duo 0.0.2

data/.document

@@ -0,0 +1,11 @@
+# .document is used by rdoc and yard to know how to generate documentation 
+# for example, it can be used to control how rdoc gets built when you do `gem install foo`
+
+README.rdoc
+lib/**/*.rb
+bin/*
+
+# Files below this - are treated as 'extra files', and aren't parsed for ruby code
+- 
+features/**/*.feature
+LICENSE

data/.gitignore

@@ -0,0 +1,40 @@
+*.gem
+.bundle
+Gemfile.lock
+pkg/*
+# rcov generated
+coverage
+
+# rdoc generated
+rdoc
+
+# yard generated
+doc
+.yardoc
+
+# Have editor/IDE/OS specific files you need to ignore? Consider using a global gitignore: 
+#
+# * Create a file at ~/.gitignore
+# * Include files you want ignored
+# * Run: git config --global core.excludesfile ~/.gitignore
+#
+# After doing this, these files will be ignored in all your git projects,
+# saving you from having to 'pollute' every project you touch with them
+#
+# Not sure what to needs to be ignored for particular editors/OSes? Here's some ideas to get you started. (Remember, remove the leading # of the line)
+#
+# For MacOS:
+#
+#.DS_Store
+#
+# For TextMate
+#*.tmproj
+#tmtags
+#
+# For emacs:
+#*~
+#\#*
+#.\#*
+#
+# For vim:
+#*.swp

data/Gemfile

@@ -0,0 +1,4 @@
+source "http://rubygems.org"
+
+# Specify your gem's dependencies in duo.gemspec
+gemspec

data/LICENSE

@@ -0,0 +1,20 @@
+Copyright (c) 2011 Brandon Dimcheff
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.rdoc

@@ -0,0 +1,17 @@
+= duo
+
+Description goes here.
+
+== Note on Patches/Pull Requests
+ 
+* Fork the project.
+* Make your feature addition or bug fix.
+* Add tests for it. This is important so I don't break it in a
+  future version unintentionally.
+* Commit, do not mess with rakefile, version, or history.
+  (if you want to have your own version, that is fine but bump version in a commit by itself I can ignore when I pull)
+* Send me a pull request. Bonus points for topic branches.
+
+== Copyright
+
+Copyright (c) 2011 Brandon Dimcheff. See LICENSE for details.

data/Rakefile

@@ -0,0 +1,42 @@
+require 'rubygems'
+
+begin
+  require 'bundler'
+rescue LoadError
+  $stderr.puts "You must install bundler - run `gem install bundler`"
+end
+
+begin
+  Bundler.setup
+rescue Bundler::BundlerError => e
+  $stderr.puts e.message
+  $stderr.puts "Run `bundle install` to install missing gems"
+  exit e.status_code
+end
+require 'rake'
+
+require 'bueller'
+Bueller::Tasks.new
+
+require 'rspec/core/rake_task'
+RSpec::Core::RakeTask.new(:examples) do |examples|
+  examples.rspec_opts = '-Ispec'
+end
+
+RSpec::Core::RakeTask.new(:rcov) do |spec|
+  spec.rspec_opts = '-Ispec'
+  spec.rcov = true
+end
+
+task :default => :examples
+
+require 'rake/rdoctask'
+Rake::RDocTask.new do |rdoc|
+  version = File.exist?('VERSION') ? File.read('VERSION') : ""
+
+  rdoc.main = 'README.rdoc'
+  rdoc.rdoc_dir = 'rdoc'
+  rdoc.title = "duo #{version}"
+  rdoc.rdoc_files.include('README*')
+  rdoc.rdoc_files.include('lib/**/*.rb')
+end

