hmac_signature 0.0.1 → 0.0.2

data/.gitignore

@@ -0,0 +1,17 @@
+*.gem
+*.rbc
+.bundle
+.config
+.yardoc
+Gemfile.lock
+InstalledFiles
+_yardoc
+coverage
+doc/
+lib/bundler/man
+pkg
+rdoc
+spec/reports
+test/tmp
+test/version_tmp
+tmp

data/Gemfile

@@ -0,0 +1,4 @@
+source 'https://rubygems.org'
+
+# Specify your gem's dependencies in hmac_signature.gemspec
+gemspec

data/LICENSE.txt

@@ -0,0 +1,22 @@
+Copyright (c) 2013 Erik Lott
+
+MIT License
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.md

@@ -0,0 +1,29 @@
+# HmacSignature
+
+TODO: Write a gem description
+
+## Installation
+
+Add this line to your application's Gemfile:
+
+    gem 'hmac_signature'
+
+And then execute:
+
+    $ bundle
+
+Or install it yourself as:
+
+    $ gem install hmac_signature
+
+## Usage
+
+TODO: Write usage instructions here
+
+## Contributing
+
+1. Fork it
+2. Create your feature branch (`git checkout -b my-new-feature`)
+3. Commit your changes (`git commit -am 'Add some feature'`)
+4. Push to the branch (`git push origin my-new-feature`)
+5. Create new Pull Request

data/Rakefile

@@ -0,0 +1 @@
+require "bundler/gem_tasks"

data/hmac_signature.gemspec

@@ -0,0 +1,24 @@
+# coding: utf-8
+lib = File.expand_path('../lib', __FILE__)
+$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
+require 'hmac_signature/version'
+
+Gem::Specification.new do |spec|
+  spec.name          = "hmac_signature"
+  spec.version       = HmacSignature::VERSION
+  spec.authors       = ["Erik Lott"]
+  spec.email         = ["erik.lott@evrium.com"]
+  spec.summary       = %q{Simple key/secret based hmac authentication via headers or query string}
+  spec.description   = %q{Simple key/secret based hmac authentication via headers or query string}
+  spec.homepage      = ""
+  spec.license       = "MIT"
+
+  spec.files         = `git ls-files`.split($/)
+  spec.executables   = spec.files.grep(%r{^bin/}) { |f| File.basename(f) }
+  spec.test_files    = spec.files.grep(%r{^(test|spec|features)/})
+  spec.require_paths = ["lib"]
+
+  spec.add_development_dependency "rspec"
+  spec.add_development_dependency "bundler", "~> 1.3"
+  spec.add_development_dependency "rake"
+end

data/lib/hmac_signature/credentials.rb

@@ -0,0 +1,49 @@
+module HmacSignature
+	class Credentials
+		HEADER_CREDENTIAL_REGEXES = [/^x-auth-(.+)$/i, /^http_x_auth_(.+)$/i]
+		PARAM_CREDENTIAL_REGEX = /^auth_(.+)$/
+
+		class << self
+			def from_params params={}
+				hash = params.inject({}) do |memo, (k,v)|
+					if match = k.to_s.match(PARAM_CREDENTIAL_REGEX)
+						memo[match[1]] = v
+					end
+					memo
+				end
+				new hash['key'], hash['expiry'], hash['version'], hash['signature']
+			end
+
+			def from_headers headers={}
+				hash = headers.inject({}) do |memo, (k,v)|
+					HEADER_CREDENTIAL_REGEXES.each do |regex|
+						if match = k.match(regex)
+							new_key = match[1].downcase.gsub('-', '_')
+							memo[new_key] = v
+							break
+						end
+					end
+					memo
+				end
+				new hash['key'], hash['expiry'], hash['version'], hash['signature']
+			end
+		end
+
+		attr_reader :key, :expiry, :version, :signature
+
+		def initialize key, expiry, version, signature
+			@key = key 
+			@expiry = expiry
+			@version = version
+			@signature = signature
+		end
+
+		def to_hash
+			{'auth_key' => key, 'auth_expiry' => expiry, 'auth_version' => version, 'auth_signature' => signature}
+		end
+
+		def to_headers
+			{'X-Auth-Key' => key, 'X-Auth-Expiry' => expiry, 'X-Auth-Version' => version, 'X-Auth-Signature' => signature}
+		end
+	end
+end

