grape_api_signature 0.0.1 → 0.0.2

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: ea25995d332c08dbd8b0843504808eb5b277e2c5
-  data.tar.gz: 4901ff5161b4be67a5c60f9e4b18d729c1002425
+  metadata.gz: 61d93a1fb4f89ca1583c393299264b06c8ac4bd5
+  data.tar.gz: 5e353d6dc5094a4b95d908bfdf3b1140bc708cf7
 SHA512:
-  metadata.gz: 914c187ed3d3b2c26fa8e001a26bbc745b293c985d30d2918bd30a33392228a673eb2decc29fad555ab8657786a8e88db1b9b735e61ca490c57b1fb291f0c19a
-  data.tar.gz: f837467539c385f898aadd2522607b21fda9bb71f583a4bc6a9177c46bd3908a34c299084cc4ea91c7a7139073893b81c99b5f9ea2c4cec350e03994845f0c87
+  metadata.gz: 35ffe14e8fba39a24e213cf4111f50abd81a1417472a29a02dcc496f9ab994efa47f77c41ce3e0e3bdbf71c0c1fd912b744986c3e65a5ab3f7c928c7d03a23a3
+  data.tar.gz: 9591e63820d33c185ccc24b13a283396c814b6cc207dc58eb717fe04a131573085d6392867256c921e4359745f0b164366db50f7d20102a2ad8eb31abfef92db

data/README.md

@@ -6,7 +6,8 @@
 # GrapeAPISignature
 
 `GrapeAPISignature` provides a [AWS 4 style](http://docs.aws.amazon.com/general/latest/gr/signature-version-4.html) 
-Authentication middleware to be used with [grape](https://github.com/intridea/grape).
+Authentication middleware to be used with [grape](https://github.com/intridea/grape). It calculates the 
+'AWS4-HMAC-SHA256' style signature and compares it against the `HTTP_AUTHORIZATION` header within the request.
 
