m2m_keygen 0.2.1 → 0.3.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +14 -1
- data/Gemfile.lock +1 -1
- data/README.md +87 -4
- data/docs/M2mKeygen/Error.html +1 -1
- data/docs/M2mKeygen/ParamsEncoder.html +321 -0
- data/docs/M2mKeygen/Signature.html +680 -0
- data/docs/M2mKeygen/Types.html +147 -0
- data/docs/M2mKeygen.html +7 -5
- data/docs/_index.html +46 -1
- data/docs/class_list.html +1 -1
- data/docs/file.README.html +94 -5
- data/docs/index.html +94 -5
- data/docs/method_list.html +56 -0
- data/docs/top-level-namespace.html +1 -1
- data/lib/m2m_keygen/params_encoder.rb +56 -0
- data/lib/m2m_keygen/signature.rb +78 -0
- data/lib/m2m_keygen/types/params_type.rb +25 -0
- data/lib/m2m_keygen/version.rb +1 -1
- data/lib/m2m_keygen.rb +5 -2
- data/sorbet/rbi/gems/{rb-fsevent@0.11.1.rbi → rb-fsevent@0.11.2.rbi} +0 -0
- data/sorbet/rbi/gems/zeitwerk@2.6.0.rbi +861 -2
- data/sorbet/rbi/manual.rbi +7 -0
- metadata +10 -3
@@ -0,0 +1,147 @@
|
|
1
|
+
<!DOCTYPE html>
|
2
|
+
<html>
|
3
|
+
<head>
|
4
|
+
<meta charset="utf-8">
|
5
|
+
<meta name="viewport" content="width=device-width, initial-scale=1.0">
|
6
|
+
<title>
|
7
|
+
Module: M2mKeygen::Types
|
8
|
+
|
9
|
+
— Documentation by YARD 0.9.28
|
10
|
+
|
11
|
+
</title>
|
12
|
+
|
13
|
+
<link rel="stylesheet" href="../css/style.css" type="text/css" />
|
14
|
+
|
15
|
+
<link rel="stylesheet" href="../css/common.css" type="text/css" />
|
16
|
+
|
17
|
+
<script type="text/javascript">
|
18
|
+
pathId = "M2mKeygen::Types";
|
19
|
+
relpath = '../';
|
20
|
+
</script>
|
21
|
+
|
22
|
+
|
23
|
+
<script type="text/javascript" charset="utf-8" src="../js/jquery.js"></script>
|
24
|
+
|
25
|
+
<script type="text/javascript" charset="utf-8" src="../js/app.js"></script>
|
26
|
+
|
27
|
+
|
28
|
+
</head>
|
29
|
+
<body>
|
30
|
+
<div class="nav_wrap">
|
31
|
+
<iframe id="nav" src="../class_list.html?1"></iframe>
|
32
|
+
<div id="resizer"></div>
|
33
|
+
</div>
|
34
|
+
|
35
|
+
<div id="main" tabindex="-1">
|
36
|
+
<div id="header">
|
37
|
+
<div id="menu">
|
38
|
+
|
39
|
+
<a href="../_index.html">Index (T)</a> »
|
40
|
+
<span class='title'><span class='object_link'><a href="../M2mKeygen.html" title="M2mKeygen (module)">M2mKeygen</a></span></span>
|
41
|
+
»
|
42
|
+
<span class="title">Types</span>
|
43
|
+
|
44
|
+
</div>
|
45
|
+
|
46
|
+
<div id="search">
|
47
|
+
|
48
|
+
<a class="full_list_link" id="class_list_link"
|
49
|
+
href="../class_list.html">
|
50
|
+
|
51
|
+
<svg width="24" height="24">
|
52
|
+
<rect x="0" y="4" width="24" height="4" rx="1" ry="1"></rect>
|
53
|
+
<rect x="0" y="12" width="24" height="4" rx="1" ry="1"></rect>
|
54
|
+
<rect x="0" y="20" width="24" height="4" rx="1" ry="1"></rect>
|
55
|
+
</svg>
|
56
|
+
</a>
|
57
|
+
|
58
|
+
</div>
|
59
|
+
<div class="clear"></div>
|
60
|
+
</div>
|
61
|
+
|
62
|
+
<div id="content"><h1>Module: M2mKeygen::Types
|
63
|
+
|
64
|
+
|
65
|
+
|
66
|
+
</h1>
|
67
|
+
<div class="box_info">
|
68
|
+
|
69
|
+
|
70
|
+
|
71
|
+
|
72
|
+
<dl>
|
73
|
+
<dt>Extended by:</dt>
|
74
|
+
<dd>T::Sig</dd>
|
75
|
+
</dl>
|
76
|
+
|
77
|
+
|
78
|
+
|
79
|
+
|
80
|
+
|
81
|
+
|
82
|
+
|
83
|
+
|
84
|
+
<dl>
|
85
|
+
<dt>Defined in:</dt>
|
86
|
+
<dd>lib/m2m_keygen/types/params_type.rb</dd>
|
87
|
+
</dl>
|
88
|
+
|
89
|
+
</div>
|
90
|
+
|
91
|
+
|
92
|
+
|
93
|
+
<h2>
|
94
|
+
Constant Summary
|
95
|
+
<small><a href="#" class="constants_summary_toggle">collapse</a></small>
|
96
|
+
</h2>
|
97
|
+
|
98
|
+
<dl class="constants">
|
99
|
+
|
100
|
+
<dt id="ParamsType-constant" class="">ParamsType =
|
101
|
+
|
102
|
+
</dt>
|
103
|
+
<dd><pre class="code"><span class='const'>T</span><span class='period'>.</span><span class='id identifier rubyid_type_alias'>type_alias</span> <span class='kw'>do</span>
