fernet-rack 0.2 → 0.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/fernet-rack.gemspec +1 -1
- data/lib/rack/fernet.rb +30 -0
- data/test/test_fernet.rb +15 -26
- data/test/test_fernet_auth.rb +53 -0
- metadata +4 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 6d94674236ae463e25ce7f52993f53513af1c408
|
|
4
|
+
data.tar.gz: a3956e36c88b4ad4c5adec6e196af1680a78ce40
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 47667bcd4e1872c4fd662123f8b76cac30a57a571e408791ee356a82fc084cc919950a551979261228ee08571ba42dfef4b4b9277f738eaa682a9e1883f64e0f
|
|
7
|
+
data.tar.gz: 4a02f5d9d14d6c99625dd8b5d487f70f2850dadda1e52898e94c93b181bf2b9a80dee9dc275ee142d8c965725c70f7cdf88a53e5a387377698a69c226f52103f
|
data/fernet-rack.gemspec
CHANGED
|
@@ -13,7 +13,7 @@ Gem::Specification.new do |gem|
|
|
|
13
13
|
gem.test_files = gem.files.grep(%r{^(test|spec|features)/})
|
|
14
14
|
gem.name = "fernet-rack"
|
|
15
15
|
gem.require_paths = ["lib"]
|
|
16
|
-
gem.version = '0.
|
|
16
|
+
gem.version = '0.3'
|
|
17
17
|
|
|
18
18
|
gem.add_runtime_dependency "fernet", '~> 1.6'
|
|
19
19
|
gem.add_development_dependency "minitest", '~> 5.4'
|
data/lib/rack/fernet.rb
CHANGED
|
@@ -18,4 +18,34 @@ module Rack
|
|
|
18
18
|
end
|
|
19
19
|
end
|
|
20
20
|
end
|
|
21
|
+
|
|
22
|
+
class Fernet
|
|
23
|
+
def initialize(app, secret, content_type="application/json")
|
|
24
|
+
@app = app
|
|
25
|
+
@secret = secret
|
|
26
|
+
@content_type = content_type
|
|
27
|
+
end
|
|
28
|
+
|
|
29
|
+
def call(env)
|
|
30
|
+
verifier = ::Fernet.verifier(@secret, env["rack.input"].read)
|
|
31
|
+
if verifier.valid? && env["CONTENT_TYPE"] != 'application/octect-stream'
|
|
32
|
+
env['CONTENT_TYPE'] = @content_type
|
|
33
|
+
env["rack.input"] = StringIO.new(verifier.message)
|
|
34
|
+
@app.call(env)
|
|
35
|
+
elsif env["rack.input"].size.zero?
|
|
36
|
+
@app.call(env)
|
|
37
|
+
else
|
|
38
|
+
bad_request
|
|
39
|
+
end
|
|
40
|
+
end
|
|
41
|
+
|
|
42
|
+
private
|
|
43
|
+
def bad_request
|
|
44
|
+
return [ 400,
|
|
45
|
+
{ 'Content-Type' => 'text/plain',
|
|
46
|
+
'Content-Length' => '0' },
|
|
47
|
+
[]
|
|
48
|
+
]
|
|
49
|
+
end
|
|
50
|
+
end
|
|
21
51
|
end
|
data/test/test_fernet.rb
CHANGED
|
@@ -7,47 +7,36 @@ require 'rack/mock'
|
|
|
7
7
|
class FernetTest < Minitest::Test
|
|
8
8
|
def setup
|
|
9
9
|
unprotected_app = Rack::Lint.new(lambda do |env|
|
|
10
|
-
[ 200, {'Content-Type' =>
|
|
10
|
+
[ 200, {'Content-Type' => env["CONTENT_TYPE"].to_s }, [env["rack.input"].read] ]
|
|
11
11
|
end)
|
|
12
|
-
@realm = "Lillet"
|
|
13
12
|
@secret = "SqD5Mz/qFnXPLVTvkQKRDyVpli3Q6/habc7i89IrBRA="
|
|
14
|
-
@app = Rack::
|
|
13
|
+
@app = Rack::Fernet.new(unprotected_app, @secret)
|
|
15
14
|
@request = Rack::MockRequest.new(@app)
|
|
16
15
|
end
|
|
17
16
|
|
|
18
|
-
def
|
|
19
|
-
request do |response|
|
|
20
|
-
|
|
17
|
+
def test_invalid_signature
|
|
18
|
+
request("garbage") do |response|
|
|
19
|
+
assert_equal(response.status, 400)
|
|
21
20
|
end
|
|
22
21
|
end
|
|
23
22
|
|
|
24
|
-
def
|
|
25
|
-
|
|
26
|
-
|
|
23
|
+
def test_valid_signature
|
|
24
|
+
data = Fernet.generate(@secret, '{}')
|
|
25
|
+
request(data) do |response|
|
|
26
|
+
assert_equal(response.status, 200)
|
|
27
|
+
assert_equal(response.body, '{}')
|
|
28
|
+
assert_equal(response.headers['Content-Type'], 'application/json')
|
|
27
29
|
end
|
|
28
30
|
end
|
|
29
31
|
|
|
30
|
-
def
|
|
31
|
-
|
|
32
|
-
request_with_auth(token) do |response|
|
|
32
|
+
def test_empty_payload
|
|
33
|
+
request do |response|
|
|
33
34
|
