dnclabs-auth-hmac 1.1.1.2010061601 → 1.1.1.2010090201

Sign up to get free protection for your applications and to get access to all the features.
data/History.txt CHANGED
@@ -1,9 +1,3 @@
1
- == 1.1.1.2010061601 2010-06-16 (dnclabs)
2
-
3
- * Gutted Rails monkey-patching
4
- * Added Rack support (this means it works with Rails 2.3 as Rack middleware)
5
- * Switched out hoe for jeweler+gemcutter
6
-
7
1
  == 1.1.1 2009-10-01
8
2
 
9
3
  * Fixed bug in headers on recent versions of Ruby.
data/Manifest.txt CHANGED
@@ -4,6 +4,7 @@ Manifest.txt
4
4
  PostInstall.txt
5
5
  README.txt
6
6
  Rakefile
7
+ config/hoe.rb
7
8
  config/requirements.rb
8
9
  lib/auth-hmac.rb
9
10
  lib/auth-hmac/version.rb
@@ -14,7 +15,7 @@ setup.rb
14
15
  spec/auth-hmac_spec.rb
15
16
  spec/spec.opts
16
17
  spec/spec_helper.rb
17
- tasks/jeweler.rake
18
+ tasks/deployment.rake
18
19
  tasks/environment.rake
19
20
  tasks/rspec.rake
20
21
  tasks/website.rake
data/Rakefile CHANGED
@@ -1,3 +1,4 @@
1
1
  require 'config/requirements'
2
+ require 'config/hoe' # setup Hoe + all gem configuration
2
3
 
3
4
  Dir['tasks/**/*.rake'].each { |rake| load rake }
data/config/hoe.rb ADDED
@@ -0,0 +1,44 @@
1
+ require 'auth-hmac/version'
2
+
3
+ AUTHOR = ['Sean Geoghegan', 'ascarter', "Wes Morgan", "Adrian Cushman"] # can also be an array of Authors
4
+ EMAIL = "innovationlab@dnc.org"
5
+ DESCRIPTION = "A gem providing HMAC based authentication for HTTP. This is the DNC Labs fork."
6
+ GEM_NAME = 'dnclabs-auth-hmac' # what ppl will type to install your gem
7
+ HOMEPATH = "http://github.com/dnclabs/auth-hmac/"
8
+ RUBYFORGE_PROJECT = ''
9
+
10
+ REV = '2010090201'
11
+ # UNCOMMENT IF REQUIRED:
12
+ # REV = YAML.load(`svn info`)['Revision']
13
+ VERS = AuthHMAC::VERSION::STRING + (REV ? ".#{REV}" : "")
14
+ RDOC_OPTS = ['--quiet', '--title', 'auth-hmac documentation',
15
+ "--opname", "index.html",
16
+ "--line-numbers",
17
+ "--main", "README",
18
+ "--inline-source"]
19
+
20
+ class Hoe
21
+ def extra_deps
22
+ @extra_deps.reject! { |x| Array(x).first == 'hoe' }
23
+ @extra_deps
24
+ end
25
+ end
26
+
27
+ # Generate all the Rake tasks
28
+ # Run 'rake -T' to see list of generated tasks (from gem root directory)
29
+ $hoe = Hoe.new(GEM_NAME, VERS) do |p|
30
+ p.author = AUTHOR
31
+ p.email = EMAIL
32
+ p.description = DESCRIPTION
33
+ p.summary = DESCRIPTION
34
+ p.url = HOMEPATH
35
+ p.rubyforge_name = RUBYFORGE_PROJECT if RUBYFORGE_PROJECT
36
+ p.test_globs = ["test/**/test_*.rb"]
37
+ p.clean_globs |= ['**/.*.sw?', '*.gem', '.config', '**/.DS_Store'] #An array of file patterns to delete on clean.
38
+
39
+ # == Optional
40
+ p.changes = p.paragraphs_of("History.txt", 0..1).join("\n\n")
41
+ #p.extra_deps = EXTRA_DEPENDENCIES
42
+
43
+ #p.spec_extras = {} # A hash of extra values to set in the gemspec.
44
+ end
@@ -2,7 +2,7 @@ require 'fileutils'
2
2
  include FileUtils
3
3
 
