duo-api 0.1.0 → 0.2.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: d94b9975331db7555613be8c9d9530a781d8e165
-  data.tar.gz: 9a91f75be1618ec3f22997d3c5956374c0a487e3
+  metadata.gz: b1bb5876e908970de5f707d26d2c297cc0a0d3cd
+  data.tar.gz: 9b8a515a3671db2330c7a5bde791f2572fc9b32c
 SHA512:
-  metadata.gz: eaa86d28caf9535753db8ef94ca7b50a62151eeca3846ce67bfcf705b09ae8c8f5bd85dca02890aff8e8b58f2b29db60595256cd989d2bcb7a6ba1f5a58a8133
-  data.tar.gz: 61e9fc8c95f731abcde8e0807382f65d02415642b6550e0382a25c1d90e11670fd48b560e81f9b7235c988c4aafb2142d0715ea10f23e4f95f7f51ea0d968039
+  metadata.gz: 38fa93a9b47f17794fd0333d47ad56c1fc6e8639381793fb09d9dd1b8b6c45cb5a376b28067f7ca1b1f3d890cfd9a4e3eda4a205faf612faa34abd67fd3831ec
+  data.tar.gz: 95a1841f1a71b1c4a43cbcf10e9159dbd0ce695bc01d7f7a07145a1269468ba08edba6b3b4eb11f905c5d1403bb0b13c7859b6a20e04bd37022a304e2c164276

data/.travis.yml

@@ -11,4 +11,7 @@ matrix:
       gemfile: gemfiles/Gemfile.18
     - rvm: ree
       gemfile: gemfiles/Gemfile.18
-
+notifications:
+  email:
+    recipients:
+      - jon@highrisehq.com

data/README.md

@@ -1,6 +1,6 @@
 # DuoApi [![Build Status](https://travis-ci.org/highrisehq/duo-api.svg)](https://travis-ci.org/highrisehq/duo-api)
 
-A thin, zero depedency library for connecting to the Duo Auth API.
+A thin, zero depedency library for connecting to the [Duo](https://www.duosecurity.com/) API.
 
 ## Installation
 
@@ -48,10 +48,8 @@ Keep in mind, you likely don't want to store these keys in your repository.
 
 ### Configuration Caveat
 
-Upon completion of the general features we noticed that Duo needs separate
-credentials for different APIs. This config is currently Global. We (or someone)
-should be adding a way to switch between credentials or perhaps it would be best
-to initialize a Client class for each credential set
+If you're using more than one Duo API, you may want to instead use DuoApi::Clients
+more directly. See usage below.
 
 ## Usage
 
@@ -75,6 +73,31 @@ response.message # => "Missing required request parameters"
 See the Duo [API documentation](https://www.duosecurity.com/docs/authapi) for a full list of
 available endpoints.
 
+### Client Usage
+
+If you're using more than one Duo API, you may want to instead use DuoApi::Clients
+more directly:
+
+```ruby
+client = DuoApi::Client.new :hostname => "api-xxxxx.duosecurity.com",
+  :integration_key => "asdf",
+  :secret_key => "asdf"
+
+response = client.get("/auth/v2/check")
+response.success? # => true
+response.body["response"]["time"] # => 1357020061
+
+response = client.post("/auth/v2/preauth", :params => { :username => "jphenow" })
+response.success? # => true
+response.code # => "200"
+response.body["response"]["result"] # => "auth"
+response.message # => "Account is active"
+
+response = client.post("/auth/v2/preauth")
+response.success? # => false
+response.code # => "400"
+response.message # => "Missing required request parameters"
+```
 
 ## Development
 
@@ -84,7 +107,7 @@ To install this gem onto your local machine, run `bundle exec rake install`. To
 
 ## Contributing
 
-Bug reports and pull requests are welcome on GitHub at https://github.com/[USERNAME]/duo-api. This project is intended to be a safe, welcoming space for collaboration, and contributors are expected to adhere to the [Contributor Covenant](contributor-covenant.org) code of conduct.
+Bug reports and pull requests are welcome on GitHub at https://github.com/highrisehq/duo-api. This project is intended to be a safe, welcoming space for collaboration, and contributors are expected to adhere to the [Contributor Covenant](contributor-covenant.org) code of conduct.
 
