http-token-auth 0.0.1 → 0.1.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: c0e4b07956136703ffbbaa110ee01175dd85eefb
-  data.tar.gz: f2a78c070b0d34a32da75a729343e035845e2f22
+  metadata.gz: cd2be20131fcf205b737d8b3e39b564b6e56447b
+  data.tar.gz: af2a0ac666a211d7db09279521e9a778b48eca38
 SHA512:
-  metadata.gz: c5aab0c83f14dab2776ccff79945d34320a425373e4102985b69e0b308cde93e7ef6abeb2dd88bff265a92e157f1ea5bdcf69bc049ccab5e92f0a08ddf363d10
-  data.tar.gz: aecf139625ed96dc4fd3a13f1e0fb7caea1ec367e553b84bb0ca0a14c5ad9ea43b9195cce8d3c1b1de3e141ea71d03217fbabf1452c4b38c28ecaf55ea5237cf
+  metadata.gz: bc9b3e2db21a82004f0a219103791a50d4c91e1cc28d08703be1d590e7f324d6759ad83c44f49e13d5a4041db3d0d53a2e6381e1dc7ff5d4e0f413e2b9b8fb90
+  data.tar.gz: 7048ecff80de8c6f70ccfcb87eafccee714a39663afeea4fce1eaf4be17a1d65ebf77c82c618e4d1930fe5009259923c3841afd7f83d66d581d69e471d8cc08b

data/lib/http/token_auth.rb

@@ -1,3 +1,6 @@
+require 'http/token_auth/version'
 require 'http/token_auth/credentials'
+require 'http/token_auth/challenge'
+require 'http/token_auth/scheme_parser'
 require 'http/token_auth/authorization_header_parser'
-require 'http/token_auth/version'
+require 'http/token_auth/www_authenticate_header_parser'

data/lib/http/token_auth/authorization_header_parser.rb

@@ -6,31 +6,15 @@ module HTTP
     end
 
     class AuthorizationHeaderParsingError < StandardError
-      def initialize(submessage)
-        super(%(Error parsing "Authorization" HTTP header with token scheme: #{submessage}))
-      end
     end
 
     class AuthorizationHeaderParser
-      def parse(header)
-        scheme, attributes = split(header)
-        raise AuthorizationHeaderParsingError,
-              'Header has no attributes' if attributes.nil?
-        raise AuthorizationHeaderParsingError,
-              %(Invalid scheme "#{scheme}") unless scheme == 'Token'
-        build_credentials parse_attributes(attributes)
-      end
-
-      def split(header)
-        header.split(' ', 2)
+      def initialize
+        @scheme_parser = SchemeParser.new
       end
 
-      def parse_attributes(string)
-        attributes = {}
-        string.scan(/(\w+)="([^"]*)"/).each do |group|
-          attributes[group[0].to_sym] = group[1]
-        end
-        attributes
+      def parse(header)
+        build_credentials @scheme_parser.parse(header)
       end
 
       def build_credentials(attributes)
@@ -39,22 +23,23 @@ module HTTP
                         nonce: attributes[:nonce],
                         auth: attributes[:auth],
                         timestamp: parse_timestamp(attributes[:timestamp])
-      rescue MissingCredentialsArgumentError => e
+      rescue CredentialsArgumentError => e
         raise AuthorizationHeaderParsingError, e.message
       end
 
-      def parse_coverage(coverage)
-        return nil if coverage.nil? || coverage.empty?
-        case coverage
-        when 'none' then nil
+      def parse_coverage(string)
+        case string
+        when nil
+        when ''
+        when 'none' then :none
         when 'base' then :base
         when 'base+body-sha-256' then :base_body_sha_256
-        else raise AuthorizationHeaderParsingError, %(Invalid coverage "#{coverage}")
+        else raise AuthorizationHeaderParsingError, %(Unsupported coverage "#{string}")
         end
       end
 
-      def parse_timestamp(timestamp)
-        timestamp.nil? ? nil : timestamp.to_i
+      def parse_timestamp(string)
+        string.nil? ? nil : string.to_i
       end
     end
   end

data/lib/http/token_auth/challenge.rb

@@ -0,0 +1,69 @@
+module HTTP
+  module TokenAuth
+    class ChallengeArgumentError < StandardError
+    end
+
+    class Challenge
+      attr_reader :realm, :supported_coverages, :timestamp
+
+      def initialize(realm:, supported_coverages: nil, timestamp: nil)
+        @realm = realm
+        @supported_coverages = supported_coverages_or_default(supported_coverages)
+        @timestamp = timestamp
+        validate_itself
+      end
+
+      def to_header
+        attributes = []
+        attributes << %(realm="#{@realm}")
+        attributes << %(coverage="#{coverage_string}")
+        unless supported_coverages.include?(:none)
+          attributes << %(timestamp="#{@timestamp}")
+        end
+        "Token #{attributes.join(', ')}"
+      end
+
+      private
+
+      def supported_coverages_or_default(list)
+        return [:base] if list.nil? || list.empty?
+        list
+      end
+
+      def validate_itself
+        must_have_realm
+        supported_coverages_must_be_consistent
+        must_have_timestamp unless supported_coverages.include?(:none)
+      end
+
+      def must_have_realm
+        raise ChallengeArgumentError, '"realm" is missing' if @realm.nil? || @realm.empty?
+      end
+
+      def must_have_timestamp
+        raise ChallengeArgumentError, '"timestamp" is missing' if @timestamp.nil?
+      end
+
+      def supported_coverages_must_be_consistent
+        if supported_coverages.include?(:none) && supported_coverages.size > 1
+          raise ChallengeArgumentError,
+                'coverage "none" cannot be combined with other coverages'
+        end
+      end
+
+      def coverage_string
+        @supported_coverages.map do |coverage|
+          coverage_name(coverage)
+        end.join(' ')
+      end
+
+      def coverage_name(coverage)
+        case coverage
+        when :none then 'none'
+        when :base then 'base'
+        when :base_body_sha_256 then 'base+body-sha-256'
+        end
+      end
+    end
+  end
+end

data/lib/http/token_auth/credentials.rb

@@ -1,9 +1,6 @@
 module HTTP
   module TokenAuth
-    class MissingCredentialsArgumentError < StandardError
-      def initialize(argument_name)
-        super(%(Invalid token credentials: "#{argument_name}" is missing))
-      end
+    class CredentialsArgumentError < StandardError
     end
 
     class Credentials
@@ -11,7 +8,7 @@ module HTTP
 
       def initialize(token:, coverage: nil, nonce: nil, auth: nil, timestamp: nil)
         @token = token
-        @coverage = coverage
+        @coverage = coverage.nil? ? :none : coverage
         @nonce = nonce
         @auth = auth
         @timestamp = timestamp
@@ -21,7 +18,7 @@ module HTTP
       def to_header
         attributes = []
         attributes << %(token="#{@token}")
-        unless coverage.nil?
+        unless coverage == :none
           attributes << %(coverage="#{coverage_name}")
           attributes << %(nonce="#{@nonce}")
           attributes << %(auth="#{@auth}")
@@ -34,26 +31,39 @@ module HTTP
 
       def validate_itself
         must_have_token
-        return if @coverage.nil?
-        must_have_nonce
-        must_have_auth
-        must_have_timestamp
+        must_have_valid_coverage
+        unless @coverage == :none
+          must_have_nonce
+          must_have_auth
+          must_have_timestamp
+        end
+      end
+
+      def must_have_valid_coverage
+        case @coverage
+        when :none
+        when :base
+        when :base_body_sha_256
+          return
+        else
+          raise CredentialsArgumentError, %(unsupported "#{@coverage}" coverage)
+        end
       end
 
       def must_have_token
-        raise MissingCredentialsArgumentError, 'token' if @token.nil? || @token.empty?
+        raise CredentialsArgumentError, '"token" is missing' if @token.nil? || @token.empty?
       end
 
       def must_have_nonce
-        raise MissingCredentialsArgumentError, 'nonce' if @nonce.nil? || @nonce.empty?
+        raise CredentialsArgumentError, '"nonce" is missing' if @nonce.nil? || @nonce.empty?
       end
 
       def must_have_auth
-        raise MissingCredentialsArgumentError, 'auth' if @auth.nil? || @auth.empty?
+        raise CredentialsArgumentError, '"auth" is missing' if @auth.nil? || @auth.empty?
       end
 
       def must_have_timestamp
-        raise MissingCredentialsArgumentError, 'timestamp' if @timestamp.nil?
+        raise CredentialsArgumentError, '"timestamp" is missing' if @timestamp.nil?
       end
 
       def coverage_name

data/lib/http/token_auth/scheme_parser.rb

@@ -0,0 +1,29 @@
+module HTTP
+  module TokenAuth
+    class SchemeParsingError < StandardError
+    end
+
+    class SchemeParser
+      def parse(string)
+        scheme, attributes_string = split(string)
+        raise SchemeParsingError,
+              'No attributes provided' if attributes_string.nil?
+        raise SchemeParsingError,
+              %(Unsupported scheme "#{scheme}") unless scheme == 'Token'
+        parse_attributes(attributes_string)
+      end
+
+      def split(string)
+        string.split(' ', 2)
+      end
+
+      def parse_attributes(string)
+        attributes = {}
+        string.scan(/(\w+)="([^"]*)"/).each do |group|
+          attributes[group[0].to_sym] = group[1]
+        end
+        attributes
+      end
+    end
+  end
+end

data/lib/http/token_auth/version.rb

@@ -1,5 +1,5 @@
 module HTTP
   module TokenAuth
-    VERSION = '0.0.1'.freeze
+    VERSION = '0.1.0'.freeze
   end
 end

data/lib/http/token_auth/www_authenticate_header_parser.rb

@@ -0,0 +1,47 @@
+module HTTP
+  module TokenAuth
+    def self.parse_www_authenticate_header(header)
+      parser = WWWAuthenticateHeaderParser.new
+      parser.parse(header)
+    end
+
+    class WWWAuthenticateHeaderParsingError < StandardError
+    end
+
+    class WWWAuthenticateHeaderParser
+      def initialize
+        @schema_parser = SchemeParser.new
+      end
+
+      def parse(header)
+        build_challenge @schema_parser.parse(header)
+      end
+
+      private
+
+      def build_challenge(attributes)
+        Challenge.new realm: attributes[:realm],
+                      supported_coverages: parse_coverage(attributes[:coverage]),
+                      timestamp: parse_timestamp(attributes[:timestamp])
+      rescue ChallengeArgumentError => e
+        raise WWWAuthenticateHeaderParsingError, e.message
+      end
+
+      def parse_coverage(string)
+        return [:base] if string.nil?
+        string.split.map do |token|
+          case token
+          when 'none' then :none
+          when 'base' then :base
+          when 'base+body-sha-256' then :base_body_sha_256
+          else raise WWWAuthenticateHeaderParsingError, %(Unsupported coverage "#{token}")
+          end
+        end
+      end
+
+      def parse_timestamp(string)
+        string.nil? ? nil : string.to_i
+      end
+    end
+  end
+end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: http-token-auth
 version: !ruby/object:Gem::Version
-  version: 0.0.1
+  version: 0.1.0
 platform: ruby
 authors:
 - Felipe Dornelas
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2016-03-27 00:00:00.000000000 Z
+date: 2016-03-28 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler
@@ -49,8 +49,11 @@ files:
 - http-token-auth.gemspec
 - lib/http/token_auth.rb
 - lib/http/token_auth/authorization_header_parser.rb
+- lib/http/token_auth/challenge.rb
 - lib/http/token_auth/credentials.rb
+- lib/http/token_auth/scheme_parser.rb
 - lib/http/token_auth/version.rb
+- lib/http/token_auth/www_authenticate_header_parser.rb
 homepage: https://github.com/felipead/http-token-auth
 licenses:
 - MIT
@@ -71,7 +74,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubyforge_project: 
-rubygems_version: 2.4.5
+rubygems_version: 2.4.5.1
 signing_key: 
 specification_version: 4
 summary: Ruby gem to handle the HTTP Token Access Authentication.