4
4
  require 'rubygems'
5
- %w[rake jeweler].each do |req_gem|
5
+ %w[rake hoe newgem rubigen].each do |req_gem|
6
6
  begin
7
7
  require req_gem
8
8
  rescue LoadError
@@ -3,8 +3,7 @@ class AuthHMAC
3
3
  MAJOR = 1
4
4
  MINOR = 1
5
5
  TINY = 1
6
- LOCAL = 2010061601
7
6
 
8
- STRING = [MAJOR, MINOR, TINY, LOCAL].join('.')
7
+ STRING = [MAJOR, MINOR, TINY].join('.')
9
8
  end
10
9
  end
data/lib/auth-hmac.rb CHANGED
@@ -74,10 +74,10 @@ class AuthHMAC
74
74
  class CanonicalString < String # :nodoc:
75
75
  include Headers
76
76
 
77
- def initialize(request)
77
+ def initialize(request, authenticate_referrer=false)
78
78
  self << request_method(request) + "\n"
79
- self << header_values(headers(request)) + "\n"
80
- self << request_path(request)
79
+ self << header_values(request) + "\n"
80
+ self << request_path(request, authenticate_referrer)
81
81
  end
82
82
 
83
83
  private
@@ -93,9 +93,10 @@ class AuthHMAC
93
93
  end
94
94
  end
95
95
 
96
- def header_values(headers)
96
+ def header_values(request)
97
+ headers = headers(request)
97
98
  [ content_type(headers),
98
- content_md5(headers),
99
+ (content_md5(headers) or (request.body.blank? ? '' : headers['Content-MD5'] = generate_content_md5(request))),
99
100
  (date(headers) or headers['Date'] = Time.now.utc.httpdate)
100
101
  ].join("\n")
101
102
  end
@@ -109,15 +110,24 @@ class AuthHMAC
109
110
  end
110
111
 
111
112
  def content_md5(headers)
112
- find_header(%w(CONTENT-MD5 CONTENT_MD5), headers)
113
+ find_header(%w(CONTENT-MD5 CONTENT_MD5 HTTP_CONTENT_MD5), headers)
114
+ end
115
+
116
+ def generate_content_md5(request)
117
+ OpenSSL::Digest::MD5.hexdigest(request.body)
113
118
  end
114
119
 
115
- def request_path(request)
116
- # Try unparsed_uri in case it is a Webrick request
117
- path = if request.respond_to?(:unparsed_uri)
118
- request.unparsed_uri
120
+ def request_path(request, authenticate_referrer)
121
+ if authenticate_referrer
122
+ headers(request)['Referer'] =~ /^(?:http:\/\/)?[^\/]*(\/.*)$/
123
+ path = $1
119
124
  else
120
- request.path
125
+ # Try unparsed_uri in case it is a Webrick request
126
+ path = if request.respond_to?(:unparsed_uri)
127
+ request.unparsed_uri
128
+ else
129
+ request.path
130
+ end
121
131
  end
122
132
 
123
133
  path[/^[^?]*/]
@@ -149,13 +159,15 @@ class AuthHMAC
149
159
  # Defaults
150
160
  @service_id = self.class.name
151
161
  @signature_class = @@default_signature_class
162
+ @authenticate_referrer = false
152
163
 
153
164
  unless options.nil?
154
165
  @service_id = options[:service_id] if options.key?(:service_id)
155
166
  @signature_class = options[:signature] if options.key?(:signature) && options[:signature].is_a?(Class)
167
+ @authenticate_referrer = options[:authenticate_referrer] || options[:authenticate_referer]
156
168
  end
157
169
 