 
 ## License

data/lib/duo-api/client.rb

@@ -0,0 +1,45 @@
+module DuoApi
+  class Client
+    ATTRIBUTES = %w[
+      integration_key
+      secret_key
+      app_secret
+      hostname
+    ]
+    ATTRIBUTES.each do |attr|
+      attr_accessor attr
+    end
+
+    def initialize(options = {})
+      options.each do |key, value|
+        if ATTRIBUTES.include?(key.to_s)
+          instance_variable_set("@#{key}", value)
+        else
+          raise ArgumentError, "no attribute #{key}"
+        end
+      end
+    end
+
+    def get(path, options = {})
+      Request.request(self, path, { :method => "GET" }.merge(options))
+    end
+
+    def post(path, options = {})
+      Request.request(self, path, { :method => "POST" }.merge(options))
+    end
+
+    def sign(user_key)
+      signer.sign(user_key)
+    end
+
+    def verify(signed_response)
+      signer.verify(signed_response)
+    end
+
+    private
+
+      def signer
+        Signature.new(self)
+      end
+  end
+end

data/lib/duo-api/header_signature.rb

@@ -1,23 +1,24 @@
 require 'time'
 module DuoApi
   class HeaderSignature
-    extend Util
     include Util
     include Digesting
 
+    attr_reader :client
     attr_reader :method
     attr_reader :path
     attr_reader :query_body_string
 
-    def initialize(method, path, query_body_string)
+    def initialize(client, method, path, query_body_string)
+      @client = client
       @method = method
       @path = path
       @query_body_string = query_body_string
     end
 
     def basic_auth
-      username = DuoApi.config.integration_key
-      password = digest(config.secret_key, body)
+      username = client.integration_key
+      password = digest(client.secret_key, body)
 
       [username, password]
     end
@@ -31,14 +32,10 @@ module DuoApi
       def body
         components = [date_header]
         components << method
-        components << hostname
+        components << client.hostname
         components << path
         components << query_body_string
         components.join("\n")
       end
-
-      def hostname
-        DuoApi.config.hostname
-      end
   end
 end

data/lib/duo-api/request.rb

@@ -9,10 +9,10 @@ module DuoApi
     extend Util
     include Util
 
-    def self.request(path, options = {})
+    def self.request(client, path, options = {})
       options = stringify_hash(options)
-      hostname = options["hostname"] || DuoApi.config.hostname
-      instance = new(options["method"], hostname, path, options["params"], options["headers"])
+      hostname = options["hostname"] || client.hostname
+      instance = new(client, options["method"], hostname, path, options["params"], options["headers"])
       instance.run
     end
 
@@ -22,7 +22,7 @@ module DuoApi
     attr_reader :headers
     attr_reader :uri
 
-    def initialize(method, hostname, path, params, headers)
+    def initialize(client, method, hostname, path, params, headers)
       @method = method.to_s.upcase
       @method = "GET" if @method.length == 0
       hostname = hostname.to_s.downcase.sub(/\/\z/, "")
@@ -34,7 +34,7 @@ module DuoApi
         map {|k,v| "#{URI.encode(k.to_s)}=#{URI.encode(v.to_s)}" }.
         join("&")
 
-      @signature = HeaderSignature.new(method, path, query_string)
+      @signature = HeaderSignature.new(client, method, path, query_string)
 
       @headers = stringify_hash(headers)
       @headers["Date"] = signature.date_header

data/lib/duo-api/signature.rb

@@ -7,7 +7,8 @@ require "duo-api/digesting"
 module DuoApi
   class Signature
     extend Util
-    extend Digesting
+    include Util
+    include Digesting
 
     DUO_PREFIX  = 'TX'
     APP_PREFIX  = 'APP'
@@ -19,26 +20,32 @@ module DuoApi
 
     ERR_USER = error_with_message('The user_key passed to sign with is invalid.')
 
