m2m_keygen 0.2.0 → 0.4.0

data/docs/M2mKeygen/Types.html

@@ -0,0 +1,147 @@
+<!DOCTYPE html>
+<html>
+  <head>
+    <meta charset="utf-8">
+<meta name="viewport" content="width=device-width, initial-scale=1.0">
+<title>
+  Module: M2mKeygen::Types
+  
+    &mdash; Documentation by YARD 0.9.28
+  
+</title>
+
+  <link rel="stylesheet" href="../css/style.css" type="text/css" />
+
+  <link rel="stylesheet" href="../css/common.css" type="text/css" />
+
+<script type="text/javascript">
+  pathId = "M2mKeygen::Types";
+  relpath = '../';
+</script>
+
+
+  <script type="text/javascript" charset="utf-8" src="../js/jquery.js"></script>
+
+  <script type="text/javascript" charset="utf-8" src="../js/app.js"></script>
+
+
+  </head>
+  <body>
+    <div class="nav_wrap">
+      <iframe id="nav" src="../class_list.html?1"></iframe>
+      <div id="resizer"></div>
+    </div>
+
+    <div id="main" tabindex="-1">
+      <div id="header">
+        <div id="menu">
+  
+    <a href="../_index.html">Index (T)</a> &raquo;
+    <span class='title'><span class='object_link'><a href="../M2mKeygen.html" title="M2mKeygen (module)">M2mKeygen</a></span></span>
+     &raquo; 
+    <span class="title">Types</span>
+  
+</div>
+
+        <div id="search">
+  
+    <a class="full_list_link" id="class_list_link"
+        href="../class_list.html">
+
+        <svg width="24" height="24">
+          <rect x="0" y="4" width="24" height="4" rx="1" ry="1"></rect>
+          <rect x="0" y="12" width="24" height="4" rx="1" ry="1"></rect>
+          <rect x="0" y="20" width="24" height="4" rx="1" ry="1"></rect>
+        </svg>
+    </a>
+  
+</div>
+        <div class="clear"></div>
+      </div>
+
+      <div id="content"><h1>Module: M2mKeygen::Types
+  
+  
+  
+</h1>
+<div class="box_info">
+  
+
+  
+  
+  <dl>
+      <dt>Extended by:</dt>
+      <dd>T::Sig</dd>
+  </dl>
+  
+  
+  
+  
+
+  
+
+  
+  <dl>
+    <dt>Defined in:</dt>
+    <dd>lib/m2m_keygen/types/params_type.rb</dd>
+  </dl>
+  
+</div>
+
+
+  
+    <h2>
+      Constant Summary
+      <small><a href="#" class="constants_summary_toggle">collapse</a></small>
+    </h2>
+
+    <dl class="constants">
+      
+        <dt id="ParamsType-constant" class="">ParamsType =
+          
+        </dt>
+        <dd><pre class="code"><span class='const'>T</span><span class='period'>.</span><span class='id identifier rubyid_type_alias'>type_alias</span> <span class='kw'>do</span>
+  <span class='const'>T</span><span class='period'>.</span><span class='id identifier rubyid_nilable'>nilable</span><span class='lparen'>(</span><span class='const'>T</span><span class='op'>::</span><span class='const'>Hash</span><span class='lbracket'>[</span><span class='const'>T</span><span class='period'>.</span><span class='id identifier rubyid_any'>any</span><span class='lparen'>(</span><span class='const'>String</span><span class='comma'>,</span> <span class='const'>Symbol</span><span class='rparen'>)</span><span class='comma'>,</span> <span class='const'>T</span><span class='period'>.</span><span class='id identifier rubyid_nilable'>nilable</span><span class='lparen'>(</span><span class='const'><span class='object_link'><a href="#ParamsValueType-constant" title="M2mKeygen::Types::ParamsValueType (constant)">ParamsValueType</a></span></span><span class='rparen'>)</span><span class='rbracket'>]</span><span class='rparen'>)</span>
