m2m_keygen 0.2.0 → 0.4.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +28 -1
- data/Gemfile.lock +4 -2
- data/README.md +117 -4
- data/docs/M2mKeygen/Error.html +1 -1
- data/docs/M2mKeygen/ParamsEncoder.html +321 -0
- data/docs/M2mKeygen/RackValidator.html +531 -0
- data/docs/M2mKeygen/Signature.html +680 -0
- data/docs/M2mKeygen/Types.html +147 -0
- data/docs/M2mKeygen.html +7 -5
- data/docs/_index.html +61 -1
- data/docs/class_list.html +1 -1
- data/docs/file.README.html +126 -5
- data/docs/index.html +126 -5
- data/docs/method_list.html +88 -0
- data/docs/top-level-namespace.html +1 -1
- data/lib/m2m_keygen/params_encoder.rb +56 -0
- data/lib/m2m_keygen/rack_validator.rb +34 -0
- data/lib/m2m_keygen/signature.rb +78 -0
- data/lib/m2m_keygen/types/params_type.rb +25 -0
- data/lib/m2m_keygen/version.rb +1 -1
- data/lib/m2m_keygen.rb +5 -2
- data/m2m_keygen.gemspec +4 -0
- data/sorbet/rbi/gems/activesupport@7.0.3.1.rbi +24 -0
- data/sorbet/rbi/gems/rack@2.2.4.rbi +5630 -0
- data/sorbet/rbi/gems/{rb-fsevent@0.11.1.rbi → rb-fsevent@0.11.2.rbi} +0 -0
- data/sorbet/rbi/gems/webrick@1.7.0.rbi +3 -5
- data/sorbet/rbi/gems/yard@0.9.28.rbi +124 -0
- data/sorbet/rbi/gems/zeitwerk@2.6.0.rbi +861 -2
- data/sorbet/rbi/manual.rbi +7 -0
- metadata +27 -3
@@ -0,0 +1,147 @@
|
|
1
|
+
<!DOCTYPE html>
|
2
|
+
<html>
|
3
|
+
<head>
|
4
|
+
<meta charset="utf-8">
|
5
|
+
<meta name="viewport" content="width=device-width, initial-scale=1.0">
|
6
|
+
<title>
|
7
|
+
Module: M2mKeygen::Types
|
8
|
+
|
9
|
+
— Documentation by YARD 0.9.28
|
10
|
+
|
11
|
+
</title>
|
12
|
+
|
13
|
+
<link rel="stylesheet" href="../css/style.css" type="text/css" />
|
14
|
+
|
15
|
+
<link rel="stylesheet" href="../css/common.css" type="text/css" />
|
16
|
+
|
17
|
+
<script type="text/javascript">
|
18
|
+
pathId = "M2mKeygen::Types";
|
19
|
+
relpath = '../';
|
20
|
+
</script>
|
21
|
+
|
22
|
+
|
23
|
+
<script type="text/javascript" charset="utf-8" src="../js/jquery.js"></script>
|
24
|
+
|
25
|
+
<script type="text/javascript" charset="utf-8" src="../js/app.js"></script>
|
26
|
+
|
27
|
+
|
28
|
+
</head>
|
29
|
+
<body>
|
30
|
+
<div class="nav_wrap">
|
31
|
+
<iframe id="nav" src="../class_list.html?1"></iframe>
|
32
|
+
<div id="resizer"></div>
|
33
|
+
</div>
|
34
|
+
|
35
|
+
<div id="main" tabindex="-1">
|
36
|
+
<div id="header">
|
37
|
+
<div id="menu">
|
38
|
+
|
39
|
+
<a href="../_index.html">Index (T)</a> »
|
40
|
+
<span class='title'><span class='object_link'><a href="../M2mKeygen.html" title="M2mKeygen (module)">M2mKeygen</a></span></span>
|
41
|
+
»
|
42
|
+
<span class="title">Types</span>
|
43
|
+
|
44
|
+
</div>
|
45
|
+
|
46
|
+
<div id="search">
|
47
|
+
|
48
|
+
<a class="full_list_link" id="class_list_link"
|
49
|
+
href="../class_list.html">
|
50
|
+
|
51
|
+
<svg width="24" height="24">
|
52
|
+
<rect x="0" y="4" width="24" height="4" rx="1" ry="1"></rect>
|
53
|
+
<rect x="0" y="12" width="24" height="4" rx="1" ry="1"></rect>
|
54
|
+
<rect x="0" y="20" width="24" height="4" rx="1" ry="1"></rect>
|
55
|
+
</svg>
|
56
|
+
</a>
|
57
|
+
|
58
|
+
</div>
|
59
|
+
<div class="clear"></div>
|
60
|
+
</div>
|
61
|
+
|
62
|
+
<div id="content"><h1>Module: M2mKeygen::Types
|
63
|
+
|
64
|
+
|
65
|
+
|
66
|
+
</h1>
|
67
|
+
<div class="box_info">
|
68
|
+
|
69
|
+
|
70
|
+
|
71
|
+
|
72
|
+
<dl>
|
73
|
+
<dt>Extended by:</dt>
|
74
|
+
<dd>T::Sig</dd>
|
75
|
+
</dl>
|
76
|
+
|
77
|
+
|
78
|
+
|
79
|
+
|
80
|
+
|
81
|
+
|
82
|
+
|
83
|
+
|
84
|
+
<dl>
|
85
|
+
<dt>Defined in:</dt>
|
86
|
+
<dd>lib/m2m_keygen/types/params_type.rb</dd>
|
87
|
+
</dl>
|
88
|
+
|
89
|
+
</div>
|
90
|
+
|
91
|
+
|
92
|
+
|
93
|
+
<h2>
|
94
|
+
Constant Summary
|
95
|
+
<small><a href="#" class="constants_summary_toggle">collapse</a></small>
|
96
|
+
</h2>
|
97
|
+
|
98
|
+
<dl class="constants">
|
99
|
+
|
100
|
+
<dt id="ParamsType-constant" class="">ParamsType =
|
101
|
+
|
102
|
+
</dt>
|
103
|
+
