hadley 0.0.2 → 0.0.3

data/.gitignore

@@ -2,3 +2,5 @@
 .bundle
 Gemfile.lock
 pkg/*
+doc/*
+.yardoc/*

data/.yardopts

@@ -0,0 +1 @@
+--protected lib/**/*.rb ext/**/*.c README.rdoc

data/LICENSE.txt

@@ -0,0 +1,7 @@
+Copyright (c) 2012 Sean M. Duncan
+
+Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.rdoc

@@ -0,0 +1,45 @@
+== Welcome to Hadley
+
+Hadley is rack middleware built on top of the excellent security authentication middleware warden.  Hadley enables
+Rack-based web applications to easily become AFID protected resource servers.
+
+
+== Getting Started
+
+Rails: 
+
+1. Add <tt>gem 'hadley'</tt> to your Gemfile
+
+2. Run <tt>bundle</tt> from your project root
+
+3. Run <tt>touch config/initializers/hadley.rb</tt> from your project root
+
+4. Add warden and hadley to your middleware stack by opening <tt>config/initializers/hadlery.rb</tt> in your favorite text editor and adding the following:
+
+    token_store = Hadley::TokenStore.new(Rails.cache)
+
+    MyApp::Application.config.middleware.insert_after ActionDispatch::Session::CookieStore, Warden::Manager do |manager|
+      # setup authentication for the afid server to provision and revoke access tokens
+      manager.basic(:server) do |basic|
+        basic.hash_credentials true
+        basic.lookup do |id, secret|
+          [ id, secret ] == [ 'my_hashed_id', 'my_hashed_secret' ] ? id : nil
+        end
+      end
+      # setup authentication for afid clients to authenticate in anonymous mode (client_credentials grant type in OAuth2 
+      # parlance)
+      manager.bearer(:client) do |bearer|
+        bearer.token_store token_store
+        bearer.anonymous_allowed true
+      end
+      # setup authentication for afid clients to access apis on behalf of a particular user (authorization_grant grant 
+      # type in OAuth2 parlance)
+      manager.bearer(:user) do |bearer|
+        bearer.token_store token_store
+        bearer.anonymous_allowed false
+      end
+    end
+
+    MyApp::Application.config.middleware.insert_after Warden::Manager, Hadley::Middleware, token_store: token_store
+
+5. Run <tt>rake middleware</tt> from your project root and verify that <tt>Warden::Manager</tt> appears after <tt>ActionDispatch::Session::CookieStore</tt> and <tt>Hadley::Middleware</tt> appears after <tt>Warden::Manager</tt>

data/config.ru

@@ -29,7 +29,7 @@ class ExampleResourceServer < Sinatra::Base
 
   use Warden::Manager do |manager|
     manager.basic(:server) do |basic|
-      basic.hash_credentials = true
+      basic.hash_credentials true
       basic.lookup do |id, secret|
         [ id, secret] == [
           'a8ab10237100f16d12b6c8e574e84b92cc15aecaced04d47251a5f34ffaa0e60',
@@ -38,12 +38,12 @@ class ExampleResourceServer < Sinatra::Base
       end
     end
     manager.bearer(:client) do |bearer|
-      bearer.token_store = token_store
-      bearer.anonymous_allowed = true
+      bearer.token_store token_store
+      bearer.anonymous_allowed true
     end
     manager.bearer(:user) do |bearer|
-      bearer.token_store = token_store
-      bearer.anonymous_allowed = false
+      bearer.token_store token_store
+      bearer.anonymous_allowed false
     end
   end
 

data/hadley.gemspec

@@ -17,6 +17,8 @@ Gem::Specification.new do |s|
   s.executables   = `git ls-files -- bin/*`.split("\n").map{ |f| File.basename(f) }
   s.require_paths = [ 'lib' ]
 
+  s.add_development_dependency 'yard'
+  s.add_development_dependency 'yard-sinatra'
   s.add_development_dependency 'rspec'
   s.add_development_dependency 'active_support'
   s.add_development_dependency 'dalli'

data/lib/hadley.rb

@@ -2,6 +2,7 @@ autoload :Rack, 'rack'
 autoload :Sinatra, 'sinatra/base'
 autoload :Warden, 'warden'
 
