http-token-auth 0.0.1

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: c0e4b07956136703ffbbaa110ee01175dd85eefb
+  data.tar.gz: f2a78c070b0d34a32da75a729343e035845e2f22
+SHA512:
+  metadata.gz: c5aab0c83f14dab2776ccff79945d34320a425373e4102985b69e0b308cde93e7ef6abeb2dd88bff265a92e157f1ea5bdcf69bc049ccab5e92f0a08ddf363d10
+  data.tar.gz: aecf139625ed96dc4fd3a13f1e0fb7caea1ec367e553b84bb0ca0a14c5ad9ea43b9195cce8d3c1b1de3e141ea71d03217fbabf1452c4b38c28ecaf55ea5237cf

data/LICENSE.txt

@@ -0,0 +1,21 @@
+The MIT License (MIT)
+
+Copyright (c) 2016 Felipe Dornelas
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

data/http-token-auth.gemspec

@@ -0,0 +1,24 @@
+# -*- encoding: utf-8 -*-
+lib = File.expand_path('../lib', __FILE__)
+$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
+require 'http/token_auth/version'
+
+Gem::Specification.new do |gem|
+  gem.name          = 'http-token-auth'
+  gem.version       = HTTP::TokenAuth::VERSION
+  gem.authors       = ['Felipe Dornelas']
+  gem.email         = ['m@felipedornelas.com']
+  gem.description   = %s(Ruby gem to handle the HTTP Token Access Authentication.)
+  gem.summary       = %s(Ruby gem to handle the HTTP Token Access Authentication.)
+  gem.homepage      = 'https://github.com/felipead/http-token-auth'
+
+  # rubocop:disable Style/SpecialGlobalVars
+  gem.files         = `git ls-files bin lib http-token-auth.gemspec LICENSE.txt`.split($/)
+  gem.executables   = gem.files.grep(%r{^bin/}).map { |f| File.basename(f) }
+  gem.test_files    = gem.files.grep(%r{^(test|spec|features)/})
+  gem.require_paths = ['lib']
+  gem.license       = 'MIT'
+
+  gem.add_development_dependency 'bundler', '~> 1.11'
+  gem.add_development_dependency 'rake', '~> 10.0'
+end

data/lib/http/token_auth.rb

@@ -0,0 +1,3 @@
+require 'http/token_auth/credentials'
+require 'http/token_auth/authorization_header_parser'
+require 'http/token_auth/version'

data/lib/http/token_auth/authorization_header_parser.rb

@@ -0,0 +1,61 @@
+module HTTP
+  module TokenAuth
+    def self.parse_authorization_header(header)
+      parser = AuthorizationHeaderParser.new
+      parser.parse(header)
+    end
+
+    class AuthorizationHeaderParsingError < StandardError
+      def initialize(submessage)
+        super(%(Error parsing "Authorization" HTTP header with token scheme: #{submessage}))
+      end
+    end
+
+    class AuthorizationHeaderParser
+      def parse(header)
+        scheme, attributes = split(header)
+        raise AuthorizationHeaderParsingError,
+              'Header has no attributes' if attributes.nil?
+        raise AuthorizationHeaderParsingError,
+              %(Invalid scheme "#{scheme}") unless scheme == 'Token'
+        build_credentials parse_attributes(attributes)
+      end
+
+      def split(header)
+        header.split(' ', 2)
+      end
+
+      def parse_attributes(string)
+        attributes = {}
+        string.scan(/(\w+)="([^"]*)"/).each do |group|
+          attributes[group[0].to_sym] = group[1]
+        end
+        attributes
+      end
+
+      def build_credentials(attributes)
+        Credentials.new token: attributes[:token],
+                        coverage: parse_coverage(attributes[:coverage]),
+                        nonce: attributes[:nonce],
+                        auth: attributes[:auth],
+                        timestamp: parse_timestamp(attributes[:timestamp])
+      rescue MissingCredentialsArgumentError => e
+        raise AuthorizationHeaderParsingError, e.message
+      end
+
+      def parse_coverage(coverage)
+        return nil if coverage.nil? || coverage.empty?
+        case coverage
+        when 'none' then nil
+        when 'base' then :base
+        when 'base+body-sha-256' then :base_body_sha_256
+        else raise AuthorizationHeaderParsingError, %(Invalid coverage "#{coverage}")
+        end
+      end
+
+      def parse_timestamp(timestamp)
+        timestamp.nil? ? nil : timestamp.to_i
+      end
+    end
+  end
+end

data/lib/http/token_auth/credentials.rb

@@ -0,0 +1,67 @@
+module HTTP
+  module TokenAuth
+    class MissingCredentialsArgumentError < StandardError
+      def initialize(argument_name)
+        super(%(Invalid token credentials: "#{argument_name}" is missing))
+      end
+    end
+
+    class Credentials
+      attr_reader :token, :coverage, :nonce, :auth, :timestamp
+
+      def initialize(token:, coverage: nil, nonce: nil, auth: nil, timestamp: nil)
+        @token = token
+        @coverage = coverage
+        @nonce = nonce
+        @auth = auth
+        @timestamp = timestamp
+        validate_itself
+      end
+
+      def to_header
+        attributes = []
+        attributes << %(token="#{@token}")
+        unless coverage.nil?
+          attributes << %(coverage="#{coverage_name}")
+          attributes << %(nonce="#{@nonce}")
+          attributes << %(auth="#{@auth}")
+          attributes << %(timestamp="#{@timestamp}")
+        end
+        "Token #{attributes.join(', ')}"
+      end
+
+      private
+
+      def validate_itself
+        must_have_token
+        return if @coverage.nil?
+        must_have_nonce
+        must_have_auth
+        must_have_timestamp
+      end
+
+      def must_have_token
+        raise MissingCredentialsArgumentError, 'token' if @token.nil? || @token.empty?
+      end
+
+      def must_have_nonce
+        raise MissingCredentialsArgumentError, 'nonce' if @nonce.nil? || @nonce.empty?
+      end
+
+      def must_have_auth
+        raise MissingCredentialsArgumentError, 'auth' if @auth.nil? || @auth.empty?
+      end
+
+      def must_have_timestamp
+        raise MissingCredentialsArgumentError, 'timestamp' if @timestamp.nil?
+      end
+
+      def coverage_name
+        case @coverage
+        when :base then 'base'
+        when :base_body_sha_256 then 'base+body-sha-256'
+        end
+      end
+    end
+  end
+end

data/lib/http/token_auth/version.rb

@@ -0,0 +1,5 @@
+module HTTP
+  module TokenAuth
+    VERSION = '0.0.1'.freeze
+  end
+end

metadata

@@ -0,0 +1,78 @@
+--- !ruby/object:Gem::Specification
+name: http-token-auth
+version: !ruby/object:Gem::Version
+  version: 0.0.1
+platform: ruby
+authors:
+- Felipe Dornelas
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2016-03-27 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: bundler
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.11'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.11'
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '10.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '10.0'
+description: Ruby gem to handle the HTTP Token Access Authentication.
+email:
+- m@felipedornelas.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- LICENSE.txt
+- http-token-auth.gemspec
+- lib/http/token_auth.rb
+- lib/http/token_auth/authorization_header_parser.rb
+- lib/http/token_auth/credentials.rb
+- lib/http/token_auth/version.rb
+homepage: https://github.com/felipead/http-token-auth
+licenses:
+- MIT
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 2.4.5
+signing_key: 
+specification_version: 4
+summary: Ruby gem to handle the HTTP Token Access Authentication.
+test_files: []