grape_api_signature 0.0.1 → 0.0.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: ea25995d332c08dbd8b0843504808eb5b277e2c5
4
- data.tar.gz: 4901ff5161b4be67a5c60f9e4b18d729c1002425
3
+ metadata.gz: 61d93a1fb4f89ca1583c393299264b06c8ac4bd5
4
+ data.tar.gz: 5e353d6dc5094a4b95d908bfdf3b1140bc708cf7
5
5
  SHA512:
6
- metadata.gz: 914c187ed3d3b2c26fa8e001a26bbc745b293c985d30d2918bd30a33392228a673eb2decc29fad555ab8657786a8e88db1b9b735e61ca490c57b1fb291f0c19a
7
- data.tar.gz: f837467539c385f898aadd2522607b21fda9bb71f583a4bc6a9177c46bd3908a34c299084cc4ea91c7a7139073893b81c99b5f9ea2c4cec350e03994845f0c87
6
+ metadata.gz: 35ffe14e8fba39a24e213cf4111f50abd81a1417472a29a02dcc496f9ab994efa47f77c41ce3e0e3bdbf71c0c1fd912b744986c3e65a5ab3f7c928c7d03a23a3
7
+ data.tar.gz: 9591e63820d33c185ccc24b13a283396c814b6cc207dc58eb717fe04a131573085d6392867256c921e4359745f0b164366db50f7d20102a2ad8eb31abfef92db
data/README.md CHANGED
@@ -6,7 +6,8 @@
6
6
  # GrapeAPISignature
7
7
 
8
8
  `GrapeAPISignature` provides a [AWS 4 style](http://docs.aws.amazon.com/general/latest/gr/signature-version-4.html)
9
- Authentication middleware to be used with [grape](https://github.com/intridea/grape).
9
+ Authentication middleware to be used with [grape](https://github.com/intridea/grape). It calculates the
10
+ 'AWS4-HMAC-SHA256' style signature and compares it against the `HTTP_AUTHORIZATION` header within the request.
10
11
 
11
12
  ## Installation
12
13
 
@@ -137,6 +138,64 @@ This gem provides a coffee script to authenticate swagger demo requests via AWS
137
138
 