data/lib/hmac_signature/exceptions.rb

@@ -0,0 +1,5 @@
+module HmacSignature
+	class HmacSignatureError < StandardError; end
+	class AuthenticationError < HmacSignatureError; end
+	class MissingCredentials < HmacSignatureError; end
+end

data/lib/hmac_signature/query_encoder.rb

@@ -0,0 +1,46 @@
+module HmacSignature		
+	module QueryEncoder
+		class << self
+			# URL encodes query parameters:
+			# single k=v, or a URL encoded array, if v is an array of values
+			def encode_param(k, v)
+				if v.is_a?(Array)
+					v.map { |e| escape(k) + "[]=" + escape(e) }.join("&")
+				else
+					escape(k) + "=" + escape(v)
+				end
+			end
+
+			# Like encode_param, but doesn't url escape keys or values
+			def encode_param_without_escaping(k, v)
+				if v.is_a?(Array)
+					v.map { |e| k + "[]=" + e }.join("&")
+				else
+					"#{k}=#{v}"
+				end
+			end
+
+			private
+
+			def escape(s)
+				if defined?(EscapeUtils)
+					EscapeUtils.escape_url(s.to_s)
+				else
+					s.to_s.gsub(/([^a-zA-Z0-9_.-]+)/n) {
+						'%'+$1.unpack('H2'*bytesize($1)).join('%').upcase
+					}
+				end
+			end
+
+			if ''.respond_to?(:bytesize)
+				def bytesize(string)
+					string.bytesize
+				end
+			else
+				def bytesize(string)
+					string.size
+				end
+			end
+		end
+	end
+end

data/lib/hmac_signature/request.rb

@@ -0,0 +1,86 @@
+module HmacSignature
+	class Request 
+		VALID_METHODS = %w(GET POST)
+
+	    # http://www.w3.org/TR/NOTE-datetime
+	    ISO8601 = "%Y-%m-%dT%H:%M:%SZ"
+
+		attr_reader :method, :path, :params, :credentials
+
+		def initialize method, path, params, credentials=nil
+			raise ArgumentError, "Expected GET or POST" unless method.is_a?(String) && VALID_METHODS.include?(method)
+			raise ArgumentError, "Expected string" unless path.is_a?(String) && !path.empty?
+			raise ArgumentError, "Expected hash" unless params.is_a?(Hash)
+			raise ArgumentError, "Expected credentials" unless credentials.nil? || credentials.is_a?(HmacSignature::Credentials)
+
+			@method = method
+			@path = path
+			@params = params
+			@credentials = credentials
+		end
+
+		def sign token, expires_in=600
+			expires_at 	= (Time.now.utc.to_i + expires_in).to_s
+			version 	= Signature::VERSION
+			key 		= token.key
+			secret 		= token.secret
+			signature 	= generate_signature(token, expires_at, version).to_s
+
+			HmacSignature::Credentials.new(key, expires_at, version, signature)
+		end
+
+		def authenticate
+			raise ArgumentError, "Block required" unless block_given?
+			raise AuthenticationError, "Missing parameter: key" unless credentials.key
+			token = yield credentials.key
+			unless token
+				raise AuthenticationError, "Unknown key"
+			end
+			authenticate_by_token! token
+			return token
+		end
+
+		def authenticate_by_token token
+			authenticate_by_token! token
+		rescue
+			false
+		end
+
+		def authenticate_by_token! token
+			raise HmacSignature::AuthenticationError, "Credentials required" unless credentials
+
+			if token.secret.nil? || token.secret.empty?
+				raise ArgumentError, "Provided token is missing secret"
+			end
+
+			# authenticates version
+			raise HmacSignature::AuthenticationError, "Version required" unless credentials.version
+	        raise HmacSignature::AuthenticationError, "Version not supported" unless credentials.version == '1.0'
+	        
+			# authenticates expiry
+			raise HmacSignature::AuthenticationError, "Expiration timestamp required" unless credentials.expiry
+			if Time.now.utc.to_i > credentials.expiry.to_i
+				raise HmacSignature::AuthenticationError, "Timestamp expired: Given timestamp "\
+				"(#{Time.at(credentials.expiry.to_i).utc.strftime(ISO8601)}) "\
+				"has expired. The current server time is "\
+				"(#{Time.now.utc.strftime(ISO8601)})"
+			end
+
+			# authenticates signature
+			valid_signature = generate_signature(token, credentials.expiry, credentials.version)
+			unless credentials.signature == valid_signature.to_s
+				raise HmacSignature::AuthenticationError, "Invalid signature: you should have "\
+				"sent HmacSHA256Hex(#{valid_signature.string_to_sign.inspect}, your_secret_key)"\
+				", but you sent #{credentials.signature.inspect}"
+			end
+			
+			true
+		end
+
+		private
+
+		def generate_signature token, timestamp, version
+			HmacSignature::Signature.new(method, path, params, timestamp, version, token.key, token.secret)
+		end
+	end
+end