+# This module is a namespace for all modules and classes related to the AFID resource server rack middleware
 module Hadley
 
   autoload :Authz, 'hadley/authz'
@@ -10,8 +11,10 @@ module Hadley
   autoload :TokenStore, 'hadley/token_store'
   autoload :Utils, 'hadley/utils'
 
-  VERSION = '0.0.2'
+  # The current version of this ruby gem
+  VERSION = '0.0.3'
 
+  # The identity key for the AFID anonymous identity
   ANONYMOUS_IDENTITY = '0' * 66
 
 end

data/lib/hadley/authz.rb

@@ -1,53 +1,23 @@
+# This module is both a namespace for modules and classes related to AFID authorization and a collection of useful 
+# helper methods that can be mixed in to application controllers / route handlers that need to interact with warden and 
+# AFID authorization details.
 module Hadley::Authz
 
+  autoload :StrategyBuilder, 'hadley/authz/strategy_builder'
+  autoload :Strategy, 'hadley/authz/strategy'
   autoload :Basic, 'hadley/authz/basic'
   autoload :Bearer, 'hadley/authz/bearer'
 
+  # A wrapper method that allows cleaner access to the warden proxy
+  #
+  # @return [Warden::Proxy] The warden lazy object equivalent to <tt>env['warden']</tt>.
   def warden
     env['warden']
   end
 
-  module StrategyBuilder
-
-    def build(name, config)
-      strategy = self.create_strategy(name)
-      self.register_strategy(name, strategy)
-      self.set_config(strategy, config)
-    end
-
-    protected
-
-    def create_strategy(name)
-      class_name = Hadley::Utils.camelize(name.to_s)
-      if self.const_defined?(class_name)
-        self.const_get(class_name) 
-      else
-        self.const_set(class_name, Class.new(self))
-      end
-    end
-
-    def register_strategy(name, strategy)
-      full_name = "afid_#{name}".to_sym
-      if Warden::Strategies[full_name].nil?
-        Warden::Strategies.add(full_name, strategy) 
-      end
-    end
-
-    def set_config(strategy, config)
-      strategy.const_set("CONFIG", config) unless strategy.const_defined?("CONFIG")
-    end
-
-  end
-
-  class Strategy < Warden::Strategies::Base
-    extend StrategyBuilder
-
-    def config
-      self.class.const_get("CONFIG")
-    end
-  end
-
+  # Add the warden config extension for the Basic authorization strategy
   Warden::Config.send(:include, Hadley::Authz::Basic::ConfigExtension)
+  # Add the warden config extension for the Bearer authorization strategy
   Warden::Config.send(:include, Hadley::Authz::Bearer::ConfigExtension)
 
 end

data/lib/hadley/authz/basic.rb

@@ -1,56 +1,77 @@
-module Hadley
-    
-  module Authz
+# This module is a namespace for modules and classes related to the HTTP Basic authorization strategy.
+module Hadley::Authz::Basic
 
-    module Basic
+  # This class is the prototype class for all HTTP Basic authorization strategies used by hadley.
+  class Strategy < Hadley::Authz::Strategy
 
-      class Strategy < Hadley::Authz::Strategy
+    # Provides access to the HTTP Basic Auth information assiciated with the current request.
+    #
+    # @return [Rack::Aauth::Basic::Request] The HTTP Basic Auth information associated with the current request.
+    def auth
+      @auth ||= Rack::Auth::Basic::Request.new(env)
+    end
 
-        def auth
-          @auth ||= Rack::Auth::Basic::Request.new(env)
-        end
+    # Identifies whether a login using this strategy should be persisted across multiple requests.
+    #
+    # @see Warden::Strategies::Base#store?
+    #
+    # @return [Boolean] true if and only if a login using this strategy should be persistent across multiple requests.
+    def store?
+      false
+    end
 
-        def store?
-          false
-        end
+    # Authenticates the entity identified by the provided HTTP Basic Auth information
+    def authenticate!
+      return unauthorized unless auth.provided? and auth.basic? and auth.credentials
+      credentials = auth.credentials.map do |credential|
+        config.hash_credentials ? Digest::SHA2.new(256).update(credential).to_s : credential
+      end
+      user = config.lookup.call(credentials.first, credentials.last)
+      return user ? success!(auth.credentials.first) : unauthorized
+    end
 