-    def self.sign(user_key)
+    attr_reader :client
+
+    def initialize(client)
+      @client = client
+    end
+
+    def sign(user_key)
       raise ERR_USER if !user_key || user_key.to_s.length == 0 if user_key.include?('|')
-      if config.integration_key.to_s.length == 0 ||
-          config.secret_key.to_s.length == 0 ||
-          config.app_secret.to_s.length == 0
+      if client.integration_key.to_s.length == 0 ||
+          client.secret_key.to_s.length == 0 ||
+          client.app_secret.to_s.length == 0
         raise InvalidConfiguration, "your DuoApi doesn't seem to be configured properly"
       end
 
-      vals = [user_key.to_s, config.integration_key]
+      vals = [user_key.to_s, client.integration_key]
 
-      duo_sig = sign_values(config.secret_key, vals, DUO_PREFIX, DUO_EXPIRE)
-      app_sig = sign_values(config.app_secret, vals, APP_PREFIX, APP_EXPIRE)
+      duo_sig = sign_values(client.secret_key, vals, DUO_PREFIX, DUO_EXPIRE)
+      app_sig = sign_values(client.app_secret, vals, APP_PREFIX, APP_EXPIRE)
 
       return [duo_sig, app_sig].join(':')
     end
 
-    def self.verify(signed_response)
+    def verify(signed_response)
       auth_sig, app_sig = signed_response.to_s.split(':')
-      auth_user = parse_vals(config.secret_key, auth_sig, AUTH_PREFIX)
-      app_user = parse_vals(config.app_secret, app_sig, APP_PREFIX)
+      auth_user = parse_vals(client.secret_key, auth_sig, AUTH_PREFIX)
+      app_user = parse_vals(client.app_secret, app_sig, APP_PREFIX)
 
       return nil if auth_user != app_user
 
@@ -47,7 +54,7 @@ module DuoApi
 
     private
 
-      def self.parse_vals(key, val, prefix)
+      def parse_vals(key, val, prefix)
         ts = Time.now.to_i
 
         parts = val.to_s.split('|')
@@ -66,14 +73,14 @@ module DuoApi
         return nil if cookie_parts.length != 3
         user, u_ikey, exp = cookie_parts
 
-        return nil if u_ikey != config.integration_key
+        return nil if u_ikey != client.integration_key
 
         return nil if ts >= exp.to_i
 
         return user
       end
 
-      def self.sign_values(key, values, prefix, expiration)
+      def sign_values(key, values, prefix, expiration)
         exp = Time.now.to_i + expiration
 
         val_list = values + [exp]

data/lib/duo-api/util.rb

@@ -7,10 +7,6 @@ module DuoApi
       Hash[hash.map { |k, v| [k.to_s, v] }]
     end
 
-    def config
-      DuoApi.config
-    end
-
     def error_with_message(message)
       klass = Class.new(DuoApiError)
       klass.send :define_method, :initialize do |*msg|

data/lib/duo-api/version.rb

@@ -1,3 +1,3 @@
 module DuoApi
-  VERSION = "0.1.0"
+  VERSION = "0.2.0"
 end

data/lib/duo-api.rb

@@ -1,5 +1,5 @@
 require "duo-api/version"
-require "duo-api/configuration"
+require "duo-api/client"
 require "duo-api/signature"
 require "duo-api/request"
 
@@ -15,24 +15,31 @@ module DuoApi
   InvalidConfiguration = Class.new(StandardError)
 
   def self.config
-    @config ||= Configuration.new
+    @config ||= Client.new
     yield @config if block_given?
     @config
   end
+  class << self
+    alias client config
+  end
+
+  def self.get(*args)
+    client.get(*args)
+  end
 
-  def self.get(path, options = {})
-    Request.request(path, { :method => "GET" }.merge(options))
+  def self.post(*args)
+    client.post(*args)
   end
 
-  def self.post(path, options = {})
-    Request.request(path, { :method => "POST" }.merge(options))
+  def self.request(*args)
+    client.request(*args)
   end
 
-  def self.sign(user_key)
-    Signature.sign(user_key)
+  def self.sign(*args)
+    client.sign(*args)
   end
 
-  def self.verify(signed_response)
-    Signature.verify(signed_response)
+  def self.verify(*args)
+    client.verify(*args)
   end
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: duo-api
 version: !ruby/object:Gem::Version
-  version: 0.1.0
+  version: 0.2.0
 platform: ruby
 authors:
 - Jon Phenow
@@ -76,7 +76,7 @@ files:
 - exe/duo-api
 - gemfiles/Gemfile.18
 - lib/duo-api.rb
-- lib/duo-api/configuration.rb
+- lib/duo-api/client.rb
 - lib/duo-api/digesting.rb
 - lib/duo-api/header_signature.rb
 - lib/duo-api/request.rb

data/lib/duo-api/configuration.rb

@@ -1,4 +0,0 @@
-module DuoApi
-  class Configuration < Struct.new(:hostname, :integration_key, :secret_key, :app_secret)
-  end
-end