138
139
  ```
139
140
 
141
+ ### Standalone RackMiddleware
142
+
143
+ Example usage:
144
+
145
+ ```ruby
146
+
147
+ ...
148
+
149
+ max_request_age = 200
150
+
151
+ use GrapeAPISignature::Middleware::Auth, max_request_age do |_access_key, _region, _service|
152
+ user = ...
153
+ user.secret_key # different return value as for grape API's return only the key
154
+ end
155
+
156
+ run app
157
+
158
+ ...
159
+
160
+ ```
161
+
162
+ ### Standalone Authenticator/Signer
163
+
164
+ Example usage:
165
+
166
+ ```ruby
167
+
168
+ # Gemfile
169
+ gem 'grape_api_signature', require: 'grape_api_signature/signer_components'
170
+
171
+ # In your ruby file validate a request
172
+
173
+ auth = Authorization.new(request_method,
174
+ headers,
175
+ URI(url),
176
+ body,
177
+ max_request_age)
178
+
179
+ auth.authentic?(secret_key)
180
+
181
+ # OR use the signer
182
+
183
+ signer = GrapeAPISignature::AWSSigner.new(
184
+ access_key: user_id,
185
+ secret_key: secret_key,
186
+ region: authorization.region
187
+ )
188
+
189
+ signer.signature_only(request_method, uri, headers_to_sign, body)
190
+
191
+ # OR
192
+
193
+ signer.sign(request_method, uri, headers_to_sign, body)
194
+
195
+ ```
196
+
197
+
198
+
140
199
  ## Contributing
141
200
 
142
201
  1. Fork it ( https://github.com/faber-lotto/grape_api_signature/fork )
@@ -140,7 +140,7 @@ do ($=jQuery) ->
140
140
  keys.sort().join(';')
141
141
 
142
142
  is_signable_header: (header)->
143
- not_signable_headers = ['authorization', 'content-length', 'user-agent']
143
+ not_signable_headers = ['authorization', 'content-length', 'content-type' ,'user-agent']
144
144
  not_signable_headers.indexOf(header) < 0
145
145
 
146
146
  dateStamp: ->
@@ -4,18 +4,11 @@ require 'active_support'
4
4
  require 'active_support/core_ext'
5
5
 
6
6
  module GrapeAPISignature
7
- require 'grape_api_signature/aws_digester'
8
- require 'grape_api_signature/aws_request'
9
- require 'grape_api_signature/aws_auth_parser'
10
- require 'grape_api_signature/aws_signer'
11
- require 'grape_api_signature/aws_authorization'
12
- require 'grape_api_signature/authorization'
7
+ require 'grape_api_signature/signer_components'
13
8
 
9
+ require 'grape_api_signature/middleware/auth_request'
14
10
  require 'grape_api_signature/middleware/auth'
15
11
  require 'grape_api_signature/middleware/grape_auth'
16
12
 
17
- if defined?(Rails)
18
- require 'grape_api_signature/rails/engine'
19
- end
20
-
13
+ require 'grape_api_signature/rails/engine' if defined?(Rails)
21
14
  end
@@ -1,7 +1,5 @@
1
1
  require 'uri'
2
2
  require 'rack/auth/abstract/handler'
3
- require 'rack/auth/abstract/request'
4
- require 'rack/request'
5
3
 
6
4
  module GrapeAPISignature
7
5
  module Middleware
@@ -80,26 +78,6 @@ module GrapeAPISignature
80
78
  def authenticator_result
81
79
  @authenticator_result ||= @authenticator.call(auth.user_id, auth.region, auth.service)
82
80
  end
83
-
84
- class AuthRequest < Rack::Auth::AbstractRequest
85
- def aws4?
86
- 'AWS4-HMAC-SHA256'.downcase == scheme.downcase
87
- end
88
-
89
- def headers
90
- @headers ||= @env.each_with_object({}) do |(key, value), result_hash|
91
- key = key.upcase
92
- next unless key.to_s.start_with?('HTTP_') && (key.to_s != 'HTTP_VERSION')
93
-
94
- key = key[5..-1].gsub('_', '-').downcase.gsub(/^.|[-_\s]./) { |x| x.upcase }
95
- result_hash[key] = value
96
- end
97
- end
98
-
99
- def body
100
- @body ||= request.body.read.tap { request.body.rewind }
101
- end
102
- end
103
81
  end
104
82
  end
105
83
  end
@@ -0,0 +1,26 @@
1
+ require 'rack/auth/abstract/request'
2
+ require 'rack/request'
3
+
4
+ module GrapeAPISignature
5
+ module Middleware
6
+ class AuthRequest < Rack::Auth::AbstractRequest
7
+ def aws4?
8
+ 'AWS4-HMAC-SHA256'.downcase == scheme.downcase
9
+ end
10
+
11
+ def headers
12
+ @headers ||= @env.each_with_object({}) do |(key, value), result_hash|
13
+ key = key.upcase
14
+ next unless key.to_s.start_with?('HTTP_') && (key.to_s != 'HTTP_VERSION')
15
+
16
+ key = key[5..-1].gsub('_', '-').downcase.gsub(/^.|[-_\s]./) { |x| x.upcase }
17
+ result_hash[key] = value
18
+ end
19
+ end
20
+
21
+ def body
22
+ @body ||= request.body.read.tap { request.body.rewind }
23
+ end
24
+ end
25
+ end
26
+ end
@@ -3,4 +3,4 @@ module GrapeAPISignature
3
3
  class Engine < ::Rails::Engine
4
4
  end
5
5
  end
6
- end
6
+ end
@@ -0,0 +1,10 @@
1
+ require 'grape_api_signature/version'
2
+
3
+ module GrapeAPISignature
4
+ require 'grape_api_signature/aws_digester'
5
+ require 'grape_api_signature/aws_request'
6
+ require 'grape_api_signature/aws_auth_parser'
7
+ require 'grape_api_signature/aws_signer'
8
+ require 'grape_api_signature/aws_authorization'
9
+ require 'grape_api_signature/authorization'
10
+ end
@@ -1,3 +1,3 @@
1
1
  module GrapeAPISignature
2
- VERSION = '0.0.1'
2
+ VERSION = '0.0.2'
3
3
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: grape_api_signature
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.0.1
4
+ version: 0.0.2
5
5
  platform: ruby
6
6
  authors:
7
7
  - Dieter Späth
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2014-08-07 00:00:00.000000000 Z
11
+ date: 2014-08-19 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: rack
@@ -318,9 +318,11 @@ files:
318
318
  - lib/grape_api_signature/aws_request.rb
319
319
  - lib/grape_api_signature/aws_signer.rb
320
320
  - lib/grape_api_signature/middleware/auth.rb
321
+ - lib/grape_api_signature/middleware/auth_request.rb
321
322
  - lib/grape_api_signature/middleware/grape_auth.rb
322
323
  - lib/grape_api_signature/rails/engine.rb
323
324
  - lib/grape_api_signature/rspec.rb
325
+ - lib/grape_api_signature/signer_components.rb
324
326
  - lib/grape_api_signature/version.rb
325
327
  - spec/acceptance/.gitkeep
326
328
  - spec/acceptance/lib/grape_api_signature/aws_request_spec.rb