data/lib/hmac_signature/signature.rb

@@ -0,0 +1,36 @@
+require 'openssl'
+
+module HmacSignature
+	class Signature < Struct.new(:method, :path, :params, :timestamp, :version, :key, :secret)
+		VERSION = "1.0"
+
+		def to_s
+			digest = OpenSSL::Digest::SHA256.new
+			OpenSSL::HMAC.hexdigest(digest, secret, string_to_sign)
+		end
+
+		def string_to_sign
+			[method, path, parameter_string].join("\n")
+		end
+
+		private
+
+		def credential_hash
+			{ :auth_expiry => timestamp, :auth_version => version, :auth_key => key }
+		end
+
+		def parameter_string
+			hash = params.merge credential_hash
+
+			# Convert keys to lowercase strings
+			hash = hash.inject({}) do |memo, (k,v)|
+				memo[k.to_s.downcase] = v
+				memo
+			end
+
+			hash.sort.map do |k, v|
+				QueryEncoder.encode_param_without_escaping(k, v)
+			end.join('&')
+		end
+	end
+end

data/lib/hmac_signature/strategy/headers/request.rb

@@ -0,0 +1,17 @@
+module HmacSignature
+	module Strategy
+		module Headers
+			class Request < HmacSignature::Request
+				def initialize method, path, params, headers={}
+					credentials = HmacSignature::Credentials.from_headers(headers)
+					super method, path, params, credentials
+				end
+
+				def sign token, expires_in=600
+					credentials = super(token, expires_in)
+					credentials.to_headers
+				end
+			end
+		end
+	end
+end

data/lib/hmac_signature/strategy/params/request.rb

@@ -0,0 +1,18 @@
+module HmacSignature
+	module Strategy
+		module Params
+			class Request < HmacSignature::Request
+				def initialize method, path, params
+					credentials = HmacSignature::Credentials.from_params params
+					params_with_auth_removed = params.reject{|k,v| k.match HmacSignature::Credentials::PARAM_CREDENTIAL_REGEX }
+					super method, path, params_with_auth_removed, credentials
+				end
+
+				def sign token, expires_in=600
+					credentials = super(token, expires_in)
+					credentials.to_hash
+				end
+			end
+		end
+	end
+end

data/lib/hmac_signature/token.rb

@@ -0,0 +1,10 @@
+module HmacSignature
+	class Token
+		attr_reader :key, :secret
+
+		def initialize key, secret
+			@key = key 
+			@secret = secret
+		end
+	end
+end

data/lib/hmac_signature/version.rb

@@ -0,0 +1,3 @@
+module HmacSignature
+	VERSION = "0.0.2"
+end

data/lib/hmac_signature.rb

@@ -1,33 +1,12 @@
-require 'base64'
-require 'openssl'
+require 'hmac_signature/version'
+require 'hmac_signature/exceptions'
+require 'hmac_signature/token'
+require 'hmac_signature/credentials'
+require 'hmac_signature/query_encoder'
+require 'hmac_signature/signature'
+require 'hmac_signature/request'
+require 'hmac_signature/strategy/headers/request'
+require 'hmac_signature/strategy/params/request'
 
