faye-authentication 0.3.0 → 0.4.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 5c557cbf72df6369ab2dcc5ad4ca635cc06220ad
-  data.tar.gz: ce322da963e471760990647799e6ac430a56bd4e
+  metadata.gz: 9a617e82b1d7184dc0ce7016b8736c6e412500f3
+  data.tar.gz: 640960f50c1a742c704bd4ded7930817caf22ee4
 SHA512:
-  metadata.gz: 15b99a92f41c1ff17cafd508ff2ebd55710ea52b20b828f00adcce50cefe9822e302d0fb41e7e40bb005bb7ba122ccdad9c640434701a0f988eb9b809e33a1c1
-  data.tar.gz: e470c75679e72fa27515ace5f16bf844e36fba64f4d7ed89ee5466d2a7e6c88f083c58d9c478aa16cd1a836f09e7da8b7aa6ba273b0d1d749501363f3d8e6274
+  metadata.gz: c130a9cef8388dcc2666842339aea83206c3500e155c45b67ab5751ba29a339a8786e95c54cf754aeb8362d78cca94d120f8d2a3151bece77ee44c47e4121609
+  data.tar.gz: 09ef066a4f2cbaddb41ac92175a0dbe58e9c3d6e8e78cb21c775bf9300a0f8026eea4cf0d89dc0b5a5a09bbaba1aa7f0c7b1d91549ad5db5a3209d8f220dff25

data/CHANGELOG.md

@@ -1,6 +1,10 @@
+## 0.4.0
+  - Channels beginning by ``/public/`` do not require authentication anymore,
+  However, globbing with public channels still require authentication.
+
 ## 0.3.0
-- Rename ``Faye::Authentication::Extension`` to ``Faye::Authentication::ServerExtension``
-- Add extension for faye Ruby Client : ``Faye::Authentication::ClientExtension``
+  - Rename ``Faye::Authentication::Extension`` to ``Faye::Authentication::ServerExtension``
+  - Add extension for faye Ruby Client : ``Faye::Authentication::ClientExtension``
 
 ## 0.2.0
 

data/README.md

@@ -38,6 +38,18 @@ Or install it yourself as:
 
 ## Usage
 
+### Channels requiring authentication
+
+All channels require authentication, except channels beginning by ``/public/``
+
+However, globbing, even on ``/public/`` channels will require authentication.
+
+Example :
+
+- ``/public/foo`` does not require authentication
+- ``/public/bar/*`` requires authentication
+
+
 ### Authentication endpoint requirements
 
 The endpoint will receive a POST request, and shall return a JSON hash with a ``signature`` key.

data/app/assets/javascripts/faye-authentication.js

@@ -42,16 +42,25 @@ FayeAuthentication.prototype.signMessage = function(message, callback) {
 }
 
 FayeAuthentication.prototype.outgoing = function(message, callback) {
-  if (message.channel == '/meta/subscribe') {
+  if (this.authentication_required(message))
     this.signMessage(message, callback);
-  }
-  else if (!/^\/meta\/(.*)/.test(message.channel)) { // Publish
-    this.signMessage(message, callback);
-  }
   else
     callback(message);
 };
 
+FayeAuthentication.prototype.authentication_required = function(message) {
+  var subscription_or_channel = message.subscription || message.channel
+  return (!this.public_channel(subscription_or_channel) && (message.channel == '/meta/subscribe' || message.channel.lastIndexOf('/meta/', 0) !== 0))
+};
+
+FayeAuthentication.prototype.public_channel = function(channel) {
+  if (channel.lastIndexOf('/public/', 0) === 0) {
+    return (channel.indexOf('*') == -1);
+  } else {
+    return (false);
+  }
+};
+
 FayeAuthentication.prototype.incoming = function(message, callback) {
   var outbox_message = this._outbox[message.id];
   if (outbox_message && message.error) {

data/lib/faye/authentication/client_extension.rb

@@ -8,7 +8,7 @@ module Faye
       end
 
       def outgoing(message, callback)
-        if message['channel'] == '/meta/subscribe' || !(message['channel'] =~ /^\/meta\/.*/)
+        if Faye::Authentication.authentication_required?(message)
           message['signature'] = Faye::Authentication.sign({channel: message['subscription'] || message['channel'], clientId: message['clientId']}, @secret, @options)
         end
         callback.call(message)

data/lib/faye/authentication/server_extension.rb

@@ -10,7 +10,7 @@ module Faye
       end
 
       def incoming(message, callback)
-        if message['channel'] == '/meta/subscribe' || !(message['channel'] =~ /^\/meta\/.*/)
+        if Faye::Authentication.authentication_required?(message)
           begin
             Faye::Authentication.validate(message['signature'],
                                           message['subscription'] || message['channel'],

data/lib/faye/authentication/version.rb

@@ -1,5 +1,5 @@
 module Faye
   module Authentication
-    VERSION = "0.3.0"
+    VERSION = "0.4.0"
   end
 end

data/lib/faye/authentication.rb

@@ -31,5 +31,15 @@ module Faye
       raise PayloadError unless channel == payload['channel'] && clientId == payload['clientId']
       true
     end
+
+    def self.authentication_required?(message)
+      subscription_or_channel = message['subscription'] || message['channel']
+      !public_channel?(subscription_or_channel) && (message['channel'] == '/meta/subscribe' || (!(message['channel'].start_with?('/meta/'))))
+    end
+
+    def self.public_channel?(channel)
+      channel.start_with?('/public/') and not channel.include?('*')
+    end
+
   end
 end

data/spec/javascripts/faye-authentication_spec.js

@@ -17,8 +17,8 @@ describe('faye-authentication', function() {
   describe('extension', function() {
     beforeEach(function() {
       jasmine.Ajax.install();
-      this.auth = new FayeAuthentication();
       this.client = new Faye.Client('http://localhost:9296/faye');
+      this.auth = new FayeAuthentication(this.client);
       this.client.addExtension(this.auth);
     });
 
@@ -118,35 +118,25 @@ describe('faye-authentication', function() {
         }, 500);
       });
 
-      it('should make only one ajax call when dealing with one channel', function(done) {
-        this.client.subscribe('/foobar');
-        this.client.publish('/foobar', {text: 'hallo'});
-        this.client.publish('/foobar', {text: 'hallo'});
 
-        setTimeout(function() {
-          expect(jasmine.Ajax.requests.count()).toBe(2); // Handshake + auth
-          done();
-        }, 500);
-
-      })
-
-      it('should make two ajax calls when dealing with two channels', function(done) {
-        this.client.subscribe('/foo');
-        this.client.publish('/foo', {text: 'hallo'});
-        this.client.publish('/foo', {text: 'hallo'});
+      it('does not add the signature to a public message', function(done) {
+        var self = this;
 
-        this.client.subscribe('/bar');
-        this.client.publish('/bar', {text: 'hallo'});
-        this.client.publish('/bar', {text: 'hallo'});
+        this.client.handshake(function() {
+          self.client._transport = self.fake_transport
+          self.client.publish('/public/foo', {text: 'hallo'});
+        }, this.client);
 
         setTimeout(function() {
-          expect(jasmine.Ajax.requests.count()).toBe(3); // Handshake + auth * 2
+          var calls = self.fake_transport.send.calls.all();
+          var last_call = calls[calls.length - 1];
+          var message = last_call.args[0].message;
+          expect(message.channel).toBe('/public/foo');
+          expect(message.signature).toBe(undefined);
           done();
         }, 500);
       });
-    });
 
+    });
   });
-
-
-})
+});

data/spec/javascripts/faye-extension_spec.js

@@ -59,6 +59,33 @@ describe('Faye extension', function() {
       });
     });
 