 ## Installation
 
@@ -137,6 +138,64 @@ This gem provides a coffee script to authenticate swagger demo requests via AWS
 
 ```
 
+### Standalone RackMiddleware
+
+Example usage:
+
+```ruby
+
+...
+
+max_request_age = 200
+
+use GrapeAPISignature::Middleware::Auth, max_request_age  do |_access_key, _region, _service|
+  user = ... 
+  user.secret_key # different return value as for grape API's return only the key
+end
+
+run app
+
+...
+
+```
+
+### Standalone Authenticator/Signer
+
+Example usage:
+
+```ruby
+
+# Gemfile
+gem 'grape_api_signature', require: 'grape_api_signature/signer_components'
+
+# In your ruby file validate a request
+
+auth = Authorization.new(request_method,
+                         headers,
+                         URI(url),
+                         body,
+                         max_request_age)
+                         
+auth.authentic?(secret_key)
+
+# OR use the signer
+
+signer = GrapeAPISignature::AWSSigner.new(
+          access_key: user_id,
+          secret_key: secret_key,
+          region: authorization.region
+)
+
+signer.signature_only(request_method, uri, headers_to_sign, body)
+
+# OR
+
+signer.sign(request_method, uri, headers_to_sign, body)
+
+```
+
+
+
 ## Contributing
 
 1. Fork it ( https://github.com/faber-lotto/grape_api_signature/fork )

data/app/assets/javascripts/aws-signature.js.coffee

@@ -140,7 +140,7 @@ do ($=jQuery) ->
         keys.sort().join(';')
 
       is_signable_header: (header)->
-        not_signable_headers = ['authorization', 'content-length', 'user-agent']
+        not_signable_headers = ['authorization', 'content-length', 'content-type' ,'user-agent']
         not_signable_headers.indexOf(header) < 0
 
       dateStamp: ->

data/lib/grape_api_signature.rb

@@ -4,18 +4,11 @@ require 'active_support'
 require 'active_support/core_ext'
 
 module GrapeAPISignature
-  require 'grape_api_signature/aws_digester'
-  require 'grape_api_signature/aws_request'
-  require 'grape_api_signature/aws_auth_parser'
-  require 'grape_api_signature/aws_signer'
-  require 'grape_api_signature/aws_authorization'
-  require 'grape_api_signature/authorization'
+  require 'grape_api_signature/signer_components'
 
+  require 'grape_api_signature/middleware/auth_request'
   require 'grape_api_signature/middleware/auth'
   require 'grape_api_signature/middleware/grape_auth'
 
-  if defined?(Rails)
-    require 'grape_api_signature/rails/engine'
-  end
-
+  require 'grape_api_signature/rails/engine'  if defined?(Rails)
 end

data/lib/grape_api_signature/middleware/auth.rb

@@ -1,7 +1,5 @@
 require 'uri'
 require 'rack/auth/abstract/handler'
-require 'rack/auth/abstract/request'
-require 'rack/request'
 
 module GrapeAPISignature
   module Middleware
@@ -80,26 +78,6 @@ module GrapeAPISignature
       def authenticator_result
         @authenticator_result ||= @authenticator.call(auth.user_id, auth.region, auth.service)
       end
-
-      class AuthRequest < Rack::Auth::AbstractRequest
-        def aws4?
-          'AWS4-HMAC-SHA256'.downcase == scheme.downcase
-        end
-
-        def headers
-          @headers ||= @env.each_with_object({}) do |(key, value), result_hash|
-            key = key.upcase
-            next unless key.to_s.start_with?('HTTP_') && (key.to_s != 'HTTP_VERSION')
-
-            key = key[5..-1].gsub('_', '-').downcase.gsub(/^.|[-_\s]./) { |x| x.upcase }
-            result_hash[key] = value
-          end
-        end
-
-        def body
-          @body ||= request.body.read.tap { request.body.rewind }
-        end
-      end
     end
   end
 end

data/lib/grape_api_signature/middleware/auth_request.rb

@@ -0,0 +1,26 @@
+require 'rack/auth/abstract/request'
+require 'rack/request'
+
+module GrapeAPISignature
+  module Middleware
+    class AuthRequest < Rack::Auth::AbstractRequest
+      def aws4?
+        'AWS4-HMAC-SHA256'.downcase == scheme.downcase
+      end
+
+      def headers
+        @headers ||= @env.each_with_object({}) do |(key, value), result_hash|
+          key = key.upcase
+          next unless key.to_s.start_with?('HTTP_') && (key.to_s != 'HTTP_VERSION')
+
+          key = key[5..-1].gsub('_', '-').downcase.gsub(/^.|[-_\s]./) { |x| x.upcase }
+          result_hash[key] = value
+        end
+      end
+
+      def body
+        @body ||= request.body.read.tap { request.body.rewind }
+      end
+    end
+  end
+end

data/lib/grape_api_signature/rails/engine.rb

@@ -3,4 +3,4 @@ module GrapeAPISignature
     class Engine < ::Rails::Engine
     end
   end
-end
+end

data/lib/grape_api_signature/signer_components.rb

@@ -0,0 +1,10 @@
+require 'grape_api_signature/version'
+
+module GrapeAPISignature
+  require 'grape_api_signature/aws_digester'
+  require 'grape_api_signature/aws_request'
+  require 'grape_api_signature/aws_auth_parser'
+  require 'grape_api_signature/aws_signer'
+  require 'grape_api_signature/aws_authorization'
+  require 'grape_api_signature/authorization'
+end

data/lib/grape_api_signature/version.rb

@@ -1,3 +1,3 @@
 module GrapeAPISignature
-  VERSION = '0.0.1'
+  VERSION = '0.0.2'
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: grape_api_signature
 version: !ruby/object:Gem::Version
-  version: 0.0.1
+  version: 0.0.2
 platform: ruby
 authors:
 - Dieter Späth
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2014-08-07 00:00:00.000000000 Z
+date: 2014-08-19 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rack
@@ -318,9 +318,11 @@ files:
 - lib/grape_api_signature/aws_request.rb
 - lib/grape_api_signature/aws_signer.rb
 - lib/grape_api_signature/middleware/auth.rb
+- lib/grape_api_signature/middleware/auth_request.rb
 - lib/grape_api_signature/middleware/grape_auth.rb
 - lib/grape_api_signature/rails/engine.rb
 - lib/grape_api_signature/rspec.rb
+- lib/grape_api_signature/signer_components.rb
 - lib/grape_api_signature/version.rb
 - spec/acceptance/.gitkeep
 - spec/acceptance/lib/grape_api_signature/aws_request_spec.rb