+<span class='kw'>end</span></pre></dd>
+      
+        <dt id="ParamsHashNotNilType-constant" class="">ParamsHashNotNilType =
+          
+        </dt>
+        <dd><pre class="code"><span class='const'>T</span><span class='period'>.</span><span class='id identifier rubyid_type_alias'>type_alias</span> <span class='lbrace'>{</span> <span class='const'>T</span><span class='op'>::</span><span class='const'>Hash</span><span class='lbracket'>[</span><span class='const'>T</span><span class='period'>.</span><span class='id identifier rubyid_any'>any</span><span class='lparen'>(</span><span class='const'>String</span><span class='comma'>,</span> <span class='const'>Symbol</span><span class='rparen'>)</span><span class='comma'>,</span> <span class='const'><span class='object_link'><a href="#ParamsValueType-constant" title="M2mKeygen::Types::ParamsValueType (constant)">ParamsValueType</a></span></span><span class='rbracket'>]</span> <span class='rbrace'>}</span></pre></dd>
+      
+        <dt id="ParamsValueType-constant" class="">ParamsValueType =
+          
+        </dt>
+        <dd><pre class="code"><span class='const'>T</span><span class='period'>.</span><span class='id identifier rubyid_type_alias'>type_alias</span> <span class='kw'>do</span>
+  <span class='const'>T</span><span class='period'>.</span><span class='id identifier rubyid_any'>any</span><span class='lparen'>(</span>
+    <span class='const'>Integer</span><span class='comma'>,</span>
+    <span class='const'>String</span><span class='comma'>,</span>
+    <span class='const'>Symbol</span><span class='comma'>,</span>
+    <span class='const'>T</span><span class='op'>::</span><span class='const'>Array</span><span class='lbracket'>[</span><span class='const'>T</span><span class='period'>.</span><span class='id identifier rubyid_untyped'>untyped</span><span class='rbracket'>]</span><span class='comma'>,</span>
+    <span class='const'>T</span><span class='op'>::</span><span class='const'>Hash</span><span class='lbracket'>[</span><span class='const'>T</span><span class='period'>.</span><span class='id identifier rubyid_untyped'>untyped</span><span class='comma'>,</span> <span class='const'>T</span><span class='period'>.</span><span class='id identifier rubyid_untyped'>untyped</span><span class='rbracket'>]</span>
+  <span class='rparen'>)</span>
+<span class='kw'>end</span></pre></dd>
+      
+    </dl>
+  
+
+
+
+
+
+
+
+
+  
+
+</div>
+
+      <div id="footer">
+  Generated on Tue Aug 30 15:18:09 2022 by
+  <a href="https://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a>
+  0.9.28 (ruby-3.1.2).
+</div>
+
+    </div>
+  </body>
+</html>