+    it('should make only one ajax call when dealing with one channel', function(done) {
+      this.client.subscribe('/foobar');
+      this.client.publish('/foobar', {text: 'hallo'});
+      this.client.publish('/foobar', {text: 'hallo'});
+
+      setTimeout(function() {
+        expect(jasmine.Ajax.requests.count()).toBe(2); // Handshake + auth * 1
+        done();
+      }, 500);
+
+    })
+
+    it('should make two ajax calls when dealing with two channels', function(done) {
+      this.client.subscribe('/foobar');
+      this.client.publish('/foobar', {text: 'hallo'});
+      this.client.publish('/foobar', {text: 'hallo'});
+
+      this.client.subscribe('/bar');
+      this.client.publish('/bar', {text: 'hallo'});
+      this.client.publish('/bar', {text: 'hallo'});
+
+      setTimeout(function() {
+        expect(jasmine.Ajax.requests.count()).toBe(3); // Handshake + auth * 2
+        done();
+      }, 500);
+    });
+
     it('tries to get a new signature immediately when the used signature is bad or expired', function(done) {
       jasmine.Ajax.stubRequest('/faye/auth').andReturn({
         'responseText': '{"signature": "bad"}'

data/spec/lib/faye/authentication/server_extension_spec.rb

@@ -6,32 +6,65 @@ describe Faye::Authentication::ServerExtension do
   let(:secret) { 'macaroni' }
   let(:extension) { Faye::Authentication::ServerExtension.new(secret) }
 
-  it 'does not add an eror if the message is correctly signed' do
-    message = {'channel' => '/foo/bar', 'clientId' => '42', 'text' => 'whatever'}
-    signature = Faye::Authentication.sign(message, secret)
-    message['signature'] = signature
+  describe '#incoming' do
+    shared_examples 'signature_has_error' do
+      it 'adds an error' do
+        subject
+        expect(@result).to have_key('error')
+      end
+    end
 
-    result = nil
+    shared_examples 'signature_has_no_error' do
+      it 'adds no error' do
+        subject
+        expect(@result).to_not have_key('error')
+      end
+    end
 
-    extension.incoming(message, ->(m) { result = m });
+    shared_examples 'authentication_actions' do
+      context 'not signed' do
+        context '/public' do
+          context 'no globbing' do
+            let(:channel) { '/public/foo' }
+            it_should_behave_like 'signature_has_no_error'
+          end
 
-    expect(result).to_not have_key('error')
-  end
+          context 'globbing' do
+            let(:channel) { '/public/foo/*'}
+            it_should_behave_like 'signature_has_error'
+          end
+        end
 
-  it 'adds an eror if the message is not signed' do
-    message = {'channel' => '/foo/bar', 'clientId' => '42', 'text' => 'whatever'}
-    result = nil
-    extension.incoming(message, ->(m) { result = m });
+        context 'not public' do
+          context 'not signed' do
+            let(:channel) { '/whatever' }
+            it_should_behave_like 'signature_has_error'
+          end
 
-    expect(result).to have_key('error')
-  end
+          context 'signed' do
+            let(:channel) { '/foo/bar' }
+            before { message['signature'] = Faye::Authentication.sign(message.merge({'channel' => channel}), secret) }
+            it_should_behave_like 'signature_has_no_error'
+          end
+
+        end
+      end
+    end
 
-  it 'adds an error if the signature is incorrect' do
-    message = {'channel' => '/foo/bar', 'clientId' => '42', 'text' => 'whatever', 'signature' => 'hello'}
-    result = nil
-    extension.incoming(message, ->(m) { result = m });
+    let(:message) { {'channel' => channel, 'clientId' => '42', 'text' => 'whatever'} }
+    subject do
+      extension.incoming(message, ->(m) { @result = m });
+    end
 
-    expect(result).to have_key('error')
+    context 'publish' do
+      it_should_behave_like 'authentication_actions'
+    end
+
+    context 'subscribe' do
+      before { message['channel'] = '/meta/subscribe'}
+      before { message['subscription'] = channel}
+      it_should_behave_like 'authentication_actions'
+    end
   end
 
   ['/meta/handshake', '/meta/connect', '/meta/unsubscribe', '/meta/disconnect'].each do |channel|

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: faye-authentication
 version: !ruby/object:Gem::Version
-  version: 0.3.0
+  version: 0.4.0
 platform: ruby
 authors:
 - Adrien Siami
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2014-06-17 00:00:00.000000000 Z
+date: 2014-07-02 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: jwt