158
- @signature_method = lambda { |r| @signature_class.send(:new, r) }
170
+ @signature_method = lambda { |r,ar| @signature_class.send(:new, r, ar) }
159
171
  end
160
172
 
161
173
  # Generates canonical signing string for given request
@@ -235,11 +247,11 @@ class AuthHMAC
235
247
 
236
248
  def signature(request, secret)
237
249
  digest = OpenSSL::Digest::Digest.new('sha1')
238
- Base64.encode64(OpenSSL::HMAC.digest(digest, secret, canonical_string(request))).strip
250
+ Base64.encode64(OpenSSL::HMAC.digest(digest, secret, canonical_string(request, @authenticate_referrer))).strip
239
251
  end
240
252
 
241
- def canonical_string(request)
242
- @signature_method.call(request)
253
+ def canonical_string(request, authenticate_referrer=false)
254
+ @signature_method.call(request, authenticate_referrer)
243
255
  end
244
256
 
245
257
  def authorization_header(request)
@@ -249,4 +261,4 @@ class AuthHMAC
249
261
  def authorization(request, access_key_id, secret)
250
262
  "#{@service_id} #{access_key_id}:#{signature(request, secret)}"
251
263
  end
252
- end
264
+ end
@@ -13,7 +13,7 @@ require 'ruby-debug'
13
13
 
14
14
  # Class for doing a custom signature
15
15
  class CustomSignature < String
16
- def initialize(request)
16
+ def initialize(request, authenticate_referrer=false)
17
17
  self << "Custom signature string: #{request.method}"
18
18
  end
19
19
  end
@@ -33,7 +33,6 @@ describe AuthHMAC do
33
33
 
34
34
  describe ".canonical_string" do
35
35
  it "should generate a canonical string using default method" do
36
- # debugger
37
36
  AuthHMAC.canonical_string(@request).should == "PUT\ntext/plain\nblahblah\nThu, 10 Jul 2008 03:29:56 GMT\n/path/to/put"
38
37
  end
39
38
  end
@@ -244,6 +243,7 @@ describe AuthHMAC do
244
243
  rack_req.stub!(:request_method).and_return('GET')
245
244
  rack_req.stub!(:path).and_return("/path/to/get?foo=bar&bar=foo")
246
245
  rack_req.stub!(:[]).and_return({'foo' => 'bar', 'bar' => 'foo'})
246
+ rack_req.stub!(:body).and_return('')
247
247
  @authhmac.authenticated?(rack_req).should be_true
248
248
  end
249
249
  end
@@ -278,6 +278,18 @@ describe AuthHMAC do
278
278
  request = Net::HTTP::Put.new("/", {'content-md5' => 'adsada'})
279
279
  AuthHMAC::CanonicalString.new(request).should match(/adsada/)
280
280
  end
281
+
282
+ it "should generate the content-md5 if one wasn't included and there is a request body" do
283
+ request = Net::HTTP::Put.new("/")
284
+ request.body = "foo=bar&baz=qux"
285
+ content_md5 = OpenSSL::Digest::MD5.hexdigest(request.body)
286
+ AuthHMAC::CanonicalString.new(request).should match(/#{content_md5}/)
287
+ end
288
+
289
+ it "should not generate a content-md5 when there is no request body" do
290
+ request = Net::HTTP::Get.new("/")
291
+ AuthHMAC::CanonicalString.new(request).should match(/^GET\n\n\n/)
292
+ end
281
293
 