data/docs/M2mKeygen.html

@@ -79,7 +79,7 @@
   <dl>
     <dt>Defined in:</dt>
     <dd>lib/m2m_keygen.rb<span class="defines">,<br />
-  lib/m2m_keygen/version.rb</span>
+  lib/m2m_keygen/version.rb,<br /> lib/m2m_keygen/signature.rb,<br /> lib/m2m_keygen/params_encoder.rb,<br /> lib/m2m_keygen/rack_validator.rb,<br /> lib/m2m_keygen/types/params_type.rb</span>
 </dd>
   </dl>
   
@@ -88,7 +88,7 @@
 <h2>Overview</h2><div class="docstring">
   <div class="discussion">
     
-<p>typed: strict frozen_string_literal: true</p>
+<p>typed: strict</p>
 
 
   </div>
@@ -100,9 +100,11 @@
 <p class="children">
   
     
+      <strong class="modules">Modules:</strong> <span class='object_link'><a href="M2mKeygen/Types.html" title="M2mKeygen::Types (module)">Types</a></span>
+    
   
     
-      <strong class="classes">Classes:</strong> <span class='object_link'><a href="M2mKeygen/Error.html" title="M2mKeygen::Error (class)">Error</a></span>
+      <strong class="classes">Classes:</strong> <span class='object_link'><a href="M2mKeygen/Error.html" title="M2mKeygen::Error (class)">Error</a></span>, <span class='object_link'><a href="M2mKeygen/ParamsEncoder.html" title="M2mKeygen::ParamsEncoder (class)">ParamsEncoder</a></span>, <span class='object_link'><a href="M2mKeygen/RackValidator.html" title="M2mKeygen::RackValidator (class)">RackValidator</a></span>, <span class='object_link'><a href="M2mKeygen/Signature.html" title="M2mKeygen::Signature (class)">Signature</a></span>
     
   
 </p>
@@ -129,7 +131,7 @@
 
 </div>
         </dt>
-        <dd><pre class="code"><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>0.2.0</span><span class='tstring_end'>&quot;</span></span></pre></dd>
+        <dd><pre class="code"><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>0.4.0</span><span class='tstring_end'>&quot;</span></span></pre></dd>
       
     </dl>
   
@@ -145,7 +147,7 @@
 </div>
 
       <div id="footer">
-  Generated on Mon Aug 29 16:32:02 2022 by
+  Generated on Tue Aug 30 15:18:09 2022 by
   <a href="https://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a>
   0.9.28 (ruby-3.1.2).
 </div>

data/docs/_index.html

@@ -103,6 +103,66 @@
           </ul>
         </ul>
       
+        
+        <ul id="alpha_P" class="alpha">
+          <li class="letter">P</li>
+          <ul>
+            
+              <li>
+                <span class='object_link'><a href="M2mKeygen/ParamsEncoder.html" title="M2mKeygen::ParamsEncoder (class)">ParamsEncoder</a></span>
+                
+                  <small>(M2mKeygen)</small>
+                
+              </li>
+            
+          </ul>
+        </ul>
+      
+        
+        <ul id="alpha_R" class="alpha">
+          <li class="letter">R</li>
+          <ul>
+            
+              <li>
+                <span class='object_link'><a href="M2mKeygen/RackValidator.html" title="M2mKeygen::RackValidator (class)">RackValidator</a></span>
+                
+                  <small>(M2mKeygen)</small>
+                
+              </li>
+            
+          </ul>
+        </ul>
+      
+        
+        <ul id="alpha_S" class="alpha">
+          <li class="letter">S</li>
+          <ul>
+            
+              <li>
+                <span class='object_link'><a href="M2mKeygen/Signature.html" title="M2mKeygen::Signature (class)">Signature</a></span>
+                
+                  <small>(M2mKeygen)</small>
+                
+              </li>
+            
+          </ul>
+        </ul>
+      
+        
+        <ul id="alpha_T" class="alpha">
+          <li class="letter">T</li>
+          <ul>
+            
+              <li>
+                <span class='object_link'><a href="M2mKeygen/Types.html" title="M2mKeygen::Types (module)">Types</a></span>
+                
+                  <small>(M2mKeygen)</small>
+                
+              </li>
+            
+          </ul>
+        </ul>
+      
     </td>
   </tr>
 </table>
@@ -112,7 +172,7 @@
 </div>
 
       <div id="footer">
-  Generated on Mon Aug 29 16:32:02 2022 by
+  Generated on Tue Aug 30 15:18:09 2022 by
   <a href="https://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a>
   0.9.28 (ruby-3.1.2).
 </div>

data/docs/class_list.html

@@ -43,7 +43,7 @@
 
       <ul id="full_list" class="class">
         <li id="object_" class="odd"><div class="item" style="padding-left:30px"><span class='object_link'><a href="top-level-namespace.html" title="Top Level Namespace (root)">Top Level Namespace</a></span></div></li>
-<li id='object_M2mKeygen' class='even'><div class='item' style='padding-left:30px'><a class='toggle'></a> <span class='object_link'><a href="M2mKeygen.html" title="M2mKeygen (module)">M2mKeygen</a></span><small class='search_info'>Top Level Namespace</small></div><ul><li id='object_M2mKeygen::Error' class='collapsed odd'><div class='item' style='padding-left:45px'><span class='object_link'><a href="M2mKeygen/Error.html" title="M2mKeygen::Error (class)">Error</a></span> &lt; StandardError<small class='search_info'>M2mKeygen</small></div></li></ul></li>
+<li id='object_M2mKeygen' class='even'><div class='item' style='padding-left:30px'><a class='toggle'></a> <span class='object_link'><a href="M2mKeygen.html" title="M2mKeygen (module)">M2mKeygen</a></span><small class='search_info'>Top Level Namespace</small></div><ul><li id='object_M2mKeygen::Error' class='collapsed odd'><div class='item' style='padding-left:45px'><span class='object_link'><a href="M2mKeygen/Error.html" title="M2mKeygen::Error (class)">Error</a></span> &lt; StandardError<small class='search_info'>M2mKeygen</small></div></li><li id='object_M2mKeygen::ParamsEncoder' class='collapsed even'><div class='item' style='padding-left:45px'><span class='object_link'><a href="M2mKeygen/ParamsEncoder.html" title="M2mKeygen::ParamsEncoder (class)">ParamsEncoder</a></span> &lt; Object<small class='search_info'>M2mKeygen</small></div></li><li id='object_M2mKeygen::RackValidator' class='collapsed odd'><div class='item' style='padding-left:45px'><span class='object_link'><a href="M2mKeygen/RackValidator.html" title="M2mKeygen::RackValidator (class)">RackValidator</a></span> &lt; Object<small class='search_info'>M2mKeygen</small></div></li><li id='object_M2mKeygen::Signature' class='collapsed even'><div class='item' style='padding-left:45px'><span class='object_link'><a href="M2mKeygen/Signature.html" title="M2mKeygen::Signature (class)">Signature</a></span> &lt; Object<small class='search_info'>M2mKeygen</small></div></li><li id='object_M2mKeygen::Types' class='collapsed odd'><div class='item' style='padding-left:45px'><span class='object_link'><a href="M2mKeygen/Types.html" title="M2mKeygen::Types (module)">Types</a></span><small class='search_info'>M2mKeygen</small></div></li></ul></li>
 
       </ul>
     </div>

data/docs/file.README.html

@@ -59,9 +59,7 @@
 
       <div id="content"><div id='filecontents'><h1 id="m2mkeygen">M2mKeygen</h1>
 
-<p>Welcome to your new gem! In this directory, you’ll find the files you need to be able to package up your Ruby library into a gem. Put your Ruby code in the file <code>lib/m2m_keygen</code>. To experiment with that code, run <code>bin/console</code> for an interactive prompt.</p>
-
-<p>TODO: Delete this and the text above, and describe your gem</p>
+<p>This gem exists for simplifying Machine to Machine signature generation and verification in a secure way.</p>
 
 <h2 id="installation">Installation</h2>
 
@@ -77,7 +75,118 @@
 
 <h2 id="usage">Usage</h2>
 
-<p>TODO: Write usage instructions here</p>
+<h3 id="signature">Signature</h3>
+
+<p>This gem provides a module for signing and checking signature for HTTP requests</p>
+
+<h4 id="initialization">Initialization</h4>
+
+<p>You should initialize the <code>Signature</code> once (in an initializer for example) with your secret key and eventually an encryption algorithm.</p>
+
+<p>```ruby
+AuthSignature = M2mKeygen::Signature.new(“my_secret_key”, algorithm: “sha256”)</p>
+
+<p>AuthSignature = M2mKeygen::Signature.new(“my_secret_key”) # =&gt; Will default algorithm to sha512
+```</p>
+
+<h4 id="signing">Signing</h4>
+
+<p>Use the <code>sign</code> method to generate a new signature.</p>
+
+<ul>
+  <li><code>params</code> is a params hash as used in Rack. The order of keys isn’t important as the gem will reformat them.</li>
+  <li><code>verb</code> is the http verb</li>
+  <li><code>path</code> is the path for the request</li>
+</ul>
+
+<p><code>ruby
+AuthSignature.sign(
+  params: {
+    "a" =&gt; "test",
+    :b =&gt; 1,
+    "d" =&gt; %w[a b],
+    "c" =&gt; {
+      "e" =&gt; 45
+    }
+  },
+  verb: "get",
+  path: "/path"
+) # =&gt; "a52168521868ebb37a38f90ec943163d9acb6ceb982206f437e1feb9ca32e7c1a8edef68f0ff4e195aeca1da93ae9afc8da214cb51a812fc6cc3730fdc7613fa"
+</code></p>
+
+<p>After generating the signature send it alongside your request for verification on the receiver side.</p>
+
+<h4 id="verifying">Verifying</h4>
+
+<p>Use the <code>validate</code> method to verify that a received signature correspond to the HTTP request.</p>
+
+<ul>
+  <li><code>params</code> is a params hash as used in Rack. The order of keys isn’t important as the gem will reformat them.</li>
+  <li><code>verb</code> is the http verb</li>
+  <li><code>path</code> is the path for the request</li>
+  <li><code>signature</code> is the received signature</li>
+</ul>
+
+<p><code>ruby
+AuthSignature.validate(
+  params: {
+    "a" =&gt; "test",
+    :b =&gt; 1,
+    "d" =&gt; %w[a b],
+    "c" =&gt; {
+      "e" =&gt; 45
+    }
+  },
+  verb: "get",
+  path: "/path",
+  signature:
+    "a52168521868ebb37a38f90ec943163d9acb6ceb982206f437e1feb9ca32e7c1a8edef68f0ff4e195aeca1da93ae9afc8da214cb51a812fc6cc3730fdc7613fa"
+) #=&gt; true
+</code></p>
+
+<p>If the validation is true, the request was signed with the same algorithm and same secret key.</p>
+
+<h3 id="rackvalidator">RackValidator</h3>
+
+<p>This module is here for directly validate Rack requests.</p>
+
+<p>It will validate :</p>
+
+<ul>
+  <li>Signature matching</li>
+  <li>That the <code>expiry</code> parameter is present and between now and in 2 minutes.</li>
+</ul>
+
+<h4 id="initialization-1">Initialization</h4>
+
+<p>You should initialize the <code>RackValidator</code> once (in an initializer for example) with your secret key, eventually an encryption algorithm and a header name for the signature.</p>
+
+<p><code>ruby
+RackSignatureValidator =
+  M2mKeygen::RackValidator.new(
+    "secret",
+    algorithm: "sha512", # Default value
+    header_name: "X-Signature" # Default value
+  )
+</code></p>
+
+<h4 id="validation">Validation</h4>
+
+<p>You can then validate a Rack::Request or a Rails Request directly:</p>
+
+<p><code>ruby
+RackSignatureValidator.validate(request) # =&gt; true or false
+</code></p>
+
+<h2 id="how-does-it-works">How does it works</h2>
+
+<p>This is intended for a secure discussion between 2 servers and not something in a browser as the secret key must be stored and used both side (and you don’t want to send the secret key in the browser).</p>
+
+<p>Both server will have the same secret key.
+The sender will generate a signature matching the HTTP request it will be sending and add it to the request in a designated header.
+The receiver will generate the same signature from the HTTP request it has received and will compare it with the signature in the header.</p>
+
+<p>The comparison will be done in constant time (i.e. secure) because both string will be hexdigest from a HMAC with the same algorithm.</p>
 
 <h2 id="development">Development</h2>
 
@@ -85,6 +194,18 @@
 
 <p>To install this gem onto your local machine, run <code>bundle exec rake install</code>. To release a new version, update the version number in <code>version.rb</code>, and then run <code>bundle exec rake release</code>, which will create a git tag for the version, push git commits and the created tag, and push the <code>.gem</code> file to <a href="https://rubygems.org">rubygems.org</a>.</p>
 
+<p>Every commit/push is checked by overcommit. You should (must) activate overcommit by using <code>overcommit -i</code> post installation.</p>
+
+<p>Tool used in dev:</p>
+
+<ul>
+  <li>Rubocop</li>
+  <li>Prettier</li>
+  <li>Yard</li>
+  <li>Sorbet</li>
+  <li>RSpec</li>
+</ul>
+
 <h2 id="contributing">Contributing</h2>
 
 <p>Bug reports and pull requests are welcome on GitHub at https://github.com/zaratan/m2m_keygen. This project is intended to be a safe, welcoming space for collaboration, and contributors are expected to adhere to the <a href="https://github.com/zaratan/m2m_keygen/blob/main/CODE_OF_CONDUCT.md">code of conduct</a>.</p>
@@ -99,7 +220,7 @@
 </div></div>
 
       <div id="footer">
-  Generated on Mon Aug 29 16:32:02 2022 by
+  Generated on Tue Aug 30 15:18:09 2022 by
   <a href="https://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a>
   0.9.28 (ruby-3.1.2).
 </div>

data/docs/index.html

@@ -59,9 +59,7 @@
 
       <div id="content"><div id='filecontents'><h1 id="m2mkeygen">M2mKeygen</h1>
 
-<p>Welcome to your new gem! In this directory, you’ll find the files you need to be able to package up your Ruby library into a gem. Put your Ruby code in the file <code>lib/m2m_keygen</code>. To experiment with that code, run <code>bin/console</code> for an interactive prompt.</p>
-
-<p>TODO: Delete this and the text above, and describe your gem</p>
+<p>This gem exists for simplifying Machine to Machine signature generation and verification in a secure way.</p>
 
 <h2 id="installation">Installation</h2>
 
@@ -77,7 +75,118 @@
 
 <h2 id="usage">Usage</h2>
 
-<p>TODO: Write usage instructions here</p>
+<h3 id="signature">Signature</h3>
+
+<p>This gem provides a module for signing and checking signature for HTTP requests</p>
+
+<h4 id="initialization">Initialization</h4>
+
+<p>You should initialize the <code>Signature</code> once (in an initializer for example) with your secret key and eventually an encryption algorithm.</p>
+
+<p>```ruby
+AuthSignature = M2mKeygen::Signature.new(“my_secret_key”, algorithm: “sha256”)</p>
+
+<p>AuthSignature = M2mKeygen::Signature.new(“my_secret_key”) # =&gt; Will default algorithm to sha512
+```</p>
+
+<h4 id="signing">Signing</h4>
+
+<p>Use the <code>sign</code> method to generate a new signature.</p>
+
+<ul>
+  <li><code>params</code> is a params hash as used in Rack. The order of keys isn’t important as the gem will reformat them.</li>
+  <li><code>verb</code> is the http verb</li>
+  <li><code>path</code> is the path for the request</li>
+</ul>
+
+<p><code>ruby
+AuthSignature.sign(
+  params: {
+    "a" =&gt; "test",
+    :b =&gt; 1,
+    "d" =&gt; %w[a b],
+    "c" =&gt; {
+      "e" =&gt; 45
+    }
+  },
+  verb: "get",
+  path: "/path"
+) # =&gt; "a52168521868ebb37a38f90ec943163d9acb6ceb982206f437e1feb9ca32e7c1a8edef68f0ff4e195aeca1da93ae9afc8da214cb51a812fc6cc3730fdc7613fa"
+</code></p>
+
+<p>After generating the signature send it alongside your request for verification on the receiver side.</p>
+
+<h4 id="verifying">Verifying</h4>
+
+<p>Use the <code>validate</code> method to verify that a received signature correspond to the HTTP request.</p>
+
+<ul>
+  <li><code>params</code> is a params hash as used in Rack. The order of keys isn’t important as the gem will reformat them.</li>
+  <li><code>verb</code> is the http verb</li>
+  <li><code>path</code> is the path for the request</li>
+  <li><code>signature</code> is the received signature</li>
+</ul>
+
+<p><code>ruby
+AuthSignature.validate(
+  params: {
+    "a" =&gt; "test",
+    :b =&gt; 1,
+    "d" =&gt; %w[a b],
+    "c" =&gt; {
+      "e" =&gt; 45
+    }
+  },
+  verb: "get",
+  path: "/path",
+  signature:
+    "a52168521868ebb37a38f90ec943163d9acb6ceb982206f437e1feb9ca32e7c1a8edef68f0ff4e195aeca1da93ae9afc8da214cb51a812fc6cc3730fdc7613fa"
+) #=&gt; true
+</code></p>
+
+<p>If the validation is true, the request was signed with the same algorithm and same secret key.</p>
+
+<h3 id="rackvalidator">RackValidator</h3>
+
+<p>This module is here for directly validate Rack requests.</p>
+
+<p>It will validate :</p>
+
+<ul>
+  <li>Signature matching</li>
+  <li>That the <code>expiry</code> parameter is present and between now and in 2 minutes.</li>
+</ul>
+
+<h4 id="initialization-1">Initialization</h4>
+
+<p>You should initialize the <code>RackValidator</code> once (in an initializer for example) with your secret key, eventually an encryption algorithm and a header name for the signature.</p>
+
+<p><code>ruby
+RackSignatureValidator =
+  M2mKeygen::RackValidator.new(
+    "secret",
+    algorithm: "sha512", # Default value
+    header_name: "X-Signature" # Default value
+  )
+</code></p>
+
+<h4 id="validation">Validation</h4>
+
+<p>You can then validate a Rack::Request or a Rails Request directly:</p>
+
+<p><code>ruby
+RackSignatureValidator.validate(request) # =&gt; true or false
+</code></p>
+
+<h2 id="how-does-it-works">How does it works</h2>
+
+<p>This is intended for a secure discussion between 2 servers and not something in a browser as the secret key must be stored and used both side (and you don’t want to send the secret key in the browser).</p>
+
+<p>Both server will have the same secret key.
+The sender will generate a signature matching the HTTP request it will be sending and add it to the request in a designated header.
+The receiver will generate the same signature from the HTTP request it has received and will compare it with the signature in the header.</p>
+
+<p>The comparison will be done in constant time (i.e. secure) because both string will be hexdigest from a HMAC with the same algorithm.</p>
 
 <h2 id="development">Development</h2>
 
@@ -85,6 +194,18 @@
 
 <p>To install this gem onto your local machine, run <code>bundle exec rake install</code>. To release a new version, update the version number in <code>version.rb</code>, and then run <code>bundle exec rake release</code>, which will create a git tag for the version, push git commits and the created tag, and push the <code>.gem</code> file to <a href="https://rubygems.org">rubygems.org</a>.</p>
 
+<p>Every commit/push is checked by overcommit. You should (must) activate overcommit by using <code>overcommit -i</code> post installation.</p>
+
+<p>Tool used in dev:</p>
+
+<ul>
+  <li>Rubocop</li>
+  <li>Prettier</li>
+  <li>Yard</li>
+  <li>Sorbet</li>
+  <li>RSpec</li>
+</ul>
+
 <h2 id="contributing">Contributing</h2>
 
 <p>Bug reports and pull requests are welcome on GitHub at https://github.com/zaratan/m2m_keygen. This project is intended to be a safe, welcoming space for collaboration, and contributors are expected to adhere to the <a href="https://github.com/zaratan/m2m_keygen/blob/main/CODE_OF_CONDUCT.md">code of conduct</a>.</p>
@@ -99,7 +220,7 @@
 </div></div>
 
       <div id="footer">
-  Generated on Mon Aug 29 16:32:02 2022 by
+  Generated on Tue Aug 30 15:18:09 2022 by
   <a href="https://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a>
   0.9.28 (ruby-3.1.2).
 </div>