data/duo.gemspec

@@ -0,0 +1,34 @@
+$:.push File.expand_path("../lib", __FILE__)
+require 'duo/version'
+
+Gem::Specification.new do |s|
+  s.name = 'duo'
+  s.version = Duo::VERSION
+  s.platform = Gem::Platform::RUBY
+  s.date = "2011-04-26"
+  s.authors = ['Brandon Dimcheff']
+  s.email = 'bdimchef-git@wieldim.com'
+  s.homepage = 'http://github.com/bdimcheff/duo'
+  s.summary = %Q{Duo Security 2-factor authentication in Ruby}
+  s.description = %Q{Check out http://duosecurity.com for more info}
+  s.extra_rdoc_files = [
+    'LICENSE',
+    'README.rdoc',
+  ]
+
+  s.required_rubygems_version = Gem::Requirement.new('>= 1.3.7')
+  s.rubygems_version = '1.3.7'
+  s.specification_version = 3
+
+  s.files         = `git ls-files`.split("\n")
+  s.test_files    = `git ls-files -- {test,spec,features}/*`.split("\n")
+  s.executables   = `git ls-files -- bin/*`.split("\n").map{ |f| File.basename(f) }
+  s.require_paths = ['lib']
+
+  s.add_development_dependency 'rspec'
+  s.add_development_dependency 'bundler'
+  s.add_development_dependency 'bueller'
+  s.add_development_dependency 'rake'
+  s.add_development_dependency 'rcov'
+end
+

data/lib/duo.rb

@@ -0,0 +1,45 @@
+require 'openssl'
+require 'base64'
+
+module Duo
+  
+  # Sign a Duo request with skey, ikey, and the local username
+  def sign_request(skey, ikey, username)
+    exp = Time.now.to_i + 300
+
+    val = [username, ikey, exp].join('|')
+    
+    b64 = Base64.encode64(val).strip
+    cookie = "TX|#{b64}"
+
+    sig = hmac_sha1(skey, cookie)
+
+    [cookie, sig].join('|')
+  end
+
+  # Check a response from Duo with the skey.
+  def verify_response(skey, sig_response)
+    ts = Time.now.to_i
+    u_prefix, u_b64, u_sig = sig_response.to_s.split('|')
+    
+    sig = OpenSSL::HMAC.hexdigest(OpenSSL::Digest::Digest.new('sha1'),
+      skey, [u_prefix, u_b64].join('|'))
+      
+    return nil if hmac_sha1(skey, sig) != hmac_sha1(skey, u_sig)
+    
+    return nil if u_prefix != 'AUTH'
+    
+    user, ikey, exp = Base64.decode64(u_b64).to_s.split('|')
+    
+    return nil if ts >= exp.to_i
+    
+    return user
+  end
+  
+  private
+  def hmac_sha1(key, data)
+    OpenSSL::HMAC.hexdigest(OpenSSL::Digest::Digest.new('sha1'), key, data.to_s)
+  end
+  
+  extend self
+end

data/lib/duo/version.rb

@@ -0,0 +1,3 @@
+module Duo
+  VERSION = "0.0.2"
+end

data/spec/duo_spec.rb

@@ -0,0 +1,55 @@
+require 'spec_helper'
+
+IKEY = "DIXXXXXXXXXXXXXXXXXX"
+SKEY = "deadbeefdeadbeefdeadbeefdeadbeefdeadbeef"
+
+USER = "testuser"
+
+INVALID_RESPONSE = "  |INVALID|SIG"
+EXPIRED_RESPONSE = "AUTH|dGVzdHVzZXJ8RElYWFhYWFhYWFhYWFhYWFhYWFh8MTMwMDE1Nzg3NA==|cb8f4d60ec7c261394cd5ee5a17e46ca7440d702"
+FUTURE_RESPONSE = "AUTH|dGVzdHVzZXJ8RElYWFhYWFhYWFhYWFhYWFhYWFh8MTYxNTcyNzI0Mw==|d20ad0d1e62d84b00a3e74ec201a5917e77b6aef"
+
+
+describe Duo do
+  
+  context "signing" do
+    
+    it "doesn't fail spectacularly" do
+      lambda { Duo.sign_request(SKEY, IKEY, USER) }.should_not raise_error
+    end
+    pending "write tests, dug!!"
+  end
+  
+  context "verifying" do
+    it "verifies a valid response" do
+      future_user = Duo.verify_response(SKEY, FUTURE_RESPONSE)
+      future_user.should == USER
+    end
+    
+    it "rejects an invalid user" do
+      future_user = Duo.verify_response(SKEY, INVALID_RESPONSE)
+      future_user.should be_nil
+    end
+    
+    it "rejects an expired user" do
+      future_user = Duo.verify_response(SKEY, EXPIRED_RESPONSE)
+      future_user.should be_nil
+    end
+    
+    it "doesn't crash when nil" do
+      lambda { Duo.verify_response(SKEY, nil) }.should_not raise_error
+    end
+    
+    it "doesn't crash when nonsense" do
+      lambda { Duo.verify_response(SKEY, 'abceaouhsnt') }.should_not raise_error
+    end
+    
+    it "doesn't crash when pipey" do
+      lambda { Duo.verify_response(SKEY, '|') }.should_not raise_error
+    end
+    
+    it "doesn't crash when 7" do
+      lambda { Duo.verify_response(SKEY, 7) }.should_not raise_error
+    end
+  end
+end