282
294
  it "should include the date" do
283
295
  date = Time.now.httpdate
@@ -0,0 +1,34 @@
1
+ desc 'Release the website and new gem version'
2
+ task :deploy => [:check_version, :website, :release] do
3
+ puts "Remember to create SVN tag:"
4
+ puts "svn copy svn+ssh://#{rubyforge_username}@rubyforge.org/var/svn/#{PATH}/trunk " +
5
+ "svn+ssh://#{rubyforge_username}@rubyforge.org/var/svn/#{PATH}/tags/REL-#{VERS} "
6
+ puts "Suggested comment:"
7
+ puts "Tagging release #{CHANGES}"
8
+ end
9
+
10
+ desc 'Runs tasks website_generate and install_gem as a local deployment of the gem'
11
+ task :local_deploy => [:website_generate, :install_gem]
12
+
13
+ task :check_version do
14
+ unless ENV['VERSION']
15
+ puts 'Must pass a VERSION=x.y.z release version'
16
+ exit
17
+ end
18
+ unless ENV['VERSION'] == VERS
19
+ puts "Please update your version.rb to match the release version, currently #{VERS}"
20
+ exit
21
+ end
22
+ end
23
+
24
+ desc 'Install the package as a gem, without generating documentation(ri/rdoc)'
25
+ task :install_gem_no_doc => [:clean, :package] do
26
+ sh "#{'sudo ' unless Hoe::WINDOZE }gem install pkg/*.gem --no-rdoc --no-ri"
27
+ end
28
+
29
+ namespace :manifest do
30
+ desc 'Recreate Manifest.txt to include ALL files'
31
+ task :refresh do
32
+ `rake check_manifest | patch -p0 > Manifest.txt`
33
+ end
34
+ end
metadata CHANGED
@@ -1,46 +1,79 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: dnclabs-auth-hmac
3
3
  version: !ruby/object:Gem::Version
4
- hash: 4020123153
4
+ hash: 4020180449
5
5
  prerelease: false
6
6
  segments:
7
7
  - 1
8
8
  - 1
9
9
  - 1
10
- - 2010061601
11
- version: 1.1.1.2010061601
10
+ - 2010090201
11
+ version: 1.1.1.2010090201
12
12
  platform: ruby
13
13
  authors:
14
14
  - Sean Geoghegan
15
15
  - ascarter
16
16
  - Wes Morgan
17
+ - Adrian Cushman
17
18
  autorequire:
18
19
  bindir: bin
19
20
  cert_chain: []
20
21
 
21
- date: 2010-06-17 00:00:00 -04:00
22
- default_executable: auth-hmac
23
- dependencies: []
24
-
25
- description: A gem providing HMAC based authentication for HTTP. This version includes DNC Innovation Lab changes (improvements?). See History.txt for details.
22
+ date: 2010-09-02 00:00:00 -04:00
23
+ default_executable:
24
+ dependencies:
25
+ - !ruby/object:Gem::Dependency
26
+ name: rubyforge
27
+ prerelease: false
28
+ requirement: &id001 !ruby/object:Gem::Requirement
29
+ none: false
30
+ requirements:
31
+ - - ">="
32
+ - !ruby/object:Gem::Version
33
+ hash: 7
34
+ segments:
35
+ - 2
36
+ - 0
37
+ - 4
38
+ version: 2.0.4
39
+ type: :development
40
+ version_requirements: *id001
41
+ - !ruby/object:Gem::Dependency
42
+ name: hoe
43
+ prerelease: false
44
+ requirement: &id002 !ruby/object:Gem::Requirement
45
+ none: false
46
+ requirements:
47
+ - - ">="
48
+ - !ruby/object:Gem::Version
49
+ hash: 19
50
+ segments:
51
+ - 2
52
+ - 6
53
+ - 2
54
+ version: 2.6.2
55
+ type: :development
56
+ version_requirements: *id002
57
+ description: A gem providing HMAC based authentication for HTTP. This is the DNC Labs fork.
26
58
  email: innovationlab@dnc.org
27
- executables:
28
- - auth-hmac
59
+ executables: []
60
+
29
61
  extensions: []
30
62
 