-        def authenticate!
-          return unauthorized unless auth.provided? and auth.basic? and auth.credentials
-          credentials = auth.credentials.map do |credential|
-            config.hash_credentials ? Digest::SHA2.new(256).update(credential).to_s : credential
-          end
-          user = config.lookup.call(credentials.first, credentials.last)
-          return user ? success!(auth.credentials.first) : unauthorized
-        end
+    private
 
-        def unauthorized
-          custom!(Rack::Response.new([config.fail_message], 401, { 'WWW-Authenticate' => %Q{Basic realm="#{config.realm}"} }))
-        end
+    # Renders a custom HTTP 401 Unauthorized response with the appropriate challenge.
+    def unauthorized
+      custom!(Rack::Response.new([config.fail_message], 401, { 'WWW-Authenticate' => %Q{Basic realm="#{config.realm}"} }))
+    end
 
-      end
+  end
 
-      module ConfigExtension
-
-        def basic(name, &block)
-          config = Hadley::Config.new(
-            realm: 'Access Tokens',
-            fail_message: 'Authorization Failed',
-            hash_credentials: false
-          )
-          if block_given?
-            if block.arity == 1 
-              yield config
-            else
-              config.instance_eval(&block)
-            end
-          end
-          Hadley::Authz::Basic::Strategy.build(name, config) unless config.lookup.nil?
+  # This module provides the configuration extension to Warden allowing for ease of configuration for basic auth 
+  # strategies via the following syntax:
+  #   
+  #   use Warden::Manager do |manager|
+  #     manager.basic(:server) do |basic|
+  #       basic.hash_credentials true
+  #       basic.lookup do |id, secret|
+  #         [ id, secret] == [ 'client_identity', 'client_secret' ] ? id : nil
+  #       end
+  #     end
+  #   end
+  module ConfigExtension
+
+    # Configures and registers and new basic authorization strategy.
+    #
+    # @param [Symbol] name The unqualified name for the new basic authorization strategy.
+    # @param [Hadley::Config] config The configuration specific to the new basic authorization strategy.
+    def basic(name, &block)
+      config = Hadley::Config.new(
+        realm: 'Access Tokens',
+        fail_message: 'Authorization Failed',
+        hash_credentials: false
+      )
+      if block_given?
+        if block.arity == 1 
+          yield config
+        else
+          config.instance_eval(&block)
         end
-      
       end
-
+      Hadley::Authz::Basic::Strategy.build(name, config) unless config.lookup.nil?
     end
-
+  
   end
 
 end

data/lib/hadley/authz/bearer.rb

@@ -1,11 +1,19 @@
+# This module is a namespace for modules and classes related to bearer token based custom rack authorization requests
 module Rack::Auth::Bearer
 
+  # This class represents a custom rack authorization request type for bearer token based authorization
   class Request < Rack::Auth::AbstractRequest
 
+    # Provides a means to determin if the current requests authorization type is 'Bearer'.
+    #
+    # @return [Boolean] true if and only if the current requests authorization type is 'Bearer'.
     def bearer?
       :bearer == scheme
     end
 
+    # Provides access to the bearer token associated with the current request.
+    #
+    # @return [String] The token assiciated with the current request.
     def token
       @token ||= params.split(' ', 2).first
     end
@@ -14,59 +22,76 @@ module Rack::Auth::Bearer
 
 end
 
-module Hadley
-    
-  module Authz
+# This module is a namespace for modules and classes related to bearer token based authorization strategies.
+module Hadley::Authz::Bearer
 
-    module Bearer
+  
+  class Strategy < Hadley::Authz::Strategy
 
-      class Strategy < Hadley::Authz::Strategy
-
-        def auth
-          @auth ||= Rack::Auth::Bearer::Request.new(env)
-        end
+    # Provides access to the bearer token based auth information assiciated with the current request.
+    #
+    # @return [Rack::Aauth::Bearer::Request] The bearer token based auth information assiciated with the current request.
+    def auth
+      @auth ||= Rack::Auth::Bearer::Request.new(env)
+    end
 
