authi 0.0.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (3) hide show
  1. checksums.yaml +7 -0
  2. data/lib/authi.rb +79 -0
  3. metadata +48 -0
checksums.yaml ADDED
@@ -0,0 +1,7 @@
1
+ ---
2
+ SHA1:
3
+ metadata.gz: 5c8e642e8a4f623ad706645634ce3649503418e2
4
+ data.tar.gz: c797223eff7fb120b58a58d2027f594e9bd9303f
5
+ SHA512:
6
+ metadata.gz: ae732dade8677ccf0ecfcc08fa2b78a42e6237e00f2afe42d50ad787e43ee265764da1648c9a82edcce12c2d5b99b55526257518b53d64c3b8dd24a475c6a329
7
+ data.tar.gz: f4d56ed1bff4149b1d584350062d2b16be4343e9418cbe9a2bb26cfe09c82dde08232c4d753f294e1962e3124b4288d253e97bebdb7c36ed52741dafa23a4082
data/lib/authi.rb ADDED
@@ -0,0 +1,79 @@
1
+ require 'openssl'
2
+ require 'base64'
3
+ require 'securerandom'
4
+ # Api Authentication Module
5
+ module Authy
6
+ # Create a signed hash using input parameter
7
+ #
8
+ # Example:
9
+ # >> Authy.generate_signed_header({ 'key' => value })
10
+ # => {:"X-OWNING-SERVICE"=>"l", :"X-SIGNING-ORDER"=>"", :"X-SIGNATURE"=>""}
11
+ #
12
+ # Arguments:
13
+ # data: (map)
14
+ def self.generate_signed_header(data, service_name = ENV['service_name'])
15
+ processed_data, deep_lookup_table = Authy.fully_qualified_keys(data)
16
+ signing_order = processed_data + ',' + 'owning_service,signing_order'
17
+ request_data = Authy.build_query(processed_data, deep_lookup_table)
18
+ unsigned_data = request_data + \
19
+ '&owning_service=' + service_name + '&signing_order=' + \
20
+ signing_order
21
+ digest = OpenSSL::Digest.new('sha1')
22
+ hmac = OpenSSL::HMAC.digest(digest, ENV['shared_key'], unsigned_data)
23
+ signed_str = Base64.strict_encode64(hmac)
24
+ { 'X-OWNING-SERVICE': ENV['service_name'], 'X-SIGNING-ORDER': signing_order,
25
+ 'X-SIGNATURE': signed_str }
26
+ end
27
+
28
+ # Method to create signed order and signed parameter deep lookup map
29
+ def self.fully_qualified_keys(object, fully_qualified_keys = [], val = '', prefix = nil, map = {}) # :nodoc:
30
+ if object.is_a? Hash
31
+ object.each do |key, value|
32
+ key_ = prefix.nil? ? key : prefix + '[' + key + ']'
33
+ Authy.fully_qualified_keys(val, fully_qualified_keys,
34
+ value, key_, map)
35
+ end
36
+ elsif object.is_a? Array
37
+ object.each_with_index do |item, index|
38
+ key_ = prefix + '[' + index.to_s + ']'
39
+ Authy.fully_qualified_keys(item, fully_qualified_keys,
40
+ item, key_, map)
41
+ end
42
+ else
43
+ map[prefix] = val.to_s
44
+ fully_qualified_keys << prefix
45
+ end
46
+ [fully_qualified_keys.join(','), map]
47
+ end
48
+
49
+ # Utility method to build quary from deep lookup table and parameters
50
+ def self.build_query(processed_data, deep_lookup_table) # :nodoc:
51
+ query = []
52
+ processed_data.split(',').each { |data| query << data + '=' + deep_lookup_table[data].to_s }
53
+ query.join('&')
54
+ end
55
+
56
+ # Validate API
57
+ #
58
+ # Example:
59
+ # >> Authy.validate_api(params, request.headers)
60
+ # => true/false
61
+ #
62
+ # Arguments:
63
+ # params: (map)
64
+ # header
65
+ def self.validate_api(params, header)
66
+ owning_service = header['Authorization'][:'X-OWNING-SERVICE']
67
+ expected_header = Authy.generate_signed_header(params, owning_service)
68
+ expected_header[:'X-SIGNATURE'] == header['Authorization'][:'X-SIGNATURE']
69
+ end
70
+
71
+ # Generate a pre-shared key for client
72
+ #
73
+ # Example:
74
+ # >> Authy.generate_secret_key
75
+ # => "63SnNesbvA9IuwXlkpF9KA=="
76
+ def self.generate_secret_key
77
+ SecureRandom.base64
78
+ end
79
+ end
metadata ADDED
@@ -0,0 +1,48 @@
1
+ --- !ruby/object:Gem::Specification
2
+ name: authi
3
+ version: !ruby/object:Gem::Version
4
+ version: 0.0.1
5
+ platform: ruby
6
+ authors:
7
+ - Nithin Kumar
8
+ autorequire:
9
+ bindir: bin
10
+ cert_chain: []
11
+ date: 2018-12-13 00:00:00.000000000 Z
12
+ dependencies: []
13
+ description: Authi is a Ruby gem designed to be used both in your client and server
14
+ HTTP-based applications. It implements the authentication methods based on HMAC-SHA1
15
+ encryption algorithm and a pre-shared key.The gem will sign your requests on the
16
+ client side and authenticate that signature on the server side. It will even generate
17
+ the secret keys necessary for your clients to sign their requests.]
18
+ email: kv.nithin.90@gmail.com
19
+ executables: []
20
+ extensions: []
21
+ extra_rdoc_files: []
22
+ files:
23
+ - lib/authi.rb
24
+ homepage: http://rubygems.org/gems/authi
25
+ licenses:
26
+ - MIT
27
+ metadata: {}
28
+ post_install_message:
29
+ rdoc_options: []
30
+ require_paths:
31
+ - lib
32
+ required_ruby_version: !ruby/object:Gem::Requirement
33
+ requirements:
34
+ - - ">="
35
+ - !ruby/object:Gem::Version
36
+ version: '0'
37
+ required_rubygems_version: !ruby/object:Gem::Requirement
38
+ requirements:
39
+ - - ">="
40
+ - !ruby/object:Gem::Version
41
+ version: '0'
42
+ requirements: []
43
+ rubyforge_project:
44
+ rubygems_version: 2.5.1
45
+ signing_key:
46
+ specification_version: 4
47
+ summary: Authi!
48
+ test_files: []