31
63
  extra_rdoc_files:
32
- - README.rdoc
64
+ - History.txt
65
+ - License.txt
66
+ - Manifest.txt
67
+ - PostInstall.txt
33
68
  - README.txt
34
69
  files:
35
- - .gitignore
36
70
  - History.txt
37
71
  - License.txt
38
72
  - Manifest.txt
39
73
  - PostInstall.txt
40
- - README.rdoc
41
74
  - README.txt
42
75
  - Rakefile
43
- - bin/auth-hmac
76
+ - config/hoe.rb
44
77
  - config/requirements.rb
45
78
  - lib/auth-hmac.rb
46
79
  - lib/auth-hmac/version.rb
@@ -49,20 +82,20 @@ files:
49
82
  - script/generate
50
83
  - setup.rb
51
84
  - spec/auth-hmac_spec.rb
52
- - spec/fixtures/credentials.yml
53
85
  - spec/spec.opts
54
86
  - spec/spec_helper.rb
87
+ - tasks/deployment.rake
55
88
  - tasks/environment.rake
56
- - tasks/jeweler.rake
57
89
  - tasks/rspec.rake
58
90
  - tasks/website.rake
59
91
  has_rdoc: true
60
- homepage: http://github.com/dnclabs/auth-hmac
92
+ homepage: http://github.com/dnclabs/auth-hmac/
61
93
  licenses: []
62
94
 
63
95
  post_install_message:
64
96
  rdoc_options:
65
- - --charset=UTF-8
97
+ - --main
98
+ - README.txt
66
99
  require_paths:
67
100
  - lib
68
101
  required_ruby_version: !ruby/object:Gem::Requirement
@@ -85,11 +118,10 @@ required_rubygems_version: !ruby/object:Gem::Requirement
85
118
  version: "0"
86
119
  requirements: []
87
120
 