|
104
|
+
<span class='const'>T</span><span class='period'>.</span><span class='id identifier rubyid_nilable'>nilable</span><span class='lparen'>(</span><span class='const'>T</span><span class='op'>::</span><span class='const'>Hash</span><span class='lbracket'>[</span><span class='const'>T</span><span class='period'>.</span><span class='id identifier rubyid_any'>any</span><span class='lparen'>(</span><span class='const'>String</span><span class='comma'>,</span> <span class='const'>Symbol</span><span class='rparen'>)</span><span class='comma'>,</span> <span class='const'>T</span><span class='period'>.</span><span class='id identifier rubyid_nilable'>nilable</span><span class='lparen'>(</span><span class='const'><span class='object_link'><a href="#ParamsValueType-constant" title="M2mKeygen::Types::ParamsValueType (constant)">ParamsValueType</a></span></span><span class='rparen'>)</span><span class='rbracket'>]</span><span class='rparen'>)</span>
|
105
|
+
<span class='kw'>end</span></pre></dd>
|
106
|
+
|
107
|
+
<dt id="ParamsHashNotNilType-constant" class="">ParamsHashNotNilType =
|
108
|
+
|
109
|
+
</dt>
|
110
|
+
<dd><pre class="code"><span class='const'>T</span><span class='period'>.</span><span class='id identifier rubyid_type_alias'>type_alias</span> <span class='lbrace'>{</span> <span class='const'>T</span><span class='op'>::</span><span class='const'>Hash</span><span class='lbracket'>[</span><span class='const'>T</span><span class='period'>.</span><span class='id identifier rubyid_any'>any</span><span class='lparen'>(</span><span class='const'>String</span><span class='comma'>,</span> <span class='const'>Symbol</span><span class='rparen'>)</span><span class='comma'>,</span> <span class='const'><span class='object_link'><a href="#ParamsValueType-constant" title="M2mKeygen::Types::ParamsValueType (constant)">ParamsValueType</a></span></span><span class='rbracket'>]</span> <span class='rbrace'>}</span></pre></dd>
|
111
|
+
|
112
|
+
<dt id="ParamsValueType-constant" class="">ParamsValueType =
|
113
|
+
|
114
|
+
</dt>
|
115
|
+
<dd><pre class="code"><span class='const'>T</span><span class='period'>.</span><span class='id identifier rubyid_type_alias'>type_alias</span> <span class='kw'>do</span>
|
116
|
+
<span class='const'>T</span><span class='period'>.</span><span class='id identifier rubyid_any'>any</span><span class='lparen'>(</span>
|
117
|
+
<span class='const'>Integer</span><span class='comma'>,</span>
|
118
|
+
<span class='const'>String</span><span class='comma'>,</span>
|
119
|
+
<span class='const'>Symbol</span><span class='comma'>,</span>
|
120
|
+
<span class='const'>T</span><span class='op'>::</span><span class='const'>Array</span><span class='lbracket'>[</span><span class='const'>T</span><span class='period'>.</span><span class='id identifier rubyid_untyped'>untyped</span><span class='rbracket'>]</span><span class='comma'>,</span>
|
121
|
+
<span class='const'>T</span><span class='op'>::</span><span class='const'>Hash</span><span class='lbracket'>[</span><span class='const'>T</span><span class='period'>.</span><span class='id identifier rubyid_untyped'>untyped</span><span class='comma'>,</span> <span class='const'>T</span><span class='period'>.</span><span class='id identifier rubyid_untyped'>untyped</span><span class='rbracket'>]</span>
|
122
|
+
<span class='rparen'>)</span>
|
123
|
+
<span class='kw'>end</span></pre></dd>
|
124
|
+
|
125
|
+
</dl>
|
126
|
+
|
127
|
+
|
128
|
+
|
129
|
+
|
130
|
+
|
131
|
+
|
132
|
+
|
133
|
+
|
134
|
+
|
135
|
+
|
136
|
+
|
137
|
+
</div>
|
138
|
+
|
139
|
+
<div id="footer">
|
140
|
+
Generated on Tue Aug 30 11:26:10 2022 by
|
141
|
+
<a href="https://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a>
|
142
|
+
0.9.28 (ruby-3.1.2).