data/spec/spec_helper.rb

@@ -0,0 +1,19 @@
+require 'bundler'
+begin
+  Bundler.setup
+rescue Bundler::BundlerError => e
+  $stderr.puts e.message
+  $stderr.puts "Run `bundle install` to install missing gems"
+  exit e.status_code
+end
+
+require 'rspec'
+require 'duo'
+
+# Requires supporting files with custom matchers and macros, etc,
+# in ./support/ and its subdirectories.
+Dir["#{File.dirname(__FILE__)}/support/**/*.rb"].each {|f| require f}
+
+RSpec.configure do |config|
+  
+end

metadata

@@ -0,0 +1,125 @@
+--- !ruby/object:Gem::Specification 
+name: duo
+version: !ruby/object:Gem::Version 
+  prerelease: 
+  version: 0.0.2
+platform: ruby
+authors: 
+- Brandon Dimcheff
+autorequire: 
+bindir: bin
+cert_chain: []
+
+date: 2011-04-26 00:00:00 -04:00
+default_executable: 
+dependencies: 
+- !ruby/object:Gem::Dependency 
+  name: rspec
+  requirement: &id001 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        version: "0"
+  type: :development
+  prerelease: false
+  version_requirements: *id001
+- !ruby/object:Gem::Dependency 
+  name: bundler
+  requirement: &id002 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        version: "0"
+  type: :development
+  prerelease: false
+  version_requirements: *id002
+- !ruby/object:Gem::Dependency 
+  name: bueller
+  requirement: &id003 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        version: "0"
+  type: :development
+  prerelease: false
+  version_requirements: *id003
+- !ruby/object:Gem::Dependency 
+  name: rake
+  requirement: &id004 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        version: "0"
+  type: :development
+  prerelease: false
+  version_requirements: *id004
+- !ruby/object:Gem::Dependency 
+  name: rcov
+  requirement: &id005 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        version: "0"
+  type: :development
+  prerelease: false
+  version_requirements: *id005
+description: Check out http://duosecurity.com for more info
+email: bdimchef-git@wieldim.com
+executables: []
+
+extensions: []
+
+extra_rdoc_files: 
+- LICENSE
+- README.rdoc
+files: 
+- .document
+- .gitignore
+- Gemfile
+- LICENSE
+- README.rdoc
+- Rakefile
+- duo.gemspec
+- lib/duo.rb
+- lib/duo/version.rb
+- spec/duo_spec.rb
+- spec/spec_helper.rb
+has_rdoc: true
+homepage: http://github.com/bdimcheff/duo
+licenses: []
+
+post_install_message: 
+rdoc_options: []
+
+require_paths: 
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement 
+  none: false
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      hash: -180197569806200963
+      segments: 
+      - 0
+      version: "0"
+required_rubygems_version: !ruby/object:Gem::Requirement 
+  none: false
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      version: 1.3.7
+requirements: []
+
+rubyforge_project: 
+rubygems_version: 1.6.0
+signing_key: 
+specification_version: 3
+summary: Duo Security 2-factor authentication in Ruby
+test_files: 
+- spec/duo_spec.rb
+- spec/spec_helper.rb