duo-rest 0.0.1

data/.gitignore

@@ -0,0 +1,18 @@
+# See http://help.github.com/ignore-files/ for more about ignoring files.
+#
+# If you find yourself ignoring temporary files generated by your text editor
+# or operating system, you probably want to add a global ignore instead:
+#   git config --global core.excludesfile ~/.gitignore_global
+
+# Ignore bundler config
+/.bundle
+
+# Ignore the default SQLite database.
+/db/*.sqlite3
+
+# Ignore all logfiles and tempfiles.
+/log/*.log
+/tmp
+duo_test_info.yml
+
+*/config/database.yml

data/Gemfile

@@ -0,0 +1,3 @@
+source 'https://rubygems.org'
+
+gemspec

data/Gemfile.lock

@@ -0,0 +1,24 @@
+PATH
+  remote: .
+  specs:
+    duo-rest (0.0.1)
+
+GEM
+  remote: https://rubygems.org/
+  specs:
+    coderay (1.0.7)
+    method_source (0.7.1)
+    pry (0.9.9.6)
+      coderay (~> 1.0.5)
+      method_source (~> 0.7.1)
+      slop (>= 2.4.4, < 3)
+    rake (0.9.2.2)
+    slop (2.4.4)
+
+PLATFORMS
+  ruby
+
+DEPENDENCIES
+  duo-rest!
+  pry
+  rake

data/README.md

@@ -0,0 +1,30 @@
+duo-rest
+===========
+
+This is a gem that provides access to the Duo Security Rest Api.
+
+Methods
+-------
+
+1.  **ping**
+
+    tests the connection to duo security rest api
+
+2.  **check**
+
+    checks your credentials for the correct keys
+    
+3.  **preauth**(username)
+
+    information to display to the user to decide which way they want to log in.
+
+4.  **auth**(username, auth_method)
+
+    logging the user in.
+    
+    *the only tested auth method right now is push*
+    
+More Info
+---------
+
+For more info about the duo security process go [here](http://www.duosecurity.com/docs/duorest#process)

data/Rakefile

@@ -0,0 +1,10 @@
+require 'rake/testtask'
+
+Rake::TestTask.new do |t|
+  t.libs << 'test'
+  t.test_files = `git ls-files -- test/*`.split("\n")
+  t.verbose = true
+end
+
+desc "Run tests"
+task :default => :test

data/duo-rest.gemspec

@@ -0,0 +1,23 @@
+$:.push File.expand_path("../lib", __FILE__)
+require "duo-rest/version"
+require "rubygems"
+require "bundler/setup"
+
+Gem::Specification.new do |s|
+  s.name        = 'duo-rest'
+  s.version     = DuoRest::VERSION
+  s.platform    = Gem::Platform::RUBY
+  s.date        = '2012-06-27'
+  s.summary     = "Duo Security Rest Api"
+  s.description = "Gem interface for Duo security rest api"
+  s.authors     = ["Kelly Mahan"]
+  s.email       = 'kmahan@kmahan.com'
+  s.homepage    = 'http://rubygems.org/gems/duo-rest'
+  
+  s.files       = `git ls-files`.split("\n")
+  s.test_files    = `git ls-files -- {test,spec,features}/*`.split("\n")
+  s.require_paths = ["lib"]
+    
+  s.add_development_dependency("pry")
+  s.add_development_dependency("rake")
+end

data/duo_test_info_example.yml

@@ -0,0 +1,4 @@
+hostname: "api-xxxxxxxxx.duosecurity.com"
+integration_key: "1234"
+secret_key: "asdfsdfsdfhgdfghfdhgdfg"
+username: "test"

data/lib/duo-rest.rb

@@ -0,0 +1,8 @@
+
+module DuoRest
+    
+end
+
+
+require 'duo-rest/version'
+require 'duo-rest/connection'

data/lib/duo-rest/connection.rb

@@ -0,0 +1,91 @@
+require 'open-uri'
+require 'net/http'
+require 'net/https'
+require "uri"
+require 'json'
+require 'base64'
+require 'openssl'
+require "cgi"
+
+module DuoRest
+  
+  class Connection
+    
+    REST_VERSION = 'rest/v1'
+    
+    attr_accessor :api_hostname, :response, :http, :user, :key
+    
+    def initialize(api_hostname, user, key)
+      @key = key
+      @user = user
+      @api_hostname = api_hostname
+      @http = Net::HTTP.new("#{@api_hostname}", 443)
+      @http.use_ssl = true
+    end
+    
+    def ping
+      url = "#{REST_VERSION}/ping"
+      get(url)
+    end
+    
+    def check
+      url = "#{REST_VERSION}/check"
+      get(url)
+    end
+    
+    def preauth(user)
+      url = "#{REST_VERSION}/preauth"
+      data = {user: user}
+      post(url, data)
+    end
+    
+    def auth(user, factor_method, options = {})
+      ipaddress = options[:ipaddress] || ''
+      async = options[:async]
+      url = "#{REST_VERSION}/auth"
+      data = {auto: factor_method, factor: 'auto', ipaddr: ipaddress, user: user}
+      data.merge({async: "1"}) if async
+      post(url, data)
+    end
+    
+    private
+    
+    def get(url)
+      uri = URI("https://#{@api_hostname}/#{url}")
+      req = Net::HTTP::Get.new(uri.request_uri)
+      req.basic_auth @user, sign_hmac(url, '', "GET")
+      
+      @response = Net::HTTP.start(uri.hostname, uri.port, :use_ssl => (uri.scheme == 'https')) {|http| http.request(req) }
+      JSON.parse(@response.body).to_hash
+    end
+    
+    def post(url, data)
+      uri = URI("https://#{@api_hostname}/#{url}")
+      req = Net::HTTP::Post.new(uri.request_uri)
+      pass = sign_hmac(url, to_query(data), "POST")
+      puts pass
+      req.basic_auth @user, pass
+      req.set_form_data(data)
+      @response = Net::HTTP.start(uri.hostname, uri.port, :use_ssl => (uri.scheme == 'https')) {|http| http.request(req) }
+      JSON.parse(@response.body).to_hash
+    end
+    
+    def sign_hmac(url, data, method)
+      request = "#{method}\n"
+      request << "#{@api_hostname}\n"
+      request << "/#{url}\n"
+      request << "#{data}"
+      # puts "\n"
+      # puts request
+      sig = OpenSSL::HMAC.hexdigest(OpenSSL::Digest::Digest.new('sha1'), @key, request)
+      return sig
+    end
+    
+    def to_query(hash)
+      puts hash
+      hash.map{|k,v| "#{k}=#{CGI.escape(v)}"}.join("&")
+    end
+    
+  end
+  
+end