|
143
|
+
</div>
|
144
|
+
|
145
|
+
</div>
|
146
|
+
</body>
|
147
|
+
</html>
|
data/docs/M2mKeygen.html
CHANGED
@@ -79,7 +79,7 @@
|
|
79
79
|
<dl>
|
80
80
|
<dt>Defined in:</dt>
|
81
81
|
<dd>lib/m2m_keygen.rb<span class="defines">,<br />
|
82
|
-
lib/m2m_keygen/version.rb</span>
|
82
|
+
lib/m2m_keygen/version.rb,<br /> lib/m2m_keygen/signature.rb,<br /> lib/m2m_keygen/params_encoder.rb,<br /> lib/m2m_keygen/types/params_type.rb</span>
|
83
83
|
</dd>
|
84
84
|
</dl>
|
85
85
|
|
@@ -88,7 +88,7 @@
|
|
88
88
|
<h2>Overview</h2><div class="docstring">
|
89
89
|
<div class="discussion">
|
90
90
|
|
91
|
-
<p>typed: strict
|
91
|
+
<p>typed: strict</p>
|
92
92
|
|
93
93
|
|
94
94
|
</div>
|
@@ -100,9 +100,11 @@
|
|
100
100
|
<p class="children">
|
101
101
|
|
102
102
|
|
103
|
+
<strong class="modules">Modules:</strong> <span class='object_link'><a href="M2mKeygen/Types.html" title="M2mKeygen::Types (module)">Types</a></span>
|
104
|
+
|
103
105
|
|
104
106
|
|
105
|
-
<strong class="classes">Classes:</strong> <span class='object_link'><a href="M2mKeygen/Error.html" title="M2mKeygen::Error (class)">Error</a></span>
|
107
|
+
<strong class="classes">Classes:</strong> <span class='object_link'><a href="M2mKeygen/Error.html" title="M2mKeygen::Error (class)">Error</a></span>, <span class='object_link'><a href="M2mKeygen/ParamsEncoder.html" title="M2mKeygen::ParamsEncoder (class)">ParamsEncoder</a></span>, <span class='object_link'><a href="M2mKeygen/Signature.html" title="M2mKeygen::Signature (class)">Signature</a></span>
|
106
108
|
|
107
109
|
|
108
110
|
</p>
|
@@ -129,7 +131,7 @@
|
|
129
131
|
|
130
132
|
</div>
|
131
133
|
</dt>
|
132
|
-
<dd><pre class="code"><span class='tstring'><span class='tstring_beg'>"</span><span class='tstring_content'>0.
|
134
|
+
<dd><pre class="code"><span class='tstring'><span class='tstring_beg'>"</span><span class='tstring_content'>0.3.0</span><span class='tstring_end'>"</span></span></pre></dd>
|
133
135
|
|
134
136
|
</dl>
|
135
137
|
|
@@ -145,7 +147,7 @@
|
|
145
147
|
</div>
|
146
148
|
|
147
149
|
<div id="footer">
|
148
|
-
Generated on
|
150
|
+
Generated on Tue Aug 30 11:26:10 2022 by
|
149
151
|
<a href="https://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a>
|
150
152
|
0.9.28 (ruby-3.1.2).
|
151
153
|
</div>
|
data/docs/_index.html
CHANGED
@@ -103,6 +103,51 @@
|
|
103
103
|
</ul>
|
104
104
|
</ul>
|
105
105
|
|
106
|
+
|
107
|
+
<ul id="alpha_P" class="alpha">
|
108
|
+
<li class="letter">P</li>
|
109
|
+
<ul>
|
110
|
+
|
111
|
+
<li>
|
112
|
+
<span class='object_link'><a href="M2mKeygen/ParamsEncoder.html" title="M2mKeygen::ParamsEncoder (class)">ParamsEncoder</a></span>
|
113
|
+
|
114
|
+
<small>(M2mKeygen)</small>
|
115
|
+
|
116
|
+
</li>
|
117
|
+
|
118
|
+
</ul>
|
119
|
+
</ul>
|
120
|
+
|
121
|
+
|
122
|
+
<ul id="alpha_S" class="alpha">
|
123
|
+
<li class="letter">S</li>
|
124
|
+
<ul>
|
125
|
+
|
126
|
+
<li>
|
127
|
+
<span class='object_link'><a href="M2mKeygen/Signature.html" title="M2mKeygen::Signature (class)">Signature</a></span>
|
128
|
+
|
129
|
+
<small>(M2mKeygen)</small>
|
130
|
+
|
131
|
+
</li>
|
132
|
+
|
133
|
+
</ul>
|
134
|
+
</ul>
|
135
|
+
|
136
|
+
|
137
|
+
<ul id="alpha_T" class="alpha">
|
138
|
+
<li class="letter">T</li>
|
139
|
+
<ul>
|
140
|
+
|
141
|
+
<li>
|
142
|
+
<span class='object_link'><a href="M2mKeygen/Types.html" title="M2mKeygen::Types (module)">Types</a></span>
|
143
|
+
|
144
|
+
<small>(M2mKeygen)</small>
|
145
|
+
|
146
|
+
</li>
|
147
|
+
|
148
|
+
</ul>
|
149
|
+
</ul>
|
150
|
+
|
106
151
|
</td>
|
107
152
|
</tr>
|
108
153
|
</table>
|
@@ -112,7 +157,7 @@
|
|
112
157
|
</div>
|
113
158
|
|
114
159
|
<div id="footer">
|
115
|
-
Generated on
|
160
|
+
Generated on Tue Aug 30 11:26:10 2022 by
|
116
161
|
<a href="https://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a>
|
117
162
|
0.9.28 (ruby-3.1.2).