-        def store?
-          false
-        end
+    # Identifies whether a login using this strategy should be persisted across multiple requests.
+    #
+    # @see Warden::Strategies::Base#store?
+    #
+    # @return [Boolean] true if and only if a login using this strategy should be persistent across multiple requests.
+    def store?
+      false
+    end
 
-        def authenticate!(anonymous_allowed=false)
-          return unauthorized unless auth.provided? and auth.bearer? and auth.token
-          user = config.token_store.get(auth.token)
-          return unauthorized unless user and (!user[:anonymous] or config.anonymous_allowed)
-          success!(user)
-        end
+     # Authenticates the entity identified by the provided bearer token.
+    def authenticate!(anonymous_allowed=false)
+      return unauthorized unless auth.provided? and auth.bearer? and auth.token
+      user = config.token_store.get(auth.token)
+      return unauthorized unless user and (!user[:anonymous] or config.anonymous_allowed)
+      success!(user)
+    end
 
-        private
+    private
 
-        def unauthorized
-          custom!(Rack::Response.new([config.fail_message], 401, { 'WWW-Authenticate' => %Q{Bearer realm="#{config.realm}"} }))
-        end
+    # Renders a custom HTTP 401 Unauthorized response with the appropriate challenge.
+    def unauthorized
+      custom!(Rack::Response.new([config.fail_message], 401, { 'WWW-Authenticate' => %Q{Bearer realm="#{config.realm}"} }))
+    end
 
-      end
+  end
 
-      module ConfigExtension
-
-        def bearer(name, &block)
-          config = Hadley::Config.new(
-            realm: 'Access Tokens',
-            fail_message: 'Authorization Failed',
-            anonymous_allowed: false
-          )
-          if block_given?
-            if block.arity == 1 
-              yield config
-            else
-              config.instance_eval(&block)
-            end
-          end
-          Hadley::Authz::Bearer::Strategy.build(name, config) unless config.token_store.nil?
+  # This module provides the configuration extension to Warden allowing for ease of configuration for bearer token 
+  # based authorization strategies via the following syntax:
+  #   
+  #   use Warden::Manager do |manager|
+  #     manager.bearer(:server) do |bearer|
+  #       bearer.token_store token_store
+  #       bearer.anonymous_allowed true
+  #     end
+  #   end
+  module ConfigExtension
+
+    # Configures and registers and new bearer token based authorization strategy.
+    #
+    # @param [Symbol] name The unqualified name for the new bearer token based authorization strategy.
+    # @param [Hadley::Config] config The configuration specific to the new bearer token based authorization strategy.
+    def bearer(name, &block)
+      config = Hadley::Config.new(
+        realm: 'Access Tokens',
+        fail_message: 'Authorization Failed',
+        anonymous_allowed: false
+      )
+      if block_given?
+        if block.arity == 1 
+          yield config
+        else
+          config.instance_eval(&block)
         end
-      
       end
-
+      Hadley::Authz::Bearer::Strategy.build(name, config) unless config.token_store.nil?
     end
-
+  
   end
 
 end

data/lib/hadley/authz/strategy.rb

@@ -0,0 +1,11 @@
+# This class is a base class for authorization strategies
+class Hadley::Authz::Strategy < Warden::Strategies::Base
+  extend Hadley::Authz::StrategyBuilder
+
+  # Provides access to the configuration for this authorization strategy.
+  #
+  # @return [Hadley::Config] the configuration for this authorization strategy.
+  def config
+    self.class.const_get("CONFIG")
+  end
+end