-class HmacSignature
-  def initialize(key)
-    @key = key
-  end
-  
-  def sign(verb, host, path, query_params)
-    # sort the params alphabetically by key and join
-    # them with '='
-    sorted_query_params = query_params.sort.map do |param|
-      param.join("=")
-    end # => ["user=mat", "tag=ruby"]
-    
-    # join the sorted params into one string
-    canonicalized_params = sorted_query_params.join("&")
-    # => "user=mat&tag=ruby"
-    
-    # Construct the string to sign by concatenating the
-    # various parts of the request.
-    string_to_sign = verb + host + path + canonicalized_params
-    
-    # Construct an hmac signer using our secret key
-    digest = OpenSSL::HMAC.digest('sha256', @key, string_to_sign)
-    # digest = Digest::SHA256.new(@key)
-    # digest.update(string_to_sign)
-    
-    # Encrypt the string and Base64 encode it (to
-    # make it cleaner when putting it into the request).
-    Base64.encode64(digest).chomp
-  end
+module HmacSignature
 end

data/spec/hmac_signature_spec.rb

@@ -0,0 +1,247 @@
+require 'spec_helper'
+
+describe HmacSignature do
+	let(:timestamp)			{ Time.at(2345) }
+	let(:method)			{ 'GET' }
+	let(:path)				{ '/test/path' }
+	let(:params)			{{:param1 => 'param1', :param2 => 'param2'}}
+	let(:key)				{ 'key123' }
+	let(:secret)			{ 'secret123' }
+	let(:version)			{ HmacSignature::Signature::VERSION }
+	let(:expiry)			{ (timestamp.to_i + 600).to_s }
+	let(:signature)			{ '00d639f0c7561b976893deed5360b339a90971aa8bd8e1bd9f1aab30f303ac3a' }
+
+	let(:token_key)			{ key }
+	let(:token_secret)		{ secret }
+	let(:token) 			{ HmacSignature::Token.new token_key, token_secret }
+
+	let(:cred_key)			{ key }
+	let(:cred_expiry)		{ expiry }
+	let(:cred_version)		{ version }
+	let(:cred_signature)	{ signature }
+	let(:credentials)		{ HmacSignature::Credentials.new cred_key, cred_expiry, cred_version, cred_signature }
+
+	let(:req_headers_a)		{{ 'X-Auth-Key' => key, 'X-Auth-Expiry' => expiry, 'X-Auth-Version' => version, 'X-Auth-Signature' => signature, 'Content-Type' => 'text/plain', 'Content-Length' => 12345 }}
+	let(:req_headers_b)		{{ 'HTTP_X_AUTH_KEY' => key, 'HTTP_X_AUTH_EXPIRY' => expiry, 'HTTP_X_AUTH_VERSION' => version, 'HTTP_X_AUTH_SIGNATURE' => signature, 'HTTP_CONTENT_TYPE' => 'text/plain', 'HTTP_CONTENT_LENGTH' => 12345 }}
+	let(:req_method)		{ method }
+	let(:req_path)			{ path }
+	let(:req_params)		{ params }
+	let(:req_credentials)	{ credentials }
+	let(:request)			{ HmacSignature::Request.new req_method, req_path, req_params, req_credentials}
+
+	before do
+		Time.stub!(:now).and_return(timestamp)
+	end
+
+	describe HmacSignature::Token do
+	end
+
+	describe HmacSignature::Credentials do
+		describe "::from_params" do
+			context "when symbol keys" do
+				hash = {:blah => 'blah', :auth_key => 'key', :auth_expiry => 'expiry', :auth_version => 'version', :auth_signature => 'signature' }
+				credentials = HmacSignature::Credentials.from_params(hash)
+				credentials.key.should == 'key'
+				credentials.expiry.should == 'expiry'
+				credentials.version.should == 'version'
+				credentials.signature.should == 'signature'
+			end
+
+			context "when string keys" do
+			end
+		end
+
+		describe "::from_headers" do
+			subject(:response){ HmacSignature::Credentials.from_headers(headers) }
+			
+			context "when headers in normal form" do
+				let(:headers){ req_headers_a }
+
+				its(:key){ should == key }
+				its(:expiry){ should == expiry }
+				its(:expiry){ should == expiry }
+				its(:version){ should == version }
+				its(:signature){ should == signature }
+			end
+
+			context "when headers in normal form" do
+				let(:headers){ req_headers_b }
+
+				its(:key){ should == key }
+				its(:expiry){ should == expiry }
+				its(:expiry){ should == expiry }
+				its(:version){ should == version }
+				its(:signature){ should == signature }
+			end
+		end
+	
+		describe "#to_hash" do
+			it "returns a credential hash" do
+				credentials.to_hash.should == {
+					"auth_key" => key, 
+					"auth_expiry" => "2945", 
+					"auth_version" => version, 
+					"auth_signature" => signature
+				}
+			end
+		end
+	end
+
+	describe HmacSignature::Signature do
+		subject{ HmacSignature::Signature.new method, path, params, expiry, version, key, secret }
+		its(:to_s){ should == signature }
+	end
+
+	describe HmacSignature::Request do
+		describe "::new" do
+			context "when method is nil" do
+				let(:req_method){ nil }
+				it "raises error" do
+					expect{ request }.to raise_error(ArgumentError, 'Expected GET or POST')
+				end
+			end
+
+			context "when method is empty string" do