|
118
163
|
</div>
|
data/docs/class_list.html
CHANGED
@@ -43,7 +43,7 @@
|
|
43
43
|
|
44
44
|
<ul id="full_list" class="class">
|
45
45
|
<li id="object_" class="odd"><div class="item" style="padding-left:30px"><span class='object_link'><a href="top-level-namespace.html" title="Top Level Namespace (root)">Top Level Namespace</a></span></div></li>
|
46
|
-
<li id='object_M2mKeygen' class='even'><div class='item' style='padding-left:30px'><a class='toggle'></a> <span class='object_link'><a href="M2mKeygen.html" title="M2mKeygen (module)">M2mKeygen</a></span><small class='search_info'>Top Level Namespace</small></div><ul><li id='object_M2mKeygen::Error' class='collapsed odd'><div class='item' style='padding-left:45px'><span class='object_link'><a href="M2mKeygen/Error.html" title="M2mKeygen::Error (class)">Error</a></span> < StandardError<small class='search_info'>M2mKeygen</small></div></li></ul></li>
|
46
|
+
<li id='object_M2mKeygen' class='even'><div class='item' style='padding-left:30px'><a class='toggle'></a> <span class='object_link'><a href="M2mKeygen.html" title="M2mKeygen (module)">M2mKeygen</a></span><small class='search_info'>Top Level Namespace</small></div><ul><li id='object_M2mKeygen::Error' class='collapsed odd'><div class='item' style='padding-left:45px'><span class='object_link'><a href="M2mKeygen/Error.html" title="M2mKeygen::Error (class)">Error</a></span> < StandardError<small class='search_info'>M2mKeygen</small></div></li><li id='object_M2mKeygen::ParamsEncoder' class='collapsed even'><div class='item' style='padding-left:45px'><span class='object_link'><a href="M2mKeygen/ParamsEncoder.html" title="M2mKeygen::ParamsEncoder (class)">ParamsEncoder</a></span> < Object<small class='search_info'>M2mKeygen</small></div></li><li id='object_M2mKeygen::Signature' class='collapsed odd'><div class='item' style='padding-left:45px'><span class='object_link'><a href="M2mKeygen/Signature.html" title="M2mKeygen::Signature (class)">Signature</a></span> < Object<small class='search_info'>M2mKeygen</small></div></li><li id='object_M2mKeygen::Types' class='collapsed even'><div class='item' style='padding-left:45px'><span class='object_link'><a href="M2mKeygen/Types.html" title="M2mKeygen::Types (module)">Types</a></span><small class='search_info'>M2mKeygen</small></div></li></ul></li>
|
47
47
|
|
48
48
|
</ul>
|
49
49
|
</div>
|
data/docs/file.README.html
CHANGED
@@ -59,9 +59,7 @@
|
|
59
59
|
|
60
60
|
<div id="content"><div id='filecontents'><h1 id="m2mkeygen">M2mKeygen</h1>
|
61
61
|
|
62
|
-
<p>
|
63
|
-
|
64
|
-
<p>TODO: Delete this and the text above, and describe your gem</p>
|
62
|
+
<p>This gem exists for simplifying Machine to Machine signature generation and verification in a secure way.</p>
|
65
63
|
|
66
64
|
<h2 id="installation">Installation</h2>
|
67
65
|
|
@@ -77,7 +75,86 @@
|
|
77
75
|
|
78
76
|
<h2 id="usage">Usage</h2>
|
79
77
|
|
80
|
-
<
|
78
|
+
<h3 id="signature">Signature</h3>
|
79
|
+
|
80
|
+
<p>This gem provides a module for signing and checking signature for HTTP requests</p>
|
81
|
+
|
82
|
+
<h4 id="initialization">Initialization</h4>
|
83
|
+
|
84
|
+
<p>You should initialize the <code>Signature</code> once (in an initializer for example) with your secret key and eventually an encryption algorithm.</p>
|
85
|
+
|
86
|
+
<p>```ruby
|
87
|
+
AuthSignature = M2mKeygen::Signature.new(“my_secret_key”, algorithm: “sha256”)</p>
|
88
|
+
|
89
|
+
<p>AuthSignature = M2mKeygen::Signature.new(“my_secret_key”) # => Will default algorithm to sha512
|
90
|
+
```</p>
|
91
|
+
|
92
|
+
<h4 id="signing">Signing</h4>
|
93
|
+
|
94
|
+
<p>Use the <code>sign</code> method to generate a new signature.</p>
|
95
|
+
|
96
|
+
<ul>
|
97
|
+
<li><code>params</code> is a params hash as used in Rack. The order of keys isn’t important as the gem will reformat them.</li>
|
98
|
+
<li><code>verb</code> is the http verb</li>
|
99
|
+
<li><code>path</code> is the path for the request</li>
|
100
|
+
</ul>
|
101
|
+
|
102
|
+
<p><code>ruby
|
103
|
+
AuthSignature.sign(
|
104
|
+
params: {
|
105
|
+
"a" => "test",
|
106
|
+
:b => 1,
|
107
|
+
"d" => %w[a b],
|
108
|
+
"c" => {
|
109
|
+
"e" => 45
|
110
|
+
}
|
111
|
+
},
|
112
|
+
verb: "get",
|
113
|
+
path: "/path"
|
114
|
+
) # => "a52168521868ebb37a38f90ec943163d9acb6ceb982206f437e1feb9ca32e7c1a8edef68f0ff4e195aeca1da93ae9afc8da214cb51a812fc6cc3730fdc7613fa"
|
115
|
+
</code></p>
|
116
|
+
|
117
|
+
<p>After generating the signature send it alongside your request for verification on the receiver side.</p>
|
118
|
+
|
119
|
+
<h4 id="verifying">Verifying</h4>
|
120
|
+
|
121
|
+
<p>Use the <code>validate</code> method to verify that a received signature correspond to the HTTP request.</p>
|
122
|
+
|
123
|
+
<ul>
|
124
|
+
<li><code>params</code> is a params hash as used in Rack. The order of keys isn’t important as the gem will reformat them.</li>
|
125
|
+
<li><code>verb</code> is the http verb</li>
|
126
|
+
<li><code>path</code> is the path for the request</li>
|
127
|
+
<li><code>signature</code> is the received signature</li>
|
128
|
+
</ul>
|
129
|
+
|
130
|
+
<p><code>ruby
|
131
|
+
AuthSignature.validate(
|
132
|
+
params: {
|
133
|
+
"a" => "test",
|
134
|
+
:b => 1,
|
135
|
+
"d" => %w[a b],
|
136
|
+
"c" => {
|
137
|
+
"e" => 45
|
138
|
+
}
|
139
|
+
},
|
140
|
+
verb: "get",
|
141
|
+
path: "/path",
|
142
|
+
signature:
|
143
|
+
"a52168521868ebb37a38f90ec943163d9acb6ceb982206f437e1feb9ca32e7c1a8edef68f0ff4e195aeca1da93ae9afc8da214cb51a812fc6cc3730fdc7613fa"
|
144
|
+
) #=> true
|
145
|
+
</code></p>
|
146
|
+
|
147
|
+
<p>If the validation is true, the request was signed with the same algorithm and same secret key.</p>
|
148
|
+
|
149
|
+
<h2 id="how-does-it-works">How does it works</h2>
|
150
|
+
|
151
|
+
<p>This is intended for a secure discussion between 2 servers and not something in a browser as the secret key must be stored and used both side (and you don’t want to send the secret key in the browser).</p>
|
152
|
+
|
153
|
+
<p>Both server will have the same secret key.
|
154
|
+
The sender will generate a signature matching the HTTP request it will be sending and add it to the request in a designated header.
|
155
|
+
The receiver will generate the same signature from the HTTP request it has received and will compare it with the signature in the header.</p>
|
156
|
+
|
157
|
+
<p>The comparison will be done in constant time (i.e. secure) because both string will be hexdigest from a HMAC with the same algorithm.</p>
|
81
158
|
|
82
159
|
<h2 id="development">Development</h2>
|
83
160
|
|
@@ -85,6 +162,18 @@
|
|
85
162
|
|
86
163
|
<p>To install this gem onto your local machine, run <code>bundle exec rake install</code>. To release a new version, update the version number in <code>version.rb</code>, and then run <code>bundle exec rake release</code>, which will create a git tag for the version, push git commits and the created tag, and push the <code>.gem</code> file to <a href="https://rubygems.org">rubygems.org</a>.</p>
|
87
164
|
|
165
|
+
<p>Every commit/push is checked by overcommit. You should (must) activate overcommit by using <code>overcommit -i</code> post installation.</p>
|
166
|
+
|
167
|
+
<p>Tool used in dev:</p>
|
168
|
+
|
169
|
+
<ul>
|
170
|
+
<li>Rubocop</li>
|
171
|
+
<li>Prettier</li>
|
172
|
+
<li>Yard</li>
|
173
|
+
<li>Sorbet</li>
|
174
|
+
<li>RSpec</li>
|
175
|
+
</ul>
|
176
|
+
|
88
177
|
<h2 id="contributing">Contributing</h2>
|
89
178
|
|
90
179
|
<p>Bug reports and pull requests are welcome on GitHub at https://github.com/zaratan/m2m_keygen. This project is intended to be a safe, welcoming space for collaboration, and contributors are expected to adhere to the <a href="https://github.com/zaratan/m2m_keygen/blob/main/CODE_OF_CONDUCT.md">code of conduct</a>.</p>
|
@@ -99,7 +188,7 @@
|
|
99
188
|
</div></div>
|
100
189
|
|
101
190
|
<div id="footer">
|
102
|
-
Generated on
|
191
|
+
Generated on Tue Aug 30 11:26:10 2022 by
|
103
192
|
<a href="https://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a>
|
104
193
|
0.9.28 (ruby-3.1.2).
|
105
194
|
</div>
|
data/docs/index.html
CHANGED
@@ -59,9 +59,7 @@
|
|
59
59
|
|
60
60
|
<div id="content"><div id='filecontents'><h1 id="m2mkeygen">M2mKeygen</h1>
|
61
61
|
|
62
|
-
<p>
|
63
|
-
|
64
|
-
<p>TODO: Delete this and the text above, and describe your gem</p>
|
62
|
+
<p>This gem exists for simplifying Machine to Machine signature generation and verification in a secure way.</p>
|
65
63
|
|
66
64
|
<h2 id="installation">Installation</h2>
|
67
65
|
|
@@ -77,7 +75,86 @@
|
|
77
75
|
|
78
76
|
<h2 id="usage">Usage</h2>
|
79
77
|
|
80
|
-
<
|
78
|
+
<h3 id="signature">Signature</h3>
|
79
|
+
|
80
|
+
<p>This gem provides a module for signing and checking signature for HTTP requests</p>
|
81
|
+
|
82
|
+
<h4 id="initialization">Initialization</h4>
|
83
|
+
|
84
|
+
<p>You should initialize the <code>Signature</code> once (in an initializer for example) with your secret key and eventually an encryption algorithm.</p>
|
85
|
+
|
86
|
+
<p>```ruby
|
87
|
+
AuthSignature = M2mKeygen::Signature.new(“my_secret_key”, algorithm: “sha256”)</p>
|
88
|
+
|
89
|
+
<p>AuthSignature = M2mKeygen::Signature.new(“my_secret_key”) # => Will default algorithm to sha512
|
90
|
+
```</p>
|
91
|
+
|
92
|
+
<h4 id="signing">Signing</h4>
|
93
|
+
|
94
|
+
<p>Use the <code>sign</code> method to generate a new signature.</p>
|
95
|
+
|
96
|
+
<ul>
|
97
|
+
<li><code>params</code> is a params hash as used in Rack. The order of keys isn’t important as the gem will reformat them.</li>
|
98
|
+
<li><code>verb</code> is the http verb</li>
|
99
|
+
<li><code>path</code> is the path for the request</li>
|
100
|
+
</ul>
|
101
|
+
|
102
|
+
<p><code>ruby
|
103
|
+
AuthSignature.sign(
|
104
|
+
params: {
|
105
|
+
"a" => "test",
|
106
|
+
:b => 1,
|
107
|
+
"d" => %w[a b],
|
108
|
+
"c" => {
|
109
|
+
"e" => 45
|
110
|
+
}
|
111
|
+
},
|
112
|
+
verb: "get",
|
113
|
+
path: "/path"
|
114
|
+
) # => "a52168521868ebb37a38f90ec943163d9acb6ceb982206f437e1feb9ca32e7c1a8edef68f0ff4e195aeca1da93ae9afc8da214cb51a812fc6cc3730fdc7613fa"
|
115
|
+
</code></p>
|
116
|
+
|
117
|
+
<p>After generating the signature send it alongside your request for verification on the receiver side.</p>
|
118
|
+
|
119
|
+
<h4 id="verifying">Verifying</h4>
|
120
|
+
|
121
|
+
<p>Use the <code>validate</code> method to verify that a received signature correspond to the HTTP request.</p>
|
122
|
+
|
123
|
+
<ul>
|
124
|
+
<li><code>params</code> is a params hash as used in Rack. The order of keys isn’t important as the gem will reformat them.</li>
|
125
|
+
<li><code>verb</code> is the http verb</li>
|
126
|
+
<li><code>path</code> is the path for the request</li>
|
127
|
+
<li><code>signature</code> is the received signature</li>
|
128
|
+
</ul>
|
129
|
+
|
130
|
+
<p><code>ruby
|
131
|
+
AuthSignature.validate(
|
132
|
+
params: {
|
133
|
+
"a" => "test",
|
134
|
+
:b => 1,
|
135
|
+
"d" => %w[a b],
|
136
|
+
"c" => {
|
137
|
+
"e" => 45
|
138
|
+
}
|
139
|
+
},
|
140
|
+
verb: "get",
|
141
|
+
path: "/path",
|
142
|
+
signature:
|
143
|
+
"a52168521868ebb37a38f90ec943163d9acb6ceb982206f437e1feb9ca32e7c1a8edef68f0ff4e195aeca1da93ae9afc8da214cb51a812fc6cc3730fdc7613fa"
|
144
|
+
) #=> true
|
145
|
+
</code></p>
|
146
|
+
|
147
|
+
<p>If the validation is true, the request was signed with the same algorithm and same secret key.</p>
|
148
|
+
|
149
|
+
<h2 id="how-does-it-works">How does it works</h2>
|
150
|
+
|
151
|
+
<p>This is intended for a secure discussion between 2 servers and not something in a browser as the secret key must be stored and used both side (and you don’t want to send the secret key in the browser).</p>
|
152
|
+
|
153
|
+
<p>Both server will have the same secret key.
|
154
|
+
The sender will generate a signature matching the HTTP request it will be sending and add it to the request in a designated header.
|
155
|
+
The receiver will generate the same signature from the HTTP request it has received and will compare it with the signature in the header.</p>
|
156
|
+
|
157
|
+
<p>The comparison will be done in constant time (i.e. secure) because both string will be hexdigest from a HMAC with the same algorithm.</p>
|
81
158
|
|
82
159
|
<h2 id="development">Development</h2>
|
83
160
|
|
@@ -85,6 +162,18 @@
|
|
85
162
|
|
86
163
|
<p>To install this gem onto your local machine, run <code>bundle exec rake install</code>. To release a new version, update the version number in <code>version.rb</code>, and then run <code>bundle exec rake release</code>, which will create a git tag for the version, push git commits and the created tag, and push the <code>.gem</code> file to <a href="https://rubygems.org">rubygems.org</a>.</p>
|
87
164
|
|
165
|
+
<p>Every commit/push is checked by overcommit. You should (must) activate overcommit by using <code>overcommit -i</code> post installation.</p>
|
166
|
+
|
167
|
+
<p>Tool used in dev:</p>
|
168
|
+
|
169
|
+
<ul>
|
170
|
+
<li>Rubocop</li>
|
171
|
+
<li>Prettier</li>
|
172
|
+
<li>Yard</li>
|
173
|
+
<li>Sorbet</li>
|
174
|
+
<li>RSpec</li>
|
175
|
+
</ul>
|
176
|
+
|
88
177
|
<h2 id="contributing">Contributing</h2>
|
89
178
|
|
90
179
|
<p>Bug reports and pull requests are welcome on GitHub at https://github.com/zaratan/m2m_keygen. This project is intended to be a safe, welcoming space for collaboration, and contributors are expected to adhere to the <a href="https://github.com/zaratan/m2m_keygen/blob/main/CODE_OF_CONDUCT.md">code of conduct</a>.</p>
|
@@ -99,7 +188,7 @@
|
|
99
188
|
</div></div>
|
100
189
|
|
101
190
|
<div id="footer">
|
102
|
-
Generated on
|
191
|
+
Generated on Tue Aug 30 11:26:10 2022 by
|
103
192
|
<a href="https://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a>
|
104
193
|
0.9.28 (ruby-3.1.2).
|
105
194
|
</div>
|
data/docs/method_list.html
CHANGED
@@ -44,6 +44,62 @@
|
|
44
44
|
<ul id="full_list" class="method">
|
45
45
|
|
46
46
|
|
47
|
+
<li class="odd ">
|
48
|
+
<div class="item">
|
49
|
+
<span class='object_link'><a href="M2mKeygen/Signature.html#algorithm-instance_method" title="M2mKeygen::Signature#algorithm (method)">#algorithm</a></span>
|
50
|
+
<small>M2mKeygen::Signature</small>
|
51
|
+
</div>
|
52
|
+
</li>
|
53
|
+
|
54
|
+
|
55
|
+
<li class="even ">
|
56
|
+
<div class="item">
|
57
|
+
<span class='object_link'><a href="M2mKeygen/ParamsEncoder.html#encode-instance_method" title="M2mKeygen::ParamsEncoder#encode (method)">#encode</a></span>
|
58
|
+
<small>M2mKeygen::ParamsEncoder</small>
|
59
|
+
</div>
|
60
|
+
</li>
|
61
|
+
|
62
|
+
|
63
|
+
<li class="odd ">
|
64
|
+
<div class="item">
|
65
|
+
<span class='object_link'><a href="M2mKeygen/Signature.html#initialize-instance_method" title="M2mKeygen::Signature#initialize (method)">#initialize</a></span>
|
66
|
+
<small>M2mKeygen::Signature</small>
|
67
|
+
</div>
|
68
|
+
</li>
|
69
|
+
|
70
|
+
|
71
|
+
<li class="even ">
|
72
|
+
<div class="item">
|
73
|
+
<span class='object_link'><a href="M2mKeygen/ParamsEncoder.html#initialize-instance_method" title="M2mKeygen::ParamsEncoder#initialize (method)">#initialize</a></span>
|
74
|
+
<small>M2mKeygen::ParamsEncoder</small>
|
75
|
+
</div>
|
76
|
+
</li>
|
77
|
+
|
78
|
+
|
79
|
+
<li class="odd ">
|
80
|
+
<div class="item">
|
81
|
+
<span class='object_link'><a href="M2mKeygen/Signature.html#secret-instance_method" title="M2mKeygen::Signature#secret (method)">#secret</a></span>
|
82
|
+
<small>M2mKeygen::Signature</small>
|
83
|
+
</div>
|
84
|
+
</li>
|
85
|
+
|
86
|
+
|
87
|
+
<li class="even ">
|
88
|
+
<div class="item">
|
89
|
+
<span class='object_link'><a href="M2mKeygen/Signature.html#sign-instance_method" title="M2mKeygen::Signature#sign (method)">#sign</a></span>
|
90
|
+
<small>M2mKeygen::Signature</small>
|
91
|
+
</div>
|
92
|
+
</li>
|
93
|
+
|
94
|
+
|
95
|
+
<li class="odd ">
|
96
|
+
<div class="item">
|
97
|
+
<span class='object_link'><a href="M2mKeygen/Signature.html#validate-instance_method" title="M2mKeygen::Signature#validate (method)">#validate</a></span>
|
98
|
+
<small>M2mKeygen::Signature</small>
|
99
|
+
</div>
|
100
|
+
</li>
|
101
|
+
|
102
|
+
|
47
103
|
|
48
104
|
</ul>
|
49
105
|
</div>
|
@@ -100,7 +100,7 @@
|
|
100
100
|
</div>
|
101
101
|
|
102
102
|
<div id="footer">
|
103
|
-
Generated on
|
103
|
+
Generated on Tue Aug 30 11:26:10 2022 by
|
104
104
|
<a href="https://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a>
|
105
105
|
0.9.28 (ruby-3.1.2).
|
106
106
|
</div>
|
@@ -0,0 +1,56 @@
|
|
1
|
+
# typed: strict
|
2
|
+
|
3
|
+
module M2mKeygen
|
4
|
+
# Encoder for params hash
|
5
|
+
class ParamsEncoder
|
6
|
+
extend T::Sig
|
7
|
+
|
8
|
+
sig { params(params: Types::ParamsType).void }
|
9
|
+
def initialize(params)
|
10
|
+
@params = T.let(params, Types::ParamsType)
|
11
|
+
end
|
12
|
+
|
13
|
+
sig { returns(String) }
|
14
|
+
def encode
|
15
|
+
return "" if @params.nil? || @params.empty?
|
16
|
+
@params
|
17
|
+
.sort_by { |k, _| k.to_s }
|
18
|
+
.reject { |_, v| (v.is_a?(String) && v == "") || v.nil? }
|
19
|
+
.map { |k, v| "#{k}=#{jsonify_value(encode_value(T.must(v)))}" }
|
20
|
+
.join("&")
|
21
|
+
end
|
22
|
+
|
23
|
+
private
|
24
|
+
|
25
|
+
sig do
|
26
|
+
params(value: Types::ParamsValueType).returns(
|
27
|
+
T.any(String, Symbol, Integer)
|
28
|
+
)
|
29
|
+
end
|
30
|
+
def jsonify_value(value)
|
31
|
+
return value unless value.is_a?(Hash) || value.is_a?(Array)
|
32
|
+
value.to_json
|
33
|
+
end
|
34
|
+
|
35
|
+
sig do
|
36
|
+
params(value: Types::ParamsValueType).returns(Types::ParamsValueType)
|
37
|
+
end
|
38
|
+
def encode_value(value)
|
39
|
+
return encode_hash_value(value) if value.is_a?(Hash)
|
40
|
+
value
|
41
|
+
end
|
42
|
+
|
43
|
+
sig do
|
44
|
+
params(value: Types::ParamsHashNotNilType).returns(
|
45
|
+
T::Hash[String, Types::ParamsValueType]
|
46
|
+
)
|
47
|
+
end
|
48
|
+
def encode_hash_value(value)
|
49
|
+
value
|
50
|
+
.sort_by { |k, _| k.to_s }
|
51
|
+
.reject { |_, v| (v.is_a?(String) && v == "") || v.nil? }
|
52
|
+
.map { |k, v| [k.to_s, encode_value(v)] }
|
53
|
+
.to_h
|
54
|
+
end
|
55
|
+
end
|
56
|
+
end
|