data/lib/hadley/authz/strategy_builder.rb

@@ -0,0 +1,51 @@
+# This mixin module provides helpful utilties for generating new authorization strategies based on configuration 
+# provided when the strategy is being registered with Warden.
+module Hadley::Authz::StrategyBuilder
+
+  # Builds a new authorization strategy class based on the provided configuration.
+  #
+  # @param [Symbol] name The unqualified name of the authorization strategy to be built.
+  # @param [Hadley::Config] config The configuration for the authorization strategy to be built.
+  def build(name, config)
+    strategy = self.create_strategy(name)
+    self.register_strategy(name, strategy)
+    self.set_config(strategy, config)
+  end
+
+  protected
+
+  # Creates the strategy class based on the provided name.  The class will be namespaced under the class that
+  # these methods are mixed into.
+  #
+  # @param [Symbol] name The unqualified name of the authorization strategy to be built.
+  #
+  # @return [Class] The new strategy class.
+  def create_strategy(name)
+    class_name = Hadley::Utils.camelize(name.to_s)
+    if self.const_defined?(class_name)
+      self.const_get(class_name) 
+    else
+      self.const_set(class_name, Class.new(self))
+    end
+  end
+
+  # Registers the new authorization strategy with Warden under the specified name prefixed by 'afid_'.
+  #
+  # @param [Symbol] name The unqualified name of the authorization strategy to be built.
+  # @param [Class] strategy The newly created strategy class.
+  def register_strategy(name, strategy)
+    full_name = "afid_#{name}".to_sym
+    if Warden::Strategies[full_name].nil?
+      Warden::Strategies.add(full_name, strategy) 
+    end
+  end
+
+  # Binds the configuration information to the newly created strategy class.
+  #
+  # @param [Class] strategy The newly created strategy class.
+  # @param [Hadley::Config] config The configuration to be bound to the authorization strategy.
+  def set_config(strategy, config)
+    strategy.const_set("CONFIG", config) unless strategy.const_defined?("CONFIG")
+  end
+
+end

data/lib/hadley/config.rb

@@ -1,28 +1,70 @@
+# This class is a convenience wrapper around an Hash that provides a more expressive api for initial configuration and
+# referencing the configuration information at runtime.  For example:
+#   config.prop 'value' # --> config[:prop] = 'value'
+#   config.prop = 'value' # --> same as above
+#   config.props 'a', 'b', 'c' # --> config[:props] = [ 'a', 'b', 'c' ]
+#   config.props = 'a', 'b', 'c' # same as above
+#   config.callback { |it| puts it } # config[:callback] = { |it| puts it }
+#   config.prop # --> config[:prop]
 class Hadley::Config
 
-  def initialize(config={})
-    @config = config
+  # Initializes this Config with the specified defaults.
+  #
+  # @param [Hash] defaults The default configuration values for this Config instance.
+  def initialize(defaults={})
+    @config = defaults
   end
 
+  # Delegates to {#set}, {#get} or {#proc} depending on the nature of the given name, if a block is given or if the args
+  # array is not empty.
+  # 
+  # @param [String] name The name of the property to be read or written.  If the name ends with '=' it will be stripped
+  #  from the name and the operation will be treated as a write.
+  # @param [*Object] args The optional array of property values to be assigned to the provided property name.  If this
+  #  array is not empty then {#set} will be called.
+  # @param [Proc] &block The optional block to be assigned to the provided property name. If the operation has a block 
+  #  given then {#proc} will be called.
+  #
+  # @return [Object,nil] The value ultimately written to or read from the given property name.
   def method_missing(name, *args, &block)
     if block_given?
       proc(name, &block)
     elsif name =~ /(.+)=$/
-      set($1, *args, &block)
+      set($1, *args)
+    elsif not args.empty?
+      set(name, *args)
     else
-      get(name, &block)
+      get(name)
     end
   end
 
+  # Stores the given block under the provided property name.
+  #
+  # @param [String] name The name of the property to be written.
+  # @param [Proc] &block The block to be assigned to the provided property name.
+  #
+  # @return [Proc] The block written to the provided name.
   def proc(name, &block)
     @config[name.to_sym] = block
   end
 
+  # Stores the value or values indicated by the args array under the provided property name.
+  #
+  # @param [String] name The name of the property to be written.
+  # @param [*Object] args The value or values to be assigned to the provided property name. If a single value is found
+  #  a scalar will be written otherwise an array will be written.
+  #
+  # @return [Object,nil] The value written to the provided name.
   def set(name, *args)
     @config[name.to_sym] = args.size == 1 ? args.first : args
   end
 
-  def get(name, &block)
+  # Retrieves the value stored under the provided name.
+  #
+  # @param [String] name The name of the property to be read.
+  #
+  # @return [Object,nil] The value stored under the provided name or nil if no such value exists.
+  def get(name)
     @config[name.to_sym]
   end
 

data/lib/hadley/middleware.rb

@@ -1,9 +1,15 @@
+# This class provides the rack middleware that builds on top of warden to provide the necessary endpoints for a rack 
+# application to function as an AFID protected resource.
 class Hadley::Middleware < Sinatra::Base
 
   include Hadley::Authz
 
-  attr_reader :confg
-
+  # Initializes the middleware with the provided application and options
+  #
+  # @param [Rack::Application] app The rack application that this middleware is participating in
+  # @param [Hash] options The Hash of keyword arguments
+  # @param [Hadley::TokenStore] options.store The token store to be used for persisting tokens provisioned by the AFID
+  #  authorization server
   def initialize(app=nil, options={})
     super(app)
     @config ||= Hadley::Config.new(options)
@@ -12,10 +18,7 @@ class Hadley::Middleware < Sinatra::Base
     self
   end
 
-  # ------------------------------------------
-  # Routes
-  # ------------------------------------------
-
+  # The required endpoint for provisioning AFID access tokens.
   put '/access/tokens/:token' do |token|
     warden.authenticate!(:afid_server)
     begin
@@ -30,6 +33,7 @@ class Hadley::Middleware < Sinatra::Base
     end
   end
 
+  # The required endpoint for invalidating AFID access tokens.
   delete '/access/tokens/:token' do |token|
     warden.authenticate!(:afid_server)
     begin

data/lib/hadley/token_store.rb

@@ -1,13 +1,23 @@
+# This class handles the storage, retrieval and removal of OAuth 2 bearer tokens sent from the AFID authorization 
+# server. The TokenStore delegates most of the work to the delegate store, which must support the api set forth by
+# ActiveSupport::Cache::Store.
 class Hadley::TokenStore
 
+  # This method initializes the TokenStore with the delegate store.
+  #
+  # @param [ActiveSupport::Cache::Store] store The TokenStore instance will delegate the heavy lifting to the provided 
+  #  store.
   def initialize(store)
     @store = store
   end
 
-  def key_for(token)
-    "afid-access-token:#{token}"
-  end
-
+  # This method retrieves the AFID identity information associated with the provided token.  If no such identity is 
+  # found the result will be nil.
+  #
+  # @param [String] token The unique token provisioned by the AFID resource server.
+  #
+  # @return [Hash, nil] A Hash representation of the identity associated with the provided token or nil if no such identity
+  #  exists.
   def get(token)
     access = @store.read(key_for(token))
     if access
@@ -16,12 +26,37 @@ class Hadley::TokenStore
     access
   end
 
+  # This method stores the provided AFID identity information under the given AFID token for the duration of time
+  # specified by the expires_in argument.
+  # 
+  # @param [String] token The unique token provisioned by the AFID resource server.
+  # @param [Integer] expires_in The duration of time (in seconds) that the provided AFID identity information should be 
+  #  stored.
+  # @param [Hash] data The identity information to be assiciated with the given AFID token.
+  #
+  # @return [Boolean, nil] True if and only if the identity information was stored successfully.
   def put(token, expires_in, data={})
     @store.write(key_for(token), data, expires_in: expires_in)
   end
 
+  # This method removes the AFID identity information associated with the provided token.
+  #
+  # @param [String] token The token provisioned by the AFID resource server.
+  #
+  # @return [Boolean, nil] True if an only if the identity information was removed successfully.
   def delete(token)
     @store.delete(key_for(token))
   end
 
+  protected
+
+  # This method derives the appropriate datastore key from the given AFID token.
+  #
+  # @param [String] token The unique token provisioned by the AFID resource server.
+  #
+  # @return [Symbol] The appropriate datastore key for the given AFID token.
+  def key_for(token)
+    "afid-access-token:#{token}".to_sym
+  end
+
 end

data/lib/hadley/utils.rb

@@ -1,8 +1,17 @@
+# This module contains a collection of generally useful methods that (currently) have no better place to live. They can 
+# either be referenced directly as module methods or be mixed in. 
 module Hadley::Utils
   extend self
 