<dd><pre class="code"><span class='const'>T</span><span class='period'>.</span><span class='id identifier rubyid_type_alias'>type_alias</span> <span class='kw'>do</span>
|
104
|
+
<span class='const'>T</span><span class='period'>.</span><span class='id identifier rubyid_nilable'>nilable</span><span class='lparen'>(</span><span class='const'>T</span><span class='op'>::</span><span class='const'>Hash</span><span class='lbracket'>[</span><span class='const'>T</span><span class='period'>.</span><span class='id identifier rubyid_any'>any</span><span class='lparen'>(</span><span class='const'>String</span><span class='comma'>,</span> <span class='const'>Symbol</span><span class='rparen'>)</span><span class='comma'>,</span> <span class='const'>T</span><span class='period'>.</span><span class='id identifier rubyid_nilable'>nilable</span><span class='lparen'>(</span><span class='const'><span class='object_link'><a href="#ParamsValueType-constant" title="M2mKeygen::Types::ParamsValueType (constant)">ParamsValueType</a></span></span><span class='rparen'>)</span><span class='rbracket'>]</span><span class='rparen'>)</span>
|
105
|
+
<span class='kw'>end</span></pre></dd>
|
106
|
+
|
107
|
+
<dt id="ParamsHashNotNilType-constant" class="">ParamsHashNotNilType =
|
108
|
+
|
109
|
+
</dt>
|
110
|
+
<dd><pre class="code"><span class='const'>T</span><span class='period'>.</span><span class='id identifier rubyid_type_alias'>type_alias</span> <span class='lbrace'>{</span> <span class='const'>T</span><span class='op'>::</span><span class='const'>Hash</span><span class='lbracket'>[</span><span class='const'>T</span><span class='period'>.</span><span class='id identifier rubyid_any'>any</span><span class='lparen'>(</span><span class='const'>String</span><span class='comma'>,</span> <span class='const'>Symbol</span><span class='rparen'>)</span><span class='comma'>,</span> <span class='const'><span class='object_link'><a href="#ParamsValueType-constant" title="M2mKeygen::Types::ParamsValueType (constant)">ParamsValueType</a></span></span><span class='rbracket'>]</span> <span class='rbrace'>}</span></pre></dd>
|
111
|
+
|
112
|
+
<dt id="ParamsValueType-constant" class="">ParamsValueType =
|
113
|
+
|
114
|
+
</dt>
|
115
|
+
<dd><pre class="code"><span class='const'>T</span><span class='period'>.</span><span class='id identifier rubyid_type_alias'>type_alias</span> <span class='kw'>do</span>
|
116
|
+
<span class='const'>T</span><span class='period'>.</span><span class='id identifier rubyid_any'>any</span><span class='lparen'>(</span>
|
117
|
+
<span class='const'>Integer</span><span class='comma'>,</span>
|
118
|
+
<span class='const'>String</span><span class='comma'>,</span>
|
119
|
+
<span class='const'>Symbol</span><span class='comma'>,</span>
|
120
|
+
<span class='const'>T</span><span class='op'>::</span><span class='const'>Array</span><span class='lbracket'>[</span><span class='const'>T</span><span class='period'>.</span><span class='id identifier rubyid_untyped'>untyped</span><span class='rbracket'>]</span><span class='comma'>,</span>
|
121
|
+
<span class='const'>T</span><span class='op'>::</span><span class='const'>Hash</span><span class='lbracket'>[</span><span class='const'>T</span><span class='period'>.</span><span class='id identifier rubyid_untyped'>untyped</span><span class='comma'>,</span> <span class='const'>T</span><span class='period'>.</span><span class='id identifier rubyid_untyped'>untyped</span><span class='rbracket'>]</span>
|
122
|
+
<span class='rparen'>)</span>
|
123
|
+
<span class='kw'>end</span></pre></dd>
|
124
|
+
|
125
|
+
</dl>
|
126
|
+
|
127
|
+
|
128
|
+
|
129
|
+
|
130
|
+
|
131
|
+
|
132
|
+
|
133
|
+
|
134
|
+
|
135
|
+
|
136
|
+
|
137
|
+
</div>
|
138
|
+
|
139
|
+
<div id="footer">
|
140
|
+
Generated on Tue Aug 30 15:18:09 2022 by
|
141
|
+
<a href="https://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a>
|
142
|
+
0.9.28 (ruby-3.1.2).