assert_equal(response.status, 200)
|
|
34
|
-
assert_equal(response.body, "Hello")
|
|
35
35
|
end
|
|
36
36
|
end
|
|
37
37
|
|
|
38
38
|
private
|
|
39
|
-
def request(headers={})
|
|
40
|
-
yield @request.get('/',
|
|
41
|
-
end
|
|
42
|
-
|
|
43
|
-
def request_with_auth(token, &block)
|
|
44
|
-
request('HTTP_AUTHORIZATION' => 'Basic ' + [":#{token}"].pack("m*"), &block)
|
|
45
|
-
end
|
|
46
|
-
|
|
47
|
-
def assert_basic_auth_challenge(response)
|
|
48
|
-
assert_equal(response.status, 401)
|
|
49
|
-
assert_includes(response, 'WWW-Authenticate')
|
|
50
|
-
assert(response.headers['WWW-Authenticate'] =~ /Basic realm="#{Regexp.escape(@realm)}"/)
|
|
51
|
-
assert_empty(response.body)
|
|
39
|
+
def request(body=nil, headers={})
|
|
40
|
+
yield @request.get('/', input: body, CONTENT_TYPE: 'application/octet-stream')
|
|
52
41
|
end
|
|
53
42
|
end
|
|
@@ -0,0 +1,53 @@
|
|
|
1
|
+
require 'minitest/autorun'
|
|
2
|
+
require 'rack/fernet'
|
|
3
|
+
require 'rack/lint'
|
|
4
|
+
require 'rack/mock'
|
|
5
|
+
|
|
6
|
+
|
|
7
|
+
class FernetAuthTest < Minitest::Test
|
|
8
|
+
def setup
|
|
9
|
+
unprotected_app = Rack::Lint.new(lambda do |env|
|
|
10
|
+
[ 200, {'Content-Type' => 'text/plain'}, ["Hello"] ]
|
|
11
|
+
end)
|
|
12
|
+
@realm = "Lillet"
|
|
13
|
+
@secret = "SqD5Mz/qFnXPLVTvkQKRDyVpli3Q6/habc7i89IrBRA="
|
|
14
|
+
@app = Rack::Auth::Fernet.new(unprotected_app, @secret, @realm)
|
|
15
|
+
@request = Rack::MockRequest.new(@app)
|
|
16
|
+
end
|
|
17
|
+
|
|
18
|
+
def test_no_credentials
|
|
19
|
+
request do |response|
|
|
20
|
+
assert_basic_auth_challenge(response)
|
|
21
|
+
end
|
|
22
|
+
end
|
|
23
|
+
|
|
24
|
+
def test_wrong_credentials
|
|
25
|
+
request_with_auth('token') do |response|
|
|
26
|
+
assert_basic_auth_challenge(response)
|
|
27
|
+
end
|
|
28
|
+
end
|
|
29
|
+
|
|
30
|
+
def test_correct_credentials
|
|
31
|
+
token = Fernet.generate(@secret, 'Podensac')
|
|
32
|
+
request_with_auth(token) do |response|
|
|
33
|
+
assert_equal(response.status, 200)
|
|
34
|
+
assert_equal(response.body, "Hello")
|
|
35
|
+
end
|
|
36
|
+
end
|
|
37
|
+
|
|
38
|
+
private
|
|
39
|
+
def request(headers={})
|
|
40
|
+
yield @request.get('/', headers)
|
|
41
|
+
end
|
|
42
|
+
|
|
43
|
+
def request_with_auth(token, &block)
|
|
44
|
+
request('HTTP_AUTHORIZATION' => 'Basic ' + [":#{token}"].pack("m*"), &block)
|
|
45
|
+
end
|
|
46
|
+
|
|
47
|
+
def assert_basic_auth_challenge(response)
|
|
48
|
+
assert_equal(response.status, 401)
|
|
49
|
+
assert_includes(response, 'WWW-Authenticate')
|
|
50
|
+
assert(response.headers['WWW-Authenticate'] =~ /Basic realm="#{Regexp.escape(@realm)}"/)
|
|
51
|
+
assert_empty(response.body)
|
|
52
|
+
end
|
|
53
|
+
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: fernet-rack
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: '0.
|
|
4
|
+
version: '0.3'
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Timothée Peignier
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2014-07-
|
|
11
|
+
date: 2014-07-23 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: fernet
|
|
@@ -51,6 +51,7 @@ files:
|
|
|
51
51
|
- fernet-rack.gemspec
|
|
52
52
|
- lib/rack/fernet.rb
|
|
53
53
|
- test/test_fernet.rb
|
|
54
|
+
- test/test_fernet_auth.rb
|
|
54
55
|
homepage: http://rubygems.org/gems/fernet-rack
|
|
55
56
|
licenses:
|
|
56
57
|
- MIT
|
|
@@ -77,4 +78,5 @@ specification_version: 4
|
|
|
77
78
|
summary: Easily authenticate
|
|
78
79
|
test_files:
|
|
79
80
|
- test/test_fernet.rb
|
|
81
|
+
- test/test_fernet_auth.rb
|
|
80
82
|
has_rdoc:
|