enigma 0.0.1

data/History.txt

@@ -0,0 +1,4 @@
+=== 0.0.1 2010-04-02
+
+* 1 major enhancement:
+  * Initial release

data/Manifest.txt

@@ -0,0 +1,13 @@
+History.txt
+Manifest.txt
+PostInstall.txt
+README.rdoc
+Rakefile
+lib/enigma.rb
+script/console
+script/destroy
+script/generate
+spec/enigma_spec.rb
+spec/spec.opts
+spec/spec_helper.rb
+tasks/rspec.rake

data/PostInstall.txt

@@ -0,0 +1,7 @@
+
+For more information on enigma, see http://enigma.rubyforge.org
+
+NOTE: Change this information in PostInstall.txt 
+You can also delete it if you don't want it.
+
+

data/README.rdoc

@@ -0,0 +1,97 @@
+= enigma
+
+* http://github.com/teejayvanslyke/enigma
+
+== DESCRIPTION:
+
+Key/secret authentication for your web services
+
+== FEATURES/PROBLEMS:
+
+* I just started implementing this today, so it's really not ready for use.  I
+  would love your opinions about the current API and possible improvements.
+
+== SYNOPSIS:
+
+Let's say you have a web service endpoint coded in Sinatra that says "Hello,
+world":
+
+  # app.rb
+  get '/' do
+    "Hello, world!"
+  end
+
+Enigma will allow you to authenticate the service using a key/secret scheme:
+
+  >> Enigma.generate_key
+  => "03637dee19a1c96c1547f8834ca5e96c"
+  >> Enigma.generate_secret
+  => "1f430a0481601697898a566ae54fde5a"
+
+  # app.rb
+      
+  Enigma.find_secret do |key|
+    # Usually, you'd have these stored in your database. 
+    # For this example, we'll just return the secret if we have a matching
+    # key.
+    if key == "03637dee19a1c96c1547f8834ca5e96c"
+      return "1f430a0481601697898a566ae54fde5a"
+    end
+  end
+
+  get '/' do
+    if (params = Enigma.authenticate(params))
+      "Hello, world."
+    else
+      "Not authorized."
+    end
+  end
+
+It provides a wrapper for the rest-client gem which properly encodes URI
+parameters on the query string for consumption by Enigma:
+
+  # client.rb
+
+  client = Enigma::Client.new(
+    "03637dee19a1c96c1547f8834ca5e96c",
+    "1f430a0481601697898a566ae54fde5a"
+  )
+
+  client.get("http://localhost:4567").body
+  => "Hello, world."
+
+The Enigma.authenticate method returns the unencoded parameters if the
+authentication is successful; otherwise it returns nil.
+
+== REQUIREMENTS:
+
+* ezcrypto
+
+== INSTALL:
+
+  sudo gem install enigma
+
+== LICENSE:
+
+(The MIT License)
+
+Copyright (c) 2010 FIXME full name
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+'Software'), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED 'AS IS', WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
+IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
+CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
+TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
+SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/Rakefile

@@ -0,0 +1,26 @@
+require 'rubygems'
+gem 'hoe', '>= 2.1.0'
+require 'hoe'
+require 'fileutils'
+require './lib/enigma'
+
+Hoe.plugin :newgem
+# Hoe.plugin :website
+# Hoe.plugin :cucumberfeatures
+
+# Generate all the Rake tasks
+# Run 'rake -T' to see list of generated tasks (from gem root directory)
+$hoe = Hoe.spec 'enigma' do
+  self.developer 'T.J. VanSlyke', 'teejay.vanslyke@gmail.com'
+  self.post_install_message = 'PostInstall.txt' # TODO remove if post-install message not required
+  self.rubyforge_name       = self.name # TODO this is default value
+  self.extra_deps         = [['ezcrypto', '>= 0.7.2']]
+
+end
+
+require 'newgem/tasks'
+Dir['tasks/**/*.rake'].each { |t| load t }
+
+# TODO - want other tests/tasks run by default? Add them to the list
+# remove_task :default
+# task :default => [:spec, :features]

data/lib/enigma.rb

@@ -0,0 +1,123 @@
+$:.unshift(File.dirname(__FILE__)) unless
+  $:.include?(File.dirname(__FILE__)) || $:.include?(File.expand_path(File.dirname(__FILE__)))
+
+require 'rubygems'
+require 'cgi'
+require 'yaml'
+require 'rest_client'
+require 'addressable/uri'
+require "digest/sha1"
+require 'ezcrypto'
+
+module Enigma
+  VERSION = '0.0.1'
+
+  KEY_LENGTH    = 32
+  SECRET_LENGTH = 32
+
+
+  class Query < Hash
+
+    def initialize(key, secret, params)
+      self[:key]    = key
+      self[:params] = Enigma.encode_params(secret, params)
+    end
+
+    def to_params
+      params = ''
+      stack = []
+
+      each do |k, v|
+        if v.is_a?(Hash)
+          stack << [k,v]
+        else
+          params << "#{k}=#{v}&"
+        end
+      end
+
+      stack.each do |parent, hash|
+        hash.each do |k, v|
+          if v.is_a?(Hash)
+            stack << ["#{parent}[#{k}]", v]
+          else
+            params << "#{parent}[#{k}]=#{v}&"
+          end
+        end
+      end
+
+      params.chop! # trailing &
+      params
+    end
+  end
+
+  class KeyGenerator
+    def self.generate(length = 10)
+      Digest::SHA1.hexdigest(Time.now.to_s + rand(12341234).to_s)[1..length]
+    end
+  end
+
+  def self.generate_key
+    KeyGenerator.generate(KEY_LENGTH)
+  end
+
+  def self.generate_secret
+    KeyGenerator.generate(SECRET_LENGTH)
+  end
+
+  def self.find_secret(&block)
+    @find_secret = block
+  end
+
+  def self.authenticate(params={})
+    if @find_secret.nil?
+      raise "Pass a block to #{self.name}.find_secret which returns 
+             secret for the given key. See documentation for details."
+    end
+
+    self.decode_params(@find_secret.call(params[:key]), params[:params])
+  end
+
+  def self.encrypt(secret, data)
+    key = EzCrypto::Key.with_password(secret, "salt")
+    key.encrypt(data)
+  end
+
+  def self.decrypt(secret, data)
+    key = EzCrypto::Key.with_password(secret, "salt")
+    key.decrypt(data)
+  end
+
+  def self.encode_params(secret, params)
+    CGI::escape(
+      encrypt(
+        secret, [ YAML::dump(params.sort {|a,b| a[0].to_s <=> b[0].to_s}) ].
+        pack('m')
+      )
+    )
+  end
+
+  def self.decode_params(secret, signed_params)
+    begin
+      params = {}
+      YAML::load(decrypt(secret, CGI::unescape(signed_params)).unpack('m').first).each do |key, value|
+        params[key] = value
+      end
+      return params
+    rescue 
+      return nil
+    end
+  end
+
+  class Client
+    def initialize(key, secret)
+      @key    = key
+      @secret = secret
+    end
+
+    def get(url, params={})
+      query = Query.new(@key, @secret, params)
+      RestClient.get("#{url}?#{query.to_params}")
+    end
+  end
+
+end

data/script/console

@@ -0,0 +1,10 @@
+#!/usr/bin/env ruby
+# File: script/console
+irb = RUBY_PLATFORM =~ /(:?mswin|mingw)/ ? 'irb.bat' : 'irb'
+
+libs =  " -r irb/completion"
+# Perhaps use a console_lib to store any extra methods I may want available in the cosole
+# libs << " -r #{File.dirname(__FILE__) + '/../lib/console_lib/console_logger.rb'}"
+libs <<  " -r #{File.dirname(__FILE__) + '/../lib/enigma.rb'}"
+puts "Loading enigma gem"
+exec "#{irb} #{libs} --simple-prompt"

data/script/destroy

@@ -0,0 +1,14 @@
+#!/usr/bin/env ruby
+APP_ROOT = File.expand_path(File.join(File.dirname(__FILE__), '..'))
+
+begin
+  require 'rubigen'
+rescue LoadError
+  require 'rubygems'
+  require 'rubigen'
+end
+require 'rubigen/scripts/destroy'
+
+ARGV.shift if ['--help', '-h'].include?(ARGV[0])
+RubiGen::Base.use_component_sources! [:rubygems, :newgem, :newgem_theme, :test_unit]
+RubiGen::Scripts::Destroy.new.run(ARGV)

data/script/generate

@@ -0,0 +1,14 @@
+#!/usr/bin/env ruby
+APP_ROOT = File.expand_path(File.join(File.dirname(__FILE__), '..'))
+
+begin
+  require 'rubigen'
+rescue LoadError
+  require 'rubygems'
+  require 'rubigen'
+end
+require 'rubigen/scripts/generate'
+
+ARGV.shift if ['--help', '-h'].include?(ARGV[0])
+RubiGen::Base.use_component_sources! [:rubygems, :newgem, :newgem_theme, :test_unit]
+RubiGen::Scripts::Generate.new.run(ARGV)

data/spec/enigma_spec.rb

@@ -0,0 +1,106 @@
+require File.dirname(__FILE__) + '/spec_helper.rb'
+
+describe Enigma do
+
+  describe "when generating an API key" do
+    it "should be a string" do
+      Enigma.generate_key.should be_a(String)
+    end
+
+    it "should be 32 digits long" do
+      Enigma.generate_key.length.should == 32
+    end
+  end
+
+  describe "when generating an API secret" do
+    it "should be a string" do
+      Enigma.generate_secret.should be_a(String)
+    end
+
+    it "should be 64 digits long" do
+      Enigma.generate_secret.length.should == 32
+    end
+  end
+
+  describe "when authenticating" do
+    before :each do
+      @key            = Enigma.generate_key
+      # Sigh, has to be global to be seen below...
+      @secret         = $secret = Enigma.generate_secret
+      @params         = { :p1 => 1, :p2 => 2 }
+      @signed_params  = Enigma.encode_params(@secret, @params)
+
+    end
+
+    context "with a valid key/secret pair" do
+      before :each do
+        # Let's just return the secret, straight up.
+        Enigma.find_secret do |key|
+          $secret
+        end
+      end
+
+      it "should return the decoded parameters" do
+        Enigma.authenticate(:key => @key, :params => @signed_params).should == @params
+      end
+    end
+
+    context "with an invalid key/secret pair" do
+      before :each do
+        # And now, let's return the wrong one.
+        Enigma.find_secret do |key|
+          Enigma.generate_secret
+        end
+      end
+
+      it "should not be able to decode the params using the invalid secret" do
+        Enigma.decode_params(Enigma.generate_secret, @signed_params).should be_nil
+      end
+
+      it "should return nil" do
+        Enigma.authenticate(:key => @key, :params => @signed_params).should be_nil
+      end
+    end
+  end
+
+  describe "when encoding parameters" do
+    before :each do
+      @secret = Enigma.generate_secret
+      @params = { 'param1' => '1', 'param2' => 2 }
+    end
+
+    it "should be able to decode them" do
+      Enigma.decode_params(@secret, Enigma.encode_params(@secret, @params)).should == @params
+    end
+  end
+
+end
+
+describe Enigma::Client do
+  describe "get" do
+    before :each do
+      @key    = Enigma.generate_key
+      @secret = Enigma.generate_secret
+      @client = Enigma::Client.new(@key, @secret)
+      @params = { 'p1' => 'value' }
+      @signed_params = Enigma.encode_params(@secret, @params)
+    end
+
+    it "should send a GET request with the key and signed params" do
+      RestClient.should_receive(:get).with("http://some.service?params=#{@signed_params}&key=#{@key}")
+      @client.get("http://some.service", @params)
+    end
+  end
+end
+
+=begin
+get '/' do
+  user = User.find_by_key(params[:key])
+  Enigma.authenticate(params[:key], user.secret, params[:params])
+end
+
+Enigma.generate_key
+Enigma.generate_secret
+
+=end
+

data/spec/spec.opts

@@ -0,0 +1 @@
+--colour

data/spec/spec_helper.rb

@@ -0,0 +1,10 @@
+begin
+  require 'spec'
+rescue LoadError
+  require 'rubygems' unless ENV['NO_RUBYGEMS']
+  gem 'rspec'
+  require 'spec'
+end
+
+$:.unshift(File.dirname(__FILE__) + '/../lib')
+require 'enigma'

data/tasks/rspec.rake

@@ -0,0 +1,21 @@
+begin
+  require 'spec'
+rescue LoadError
+  require 'rubygems' unless ENV['NO_RUBYGEMS']
+  require 'spec'
+end
+begin
+  require 'spec/rake/spectask'
+rescue LoadError
+  puts <<-EOS
+To use rspec for testing you must install rspec gem:
+    gem install rspec
+EOS
+  exit(0)
+end
+
+desc "Run the specs under spec/models"
+Spec::Rake::SpecTask.new do |t|
+  t.spec_opts = ['--options', "spec/spec.opts"]
+  t.spec_files = FileList['spec/**/*_spec.rb']
+end

metadata

@@ -0,0 +1,110 @@
+--- !ruby/object:Gem::Specification 
+name: enigma
+version: !ruby/object:Gem::Version 
+  version: 0.0.1
+platform: ruby
+authors: 
+- T.J. VanSlyke
+autorequire: 
+bindir: bin
+cert_chain: []
+
+date: 2010-04-03 00:00:00 -07:00
+default_executable: 
+dependencies: 
+- !ruby/object:Gem::Dependency 
+  name: ezcrypto
+  type: :runtime
+  version_requirement: 
+  version_requirements: !ruby/object:Gem::Requirement 
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        version: 0.7.2
+    version: 
+- !ruby/object:Gem::Dependency 
+  name: rubyforge
+  type: :development
+  version_requirement: 
+  version_requirements: !ruby/object:Gem::Requirement 
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        version: 2.0.3
+    version: 
+- !ruby/object:Gem::Dependency 
+  name: gemcutter
+  type: :development
+  version_requirement: 
+  version_requirements: !ruby/object:Gem::Requirement 
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        version: 0.5.0
+    version: 
+- !ruby/object:Gem::Dependency 
+  name: hoe
+  type: :development
+  version_requirement: 
+  version_requirements: !ruby/object:Gem::Requirement 
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        version: 2.5.0
+    version: 
+description: Key/secret authentication for your web services
+email: 
+- teejay.vanslyke@gmail.com
+executables: []
+
+extensions: []
+
+extra_rdoc_files: 
+- History.txt
+- Manifest.txt
+- PostInstall.txt
+files: 
+- History.txt
+- Manifest.txt
+- PostInstall.txt
+- README.rdoc
+- Rakefile
+- lib/enigma.rb
+- script/console
+- script/destroy
+- script/generate
+- spec/enigma_spec.rb
+- spec/spec.opts
+- spec/spec_helper.rb
+- tasks/rspec.rake
+has_rdoc: true
+homepage: http://github.com/teejayvanslyke/enigma
+licenses: []
+
+post_install_message: PostInstall.txt
+rdoc_options: 
+- --main
+- README.rdoc
+require_paths: 
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement 
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      version: "0"
+  version: 
+required_rubygems_version: !ruby/object:Gem::Requirement 
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      version: "0"
+  version: 
+requirements: []
+
+rubyforge_project: enigma
+rubygems_version: 1.3.5
+signing_key: 
+specification_version: 3
+summary: Key/secret authentication for your web services
+test_files: []
+