|
143
|
+
</div>
|
144
|
+
|
145
|
+
</div>
|
146
|
+
</body>
|
147
|
+
</html>
|
data/docs/M2mKeygen.html
CHANGED
@@ -79,7 +79,7 @@
|
|
79
79
|
<dl>
|
80
80
|
<dt>Defined in:</dt>
|
81
81
|
<dd>lib/m2m_keygen.rb<span class="defines">,<br />
|
82
|
-
lib/m2m_keygen/version.rb</span>
|
82
|
+
lib/m2m_keygen/version.rb,<br /> lib/m2m_keygen/signature.rb,<br /> lib/m2m_keygen/params_encoder.rb,<br /> lib/m2m_keygen/rack_validator.rb,<br /> lib/m2m_keygen/types/params_type.rb</span>
|
83
83
|
</dd>
|
84
84
|
</dl>
|
85
85
|
|
@@ -88,7 +88,7 @@
|
|
88
88
|
<h2>Overview</h2><div class="docstring">
|
89
89
|
<div class="discussion">
|
90
90
|
|
91
|
-
<p>typed: strict
|
91
|
+
<p>typed: strict</p>
|
92
92
|
|
93
93
|
|
94
94
|
</div>
|
@@ -100,9 +100,11 @@
|
|
100
100
|
<p class="children">
|
101
101
|
|
102
102
|
|
103
|
+
<strong class="modules">Modules:</strong> <span class='object_link'><a href="M2mKeygen/Types.html" title="M2mKeygen::Types (module)">Types</a></span>
|
104
|
+
|
103
105
|
|
104
106
|
|
105
|
-
<strong class="classes">Classes:</strong> <span class='object_link'><a href="M2mKeygen/Error.html" title="M2mKeygen::Error (class)">Error</a></span>
|
107
|
+
<strong class="classes">Classes:</strong> <span class='object_link'><a href="M2mKeygen/Error.html" title="M2mKeygen::Error (class)">Error</a></span>, <span class='object_link'><a href="M2mKeygen/ParamsEncoder.html" title="M2mKeygen::ParamsEncoder (class)">ParamsEncoder</a></span>, <span class='object_link'><a href="M2mKeygen/RackValidator.html" title="M2mKeygen::RackValidator (class)">RackValidator</a></span>, <span class='object_link'><a href="M2mKeygen/Signature.html" title="M2mKeygen::Signature (class)">Signature</a></span>
|
106
108
|
|
107
109
|
|
108
110
|
</p>
|
@@ -129,7 +131,7 @@
|
|
129
131
|
|
130
132
|
</div>
|
131
133
|
</dt>
|
132
|
-
<dd><pre class="code"><span class='tstring'><span class='tstring_beg'>"</span><span class='tstring_content'>0.
|
134
|
+
<dd><pre class="code"><span class='tstring'><span class='tstring_beg'>"</span><span class='tstring_content'>0.4.0</span><span class='tstring_end'>"</span></span></pre></dd>
|
133
135
|
|
134
136
|
</dl>
|
135
137
|
|
@@ -145,7 +147,7 @@
|
|
145
147
|
</div>
|
146
148
|
|
147
149
|
<div id="footer">
|
148
|
-
Generated on
|
150
|
+
Generated on Tue Aug 30 15:18:09 2022 by
|
149
151
|
<a href="https://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a>
|
150
152
|
0.9.28 (ruby-3.1.2).