data/lib/duo-rest/version.rb

@@ -0,0 +1,3 @@
+module DuoRest
+  VERSION = "0.0.1"
+end

data/test/duo-rest.rb

@@ -0,0 +1,71 @@
+require 'test/unit'
+require 'duo-rest'
+
+class DuoRestTest < Test::Unit::TestCase
+  
+  CONFIG = YAML::load( File.open( 'duo_test_info.yml' ) )
+  
+  API_HOSTNAME = CONFIG['hostname']
+  API_INTEGRATION_KEY = CONFIG['integration_key']
+  API_SECRET_KEY = CONFIG['secret_key']
+  API_USERNAME = CONFIG['username']
+  # simple passing test
+  def test_version
+    assert_equal "0.0.1", DuoRest::VERSION
+  end
+  
+  def test_connection
+    connection = DuoRest::Connection.new(API_HOSTNAME, API_INTEGRATION_KEY, API_SECRET_KEY).ping
+    assert_equal({"response" => "pong", "stat" => "OK"}, connection)
+  end
+  
+  def test_check
+    check = DuoRest::Connection.new(API_HOSTNAME, API_INTEGRATION_KEY, API_SECRET_KEY).check
+    assert_equal({"response" => "valid", "stat" => "OK"}, check)
+  end
+  
+  def test_preauth
+    preauth = DuoRest::Connection.new(API_HOSTNAME, API_INTEGRATION_KEY, API_SECRET_KEY).preauth(API_USERNAME)
+    assert_equal("OK", preauth["stat"])
+    
+    # this wont be the same for every user but this is the expected style
+    # assert_equal({
+    #   "response" => {
+    #     "factors"=> {"1"=>"push1", "2"=>"phone1", "3"=>"sms1", "default"=>"push1"},
+    #     "prompt"=> "Duo two-factor login for kellymahan\n\nEnter a passcode or select one of the following options:\n\n 1. Duo Push to XXX-XXX-9990\n 2. Phone call to XXX-XXX-9990\n 3. SMS passcodes to XXX-XXX-9990\n\nPasscode or option (1-3): ",
+    #     "result"=>"auth"
+    #   }, 
+    #   "stat" => "OK"
+    # }, preauth)
+  end
+  
+  def test_auth
+    auth = DuoRest::Connection.new(API_HOSTNAME, API_INTEGRATION_KEY, API_SECRET_KEY).auth(API_USERNAME, "push1")
+    assert_equal("OK", auth["stat"])
+    
+    # this wont be the same for every user but this is the expected style
+    # assert_equal({
+    #   "response"=>{"result"=>"allow", "status"=>"Success. Logging you in..."},
+    #   "stat"=>"OK"
+    # }, auth)
+  end
+  
+  
+  # So far this is not working as expected and ignored for now since it isn't a requirement
+  # def test_delayed_auth
+  #   auth = DuoRest::Connection.new(API_HOSTNAME, API_INTEGRATION_KEY, API_SECRET_KEY).auth(API_USERNAME, "push1", {async: true})
+  #   assert_equal("OK", auth["stat"])
+  #   # this wont be the same for every user but this is the expected style
+  #   assert_equal({
+  #     "response"=>{"result"=>"allow", "status"=>"Success. Logging you in..."},
+  #     "stat"=>"OK"
+  #   }, auth)
+  # end
+  
+  
+  #used to check for a delayed auth
+  def test_status
+    #TODO once delayed auth is working
+  end
+  
+end

metadata

@@ -0,0 +1,96 @@
+--- !ruby/object:Gem::Specification
+name: duo-rest
+version: !ruby/object:Gem::Version
+  version: 0.0.1
+  prerelease: 
+platform: ruby
+authors:
+- Kelly Mahan
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2012-06-27 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: pry
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+description: Gem interface for Duo security rest api
+email: kmahan@kmahan.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- .gitignore
+- Gemfile
+- Gemfile.lock
+- README.md
+- Rakefile
+- duo-rest.gemspec
+- duo_test_info_example.yml
+- duotest.rb
+- lib/duo-rest.rb
+- lib/duo-rest/connection.rb
+- lib/duo-rest/version.rb
+- test/.DS_Store
+- test/duo-rest.rb
+homepage: http://rubygems.org/gems/duo-rest
+licenses: []
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  none: false
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+      segments:
+      - 0
+      hash: 3510725538051197660
+required_rubygems_version: !ruby/object:Gem::Requirement
+  none: false
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+      segments:
+      - 0
+      hash: 3510725538051197660
+requirements: []
+rubyforge_project: 
+rubygems_version: 1.8.24
+signing_key: 
+specification_version: 3
+summary: Duo Security Rest Api
+test_files:
+- test/duo-rest.rb