komandir 1.0.0

data/.gitignore

@@ -0,0 +1,4 @@
+*.gem
+.bundle
+Gemfile.lock
+pkg/*

data/Gemfile

@@ -0,0 +1,4 @@
+source "http://rubygems.org"
+
+# Specify your gem's dependencies in komandir.gemspec
+gemspec

data/Rakefile

@@ -0,0 +1 @@
+require "bundler/gem_tasks"

data/komandir.gemspec

@@ -0,0 +1,24 @@
+# -*- encoding: utf-8 -*-
+$:.push File.expand_path("../lib", __FILE__)
+require "komandir/version"
+
+Gem::Specification.new do |s|
+  s.name        = "komandir"
+  s.version     = Komandir::VERSION
+  s.authors     = ["divineforest"]
+  # s.email       = [""]
+  s.homepage    = ""
+  s.summary     = %q{Authenticate user using eToken}
+  # s.description = %q{TODO: Write a gem description}
+
+  s.rubyforge_project = "komandir"
+
+  s.files         = `git ls-files`.split("\n")
+  s.test_files    = `git ls-files -- {test,spec,features}/*`.split("\n")
+  s.executables   = `git ls-files -- bin/*`.split("\n").map{ |f| File.basename(f) }
+  s.require_paths = ["lib"]
+
+  # specify any dependencies here; for example:
+  # s.add_development_dependency "rspec"
+  s.add_runtime_dependency "rake"
+end

data/lib/komandir.rb

@@ -0,0 +1,5 @@
+require "komandir/version"
+require "komandir/railtie"
+
+module Komandir
+end

data/lib/komandir/action_controller.rb

@@ -0,0 +1,63 @@
+module Komandir
+  module ControllerMethods
+
+    module ClassMethods
+    end
+
+    module InstanceMethods
+      # TODO Переделать user в параметрах через @current_user
+      def action_signature_valid?(user)
+        raise "Blank komandir_signature" if params[:komandir_signature].blank?
+        raise "Blank certificate for user. Make sure user.certificate.body contains certificate" unless user.certificate.try(:body?)
+
+        verification_set = {
+          :message => digest,
+          :signature => params[:komandir_signature],
+          :certificate => user.certificate.body
+        }
+        Cryptopro::Signature.verify(verification_set)
+      end
+
+      private
+
+        def digest
+          "#{system_params}:#{serialized_form}"
+        end
+
+        def serialized_form
+          # TODO Сортировать по алфавиту
+          pairs = request.raw_post.split("&")
+          pairs = remove_odd_params(pairs)
+          params_string = pairs.join("&")
+        end
+
+        def remove_odd_params(pair_strings)
+          odd_param_names = %w[utf8 authenticity_token commit komandir_signature komandir_time]
+          filtered_param_names = %w[password]
+          pair_strings.reject do |pair_string|
+            param_name = pair_string.split("=").first
+            odd_param_names.include?(param_name) || filtered_param_names.any? { |filtered_param_name| param_name.include?(filtered_param_name) }
+          end
+        end
+
+        def system_params
+          check_client_time!
+          "#{request.path}:#{request.remote_ip}:#{params[:komandir_time]}"
+        end
+
+        def check_client_time!
+          if params[:komandir_time].present?
+            server_time_epoch = Time.now.to_i
+            client_time_epoch = params[:komandir_time].to_i
+            raise "Время в подписи неверное" if (client_time_epoch - server_time_epoch).abs > 60
+          end
+        end
+    end
+
+    def self.included(receiver) # :nodoc:
+      receiver.extend         ClassMethods
+      receiver.send :include, InstanceMethods
+    end
+
+  end
+end

data/lib/komandir/railtie.rb

@@ -0,0 +1,8 @@
+module Komandir
+  class Railtie < Rails::Railtie
+    initializer "komandir.action_controller" do |app|
+      require 'komandir/action_controller'
+      ActionController::Base.send :include, Komandir::ControllerMethods
+    end
+  end
+end

data/lib/komandir/version.rb

@@ -0,0 +1,3 @@
+module Komandir
+  VERSION = "1.0.0"
+end

metadata

@@ -0,0 +1,87 @@
+--- !ruby/object:Gem::Specification 
+name: komandir
+version: !ruby/object:Gem::Version 
+  hash: 23
+  prerelease: 
+  segments: 
+  - 1
+  - 0
+  - 0
+  version: 1.0.0
+platform: ruby
+authors: 
+- divineforest
+autorequire: 
+bindir: bin
+cert_chain: []
+
+date: 2011-11-28 00:00:00 +03:00
+default_executable: 
+dependencies: 
+- !ruby/object:Gem::Dependency 
+  prerelease: false
+  requirement: &id001 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        hash: 3
+        segments: 
+        - 0
+        version: "0"
+  type: :runtime
+  name: rake
+  version_requirements: *id001
+description: 
+email: 
+executables: []
+
+extensions: []
+
+extra_rdoc_files: []
+
+files: 
+- .gitignore
+- Gemfile
+- Rakefile
+- komandir.gemspec
+- lib/komandir.rb
+- lib/komandir/action_controller.rb
+- lib/komandir/railtie.rb
+- lib/komandir/version.rb
+has_rdoc: true
+homepage: ""
+licenses: []
+
+post_install_message: 
+rdoc_options: []
+
+require_paths: 
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement 
+  none: false
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      hash: 3
+      segments: 
+      - 0
+      version: "0"
+required_rubygems_version: !ruby/object:Gem::Requirement 
+  none: false
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      hash: 3
+      segments: 
+      - 0
+      version: "0"
+requirements: []
+
+rubyforge_project: komandir
+rubygems_version: 1.6.2
+signing_key: 
+specification_version: 3
+summary: Authenticate user using eToken
+test_files: []
+