|
151
153
|
</div>
|
data/docs/_index.html
CHANGED
@@ -103,6 +103,66 @@
|
|
103
103
|
</ul>
|
104
104
|
</ul>
|
105
105
|
|
106
|
+
|
107
|
+
<ul id="alpha_P" class="alpha">
|
108
|
+
<li class="letter">P</li>
|
109
|
+
<ul>
|
110
|
+
|
111
|
+
<li>
|
112
|
+
<span class='object_link'><a href="M2mKeygen/ParamsEncoder.html" title="M2mKeygen::ParamsEncoder (class)">ParamsEncoder</a></span>
|
113
|
+
|
114
|
+
<small>(M2mKeygen)</small>
|
115
|
+
|
116
|
+
</li>
|
117
|
+
|
118
|
+
</ul>
|
119
|
+
</ul>
|
120
|
+
|
121
|
+
|
122
|
+
<ul id="alpha_R" class="alpha">
|
123
|
+
<li class="letter">R</li>
|
124
|
+
<ul>
|
125
|
+
|
126
|
+
<li>
|
127
|
+
<span class='object_link'><a href="M2mKeygen/RackValidator.html" title="M2mKeygen::RackValidator (class)">RackValidator</a></span>
|
128
|
+
|
129
|
+
<small>(M2mKeygen)</small>
|
130
|
+
|
131
|
+
</li>
|
132
|
+
|
133
|
+
</ul>
|
134
|
+
</ul>
|
135
|
+
|
136
|
+
|
137
|
+
<ul id="alpha_S" class="alpha">
|
138
|
+
<li class="letter">S</li>
|
139
|
+
<ul>
|
140
|
+
|
141
|
+
<li>
|
142
|
+
<span class='object_link'><a href="M2mKeygen/Signature.html" title="M2mKeygen::Signature (class)">Signature</a></span>
|
143
|
+
|
144
|
+
<small>(M2mKeygen)</small>
|
145
|
+
|
146
|
+
</li>
|
147
|
+
|
148
|
+
</ul>
|
149
|
+
</ul>
|
150
|
+
|
151
|
+
|
152
|
+
<ul id="alpha_T" class="alpha">
|
153
|
+
<li class="letter">T</li>
|
154
|
+
<ul>
|
155
|
+
|
156
|
+
<li>
|
157
|
+
<span class='object_link'><a href="M2mKeygen/Types.html" title="M2mKeygen::Types (module)">Types</a></span>
|
158
|
+
|
159
|
+
<small>(M2mKeygen)</small>
|
160
|
+
|
161
|
+
</li>
|
162
|
+
|
163
|
+
</ul>
|
164
|
+
</ul>
|
165
|
+
|
106
166
|
</td>
|
107
167
|
</tr>
|
108
168
|
</table>
|
@@ -112,7 +172,7 @@
|
|
112
172
|
</div>
|
113
173
|
|
114
174
|
<div id="footer">
|
115
|
-
Generated on
|
175
|
+
Generated on Tue Aug 30 15:18:09 2022 by
|
116
176
|
<a href="https://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a>
|
117
177
|
0.9.28 (ruby-3.1.2).
|
118
178
|
</div>
|
data/docs/class_list.html
CHANGED
@@ -43,7 +43,7 @@
|
|
43
43
|
|
44
44
|
<ul id="full_list" class="class">
|
45
45
|
<li id="object_" class="odd"><div class="item" style="padding-left:30px"><span class='object_link'><a href="top-level-namespace.html" title="Top Level Namespace (root)">Top Level Namespace</a></span></div></li>
|
46
|
-
<li id='object_M2mKeygen' class='even'><div class='item' style='padding-left:30px'><a class='toggle'></a> <span class='object_link'><a href="M2mKeygen.html" title="M2mKeygen (module)">M2mKeygen</a></span><small class='search_info'>Top Level Namespace</small></div><ul><li id='object_M2mKeygen::Error' class='collapsed odd'><div class='item' style='padding-left:45px'><span class='object_link'><a href="M2mKeygen/Error.html" title="M2mKeygen::Error (class)">Error</a></span> < StandardError<small class='search_info'>M2mKeygen</small></div></li></ul></li>
|
46
|
+
<li id='object_M2mKeygen' class='even'><div class='item' style='padding-left:30px'><a class='toggle'></a> <span class='object_link'><a href="M2mKeygen.html" title="M2mKeygen (module)">M2mKeygen</a></span><small class='search_info'>Top Level Namespace</small></div><ul><li id='object_M2mKeygen::Error' class='collapsed odd'><div class='item' style='padding-left:45px'><span class='object_link'><a href="M2mKeygen/Error.html" title="M2mKeygen::Error (class)">Error</a></span> < StandardError<small class='search_info'>M2mKeygen</small></div></li><li id='object_M2mKeygen::ParamsEncoder' class='collapsed even'><div class='item' style='padding-left:45px'><span class='object_link'><a href="M2mKeygen/ParamsEncoder.html" title="M2mKeygen::ParamsEncoder (class)">ParamsEncoder</a></span> < Object<small class='search_info'>M2mKeygen</small></div></li><li id='object_M2mKeygen::RackValidator' class='collapsed odd'><div class='item' style='padding-left:45px'><span class='object_link'><a href="M2mKeygen/RackValidator.html" title="M2mKeygen::RackValidator (class)">RackValidator</a></span> < Object<small class='search_info'>M2mKeygen</small></div></li><li id='object_M2mKeygen::Signature' class='collapsed even'><div class='item' style='padding-left:45px'><span class='object_link'><a href="M2mKeygen/Signature.html" title="M2mKeygen::Signature (class)">Signature</a></span> < Object<small class='search_info'>M2mKeygen</small></div></li><li id='object_M2mKeygen::Types' class='collapsed odd'><div class='item' style='padding-left:45px'><span class='object_link'><a href="M2mKeygen/Types.html" title="M2mKeygen::Types (module)">Types</a></span><small class='search_info'>M2mKeygen</small></div></li></ul></li>
|
47
47
|
|
48
48
|
</ul>
|
49
49
|
</div>
|
data/docs/file.README.html
CHANGED
@@ -59,9 +59,7 @@
|
|
59
59
|
|
60
60
|
<div id="content"><div id='filecontents'><h1 id="m2mkeygen">M2mKeygen</h1>
|
61
61
|
|
62
|
-
<p>
|
63
|
-
|
64
|
-
<p>TODO: Delete this and the text above, and describe your gem</p>
|
62
|
+
<p>This gem exists for simplifying Machine to Machine signature generation and verification in a secure way.</p>
|
65
63
|
|
66
64
|
<h2 id="installation">Installation</h2>
|
67
65
|
|
@@ -77,7 +75,118 @@
|
|
77
75
|
|
78
76
|
<h2 id="usage">Usage</h2>
|
79
77
|
|
80
|
-
<
|
78
|
+
<h3 id="signature">Signature</h3>
|
79
|
+
|
80
|
+
<p>This gem provides a module for signing and checking signature for HTTP requests</p>
|
81
|
+
|
82
|
+
<h4 id="initialization">Initialization</h4>
|
83
|
+
|
84
|
+
<p>You should initialize the <code>Signature</code> once (in an initializer for example) with your secret key and eventually an encryption algorithm.</p>
|
85
|
+
|
86
|
+
<p>```ruby
|
87
|
+
AuthSignature = M2mKeygen::Signature.new(“my_secret_key”, algorithm: “sha256”)</p>
|
88
|
+
|
89
|
+
<p>AuthSignature = M2mKeygen::Signature.new(“my_secret_key”) # => Will default algorithm to sha512
|
90
|
+
```</p>
|
91
|
+
|
92
|
+
<h4 id="signing">Signing</h4>
|
93
|
+
|
94
|
+
<p>Use the <code>sign</code> method to generate a new signature.</p>
|
95
|
+
|
96
|
+
<ul>
|
97
|
+
<li><code>params</code> is a params hash as used in Rack. The order of keys isn’t important as the gem will reformat them.</li>
|
98
|
+
<li><code>verb</code> is the http verb</li>
|
99
|
+
<li><code>path</code> is the path for the request</li>
|
100
|
+
</ul>
|
101
|
+
|
102
|
+
<p><code>ruby
|
103
|
+
AuthSignature.sign(
|
104
|
+
params: {
|
105
|
+
"a" => "test",
|
106
|
+
:b => 1,
|
107
|
+
"d" => %w[a b],
|
108
|
+
"c" => {
|
109
|
+
"e" => 45
|
110
|
+
}
|
111
|
+
},
|
112
|
+
verb: "get",
|
113
|
+
path: "/path"
|
114
|
+
) # => "a52168521868ebb37a38f90ec943163d9acb6ceb982206f437e1feb9ca32e7c1a8edef68f0ff4e195aeca1da93ae9afc8da214cb51a812fc6cc3730fdc7613fa"
|
115
|
+
</code></p>
|
116
|
+
|
117
|
+
<p>After generating the signature send it alongside your request for verification on the receiver side.</p>
|
118
|
+
|
119
|
+
<h4 id="verifying">Verifying</h4>
|
120
|
+
|
121
|
+
<p>Use the <code>validate</code> method to verify that a received signature correspond to the HTTP request.</p>
|
122
|
+
|
123
|
+
<ul>
|
124
|
+
<li><code>params</code> is a params hash as used in Rack. The order of keys isn’t important as the gem will reformat them.</li>
|
125
|
+
<li><code>verb</code> is the http verb</li>
|
126
|
+
<li><code>path</code> is the path for the request</li>
|
127
|
+
<li><code>signature</code> is the received signature</li>
|
128
|
+
</ul>
|
129
|
+
|
130
|
+
<p><code>ruby
|
131
|
+
AuthSignature.validate(
|
132
|
+
params: {
|
133
|
+
"a" => "test",
|
134
|
+
:b => 1,
|
135
|
+
"d" => %w[a b],
|
136
|
+
"c" => {
|
137
|
+
"e" => 45
|
138
|
+
}
|
139
|
+
},
|
140
|
+
verb: "get",
|
141
|
+
path: "/path",
|
142
|
+
signature:
|
143
|
+
"a52168521868ebb37a38f90ec943163d9acb6ceb982206f437e1feb9ca32e7c1a8edef68f0ff4e195aeca1da93ae9afc8da214cb51a812fc6cc3730fdc7613fa"
|
144
|
+
) #=> true
|
145
|
+
</code></p>
|
146
|
+
|
147
|
+
<p>If the validation is true, the request was signed with the same algorithm and same secret key.</p>
|
148
|
+
|
149
|
+
<h3 id="rackvalidator">RackValidator</h3>
|
150
|
+
|
151
|
+
<p>This module is here for directly validate Rack requests.</p>
|
152
|
+
|
153
|
+
<p>It will validate :</p>
|
154
|
+
|
155
|
+
<ul>
|
156
|
+
<li>Signature matching</li>
|
157
|
+
<li>That the <code>expiry</code> parameter is present and between now and in 2 minutes.</li>
|
158
|
+
</ul>
|
159
|
+
|
160
|
+
<h4 id="initialization-1">Initialization</h4>
|
161
|
+
|
162
|
+
<p>You should initialize the <code>RackValidator</code> once (in an initializer for example) with your secret key, eventually an encryption algorithm and a header name for the signature.</p>
|
163
|
+
|
164
|
+
<p><code>ruby
|
165
|
+
RackSignatureValidator =
|
166
|
+
M2mKeygen::RackValidator.new(
|
167
|
+
"secret",
|
168
|
+
algorithm: "sha512", # Default value
|
169
|
+
header_name: "X-Signature" # Default value
|
170
|
+
)
|
171
|
+
</code></p>
|
172
|
+
|
173
|
+
<h4 id="validation">Validation</h4>
|
174
|
+
|
175
|
+
<p>You can then validate a Rack::Request or a Rails Request directly:</p>
|
176
|
+
|
177
|
+
<p><code>ruby
|
178
|
+
RackSignatureValidator.validate(request) # => true or false
|
179
|
+
</code></p>
|
180
|
+
|
181
|
+
<h2 id="how-does-it-works">How does it works</h2>
|
182
|
+
|
183
|
+
<p>This is intended for a secure discussion between 2 servers and not something in a browser as the secret key must be stored and used both side (and you don’t want to send the secret key in the browser).</p>
|
184
|
+
|
185
|
+
<p>Both server will have the same secret key.
|
186
|
+
The sender will generate a signature matching the HTTP request it will be sending and add it to the request in a designated header.
|
187
|
+
The receiver will generate the same signature from the HTTP request it has received and will compare it with the signature in the header.</p>
|
188
|
+
|
189
|
+
<p>The comparison will be done in constant time (i.e. secure) because both string will be hexdigest from a HMAC with the same algorithm.</p>
|
81
190
|
|
82
191
|
<h2 id="development">Development</h2>
|
83
192
|
|
@@ -85,6 +194,18 @@
|
|
85
194
|
|
86
195
|
<p>To install this gem onto your local machine, run <code>bundle exec rake install</code>. To release a new version, update the version number in <code>version.rb</code>, and then run <code>bundle exec rake release</code>, which will create a git tag for the version, push git commits and the created tag, and push the <code>.gem</code> file to <a href="https://rubygems.org">rubygems.org</a>.</p>
|
87
196
|
|
197
|
+
<p>Every commit/push is checked by overcommit. You should (must) activate overcommit by using <code>overcommit -i</code> post installation.</p>
|
198
|
+
|
199
|
+
<p>Tool used in dev:</p>
|
200
|
+
|
201
|
+
<ul>
|
202
|
+
<li>Rubocop</li>
|
203
|
+
<li>Prettier</li>
|
204
|
+
<li>Yard</li>
|
205
|
+
<li>Sorbet</li>
|
206
|
+
<li>RSpec</li>
|
207
|
+
</ul>
|
208
|
+
|
88
209
|
<h2 id="contributing">Contributing</h2>
|
89
210
|
|
90
211
|
<p>Bug reports and pull requests are welcome on GitHub at https://github.com/zaratan/m2m_keygen. This project is intended to be a safe, welcoming space for collaboration, and contributors are expected to adhere to the <a href="https://github.com/zaratan/m2m_keygen/blob/main/CODE_OF_CONDUCT.md">code of conduct</a>.</p>
|
@@ -99,7 +220,7 @@
|
|
99
220
|
</div></div>
|
100
221
|
|
101
222
|
<div id="footer">
|
102
|
-
Generated on
|
223
|
+
Generated on Tue Aug 30 15:18:09 2022 by
|
103
224
|
<a href="https://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a>
|
104
225
|
0.9.28 (ruby-3.1.2).
|
105
226
|
</div>
|
data/docs/index.html
CHANGED
@@ -59,9 +59,7 @@
|
|
59
59
|
|
60
60
|
<div id="content"><div id='filecontents'><h1 id="m2mkeygen">M2mKeygen</h1>
|
61
61
|
|
62
|
-
<p>
|
63
|
-
|
64
|
-
<p>TODO: Delete this and the text above, and describe your gem</p>
|
62
|
+
<p>This gem exists for simplifying Machine to Machine signature generation and verification in a secure way.</p>
|
65
63
|
|
66
64
|
<h2 id="installation">Installation</h2>
|
67
65
|
|
@@ -77,7 +75,118 @@
|
|
77
75
|
|
78
76
|
<h2 id="usage">Usage</h2>
|
79
77
|
|
80
|
-
<
|
78
|
+
<h3 id="signature">Signature</h3>
|
79
|
+
|
80
|
+
<p>This gem provides a module for signing and checking signature for HTTP requests</p>
|
81
|
+
|
82
|
+
<h4 id="initialization">Initialization</h4>
|
83
|
+
|
84
|
+
<p>You should initialize the <code>Signature</code> once (in an initializer for example) with your secret key and eventually an encryption algorithm.</p>
|
85
|
+
|
86
|
+
<p>```ruby
|
87
|
+
AuthSignature = M2mKeygen::Signature.new(“my_secret_key”, algorithm: “sha256”)</p>
|
88
|
+
|
89
|
+
<p>AuthSignature = M2mKeygen::Signature.new(“my_secret_key”) # => Will default algorithm to sha512
|
90
|
+
```</p>
|
91
|
+
|
92
|
+
<h4 id="signing">Signing</h4>
|
93
|
+
|
94
|
+
<p>Use the <code>sign</code> method to generate a new signature.</p>
|
95
|
+
|
96
|
+
<ul>
|
97
|
+
<li><code>params</code> is a params hash as used in Rack. The order of keys isn’t important as the gem will reformat them.</li>
|
98
|
+
<li><code>verb</code> is the http verb</li>
|
99
|
+
<li><code>path</code> is the path for the request</li>
|
100
|
+
</ul>
|
101
|
+
|
102
|
+
<p><code>ruby
|
103
|
+
AuthSignature.sign(
|
104
|
+
params: {
|
105
|
+
"a" => "test",
|
106
|
+
:b => 1,
|
107
|
+
"d" => %w[a b],
|
108
|
+
"c" => {
|
109
|
+
"e" => 45
|
110
|
+
}
|
111
|
+
},
|
112
|
+
verb: "get",
|
113
|
+
path: "/path"
|
114
|
+
) # => "a52168521868ebb37a38f90ec943163d9acb6ceb982206f437e1feb9ca32e7c1a8edef68f0ff4e195aeca1da93ae9afc8da214cb51a812fc6cc3730fdc7613fa"
|
115
|
+
</code></p>
|
116
|
+
|
117
|
+
<p>After generating the signature send it alongside your request for verification on the receiver side.</p>
|
118
|
+
|
119
|
+
<h4 id="verifying">Verifying</h4>
|
120
|
+
|
121
|
+
<p>Use the <code>validate</code> method to verify that a received signature correspond to the HTTP request.</p>
|
122
|
+
|
123
|
+
<ul>
|
124
|
+
<li><code>params</code> is a params hash as used in Rack. The order of keys isn’t important as the gem will reformat them.</li>
|
125
|
+
<li><code>verb</code> is the http verb</li>
|
126
|
+
<li><code>path</code> is the path for the request</li>
|
127
|
+
<li><code>signature</code> is the received signature</li>
|
128
|
+
</ul>
|
129
|
+
|
130
|
+
<p><code>ruby
|
131
|
+
AuthSignature.validate(
|
132
|
+
params: {
|
133
|
+
"a" => "test",
|
134
|
+
:b => 1,
|
135
|
+
"d" => %w[a b],
|
136
|
+
"c" => {
|
137
|
+
"e" => 45
|
138
|
+
}
|
139
|
+
},
|
140
|
+
verb: "get",
|
141
|
+
path: "/path",
|
142
|
+
signature:
|
143
|
+
"a52168521868ebb37a38f90ec943163d9acb6ceb982206f437e1feb9ca32e7c1a8edef68f0ff4e195aeca1da93ae9afc8da214cb51a812fc6cc3730fdc7613fa"
|
144
|
+
) #=> true
|
145
|
+
</code></p>
|
146
|
+
|
147
|
+
<p>If the validation is true, the request was signed with the same algorithm and same secret key.</p>
|
148
|
+
|
149
|
+
<h3 id="rackvalidator">RackValidator</h3>
|
150
|
+
|
151
|
+
<p>This module is here for directly validate Rack requests.</p>
|
152
|
+
|
153
|
+
<p>It will validate :</p>
|
154
|
+
|
155
|
+
<ul>
|
156
|
+
<li>Signature matching</li>
|
157
|
+
<li>That the <code>expiry</code> parameter is present and between now and in 2 minutes.</li>
|
158
|
+
</ul>
|
159
|
+
|
160
|
+
<h4 id="initialization-1">Initialization</h4>
|
161
|
+
|
162
|
+
<p>You should initialize the <code>RackValidator</code> once (in an initializer for example) with your secret key, eventually an encryption algorithm and a header name for the signature.</p>
|
163
|
+
|
164
|
+
<p><code>ruby
|
165
|
+
RackSignatureValidator =
|
166
|
+
M2mKeygen::RackValidator.new(
|
167
|
+
"secret",
|
168
|
+
algorithm: "sha512", # Default value
|
169
|
+
header_name: "X-Signature" # Default value
|
170
|
+
)
|
171
|
+
</code></p>
|
172
|
+
|
173
|
+
<h4 id="validation">Validation</h4>
|
174
|
+
|
175
|
+
<p>You can then validate a Rack::Request or a Rails Request directly:</p>
|
176
|
+
|
177
|
+
<p><code>ruby
|
178
|
+
RackSignatureValidator.validate(request) # => true or false
|
179
|
+
</code></p>
|
180
|
+
|
181
|
+
<h2 id="how-does-it-works">How does it works</h2>
|
182
|
+
|
183
|
+
<p>This is intended for a secure discussion between 2 servers and not something in a browser as the secret key must be stored and used both side (and you don’t want to send the secret key in the browser).</p>
|
184
|
+
|
185
|
+
<p>Both server will have the same secret key.
|
186
|
+
The sender will generate a signature matching the HTTP request it will be sending and add it to the request in a designated header.
|
187
|
+
The receiver will generate the same signature from the HTTP request it has received and will compare it with the signature in the header.</p>
|
188
|
+
|
189
|
+
<p>The comparison will be done in constant time (i.e. secure) because both string will be hexdigest from a HMAC with the same algorithm.</p>
|
81
190
|
|
82
191
|
<h2 id="development">Development</h2>
|
83
192
|
|
@@ -85,6 +194,18 @@
|
|
85
194
|
|
86
195
|
<p>To install this gem onto your local machine, run <code>bundle exec rake install</code>. To release a new version, update the version number in <code>version.rb</code>, and then run <code>bundle exec rake release</code>, which will create a git tag for the version, push git commits and the created tag, and push the <code>.gem</code> file to <a href="https://rubygems.org">rubygems.org</a>.</p>
|
87
196
|
|
197
|
+
<p>Every commit/push is checked by overcommit. You should (must) activate overcommit by using <code>overcommit -i</code> post installation.</p>
|
198
|
+
|
199
|
+
<p>Tool used in dev:</p>
|
200
|
+
|
201
|
+
<ul>
|
202
|
+
<li>Rubocop</li>
|
203
|
+
<li>Prettier</li>
|
204
|
+
<li>Yard</li>
|
205
|
+
<li>Sorbet</li>
|
206
|
+
<li>RSpec</li>
|
207
|
+
</ul>
|
208
|
+
|
88
209
|
<h2 id="contributing">Contributing</h2>
|
89
210
|
|
90
211
|
<p>Bug reports and pull requests are welcome on GitHub at https://github.com/zaratan/m2m_keygen. This project is intended to be a safe, welcoming space for collaboration, and contributors are expected to adhere to the <a href="https://github.com/zaratan/m2m_keygen/blob/main/CODE_OF_CONDUCT.md">code of conduct</a>.</p>
|
@@ -99,7 +220,7 @@
|
|
99
220
|
</div></div>
|
100
221
|
|
101
222
|
<div id="footer">
|
102
|
-
Generated on
|
223
|
+
Generated on Tue Aug 30 15:18:09 2022 by
|
103
224
|
<a href="https://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a>
|
104
225
|
0.9.28 (ruby-3.1.2).
|
105
226
|
</div>
|