88
- rubyforge_project:
121
+ rubyforge_project: ""
89
122
  rubygems_version: 1.3.7
90
123
  signing_key:
91
124
  specification_version: 3
92
- summary: A gem providing HMAC based authentication for HTTP
93
- test_files:
94
- - spec/auth-hmac_spec.rb
95
- - spec/spec_helper.rb
125
+ summary: A gem providing HMAC based authentication for HTTP. This is the DNC Labs fork.
126
+ test_files: []
127
+
data/.gitignore DELETED
@@ -1,3 +0,0 @@
1
- pkg
2
- *.gemspec
3
- *.gem
data/README.rdoc DELETED
@@ -1,129 +0,0 @@
1
- = auth-hmac
2
-
3
- == What is it?
4
-
5
- auth-hmac is a Ruby implementation of HMAC[http://en.wikipedia.org/wiki/HMAC] based authentication of HTTP requests.
6
-
7
- HMAC authentication involves a client and server having a shared secret key. When sending the request the client, signs the request using the secret key. This involves building a canonical representation of the request and then generating a HMAC of the request using the secret. The generated HMAC is then sent as part of the request.
8
-
9
- When the server receives the request it builds the same canonical representation and generates a HMAC using it's copy of the secret key, if the HMAC produced by the server matches the HMAC sent by the client, the server can be assured that the client also possesses the shared secret key.
10
-
11
- HMAC based authentication also provides message integrity checking because the HMAC is based on a combination of the shared secret and the content of the request. So if any part of the request that is used to build the canonical representation is modified by a malicious party or in transit the authentication will then fail.
12
-
13
- AuthHMAC was built to support authentication between various applications build by Peerworks[http://peerworks.org].
14
-
15
- AuthHMAC is loosely based on the Amazon Web Services authentication scheme but without the Amazon specific components, i.e. it is HMAC for the rest of us.
16
-
17
- == What does it require?
18
-
19
- AuthHMAC requires Ruby's OpenSSL support. This should be standard in most Ruby builds.
20
-
21
- == When to use it?
22
-
23
- HMAC Authentication is best used as authentication for communication between applications such as web services. It provides better security than HTTP Basic authentication without the need to set up SSL. Of course if you need to protect the confidentiality of the data then you need SSL, but if you just want to authenticate requests without sending credentials in the clear AuthHMAC is a good choice.
24
-
25
- == How to use it?
26
-
27
- The simplest way to use AuthHMAC is with the AuthHMAC.sign! and AuthHMAC#authenticate? methods.
28
-
29
- AuthHMAC.sign! takes a HTTP request object, an access id and a secret key and signs the request with the access_id and secret key.
30
-
31
- * The HTTP request object can be a Net::HTTP::HTTPRequest object, a CGI::Request object or a Webrick HTTP request object. AuthHMAC will do its best to figure out which type it is an handle it accordingly.
32
- * The access_id is used to identify the secret key that was used to sign the request. Think of it as like a user name, it allows you to hand out different keys to different clients and authenticate each of them individually. The access_id is sent in the clear so you should avoid making it an important string.
33
- * The secret key is the shared secret between the client and the server. You should make this sufficiently random so that is can't be guessed or exposed to dictionary attacks. The follow code will give you a pretty good secret key:
34
-
35
- random = File.read('/dev/random', 512)
36
- secret_key = Base64.encode64(Digest::SHA2.new(512).digest(random))
37
-
38
- On the server side you can then authenticate these requests using the AuthHMAC.authenticated? method. This takes the same arguments as the sign! method but returns true if the request has been signed with the access id and secret or false if it hasn't.
39
-
40
- If you have more than one set of credentials you might find it useful to create an instance of the AuthHMAC class, passing your credentials as a Hash of access id => secret keys, like so:
41
-
42
- @authhmac = AuthHMAC.new('access_id1' => 'secret1', 'access_id2' => 'secret2')
43
-
44
- You can then use the instance methods of the @authhmac object to sign and authenticate requests, for example:
45
-
46
- @authhmac.sign!(request, "access_id1")
47
-
48
- will sign +request+ with "access_id1" and it's corresponding secret key. Similarly authentication is done like so:
49
-
50
- @authhmac.authenticated?(request)
51
-
52
- which will return true if the request has been signed with one of the access id and secret key pairs provided in the constructor.
53
-
54
- === Rails Integration
55
-
56
- AuthHMAC supports authentication within Rails controllers and signing of requests generated by Active Resource. See AuthHMAC::Rails::ControllerFilter::ClassMethods and AuthHMAC::Rails::ActiveResourceExtension::BaseHmac::ClassMethods for details.
57
-
58
- == How does it work?
59
-
60
