RubyGems - authi - Versions diffs - 0.0.5 → 0.0.6 - Mend

authi 0.0.5 → 0.0.6

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (3) hide show

checksums.yaml CHANGED

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 85bb4178a5b36b8d9e30f753099c860a3882d9b4
-  data.tar.gz: d3d17263f069c7e9ecff5ba9a59b2c613a41b143
+  metadata.gz: 9e50d6f879cd2ab73dff7dcc6d930d6f7d8f30b2
+  data.tar.gz: e26725a59eb2fca5c0b713317c9896bd686b4e5f
 SHA512:
-  metadata.gz: d39702d636fc2072d9570d0a072fd805462565b0ea2d1d610f4c50c7f67e3f300fdde514b97facfc9d248f368f1f57d6bc309dcfe22028b420e32b00ef63dfff
-  data.tar.gz: 268b643d624118aee28629a9e4ab86eec9875913f3df96b56ad3eebedcfb9807b088fb73abb1d14b19f20d5ac9c47b8921e77cb7d3c45b15c6089b4222cdc849
+  metadata.gz: 68a80a96d9d33f5385b4da8806ce6297ba1d482fc9116d53e151d2994c76bc39eed968e3c75170a9e53d30cddb1fc9a08bbe65d6a133bd9db1956599d67d3f8b
+  data.tar.gz: 24b67621d0750cdbdf0b3909528bf93a368dc78731293fbd86d0e2c440140a442ff4419865c4b40e87ac7f14b97b3500cbf58eeb606cef5ae77c07d72ab9fad1

data/lib/authi.rb CHANGED

@@ -9,16 +9,20 @@ require 'securerandom'
 # ===========
 # A string is first created using your HTTP payload containing all parameters and a preshared key.
 # This string is then used to create the signature which is a Base64 encoded SHA1 HMAC, using the clients private secret key.
-# This signature is then can be added to Authorization HTTP header
-# <code>Authorization = Authy.generate_signed_header(params)</code>
-# Now add this to to your header
+# This signature is then can be added to Authorization HTTP header
+# <code>Authorization = Authy.generate_signed_header(params)</code>
+# You can pass explicite service name and shared_key as an argument to support multiple API authentication
+# <code>Authorization = Authy.generate_signed_header(params, 'client_1', ENV['client_1_shared_key'])</code>
+# Now add this to to your header
 # <code>header["Authorization"] = Authorization</code>
 #
 # secret_key generated from the server side can be kept inside the a environment variable with name <i>shared_key</i> along with <i>service_name</i> as your service name
 #
-# <i>Server Side API validation</i>
-# <code>is_valid = Authy.validate_api(params, request.headers)</code>
-# Generating secret key for clients
+# <i>Server Side API validation</i>
+# <code>is_valid = Authy.validate_api(params, request.headers)</code>
+# Pass explicite shared key to support multiple API authentication
+# <code>is_valid = Authy.validate_api(params, request.headers,ENV['client_1_shared_key'])</code>
+# Generating secret key for clients
 # <code>secret_key = Authy.generate_secret_key</code>
 module Authy
   # Create a signed hash using input parameter
@@ -29,7 +33,7 @@ module Authy
   #
   # Arguments:
   #   data: (map)
-  def self.generate_signed_header(data, service_name = ENV['service_name'])
+  def self.generate_signed_header(data, service_name = ENV['service_name'], shared_key = ENV['shared_key'])
     processed_data, deep_lookup_table = Authy.fully_qualified_keys(data)
     signing_order = processed_data + ',' + 'owning_service,signing_order'
     request_data = Authy.build_query(processed_data, deep_lookup_table)
@@ -37,9 +41,9 @@ module Authy
                     '&owning_service=' + service_name + '&signing_order=' + \
                     signing_order
     digest = OpenSSL::Digest.new('sha1')
-    hmac = OpenSSL::HMAC.digest(digest, ENV['shared_key'], unsigned_data)
+    hmac = OpenSSL::HMAC.digest(digest, shared_key, unsigned_data)
     signed_str = Base64.strict_encode64(hmac)
-    { 'X-OWNING-SERVICE': ENV['service_name'], 'X-SIGNING-ORDER': signing_order,
+    { 'X-OWNING-SERVICE': service_name, 'X-SIGNING-ORDER': signing_order,
       'X-SIGNATURE': signed_str }
   end
@@ -80,9 +84,9 @@ module Authy
   # Arguments:
   #   params: (map)
   #   header
-  def self.validate_api(params, header)
+  def self.validate_api(params, header, shared_key = ENV['shared_key'])
     owning_service = header['Authorization'][:'X-OWNING-SERVICE']
-    expected_header = Authy.generate_signed_header(params, owning_service)
+    expected_header = Authy.generate_signed_header(params, owning_service, shared_key)
     expected_header[:'X-SIGNATURE'] == header['Authorization'][:'X-SIGNATURE']
   end

metadata CHANGED

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: authi
 version: !ruby/object:Gem::Version
-  version: 0.0.5
+  version: 0.0.6
 platform: ruby
 authors:
 - Nithin Kumar