-  def camelize(word, uc_first=true)
-    parts = word.split('_')
+  # This method will derive a camelized name from the provided underscored name.
+  # 
+  # @param [#to_s] name The underscored name to be camelized.
+  # @param [Boolean] uc_first True if and only if the first letter of the resulting camelized name should be 
+  #  capitalized.
+  #
+  # @return [String] The camelized name corresponding to the provided underscored name.
+  def camelize(name, uc_first=true)
+    parts = name.to_s.split('_')
     assemble = lambda { |head, tail| head + tail.capitalize }
     uc_first ? parts.inject('', &assemble) : parts.inject(&assemble)
   end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: hadley
 version: !ruby/object:Gem::Version
-  version: 0.0.2
+  version: 0.0.3
   prerelease: 
 platform: ruby
 authors:
@@ -9,11 +9,33 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2012-02-12 00:00:00.000000000 Z
+date: 2012-02-14 00:00:00.000000000 Z
 dependencies:
+- !ruby/object:Gem::Dependency
+  name: yard
+  requirement: &70230747821600 !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: *70230747821600
+- !ruby/object:Gem::Dependency
+  name: yard-sinatra
+  requirement: &70230747821000 !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: *70230747821000
 - !ruby/object:Gem::Dependency
   name: rspec
-  requirement: &70308229014860 !ruby/object:Gem::Requirement
+  requirement: &70230747820200 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ! '>='
@@ -21,10 +43,10 @@ dependencies:
         version: '0'
   type: :development
   prerelease: false
-  version_requirements: *70308229014860
+  version_requirements: *70230747820200
 - !ruby/object:Gem::Dependency
   name: active_support
-  requirement: &70308229014300 !ruby/object:Gem::Requirement
+  requirement: &70230747819480 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ! '>='
@@ -32,10 +54,10 @@ dependencies:
         version: '0'
   type: :development
   prerelease: false
-  version_requirements: *70308229014300
+  version_requirements: *70230747819480
 - !ruby/object:Gem::Dependency
   name: dalli
-  requirement: &70308229030120 !ruby/object:Gem::Requirement
+  requirement: &70230747818780 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ! '>='
@@ -43,10 +65,10 @@ dependencies:
         version: '0'
   type: :development
   prerelease: false
-  version_requirements: *70308229030120
+  version_requirements: *70230747818780
 - !ruby/object:Gem::Dependency
   name: sinatra
-  requirement: &70308229029500 !ruby/object:Gem::Requirement
+  requirement: &70230747833560 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ! '>='
@@ -54,10 +76,10 @@ dependencies:
         version: '0'
   type: :runtime
   prerelease: false
-  version_requirements: *70308229029500
+  version_requirements: *70230747833560
 - !ruby/object:Gem::Dependency
   name: warden
-  requirement: &70308229028740 !ruby/object:Gem::Requirement
+  requirement: &70230747832820 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ! '>='
@@ -65,7 +87,7 @@ dependencies:
         version: '0'
   type: :runtime
   prerelease: false
-  version_requirements: *70308229028740
+  version_requirements: *70230747832820
 description: 
 email:
 - bitbutcher@gmail.com
@@ -74,7 +96,10 @@ extensions: []
 extra_rdoc_files: []
 files:
 - .gitignore
+- .yardopts
 - Gemfile
+- LICENSE.txt
+- README.rdoc
 - Rakefile
 - config.ru
 - hadley.gemspec
@@ -82,6 +107,8 @@ files:
 - lib/hadley/authz.rb
 - lib/hadley/authz/basic.rb
 - lib/hadley/authz/bearer.rb
+- lib/hadley/authz/strategy.rb
+- lib/hadley/authz/strategy_builder.rb
 - lib/hadley/config.rb
 - lib/hadley/middleware.rb
 - lib/hadley/token_store.rb
@@ -111,3 +138,4 @@ signing_key:
 specification_version: 3
 summary: Rack middleware for AFID(bby-id) resource server implementations
 test_files: []
+has_rdoc: