jive-signed_request 0.1.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml ADDED
@@ -0,0 +1,7 @@
1
+ ---
2
+ SHA1:
3
+ metadata.gz: 4624406a4a1f95a499df4133a3393ad5eb168a96
4
+ data.tar.gz: 857a6823b6342991caa1db9e18330b1f35bca72a
5
+ SHA512:
6
+ metadata.gz: 71dee81aaa8f5bd0fd2e75e56ee613b8a1ace87178ca65b5676ab337124aed2133e0195737f442202061e86111cba253679faf43cc9f269413ea4db6a9edbe50
7
+ data.tar.gz: cbd0d5196bcd2799ad71c68f8188b6178a236c3e9f4f6567be8f1e1095430f61cfe9c83f7e57adf6070da4a815ebfb14ff33f94ec1ab3121ac106eed24d58db1
data/.gitignore ADDED
@@ -0,0 +1,9 @@
1
+ /.bundle/
2
+ /.yardoc
3
+ /Gemfile.lock
4
+ /_yardoc/
5
+ /coverage/
6
+ /doc/
7
+ /pkg/
8
+ /spec/reports/
9
+ /tmp/
data/.rspec ADDED
@@ -0,0 +1,2 @@
1
+ --format documentation
2
+ --color
data/.travis.yml ADDED
@@ -0,0 +1,4 @@
1
+ language: ruby
2
+ rvm:
3
+ - 2.1.4
4
+ before_install: gem install bundler -v 1.10.5
data/Gemfile ADDED
@@ -0,0 +1,4 @@
1
+ source 'https://rubygems.org'
2
+
3
+ # Specify your gem's dependencies in jive-signed_request.gemspec
4
+ gemspec
data/LICENSE.txt ADDED
@@ -0,0 +1,21 @@
1
+ The MIT License (MIT)
2
+
3
+ Copyright (c) 2015 Butch Marshall
4
+
5
+ Permission is hereby granted, free of charge, to any person obtaining a copy
6
+ of this software and associated documentation files (the "Software"), to deal
7
+ in the Software without restriction, including without limitation the rights
8
+ to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
9
+ copies of the Software, and to permit persons to whom the Software is
10
+ furnished to do so, subject to the following conditions:
11
+
12
+ The above copyright notice and this permission notice shall be included in
13
+ all copies or substantial portions of the Software.
14
+
15
+ THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
16
+ IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
17
+ FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
18
+ AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
19
+ LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
20
+ OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
21
+ THE SOFTWARE.
data/README.md ADDED
@@ -0,0 +1,41 @@
1
+ # Jive::SignedRequest
2
+
3
+ Verify that a signed Jive Authorization header is valid
4
+
5
+ ## Installation
6
+
7
+ Add this line to your application's Gemfile:
8
+
9
+ ```ruby
10
+ gem 'jive-SignedRequest'
11
+ ```
12
+
13
+ And then execute:
14
+
15
+ $ bundle
16
+
17
+ Or install it yourself as:
18
+
19
+ $ gem install jive-signed_request
20
+
21
+ ## Usage
22
+
23
+ To check if a Authentication header is valid
24
+
25
+ ```ruby
26
+ require 'jive/signed_request'
27
+
28
+ Jive::SignedRequest.authenticate("JiveEXTN algorithm=HmacSHA256&client_id=682a638ba74a4ff5fa6afa344b163e03.i&jive_url=https%3A%2F%2Fsandbox.jiveon.com%3A8443&tenant_id=b22e3911-28ef-480c-ae3b-ca791ba86952&timestamp=1436646990000&signature=GjQpEvBUoqUldgUk5bkUUrfwwUYIOcnh4IvQaDEQ4p8%3D", "8bd2952b851747e8f2c937b340fed6e1.s")
29
+ ```
30
+
31
+ To sign
32
+
33
+ ## Contributing
34
+
35
+ Bug reports and pull requests are welcome on GitHub at https://github.com/butchmarshall/jive-SignedRequest.
36
+
37
+
38
+ ## License
39
+
40
+ The gem is available as open source under the terms of the [MIT License](http://opensource.org/licenses/MIT).
41
+
data/Rakefile ADDED
@@ -0,0 +1,6 @@
1
+ require "bundler/gem_tasks"
2
+ require "rspec/core/rake_task"
3
+
4
+ RSpec::Core::RakeTask.new(:spec)
5
+
6
+ task :default => :spec
data/bin/console ADDED
@@ -0,0 +1,14 @@
1
+ #!/usr/bin/env ruby
2
+
3
+ require "bundler/setup"
4
+ require "jive/signed_request"
5
+
6
+ # You can add fixtures and/or initialization code here to make experimenting
7
+ # with your gem easier. You can also use a different console, if you like.
8
+
9
+ # (If you use this, don't forget to add pry to your Gemfile!)
10
+ # require "pry"
11
+ # Pry.start
12
+
13
+ require "irb"
14
+ IRB.start
data/bin/setup ADDED
@@ -0,0 +1,7 @@
1
+ #!/bin/bash
2
+ set -euo pipefail
3
+ IFS=$'\n\t'
4
+
5
+ bundle install
6
+
7
+ # Do any other automated setup that you need to do here
@@ -0,0 +1,25 @@
1
+ # coding: utf-8
2
+ lib = File.expand_path('../lib', __FILE__)
3
+ $LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
4
+ require 'jive/signed_request/version'
5
+
6
+ Gem::Specification.new do |spec|
7
+ spec.name = "jive-signed_request"
8
+ spec.version = Jive::SignedRequest::VERSION
9
+ spec.authors = ["Butch Marshall"]
10
+ spec.email = ["butch.a.marshall@gmail.com"]
11
+
12
+ spec.summary = %q{Deal with signed requests sent by Jive}
13
+ spec.description = %q{A library that deals with signed requests generated by Jive}
14
+ spec.homepage = "https://github.com/butchmarshall/ruby-jive-signed_request"
15
+ spec.license = "MIT"
16
+
17
+ spec.files = `git ls-files -z`.split("\x0").reject { |f| f.match(%r{^(test|spec|features)/}) }
18
+ spec.bindir = "exe"
19
+ spec.executables = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
20
+ spec.require_paths = ["lib"]
21
+
22
+ spec.add_development_dependency "bundler", "~> 1.10"
23
+ spec.add_development_dependency "rake", "~> 10.0"
24
+ spec.add_development_dependency "rspec"
25
+ end
@@ -0,0 +1,5 @@
1
+ module Jive
2
+ module SignedRequest
3
+ VERSION = "0.1.0"
4
+ end
5
+ end
@@ -0,0 +1,84 @@
1
+ require "jive/signed_request/version"
2
+ require "base64"
3
+ require "openssl"
4
+ require "cgi"
5
+ require "time"
6
+
7
+ module Jive # :nodoc:
8
+ module SignedRequest # :nodoc:
9
+ module_function
10
+
11
+ # Sign a string with a secret
12
+ #
13
+ # Sign a string with a secret and get the signature
14
+ #
15
+ # * *Args* :
16
+ # - +string+ -> the string to sign
17
+ # - +secret+ -> the secret to use
18
+ # * *Returns* :
19
+ # - the signature
20
+ # * *Raises* :
21
+ # - +ArgumentError+ -> if no algorithm passed and algorithm could not be derived from the string
22
+ #
23
+ def sign(string, secret, algorithm = nil)
24
+ plain = ::Base64.decode64(secret.gsub(/\.s$/,''))
25
+
26
+ # if no override algorithm passed try and extract from string
27
+ if algorithm.nil?
28
+ paramMap = ::CGI.parse string
29
+
30
+ if !paramMap.has_key?("algorithm")
31
+ raise ArgumentError, "missing algorithm"
32
+ end
33
+
34
+ algorithm = paramMap["algorithm"].first.gsub(/^hmac/i,'')
35
+ end
36
+
37
+ hmac = ::OpenSSL::HMAC.digest(algorithm, plain, string)
38
+ Base64::encode64(hmac).gsub(/\n$/,'')
39
+ end
40
+
41
+ # Authenticate an authorization header
42
+ #
43
+ # Authenticates that an authorization header sent by Jive is valid given an apps secret
44
+ #
45
+ # * *Args* :
46
+ # - +authorization_header+ -> the entire Authorization header sent by Jive
47
+ # - +client_secret+ -> the client secret to authenticate the header with
48
+ # * *Returns* :
49
+ # - the signature
50
+ # * *Raises* :
51
+ # - +ArgumentError+ -> if the authorization_header does not contain JiveEXTN
52
+ # - +ArgumentError+ -> if the heauthorization_header does not contain all the required parameters
53
+ # - +ArgumentError+ -> if the heauthorization_header has expired (more than 5 minutes old)
54
+ #
55
+ def authenticate(authorization_header, client_secret)
56
+ # Validate JiveEXTN part of header
57
+ if !authorization_header.match(/^JiveEXTN/)
58
+ raise ArgumentError, "Jive authorization header is not properly formatted, must start with JiveEXTN"
59
+ end
60
+
61
+ paramMap = ::CGI.parse authorization_header.gsub(/^JiveEXTN\s/,'')
62
+
63
+ # Validate all parameters are passed from header
64
+ if !paramMap.has_key?("algorithm") ||
65
+ !paramMap.has_key?("client_id") ||
66
+ !paramMap.has_key?("jive_url") ||
67
+ !paramMap.has_key?("tenant_id") ||
68
+ !paramMap.has_key?("timestamp") ||
69
+ !paramMap.has_key?("signature")
70
+ raise ArgumentError, "Jive authorization header is partial"
71
+ end
72
+
73
+ # Validate timestamp is still valid
74
+ timestamp = Time.at(paramMap["timestamp"].first.to_i/1000)
75
+ secondsPassed = Time.now - timestamp
76
+
77
+ if secondsPassed < 0 || secondsPassed > (5*60)
78
+ raise ArgumentError, "Jive authorization is rejected since it's #{ secondsPassed } seconds old (max. allowed is 5 minutes)"
79
+ end
80
+
81
+ self.sign(authorization_header.gsub(/^JiveEXTN\s/,'').gsub(/\&signature[^$]+/,''), client_secret) === paramMap["signature"].first
82
+ end
83
+ end
84
+ end
metadata ADDED
@@ -0,0 +1,98 @@
1
+ --- !ruby/object:Gem::Specification
2
+ name: jive-signed_request
3
+ version: !ruby/object:Gem::Version
4
+ version: 0.1.0
5
+ platform: ruby
6
+ authors:
7
+ - Butch Marshall
8
+ autorequire:
9
+ bindir: exe
10
+ cert_chain: []
11
+ date: 2015-07-18 00:00:00.000000000 Z
12
+ dependencies:
13
+ - !ruby/object:Gem::Dependency
14
+ name: bundler
15
+ requirement: !ruby/object:Gem::Requirement
16
+ requirements:
17
+ - - "~>"
18
+ - !ruby/object:Gem::Version
19
+ version: '1.10'
20
+ type: :development
21
+ prerelease: false
22
+ version_requirements: !ruby/object:Gem::Requirement
23
+ requirements:
24
+ - - "~>"
25
+ - !ruby/object:Gem::Version
26
+ version: '1.10'
27
+ - !ruby/object:Gem::Dependency
28
+ name: rake
29
+ requirement: !ruby/object:Gem::Requirement
30
+ requirements:
31
+ - - "~>"
32
+ - !ruby/object:Gem::Version
33
+ version: '10.0'
34
+ type: :development
35
+ prerelease: false
36
+ version_requirements: !ruby/object:Gem::Requirement
37
+ requirements:
38
+ - - "~>"
39
+ - !ruby/object:Gem::Version
40
+ version: '10.0'
41
+ - !ruby/object:Gem::Dependency
42
+ name: rspec
43
+ requirement: !ruby/object:Gem::Requirement
44
+ requirements:
45
+ - - ">="
46
+ - !ruby/object:Gem::Version
47
+ version: '0'
48
+ type: :development
49
+ prerelease: false
50
+ version_requirements: !ruby/object:Gem::Requirement
51
+ requirements:
52
+ - - ">="
53
+ - !ruby/object:Gem::Version
54
+ version: '0'
55
+ description: A library that deals with signed requests generated by Jive
56
+ email:
57
+ - butch.a.marshall@gmail.com
58
+ executables: []
59
+ extensions: []
60
+ extra_rdoc_files: []
61
+ files:
62
+ - ".gitignore"
63
+ - ".rspec"
64
+ - ".travis.yml"
65
+ - Gemfile
66
+ - LICENSE.txt
67
+ - README.md
68
+ - Rakefile
69
+ - bin/console
70
+ - bin/setup
71
+ - jive-signed_request.gemspec
72
+ - lib/jive/signed_request.rb
73
+ - lib/jive/signed_request/version.rb
74
+ homepage: https://github.com/butchmarshall/ruby-jive-signed_request
75
+ licenses:
76
+ - MIT
77
+ metadata: {}
78
+ post_install_message:
79
+ rdoc_options: []
80
+ require_paths:
81
+ - lib
82
+ required_ruby_version: !ruby/object:Gem::Requirement
83
+ requirements:
84
+ - - ">="
85
+ - !ruby/object:Gem::Version
86
+ version: '0'
87
+ required_rubygems_version: !ruby/object:Gem::Requirement
88
+ requirements:
89
+ - - ">="
90
+ - !ruby/object:Gem::Version
91
+ version: '0'
92
+ requirements: []
93
+ rubyforge_project:
94
+ rubygems_version: 2.4.8
95
+ signing_key:
96
+ specification_version: 4
97
+ summary: Deal with signed requests sent by Jive
98
+ test_files: []