- When creating a signature for a HTTP request AuthHMAC first generates a canonical representation of the request.
61
-
62
- This canonical string is created like so:
63
-
64
- canonical_string = HTTP-Verb + "\n" +
65
- Content-Type + "\n" +
66
- Content-MD5 + "\n" +
67
- Date + "\n" +
68
- request-uri;
69
-
70
- Where Content-Type, Content-MD5 and Date are all taken from the headers of the request. If Content-Type or Content-MD5 are not present, they are substituted with an empty string. If Date is not present it is added to the request headers with the value +Time.now.httpdate+. +request-uri+ is the path component of the request, without any query string, i.e. everything up to the ?.
71
-
72
- This string is then used with the secret to generate a SHA1 HMAC using the following:
73
-
74
- OpenSSL::HMAC.digest(OpenSSL::Digest::Digest.new('sha1'), secret_key, canonical_string)
75
-
76
- The result is then Base64 encoded and added to the headers of the request as the +Authorization+ header in the format:
77
-
78
- Authorization: AuthHMAC <access_id>:<base64 encoded hmac>
79
-
80
- When authenaticating a request, AuthHMAC looks for the Authorization header in the above format, parses out the components, regenerates a HMAC for the request, using the secret key identified by the access id and then compares the generated HMAC with the one provided by the client. If they match the request is authenticated.
81
-
82
- Using these details it is possible to build code that will sign and authenticate AuthHMAC style requests in other languages.
83
-
84
- == INSTALL:
85
-
86
- * sudo gem install auth-hmac
87
-
88
- == Source Code
89
-
90
- The source repository is accessible via GitHub or Ruby Forge:
91
-
92
- git clone git://github.com/seangeo/auth-hmac.git
93
-
94
-
95
- git clone git://rubyforge.org/auth-hmac.git
96
-
97
- == Contact Information
98
-
99
- The project page is at http://rubyforge.org/projects/auth-hmac. Please file any bugs or feedback
100
- using the trackers and forums there.
101
-
102
- == Authors and Contributors
103
-
104
- rAtom was developed by Peerworks[http://peerworks.org] and written by Sean Geoghegan.
105
-
106
- == LICENSE:
107
-
108
- (The MIT License)
109
-
110
- Copyright (c) 2008 The Kaphan Foundation
111
-
112
- Permission is hereby granted, free of charge, to any person obtaining
113
- a copy of this software and associated documentation files (the
114
- 'Software'), to deal in the Software without restriction, including
115
- without limitation the rights to use, copy, modify, merge, publish,
116
- distribute, sublicense, and/or sell copies of the Software, and to
117
- permit persons to whom the Software is furnished to do so, subject to
118
- the following conditions:
119
-
120
- The above copyright notice and this permission notice shall be
121
- included in all copies or substantial portions of the Software.
122
-
123
- THE SOFTWARE IS PROVIDED 'AS IS', WITHOUT WARRANTY OF ANY KIND,
124
- EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
125
- MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
126
- IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
127
- CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
128
- TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
129
- SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
data/bin/auth-hmac DELETED
@@ -1,38 +0,0 @@
1
- #!/usr/bin/env ruby
2
- APP_ROOT = File.expand_path(File.join(File.dirname(__FILE__), '..'))
3
-
4
- require 'openssl'
5
- require 'base64'
6
-
7
- def usage
8
- puts "Usage: auth-hmac COMMAND [ARGS]"
9
- puts "\nCommands:"
10
- puts " signature [secret] [signature string] Creates HMAC digtest using optional secret"
11
- exit
12
- end
13
-
14
- def signature(args)
15
- secret = args[0]
16
- signature = args[1]
17
- digest = OpenSSL::Digest::Digest.new('sha1')
18
- puts Base64.encode64(OpenSSL::HMAC.digest(digest, secret, signature)).strip
19
- end
20
-
21
- #
22
- # MAIN
23
- #
24
-
25
- usage if ['--help', '-h'].include?(ARGV[0])
26
-
27
- command = ARGV.shift
28
- args = []
29
- ARGV.each { |arg| args << arg }
30
-
31
- usage if command.nil?
32
-
33
- case command
34
- when "signature"
35
- signature(args)
36
- end
37
-
38
-
@@ -1,2 +0,0 @@
1
- "access key 1": "secret1"
2
- "access key 2": "secret2"
data/tasks/jeweler.rake DELETED
@@ -1,17 +0,0 @@
1
- require 'auth-hmac/version'
2
-
3
- begin
4
- require 'jeweler'
5
- Jeweler::Tasks.new do |gemspec|
6
- gemspec.name = "dnclabs-auth-hmac"
7
- gemspec.summary = "A gem providing HMAC based authentication for HTTP"
8
- gemspec.description = "A gem providing HMAC based authentication for HTTP. This version includes DNC Innovation Lab changes (improvements?). See History.txt for details."
9
- gemspec.email = "innovationlab@dnc.org"
10
- gemspec.homepage = "http://github.com/dnclabs/auth-hmac"
11
- gemspec.authors = ['Sean Geoghegan', 'ascarter', 'Wes Morgan']
12
- gemspec.version = AuthHMAC::VERSION::STRING
13
- end
14
- Jeweler::GemcutterTasks.new
15
- rescue LoadError
16
- puts "Jeweler not available. Install it with: gem install jeweler"
17
- end