirements: 
     - - ~>
       - !ruby/object:Gem::Version 
-        hash: 15
-        segments: 
-        - 1
-        - 6
-        - 0
         version: 1.6.0
-  requirement: *id006
+  type: :development
   prerelease: false
-  name: rest-client
+  version_requirements: *id006
 - !ruby/object:Gem::Dependency 
-  type: :development
-  version_requirements: &id007 !ruby/object:Gem::Requirement 
+  name: actionpack
+  requirement: &id007 !ruby/object:Gem::Requirement 
     none: false
     requirements: 
     - - ~>
       - !ruby/object:Gem::Version 
-        hash: 7
-        segments: 
-        - 2
-        - 3
-        - 2
         version: 2.3.2
-  requirement: *id007
+  type: :development
   prerelease: false
-  name: actionpack
+  version_requirements: *id007
 - !ruby/object:Gem::Dependency 
-  type: :development
-  version_requirements: &id008 !ruby/object:Gem::Requirement 
+  name: activeresource
+  requirement: &id008 !ruby/object:Gem::Requirement 
     none: false
     requirements: 
     - - ~>
       - !ruby/object:Gem::Version 
-        hash: 7
-        segments: 
-        - 2
-        - 3
-        - 2
         version: 2.3.2
-  requirement: *id008
+  type: :development
   prerelease: false
-  name: activeresource
+  version_requirements: *id008
 description: Full HMAC auth implementation for use in your gems and Rails apps.
 email: mgomes@geminisbs.com
 executables: []
@@ -159,17 +114,30 @@ files:
 - .document
 - .rspec
 - Gemfile
+- Gemfile.lock
 - LICENSE.txt
+- README.md
 - Rakefile
+- VERSION
+- api_auth.gemspec
 - lib/api-auth.rb
-- spec/api-auth_spec.rb
-- spec/spec_helper.rb
-- README.md
+- lib/api_auth.rb
+- lib/api_auth/base.rb
+- lib/api_auth/errors.rb
+- lib/api_auth/headers.rb
+- lib/api_auth/helpers.rb
+- lib/api_auth/railtie.rb
+- lib/api_auth/request_drivers/action_controller.rb
+- lib/api_auth/request_drivers/curb.rb
+- lib/api_auth/request_drivers/net_http.rb
+- lib/api_auth/request_drivers/rest_client.rb
+- spec/api_auth_spec.rb
 - spec/headers_spec.rb
 - spec/helpers_spec.rb
 - spec/railtie_spec.rb
+- spec/spec_helper.rb
 has_rdoc: true
-homepage: http://github.com/geminisbs/api-auth
+homepage: http://github.com/mgomes/api_auth
 licenses: 
 - MIT
 post_install_message: 
@@ -182,7 +150,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements: 
   - - ">="
     - !ruby/object:Gem::Version 
-      hash: 3
+      hash: -3238234233330839898
       segments: 
       - 0
       version: "0"
@@ -191,19 +159,16 @@ required_rubygems_version: !ruby/object:Gem::Requirement
   requirements: 
   - - ">="
     - !ruby/object:Gem::Version 
-      hash: 3
-      segments: 
-      - 0
       version: "0"
 requirements: []
 
 rubyforge_project: 
-rubygems_version: 1.4.1
+rubygems_version: 1.5.2
 signing_key: 
 specification_version: 3
 summary: Simple HMAC authentication for your APIs
 test_files: 
-- spec/api-auth_spec.rb
+- spec/api_auth_spec.rb
 - spec/headers_spec.rb
 - spec/helpers_spec.rb
 - spec/railtie_spec.rb