+				let(:req_method){ '' }
+				it "raises error" do
+					expect{ request }.to raise_error(ArgumentError, 'Expected GET or POST')
+				end
+			end
+
+			context "when path is nil" do
+				let(:req_path){ nil }
+				it "raises error" do
+					expect{ request }.to raise_error(ArgumentError, 'Expected string')
+				end
+			end
+
+			context "when path is empty string" do
+				let(:req_path){ '' }
+				it "raises error" do
+					expect{ request }.to raise_error(ArgumentError, 'Expected string')
+				end
+			end
+
+			context "when params is not a hash" do
+				let(:req_params){ '' }
+				it "raises error" do
+					expect{ request }.to raise_error(ArgumentError, 'Expected hash')
+				end
+			end
+
+			context "when credentials is not an instance of Credentials" do
+				let(:req_credentials){ '' }
+				it "raises error" do
+					expect{ request }.to raise_error(ArgumentError, 'Expected credentials')
+				end
+			end
+		end
+
+		describe "#sign" do
+			it "returns credentials instance" do
+				creds = request.sign(token)
+				creds.expiry.should == expiry
+				creds.signature.should == signature
+				creds.version.should == version
+				creds.key.should == key
+			end
+		end
+
+		describe "authenticate_by_token!" do
+			subject(:auth){ request.authenticate_by_token! token }
+
+			context "when params are valid" do
+				it "returns true" do
+					auth.should be_true
+				end
+			end
+
+			context "when token is missing secret" do
+				it "raises exception" do
+					tok = HmacSignature::Token.new token_key, ''
+					expect do
+						request.authenticate_by_token! tok
+					end.to raise_error(ArgumentError, 'Provided token is missing secret')
+				end
+			end
+
+			context "when signature is invalid" do
+				let(:cred_signature) { 'incorrect123' }
+				it "returns true" do
+					expect { auth }.to raise_error(HmacSignature::AuthenticationError, 'Invalid signature: you should have sent HmacSHA256Hex("GET\n/test/path\nauth_expiry=2945&auth_key=key123&auth_version=1.0&param1=param1&param2=param2", your_secret_key), but you sent "incorrect123"')
+				end
+			end
+
+			context "when expiry timestamp is expired" do
+				let(:req_credentials) do
+					HmacSignature::Request.new(req_method, req_path, req_params).sign(token, -600)
+				end
+
+				it "returns true" do
+					expect { auth }.to raise_error(HmacSignature::AuthenticationError, 'Timestamp expired: Given timestamp (1970-01-01T00:29:05Z) has expired. The current server time is (1970-01-01T00:39:05Z)')
+				end
+			end
+
+			context "when expiry timestamp is really expired" do
+				let(:req_credentials) do
+					HmacSignature::Request.new(req_method, req_path, req_params).sign(token, -4600)
+				end
+
+				it "returns true" do
+					expect { auth }.to raise_error(HmacSignature::AuthenticationError, 'Timestamp expired: Given timestamp (1969-12-31T23:22:25Z) has expired. The current server time is (1970-01-01T00:39:05Z)')
+				end
+			end
+
+			context "when expiry timestamp is slightly expired" do
+				let(:req_credentials) do
+					HmacSignature::Request.new(req_method, req_path, req_params).sign(token, -10)
+				end
+
+				it "returns true" do
+					expect { auth }.to raise_error(HmacSignature::AuthenticationError, 'Timestamp expired: Given timestamp (1970-01-01T00:38:55Z) has expired. The current server time is (1970-01-01T00:39:05Z)')
+				end
+			end
+		end
+	end
+
+	describe HmacSignature::Strategy::Headers::Request do
+		let(:header_request) { HmacSignature::Strategy::Headers::Request.new req_method, req_path, req_params, req_headers_a }
+		describe "#sign" do
+			it "returns a hash of header values" do
+				header_request.sign(token).should == {
+					"X-Auth-Key"=> key, 
+					"X-Auth-Expiry"=>"2945", 
+					"X-Auth-Version"=> version, 
+					"X-Auth-Signature"=> signature
+				}
+			end
+		end
+
+		describe "#authenticate_by_token!" do
+			it "returns true" do
+				header_request.authenticate_by_token!(token).should be_true
+			end
+		end
+	end
+
+	describe HmacSignature::Strategy::Params::Request do
+		let(:params_request_params) { params.merge credentials.to_hash }
+		let(:params_request) { HmacSignature::Strategy::Params::Request.new req_method, req_path, params_request_params }
+		describe "#sign" do
+			it "returns a hash of header values" do
+				params_request.sign(token).should == {
+					"auth_key"=> key, 
+					"auth_expiry"=>"2945", 
+					"auth_version"=> version, 
+					"auth_signature"=> signature
+				}
+			end
+		end
+
+		describe "#authenticate_by_token!" do
+			it "returns true" do
+				params_request.authenticate_by_token!(token).should be_true
+			end
+		end
+	end
+end

data/spec/spec_helper.rb

@@ -0,0 +1,8 @@
+$LOAD_PATH.unshift(File.join(File.dirname(__FILE__), '..', 'lib'))
+require 'hmac_signature'
+
+require 'rspec'
+
+RSpec.configure do |config|
+  
+end

metadata

@@ -1,25 +1,92 @@
 --- !ruby/object:Gem::Specification
 name: hmac_signature
 version: !ruby/object:Gem::Version
-  version: 0.0.1
+  version: 0.0.2
   prerelease: 
 platform: ruby
 authors:
-- Paul Dix
+- Erik Lott
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2012-05-12 00:00:00.000000000 Z
-dependencies: []
-description: A simple support class for generating http based request signatures
-email: info@evrium.com
+date: 2013-06-08 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: rspec
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: bundler
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '1.3'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '1.3'
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+description: Simple key/secret based hmac authentication via headers or query string
+email:
+- erik.lott@evrium.com
 executables: []
 extensions: []
 extra_rdoc_files: []
 files:
+- .gitignore
+- Gemfile
+- LICENSE.txt
+- README.md
+- Rakefile
+- hmac_signature.gemspec
 - lib/hmac_signature.rb
-homepage: http://rubygems.org/gems/hmac_signature
-licenses: []
+- lib/hmac_signature/credentials.rb
+- lib/hmac_signature/exceptions.rb
+- lib/hmac_signature/query_encoder.rb
+- lib/hmac_signature/request.rb
+- lib/hmac_signature/signature.rb
+- lib/hmac_signature/strategy/headers/request.rb
+- lib/hmac_signature/strategy/params/request.rb
+- lib/hmac_signature/token.rb
+- lib/hmac_signature/version.rb
+- spec/hmac_signature_spec.rb
+- spec/spec_helper.rb
+homepage: ''
+licenses:
+- MIT
 post_install_message: 
 rdoc_options: []
 require_paths:
@@ -38,9 +105,11 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubyforge_project: 
-rubygems_version: 1.8.21
+rubygems_version: 1.8.25
 signing_key: 
 specification_version: 3
-summary: Request signature generator
-test_files: []
+summary: Simple key/secret based hmac authentication via headers or query string
+test_files:
+- spec/hmac_signature_spec.rb
+- spec/spec_helper.rb
 has_rdoc: