bitid 0.0.1

data/.gitignore

@@ -0,0 +1,17 @@
+*.gem
+*.rbc
+.bundle
+.config
+.yardoc
+Gemfile.lock
+InstalledFiles
+_yardoc
+coverage
+doc/
+lib/bundler/man
+pkg
+rdoc
+spec/reports
+test/tmp
+test/version_tmp
+tmp

data/Gemfile

@@ -0,0 +1,4 @@
+source 'https://rubygems.org'
+
+# Specify your gem's dependencies in bitid-ruby.gemspec
+gemspec

data/LICENSE.txt

@@ -0,0 +1,22 @@
+Copyright (c) 2014 Eric Larchevêque
+
+MIT License
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.md

@@ -0,0 +1,94 @@
+# BitID
+
+This is the ruby implementation of the BitID authentication protocol. Basicaly, what the Gem does is
+building a message challenge and verifying the signature.
+
+## Installation
+
+Add this line to your application's Gemfile:
+
+    gem 'bitid-ruby'
+
+And then execute:
+
+    $ bundle
+
+Or install it yourself as:
+
+    $ gem install bitid-ruby
+
+## Usage
+
+### Challenge
+
+To build a challenge, you need to initialize a `Bitid` object with a `nonce` and a `callback`.
+
+```
+bitid = Bitid.new(nonce:@nonce, callback:@callback)
+```
+
+`nonce` is an random string associated with the user's session id.
+`callback` is the url where the wallet will post the challenge's signature.
+
+Once the `Bitid` object is initialized, you have access to the following methods :
+
+```
+bitid.message
+```
+
+This is the message to sign (the challenge). For instance :
+
+```
+Bitcoin Signed Message:
+bitid://bitid-demo.herokuapp.com/callback?x=987f20277c015ce7
+```
+
+```
+bitid.qrcode
+```
+
+The same message, but on QRcode format (this is actualy an URL pointing to the QRcode image).
+
+### Verification
+
+When getting the callback from the wallet, you must initialize a `Bitid` object with the received 
+parameters `address`, `uri`, `signature` as well as the excpected `callback` :
+
+```
+bitid = Bitid.new(address:@address, uri:@uri, signature:@signature, callback:@callback)
+```
+
+You can after call the following methods :
+
+```
+bitid.nonce
+```
+
+Return the `nonce`, which would get you the user's session.
+
+```
+bitid.uri_valid?
+```
+
+Returns `true` if the submitted URI is valid and corresponds to the correct `callback` url.
+
+```
+bitid.signature_valid?
+```
+
+If returns `true`, then you can authenticate the user's session with `address` (public Bitcoin
+address used to sign the challenge).
+
+
+## Author
+
+Eric Larchevêque
+elarch@gmail.com
+
+## Contributing
+
+1. Fork it
+2. Create your feature branch (`git checkout -b my-new-feature`)
+3. Commit your changes (`git commit -am 'Add some feature'`)
+4. Push to the branch (`git push origin my-new-feature`)
+5. Create new Pull Request

data/Rakefile

@@ -0,0 +1,9 @@
+require "bundler/gem_tasks"
+require "rake/testtask"
+
+Rake::TestTask.new do |t|
+  t.libs << 'test'
+end
+
+desc "Run tests"
+task :default => :test

data/bitid-ruby.gemspec

@@ -0,0 +1,25 @@
+# coding: utf-8
+lib = File.expand_path('../lib', __FILE__)
+$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
+require 'bitid/version'
+
+Gem::Specification.new do |spec|
+  spec.name          = "bitid"
+  spec.version       = Bitid::VERSION
+  spec.authors       = ["Eric Larchevêque"]
+  spec.email         = ["elarch@gmail.com"]
+  spec.description   = %q{Ruby implementation of the BitID authentication protocol}
+  spec.summary       = %q{BitID}
+  spec.homepage      = "https://github.com/bitid/bitid-ruby"
+  spec.license       = "MIT"
+
+  spec.files         = `git ls-files`.split($/)
+  spec.executables   = spec.files.grep(%r{^bin/}) { |f| File.basename(f) }
+  spec.test_files    = spec.files.grep(%r{^(test|spec|features)/})
+  spec.require_paths = ["lib"]
+
+  spec.add_runtime_dependency 'bitcoin-cigs'
+
+  spec.add_development_dependency "bundler", "~> 1.3"
+  spec.add_development_dependency "rake"
+end

data/lib/bitid.rb

@@ -0,0 +1,55 @@
+require 'uri'
+require 'cgi'
+require 'bitcoin-cigs'
+
+class Bitid
+
+  SCHEME = 'bitid'
+  PARAM_NONCE = 'x'
+  SIGNATURE_HEADER = "Bitcoin Signed Message:\n"
+
+  attr_accessor :nonce, :callback, :signature, :uri
+
+  def initialize hash={}
+    @nonce = hash[:nonce]
+    @callback = URI(hash[:callback])
+    @signature = hash[:signature]
+    @address = hash[:address]
+    @uri = hash[:uri].nil? ? build_uri : URI(hash[:uri])
+  end
+
+  def uri_valid?
+    params = CGI::parse(@uri.query)
+    !@uri.nil? && @uri.scheme == SCHEME && @uri.host == @callback.host && @uri.path == @callback.path && !params[PARAM_NONCE][0].nil?
+  rescue
+  end
+
+  def signature_valid?
+    BitcoinCigs.verify_message(@address, @signature, message)
+  end
+
+  def qrcode
+    "http://chart.apis.google.com/chart?cht=qr&chs=300x300&chl=" + CGI::escape(message)
+  end
+
+  def nonce
+    CGI::parse(@uri.query)[PARAM_NONCE][0]
+  end
+
+  def message
+    SIGNATURE_HEADER + @uri.to_s
+  end
+
+  def callback
+    @callback
+  end
+
+  private
+
+  def build_uri
+    uri = @callback
+    uri.scheme = SCHEME
+    uri.query = URI.encode_www_form({PARAM_NONCE => @nonce})
+    uri
+  end
+end

data/lib/bitid/version.rb

@@ -0,0 +1,3 @@
+module Bitid
+  VERSION = "0.0.1"
+end

data/test/test_bitid.rb

@@ -0,0 +1,79 @@
+require 'test/unit'
+require 'bitid'
+
+class TestBitid < Test::Unit::TestCase
+
+  def setup
+    @nonce = "fe32e61882a71074"
+    @callback = "http://localhost:3000/callback"
+    @uri = "bitid://localhost:3000/callback?x=fe32e61882a71074"
+    @address = "1HpE8571PFRwge5coHiFdSCLcwa7qetcn"
+    @signature = "H1cDvRY+UbKNbwlHuS6rJ9376C7RF7NxYB6fZTNEOQo4/UFXezcK0uv1+3/fejJJAMKrnkGEo1Ue00pWB8Gu9SQ="
+  end
+
+  def test_build_uri
+    bitid = Bitid.new(nonce:@nonce, callback:@callback)
+    
+    assert !bitid.uri.nil?
+    assert_equal "bitid", bitid.uri.scheme
+    assert_equal "localhost", bitid.uri.host
+    assert_equal 3000, bitid.uri.port
+    assert_equal "/callback", bitid.uri.path
+
+    params = CGI::parse(bitid.uri.query)
+    assert_equal @nonce, params['x'].first
+  end
+
+  def test_build_qrcode
+    bitid = Bitid.new(nonce:@nonce, callback:@callback)
+
+    uri_encoded = CGI::escape(bitid.message)
+    assert_equal "http://chart.apis.google.com/chart?cht=qr&chs=300x300&chl=#{uri_encoded}", bitid.qrcode
+  end
+
+  def test_build_message
+    bitid = Bitid.new(nonce:@nonce, callback:@callback)
+
+    assert_match /\ABitcoin Signed Message\:\nbitid\:\/\/localhost\:3000\/callback\?x=/, bitid.message
+  end
+
+  def test_verify_uri
+    bitid = Bitid.new(address:@address, uri:@uri, signature:@signature, callback:@callback)
+    assert bitid.uri_valid?
+  end
+
+  def test_fail_uri_verification_if_bad_uri
+    bitid = Bitid.new(address:@address, uri:'garbage', signature:@signature, callback:@callback)
+    assert !bitid.uri_valid?
+  end
+
+  def test_fail_uri_verification_if_bad_scheme
+    bitid = Bitid.new(address:@address, uri:'http://localhost:3000/callback?x=fe32e61882a71074', signature:@signature, callback:@callback)
+    assert !bitid.uri_valid?
+  end
+
+  def test_fail_uri_verification_if_invalid_callback_url
+    bitid = Bitid.new(address:@address, uri:'site.com/callback?x=fe32e61882a71074', signature:@signature, callback:@callback)
+    assert !bitid.uri_valid?
+  end
+
+  def test_verify_signature
+    bitid = Bitid.new(address:@address, uri:@uri, signature:@signature, callback:@callback)
+    assert bitid.signature_valid?
+  end
+
+  def test_fail_verification_if_invalid_signature
+    bitid = Bitid.new(address:@address, uri:@uri, signature:"garbage", callback:@callback)
+    assert !bitid.signature_valid?
+  end
+
+  def test_fail_verification_if_signature_text_doesnt_match
+    bitid = Bitid.new(address:@address, uri:@uri, signature:"H4/hhdnxtXHduvCaA+Vnf0TM4UqdljTsbdIfltwx9+w50gg3mxy8WgLSLIiEjTnxbOPW9sNRzEfjibZXnWEpde4=", callback:@callback)
+    assert !bitid.signature_valid?
+  end
+
+  def test_extract_nonce
+    bitid = Bitid.new(address:@address, uri:@uri, signature:@signature, callback:@callback)
+    assert_equal "fe32e61882a71074", bitid.nonce
+  end  
+end

metadata

@@ -0,0 +1,104 @@
+--- !ruby/object:Gem::Specification
+name: bitid
+version: !ruby/object:Gem::Version
+  version: 0.0.1
+  prerelease: 
+platform: ruby
+authors:
+- Eric Larchevêque
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2014-04-17 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: bitcoin-cigs
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: bundler
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '1.3'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '1.3'
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+description: Ruby implementation of the BitID authentication protocol
+email:
+- elarch@gmail.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- .gitignore
+- Gemfile
+- LICENSE.txt
+- README.md
+- Rakefile
+- bitid-ruby.gemspec
+- lib/bitid.rb
+- lib/bitid/version.rb
+- test/test_bitid.rb
+homepage: https://github.com/bitid/bitid-ruby
+licenses:
+- MIT
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  none: false
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  none: false
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 1.8.25
+signing_key: 
+specification_version: 3
+summary: BitID
+test_files:
+- test/test_bitid.rb