client_authentication 1.0.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (3) hide show
  1. checksums.yaml +7 -0
  2. data/lib/client_authentication.rb +57 -0
  3. metadata +73 -0
checksums.yaml ADDED
@@ -0,0 +1,7 @@
1
+ ---
2
+ SHA256:
3
+ metadata.gz: 9e377e440730e53379c3df60aaf402a3cad748fc9f18ea7f6abc8a1dd6205f53
4
+ data.tar.gz: d2ddee2acbdd4c7bc8fd502cab96948a4e97301177ff37e587b99623231ce2c6
5
+ SHA512:
6
+ metadata.gz: e5542bf84a315e6541f491aaf97c2dee180154c7223f18a57b8603c46d5b8709851b413a62371339a2b48901f53e15face1f94c12ec728f10b803eed8f11538c
7
+ data.tar.gz: e7dbd086a8a838141326414f2748c386463947573fb0b92cbd435d1476897cae1ba2ae61f38518367515aeddf7ec366677e78da9b3ad369cd4bf9bc555d9ad62
@@ -0,0 +1,57 @@
1
+ require 'base64'
2
+ require 'openssl'
3
+
4
+ class ClientAuthentication
5
+ attr_accessor :header_keys
6
+
7
+ # model must respond to :key and :secret
8
+ def initialize(headers, max_seconds = 5, model = Application)
9
+ @headers = headers
10
+ @max_seconds = max_seconds
11
+ @model = model
12
+
13
+ @header_keys = {
14
+ time: "X-Level3-Digest-Time",
15
+ key: "X-Level3-Application-Key",
16
+ digest: "X-Level3-Digest",
17
+ }
18
+ end
19
+
20
+ def authenticate_client!
21
+ key = @headers[ header_keys[:key] ]
22
+ time = @headers[ header_keys[:time] ]
23
+ digest = @headers[ header_keys[:digest] ]
24
+
25
+ authenticate_header_values!(key, digest, time)
26
+ key
27
+ end
28
+
29
+ def authenticate_header_values!(key, digest, time)
30
+ diff = (time.to_i - salt.to_i).abs
31
+ raise ClientAuthenticationException.new if diff > @max_seconds
32
+
33
+ application = @model.find_by_key(key)
34
+ raise ClientAuthenticationException.new unless application
35
+
36
+ secret = application.secret
37
+ raise ClientAuthenticationException.new unless secret
38
+
39
+ raise ClientAuthenticationException.new unless digest.eql? generate_digest(time, secret)
40
+ true
41
+ end
42
+
43
+ def generate_digest(salt, secret)
44
+ Base64.encode64(
45
+ OpenSSL::HMAC.digest(
46
+ 'sha256',secret, salt) ).
47
+ strip
48
+ end
49
+
50
+ def salt
51
+ Time.now.to_i.to_s
52
+ end
53
+
54
+ class ClientAuthenticationException < Exception
55
+ end
56
+
57
+ end
metadata ADDED
@@ -0,0 +1,73 @@
1
+ --- !ruby/object:Gem::Specification
2
+ name: client_authentication
3
+ version: !ruby/object:Gem::Version
4
+ version: 1.0.1
5
+ platform: ruby
6
+ authors:
7
+ - Oz DiGennaro
8
+ - Vithya Renganathan
9
+ autorequire:
10
+ bindir: bin
11
+ cert_chain: []
12
+ date: 2018-05-24 00:00:00.000000000 Z
13
+ dependencies:
14
+ - !ruby/object:Gem::Dependency
15
+ name: base64
16
+ requirement: !ruby/object:Gem::Requirement
17
+ requirements:
18
+ - - ">="
19
+ - !ruby/object:Gem::Version
20
+ version: '0'
21
+ type: :runtime
22
+ prerelease: false
23
+ version_requirements: !ruby/object:Gem::Requirement
24
+ requirements:
25
+ - - ">="
26
+ - !ruby/object:Gem::Version
27
+ version: '0'
28
+ - !ruby/object:Gem::Dependency
29
+ name: openssl
30
+ requirement: !ruby/object:Gem::Requirement
31
+ requirements:
32
+ - - ">="
33
+ - !ruby/object:Gem::Version
34
+ version: '0'
35
+ type: :runtime
36
+ prerelease: false
37
+ version_requirements: !ruby/object:Gem::Requirement
38
+ requirements:
39
+ - - ">="
40
+ - !ruby/object:Gem::Version
41
+ version: '0'
42
+ description: Use three header fields and a shared secret
43
+ email: oz.digennaro@centurylink.com
44
+ executables: []
45
+ extensions: []
46
+ extra_rdoc_files: []
47
+ files:
48
+ - lib/client_authentication.rb
49
+ homepage: http://rubygems.org/gems/client_authentication
50
+ licenses:
51
+ - MIT
52
+ metadata: {}
53
+ post_install_message:
54
+ rdoc_options: []
55
+ require_paths:
56
+ - lib
57
+ required_ruby_version: !ruby/object:Gem::Requirement
58
+ requirements:
59
+ - - ">="
60
+ - !ruby/object:Gem::Version
61
+ version: '0'
62
+ required_rubygems_version: !ruby/object:Gem::Requirement
63
+ requirements:
64
+ - - ">="
65
+ - !ruby/object:Gem::Version
66
+ version: '0'
67
+ requirements: []
68
+ rubyforge_project:
69
+ rubygems_version: 2.7.3
70
+ signing_key:
71
+ specification_version: 4
72
+ summary: Authenticate client at server
73
+ test_files: []